TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-08-11 21:27:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

cmd/tailscale, etc: make "tailscale up --ssh" fail fast when unavailable

Browse Source 
Fail on unsupported platforms (must be Linux or macOS tailscaled with
WIP env) or when disabled by admin (with TS_DISABLE_SSH_SERVER=1)

Updates #3802

Change-Id: I5ba191ed0d8ba4ddabe9b8fc1c6a0ead8754b286
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick
2022-04-18 09:37:23 -07:00
committed by Brad Fitzpatrick
parent f0e2272e04
commit 8f5e5bff1e
4 changed files with 89 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
ipn/localapi/localapi.go
View File

@@ -111,6 +111,8 @@ func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
h.serveLogout(w, r)
case "/localapi/v0/prefs":
h.servePrefs(w, r)
case "/localapi/v0/check-prefs":
h.serveCheckPrefs(w, r)
case "/localapi/v0/check-ip-forwarding":
h.serveCheckIPForwarding(w, r)
case "/localapi/v0/bugreport":
@@ -376,7 +378,9 @@ func (h *Handler) servePrefs(w http.ResponseWriter, r *http.Request) {
var err error
prefs, err = h.b.EditPrefs(mp)
if err != nil {
http.Error(w, err.Error(), 400)
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(http.StatusBadRequest)
json.NewEncoder(w).Encode(resJSON{Error: err.Error()})
return
}
case "GET", "HEAD":
@@ -391,6 +395,33 @@ func (h *Handler) servePrefs(w http.ResponseWriter, r *http.Request) {
e.Encode(prefs)
}
type resJSON struct {
Error string `json:",omitempty"`
}
func (h *Handler) serveCheckPrefs(w http.ResponseWriter, r *http.Request) {
if !h.PermitWrite {
http.Error(w, "checkprefs access denied", http.StatusForbidden)
return
}
if r.Method != "POST" {
http.Error(w, "unsupported method", http.StatusMethodNotAllowed)
return
}
p := new(ipn.Prefs)
if err := json.NewDecoder(r.Body).Decode(p); err != nil {
http.Error(w, "invalid JSON body", 400)
return
}
err := h.b.CheckPrefs(p)
var res resJSON
if err != nil {
res.Error = err.Error()
}
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(res)
}
func (h *Handler) serveFiles(w http.ResponseWriter, r *http.Request) {
if !h.PermitWrite {
http.Error(w, "file access denied", http.StatusForbidden)