2023-01-27 21:37:20 +00:00
|
|
|
// Copyright (c) Tailscale Inc & AUTHORS
|
|
|
|
// SPDX-License-Identifier: BSD-3-Clause
|
2021-03-25 22:38:40 +00:00
|
|
|
|
|
|
|
package ipnlocal
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
2021-11-23 05:45:34 +00:00
|
|
|
"encoding/base64"
|
2021-11-03 18:17:56 +00:00
|
|
|
"encoding/json"
|
2021-03-25 22:38:40 +00:00
|
|
|
"errors"
|
|
|
|
"fmt"
|
|
|
|
"hash/crc32"
|
|
|
|
"html"
|
|
|
|
"io"
|
|
|
|
"net"
|
|
|
|
"net/http"
|
2022-07-26 04:55:44 +01:00
|
|
|
"net/netip"
|
2023-10-12 17:28:46 +01:00
|
|
|
"net/url"
|
2021-03-29 18:42:33 +01:00
|
|
|
"os"
|
2024-03-26 20:14:43 +00:00
|
|
|
"path/filepath"
|
2021-03-26 20:44:55 +00:00
|
|
|
"runtime"
|
2023-08-17 06:09:53 +01:00
|
|
|
"slices"
|
2021-04-26 17:48:34 +01:00
|
|
|
"sort"
|
2021-03-25 22:38:40 +00:00
|
|
|
"strconv"
|
2021-03-29 18:42:33 +01:00
|
|
|
"strings"
|
2021-04-08 22:54:25 +01:00
|
|
|
"sync"
|
|
|
|
"time"
|
2021-03-25 22:38:40 +00:00
|
|
|
|
2022-04-26 20:29:41 +01:00
|
|
|
"github.com/kortschak/wol"
|
2021-11-23 17:58:34 +00:00
|
|
|
"golang.org/x/net/dns/dnsmessage"
|
2022-11-19 23:29:15 +00:00
|
|
|
"golang.org/x/net/http/httpguts"
|
2022-11-07 15:46:42 +00:00
|
|
|
"tailscale.com/envknob"
|
2021-12-21 21:52:50 +00:00
|
|
|
"tailscale.com/health"
|
2021-11-03 18:17:56 +00:00
|
|
|
"tailscale.com/hostinfo"
|
2021-03-30 19:19:42 +01:00
|
|
|
"tailscale.com/ipn"
|
2021-03-26 04:41:37 +00:00
|
|
|
"tailscale.com/net/interfaces"
|
2022-07-25 04:08:42 +01:00
|
|
|
"tailscale.com/net/netaddr"
|
2022-02-13 22:45:50 +00:00
|
|
|
"tailscale.com/net/netutil"
|
2023-02-03 20:07:58 +00:00
|
|
|
"tailscale.com/net/sockstats"
|
2021-03-25 22:38:40 +00:00
|
|
|
"tailscale.com/tailcfg"
|
2023-10-06 00:05:45 +01:00
|
|
|
"tailscale.com/taildrop"
|
2024-02-02 18:45:32 +00:00
|
|
|
"tailscale.com/tailfs"
|
2023-08-21 18:53:57 +01:00
|
|
|
"tailscale.com/types/views"
|
2021-11-18 15:54:24 +00:00
|
|
|
"tailscale.com/util/clientmetric"
|
2023-10-16 18:36:31 +01:00
|
|
|
"tailscale.com/util/httphdr"
|
2024-03-26 20:14:43 +00:00
|
|
|
"tailscale.com/util/httpm"
|
2021-11-25 17:43:39 +00:00
|
|
|
"tailscale.com/wgengine/filter"
|
2021-03-25 22:38:40 +00:00
|
|
|
)
|
|
|
|
|
2024-02-02 18:45:32 +00:00
|
|
|
const (
|
2024-02-09 17:26:43 +00:00
|
|
|
tailFSPrefix = "/v0/tailfs"
|
2024-02-02 18:45:32 +00:00
|
|
|
)
|
|
|
|
|
all: convert more code to use net/netip directly
perl -i -npe 's,netaddr.IPPrefixFrom,netip.PrefixFrom,' $(git grep -l -F netaddr.)
perl -i -npe 's,netaddr.IPPortFrom,netip.AddrPortFrom,' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPPrefix,netip.Prefix,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPPort,netip.AddrPort,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IP\b,netip.Addr,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPv6Raw\b,netip.AddrFrom16,g' $(git grep -l -F netaddr. )
goimports -w .
Then delete some stuff from the net/netaddr shim package which is no
longer neeed.
Updates #5162
Change-Id: Ia7a86893fe21c7e3ee1ec823e8aba288d4566cd8
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-07-26 05:14:09 +01:00
|
|
|
var initListenConfig func(*net.ListenConfig, netip.Addr, *interfaces.State, string) error
|
2021-03-26 20:44:55 +00:00
|
|
|
|
2021-12-06 22:58:29 +00:00
|
|
|
// addH2C is non-nil on platforms where we want to add H2C
|
|
|
|
// ("cleartext" HTTP/2) support to the peerAPI.
|
|
|
|
var addH2C func(*http.Server)
|
|
|
|
|
2023-10-27 22:20:10 +01:00
|
|
|
// peerDNSQueryHandler is implemented by tsdns.Resolver.
|
|
|
|
type peerDNSQueryHandler interface {
|
|
|
|
HandlePeerDNSQuery(context.Context, []byte, netip.AddrPort, func(name string) bool) (res []byte, err error)
|
|
|
|
}
|
|
|
|
|
2021-03-29 18:42:33 +01:00
|
|
|
type peerAPIServer struct {
|
2023-10-06 00:05:45 +01:00
|
|
|
b *LocalBackend
|
2023-10-27 22:20:10 +01:00
|
|
|
resolver peerDNSQueryHandler
|
2021-04-20 05:57:08 +01:00
|
|
|
|
2023-10-12 17:28:46 +01:00
|
|
|
taildrop *taildrop.Manager
|
2021-03-30 20:56:00 +01:00
|
|
|
}
|
|
|
|
|
all: convert more code to use net/netip directly
perl -i -npe 's,netaddr.IPPrefixFrom,netip.PrefixFrom,' $(git grep -l -F netaddr.)
perl -i -npe 's,netaddr.IPPortFrom,netip.AddrPortFrom,' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPPrefix,netip.Prefix,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPPort,netip.AddrPort,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IP\b,netip.Addr,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPv6Raw\b,netip.AddrFrom16,g' $(git grep -l -F netaddr. )
goimports -w .
Then delete some stuff from the net/netaddr shim package which is no
longer neeed.
Updates #5162
Change-Id: Ia7a86893fe21c7e3ee1ec823e8aba288d4566cd8
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-07-26 05:14:09 +01:00
|
|
|
func (s *peerAPIServer) listen(ip netip.Addr, ifState *interfaces.State) (ln net.Listener, err error) {
|
2022-04-20 19:57:34 +01:00
|
|
|
// Android for whatever reason often has problems creating the peerapi listener.
|
|
|
|
// But since we started intercepting it with netstack, it's not even important that
|
|
|
|
// we have a real kernel-level listener. So just create a dummy listener on Android
|
|
|
|
// and let netstack intercept it.
|
|
|
|
if runtime.GOOS == "android" {
|
|
|
|
return newFakePeerAPIListener(ip), nil
|
|
|
|
}
|
|
|
|
|
2021-03-26 20:44:55 +00:00
|
|
|
ipStr := ip.String()
|
2021-03-25 22:38:40 +00:00
|
|
|
|
|
|
|
var lc net.ListenConfig
|
|
|
|
if initListenConfig != nil {
|
|
|
|
// On iOS/macOS, this sets the lc.Control hook to
|
|
|
|
// setsockopt the interface index to bind to, to get
|
|
|
|
// out of the network sandbox.
|
2021-12-01 17:18:17 +00:00
|
|
|
if err := initListenConfig(&lc, ip, ifState, s.b.dialer.TUNName()); err != nil {
|
2021-03-25 22:38:40 +00:00
|
|
|
return nil, err
|
|
|
|
}
|
2021-03-26 20:44:55 +00:00
|
|
|
if runtime.GOOS == "darwin" || runtime.GOOS == "ios" {
|
|
|
|
ipStr = ""
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-05-03 21:57:17 +01:00
|
|
|
if s.b.sys.IsNetstack() {
|
2021-03-30 17:54:52 +01:00
|
|
|
ipStr = ""
|
|
|
|
}
|
|
|
|
|
2021-03-26 20:44:55 +00:00
|
|
|
tcp4or6 := "tcp4"
|
|
|
|
if ip.Is6() {
|
|
|
|
tcp4or6 = "tcp6"
|
2021-03-25 22:38:40 +00:00
|
|
|
}
|
2021-03-26 20:44:55 +00:00
|
|
|
|
2021-03-25 22:38:40 +00:00
|
|
|
// Make a best effort to pick a deterministic port number for
|
2022-02-22 21:29:17 +00:00
|
|
|
// the ip. The lower three bytes are the same for IPv4 and IPv6
|
2021-03-25 22:38:40 +00:00
|
|
|
// Tailscale addresses (at least currently), so we'll usually
|
|
|
|
// get the same port number on both address families for
|
|
|
|
// dev/debugging purposes, which is nice. But it's not so
|
|
|
|
// deterministic that people will bake this into clients.
