tailscale

Commit Graph

Author	SHA1	Message	Date
Charlotte Brandhorst-Satzkorn	f937cb6794	tailcfg,ipn,appc: add c2n endpoint for appc domain routes This change introduces a c2n endpoint that returns a map of domains to a slice of resolved IP addresses for the domain. Fixes tailscale/corp#15657 Signed-off-by: Charlotte Brandhorst-Satzkorn <charlotte@tailscale.com>	8 months ago
Will Norris	6b956b49e0	client/web: add some security checks for full client Require that requests to servers in manage mode are made to the Tailscale IP (either ipv4 or ipv6) or quad-100. Also set various security headers on those responses. These might be too restrictive, but we can relax them as needed. Allow requests to /ok (even in manage mode) with no checks. This will be used for the connectivity check from a login client to see if the management client is reachable. Updates tailscale/corp#14335 Signed-off-by: Will Norris <will@tailscale.com>	8 months ago
Will Norris	658971d7c0	ipn/ipnlocal: serve web client on quad100 if enabled if the user pref and nodecap for the new web client are enabled, serve the client over requests to 100.100.100.100. Today, that is just a static page that lists the local Tailcale IP addresses. For now, this will render the readonly full management client, with an "access" button that sends the user through check mode. After completing check mode, they will still be in the read-only view, since they are not accessing the client over Tailscale. Instead, quad100 should serve the lobby client that has a "manage" button that will open the management client on the Tailscale IP (and trigger check mode). That is something we'll fix in a subsequent PR in the web client code itself. Updates tailscale/corp#14335 Signed-off-by: Will Norris <will@tailscale.com>	8 months ago
Sonia Appasamy	0ecfc1d5c3	client/web: fill devMode from an env var Avoids the need to pipe a web client dev flag through the tailscaled command. Updates tailscale/corp#14335 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	8 months ago
Sonia Appasamy	191e2ce719	client/web: add ServerMode to web.Server Adds a new Mode to the web server, indicating the specific scenario the constructed server is intended to be run in. Also starts filling this from the cli/web and ipn/ipnlocal callers. From cli/web this gets filled conditionally based on whether the preview web client node cap is set. If not set, the existing "legacy" client is served. If set, both a login/lobby and full management client are started (in "login" and "manage" modes respectively). Updates tailscale/corp#14335 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	8 months ago
James Tucker	f27b2cf569	appc,cmd/sniproxy,ipn/ipnlocal: split sniproxy configuration code out of appc The design changed during integration and testing, resulting in the earlier implementation growing in the appc package to be intended now only for the sniproxy implementation. That code is moved to it's final location, and the current App Connector code is now renamed. Updates tailscale/corp#15437 Signed-off-by: James Tucker <james@tailscale.com>	8 months ago
Sonia Appasamy	aa5af06165	ipn/ipnlocal: include web client port in setTCPPortsIntercepted Updates tailscale/corp#14335 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	8 months ago
Sonia Appasamy	b370274b29	ipn/ipnlocal: pull CapabilityPreviewWebClient into webClientAtomicBool Now uses webClientAtomicBool as the source of truth for whether the web client should be running in tailscaled, with it updated when either the RunWebClient pref or CapabilityPreviewWebClient node capability changes. This avoids requiring holding the LocalBackend lock on each call to ShouldRunWebClient to check for the CapabilityPreviewWebClient value. Updates tailscale/corp#14335 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	8 months ago
James Tucker	228a82f178	ipn/ipnlocal,tailcfg: add AppConnector service to HostInfo when configured Updates tailscale/corp#15437 Signed-off-by: James Tucker <james@tailscale.com>	8 months ago
James Tucker	6ad54fed00	appc,ipn/ipnlocal: add App Connector domain configuration from mapcap The AppConnector is now configured by the mapcap from the control plane. Updates tailscale/corp#15437 Signed-off-by: James Tucker <james@tailscale.com>	8 months ago
