all: convert more code to use net/netip directly

perl -i -npe 's,netaddr.IPPrefixFrom,netip.PrefixFrom,' $(git grep -l -F netaddr.)
    perl -i -npe 's,netaddr.IPPortFrom,netip.AddrPortFrom,' $(git grep -l -F netaddr. )
    perl -i -npe 's,netaddr.IPPrefix,netip.Prefix,g' $(git grep -l -F netaddr. )
    perl -i -npe 's,netaddr.IPPort,netip.AddrPort,g' $(git grep -l -F netaddr. )
    perl -i -npe 's,netaddr.IP\b,netip.Addr,g' $(git grep -l -F netaddr. )
    perl -i -npe 's,netaddr.IPv6Raw\b,netip.AddrFrom16,g' $(git grep -l -F netaddr. )
    goimports -w .

Then delete some stuff from the net/netaddr shim package which is no
longer neeed.

Updates #5162

Change-Id: Ia7a86893fe21c7e3ee1ec823e8aba288d4566cd8
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

wgengine/router/ifconfig_windows.go

@@ -768,8 +768,8 @@ func getAllInterfaceRoutes(ifc *winipcfg.IPAdapterAddresses) ([]*winipcfg.RouteD
 
 // filterRoutes removes routes that have been added by Windows and should not
 // be managed by us.
-func filterRoutes(routes []*winipcfg.RouteData, dontDelete []netaddr.IPPrefix) []*winipcfg.RouteData {
-	ddm := make(map[netaddr.IPPrefix]bool)
+func filterRoutes(routes []*winipcfg.RouteData, dontDelete []netip.Prefix) []*winipcfg.RouteData {
+	ddm := make(map[netip.Prefix]bool)
 	for _, dd := range dontDelete {
 		// See issue 1448: we don't want to touch the routes added
 		// by Windows for our interface addresses.
@@ -802,7 +802,7 @@ func filterRoutes(routes []*winipcfg.RouteData, dontDelete []netaddr.IPPrefix) [
 // This avoids a full ifc.FlushRoutes call.
 // dontDelete is a list of interface address routes that the
 // synchronization logic should never delete.
-func syncRoutes(ifc *winipcfg.IPAdapterAddresses, want []*winipcfg.RouteData, dontDelete []netaddr.IPPrefix) error {
+func syncRoutes(ifc *winipcfg.IPAdapterAddresses, want []*winipcfg.RouteData, dontDelete []netip.Prefix) error {
 	existingRoutes, err := getAllInterfaceRoutes(ifc)
 	if err != nil {
 		return err

wgengine/router/router.go

@@ -7,10 +7,10 @@
 package router
 
 import (
+	"net/netip"
 	"reflect"
 
 	"golang.zx2c4.com/wireguard/tun"
-	"tailscale.com/net/netaddr"
 	"tailscale.com/types/logger"
 	"tailscale.com/types/preftype"
 	"tailscale.com/wgengine/monitor"
@@ -55,21 +55,21 @@ type Config struct {
 	// LocalAddrs are the address(es) for this node. This is
 	// typically one IPv4/32 (the 100.x.y.z CGNAT) and one
 	// IPv6/128 (Tailscale ULA).
-	LocalAddrs []netaddr.IPPrefix
+	LocalAddrs []netip.Prefix
 
 	// Routes are the routes that point into the Tailscale
 	// interface.  These are the /32 and /128 routes to peers, as
 	// well as any other subnets that peers are advertising and
 	// this node has chosen to use.
-	Routes []netaddr.IPPrefix
+	Routes []netip.Prefix
 
 	// LocalRoutes are the routes that should not be routed through Tailscale.
 	// There are no priorities set in how these routes are added, normal
 	// routing rules apply.
-	LocalRoutes []netaddr.IPPrefix
+	LocalRoutes []netip.Prefix
 