|
|
|
|
// We try a few times just in case something's already
|
|
|
|
// listening on that port (on all interfaces, probably).
|
|
|
|
for try := uint8(0); try < 5; try++ {
|
|
|
|
a16 := ip.As16()
|
|
|
|
hashData := a16[len(a16)-3:]
|
|
|
|
hashData[0] += try
|
|
|
|
tryPort := (32 << 10) | uint16(crc32.ChecksumIEEE(hashData))
|
2021-03-26 20:44:55 +00:00
|
|
|
ln, err = lc.Listen(context.Background(), tcp4or6, net.JoinHostPort(ipStr, strconv.Itoa(int(tryPort))))
|
2021-03-25 22:38:40 +00:00
|
|
|
if err == nil {
|
|
|
|
return ln, nil
|
|
|
|
}
|
|
|
|
}
|
2022-04-20 21:22:42 +01:00
|
|
|
// Fall back to some random ephemeral port.
|
|
|
|
ln, err = lc.Listen(context.Background(), tcp4or6, net.JoinHostPort(ipStr, "0"))
|
|
|
|
|
|
|
|
// And if we're on a platform with netstack (anything but iOS), then just fallback to netstack.
|
|
|
|
if err != nil && runtime.GOOS != "ios" {
|
|
|
|
s.b.logf("peerapi: failed to do peerAPI listen, harmless (netstack available) but error was: %v", err)
|
|
|
|
return newFakePeerAPIListener(ip), nil
|
|
|
|
}
|
|
|
|
return ln, err
|
2021-03-25 22:38:40 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
type peerAPIListener struct {
|
2021-04-02 06:04:46 +01:00
|
|
|
ps *peerAPIServer
|
all: convert more code to use net/netip directly
perl -i -npe 's,netaddr.IPPrefixFrom,netip.PrefixFrom,' $(git grep -l -F netaddr.)
perl -i -npe 's,netaddr.IPPortFrom,netip.AddrPortFrom,' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPPrefix,netip.Prefix,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPPort,netip.AddrPort,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IP\b,netip.Addr,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPv6Raw\b,netip.AddrFrom16,g' $(git grep -l -F netaddr. )
goimports -w .
Then delete some stuff from the net/netaddr shim package which is no
longer neeed.
Updates #5162
Change-Id: Ia7a86893fe21c7e3ee1ec823e8aba288d4566cd8
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-07-26 05:14:09 +01:00
|
|
|
ip netip.Addr
|
2021-04-02 06:04:46 +01:00
|
|
|
lb *LocalBackend
|
|
|
|
|
|
|
|
// ln is the Listener. It can be nil in netstack mode if there are more than
|
|
|
|
// 1 local addresses (e.g. both an IPv4 and IPv6). When it's nil, port
|
|
|
|
// and urlStr are still populated.
|
|
|
|
ln net.Listener
|
|
|
|
|
2022-11-16 17:38:38 +00:00
|
|
|
// urlStr is the base URL to access the PeerAPI (http://ip:port/).
|
2021-03-29 18:42:33 +01:00
|
|
|
urlStr string
|
2021-04-02 06:04:46 +01:00
|
|
|
// port is just the port of urlStr.
|
|
|
|
port int
|
2021-03-26 20:44:55 +00:00
|
|
|
}
|
|
|
|
|
2021-03-30 17:54:52 +01:00
|
|
|
func (pln *peerAPIListener) Close() error {
|
|
|
|
if pln.ln != nil {
|
|
|
|
return pln.ln.Close()
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2021-03-25 22:38:40 +00:00
|
|
|
func (pln *peerAPIListener) serve() {
|
2021-03-30 17:54:52 +01:00
|
|
|
if pln.ln == nil {
|
|
|
|
return
|
|
|
|
}
|
2021-03-25 22:38:40 +00:00
|
|
|
defer pln.ln.Close()
|
|
|
|
logf := pln.lb.logf
|
|
|
|
for {
|
|
|
|
c, err := pln.ln.Accept()
|
|
|
|
if errors.Is(err, net.ErrClosed) {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
if err != nil {
|
|
|
|
logf("peerapi.Accept: %v", err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
ta, ok := c.RemoteAddr().(*net.TCPAddr)
|
|
|
|
if !ok {
|
|
|
|
c.Close()
|
|
|
|
logf("peerapi: unexpected RemoteAddr %#v", c.RemoteAddr())
|
|
|
|
continue
|
|
|
|
}
|
2022-08-03 05:48:56 +01:00
|
|
|
ipp := netaddr.Unmap(ta.AddrPort())
|
|
|
|
if !ipp.IsValid() {
|
2021-03-25 22:38:40 +00:00
|
|
|
logf("peerapi: bogus TCPAddr %#v", ta)
|
|
|
|
c.Close()
|
|
|
|
continue
|
|
|
|
}
|
2022-01-31 17:20:22 +00:00
|
|
|
pln.ServeConn(ipp, c)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
all: convert more code to use net/netip directly
perl -i -npe 's,netaddr.IPPrefixFrom,netip.PrefixFrom,' $(git grep -l -F netaddr.)
perl -i -npe 's,netaddr.IPPortFrom,netip.AddrPortFrom,' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPPrefix,netip.Prefix,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPPort,netip.AddrPort,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IP\b,netip.Addr,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPv6Raw\b,netip.AddrFrom16,g' $(git grep -l -F netaddr. )
goimports -w .
Then delete some stuff from the net/netaddr shim package which is no
longer neeed.
Updates #5162
Change-Id: Ia7a86893fe21c7e3ee1ec823e8aba288d4566cd8
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-07-26 05:14:09 +01:00
|
|
|
func (pln *peerAPIListener) ServeConn(src netip.AddrPort, c net.Conn) {
|
2022-01-31 17:20:22 +00:00
|
|
|
logf := pln.lb.logf
|
|
|
|
peerNode, peerUser, ok := pln.lb.WhoIs(src)
|
|
|
|
if !ok {
|
|
|
|
logf("peerapi: unknown peer %v", src)
|
|
|
|
c.Close()
|
|
|
|
return
|
|
|
|
}
|
2022-11-16 19:07:21 +00:00
|
|
|
nm := pln.lb.NetMap()
|
2023-08-21 18:53:57 +01:00
|
|
|
if nm == nil || !nm.SelfNode.Valid() {
|
2022-11-16 19:07:21 +00:00
|
|
|
logf("peerapi: no netmap")
|
|
|
|
c.Close()
|
|
|
|
return
|
|
|
|
}
|
2022-01-31 17:20:22 +00:00
|
|
|
h := &peerAPIHandler{
|
|
|
|
ps: pln.ps,
|
2023-08-21 18:53:57 +01:00
|
|
|
isSelf: nm.SelfNode.User() == peerNode.User(),
|
2022-01-31 17:20:22 +00:00
|
|
|
remoteAddr: src,
|
2022-11-16 19:07:21 +00:00
|
|
|
selfNode: nm.SelfNode,
|
2022-01-31 17:20:22 +00:00
|
|
|
peerNode: peerNode,
|
|
|
|
peerUser: peerUser,
|
|
|
|
}
|
|
|
|
httpServer := &http.Server{
|
|
|
|
Handler: h,
|
|
|
|
}
|
|
|
|
if addH2C != nil {
|
|
|
|
addH2C(httpServer)
|
2021-03-25 22:38:40 +00:00
|
|
|
}
|
2022-12-01 00:21:56 +00:00
|
|
|
go httpServer.Serve(netutil.NewOneConnListener(c, nil))
|
2021-03-25 22:38:40 +00:00
|
|
|
}
|
|
|
|
|
2022-11-16 17:38:38 +00:00
|
|
|
// peerAPIHandler serves the PeerAPI for a source specific client.
|
2021-03-27 04:24:02 +00:00
|
|
|
type peerAPIHandler struct {
|
2021-03-29 18:42:33 +01:00
|
|
|
ps *peerAPIServer
|
all: convert more code to use net/netip directly
perl -i -npe 's,netaddr.IPPrefixFrom,netip.PrefixFrom,' $(git grep -l -F netaddr.)
perl -i -npe 's,netaddr.IPPortFrom,netip.AddrPortFrom,' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPPrefix,netip.Prefix,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPPort,netip.AddrPort,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IP\b,netip.Addr,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPv6Raw\b,netip.AddrFrom16,g' $(git grep -l -F netaddr. )
goimports -w .
Then delete some stuff from the net/netaddr shim package which is no
longer neeed.
