77b4fe0afa
all: remove "no 1.18 support" failures
...
We have worked around the issue in DERP,
so the vanilla Go 1.18 toolchain now works.
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com >
2022-03-23 13:04:48 -07:00
98984c1a9a
cmd/proxy-to-grafana: fix package doc code snippet
...
Markdown isn't supported.
Change-Id: I8d9bb92260c164dc277afbce624f64fc2faf5125
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-23 12:43:41 -07:00
5fa502b5dc
cmd/proxy-to-grafana: use grafana's authproxy to log in tailnet users ( #4208 )
...
Signed-off-by: Nick O'Neill <nick@tailscale.com >
2022-03-23 11:33:53 -07:00
4fc38888d2
go.mod: bump x/crypto for SSH change
...
(for golang/go#51808)
Updates #3802
Change-Id: Ifbd483c0144b4c86da69143b23b2a06da7672c92
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-23 10:22:16 -07:00
8144c6d87d
tsnet: fail with nice message with go1.18 on darwin
...
Like we did in ead16b24ec#4258
Due to golang/go#51759
Change-Id: I6effcea7c5f2ec264b9711f4c316f8fca09490f1
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-22 20:43:09 -07:00
0861923c21
ssh/tailssh, tailcfg: add more HoldAndDelegate expansions, document
...
Updates #3802
Change-Id: I447f06b49e2a917bffe36881d0634c9195085512
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-22 17:56:45 -07:00
a121b9f263
.github: Bump actions/checkout from 2 to 3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-03-22 16:07:00 -07:00
091ea4a4a5
ssh/tailssh: support placeholders in SSHAction.HoldAndDelegate URL
...
Updates #3802
Change-Id: I60f9827409d14fd4f4824d102ba11db49bf0d365
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-22 16:02:40 -07:00
257d75beb1
.github: Bump actions/setup-go from 2.1.5 to 3
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 2.1.5 to 3.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v2.1.5...v3 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-03-22 15:58:46 -07:00
f2b0faf91e
.github: Bump actions/upload-artifact from 2.3.1 to 3
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 2.3.1 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v2.3.1...v3 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-03-22 15:57:32 -07:00
7fbb6a76ad
.github: Bump actions/cache from 2 to 3
...
Bumps [actions/cache](https://github.com/actions/cache ) from 2 to 3.
- [Release notes](https://github.com/actions/cache/releases )
- [Commits](https://github.com/actions/cache/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-03-22 15:55:50 -07:00
0968b2d55a
prober: support adding key/value labels to probes. ( #4250 )
...
prober: add labels to Probe instances.
This allows especially dynamically-registered probes to have a bunch
more dimensions along which they can be sliced in Prometheus.
Signed-off-by: David Anderson <danderson@tailscale.com >
2022-03-22 13:45:11 -07:00
f3b13604b3
control/controlclient, ipn/ipnlocal, tailcfg: add MapResponse.PopBrowserURL
...
Updates #3802
Change-Id: I89481fc5782a0cc8084354706f8f28d94f197325
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-22 09:37:00 -07:00
3ea6ddbb5f
control/controlbase: use less memory when idle (remove rxState.buf)
...
Uses 4KB less per Conn.
Fixes #4113
Change-Id: I38d25b1cf5ecf45423404a330b7ecab79a9fb176
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-21 17:47:50 -07:00
445c04c938
wgengine: inject packetbuffers rather than bytes ( #4220 )
...
Plumb the outbound injection path to allow passing netstack
PacketBuffers down to the tun Read, where they are decref'd to enable
buffer re-use. This removes one packet alloc & copy, and reduces GC
pressure by pooling outbound injected packets.
Fixes #2741
Signed-off-by: James Tucker <james@tailscale.com >
2022-03-21 14:58:43 -07:00
a09c30aac2
prober: refactor probe state into a Probe struct.
...
Signed-off-by: David Anderson <danderson@tailscale.com >
2022-03-21 13:45:08 -07:00
94aaec5c66
prober: rename Probe to ProbeFunc.
...
Making way for a future Probe struct to encapsulate per-probe state.
Signed-off-by: David Anderson <danderson@tailscale.com >
2022-03-21 13:45:08 -07:00
7b4960316b
tsweb: add PrometheusVar, for vars that want to output varz themselves.
...
This enables the infrequent use of more complex Prometheus types, such as
timeseries with high/irregular label cardinality, without needing to
discover and implement generic abstracted type like LabelMap for each one.
