feature/ace: make ACE modular

Updates #12614 Change-Id: Iaee75d8831c4ba5c9705d7877bb78044424c6da1 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2025-12-23 09:06:24 +00:00 · 2025-10-03 17:32:17 -07:00
parent 141eb64d3f
commit 223ced84b5
14 changed files with 77 additions and 14 deletions
--- a/control/controlhttp/client.go
+++ b/control/controlhttp/client.go
@@ -42,7 +42,6 @@ import (
 	"tailscale.com/feature"
 	"tailscale.com/feature/buildfeatures"
 	"tailscale.com/health"
-	"tailscale.com/net/ace"
 	"tailscale.com/net/dnscache"
 	"tailscale.com/net/dnsfallback"
 	"tailscale.com/net/netutil"
@@ -395,6 +394,8 @@ var macOSScreenTime = health.Register(&health.Warnable{
 	ImpactsConnectivity: true,
 })

+var HookMakeACEDialer feature.Hook[func(dialer netx.DialFunc, aceHost string, optIP netip.Addr) netx.DialFunc]
+
 // tryURLUpgrade connects to u, and tries to upgrade it to a net.Conn.
 //
 // If optAddr is valid, then no DNS is used and the connection will be made to
@@ -424,11 +425,14 @@ func (a *Dialer) tryURLUpgrade(ctx context.Context, u *url.URL, optAddr netip.Ad
 	}

 	if optACEHost != "" {
-		dialer = (&ace.Dialer{
-			ACEHost:   optACEHost,
-			ACEHostIP: optAddr, // may be zero
-			NetDialer: dialer,
-		}).Dial
+		if !buildfeatures.HasACE {
+			return nil, feature.ErrUnavailable
+		}
+		f, ok := HookMakeACEDialer.GetOk()
+		if !ok {
+			return nil, feature.ErrUnavailable
+		}
+		dialer = f(dialer, optACEHost, optAddr)
 	}

 	// On macOS, see if Screen Time is blocking things.