Commit Graph

835 Commits

Author SHA1 Message Date
Brad Fitzpatrick
37e115834e cmd/derper: support logging to logtail
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-21 07:53:22 -08:00
Brad Fitzpatrick
88f1cc0c98 derp, cmd/derper: add rate limiting support, add default 5Mbps limit
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-20 15:26:30 -08:00
David Anderson
c47f907a27 ipn: use *Prefs rather than Prefs throughout.
Prefs has become a heavy object with non-memcpy copy
semantics. We should not pass such a thing by value.

Signed-off-by: David Anderson <dave@natulte.net>
2020-02-20 11:31:10 -08:00
David Anderson
0c55777fed ipn: temporary support for loading legacy relaynode configs.
Signed-off-by: David Anderson <dave@natulte.net>
2020-02-20 11:31:10 -08:00
David Anderson
5868dd1a77 Lint: remove unused function.
Signed-off-by: David Anderson <dave@natulte.net>
2020-02-19 22:09:12 -08:00
Avery Pennarun
57bbafde84 cmd/relaynode: drop local --acl-file in favour of central packet filter.
relaynode itself is not long for this world, deprecated in favour of
tailscale/tailscaled. But now that the control server supports central
distribution of packet filters, let's actually take advantage of it in
a final, backward compatible release of relaynode.
2020-02-20 00:15:43 -05:00
David Anderson
15b4d26d92 logpolicy: automatically figure out paths and filenames.
The autoselection should pick sensible paths for all of:
 - Windows (LocalAppData)
 - Mac (Library/Caches)
 - Unix user (XDG_CACHE_DIR)
 - Linux systemd service (CACHE_DIRECTORY)

As a last resort, if cache dir lookup fails, plops sufficiently
uniquely named files into the current working directory.

Signed-off-by: David Anderson <dave@natulte.net>
2020-02-19 18:52:41 -08:00
David Anderson
cf1e386cbd ipn: move Options.ServerURL into Prefs.
We can't rely on a frontend to provide a control
server URL, so this naturally belongs in server-persisted
state.

Signed-off-by: David Anderson <dave@natulte.net>
2020-02-19 10:34:39 -08:00
David Anderson
c4f6f622f0 tailscaled: remove comment from systemd unit.
No need to ship TODOs to end user systems.

Signed-off-by: David Anderson <dave@natulte.net>
2020-02-18 14:46:02 -08:00
David Anderson
20e6fc1d78 tailscaled: fix systemd unit definition.
Port number has to be by itself for substitution to work.

Disabling the restart rate-limiting has to be in [Unit] not
[Service].

Signed-off-by: David Anderson <dave@natulte.net>
2020-02-18 13:46:03 -08:00
David Anderson
5d4b96b8f2 tailscaled: add a systemd unit.
Signed-off-by: David Anderson <dave@natulte.net>
2020-02-18 13:30:54 -08:00
David Anderson
85ac82c386 tailscaled: default to a sock in current dir, for development.
Signed-off-by: David Anderson <dave@natulte.net>
2020-02-18 13:30:23 -08:00
David Anderson
76819e7432 tailscaled: call the network interface tailscale0, not ts0.
Signed-off-by: David Anderson <dave@natulte.net>
2020-02-18 13:15:15 -08:00
David Anderson
4460bd638b safesocket: simplify API.
On unix, we want to provide a full path to the desired unix socket.

On windows, currently we want to provide a TCP port, but someday
we'll also provide a "path-ish" object for a named pipe.

For now, simplify the API down to exactly a path and a TCP port.

Signed-off-by: David Anderson <dave@natulte.net>
2020-02-18 12:56:19 -08:00
Brad Fitzpatrick
b72e6446e2 cmd/derper: add a basic DERP server
Mostly Crawshaw's earlier code, refactored a bit.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-18 11:25:11 -08:00
David Anderson
47da432991 ipn: handle advertised routes provided by frontend.
Signed-off-by: David Anderson <dave@natulte.net>
2020-02-17 20:47:45 -08:00
David Anderson
62fb652eef cmd/tailscaled: run off internal state autonomously.
With this change, tailscaled can be restarted and reconnect
without interaction from `tailscale`, and `tailscale` is merely
there to provide login assistance and adjust preferences.