Signed-off-by: David Anderson <danderson@tailscale.com >
2022-03-21 12:33:18 -07:00
f6642e0ece
Makefile: add tidy target
...
Change-Id: I6cd3a6837f9ddfd283f57378465dcefa4d0ada47
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-21 11:06:13 -07:00
73314009d0
go.mod: bump netstack ( #4222 )
...
Primarily this is for f375784d83852b1e3ff20cc9de0648b3c0cf8525 and the
related commits that provide buffer pooling for the endpoint code paths
we use.
Signed-off-by: James Tucker <james@tailscale.com >
2022-03-21 11:01:40 -07:00
f7e976db55
tailcfg, ssh/tailssh: make SSHUser value '=' map ssh-user to same local-user
...
Updates #3802
Change-Id: Icde60d4150ca15c25d615a4effb3d3c236f020a8
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-21 10:49:37 -07:00
21445b56a5
control/controlbase: use less memory when idle (remove txState.buf)
...
Uses 4KB less per Conn.
Updates #4113
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-20 16:35:43 -07:00
bfb4a4d9e9
tsnet: fix format string/argument mismatch in log output
...
Change-Id: Ia7291ea47a289baec6cc6013d63d2f248ae57d9e
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-19 20:24:33 -07:00
19f61607b6
prober: run all probes once on initial registration.
...
Turns out, it's annoying to have to wait the entire interval
before getting any monitorable data, especially for very long
interval probes like hourly/daily checks.
Signed-off-by: David Anderson <danderson@tailscale.com >
2022-03-19 18:54:33 -07:00
e41a3b983c
prober: library to build healthchecking probers.
...
Signed-off-by: David Anderson <danderson@tailscale.com >
2022-03-19 18:38:32 -07:00
f2041c9088
all: use strings.Cut even more
...
Change-Id: I943ce72c6f339589235bddbe10d07799c4e37979
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-19 13:02:38 -07:00
f30473211b
ssh/tailssh: start of implementing optional session recording
...
To asciinema cast format.
Updates #3802
Change-Id: Ifd3ea31922cd2c99068369cb1650e21f2545b0e1
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-19 12:59:51 -07:00
32fd42430b
all: use cibuild.On
...
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com >
2022-03-18 15:19:26 -07:00
b775df0b57
ssh/tailssh_test: skip TestSSH/stdin in CI
...
Updates #4051
Signed-off-by: Maisem Ali <maisem@tailscale.com >
2022-03-18 10:57:12 -07:00
309c0a13a5
tsweb: add FQDN to Port80Handler to allow HTTPS redirects
...
When the request comes in say over http://mon , the current
implementation would rewrite it https://mon which causes the cert
validation to fail. This PR keeps the existing behavior intact but also
allows passing in a FQDN to the handler to reroute to the correct
hostname.
Related to https://github.com/tailscale/tailscale/pull/4208#pullrequestreview-913832340
Signed-off-by: Maisem Ali <maisem@tailscale.com >
2022-03-18 10:16:08 -07:00
7f3d0992aa
Makefile: use ./tool/go everywhere
...
Signed-off-by: Maisem Ali <maisem@tailscale.com >
2022-03-18 10:13:18 -07:00
6e91f872af
net/tshttpproxy: ensure we pass the correct flags to WinHttpOpen on Win7 and Win8.0
...
The best flag to use on Win7 and Win8.0 is deprecated in Win8.1, so we resolve
the flag depending on OS version info.
Fixes https://github.com/tailscale/tailscale/issues/4201
Signed-off-by: Aaron Klotz <aaron@tailscale.com >
2022-03-18 11:05:02 -06:00
1db46919ab
cmd/tailscaled: make build fail nicely on older Go versions
...
Due to a bug in Go (golang/go#51778 ), cmd/go doesn't warn about your
Go version being older than the go.mod's declared Go version in that
case that package loading fails before the build starts, such as when
you use packages that are only in the current version of Go, like our
use of net/netip.
This change works around that Go bug by adding build tags and a
pre-Go1.18-only file that will cause Go 1.17 and earlier to fail like:
$ ~/sdk/go1.17/bin/go install ./cmd/tailscaled
# tailscale.com/cmd/tailscaled
./required_version.go:11:2: undefined: you_need_Go_1_18_to_compile_Tailscale
note: module requires Go 1.18
Change-Id: I39f5820de646703e19dde448dd86a7022252f75c
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-18 08:25:51 -07:00
2a412ac9ee
.github/workflows: work around golang/go#51629
...