 	// Linux-only things below, ignored on other platforms.
-	SubnetRoutes     []netaddr.IPPrefix     // subnets being advertised to other Tailscale nodes
+	SubnetRoutes     []netip.Prefix         // subnets being advertised to other Tailscale nodes
 	SNATSubnetRoutes bool                   // SNAT traffic to local subnets
 	NetfilterMode    preftype.NetfilterMode // how much to manage netfilter rules
 }

wgengine/router/router_linux.go

@@ -9,6 +9,7 @@ import (
 	"errors"
 	"fmt"
 	"io/ioutil"
+	"net/netip"
 	"os"
 	"os/exec"
 	"strconv"
@@ -23,7 +24,6 @@ import (
 	"golang.org/x/time/rate"
 	"golang.zx2c4.com/wireguard/tun"
 	"tailscale.com/envknob"
-	"tailscale.com/net/netaddr"
 	"tailscale.com/net/tsaddr"
 	"tailscale.com/syncs"
 	"tailscale.com/types/logger"
@@ -89,9 +89,9 @@ type linuxRouter struct {
 	tunname          string
 	linkMon          *monitor.Mon
 	unregLinkMon     func()
-	addrs            map[netaddr.IPPrefix]bool
-	routes           map[netaddr.IPPrefix]bool
-	localRoutes      map[netaddr.IPPrefix]bool
+	addrs            map[netip.Prefix]bool
+	routes           map[netip.Prefix]bool
+	localRoutes      map[netip.Prefix]bool
 	snatSubnetRoutes bool
 	netfilterMode    preftype.NetfilterMode
 
@@ -451,7 +451,7 @@ func (r *linuxRouter) setNetfilterMode(mode preftype.NetfilterMode) error {
 // addAddress adds an IP/mask to the tunnel interface. Fails if the
 // address is already assigned to the interface, or if the addition
 // fails.
-func (r *linuxRouter) addAddress(addr netaddr.IPPrefix) error {
+func (r *linuxRouter) addAddress(addr netip.Prefix) error {
 	if !r.v6Available && addr.Addr().Is6() {
 		return nil
 	}
@@ -477,7 +477,7 @@ func (r *linuxRouter) addAddress(addr netaddr.IPPrefix) error {
 // delAddress removes an IP/mask from the tunnel interface. Fails if
 // the address is not assigned to the interface, or if the removal
 // fails.
-func (r *linuxRouter) delAddress(addr netaddr.IPPrefix) error {
+func (r *linuxRouter) delAddress(addr netip.Prefix) error {
 	if !r.v6Available && addr.Addr().Is6() {
 		return nil
 	}
@@ -502,7 +502,7 @@ func (r *linuxRouter) delAddress(addr netaddr.IPPrefix) error {
 
 // addLoopbackRule adds a firewall rule to permit loopback traffic to
 // a local Tailscale IP.
-func (r *linuxRouter) addLoopbackRule(addr netaddr.IP) error {
+func (r *linuxRouter) addLoopbackRule(addr netip.Addr) error {
 	if r.netfilterMode == netfilterOff {
 		return nil
 	}
@@ -524,7 +524,7 @@ func (r *linuxRouter) addLoopbackRule(addr netaddr.IP) error {
 
 // delLoopbackRule removes the firewall rule permitting loopback
 // traffic to a Tailscale IP.
-func (r *linuxRouter) delLoopbackRule(addr netaddr.IP) error {
+func (r *linuxRouter) delLoopbackRule(addr netip.Addr) error {
 	if r.netfilterMode == netfilterOff {
 		return nil
 	}
@@ -547,7 +547,7 @@ func (r *linuxRouter) delLoopbackRule(addr netaddr.IP) error {
 // addRoute adds a route for cidr, pointing to the tunnel
 // interface. Fails if the route already exists, or if adding the
 // route fails.
-func (r *linuxRouter) addRoute(cidr netaddr.IPPrefix) error {
+func (r *linuxRouter) addRoute(cidr netip.Prefix) error {
 	if !r.v6Available && cidr.Addr().Is6() {
 		return nil
 	}
@@ -569,7 +569,7 @@ func (r *linuxRouter) addRoute(cidr netaddr.IPPrefix) error {
 // This has the effect that lookup in the routing table is terminated
 // pretending that no route was found. Fails if the route already exists,
 // or if adding the route fails.
-func (r *linuxRouter) addThrowRoute(cidr netaddr.IPPrefix) error {
+func (r *linuxRouter) addThrowRoute(cidr netip.Prefix) error {
 	if !r.ipRuleAvailable {
 		return nil
 	}
@@ -590,7 +590,7 @@ func (r *linuxRouter) addThrowRoute(cidr netaddr.IPPrefix) error {
 	return err
 }
 
