Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						ee6475a44d 
					 
					
						
						
							
							wgengine: unify NewUserspaceEngine, NewUserspaceEngineAdvanced  
						
						... 
						
						
						
						Also rename EngineConfig to Config to avoid wgengine.EngineConfig
stutter.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-02-27 21:52:24 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						dda03a911e 
					 
					
						
						
							
							wgengine/monitor: change API to permit multiple independent callbakcks  
						
						... 
						
						
						
						Currently it assumes exactly 1 registered callback. This changes it to
support 0, 1, or more than 1.
This is a step towards plumbing wgengine/monitor into more places (and
moving some of wgengine's interface state fetching into monitor in a
later step)
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-02-27 19:36:52 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						0eea490724 
					 
					
						
						
							
							wgengine: also close link monitor on NewUserspaceEngineAdvanced error  
						
						... 
						
						
						
						Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-02-27 19:11:23 -08:00 
						 
				 
			
				
					
						
							
							
								Matt Layher 
							
						 
					 
					
						
						
							
						
						719de8f0e1 
					 
					
						
						
							
							util/systemd: explicitly check for os.ErrNotExist from sdnotify  
						
						... 
						
						
						
						Signed-off-by: Matt Layher <mdlayher@gmail.com > 
						
						
					 
					
						2021-02-27 19:03:16 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						2d5db90161 
					 
					
						
						
							
							util/winutil: make it actually compile  
						
						... 
						
						
						
						Helps to use the right GOOS after refactoring, sigh.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-02-26 20:52:23 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						e98cdbb8b6 
					 
					
						
						
							
							util/winutil: add little Windows utility package  
						
						... 
						
						
						
						Code from Alex Brainman, split out of another change. I changed it to
a comma-ok return and tweaked the docs a bit. 
						
						
					 
					
						2021-02-26 20:42:00 -08:00 
						 
				 
			
				
					
						
							
							
								Naman Sood 
							
						 
					 
					
						
						
							
						
						fec9dcbda1 
					 
					
						
						
							
							wgengine/netstack: start SOCKS5 server in netstack mode  
						
						... 
						
						
						
						Updates #707 
Updates #504 
Signed-off-by: Naman Sood <mail@nsood.in > 
						
						
					 
					
						2021-02-26 13:44:49 -08:00 
						 
				 
			
				
					
						
							
							
								Naman Sood 
							
						 
					 
					
						
						
							
						
						fe16ef6812 
					 
					
						
						
							
							net/socks5: create SOCKS5 package for proxy server in userspace networking  
						
						... 
						
						
						
						Updates #707 
Updates #504 
Signed-off-by: Naman Sood <mail@nsood.in > 
						
						
					 
					
						2021-02-26 13:44:49 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						f68431fc02 
					 
					
						
						
							
							cmd/derper: add /bootstrap-dns handler  
						
						... 
						
						
						
						For option (d) of #1405 .
For an HTTPS request of /bootstrap-dns, this returns e.g.:
{
  "log.tailscale.io": [
    "2600:1f14:436:d603:342:4c0d:2df9:191b",
    "34.210.105.16"
  ],
  "login.tailscale.com": [
    "2a05:d014:386:203:f8b4:1d5a:f163:e187",
    "3.121.18.47"
  ]
}
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-02-26 09:29:28 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						c1ae1a3d2d 
					 
					
						
						
							
							version: bump date  
						
						... 
						
						
						
						Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-02-26 08:14:35 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						99d67493be 
					 
					
						
						
							
							cmd/derper: update a link from godoc.org to pkg.go.dev  
						
						... 
						
						
						
						Save a redirect.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-02-26 08:14:15 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						000b80de9d 
					 
					
						
						
							
							net/interfaces: go idle on macOS when wifi/etc is down, ignore utun* interfaces  
						
						... 
						
						
						
						Updates tailscale/corp#1289 
Updates tailscale/corp#1367 
Updates tailscale/corp#1378 
Updates tailscale/felicity#4  
						
						
					 
					
						2021-02-25 15:47:29 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						3fd00c4a40 
					 
					
						
						
							
							cmd/tailscaled: create /usr/local/bin on macOS install-system-daemon if needed  
						
						... 
						