James Tucker	b48b7d82d0	appc,ipn/ipnlocal,net/dns/resolver: add App Connector wiring when enabled in prefs An EmbeddedAppConnector is added that when configured observes DNS responses from the PeerAPI. If a response is found matching a configured domain, routes are advertised when necessary. The wiring from a configuration in the netmap capmap is not yet done, so while the connector can be enabled, no domains can yet be added. Updates tailscale/corp#15437 Signed-off-by: James Tucker <james@tailscale.com>	8 months ago
Will Norris	e7482f0df0	ipn/ipnlocal: prevent deadlock on WebClientShutdown WebClientShutdown tries to acquire the b.mu lock, so run it in a go routine so that it can finish shutdown after setPrefsLockedOnEntry is finished. This is the same reason b.sshServer.Shutdown is run in a go routine. Updates tailscale/corp#14335 Signed-off-by: Will Norris <will@tailscale.com>	8 months ago
James Tucker	0ee4573a41	ipn/ipnlocal: fix small typo Updates #cleanup Signed-off-by: James Tucker <james@tailscale.com>	8 months ago
Will Norris	66c7af3dd3	ipn: replace web client debug flag with node capability Updates tailscale/corp#14335 Signed-off-by: Will Norris <will@tailscale.com>	8 months ago
Sonia Appasamy	44175653dc	ipn/ipnlocal: rename web fields/structs to webClient For consistency and clarity around what the LocalBackend.web field is used for. Updates tailscale/corp#14335 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	8 months ago
Will Norris	ea599b018c	ipn: serve web client requests from LocalBackend instead of starting a separate server listening on a particular port, use the TCPHandlerForDst method to intercept requests for the special web client port (currently 5252, probably configurable later). Updates tailscale/corp#14335 Signed-off-by: Will Norris <will@tailscale.com>	8 months ago
Will Norris	28ad910840	ipn: add user pref for running web client This is not currently exposed as a user-settable preference through `tailscale up` or `tailscale set`. Instead, the preference is set when turning the web client on and off via localapi. In a subsequent commit, the pref will be used to automatically start the web client on startup when appropriate. Updates tailscale/corp#14335 Signed-off-by: Will Norris <will@tailscale.com>	8 months ago
Sonia Appasamy	89953b015b	ipn/ipnlocal,client/web: add web client to tailscaled Allows for serving the web interface from tailscaled, with the ability to start and stop the server via localapi endpoints (/web/start and /web/stop). This will be used to run the new full management web client, which will only be accessible over Tailscale (with an extra auth check step over noise) from the daemon. This switch also allows us to run the web interface as a long-lived service in environments where the CLI version is restricted to CGI, allowing us to manage certain auth state in memory. ipn/ipnlocal/web is stubbed out in ipn/ipnlocal/web_stub for ios builds to satisfy ios restriction from adding "text/template" and "html/template" dependencies. Updates tailscale/corp#14335 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	8 months ago
Rhea Ghosh	387a98fe28	ipn/ipnlocal: exclude tvOS devices from taildrop file targets (#10002 )	8 months ago
Aaron Klotz	95671b71a6	ipn, safesocket: use Windows token in LocalAPI On Windows, the idiomatic way to check access on a named pipe is for the server to impersonate the client on its current OS thread, perform access checks using the client's access token, and then revert the OS thread's access token back to its true self. The access token is a better representation of the client's rights than just a username/userid check, as it represents the client's effective rights at connection time, which might differ from their normal rights. This patch updates safesocket to do the aforementioned impersonation, extract the token handle, and then revert the impersonation. We retain the token handle for the remaining duration of the connection (the token continues to be valid even after we have reverted back to self). Since the token is a property of the connection, I changed ipnauth to wrap the concrete net.Conn to include the token. I then plumbed that change through ipnlocal, ipnserver, and localapi as necessary. I also added a PermitLocalAdmin flag to the localapi Handler which I intend to use for controlling access to a few new localapi endpoints intended for configuring auto-update. Updates https://github.com/tailscale/tailscale/issues/755 Signed-off-by: Aaron Klotz <aaron@tailscale.com>	8 months ago
