Brad Fitzpatrick
d5d70ae9ea
wgengine/monitor: reduce Linux log spam on down
...
Fixes #1689
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-12 10:38:51 -07:00
Brad Fitzpatrick
c0befee188
portlist: use windows OpenCurrentProcessToken, not GetCurrentProcessToken
...
The latter only works on Windows 8+.
Also add a TODO to get do this all more efficiently.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-12 09:23:52 -07:00
Brad Fitzpatrick
e619296ece
portlist: filter out all of 127.0.0.0/8, not just 127.0.0.1/32
...
Per user private bug report.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-12 09:17:39 -07:00
Brad Fitzpatrick
f325aa7e38
portlist: exclude services bound to IPv6 loopback address
...
Fixes #1683
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-12 09:07:16 -07:00
David Anderson
87eb8384f5
net/dns: fix up NetworkManager configurator a bit.
...
Clear LLMNR and mdns flags, update reasoning for our settings,
and set our override priority harder than before when we want
to be primary resolver.
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-11 23:19:50 -07:00
Brad Fitzpatrick
303805a389
ipn/localapi: require write access to PATCH prefs
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-11 21:31:20 -07:00
David Anderson
3d81e6260b
net/dns: set resolved DefaultRoute setting according to split-dns mode.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-11 20:53:28 -07:00
David Anderson
cca230cc23
net/dns: fix staticcheck errors.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-11 20:53:28 -07:00
Brad Fitzpatrick
79109f4965
ipn/ipnlocal: use PATCH for EditPrefs, not POST
...
Addendum to earlier 00d641d9fc
.
Reserve POST for SetPrefs in the future.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-11 20:49:07 -07:00
Brad Fitzpatrick
4b47393e0c
net/dns: pacify staticcheck for now
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-11 20:43:15 -07:00
David Anderson
a7340c2015
net/dns: support split DNS in systemd-resolved.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-11 18:14:23 -07:00
Brad Fitzpatrick
00d641d9fc
ipn/localapi: move EditPrefs to localapi
...
Follow-up/revision to recent 53cfff109b
which
added EditPrefs.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-11 16:11:43 -07:00
David Anderson
84430cdfa1
net/dns: improve NetworkManager detection, using more DBus.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-11 15:22:06 -07:00
David Anderson
9a48bac8ad
net/dns: rename resolvconf.go to debian_resolvconf.go.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-10 23:31:14 -07:00
David Anderson
9831f1b183
net/dns: also include 'tail' and 'base' files when fixing up resolv.conf.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-10 23:01:11 -07:00
David Anderson
e43afe9140
net/dns: implement prior config reading for debian resolvconf.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-10 22:37:13 -07:00
David Anderson
143e5dd087
net/dns: rename script variable.
...
Debian resolvconf is not legacy, it's alive and well,
just historically before the other implementations.
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-10 21:28:27 -07:00
David Anderson
55b39fa945
net/dns: add documentation to openresolv's config fetch.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-10 20:21:05 -07:00
David Anderson
61b361bac0
net/dns: teach the openresolv manager to read DNS config.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-10 19:37:11 -07:00
David Anderson
19eca34f47
wgengine/router: fix FreeBSD configuration failure on the v6 /48.
...
On FreeBSD, we add the interface IP as a /48 to work around a kernel
bug, so we mustn't then try to add a /48 route to the Tailscale ULA,
since that will fail as a dupe.
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-10 19:36:26 -07:00
David Anderson
58760f7b82
net/dns: split resolvconfManager into a debian and an openresolv manager.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-10 18:55:05 -07:00
David Anderson
5480189313
net/dns: implement a DNS override workaround for legacy resolvconf.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-10 17:58:13 -07:00
David Anderson
1a371b93be
util/dnsname: add FQDN type, use throughout codebase.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-10 17:58:13 -07:00
AdamKorcz
7a1813fd24
Added 2 fuzzers
...
Signed-off-by: AdamKorcz <adam@adalogics.com>
2021-04-10 11:40:10 -07:00
Daniel Chung
5e90037f1a
api.md: clarify response behaviour for ACL POST endpoint
...
Signed-off-by: Daniel Chung <daniel@tailscale.com>
2021-04-10 11:38:12 -07:00
Simon Kirillov
a64b57e2fb
control/controlclient: create tls client config with server hostname instead of serverURL.Host
...
Signed-off-by: Simon Kirillov <svkirillov3@gmail.com>
2021-04-10 11:20:10 -07:00
Brad Fitzpatrick
958782c737
cmd/{tailscale,tailscaled}: use netstack for subnet routing on Synology
...