Signed-off-by: David Anderson <dave@natulte.net>
2020-02-17 12:34:33 -08:00
Brad Fitzpatrick
79295b1138 wgengine: simplify, change some signatures
* make RouterGen return an error, not take both tunname and tundev
* also remove RouteGen taking a wireguard/device.Device; currently unused
* remove derp parameter (it'll work differently)
* unexport NewUserspaceRouter in per-OS impls, add documented wrapper

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-17 08:04:31 -08:00
David Anderson
dec5d64593 ipn/ipnserver: remove Options.AllowQuit.
It was previously used by the MacOS client, but it now does
something different. ipnserver should never obey a client's
request to exit.

Signed-off-by: David Anderson <dave@natulte.net>
2020-02-14 14:52:43 -08:00
David Anderson
4796f6fd67 cmd/tailscale: document pump().
Signed-off-by: David Anderson <dave@natulte.net>
2020-02-14 10:19:22 -08:00
David Anderson
47820db381 cmd/tailscale{,d}: rename main file.
Signed-off-by: David Anderson <dave@natulte.net>
2020-02-14 10:12:33 -08:00
David Anderson
b0f5751a76 cmd/tailscale: remove statekey for now.
Signed-off-by: David Anderson <dave@natulte.net>
2020-02-13 19:26:53 -08:00
David Anderson
5bc632271b Introduce a state store to LocalBackend.
The store is passed-in by callers of NewLocalBackend and
ipnserver.Run, but currently all callers are hardcoded to
an in-memory store. The store is unused.

Signed-Off-By: David Anderson <dave@natulte.net>
2020-02-13 19:26:53 -08:00
David Anderson
21280ca2d1 Make ipn.Options.Prefs a pointer.
This is a prelude to making it truly optional, once state
management has moved into the backend. For now though, it's
still required. This change is just isolating the bubbling-up
of the pointerification into other layers.

Signed-Off-By: David Anderson <dave@natulte.net>
2020-02-13 19:26:53 -08:00
David Anderson
f6f154193f Remove LoginFlags from Backend options.
- It was only used in one currently-unused client.
- It's an imperative command, not a configuration setting.
- The LoginFlags stuff in controlclient feels like it needs
  a refactor anyway.

I'll put this logic back once ipnd owns its state and Backend
commands reflect that.

Signed-Off-By: David Anderson <dave@natulte.net>
2020-02-13 19:26:53 -08:00
David Crawshaw
a631466587 cmd/tsshd: empty file for windows build
Signed-off-by: David Crawshaw <david@zentus.com>
2020-02-13 10:39:44 -05:00
Brad Fitzpatrick
745c8c92b1 wgengine: fix windows build for winipcfg-go
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-12 22:05:13 -08:00
David Anderson
67c1b2c6ef cmd/tsshd: fix lint.
Signed-off-by: David Anderson <dave@natulte.net>
2020-02-12 16:01:54 -08:00
Martin Baillie
3d5ef74f26 tailscaled: add tunnel name and port flags
OpenBSD tunnel names are prefixed with `tun`.

Controlling the port allows for deterministic configuration of firewall
rules (using `pf` in this case).

Signed-off-by: Martin Baillie <martin@baillie.email>
2020-02-12 15:57:49 -08:00
Brad Fitzpatrick
13dc12814e cmd/tsshd: fix log text 2020-02-12 14:51:47 -08:00
Brad Fitzpatrick
d404f1caed cmd/tsshd: add basic SSH server 2020-02-12 14:46:59 -08:00
David Anderson
ea11d58e96 debian: fix changelog generation.
It seems changelog generation got broken by moving the code between
corp and OSS repos, because one of the commit SHAs doesn't have an
associated tag.

In the interest of fixing the build, and because we're not yet trying
to upstream the debian package, I fixed this by allowing hash-based
versions to show up in the changelog. This maybe wrong from a
debian standards perspective, but for our current point in life
it'll work until we learn to do it better.

Signed-Off-By: David Anderson <dave@natulte.net>
2020-02-11 11:54:55 -08:00
David Anderson
14af0c4eb3 taillogin: check err in controlclient.New.
Signed-off-by: David Anderson <dave@natulte.net>
2020-02-10 23:13:28 -08:00
Brad Fitzpatrick
516a15ee58 cmd: add import comments
See https://golang.org/cmd/go/#hdr-Import_path_checking
2020-02-10 13:32:37 -08:00
Earl Lee
a8d8b8719a Move Linux client & common packages into a public repo. 2020-02-09 09:32:57 -08:00