diff --git a/chirp/chirp_test.go b/chirp/chirp_test.go index 48c4b45fe..eff4d4721 100644 --- a/chirp/chirp_test.go +++ b/chirp/chirp_test.go @@ -106,10 +106,10 @@ func TestChirp(t *testing.T) { t.Fatal(err) } if err := c.EnableProtocol("rando"); err == nil { - t.Fatalf("enabling %q succeded", "rando") + t.Fatalf("enabling %q succeeded", "rando") } if err := c.DisableProtocol("rando"); err == nil { - t.Fatalf("disabling %q succeded", "rando") + t.Fatalf("disabling %q succeeded", "rando") } } diff --git a/client/tailscale/acl.go b/client/tailscale/acl.go index f54783768..75ccb28ab 100644 --- a/client/tailscale/acl.go +++ b/client/tailscale/acl.go @@ -459,7 +459,7 @@ func (c *Client) ValidateACLJSON(ctx context.Context, source, dest string) (test } if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("control api responsed with %d status code", resp.StatusCode) + return nil, fmt.Errorf("control api responded with %d status code", resp.StatusCode) } // The test ran without fail diff --git a/client/tailscale/localclient.go b/client/tailscale/localclient.go index 625d9cdc0..da64dcbb9 100644 --- a/client/tailscale/localclient.go +++ b/client/tailscale/localclient.go @@ -674,14 +674,14 @@ func (lc *LocalClient) GetCertificate(hi *tls.ClientHelloInfo) (*tls.Certificate return &cert, nil } -// ExpandSNIName expands bare label name into the the most likely actual TLS cert name. +// ExpandSNIName expands bare label name into the most likely actual TLS cert name. // // Deprecated: use LocalClient.ExpandSNIName. func ExpandSNIName(ctx context.Context, name string) (fqdn string, ok bool) { return defaultLocalClient.ExpandSNIName(ctx, name) } -// ExpandSNIName expands bare label name into the the most likely actual TLS cert name. +// ExpandSNIName expands bare label name into the most likely actual TLS cert name. func (lc *LocalClient) ExpandSNIName(ctx context.Context, name string) (fqdn string, ok bool) { st, err := lc.StatusWithoutPeers(ctx) if err != nil { diff --git a/client/tailscale/tailscale.go b/client/tailscale/tailscale.go index d8a8b3c17..626532e72 100644 --- a/client/tailscale/tailscale.go +++ b/client/tailscale/tailscale.go @@ -115,7 +115,7 @@ func (c *Client) Do(req *http.Request) (*http.Response, error) { return c.httpClient().Do(req) } -// sendRequest add the authenication key to the request and sends it. It +// sendRequest add the authentication key to the request and sends it. It // receives the response and reads up to 10MB of it. func (c *Client) sendRequest(req *http.Request) ([]byte, *http.Response, error) { if !I_Acknowledge_This_API_Is_Unstable { diff --git a/cmd/derper/websocket.go b/cmd/derper/websocket.go index c44ca5e91..32258ae87 100644 --- a/cmd/derper/websocket.go +++ b/cmd/derper/websocket.go @@ -23,7 +23,7 @@ func addWebSocketSupport(s *derp.Server, base http.Handler) http.Handler { up := strings.ToLower(r.Header.Get("Upgrade")) // Very early versions of Tailscale set "Upgrade: WebSocket" but didn't actually - // speak WebSockets (they still assumed DERP's binary framining). So to distinguish + // speak WebSockets (they still assumed DERP's binary framing). So to distinguish // clients that actually want WebSockets, look for an explicit "derp" subprotocol. if up != "websocket" || !strings.Contains(r.Header.Get("Sec-Websocket-Protocol"), "derp") { base.ServeHTTP(w, r) diff --git a/cmd/tailscale/cli/bugreport.go b/cmd/tailscale/cli/bugreport.go index 666959239..6c069d388 100644 --- a/cmd/tailscale/cli/bugreport.go +++ b/cmd/tailscale/cli/bugreport.go @@ -36,7 +36,7 @@ func runBugReport(ctx context.Context, args []string) error { case 1: note = args[0] default: - return errors.New("unknown argumets") + return errors.New("unknown arguments") } logMarker, err := localClient.BugReportWithOpts(ctx, tailscale.BugReportOpts{ Note: note, diff --git a/cmd/tailscale/cli/cli_test.go b/cmd/tailscale/cli/cli_test.go index 5afa199e0..1b2371b39 100644 --- a/cmd/tailscale/cli/cli_test.go +++ b/cmd/tailscale/cli/cli_test.go @@ -410,7 +410,7 @@ func TestCheckForAccidentalSettingReverts(t *testing.T) { want: accidentalUpPrefix + " --hostname=foo --exit-node=100.64.5.7", }, { - name: "error_exit_node_and_allow_lan_omit_with_id_pref", // Isue 3480 + name: "error_exit_node_and_allow_lan_omit_with_id_pref", // Issue 3480 flags: []string{"--hostname=foo"}, curExitNodeIP: netip.MustParseAddr("100.2.3.4"), curPrefs: &ipn.Prefs{ @@ -448,7 +448,7 @@ func TestCheckForAccidentalSettingReverts(t *testing.T) { }, { // Issue 3176: on Synology, don't require --accept-routes=false because user - // migth've had old an install, and we don't support --accept-routes anyway. + // might've had an old install, and we don't support --accept-routes anyway. name: "synology_permit_omit_accept_routes", flags: []string{"--hostname=foo"}, curPrefs: &ipn.Prefs{ diff --git a/cmd/tailscale/cli/ssh_exec_windows.go b/cmd/tailscale/cli/ssh_exec_windows.go index 88722734f..8a67a20f9 100644 --- a/cmd/tailscale/cli/ssh_exec_windows.go +++ b/cmd/tailscale/cli/ssh_exec_windows.go @@ -13,7 +13,7 @@ import ( func findSSH() (string, error) { // use C:\Windows\System32\OpenSSH\ssh.exe since unexpected behavior - // occured with ssh.exe provided by msys2/cygwin and other environments. + // occurred with ssh.exe provided by msys2/cygwin and other environments. if systemRoot := os.Getenv("SystemRoot"); systemRoot != "" { exe := filepath.Join(systemRoot, "System32", "OpenSSH", "ssh.exe") if st, err := os.Stat(exe); err == nil && !st.IsDir() { diff --git a/cmd/tailscaled/tailscaled.go b/cmd/tailscaled/tailscaled.go index 504a0b47d..97785530c 100644 --- a/cmd/tailscaled/tailscaled.go +++ b/cmd/tailscaled/tailscaled.go @@ -88,7 +88,7 @@ func defaultTunName() string { // see https://github.com/tailscale/tailscale/issues/391 // // But Gokrazy does have the tun module built-in, so users - // can stil run --tun=tailscale0 if they wish, if they + // can still run --tun=tailscale0 if they wish, if they // arrange for iptables to be present or run in "tailscale // up --netfilter-mode=off" mode, perhaps. Untested. return "userspace-networking" @@ -158,7 +158,7 @@ func main() { flag.StringVar(&args.httpProxyAddr, "outbound-http-proxy-listen", "", `optional [ip]:port to run an outbound HTTP proxy (e.g. "localhost:8080")`) flag.StringVar(&args.tunname, "tun", defaultTunName(), `tunnel interface name; use "userspace-networking" (beta) to not use TUN`) flag.Var(flagtype.PortValue(&args.port, defaultPort()), "port", "UDP port to listen on for WireGuard and peer-to-peer traffic; 0 means automatically select") - flag.StringVar(&args.statepath, "state", "", "absolute path of state file; use 'kube:' to use Kubernetes secrets or 'arn:aws:ssm:...' to store in AWS SSM; use 'mem:' to not store state and register as an emphemeral node. If empty and --statedir is provided, the default is /tailscaled.state. Default: "+paths.DefaultTailscaledStateFile()) + flag.StringVar(&args.statepath, "state", "", "absolute path of state file; use 'kube:' to use Kubernetes secrets or 'arn:aws:ssm:...' to store in AWS SSM; use 'mem:' to not store state and register as an ephemeral node. If empty and --statedir is provided, the default is /tailscaled.state. Default: "+paths.DefaultTailscaledStateFile()) flag.StringVar(&args.statedir, "statedir", "", "path to directory for storage of config state, TLS certs, temporary incoming Taildrop files, etc. If empty, it's derived from --state when possible.") flag.StringVar(&args.socketpath, "socket", paths.DefaultTailscaledSocket(), "path of the service unix socket") flag.StringVar(&args.birdSocketPath, "bird-socket", "", "path of the bird unix socket") diff --git a/cmd/tailscaled/tailscaled_windows.go b/cmd/tailscaled/tailscaled_windows.go index 1e672eecb..bcb6fbfd0 100644 --- a/cmd/tailscaled/tailscaled_windows.go +++ b/cmd/tailscaled/tailscaled_windows.go @@ -193,7 +193,7 @@ func beWindowsSubprocess() bool { } logid := os.Args[2] - // Remove the date/time prefix; the logtail + file logggers add it. + // Remove the date/time prefix; the logtail + file loggers add it. log.SetFlags(0) log.Printf("Program starting: v%v: %#v", version.Long, os.Args) diff --git a/cmd/tsconnect/build.go b/cmd/tsconnect/build.go index b49d450b2..ff638370b 100644 --- a/cmd/tsconnect/build.go +++ b/cmd/tsconnect/build.go @@ -57,7 +57,7 @@ func runBuild() { // fixEsbuildMetadataPaths re-keys the esbuild metadata file to use paths // relative to the dist directory (it normally uses paths relative to the cwd, -// which are akward if we're running with a different cwd at serving time). +// which are awkward if we're running with a different cwd at serving time). func fixEsbuildMetadataPaths(metadataStr string) ([]byte, error) { var metadata EsbuildMetadata if err := json.Unmarshal([]byte(metadataStr), &metadata); err != nil { diff --git a/cmd/tsconnect/src/pkg/pkg.ts b/cmd/tsconnect/src/pkg/pkg.ts index 6c62da1ac..317f08b66 100644 --- a/cmd/tsconnect/src/pkg/pkg.ts +++ b/cmd/tsconnect/src/pkg/pkg.ts @@ -15,12 +15,12 @@ import wasmURL from "./main.wasm" * needed for the package to function. */ type IPNPackageConfig = IPNConfig & { - // Auth key used to intitialize the Tailscale client (required) + // Auth key used to initialize the Tailscale client (required) authKey: string // URL of the main.wasm file that is included in the page, if it is not // accessible via a relative URL. wasmURL?: string - // Funtion invoked if the Go process panics or unexpectedly exits. + // Function invoked if the Go process panics or unexpectedly exits. panicHandler: (err: string) => void } diff --git a/cmd/viewer/viewer.go b/cmd/viewer/viewer.go index c24e28705..f8b2e8c13 100644 --- a/cmd/viewer/viewer.go +++ b/cmd/viewer/viewer.go @@ -388,7 +388,7 @@ func main() { log.Fatal(err) } if runCloner { - // When a new pacakge is added or when existing generated files have + // When a new package is added or when existing generated files have // been deleted, we might run into a case where tailscale.com/cmd/cloner // has not run yet. We detect this by verifying that all the structs we // interacted with have had Clone method already generated. If they diff --git a/control/controlclient/direct.go b/control/controlclient/direct.go index 67d8ce2d9..c506f05cf 100644 --- a/control/controlclient/direct.go +++ b/control/controlclient/direct.go @@ -776,7 +776,7 @@ func (c *Direct) sendMapRequest(ctx context.Context, maxPolls int, readOnly bool // with useful results. The first POST just gets us the DERP map which we // need to do the STUN queries to discover our endpoints. // TODO(bradfitz): we skip this optimization in tests, though, - // because the e2e tests are currently hyperspecific about the + // because the e2e tests are currently hyper-specific about the // ordering of things. The e2e tests need love. ReadOnly: readOnly || (len(epStrs) == 0 && !everEndpoints && !inTest()), } diff --git a/control/controlclient/map.go b/control/controlclient/map.go index 5e5ea8766..1bc57fdf2 100644 --- a/control/controlclient/map.go +++ b/control/controlclient/map.go @@ -35,7 +35,7 @@ type mapSession struct { machinePubKey key.MachinePublic keepSharerAndUserSplit bool // see Options.KeepSharerAndUserSplit - // Fields storing state over the the coards of multiple MapResponses. + // Fields storing state over the course of multiple MapResponses. lastNode *tailcfg.Node lastDNSConfig *tailcfg.DNSConfig lastDERPMap *tailcfg.DERPMap diff --git a/control/controlclient/map_test.go b/control/controlclient/map_test.go index e53534e0e..af1895878 100644 --- a/control/controlclient/map_test.go +++ b/control/controlclient/map_test.go @@ -466,7 +466,7 @@ func TestNetmapForResponse(t *testing.T) { }) } -// TestDeltaDebug tests that tailcfg.Debug values can be omitted in MapResposnes +// TestDeltaDebug tests that tailcfg.Debug values can be omitted in MapResponses // entirely or have their opt.Bool values unspecified between MapResponses in a // session and that should mean no change. (as of capver 37). But two Debug // fields existed prior to capver 37 that weren't opt.Bool; we test that we both diff --git a/derp/derp_test.go b/derp/derp_test.go index ba43e8f70..6da11197a 100644 --- a/derp/derp_test.go +++ b/derp/derp_test.go @@ -232,7 +232,7 @@ func TestSendFreeze(t *testing.T) { // alice --> bob // alice --> cathy // - // Then cathy stops processing messsages. + // Then cathy stops processing messages. // That should not interfere with alice talking to bob. newClient := func(ctx context.Context, name string, k key.NodePrivate) (c *Client, clientConn nettest.Conn) { @@ -772,7 +772,7 @@ func TestForwarderRegistration(t *testing.T) { }) // Now pretend u1 was already connected locally (so clientsMesh[u1] is nil), and then we heard - // that they're also connected to a peer of ours. That sholdn't transition the forwarder + // that they're also connected to a peer of ours. That shouldn't transition the forwarder // from nil to the new one, not a multiForwarder. s.clients[u1] = singleClient{u1c} s.clientsMesh[u1] = nil diff --git a/derp/derphttp/derphttp_client.go b/derp/derphttp/derphttp_client.go index 768bdffd3..67e947754 100644 --- a/derp/derphttp/derphttp_client.go +++ b/derp/derphttp/derphttp_client.go @@ -199,7 +199,7 @@ func (c *Client) urlString(node *tailcfg.DERPNode) string { return fmt.Sprintf("https://%s/derp", node.HostName) } -// AddressFamilySelector decides whethers IPv6 is preferred for +// AddressFamilySelector decides whether IPv6 is preferred for // outbound dials. type AddressFamilySelector interface { // PreferIPv6 reports whether IPv4 dials should be slightly diff --git a/disco/disco.go b/disco/disco.go index d8eb504da..b01c591ae 100644 --- a/disco/disco.go +++ b/disco/disco.go @@ -15,9 +15,9 @@ // The recipient then decrypts the bytes following (the nacl secretbox) // and then the inner payload structure is: // -// messageType byte (the MessageType constants below) -// messageVersion byte (0 for now; but always ignore bytes at the end) -// message-paylod [...]byte +// messageType byte (the MessageType constants below) +// messageVersion byte (0 for now; but always ignore bytes at the end) +// message-payload [...]byte package disco import ( diff --git a/ipn/backend.go b/ipn/backend.go index ab59d7002..917123b3a 100644 --- a/ipn/backend.go +++ b/ipn/backend.go @@ -69,7 +69,7 @@ type Notify struct { State *State // if non-nil, the new or current IPN state Prefs *Prefs // if non-nil, the new or current preferences NetMap *netmap.NetworkMap // if non-nil, the new or current netmap - Engine *EngineStatus // if non-nil, the new or urrent wireguard stats + Engine *EngineStatus // if non-nil, the new or current wireguard stats BrowseToURL *string // if non-nil, UI should open a browser right now BackendLogID *string // if non-nil, the public logtail ID used by backend diff --git a/ipn/ipnlocal/local.go b/ipn/ipnlocal/local.go index 7856dc490..3040452e3 100644 --- a/ipn/ipnlocal/local.go +++ b/ipn/ipnlocal/local.go @@ -2173,7 +2173,7 @@ func (b *LocalBackend) GetPeerAPIPort(ip netip.Addr) (port uint16, ok bool) { // ServePeerAPIConnection serves an already-accepted connection c. // // The remote parameter is the remote address. -// The local paramater is the local address (either a Tailscale IPv4 +// The local parameter is the local address (either a Tailscale IPv4 // or IPv6 IP and the peerapi port for that address). // // The connection will be closed by ServePeerAPIConnection. @@ -3027,7 +3027,7 @@ func (b *LocalBackend) RequestEngineStatus() { // that have happened. It is invoked from the various callbacks that // feed events into LocalBackend. // -// TODO(apenwarr): use a channel or something to prevent re-entrancy? +// TODO(apenwarr): use a channel or something to prevent reentrancy? // Or maybe just call the state machine from fewer places. func (b *LocalBackend) stateMachine() { b.enterState(b.nextState()) @@ -3087,7 +3087,7 @@ func (b *LocalBackend) ResetForClientDisconnect() { func (b *LocalBackend) ShouldRunSSH() bool { return b.sshAtomicBool.Load() && envknob.CanSSHD() } -// ShouldHandleViaIP reports whether whether ip is an IPv6 address in the +// ShouldHandleViaIP reports whether ip is an IPv6 address in the // Tailscale ULA's v6 "via" range embedding an IPv4 address to be forwarded to // by Tailscale. func (b *LocalBackend) ShouldHandleViaIP(ip netip.Addr) bool { @@ -3605,7 +3605,7 @@ func (b *LocalBackend) magicConn() (*magicsock.Conn, error) { return mc, nil } -// DoNoiseRequest sends a request to URL over the the control plane +// DoNoiseRequest sends a request to URL over the control plane // Noise