all: fix spelling mistakes

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
This commit is contained in:
Josh Soref 2022-09-25 14:29:55 -04:00 committed by Brad Fitzpatrick
parent e73657d7aa
commit d4811f11a0
82 changed files with 143 additions and 143 deletions

View File

@ -106,10 +106,10 @@ func TestChirp(t *testing.T) {
t.Fatal(err) t.Fatal(err)
} }
if err := c.EnableProtocol("rando"); err == nil { if err := c.EnableProtocol("rando"); err == nil {
t.Fatalf("enabling %q succeded", "rando") t.Fatalf("enabling %q succeeded", "rando")
} }
if err := c.DisableProtocol("rando"); err == nil { if err := c.DisableProtocol("rando"); err == nil {
t.Fatalf("disabling %q succeded", "rando") t.Fatalf("disabling %q succeeded", "rando")
} }
} }

View File

@ -459,7 +459,7 @@ func (c *Client) ValidateACLJSON(ctx context.Context, source, dest string) (test
} }
if resp.StatusCode != http.StatusOK { if resp.StatusCode != http.StatusOK {
return nil, fmt.Errorf("control api responsed with %d status code", resp.StatusCode) return nil, fmt.Errorf("control api responded with %d status code", resp.StatusCode)
} }
// The test ran without fail // The test ran without fail

View File

@ -674,14 +674,14 @@ func (lc *LocalClient) GetCertificate(hi *tls.ClientHelloInfo) (*tls.Certificate
return &cert, nil return &cert, nil
} }
// ExpandSNIName expands bare label name into the the most likely actual TLS cert name. // ExpandSNIName expands bare label name into the most likely actual TLS cert name.
// //
// Deprecated: use LocalClient.ExpandSNIName. // Deprecated: use LocalClient.ExpandSNIName.
func ExpandSNIName(ctx context.Context, name string) (fqdn string, ok bool) { func ExpandSNIName(ctx context.Context, name string) (fqdn string, ok bool) {
return defaultLocalClient.ExpandSNIName(ctx, name) return defaultLocalClient.ExpandSNIName(ctx, name)
} }
// ExpandSNIName expands bare label name into the the most likely actual TLS cert name. // ExpandSNIName expands bare label name into the most likely actual TLS cert name.
func (lc *LocalClient) ExpandSNIName(ctx context.Context, name string) (fqdn string, ok bool) { func (lc *LocalClient) ExpandSNIName(ctx context.Context, name string) (fqdn string, ok bool) {
st, err := lc.StatusWithoutPeers(ctx) st, err := lc.StatusWithoutPeers(ctx)
if err != nil { if err != nil {

View File

@ -115,7 +115,7 @@ func (c *Client) Do(req *http.Request) (*http.Response, error) {
return c.httpClient().Do(req) return c.httpClient().Do(req)
} }
// sendRequest add the authenication key to the request and sends it. It // sendRequest add the authentication key to the request and sends it. It
// receives the response and reads up to 10MB of it. // receives the response and reads up to 10MB of it.
func (c *Client) sendRequest(req *http.Request) ([]byte, *http.Response, error) { func (c *Client) sendRequest(req *http.Request) ([]byte, *http.Response, error) {
if !I_Acknowledge_This_API_Is_Unstable { if !I_Acknowledge_This_API_Is_Unstable {

View File

@ -23,7 +23,7 @@ func addWebSocketSupport(s *derp.Server, base http.Handler) http.Handler {
up := strings.ToLower(r.Header.Get("Upgrade")) up := strings.ToLower(r.Header.Get("Upgrade"))
// Very early versions of Tailscale set "Upgrade: WebSocket" but didn't actually // Very early versions of Tailscale set "Upgrade: WebSocket" but didn't actually
// speak WebSockets (they still assumed DERP's binary framining). So to distinguish // speak WebSockets (they still assumed DERP's binary framing). So to distinguish
// clients that actually want WebSockets, look for an explicit "derp" subprotocol. // clients that actually want WebSockets, look for an explicit "derp" subprotocol.
if up != "websocket" || !strings.Contains(r.Header.Get("Sec-Websocket-Protocol"), "derp") { if up != "websocket" || !strings.Contains(r.Header.Get("Sec-Websocket-Protocol"), "derp") {
base.ServeHTTP(w, r) base.ServeHTTP(w, r)

View File

@ -36,7 +36,7 @@ func runBugReport(ctx context.Context, args []string) error {
case 1: case 1:
note = args[0] note = args[0]
default: default:
return errors.New("unknown argumets") return errors.New("unknown arguments")
} }
logMarker, err := localClient.BugReportWithOpts(ctx, tailscale.BugReportOpts{ logMarker, err := localClient.BugReportWithOpts(ctx, tailscale.BugReportOpts{
Note: note, Note: note,

View File

@ -410,7 +410,7 @@ func TestCheckForAccidentalSettingReverts(t *testing.T) {
want: accidentalUpPrefix + " --hostname=foo --exit-node=100.64.5.7", want: accidentalUpPrefix + " --hostname=foo --exit-node=100.64.5.7",
}, },
{ {
name: "error_exit_node_and_allow_lan_omit_with_id_pref", // Isue 3480 name: "error_exit_node_and_allow_lan_omit_with_id_pref", // Issue 3480
flags: []string{"--hostname=foo"}, flags: []string{"--hostname=foo"},
curExitNodeIP: netip.MustParseAddr("100.2.3.4"), curExitNodeIP: netip.MustParseAddr("100.2.3.4"),
curPrefs: &ipn.Prefs{ curPrefs: &ipn.Prefs{
@ -448,7 +448,7 @@ func TestCheckForAccidentalSettingReverts(t *testing.T) {
}, },
{ {
// Issue 3176: on Synology, don't require --accept-routes=false because user // Issue 3176: on Synology, don't require --accept-routes=false because user
// migth've had old an install, and we don't support --accept-routes anyway. // might've had an old install, and we don't support --accept-routes anyway.
name: "synology_permit_omit_accept_routes", name: "synology_permit_omit_accept_routes",
flags: []string{"--hostname=foo"}, flags: []string{"--hostname=foo"},
curPrefs: &ipn.Prefs{ curPrefs: &ipn.Prefs{

View File

@ -13,7 +13,7 @@
func findSSH() (string, error) { func findSSH() (string, error) {
// use C:\Windows\System32\OpenSSH\ssh.exe since unexpected behavior // use C:\Windows\System32\OpenSSH\ssh.exe since unexpected behavior
// occured with ssh.exe provided by msys2/cygwin and other environments. // occurred with ssh.exe provided by msys2/cygwin and other environments.
if systemRoot := os.Getenv("SystemRoot"); systemRoot != "" { if systemRoot := os.Getenv("SystemRoot"); systemRoot != "" {
exe := filepath.Join(systemRoot, "System32", "OpenSSH", "ssh.exe") exe := filepath.Join(systemRoot, "System32", "OpenSSH", "ssh.exe")
if st, err := os.Stat(exe); err == nil && !st.IsDir() { if st, err := os.Stat(exe); err == nil && !st.IsDir() {

View File

@ -88,7 +88,7 @@ func defaultTunName() string {
// see https://github.com/tailscale/tailscale/issues/391 // see https://github.com/tailscale/tailscale/issues/391
// //
// But Gokrazy does have the tun module built-in, so users // But Gokrazy does have the tun module built-in, so users
// can stil run --tun=tailscale0 if they wish, if they // can still run --tun=tailscale0 if they wish, if they
// arrange for iptables to be present or run in "tailscale // arrange for iptables to be present or run in "tailscale
// up --netfilter-mode=off" mode, perhaps. Untested. // up --netfilter-mode=off" mode, perhaps. Untested.
return "userspace-networking" return "userspace-networking"
@ -158,7 +158,7 @@ func main() {
flag.StringVar(&args.httpProxyAddr, "outbound-http-proxy-listen", "", `optional [ip]:port to run an outbound HTTP proxy (e.g. "localhost:8080")`) flag.StringVar(&args.httpProxyAddr, "outbound-http-proxy-listen", "", `optional [ip]:port to run an outbound HTTP proxy (e.g. "localhost:8080")`)
flag.StringVar(&args.tunname, "tun", defaultTunName(), `tunnel interface name; use "userspace-networking" (beta) to not use TUN`) flag.StringVar(&args.tunname, "tun", defaultTunName(), `tunnel interface name; use "userspace-networking" (beta) to not use TUN`)
flag.Var(flagtype.PortValue(&args.port, defaultPort()), "port", "UDP port to listen on for WireGuard and peer-to-peer traffic; 0 means automatically select") flag.Var(flagtype.PortValue(&args.port, defaultPort()), "port", "UDP port to listen on for WireGuard and peer-to-peer traffic; 0 means automatically select")
flag.StringVar(&args.statepath, "state", "", "absolute path of state file; use 'kube:<secret-name>' to use Kubernetes secrets or 'arn:aws:ssm:...' to store in AWS SSM; use 'mem:' to not store state and register as an emphemeral node. If empty and --statedir is provided, the default is <statedir>/tailscaled.state. Default: "+paths.DefaultTailscaledStateFile()) flag.StringVar(&args.statepath, "state", "", "absolute path of state file; use 'kube:<secret-name>' to use Kubernetes secrets or 'arn:aws:ssm:...' to store in AWS SSM; use 'mem:' to not store state and register as an ephemeral node. If empty and --statedir is provided, the default is <statedir>/tailscaled.state. Default: "+paths.DefaultTailscaledStateFile())
flag.StringVar(&args.statedir, "statedir", "", "path to directory for storage of config state, TLS certs, temporary incoming Taildrop files, etc. If empty, it's derived from --state when possible.") flag.StringVar(&args.statedir, "statedir", "", "path to directory for storage of config state, TLS certs, temporary incoming Taildrop files, etc. If empty, it's derived from --state when possible.")
flag.StringVar(&args.socketpath, "socket", paths.DefaultTailscaledSocket(), "path of the service unix socket") flag.StringVar(&args.socketpath, "socket", paths.DefaultTailscaledSocket(), "path of the service unix socket")
flag.StringVar(&args.birdSocketPath, "bird-socket", "", "path of the bird unix socket") flag.StringVar(&args.birdSocketPath, "bird-socket", "", "path of the bird unix socket")

