tailscale

Commit Graph

Author	SHA1	Message	Date
Brad Fitzpatrick	7f68e097dd	net/netcheck: fix HTTPS fallback bug from earlier today My earlier `3fa58303d0` tried to implement the net/http.Tranhsport.DialTLSContext hook, but I didn't return a *tls.Conn, so we ended up sending a plaintext HTTP request to an HTTPS port. The response ended up being Go telling as such, not the /derp/latency-check handler's response (which is currently still a 404). But we didn't even get the 404. This happened to work well enough because Go's built-in error response was still a valid HTTP response that we can measure for timing purposes, but it's not a great answer. Notably, it means we wouldn't be able to get a future handler to run server-side and count those latency requests.	4 years ago
David Anderson	5114df415e	net/netns: set the bypass socket mark on linux. This allows tailscaled's own traffic to bypass Tailscale-managed routes, so that things like tailscale-provided default routes don't break tailscaled itself. Progress on #144. Signed-off-by: David Anderson <danderson@tailscale.com>	4 years ago
Brad Fitzpatrick	3fa58303d0	netcheck: address some HTTP fallback measurement TODOs	4 years ago
David Anderson	e9f7d01b91	derp/derphttp: make DERP client use netns for dial-outs.	4 years ago
Brad Fitzpatrick	e6b84f2159	all: make client use server-provided DERP map, add DERP region support Instead of hard-coding the DERP map (except for cmd/tailscale netcheck for now), get it from the control server at runtime. And make the DERP map support multiple nodes per region with clients picking the first one that's available. (The server will balance the order presented to clients for load balancing) This deletes the stunner package, merging it into the netcheck package instead, to minimize all the config hooks that would've been required. Also fix some test flakes & races. Fixes #387 (Don't hard-code the DERP map) Updates #388 (Add DERP region support) Fixes #399 (wgengine: flaky tests) Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	040a0d5121	derp/derphttp: don't use x/net/proxy for SOCKS on iOS We don't want those extra dependencies on iOS, at least yet. Especially since there's no way to set the relevant environment variables so it's just bloat with no benefits. Perhaps we'll need to do SOCKS on iOS later, but probably differently if/when so. Updates #227 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	e42ec4efba	derp/derphttp: use SOCKS/etc proxies for derphttp dials Updates #227 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	b6fa5a69be	net/tlsdial: add package for TLS dials, and make DERP & controlclient use it This will do the iOS-optimized cert checking in a following change.	4 years ago
Brad Fitzpatrick	614eec174f	derp/derphttp: avoid endless reconnect race on failure Originally from @stablebits (Dmitry Adamushko) in: https://github.com/tailscale/tailscale/pull/264	4 years ago
Brad Fitzpatrick	e749377a56	derp/derphttp: remove a redundant log message	4 years ago
Brad Fitzpatrick	1d3f45f9be	derp/derphttp: ignore PeerGoneMessage in test	4 years ago
David Crawshaw	43aa8595dd	derp: introduce Conn interface This lets us test with something other than a net.Conn. Signed-off-by: David Crawshaw <crawshaw@tailscale.com>	4 years ago
Brad Fitzpatrick	6978b93bdd	derp, magicsock: track home (preferred) vs visiting connections for stats	4 years ago
Brad Fitzpatrick	cf4aacde57	derp/derphttp: appease staticcheck	4 years ago
Brad Fitzpatrick	2cff9016e4	net/dnscache: add overly simplistic DNS cache package for selective use I started to write a full DNS caching resolver and I realized it was overkill and wouldn't work on Windows even in Go 1.14 yet, so I'm doing this tiny one instead for now, just for all our netcheck STUN derp lookups, and connections to DERP servers. (This will be caching a exactly 8 DNS entries, all ours.) Fixes #145 (can be better later, of course)	4 years ago
Brad Fitzpatrick	bf704a5218	derp: protocol negotiation, add v2: send src pub keys to clients in packets Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
David Crawshaw	9be9738f62	derphttp: add TLSConfig field Signed-off-by: David Crawshaw <crawshaw@tailscale.com>	4 years ago
Brad Fitzpatrick	517a91de75	derp/derphttp: fix reconnect behavior I broke it in today's `752146a70f`. Added some comments to prevent recurrences. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	38acccad09	derp: remove some debug noise I left in :(	4 years ago
Brad Fitzpatrick	752146a70f	derp: clean up derphttp client code, use contexts Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	379a3125fd	derp, wgengine/magicsock: support more than just packets from Client.Recv Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	619697063e	derp: more misc cleanups And add an explicit derphttp.Client.Connect in the test now that it's done lazily. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	e06ca40650	wgengine, magicsock, derp: misc cleanups, docs Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	259406e797	derp: move away from [32]byte key types And some minor cleanup in the process. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	2896be60db	Move "logger" package to under types, now that we have it. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Brad Fitzpatrick	a59dc5f155	Use logger.Logf consistently. It was used in most places. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 years ago
Earl Lee	a8d8b8719a	Move Linux client & common packages into a public repo.	4 years ago

1 2

77 Commits (da8def8e13d44df0c4183300c826523ba933cb37)