tailscale

Commit Graph

Author	SHA1	Message	Date
Brad Fitzpatrick	22024a38c3	control/controlclient: log Hostinfo on change Fixes #830 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
David Anderson	c6dbd24f67	tailcfg: add a field to advertise support for IPv6 tailscale config. Signed-off-by: David Anderson <danderson@tailscale.com>	4 years ago
Brad Fitzpatrick	a6c34bdc28	control/controlclient: also include our own profile (for when no self-owned peers) Fix from regression in previous commit (`0e3048d8e0`) that was caught by e2e tests. In that previous commit, the user's own profile was omitted from the NetworkMap in the case where the user only had one node.	4 years ago
Brad Fitzpatrick	0e3048d8e0	control/controlclient: support delta userprofiles from control I was going to make support for this advertised from the client, but turns out only "tailscale status" even uses the UserProfiles field and fails gracefully (omits that field) if a user profile for a user is missing, so I think we can just reuse the DeltaPeers field from the client to ask the control server to also delta encode the user profiles. For the few users running 1.1.x (unstable) versions between DeltaPeers support (1.1.82) and this (~1.1.541), they'll just sometimes have missing names in "tailscale status --json" or "tailscale status --web" (the only places the UserProfile is used).	4 years ago
Brad Fitzpatrick	1819f6f8c8	control/controlclient: set MapRequest.ReadOnly on initial empty endpoint request On startup, clients do a MapRequest with empty endpoints while they learn the DERP map to discover the STUN servers they then query to learn their endpoints. Set MapRequest.ReadOnly on those initial queries to not broadcast the empty endpoints out to peers. The read results will come a half second later (or less). Updates tailscale/corp#557	4 years ago
Avery Pennarun	6332bc5e08	controlclient: print http errors if result code != 200. Turns out for the particular error I was chasing, it actually returns 200 and zero data. But this code mirrors the same check in the map poll, and is the right thing to do in the name of future debugging. Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>	4 years ago
David Crawshaw	15297a3a09	control/controlclient: some extra debug info in errors Signed-off-by: David Crawshaw <crawshaw@tailscale.com>	4 years ago
Brad Fitzpatrick	b5a3850d29	control/controlclient, ipn: store machine key separately from user prefs/persist Updates #610 (fixes after some win/xcode changes in a separate repo)	4 years ago
Josh Bleecher Snyder	efb08e4fee	all: use IsZero methods Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>	4 years ago
Brad Fitzpatrick	c8f257df00	Revert "all: keep UserProfiles a slice instead of a map for longer" This reverts commit `e5894aba42`. Breaks macOS/iOS build. Reverting per chat with Josh; he'll fix later today.	4 years ago
Josh Bleecher Snyder	1fecf87363	control/controlclient: use wgcfg.PrivateKey.IsZero Generated by eg using template: --- package p import "github.com/tailscale/wireguard-go/wgcfg" func before(k wgcfg.PrivateKey) bool { return k == wgcfg.PrivateKey{} } func after(k wgcfg.PrivateKey) bool { return k.IsZero() } Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>	4 years ago
Josh Bleecher Snyder	e5894aba42	all: keep UserProfiles a slice instead of a map for longer Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>	4 years ago
Josh Bleecher Snyder	4d4ca2e496	control/controlclient: remove Roles fields from client They are unused. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>	4 years ago
Brad Fitzpatrick	904a91038a	tailcfg: add MapRequest.ReadOnly and OmitPeers; remove DebugForceDisco DebugForceDisco was a development & safety knob during the the transition to discovery. It's no longer needed. Add MapRequest.ReadOnly to prevent clients needing to do two peer-spamming MapRequest at start-up. This only adds the field, not the use of the field. (The control server needs to support it first.) Updates tailscale/corp#557 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	88107b1287	control/controlclient: add TS_DEBUG_MAPRESPONSE to dump all MapResponses I'm always adding this by hand during development. Time to check it in.	4 years ago
Brad Fitzpatrick	28f9cd06f5	tshttpproxy, controlclient, derphttp, logpolicy: send Negotiate auth to proxies For Windows only, and only when built with Tailscale's Go tree. Updates tailscale/corp#583	4 years ago
Brad Fitzpatrick	9337a99dff	tailcfg, wgengine, controlclient: add control-side gating of lazy WG config	4 years ago
Brad Fitzpatrick	c5eb57f4d6	net/tshttpproxy: new package, support WPAD/PAC proxies on Windows Updates tailscale/corp#553 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	f6dc47efe4	tailcfg, controlclient, magicsock: add control feature flag to enable DRPO Updates #150	4 years ago
Brad Fitzpatrick	696020227c	tailcfg, control/controlclient: support delta-encoded netmaps Should greatly reduce bandwidth for large networks (including our hello.ipn.dev node). Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	5590daa97d	control/controlclient: reset timeout timer on non-keepalive map updates Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Dmytro Shynkevych	28e52a0492	all: dns refactor, add Proxied and PerDomain flags from control (#615 ) Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>	4 years ago
Dmytro Shynkevych	c7582dc234	ipn: fix netmap change tracking and dns map generation (#609 ) Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>	4 years ago
Brad Fitzpatrick	cd21ba0a71	tailcfg, control/controlclient: add GoArch, populate OSVersion on Linux	4 years ago
Brad Fitzpatrick	96994ec431	control/controlclient: fix a couple more data races	4 years ago
Brad Fitzpatrick	a8b95571fb	ipn, control/controlclient: fix some data races More remain. Fixes tailscale/corp#432	4 years ago
Brad Fitzpatrick	c9089c82e8	control/controlclient, tailcfg: turn active route discovery on by default Updates #483	4 years ago
