TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2024-11-26 03:25:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,795 Commits 706 Branches 157 Tags 102 MiB
e9e4f1063d
Commit Graph

289 Commits

Author SHA1 Message Date
Brad Fitzpatrick
c64bd587ae net/portmapper: add NAT-PMP client, move port mapping service probing 
* move probing out of netcheck into new net/portmapper package
* use PCP ANNOUNCE op codes for PCP discovery, rather than causing
  short-lived (sub-second) side effects with a 1-second-expiring map +
  delete.
* track when we heard things from the router so we can be less wasteful
  in querying the router's port mapping services in the future
* use portmapper from magicsock to map a public port

Fixes #1298
Fixes #1080
Fixes #1001
Updates #864

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-02-23 09:07:38 -08:00
Matt Layher
2c500cee23 go.mod: bump github.com/mdlayher/netlink, github.com/jsimonetti/rtnetlink 
Signed-off-by: Matt Layher <mdlayher@gmail.com>
 2021-02-22 06:20:56 -08:00
Brad Fitzpatrick
86d3a6c9a6 Switch to Go 1.16. 
Fixes #1370

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-02-19 13:18:31 -08:00
Brad Fitzpatrick
826f64e863 cmd/tailscale/cli: add netcheck dev knob TS_DEBUG_NETCHECK_UDP_BIND 2021-02-19 07:48:35 -08:00
Brad Fitzpatrick
7ad3af2141 cmd/tailscale/cli: remove outdated TODO 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-02-18 15:11:00 -08:00
Sonia Appasamy
76fb27bea7
dnsname,tailcfg: add hostname sanitation logic to node display names (#1304) 
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
 2021-02-18 17:15:38 -05:00
Brad Fitzpatrick
fd8e070d01 health, control/controlclient, wgengine: report when router unhealthy 
Updates tailscale/corp#1338

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-02-18 11:48:48 -08:00
Brad Fitzpatrick
38629b62fc cmd/tailscaled: on darwin, fail early if not root with nicer message 
Don't do it on all platforms, as Linux folk might be playing
container + capability games.
 2021-02-17 15:45:50 -08:00
Brad Fitzpatrick
d3efe8caf6 safesocket, ipn/ipnserver: look up peer creds on Darwin 
And open up socket permissions like Linux, now that we know who
connections are from.

This uses the new inet.af/peercred that supports Linux and Darwin at
the moment.

Fixes #1347
Fixes #1348

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-02-16 20:38:44 -08:00
Brad Fitzpatrick
dec01ef22b safesocket: make ConnectDefault use paths pkg, fixing tailscaled-on-macOS 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-02-15 11:33:12 -08:00
Brad Fitzpatrick
7e00100a0a cmd/hello: make whois client work on macOS against GUI client 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-02-15 11:33:09 -08:00
Brad Fitzpatrick
fdac0387a7 ipn/ipnserver, ipn/ipnlocal: move whois handler to new localapi package 2021-02-15 10:46:22 -08:00
Brad Fitzpatrick
d7569863b5 cmd/tailscaled: fix up install-system-daemon on darwin, add uninstall too 
Tangentially related to #987, #177, #594, #925, #505
 2021-02-14 21:12:30 -08:00
Brad Fitzpatrick
52e24aa966 net/{interfaces,ns}: add tailscaled-mode darwin routing looping prevention 
Fixes #1331

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-02-14 12:47:47 -08:00
Brad Fitzpatrick
29b028b9c4 cmd/tailscaled: add subcommand on darwin to install+start tailscaled under launchd 
Tangentially related to #987, #177, #594, #925.
 2021-02-13 12:57:49 -08:00
Brad Fitzpatrick
741d654aa3 derp/derphttp: add a context and infoLogger option to RunWatchConnectionLoop 2021-02-12 10:59:11 -08:00
Brad Fitzpatrick
6680976b50 cmd/tailscaled: pick automatic tun device name on darwin 2021-02-11 20:10:07 -08:00
Ross Zurowski
25321cbd01
cmd/hello: truncate long strings (#1328) 
Signed-off-by: Ross Zurowski <ross@rosszurowski.com>
 2021-02-11 20:56:22 -05:00
Brad Fitzpatrick
5378776043 cmd/hello: chop DNS name at first dot 2021-02-11 16:38:26 -08:00
Ross Zurowski
6075135e0a
cmd/hello: style welcome message (#1325) 
Signed-off-by: Ross Zurowski <ross@rosszurowski.com>
 2021-02-11 17:42:07 -05:00
Brad Fitzpatrick
34ffd4f7c6 cmd/hello: serve fake data in dev mode on whois failure 2021-02-11 10:57:08 -08:00
Brad Fitzpatrick
de3001bc79 cmd/hello: in dev mode, live reload template 2021-02-11 10:53:33 -08:00
Brad Fitzpatrick
1e7a35b225 types/netmap: split controlclient.NetworkMap off into its own leaf package 
Updates #1278

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-02-05 16:18:52 -08:00
Brad Fitzpatrick
ddfcc4326c types/persist: split controlclient.Persist into a small leaf package 
This one alone doesn't modify the global dependency map much
(depaware.txt if anything looks slightly worse), but it leave
controlclient as only containing NetworkMap:

bradfitz@tsdev:~/src/tailscale.com/ipn$ grep -F "controlclient." *.go
backend.go:     NetMap        *controlclient.NetworkMap // new netmap received
fake_test.go:   b.notify(Notify{NetMap: &controlclient.NetworkMap{}})
fake_test.go:   b.notify(Notify{NetMap: &controlclient.NetworkMap{}})
handle.go:      netmapCache       *controlclient.NetworkMap
handle.go:func (h *Handle) NetMap() *controlclient.NetworkMap {

Once that goes into a leaf package, then ipn doesn't depend on
controlclient at all, and then the client gets smaller.