-func (r *linuxRouter) addRouteDef(routeDef []string, cidr netaddr.IPPrefix) error {
+func (r *linuxRouter) addRouteDef(routeDef []string, cidr netip.Prefix) error {
 	if !r.v6Available && cidr.Addr().Is6() {
 		return nil
 	}
@@ -624,7 +624,7 @@ var (
 // delRoute removes the route for cidr pointing to the tunnel
 // interface. Fails if the route doesn't exist, or if removing the
 // route fails.
-func (r *linuxRouter) delRoute(cidr netaddr.IPPrefix) error {
+func (r *linuxRouter) delRoute(cidr netip.Prefix) error {
 	if !r.v6Available && cidr.Addr().Is6() {
 		return nil
 	}
@@ -649,7 +649,7 @@ func (r *linuxRouter) delRoute(cidr netaddr.IPPrefix) error {
 
 // delThrowRoute removes the throw route for the cidr. Fails if the route
 // doesn't exist, or if removing the route fails.
-func (r *linuxRouter) delThrowRoute(cidr netaddr.IPPrefix) error {
+func (r *linuxRouter) delThrowRoute(cidr netip.Prefix) error {
 	if !r.ipRuleAvailable {
 		return nil
 	}
@@ -671,7 +671,7 @@ func (r *linuxRouter) delThrowRoute(cidr netaddr.IPPrefix) error {
 	return err
 }
 
-func (r *linuxRouter) delRouteDef(routeDef []string, cidr netaddr.IPPrefix) error {
+func (r *linuxRouter) delRouteDef(routeDef []string, cidr netip.Prefix) error {
 	if !r.v6Available && cidr.Addr().Is6() {
 		return nil
 	}
@@ -694,14 +694,14 @@ func (r *linuxRouter) delRouteDef(routeDef []string, cidr netaddr.IPPrefix) erro
 	return err
 }
 
-func dashFam(ip netaddr.IP) string {
+func dashFam(ip netip.Addr) string {
 	if ip.Is6() {
 		return "-6"
 	}
 	return "-4"
 }
 
-func (r *linuxRouter) hasRoute(routeDef []string, cidr netaddr.IPPrefix) (bool, error) {
+func (r *linuxRouter) hasRoute(routeDef []string, cidr netip.Prefix) (bool, error) {
 	args := append([]string{"ip", dashFam(cidr.Addr()), "route", "show"}, routeDef...)
 	if r.ipRuleAvailable {
 		args = append(args, "table", tailscaleRouteTable.ipCmdArg())
@@ -1378,8 +1378,8 @@ func (r *linuxRouter) delSNATRule() error {
 // old and new match. Returns a map reflecting the actual new state
 // (which may be somewhere in between old and new if some commands
 // failed), and any error encountered while reconfiguring.
-func cidrDiff(kind string, old map[netaddr.IPPrefix]bool, new []netaddr.IPPrefix, add, del func(netaddr.IPPrefix) error, logf logger.Logf) (map[netaddr.IPPrefix]bool, error) {
-	newMap := make(map[netaddr.IPPrefix]bool, len(new))
+func cidrDiff(kind string, old map[netip.Prefix]bool, new []netip.Prefix, add, del func(netip.Prefix) error, logf logger.Logf) (map[netip.Prefix]bool, error) {
+	newMap := make(map[netip.Prefix]bool, len(new))
 	for _, cidr := range new {
 		newMap[cidr] = true
 	}
@@ -1387,7 +1387,7 @@ func cidrDiff(kind string, old map[netaddr.IPPrefix]bool, new []netaddr.IPPrefix
 	// ret starts out as a copy of old, and updates as we
 	// add/delete. That way we can always return it and have it be the
 	// true state of what we've done so far.
-	ret := make(map[netaddr.IPPrefix]bool, len(old))
+	ret := make(map[netip.Prefix]bool, len(old))
 	for cidr := range old {
 		ret[cidr] = true
 	}
@@ -1442,7 +1442,7 @@ func tsChain(chain string) string {
 
