mirrors/tailscale
1
0
Fork 0
Code Issues Pull Requests Projects Wiki Activity
7,030 Commits 1 Branch 0 Tags
ff9c1ebb4a056e4a12e3edff5e5a505b72a8045d
Commit Graph

297 Commits

Author SHA1 Message Date
Brad Fitzpatrick
a1b4ab34e6 util/httpm: add new package for prettier HTTP method constants 
See package doc.

Change-Id: Ibbfc8e1f98294217c56f3a9452bd93ffa3103572
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2023-01-26 19:44:07 -08:00
Harry Bowron
c1daa42c24 client/tailscale/keys: fix client.Keys unmarshalling 
Signed-off-by: Author Name hbowron@gmail.com
Signed-off-by: Harry Bowron <harry@bolt.com>

Fixes #7020
 2023-01-24 12:01:47 +00:00
Brad Fitzpatrick
c8db70fd73 cmd/tailscale/cli: add debug set-expire command for testing 
Updates tailscale/corp#8811
Updates tailscale/corp#8613

Change-Id: I1c87806ca3ccc5c43e7ddbd6b4d521f73f7d29f1
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2023-01-23 19:12:26 -08:00
Brad Fitzpatrick
6edf357b96 all: start groundwork for using capver for localapi & peerapi 
Updates #7015

Change-Id: I3d4c11b42a727a62eaac3262a879f29bb4ce82dd
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2023-01-19 14:53:47 -08:00
Brad Fitzpatrick
b657187a69 cmd/tailscale, logtail: add 'tailscale debug daemon-logs' logtail mechanism 
Fixes #6836

Change-Id: Ia6eb39ff8972e1aa149aeeb63844a97497c2cf04
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2023-01-15 11:23:28 -08:00
David Anderson
c0fcab01ac client/tailscale: fix request object for key creation. 
The request takes key capabilities as an argument, but wrapped in a parent
object.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2022-12-13 13:49:35 -08:00
Dave Anderson
041a0e3c27 client/tailscale: add APIs for auth key management. (#6715) 
client/tailscale: add APIs for key management.

Updates #502.

Signed-off-by: David Anderson <danderson@tailscale.com>
 2022-12-12 16:01:04 -08:00
Jordan Whited
ea5ee6f87c all: update golang.zx2c4.com/wireguard to github.com/tailscale/wireguard-go (#6692) 
This is temporary while we work to upstream performance work in
https://github.com/WireGuard/wireguard-go/pull/64. A replace directive
is less ideal as it breaks dependent code without duplication of the
directive.

Signed-off-by: Jordan Whited <jordan@tailscale.com>
 2022-12-09 15:12:20 -08:00
Tom DNetto
55e0512a05 ipn/ipnlocal,cmd/tailscale: minor improvements to lock modify command 
* Do not print the status at the end of a successful operation
 * Ensure the key of the current node is actually trusted to make these changes

Signed-off-by: Tom DNetto <tom@tailscale.com>
 2022-12-07 10:28:21 -08:00
Tom DNetto
45042a76cd cmd/tailscale,ipn: store disallowed TKA's in prefs, lock local-disable 
Take 2 of https://github.com/tailscale/tailscale/pull/6546

Builds on https://github.com/tailscale/tailscale/pull/6560

Signed-off-by: Tom DNetto <tom@tailscale.com>
 2022-11-29 13:43:38 -08:00
Brad Fitzpatrick
390d1bb871 Revert "ipn,types/persist: store disallowed TKA's in prefs, lock local-disable" 
This reverts commit f1130421f0.

It was submitted with failing tests (go generate checks)

Requires a lot of API changes to fix so rolling back instead of
forward.