View File

@ -193,7 +193,7 @@ func beWindowsSubprocess() bool {
} }
logid := os.Args[2] logid := os.Args[2]
// Remove the date/time prefix; the logtail + file logggers add it. // Remove the date/time prefix; the logtail + file loggers add it.
log.SetFlags(0) log.SetFlags(0)
log.Printf("Program starting: v%v: %#v", version.Long, os.Args) log.Printf("Program starting: v%v: %#v", version.Long, os.Args)

View File

@ -57,7 +57,7 @@ func runBuild() {
// fixEsbuildMetadataPaths re-keys the esbuild metadata file to use paths // fixEsbuildMetadataPaths re-keys the esbuild metadata file to use paths
// relative to the dist directory (it normally uses paths relative to the cwd, // relative to the dist directory (it normally uses paths relative to the cwd,
// which are akward if we're running with a different cwd at serving time). // which are awkward if we're running with a different cwd at serving time).
func fixEsbuildMetadataPaths(metadataStr string) ([]byte, error) { func fixEsbuildMetadataPaths(metadataStr string) ([]byte, error) {
var metadata EsbuildMetadata var metadata EsbuildMetadata
if err := json.Unmarshal([]byte(metadataStr), &metadata); err != nil { if err := json.Unmarshal([]byte(metadataStr), &metadata); err != nil {

View File

@ -15,12 +15,12 @@ import wasmURL from "./main.wasm"
* needed for the package to function. * needed for the package to function.
*/ */
type IPNPackageConfig = IPNConfig & { type IPNPackageConfig = IPNConfig & {
// Auth key used to intitialize the Tailscale client (required) // Auth key used to initialize the Tailscale client (required)
authKey: string authKey: string
// URL of the main.wasm file that is included in the page, if it is not // URL of the main.wasm file that is included in the page, if it is not
// accessible via a relative URL. // accessible via a relative URL.
wasmURL?: string wasmURL?: string
// Funtion invoked if the Go process panics or unexpectedly exits. // Function invoked if the Go process panics or unexpectedly exits.
panicHandler: (err: string) => void panicHandler: (err: string) => void
} }

View File

@ -388,7 +388,7 @@ func main() {
log.Fatal(err) log.Fatal(err)
} }
if runCloner { if runCloner {
// When a new pacakge is added or when existing generated files have // When a new package is added or when existing generated files have
// been deleted, we might run into a case where tailscale.com/cmd/cloner // been deleted, we might run into a case where tailscale.com/cmd/cloner
// has not run yet. We detect this by verifying that all the structs we // has not run yet. We detect this by verifying that all the structs we
// interacted with have had Clone method already generated. If they // interacted with have had Clone method already generated. If they

View File

@ -776,7 +776,7 @@ func (c *Direct) sendMapRequest(ctx context.Context, maxPolls int, readOnly bool
// with useful results. The first POST just gets us the DERP map which we // with useful results. The first POST just gets us the DERP map which we
// need to do the STUN queries to discover our endpoints. // need to do the STUN queries to discover our endpoints.
// TODO(bradfitz): we skip this optimization in tests, though, // TODO(bradfitz): we skip this optimization in tests, though,
// because the e2e tests are currently hyperspecific about the // because the e2e tests are currently hyper-specific about the
// ordering of things. The e2e tests need love. // ordering of things. The e2e tests need love.
ReadOnly: readOnly || (len(epStrs) == 0 && !everEndpoints && !inTest()), ReadOnly: readOnly || (len(epStrs) == 0 && !everEndpoints && !inTest()),
} }

View File

@ -35,7 +35,7 @@ type mapSession struct {
machinePubKey key.MachinePublic machinePubKey key.MachinePublic
keepSharerAndUserSplit bool // see Options.KeepSharerAndUserSplit keepSharerAndUserSplit bool // see Options.KeepSharerAndUserSplit
// Fields storing state over the the coards of multiple MapResponses. // Fields storing state over the course of multiple MapResponses.
lastNode *tailcfg.Node lastNode *tailcfg.Node
lastDNSConfig *tailcfg.DNSConfig lastDNSConfig *tailcfg.DNSConfig
lastDERPMap *tailcfg.DERPMap lastDERPMap *tailcfg.DERPMap

View File

@ -466,7 +466,7 @@ func TestNetmapForResponse(t *testing.T) {
}) })
} }
// TestDeltaDebug tests that tailcfg.Debug values can be omitted in MapResposnes // TestDeltaDebug tests that tailcfg.Debug values can be omitted in MapResponses
// entirely or have their opt.Bool values unspecified between MapResponses in a // entirely or have their opt.Bool values unspecified between MapResponses in a
// session and that should mean no change. (as of capver 37). But two Debug // session and that should mean no change. (as of capver 37). But two Debug
// fields existed prior to capver 37 that weren't opt.Bool; we test that we both // fields existed prior to capver 37 that weren't opt.Bool; we test that we both

View File

@ -232,7 +232,7 @@ func TestSendFreeze(t *testing.T) {
// alice --> bob // alice --> bob
// alice --> cathy // alice --> cathy
// //
// Then cathy stops processing messsages. // Then cathy stops processing messages.
// That should not interfere with alice talking to bob. // That should not interfere with alice talking to bob.
newClient := func(ctx context.Context, name string, k key.NodePrivate) (c *Client, clientConn nettest.Conn) { newClient := func(ctx context.Context, name string, k key.NodePrivate) (c *Client, clientConn nettest.Conn) {
@ -772,7 +772,7 @@ func TestForwarderRegistration(t *testing.T) {
}) })
// Now pretend u1 was already connected locally (so clientsMesh[u1] is nil), and then we heard // Now pretend u1 was already connected locally (so clientsMesh[u1] is nil), and then we heard
// that they're also connected to a peer of ours. That sholdn't transition the forwarder // that they're also connected to a peer of ours. That shouldn't transition the forwarder
// from nil to the new one, not a multiForwarder. // from nil to the new one, not a multiForwarder.
s.clients[u1] = singleClient{u1c} s.clients[u1] = singleClient{u1c}
s.clientsMesh[u1] = nil s.clientsMesh[u1] = nil

View File

@ -199,7 +199,7 @@ func (c *Client) urlString(node *tailcfg.DERPNode) string {
return fmt.Sprintf("https://%s/derp", node.HostName) return fmt.Sprintf("https://%s/derp", node.HostName)
} }
// AddressFamilySelector decides whethers IPv6 is preferred for // AddressFamilySelector decides whether IPv6 is preferred for
// outbound dials. // outbound dials.
type AddressFamilySelector interface { type AddressFamilySelector interface {
// PreferIPv6 reports whether IPv4 dials should be slightly // PreferIPv6 reports whether IPv4 dials should be slightly

View File

@ -17,7 +17,7 @@
// //
// messageType byte (the MessageType constants below) // messageType byte (the MessageType constants below)
// messageVersion byte (0 for now; but always ignore bytes at the end) // messageVersion byte (0 for now; but always ignore bytes at the end)
// message-paylod [...]byte // message-payload [...]byte
package disco package disco
import ( import (

View File

@ -69,7 +69,7 @@ type Notify struct {
State *State // if non-nil, the new or current IPN state State *State // if non-nil, the new or current IPN state
Prefs *Prefs // if non-nil, the new or current preferences Prefs *Prefs // if non-nil, the new or current preferences
NetMap *netmap.NetworkMap // if non-nil, the new or current netmap NetMap *netmap.NetworkMap // if non-nil, the new or current netmap
Engine *EngineStatus // if non-nil, the new or urrent wireguard stats Engine *EngineStatus // if non-nil, the new or current wireguard stats
BrowseToURL *string // if non-nil, UI should open a browser right now BrowseToURL *string // if non-nil, UI should open a browser right now
BackendLogID *string // if non-nil, the public logtail ID used by backend BackendLogID *string // if non-nil, the public logtail ID used by backend

View File

@ -2173,7 +2173,7 @@ func (b *LocalBackend) GetPeerAPIPort(ip netip.Addr) (port uint16, ok bool) {
// ServePeerAPIConnection serves an already-accepted connection c. // ServePeerAPIConnection serves an already-accepted connection c.
// //
// The remote parameter is the remote address. // The remote parameter is the remote address.
// The local paramater is the local address (either a Tailscale IPv4 // The local parameter is the local address (either a Tailscale IPv4
// or IPv6 IP and the peerapi port for that address). // or IPv6 IP and the peerapi port for that address).
// //
// The connection will be closed by ServePeerAPIConnection. // The connection will be closed by ServePeerAPIConnection.
@ -3027,7 +3027,7 @@ func (b *LocalBackend) RequestEngineStatus() {
// that have happened. It is invoked from the various callbacks that // that have happened. It is invoked from the various callbacks that
// feed events into LocalBackend. // feed events into LocalBackend.
// //
// TODO(apenwarr): use a channel or something to prevent re-entrancy? // TODO(apenwarr): use a channel or something to prevent reentrancy?
// Or maybe just call the state machine from fewer places. // Or maybe just call the state machine from fewer places.
func (b *LocalBackend) stateMachine() { func (b *LocalBackend) stateMachine() {
b.enterState(b.nextState()) b.enterState(b.nextState())
@ -3087,7 +3087,7 @@ func (b *LocalBackend) ResetForClientDisconnect() {
func (b *LocalBackend) ShouldRunSSH() bool { return b.sshAtomicBool.Load() && envknob.CanSSHD() } func (b *LocalBackend) ShouldRunSSH() bool { return b.sshAtomicBool.Load() && envknob.CanSSHD() }
// ShouldHandleViaIP reports whether whether ip is an IPv6 address in the // ShouldHandleViaIP reports whether ip is an IPv6 address in the
// Tailscale ULA's v6 "via" range embedding an IPv4 address to be forwarded to // Tailscale ULA's v6 "via" range embedding an IPv4 address to be forwarded to
// by Tailscale. // by Tailscale.
func (b *LocalBackend) ShouldHandleViaIP(ip netip.Addr) bool { func (b *LocalBackend) ShouldHandleViaIP(ip netip.Addr) bool {
@ -3605,7 +3605,7 @@ func (b *LocalBackend) magicConn() (*magicsock.Conn, error) {
return mc, nil return mc, nil
} }
// DoNoiseRequest sends a request to URL over the the control plane // DoNoiseRequest sends a request to URL over the control plane
// Noise connection. // Noise connection.
func (b *LocalBackend) DoNoiseRequest(req *http.Request) (*http.Response, error) { func (b *LocalBackend) DoNoiseRequest(req *http.Request) (*http.Response, error) {
b.mu.Lock() b.mu.Lock()

View File

@ -44,10 +44,10 @@ type tkaState struct {
// //
// There are 4 scenarios handled here: // There are 4 scenarios handled here:
// - Enablement: nm.TKAEnabled but b.tka == nil // - Enablement: nm.TKAEnabled but b.tka == nil
// ∴ reach out to /machine/tka/boostrap to get the genesis AUM, then // ∴ reach out to /machine/tka/bootstrap to get the genesis AUM, then
// initialize TKA. // initialize TKA.
// - Disablement: !nm.TKAEnabled but b.tka != nil // - Disablement: !nm.TKAEnabled but b.tka != nil
// ∴ reach out to /machine/tka/boostrap to read the disablement secret, // ∴ reach out to /machine/tka/bootstrap to read the disablement secret,
// then verify and clear tka local state. // then verify and clear tka local state.
// - Sync needed: b.tka.Head != nm.TKAHead // - Sync needed: b.tka.Head != nm.TKAHead
// ∴ complete multi-step synchronization flow. // ∴ complete multi-step synchronization flow.

