TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2024-11-29 04:55:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
e9b98dd2e1
tailscale/tailcfg/tailcfg_test.go
Brad Fitzpatrick 45a3de14a6 cmd/tailscaled, tailcfg, hostinfo: add flag to disable logging + support 
As noted in #5617, our documented method of blocking log.tailscale.io
DNS no longer works due to bootstrap DNS.

Instead, provide an explicit flag (--no-logs-no-support) and/or env
variable (TS_NO_LOGS_NO_SUPPORT=true) to explicitly disable logcatcher
uploads. It also sets a bit on Hostinfo to say that the node is in that
mode so we can end any support tickets from such nodes more quickly.

This does not yet provide an easy mechanism for users on some
platforms (such as Windows, macOS, Synology) to set flags/env. On
Linux you'd used /etc/default/tailscaled typically. Making it easier
to set flags for other platforms is tracked in #5114.

Fixes #5617
Fixes tailscale/corp#1475

Change-Id: I72404e1789f9e56ec47f9b7021b44c025f7a373a
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-09-13 11:47:36 -07:00

696 lines
13 KiB
Go
Raw Blame History

// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package tailcfg
import (
"encoding"
"encoding/json"
"net/netip"
"os"
"reflect"
"regexp"
"strconv"
"strings"
"testing"
"time"
"tailscale.com/tstest"
"tailscale.com/types/key"
"tailscale.com/util/must"
"tailscale.com/version"
)
func fieldsOf(t reflect.Type) (fields []string) {
for i := 0; i < t.NumField(); i++ {
fields = append(fields, t.Field(i).Name)
}
return
}
func TestHostinfoEqual(t *testing.T) {
hiHandles := []string{
"IPNVersion",
"FrontendLogID",
"BackendLogID",
"OS",
"OSVersion",
"Container",
"Env",
"Distro",
"DistroVersion",
"DistroCodeName",
"Desktop",
"Package",
"DeviceModel",
"Hostname",
"ShieldsUp",
"ShareeNode",
"NoLogsNoSupport",
"GoArch",
"GoVersion",
"RoutableIPs",
"RequestTags",
"Services",
"NetInfo",
"SSH_HostKeys",
"Cloud",
"Userspace",
"UserspaceRouter",
}
if have := fieldsOf(reflect.TypeOf(Hostinfo{})); !reflect.DeepEqual(have, hiHandles) {
t.Errorf("Hostinfo.Equal check might be out of sync\nfields: %q\nhandled: %q\n",
have, hiHandles)
}
nets := func(strs ...string) (ns []netip.Prefix) {
for _, s := range strs {
n, err := netip.ParsePrefix(s)
if err != nil {
panic(err)
}
ns = append(ns, n)
}
return ns
}
tests := []struct {
a, b *Hostinfo
want bool
}{
{
nil,
nil,
true,
},
{
&Hostinfo{},
nil,
false,
},
{
nil,
&Hostinfo{},
false,
},
{
&Hostinfo{},
&Hostinfo{},
true,
},
{
&Hostinfo{IPNVersion: "1"},
&Hostinfo{IPNVersion: "2"},
false,
},
{
&Hostinfo{IPNVersion: "2"},
&Hostinfo{IPNVersion: "2"},
true,
},
{
&Hostinfo{FrontendLogID: "1"},
&Hostinfo{FrontendLogID: "2"},
false,
},
{
&Hostinfo{FrontendLogID: "2"},
&Hostinfo{FrontendLogID: "2"},
true,
},
{
&Hostinfo{BackendLogID: "1"},
&Hostinfo{BackendLogID: "2"},
false,
},
{
&Hostinfo{BackendLogID: "2"},
&Hostinfo{BackendLogID: "2"},
true,
},
{
&Hostinfo{OS: "windows"},
&Hostinfo{OS: "linux"},
false,
},
{
&Hostinfo{OS: "windows"},
&Hostinfo{OS: "windows"},
true,
},
{
&Hostinfo{Hostname: "vega"},
&Hostinfo{Hostname: "iris"},
false,
},
{
&Hostinfo{Hostname: "vega"},
&Hostinfo{Hostname: "vega"},
true,
},
{
&Hostinfo{RoutableIPs: nil},
&Hostinfo{RoutableIPs: nets("10.0.0.0/16")},