Change-Id: I024e8885c0ed44675d3028a662f386dda811f2ad
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-11-29 11:20:26 -08:00
Tom DNetto
f1130421f0 ipn,types/persist: store disallowed TKA's in prefs, lock local-disable 
Signed-off-by: Tom DNetto <tom@tailscale.com>
 2022-11-29 10:31:02 -08:00
Brad Fitzpatrick
0cb2ccce7f safesocket: remove the IPN protocol support 
Updates #6417

Change-Id: I78908633de842d83b2cc8b10a864a0f88ab1b113
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-11-28 20:44:59 -08:00
Tom DNetto
5c8d2fa695 cmd/tailscale,ipn: improve UX of lock init command, cosmetic changes 
Signed-off-by: Tom DNetto <tom@tailscale.com>
 2022-11-28 10:39:04 -08:00
Brad Fitzpatrick
5676d201d6 ipn: add a WatchIPNBus option bit to subscribe to EngineStatus changes 
So GUI clients don't need to poll for it.

We still poll internally (for now!) but that's still cheaper. And will
get much cheaper later, without having to modify clients once they
start sending this bit.

Change-Id: I36647b701c8d1fe197677e5eb76f6894e8ff79f7
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-11-26 15:51:33 -08:00
Brad Fitzpatrick
109aa3b2fb cmd/tailscale: add start of "debug derp" subcommand 
Updates #6526

Change-Id: I84e440a8bd837c383000ce0cec4ff36b24249e8b
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-11-26 15:40:25 -08:00
Brad Fitzpatrick
300aba61a6 ipn, cmd/tailscale/cli: add LocalAPI IPN bus watch, Start, convert CLI 
Updates #6417
Updates tailscale/corp#8051

Change-Id: I1ca360730c45ffaa0261d8422877304277fc5625
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-11-22 13:11:44 -08:00
Tom DNetto
6708f9a93f cmd/tailscale,ipn: implement lock log command 
This commit implements `tailscale lock log [--limit N]`, which displays an ordered list
of changes to network-lock state in a manner familiar to `git log`.

Signed-off-by: Tom DNetto <tom@tailscale.com>
 2022-11-22 10:30:59 -08:00
Brad Fitzpatrick
0f7da5c7dc ipn{,/ipnlocal}, client/tailscale: move Taildrop recv notifications to LocalAPI HTTP method 
Updates #6417

Change-Id: Iec544c477a0e5e9f1c6bf23555afec06255e2e22
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-11-22 08:49:13 -08:00
Maisem Ali
f3519f7b29 cmd/tailscale/cli: add login and switch subcommands 
Updates #713

Signed-off-by: Maisem Ali <maisem@tailscale.com>
 2022-11-17 10:27:56 +05:00
Maisem Ali
1f4669a380 all: standardize on LocalAPI 
Signed-off-by: Maisem Ali <maisem@tailscale.com>
 2022-11-16 23:15:24 +05:00
Maisem Ali
22238d897b all: standardize on PeerAPI 
Signed-off-by: Maisem Ali <maisem@tailscale.com>
 2022-11-16 22:49:13 +05:00
Brad Fitzpatrick
976e88d430 client/tailscale/apitype: add LocalAPIHost const, use it 
Removes duplication.

Updates tailcale/corp#7948

Change-Id: I564c912ecfde31ba2293124bb1316e433c2a10f1
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-11-16 08:07:51 -08:00
Tom DNetto
3271daf7a3 cmd/tailscale,ipn: support disablement args in lock cli, implement disable 
* Support specifiying disablement values in lock init command
 * Support specifying rotation key in lock sign command
 * Implement lock disable command
 * Implement disablement-kdf command

Signed-off-by: Tom DNetto <tom@tailscale.com>
 2022-11-14 19:22:33 +00:00
Brad Fitzpatrick
329a0a8406 client/tailscale: remove some json.Unmarshal repetition, add helper 
Change-Id: I73ece09895ad04c7d8c4a5673f9bd360be873b9f
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-11-10 21:54:56 -08:00
Brad Fitzpatrick
f4a522fd67 client/tailscale: make a helper for json.Marshal'ed request bodies 
Change-Id: I59eb1643addf8793856089690407fb45053c8e4d
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-11-10 20:47:51 -08:00
Brad Fitzpatrick
69e4b8a359 client/tailscale: document ServeConfig accessors a bit more 
Updates tailscale/corp#7515

Change-Id: Iecae581e4b34ce70b2df531bc95c6c390a398c38
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-11-10 20:38:07 -08:00
shayne
e3a66e4d2f ipn/localapi: introduce get/set config for serve (#6243) 
Updates tailscale/corp#7515

Signed-off-by: Shayne Sweeney <shayne@tailscale.com>
 2022-11-10 22:58:40 -05:00
Mihai Parparita
7a07bc654b ipn/localapi: rename /profile to /pprof 
Avoids name collision with profiles for user switching.