View File

@ -79,7 +79,7 @@ type peerAPIServer struct {
} }
const ( const (
// partialSuffix is the suffix appened to files while they're // partialSuffix is the suffix appended to files while they're
// still in the process of being transferred. // still in the process of being transferred.
partialSuffix = ".partial" partialSuffix = ".partial"
@ -1184,7 +1184,7 @@ func newFakePeerAPIListener(ip netip.Addr) net.Listener {
// even if the kernel isn't cooperating (like on Android: Issue 4449, 4293, etc) // even if the kernel isn't cooperating (like on Android: Issue 4449, 4293, etc)
// or we lack permission to listen on a port. It's okay to not actually listen via // or we lack permission to listen on a port. It's okay to not actually listen via
// the kernel because on almost all platforms (except iOS as of 2022-04-20) we // the kernel because on almost all platforms (except iOS as of 2022-04-20) we
// also intercept netstack TCP requests in to our peerapi port and hand it over // also intercept incoming netstack TCP requests to our peerapi port and hand them over
// directly to peerapi, without involving the kernel. So this doesn't need to be // directly to peerapi, without involving the kernel. So this doesn't need to be
// real. But the port number we return (1, in this case) is the port number we advertise // real. But the port number we return (1, in this case) is the port number we advertise
// to peers and they connect to. 1 seems pretty safe to use. Even if the kernel's // to peers and they connect to. 1 seems pretty safe to use. Even if the kernel's

View File

@ -109,7 +109,7 @@ func TestHandlePeerAPI(t *testing.T) {
tests := []struct { tests := []struct {
name string name string
isSelf bool // the peer sending the request is owned by us isSelf bool // the peer sending the request is owned by us
capSharing bool // self node has file sharing capabilty capSharing bool // self node has file sharing capability
omitRoot bool // don't configure omitRoot bool // don't configure
req *http.Request req *http.Request
checks []check checks []check

View File

@ -57,7 +57,7 @@
// Options is the configuration of the Tailscale node agent. // Options is the configuration of the Tailscale node agent.
type Options struct { type Options struct {
// VarRoot is the the Tailscale daemon's private writable // VarRoot is the Tailscale daemon's private writable
// directory (usually "/var/lib/tailscale" on Linux) that // directory (usually "/var/lib/tailscale" on Linux) that
// contains the "tailscaled.state" file, the "certs" directory // contains the "tailscaled.state" file, the "certs" directory
// for TLS certs, and the "files" directory for incoming // for TLS certs, and the "files" directory for incoming

View File

@ -470,7 +470,7 @@ func TestLoadPrefsNotExist(t *testing.T) {
t.Fatalf("unexpected prefs=%#v, err=%v", p, err) t.Fatalf("unexpected prefs=%#v, err=%v", p, err)
} }
// TestLoadPrefsFileWithZeroInIt verifies that LoadPrefs hanldes corrupted input files. // TestLoadPrefsFileWithZeroInIt verifies that LoadPrefs handles corrupted input files.
// See issue #954 for details. // See issue #954 for details.
func TestLoadPrefsFileWithZeroInIt(t *testing.T) { func TestLoadPrefsFileWithZeroInIt(t *testing.T) {
f, err := os.CreateTemp("", "TestLoadPrefsFileWithZeroInIt") f, err := os.CreateTemp("", "TestLoadPrefsFileWithZeroInIt")

View File

@ -609,7 +609,7 @@ func NewWithConfigPath(collection, dir, cmdName string) *Policy {
} }
} }
log.SetFlags(0) // other logflags are set on console, not here log.SetFlags(0) // other log flags are set on console, not here
log.SetOutput(logOutput) log.SetOutput(logOutput)
log.Printf("Program starting: v%v, Go %v: %#v", log.Printf("Program starting: v%v, Go %v: %#v",

View File

@ -34,7 +34,7 @@ func NewPrivateID() (id PrivateID, err error) {
func (id PrivateID) MarshalText() ([]byte, error) { func (id PrivateID) MarshalText() ([]byte, error) {
b := make([]byte, hex.EncodedLen(len(id))) b := make([]byte, hex.EncodedLen(len(id)))
if i := hex.Encode(b, id[:]); i != len(b) { if i := hex.Encode(b, id[:]); i != len(b) {
return nil, fmt.Errorf("logtail.PrivateID.MarhsalText: i=%d", i) return nil, fmt.Errorf("logtail.PrivateID.MarshalText: i=%d", i)
} }
return b, nil return b, nil
} }
@ -122,7 +122,7 @@ func MustParsePublicID(s string) PublicID {
func (id PublicID) MarshalText() ([]byte, error) { func (id PublicID) MarshalText() ([]byte, error) {
b := make([]byte, hex.EncodedLen(len(id))) b := make([]byte, hex.EncodedLen(len(id)))
if i := hex.Encode(b, id[:]); i != len(b) { if i := hex.Encode(b, id[:]); i != len(b) {
return nil, fmt.Errorf("logtail.PublicID.MarhsalText: i=%d", i) return nil, fmt.Errorf("logtail.PublicID.MarshalText: i=%d", i)
} }
return b, nil return b, nil
} }

View File

@ -49,7 +49,7 @@ type Config struct {
HTTPC *http.Client // if empty defaults to http.DefaultClient HTTPC *http.Client // if empty defaults to http.DefaultClient
SkipClientTime bool // if true, client_time is not written to logs SkipClientTime bool // if true, client_time is not written to logs
LowMemory bool // if true, logtail minimizes memory use LowMemory bool // if true, logtail minimizes memory use
TimeNow func() time.Time // if set, subsitutes uses of time.Now TimeNow func() time.Time // if set, substitutes uses of time.Now
Stderr io.Writer // if set, logs are sent here instead of os.Stderr Stderr io.Writer // if set, logs are sent here instead of os.Stderr
StderrLevel int // max verbosity level to write to stderr; 0 means the non-verbose messages only StderrLevel int // max verbosity level to write to stderr; 0 means the non-verbose messages only
Buffer Buffer // temp storage, if nil a MemoryBuffer Buffer Buffer // temp storage, if nil a MemoryBuffer
@ -73,7 +73,7 @@ type Config struct {
// IncludeProcSequence, if true, results in an ephemeral sequence number // IncludeProcSequence, if true, results in an ephemeral sequence number
// being included in the logs. The sequence number is incremented for each // being included in the logs. The sequence number is incremented for each
// log message sent, but is not peristed across process restarts. // log message sent, but is not persisted across process restarts.
IncludeProcSequence bool IncludeProcSequence bool
} }

View File

@ -381,7 +381,7 @@ func (m *Manager) NextPacket() ([]byte, error) {
return buf, nil return buf, nil
} }
// Query executes a DNS query recieved from the given address. The query is // Query executes a DNS query received from the given address. The query is
// provided in bs as a wire-encoded DNS query without any transport header. // provided in bs as a wire-encoded DNS query without any transport header.
// This method is called for requests arriving over UDP and TCP. // This method is called for requests arriving over UDP and TCP.
func (m *Manager) Query(ctx context.Context, bs []byte, from netip.AddrPort) ([]byte, error) { func (m *Manager) Query(ctx context.Context, bs []byte, from netip.AddrPort) ([]byte, error) {

View File

@ -274,7 +274,7 @@ func runTest(t *testing.T, isLocal bool) {
runCase := func(n int) { runCase := func(n int) {
t.Logf("Test case: %d domains\n", n) t.Logf("Test case: %d domains\n", n)
if !isLocal { if !isLocal {
// When !isLocal, we want to check that a GP notification occured for // When !isLocal, we want to check that a GP notification occurred for
// every single test case. // every single test case.
trk, err = newGPNotificationTracker() trk, err = newGPNotificationTracker()
if err != nil { if err != nil {

View File

@ -302,7 +302,7 @@ type dnsPrio struct {
for _, cfg := range cfgs { for _, cfg := range cfgs {
if name, ok := cfg["interface"]; ok { if name, ok := cfg["interface"]; ok {
if s, ok := name.Value().(string); ok && s == m.interfaceName { if s, ok := name.Value().(string); ok && s == m.interfaceName {
// Config for the taislcale interface, skip. // Config for the tailscale interface, skip.
continue continue
} }
} }

View File

@ -58,7 +58,7 @@
const _RP_FORCE = 1 // Flag for RefreshPolicyEx const _RP_FORCE = 1 // Flag for RefreshPolicyEx
// nrptRuleDatabase ensapsulates access to the Windows Name Resolution Policy // nrptRuleDatabase encapsulates access to the Windows Name Resolution Policy
// Table (NRPT). // Table (NRPT).
type nrptRuleDatabase struct { type nrptRuleDatabase struct {
logf logger.Logf logf logger.Logf

View File

@ -180,7 +180,7 @@ type resolverAndDelay struct {
type forwarder struct { type forwarder struct {
logf logger.Logf logf logger.Logf
linkMon *monitor.Mon linkMon *monitor.Mon
linkSel ForwardLinkSelector // TODO(bradfitz): remove this when tsdial.Dialer absords it linkSel ForwardLinkSelector // TODO(bradfitz): remove this when tsdial.Dialer absorbs it
dialer *tsdial.Dialer dialer *tsdial.Dialer
dohSem chan struct{} dohSem chan struct{}
@ -502,7 +502,7 @@ func (f *forwarder) send(ctx context.Context, fq *forwardQuery, rr resolverAndDe
// Only known DoH providers are supported currently. Specifically, we // Only known DoH providers are supported currently. Specifically, we
// only support DoH providers where we can TCP connect to them on port // only support DoH providers where we can TCP connect to them on port
// 443 at the same IP address they serve normal UDP DNS from (1.1.1.1, // 443 at the same IP address they serve normal UDP DNS from (1.1.1.1,
// 8.8.8.8, 9.9.9.9, etc.) That's why OpenDNS and custon DoH providers // 8.8.8.8, 9.9.9.9, etc.) That's why OpenDNS and custom DoH providers
// aren't currently supported. There's no backup DNS resolution path for // aren't currently supported. There's no backup DNS resolution path for
// them. // them.
urlBase := rr.name.Addr urlBase := rr.name.Addr