 // normalizeCIDR returns cidr as an ip/mask string, with the host bits
 // of the IP address zeroed out.
-func normalizeCIDR(cidr netaddr.IPPrefix) string {
+func normalizeCIDR(cidr netip.Prefix) string {
 	return cidr.Masked().String()
 }
 
@@ -1548,7 +1548,7 @@ func checkIPRuleSupportsV6(logf logger.Logf) error {
 	return netlink.RuleAdd(rule)
 }
 
-func nlAddrOfPrefix(p netaddr.IPPrefix) *netlink.Addr {
+func nlAddrOfPrefix(p netip.Prefix) *netlink.Addr {
 	return &netlink.Addr{
 		IPNet: netipx.PrefixIPNet(p),
 	}

wgengine/router/router_openbsd.go

@@ -8,11 +8,11 @@ import (
 	"errors"
 	"fmt"
 	"log"
+	"net/netip"
 	"os/exec"
 
 	"go4.org/netipx"
 	"golang.zx2c4.com/wireguard/tun"
-	"tailscale.com/net/netaddr"
 	"tailscale.com/types/logger"
 	"tailscale.com/wgengine/monitor"
 )
@@ -25,9 +25,9 @@ type openbsdRouter struct {
 	logf    logger.Logf
 	linkMon *monitor.Mon
 	tunname string
-	local4  netaddr.IPPrefix
-	local6  netaddr.IPPrefix
-	routes  map[netaddr.IPPrefix]struct{}
+	local4  netip.Prefix
+	local6  netip.Prefix
+	routes  map[netip.Prefix]struct{}
 }
 
 func newUserspaceRouter(logf logger.Logf, tundev tun.Device, linkMon *monitor.Mon) (Router, error) {
@@ -59,7 +59,7 @@ func (r *openbsdRouter) Up() error {
 	return nil
 }
 
-func inet(p netaddr.IPPrefix) string {
+func inet(p netip.Prefix) string {
 	if p.Addr().Is6() {
 		return "inet6"
 	}
@@ -77,8 +77,8 @@ func (r *openbsdRouter) Set(cfg *Config) error {
 	}
 	numIPv4 := 0
 	numIPv6 := 0
-	localAddr4 := netaddr.IPPrefix{}
-	localAddr6 := netaddr.IPPrefix{}
+	localAddr4 := netip.Prefix{}
+	localAddr6 := netip.Prefix{}
 	for _, addr := range cfg.LocalAddrs {
 		if addr.Addr().Is4() {
 			numIPv4++
@@ -145,7 +145,7 @@ func (r *openbsdRouter) Set(cfg *Config) error {
 		// in https://github.com/tailscale/tailscale/issues/1307 we made
 		// FreeBSD use a /48 for IPv6 addresses, which is nice because we
 		// don't need to additionally add routing entries. Do that here too.
-		localAddr6 = netaddr.IPPrefixFrom(localAddr6.Addr(), 48)
+		localAddr6 = netip.PrefixFrom(localAddr6.Addr(), 48)
 	}
 
 	if localAddr6 != r.local6 {
@@ -174,7 +174,7 @@ func (r *openbsdRouter) Set(cfg *Config) error {
 		}
 	}
 
