Brad Fitzpatrick
f915ab6552
net/tshttpproxy: add start of Kerberos Negotiate auth to proxies on Windows
...
For now only used by a new cmd/tailscale debug --get-url
subcommand. Not yet wired up to the places making HTTP requests.
Updates tailscale/corp#583
2020-08-25 13:49:06 -07:00
Brad Fitzpatrick
c5eb57f4d6
net/tshttpproxy: new package, support WPAD/PAC proxies on Windows
...
Updates tailscale/corp#553
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-18 15:40:56 -07:00
Brad Fitzpatrick
87cbc067c2
cmd/tailscale/cli: validate advertised routes' IP address-vs-network bits
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-10 09:16:49 -07:00
Brad Fitzpatrick
b840e7dd5b
go mod tidy
2020-08-06 21:24:09 -07:00
Josh Bleecher Snyder
1b27eb431a
go.mod: update to newly rebased wireguard-go
2020-08-06 17:50:31 -07:00
Brad Fitzpatrick
43e2efe441
go mod tidy
2020-07-27 10:20:30 -07:00
Brad Fitzpatrick
648268192b
go.mod: bump wireguard-go
2020-07-24 08:54:17 -07:00
Dmytro Shynkevych
3efc29d39d
go.mod: bump netaddr.
...
Closes #567 .
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-18 04:28:03 -04:00
Brad Fitzpatrick
cdfea347d0
wgengine: update for tailscale/wireguard-go API changes
...
* update to new HandshakeDone signature
* use new Device.IpcGetOperationFiltered call to avoid sending allowed_ips
See dd6c1c8fe1
2020-07-15 20:30:45 -07:00
Dmytro Shynkevych
30bbbe9467
wgengine/router: dns: unify on *BSD, multimode on Linux, Magic DNS ( #536 )
...
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-14 09:12:00 -04:00
Dmytro Shynkevych
21d1dbfce0
wgengine/tsdns: local DNS server for testing
...
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-10 14:56:59 -04:00
Brad Fitzpatrick
98ffd78251
go.mod: bump wireguard-go dep
2020-07-09 21:46:44 -07:00
Dmytro Shynkevych
67ebba90e1
tsdns: dual resolution mode, IPv6 support ( #526 )
...
This change adds to tsdns the ability to delegate lookups to upstream nameservers.
This is crucial for setting Magic DNS as the system resolver.
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-07 15:25:32 -04:00
Brad Fitzpatrick
4db60a8436
wgengine/monitor: parse Linux netlink messages, ignore our own events
...
Fixes tailscale/corp#412 ("flood of link change events at start-up")
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-07-06 22:42:01 -07:00
Brad Fitzpatrick
32156330a8
net/interfaces: add func LikelyHomeRouterIP
...
For discovering where we might direct NAT-PMP/PCP/UPnP queries at in
the future.
2020-07-06 10:38:00 -07:00
Brad Fitzpatrick
9fbe8d7cf2
go.mod: bump wireguard
2020-07-03 14:09:29 -07:00
Brad Fitzpatrick
7883e5c5e7
go.mod: restore staticcheck module, make it stick around, go mod tidy
...
It kept coming & going as different people ran go mod tidy and others
ran staticcheck.
Make it stop going away with go mod tidy by adding a dep to it.
2020-07-02 22:55:14 -07:00
David Anderson
9cd4e65191
smallzstd: new package that constructs zstd small encoders/decoders.
...
It's just a config wrapper that passes "use less memory at the
expense of compression" parameters by default, so that we don't
accidentally construct resource-hungry (de)compressors.
Also includes a benchmark that measures the memory cost of the
small variants vs. the stock variants. The savings are significant
on both compressors (~8x less memory) and decompressors (~1.4x less,
not including the savings from the significantly smaller
window on the compression side - with those savings included it's
more like ~140x smaller).