Signed-off-by: Mihai Parparita <mihai@tailscale.com>
 2022-11-10 12:02:16 -08:00
Brad Fitzpatrick
5bb7e0307c cmd/tailscale, ipn/ipnlocal: add debug command to write to StateStore for dev 
Not for end users (unless directed by support). Mostly for ease of
development for some upcoming webserver work.

Change-Id: I43acfed217514567acb3312367b24d620e739f88
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-11-07 15:34:43 -08:00
Brad Fitzpatrick
da8def8e13 all: remove old +build tags 
The //go:build syntax was introduced in Go 1.17:

https://go.dev/doc/go1.17#build-lines

gofmt has kept the +build and go:build lines in sync since
then, but enough time has passed. Time to remove them.

Done with:

    perl -i -npe 's,^// \+build.*\n,,' $(git grep -l -F '+build')

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-11-04 07:25:42 -07:00
Tom DNetto
0af57fce4c cmd/tailscale,ipn: implement lock sign command 
Signed-off-by: Tom DNetto <tom@tailscale.com>
 2022-11-02 15:00:01 -05:00
Brad Fitzpatrick
910db02652 client/tailscale, tsnet, ipn/ipnlocal: prove nodekey ownership over noise 
Fixes #5972

Change-Id: Ic33a93d3613ac5dbf172d6a8a459ca06a7f9e547
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-11-02 09:22:26 -07:00
Tom DNetto
d98305c537 cmd,ipn/ipnlocal,tailcfg: implement TKA disablement 
* Plumb disablement values through some of the internals of TKA enablement.
 * Transmit the node's TKA hash at the end of sync so the control plane understands each node's head.
 * Implement /machine/tka/disable RPC to actuate disablement on the control plane.

There is a partner PR for the control server I'll send shortly.

Signed-off-by: Tom DNetto <tom@tailscale.com>
 2022-10-31 11:05:44 -05:00
Brad Fitzpatrick
ea24895e08 client/tailscale/apitype, tailcfg: delete never used mysterious PerDomain field 
It does nothing and never did and I don't think anybody remembers what
the original goal for it was.

Updates #5229 (fixes, but need to clean it up in another repo too)

Change-Id: I81cc6ff44d6d2888bc43e9145437f4c407907ea6
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-10-30 20:46:36 -07:00
Maisem Ali
630bcb5b67 tsnet,client/tailscale: add APIClient which runs API over Noise. 
Updates tailscale/corp#4383

Signed-off-by: Maisem Ali <maisem@tailscale.com>
 2022-10-17 11:37:17 -07:00
Andrew Dunham
c32f9f5865 cmd/tailscale, ipn: enable debug logs when --report flag is passed to bugreport (#5830) 
Change-Id: Id22e9f4a2dcf35cecb9cd19dd844389e38c922ec
Signed-off-by: Andrew Dunham <andrew@tailscale.com>
 2022-10-15 13:31:35 -04:00
Brad Fitzpatrick
1841d0bf98 wgengine/magicsock: make debug-level stuff not logged by default 
And add a CLI/localapi and c2n mechanism to enable it for a fixed
amount of time.

