David Anderson 
							
						 
					 
					
						
						
							
						
						41da7620af 
					 
					
						
						
							
							go.mod: update wireguard-go to pick up roaming toggle  
						
						... 
						
						
						
						wgengine/wgcfg: introduce wgcfg.NewDevice helper to disable roaming
at all call sites (one real plus several tests).
Fixes  tailscale/corp#3016 .
Signed-off-by: David Anderson <danderson@tailscale.com >
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com > 
						
						
					 
					
						2021-11-16 13:15:04 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						400ed799e6 
					 
					
						
						
							
							net/dns: work around old systemd-resolved setLinkDomain length limit  
						
						... 
						
						
						
						Don't set all the *.arpa. reverse DNS lookup domains if systemd-resolved
is old and can't handle them.
Fixes  #3188 
Change-Id: I283f8ce174daa8f0a972ac7bfafb6ff393dde41d
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-16 12:54:21 -08:00 
						 
				 
			
				
					
						
							
							
								Brian Fallik 
							
						 
					 
					
						
						
							
						
						9fa6cdf7bf 
					 
					
						
						
							
							fix minor typo  
						
						... 
						
						
						
						Signed-off-by: Brian Fallik <bfallik@gmail.com > 
						
						
					 
					
						2021-11-16 11:03:43 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						24ea365d48 
					 
					
						
						
							
							netcheck, controlclient, magicsock: add more metrics  
						
						... 
						
						
						
						Updates #3307 
Change-Id: Ibb33425764a75bde49230632f1b472f923551126
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-16 10:48:19 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						3b541c833e 
					 
					
						
						
							
							util/clientmetric, logtail: log metric changes  
						
						... 
						
						
						
						Updates #3307 
Change-Id: I1399ebd786f6ff7defe6e11c0eb651144c071574
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-16 08:06:31 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						68917fdb5d 
					 
					
						
						
							
							cmd/tailscale/cli: add "debug metrics" subcommand  
						
						... 
						
						
						
						To let users inspect the tailscaled metrics easily.
Updates #3307 
Change-Id: I922126ca0626659948c57de74c6ef62f40ef5f5f
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-15 15:13:25 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						945290cc3f 
					 
					
						
						
							
							cmd/tailscale/cli: migrate hidden debug subcommand to use subcomands  
						
						... 
						
						
						
						It was a mess of flags. Use subcommands under "debug" instead.
And document loudly that it's not a stable interface.
Change-Id: Idcc58f6a6cff51f72cb5565aa977ac0cc30c3a03
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-15 15:03:58 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						57b039c51d 
					 
					
						
						
							
							util/clientmetrics: add new package to add metrics to the client  
						
						... 
						
						
						
						And annotate magicsock as a start.
And add localapi and debug handlers with the Prometheus-format
exporter.
Updates #3307 
Change-Id: I47c5d535fe54424741df143d052760387248f8d3
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-15 13:46:05 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						c5d572f371 
					 
					
						
						
							
							net/dns: correctly handle NetworkManager-managed DNS that points to resolved.  
						
						... 
						
						
						
						Fixes  #3304 
Signed-off-by: David Anderson <danderson@tailscale.com > 
					
						2021-11-15 12:21:25 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						f7da8c77bd 
					 
					
						
						
							
							tstest/integration/testcontrol: fix data race  
						
						... 
						
						
						
						Fix race from 1ec99e99f4Fixes  #3289 
Change-Id: I58158d3f82339ac171fb14827c5f158d602327f4
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-11 08:25:16 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						5b94f67956 
					 
					
						
						
							
							control/noise: make Conn.readNLocked less surprising.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-11-10 12:13:54 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						a34350ffda 
					 
					
						
						
							
							control/noise: factor out nonce checking and incrementing into a type.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-11-10 12:13:54 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						d3acd35a90 
					 
					
						
						
							
							control/noise: make message headers match the specification.  
						
						... 
						
						
						
						Only the initiation message should carry a protocol version, all
others are just type+len.
Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-11-10 12:13:54 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						a63c4ab378 
					 
					
						
						
							
							control/noise: don't panic when handling ciphertext.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-11-10 12:13:54 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						4004b22fe5 
					 
					
						
						
							
							control/noise: stop using poly1305 package constants.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-11-10 12:13:54 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						293431aaea 
					 
					
						
						
							
							control/noise: use key.Machine{Public,Private} as appropriate.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-11-10 12:13:54 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						edb33d65c3 
					 
					
						
						
							
							control/noise: don't cache mixer, just rebuild a BLAKE2s each time.  
						
						... 
						
						
						
						This should optimize out fine, and readability is preferable to performance
here.
Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-11-10 12:13:54 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						7e9e72887c 
					 
					
						
						
							
							control/noise: add singleUseCHP, use it to simplify nonce/key tracking in handshake.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-11-10 12:13:54 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						cf90392174 
					 
					
						
						
							
							control/noise: review fixups  
						
						... 
						