BenchmarkSmallEncoder-8 56174 19354 ns/op 31 B/op 0 allocs/op
BenchmarkSmallEncoderWithBuild-8 2900 382940 ns/op 1746547 B/op 36 allocs/op
BenchmarkStockEncoder-8 48921 25761 ns/op 286 B/op 0 allocs/op
BenchmarkStockEncoderWithBuild-8 426 2630241 ns/op 13843842 B/op 124 allocs/op
BenchmarkSmallDecoder-8 123814 9344 ns/op 0 B/op 0 allocs/op
BenchmarkSmallDecoderWithBuild-8 41547 27455 ns/op 27694 B/op 31 allocs/op
BenchmarkStockDecoder-8 129832 9417 ns/op 1 B/op 0 allocs/op
BenchmarkStockDecoderWithBuild-8 25561 51751 ns/op 39607 B/op 92 allocs/op
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-02 16:13:06 -07:00
Brad Fitzpatrick
a477e70632
tstest/natlab: network address allocation
...
Pairing with @danderson
2020-07-02 13:39:41 -07:00
Brad Fitzpatrick
77d3ef36f4
wgengine/magicsock: hook up discovery messages, upgrade to LAN works
...
Ping messages now go out somewhat regularly, pong replies are sent,
and pong replies are now partially handled enough to upgrade off DERP
to LAN.
CallMeMaybe packets are sent & received over DERP, but aren't yet
handled. That's next (and regular maintenance timers), and then WAN
should work.
Updates #483
2020-07-01 13:00:50 -07:00
Brad Fitzpatrick
9b8ca219a1
wgengine/magicsock: remove allocs in UDP write, use new netaddr.PutUDPAddr
...
The allocs were only introduced yesterday with a TODO. Now they're gone again.
2020-07-01 10:17:08 -07:00
Brad Fitzpatrick
eb4eb34f37
disco: new package for parsing & marshaling discovery messages
...
Updates #483
2020-06-29 21:54:34 -07:00
David Anderson
10368ef4c0
go.mod: bump wireguard-go version.
2020-06-17 02:54:18 +00:00
Brad Fitzpatrick
6757c990a8
Fix staticcheck warning, add Makefile with staticcheck targets, lock in staticcheck version in go.mod
2020-06-15 11:05:46 -07:00
David Anderson
e01a4c50ba
go.mod: require Go 1.14, since we use some of its features.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-06-03 17:53:48 -07:00
Brad Fitzpatrick
722673f307
Update go4.org/mem, adjust to revised API.
2020-05-31 20:22:46 -07:00
Brad Fitzpatrick
c5495288a6
Bump inet.af/netaddr dep for FromStdIP behavior change I want to depend on.
2020-05-28 09:34:41 -07:00
Brad Fitzpatrick
e6b84f2159
all: make client use server-provided DERP map, add DERP region support
...
Instead of hard-coding the DERP map (except for cmd/tailscale netcheck
for now), get it from the control server at runtime.
And make the DERP map support multiple nodes per region with clients
picking the first one that's available. (The server will balance the
order presented to clients for load balancing)
This deletes the stunner package, merging it into the netcheck package
instead, to minimize all the config hooks that would've been
required.
Also fix some test flakes & races.
Fixes #387 (Don't hard-code the DERP map)
Updates #388 (Add DERP region support)
Fixes #399 (wgengine: flaky tests)
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-05-23 22:31:59 -07:00
David Anderson
39d20e8a75
go.mod: bump wireguard-go version.
2020-05-18 21:03:48 +00:00
David Anderson
cd2f6679bb
go.mod: bump wireguard-go version.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-05-15 22:29:27 +00:00
Brad Fitzpatrick
e42ec4efba
derp/derphttp: use SOCKS/etc proxies for derphttp dials
...
Updates #227
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-05-12 14:38:15 -07:00
halulu
874be6566d
netcheck: DERP latency over HTTPS when UDP is blocked
...