Brad Fitzpatrick	57e8931160	control/controlclient: fix copy/paste-o in debug knob accessor Introduced in `a975e86bb8`. Only affected TS_DEBUG_* env users.	4 years ago
Brad Fitzpatrick	6233fd7ac3	control/controlclient: don't truncate AuthURL in log It's useful to copy/paste directly from there, without using tailscale up. If it's truncated for some specific reason, it doesn't say why.	4 years ago
Brad Fitzpatrick	a975e86bb8	wgengine/magicsock: add new endpoint type used for discovery-supporting peers This adds a new magicsock endpoint type only used when both sides support discovery (that is, are advertising a discovery key). Otherwise the old code is used. So far the new code only communicates over DERP as proof that the new code paths are wired up. None of the actually discovery messaging is implemented yet. Support for discovery (generating and advertising a key) are still behind an environment variable for now. Updates #483	4 years ago
Brad Fitzpatrick	72bfea2ece	control/controlclient: remove IPv6 opt-out environment variable It was temporary and 3 months has elapsed without problems.	4 years ago
Brad Fitzpatrick	b8edb7a5e9	control/controlclient: add Debug field to NetworkMap As part of disabling background STUN packets when idle, we want an emergency override switch to turn it back on, in case it interacts poorly in the wild. We'll send that via control, but we'll want to plumb it down to magicsock via NetworkMap. Updates tailscale/corp#320 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	53fb25fc2f	all: generate discovery key, plumb it around Not actually used yet. Updates #483	4 years ago
Dmytro Shynkevych	c12d87c54b	Fix concurrency issues in controlclient, ipn, types/logger (#456 ) Signed-Off-By: Dmytro Shynkevych <dmytro@tailscale.com>	4 years ago
Brad Fitzpatrick	8edcab04d5	log/logheap: change to POST to a URL instead of logging It's too big to log.	4 years ago
Brad Fitzpatrick	24009241bf	net/netns: move SOCKS dialing to netns for now This lets control & logs also use SOCKS dials. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
David Anderson	03682cb271	control/controlclient: use netns package to dial connections. Signed-off-by: David Anderson <danderson@tailscale.com>	4 years ago
Brad Fitzpatrick	f0204098d8	Revert "control/controlclient: use "getprop net.hostname" for Android hostname" This reverts commit `afb9c6a6ab`. Doesn't work. See: https://github.com/tailscale/tailscale/issues/409#issuecomment-635241550 Looks pretty dire: https://medium.com/capital-one-tech/how-to-get-an-android-device-nickname-d5eab12f4ced Updates #409	4 years ago
Brad Fitzpatrick	afb9c6a6ab	control/controlclient: use "getprop net.hostname" for Android hostname Updates #409	4 years ago
Brad Fitzpatrick	703d789005	tailcfg: add MapResponse.Debug mechanism to trigger logging heap pprof Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	e6b84f2159	all: make client use server-provided DERP map, add DERP region support Instead of hard-coding the DERP map (except for cmd/tailscale netcheck for now), get it from the control server at runtime. And make the DERP map support multiple nodes per region with clients picking the first one that's available. (The server will balance the order presented to clients for load balancing) This deletes the stunner package, merging it into the netcheck package instead, to minimize all the config hooks that would've been required. Also fix some test flakes & races. Fixes #387 (Don't hard-code the DERP map) Updates #388 (Add DERP region support) Fixes #399 (wgengine: flaky tests) Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Avery Pennarun	c5fcc38bf1	controlclient tests: fix more memory leaks and add resource checking. I can now run these tests with -count=1000 without running out of RAM. Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>	4 years ago
Avery Pennarun	d03de31404	controlclient/direct: fix a race condition accessing auth keys. Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>	4 years ago
Brad Fitzpatrick	fefd7e10dc	types/structs: add structs.Incomparable annotation, use it where applicable Shotizam before and output queries: sqlite> select sum(size) from bin where func like 'type..%'; 129067 => 120216	4 years ago
Avery Pennarun	65fbb9c303	wgengine/filter: support subnet mask rules, not just /32 IPs. This depends on improved support from the control server, to send the new subnet width (Bits) fields. If these are missing, we fall back to assuming their value is /32. Conversely, if the server sends Bits fields to an older client, it will interpret them as /32 addresses. Since the only rules we allow are "accept" rules, this will be narrower or equal to the intended rule, so older clients will simply reject hosts on the wider subnet (fail closed). With this change, the internal filter.Matches format has diverged from the wire format used by controlclient, so move the wire format into tailcfg and convert it to filter.Matches in controlclient. Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>	4 years ago
Brad Fitzpatrick	a464439658	control/controlclient: fix build break caused by overzealous gitting	4 years ago
Brad Fitzpatrick	172d72a060	Revert "net/tlsdial: add memory-optimized TLS cert verification path for iOS" This reverts commit `6fcbd4c4d4`. Decided to put it in tailscale/go's crypto/x509 instead.	4 years ago
Brad Fitzpatrick	eb6de2bd88	control/controlclient: restore Options.HTTPC as Options.HTTPTestClient I removed the HTTPC field in `b6fa5a69be` but it was apparently still used in [oss-skipped] tests. Restore it, but name it so it's more obvious that it's only for tests. (It currently is, and I'd like to keep it like that for now.)	4 years ago
Brad Fitzpatrick	6fcbd4c4d4	net/tlsdial: add memory-optimized TLS cert verification path for iOS Behind a build tag for now.	4 years ago
Brad Fitzpatrick	b6fa5a69be	net/tlsdial: add package for TLS dials, and make DERP & controlclient use it This will do the iOS-optimized cert checking in a following change.	4 years ago

1 2

79 Commits (ac866054c75473d394e0e2fc47ee4850b877851f)