Commit Graph

2900 Commits

Author SHA1 Message Date
David Anderson
d580157921 tsweb: quote label values to comply with Prometheus format. 2020-03-04 13:46:00 -08:00
Brad Fitzpatrick
ff6b3c2c38 netcheck: include two more DERP nodes, show more in CLI report 2020-03-04 13:40:49 -08:00
David Anderson
f192c05413 metrics: add a LabelMap type for variables with 1 label dimension.
This lets us publish sets of vars that are breakdowns along one
dimension in a format that Prometheus and Grafana natively know
how to do useful things with.

Signed-off-by: David Anderson <dave@natulte.net>
2020-03-04 13:22:50 -08:00
Brad Fitzpatrick
eac62ec5ff ipn, wgengine/magicsock: add ipn.Prefs.DisableDERP bool
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-04 12:53:37 -08:00
Brad Fitzpatrick
bf704a5218 derp: protocol negotiation, add v2: send src pub keys to clients in packets
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-04 09:55:13 -08:00
David Crawshaw
a65b2a0efd magicsock: add some DERP tests
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-04 12:40:33 -05:00
David Crawshaw
a33419167b magicsock: plumb through derpTLSConfig variable (for testing)
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-04 12:40:33 -05:00
David Crawshaw
9be9738f62 derphttp: add TLSConfig field
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-04 12:40:33 -05:00
David Crawshaw
caec2c7e8b magicsock: test sequence of pings
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-04 12:40:33 -05:00
David Crawshaw
9f584414d9 magicsock: simple ping test via magicsock
Passes `go test -count=20 -race ./wgengine/magicsock`

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-04 12:40:33 -05:00
David Crawshaw
34859f8e7d wgengine, magicsock: add a CreateBind method
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-04 12:40:33 -05:00
David Crawshaw
75e62d318f magicsock: use local STUN server in tests
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-04 12:40:33 -05:00
Brad Fitzpatrick
596fd449b9 netcheck: add TODO about alternate timing strategies 2020-03-04 08:20:38 -08:00
Brad Fitzpatrick
b27d4c017a magicsock, wgengine, ipn, controlclient: plumb regular netchecks to map poll
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-04 08:19:45 -08:00
Brad Fitzpatrick
4cf5ac3060 ipn/ipnserver: remove unnecessary closure parameter 2020-03-03 19:38:01 -08:00
Brad Fitzpatrick
724c37fb41 wgengine/magicsock: start tracking nearest DERP node 2020-03-03 17:50:17 -08:00
David Anderson
dbc99dc0d2 paths: use /var/db for state on BSDs, and /var/run for sockets.
On BSD, /var/db is what linux calls /var/lib.

On modern linux, /run and /var/run are the same directory, but
on BSD the correct path is /var/run, so use that.

Fixes #79

Signed-off-by: David Anderson <dave@natulte.net>
2020-03-03 17:49:31 -08:00
David Anderson
20da44eae3 cmd/mkpkg: support scripts for rpm as well. 2020-03-03 16:36:52 -08:00
Brad Fitzpatrick
e371520cc5 tsweb, derp: add expvar http.Handler for Prometheus's format
And add some opinions.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-03 13:59:16 -08:00
Brad Fitzpatrick
89a2c3eb04 wgengine: don't create duplicate iptables rules on Linux, clean up
Fixes #131

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-03 13:46:53 -08:00
David Anderson
21fc5ec371 cmd/mkpkg: support specifying that a package replaces another.
Both RPM and Deb require us to specify both Replaces and Conflicts:
Conflicts tells them that the packages cannot coexist on the system,
Replaces tells them which one to keep.
2020-03-03 13:39:58 -08:00
Brad Fitzpatrick
dd68debd64 cmd/derper: set autocert Email
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-03 13:30:50 -08:00
Brad Fitzpatrick
68ff31a0ba ipn: have NewFileStore try to create directories as needed 2020-03-03 11:51:44 -08:00
Brad Fitzpatrick
b3d9eab1fe safesocket: make some effort to create parent directory of sock 2020-03-03 11:47:21 -08:00
Brad Fitzpatrick
383d86df5f paths: remove some debug logging I left in 2020-03-03 11:45:49 -08:00
Brad Fitzpatrick
65e7c58aa4 cmd/tailscale, cmd/tailscaled, paths: add paths package for default paths
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-03 09:36:18 -08:00
Brad Fitzpatrick
06092a3af3 ipn/ipnserver: document potential race, start on test for it 2020-03-03 09:15:11 -08:00
Brad Fitzpatrick
ef1f967ec0 ipn: remove an unnecessary named parameter in doc 2020-03-03 08:05:11 -08:00
Brad Fitzpatrick
844d991baf netcheck: add Report.Clone, return cloned report to avoid races on late replies 2020-03-02 15:02:34 -08:00
Brad Fitzpatrick
657f9593ae Reduce some logspam. 2020-03-02 14:55:12 -08:00
David Crawshaw
61529ac459 controlclient, tailcfg: deliver DERP addresses in a separate field
We still include them directly in the controlclient network map
just where we have been. Client plumbing we can do later.