-	newRoutes := make(map[netaddr.IPPrefix]struct{})
+	newRoutes := make(map[netip.Prefix]struct{})
 	for _, route := range cfg.Routes {
 		newRoutes[route] = struct{}{}
 	}

wgengine/router/router_test.go

@@ -9,12 +9,11 @@ import (
 	"reflect"
 	"testing"
 
-	"tailscale.com/net/netaddr"
 	"tailscale.com/types/preftype"
 )
 
-func mustCIDRs(ss ...string) []netaddr.IPPrefix {
-	var ret []netaddr.IPPrefix
+func mustCIDRs(ss ...string) []netip.Prefix {
+	var ret []netip.Prefix
 	for _, s := range ss {
 		ret = append(ret, netip.MustParsePrefix(s))
 	}
@@ -36,7 +35,7 @@ func TestConfigEqual(t *testing.T) {
 			configFields, testedFields)
 	}
 
-	nets := func(strs ...string) (ns []netaddr.IPPrefix) {
+	nets := func(strs ...string) (ns []netip.Prefix) {
 		for _, s := range strs {
 			n, err := netip.ParsePrefix(s)
 			if err != nil {

wgengine/router/router_userspace_bsd.go

@@ -10,12 +10,12 @@ package router
 import (
 	"fmt"
 	"log"
+	"net/netip"
 	"os/exec"
 	"runtime"
 
 	"go4.org/netipx"
 	"golang.zx2c4.com/wireguard/tun"
-	"tailscale.com/net/netaddr"
 	"tailscale.com/net/tsaddr"
 	"tailscale.com/types/logger"
 	"tailscale.com/version"
@@ -26,8 +26,8 @@ type userspaceBSDRouter struct {
 	logf    logger.Logf
 	linkMon *monitor.Mon
 	tunname string
-	local   []netaddr.IPPrefix
-	routes  map[netaddr.IPPrefix]struct{}
+	local   []netip.Prefix
+	routes  map[netip.Prefix]struct{}
 }
 
 func newUserspaceBSDRouter(logf logger.Logf, tundev tun.Device, linkMon *monitor.Mon) (Router, error) {
@@ -43,7 +43,7 @@ func newUserspaceBSDRouter(logf logger.Logf, tundev tun.Device, linkMon *monitor
 	}, nil
 }
 
-func (r *userspaceBSDRouter) addrsToRemove(newLocalAddrs []netaddr.IPPrefix) (remove []netaddr.IPPrefix) {
+func (r *userspaceBSDRouter) addrsToRemove(newLocalAddrs []netip.Prefix) (remove []netip.Prefix) {
 	for _, cur := range r.local {
 		found := false
 		for _, v := range newLocalAddrs {
@@ -59,7 +59,7 @@ func (r *userspaceBSDRouter) addrsToRemove(newLocalAddrs []netaddr.IPPrefix) (re
 	return
 }
 
-func (r *userspaceBSDRouter) addrsToAdd(newLocalAddrs []netaddr.IPPrefix) (add []netaddr.IPPrefix) {
+func (r *userspaceBSDRouter) addrsToAdd(newLocalAddrs []netip.Prefix) (add []netip.Prefix) {
 	for _, cur := range newLocalAddrs {
 		found := false
 		for _, v := range r.local {
@@ -91,7 +91,7 @@ func (r *userspaceBSDRouter) Up() error {
 	return nil
 }
 
-func inet(p netaddr.IPPrefix) string {
+func inet(p netip.Prefix) string {
 	if p.Addr().Is6() {
 		return "inet6"
 	}
@@ -126,7 +126,7 @@ func (r *userspaceBSDRouter) Set(cfg *Config) (reterr error) {
 			// https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=218508
 			// Instead add our whole /48, which works because we use a /48 route.
 			// Full history: https://github.com/tailscale/tailscale/issues/1307
-			tmp := netaddr.IPPrefixFrom(addr.Addr(), 48)
+			tmp := netip.PrefixFrom(addr.Addr(), 48)
 			arg = []string{"ifconfig", r.tunname, inet(tmp), tmp.String()}
 		} else {
 			arg = []string{"ifconfig", r.tunname, inet(addr), addr.String(), addr.Addr().String()}
@@ -138,7 +138,7 @@ func (r *userspaceBSDRouter) Set(cfg *Config) (reterr error) {
 		}
 	}
 