connection. func (b *LocalBackend) DoNoiseRequest(req *http.Request) (*http.Response, error) { b.mu.Lock() diff --git a/ipn/ipnlocal/network-lock.go b/ipn/ipnlocal/network-lock.go index b31b27d37..1f1cc7ecb 100644 --- a/ipn/ipnlocal/network-lock.go +++ b/ipn/ipnlocal/network-lock.go @@ -44,10 +44,10 @@ type tkaState struct { // // There are 4 scenarios handled here: // - Enablement: nm.TKAEnabled but b.tka == nil -// ∴ reach out to /machine/tka/boostrap to get the genesis AUM, then +// ∴ reach out to /machine/tka/bootstrap to get the genesis AUM, then // initialize TKA. // - Disablement: !nm.TKAEnabled but b.tka != nil -// ∴ reach out to /machine/tka/boostrap to read the disablement secret, +// ∴ reach out to /machine/tka/bootstrap to read the disablement secret, // then verify and clear tka local state. // - Sync needed: b.tka.Head != nm.TKAHead // ∴ complete multi-step synchronization flow. diff --git a/ipn/ipnlocal/peerapi.go b/ipn/ipnlocal/peerapi.go index 1be0b51ab..21bfe3937 100644 --- a/ipn/ipnlocal/peerapi.go +++ b/ipn/ipnlocal/peerapi.go @@ -79,7 +79,7 @@ type peerAPIServer struct { } const ( - // partialSuffix is the suffix appened to files while they're + // partialSuffix is the suffix appended to files while they're // still in the process of being transferred. partialSuffix = ".partial" @@ -1184,7 +1184,7 @@ func newFakePeerAPIListener(ip netip.Addr) net.Listener { // even if the kernel isn't cooperating (like on Android: Issue 4449, 4293, etc) // or we lack permission to listen on a port. It's okay to not actually listen via // the kernel because on almost all platforms (except iOS as of 2022-04-20) we -// also intercept netstack TCP requests in to our peerapi port and hand it over +// also intercept incoming netstack TCP requests to our peerapi port and hand them over // directly to peerapi, without involving the kernel. So this doesn't need to be // real. But the port number we return (1, in this case) is the port number we advertise // to peers and they connect to. 1 seems pretty safe to use. Even if the kernel's diff --git a/ipn/ipnlocal/peerapi_test.go b/ipn/ipnlocal/peerapi_test.go index fe21e7a2c..9fd9db883 100644 --- a/ipn/ipnlocal/peerapi_test.go +++ b/ipn/ipnlocal/peerapi_test.go @@ -109,7 +109,7 @@ func TestHandlePeerAPI(t *testing.T) { tests := []struct { name string isSelf bool // the peer sending the request is owned by us - capSharing bool // self node has file sharing capabilty + capSharing bool // self node has file sharing capability omitRoot bool // don't configure req *http.Request checks []check diff --git a/ipn/ipnserver/server.go b/ipn/ipnserver/server.go index 16c2b4ab4..c6bdd3bb3 100644 --- a/ipn/ipnserver/server.go +++ b/ipn/ipnserver/server.go @@ -57,7 +57,7 @@ import ( // Options is the configuration of the Tailscale node agent. type Options struct { - // VarRoot is the the Tailscale daemon's private writable + // VarRoot is the Tailscale daemon's private writable // directory (usually "/var/lib/tailscale" on Linux) that // contains the "tailscaled.state" file, the "certs" directory // for TLS certs, and the "files" directory for incoming diff --git a/ipn/prefs_test.go b/ipn/prefs_test.go index f76796419..92481f02b 100644 --- a/ipn/prefs_test.go +++ b/ipn/prefs_test.go @@ -470,7 +470,7 @@ func TestLoadPrefsNotExist(t *testing.T) { t.Fatalf("unexpected prefs=%#v, err=%v", p, err) } -// TestLoadPrefsFileWithZeroInIt verifies that LoadPrefs hanldes corrupted input files. +// TestLoadPrefsFileWithZeroInIt verifies that LoadPrefs handles corrupted input files. // See issue #954 for details. func TestLoadPrefsFileWithZeroInIt(t *testing.T) { f, err := os.CreateTemp("", "TestLoadPrefsFileWithZeroInIt") diff --git a/logpolicy/logpolicy.go b/logpolicy/logpolicy.go index 9ee8c89f9..854e4c25e 100644 --- a/logpolicy/logpolicy.go +++ b/logpolicy/logpolicy.go @@ -609,7 +609,7 @@ func NewWithConfigPath(collection, dir, cmdName string) *Policy { } } - log.SetFlags(0) // other logflags are set on console, not here + log.SetFlags(0) // other log flags are set on console, not here log.SetOutput(logOutput) log.Printf("Program starting: v%v, Go %v: %#v", diff --git a/logtail/id.go b/logtail/id.go index 32727f213..a404732c5 100644 --- a/logtail/id.go +++ b/logtail/id.go @@ -34,7 +34,7 @@ func NewPrivateID() (id PrivateID, err error) { func (id PrivateID) MarshalText() ([]byte, error) { b := make([]byte, hex.EncodedLen(len(id))) if i := hex.Encode(b, id[:]); i != len(b) { - return nil, fmt.Errorf("logtail.PrivateID.MarhsalText: i=%d", i) + return nil, fmt.Errorf("logtail.PrivateID.MarshalText: i=%d", i) } return b, nil } @@ -122,7 +122,7 @@ func MustParsePublicID(s string) PublicID { func (id PublicID) MarshalText() ([]byte, error) { b := make([]byte, hex.EncodedLen(len(id))) if i := hex.Encode(b, id[:]); i != len(b) { - return nil, fmt.Errorf("logtail.PublicID.MarhsalText: i=%d", i) + return nil, fmt.Errorf("logtail.PublicID.MarshalText: i=%d", i) } return b, nil } diff --git a/logtail/logtail.go b/logtail/logtail.go index 0179f0962..8d68546e4 100644 --- a/logtail/logtail.go +++ b/logtail/logtail.go @@ -49,7 +49,7 @@ type Config struct { HTTPC *http.Client // if empty defaults to http.DefaultClient SkipClientTime bool // if true, client_time is not written to logs LowMemory bool // if true, logtail minimizes memory use - TimeNow func() time.Time // if set, subsitutes uses of time.Now + TimeNow func() time.Time // if set, substitutes uses of time.Now Stderr io.Writer // if set, logs are sent here instead of os.Stderr StderrLevel int // max verbosity level to write to stderr; 0 means the non-verbose messages only Buffer Buffer // temp storage, if nil a MemoryBuffer @@ -73,7 +73,7 @@ type Config struct { // IncludeProcSequence, if true, results in an ephemeral sequence number // being included in the logs. The sequence number is incremented for each - // log message sent, but is not peristed across process restarts. + // log message sent, but is not persisted across process restarts. IncludeProcSequence bool } diff --git a/net/dns/manager.go b/net/dns/manager.go index 0d9d2c157..711c04852 100644 --- a/net/dns/manager.go +++ b/net/dns/manager.go @@ -381,7 +381,7 @@ func (m *Manager) NextPacket() ([]byte, error) { return buf, nil } -// Query executes a DNS query recieved from the given address. The query is +// Query executes a DNS query received from the given address. The query is // provided in bs as a wire-encoded DNS query without any transport header. // This method is called for requests arriving over UDP and TCP. func (m *Manager) Query(ctx context.Context, bs []byte, from netip.AddrPort) ([]byte, error) { diff --git a/net/dns/manager_windows_test.go b/net/dns/manager_windows_test.go index 84cc02fac..5063f730f 100644 --- a/net/dns/manager_windows_test.go +++ b/net/dns/manager_windows_test.go @@ -274,7 +274,7 @@ func runTest(t *testing.T, isLocal bool) { runCase := func(n int) { t.Logf("Test case: %d domains\n", n) if !isLocal { - // When !isLocal, we want to check that a GP notification occured for + // When !isLocal, we want to check that a GP notification occurred for // every single test case. trk, err = newGPNotificationTracker() if err != nil { diff --git a/net/dns/nm.go b/net/dns/nm.go index 6a9a90524..c2ad5b95a 100644 --- a/net/dns/nm.go +++ b/net/dns/nm.go @@ -302,7 +302,7 @@ func (m *nmManager) GetBaseConfig() (OSConfig, error) { for _, cfg := range cfgs { if name, ok := cfg["interface"]; ok { if s, ok := name.Value().