TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-10-09 16:11:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,840 Commits 942 Branches 190 Tags
b45bb577a00b12072142b9904a4a380085a26a0a
Commit Graph

3840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Maisem Ali
b45bb577a0 net/dnscache: do not call LookupIPFallback if the context was canceled. 
When the context is canceled, dc.dialOne returns an error from line 345.
This causes the defer on line 312 to try to resolve the host again, which
triggers a dns lookup of "127.0.0.1" from derp.

Updates tailscale/corp#4475

Signed-off-by: Maisem Ali <maisem@tailscale.com>
 2022-03-24 22:43:01 -07:00
Brad Fitzpatrick
8294915780 cmd/tailscale/cli: add start of 'ssh' subcommand 
Updates #3802

Change-Id: Iabc07c00c7e4f43944cfe7daec8d2b66ac002289
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-24 21:43:42 -07:00
Brad Fitzpatrick
06fcf3b225 cmd/tailscale: make status --peers=false work earlier + in JSON mode 
And return an error if you use non-flag arguments.

Change-Id: I0dd6c357eb5cabd0f17020f21ba86406aea21681
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-24 14:02:22 -07:00
Brad Fitzpatrick
5df12b9059 client/tailscale, cmd/tailscale, localapi: add 'tailscale nc' (actually) 
Adds missing file from fc12cbfcd3.

GitHub was having issues earlier and it was all green because the
checks never actually ran, but the DCO non-Actions check at least did,
so "green" and I merged, not realizing it hadn't really run anything.

Updates #3802

Change-Id: I29f605eebe5336f1f3ca28ebb78b092dd99d9fd8
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-24 11:36:34 -07:00
Brad Fitzpatrick
fc12cbfcd3 client/tailscale, cmd/tailscale, localapi: add 'tailscale nc' 
This adds a "tailscale nc" command that acts a bit like "nc", but
dials out via tailscaled via localapi.

This is a step towards a "tailscale ssh", as we'll use "tailscale nc"
as a ProxyCommand for in some cases (notably in userspace mode).

But this is also just useful for debugging & scripting.

Updates #3802

RELNOTE=tailscale nc

Change-Id: Ia5c37af2d51dd0259d5833d80264d3ad5f68446a
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-24 10:28:53 -07:00
Brad Fitzpatrick
b647977b33 net/netutil: move some net utils from control/controlhttp to netutil 
In prep for reuse elsewhere.

Change-Id: I1b804edf76ac66b9108e6f434e77eab7a7472d69
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-24 09:56:10 -07:00
Brad Fitzpatrick
d2f3ec8a63 envknob, ipn/ipnlocal: add SSH admin kill switch 
Updates #3802

Change-Id: I6127907446d1a6be1b097d9ba3b534f2b8eb707f
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-23 15:40:30 -07:00
Josh Bleecher Snyder
77b4fe0afa all: remove "no 1.18 support" failures 
We have worked around the issue in DERP,
so the vanilla Go 1.18 toolchain now works.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2022-03-23 13:04:48 -07:00
Brad Fitzpatrick
98984c1a9a cmd/proxy-to-grafana: fix package doc code snippet 
Markdown isn't supported.

Change-Id: I8d9bb92260c164dc277afbce624f64fc2faf5125
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-23 12:43:41 -07:00
Nick O'Neill
5fa502b5dc cmd/proxy-to-grafana: use grafana's authproxy to log in tailnet users (#4208) 
Signed-off-by: Nick O'Neill <nick@tailscale.com>
 2022-03-23 11:33:53 -07:00
Brad Fitzpatrick
4fc38888d2 go.mod: bump x/crypto for SSH change 
(for golang/go#51808)

Updates #3802

Change-Id: Ifbd483c0144b4c86da69143b23b2a06da7672c92
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-23 10:22:16 -07:00
Brad Fitzpatrick
8144c6d87d tsnet: fail with nice message with go1.18 on darwin 
Like we did in ead16b24ec for tailscaled.

Updates #4258
Due to golang/go#51759

Change-Id: I6effcea7c5f2ec264b9711f4c316f8fca09490f1
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-22 20:43:09 -07:00
Brad Fitzpatrick
0861923c21 ssh/tailssh, tailcfg: add more HoldAndDelegate expansions, document 
Updates #3802

Change-Id: I447f06b49e2a917bffe36881d0634c9195085512
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-22 17:56:45 -07:00
dependabot[bot]
a121b9f263 .github: Bump actions/checkout from 2 to 3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-22 16:07:00 -07:00
Brad Fitzpatrick
091ea4a4a5 ssh/tailssh: support placeholders in SSHAction.HoldAndDelegate URL 
Updates #3802

Change-Id: I60f9827409d14fd4f4824d102ba11db49bf0d365
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-22 16:02:40 -07:00
dependabot[bot]
257d75beb1 .github: Bump actions/setup-go from 2.1.5 to 3 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2.1.5 to 3.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v2.1.5...v3)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-22 15:58:46 -07:00
dependabot[bot]
f2b0faf91e .github: Bump actions/upload-artifact from 2.3.1 to 3 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2.3.1 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v2.3.1...v3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-22 15:57:32 -07:00
dependabot[bot]
7fbb6a76ad .github: Bump actions/cache from 2 to 3 
Bumps [actions/cache](https://github.com/actions/cache) from 2 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Commits](https://github.com/actions/cache/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-22 15:55:50 -07:00
Dave Anderson
0968b2d55a prober: support adding key/value labels to probes. (#4250) 
prober: add labels to Probe instances.