						
						
						Fixes  #1400 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
					
						2021-02-25 12:01:17 -08:00 
						 
				 
			
				
					
						
							
							
								Naman Sood 
							
						 
					 
					
						
						
							
						
						517c90d7e5 
					 
					
						
						
							
							wgengine, cmd/tailscaled: refactor netstack, forward TCP to hello as demo ( #1301 )  
						
						... 
						
						
						
						Updates #707 
Updates #504 
Signed-off-by: Naman Sood <mail@nsood.in > 
						
						
					 
					
						2021-02-25 14:18:16 -05:00 
						 
				 
			
				
					
						
							
							
								Aleksandar Pesic 
							
						 
					 
					
						
						
							
						
						daf6de4f14 
					 
					
						
						
							
							wgengine: make NewUserspaceEngine wait for TUN interface to be up on Windows  
						
						... 
						
						
						
						Updates #474 
Signed-off-by: Aleksandar Pesic <peske.nis@gmail.com > 
						
						
					 
					
						2021-02-25 07:58:17 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						ea3715e3ce 
					 
					
						
						
							
							wgengine/magicsock: remove TODO about endpoints-over-DERP  
						
						... 
						
						
						
						It was done in Tailscale 1.4 with CallMeMaybe disco messages
containing endpoints.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-02-24 21:34:31 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						360095cd34 
					 
					
						
						
							
							ipn: add tests for exit node pretty printing.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-02-24 21:18:35 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						8ee1cb6156 
					 
					
						
						
							
							ipn/ipnlocal: mark findExitNodeID as requiring mutex.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-02-24 21:18:33 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						54d7070121 
					 
					
						
						
							
							wgengine/router: correctly read IPv6 routes when diffing.  
						
						... 
						
						
						
						Fixes  #1185 .
Signed-off-by: David Anderson <danderson@tailscale.com > 
					
						2021-02-24 20:41:56 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						abfd73f569 
					 
					
						
						
							
							ipn: print currently selected exit route in Prefs.String().  
						
						... 
						
						
						
						Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-02-24 20:41:56 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						2404c0ffad 
					 
					
						
						
							
							ipn/ipnlocal: only filter out default routes when computing the local wg config.  
						
						... 
						
						
						
						UIs need to see the full unedited netmap in order to know what exit nodes they
can offer to the user.
Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-02-24 20:41:56 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						ebf3f2fd9f 
					 
					
						
						
							
							cmd/tailscale/cli: add CLI option to offer an exit node to the tailnet.  
						
						... 
						
						
						
						Finishes up linux part of #1154 .
Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-02-24 11:34:06 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						e9e4f1063d 
					 
					
						
						
							
							wgengine/magicsock: fix discoEndpoint caching bug when a node key changes  
						
						... 
						
						
						
						Fixes  #1391 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
					
						2021-02-23 14:39:15 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						f11952ad7f 
					 
					
						
						
							
							ipn/ipnserver: fix Windows connection auth regression  
						
						... 
						
						
						
						Regression from code movement in d3efe8caf6bradfitz@tailscale.com > 
						
						
					 
					
						2021-02-23 13:27:04 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						c64bd587ae 
					 
					
						
						
							
							net/portmapper: add NAT-PMP client, move port mapping service probing  
						
						... 
						
						
						
						* move probing out of netcheck into new net/portmapper package
* use PCP ANNOUNCE op codes for PCP discovery, rather than causing
  short-lived (sub-second) side effects with a 1-second-expiring map +
  delete.
* track when we heard things from the router so we can be less wasteful
  in querying the router's port mapping services in the future
* use portmapper from magicsock to map a public port
Fixes  #1298 
Fixes  #1080 
Fixes  #1001 
Updates #864 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-02-23 09:07:38 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						d038a5295d 
					 
					
						
						
							
							wgengine/wglog: drop 1/s "interface is up" messages.  
						