Andrea Gottardo	741d7bcefe	Revert "ipn/ipnlocal: add new DNS and subnet router policies" (#9962 ) This reverts commit `32194cdc70`. Signed-off-by: Nick O'Neill <nick@tailscale.com>	8 months ago
Adrian Dewhurst	32194cdc70	ipn/ipnlocal: add new DNS and subnet router policies In addition to the new policy keys for the new options, some already-in-use but missing policy keys are also being added to util/syspolicy. Updates ENG-2133 Change-Id: Iad08ca47f839ea6a65f81b76b4f9ef21183ebdc6 Signed-off-by: Adrian Dewhurst <adrian@tailscale.com>	8 months ago
Andrew Lytvynov	593c086866	clientupdate: distinguish when auto-updates are possible (#9896 ) clientupdate.Updater will have a non-nil Update func in a few cases where it doesn't actually perform an update: * on Arch-like distros, where it prints instructions on how to update * on macOS app store version, where it opens the app store page Add a new clientupdate.Arguments field to cause NewUpdater to fail when we hit one of these cases. This results in c2n updates being "not supported" and `tailscale set --auto-update` returning an error. Updates #755 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	8 months ago
Maisem Ali	17b2072b72	ipn/ipnlocal: set the push device token correctly It would end up resetting whatever hostinfo we had constructed and leave the backend statemachine in a broken state. This fixes that by storing the PushDeviceToken on the LocalBackend and populating it on Hostinfo before passing it to controlclient. Updates tailscale/corp#8940 Updates tailscale/corp#15367 Signed-off-by: Maisem Ali <maisem@tailscale.com>	8 months ago
Maisem Ali	0e89245c0f	ipn/ipnlocal: drop hostinfo param from doSetHostinfoFilterServices The value being passed was the same as whats on b.hostinfo, so just use that directly. Updates #cleanup Signed-off-by: Maisem Ali <maisem@tailscale.com>	8 months ago
Maisem Ali	f398712c00	ipn/ipnlocal: prevent changing serve config if conf.Locked This adds a check to prevent changes to ServeConfig if tailscaled is run with a Locked config. Missed in `1fc3573446`. Updates #1412 Signed-off-by: Maisem Ali <maisem@tailscale.com>	8 months ago
Irbe Krumina	eced054796	ipn/ipnlocal: close connections for removed proxy transports (#9884 ) Ensure that when a userspace proxy config is reloaded, connections for any removed proxies are safely closed Updates tailscale/tailscale#9725 Signed-off-by: Irbe Krumina <irbe@tailscale.com>	8 months ago
Andrew Lytvynov	25b6974219	ipn/ipnlocal: send ClientVersion to Apple frontends (#9887 ) Apple frontends will now understand this Notify field and handle it. Updates #755 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	8 months ago
Irbe Krumina	f09cb45f9d	ipn/ipnlocal: initiate proxy transport once (#9883 ) Initiates http/h2c transport for userspace proxy backend lazily and at most once. Updates tailscale/tailscale#9725 Signed-off-by: Irbe Krumina <irbe@tailscale.com>	8 months ago
Irbe Krumina	09b5bb3e55	ipn/ipnlocal: proxy gRPC requests over h2c if needed. (#9847 ) Updates userspace proxy to detect plaintext grpc requests using the preconfigured host prefix and request's content type header and ensure that these will be proxied over h2c. Updates tailscale/tailscale#9725 Signed-off-by: Irbe Krumina <irbe@tailscale.com>	8 months ago