View File

@ -609,7 +609,7 @@ func (r *Resolver) resolveLocal(domain dnsname.FQDN, typ dns.Type) (netip.Addr,
metricDNSResolveLocalOKAll.Add(1) metricDNSResolveLocalOKAll.Add(1)
return addrs[0], dns.RCodeSuccess return addrs[0], dns.RCodeSuccess
// Leave some some record types explicitly unimplemented. // Leave some record types explicitly unimplemented.
// These types relate to recursive resolution or special // These types relate to recursive resolution or special
// DNS semantics and might be implemented in the future. // DNS semantics and might be implemented in the future.
case dns.TypeNS, dns.TypeSOA, dns.TypeAXFR, dns.TypeHINFO: case dns.TypeNS, dns.TypeSOA, dns.TypeAXFR, dns.TypeHINFO:

View File

@ -99,7 +99,7 @@ type msgResource struct {
} }
// ErrCacheMiss is a sentinel error returned by MessageCache.ReplyFromCache // ErrCacheMiss is a sentinel error returned by MessageCache.ReplyFromCache
// when the request can not be satisified from cache. // when the request can not be satisfied from cache.
var ErrCacheMiss = errors.New("cache miss") var ErrCacheMiss = errors.New("cache miss")
var parserPool = &sync.Pool{ var parserPool = &sync.Pool{
@ -264,7 +264,7 @@ func asciiLowerName(n dnsmessage.Name) dnsmessage.Name {
} }
// packDNSResponse builds a DNS response for the given question and // packDNSResponse builds a DNS response for the given question and
// transaction ID. The response resource records will have have the // transaction ID. The response resource records will have the
// same provided TTL. // same provided TTL.
func packDNSResponse(q msgQ, txID uint16, ttl uint32, answers []msgResource) ([]byte, error) { func packDNSResponse(q msgQ, txID uint16, ttl uint32, answers []msgResource) ([]byte, error) {
var baseMem []byte // TODO: guess a max size based on looping over answers? var baseMem []byte // TODO: guess a max size based on looping over answers?

View File

@ -441,13 +441,13 @@ func prefixesEqual(a, b []netip.Prefix) bool {
// UseInterestingInterfaces is an InterfaceFilter that reports whether i is an interesting interface. // UseInterestingInterfaces is an InterfaceFilter that reports whether i is an interesting interface.
// An interesting interface if it is (a) not owned by Tailscale and (b) routes interesting IP addresses. // An interesting interface if it is (a) not owned by Tailscale and (b) routes interesting IP addresses.
// See UseInterestingIPs for the defition of an interesting IP address. // See UseInterestingIPs for the definition of an interesting IP address.
func UseInterestingInterfaces(i Interface, ips []netip.Prefix) bool { func UseInterestingInterfaces(i Interface, ips []netip.Prefix) bool {
return !isTailscaleInterface(i.Name, ips) && anyInterestingIP(ips) return !isTailscaleInterface(i.Name, ips) && anyInterestingIP(ips)
} }
// UseInterestingIPs is an IPFilter that reports whether ip is an interesting IP address. // UseInterestingIPs is an IPFilter that reports whether ip is an interesting IP address.
// An IP address is interesting if it is neither a lopback not a link local unicast IP address. // An IP address is interesting if it is neither a loopback nor a link local unicast IP address.
func UseInterestingIPs(ip netip.Addr) bool { func UseInterestingIPs(ip netip.Addr) bool {
return isInterestingIP(ip) return isInterestingIP(ip)
} }
@ -455,7 +455,7 @@ func UseInterestingIPs(ip netip.Addr) bool {
// UseAllInterfaces is an InterfaceFilter that includes all interfaces. // UseAllInterfaces is an InterfaceFilter that includes all interfaces.
func UseAllInterfaces(i Interface, ips []netip.Prefix) bool { return true } func UseAllInterfaces(i Interface, ips []netip.Prefix) bool { return true }
// UseAllIPs is an IPFilter that includes all all IPs. // UseAllIPs is an IPFilter that includes all IPs.
func UseAllIPs(ips netip.Addr) bool { return true } func UseAllIPs(ips netip.Addr) bool { return true }
func (s *State) HasPAC() bool { return s != nil && s.PAC != "" } func (s *State) HasPAC() bool { return s != nil && s.PAC != "" }

View File

@ -161,7 +161,7 @@ type Client struct {
// GetSTUNConn4 optionally provides a func to return the // GetSTUNConn4 optionally provides a func to return the
// connection to use for sending & receiving IPv4 packets. If // connection to use for sending & receiving IPv4 packets. If
// nil, an emphemeral one is created as needed. // nil, an ephemeral one is created as needed.
GetSTUNConn4 func() STUNConn GetSTUNConn4 func() STUNConn
// GetSTUNConn6 is like GetSTUNConn4, but for IPv6. // GetSTUNConn6 is like GetSTUNConn4, but for IPv6.

View File

@ -15,7 +15,7 @@
bufferSize = 256 * 1024 bufferSize = 256 * 1024
) )
// Listener is a net.Listener using using NewConn to create pairs of network // Listener is a net.Listener using NewConn to create pairs of network
// connections connected in memory using a buffered pipe. It also provides a // connections connected in memory using a buffered pipe. It also provides a
// Dial method to establish new connections. // Dial method to establish new connections.
type Listener struct { type Listener struct {

View File

@ -195,7 +195,7 @@ func ipForwardSysctlKey(format sysctlFormat, p protocol, iface string) string {
// given interface. // given interface.
// The iface param determines which interface to check against, "" means to check // The iface param determines which interface to check against, "" means to check
// global config. // global config.
// It tries to lookup the value directly from `/proc/sys`, and fallsback to // It tries to lookup the value directly from `/proc/sys`, and falls back to
// using `sysctl` on failure. // using `sysctl` on failure.
func ipForwardingEnabledLinux(p protocol, iface string) (bool, error) { func ipForwardingEnabledLinux(p protocol, iface string) (bool, error) {
k := ipForwardSysctlKey(slashFormat, p, iface) k := ipForwardSysctlKey(slashFormat, p, iface)

View File

@ -40,7 +40,7 @@ type Header interface {
} }
// HeaderChecksummer is implemented by Header implementations that // HeaderChecksummer is implemented by Header implementations that
// need to do a checksum over their paylods. // need to do a checksum over their payloads.
type HeaderChecksummer interface { type HeaderChecksummer interface {
Header Header

View File

@ -202,7 +202,7 @@ func TestPingerMismatch(t *testing.T) {
func mockPinger(t *testing.T, clock *tstest.Clock) (*Pinger, func()) { func mockPinger(t *testing.T, clock *tstest.Clock) (*Pinger, func()) {
// In tests, we use UDP so that we can test without being root; this // In tests, we use UDP so that we can test without being root; this
// doesn't matter becuase we mock out the ICMP reply below to be a real // doesn't matter because we mock out the ICMP reply below to be a real
// ICMP echo reply packet. // ICMP echo reply packet.
conn, err := net.ListenPacket("udp4", "127.0.0.1:0") conn, err := net.ListenPacket("udp4", "127.0.0.1:0")
if err != nil { if err != nil {

View File

@ -19,7 +19,7 @@
"tailscale.com/types/logger" "tailscale.com/types/logger"
) )
// TestIGD is an IGD (Intenet Gateway Device) for testing. It supports fake // TestIGD is an IGD (Internet Gateway Device) for testing. It supports fake
// implementations of NAT-PMP, PCP, and/or UPnP to test clients against. // implementations of NAT-PMP, PCP, and/or UPnP to test clients against.
type TestIGD struct { type TestIGD struct {
upnpConn net.PacketConn // for UPnP discovery upnpConn net.PacketConn // for UPnP discovery

View File

@ -58,7 +58,7 @@ type Dialer struct {
linkMon *monitor.Mon linkMon *monitor.Mon
linkMonUnregister func() linkMonUnregister func()
exitDNSDoHBase string // non-empty if DoH-proxying exit node in use; base URL+path (without '?') exitDNSDoHBase string // non-empty if DoH-proxying exit node in use; base URL+path (without '?')
dnsCache *dnscache.MessageCache // nil until first first non-empty SetExitDNSDoH dnsCache *dnscache.MessageCache // nil until first non-empty SetExitDNSDoH
nextSysConnID int nextSysConnID int
activeSysConns map[int]net.Conn // active connections not yet closed activeSysConns map[int]net.Conn // active connections not yet closed
} }
@ -210,7 +210,7 @@ func (d *Dialer) userDialResolve(ctx context.Context, network, addr string) (net
exitDNSDoH := d.exitDNSDoHBase exitDNSDoH := d.exitDNSDoHBase
d.mu.Unlock() d.mu.Unlock()
// MagicDNS or otherwise baked in to the NetworkMap? Try that first. // MagicDNS or otherwise baked into the NetworkMap? Try that first.
ipp, err := dns.resolveMemory(ctx, network, addr) ipp, err := dns.resolveMemory(ctx, network, addr)
if err != errUnresolved { if err != errUnresolved {
return ipp, err return ipp, err

View File

@ -89,7 +89,7 @@ func GetAuthHeader(u *url.URL) (string, error) {
var condSetTransportGetProxyConnectHeader func(*http.Transport) var condSetTransportGetProxyConnectHeader func(*http.Transport)
// SetTarnsportGetProxyConnectHeader sets the provided Transport's // SetTransportGetProxyConnectHeader sets the provided Transport's
// GetProxyConnectHeader field, if the current build of Go supports // GetProxyConnectHeader field, if the current build of Go supports
// it. // it.
// //

View File

@ -204,7 +204,7 @@ func TestSynologyProxiesFromConfig(t *testing.T) {
}) })
t.Run("non-existent config", func(t *testing.T) { t.Run("nonexistent config", func(t *testing.T) {
openReader = nil openReader = nil
openErr = os.ErrNotExist openErr = os.ErrNotExist

View File

@ -173,7 +173,7 @@ type Wrapper struct {
// See the comment in the middle of Wrap.Read. // See the comment in the middle of Wrap.Read.
type tunReadResult struct { type tunReadResult struct {
// Only one of err, packet or data should be set, and are read in that order // Only one of err, packet or data should be set, and are read in that order
// of precendence. // of precedence.
err error err error
packet *stack.PacketBuffer packet *stack.PacketBuffer
data []byte data []byte

View File

@ -63,7 +63,7 @@ func DefaultTailscaledStateFile() string {
return "" return ""
} }
// MkStateDir ensures that dirPath, the daemon's configurtaion directory // MkStateDir ensures that dirPath, the daemon's configuration directory
// containing machine keys etc, both exists and has the correct permissions. // containing machine keys etc, both exists and has the correct permissions.
// We want it to only be accessible to the user the daemon is running under. // We want it to only be accessible to the user the daemon is running under.
func MkStateDir(dirPath string) error { func MkStateDir(dirPath string) error {

View File

@ -236,7 +236,7 @@ func (v varExporter) String() string {
return string(bs) return string(bs)
} }
// WritePrometheus writes the the state of all probes to w. // WritePrometheus writes the state of all probes to w.
// //
// For each probe, WritePrometheus exports 5 variables: // For each probe, WritePrometheus exports 5 variables:
// - <prefix>_interval_secs, how frequently the probe runs. // - <prefix>_interval_secs, how frequently the probe runs.

