Brad Fitzpatrick
c1795c6af9
tailcfg: define some Node.Capabilities about SSH, its config
...
Updates #3802
Change-Id: Icb4ccbc6bd1c6304013bfc553d04007844a5c0bf
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
(cherry picked from commit 99ed54926b
)
2022-06-17 19:43:34 -07:00
Brad Fitzpatrick
4e6a465d8c
tailcfg: clarify some of the MapRequest variants
...
Change-Id: Ia09bd69856e372c3a6b64cda7ddb34029b32a11b
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
(cherry picked from commit 4005134263
)
2022-06-17 19:42:24 -07:00
Brad Fitzpatrick
4d85cf586b
cmd/tailscale, ipn/ipnlocal: add "peerapi" ping type
...
For debugging when stuff like #4750 isn't working.
RELNOTE=tailscale ping -peerapi
Change-Id: I9c52c90fb046e3ab7d2b121387073319fbf27b99
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-05-28 13:47:12 -07:00
Maisem Ali
d04afc697c
cmd/viewer,types/views: add support for views of maps
...
Updates #4635
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-05-09 19:49:31 -07:00
Maisem Ali
9f3ad40707
tailcfg: use cmd/viewer instead of cmd/cloner.
...
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-05-06 10:58:10 -07:00
Maisem Ali
fd99c54e10
tailcfg,all: change structs to []*dnstype.Resolver
...
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-05-06 10:58:10 -07:00
Maisem Ali
679415f3a8
tailcfg: move views into tailcfg_view.go
...
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-05-06 10:58:10 -07:00
Maisem Ali
e409e59a54
cmd/cloner,util/codegen: refactor cloner internals to allow reuse
...
Also run go generate again for Copyright updates.
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-05-06 10:58:10 -07:00
James Tucker
ae483d3446
wgengine, net/packet, cmd/tailscale: add ICMP echo
...
Updates tailscale/corp#754
Signed-off-by: James Tucker <james@tailscale.com>
2022-05-03 13:03:45 -07:00
Brad Fitzpatrick
512573598a
tailcfg: remove some documented DebugFlags that no longer exist
...
Update tailscale/corp#5007
Change-Id: I3ce5b1c4cd367bae769a5f5a301925a2dac1b3a6
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-05-03 08:28:41 -07:00
Brad Fitzpatrick
c88506caa6
ipn/ipnlocal: add Wake-on-LAN function to peerapi
...
No CLI support yet. Just the curl'able version if you know the peerapi
port. (like via a TSMP ping)
Updates #306
Change-Id: I0662ba6530f7ab58d0ddb24e3664167fcd1c4bcf
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-26 15:20:59 -07:00
Brad Fitzpatrick
89832c1a95
tailcfg: fix typo in SessionDuration field name
...
Noted by @danderson.
Updates #3802
Change-Id: Ide15f3f28e30f6abb5c94d7dcd218bd9482752a0
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-21 14:19:58 -07:00
Brad Fitzpatrick
f7cb6630e7
tailcfg: document SSHPrincipal.PubKeys URL expansions
...
From f74ee80abe
which lacked docs.
Updates #3802
Change-Id: Ia7df05a486ae383cc6d9aca9dfe487b04e243ad5
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-20 20:12:37 -07:00
Brad Fitzpatrick
c13be0c509
tailcfg: clarify how SSHPolicy.Rules are evaluated between auth phases
...
Updates #3802
Change-Id: I321183a8a2b065a40dca8dd95ca90cd822a17ff8
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-18 22:03:52 -07:00
Tom DNetto
24cd26534f
hostinfo, tailcfg: add desktop detection on Linux to hostinfo
...
From the machines tab its hard to differenciate desktop Linux installs from
server Linux installs. Transmitting this information should make this
determination a lot easier.
Due to the reality that tailscaled is likely a system process, the standard
checks based on XDG_SESSION_TYPE or DISPLAY environment variables are not
possible (those variables won't be set). Instead, we look for listening
unix sockets that are typical of desktop installs.
Signed-off-by: Tom DNetto <tom@tailscale.com>
2022-04-18 14:22:15 -07:00
Brad Fitzpatrick
9f1dd716e8
tailcfg, logtail: provide Debug bit to disable logtail
...
For people running self-hosted control planes who want a global
opt-out knob instead of running their own logcatcher.
Change-Id: I7f996c09f45850ff77b58bfd5a535e197971725a
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-18 13:53:13 -07:00
Brad Fitzpatrick
e96dd00652
ipn/ipnlocal: add capability for debugging peers over peerapi
...