-	newRoutes := make(map[netaddr.IPPrefix]struct{})
+	newRoutes := make(map[netip.Prefix]struct{})
 	for _, route := range cfg.Routes {
 		if runtime.GOOS != "darwin" && route == tsaddr.TailscaleULARange() {
 			// Because we added the interface address as a /48 above,
@@ -187,7 +187,7 @@ func (r *userspaceBSDRouter) Set(cfg *Config) (reterr error) {
 
 	// Store the interface and routes so we know what to change on an update.
 	if errq == nil {
-		r.local = append([]netaddr.IPPrefix{}, cfg.LocalAddrs...)
+		r.local = append([]netip.Prefix{}, cfg.LocalAddrs...)
 	}
 	r.routes = newRoutes
 

wgengine/router/router_windows.go

@@ -10,6 +10,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
+	"net/netip"
 	"os"
 	"os/exec"
 	"strings"
@@ -22,7 +23,6 @@ import (
 	"golang.zx2c4.com/wireguard/windows/tunnel/winipcfg"
 	"tailscale.com/logtail/backoff"
 	"tailscale.com/net/dns"
-	"tailscale.com/net/netaddr"
 	"tailscale.com/types/logger"
 	"tailscale.com/wgengine/monitor"
 )
@@ -93,7 +93,7 @@ func (r *winRouter) Set(cfg *Config) error {
 	return nil
 }
 
-func hasDefaultRoute(routes []netaddr.IPPrefix) bool {
+func hasDefaultRoute(routes []netip.Prefix) bool {
 	for _, route := range routes {
 		if route.Bits() == 0 {
 			return true
@@ -132,8 +132,8 @@ type firewallTweaker struct {
 	wantLocal   []string // next value we want, or "" to delete the firewall rule
 	lastLocal   []string // last set value, if known
 
-	localRoutes     []netaddr.IPPrefix
-	lastLocalRoutes []netaddr.IPPrefix
+	localRoutes     []netip.Prefix
+	lastLocalRoutes []netip.Prefix
 
 	wantKillswitch bool
 	lastKillswitch bool
@@ -156,7 +156,7 @@ func (ft *firewallTweaker) clear() { ft.set(nil, nil, nil) }
 // Empty slices remove firewall rules.
 //
 // set takes ownership of cidrs, but not routes.
-func (ft *firewallTweaker) set(cidrs []string, routes, localRoutes []netaddr.IPPrefix) {
+func (ft *firewallTweaker) set(cidrs []string, routes, localRoutes []netip.Prefix) {
 	ft.mu.Lock()
 	defer ft.mu.Unlock()
 
@@ -236,7 +236,7 @@ func (ft *firewallTweaker) doAsyncSet() {
 // process to dial out as it pleases.
 //
 // Must only be invoked from doAsyncSet.
-func (ft *firewallTweaker) doSet(local []string, killswitch bool, clear bool, procRule bool, allowedRoutes []netaddr.IPPrefix) error {
+func (ft *firewallTweaker) doSet(local []string, killswitch bool, clear bool, procRule bool, allowedRoutes []netip.Prefix) error {
 	if clear {
 		ft.logf("clearing Tailscale-In firewall rules...")
 		// We ignore the error here, because netsh returns an error for
@@ -343,7 +343,7 @@ func (ft *firewallTweaker) doSet(local []string, killswitch bool, clear bool, pr
 	return ft.fwProcEncoder.Encode(allowedRoutes)
 }
 
-func routesEqual(a, b []netaddr.IPPrefix) bool {
+func routesEqual(a, b []netip.Prefix) bool {
 	if len(a) != len(b) {
 		return false
 	}