TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2024-11-26 03:25:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,078 Commits 706 Branches 157 Tags 102 MiB
748670f1e9
Commit Graph

138 Commits

Author SHA1 Message Date
David Anderson
27a1a2976a wgengine/router: add a CallbackRouter shim. 
The shim implements both network and DNS configurators,
and feeds both into a single callback that receives
both configs.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-04-02 18:43:24 -07:00
David Anderson
6ad44f9fdf wgengine: take in dns.Config, split out to resolver.Config and dns.OSConfig. 
Stepping stone towards having the DNS package handle the config splitting.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-04-02 00:59:44 -07:00
David Anderson
8af9d770cf net/dns: rename Config to OSConfig. 
Making way for a new higher level config struct.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-04-02 00:59:44 -07:00
David Anderson
fcfc0d3a08 net/dns: remove ManagerConfig, pass relevant args directly. 
Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-04-01 23:26:52 -07:00
David Anderson
f77ba75d6c wgengine/router: move DNS cleanup into the DNS package. 
Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-04-01 22:35:34 -07:00
David Anderson
15875ccc63 wgengine/router: don't store unused tunname on windows. 2021-04-01 22:28:24 -07:00
Brad Fitzpatrick
e64383a80e wgengine/router: document some fields a bit more 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-04-01 07:50:50 -07:00
David Anderson
2b4bfeda1a wgengine: pass in an explicit router.Router, rather than a generator. 
Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-03-26 22:01:55 -07:00
David Anderson
0a84aaca0a wgengine/router: remove unused wireguard *Device argument. 
Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-03-26 19:43:13 -07:00
David Anderson
672731ac6f many: gofmt. 
Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-03-25 17:41:51 -07:00
David Anderson
6521f02ff6 Move DNS flush logic to net/dns. 
Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-03-25 17:40:52 -07:00
David Anderson
9f7f2af008 wgengine/router/dns: move to net/dns. 
Preparation for merging the APIs and whatnot.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-03-25 16:25:30 -07:00
David Anderson
8432999835 Move wgengine/tsdns to net/dns. 
Straight move+fixup, no other changes. In prep for merging with
wgengine/router/dns.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-03-25 16:25:30 -07:00
Brad Fitzpatrick
e2b3d9aa5f all: s/Magic DNS/MagicDNS/ for consistency 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-03-23 14:25:28 -07:00
Brad Fitzpatrick
232cfda280 wgengine/router: report to control when setPrivateNetwork fails 
Fixes #1503

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-03-15 16:19:40 -07:00
Brad Fitzpatrick
d580b3f09e wgengine/router: fix go vet failure on BSDs 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-03-15 14:27:39 -07:00
Aleksandar Pesic
25d2dd868b wgengine/router: flushdns in windows when router config changes 
Fixes: https://github.com/tailscale/tailscale/issues/1430

Signed-off-by: Aleksandar Pesic <peske.nis@gmail.com>
 2021-03-15 13:03:01 +01:00
David Anderson
fa6110e47b wgengine/router: don't touch interface routes 
Developed by a cast of dozens.

Fixes #1448

Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-03-11 21:09:25 -08:00
Denton Gentry
04e72f95cc wgengine/router: add OpenBSD IPv6 support. 
Similar to FreeBSD in https://github.com/tailscale/tailscale/issues/1307,
add IPv6 addresses with a prefix length of 48.

Fixes https://github.com/tailscale/tailscale/issues/1372

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
 2021-03-08 19:02:59 -08:00
Denton Gentry
bcea88da46 wgengine: support FreeBSD with IPv6. 
Fixes https://github.com/tailscale/tailscale/issues/1307 for keepsies.

We cannot set the tun interface address as a /128 on FreeBSD,
due to https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=218508
Instead we set the interface address as a /48, which is enabled
by commit 82edf94df7.