Joe Tsai	3f27087e9d	taildrop: switch hashing to be streaming based (#9861 ) While the previous logic was correct, it did not perform well. Resuming is a dance between the client and server, where 1. the client requests hashes for a partial file, 2. the server then computes those hashes, 3. the client computes hashes locally and compares them. 4. goto 1 while the partial file still has data While step 2 is running, the client is sitting idle. While step 3 is running, the server is sitting idle. By streaming over the block hash immediately after the server computes it, the client can start checking the hash, while the server works on the next hash (in a pipelined manner). This performs dramatically better and also uses less memory as we don't need to hold a list of hashes, but only need to handle one hash at a time. There are two detriments to this approach: * The HTTP API relies on a JSON stream, which is not a standard REST-like pattern. However, since we implement both client and server, this is fine. * While the stream is on-going, we hold an open file handle on the server side while the file is being hashed. On really slow streams, this could hold a file open forever. Updates tailscale/corp#14772 Signed-off-by: Joe Tsai <joetsai@digital-static.net> Co-authored-by: Rhea Ghosh <rhea@tailscale.com>	9 months ago
Joe Tsai	7971333603	ipn: fix localapi and peerapi protocol for taildrop resume (#9860 ) Minor fixes: * The branch for listing or hashing partial files was inverted. * The host for peerapi call needs to be real (rather than bogus). * Handle remote peers that don't support resuming. * Make resume failures non-fatal (since we can still continue). This was tested locally, end-to-end system test is future work. Updates tailscale/corp#14772 Signed-off-by: Joe Tsai <joetsai@digital-static.net> Co-authored-by: Rhea Ghosh <rhea@tailscale.com>	9 months ago
Andrew Lytvynov	77127a2494	clientupdate: fix background install for linux tarballs (#9852 ) Two bug fixes: 1. when tailscale update is executed as root, `os.UserCacheDir` may return an error because `$XDG_CACHE_HOME` and `$HOME` are not set; fallback to `os.TempDir` in those cases 2. on some weird distros (like my EndeavourOS), `/usr/sbin` is just a symlink to `/usr/bin`; when we resolve `tailscale` binary path from `tailscaled`, allow `tailscaled` to be in either directory Updates #755 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	9 months ago
Joe Tsai	c2a551469c	taildrop: implement asynchronous file deletion (#9844 ) File resumption requires keeping partial files around for some time, but we must still eventually delete them if never resumed. Thus, we implement asynchronous file deletion, which could spawn a background goroutine to delete the files. We also use the same mechanism for deleting files on Windows, where a file can't be deleted if there is still an open file handle. We can enqueue those with the asynchronous file deleter as well. Updates tailscale/corp#14772 Signed-off-by: Joe Tsai <joetsai@digital-static.net>	9 months ago
Brad Fitzpatrick	1fc3573446	ipn/{conffile,ipnlocal}: start booting tailscaled from a config file w/ auth key Updates #1412 Change-Id: Icd880035a31df59797b8379f4af19da5c4c453e2 Co-authored-by: Maisem Ali <maisem@tailscale.com> Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	9 months ago
Rhea Ghosh	9d3c6bf52e	ipn/ipnlocal/peerapi: refactoring taildrop to just one endpoint (#9832 ) Updates #14772 Signed-off-by: Rhea Ghosh <rhea@tailscale.com>	9 months ago
Andrew Lytvynov	b949e208bb	ipn/ipnlocal: fix AllowsUpdate disable after enable (#9827 ) The old code would always retain value `true` if it was set once, even if you then change `prefs.AutoUpdate.Apply` to `false`. Instead of using the previous value, use the default (envknob) value to OR with. Updates #755 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	9 months ago
Brad Fitzpatrick	18bd98d35b	cmd/tailscaled,*: add start of configuration file support Updates #1412 Co-authored-by: Maisem Ali <maisem@tailscale.com> Change-Id: I38d559c1784d09fc804f521986c9b4b548718f7d Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	9 months ago
Rhea Ghosh	71271e41d6	ipn/{ipnlocal/peerapi, localapi} initial taildrop resume api plumbing (#9798 ) This change: * adds a partial files peerAPI endpoint to get a list of partial files * adds a helper function to extract the basename of a file * updates the peer put peerAPI endpoint * updates the file put localapi endpoint to allow resume functionality Updates #14772 Signed-off-by: Rhea Ghosh <rhea@tailscale.com>	9 months ago