View File

@ -29,7 +29,7 @@ type contextReader struct {
// consumed. // consumed.
buffered []byte buffered []byte
// readErr is a previous read error that was seen while filling buffered. It // readErr is a previous read error that was seen while filling buffered. It
// should be returned to the caller after bufffered is consumed. // should be returned to the caller after buffered is consumed.
readErr error readErr error
mu sync.Mutex // guards ch only mu sync.Mutex // guards ch only
@ -40,7 +40,7 @@ type contextReader struct {
ch chan readResult ch chan readResult
} }
// HasOutstandingRead reports whether there's an oustanding Read call that's // HasOutstandingRead reports whether there's an outstanding Read call that's
// either currently blocked in a Read or whose result hasn't been consumed. // either currently blocked in a Read or whose result hasn't been consumed.
func (w *contextReader) HasOutstandingRead() bool { func (w *contextReader) HasOutstandingRead() bool {
w.mu.Lock() w.mu.Lock()
@ -97,14 +97,14 @@ func (w *contextReader) ReadContext(ctx context.Context, p []byte) (n int, err e
} }
} }
// contextReaderSesssion implements ssh.Session, wrapping another // contextReaderSession implements ssh.Session, wrapping another
// ssh.Session but changing its Read method to use contextReader. // ssh.Session but changing its Read method to use contextReader.
type contextReaderSesssion struct { type contextReaderSession struct {
ssh.Session ssh.Session
cr *contextReader cr *contextReader
} }
func (a contextReaderSesssion) Read(p []byte) (n int, err error) { func (a contextReaderSession) Read(p []byte) (n int, err error) {
if a.cr.HasOutstandingRead() { if a.cr.HasOutstandingRead() {
return a.cr.ReadContext(context.Background(), p) return a.cr.ReadContext(context.Background(), p)
} }

View File

@ -2,11 +2,11 @@
// Use of this source code is governed by a BSD-style // Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file. // license that can be found in the LICENSE file.
// This file contains the code for the incubator process. Taiscaled // This file contains the code for the incubator process. Tailscaled
// launches the incubator as the same user as it was launched as. The // launches the incubator as the same user as it was launched as. The
// incubator then registers a new session with the OS, sets its UID // incubator then registers a new session with the OS, sets its UID
// and groups to the specified `--uid`, `--gid` and `--groups`, and // and groups to the specified `--uid`, `--gid` and `--groups`, and
// then lauches the requested `--cmd`. // then launches the requested `--cmd`.
//go:build linux || (darwin && !ios) //go:build linux || (darwin && !ios)
// +build linux darwin,!ios // +build linux darwin,!ios

View File

@ -181,7 +181,7 @@ func (c *conn) logf(format string, args ...any) {
c.srv.logf(format, args...) c.srv.logf(format, args...)
} }
// PublicKeyHandler implements ssh.PublicKeyHandler is called by the the // PublicKeyHandler implements ssh.PublicKeyHandler is called by the
// ssh.Server when the client presents a public key. // ssh.Server when the client presents a public key.
func (c *conn) PublicKeyHandler(ctx ssh.Context, pubKey ssh.PublicKey) error { func (c *conn) PublicKeyHandler(ctx ssh.Context, pubKey ssh.PublicKey) error {
c.mu.Lock() c.mu.Lock()
@ -205,7 +205,7 @@ func (c *conn) PublicKeyHandler(ctx ssh.Context, pubKey ssh.PublicKey) error {
var errPubKeyRequired = errors.New("ssh publickey required") var errPubKeyRequired = errors.New("ssh publickey required")
// NoClientAuthCallback implements gossh.NoClientAuthCallback and is called by // NoClientAuthCallback implements gossh.NoClientAuthCallback and is called by
// the the ssh.Server when the client first connects with the "none" // the ssh.Server when the client first connects with the "none"
// authentication method. // authentication method.
func (c *conn) NoClientAuthCallback(cm gossh.ConnMetadata) (*gossh.Permissions, error) { func (c *conn) NoClientAuthCallback(cm gossh.ConnMetadata) (*gossh.Permissions, error) {
if c.insecureSkipTailscaleAuth { if c.insecureSkipTailscaleAuth {
@ -595,7 +595,7 @@ func (c *conn) handleSessionPostSSHAuth(s ssh.Session) {
if cr.HasOutstandingRead() { if cr.HasOutstandingRead() {
// There was some buffered input while we were waiting for the policy // There was some buffered input while we were waiting for the policy
// decision. // decision.
s = contextReaderSesssion{s, cr} s = contextReaderSession{s, cr}
} }
// Do this check after auth, but before starting the session. // Do this check after auth, but before starting the session.
@ -1326,7 +1326,7 @@ type CastHeader struct {
Timestamp: now.Unix(), Timestamp: now.Unix(),
Env: map[string]string{ Env: map[string]string{
"TERM": term, "TERM": term,
// TODO(bradiftz): anything else important? // TODO(bradfitz): anything else important?
// including all seems noisey, but maybe we should // including all seems noisey, but maybe we should
// for auditing. But first need to break // for auditing. But first need to break
// launchProcess's startWithStdPipes and // launchProcess's startWithStdPipes and

View File

@ -117,7 +117,7 @@ func (u StableNodeID) IsZero() bool {
// A user can have multiple logins associated with it (e.g. gmail and github oauth). // A user can have multiple logins associated with it (e.g. gmail and github oauth).
// (Note: none of our UIs support this yet.) // (Note: none of our UIs support this yet.)
// //
// Some properties are inhereted from the logins and can be overridden, such as // Some properties are inherited from the logins and can be overridden, such as
// display name and profile picture. // display name and profile picture.
// //
// Other properties must be the same for all logins associated with a user. // Other properties must be the same for all logins associated with a user.
@ -249,7 +249,7 @@ type Node struct {
// the owner of the node. When forOwner is false, the hostname is // the owner of the node. When forOwner is false, the hostname is
// never included in the return value. // never included in the return value.
// //
// Return value is either either "Name" or "Name (Hostname)", where // Return value is either "Name" or "Name (Hostname)", where
// Name is the node's MagicDNS base name (for normal non-shared-in // Name is the node's MagicDNS base name (for normal non-shared-in
// nodes), FQDN (without trailing dot, for shared-in nodes), or // nodes), FQDN (without trailing dot, for shared-in nodes), or
// Hostname (if no MagicDNS). Hostname is only included in the // Hostname (if no MagicDNS). Hostname is only included in the
@ -864,7 +864,7 @@ type RegisterResponse struct {
MachineAuthorized bool // TODO(crawshaw): move to using MachineStatus MachineAuthorized bool // TODO(crawshaw): move to using MachineStatus
AuthURL string // if set, authorization pending AuthURL string // if set, authorization pending
// Error indiciates that authorization failed. If this is non-empty, // Error indicates that authorization failed. If this is non-empty,
// other status fields should be ignored. // other status fields should be ignored.
Error string Error string
} }
@ -992,7 +992,7 @@ type NetPortRange struct {
// CapGrant grants capabilities in a FilterRule. // CapGrant grants capabilities in a FilterRule.
type CapGrant struct { type CapGrant struct {
// Dsts are the destination IP ranges that this capabilty // Dsts are the destination IP ranges that this capability
// grant matches. // grant matches.
Dsts []netip.Prefix Dsts []netip.Prefix
@ -1006,7 +1006,7 @@ type CapGrant struct {
// //
// A rule is logically a set of source CIDRs to match (described by // A rule is logically a set of source CIDRs to match (described by
// SrcIPs and SrcBits), and a set of destination targets that are then // SrcIPs and SrcBits), and a set of destination targets that are then
// allowed if a source IP is mathces of those CIDRs. // allowed if a source IP is matches of those CIDRs.
type FilterRule struct { type FilterRule struct {
// SrcIPs are the source IPs/networks to match. // SrcIPs are the source IPs/networks to match.
// //
@ -1124,7 +1124,7 @@ type DNSConfig struct {
// MagicDNS config. // MagicDNS config.
ExtraRecords []DNSRecord `json:",omitempty"` ExtraRecords []DNSRecord `json:",omitempty"`
// ExitNodeFilteredSuffixes are the the DNS suffixes that the // ExitNodeFilteredSuffixes are the DNS suffixes that the
// node, when being an exit node DNS proxy, should not answer. // node, when being an exit node DNS proxy, should not answer.
// //
// The entries do not contain trailing periods and are always // The entries do not contain trailing periods and are always
@ -1828,7 +1828,7 @@ type SSHAction struct {
// //
// The "OverTLS" prefix is to loudly declare that this exchange // The "OverTLS" prefix is to loudly declare that this exchange
// doesn't happen over Noise and can be intercepted/MITM'ed by // doesn't happen over Noise and can be intercepted/MITM'ed by
// enterprise/corp proxies where the orgnanization can put TLS roots // enterprise/corp proxies where the organization can put TLS roots
// on devices. // on devices.
type OverTLSPublicKeyResponse struct { type OverTLSPublicKeyResponse struct {
// LegacyPublic specifies the control plane server's original // LegacyPublic specifies the control plane server's original