Updates #5162
Change-Id: Ia7a86893fe21c7e3ee1ec823e8aba288d4566cd8
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-07-26 05:14:09 +01:00
|
|
|
remoteAddr netip.AddrPort
|
2021-03-27 04:24:02 +00:00
|
|
|
isSelf bool // whether peerNode is owned by same user as this node
|
2023-08-21 18:53:57 +01:00
|
|
|
selfNode tailcfg.NodeView // this node; always non-nil
|
2023-08-18 15:57:44 +01:00
|
|
|
peerNode tailcfg.NodeView // peerNode is who's making the request
|
2021-03-27 04:24:02 +00:00
|
|
|
peerUser tailcfg.UserProfile // profile of peerNode
|
2021-03-25 22:38:40 +00:00
|
|
|
}
|
|
|
|
|
2022-03-16 23:27:57 +00:00
|
|
|
func (h *peerAPIHandler) logf(format string, a ...any) {
|
2021-03-29 18:42:33 +01:00
|
|
|
h.ps.b.logf("peerapi: "+format, a...)
|
|
|
|
}
|
|
|
|
|
2023-04-19 23:23:26 +01:00
|
|
|
// isAddressValid reports whether addr is a valid destination address for this
|
|
|
|
// node originating from the peer.
|
|
|
|
func (h *peerAPIHandler) isAddressValid(addr netip.Addr) bool {
|
2023-08-18 15:57:44 +01:00
|
|
|
if v := h.peerNode.SelfNodeV4MasqAddrForThisPeer(); v != nil {
|
2023-09-19 01:03:53 +01:00
|
|
|
return *v == addr
|
|
|
|
}
|
|
|
|
if v := h.peerNode.SelfNodeV6MasqAddrForThisPeer(); v != nil {
|
2023-08-18 15:57:44 +01:00
|
|
|
return *v == addr
|
2023-04-19 23:23:26 +01:00
|
|
|
}
|
|
|
|
pfx := netip.PrefixFrom(addr, addr.BitLen())
|
2023-08-21 18:53:57 +01:00
|
|
|
return views.SliceContains(h.selfNode.Addresses(), pfx)
|
2023-04-19 23:23:26 +01:00
|
|
|
}
|
|
|
|
|
2022-11-16 16:53:51 +00:00
|
|
|
func (h *peerAPIHandler) validateHost(r *http.Request) error {
|
|
|
|
if r.Host == "peer" {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
ap, err := netip.ParseAddrPort(r.Host)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2023-04-19 23:23:26 +01:00
|
|
|
if !h.isAddressValid(ap.Addr()) {
|
|
|
|
return fmt.Errorf("%v not found in self addresses", ap.Addr())
|
2022-11-16 16:53:51 +00:00
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (h *peerAPIHandler) validatePeerAPIRequest(r *http.Request) error {
|
|
|
|
if r.Referer() != "" {
|
|
|
|
return errors.New("unexpected Referer")
|
|
|
|
}
|
|
|
|
if r.Header.Get("Origin") != "" {
|
|
|
|
return errors.New("unexpected Origin")
|
|
|
|
}
|
|
|
|
return h.validateHost(r)
|
|
|
|
}
|
|
|
|
|
2022-11-19 23:29:15 +00:00
|
|
|
// peerAPIRequestShouldGetSecurityHeaders reports whether the PeerAPI request r
|
|
|
|
// should get security response headers. It aims to report true for any request
|
|
|
|
// from a browser and false for requests from tailscaled (Go) clients.
|
|
|
|
//
|
|
|
|
// PeerAPI is primarily an RPC mechanism between Tailscale instances. Some of
|
|
|
|
// the HTTP handlers are useful for debugging with curl or browsers, but in
|
|
|
|
// general the client is always tailscaled itself. Because PeerAPI only uses
|
|
|
|
// HTTP/1 without HTTP/2 and its HPACK helping with repetitive headers, we try
|
|
|
|
// to minimize header bytes sent in the common case when the client isn't a
|
|
|
|
// browser. Minimizing bytes is important in particular with the ExitDNS service
|
|
|
|
// provided by exit nodes, processing DNS clients from queries. We don't want to
|
|
|
|
// waste bytes with security headers to non-browser clients. But if there's any
|
|
|
|
// hint that the request is from a browser, then we do.
|
|
|
|
func peerAPIRequestShouldGetSecurityHeaders(r *http.Request) bool {
|
|
|
|
// Accept-Encoding is a forbidden header
|
|
|
|
// (https://developer.mozilla.org/en-US/docs/Glossary/Forbidden_header_name)
|
|
|
|
// that Chrome, Firefox, Safari, etc send, but Go does not. So if we see it,
|
|
|
|
// it's probably a browser and not a Tailscale PeerAPI (Go) client.
|
|
|
|
if httpguts.HeaderValuesContainsToken(r.Header["Accept-Encoding"], "deflate") {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
// Clients can mess with their User-Agent, but if they say Mozilla or have a bunch
|
|
|
|
// of components (spaces) they're likely a browser.
|
|
|
|
if ua := r.Header.Get("User-Agent"); strings.HasPrefix(ua, "Mozilla/") || strings.Count(ua, " ") > 2 {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
// Tailscale/PeerAPI/Go clients don't have an Accept-Language.
|
|
|
|
if r.Header.Get("Accept-Language") != "" {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
2021-03-27 04:24:02 +00:00
|
|
|
func (h *peerAPIHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
2022-11-16 16:53:51 +00:00
|
|
|
if err := h.validatePeerAPIRequest(r); err != nil {
|
2022-12-09 22:21:53 +00:00
|
|
|
metricInvalidRequests.Add(1)
|
2022-11-16 16:53:51 +00:00
|
|
|
h.logf("invalid request from %v: %v", h.remoteAddr, err)
|
|
|
|
http.Error(w, "invalid peerapi request", http.StatusForbidden)
|
|
|
|
return
|
|
|
|
}
|
2022-11-19 23:29:15 +00:00
|
|
|
if peerAPIRequestShouldGetSecurityHeaders(r) {
|
2023-02-23 19:48:03 +00:00
|
|
|
w.Header().Set("Content-Security-Policy", `default-src 'none'; frame-ancestors 'none'; script-src 'none'; script-src-elem 'none'; script-src-attr 'none'; style-src 'unsafe-inline'`)
|
2022-11-19 23:29:15 +00:00
|
|
|
w.Header().Set("X-Frame-Options", "DENY")
|
|
|
|
w.Header().Set("X-Content-Type-Options", "nosniff")
|
|
|
|
}
|
2021-03-29 18:42:33 +01:00
|
|
|
if strings.HasPrefix(r.URL.Path, "/v0/put/") {
|
2023-10-16 20:35:11 +01:00
|
|
|
if r.Method == "PUT" {
|
|
|
|
metricPutCalls.Add(1)
|
|
|
|
}
|
2021-04-20 04:21:48 +01:00
|
|
|
h.handlePeerPut(w, r)
|
2021-03-29 18:42:33 +01:00
|
|
|
return
|
|
|
|
}
|
2021-11-23 05:45:34 +00:00
|
|
|
if strings.HasPrefix(r.URL.Path, "/dns-query") {
|
2022-12-09 22:21:53 +00:00
|
|
|
metricDNSCalls.Add(1)
|
2021-11-23 05:45:34 +00:00
|
|
|
h.handleDNSQuery(w, r)
|
|
|
|
return
|
|
|
|
}
|
2024-02-09 17:26:43 +00:00
|
|
|
if strings.HasPrefix(r.URL.Path, tailFSPrefix) {
|
|
|
|
h.handleServeTailFS(w, r)
|
2024-02-02 18:45:32 +00:00
|
|
|
return
|
|
|
|
}
|
2021-11-18 15:54:24 +00:00
|
|
|
switch r.URL.Path {
|
|
|
|
case "/v0/goroutines":
|
2021-04-22 21:01:42 +01:00
|
|
|
h.handleServeGoroutines(w, r)
|
|
|
|
return
|
2021-11-18 15:54:24 +00:00
|
|
|
case "/v0/env":
|
2021-11-03 18:17:56 +00:00
|
|
|
h.handleServeEnv(w, r)
|
|
|
|
return
|
2021-11-18 15:54:24 +00:00
|
|
|
case "/v0/metrics":
|
|
|
|
h.handleServeMetrics(w, r)
|
|
|
|
return
|
2021-12-21 18:26:13 +00:00
|
|
|
case "/v0/magicsock":
|
|
|
|
h.handleServeMagicsock(w, r)
|
|
|
|
return
|
2021-12-21 21:52:50 +00:00
|
|
|
case "/v0/dnsfwd":
|
|
|
|
h.handleServeDNSFwd(w, r)
|
|
|
|
return
|
2022-04-26 20:29:41 +01:00
|
|
|
case "/v0/wol":
|
2022-12-09 22:21:53 +00:00
|
|
|
metricWakeOnLANCalls.Add(1)
|
2022-04-26 20:29:41 +01:00
|
|
|
h.handleWakeOnLAN(w, r)
|
|
|
|
return
|
2022-04-26 23:25:48 +01:00
|
|
|
case "/v0/interfaces":
|
|
|
|
h.handleServeInterfaces(w, r)
|
|
|
|
return
|
2023-02-09 22:58:20 +00:00
|
|
|
case "/v0/doctor":
|
|
|
|
h.handleServeDoctor(w, r)
|
2024-02-16 17:17:34 +00:00
|
|
|
return
|
2023-02-03 20:07:58 +00:00
|
|
|
case "/v0/sockstats":
|
|
|
|
h.handleServeSockStats(w, r)
|
2023-02-09 22:58:20 +00:00
|
|
|
return
|
2022-11-07 15:46:42 +00:00
|
|
|
case "/v0/ingress":
|
2022-12-09 22:21:53 +00:00
|
|
|
metricIngressCalls.Add(1)
|
2022-11-07 15:46:42 +00:00
|
|
|
h.handleServeIngress(w, r)
|
|
|
|
return
|
2021-11-03 18:17:56 +00:00
|
|
|
}
|
2021-03-27 04:24:02 +00:00
|
|
|
who := h.peerUser.DisplayName
|
2021-03-25 22:38:40 +00:00
|
|
|
fmt.Fprintf(w, `<html>
|
|
|
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
|
|
|
<body>
|
|
|
|
<h1>Hello, %s (%v)</h1>
|
|
|
|
This is my Tailscale device. Your device is %v.