(string); ok && s == m.interfaceName { - // Config for the taislcale interface, skip. + // Config for the tailscale interface, skip. continue } } diff --git a/net/dns/nrpt_windows.go b/net/dns/nrpt_windows.go index 7ec29b344..42b156a27 100644 --- a/net/dns/nrpt_windows.go +++ b/net/dns/nrpt_windows.go @@ -58,7 +58,7 @@ var ( const _RP_FORCE = 1 // Flag for RefreshPolicyEx -// nrptRuleDatabase ensapsulates access to the Windows Name Resolution Policy +// nrptRuleDatabase encapsulates access to the Windows Name Resolution Policy // Table (NRPT). type nrptRuleDatabase struct { logf logger.Logf diff --git a/net/dns/resolver/forwarder.go b/net/dns/resolver/forwarder.go index 3b5d1d9b2..17ad404d3 100644 --- a/net/dns/resolver/forwarder.go +++ b/net/dns/resolver/forwarder.go @@ -180,7 +180,7 @@ type resolverAndDelay struct { type forwarder struct { logf logger.Logf linkMon *monitor.Mon - linkSel ForwardLinkSelector // TODO(bradfitz): remove this when tsdial.Dialer absords it + linkSel ForwardLinkSelector // TODO(bradfitz): remove this when tsdial.Dialer absorbs it dialer *tsdial.Dialer dohSem chan struct{} @@ -502,7 +502,7 @@ func (f *forwarder) send(ctx context.Context, fq *forwardQuery, rr resolverAndDe // Only known DoH providers are supported currently. Specifically, we // only support DoH providers where we can TCP connect to them on port // 443 at the same IP address they serve normal UDP DNS from (1.1.1.1, - // 8.8.8.8, 9.9.9.9, etc.) That's why OpenDNS and custon DoH providers + // 8.8.8.8, 9.9.9.9, etc.) That's why OpenDNS and custom DoH providers // aren't currently supported. There's no backup DNS resolution path for // them. urlBase := rr.name.Addr diff --git a/net/dns/resolver/tsdns.go b/net/dns/resolver/tsdns.go index 05b285a58..e6a0b3660 100644 --- a/net/dns/resolver/tsdns.go +++ b/net/dns/resolver/tsdns.go @@ -609,7 +609,7 @@ func (r *Resolver) resolveLocal(domain dnsname.FQDN, typ dns.Type) (netip.Addr, metricDNSResolveLocalOKAll.Add(1) return addrs[0], dns.RCodeSuccess - // Leave some some record types explicitly unimplemented. + // Leave some record types explicitly unimplemented. // These types relate to recursive resolution or special // DNS semantics and might be implemented in the future. case dns.TypeNS, dns.TypeSOA, dns.TypeAXFR, dns.TypeHINFO: diff --git a/net/dnscache/messagecache.go b/net/dnscache/messagecache.go index 5c93be7c5..fe9fd117b 100644 --- a/net/dnscache/messagecache.go +++ b/net/dnscache/messagecache.go @@ -99,7 +99,7 @@ type msgResource struct { } // ErrCacheMiss is a sentinel error returned by MessageCache.ReplyFromCache -// when the request can not be satisified from cache. +// when the request can not be satisfied from cache. var ErrCacheMiss = errors.New("cache miss") var parserPool = &sync.Pool{ @@ -264,7 +264,7 @@ func asciiLowerName(n dnsmessage.Name) dnsmessage.Name { } // packDNSResponse builds a DNS response for the given question and -// transaction ID. The response resource records will have have the +// transaction ID. The response resource records will have the // same provided TTL. func packDNSResponse(q msgQ, txID uint16, ttl uint32, answers []msgResource) ([]byte, error) { var baseMem []byte // TODO: guess a max size based on looping over answers? diff --git a/net/interfaces/interfaces.go b/net/interfaces/interfaces.go index b52c6ca84..69693b1ea 100644 --- a/net/interfaces/interfaces.go +++ b/net/interfaces/interfaces.go @@ -441,13 +441,13 @@ func prefixesEqual(a, b []netip.Prefix) bool { // UseInterestingInterfaces is an InterfaceFilter that reports whether i is an interesting interface. // An interesting interface if it is (a) not owned by Tailscale and (b) routes interesting IP addresses. -// See UseInterestingIPs for the defition of an interesting IP address. +// See UseInterestingIPs for the definition of an interesting IP address. func UseInterestingInterfaces(i Interface, ips []netip.Prefix) bool { return !isTailscaleInterface(i.Name, ips) && anyInterestingIP(ips) } // UseInterestingIPs is an IPFilter that reports whether ip is an interesting IP address. -// An IP address is interesting if it is neither a lopback not a link local unicast IP address. +// An IP address is interesting if it is neither a loopback nor a link local unicast IP address. func UseInterestingIPs(ip netip.Addr) bool { return isInterestingIP(ip) } @@ -455,7 +455,7 @@ func UseInterestingIPs(ip netip.Addr) bool { // UseAllInterfaces is an InterfaceFilter that includes all interfaces. func UseAllInterfaces(i Interface, ips []netip.Prefix) bool { return true } -// UseAllIPs is an IPFilter that includes all all IPs. +// UseAllIPs is an IPFilter that includes all IPs. func UseAllIPs(ips netip.Addr) bool { return true } func (s *State) HasPAC() bool { return s != nil && s.PAC != "" } diff --git a/net/netcheck/netcheck.go b/net/netcheck/netcheck.go index 3b3a4f672..519759deb 100644 --- a/net/netcheck/netcheck.go +++ b/net/netcheck/netcheck.go @@ -161,7 +161,7 @@ type Client struct { // GetSTUNConn4 optionally provides a func to return the // connection to use for sending & receiving IPv4 packets. If - // nil, an emphemeral one is created as needed. + // nil, an ephemeral one is created as needed. GetSTUNConn4 func() STUNConn // GetSTUNConn6 is like GetSTUNConn4, but for IPv6. diff --git a/net/nettest/listener.go b/net/nettest/listener.go index 7a9a47fba..90f827328 100644 --- a/net/nettest/listener.go +++ b/net/nettest/listener.go @@ -15,7 +15,7 @@ const ( bufferSize = 256 * 1024 ) -// Listener is a net.Listener using using NewConn to create pairs of network +// Listener is a net.Listener using NewConn to create pairs of network // connections connected in memory using a buffered pipe. It also provides a // Dial method to establish new connections. type Listener struct { diff --git a/net/netutil/ip_forward.go b/net/netutil/ip_forward.go index f737538da..96cf9c444 100644 --- a/net/netutil/ip_forward.go +++ b/net/netutil/ip_forward.go @@ -195,7 +195,7 @@ const ( // given interface. // The iface param determines which interface to check against, "" means to check // global config. -// It tries to lookup the value directly from `/proc/sys`, and fallsback to +// It tries to lookup the value directly from `/proc/sys`, and falls back to // using `sysctl` on failure. func ipForwardingEnabledLinux(p protocol, iface string) (bool, error) { k := ipForwardSysctlKey(slashFormat, p, iface) diff --git a/net/packet/header.go b/net/packet/header.go index bc512371c..b568ad6d4 100644 --- a/net/packet/header.go +++ b/net/packet/header.go @@ -40,7 +40,7 @@ type Header interface { } // HeaderChecksummer is implemented by Header implementations that -// need to do a checksum over their paylods. +// need to do a checksum over their payloads. type HeaderChecksummer interface { Header diff --git a/net/ping/ping_test.go b/net/ping/ping_test.go index 5c606db2a..90baf0b88 100644 --- a/net/ping/ping_test.go +++ b/net/ping/ping_test.go @@ -202,7 +202,7 @@ func TestPingerMismatch(t *testing.T) { func mockPinger(t *testing.T, clock *tstest.Clock) (*Pinger, func()) { // In tests, we use UDP so that we can test without being root; this - // doesn't matter becuase we mock out the ICMP reply below to be a real + // doesn't matter because we mock out the ICMP reply below to be a real // ICMP echo reply packet. conn, err := net.ListenPacket("udp4", "127.0.0.1:0") if err != nil { diff --git a/net/portmapper/igd_test.go b/net/portmapper/igd_test.go index 3aaf8f6ef..bbfdd7ea8 100644 --- a/net/portmapper/igd_test.go +++ b/net/portmapper/igd_test.go @@ -19,7 +19,7 @@ import ( "tailscale.com/types/logger" ) -// TestIGD is an IGD (Intenet Gateway Device) for testing. It supports fake +// TestIGD is an IGD (Internet Gateway Device) for testing. It supports fake // implementations of NAT-PMP, PCP, and/or UPnP to test clients against. type TestIGD struct { upnpConn net.PacketConn // for UPnP discovery diff --git a/net/tsdial/tsdial.go b/net/tsdial/tsdial.go index c6e817819..654a993c9 100644 --- a/net/tsdial/tsdial.go +++ b/net/tsdial/tsdial.go @@ -58,7 +58,7 @@ type Dialer struct { linkMon *monitor.Mon linkMonUnregister func() exitDNSDoHBase string // non-empty if DoH-proxying exit node in use; base URL+path (without '?') - dnsCache *dnscache.MessageCache // nil until first first non-empty SetExitDNSDoH + dnsCache *dnscache.MessageCache // nil until first non-empty SetExitDNSDoH nextSysConnID int activeSysConns map[int]net.Conn // active connections not yet closed } @@ -210,7 +210,7 @@ func (d *Dialer) userDialResolve(ctx context.Context, network, addr string) (net exitDNSDoH := d.exitDNSDoHBase d.mu.Unlock() - // MagicDNS or otherwise baked in to the NetworkMap? Try that first. + // MagicDNS or otherwise baked into the NetworkMap? Try that first. ipp, err := dns.resolveMemory(ctx, network, addr) if err != errUnresolved { return ipp, err diff --git a/net/tshttpproxy/tshttpproxy.go b/net/tshttpproxy/tshttpproxy.go index 07ce492f0..1f2298e2b 100644 --- a/net/tshttpproxy/tshttpproxy.go +++ b/net/tshttpproxy/tshttpproxy.go @@ -89,7 +89,7 @@ func GetAuthHeader(u *url.URL) (string, error) { var