Aleksandar Pesic
338fd44657
Replace registry-access code, update wireguard-go and x/sys/windows.
...
Signed-off-by: Aleksandar Pesic <peske.nis@gmail.com>
2020-12-11 00:37:24 +01:00
Brad Fitzpatrick
bce865b61b
logpolicy: migrate from x/crypto/ssh/terminal to x/term
2020-12-09 15:28:31 -08:00
Brad Fitzpatrick
9cb6ee3777
go.mod, go.sum: update
2020-12-08 15:23:56 -08:00
Brad Fitzpatrick
442d1873ec
go.mod: bump tailscale/wireguard-go
2020-12-07 14:02:05 -08:00
Josh Bleecher Snyder
aa9d7f4665
tstime: add Parse3339B, for byte slices
...
Use go4.org/mem for memory safety.
A slight performance hit, but a huge performance win
for clients who start with a []byte.
The perf hit is due largely to the MapHash call, which adds ~25ns.
That is necessary to keep the fast path allocation-free.
name old time/op new time/op delta
GoParse3339/Z-8 281ns ± 1% 283ns ± 2% ~ (p=0.366 n=9+9)
GoParse3339/TZ-8 509ns ± 0% 510ns ± 1% ~ (p=0.059 n=9+9)
GoParse3339InLocation-8 330ns ± 1% 330ns ± 0% ~ (p=0.802 n=10+6)
Parse3339/Z-8 69.3ns ± 1% 74.4ns ± 1% +7.45% (p=0.000 n=9+10)
Parse3339/TZ-8 110ns ± 1% 140ns ± 3% +27.42% (p=0.000 n=9+10)
ParseInt-8 8.20ns ± 1% 8.17ns ± 1% ~ (p=0.452 n=9+9)
name old alloc/op new alloc/op delta
GoParse3339/Z-8 0.00B 0.00B ~ (all equal)
GoParse3339/TZ-8 160B ± 0% 160B ± 0% ~ (all equal)
GoParse3339InLocation-8 0.00B 0.00B ~ (all equal)
Parse3339/Z-8 0.00B 0.00B ~ (all equal)
Parse3339/TZ-8 0.00B 0.00B ~ (all equal)
name old allocs/op new allocs/op delta
GoParse3339/Z-8 0.00 0.00 ~ (all equal)
GoParse3339/TZ-8 3.00 ± 0% 3.00 ± 0% ~ (all equal)
GoParse3339InLocation-8 0.00 0.00 ~ (all equal)
Parse3339/Z-8 0.00 0.00 ~ (all equal)
Parse3339/TZ-8 0.00 0.00 ~ (all equal)
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2020-11-19 14:47:11 -08:00
Brad Fitzpatrick
cccdd81441
go.mod: update some deps to get past a wireguard-windows checkptr fix
2020-11-13 11:55:13 -08:00
David Anderson
ce45f4f3ff
wgengine/filter: inline ip6InList into match.
...
matchIPsOnly gets 5% slower when inlining, despite significantly reduced
memory ops and slightly tighter code.
Part of #19 .
Filter/tcp6_syn_in-8 45.5ns ± 1% 42.4ns ± 2% -6.86% (p=0.000 n=10+10)
Filter/udp6_in-8 107ns ± 2% 94ns ± 2% -11.50% (p=0.000 n=9+10)
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-11-12 21:41:47 -08:00
David Anderson
3d34128171
go.mod: update to new wireguard-go.
2020-10-26 19:23:01 +00:00
Alex Brainman
f2ce64f0c6
wgengine/router: unfork winipcfg-go package, use upstream
...
Use golang.zx2c4.com/wireguard/windows/tunnel/winipcfg
instead of github.com/tailscale/winipcfg-go package.
Updates #760
Signed-off-by: Alex Brainman <alex.brainman@gmail.com>
2020-10-13 09:21:22 -07:00
Brad Fitzpatrick
63d65368db
go.mod: bump wireguard-go for x/sys/unix symbol loss
...
Updates golang/go#41868
2020-10-08 09:47:58 -07:00
Josh Bleecher Snyder
a5103a4cae
all: upgrade to latest version of depaware
2020-10-02 20:35:13 -07:00
Brad Fitzpatrick
56a787fff8
go.mod, go.sum: bump wireguard-go
2020-09-21 15:22:56 -07:00
Christina Wen
f0e9dcdc0a
wgengine/router: restore /etc/resolv.conf after tailscale down is called
...
This change is to restore /etc/resolv.conf after tailscale down is called. This is done by setting the dns.Manager before errors occur. Error collection is also added.
Fixes #723
2020-09-17 16:40:22 -04:00
Brad Fitzpatrick
3aeb2e204c
go.mod: bump github.com/tailscale/winipcfg-go for some Windows fixes
2020-09-16 14:49:00 -07:00
Josh Bleecher Snyder
3f4d93feb2
go.mod: bump depaware to get diffs out of -check, again
...