The default is still users can debug their own nodes. But like
cd916b728b
did, this adds support for admins to grant additional
capabilities with the new tailcfg.CapabilityDebugPeer cap.
Updates #4217
Change-Id: Ifce3d9a1f8e8845797970a4f97b393194663d35f
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-18 10:21:42 -07:00
Brad Fitzpatrick
cd916b728b
ipn/ipnlocal: add start of inter-user Taildrop
...
Controlled by server-sent capability policy.
To be initially used for SSH servers to record sessions to other
nodes. Not yet productized into something user-accessible. (Notably,
the list of Taildrop targets from the sender side isn't augmented
yet.) This purely permits expanding the set of expands a node will
accept a drop from.
Updates #3802
Updates #4217
Change-Id: Id7a5bccd686490f8ef2cdc7dae7c07c440dc0085
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-17 10:07:07 -07:00
Brad Fitzpatrick
16f3520089
all: add arbitrary capability support
...
Updates #4217
RELNOTE=start of WhoIsResponse capability support
Change-Id: I6522998a911fe49e2f003077dad6164c017eed9b
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-17 09:01:53 -07:00
James Tucker
c591c91653
tailcfg, control/controlclient: TSMP & disco pings
...
tailcfg.PingResponse formalizes the TSMP & disco response message, and
controlclient is wired to send POST responses containing
tailcfg.PingResponse for TSMP and disco PingRequests.
Updates tailscale/corp#754
Signed-off-by: James Tucker <james@tailscale.com>
2022-04-15 22:36:51 -07:00
Brad Fitzpatrick
da14e024a8
tailcfg, ssh/tailssh: optionally support SSH public keys in wire policy
...
And clean up logging.
Updates #3802
Change-Id: I756dc2d579a16757537142283d791f1d0319f4f0
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-15 13:36:57 -07:00
Brad Fitzpatrick
df9ce972c7
tailcfg, ipn/ipnlocal: add debug flag to enable one-big-CGNAT/10 route
...
To experiment with avoiding Chrome ERR_NETWORK_CHANGED errors on route
changes.
Updates #3102
Change-Id: I339da14c684fdac45ac261566aa21bf2198672ff
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-14 14:47:42 -07:00
Maisem Ali
3603a18710
ipn/localapi: add endpoint to request id token
...
Updates tailscale/corp#4347
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-04-05 14:48:45 -07:00
Maisem Ali
035e8ab00e
tailcfg: add Token{Request,Response} types
...
Updates tailscale/corp#4347
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-04-05 14:48:45 -07:00
Joe Tsai
01adcfa688
tailcfg: add omitempty to all fields of Hostinfo ( #4360 )
...
This reduces the noise when marshaling only a subset of this type.
Signed-off-by: Joe Tsai <joetsai@digital-static.net>
2022-04-05 13:25:14 -07:00
Brad Fitzpatrick
0861923c21
ssh/tailssh, tailcfg: add more HoldAndDelegate expansions, document
...
Updates #3802
Change-Id: I447f06b49e2a917bffe36881d0634c9195085512
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-22 17:56:45 -07:00
Brad Fitzpatrick
f3b13604b3
control/controlclient, ipn/ipnlocal, tailcfg: add MapResponse.PopBrowserURL
...
Updates #3802
Change-Id: I89481fc5782a0cc8084354706f8f28d94f197325
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-22 09:37:00 -07:00
Brad Fitzpatrick
f7e976db55
tailcfg, ssh/tailssh: make SSHUser value '=' map ssh-user to same local-user
...
Updates #3802
Change-Id: Icde60d4150ca15c25d615a4effb3d3c236f020a8
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-21 10:49:37 -07:00
Maisem Ali
6b9d938c1a
types/views: add generic Slice[T] and remove StringSlice
...
Also make IPPrefixSliceOf use Slice[netaddr.IPPrefix] as it also
provides additional functions besides the standard ones provided by
Slice[T].
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-16 22:13:16 -07:00
Maisem Ali
45a7f6689c
tailcfg: add field to allow LocalPortForwarding in SSHAction
...
Updates #3802 , #4129
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-14 13:39:42 -07:00
Maisem Ali
98b45ef12c
ssh/tailssh: add support for agent forwarding.
...
Updates #3802
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-14 13:38:53 -07:00
Brad Fitzpatrick
efc48b0578
ssh/tailssh, ipnlocal, controlclient: fetch next SSHAction from network
...
