Commit Graph

2216 Commits (f1d45bc4bb20fb4b8e602ec800c96e0becd51674)
 

Author SHA1 Message Date
David Anderson 2edb57dbf1 net/dns: add new Config that captures tailscale+OS DNS config.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson 8af9d770cf net/dns: rename Config to OSConfig.
Making way for a new higher level config struct.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson fcfc0d3a08 net/dns: remove ManagerConfig, pass relevant args directly.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson 0ca04f1e01 net/dns: put noop.go back, limit with build tags for staticcheck.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson 95470c3448 net/dns: remove Cleanup manager parameter.
It's only use to skip some optional initialization during cleanup,
but that work is very minor anyway, and about to change drastically.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson cf361bb9b1 net/dns: remove PerDomain from Config.
It's currently unused, and no longer makes sense with the upcoming
DNS infrastructure. Keep it in tailcfg for now, since we need protocol
compat for a bit longer.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson f77ba75d6c wgengine/router: move DNS cleanup into the DNS package.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson 15875ccc63 wgengine/router: don't store unused tunname on windows. 4 years ago
Brad Fitzpatrick 6266cf8e36 ipn/ipnlocal: fix peerapi6 port being report as 0 in netstack mode
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
David Anderson 9f105d3968 net/dns/resolver: teach the forwarder to do per-domain routing.
Given a DNS route map, the forwarder selects the right set of
upstreams for a given name.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Crawshaw 4ed111281b version/distro: look for absolute synology path
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
4 years ago
Brad Fitzpatrick 2f60ab92dd tailcfg: add Node.Capabilities, remove old stuff
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Brad Fitzpatrick c25ecddd1b tailcfg: remove UserProfile.Roles field, add tests for legacy behavior
Old macOS clients required we populate this field to a non-null
value so we were unable to remove this field before.

Instead, keep the field but change its type to a custom empty struct
that can marshal/unmarshal JSON. And lock it in with a test.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Brad Fitzpatrick e698973196 ipn/policy: mark peerapi4 and peerapi6 as interesting services 4 years ago
Brad Fitzpatrick 39b9ab3522 cmd/tailscaled: rename isUserspace to useNetstack
The bool was already called useNetstack at the caller.
isUserspace (to mean netstack) is confusing next to wgengine.NewUserspaceEngine, as that's
a different type of 'userspace'.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Josh Bleecher Snyder 34d4943357 all: gofmt -s
The code is not obviously better or worse, but this makes the little warning
triangle in my editor go away, and the distraction removal is worth it.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
4 years ago
Josh Bleecher Snyder 1df162b05b wgengine/magicsock: adapt CreateEndpoint signature to match wireguard-go
Part of a temporary change to make merging wireguard-go easier.
See https://github.com/tailscale/wireguard-go/pull/45.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
4 years ago
Brad Fitzpatrick e64383a80e wgengine/router: document some fields a bit more
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Denton Gentry 35ab4020c7 wgengine/monitor: Linux fall back to polling
Google Cloud Run does not implement NETLINK_ROUTE RTMGRP.
If initialization of the netlink socket or group membership
fails, fall back to a polling implementation.

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
4 years ago
David Anderson 90f82b6946 net/dns/resolver: add live reconfig, plumb through to ipnlocal.
The resolver still only supports a single upstream config, and
ipn/wgengine still have to split up the DNS config, but this moves
closer to unifying the DNS configs.

As a handy side-effect of the refactor, IPv6 MagicDNS records exist
now.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson caeafc4a32 net/dns/resolver: fix package docstring.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson dbe4f6f42d net/dns/resolver: unexport Resolve and ResolveReverse.
They're only used internally and in tests, and have surprising
semantics in that they only resolve MagicDNS names, not upstream
resolver queries.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson cdeb8d6816 net/dns/resolver: fix staticcheck error.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson f185d62dc8 net/dns/resolver: unexport Packet, only use it internally.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson 5fb9e00ecf net/dns/resolver: remove Start method, fully spin up in New instead.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson 075fb93e69 net/dns/resolver: remove the Config struct.
In preparation for reintroducing a runtime reconfig Config struct.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson bc81dd4690 net/dns/resolver: rename ResolverConfig to just Config.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson d99f5b1596 net/dns/resolver: factor the resolver out into a sub-package.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
Brad Fitzpatrick 53cfff109b ipn: replace SetWantRunning(bool) with EditPrefs(MaskedPrefs)
This adds a new ipn.MaskedPrefs embedding a ipn.Prefs, along with a
bunch of "has bits", kept in sync with tests & reflect.

Then it adds a Prefs.ApplyEdits(MaskedPrefs) method.

Then the ipn.Backend interface loses its weirdo SetWantRunning(bool)
method (that I added in 483141094c for "tailscale down")
and replaces it with EditPrefs (alongside the existing SetPrefs for now).