I had to use
go get -u github.com/tailscale/depaware@e09ee10c18249e4bf198e66bbd47babcd502637a
to force it to the correct version; it kept selecting head~1.
Maybe because the branch is called main instead of master?
Maybe because of some delay?
2020-09-14 16:25:09 -07:00
Josh Bleecher Snyder
41f6c78c53
go.mod: bump depaware to get diffs out of -check
2020-09-14 13:25:28 -07:00
Brad Fitzpatrick
22ed3c503e
Add depaware.txt files and GitHub checks. ( #745 )
...
See https://github.com/tailscale/depaware
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-09-09 12:11:46 -07:00
Josh Bleecher Snyder
3b05cbacfb
go.mod: update wireguard-go version
2020-09-02 12:22:49 -07:00
Brad Fitzpatrick
f915ab6552
net/tshttpproxy: add start of Kerberos Negotiate auth to proxies on Windows
...
For now only used by a new cmd/tailscale debug --get-url
subcommand. Not yet wired up to the places making HTTP requests.
Updates tailscale/corp#583
2020-08-25 13:49:06 -07:00
Brad Fitzpatrick
c5eb57f4d6
net/tshttpproxy: new package, support WPAD/PAC proxies on Windows
...
Updates tailscale/corp#553
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-18 15:40:56 -07:00
Brad Fitzpatrick
87cbc067c2
cmd/tailscale/cli: validate advertised routes' IP address-vs-network bits
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-10 09:16:49 -07:00
Brad Fitzpatrick
b840e7dd5b
go mod tidy
2020-08-06 21:24:09 -07:00
Josh Bleecher Snyder
1b27eb431a
go.mod: update to newly rebased wireguard-go
2020-08-06 17:50:31 -07:00
Brad Fitzpatrick
43e2efe441
go mod tidy
2020-07-27 10:20:30 -07:00
Brad Fitzpatrick
648268192b
go.mod: bump wireguard-go
2020-07-24 08:54:17 -07:00
Dmytro Shynkevych
3efc29d39d
go.mod: bump netaddr.
...
Closes #567 .
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-18 04:28:03 -04:00
Brad Fitzpatrick
cdfea347d0
wgengine: update for tailscale/wireguard-go API changes
...
* update to new HandshakeDone signature
* use new Device.IpcGetOperationFiltered call to avoid sending allowed_ips
See dd6c1c8fe1
2020-07-15 20:30:45 -07:00
Dmytro Shynkevych
30bbbe9467
wgengine/router: dns: unify on *BSD, multimode on Linux, Magic DNS ( #536 )
...
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-14 09:12:00 -04:00
Dmytro Shynkevych
21d1dbfce0
wgengine/tsdns: local DNS server for testing
...
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-10 14:56:59 -04:00
Brad Fitzpatrick
98ffd78251
go.mod: bump wireguard-go dep
2020-07-09 21:46:44 -07:00
Dmytro Shynkevych
67ebba90e1
tsdns: dual resolution mode, IPv6 support ( #526 )
...
This change adds to tsdns the ability to delegate lookups to upstream nameservers.
This is crucial for setting Magic DNS as the system resolver.
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-07 15:25:32 -04:00
Brad Fitzpatrick
4db60a8436
wgengine/monitor: parse Linux netlink messages, ignore our own events
...
Fixes tailscale/corp#412 ("flood of link change events at start-up")
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-07-06 22:42:01 -07:00
Brad Fitzpatrick
32156330a8
net/interfaces: add func LikelyHomeRouterIP
...
For discovering where we might direct NAT-PMP/PCP/UPnP queries at in
the future.
2020-07-06 10:38:00 -07:00
Brad Fitzpatrick
9fbe8d7cf2
go.mod: bump wireguard
2020-07-03 14:09:29 -07:00
Brad Fitzpatrick
7883e5c5e7
go.mod: restore staticcheck module, make it stick around, go mod tidy
...
It kept coming & going as different people ran go mod tidy and others
ran staticcheck.
Make it stop going away with go mod tidy by adding a dep to it.
2020-07-02 22:55:14 -07:00
David Anderson
9cd4e65191
smallzstd: new package that constructs zstd small encoders/decoders.
...
It's just a config wrapper that passes "use less memory at the
expense of compression" parameters by default, so that we don't
accidentally construct resource-hungry (de)compressors.
Also includes a benchmark that measures the memory cost of the
small variants vs. the stock variants. The savings are significant
on both compressors (~8x less memory) and decompressors (~1.4x less,
not including the savings from the significantly smaller
window on the compression side - with those savings included it's
more like ~140x smaller).
