tailscale

Commit Graph

Author	SHA1	Message	Date
Jenny Zhang	fe5558094c	cmd/tailscale/cli: add logout and debug info to web Fixes #7238 Signed-off-by: Jenny Zhang <jz@tailscale.com>	1 year ago
David Anderson	bd81d520ab	cmd/printdep: print correct toolchain URL In the switch to static toolchains, we removed a legacy oddity from the toolchain URL structure, but forgot to update printdep. Signed-off-by: David Anderson <danderson@tailscale.com>	1 year ago
David Anderson	70a2929a12	version: make all exported funcs compile-time constant or lazy Signed-off-by: David Anderson <danderson@tailscale.com>	1 year ago
David Anderson	8b2ae47c31	version: unexport all vars, turn Short/Long into funcs The other formerly exported values aren't used outside the package, so just unexport them. Signed-off-by: David Anderson <danderson@tailscale.com>	1 year ago
Denton Gentry	5bca44d572	cmd/sync-containers: update latest and stable tags Fixes https://github.com/tailscale/tailscale/issues/7251 Signed-off-by: Denton Gentry <dgentry@tailscale.com>	1 year ago
Mihai Parparita	fa932fefe7	net/interfaces: redo how we get the default interface on macOS and iOS With #6566 we added an external mechanism for getting the default interface, and used it on macOS and iOS (see tailscale/corp#8201). The goal was to be able to get the default physical interface even when using an exit node (in which case the routing table would say that the Tailscale utun* interface is the default). However, the external mechanism turns out to be unreliable in some cases, e.g. when multiple cellular interfaces are present/toggled (I have occasionally gotten my phone into a state where it reports the pdp_ip1 interface as the default, even though it can't actually route traffic). It was observed that `ifconfig -v` on macOS reports an "effective interface" for the Tailscale utn* interface, which seems promising. By examining the ifconfig source code, it turns out that this is done via a SIOCGIFDELEGATE ioctl syscall. Though this is a private API, it appears to have been around for a long time (e.g. it's in the 10.13 xnu release at https://opensource.apple.com/source/xnu/xnu-4570.41.2/bsd/net/if_types.h.auto.html) and thus is unlikely to go away. We can thus use this ioctl if the routing table says that a utun* interface is the default, and go back to the simpler mechanism that we had before #6566. Updates #7184 Updates #7188 Signed-off-by: Mihai Parparita <mihai@tailscale.com>	1 year ago
Will Norris	6ef834a6b7	get-authkey: require tags to be specified Tailnet-owned auth keys (which all OAuth-created keys are) must include tags, since there is no user to own the registered devices. Signed-off-by: Will Norris <will@tailscale.com>	1 year ago
Maisem Ali	05adf22383	cmd/k8s-operator: add support for running an auth proxy Updates #5055 Signed-off-by: Maisem Ali <maisem@tailscale.com>	1 year ago
Tom DNetto	99b9d7a621	all: implement pcap streaming for datapath debugging Updates: tailscale/corp#8470 Signed-off-by: Tom DNetto <tom@tailscale.com>	1 year ago
Denton Gentry	4daba23cd4	cmd/get-authkey: add an OAuth API client to produce an authkey Updates https://github.com/tailscale/tailscale/issues/3243 Signed-off-by: Denton Gentry <dgentry@tailscale.com>	1 year ago
Maisem Ali	6bae55e351	ipn/ipnlocal: add support to store certs in k8s secrets Fixes #5676 Signed-off-by: Maisem Ali <maisem@tailscale.com>	1 year ago
David Anderson	02a2dcfc86	go.toolchain.rev: use new statically built toolchain Also removes the toolchain builds from flake.nix. For now the flake build uses upstream Go 1.20, a followup change will switch it back to our custom toolchain. Updates tailscale/corp#9005 Signed-off-by: David Anderson <danderson@tailscale.com>	1 year ago