Incidentally, simplify the go generate CI workflow, by
marking the dnsfallback update non-hermetic (so CI will
skip it) rather than manually filter it out of `go list`.
Updates #4194
Signed-off-by: David Anderson <danderson@tailscale.com >
2022-03-17 17:22:17 -07:00
18818763d1
derp: set Basic Constraints on metacert
...
See https://github.com/golang/go/issues/51759#issuecomment-1071147836
Once we deploy this, tailscaled should work again for macOS users with
Go 1.18.
Updates golang/go#51759
Change-Id: I869b6ddc556a2de885e96ccf9f335dfc8f6f6a7e
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-17 15:38:21 -07:00
eaf5591953
scripts: install gnupg only when apt-key is needed
...
apt-key depends on gnupg but apt-key itself if not used
on modern systems (APT_KEY_TYPE=keyring).
Signed-off-by: Simon Deziel <simon@sdeziel.info >
2022-03-17 15:11:25 -07:00
bd073b8dd6
types/views: rename Generic to Unwrap
...
Signed-off-by: Maisem Ali <maisem@tailscale.com >
2022-03-17 14:41:57 -07:00
1e12a29806
ssh/tailssh_test: Skip the env test in CI
...
Updates #4051
Signed-off-by: Maisem Ali <maisem@tailscale.com >
2022-03-17 14:34:49 -07:00
0868329936
all: use any instead of interface{}
...
My favorite part of generics.
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com >
2022-03-17 11:35:09 -07:00
5f176f24db
go.mod: upgrade to the latest wireguard-go
...
This pulls in a handful of fixes and an update to Go 1.18.
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com >
2022-03-17 10:59:39 -07:00
2708544018
tsnet: add some usability polish, remove WIP env var restriction
...
Change-Id: Id9ec1713c65cdd597d20b03e21e11cd60b54bb6a
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-17 10:59:21 -07:00
997b19545b
syncs: use TryLock and TryRLock instead of unsafe
...
The docs say:
Note that while correct uses of TryLock do exist, they are rare,
and use of TryLock is often a sign of a deeper problem in a particular use of mutexes.
Rare code! Or bad code! Who can tell!
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com >
2022-03-17 10:57:41 -07:00
ead16b24ec
cmd/tailscaled: fail early with nice error on macOS with go1.18
...
Due to golang/go#51759
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-17 10:41:50 -07:00
9d4ffd135f
go.toolchain.rev: pick up crypto/x509 crash fix
...
68c97fb924josh@tailscale.com >
2022-03-17 10:37:15 -07:00
6b9d938c1a
types/views: add generic Slice[T] and remove StringSlice
...
Also make IPPrefixSliceOf use Slice[netaddr.IPPrefix] as it also
provides additional functions besides the standard ones provided by
Slice[T].
Signed-off-by: Maisem Ali <maisem@tailscale.com >
2022-03-16 22:13:16 -07:00
d8953bf2ba
cmd/derpprobe: don't alert for smaller failures.
...
There is a Cosmic Background level of DERP Unreachability,
with individual nodes or regions becoming unreachable briefly
and returning a short time later. This is due to hosting provider
outages or just the Internet sloshing about.
Returning a 500 error pages a human. Being awoken at 3am for
a transient error is annoying.
For relatively small levels of badness don't page a human,
just post to Slack. If the outage impacts a significant fraction
of the DERP fleet, then page a human.
Signed-off-by: Denton Gentry <dgentry@tailscale.com >
2022-03-16 18:22:22 -07:00
84a2dc3a7e
go.toolchain.rev: update to slightly less forked Go 1.18
...
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com >
2022-03-16 16:10:29 -07:00
8c2cb4b431
go.mod: update to latest certstore
...
It includes a fix to allow us to use Go 1.18.
We can now remove our Tailscale-only build tags.
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com >
2022-03-16 16:10:29 -07:00
61ee72940c
all: use Go 1.18's strings.Cut
...
More remain.
Change-Id: I6ec562cc1f687600758deae1c9d7dbd0d04004cb
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-16 14:53:59 -07:00
1f22507c06
version: use Go 1.18's git stamping as default implementation
...
No more manual version bumps!
Fixes #81
Change-Id: I3a9e544a7248f0b83bcbacbaabbc4dabc435e62d
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2022-03-16 14:53:51 -07:00