|
2023-08-18 15:57:44 +01:00
|
|
|
`, html.EscapeString(who), h.remoteAddr.Addr(), html.EscapeString(h.peerNode.ComputedName()))
|
2021-03-25 22:38:40 +00:00
|
|
|
|
2021-03-27 04:24:02 +00:00
|
|
|
if h.isSelf {
|
|
|
|
fmt.Fprintf(w, "<p>You are the owner of this node.\n")
|
|
|
|
}
|
2021-03-25 22:38:40 +00:00
|
|
|
}
|
2021-03-29 18:42:33 +01:00
|
|
|
|
2022-11-07 15:46:42 +00:00
|
|
|
func (h *peerAPIHandler) handleServeIngress(w http.ResponseWriter, r *http.Request) {
|
|
|
|
// http.Errors only useful if hitting endpoint manually
|
|
|
|
// otherwise rely on log lines when debugging ingress connections
|
|
|
|
// as connection is hijacked for bidi and is encrypted tls
|
|
|
|
if !h.canIngress() {
|
|
|
|
h.logf("ingress: denied; no ingress cap from %v", h.remoteAddr)
|
|
|
|
http.Error(w, "denied; no ingress cap", http.StatusForbidden)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
logAndError := func(code int, publicMsg string) {
|
|
|
|
h.logf("ingress: bad request from %v: %s", h.remoteAddr, publicMsg)
|
|
|
|
http.Error(w, publicMsg, http.StatusMethodNotAllowed)
|
|
|
|
}
|
|
|
|
bad := func(publicMsg string) {
|
|
|
|
logAndError(http.StatusBadRequest, publicMsg)
|
|
|
|
}
|
|
|
|
if r.Method != "POST" {
|
|
|
|
logAndError(http.StatusMethodNotAllowed, "only POST allowed")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
srcAddrStr := r.Header.Get("Tailscale-Ingress-Src")
|
|
|
|
if srcAddrStr == "" {
|
|
|
|
bad("Tailscale-Ingress-Src header not set")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
srcAddr, err := netip.ParseAddrPort(srcAddrStr)
|
|
|
|
if err != nil {
|
|
|
|
bad("Tailscale-Ingress-Src header invalid; want ip:port")
|
|
|
|
return
|
|
|
|
}
|
2023-03-08 20:36:41 +00:00
|
|
|
target := ipn.HostPort(r.Header.Get("Tailscale-Ingress-Target"))
|
2022-11-07 15:46:42 +00:00
|
|
|
if target == "" {
|
2022-11-13 20:36:33 +00:00
|
|
|
bad("Tailscale-Ingress-Target header not set")
|
2022-11-07 15:46:42 +00:00
|
|
|
return
|
|
|
|
}
|
2023-03-08 20:36:41 +00:00
|
|
|
if _, _, err := net.SplitHostPort(string(target)); err != nil {
|
2022-11-13 20:36:33 +00:00
|
|
|
bad("Tailscale-Ingress-Target header invalid; want host:port")
|
2022-11-07 15:46:42 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2023-06-09 00:57:40 +01:00
|
|
|
getConnOrReset := func() (net.Conn, bool) {
|
2022-11-07 15:46:42 +00:00
|
|
|
conn, _, err := w.(http.Hijacker).Hijack()
|
|
|
|
if err != nil {
|
|
|
|
h.logf("ingress: failed hijacking conn")
|
|
|
|
http.Error(w, "failed hijacking conn", http.StatusInternalServerError)
|
|
|
|
return nil, false
|
|
|
|
}
|
|
|
|
io.WriteString(conn, "HTTP/1.1 101 Switching Protocols\r\n\r\n")
|
2023-03-08 20:36:41 +00:00
|
|
|
return &ipn.FunnelConn{
|
|
|
|
Conn: conn,
|
|
|
|
Src: srcAddr,
|
|
|
|
Target: target,
|
|
|
|
}, true
|
2022-11-07 15:46:42 +00:00
|
|
|
}
|
|
|
|
sendRST := func() {
|
|
|
|
http.Error(w, "denied", http.StatusForbidden)
|
|
|
|
}
|
|
|
|
|
2023-06-09 00:57:40 +01:00
|
|
|
h.ps.b.HandleIngressTCPConn(h.peerNode, target, srcAddr, getConnOrReset, sendRST)
|
2022-11-07 15:46:42 +00:00
|
|
|
}
|
|
|
|
|
2022-04-26 23:25:48 +01:00
|
|
|
func (h *peerAPIHandler) handleServeInterfaces(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if !h.canDebug() {
|
|
|
|
http.Error(w, "denied; no debug access", http.StatusForbidden)
|
|
|
|
return
|
|
|
|
}
|
2022-12-01 01:06:21 +00:00
|
|
|
w.Header().Set("Content-Type", "text/html; charset=utf-8")
|
|
|
|
fmt.Fprintln(w, "<h1>Interfaces</h1>")
|
|
|
|
|
|
|
|
if dr, err := interfaces.DefaultRoute(); err == nil {
|
|
|
|
fmt.Fprintf(w, "<h3>Default route is %q(%d)</h3>\n", html.EscapeString(dr.InterfaceName), dr.InterfaceIndex)
|
|
|
|
} else {
|
|
|
|
fmt.Fprintf(w, "<h3>Could not get the default route: %s</h3>\n", html.EscapeString(err.Error()))
|
2022-04-26 23:25:48 +01:00
|
|
|
}
|
|
|
|
|
2023-02-23 19:48:03 +00:00
|
|
|
if hasCGNATInterface, err := interfaces.HasCGNATInterface(); hasCGNATInterface {
|
|
|
|
fmt.Fprintln(w, "<p>There is another interface using the CGNAT range.</p>")
|
|
|
|
} else if err != nil {
|
|
|
|
fmt.Fprintf(w, "<p>Could not check for CGNAT interfaces: %s</p>\n", html.EscapeString(err.Error()))
|
|
|
|
}
|
|
|
|
|
2022-12-01 01:06:21 +00:00
|
|
|
i, err := interfaces.GetList()
|
2022-04-26 23:25:48 +01:00
|
|
|
if err != nil {
|
2022-12-01 01:06:21 +00:00
|
|
|
fmt.Fprintf(w, "Could not get interfaces: %s\n", html.EscapeString(err.Error()))
|
|
|
|
return
|
2022-04-26 23:25:48 +01:00
|
|
|
}
|
|
|
|
|
2023-02-23 19:48:03 +00:00
|
|
|
fmt.Fprintln(w, "<table style='border-collapse: collapse' border=1 cellspacing=0 cellpadding=2>")
|
2022-04-26 23:25:48 +01:00
|
|
|
fmt.Fprint(w, "<tr>")
|
2023-02-23 19:48:03 +00:00
|
|
|
for _, v := range []any{"Index", "Name", "MTU", "Flags", "Addrs", "Extra"} {
|
2022-04-26 23:25:48 +01:00
|
|
|
fmt.Fprintf(w, "<th>%v</th> ", v)
|
|
|
|
}
|
|
|
|
fmt.Fprint(w, "</tr>\n")
|
all: convert more code to use net/netip directly
perl -i -npe 's,netaddr.IPPrefixFrom,netip.PrefixFrom,' $(git grep -l -F netaddr.)
perl -i -npe 's,netaddr.IPPortFrom,netip.AddrPortFrom,' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPPrefix,netip.Prefix,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPPort,netip.AddrPort,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IP\b,netip.Addr,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPv6Raw\b,netip.AddrFrom16,g' $(git grep -l -F netaddr. )
goimports -w .
Then delete some stuff from the net/netaddr shim package which is no
longer neeed.