Brad Fitzpatrick	03645f0c27	net/{netns,netstat}: use new x/sys/cpu.IsBigEndian See golang/go#57237 Change-Id: If47ab6de7c1610998a5808e945c4177c561eab45 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Andrew Dunham	2755f3843c	health, net/tlsdial: add healthcheck for self-signed cert When we make a connection to a server, we previously would verify with the system roots, and then fall back to verifying with our baked-in Let's Encrypt root if the system root cert verification failed. We now explicitly check for, and log a health error on, self-signed certificates. Additionally, we now always verify against our baked-in Let's Encrypt root certificate and log an error if that isn't successful. We don't consider this a health failure, since if we ever change our server certificate issuer in the future older non-updated versions of Tailscale will no longer be healthy despite being able to connect. Updates #3198 Change-Id: I00be5ceb8afee544ee795e3c7a2815476abc4abf Signed-off-by: Andrew Dunham <andrew@du.nham.ca>	1 year ago
Brad Fitzpatrick	b1248442c3	all: update to Go 1.20, use strings.CutPrefix/Suffix instead of our fork Updates #7123 Updates #5309 Change-Id: I90bcd87a2fb85a91834a0dd4be6e03db08438672 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Will Norris	51e1ab5560	fixup! util/vizerror: add new package for visible errors Signed-off-by: Will Norris <will@tailscale.com>	1 year ago
Brad Fitzpatrick	ca45fe2d46	cmd/tailscale/cli: delete ActLikeCLI It's since been rewritten in Swift. #cleanup Change-Id: I0860d681e8728697804ce565f63c5613b8b1088c Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Mihai Parparita	0039993359	cmd/tsconnect: update to xterm.js 5.1 It includes xtermjs/xterm.js#4216, which improves handling of some escape sequences. Unfortunately it's not enough to fix the issue with `ponysay`, but it does not hurt to be up to date. Updates #6090 Signed-off-by: Mihai Parparita <mihai@tailscale.com>	1 year ago
Anton Tolchanov	100d8e909e	cmd/derpprobe: migrate to the prober framework `prober.DERP` was created in #5988 based on derpprobe. Having used it instead of derpprobe for a few months, I think we have enough confidence that it works and can now migrate derpprobe to use the prober framework and get rid of code duplication. A few notable changes in behaviour: - results of STUN probes over IPv4 and IPv6 are now reported separately; - TLS probing now includes OCSP verification; - probe names in the output have changed; - ability to send Slack notification from the prober has been removed. Instead, the prober now exports metrics in Expvar (/debug/vars) and Prometheus (/debug/varz) formats. Fixes https://github.com/tailscale/corp/issues/8497 Signed-off-by: Anton Tolchanov <anton@tailscale.com>	1 year ago
Brad Fitzpatrick	01e736e1d5	go.toolchain.rev: update to Go 1.20rc3 Updates #7123 Change-Id: Ibdf53530251c120e7e20c24abcf4a05f2ff7ac97 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Maisem Ali	04b57a371e	ipn/ipnlocal: drop not required StateKey parameter This is #cleanup now that #7121 is merged. Signed-off-by: Maisem Ali <maisem@tailscale.com>	1 year ago
Mihai Parparita	73d33e3f20	cmd/tsconnect: use empty string as the default state store key Makes the Wasm client more similar to the others, and allows the default profile to be correctly picked up when restarting the client in dev mode (where we persist the state in sessionStorage). Also update README to reflect that Go wasm changes can be picked up with just a reload (as of #5383) Signed-off-by: Mihai Parparita <mihai@tailscale.com>	1 year ago