Updates #3802
Change-Id: I08e98805ab86d6bbabb6c365ed4526f54742fd8e
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-10 13:41:08 -08:00
Maisem Ali
2bcc047d4f
tailcfg: bump capVer for Noise
...
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-09 14:41:24 -08:00
Maisem Ali
da1821197a
tailcfg: add SetDNSResponse
...
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-07 16:27:13 -08:00
Brad Fitzpatrick
d5f8f38ac6
tailcfg: rename map request version to "capability version"
...
And add a CapabilityVersion type, primarily for documentation.
This makes MapRequest.Version, RegisterRequest.Version, and
SetDNSRequest.Version all use the same version, which will avoid
confusing in the future if Register or SetDNS ever changed their
semantics on Version change. (Currently they're both always 1)
This will requre a control server change to allow a
SetDNSRequest.Version value other than 1 to be deployed first.
Change-Id: I073042a216e0d745f52ee2dbc45cf336b9f84b7c
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-06 14:29:08 -08:00
Brad Fitzpatrick
105dfa1efa
tailcfg: add OverTLSPublicKeyResponse for the new response from /key
...
Updates #3488
Change-Id: I8729cb3fb7f6dda1a874f8ae2d9570311ed158db
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-06 13:51:32 -08:00
Brad Fitzpatrick
e1e20f6d39
ssh/tailssh: evaluate tailcfg.SSHPolicy on incoming connections
...
Updates #3802
Fixes #3960
Change-Id: Ieda2007d462ddce6c217b958167417ae9755774e
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-18 18:07:39 -08:00
Josh Bleecher Snyder
8c3c5e80b7
tailcfg: make MapResponse.ControlTime a pointer
...
Otherwise omitempty doesn't work.
This is wire-compatible with a non-pointer type, so switching
is safe, now and in the future.
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2022-02-18 10:37:27 -08:00
Brad Fitzpatrick
bb93e29d5c
tailcfg, ipn/ipnlocal: add Hostinfo.SSH_HostKeys, send when SSH enabled
...
(The name SSH_HostKeys is bad but SSHHostKeys is worse.)
Updates #3802
Change-Id: I2a889019c9e8b065b668dd58140db4fcab868a91
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-17 15:46:57 -08:00
Josh Bleecher Snyder
4609096271
tailcfg: fix stale docs for MapResponse.KeepAlive
...
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2022-02-17 15:15:43 -08:00
Josh Bleecher Snyder
8cf6d0a17b
tailcfg: add MapResponse.ControlTime field
...
And log it when provided in map responses.
The test uses the date on which I joined Tailscale. :)
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2022-02-16 20:18:03 -08:00
Maisem Ali
72d8672ef7
tailcfg: make Node.Hostinfo a HostinfoView
...
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-02-16 12:55:57 -08:00
Maisem Ali
53998e26a6
tailcfg: introduce HostinfoView
...
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-02-16 12:55:57 -08:00
Brad Fitzpatrick
57115e923e
tailcfg: add start of SSH policy to be sent from control plane to nodes
...
Updates #3802
Change-Id: Iec58f35d445aaa267d0f7e7e2f30c049c1df4c0e
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-15 16:05:42 -08:00
Brad Fitzpatrick
a7da236d3d
tailcfg: no-op bump of MapRequest.Version
...
So 1.18 and 1.20 don't have the same.
Change-Id: Ib2cac7c11eb37d9a0c2fcb66630f1cae619a97f4
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-01-12 15:20:52 -08:00
Brad Fitzpatrick
bc537adb1a
tailcfg: add Hostinfo.HowUnequal method
...
Change-Id: I80ee49c2ab581feccc4aa6ab47bc3c8392d9989d
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-12-23 09:04:53 -08:00
Brad Fitzpatrick
b811a316bc
tailcfg, ipn/ipnlocal: advertise a Service when exit node DNS proxy available
...
Updates #1713
Change-Id: I20c8e2ad1062d82ef17363414e372133f4c7181e
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-11-29 21:57:06 -08:00
Brad Fitzpatrick
135580a5a8
tailcfg, ipn/ipnlocal, net/dns: forward exit node DNS on Unix to system DNS
...
Updates #1713
Change-Id: I4c073fec0992d9e01a9a4ce97087d5af0efdc68d
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-11-29 15:25:41 -08:00
David Anderson
0532eb30db
all: replace tailcfg.DiscoKey with key.DiscoPublic.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-11-03 14:00:16 -07:00
David Anderson
17b5782b3a
types/key: delete legacy NodeKey type.
...
Fixes #3206
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-11-02 14:14:32 -07:00