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
 2021-03-05 19:34:14 -08:00
Denton Gentry
c8af6bc009 Revert "freebsd: ignore IPv6 for now" 
This reverts commit 061422affc.

We have a way to support IPv6 on FreeBSD now.

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
 2021-03-05 19:34:14 -08:00
Denton Gentry
061422affc freebsd: ignore IPv6 for now 
FreeBSD tun devices don't work with the way we implement IPv6
https://github.com/tailscale/tailscale/issues/1307

At least for now, remove any IPv6 addresses from the netmap.

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
 2021-03-03 15:33:13 -08:00
David Anderson
1cb0ffc3ff wgengine/router: make windows gracefully handle disabled IPv4 or IPv6. 
This is necessary because either protocol can be disabled globally by a
Windows registry policy, at which point trying to touch that address
family results in "Element not found" errors. This change skips programming
address families that Windows tell us are unavailable.

Fixes #1396.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-03-03 11:48:17 -08:00
David Anderson
8d77dfdacb wgengine/router: add a dummy IPv6 address if needed for default routing. 
Fixes #1339

Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-03-02 19:32:04 -08:00
David Anderson
793cb131f0 wgengine/router: toggle killswitch when using default routes on windows. 
Fixes #1398.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-03-01 19:37:22 -08:00
David Anderson
54d7070121 wgengine/router: correctly read IPv6 routes when diffing. 
Fixes #1185.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-02-24 20:41:56 -08:00
Brad Fitzpatrick
2d96215d97 wgengine/router: make Linux delRoute idempotent, cidrDiff fail late as possible 
This makes cidrDiff do as much as possible before failing, and makes a
delete of an already-deleted rule be a no-op. We should never do this
ourselves, but other things on the system can, and this should help us
recover a bit.

Also adds the start of root-requiring tests.

TODO: hook into wgengine/monitor and notice when routes are changed
behind our back, and invalidate our routes map and re-read from
kernel (via the ip command) at least on the next reconfig call.

Updates tailscale/corp#1338

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-02-18 10:36:00 -08:00
Brad Fitzpatrick
96a488e37e wgengine/router: simplify func normalizeCIDR using netaddr method 2021-02-17 21:35:33 -08:00
Brad Fitzpatrick
88ab0173a7 wgengine/router: fix BSD router to support multiple local addrs, IPv6 
Fixes #1201
 2021-02-11 19:13:03 -08:00
Brad Fitzpatrick
1ec64bc94d wgengine/router: add another Windows firewall rule to allow incoming UDP 
Based on @sailorfrag's research.

Fixes #1312

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-02-10 13:12:17 -08:00
Brad Fitzpatrick
d76334d2f0 ipn: split LocalBackend off into new ipn/ipnlocal package 
And move a couple other types down into leafier packages.

Now cmd/tailscale doesn't bring in netlink, magicsock, wgengine, etc.

Fixes #1181

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-02-04 14:04:23 -08:00
Brad Fitzpatrick
a2aa6cd2ed wgengine/router: clarify disabled IPv6 message on Linux 2021-02-02 14:51:44 -08:00
David Anderson
267531e4f8 wgengine/router: probe better for v6 policy routing support. 
Previously we disabled v6 support if the disable_policy knob was
missing in /proc, but some kernels support policy routing without
exposing the toggle. So instead, treat disable_policy absence as a
"maybe", and make the direct `ip -6 rule` probing a bit more
elaborate to compensate.

Fixes #1241.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-02-01 16:12:17 -08:00
Brad Fitzpatrick
c7fc4a06da wgengine/router: don't configure IPv6 on Linux when IPv6 is unavailable 
Fixes #1214

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-01-28 13:35:11 -08:00
Brad Fitzpatrick
4fea604979 wgengine/router: stop setPrivateNetwork goroutine on configureInterface failure 
On Windows, configureInterface starts a goroutine reconfiguring the
Windows firewall.