Updates #1548

Change-Id: I71674aaf959a9c6761ff33bbf4a417ffd42195a7
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-10-04 11:05:50 -07:00
Josh Soref
d4811f11a0 all: fix spelling mistakes 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-09-29 13:36:13 -07:00
Adrian Dewhurst
c581ce7b00 cmd/tailscale, client, ipn, tailcfg: add network lock modify command 
Signed-off-by: Adrian Dewhurst <adrian@tailscale.com>
 2022-09-29 11:28:47 -07:00
Andrew Dunham
b1867457a6 doctor: add package for running in-depth healthchecks; use in bugreport (#5413) 
Change-Id: Iaa4e5b021a545447f319cfe8b3da2bd3e5e5782b
Signed-off-by: Andrew Dunham <andrew@du.nham.ca>
 2022-09-26 13:07:28 -04:00
Eng Zer Jun
f0347e841f refactor: move from io/ioutil to io and os packages 
The io/ioutil package has been deprecated as of Go 1.16 [1]. This commit
replaces the existing io/ioutil functions with their new definitions in
io and os packages.

Reference: https://golang.org/doc/go1.16#ioutil
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
 2022-09-15 21:45:53 -07:00
Tom DNetto
facafd8819 client,cmd/tailscale,ipn,tka,types: implement tka initialization flow 
This PR implements the client-side of initializing network-lock with the
Coordination server.

Signed-off-by: Tom DNetto <tom@tailscale.com>
 2022-08-22 11:35:16 -07:00
Brad Fitzpatrick
e1309e1323 all: require Go 1.19 
Updates #5210

Change-Id: I2e950b4776636b4ea89b6566b60e4a87596a3a43
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-08-02 11:49:01 -07:00
Brad Fitzpatrick
a12aad6b47 all: convert more code to use net/netip directly 
perl -i -npe 's,netaddr.IPPrefixFrom,netip.PrefixFrom,' $(git grep -l -F netaddr.)
    perl -i -npe 's,netaddr.IPPortFrom,netip.AddrPortFrom,' $(git grep -l -F netaddr. )
    perl -i -npe 's,netaddr.IPPrefix,netip.Prefix,g' $(git grep -l -F netaddr. )
    perl -i -npe 's,netaddr.IPPort,netip.AddrPort,g' $(git grep -l -F netaddr. )
    perl -i -npe 's,netaddr.IP\b,netip.Addr,g' $(git grep -l -F netaddr. )
    perl -i -npe 's,netaddr.IPv6Raw\b,netip.AddrFrom16,g' $(git grep -l -F netaddr. )
    goimports -w .

Then delete some stuff from the net/netaddr shim package which is no
longer neeed.

Updates #5162

Change-Id: Ia7a86893fe21c7e3ee1ec823e8aba288d4566cd8
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-07-25 21:53:49 -07:00
Brad Fitzpatrick
6a396731eb all: use various net/netip parse funcs directly 
Mechanical change with perl+goimports.

Changed {Must,}Parse{IP,IPPrefix,IPPort} to their netip variants, then
goimports -d .

Finally, removed the net/netaddr wrappers, to prevent future use.

Updates #5162

Change-Id: I59c0e38b5fbca5a935d701645789cddf3d7863ad
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-07-25 21:12:28 -07:00
Brad Fitzpatrick
7eaf5e509f net/netaddr: start migrating to net/netip via new netaddr adapter package 
Updates #5162

Change-Id: Id7bdec303b25471f69d542f8ce43805328d56c12
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-07-25 16:20:43 -07:00
Maisem Ali
2d65c1a950 client/tailscale: update ACLRow and ACLTest with new ACL fields 
Signed-off-by: Maisem Ali <maisem@tailscale.com>
Co-authored-by: Will Norris <will@tailscale.com>
 2022-06-24 12:20:08 -07:00
Brad Fitzpatrick
c4f06ef7be client/tailscale: fix ExpandSNIName on non-default LocalClient 
It was using a mix.

Found by @maisem.

Change-Id: Ieb79d78608474ac13c2f44e0f3d8997a5665eb13
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-05-05 12:22:38 -07:00
Brad Fitzpatrick
3e1f2d01f7 ipn/ipnlocal: move Ping method from IPN bus to LocalBackend (HTTP) 
Change-Id: I61759f1dae8d9d446353db54c8b1e13bfffb3287
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2022-05-03 15:59:19 -07:00