Updates #5162
Change-Id: Ia7a86893fe21c7e3ee1ec823e8aba288d4566cd8
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-07-26 05:14:09 +01:00
|
|
|
i.ForeachInterface(func(iface interfaces.Interface, ipps []netip.Prefix) {
|
2022-04-26 23:25:48 +01:00
|
|
|
fmt.Fprint(w, "<tr>")
|
|
|
|
for _, v := range []any{iface.Index, iface.Name, iface.MTU, iface.Flags, ipps} {
|
2022-12-01 01:06:21 +00:00
|
|
|
fmt.Fprintf(w, "<td>%s</td> ", html.EscapeString(fmt.Sprintf("%v", v)))
|
2022-04-26 23:25:48 +01:00
|
|
|
}
|
2023-02-23 19:48:03 +00:00
|
|
|
if extras, err := interfaces.InterfaceDebugExtras(iface.Index); err == nil && extras != "" {
|
|
|
|
fmt.Fprintf(w, "<td>%s</td> ", html.EscapeString(extras))
|
|
|
|
} else if err != nil {
|
|
|
|
fmt.Fprintf(w, "<td>%s</td> ", html.EscapeString(err.Error()))
|
|
|
|
}
|
2022-04-26 23:25:48 +01:00
|
|
|
fmt.Fprint(w, "</tr>\n")
|
|
|
|
})
|
|
|
|
fmt.Fprintln(w, "</table>")
|
|
|
|
}
|
|
|
|
|
2023-02-09 22:58:20 +00:00
|
|
|
func (h *peerAPIHandler) handleServeDoctor(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if !h.canDebug() {
|
|
|
|
http.Error(w, "denied; no debug access", http.StatusForbidden)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "text/html; charset=utf-8")
|
|
|
|
fmt.Fprintln(w, "<h1>Doctor Output</h1>")
|
|
|
|
|
|
|
|
fmt.Fprintln(w, "<pre>")
|
|
|
|
|
|
|
|
h.ps.b.Doctor(r.Context(), func(format string, args ...any) {
|
2023-02-10 23:40:28 +00:00
|
|
|
line := fmt.Sprintf(format, args...)
|
2023-02-09 22:58:20 +00:00
|
|
|
fmt.Fprintln(w, html.EscapeString(line))
|
|
|
|
})
|
|
|
|
|
|
|
|
fmt.Fprintln(w, "</pre>")
|
|
|
|
}
|
|
|
|
|
2023-02-03 20:07:58 +00:00
|
|
|
func (h *peerAPIHandler) handleServeSockStats(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if !h.canDebug() {
|
|
|
|
http.Error(w, "denied; no debug access", http.StatusForbidden)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "text/html; charset=utf-8")
|
|
|
|
fmt.Fprintln(w, "<!DOCTYPE html><h1>Socket Stats</h1>")
|
|
|
|
|
2023-04-10 22:25:22 +01:00
|
|
|
if !sockstats.IsAvailable {
|
|
|
|
fmt.Fprintln(w, "Socket stats are not available for this client")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2023-03-14 20:34:04 +00:00
|
|
|
stats, interfaceStats, validation := sockstats.Get(), sockstats.GetInterfaces(), sockstats.GetValidation()
|
2023-02-03 20:07:58 +00:00
|
|
|
if stats == nil {
|
|
|
|
fmt.Fprintln(w, "No socket stats available")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
fmt.Fprintln(w, "<table border='1' cellspacing='0' style='border-collapse: collapse;'>")
|
|
|
|
fmt.Fprintln(w, "<thead>")
|
|
|
|
fmt.Fprintln(w, "<th>Label</th>")
|
|
|
|
fmt.Fprintln(w, "<th>Tx</th>")
|
|
|
|
fmt.Fprintln(w, "<th>Rx</th>")
|
2023-03-14 20:34:04 +00:00
|
|
|
for _, iface := range interfaceStats.Interfaces {
|
2023-02-03 20:07:58 +00:00
|
|
|
fmt.Fprintf(w, "<th>Tx (%s)</th>", html.EscapeString(iface))
|
|
|
|
fmt.Fprintf(w, "<th>Rx (%s)</th>", html.EscapeString(iface))
|
|
|
|
}
|
2023-03-08 00:29:41 +00:00
|
|
|
fmt.Fprintln(w, "<th>Validation</th>")
|
2023-02-03 20:07:58 +00:00
|
|
|
fmt.Fprintln(w, "</thead>")
|
|
|
|
|
|
|
|
fmt.Fprintln(w, "<tbody>")
|
2023-03-06 23:35:50 +00:00
|
|
|
labels := make([]sockstats.Label, 0, len(stats.Stats))
|
2023-02-03 20:07:58 +00:00
|
|
|
for label := range stats.Stats {
|
|
|
|
labels = append(labels, label)
|
|
|
|
}
|
2023-07-28 18:39:04 +01:00
|
|
|
slices.SortFunc(labels, func(a, b sockstats.Label) int {
|
|
|
|
return strings.Compare(a.String(), b.String())
|
2023-03-06 23:35:50 +00:00
|
|
|
})
|
2023-02-03 20:07:58 +00:00
|
|
|
|
2023-03-08 00:29:41 +00:00
|
|
|
txTotal := uint64(0)
|
|
|
|
rxTotal := uint64(0)
|
|
|
|
txTotalByInterface := map[string]uint64{}
|
|
|
|
rxTotalByInterface := map[string]uint64{}
|
2023-02-03 20:07:58 +00:00
|
|
|
|
|
|
|
for _, label := range labels {
|
|
|
|
stat := stats.Stats[label]
|
|
|
|
fmt.Fprintln(w, "<tr>")
|
2023-03-06 23:35:50 +00:00
|
|
|
fmt.Fprintf(w, "<td>%s</td>", html.EscapeString(label.String()))
|
2023-02-03 20:07:58 +00:00
|
|
|
fmt.Fprintf(w, "<td align=right>%d</td>", stat.TxBytes)
|
|
|
|
fmt.Fprintf(w, "<td align=right>%d</td>", stat.RxBytes)
|
|
|
|
|
|
|
|
txTotal += stat.TxBytes
|
|
|
|
rxTotal += stat.RxBytes
|
|
|
|
|
2023-03-14 20:34:04 +00:00
|
|
|
if interfaceStat, ok := interfaceStats.Stats[label]; ok {
|
|
|
|
for _, iface := range interfaceStats.Interfaces {
|
|
|
|
fmt.Fprintf(w, "<td align=right>%d</td>", interfaceStat.TxBytesByInterface[iface])
|
|
|
|
fmt.Fprintf(w, "<td align=right>%d</td>", interfaceStat.RxBytesByInterface[iface])
|
|
|
|
txTotalByInterface[iface] += interfaceStat.TxBytesByInterface[iface]
|
|
|
|
rxTotalByInterface[iface] += interfaceStat.RxBytesByInterface[iface]
|
|
|
|
}
|
2023-02-03 20:07:58 +00:00
|
|
|
}
|
2023-03-08 00:29:41 +00:00
|
|
|
|
2023-03-09 19:40:07 +00:00
|
|
|
if validationStat, ok := validation.Stats[label]; ok && (validationStat.RxBytes > 0 || validationStat.TxBytes > 0) {
|
2023-03-08 00:29:41 +00:00
|
|
|
fmt.Fprintf(w, "<td>Tx=%d (%+d) Rx=%d (%+d)</td>",
|
2023-03-09 19:40:07 +00:00
|
|
|
validationStat.TxBytes,
|
|
|
|
int64(validationStat.TxBytes)-int64(stat.TxBytes),
|
|
|
|
validationStat.RxBytes,
|
|
|
|
int64(validationStat.RxBytes)-int64(stat.RxBytes))
|
2023-03-08 00:29:41 +00:00
|
|
|
} else {
|
|
|
|
fmt.Fprintln(w, "<td></td>")
|
|
|
|
}
|
|
|
|
|
2023-02-03 20:07:58 +00:00
|
|
|
fmt.Fprintln(w, "</tr>")
|
|
|
|
}
|
|
|
|
fmt.Fprintln(w, "</tbody>")
|
|
|
|
|
|
|
|
fmt.Fprintln(w, "<tfoot>")
|
|
|
|
fmt.Fprintln(w, "<th>Total</th>")
|
|
|
|
fmt.Fprintf(w, "<th>%d</th>", txTotal)
|
|
|
|
fmt.Fprintf(w, "<th>%d</th>", rxTotal)
|
2023-03-14 20:34:04 +00:00
|
|
|
for _, iface := range interfaceStats.Interfaces {
|
2023-02-03 20:07:58 +00:00
|
|
|
fmt.Fprintf(w, "<th>%d</th>", txTotalByInterface[iface])
|
|
|
|
fmt.Fprintf(w, "<th>%d</th>", rxTotalByInterface[iface])
|
|
|
|
}
|
2023-03-08 00:29:41 +00:00
|
|
|
fmt.Fprintln(w, "<th></th>")
|
2023-02-03 20:07:58 +00:00
|
|
|
fmt.Fprintln(w, "</tfoot>")
|
|
|
|
|
|
|
|
fmt.Fprintln(w, "</table>")
|
2023-04-19 21:45:02 +01:00
|
|
|
|
|
|
|
fmt.Fprintln(w, "<h2>Debug Info</h2>")
|
|
|
|
|
|
|
|
fmt.Fprintln(w, "<pre>")
|
|
|
|
fmt.Fprintln(w, html.EscapeString(sockstats.DebugInfo()))
|
|
|
|
fmt.Fprintln(w, "</pre>")
|
2023-02-03 20:07:58 +00:00
|
|
|
}
|
|
|
|
|
2022-04-17 16:45:49 +01:00
|
|
|
// canPutFile reports whether h can put a file ("Taildrop") to this node.