But if configureInterface fails later, that goroutine kept running and
likely failing forever, spamming logs. Make it stop quietly if its
launching goroutine filed.
 2021-01-25 13:22:51 -08:00
Alex Brainman
6e4231c03c wgengine/router/dns: remove unused code 
Commit 68ddf1 removed code that reads
`SOFTWARE\Tailscale IPN\SearchList` registry value. But the commit
left code that writes that value.

So now this package writes and never reads the value.

Remove the code to stop pointless work.

Updates #853

Signed-off-by: Alex Brainman <alex.brainman@gmail.com>
 2021-01-14 14:04:35 -08:00
Brad Fitzpatrick
0d94fe5f69
wgengine/router: disable IPv6 on Linux if ip rule -6 fails (#1074) 
Updates #562
Fixes #973

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2020-12-29 08:26:17 -08:00
Josh Bleecher Snyder
2fe770ed72 all: replace wgcfg.IP and wgcfg.CIDR with netaddr types 
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2020-12-28 13:00:42 -08:00
David Crawshaw
2b2a16d9a2 wgengine/router/dns: reduce windows registry key open timeout 
The windows key timeout is longer than the wgengine watchdog timeout,
which means we never reach the timeout, instead the process exits.
Reduce the timeout so if we do hit it, at least the process continues.

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
 2020-12-21 17:24:58 -05:00
David Crawshaw
b4f70d8232 wgengine/router/dns: use the correct interface GUID 
On Win10, there's a hardcoded GUID and this works.
On Win7, this GUID changes and we need to ask the tun for its
LUID and convert that from the GUID.

This commit uses the computed GUID that is placed in InterfaceName.

Diagnosed by Jason Donnenfeld. (Thanks!)
 2020-12-21 16:43:24 -05:00
Brad Fitzpatrick
15c064f76f wgengine/router/dns: remove unsafe endianness detection on Linux 2020-12-21 13:11:09 -08:00
Brad Fitzpatrick
f9659323df wgengine/router/dns: fix typo in comment 2020-12-21 13:07:30 -08:00
Brad Fitzpatrick
053a1d1340 all: annotate log verbosity levels on most egregiously spammy log prints 
Fixes #924
Fixes #282

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2020-12-21 12:59:33 -08:00
Josh Bleecher Snyder
6db9c4a173 wgenginer/router/dns: use constant from golang.org/x/sys/windows 
Made available in https://golang.org/cl/277153
 2020-12-10 17:23:01 -08:00
Aleksandar Pesic
0dc295a640 Isolate WireGuard code into a separate file with appropriate copyright info in header. 
Signed-off-by: Aleksandar Pesic <peske.nis@gmail.com>
 2020-12-11 01:08:41 +01:00
Aleksandar Pesic
d854fe95d2 Trivial change in function description. 
Signed-off-by: Aleksandar Pesic <peske.nis@gmail.com>
 2020-12-11 00:55:37 +01:00
Aleksandar Pesic
338fd44657 Replace registry-access code, update wireguard-go and x/sys/windows. 
Signed-off-by: Aleksandar Pesic <peske.nis@gmail.com>
 2020-12-11 00:37:24 +01:00
Aleksandar Pesic
274d32d0aa Prepare for the new wireguard-go API. 
Signed-off-by: Aleksandar Pesic <peske.nis@gmail.com>
 2020-12-11 00:08:28 +01:00
Brad Fitzpatrick
fc8bc76e58 wgengine/router: lock goroutine to OS thread before using OLE [windows] 
See https://github.com/tailscale/tailscale/issues/921#issuecomment-727526807

Not yet sure whether this is our problem, but it can't hurt at least,
and seems like what we're supposed to do.

Updates #921
 2020-11-16 09:55:44 -08:00
David Anderson
a664aac877 wgengine/router: disable IPv6 if v6 policy routing is unavailable. 
Fixes #895.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2020-11-11 15:31:15 -08:00