Updates #707
Fixes #451
Fixes tailscale/tailscale-synology#52 (just make it work by default)
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-09 18:44:33 -07:00
Brad Fitzpatrick
3b451509dd
cmd/tailscale/cli: make advertise-{routes,exit-node} available unconditionally
...
It was only Linux and BSDs before, but now with netstack mode, it also works on
Windows and darwin. It's not worth limiting it to certain platforms.
Tailscaled itself can complain/fail if it doesn't like the settings
for the mode/OS it's operating under.
Updates #707
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-09 18:37:24 -07:00
Brad Fitzpatrick
83402e2753
cmd/tailscale/cli: show nicer status output when logged out
...
Also nicer output when running "down".
Fixes #1680
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-09 18:25:22 -07:00
Brad Fitzpatrick
5c5acadb2a
portlist: unexport SameInodes method
...
Signed-off-by: Brad Fitzpatrick <brad@danga.com>
2021-04-09 15:16:36 -07:00
Brad Fitzpatrick
3167e55ddf
ipn/{ipnlocal,localapi}, cmd/tailscale: add logout command
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-09 13:26:35 -07:00
Brad Fitzpatrick
11127666b2
ipn/ipnlocal: fix deadlock from 227f73284
...
Sigh.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-09 13:23:34 -07:00
Brad Fitzpatrick
227f73284f
ipn/ipnlocal: eagerly announce peerapi service(s) on change
...
We were previously only doing it as a side effect of the port poller,
which doesn't run on e.g. iOS.
Updates tailscale/corp#1559
2021-04-09 12:10:52 -07:00
Brad Fitzpatrick
fe23506471
ipn/ipnlocal: avoid unneeded initPeerAPIListener work if no changes
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-09 11:13:46 -07:00
Brad Fitzpatrick
20e7646b8d
ipn/ipnlocal: always set Notify.FilesWaiting, set IncomingFiles non-nil when empty
2021-04-09 07:59:36 -07:00
Brad Fitzpatrick
b0af15ff5c
portlist: remove some old TODOs
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-09 07:50:00 -07:00
David Anderson
e638a4d86b
net/dns: make directManager support split DNS, and work in sandboxes.
...
Fixes #1495 , #683 .
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-09 02:52:21 -07:00
David Anderson
2685260ba1
net/dns: add temporary fallback to quad-9 resolver for split-DNS testing.
...
This allows split-DNS configurations to not break clients on OSes that
haven't yet been ported to understand split DNS, by falling back to quad-9
as a global resolver when handed an "impossible to implement"
split-DNS config.
Part of #953 . Needs to be removed before shipping 1.8.
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-08 23:26:22 -07:00
David Anderson
b9e194c14b
net/dns: add missing FQDN qualification.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-08 23:07:16 -07:00
Brad Fitzpatrick
c50c3f0313
tailcfg: document new RegisterRequest.Expiry behavior
...
Deployed to control server.
For upcoming "logout" command and fixes.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-08 22:27:14 -07:00
David Anderson
b74a8994ca
net/dns: make FQDN dot style consistent in more places.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-08 22:03:32 -07:00
Brad Fitzpatrick
6d01d3bece
ipn/ipnlocal: provide IPN bus updates as files arrive
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-08 20:09:52 -07:00
David Anderson
2f398106e2
ipn/ipnlocal: allow setting MagicDNS without DefaultResolvers.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-08 16:23:33 -07:00
David Anderson
fad21af01c
tailcfg: add DNS routes and advanced resolver config.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-08 15:29:08 -07:00
Brad Fitzpatrick
6a7912e37a
cmd/tailscale/cli: add debug mode to push slowly for testing
...
Also set Content-Length when known, and fail explicitly on sending
directories for now.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-08 15:01:12 -07:00
Brad Fitzpatrick
a9a3d3b4c1
ipn/ipnlocal: don't filter by time in FileTargets
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-08 14:02:07 -07:00
David Anderson
6def647514
net/dns/resolver: don't avoid tailscale routes for DNS forwarding.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-04-08 12:20:42 -07:00
Brad Fitzpatrick
597c19ff4e
control/controlclient: refactor some internals
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-07 21:20:17 -07:00
Brad Fitzpatrick
71432c6449
ipn/ipnlocal: some more variable renames
...
Missed in earlier commit.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-07 21:17:33 -07:00
Brad Fitzpatrick
e86b7752ef
ipn/ipnlocal: rename some variables to be consistent
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-07 21:12:28 -07:00