|
|
|
|
func (h *peerAPIHandler) canPutFile() bool {
|
2023-08-18 15:57:44 +01:00
|
|
|
if h.peerNode.UnsignedPeerAPIOnly() {
|
2022-11-23 23:14:25 +00:00
|
|
|
// Unsigned peers can't send files.
|
|
|
|
return false
|
|
|
|
}
|
2023-07-25 05:07:00 +01:00
|
|
|
return h.isSelf || h.peerHasCap(tailcfg.PeerCapabilityFileSharingSend)
|
2022-04-18 18:06:41 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// canDebug reports whether h can debug this node (goroutines, metrics,
|
|
|
|
// magicsock internal state, etc).
|
|
|
|
func (h *peerAPIHandler) canDebug() bool {
|
2023-09-18 17:36:26 +01:00
|
|
|
if !h.selfNode.HasCap(tailcfg.CapabilityDebug) {
|
2022-11-16 18:36:01 +00:00
|
|
|
// This node does not expose debug info.
|
|
|
|
return false
|
|
|
|
}
|
2023-08-18 15:57:44 +01:00
|
|
|
if h.peerNode.UnsignedPeerAPIOnly() {
|
2022-11-23 23:14:25 +00:00
|
|
|
// Unsigned peers can't debug.
|
|
|
|
return false
|
|
|
|
}
|
2023-07-25 05:07:00 +01:00
|
|
|
return h.isSelf || h.peerHasCap(tailcfg.PeerCapabilityDebugPeer)
|
2022-04-18 18:06:41 +01:00
|
|
|
}
|
|
|
|
|
2022-04-26 20:29:41 +01:00
|
|
|
// canWakeOnLAN reports whether h can send a Wake-on-LAN packet from this node.
|
|
|
|
func (h *peerAPIHandler) canWakeOnLAN() bool {
|
2023-08-18 15:57:44 +01:00
|
|
|
if h.peerNode.UnsignedPeerAPIOnly() {
|
2023-01-10 23:40:07 +00:00
|
|
|
return false
|
|
|
|
}
|
2023-07-25 05:07:00 +01:00
|
|
|
return h.isSelf || h.peerHasCap(tailcfg.PeerCapabilityWakeOnLAN)
|
2022-04-26 20:29:41 +01:00
|
|
|
}
|
|
|
|
|
2022-11-07 15:46:42 +00:00
|
|
|
var allowSelfIngress = envknob.RegisterBool("TS_ALLOW_SELF_INGRESS")
|
|
|
|
|
|
|
|
// canIngress reports whether h can send ingress requests to this node.
|
|
|
|
func (h *peerAPIHandler) canIngress() bool {
|
2023-07-25 05:07:00 +01:00
|
|
|
return h.peerHasCap(tailcfg.PeerCapabilityIngress) || (allowSelfIngress() && h.isSelf)
|
2022-11-07 15:46:42 +00:00
|
|
|
}
|
|
|
|
|
2023-07-25 05:07:00 +01:00
|
|
|
func (h *peerAPIHandler) peerHasCap(wantCap tailcfg.PeerCapability) bool {
|
2024-02-02 18:45:32 +00:00
|
|
|
return h.peerCaps().HasCapability(wantCap)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (h *peerAPIHandler) peerCaps() tailcfg.PeerCapMap {
|
|
|
|
return h.ps.b.PeerCaps(h.remoteAddr.Addr())
|
2022-04-17 16:45:49 +01:00
|
|
|
}
|
|
|
|
|
2023-10-16 18:36:31 +01:00
|
|
|
func (h *peerAPIHandler) handlePeerPut(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if !h.canPutFile() {
|
|
|
|
http.Error(w, taildrop.ErrNoTaildrop.Error(), http.StatusForbidden)
|
2023-10-12 17:28:46 +01:00
|
|
|
return
|
|
|
|
}
|
2023-10-16 18:36:31 +01:00
|
|
|
if !h.ps.b.hasCapFileSharing() {
|
2023-10-16 20:35:11 +01:00
|
|
|
http.Error(w, taildrop.ErrNoTaildrop.Error(), http.StatusForbidden)
|
2023-10-12 17:28:46 +01:00
|
|
|
return
|
|
|
|
}
|
2023-10-16 20:35:11 +01:00
|
|
|
rawPath := r.URL.EscapedPath()
|
|
|
|
prefix, ok := strings.CutPrefix(rawPath, "/v0/put/")
|
|
|
|
if !ok {
|
|
|
|
http.Error(w, "misconfigured internals", http.StatusForbidden)
|
2023-10-12 17:28:46 +01:00
|
|
|
return
|
|
|
|
}
|
2023-10-16 20:35:11 +01:00
|
|
|
baseName, err := url.PathUnescape(prefix)
|
2023-10-12 17:28:46 +01:00
|
|
|
if err != nil {
|
2023-10-16 20:35:11 +01:00
|
|
|
http.Error(w, taildrop.ErrInvalidFileName.Error(), http.StatusBadRequest)
|
2023-10-12 17:28:46 +01:00
|
|
|
return
|
|
|
|
}
|
taildrop: switch hashing to be streaming based (#9861)
While the previous logic was correct, it did not perform well.
Resuming is a dance between the client and server, where
1. the client requests hashes for a partial file,
2. the server then computes those hashes,
3. the client computes hashes locally and compares them.
4. goto 1 while the partial file still has data
While step 2 is running, the client is sitting idle.
While step 3 is running, the server is sitting idle.
By streaming over the block hash immediately after the server
computes it, the client can start checking the hash,
while the server works on the next hash (in a pipelined manner).
This performs dramatically better and also uses less memory
as we don't need to hold a list of hashes, but only need to
handle one hash at a time.
There are two detriments to this approach:
* The HTTP API relies on a JSON stream,
which is not a standard REST-like pattern.
However, since we implement both client and server,
this is fine.
* While the stream is on-going, we hold an open file handle
on the server side while the file is being hashed.
On really slow streams, this could hold a file open forever.
Updates tailscale/corp#14772
Signed-off-by: Joe Tsai <joetsai@digital-static.net>
Co-authored-by: Rhea Ghosh <rhea@tailscale.com>
2023-10-18 01:53:40 +01:00
|
|
|
enc := json.NewEncoder(w)
|
2023-10-16 20:35:11 +01:00
|
|
|
switch r.Method {
|
|
|
|
case "GET":
|
|
|
|
id := taildrop.ClientID(h.peerNode.StableID())
|
2023-10-18 00:14:47 +01:00
|
|
|
if prefix == "" {
|
taildrop: switch hashing to be streaming based (#9861)
While the previous logic was correct, it did not perform well.
Resuming is a dance between the client and server, where
1. the client requests hashes for a partial file,
2. the server then computes those hashes,
3. the client computes hashes locally and compares them.
4. goto 1 while the partial file still has data
While step 2 is running, the client is sitting idle.
While step 3 is running, the server is sitting idle.
By streaming over the block hash immediately after the server
computes it, the client can start checking the hash,
while the server works on the next hash (in a pipelined manner).
This performs dramatically better and also uses less memory
as we don't need to hold a list of hashes, but only need to
handle one hash at a time.
There are two detriments to this approach:
* The HTTP API relies on a JSON stream,
which is not a standard REST-like pattern.
However, since we implement both client and server,
this is fine.
* While the stream is on-going, we hold an open file handle
on the server side while the file is being hashed.
On really slow streams, this could hold a file open forever.
Updates tailscale/corp#14772
Signed-off-by: Joe Tsai <joetsai@digital-static.net>
Co-authored-by: Rhea Ghosh <rhea@tailscale.com>
2023-10-18 01:53:40 +01:00
|
|
|
// List all the partial files.
|
|
|
|
files, err := h.ps.taildrop.PartialFiles(id)
|
|
|
|
if err != nil {
|
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
if err := enc.Encode(files); err != nil {
|
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
|
|
h.logf("json.Encoder.Encode error: %v", err)
|
|
|
|
return
|
|
|
|
}
|
2023-10-16 20:35:11 +01:00
|
|
|
} else {
|
taildrop: switch hashing to be streaming based (#9861)
While the previous logic was correct, it did not perform well.
Resuming is a dance between the client and server, where
1. the client requests hashes for a partial file,
2. the server then computes those hashes,
3. the client computes hashes locally and compares them.
4. goto 1 while the partial file still has data
While step 2 is running, the client is sitting idle.
While step 3 is running, the server is sitting idle.
By streaming over the block hash immediately after the server
computes it, the client can start checking the hash,
while the server works on the next hash (in a pipelined manner).
This performs dramatically better and also uses less memory
as we don't need to hold a list of hashes, but only need to
handle one hash at a time.