condSetTransportGetProxyConnectHeader func(*http.Transport) -// SetTarnsportGetProxyConnectHeader sets the provided Transport's +// SetTransportGetProxyConnectHeader sets the provided Transport's // GetProxyConnectHeader field, if the current build of Go supports // it. // diff --git a/net/tshttpproxy/tshttpproxy_synology_test.go b/net/tshttpproxy/tshttpproxy_synology_test.go index 541d15f99..8fe7e78b8 100644 --- a/net/tshttpproxy/tshttpproxy_synology_test.go +++ b/net/tshttpproxy/tshttpproxy_synology_test.go @@ -204,7 +204,7 @@ http_port=80 }) - t.Run("non-existent config", func(t *testing.T) { + t.Run("nonexistent config", func(t *testing.T) { openReader = nil openErr = os.ErrNotExist diff --git a/net/tstun/wrap.go b/net/tstun/wrap.go index 658c85eff..e9fe962a7 100644 --- a/net/tstun/wrap.go +++ b/net/tstun/wrap.go @@ -173,7 +173,7 @@ type Wrapper struct { // See the comment in the middle of Wrap.Read. type tunReadResult struct { // Only one of err, packet or data should be set, and are read in that order - // of precendence. + // of precedence. err error packet *stack.PacketBuffer data []byte diff --git a/paths/paths.go b/paths/paths.go index 778330277..dfb584f21 100644 --- a/paths/paths.go +++ b/paths/paths.go @@ -63,7 +63,7 @@ func DefaultTailscaledStateFile() string { return "" } -// MkStateDir ensures that dirPath, the daemon's configurtaion directory +// MkStateDir ensures that dirPath, the daemon's configuration directory // containing machine keys etc, both exists and has the correct permissions. // We want it to only be accessible to the user the daemon is running under. func MkStateDir(dirPath string) error { diff --git a/prober/prober.go b/prober/prober.go index 4f33d34cf..dd910089f 100644 --- a/prober/prober.go +++ b/prober/prober.go @@ -236,7 +236,7 @@ func (v varExporter) String() string { return string(bs) } -// WritePrometheus writes the the state of all probes to w. +// WritePrometheus writes the state of all probes to w. // // For each probe, WritePrometheus exports 5 variables: // - _interval_secs, how frequently the probe runs. diff --git a/ssh/tailssh/ctxreader.go b/ssh/tailssh/ctxreader.go index ce0a03526..a437eaab7 100644 --- a/ssh/tailssh/ctxreader.go +++ b/ssh/tailssh/ctxreader.go @@ -29,7 +29,7 @@ type contextReader struct { // consumed. buffered []byte // readErr is a previous read error that was seen while filling buffered. It - // should be returned to the caller after bufffered is consumed. + // should be returned to the caller after buffered is consumed. readErr error mu sync.Mutex // guards ch only @@ -40,7 +40,7 @@ type contextReader struct { ch chan readResult } -// HasOutstandingRead reports whether there's an oustanding Read call that's +// HasOutstandingRead reports whether there's an outstanding Read call that's // either currently blocked in a Read or whose result hasn't been consumed. func (w *contextReader) HasOutstandingRead() bool { w.mu.Lock() @@ -97,14 +97,14 @@ func (w *contextReader) ReadContext(ctx context.Context, p []byte) (n int, err e } } -// contextReaderSesssion implements ssh.Session, wrapping another +// contextReaderSession implements ssh.Session, wrapping another // ssh.Session but changing its Read method to use contextReader. -type contextReaderSesssion struct { +type contextReaderSession struct { ssh.Session cr *contextReader } -func (a contextReaderSesssion) Read(p []byte) (n int, err error) { +func (a contextReaderSession) Read(p []byte) (n int, err error) { if a.cr.HasOutstandingRead() { return a.cr.ReadContext(context.Background(), p) } diff --git a/ssh/tailssh/incubator.go b/ssh/tailssh/incubator.go index 299b8eacc..ac1257c95 100644 --- a/ssh/tailssh/incubator.go +++ b/ssh/tailssh/incubator.go @@ -2,11 +2,11 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// This file contains the code for the incubator process. Taiscaled +// This file contains the code for the incubator process. Tailscaled // launches the incubator as the same user as it was launched as. The // incubator then registers a new session with the OS, sets its UID // and groups to the specified `--uid`, `--gid` and `--groups`, and -// then lauches the requested `--cmd`. +// then launches the requested `--cmd`. //go:build linux || (darwin && !ios) // +build linux darwin,!ios diff --git a/ssh/tailssh/tailssh.go b/ssh/tailssh/tailssh.go index 5c1bc2017..bcdc40232 100644 --- a/ssh/tailssh/tailssh.go +++ b/ssh/tailssh/tailssh.go @@ -181,7 +181,7 @@ func (c *conn) logf(format string, args ...any) { c.srv.logf(format, args...) } -// PublicKeyHandler implements ssh.PublicKeyHandler is called by the the +// PublicKeyHandler implements ssh.PublicKeyHandler is called by the // ssh.Server when the client presents a public key. func (c *conn) PublicKeyHandler(ctx ssh.Context, pubKey ssh.PublicKey) error { c.mu.Lock() @@ -205,7 +205,7 @@ func (c *conn) PublicKeyHandler(ctx ssh.Context, pubKey ssh.PublicKey) error { var errPubKeyRequired = errors.New("ssh publickey required") // NoClientAuthCallback implements gossh.NoClientAuthCallback and is called by -// the the ssh.Server when the client first connects with the "none" +// the ssh.Server when the client first connects with the "none" // authentication method. func (c *conn) NoClientAuthCallback(cm gossh.ConnMetadata) (*gossh.Permissions, error) { if c.insecureSkipTailscaleAuth { @@ -595,7 +595,7 @@ func (c *conn) handleSessionPostSSHAuth(s ssh.Session) { if cr.HasOutstandingRead() { // There was some buffered input while we were waiting for the policy // decision. - s = contextReaderSesssion{s, cr} + s = contextReaderSession{s, cr} } // Do this check after auth, but before starting the session. @@ -1326,7 +1326,7 @@ func (ss *sshSession) startNewRecording() (*recording, error) { Timestamp: now.Unix(), Env: map[string]string{ "TERM": term, - // TODO(bradiftz): anything else important? + // TODO(bradfitz): anything else important? // including all seems noisey, but maybe we should // for auditing. But first need to break // launchProcess's startWithStdPipes and diff --git a/tailcfg/tailcfg.go b/tailcfg/tailcfg.go index ff1a9cfa2..67720a66f 100644 --- a/tailcfg/tailcfg.go +++ b/tailcfg/tailcfg.go @@ -117,7 +117,7 @@ func (u StableNodeID) IsZero() bool { // A user can have multiple logins associated with it (e.g. gmail and github oauth). // (Note: none of our UIs support this yet.) // -// Some properties are inhereted from the logins and can be overridden, such as +// Some properties are inherited from the logins and can be overridden, such as // display name and profile picture. // // Other properties must be the same for all logins associated with a user. @@ -249,7 +249,7 @@ type Node struct { // the owner of the node. When forOwner is false, the hostname is // never included in the return value. // -// Return value is either either "Name" or "Name (Hostname)", where +// Return value is either "Name" or "Name (Hostname)", where // Name is the node's MagicDNS base name (for normal non-shared-in // nodes), FQDN (without trailing dot, for shared-in nodes), or // Hostname (if no MagicDNS). Hostname is only included in the @@ -864,7 +864,7 @@ type RegisterResponse struct { MachineAuthorized bool // TODO(crawshaw): move to using MachineStatus AuthURL string // if set, authorization pending - // Error indiciates that authorization failed. If this is non-empty, + // Error indicates that authorization failed. If this is non-empty, // other status fields should be ignored. Error string } @@ -992,7 +992,7 @@ type NetPortRange struct { // CapGrant grants capabilities in a FilterRule. type CapGrant struct { - // Dsts are the destination IP ranges that this capabilty + // Dsts are the destination IP ranges that this capability // grant matches. Dsts []netip.Prefix @@ -1006,7 +1006,7 @@ type CapGrant struct { // // A rule is logically a set of source CIDRs to match (described by // SrcIPs and SrcBits), and a set of destination targets that are then -// allowed if a source IP is mathces of those CIDRs. +// allowed if a source IP is matches of those CIDRs. type FilterRule struct { // SrcIPs are the source IPs/networks to match. // @@ -1124,7 +1124,7 @@ type DNSConfig struct { // MagicDNS config. ExtraRecords []DNSRecord `json:",omitempty"` - // ExitNodeFilteredSuffixes are the the DNS suffixes