Then updates 'tailscale down' to use EditPrefs instead of SetWantRunning.

In the future, we can use this to do more interesting things with the
CLI, reconfiguring only certain properties without the reset-the-world
"tailscale up".

Updates #1436

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Brad Fitzpatrick 4ed6b62c7a ipn/ipnlocal: refactor to unindent a bit
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Brad Fitzpatrick 1f583a895e ipn/ipnlocal: stop sending machine key to frontends
We were going to remove this in Tailscale 1.3 but forgot.

This means Tailscale 1.8 users won't be able to downgrade to Tailscale
1.0, but that's fine.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Maisem Ali 1c98c5f103 cmd/tailscaled: remove tailscaled binary on uninstall-system-daemon
Signed-off-by: Maisem Ali <maisem@tailscale.com>
4 years ago
Maisem Ali db13b2d0c8 cmd/tailscale, ipn/localapi: add "tailscale bugreport" subcommand
Adding a subcommand which prints and logs a log marker. This should help
diagnose any issues that users face.

Fixes #1466

Signed-off-by: Maisem Ali <maisem@tailscale.com>
4 years ago
Denton Gentry 09148c07ba interfaces: check correct error /proc/net/route
wrap io.EOF if we hit https://github.com/google/gvisor/issues/5732
Check for the correct err.

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
4 years ago
Brad Fitzpatrick 47363c95b0 go.mod: bump wireguard-go 4 years ago
Brad Fitzpatrick c3bee0b722 ipn/ipnlocal: make peerapi work on iOS again
It didn't have a storage directory.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Naman Sood 31c7745631
wgengine/netstack: stop re-adding IPs registered by active TCP connections (#1629)
Signed-off-by: Naman Sood <mail@nsood.in>
4 years ago
Brad Fitzpatrick 1bd14a072c cmd/tailscale, ipn/localapi: move IP forwarding check to tailscaled, API
Instead of having the CLI check whether IP forwarding is enabled, ask
tailscaled. It has a better idea. If it's netstack, for instance, the
sysctl values don't matter. And it's possible that only the daemon has
permission to know.

Fixes #1626

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
David Crawshaw ea714c6054 cmd/tailscale/cli: split out web.css file
CSS formatted with:

	npx prettier --use-tabs --write cmd/tailscale/cli/web.css

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
4 years ago
Brad Fitzpatrick 7f03c0f8fe wgengine/wgcfg/nmcfg: reduce some logging when a /0 route skipped
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Josh Bleecher Snyder 7b907615d5 wgengine/wgcfg/nmcfg: remove dead code
The call to appendEndpoint updates cpeer.Endpoints.
Then it is overwritten in the next line.
The only errors from appendEndpoint occur when
the host/port pair is malformed, but that cannot happen.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
4 years ago
Brad Fitzpatrick a998fe7c3d control/controlclient: support lazy machine key generation
It's not done in the caller yet, but the controlclient does it now.

Updates #1573

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Ross Zurowski 8d57bce5ef
cmd/tailscale: add initial web UI (#1621)
Signed-off-by: Ross Zurowski <ross@rosszurowski.com>
4 years ago
Brad Fitzpatrick ddaacf0a57 control/controlclient: document a few things
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Brad Fitzpatrick cf2beafbcd ipn/ipnlocal: on Windows peerapi bind failures, try again on link change
Updates #1620

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Brad Fitzpatrick a7be780155 go.mod, go.sum: bump wireguard-go 4 years ago
Brad Fitzpatrick 6d1a9017c9 ipn/{ipnlocal,localapi}, client/tailscale: add file get/delete APIs
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Denton Gentry a9745a0b68 interfaces: try larger read from /proc/net/route
Work around https://github.com/google/gvisor/issues/5732
by trying to read /proc/net/route with a larger bufsize if
it fails the first time.

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
4 years ago
Denton Gentry 54ba6194f7 interfaces: allow IPv6 ULA as a valid address.
IPv6 Unique Local Addresses are sometimes used with Network
Prefix Translation to reach the Internet. In that respect
their use is similar to the private IPv4 address ranges
10/8, 172.16/12, and 192.168/16.

Treat them as sufficient for AnyInterfaceUp(), but specifically
exclude Tailscale's own IPv6 ULA prefix to avoid mistakenly
trying to bootstrap Tailscale using Tailscale.

This helps in supporting Google Cloud Run, where the addresses
are 169.254.8.1/32 and fddf:3978:feb1:d745::c001/128 on eth1.

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
4 years ago
Denton Gentry ecf310be3c net/tsaddr: IsUla() for IPv6 Unique Local Address
Signed-off-by: Denton Gentry <dgentry@tailscale.com>
4 years ago