false,
},
{
&Hostinfo{RoutableIPs: nets("10.1.0.0/16", "192.168.1.0/24")},
&Hostinfo{RoutableIPs: nets("10.2.0.0/16", "192.168.2.0/24")},
false,
},
{
&Hostinfo{RoutableIPs: nets("10.1.0.0/16", "192.168.1.0/24")},
&Hostinfo{RoutableIPs: nets("10.1.0.0/16", "192.168.2.0/24")},
false,
},
{
&Hostinfo{RoutableIPs: nets("10.1.0.0/16", "192.168.1.0/24")},
&Hostinfo{RoutableIPs: nets("10.1.0.0/16", "192.168.1.0/24")},
true,
},
{
&Hostinfo{RequestTags: []string{"abc", "def"}},
&Hostinfo{RequestTags: []string{"abc", "def"}},
true,
},
{
&Hostinfo{RequestTags: []string{"abc", "def"}},
&Hostinfo{RequestTags: []string{"abc", "123"}},
false,
},
{
&Hostinfo{RequestTags: []string{}},
&Hostinfo{RequestTags: []string{"abc"}},
false,
},
{
&Hostinfo{Services: []Service{{Proto: TCP, Port: 1234, Description: "foo"}}},
&Hostinfo{Services: []Service{{Proto: UDP, Port: 2345, Description: "bar"}}},
false,
},
{
&Hostinfo{Services: []Service{{Proto: TCP, Port: 1234, Description: "foo"}}},
&Hostinfo{Services: []Service{{Proto: TCP, Port: 1234, Description: "foo"}}},
true,
},
{
&Hostinfo{ShareeNode: true},
&Hostinfo{},
false,
},
{
&Hostinfo{SSH_HostKeys: []string{"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO.... root@bar"}},
&Hostinfo{},
false,
},
}
for i, tt := range tests {
got := tt.a.Equal(tt.b)
if got != tt.want {
t.Errorf("%d. Equal = %v; want %v", i, got, tt.want)
}
}
}
func TestHostinfoHowEqual(t *testing.T) {
tests := []struct {
a, b *Hostinfo
want []string
}{
{
a: nil,
b: nil,
want: nil,
},
{
a: new(Hostinfo),
b: nil,
want: []string{"nil"},
},
{
a: nil,
b: new(Hostinfo),
want: []string{"nil"},
},
{
a: new(Hostinfo),
b: new(Hostinfo),
want: nil,
},
{
a: &Hostinfo{
IPNVersion: "1",
ShieldsUp: false,
RoutableIPs: []netip.Prefix{netip.MustParsePrefix("1.2.3.0/24")},
},
b: &Hostinfo{
IPNVersion: "2",
ShieldsUp: true,
RoutableIPs: []netip.Prefix{netip.MustParsePrefix("1.2.3.0/25")},
},
want: []string{"IPNVersion", "ShieldsUp", "RoutableIPs"},
},
{
a: &Hostinfo{
IPNVersion: "1",
},
b: &Hostinfo{
IPNVersion: "2",
NetInfo: new(NetInfo),
},
want: []string{"IPNVersion", "NetInfo.nil"},
},
{
a: &Hostinfo{
IPNVersion: "1",
NetInfo: &NetInfo{
WorkingIPv6: "true",
HavePortMap: true,
LinkType: "foo",
PreferredDERP: 123,
DERPLatency: map[string]float64{
"foo": 1.0,
},
},
},
b: &Hostinfo{
IPNVersion: "2",
NetInfo: &NetInfo{},
},
want: []string{"IPNVersion", "NetInfo.WorkingIPv6", "NetInfo.HavePortMap", "NetInfo.PreferredDERP", "NetInfo.LinkType", "NetInfo.DERPLatency"},
},
}
for i, tt := range tests {
got := tt.a.HowUnequal(tt.b)
if !reflect.DeepEqual(got, tt.want) {
t.Errorf("%d. got %q; want %q", i, got, tt.want)
}
}
}
func TestHostinfoTailscaleSSHEnabled(t *testing.T) {
tests := []struct {
hi *Hostinfo
want bool
}{
{
nil,
false,
},
{
&Hostinfo{},
false,
},
{
&Hostinfo{SSH_HostKeys: []string{"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO.... root@bar"}},
true,
},
}
for i, tt := range tests {
got := tt.hi.TailscaleSSHEnabled()
if got != tt.want {
t.Errorf("%d. got %v; want %v", i, got, tt.want)
}
}
}
func TestNodeEqual(t *testing.T) {
nodeHandles := []string{
"ID", "StableID", "Name", "User", "Sharer",
"Key", "KeyExpiry", "KeySignature", "Machine", "DiscoKey",
"Addresses", "AllowedIPs", "Endpoints", "DERP", "Hostinfo",