Maisem Ali	4441609d8f	safesocket: remove the now unused WindowsLocalPort Also drop the port param from safesocket.Listen. #cleanup Signed-off-by: Maisem Ali <maisem@tailscale.com>	1 year ago
David Anderson	e51cf1b09d	cmd/k8s-operator: use unstable tailscale image as well We need a post-1.36 tailscale image to handle custom hostnames correctly. Updates #502 Signed-off-by: David Anderson <danderson@tailscale.com>	1 year ago
David Anderson	0dc9cbc9ab	cmd/k8s-operator: use the unstable operator image There is no stable release yet, and for alpha we want people on the unstable build while we iterate. Updates #502 Signed-off-by: David Anderson <danderson@tailscale.com>	1 year ago
Will Norris	947c14793a	all: update tools that manage copyright headers Update all code generation tools, and those that check for license headers to use the new standard header. Also update copyright statement in LICENSE file. Fixes #6865 Signed-off-by: Will Norris <will@tailscale.com>	1 year ago
Will Norris	71029cea2d	all: update copyright and license headers This updates all source files to use a new standard header for copyright and license declaration. Notably, copyright no longer includes a date, and we now use the standard SPDX-License-Identifier header. This commit was done almost entirely mechanically with perl, and then some minimal manual fixes. Updates #6865 Signed-off-by: Will Norris <will@tailscale.com>	1 year ago
Brad Fitzpatrick	a1b4ab34e6	util/httpm: add new package for prettier HTTP method constants See package doc. Change-Id: Ibbfc8e1f98294217c56f3a9452bd93ffa3103572 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Denton Gentry	7439bc7ba6	cmd/sync-containers: add github.Keychain Running sync-containers in a GitHub workflow will be simpler if we check github.Keychain, which uses the GITHUB_TOKEN if present. Updates https://github.com/tailscale/corp/issues/8461 Signed-off-by: Denton Gentry <dgentry@tailscale.com>	1 year ago
David Anderson	9bd6a2fb8d	cmd/k8s-operator: support setting a custom hostname. Updates #502 Signed-off-by: David Anderson <danderson@tailscale.com>	1 year ago
Xe Iaso	038d25bd04	cmd/nginx-auth: update Expected-Tailnet documentation (#6055 ) Signed-off-by: Xe Iaso <xe@tailscale.com>	1 year ago
phirework	2d29f77b24	cmd/tailscale/cli: fix TUNmode display on synology web page (#7064 ) Fixes #7059 Signed-off-by: Jenny Zhang <jz@tailscale.com> Signed-off-by: Jenny Zhang <jz@tailscale.com>	1 year ago
Vince Prignano	30380403d0	cmd/k8s-operator: remove use of InjectClient (deprecated) The dependency injection functionality has been deprecated a while back and it'll be removed in the 0.15 release of Controller Runtime. This changeset sets the Client after creating the Manager, instead of using InjectClient. Signed-off-by: Vince Prignano <vince@prigna.com>	1 year ago
Anton Tolchanov	e8b695626e	cmd/mkpkg: allow specifying recommended dependencies Updates #3151 Signed-off-by: Anton Tolchanov <anton@tailscale.com>	1 year ago
Brad Fitzpatrick	c8db70fd73	cmd/tailscale/cli: add debug set-expire command for testing Updates tailscale/corp#8811 Updates tailscale/corp#8613 Change-Id: I1c87806ca3ccc5c43e7ddbd6b4d521f73f7d29f1 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Brad Fitzpatrick	06fff461dc	ipn/ipnstate: add PeerStatus.KeyExpiry for tailscale status --json Fixes #6712 Change-Id: I817cd5342fac8a956fcefda2d63158fa488f3395 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Andrew Dunham	b74db24149	tstest/integration: mark all integration tests as flaky Updates #7036 Change-Id: I3aec5ad680078199ba984bf8afc20b2f2eb37257 Signed-off-by: Andrew Dunham <andrew@du.nham.ca>	1 year ago