						
						
						Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-11-10 12:13:54 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						0b392dbaf7 
					 
					
						
						
							
							control/noise: adjust implementation to match revised spec.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-11-10 12:13:54 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						89a68a4c22 
					 
					
						
						
							
							control/noise: include the protocol version in the Noise prologue.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-11-10 12:13:54 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						5e005a658f 
					 
					
						
						
							
							control/noise: fix typo in docstring.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-11-10 12:13:54 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						eabca699ec 
					 
					
						
						
							
							control/noise: remove allocations in the encrypt and decrypt paths.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-11-10 12:13:54 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						da7544bcc5 
					 
					
						
						
							
							control/noise: implement the base transport for the 2021 control protocol.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-11-10 12:13:54 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						3e1daab704 
					 
					
						
						
							
							hostinfo, control/controlclient: tell control when Ubuntu has disabled Tailscale's sources  
						
						... 
						
						
						
						Fixes  #3177 
Updates #2500 
Change-Id: Iff2a8e27ec7d36a1c210263d6218f20ebed37924
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
					
						2021-11-10 09:56:58 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						d2ef73ed82 
					 
					
						
						
							
							control/controlclient: rename a variable to not shadow a package name  
						
						... 
						
						
						
						Change-Id: I1bcb577cb2c47e936d545ad57f308e57399de323
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-10 08:11:29 -08:00 
						 
				 
			
				
					
						
							
							
								Maisem Ali 
							
						 
					 
					
						
						
							
						
						d6dde5a1ac 
					 
					
						
						
							
							ipn/ipnlocal: handle key extensions after key has already expired  
						
						... 
						
						
						
						Signed-off-by: Maisem Ali <maisem@tailscale.com > 
						
						
					 
					
						2021-11-08 18:15:09 -08:00 
						 
				 
			
				
					
						
							
							
								Maisem Ali 
							
						 
					 
					
						
						
							
						
						eccc2ac6ee 
					 
					
						
						
							
							net/interfaces/windows: update Tailscale interface detection logic to  
						
						... 
						
						
						
						account for new wintun naming.
Signed-off-by: Maisem Ali <maisem@tailscale.com > 
						
						
					 
					
						2021-11-08 07:44:33 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						ad63fc0510 
					 
					
						
						
							
							control/controlclient: make js/wasm work with Go 1.18+  
						
						... 
						
						
						
						Updates #3157 
Change-Id: I2d67e582842ab3638d720bb5db4701b878ad4473
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-07 13:49:55 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						87137405e5 
					 
					
						
						
							
							ipn/ipnserver: grant js/wasm all localapi permissions  
						
						... 
						
						
						
						Updates #3157 
Change-Id: I3b63762583a4d655eac33ce3dfda37a1f5135a57
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-07 12:13:15 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						40e13c316c 
					 
					
						
						
							
							paths: add missing js/wasm stub  
						
						... 
						
						
						
						Change-Id: Iae4838f5fa1dc0cd491d5a3ac906fd3cdacb173c
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-07 12:13:15 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						0edd2d1cd5 
					 
					
						
						
							
							safesocket: add js/wasm implementation with in-memory net.Conn  
						
						... 
						
						
						
						Updates #3157 
Change-Id: Ia35b1e259011fb86f8c4e01f62146f9fd4c9b7c6
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-07 12:13:14 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						01bd789c26 
					 
					
						
						
							
							ipn/ipnserver: add Server.LocalBackend accessor  
						
						... 
						
						
						
						Was done as part of e6fbc0cd54bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-07 11:31:52 -08:00 
						 
				 
			
				
					
						
							
							
								Michael Stapelberg 
							
						 
					 
					
						
						
							
						
						b3abdc381d 
					 
					
						
						
							
							tsnet: set varRoot state directory field  
						
						... 
						
						
						
						This makes tsnet work on https://gokrazy.org ! 🎉 
Signed-off-by: Michael Stapelberg <michael@stapelberg.de > 
						
						
					 
					
						2021-11-07 10:56:23 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						e6fbc0cd54 
					 
					
						
						
							
							cmd/tailscaled, ipn/ipnserver: refactor ipnserver  
						
						... 
						
						
						
						More work towards removing the massive ipnserver.Run and ipnserver.Options
and making composable pieces.
Work remains. (The getEngine retry loop on Windows complicates things.)
For now some duplicate code exists. Once the Windows side is fixed
to either not need the retry loop or to move the retry loop into a
custom wgengine.Engine wrapper, then we can unify tailscaled_windows.go
too.
Change-Id: If84d16e3cd15b54ead3c3bb301f27ae78d055f80
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-05 15:00:02 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						5f36ab8a90 
					 
					
						
						
							
							tstest/integration: go generate  
						
						... 
						
						
						
						Change-Id: I49d19007a16261e447240e149deac24c15c93fce
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-05 14:43:51 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						2b082959db 
					 
					
						
						
							
							safesocket: add WindowsLocalPort const  
						
						... 
						
						
						
						Remove all the 41112 references.
Change-Id: I2d7ed330d457e3bb91b7e6416cfb2667611e50c4
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-05 14:05:13 -07:00 
						 
				 
			
				
					
						
							
							
								Denton Gentry 
							
						 
					 
					
						
						
							
						
						1ec99e99f4 
					 
					
						
						
							
							tstest: extend node key expiration integration test.  
						