Updates #1278
 2021-02-05 15:25:33 -08:00
David Anderson
a046b48593 cmd/tailscale/cli: display currently active exit node in tailscale status. 
Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-02-05 14:53:17 -08:00
Brad Fitzpatrick
6064b6ff47 wgengine/wgcfg/nmcfg: split control/controlclient/netmap.go into own package 
It couldn't move to ipnlocal due to test dependency cycles.

Updates #1278

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-02-05 14:21:30 -08:00
David Anderson
b9c2231fdf ipn: program exit node into the data plane according to user pref. 
Part of #1153, #1154. Fixes #1224.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-02-05 13:07:11 -08:00
Brad Fitzpatrick
fb6b0e247c cmd/tailscaled: rename Windows service to just Tailscale 
Updates #1232
 2021-02-05 11:13:34 -08:00
Brad Fitzpatrick
a7562be5e1 cmd/tailscaled: move more of the Windows server setup code into tailscaled 
Updates #1232
 2021-02-05 09:53:54 -08:00
Brad Fitzpatrick
6f7974b7f2 cmd/tailscaled: add missing depaware.txt update 2021-02-05 08:48:00 -08:00
Brad Fitzpatrick
6099ecf7f4 cmd/tailscaled: run as a service on Windows 
Updates #1232
 2021-02-05 08:46:12 -08:00
Josh Bleecher Snyder
aa6856a9eb wgengine: adapt to wireguard-go changes 
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2021-02-04 15:15:33 -08:00
Brad Fitzpatrick
d76334d2f0 ipn: split LocalBackend off into new ipn/ipnlocal package 
And move a couple other types down into leafier packages.

Now cmd/tailscale doesn't bring in netlink, magicsock, wgengine, etc.

Fixes #1181

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-02-04 14:04:23 -08:00
Brad Fitzpatrick
6254efb9ef cmd/tailscale{,d}: move debug subcommand to tailscaled 
Work on reducing the size of the tailscale binary, which is
currently pulling in most of the same code as tailscaled.

Updates #1181
 2021-02-04 12:23:06 -08:00
Brad Fitzpatrick
9a70789853 cmd/tailscale: fix IPN message reading stall in tailscale status -web 
Fixes #1234
Updates #1254
 2021-02-02 14:51:44 -08:00
Brad Fitzpatrick
c7d4bf2333 cmd/tailscale/cli: recommend sudo for 'tailscale up' on failure 
Fixes #1220
 2021-02-01 13:53:57 -08:00
Brad Fitzpatrick
2889fabaef cmd/tailscaled/tailscaled.service: revert recent hardening for now 
It broke Debian Stretch. We'll try again later.

Updates #1245

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-02-01 13:37:48 -08:00
Brad Fitzpatrick
60e189f699 cmd/hello: use safesocket client to connect 2021-01-29 13:49:17 -08:00
Brad Fitzpatrick
006a224f50 ipn/ipnserver, cmd/hello: do whois over unix socket, not debug http 
Start of a local HTTP API. Not a stable interface yet.
 2021-01-29 13:23:13 -08:00
Josh Bleecher Snyder
fe7c3e9c17 all: move wgcfg from wireguard-go 
This is mostly code movement from the wireguard-go repo.

Most of the new wgcfg package corresponds to the wireguard-go wgcfg package.

wgengine/wgcfg/device{_test}.go was device/config{_test}.go.
There were substantive but simple changes to device_test.go to remove
internal package device references.

The API of device.Config (now wgcfg.DeviceConfig) grew an error return;
we previously logged the error and threw it away.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2021-01-29 12:52:56 -08:00
Brad Fitzpatrick
0bc73f8e4f cmd/hello: new hello.ipn.dev server 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-01-29 12:23:13 -08:00
David Anderson
de497358b8 cmd/tailscaled: add /run to the allowed paths for iptables. 
Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-01-28 12:58:07 -08:00
David Anderson
692a011b54 net/interfaces: remove IsTailscaleIP, make callers use tsaddr. 
Signed-off-by: David Anderson <danderson@tailscale.com>
 2021-01-26 15:10:51 -08:00
Brad Fitzpatrick
a7edcd0872 ipn/ipnstate: update tailscale status -web to match CLI 2021-01-26 08:29:59 -08:00
Sonia Appasamy
567c5a6d9e
tailcfg, controlclient: add DisplayName field to tailcfg.Node and populate it from controlclient (#1191) 
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
 2021-01-25 17:41:39 -05:00
Brad Fitzpatrick
9ce92aad3e cmd/tailscaled: update depaware.txt 2021-01-22 14:44:40 -08:00
Brad Fitzpatrick
eb47cba435 cmd/tailscaled: don't require --state for --cleanup 2021-01-22 11:35:22 -08:00
Josh Bleecher Snyder
d5baeeed5c wgengine: use Tailscale-style peer identifiers in logs 
Rewrite log lines on the fly, based on the set of known peers.

This enables us to use upstream wireguard-go logging,
but maintain the Tailscale-style peer public key identifiers
that the rest of our systems (and people) expect.

Fixes #1183

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
 2021-01-21 19:13:32 -08:00
Brad Fitzpatrick
4306433d1c cmd/tailscale: make "tailscale ping" also resolve names without DNS 
This lets "tailscale ping $NAME" work even if MagicDNS is off, letting you
ping a name that shows up in "tailscale status".

More user friendly.
 2021-01-21 15:45:36 -08:00
Brad Fitzpatrick
9541886856 wgengine/magicsock: disable regular STUNs for all platforms by default 
Reduces background CPU & network.

Updates #1034

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-01-21 14:56:07 -08:00