This allows especially dynamically-registered probes to have a bunch
more dimensions along which they can be sliced in Prometheus.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2022-03-22 13:45:11 -07:00
Brad Fitzpatrick
f3b13604b3 control/controlclient, ipn/ipnlocal, tailcfg: add MapResponse.PopBrowserURL 
Updates #3802

Change-Id: I89481fc5782a0cc8084354706f8f28d94f197325
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-22 09:37:00 -07:00
Brad Fitzpatrick
3ea6ddbb5f control/controlbase: use less memory when idle (remove rxState.buf) 
Uses 4KB less per Conn.

Fixes #4113

Change-Id: I38d25b1cf5ecf45423404a330b7ecab79a9fb176
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-21 17:47:50 -07:00
James Tucker
445c04c938 wgengine: inject packetbuffers rather than bytes (#4220) 
Plumb the outbound injection path to allow passing netstack
PacketBuffers down to the tun Read, where they are decref'd to enable
buffer re-use. This removes one packet alloc & copy, and reduces GC
pressure by pooling outbound injected packets.

Fixes #2741
Signed-off-by: James Tucker <james@tailscale.com>
 2022-03-21 14:58:43 -07:00
David Anderson
a09c30aac2 prober: refactor probe state into a Probe struct. 
Signed-off-by: David Anderson <danderson@tailscale.com>
 2022-03-21 13:45:08 -07:00
David Anderson
94aaec5c66 prober: rename Probe to ProbeFunc. 
Making way for a future Probe struct to encapsulate per-probe state.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2022-03-21 13:45:08 -07:00
David Anderson
7b4960316b tsweb: add PrometheusVar, for vars that want to output varz themselves. 
This enables the infrequent use of more complex Prometheus types, such as
timeseries with high/irregular label cardinality, without needing to
discover and implement generic abstracted type like LabelMap for each one.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2022-03-21 12:33:18 -07:00
Brad Fitzpatrick
f6642e0ece Makefile: add tidy target 
Change-Id: I6cd3a6837f9ddfd283f57378465dcefa4d0ada47
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-21 11:06:13 -07:00
James Tucker
73314009d0 go.mod: bump netstack (#4222) 
Primarily this is for f375784d83852b1e3ff20cc9de0648b3c0cf8525 and the
related commits that provide buffer pooling for the endpoint code paths
we use.

Signed-off-by: James Tucker <james@tailscale.com>
 2022-03-21 11:01:40 -07:00
Brad Fitzpatrick
f7e976db55 tailcfg, ssh/tailssh: make SSHUser value '=' map ssh-user to same local-user 
Updates #3802

Change-Id: Icde60d4150ca15c25d615a4effb3d3c236f020a8
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-21 10:49:37 -07:00
Brad Fitzpatrick
21445b56a5 control/controlbase: use less memory when idle (remove txState.buf) 
Uses 4KB less per Conn.

Updates #4113

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-20 16:35:43 -07:00
Brad Fitzpatrick
bfb4a4d9e9 tsnet: fix format string/argument mismatch in log output 
Change-Id: Ia7291ea47a289baec6cc6013d63d2f248ae57d9e
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-19 20:24:33 -07:00
David Anderson
19f61607b6 prober: run all probes once on initial registration. 
Turns out, it's annoying to have to wait the entire interval
before getting any monitorable data, especially for very long
interval probes like hourly/daily checks.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2022-03-19 18:54:33 -07:00
David Anderson
e41a3b983c prober: library to build healthchecking probers. 
Signed-off-by: David Anderson <danderson@tailscale.com>
 2022-03-19 18:38:32 -07:00
Brad Fitzpatrick
f2041c9088 all: use strings.Cut even more 
Change-Id: I943ce72c6f339589235bddbe10d07799c4e37979
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-19 13:02:38 -07:00
Brad Fitzpatrick
f30473211b ssh/tailssh: start of implementing optional session recording 
To asciinema cast format.