Brad Fitzpatrick	fd92fbd69e	cmd/tailscale/cli: only give systemctl hint on systemd systems Per recent user confusion on a QNAP issue. Change-Id: Ibda00013df793fb831f4088b40be8a04dfad17c2 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Brad Fitzpatrick	ba5aa2c486	version, cmd/tailscale: add version.Meta, tailscale version --json Add `tailscale version --json` JSON output mode. This will be used later for a double-opt-in (per node consent like Tailscale SSH + control config) to let admins do remote upgrades via `tailscale update` via a c2n call, which would then need to verify the cmd/tailscale found on disk for running tailscale update corresponds to the running tailscaled, refusing if anything looks amiss. Plus JSON output modes are just nice to have, rather than parsing unstable/fragile/obscure text formats. Updates #6995 Updates #6907 Change-Id: I7821ab7fbea4612f4b9b7bdc1be1ad1095aca71b Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Brad Fitzpatrick	5ca22a0068	cmd/tailscale/cli: make 'tailscale update' support Debian/Ubuntu apt Updates #6995 Change-Id: I3355435db583755e0fc73d76347f6423b8939dfb Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Brad Fitzpatrick	6793685bba	go.mod: bump AWS SDK past a breaking API change of theirs They changed a type in their SDK which meant others using the AWS APIs in their Go programs (with newer AWS modules in their caller go.mod) and then depending on Tailscale (for e.g. tsnet) then couldn't compile ipn/store/awsstore. Thanks to @thisisaaronland for bringing this up. Fixes #7019 Change-Id: I8d2919183dabd6045a96120bb52940a9bb27193b Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
shayne	73399f784b	cmd/tailscale/cli: use mock impl of LocalClient for serve cmd (#6422 ) Create an interface and mock implementation of tailscale.LocalClient for serve command tests. Updates #6304 Closes #6372 Signed-off-by: Shayne Sweeney <shayne@tailscale.com>	1 year ago
Brad Fitzpatrick	c129bf1da1	cmd/tailscale/cli: un-alpha login+switch in ShortUsage docs Change-Id: I580d4417cf03833dfa8f6a295fb416faa667c477 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Brad Fitzpatrick	71a7b8581d	cmd/tailscale/cli: make "update" work on Windows Updates #6995 Co-authored-by: Aaron Klotz <aaron@tailscale.com> Change-Id: I16622f43156a70b6fbc8205239fd489d7378d57b Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Andrew Dunham	aea251d42a	cmd/testwrapper: move from corp; mark magicsock test as flaky Signed-off-by: Andrew Dunham <andrew@du.nham.ca> Change-Id: Ibab5860f5797b3db151d3c27855333e43a9088a4	1 year ago
Tom DNetto	ee6d18e35f	cmd/tailscale/cli: implement --json for lock status and lock log cmds Signed-off-by: Tom DNetto <tom@tailscale.com>	1 year ago
Brad Fitzpatrick	b657187a69	cmd/tailscale, logtail: add 'tailscale debug daemon-logs' logtail mechanism Fixes #6836 Change-Id: Ia6eb39ff8972e1aa149aeeb63844a97497c2cf04 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Brad Fitzpatrick	d9144c73a8	cmd/tailscale: add start of "tailscale update" command Goal: one way for users to update Tailscale, downgrade, switch tracks, regardless of platform (Windows, most Linux distros, macOS, Synology). This is a start. Updates #755, etc Change-Id: I23466da1ba41b45f0029ca79a17f5796c2eedd92 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
phirework	f011a0923a	cmd/tailscale/cli: style synology outgoing access info (#6959 ) Follow-up to #6957. Updates #4015 Signed-off-by: Jenny Zhang <jz@tailscale.com>	1 year ago
Brad Fitzpatrick	5eded58924	cmd/tailscale/cli: make web show/link Synology outgoing connection mode/docs Fixes #4015 Change-Id: I8230bb0cc3d621b6fa02ab2462cea104fa1e9cf9 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago

1 2 3 4 5 ...

1191 Commits (f9667e494646021610a70f94634e25e163230345)