Commit Graph

4467 Commits (c312e0d264781817200e559bc7cd12498a6f88c0)
 

Author SHA1 Message Date
David Crawshaw 6d2ac01464 go.mod: bump wireguard-go version
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
5 years ago
David Crawshaw 44670d0da9 wgengine: revert wgdev.Close on Close from last commit
Causes as-yet-unknown problems in some tests.

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
5 years ago
wardn 9390a3ef55 wgengine: properly clean up freebsd routes and interfaces on close
Signed-off-by: wardn <wardn@users.noreply.github.com>
5 years ago
David Crawshaw 7a3be96199 wgengine: add pinger to generate initial spray packets
For 3 seconds after a successful handshake, wgengine will send a
ping packet every 300ms to its peer. This ensures the spray logic
in magicsock has something to spray.

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
5 years ago
Brad Fitzpatrick 3988ddc85d types/logger: add WithPrefix, use it in two places
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Brad Fitzpatrick 758744a4e3 Fix some Hostinfo value usages from the previous commit. 5 years ago
Brad Fitzpatrick d8de11a01b control: make Hostinfo accessed by pointer
Fix potential races in copying aliased slices by value.

Also few little doc updates.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Brad Fitzpatrick 824f825552 tsweb, cmd/derper: move common web/debug stuff from derper to new tsweb
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Brad Fitzpatrick 367ffde21a ipn: misc cleanup
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Brad Fitzpatrick 04e6b77774 safesocket: delete incorrect build tag
Leftover from copying one file to another to create safesocket.go
in the earlier documentation change (29f7d64091).
5 years ago
Brad Fitzpatrick 29f7d64091 safesocket: document
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
David Crawshaw a6ad3c46e2 magicsock: spray some normal packets after a handshake
In particular, this is designed to catch the case where a
HandshakeInitiation packet is sent out but the intermediate NATs
have not been primed, so the packet passes over DERP.
In that case, the HandshakeResponse also comes back over DERP,
and the connection proceeds via DERP without ever trying to punch
through the NAT.

With this change, the HandshakeResponse (which was sprayed out
and so primed one NAT) triggers an UpdateDst, which triggers
the extra spray logic.

(For this to work, there has to be an initial supply of packets
to send on to a peer for the three seconds following a handshake.
The source of these packets is left as a future exercise.)

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
5 years ago
Brad Fitzpatrick 8696b17b5f wgengine/magicsock: turn off DERP log spamminess by default
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
David Anderson accf868130 cmd/mkpkg: add flags for debian scripts. 5 years ago
Brad Fitzpatrick f473965ca1 go.sum: update
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Brad Fitzpatrick 7a3b91390b wgengine/magicsock: fix crash in Send when Endpoint isn't an AddrSet
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
David Crawshaw 868cfae84f wgengine, magicsock: adjust for wireguard-go conn/device package split
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
5 years ago
David Crawshaw 8994a59e20 go.mod: update wireguard-go version
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
5 years ago
wardn c51b8c206d wgengine: resolv.conf spelling corrections
Signed-off-by: wardn <wardn@users.noreply.github.com>
5 years ago
David Crawshaw ebc70acac7 go.mod: update wireguard-go version 5 years ago
Brad Fitzpatrick cc7b9b0dff control/controlclient: fix priority of DERP server, add comment 5 years ago
Brad Fitzpatrick 3317531021 derp: fix JSON field typo, sort fields to make it easier to see inconsistencies 5 years ago
Brad Fitzpatrick 6cd81d5d1f derp: add more derp stats for dropped and received packets
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Brad Fitzpatrick c02f4b5a1f control/controlclient: add temporary mechanism to force derp on
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Brad Fitzpatrick 525bf1f3d2 wgengine/magicsock: remember fixed port number preference
So LinkChange events rebind to the same port when possible.
5 years ago
Brad Fitzpatrick c763901b1a cmd/derper: provide debug access over port 80 to trusted (tailscale) IPs
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
David Anderson cc44e8a443 cmd/mkpkg: add small wrapper around nfpm to build deb/rpm packages.
Signed-Off-By: David Anderson <dave@natulte.net>
5 years ago
Brad Fitzpatrick 2612e54ad1 derp, cmd/derper: add debug handlers, stats
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Brad Fitzpatrick 433b917977 interfaces, cmd/tsshd: move interface lookup from tsshd to its own package
For reuse by derper, etc.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Brad Fitzpatrick 37e115834e cmd/derper: support logging to logtail
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Brad Fitzpatrick 379a3125fd derp, wgengine/magicsock: support more than just packets from Client.Recv
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Brad Fitzpatrick 88f1cc0c98 derp, cmd/derper: add rate limiting support, add default 5Mbps limit
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Brad Fitzpatrick 1166c34f6c derp: fix staticcheck warning
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Brad Fitzpatrick 322cb58b14 derp: deflake test I flaked up in earlier change
I broke an invariant in 11048b8932 (it was even nicely
documented then).