						... 
						
						
						
						Can produce the problem in #2515 , preparing to test a fix.
Marked as t.Skip() until we have a fix.
Updates https://github.com/tailscale/tailscale/issues/2515 
Signed-off-by: Denton Gentry <dgentry@tailscale.com > 
						
						
					 
					
						2021-11-04 11:46:42 -07:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
						
						12148dcf48 
					 
					
						
						
							
							go.mod: bump github.com/frankban/quicktest from 1.13.1 to 1.14.0  
						
						... 
						
						
						
						Bumps [github.com/frankban/quicktest](https://github.com/frankban/quicktest ) from 1.13.1 to 1.14.0.
- [Release notes](https://github.com/frankban/quicktest/releases )
- [Commits](https://github.com/frankban/quicktest/compare/v1.13.1...v1.14.0 )
---
updated-dependencies:
- dependency-name: github.com/frankban/quicktest
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com > 
						
						
					 
					
						2021-11-04 09:39:31 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						337757a819 
					 
					
						
						
							
							ipn/ipnlocal, control/controlclient: don't propagate all map errors to UI  
						
						... 
						
						
						
						Fixes regression from 81cabf48ecFixes  #3230 
Change-Id: I7f142c801c7d15e268a24ddf901c3e6348b6729c
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-03 17:56:54 -07:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						0532eb30db 
					 
					
						
						
							
							all: replace tailcfg.DiscoKey with key.DiscoPublic.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-11-03 14:00:16 -07:00 
						 
				 
			
				
					
						
							
							
								Mangirdas 
							
						 
					 
					
						
						
							
						
						f771327f0c 
					 
					
						
						
							
							Add multiarch image make target  
						
						... 
						
						
						
						Updates #3112 
Signed-off-by: Mangirdas <mangirdas@judeikis.lt > 
						
						
					 
					
						2021-11-03 13:13:20 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						649f7556e8 
					 
					
						
						
							
							cmd/tailscaled, ipn: add tailscaled --statedir flag for var directory  
						
						... 
						
						
						
						Fixes  #2932 
Change-Id: I1aa2b323ad542386d140f8336bcc4dcbb8310bd0
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
					
						2021-11-03 13:12:38 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						c7bff35fee 
					 
					
						
						
							
							ipn/ipnlocal: add owner-only debug handler to get process env  
						
						... 
						
						
						
						For debugging Synology. Like the existing goroutines handler, in that
it's owner-only.
Change-Id: I852f0626be8e1c0b6794c1e062111d14adc3e6ac
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-03 13:12:32 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						6d82a18916 
					 
					
						
						
							
							tstest/integration: don't include stdlib deps in go generate output  
						
						... 
						
						
						
						Causes too much churn for zero benefit.
Change-Id: I838f8cdb5723f122f11dd4bbce5e9c07755c3cd9
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-11-03 11:59:59 -07:00 
						 
				 
			
				
					
						
							
							
								Josh Bleecher Snyder 
							
						 
					 
					
						
						
							
						
						c467ed0b62 
					 
					
						
						
							
							wgengine/wgcfg: always close io.Pipe  
						
						... 
						
						
						
						In DeviceConfig, we did not close r after calling FromUAPI.
If FromUAPI returned early due to an error, then it might
not have read all the data that IpcGetOperation wanted to write.
As a result, IpcGetOperation could hang, as in #3220 .
We were also closing the wrong end of the pipe after IpcSetOperation
in ReconfigDevice.
To ensure that we get all available information to diagnose
such a situation, include all errors anytime something goes wrong.
This should fix the immediate crashing problem in #3220 .
We'll then need to figure out why IpcGetOperation was failing.
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com > 
						
						
					 
					
						2021-11-02 17:50:15 -07:00 
						 
				 
			
				
					
						
							
							
								Josh Bleecher Snyder 
							
						 
					 
					
						
						
							
						
						3fd5f4380f 
					 
					
						
						
							
							util/multierr: new package  
						
						... 
						
						
						
						github.com/go-multierror/multierror served us well.
But we need a few feature from it (implement Is),
and it's not worth maintaining a fork of such a small module.
Instead, I did a clean room implementation inspired by its API.
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com > 
						
						
					 
					
						2021-11-02 17:50:15 -07:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						17b5782b3a 
					 
					
						
						
							
							types/key: delete legacy NodeKey type.  
						
						... 
						
						
						
						Fixes  #3206 
Signed-off-by: David Anderson <danderson@tailscale.com > 
					
						2021-11-02 14:14:32 -07:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						7e6a1ef4f1 
					 
					
						
						
							
							tailcfg: use key.NodePublic in wire protocol types.  
						
						... 
						
						
						
						Updates #3206 .
Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-11-02 09:11:43 -07:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						7e8d5ed6f3 
					 
					
						
						
							
							ipn: use key.NodePublic instead of tailcfg.NodeKey  
						
						... 
						
						
						
						Updates #3206 
Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-11-01 20:32:10 -07:00