Updates #3802

Change-Id: Ifd3ea31922cd2c99068369cb1650e21f2545b0e1
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-19 12:59:51 -07:00
Josh Bleecher Snyder
32fd42430b all: use cibuild.On 
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2022-03-18 15:19:26 -07:00
Maisem Ali
b775df0b57 ssh/tailssh_test: skip TestSSH/stdin in CI 
Updates #4051

Signed-off-by: Maisem Ali <maisem@tailscale.com>
 2022-03-18 10:57:12 -07:00
Maisem Ali
309c0a13a5 tsweb: add FQDN to Port80Handler to allow HTTPS redirects 
When the request comes in say over http://mon, the current
implementation would rewrite it https://mon which causes the cert
validation to fail. This PR keeps the existing behavior intact but also
allows passing in a FQDN to the handler to reroute to the correct
hostname.

Related to https://github.com/tailscale/tailscale/pull/4208#pullrequestreview-913832340

Signed-off-by: Maisem Ali <maisem@tailscale.com>
 2022-03-18 10:16:08 -07:00
Maisem Ali
7f3d0992aa Makefile: use ./tool/go everywhere 
Signed-off-by: Maisem Ali <maisem@tailscale.com>
 2022-03-18 10:13:18 -07:00
Aaron Klotz
6e91f872af net/tshttpproxy: ensure we pass the correct flags to WinHttpOpen on Win7 and Win8.0 
The best flag to use on Win7 and Win8.0 is deprecated in Win8.1, so we resolve
the flag depending on OS version info.

Fixes https://github.com/tailscale/tailscale/issues/4201

Signed-off-by: Aaron Klotz <aaron@tailscale.com>
 2022-03-18 11:05:02 -06:00
Brad Fitzpatrick
1db46919ab cmd/tailscaled: make build fail nicely on older Go versions 
Due to a bug in Go (golang/go#51778), cmd/go doesn't warn about your
Go version being older than the go.mod's declared Go version in that
case that package loading fails before the build starts, such as when
you use packages that are only in the current version of Go, like our
use of net/netip.

This change works around that Go bug by adding build tags and a
pre-Go1.18-only file that will cause Go 1.17 and earlier to fail like:

    $ ~/sdk/go1.17/bin/go install ./cmd/tailscaled
    # tailscale.com/cmd/tailscaled
    ./required_version.go:11:2: undefined: you_need_Go_1_18_to_compile_Tailscale
    note: module requires Go 1.18

Change-Id: I39f5820de646703e19dde448dd86a7022252f75c
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-18 08:25:51 -07:00
David Anderson
2a412ac9ee .github/workflows: work around golang/go#51629 
Incidentally, simplify the go generate CI workflow, by
marking the dnsfallback update non-hermetic (so CI will
skip it) rather than manually filter it out of `go list`.

Updates #4194

Signed-off-by: David Anderson <danderson@tailscale.com>
 2022-03-17 17:22:17 -07:00
Brad Fitzpatrick
18818763d1 derp: set Basic Constraints on metacert 
See https://github.com/golang/go/issues/51759#issuecomment-1071147836

Once we deploy this, tailscaled should work again for macOS users with
Go 1.18.

Updates golang/go#51759

Change-Id: I869b6ddc556a2de885e96ccf9f335dfc8f6f6a7e
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-17 15:38:21 -07:00
Simon Deziel
eaf5591953 scripts: install gnupg only when apt-key is needed 
apt-key depends on gnupg but apt-key itself if not used
on modern systems (APT_KEY_TYPE=keyring).

Signed-off-by: Simon Deziel <simon@sdeziel.info>
 2022-03-17 15:11:25 -07:00
Maisem Ali
bd073b8dd6 types/views: rename Generic to Unwrap 
Signed-off-by: Maisem Ali <maisem@tailscale.com>
 2022-03-17 14:41:57 -07:00
Maisem Ali
1e12a29806 ssh/tailssh_test: Skip the env test in CI 
Updates #4051

Signed-off-by: Maisem Ali <maisem@tailscale.com>
 2022-03-17 14:34:49 -07:00
Josh Bleecher Snyder
0868329936 all: use any instead of interface{} 
My favorite part of generics.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2022-03-17 11:35:09 -07:00
Josh Bleecher Snyder
5f176f24db go.mod: upgrade to the latest wireguard-go 
This pulls in a handful of fixes and an update to Go 1.18.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2022-03-17 10:59:39 -07:00
Brad Fitzpatrick
2708544018 tsnet: add some usability polish, remove WIP env var restriction 
Change-Id: Id9ec1713c65cdd597d20b03e21e11cd60b54bb6a
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-17 10:59:21 -07:00
Josh Bleecher Snyder
997b19545b syncs: use TryLock and TryRLock instead of unsafe 
The docs say:

Note that while correct uses of TryLock do exist, they are rare,
and use of TryLock is often a sign of a deeper problem in a particular use of mutexes.

Rare code! Or bad code! Who can tell!

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2022-03-17 10:57:41 -07:00
Brad Fitzpatrick
ead16b24ec cmd/tailscaled: fail early with nice error on macOS with go1.18 
Due to golang/go#51759

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-03-17 10:41:50 -07:00