control/controlclient: move noiseConn to internal package

So that it can be later used in the 'tailscale debug ts2021' function in the CLI, to aid in debugging captive portals/WAFs/etc. Updates #1634 Signed-off-by: Andrew Dunham <andrew@du.nham.ca> Change-Id: Iec9423f5e7570f2c2c8218d27fc0902137e73909
2025-08-12 13:48:01 +00:00 · 2024-06-19 18:23:01 -04:00
parent 0004827681
commit 732605f961
3 changed files with 212 additions and 136 deletions
--- a/cmd/tailscale/cli/debug.go
+++ b/cmd/tailscale/cli/debug.go
@@ -834,6 +834,33 @@ func runTS2021(ctx context.Context, args []string) error {
 	}

 	log.Printf("final underlying conn: %v / %v", conn.LocalAddr(), conn.RemoteAddr())
+
+	// Make a /whois request to the server to verify that we can actually
+	// communicate over the newly-established connection.
+	whoisURL := "http://" + ts2021Args.host + "/machine/whois"
+	req, err = http.NewRequestWithContext(ctx, "GET", whoisURL, nil)
+	if err != nil {
+		return err
+	}
+
+	// Use a fake http.Transport that just "dials" by returning the above
+	// conn.
+	tr := http.DefaultTransport.(*http.Transport).Clone()
+	tr.ForceAttemptHTTP2 = true
+	tr.DialContext = func(context.Context, string, string) (net.Conn, error) {
+		return conn, nil
+	}
+	resp, err := tr.RoundTrip(req)
+	if err != nil {
+		return fmt.Errorf("RoundTrip whois request: %w", err)
+	}
+	defer resp.Body.Close()
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return fmt.Errorf("reading whois response: %w", err)
+	}
+
+	log.Printf("whois response: %q", body)
 	return nil
 }