There are two detriments to this approach:
* The HTTP API relies on a JSON stream,
which is not a standard REST-like pattern.
However, since we implement both client and server,
this is fine.
* While the stream is on-going, we hold an open file handle
on the server side while the file is being hashed.
On really slow streams, this could hold a file open forever.
Updates tailscale/corp#14772
Signed-off-by: Joe Tsai <joetsai@digital-static.net>
Co-authored-by: Rhea Ghosh <rhea@tailscale.com>
2023-10-18 01:53:40 +01:00
|
|
|
// Stream all the block hashes for the specified file.
|
|
|
|
next, close, err := h.ps.taildrop.HashPartialFile(id, baseName)
|
|
|
|
if err != nil {
|
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
2023-10-16 20:35:11 +01:00
|
|
|
return
|
|
|
|
}
|
taildrop: switch hashing to be streaming based (#9861)
While the previous logic was correct, it did not perform well.
Resuming is a dance between the client and server, where
1. the client requests hashes for a partial file,
2. the server then computes those hashes,
3. the client computes hashes locally and compares them.
4. goto 1 while the partial file still has data
While step 2 is running, the client is sitting idle.
While step 3 is running, the server is sitting idle.
By streaming over the block hash immediately after the server
computes it, the client can start checking the hash,
while the server works on the next hash (in a pipelined manner).
This performs dramatically better and also uses less memory
as we don't need to hold a list of hashes, but only need to
handle one hash at a time.
There are two detriments to this approach:
* The HTTP API relies on a JSON stream,
which is not a standard REST-like pattern.
However, since we implement both client and server,
this is fine.
* While the stream is on-going, we hold an open file handle
on the server side while the file is being hashed.
On really slow streams, this could hold a file open forever.
Updates tailscale/corp#14772
Signed-off-by: Joe Tsai <joetsai@digital-static.net>
Co-authored-by: Rhea Ghosh <rhea@tailscale.com>
2023-10-18 01:53:40 +01:00
|
|
|
defer close()
|
|
|
|
for {
|
|
|
|
switch cs, err := next(); {
|
|
|
|
case err == io.EOF:
|
|
|
|
return
|
|
|
|
case err != nil:
|
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
|
|
h.logf("HashPartialFile.next error: %v", err)
|
|
|
|
return
|
|
|
|
default:
|
|
|
|
if err := enc.Encode(cs); err != nil {
|
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
|
|
h.logf("json.Encoder.Encode error: %v", err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
2023-10-16 20:35:11 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
case "PUT":
|
|
|
|
t0 := h.ps.b.clock.Now()
|
|
|
|
id := taildrop.ClientID(h.peerNode.StableID())
|
|
|
|
|
|
|
|
var offset int64
|
|
|
|
if rangeHdr := r.Header.Get("Range"); rangeHdr != "" {
|
|
|
|
ranges, ok := httphdr.ParseRange(rangeHdr)
|
|
|
|
if !ok || len(ranges) != 1 || ranges[0].Length != 0 {
|
|
|
|
http.Error(w, "invalid Range header", http.StatusBadRequest)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
offset = ranges[0].Start
|
|
|
|
}
|
|
|
|
n, err := h.ps.taildrop.PutFile(taildrop.ClientID(fmt.Sprint(id)), baseName, r.Body, offset, r.ContentLength)
|
|
|
|
switch err {
|
|
|
|
case nil:
|
|
|
|
d := h.ps.b.clock.Since(t0).Round(time.Second / 10)
|
|
|
|
h.logf("got put of %s in %v from %v/%v", approxSize(n), d, h.remoteAddr.Addr(), h.peerNode.ComputedName)
|
|
|
|
io.WriteString(w, "{}\n")
|
|
|
|
case taildrop.ErrNoTaildrop:
|
|
|
|
http.Error(w, err.Error(), http.StatusForbidden)
|
|
|
|
case taildrop.ErrInvalidFileName:
|
|
|
|
http.Error(w, err.Error(), http.StatusBadRequest)
|
|
|
|
case taildrop.ErrFileExists:
|
|
|
|
http.Error(w, err.Error(), http.StatusConflict)
|
|
|
|
default:
|
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
|
|
}
|
2023-10-12 17:28:46 +01:00
|
|
|
default:
|
2023-10-16 20:35:11 +01:00
|
|
|
http.Error(w, "expected method GET or PUT", http.StatusMethodNotAllowed)
|
2023-09-26 18:22:13 +01:00
|
|
|
}
|
2021-03-29 18:42:33 +01:00
|
|
|
}
|
2021-03-30 20:56:00 +01:00
|
|
|
|
|
|
|
func approxSize(n int64) string {
|
|
|
|
if n <= 1<<10 {
|
|
|
|
return "<=1KB"
|
|
|
|
}
|
|
|
|
if n <= 1<<20 {
|
|
|
|
return "<=1MB"
|
|
|
|
}
|
2021-04-22 16:43:52 +01:00
|
|
|
return fmt.Sprintf("~%dMB", n>>20)
|
2021-03-30 20:56:00 +01:00
|
|
|
}
|
2021-04-22 21:01:42 +01:00
|
|
|
|
|
|
|
func (h *peerAPIHandler) handleServeGoroutines(w http.ResponseWriter, r *http.Request) {
|
2022-04-18 18:06:41 +01:00
|
|
|
if !h.canDebug() {
|
|
|
|
http.Error(w, "denied; no debug access", http.StatusForbidden)
|
2021-04-22 21:01:42 +01:00
|
|
|
return
|
|
|
|
}
|
|
|
|
var buf []byte
|
|
|
|
for size := 4 << 10; size <= 2<<20; size *= 2 {
|
|
|
|
buf = make([]byte, size)
|
|
|
|
buf = buf[:runtime.Stack(buf, true)]
|
|
|
|
if len(buf) < size {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
w.Write(buf)
|
|
|
|
}
|
2021-11-03 18:17:56 +00:00
|
|
|
|
|
|
|
func (h *peerAPIHandler) handleServeEnv(w http.ResponseWriter, r *http.Request) {
|
2022-04-18 18:06:41 +01:00
|
|
|
if !h.canDebug() {
|
|
|
|
http.Error(w, "denied; no debug access", http.StatusForbidden)
|
2021-11-03 18:17:56 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
var data struct {
|
|
|
|
Hostinfo *tailcfg.Hostinfo
|
|
|
|
Uid int
|
|
|
|
Args []string
|
|
|
|
Env []string
|
|
|
|
}
|
|
|
|
data.Hostinfo = hostinfo.New()
|
|
|
|
data.Uid = os.Getuid()
|
|
|
|
data.Args = os.Args
|
|
|
|
data.Env = os.Environ()
|
|
|
|
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
json.NewEncoder(w).Encode(data)
|
|
|
|
}
|
2021-11-18 15:54:24 +00:00
|
|
|
|
2021-12-21 18:26:13 +00:00
|
|
|
func (h *peerAPIHandler) handleServeMagicsock(w http.ResponseWriter, r *http.Request) {
|
2022-04-18 18:06:41 +01:00
|
|
|
if !h.canDebug() {
|
|
|
|
http.Error(w, "denied; no debug access", http.StatusForbidden)
|
2021-12-21 18:26:13 +00:00
|
|
|
return
|
|
|
|
}
|
2023-11-15 23:10:45 +00:00
|
|
|
h.ps.b.MagicConn().ServeHTTPDebug(w, r)
|
2021-12-21 18:26:13 +00:00
|
|
|
}
|
|
|
|
|
2021-11-18 15:54:24 +00:00
|
|
|
func (h *peerAPIHandler) handleServeMetrics(w http.ResponseWriter, r *http.Request) {
|
2022-04-18 18:06:41 +01:00
|
|
|
if !h.canDebug() {
|
|
|
|
http.Error(w, "denied; no debug access", http.StatusForbidden)
|
2021-11-18 15:54:24 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "text/plain")
|
|
|
|
clientmetric.WritePrometheusExpositionFormat(w)
|
|
|
|
}
|
2021-11-23 05:45:34 +00:00
|
|
|
|
2021-12-21 21:52:50 +00:00
|
|
|
func (h *peerAPIHandler) handleServeDNSFwd(w http.ResponseWriter, r *http.Request) {
|
2022-04-26 20:29:41 +01:00
|
|
|
if !h.canDebug() {
|
|
|
|
http.Error(w, "denied; no debug access", http.StatusForbidden)
|
2021-12-21 21:52:50 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
dh := health.DebugHandler("dnsfwd")
|
|
|
|
if dh == nil {
|
2023-10-13 23:40:10 +01:00
|
|
|
http.Error(w, "not wired up", http.StatusInternalServerError)
|
2021-12-21 21:52:50 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
dh.ServeHTTP(w, r)
|
|
|
|
}
|
|
|
|
|
2022-04-26 20:29:41 +01:00
|
|
|
func (h *peerAPIHandler) handleWakeOnLAN(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if !h.canWakeOnLAN() {
|
|
|
|
http.Error(w, "no WoL access", http.StatusForbidden)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
if r.Method != "POST" {
|
|
|
|
http.Error(w, "bad method", http.StatusMethodNotAllowed)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
macStr := r.FormValue("mac")
|
|
|
|
if macStr == "" {
|
|
|
|
http.Error(w, "missing 'mac' param", http.StatusBadRequest)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
mac, err := net.ParseMAC(macStr)
|
|
|
|
if err != nil {
|
|
|
|
http.Error(w, "bad 'mac' param", http.StatusBadRequest)
|
|
|
|
return
|
|
|
|
}
|
2023-10-05 17:49:30 +01:00
|
|
|
var password []byte // TODO(bradfitz): support? does anything use WoL passwords?