that the + // ExitNodeFilteredSuffixes are the DNS suffixes that the // node, when being an exit node DNS proxy, should not answer. // // The entries do not contain trailing periods and are always @@ -1828,7 +1828,7 @@ type SSHAction struct { // // The "OverTLS" prefix is to loudly declare that this exchange // doesn't happen over Noise and can be intercepted/MITM'ed by -// enterprise/corp proxies where the orgnanization can put TLS roots +// enterprise/corp proxies where the organization can put TLS roots // on devices. type OverTLSPublicKeyResponse struct { // LegacyPublic specifies the control plane server's original diff --git a/tailcfg/tka.go b/tailcfg/tka.go index c24714123..091113599 100644 --- a/tailcfg/tka.go +++ b/tailcfg/tka.go @@ -98,7 +98,7 @@ type TKAInfo struct { // This field exists to disambiguate a nil TKAInfo in a delta mapresponse // from a nil TKAInfo indicating TKA should be disabled. // - // TODO(tom): Implement /machine/tka/boostrap as a noise endpoint, to + // TODO(tom): Implement /machine/tka/bootstrap as a noise endpoint, to // communicate the genesis AUM & any disablement secrets. Disabled bool `json:",omitempty"` } diff --git a/tka/aum.go b/tka/aum.go index da55ec7a3..6eb221369 100644 --- a/tka/aum.go +++ b/tka/aum.go @@ -60,7 +60,7 @@ const ( // // Only the Key optional field may be set. AUMAddKey - // A RemoveKey AUM describes hte removal of a key trusted by TKA. + // A RemoveKey AUM describes the removal of a key trusted by TKA. // // Only the KeyID optional field may be set. AUMRemoveKey diff --git a/tka/scenario_test.go b/tka/scenario_test.go index e80a697c4..59ef94af3 100644 --- a/tka/scenario_test.go +++ b/tka/scenario_test.go @@ -67,7 +67,7 @@ func (s *scenarioTest) mkNodeWithForks(name string, signWithDefault bool, chains for parentName, chain := range chains { parent, exists := n.AUMs[parentName] if !exists { - panic("cannot use non-existent parent: " + parentName) + panic("cannot use nonexistent parent: " + parentName) } parentHash := parent.Hash() chain.Nodes[chain.FirstIdent].ParentHash = &parentHash @@ -216,7 +216,7 @@ func TestScenarioHelpers(t *testing.T) { s.checkHaveConsensus(control, n) } -func TestNormalPropergation(t *testing.T) { +func TestNormalPropagation(t *testing.T) { s := testScenario(t, ` G -> L1 -> L2 G.template = genesis @@ -242,7 +242,7 @@ func TestNormalPropergation(t *testing.T) { s.checkHaveConsensus(n1, n2) } -func TestForkingPropergation(t *testing.T) { +func TestForkingPropagation(t *testing.T) { pub, priv := testingKey25519(t, 2) key := Key{Kind: Key25519, Public: pub, Votes: 2} @@ -278,7 +278,7 @@ func TestForkingPropergation(t *testing.T) { s.testSyncsBetween(control, n2) s.checkHaveConsensus(control, n2) - // No wozzles propergating from n2->CTRL, what about CTRL->n1? + // No wozzles propagating from n2->CTRL, what about CTRL->n1? s.testSyncsBetween(control, n1) s.checkHaveConsensus(n1, n2) @@ -290,7 +290,7 @@ func TestForkingPropergation(t *testing.T) { } } -func TestInvalidAUMPropergationRejected(t *testing.T) { +func TestInvalidAUMPropagationRejected(t *testing.T) { s := testScenario(t, ` G -> L1 -> L2 G.template = genesis @@ -324,7 +324,7 @@ func TestInvalidAUMPropergationRejected(t *testing.T) { } } -func TestUnsignedAUMPropergationRejected(t *testing.T) { +func TestUnsignedAUMPropagationRejected(t *testing.T) { s := testScenario(t, ` G -> L1 -> L2 G.template = genesis @@ -357,7 +357,7 @@ func TestUnsignedAUMPropergationRejected(t *testing.T) { } } -func TestBadSigAUMPropergationRejected(t *testing.T) { +func TestBadSigAUMPropagationRejected(t *testing.T) { s := testScenario(t, ` G -> L1 -> L2 G.template = genesis diff --git a/tka/sig.go b/tka/sig.go index 5ae48b18c..fc2d94023 100644 --- a/tka/sig.go +++ b/tka/sig.go @@ -33,7 +33,7 @@ const ( // SigRotation signature and sign it again with their rotation key. That // way, SigRotation nesting should only be 2 deep in the common case. SigRotation - // SigCredential describes a signature over a specifi public key, signed + // SigCredential describes a signature over a specific public key, signed // by a key in the tailnet key authority referenced by the specified keyID. // In effect, SigCredential delegates the ability to make a signature to // a different public/private key pair. diff --git a/tstest/clock.go b/tstest/clock.go index 9f7d7f459..296d0402c 100644 --- a/tstest/clock.go +++ b/tstest/clock.go @@ -25,7 +25,7 @@ type Clock struct { sync.Mutex } -// Now returns the virtual clock's current time, and avances it +// Now returns the virtual clock's current time, and advances it // according to its step configuration. func (c *Clock) Now() time.Time { c.Lock() diff --git a/tstest/integration/gen_deps.go b/tstest/integration/gen_deps.go index a881899a0..330e46a63 100644 --- a/tstest/integration/gen_deps.go +++ b/tstest/integration/gen_deps.go @@ -53,7 +53,7 @@ import ( `) for _, dep := range x.Imports { if !strings.Contains(dep, ".") { - // Omit stanard library deps. + // Omit standard library deps. continue } fmt.Fprintf(&out, "\t_ %q\n", dep) diff --git a/tstest/integration/testcontrol/testcontrol.go b/tstest/integration/testcontrol/testcontrol.go index bc90bf0f7..dacab3f69 100644 --- a/tstest/integration/testcontrol/testcontrol.go +++ b/tstest/integration/testcontrol/testcontrol.go @@ -463,7 +463,7 @@ func (s *Server) serveRegister(w http.ResponseWriter, r *http.Request, mkey key. case <-doneCh: } // TODO(bradfitz): support a side test API to mark an - // auth as failued so we can send an error response in + // auth as failed so we can send an error response in // some follow-ups? For now all are successes. } diff --git a/tstest/integration/vms/nixos_test.go b/tstest/integration/vms/nixos_test.go index d4f887de3..2ba56cbda 100644 --- a/tstest/integration/vms/nixos_test.go +++ b/tstest/integration/vms/nixos_test.go @@ -73,7 +73,7 @@ let # The path on disk to the "source code" of the package, in this case it is # the path to the binaries that are built. This needs to be the raw - # unquoted slash-separated path, not a string contaning the path because Nix + # unquoted slash-separated path, not a string containing the path because Nix # has a special path type. src = {{.BinPath}}; diff --git a/tstest/integration/vms/top_level_test.go b/tstest/integration/vms/top_level_test.go index 6e14b493f..2da4912a6 100644 --- a/tstest/integration/vms/top_level_test.go +++ b/tstest/integration/vms/top_level_test.go @@ -78,7 +78,7 @@ func TestMITMProxy(t *testing.T) { // - The first thing we do is append the nsslcrtd_program stanza to the config. // This must be an absolute path and is based on the nix path of the squid derivation, // so we compute and write it out here. - // - Squid expects a pre-initalized directory layout, so we create that in /tmp/squid then + // - Squid expects a pre-initialized directory layout, so we create that in /tmp/squid then // invoke squid with -z to have it fill in the rest. // - Doing a meddler-in-the-middle attack requires using some fake keys, so we create // them using openssl and then use the security_file_certgen tool to setup squids' ssl_db. diff --git a/tstest/natlab/natlab.go b/tstest/natlab/natlab.go index ba9ef77aa..91a6462cf 100644 --- a/tstest/natlab/natlab.go +++ b/tstest/natlab/natlab.go @@ -92,7 +92,7 @@ func mustPrefix(s string) netip.Prefix { func NewInternet() *Network { return &Network{ Name: "internet", - // easily recognizable internett-y addresses + // easily recognizable internetty addresses Prefix4: mustPrefix("1.0.0.0/24"), Prefix6: mustPrefix("1111::/64"), } @@ -243,7 +243,7 @@ func (f *Interface) String() string { if f.name != "" { return f.name } - return fmt.Sprintf("unamed-interface-on-network-%p", f.net) + return fmt.Sprintf("unnamed-interface-on-network-%p", f.net) } // Contains reports whether f contains ip as an IP. diff --git a/tsweb/tsweb.go b/tsweb/tsweb.go index b48a5531b..9d7c07b3a 100644 --- a/tsweb/tsweb.go +++ b/tsweb/tsweb.go @@ -412,7 +412,7 @@ func (l loggingResponseWriter) Flush() { // // It is the error type to be (optionally) used by Handler.ServeHTTPReturn. type HTTPError struct { - Code int // HTTP response code to send to client; 0 means means 500 + Code int // HTTP response code to send to client; 0 means 500 Msg string // Response body to send to client Err