Also clean up the test a bit from while I was debugging it.

Fixes #84

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Brad Fitzpatrick f029c4c82d derp: change the protocol framing to always include a length
Addresses one of crawshaw's TODOs.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
David Anderson c47f907a27 ipn: use *Prefs rather than Prefs throughout.
Prefs has become a heavy object with non-memcpy copy
semantics. We should not pass such a thing by value.

Signed-off-by: David Anderson <dave@natulte.net>
5 years ago
David Anderson 0c55777fed ipn: temporary support for loading legacy relaynode configs.
Signed-off-by: David Anderson <dave@natulte.net>
5 years ago
David Crawshaw 4ebc0fa70f wgengine: incremental update of peers on network map change
This is the first, and easier, part of incremental wireguard-go
reconfiguration. It means that a new node appearing on the
network does not cause all existing nodes to re-handshake with
the other nodes they are talking to.

(This code has been running on hello.ipn.dev for a few weeks and
peers have successfully reconnected to it through many network
map updates.)

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
5 years ago
Brad Fitzpatrick 11048b8932 derp: add docs on current protocol overview, break accept apart a bit
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Brad Fitzpatrick 79af6054bf derp: don't start sending keepalives to client until after serverInfo sent
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Brad Fitzpatrick 1155716318 derp: rename some things in the client, add some docs
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Brad Fitzpatrick 4b461c2e77 derp: rename some things in the server, add some docs 5 years ago
Brad Fitzpatrick d298d5b1f8 wgengine/magicsock: support multiple derp servers, and not just for handshakes
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
5 years ago
Martin Baillie a9bff99a9b wgengine: add OpenBSD router DNS update handling
Also removes validated TODO comments.

Signed-off-by: Martin Baillie <martin@baillie.email>
5 years ago
David Anderson 5868dd1a77 Lint: remove unused function.
Signed-off-by: David Anderson <dave@natulte.net>
5 years ago
Avery Pennarun 57bbafde84 cmd/relaynode: drop local --acl-file in favour of central packet filter.
relaynode itself is not long for this world, deprecated in favour of
tailscale/tailscaled. But now that the control server supports central
distribution of packet filters, let's actually take advantage of it in
a final, backward compatible release of relaynode.
5 years ago
David Anderson 77907a76a3 version: tag redo-generated version as +build redo.
staticcheck defaults to running with no tags set, which only
works if redo hasn't run and generated ver.go. If it has,
we end up with a redeclaration conflict.

Signed-off-by: David Anderson <dave@natulte.net>
5 years ago
David Anderson 15b4d26d92 logpolicy: automatically figure out paths and filenames.
The autoselection should pick sensible paths for all of:
 - Windows (LocalAppData)
 - Mac (Library/Caches)
 - Unix user (XDG_CACHE_DIR)
 - Linux systemd service (CACHE_DIRECTORY)

As a last resort, if cache dir lookup fails, plops sufficiently
uniquely named files into the current working directory.

Signed-off-by: David Anderson <dave@natulte.net>
5 years ago
Avery Pennarun bec17d05cb .gitattributes: add a smudge filter for go.mod.
This is used when we want to do development against a local wireguard-go
repository checkout.
5 years ago
Brad Fitzpatrick f266e2d1eb version: add CmdName func for future use by logpolicy
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

Change-Id: I02a7c907844f71242ef06ed097f2a92ece7ae091
5 years ago