* netcheck: DERP letency over HTTPS when UDP failed
Updates #207
Signed-off-by: Zijie Lu <zijie@tailscale.com>
* netcheck: async DERP latency check over HTTPS
Updates #207
Signed-off-by: Zijie Lu <zijie@tailscale.com>
* netcheck: DERP latency check over HTTPS: fix concurrent map
Updates #207
Signed-off-by: Zijie Lu <zijie@tailscale.com>
* netcheck: DERP latency check over HTTPS: some improvements
Updates #207
Signed-off-by: Zijie Lu <zijie@tailscale.com>
* netcheck: DERP latency check over HTTPS: use timeout context
Updates #207
Signed-off-by: Zijie Lu <zijie@tailscale.com>
* netcheck: DERP latency check over HTTPS: use report mutex
Updates #207
Signed-off-by: Zijie Lu <zijie@tailscale.com>
* netcheck: DERP latency check over HTTPS if UDP is BLOCKED
Updates #207
Signed-off-by: Zijie Lu <zijie@tailscale.com>
* netcheck: DERP latency check over HTTPS: new function measureHTTPSLatency
Updates #207
Signed-off-by: Zijie Lu <zijie@tailscale.com>
2020-05-11 11:23:09 -04:00
David Anderson
b01db109f5
wgengine/router: use inet.af/netaddr, not wgcfg.CIDR.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-05-07 23:40:03 -07:00
Elias Naur
0068e57407
go.mod,go.sum: bump golang.org/x/sys for the Android dup2 fix
...
No tidy, because it doesn't work for me:
$ go mod tidy
go: finding module for package tailscale.io/control
go: finding module for package tailscale.io/control/cfgdb
tailscale.com/control/controlclient tested by
tailscale.com/control/controlclient.test imports
tailscale.io/control: cannot find module providing package tailscale.io/control: unrecognized import path "tailscale.io/control": parse https://tailscale.io/control?go-get=1 : no go-import meta tags (meta tag tailscale.com did not match import path tailscale.io/control)
tailscale.com/control/controlclient tested by
tailscale.com/control/controlclient.test imports
tailscale.io/control/cfgdb: cannot find module providing package tailscale.io/control/cfgdb: unrecognized import path "tailscale.io/control/cfgdb": parse https://tailscale.io/control/cfgdb?go-get=1 : no go-import meta tags (meta tag tailscale.com did not match import path tailscale.io/control/cfgdb)
Signed-off-by: Elias Naur <mail@eliasnaur.com>
2020-05-01 18:41:19 +10:00
Brad Fitzpatrick
1a0f6fea58
go.mod, go.sum: bump wireguard-go, tidy
2020-04-26 08:06:06 -07:00
Brad Fitzpatrick
7fc97c5493
wgengine/magicsock: use netaddr more
...
In prep for deleting from the ever-growing maps.
2020-04-17 15:15:42 -07:00
Brad Fitzpatrick
6fb30ff543
wgengine/magicsock: start using inet.af/netaddr a bit
2020-04-17 13:51:52 -07:00
David Anderson
ccfc4e0634
go.mod: bump wireguard-go version.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-04-16 12:53:58 -07:00
Avery Pennarun
dc9b39e3fb
wgengine/windows: use new winipcfg.Sync{Addresses,Routes} functions.
...
This avoids flushing and reloading the whole list of addresses and
routes whenever remote node information changes.
2020-04-13 13:20:20 -04:00
Brad Fitzpatrick
780deb9996
go.mod, go.sum: update go4.org/mem to its new home in its own module
...
Cleans up our go.sum, not that it really matters.
2020-04-11 14:00:48 -07:00
Brad Fitzpatrick
922d9546bf
wgengine: don't allocate so much in userspaceEngine.getStatus
...
It was one of the top garbage producers on my phone.
It's slated to be deleted and replaced anyway, but this helps in the
meantime.
The go.sum changes look scary, but the new dep only adds 240 bytes to
the binary. The go.sum noise is just cmd/go being aggressive in
including a lot of stuff (which is being fixed in Go 1.15, for what I
understand). And I ran a go mod tidy, which added some too. (I had to
write a custom wrapper around go mod tidy because this mod tidy
normally breaks on tailscale.io/control being missing but referenced
in tests)
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-04-09 12:49:17 -07:00
Brad Fitzpatrick
59800138ff
bump wireguard dep
2020-04-07 10:02:34 -07:00
Brad Fitzpatrick
a4ef345737
cmd/tailscale: add status subcommand
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-27 20:34:36 -07:00
Brad Fitzpatrick
2c7ddd0828
go.mod, go.sum: tidy
2020-03-25 14:05:33 -07:00
David Anderson
cbd8aceb95
go.mod: bump wireguard-go version.
...
Fixes #219 .