error // Detailed error to log on the server Header http.Header // Optional set of HTTP headers to set in the response diff --git a/types/key/disco.go b/types/key/disco.go index 881ec4de6..9580646cb 100644 --- a/types/key/disco.go +++ b/types/key/disco.go @@ -63,7 +63,7 @@ func (k DiscoPrivate) Public() DiscoPublic { return ret } -// Shared returns the DiscoShared for communication betweek k and p. +// Shared returns the DiscoShared for communication between k and p. func (k DiscoPrivate) Shared(p DiscoPublic) DiscoShared { if k.IsZero() || p.IsZero() { panic("can't compute shared secret with zero keys") diff --git a/types/logger/tokenbucket.go b/types/logger/tokenbucket.go index 544fffe26..58c0ee2fd 100644 --- a/types/logger/tokenbucket.go +++ b/types/logger/tokenbucket.go @@ -21,7 +21,7 @@ import ( // be enough to disqualify it on its own. // // Unlike rate.Limiter, this token bucket does not attempt to -// do any locking of its own. Don't try to access it re-entrantly. +// do any locking of its own. Don't try to access it reentrantly. // That's fine inside this types/logger package because we already have // locking at a higher level. type tokenBucket struct { diff --git a/types/opt/bool.go b/types/opt/bool.go index 86e32aea2..e438d7b19 100644 --- a/types/opt/bool.go +++ b/types/opt/bool.go @@ -11,7 +11,7 @@ import ( ) // Bool represents an optional boolean to be JSON-encoded. The string -// is either "true", "false", or the enmpty string to mean unset. +// is either "true", "false", or the empty string to mean unset. // // As a special case, the underlying string may also be the string // "unset" as as a synonym for the empty string. This lets the diff --git a/util/clientmetric/clientmetric.go b/util/clientmetric/clientmetric.go index fceb76635..28ca78e67 100644 --- a/util/clientmetric/clientmetric.go +++ b/util/clientmetric/clientmetric.go @@ -197,7 +197,7 @@ func WritePrometheusExpositionFormat(w io.Writer) { const ( // metricLogNameFrequency is how often a metric's name=>id // mapping is redundantly put in the logs. In other words, - // this is how how far in the logs you need to fetch from a + // this is how far in the logs you need to fetch from a // given point in time to recompute the metrics at that point // in time. metricLogNameFrequency = 4 * time.Hour diff --git a/util/deephash/deephash.go b/util/deephash/deephash.go index b6a9bc40b..8df51b421 100644 --- a/util/deephash/deephash.go +++ b/util/deephash/deephash.go @@ -434,7 +434,7 @@ func makeMapHasher(t reflect.Type) typeHasherFunc { mh := mapHasherPool.Get().(*mapHasher) defer mapHasherPool.Put(mh) - // Hash a map in a sort-free mannar. + // Hash a map in a sort-free manner. // It relies on a map being a an unordered set of KV entries. // So long as we hash each KV entry together, we can XOR all the // individual hashes to produce a unique hash for the entire map. diff --git a/util/deephash/deephash_test.go b/util/deephash/deephash_test.go index 5869fe7fa..c085d28b9 100644 --- a/util/deephash/deephash_test.go +++ b/util/deephash/deephash_test.go @@ -552,7 +552,7 @@ func TestGetTypeHasher(t *testing.T) { out: "\x01\x00\x00\x00\x02\x00\x00\x00\x03\x04\x00\x00\x00", }, { - name: "IntIntByteInt-canddr", + name: "IntIntByteInt-canaddr", val: &IntIntByteInt{1, 2, 3, 4}, out: "\x01\x01\x00\x00\x00\x02\x00\x00\x00\x03\x04\x00\x00\x00", }, @@ -604,9 +604,9 @@ func TestSliceCycle(t *testing.T) { type S []S c := qt.New(t) - a := make(S, 1) // cylic graph of 1 node + a := make(S, 1) // cyclic graph of 1 node a[0] = a - b := make(S, 1) // cylic graph of 1 node + b := make(S, 1) // cyclic graph of 1 node b[0] = b ha := Hash(&a) hb := Hash(&b) @@ -642,9 +642,9 @@ func TestMapCycle(t *testing.T) { type M map[string]M c := qt.New(t) - a := make(M) // cylic graph of 1 node + a := make(M) // cyclic graph of 1 node a["self"] = a - b := make(M) // cylic graph of 1 node + b := make(M) // cyclic graph of 1 node b["self"] = b ha := Hash(&a) hb := Hash(&b) @@ -897,7 +897,7 @@ func TestArrayAllocs(t *testing.T) { // In theory, there should be no allocations. However, escape analysis on // certain architectures fails to detect that certain cases do not escape. - // This discrepency currently affects sha256.digest.Sum. + // This discrepancy currently affects sha256.digest.Sum. // Measure the number of allocations in sha256 to ensure that Hash does // not allocate on top of its usage of sha256. // See https://golang.org/issue/48055. diff --git a/util/deephash/pointer.go b/util/deephash/pointer.go index 2fc5ab54a..6d651504d 100644 --- a/util/deephash/pointer.go +++ b/util/deephash/pointer.go @@ -27,7 +27,7 @@ import ( // rely on pointer.asValue to convert the pointer back to a reflect.Value. // Conversion of an unsafe.Pointer to reflect.Value guarantees that the // read-only flag in the reflect.Value is unpopulated, avoiding panics that may -// othewise have occurred since the value was obtained from an unexported field. +// otherwise have occurred since the value was obtained from an unexported field. type unsafePointer struct{ p unsafe.Pointer } func unsafePointerOf(v reflect.Value) unsafePointer { diff --git a/util/dnsname/dnsname_test.go b/util/dnsname/dnsname_test.go index b7f5afc1f..05a511773 100644 --- a/util/dnsname/dnsname_test.go +++ b/util/dnsname/dnsname_test.go @@ -104,7 +104,7 @@ func TestSanitizeLabel(t *testing.T) { {"mixed", "Avery's iPhone 4(SE)", "averys-iphone-4se"}, {"dotted", "mon.ipn.dev", "mon-ipn-dev"}, {"email", "admin@example.com", "admin-example-com"}, - {"boudary", ".bound.ary.", "bound-ary"}, + {"boundary", ".bound.ary.", "bound-ary"}, {"bad_trailing", "a-", "a"}, {"bad_leading", "-a", "a"}, {"bad_both", "-a-", "a"}, diff --git a/util/mak/mak.go b/util/mak/mak.go index 82b4ec5ed..a041c82ed 100644 --- a/util/mak/mak.go +++ b/util/mak/mak.go @@ -52,7 +52,7 @@ func NonNil(ptr interface{}) { // NonNilSliceForJSON makes sure that *slicePtr is non-nil so it will // won't be omitted from JSON serialization and possibly confuse JavaScript -// clients expecting it to be preesnt. +// clients expecting it to be present. func NonNilSliceForJSON[T any, S ~[]T](slicePtr *S) { if *slicePtr != nil { return @@ -62,7 +62,7 @@ func NonNilSliceForJSON[T any, S ~[]T](slicePtr *S) { // NonNilMapForJSON makes sure that *slicePtr is non-nil so it will // won't be omitted from JSON serialization and possibly confuse JavaScript -// clients expecting it to be preesnt. +// clients expecting it to be present. func NonNilMapForJSON[K comparable, V any, M ~map[K]V](mapPtr *M) { if *mapPtr != nil { return diff --git a/wf/firewall.go b/wf/firewall.go index e10f8d93b..c439f89cf 100644 --- a/wf/firewall.go +++ b/wf/firewall.go @@ -88,7 +88,7 @@ type Firewall struct { permittedRoutes map[netip.Prefix][]*wf.Rule } -// New returns a new Firewall for the provdied interface ID. +// New returns a new Firewall for the provided interface ID. func New(luid uint64) (*Firewall, error) { session, err := wf.New(&wf.Options{ Name: "Tailscale firewall", diff --git a/wgengine/filter/filter.go b/wgengine/filter/filter.go index f73b2410a..f99253967 100644 --- a/wgengine/filter/filter.go +++ b/wgengine/filter/filter.go @@ -305,7 +305,7 @@ func (f *Filter) CheckTCP(srcIP, dstIP netip.Addr, dstPort uint16) Response { pkt.Decode(dummyPacket) // initialize private fields switch { case (srcIP.Is4() && dstIP.Is6()) || (srcIP.Is6() && srcIP.Is4()): - // Mistmatched address families, no filters will + // Mismatched address families, no filters will // match. return Drop case srcIP.Is4(): @@ -523,7 +523,7 @@ func (f *Filter) runOut(q *packet.Parsed) (r Response, why string) { return Accept, "ok out" } -// direction is whether a packet was flowing in to this machine, or +// direction is whether a packet was flowing into this machine, or // flowing out. type direction int diff --git a/wgengine/filter/filter_test.go b/wgengine/filter/filter_test.go index 9caf377e1..e583061e6 100644 --- a/wgengine/filter/filter_test.go +++ b/wgengine/filter/filter_test.go @@ -166,7 +166,7 @@ func TestUDPState(t *testing.T) { a4 := parsed(ipproto.UDP, "119.119.119.119", "102.102.102.102", 4242, 4343) b4 := parsed(ipproto.UDP, "102.102.102.102", "119.119.119.119", 4343, 4242) - // Unsollicited UDP traffic gets dropped + // Unsolicited UDP traffic gets dropped if got := acl.RunIn(&a4, flags); got != Drop { t.Fatalf("incoming initial packet not dropped, got=%v: %v", got, a4) } @@ -182,7 +182,7 @@ func TestUDPState(t *testing.T) { a6 := parsed(ipproto.UDP, "2001::2", "2001::1", 4242, 4343) b6 := parsed(ipproto.UDP, "2001::1", "2001::2", 4343, 4242) - // Unsollicited UDP traffic gets dropped + // Unsolicited UDP traffic gets dropped if got := acl.RunIn(&a6, flags); got != Drop { t.Fatalf("incoming initial packet not dropped: %v", a4) } diff --git a/wgengine/magicsock/magicsock.go b/wgengine/magicsock/magicsock.go index b254a3265..69bd430ed 100644 --- a/wgengine/magicsock/magicsock.go +++ b/wgengine/magicsock/magicsock.go @@ -2460,11 +2460,11 @@ func (c *Conn) maybeCloseDERPsOnRebind(okayLocalIPs []netip.Prefix) { for regionID, ad := range c.activeDerp { la, err := ad.c.LocalAddr() if err != nil { - c.closeOrReconectDERPLocked(regionID, "rebind-no-localaddr") + c.closeOrReconnectDERPLocked(regionID, "rebind-no-localaddr") continue } if !tsaddr.PrefixesContainsIP(okayLocalIPs, la.Addr()) { - c.closeOrReconectDERPLocked(regionID, "rebind-default-route-change") + c.closeOrReconnectDERPLocked(regionID, "rebind-default-route-change") continue } regionID := regionID @@ -2475,7 +2475,7 @@ func (c *Conn) maybeCloseDERPsOnRebind(okayLocalIPs []netip.Prefix) { if err := dc.Ping(ctx); err != nil { c.mu.Lock() defer c.mu.Unlock() - c.closeOrReconectDERPLocked(regionID, "rebind-ping-fail") + c.closeOrReconnectDERPLocked(regionID, "rebind-ping-fail") return } c.logf("post-rebind ping of DERP region %d okay", regionID) @@ -2484,14 +2484,14 @@ func (c *Conn) maybeCloseDERPsOnRebind(okayLocalIPs []netip.Prefix) { c.logActiveDerpLocked() } -// closeOrReconectDERPLocked closes the DERP connection to the +// closeOrReconnectDERPLocked closes the DERP connection to the // provided regionID and starts reconnecting it if it's our current // home DERP. // // why is a reason for logging. // // c.mu must be held. -func (c *Conn) closeOrReconectDERPLocked(regionID int, why string) { +func (c *Conn) closeOrReconnectDERPLocked(regionID int, why string) { c.closeDerpLocked(regionID, why) if !c.privateKey.IsZero() && c.myDerp == regionID { c.startDerpHomeConnectLocked() @@ -2788,7 +2788,7 @@ func (c *Conn) ReSTUN(why string) { // reconfigures the engine with a zero private key.) // // This used to just check c.privateKey.IsZero, but that broke - // some end-to-end tests tests that didn't ever set a private + // some end-to-end tests that didn't ever set a private // key somehow. So for now, only stop doing work if we ever // had a key, which helps real users, but appeases tests for // now. TODO: rewrite those tests to be less brittle or more @@ -4022,7 +4022,7 @@ func (de *endpoint) handleCallMeMaybe(m *disco.CallMeMaybe) { })) } - // Delete any prior CalllMeMaybe endpoints that weren't included + // Delete any prior CallMeMaybe endpoints that weren't included // in this message. for ep, want := range de.isCallMeMaybeEP { if !want { @@ -4119,17 +4119,17 @@ type ippEndpointCache struct { type discoInfo struct { // discoKey is the same as the Conn.discoInfo map key, // just so you can pass around a *discoInfo alone. - // Not modifed once initiazed. + // Not modified once initialized. discoKey key.DiscoPublic // discoShort is discoKey.ShortString(). - // Not modifed once initiazed; + // Not modified once initialized; discoShort string // sharedKey is the precomputed key for communication with the // peer that has the DiscoKey used to look up this *discoInfo in // Conn.discoInfo. - // Not modifed once initialized. + // Not modified once initialized. sharedKey key.DiscoShared // Mutable fields follow, owned by Conn.mu: diff --git a/wgengine/router/ifconfig_windows.go b/wgengine/router/ifconfig_windows.go index 887b8b13b..6b126edf0 100644 --- a/wgengine/router/ifconfig_windows.go +++ b/wgengine/router/ifconfig_windows.go @@ -570,7 +570,7 @@ func unicastIPNets(ifc *winipcfg.IPAdapterAddresses) []netip.Prefix { // // Any IPv6 link-local addresses are not deleted out of caution as some // configurations may repeatedly re-add them. Link-local addresses are adjusted -// to set SkipAsSource. SkipAsSource prevents the addresses from being addded to +// to set SkipAsSource. SkipAsSource prevents the addresses from being added to // DNS locally or remotely and from being picked as a source address for // outgoing packets with unspecified sources. See #4647 and // https://web.archive.org/web/20200912120956/https://devblogs.microsoft.com/scripting/use-powershell-to-change-ip-behavior-with-skipassource/ diff --git a/wgengine/router/router_linux.go b/wgengine/router/router_linux.go index 7fddf875d..fed1fceec 100644 --- a/wgengine/router/router_linux.go +++ b/wgengine/router/router_linux.go @@ -214,7 +214,7 @@ func newUserspaceRouterAdvanced(logf logger.Logf, tunname string, linkMon *monit // // As such, if we are running on openWRT, detect a mwan3 config, AND detect a rule // with a preference 2001 (corresponding to the first interface wman3 manages), we - // shift the priority of our policies to 13xx. This effectively puts us betwen mwan3's + // shift the priority of our policies to 13xx. This effectively puts us between mwan3's // permit-by-src-ip rules and mwan3 lookup of its own routing table which would drop // the packet. isMWAN3, err := checkOpenWRTUsingMWAN3() diff --git a/wgengine/router/router_userspace_bsd.go b/wgengine/router/router_userspace_bsd.go index 205cd0ee2..a5cb39500 100644 --- a/wgengine/router/router_userspace_bsd.go +++ b/wgengine/router/router_userspace_bsd.go @@ -148,7 +148,7 @@ func (r *userspaceBSDRouter) Set(cfg *Config) (reterr error) { } newRoutes[route] = struct{}{} } - // Delete any pre-existing routes. + // Delete any preexisting routes. for route := range r.routes { if _, keep := newRoutes[route]; !keep { net := netipx.PrefixIPNet(route) diff --git a/wgengine/router/router_windows.go b/wgengine/router/router_windows.go index 59388ff02..ba024b1ff 100644 --- a/wgengine/router/router_windows.go +++ b/wgengine/router/router_windows.go @@ -120,7 +120,7 @@ func cleanup(logf logger.Logf, interfaceName string) { // but it can be REALLY SLOW to change the Windows firewall for reasons not understood. // Like 4 minutes slow. But usually it's tens of milliseconds. // See https://github.com/tailscale/tailscale/issues/785. -// So this tracks the desired state and runs the actual adjusting code asynchrounsly. +// So this tracks the desired state and runs the actual adjusting code asynchronously. type firewallTweaker struct { logf logger.Logf tunGUID windows.GUID diff --git a/wgengine/userspace.go b/wgengine/userspace.go index a726cdd19..ece0a200d 100644 --- a/wgengine/userspace.go +++ b/wgengine/userspace.go @@ -549,7 +549,7 @@ var debugTrimWireguard = envknob.RegisterOptBool("TS_DEBUG_TRIM_WIREGUARD") // stable!) but I'm worried that a future regression would be easier to debug // with these knobs in place. func forceFullWireguardConfig(numPeers int) bool { - // Did the user explicitly enable trimmming via the environment variable knob? + // Did the user explicitly enable trimming via the environment variable knob? if b, ok := debugTrimWireguard().Get(); ok { return !b } @@ -562,7 +562,7 @@ func forceFullWireguardConfig(numPeers int) bool { // isTrimmablePeer reports whether p is a peer that we can trim out of the // network map. // -// For implementation simplificy, we can only trim peers that have +// For implementation simplicity, we can only trim peers that have // only non-subnet AllowedIPs (an IPv4 /32 or IPv6 /128), which is the // common case for most peers. Subnet router nodes will just always be // created in the wireguard-go config. @@ -664,8 +664,8 @@ func (e *userspaceEngine) maybeReconfigWireguardLocked(discoChanged map[key.Node activeCutoff := e.timeNow().Add(-lazyPeerIdleThreshold) // Not all peers can be trimmed from the network map (see - // isTrimmablePeer). For those are are trimmable, keep track of - // their NodeKey and Tailscale IPs. These are the ones we'll need + // isTrimmablePeer). For those that are trimmable, keep track of + // their NodeKey and Tailscale IPs. These are the ones we'll need // to install tracking hooks for to watch their send/receive // activity. trackNodes := make([]key.NodePublic, 0, len(full.Peers))