View File

@ -98,7 +98,7 @@ type TKAInfo struct {
// This field exists to disambiguate a nil TKAInfo in a delta mapresponse // This field exists to disambiguate a nil TKAInfo in a delta mapresponse
// from a nil TKAInfo indicating TKA should be disabled. // from a nil TKAInfo indicating TKA should be disabled.
// //
// TODO(tom): Implement /machine/tka/boostrap as a noise endpoint, to // TODO(tom): Implement /machine/tka/bootstrap as a noise endpoint, to
// communicate the genesis AUM & any disablement secrets. // communicate the genesis AUM & any disablement secrets.
Disabled bool `json:",omitempty"` Disabled bool `json:",omitempty"`
} }

View File

@ -60,7 +60,7 @@ func (h AUMHash) IsZero() bool {
// //
// Only the Key optional field may be set. // Only the Key optional field may be set.
AUMAddKey AUMAddKey
// A RemoveKey AUM describes hte removal of a key trusted by TKA. // A RemoveKey AUM describes the removal of a key trusted by TKA.
// //
// Only the KeyID optional field may be set. // Only the KeyID optional field may be set.
AUMRemoveKey AUMRemoveKey

View File

@ -67,7 +67,7 @@ func (s *scenarioTest) mkNodeWithForks(name string, signWithDefault bool, chains
for parentName, chain := range chains { for parentName, chain := range chains {
parent, exists := n.AUMs[parentName] parent, exists := n.AUMs[parentName]
if !exists { if !exists {
panic("cannot use non-existent parent: " + parentName) panic("cannot use nonexistent parent: " + parentName)
} }
parentHash := parent.Hash() parentHash := parent.Hash()
chain.Nodes[chain.FirstIdent].ParentHash = &parentHash chain.Nodes[chain.FirstIdent].ParentHash = &parentHash
@ -216,7 +216,7 @@ func TestScenarioHelpers(t *testing.T) {
s.checkHaveConsensus(control, n) s.checkHaveConsensus(control, n)
} }
func TestNormalPropergation(t *testing.T) { func TestNormalPropagation(t *testing.T) {
s := testScenario(t, ` s := testScenario(t, `
G -> L1 -> L2 G -> L1 -> L2
G.template = genesis G.template = genesis
@ -242,7 +242,7 @@ func TestNormalPropergation(t *testing.T) {
s.checkHaveConsensus(n1, n2) s.checkHaveConsensus(n1, n2)
} }
func TestForkingPropergation(t *testing.T) { func TestForkingPropagation(t *testing.T) {
pub, priv := testingKey25519(t, 2) pub, priv := testingKey25519(t, 2)
key := Key{Kind: Key25519, Public: pub, Votes: 2} key := Key{Kind: Key25519, Public: pub, Votes: 2}
@ -278,7 +278,7 @@ func TestForkingPropergation(t *testing.T) {
s.testSyncsBetween(control, n2) s.testSyncsBetween(control, n2)
s.checkHaveConsensus(control, n2) s.checkHaveConsensus(control, n2)
// No wozzles propergating from n2->CTRL, what about CTRL->n1? // No wozzles propagating from n2->CTRL, what about CTRL->n1?
s.testSyncsBetween(control, n1) s.testSyncsBetween(control, n1)
s.checkHaveConsensus(n1, n2) s.checkHaveConsensus(n1, n2)
@ -290,7 +290,7 @@ func TestForkingPropergation(t *testing.T) {
} }
} }
func TestInvalidAUMPropergationRejected(t *testing.T) { func TestInvalidAUMPropagationRejected(t *testing.T) {
s := testScenario(t, ` s := testScenario(t, `
G -> L1 -> L2 G -> L1 -> L2
G.template = genesis G.template = genesis
@ -324,7 +324,7 @@ func TestInvalidAUMPropergationRejected(t *testing.T) {
} }
} }
func TestUnsignedAUMPropergationRejected(t *testing.T) { func TestUnsignedAUMPropagationRejected(t *testing.T) {
s := testScenario(t, ` s := testScenario(t, `
G -> L1 -> L2 G -> L1 -> L2
G.template = genesis G.template = genesis
@ -357,7 +357,7 @@ func TestUnsignedAUMPropergationRejected(t *testing.T) {
} }
} }
func TestBadSigAUMPropergationRejected(t *testing.T) { func TestBadSigAUMPropagationRejected(t *testing.T) {
s := testScenario(t, ` s := testScenario(t, `
G -> L1 -> L2 G -> L1 -> L2
G.template = genesis G.template = genesis

View File

@ -33,7 +33,7 @@
// SigRotation signature and sign it again with their rotation key. That // SigRotation signature and sign it again with their rotation key. That
// way, SigRotation nesting should only be 2 deep in the common case. // way, SigRotation nesting should only be 2 deep in the common case.
SigRotation SigRotation
// SigCredential describes a signature over a specifi public key, signed // SigCredential describes a signature over a specific public key, signed
// by a key in the tailnet key authority referenced by the specified keyID. // by a key in the tailnet key authority referenced by the specified keyID.
// In effect, SigCredential delegates the ability to make a signature to // In effect, SigCredential delegates the ability to make a signature to
// a different public/private key pair. // a different public/private key pair.

View File

@ -25,7 +25,7 @@ type Clock struct {
sync.Mutex sync.Mutex
} }
// Now returns the virtual clock's current time, and avances it // Now returns the virtual clock's current time, and advances it
// according to its step configuration. // according to its step configuration.
func (c *Clock) Now() time.Time { func (c *Clock) Now() time.Time {
c.Lock() c.Lock()

View File

@ -53,7 +53,7 @@ func generate(goos string) {
`) `)
for _, dep := range x.Imports { for _, dep := range x.Imports {
if !strings.Contains(dep, ".") { if !strings.Contains(dep, ".") {
// Omit stanard library deps. // Omit standard library deps.
continue continue
} }
fmt.Fprintf(&out, "\t_ %q\n", dep) fmt.Fprintf(&out, "\t_ %q\n", dep)

View File

@ -463,7 +463,7 @@ func (s *Server) serveRegister(w http.ResponseWriter, r *http.Request, mkey key.
case <-doneCh: case <-doneCh:
} }
// TODO(bradfitz): support a side test API to mark an // TODO(bradfitz): support a side test API to mark an
// auth as failued so we can send an error response in // auth as failed so we can send an error response in
// some follow-ups? For now all are successes. // some follow-ups? For now all are successes.
} }

View File

@ -73,7 +73,7 @@
# The path on disk to the "source code" of the package, in this case it is # The path on disk to the "source code" of the package, in this case it is
# the path to the binaries that are built. This needs to be the raw # the path to the binaries that are built. This needs to be the raw
# unquoted slash-separated path, not a string contaning the path because Nix # unquoted slash-separated path, not a string containing the path because Nix
# has a special path type. # has a special path type.
src = {{.BinPath}}; src = {{.BinPath}};

View File

@ -78,7 +78,7 @@ func TestMITMProxy(t *testing.T) {
// - The first thing we do is append the nsslcrtd_program stanza to the config. // - The first thing we do is append the nsslcrtd_program stanza to the config.
// This must be an absolute path and is based on the nix path of the squid derivation, // This must be an absolute path and is based on the nix path of the squid derivation,
// so we compute and write it out here. // so we compute and write it out here.
// - Squid expects a pre-initalized directory layout, so we create that in /tmp/squid then // - Squid expects a pre-initialized directory layout, so we create that in /tmp/squid then
// invoke squid with -z to have it fill in the rest. // invoke squid with -z to have it fill in the rest.
// - Doing a meddler-in-the-middle attack requires using some fake keys, so we create // - Doing a meddler-in-the-middle attack requires using some fake keys, so we create
// them using openssl and then use the security_file_certgen tool to setup squids' ssl_db. // them using openssl and then use the security_file_certgen tool to setup squids' ssl_db.

View File

@ -92,7 +92,7 @@ func mustPrefix(s string) netip.Prefix {
func NewInternet() *Network { func NewInternet() *Network {
return &Network{ return &Network{
Name: "internet", Name: "internet",
// easily recognizable internett-y addresses // easily recognizable internetty addresses
Prefix4: mustPrefix("1.0.0.0/24"), Prefix4: mustPrefix("1.0.0.0/24"),
Prefix6: mustPrefix("1111::/64"), Prefix6: mustPrefix("1111::/64"),
} }
@ -243,7 +243,7 @@ func (f *Interface) String() string {
if f.name != "" { if f.name != "" {
return f.name return f.name
} }
return fmt.Sprintf("unamed-interface-on-network-%p", f.net) return fmt.Sprintf("unnamed-interface-on-network-%p", f.net)
} }
// Contains reports whether f contains ip as an IP. // Contains reports whether f contains ip as an IP.

View File

@ -412,7 +412,7 @@ func (l loggingResponseWriter) Flush() {
// //
// It is the error type to be (optionally) used by Handler.ServeHTTPReturn. // It is the error type to be (optionally) used by Handler.ServeHTTPReturn.
type HTTPError struct { type HTTPError struct {
Code int // HTTP response code to send to client; 0 means means 500 Code int // HTTP response code to send to client; 0 means 500
Msg string // Response body to send to client Msg string // Response body to send to client
Err error // Detailed error to log on the server Err error // Detailed error to log on the server
Header http.Header // Optional set of HTTP headers to set in the response Header http.Header // Optional set of HTTP headers to set in the response

View File

@ -63,7 +63,7 @@ func (k DiscoPrivate) Public() DiscoPublic {
return ret return ret
} }
// Shared returns the DiscoShared for communication betweek k and p. // Shared returns the DiscoShared for communication between k and p.
func (k DiscoPrivate) Shared(p DiscoPublic) DiscoShared { func (k DiscoPrivate) Shared(p DiscoPublic) DiscoShared {
if k.IsZero() || p.IsZero() { if k.IsZero() || p.IsZero() {
panic("can't compute shared secret with zero keys") panic("can't compute shared secret with zero keys")

View File

@ -21,7 +21,7 @@
// be enough to disqualify it on its own. // be enough to disqualify it on its own.
// //
// Unlike rate.Limiter, this token bucket does not attempt to // Unlike rate.Limiter, this token bucket does not attempt to
// do any locking of its own. Don't try to access it re-entrantly. // do any locking of its own. Don't try to access it reentrantly.
// That's fine inside this types/logger package because we already have // That's fine inside this types/logger package because we already have
// locking at a higher level. // locking at a higher level.
type tokenBucket struct { type tokenBucket struct {