"Created", "Tags", "PrimaryRoutes",
"LastSeen", "Online", "KeepAlive", "MachineAuthorized",
"Capabilities",
"ComputedName", "computedHostIfDifferent", "ComputedNameWithHost",
}
if have := fieldsOf(reflect.TypeOf(Node{})); !reflect.DeepEqual(have, nodeHandles) {
t.Errorf("Node.Equal check might be out of sync\nfields: %q\nhandled: %q\n",
have, nodeHandles)
}
n1 := key.NewNode().Public()
m1 := key.NewMachine().Public()
now := time.Now()
tests := []struct {
a, b *Node
want bool
}{
{
&Node{},
nil,
false,
},
{
nil,
&Node{},
false,
},
{
&Node{},
&Node{},
true,
},
{
&Node{},
&Node{},
true,
},
{
&Node{ID: 1},
&Node{},
false,
},
{
&Node{ID: 1},
&Node{ID: 1},
true,
},
{
&Node{StableID: "node-abcd"},
&Node{},
false,
},
{
&Node{StableID: "node-abcd"},
&Node{StableID: "node-abcd"},
true,
},
{
&Node{User: 0},
&Node{User: 1},
false,
},
{
&Node{User: 1},
&Node{User: 1},
true,
},
{
&Node{Key: n1},
&Node{Key: key.NewNode().Public()},
false,
},
{
&Node{Key: n1},
&Node{Key: n1},
true,
},
{
&Node{KeyExpiry: now},
&Node{KeyExpiry: now.Add(60 * time.Second)},
false,
},
{
&Node{KeyExpiry: now},
&Node{KeyExpiry: now},
true,
},
{
&Node{Machine: m1},
&Node{Machine: key.NewMachine().Public()},
false,
},
{
&Node{Machine: m1},
&Node{Machine: m1},
true,
},
{
&Node{Addresses: []netip.Prefix{}},
&Node{Addresses: nil},
false,
},
{
&Node{Addresses: []netip.Prefix{}},
&Node{Addresses: []netip.Prefix{}},
true,
},
{
&Node{AllowedIPs: []netip.Prefix{}},
&Node{AllowedIPs: nil},
false,
},
{
&Node{Addresses: []netip.Prefix{}},
&Node{Addresses: []netip.Prefix{}},
true,
},
{
&Node{Endpoints: []string{}},
&Node{Endpoints: nil},
false,
},
{
&Node{Endpoints: []string{}},
&Node{Endpoints: []string{}},
true,
},
{
&Node{Hostinfo: (&Hostinfo{Hostname: "alice"}).View()},
&Node{Hostinfo: (&Hostinfo{Hostname: "bob"}).View()},
false,
},
{
&Node{Hostinfo: (&Hostinfo{}).View()},
&Node{Hostinfo: (&Hostinfo{}).View()},
true,
},
{
&Node{Created: now},
&Node{Created: now.Add(60 * time.Second)},
false,
},
{
&Node{Created: now},
&Node{Created: now},
true,
},
{
&Node{LastSeen: &now},
&Node{LastSeen: nil},
false,
},
{
&Node{LastSeen: &now},
&Node{LastSeen: &now},
true,
},
{
&Node{DERP: "foo"},
&Node{DERP: "bar"},
false,
},
{
&Node{Tags: []string{"tag:foo"}},
&Node{Tags: []string{"tag:foo"}},
true,
},
{
&Node{Tags: []string{"tag:foo", "tag:bar"}},
&Node{Tags: []string{"tag:bar"}},
false,
},
{
&Node{Tags: []string{"tag:foo"}},
&Node{Tags: []string{"tag:bar"}},
false,
},
{
&Node{Tags: []string{"tag:foo"}},
&Node{},
false,
},
}
for i, tt := range tests {
got := tt.a.Equal(tt.b)
if got != tt.want {
t.Errorf("%d. Equal = %v; want %v", i, got, tt.want)
}
}
}
func TestNetInfoFields(t *testing.T) {
handled := []string{
"MappingVariesByDestIP",
"HairPinning",
"WorkingIPv6",
"OSHasIPv6",
"WorkingUDP",
"WorkingICMPv4",
"HavePortMap",
"UPnP",
"PMP",
"PCP",
"PreferredDERP",
"LinkType",
"DERPLatency",
}
if have := fieldsOf(reflect.TypeOf(NetInfo{})); !reflect.DeepEqual(have, handled) {
t.Errorf("NetInfo.Clone/BasicallyEqually check might be out of sync\nfields: %q\nhandled: %q\n",
have, handled)
}
}
type keyIn interface {
String() string
MarshalText() ([]byte, error)
}
func testKey(t *testing.T, prefix string, in keyIn, out encoding.TextUnmarshaler) {
got, err := in.MarshalText()