BenchmarkSmallEncoder-8 56174 19354 ns/op 31 B/op 0 allocs/op
BenchmarkSmallEncoderWithBuild-8 2900 382940 ns/op 1746547 B/op 36 allocs/op
BenchmarkStockEncoder-8 48921 25761 ns/op 286 B/op 0 allocs/op
BenchmarkStockEncoderWithBuild-8 426 2630241 ns/op 13843842 B/op 124 allocs/op
BenchmarkSmallDecoder-8 123814 9344 ns/op 0 B/op 0 allocs/op
BenchmarkSmallDecoderWithBuild-8 41547 27455 ns/op 27694 B/op 31 allocs/op
BenchmarkStockDecoder-8 129832 9417 ns/op 1 B/op 0 allocs/op
BenchmarkStockDecoderWithBuild-8 25561 51751 ns/op 39607 B/op 92 allocs/op
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-02 16:13:06 -07:00
Brad Fitzpatrick
a477e70632
tstest/natlab: network address allocation
...
Pairing with @danderson
2020-07-02 13:39:41 -07:00
Brad Fitzpatrick
77d3ef36f4
wgengine/magicsock: hook up discovery messages, upgrade to LAN works
...
Ping messages now go out somewhat regularly, pong replies are sent,
and pong replies are now partially handled enough to upgrade off DERP
to LAN.
CallMeMaybe packets are sent & received over DERP, but aren't yet
handled. That's next (and regular maintenance timers), and then WAN
should work.
Updates #483
2020-07-01 13:00:50 -07:00
Brad Fitzpatrick
9b8ca219a1
wgengine/magicsock: remove allocs in UDP write, use new netaddr.PutUDPAddr
...
The allocs were only introduced yesterday with a TODO. Now they're gone again.
2020-07-01 10:17:08 -07:00
Brad Fitzpatrick
eb4eb34f37
disco: new package for parsing & marshaling discovery messages
...
Updates #483
2020-06-29 21:54:34 -07:00
David Anderson
10368ef4c0
go.mod: bump wireguard-go version.
2020-06-17 02:54:18 +00:00
Brad Fitzpatrick
6757c990a8
Fix staticcheck warning, add Makefile with staticcheck targets, lock in staticcheck version in go.mod
2020-06-15 11:05:46 -07:00
David Anderson
e01a4c50ba
go.mod: require Go 1.14, since we use some of its features.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-06-03 17:53:48 -07:00
Brad Fitzpatrick
722673f307
Update go4.org/mem, adjust to revised API.
2020-05-31 20:22:46 -07:00
Brad Fitzpatrick
c5495288a6
Bump inet.af/netaddr dep for FromStdIP behavior change I want to depend on.
2020-05-28 09:34:41 -07:00
Brad Fitzpatrick
e6b84f2159
all: make client use server-provided DERP map, add DERP region support
...
Instead of hard-coding the DERP map (except for cmd/tailscale netcheck
for now), get it from the control server at runtime.
And make the DERP map support multiple nodes per region with clients
picking the first one that's available. (The server will balance the
order presented to clients for load balancing)
This deletes the stunner package, merging it into the netcheck package
instead, to minimize all the config hooks that would've been
required.
Also fix some test flakes & races.
Fixes #387 (Don't hard-code the DERP map)
Updates #388 (Add DERP region support)
Fixes #399 (wgengine: flaky tests)
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-05-23 22:31:59 -07:00
David Anderson
39d20e8a75
go.mod: bump wireguard-go version.
2020-05-18 21:03:48 +00:00
David Anderson
cd2f6679bb
go.mod: bump wireguard-go version.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-05-15 22:29:27 +00:00
Brad Fitzpatrick
e42ec4efba
derp/derphttp: use SOCKS/etc proxies for derphttp dials
...
Updates #227
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-05-12 14:38:15 -07:00
halulu
874be6566d
netcheck: DERP latency over HTTPS when UDP is blocked
...
* netcheck: DERP letency over HTTPS when UDP failed
Updates #207
Signed-off-by: Zijie Lu <zijie@tailscale.com>
* netcheck: async DERP latency check over HTTPS
Updates #207
Signed-off-by: Zijie Lu <zijie@tailscale.com>
* netcheck: DERP latency check over HTTPS: fix concurrent map
Updates #207
Signed-off-by: Zijie Lu <zijie@tailscale.com>
* netcheck: DERP latency check over HTTPS: some improvements
Updates #207
Signed-off-by: Zijie Lu <zijie@tailscale.com>
* netcheck: DERP latency check over HTTPS: use timeout context
Updates #207
Signed-off-by: Zijie Lu <zijie@tailscale.com>
* netcheck: DERP latency check over HTTPS: use report mutex
Updates #207
Signed-off-by: Zijie Lu <zijie@tailscale.com>
* netcheck: DERP latency check over HTTPS if UDP is BLOCKED
Updates #207
Signed-off-by: Zijie Lu <zijie@tailscale.com>
* netcheck: DERP latency check over HTTPS: new function measureHTTPSLatency
Updates #207
Signed-off-by: Zijie Lu <zijie@tailscale.com>
2020-05-11 11:23:09 -04:00