View File

@ -11,7 +11,7 @@
) )
// Bool represents an optional boolean to be JSON-encoded. The string // Bool represents an optional boolean to be JSON-encoded. The string
// is either "true", "false", or the enmpty string to mean unset. // is either "true", "false", or the empty string to mean unset.
// //
// As a special case, the underlying string may also be the string // As a special case, the underlying string may also be the string
// "unset" as as a synonym for the empty string. This lets the // "unset" as as a synonym for the empty string. This lets the

View File

@ -197,7 +197,7 @@ func WritePrometheusExpositionFormat(w io.Writer) {
const ( const (
// metricLogNameFrequency is how often a metric's name=>id // metricLogNameFrequency is how often a metric's name=>id
// mapping is redundantly put in the logs. In other words, // mapping is redundantly put in the logs. In other words,
// this is how how far in the logs you need to fetch from a // this is how far in the logs you need to fetch from a
// given point in time to recompute the metrics at that point // given point in time to recompute the metrics at that point
// in time. // in time.
metricLogNameFrequency = 4 * time.Hour metricLogNameFrequency = 4 * time.Hour

View File

@ -434,7 +434,7 @@ func makeMapHasher(t reflect.Type) typeHasherFunc {
mh := mapHasherPool.Get().(*mapHasher) mh := mapHasherPool.Get().(*mapHasher)
defer mapHasherPool.Put(mh) defer mapHasherPool.Put(mh)
// Hash a map in a sort-free mannar. // Hash a map in a sort-free manner.
// It relies on a map being a an unordered set of KV entries. // It relies on a map being a an unordered set of KV entries.
// So long as we hash each KV entry together, we can XOR all the // So long as we hash each KV entry together, we can XOR all the
// individual hashes to produce a unique hash for the entire map. // individual hashes to produce a unique hash for the entire map.

View File

@ -552,7 +552,7 @@ func TestGetTypeHasher(t *testing.T) {
out: "\x01\x00\x00\x00\x02\x00\x00\x00\x03\x04\x00\x00\x00", out: "\x01\x00\x00\x00\x02\x00\x00\x00\x03\x04\x00\x00\x00",
}, },
{ {
name: "IntIntByteInt-canddr", name: "IntIntByteInt-canaddr",
val: &IntIntByteInt{1, 2, 3, 4}, val: &IntIntByteInt{1, 2, 3, 4},
out: "\x01\x01\x00\x00\x00\x02\x00\x00\x00\x03\x04\x00\x00\x00", out: "\x01\x01\x00\x00\x00\x02\x00\x00\x00\x03\x04\x00\x00\x00",
}, },
@ -604,9 +604,9 @@ func TestSliceCycle(t *testing.T) {
type S []S type S []S
c := qt.New(t) c := qt.New(t)
a := make(S, 1) // cylic graph of 1 node a := make(S, 1) // cyclic graph of 1 node
a[0] = a a[0] = a
b := make(S, 1) // cylic graph of 1 node b := make(S, 1) // cyclic graph of 1 node
b[0] = b b[0] = b
ha := Hash(&a) ha := Hash(&a)
hb := Hash(&b) hb := Hash(&b)
@ -642,9 +642,9 @@ func TestMapCycle(t *testing.T) {
type M map[string]M type M map[string]M
c := qt.New(t) c := qt.New(t)
a := make(M) // cylic graph of 1 node a := make(M) // cyclic graph of 1 node
a["self"] = a a["self"] = a
b := make(M) // cylic graph of 1 node b := make(M) // cyclic graph of 1 node
b["self"] = b b["self"] = b
ha := Hash(&a) ha := Hash(&a)
hb := Hash(&b) hb := Hash(&b)
@ -897,7 +897,7 @@ func TestArrayAllocs(t *testing.T) {
// In theory, there should be no allocations. However, escape analysis on // In theory, there should be no allocations. However, escape analysis on
// certain architectures fails to detect that certain cases do not escape. // certain architectures fails to detect that certain cases do not escape.
// This discrepency currently affects sha256.digest.Sum. // This discrepancy currently affects sha256.digest.Sum.
// Measure the number of allocations in sha256 to ensure that Hash does // Measure the number of allocations in sha256 to ensure that Hash does
// not allocate on top of its usage of sha256. // not allocate on top of its usage of sha256.
// See https://golang.org/issue/48055. // See https://golang.org/issue/48055.

View File

@ -27,7 +27,7 @@
// rely on pointer.asValue to convert the pointer back to a reflect.Value. // rely on pointer.asValue to convert the pointer back to a reflect.Value.
// Conversion of an unsafe.Pointer to reflect.Value guarantees that the // Conversion of an unsafe.Pointer to reflect.Value guarantees that the
// read-only flag in the reflect.Value is unpopulated, avoiding panics that may // read-only flag in the reflect.Value is unpopulated, avoiding panics that may
// othewise have occurred since the value was obtained from an unexported field. // otherwise have occurred since the value was obtained from an unexported field.
type unsafePointer struct{ p unsafe.Pointer } type unsafePointer struct{ p unsafe.Pointer }
func unsafePointerOf(v reflect.Value) unsafePointer { func unsafePointerOf(v reflect.Value) unsafePointer {

View File

@ -104,7 +104,7 @@ func TestSanitizeLabel(t *testing.T) {
{"mixed", "Avery's iPhone 4(SE)", "averys-iphone-4se"}, {"mixed", "Avery's iPhone 4(SE)", "averys-iphone-4se"},
{"dotted", "mon.ipn.dev", "mon-ipn-dev"}, {"dotted", "mon.ipn.dev", "mon-ipn-dev"},
{"email", "admin@example.com", "admin-example-com"}, {"email", "admin@example.com", "admin-example-com"},
{"boudary", ".bound.ary.", "bound-ary"}, {"boundary", ".bound.ary.", "bound-ary"},
{"bad_trailing", "a-", "a"}, {"bad_trailing", "a-", "a"},
{"bad_leading", "-a", "a"}, {"bad_leading", "-a", "a"},
{"bad_both", "-a-", "a"}, {"bad_both", "-a-", "a"},

View File

@ -52,7 +52,7 @@ func NonNil(ptr interface{}) {
// NonNilSliceForJSON makes sure that *slicePtr is non-nil so it will // NonNilSliceForJSON makes sure that *slicePtr is non-nil so it will
// won't be omitted from JSON serialization and possibly confuse JavaScript // won't be omitted from JSON serialization and possibly confuse JavaScript
// clients expecting it to be preesnt. // clients expecting it to be present.
func NonNilSliceForJSON[T any, S ~[]T](slicePtr *S) { func NonNilSliceForJSON[T any, S ~[]T](slicePtr *S) {
if *slicePtr != nil { if *slicePtr != nil {
return return
@ -62,7 +62,7 @@ func NonNilSliceForJSON[T any, S ~[]T](slicePtr *S) {
// NonNilMapForJSON makes sure that *slicePtr is non-nil so it will // NonNilMapForJSON makes sure that *slicePtr is non-nil so it will
// won't be omitted from JSON serialization and possibly confuse JavaScript // won't be omitted from JSON serialization and possibly confuse JavaScript
// clients expecting it to be preesnt. // clients expecting it to be present.
func NonNilMapForJSON[K comparable, V any, M ~map[K]V](mapPtr *M) { func NonNilMapForJSON[K comparable, V any, M ~map[K]V](mapPtr *M) {
if *mapPtr != nil { if *mapPtr != nil {
return return

View File

@ -88,7 +88,7 @@ type Firewall struct {
permittedRoutes map[netip.Prefix][]*wf.Rule permittedRoutes map[netip.Prefix][]*wf.Rule
} }
// New returns a new Firewall for the provdied interface ID. // New returns a new Firewall for the provided interface ID.
func New(luid uint64) (*Firewall, error) { func New(luid uint64) (*Firewall, error) {
session, err := wf.New(&wf.Options{ session, err := wf.New(&wf.Options{
Name: "Tailscale firewall", Name: "Tailscale firewall",

View File

@ -305,7 +305,7 @@ func (f *Filter) CheckTCP(srcIP, dstIP netip.Addr, dstPort uint16) Response {
pkt.Decode(dummyPacket) // initialize private fields pkt.Decode(dummyPacket) // initialize private fields
switch { switch {
case (srcIP.Is4() && dstIP.Is6()) || (srcIP.Is6() && srcIP.Is4()): case (srcIP.Is4() && dstIP.Is6()) || (srcIP.Is6() && srcIP.Is4()):
// Mistmatched address families, no filters will // Mismatched address families, no filters will
// match. // match.
return Drop return Drop
case srcIP.Is4(): case srcIP.Is4():
@ -523,7 +523,7 @@ func (f *Filter) runOut(q *packet.Parsed) (r Response, why string) {
return Accept, "ok out" return Accept, "ok out"
} }
// direction is whether a packet was flowing in to this machine, or // direction is whether a packet was flowing into this machine, or
// flowing out. // flowing out.
type direction int type direction int

View File

@ -166,7 +166,7 @@ func TestUDPState(t *testing.T) {
a4 := parsed(ipproto.UDP, "119.119.119.119", "102.102.102.102", 4242, 4343) a4 := parsed(ipproto.UDP, "119.119.119.119", "102.102.102.102", 4242, 4343)
b4 := parsed(ipproto.UDP, "102.102.102.102", "119.119.119.119", 4343, 4242) b4 := parsed(ipproto.UDP, "102.102.102.102", "119.119.119.119", 4343, 4242)
// Unsollicited UDP traffic gets dropped // Unsolicited UDP traffic gets dropped
if got := acl.RunIn(&a4, flags); got != Drop { if got := acl.RunIn(&a4, flags); got != Drop {
t.Fatalf("incoming initial packet not dropped, got=%v: %v", got, a4) t.Fatalf("incoming initial packet not dropped, got=%v: %v", got, a4)
} }
@ -182,7 +182,7 @@ func TestUDPState(t *testing.T) {
a6 := parsed(ipproto.UDP, "2001::2", "2001::1", 4242, 4343) a6 := parsed(ipproto.UDP, "2001::2", "2001::1", 4242, 4343)
b6 := parsed(ipproto.UDP, "2001::1", "2001::2", 4343, 4242) b6 := parsed(ipproto.UDP, "2001::1", "2001::2", 4343, 4242)
// Unsollicited UDP traffic gets dropped // Unsolicited UDP traffic gets dropped
if got := acl.RunIn(&a6, flags); got != Drop { if got := acl.RunIn(&a6, flags); got != Drop {
t.Fatalf("incoming initial packet not dropped: %v", a4) t.Fatalf("incoming initial packet not dropped: %v", a4)
} }