if err != nil {
t.Fatal(err)
}
if err := out.UnmarshalText(got); err != nil {
t.Fatal(err)
}
if s := in.String(); string(got) != s {
t.Errorf("MarshalText = %q != String %q", got, s)
}
if !strings.HasPrefix(string(got), prefix) {
t.Errorf("%q didn't start with prefix %q", got, prefix)
}
if reflect.ValueOf(out).Elem().Interface() != in {
t.Errorf("mismatch after unmarshal")
}
}
func TestCloneUser(t *testing.T) {
tests := []struct {
name string
u *User
}{
{"nil_logins", &User{}},
{"zero_logins", &User{Logins: make([]LoginID, 0)}},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
u2 := tt.u.Clone()
if !reflect.DeepEqual(tt.u, u2) {
t.Errorf("not equal")
}
})
}
}
func TestCloneNode(t *testing.T) {
tests := []struct {
name string
v *Node
}{
{"nil_fields", &Node{}},
{"zero_fields", &Node{
Addresses: make([]netip.Prefix, 0),
AllowedIPs: make([]netip.Prefix, 0),
Endpoints: make([]string, 0),
}},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
v2 := tt.v.Clone()
if !reflect.DeepEqual(tt.v, v2) {
t.Errorf("not equal")
}
})
}
}
func TestUserProfileJSONMarshalForMac(t *testing.T) {
// Old macOS clients had a bug where they required
// UserProfile.Roles to be non-null. Lock that in
// 1.0.x/1.2.x clients are gone in the wild.
// See mac commit 0242c08a2ca496958027db1208f44251bff8488b (Sep 30).
// It was fixed in at least 1.4.x, and perhaps 1.2.x.
j, err := json.Marshal(UserProfile{})
if err != nil {
t.Fatal(err)
}
const wantSub = `"Roles":[]`
if !strings.Contains(string(j), wantSub) {
t.Fatalf("didn't contain %#q; got: %s", wantSub, j)
}
// And back:
var up UserProfile
if err := json.Unmarshal(j, &up); err != nil {
t.Fatalf("Unmarshal: %v", err)
}
}
func TestEndpointTypeMarshal(t *testing.T) {
eps := []EndpointType{
EndpointUnknownType,
EndpointLocal,
EndpointSTUN,
EndpointPortmapped,
EndpointSTUN4LocalPort,
}
got, err := json.Marshal(eps)
if err != nil {
t.Fatal(err)
}
const want = `[0,1,2,3,4]`
if string(got) != want {
t.Errorf("got %s; want %s", got, want)
}
}
var sinkBytes []byte
func BenchmarkKeyMarshalText(b *testing.B) {
b.ReportAllocs()
var k [32]byte
for i := 0; i < b.N; i++ {
sinkBytes = keyMarshalText("prefix", k)
}
}
func TestAppendKeyAllocs(t *testing.T) {
if version.IsRace() {
t.Skip("skipping in race detector") // append(b, make([]byte, N)...) not optimized in compiler with race
}
var k [32]byte
err := tstest.MinAllocsPerRun(t, 1, func() {
sinkBytes = keyMarshalText("prefix", k)
})
if err != nil {
t.Fatal(err)
}
}
func TestRegisterRequestNilClone(t *testing.T) {
var nilReq *RegisterRequest
got := nilReq.Clone()
if got != nil {
t.Errorf("got = %v; want nil", got)
}
}
// Tests that CurrentCapabilityVersion is bumped when the comment block above it gets bumped.
// We've screwed this up several times.
func TestCurrentCapabilityVersion(t *testing.T) {
f := must.Get(os.ReadFile("tailcfg.go"))
matches := regexp.MustCompile(`(?m)^//[\s-]+(\d+): \d\d\d\d-\d\d-\d\d: `).FindAllStringSubmatch(string(f), -1)
max := 0
for _, m := range matches {
n := must.Get(strconv.Atoi(m[1]))
if n > max {
max = n
}
}
if CapabilityVersion(max) != CurrentCapabilityVersion {
t.Errorf("CurrentCapabilityVersion = %d; want %d", CurrentCapabilityVersion, max)
}
}
Reference in New Issue View Git Blame Copy Permalink