Signed-off-by: David Anderson <dave@natulte.net>
2020-03-25 12:20:46 -07:00
Brad Fitzpatrick
f9184ad12b
go.mod: update wireguard-go for https://github.com/tailscale/wireguard-go/pull/13
2020-03-19 22:46:36 -07:00
Brad Fitzpatrick
5fa825f057
go.mod, go.sum: update
2020-03-19 08:49:12 -07:00
David Crawshaw
acd14960f8
go.mod: bump wireguard-go
...
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-19 09:10:13 +11:00
Brad Fitzpatrick
14a2564ef0
go.mod: bump wireguard-go
2020-03-18 13:26:08 -07:00
Brad Fitzpatrick
e085aec8ef
all: update to wireguard-go API changes
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-17 08:53:05 -07:00
David Anderson
bf98913106
go.mod: bump wireguard-go version.
...
Signed-off-by: David Anderson <dave@natulte.net>
2020-03-16 18:36:30 -07:00
David Anderson
72d9e1d633
go.mod: bump wireguard-go version.
2020-03-11 10:32:50 -07:00
David Crawshaw
af58cfc476
go.mod: bump wireguard-go version
...
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-11 11:29:14 -04:00
David Anderson
4affea2691
go.mod: bump wireguard-go version.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-03-10 18:00:37 -07:00
Brad Fitzpatrick
d07146aafb
go.mod, go.sum: update
2020-03-09 21:01:08 -07:00
David Anderson
96e0f86263
go.mod: bump wireguard-go.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-03-06 23:38:02 -08:00
David Anderson
b9512edb7b
go.mod: bump wireguard-go version.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-03-06 20:49:31 -08:00
David Anderson
9b802d338c
go.mod: pull in deadlock fix from tailscale/wireguard-go.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-03-06 20:43:38 -08:00
Brad Fitzpatrick
f6dd2128d9
version: bump
2020-03-06 14:57:27 -08:00
David Anderson
47265000da
Revert "update CI and everything to Go 1.14."
...
This reverts commit 905fe9f6a2
.
We're not quite ready to update the Mac/iOS builds to 1.14.
2020-03-06 13:45:54 -08:00
David Anderson
6b49347e4d
Update staticcheck version in go.mod.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-03-06 13:24:32 -08:00
David Anderson
905fe9f6a2
update CI and everything to Go 1.14.
2020-03-06 12:55:52 -08:00
David Crawshaw
551964c562
go.mod: update wireguard-go version
...
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-04 21:29:53 -05:00
David Crawshaw
4a7638c319
go.mod: update wireguard-go version
...
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-04 18:13:56 -05:00
Brad Fitzpatrick
89a2c3eb04
wgengine: don't create duplicate iptables rules on Linux, clean up
...
Fixes #131
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-03 13:46:53 -08:00
Brad Fitzpatrick
11489a6e67
go.sum: add lines
2020-03-02 11:07:42 -08:00
David Anderson
9cdaeac00a
go.mod: update wireguard-go version.
...
I accidentally crushed one of crawshaw's patches, fixing this now.
2020-03-01 14:04:10 -08:00
David Anderson
92bae83cc1
go.mod: update wireguard-go commit.
...
Signed-Off-By: David Anderson <dave@natulte.net>
2020-03-01 13:58:09 -08:00
David Crawshaw
719c974c38
go.mod: update wireguard-go version
...
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-01 12:17:10 -05:00
David Anderson
18fb98792b
go.mod: update wireguard-go version.
...
Signed-off-by: David Anderson <dave@natulte.net>
2020-03-01 01:16:07 -08:00
David Anderson
061315acb4
go.mod: update version of wireguard-go.
...
Signed-Off-By: David Anderson <dave@natulte.net>
2020-03-01 00:50:39 -08:00
David Crawshaw
1dbd1babc9
go.mod: use latest wireguard-go version
...
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-02-29 16:08:28 -05:00
David Crawshaw
d5050c37a5
go.mod: use latest wireguard-go version
2020-02-29 11:26:44 -05:00
David Crawshaw
8aa2090919
go.mod: roll forward wireguard-go
...
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-02-28 22:12:05 -05:00
Brad Fitzpatrick
38acccad09
derp: remove some debug noise I left in
...