						... 
						
						
						
						Fixes  #1388 .
Signed-off-by: David Anderson <danderson@tailscale.com > 
					
						2021-02-23 09:01:58 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						188bb14269 
					 
					
						
						
							
							wgengine: consistently close things when NewUserspaceEngineAdvanced errors  
						
						... 
						
						
						
						Fixes  #1363 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
					
						2021-02-22 20:39:39 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						6e42430ad8 
					 
					
						
						
							
							wgengine/monitor: don't log any single-IP routes added to the tailscale table.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-02-22 20:21:51 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						df5adb2e23 
					 
					
						
						
							
							wgengine/monitor: on linux, also monitor for IPv6 changes.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-02-22 19:38:07 -08:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						b83c273737 
					 
					
						
						
							
							wgengine/filter: use IPSet for localNets instead of prefixes.  
						
						... 
						
						
						
						Part of #1177 , preparing for doing fancier set operations on
the allowed local nets.
Signed-off-by: David Anderson <danderson@tailscale.com > 
						
						
					 
					
						2021-02-22 14:51:22 -08:00 
						 
				 
			
				
					
						
							
							
								Matt Layher 
							
						 
					 
					
						
						
							
						
						2c500cee23 
					 
					
						
						
							
							go.mod: bump github.com/mdlayher/netlink, github.com/jsimonetti/rtnetlink  
						
						... 
						
						
						
						Signed-off-by: Matt Layher <mdlayher@gmail.com > 
						
						
					 
					
						2021-02-22 06:20:56 -08:00 
						 
				 
			
				
					
						
							
							
								Filippo Valsorda 
							
						 
					 
					
						
						
							
						
						39f7a61e9c 
					 
					
						
						
							
							tstest/staticcheck: import the main package to fix "go mod tidy"  
						
						... 
						
						
						
						Importing the non-main package was missing some dependencies that
"go mod tidy" would then cleanup. Also added a non-ignore build tag to
avoid other tools getting upset about importing a main package.
Signed-off-by: Filippo Valsorda <hi@filippo.io > 
						
						
					 
					
						2021-02-20 09:53:47 -08:00 
						 
				 
			
				
					
						
							
							
								Filippo Valsorda 
							
						 
					 
					
						
						
							
						
						87f2e4c12c 
					 
					
						
						
							
							go.mod: bump github.com/kr/pty to build on openbsd/arm64  
						
						... 
						
						
						
						$ GOOS=openbsd GOARCH=arm64 go install tailscale.com/cmd/...@latest
pkg/mod/github.com/kr/pty@v1.1.4-0.20190131011033-7dc38fb350b1/pty_openbsd.go:24:10: undefined: ptmget
pkg/mod/github.com/kr/pty@v1.1.4-0.20190131011033-7dc38fb350b1/pty_openbsd.go:25:34: undefined: ioctl_PTMGET
"go mod tidy" did some unrelated work in go.sum, maybe because it was
not run with Go 1.16 before.
Signed-off-by: Filippo Valsorda <hi@filippo.io > 
						
						
					 
					
						2021-02-20 09:53:47 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						86d3a6c9a6 
					 
					
						
						
							
							Switch to Go 1.16.  
						
						... 
						
						
						
						Fixes  #1370 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
					
						2021-02-19 13:18:31 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						9748c5414e 
					 
					
						
						
							
							portlist: adjust build tags for iOS + Go 1.16  
						
						... 
						
						
						
						Updates #943 
Updates #1370 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-02-19 10:03:33 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						826f64e863 
					 
					
						
						
							
							cmd/tailscale/cli: add netcheck dev knob TS_DEBUG_NETCHECK_UDP_BIND  
						
						
						
						
					 
					
						2021-02-19 07:48:35 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						7ad3af2141 
					 
					
						
						
							
							cmd/tailscale/cli: remove outdated TODO  
						
						... 
						