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-02 17:16:17 -05:00
David Anderson
ca11e3804b Add a using section that points to pkgs.tailscale.com. 2020-03-02 13:52:51 -08:00
Brad Fitzpatrick
4675c70464 wgengine/magicsock: check STUN regularly 2020-03-02 12:37:52 -08:00
Brad Fitzpatrick
7172f3dbf4 version: add IsMobile func
And use it control/controlclient.
2020-03-02 12:37:28 -08:00
Brad Fitzpatrick
11489a6e67 go.sum: add lines 2020-03-02 11:07:42 -08:00
Brad Fitzpatrick
bc7bc43fb8 magicsock, interfaces: move some code from magicsock to interfaces 2020-03-02 10:38:44 -08:00
Brad Fitzpatrick
af7a01d6f0 wgengine/magicsock: drop donec channel, rename epUpdateCtx to serve its purpose 2020-03-02 09:31:25 -08:00
Brad Fitzpatrick
a399ef3dc7 cmd/derper: appease staticcheck 2020-03-02 08:59:50 -08:00
Brad Fitzpatrick
051b6ef141 cmd/derper: accept more LetsEncrypt hostnames without explicit config 2020-03-02 08:55:44 -08:00
David Crawshaw
cc4afa775f magicsock: rate limit send error log messages
The x/time/rate dependency adds 24kb to tailscaled binary size.

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-02 08:10:06 -05:00
David Anderson
9cdaeac00a go.mod: update wireguard-go version.
I accidentally crushed one of crawshaw's patches, fixing this now.
2020-03-01 14:04:10 -08:00
David Anderson
92bae83cc1 go.mod: update wireguard-go commit.
Signed-Off-By: David Anderson <dave@natulte.net>
2020-03-01 13:58:09 -08:00
David Crawshaw
719c974c38 go.mod: update wireguard-go version
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-01 12:17:10 -05:00
David Crawshaw
0752c77dc2 magicsock: keep DERP magic IPs out of the address map
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-01 07:29:48 -05:00
David Crawshaw
c6550135d5 magicsock: remove the index from indexedAddrs
The value predates the introduction of AddrSet which replaces
the index by tracking curAddr directly.

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-01 07:29:48 -05:00
David Anderson
18fb98792b go.mod: update wireguard-go version.
Signed-off-by: David Anderson <dave@natulte.net>
2020-03-01 01:16:07 -08:00
David Anderson
061315acb4 go.mod: update version of wireguard-go.
Signed-Off-By: David Anderson <dave@natulte.net>
2020-03-01 00:50:39 -08:00
David Crawshaw
1dbd1babc9 go.mod: use latest wireguard-go version
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-02-29 16:08:28 -05:00
David Crawshaw
d5050c37a5 go.mod: use latest wireguard-go version 2020-02-29 11:26:44 -05:00
David Crawshaw
d417be6a4b controlclinet: clone filter.MatchAllowAll
This avoids a non-obvious data race, where the JSON decoder ends
up creating do-nothing writes into global variables.

	==================
	WARNING: DATA RACE
	Write at 0x0000011e1860 by goroutine 201:
	  tailscale.com/wgengine/packet.(*IP).UnmarshalJSON()
	      /home/crawshaw/repo/corp/oss/wgengine/packet/packet.go:83 +0x2d9
	  encoding/json.(*decodeState).literalStore()
	      /home/crawshaw/go/go/src/encoding/json/decode.go:877 +0x445e
	...
	  encoding/json.Unmarshal()
	      /home/crawshaw/go/go/src/encoding/json/decode.go:107 +0x1de
	  tailscale.com/control/controlclient.(*Direct).decodeMsg()
	      /home/crawshaw/repo/corp/oss/control/controlclient/direct.go:615 +0x1ab
	  tailscale.com/control/controlclient.(*Direct).PollNetMap()
	      /home/crawshaw/repo/corp/oss/control/controlclient/direct.go:525 +0x1053
	  tailscale.com/control/controlclient.(*Client).mapRoutine()
	      /home/crawshaw/repo/corp/oss/control/controlclient/auto.go:428 +0x3a6
	Previous read at 0x0000011e1860 by goroutine 86:
	  tailscale.com/wgengine/filter.matchIPWithoutPorts()
	      /home/crawshaw/repo/corp/oss/wgengine/filter/match.go:108 +0x91
	  tailscale.com/wgengine/filter.(*Filter).runIn()
	      /home/crawshaw/repo/corp/oss/wgengine/filter/filter.go:147 +0x3c6
	  tailscale.com/wgengine/filter.(*Filter).RunIn()
	      /home/crawshaw/repo/corp/oss/wgengine/filter/filter.go:127 +0xb0
	  tailscale.com/wgengine.(*userspaceEngine).SetFilter.func1()
	      /home/crawshaw/repo/corp/oss/wgengine/userspace.go:390 +0xfc
	  github.com/tailscale/wireguard-go/device.(*Device).RoutineDecryption()
	      /home/crawshaw/repo/corp/wireguard-go/device/receive.go:295 +0xa1f

For #112

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-02-28 22:33:06 -05:00