:(
2020-02-28 13:20:56 -08:00
Brad Fitzpatrick
4cd3e82bbd
go.mod: bump wireguard-go
...
Updates #112
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-28 11:15:07 -08:00
David Crawshaw
06bf0d980e
go.mod: bump wireguard-go version
...
For #110
2020-02-28 06:21:07 -05:00
David Anderson
78654ee1bd
cmd/tailscale: switch to an ffcli based CLI.
...
Two commands for now, `up` and `netcheck`. The commands and the flags they take
will change a bunch in the future, but this is good enough to launch on parity
with relaynode.
Signed-Off-By: David Anderson <dave@natulte.net>
2020-02-28 00:15:25 -08:00
Brad Fitzpatrick
14559340ee
Start of netcheck package & including network state in Hostinfo.
...
* adds new packet "netcheck" to do the checking of UDP, IPv6, and
nearest DERP server, and the Report type for all that (and more
in the future, probably pulling in danderson's natprobe)
* new tailcfg.NetInfo type
* cmd/tailscale netcheck subcommand (tentative name, likely to
change/move) to print out the netcheck.Report.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-27 11:05:27 -08:00
Brad Fitzpatrick
74650d6fb5
go.mod, go.sum: update
2020-02-26 15:19:10 -08:00
David Crawshaw
6d2ac01464
go.mod: bump wireguard-go version
...
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-02-25 17:03:20 -05:00
David Crawshaw
7a3be96199
wgengine: add pinger to generate initial spray packets
...
For 3 seconds after a successful handshake, wgengine will send a
ping packet every 300ms to its peer. This ensures the spray logic
in magicsock has something to spray.
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-02-25 15:09:08 -05:00
David Crawshaw
868cfae84f
wgengine, magicsock: adjust for wireguard-go conn/device package split
...
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-02-24 07:30:14 -05:00
David Crawshaw
8994a59e20
go.mod: update wireguard-go version
...
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-02-23 13:49:21 -05:00
David Crawshaw
ebc70acac7
go.mod: update wireguard-go version
2020-02-21 21:30:00 -05:00
David Anderson
cc44e8a443
cmd/mkpkg: add small wrapper around nfpm to build deb/rpm packages.
...
Signed-Off-By: David Anderson <dave@natulte.net>
2020-02-21 10:45:59 -08:00
Brad Fitzpatrick
88f1cc0c98
derp, cmd/derper: add rate limiting support, add default 5Mbps limit
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-20 15:26:30 -08:00
Brad Fitzpatrick
f266e2d1eb
version: add CmdName func for future use by logpolicy
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
Change-Id: I02a7c907844f71242ef06ed097f2a92ece7ae091
2020-02-19 11:34:45 -08:00
David Crawshaw
431929c09a
go.mod: fix wireguard-go version
2020-02-19 11:48:59 -05:00
David Crawshaw
d0f697ee07
wgengine: update for wgcfg changes
...
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-02-19 11:44:37 -05:00
Tobias Klauser
4d09316f9a
wgengine/monitor: use RTMGRP_* consts from x/sys/unix
...
Bump golang.org/x/sys/unix to get the RTMGRP_* consts and use them.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2020-02-17 14:15:08 -08:00
Brad Fitzpatrick
9dbc52bb5b
go.mod: fix wireguard-go dep
...
Fixes #59
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-15 18:50:05 -08:00
Brad Fitzpatrick
745c8c92b1
wgengine: fix windows build for winipcfg-go
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-12 22:05:13 -08:00
Brad Fitzpatrick
d404f1caed
cmd/tsshd: add basic SSH server
2020-02-12 14:46:59 -08:00
David Anderson
2227ede8af
controlclient: fix staticcheck lint.
...
Signed-off-by: David Anderson <dave@natulte.net>
2020-02-10 23:16:13 -08:00
David Crawshaw
87334fb332
wgengine, controlclient: fewer pointers in wgcfg key types
...
Signed-off-by: David Crawshaw <david@zentus.com>
2020-02-10 22:09:59 -05:00
Earl Lee
a8d8b8719a
Move Linux client & common packages into a public repo.
2020-02-09 09:32:57 -08:00