Andrew Lytvynov	8a5b02133d	clientupdate: return ErrUnsupported for macSys clients (#9793 ) The Sparkle-based update is not quite working yet. Make `NewUpdater` return `ErrUnsupported` for it to avoid the proliferation of exceptions up the stack. Updates #755 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	9 months ago
Kristoffer Dalby	e06f2f1873	ipn/ipnlocal: change serial number policy to be PreferenceOption This commit changes the PostureChecking syspolicy key to be a PreferenceOption(user-defined, always, never) instead of Bool. This aligns better with the defaults implementation on macOS allowing CLI arguments to be read when user-defined or no defaults is set. Updates #tailscale/tailscale/5902 Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>	9 months ago
Rhea Ghosh	8c7169105e	ipn/{ipnlocal/peerapi, localapi}: cleaning up http statuses for consistency and readability (#9796 ) Updates #cleanup Signed-off-by: Rhea Ghosh <rhea@tailscale.com>	9 months ago
Andrew Lytvynov	af5a586463	ipn/ipnlocal: include AutoUpdate prefs in HostInfo.AllowsUpdate (#9792 ) Updates #9260 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	9 months ago
Joe Tsai	b1867eb23f	taildrop: add logic for resuming partial files (#9785 ) We add the following API: * type FileChecksums * type Checksum * func Manager.PartialFiles * func Manager.HashPartialFile * func ResumeReader The Manager methods provide the ability to query for partial files and retrieve a list of checksums for a given partial file. The ResumeReader function is a helper that wraps an io.Reader to discard content that is identical locally and remotely. The FileChecksums type represents the checksums of a file and is safe to JSON marshal and send over the wire. Updates tailscale/corp#14772 Signed-off-by: Joe Tsai <joetsai@digital-static.net> Co-authored-by: Rhea Ghosh <rhea@tailscale.com>	9 months ago
Maisem Ali	24f322bc43	ipn/ipnlocal: do unexpired cert renewals in the background We were eagerly doing a synchronous renewal of the cert while trying to serve traffic. Instead of that, just do the cert renewal in the background and continue serving traffic as long as the cert is still valid. This regressed in `c1ecae13ab` when we introduced ARI support and were trying to make the experience of `tailscale cert` better. However, that ended up regressing the experience for tsnet as it would not always doing the renewal synchronously. Fixes #9783 Signed-off-by: Maisem Ali <maisem@tailscale.com>	9 months ago
Joe Tsai	37c646d9d3	taildrop: improve the functionality and reliability of put (#9762 ) Changes made: * Move all HTTP related functionality from taildrop to ipnlocal. * Add two arguments to taildrop.Manager.PutFile to specify an opaque client ID and a resume offset (both unused for now). * Cleanup the logic of taildrop.Manager.PutFile to be easier to follow. * Implement file conflict handling where duplicate files are renamed (e.g., "IMG_1234.jpg" -> "IMG_1234 (2).jpg"). * Implement file de-duplication where "renaming" a partial file simply deletes it if it already exists with the same contents. * Detect conflicting active puts where a second concurrent put results in an error. Updates tailscale/corp#14772 Signed-off-by: Joe Tsai <joetsai@digital-static.net> Co-authored-by: Rhea Ghosh <rhea@tailscale.com>	9 months ago
Maisem Ali	319607625f	ipn/ipnlocal: fix log spam from now expected paths These log paths were actually unexpected until the refactor in `fe95d81b43`. This moves the logs to the callsites where they are actually unexpected. Fixes #9670 Signed-off-by: Maisem Ali <maisem@tailscale.com>	9 months ago
Kristoffer Dalby	7f540042d5	ipn/ipnlocal: use syspolicy to determine collection of posture data Updates #5902 Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>	9 months ago
Kristoffer Dalby	9eedf86563	posture: add get serial support for Windows/Linux This commit adds support for getting serial numbers from SMBIOS on Windows/Linux (and BSD) using go-smbios. Updates #5902 Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>	9 months ago
Kristoffer Dalby	b4e587c3bd	tailcfg,ipn: add c2n endpoint for posture identity Updates #5902 Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>	9 months ago

1 2 3 4 5 ...

788 Commits (f937cb6794d1c0ea5e30d79c4093b0f123dbcb25)