View File

@ -2460,11 +2460,11 @@ func (c *Conn) maybeCloseDERPsOnRebind(okayLocalIPs []netip.Prefix) {
for regionID, ad := range c.activeDerp { for regionID, ad := range c.activeDerp {
la, err := ad.c.LocalAddr() la, err := ad.c.LocalAddr()
if err != nil { if err != nil {
c.closeOrReconectDERPLocked(regionID, "rebind-no-localaddr") c.closeOrReconnectDERPLocked(regionID, "rebind-no-localaddr")
continue continue
} }
if !tsaddr.PrefixesContainsIP(okayLocalIPs, la.Addr()) { if !tsaddr.PrefixesContainsIP(okayLocalIPs, la.Addr()) {
c.closeOrReconectDERPLocked(regionID, "rebind-default-route-change") c.closeOrReconnectDERPLocked(regionID, "rebind-default-route-change")
continue continue
} }
regionID := regionID regionID := regionID
@ -2475,7 +2475,7 @@ func (c *Conn) maybeCloseDERPsOnRebind(okayLocalIPs []netip.Prefix) {
if err := dc.Ping(ctx); err != nil { if err := dc.Ping(ctx); err != nil {
c.mu.Lock() c.mu.Lock()
defer c.mu.Unlock() defer c.mu.Unlock()
c.closeOrReconectDERPLocked(regionID, "rebind-ping-fail") c.closeOrReconnectDERPLocked(regionID, "rebind-ping-fail")
return return
} }
c.logf("post-rebind ping of DERP region %d okay", regionID) c.logf("post-rebind ping of DERP region %d okay", regionID)
@ -2484,14 +2484,14 @@ func (c *Conn) maybeCloseDERPsOnRebind(okayLocalIPs []netip.Prefix) {
c.logActiveDerpLocked() c.logActiveDerpLocked()
} }
// closeOrReconectDERPLocked closes the DERP connection to the // closeOrReconnectDERPLocked closes the DERP connection to the
// provided regionID and starts reconnecting it if it's our current // provided regionID and starts reconnecting it if it's our current
// home DERP. // home DERP.
// //
// why is a reason for logging. // why is a reason for logging.
// //
// c.mu must be held. // c.mu must be held.
func (c *Conn) closeOrReconectDERPLocked(regionID int, why string) { func (c *Conn) closeOrReconnectDERPLocked(regionID int, why string) {
c.closeDerpLocked(regionID, why) c.closeDerpLocked(regionID, why)
if !c.privateKey.IsZero() && c.myDerp == regionID { if !c.privateKey.IsZero() && c.myDerp == regionID {
c.startDerpHomeConnectLocked() c.startDerpHomeConnectLocked()
@ -2788,7 +2788,7 @@ func (c *Conn) ReSTUN(why string) {
// reconfigures the engine with a zero private key.) // reconfigures the engine with a zero private key.)
// //
// This used to just check c.privateKey.IsZero, but that broke // This used to just check c.privateKey.IsZero, but that broke
// some end-to-end tests tests that didn't ever set a private // some end-to-end tests that didn't ever set a private
// key somehow. So for now, only stop doing work if we ever // key somehow. So for now, only stop doing work if we ever
// had a key, which helps real users, but appeases tests for // had a key, which helps real users, but appeases tests for
// now. TODO: rewrite those tests to be less brittle or more // now. TODO: rewrite those tests to be less brittle or more
@ -4022,7 +4022,7 @@ func (de *endpoint) handleCallMeMaybe(m *disco.CallMeMaybe) {
})) }))
} }
// Delete any prior CalllMeMaybe endpoints that weren't included // Delete any prior CallMeMaybe endpoints that weren't included
// in this message. // in this message.
for ep, want := range de.isCallMeMaybeEP { for ep, want := range de.isCallMeMaybeEP {
if !want { if !want {
@ -4119,17 +4119,17 @@ type ippEndpointCache struct {
type discoInfo struct { type discoInfo struct {
// discoKey is the same as the Conn.discoInfo map key, // discoKey is the same as the Conn.discoInfo map key,
// just so you can pass around a *discoInfo alone. // just so you can pass around a *discoInfo alone.
// Not modifed once initiazed. // Not modified once initialized.
discoKey key.DiscoPublic discoKey key.DiscoPublic
// discoShort is discoKey.ShortString(). // discoShort is discoKey.ShortString().
// Not modifed once initiazed; // Not modified once initialized;
discoShort string discoShort string
// sharedKey is the precomputed key for communication with the // sharedKey is the precomputed key for communication with the
// peer that has the DiscoKey used to look up this *discoInfo in // peer that has the DiscoKey used to look up this *discoInfo in
// Conn.discoInfo. // Conn.discoInfo.
// Not modifed once initialized. // Not modified once initialized.
sharedKey key.DiscoShared sharedKey key.DiscoShared
// Mutable fields follow, owned by Conn.mu: // Mutable fields follow, owned by Conn.mu:

View File

@ -570,7 +570,7 @@ func unicastIPNets(ifc *winipcfg.IPAdapterAddresses) []netip.Prefix {
// //
// Any IPv6 link-local addresses are not deleted out of caution as some // Any IPv6 link-local addresses are not deleted out of caution as some
// configurations may repeatedly re-add them. Link-local addresses are adjusted // configurations may repeatedly re-add them. Link-local addresses are adjusted
// to set SkipAsSource. SkipAsSource prevents the addresses from being addded to // to set SkipAsSource. SkipAsSource prevents the addresses from being added to
// DNS locally or remotely and from being picked as a source address for // DNS locally or remotely and from being picked as a source address for
// outgoing packets with unspecified sources. See #4647 and // outgoing packets with unspecified sources. See #4647 and
// https://web.archive.org/web/20200912120956/https://devblogs.microsoft.com/scripting/use-powershell-to-change-ip-behavior-with-skipassource/ // https://web.archive.org/web/20200912120956/https://devblogs.microsoft.com/scripting/use-powershell-to-change-ip-behavior-with-skipassource/

View File

@ -214,7 +214,7 @@ func newUserspaceRouterAdvanced(logf logger.Logf, tunname string, linkMon *monit
// //
// As such, if we are running on openWRT, detect a mwan3 config, AND detect a rule // As such, if we are running on openWRT, detect a mwan3 config, AND detect a rule
// with a preference 2001 (corresponding to the first interface wman3 manages), we // with a preference 2001 (corresponding to the first interface wman3 manages), we
// shift the priority of our policies to 13xx. This effectively puts us betwen mwan3's // shift the priority of our policies to 13xx. This effectively puts us between mwan3's
// permit-by-src-ip rules and mwan3 lookup of its own routing table which would drop // permit-by-src-ip rules and mwan3 lookup of its own routing table which would drop
// the packet. // the packet.
isMWAN3, err := checkOpenWRTUsingMWAN3() isMWAN3, err := checkOpenWRTUsingMWAN3()

View File

@ -148,7 +148,7 @@ func (r *userspaceBSDRouter) Set(cfg *Config) (reterr error) {
} }
newRoutes[route] = struct{}{} newRoutes[route] = struct{}{}
} }
// Delete any pre-existing routes. // Delete any preexisting routes.
for route := range r.routes { for route := range r.routes {
if _, keep := newRoutes[route]; !keep { if _, keep := newRoutes[route]; !keep {
net := netipx.PrefixIPNet(route) net := netipx.PrefixIPNet(route)

View File

@ -120,7 +120,7 @@ func cleanup(logf logger.Logf, interfaceName string) {
// but it can be REALLY SLOW to change the Windows firewall for reasons not understood. // but it can be REALLY SLOW to change the Windows firewall for reasons not understood.
// Like 4 minutes slow. But usually it's tens of milliseconds. // Like 4 minutes slow. But usually it's tens of milliseconds.
// See https://github.com/tailscale/tailscale/issues/785. // See https://github.com/tailscale/tailscale/issues/785.
// So this tracks the desired state and runs the actual adjusting code asynchrounsly. // So this tracks the desired state and runs the actual adjusting code asynchronously.
type firewallTweaker struct { type firewallTweaker struct {
logf logger.Logf logf logger.Logf
tunGUID windows.GUID tunGUID windows.GUID

View File

@ -549,7 +549,7 @@ func (e *userspaceEngine) pollResolver() {
// stable!) but I'm worried that a future regression would be easier to debug // stable!) but I'm worried that a future regression would be easier to debug
// with these knobs in place. // with these knobs in place.
func forceFullWireguardConfig(numPeers int) bool { func forceFullWireguardConfig(numPeers int) bool {
// Did the user explicitly enable trimmming via the environment variable knob? // Did the user explicitly enable trimming via the environment variable knob?
if b, ok := debugTrimWireguard().Get(); ok { if b, ok := debugTrimWireguard().Get(); ok {
return !b return !b
} }
@ -562,7 +562,7 @@ func forceFullWireguardConfig(numPeers int) bool {
// isTrimmablePeer reports whether p is a peer that we can trim out of the // isTrimmablePeer reports whether p is a peer that we can trim out of the
// network map. // network map.
// //
// For implementation simplificy, we can only trim peers that have // For implementation simplicity, we can only trim peers that have
// only non-subnet AllowedIPs (an IPv4 /32 or IPv6 /128), which is the // only non-subnet AllowedIPs (an IPv4 /32 or IPv6 /128), which is the
// common case for most peers. Subnet router nodes will just always be // common case for most peers. Subnet router nodes will just always be
// created in the wireguard-go config. // created in the wireguard-go config.
@ -664,7 +664,7 @@ func (e *userspaceEngine) maybeReconfigWireguardLocked(discoChanged map[key.Node
activeCutoff := e.timeNow().Add(-lazyPeerIdleThreshold) activeCutoff := e.timeNow().Add(-lazyPeerIdleThreshold)
// Not all peers can be trimmed from the network map (see // Not all peers can be trimmed from the network map (see
// isTrimmablePeer). For those are are trimmable, keep track of // isTrimmablePeer). For those that are trimmable, keep track of
// their NodeKey and Tailscale IPs. These are the ones we'll need // their NodeKey and Tailscale IPs. These are the ones we'll need
// to install tracking hooks for to watch their send/receive // to install tracking hooks for to watch their send/receive
// activity. // activity.