						
						
						Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-02-18 15:11:00 -08:00 
						 
				 
			
				
					
						
							
							
								Sonia Appasamy 
							
						 
					 
					
						
						
							
						
						76fb27bea7 
					 
					
						
						
							
							dnsname,tailcfg: add hostname sanitation logic to node display names ( #1304 )  
						
						... 
						
						
						
						Signed-off-by: Sonia Appasamy <sonia@tailscale.com > 
						
						
					 
					
						2021-02-18 17:15:38 -05:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						c386496e4f 
					 
					
						
						
							
							version: bump date  
						
						
						
						
					 
					
						2021-02-18 13:36:48 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						fd8e070d01 
					 
					
						
						
							
							health, control/controlclient, wgengine: report when router unhealthy  
						
						... 
						
						
						
						Updates tailscale/corp#1338 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-02-18 11:48:48 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						2d96215d97 
					 
					
						
						
							
							wgengine/router: make Linux delRoute idempotent, cidrDiff fail late as possible  
						
						... 
						
						
						
						This makes cidrDiff do as much as possible before failing, and makes a
delete of an already-deleted rule be a no-op. We should never do this
ourselves, but other things on the system can, and this should help us
recover a bit.
Also adds the start of root-requiring tests.
TODO: hook into wgengine/monitor and notice when routes are changed
behind our back, and invalidate our routes map and re-read from
kernel (via the ip command) at least on the next reconfig call.
Updates tailscale/corp#1338 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-02-18 10:36:00 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						6a2c6541da 
					 
					
						
						
							
							net/tshttpproxy: support HTTP proxy environment credentials on Windows too  
						
						... 
						
						
						
						and some minor style nits.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-02-18 08:27:37 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						96a488e37e 
					 
					
						
						
							
							wgengine/router: simplify func normalizeCIDR using netaddr method  
						
						
						
						
					 
					
						2021-02-17 21:35:33 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						38629b62fc 
					 
					
						
						
							
							cmd/tailscaled: on darwin, fail early if not root with nicer message  
						
						... 
						
						
						
						Don't do it on all platforms, as Linux folk might be playing
container + capability games. 
						
						
					 
					
						2021-02-17 15:45:50 -08:00 
						 
				 
			
				
					
						
							
							
								Christine Dodrill 
							
						 
					 
					
						
						
							
						
						3e5c3e932c 
					 
					
						
						
							
							net/tshttpproxy: support basic auth when available ( #1354 )  
						
						... 
						
						
						
						This allows proxy URLs such as:
    http://azurediamond:hunter2@192.168.122.154:38274 
to be used in order to dial out to control, logs or derp servers.
Signed-off-by: Christine Dodrill <xe@tailscale.com > 
						
						
					 
					
						2021-02-17 16:01:47 -05:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						d98ef5699d 
					 
					
						
						
							
							wgengine/filter: remove redundant code  
						
						... 
						
						
						
						no generated code change. 
						
						
					 
					
						2021-02-17 09:11:28 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						7038c09bc9 
					 
					
						
						
							
							ipn/ipnserver: on darwin, let users who are admins use CLI without sudo  
						
						... 
						
						
						
						Tangentially related to #987 , #177 , #594 , #925 , #505 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-02-16 21:09:27 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						d3efe8caf6 
					 
					
						
						
							
							safesocket, ipn/ipnserver: look up peer creds on Darwin  
						
						... 
						
						
						
						And open up socket permissions like Linux, now that we know who
connections are from.
This uses the new inet.af/peercred that supports Linux and Darwin at
the moment.
Fixes  #1347 
Fixes  #1348 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2021-02-16 20:38:44 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						65815cc1ac 
					 
					
						
						
							
							wgengine/tsdns: skip test that requires local IPv6 when IPv6 unavailable  
						
						... 
						
						
						
						Fixes  #1292 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
					
						2021-02-16 10:50:37 -08:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						4ec01323c1 
					 
					
						
						
							
							control/controlclient: note package type in Hostinfo  
						
						... 
						
						
						
						Fixes  tailscale/corp#440 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
					
						2021-02-15 13:24:05 -08:00