|
2023-08-01 23:47:54 +01:00
|
|
|
st := h.ps.b.sys.NetMon.Get().InterfaceState()
|
|
|
|
if st == nil {
|
2022-04-26 20:29:41 +01:00
|
|
|
http.Error(w, "failed to get interfaces state", http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
var res struct {
|
|
|
|
SentTo []string
|
|
|
|
Errors []string
|
|
|
|
}
|
|
|
|
for ifName, ips := range st.InterfaceIPs {
|
|
|
|
for _, ip := range ips {
|
2022-07-25 04:08:42 +01:00
|
|
|
if ip.Addr().IsLoopback() || ip.Addr().Is6() {
|
2022-04-26 20:29:41 +01:00
|
|
|
continue
|
|
|
|
}
|
|
|
|
local := &net.UDPAddr{
|
2022-07-25 04:08:42 +01:00
|
|
|
IP: ip.Addr().AsSlice(),
|
2022-04-26 20:29:41 +01:00
|
|
|
Port: 0,
|
|
|
|
}
|
|
|
|
remote := &net.UDPAddr{
|
|
|
|
IP: net.IPv4bcast,
|
|
|
|
Port: 0,
|
|
|
|
}
|
|
|
|
if err := wol.Wake(mac, password, local, remote); err != nil {
|
|
|
|
res.Errors = append(res.Errors, err.Error())
|
|
|
|
} else {
|
|
|
|
res.SentTo = append(res.SentTo, ifName)
|
|
|
|
}
|
|
|
|
break // one per interface is enough
|
|
|
|
}
|
|
|
|
}
|
|
|
|
sort.Strings(res.SentTo)
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
json.NewEncoder(w).Encode(res)
|
|
|
|
}
|
|
|
|
|
2021-11-23 05:45:34 +00:00
|
|
|
func (h *peerAPIHandler) replyToDNSQueries() bool {
|
2021-11-25 17:43:39 +00:00
|
|
|
if h.isSelf {
|
|
|
|
// If the peer is owned by the same user, just allow it
|
|
|
|
// without further checks.
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
b := h.ps.b
|
2023-10-27 22:20:10 +01:00
|
|
|
if !b.OfferingExitNode() && !b.OfferingAppConnector() {
|
|
|
|
// If we're not an exit node or app connector, there's
|
|
|
|
// no point to being a DNS server for somebody.
|
2021-11-25 17:43:39 +00:00
|
|
|
return false
|
|
|
|
}
|
|
|
|
if !h.remoteAddr.IsValid() {
|
|
|
|
// This should never be the case if the peerAPIHandler
|
|
|
|
// was wired up correctly, but just in case.
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
// Otherwise, we're an exit node but the peer is not us, so
|
|
|
|
// we need to check if they're allowed access to the internet.
|
|
|
|
// As peerapi bypasses wgengine/filter checks, we need to check
|
|
|
|
// ourselves. As a proxy for autogroup:internet access, we see
|
|
|
|
// if we would've accepted a packet to 0.0.0.0:53. We treat
|
|
|
|
// the IP 0.0.0.0 as being "the internet".
|
2023-11-07 23:45:46 +00:00
|
|
|
//
|
|
|
|
// Because of the way that filter checks work, rules are only
|
|
|
|
// checked after ensuring the destination IP is part of the
|
|
|
|
// local set of IPs. An exit node has 0.0.0.0/0 so its fine,
|
|
|
|
// but an app connector explicitly adds 0.0.0.0/32 (and the
|
|
|
|
// IPv6 equivalent) to make this work (see updateFilterLocked
|
|
|
|
// in LocalBackend).
|
2022-08-04 05:31:40 +01:00
|
|
|
f := b.filterAtomic.Load()
|
|
|
|
if f == nil {
|
2021-11-25 17:43:39 +00:00
|
|
|
return false
|
|
|
|
}
|
|
|
|
// Note: we check TCP here because the Filter type already had
|
|
|
|
// a CheckTCP method (for unit tests), but it's pretty
|
|
|
|
// arbitrary. DNS runs over TCP and UDP, so sure... we check
|
|
|
|
// TCP.
|
|
|
|
dstIP := netaddr.IPv4(0, 0, 0, 0)
|
2022-07-25 04:08:42 +01:00
|
|
|
remoteIP := h.remoteAddr.Addr()
|
2021-11-25 17:43:39 +00:00
|
|
|
if remoteIP.Is6() {
|
|
|
|
// autogroup:internet for IPv6 is defined to start with 2000::/3,
|
|
|
|
// so use 2000::0 as the probe "the internet" address.
|
2022-07-26 04:55:44 +01:00
|
|
|
dstIP = netip.MustParseAddr("2000::")
|
2021-11-25 17:43:39 +00:00
|
|
|
}
|
|
|
|
verdict := f.CheckTCP(remoteIP, dstIP, 53)
|
|
|
|
return verdict == filter.Accept
|
2021-11-23 05:45:34 +00:00
|
|
|
}
|
|
|
|
|
2021-11-23 17:58:34 +00:00
|
|
|
// handleDNSQuery implements a DoH server (RFC 8484) over the peerapi.
|
|
|
|
// It's not over HTTPS as the spec dictates, but rather HTTP-over-WireGuard.
|
2021-11-23 05:45:34 +00:00
|
|
|
func (h *peerAPIHandler) handleDNSQuery(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if h.ps.resolver == nil {
|
|
|
|
http.Error(w, "DNS not wired up", http.StatusNotImplemented)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
if !h.replyToDNSQueries() {
|
|
|
|
http.Error(w, "DNS access denied", http.StatusForbidden)
|
|
|
|
return
|
|
|
|
}
|
2021-11-23 17:58:34 +00:00
|
|
|
pretty := false // non-DoH debug mode for humans
|
2021-11-23 05:45:34 +00:00
|
|
|
q, publicError := dohQuery(r)
|
2021-11-23 17:58:34 +00:00
|
|
|
if publicError != "" && r.Method == "GET" {
|
|
|
|
if name := r.FormValue("q"); name != "" {
|
|
|
|
pretty = true
|
|
|
|
publicError = ""
|
|
|
|
q = dnsQueryForName(name, r.FormValue("t"))
|
|
|
|
}
|
|
|
|
}
|
2021-11-23 05:45:34 +00:00
|
|
|
if publicError != "" {
|
|
|
|
http.Error(w, publicError, http.StatusBadRequest)
|
|
|
|
return
|
|
|
|
}
|
2021-11-23 17:58:34 +00:00
|
|
|
|
|
|
|
// Some timeout that's short enough to be noticed by humans
|
|
|
|
// but long enough that it's longer than real DNS timeouts.
|
|
|
|
const arbitraryTimeout = 5 * time.Second
|
|
|
|
|
|
|
|
ctx, cancel := context.WithTimeout(r.Context(), arbitraryTimeout)
|
|
|
|
defer cancel()
|
2023-10-27 22:20:10 +01:00
|
|
|
res, err := h.ps.resolver.HandlePeerDNSQuery(ctx, q, h.remoteAddr, h.ps.b.allowExitNodeDNSProxyToServeName)
|
2021-11-23 17:58:34 +00:00
|
|
|
if err != nil {
|
|
|
|
h.logf("handleDNS fwd error: %v", err)
|
|
|
|
if err := ctx.Err(); err != nil {
|
2023-10-13 23:40:10 +01:00
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
2021-11-23 17:58:34 +00:00
|
|
|
} else {
|
2023-10-13 23:40:10 +01:00
|
|
|
http.Error(w, "DNS forwarding error", http.StatusInternalServerError)
|
2021-11-23 17:58:34 +00:00
|
|
|
}
|
|
|
|
return
|
|
|
|
}
|
2023-10-27 22:20:10 +01:00
|
|
|
// TODO(raggi): consider pushing the integration down into the resolver
|
|
|
|
// instead to avoid re-parsing the DNS response for improved performance in
|
|
|
|
// the future.
|
|
|
|
if h.ps.b.OfferingAppConnector() {
|
|
|
|
h.ps.b.ObserveDNSResponse(res)
|
|
|
|
}
|
|
|
|
|
2021-11-23 17:58:34 +00:00
|
|
|
if pretty {
|
|
|
|
// Non-standard response for interactive debugging.
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
writePrettyDNSReply(w, res)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/dns-message")
|
2021-11-30 22:18:48 +00:00
|
|
|
w.Header().Set("Content-Length", strconv.Itoa(len(res)))
|
2021-11-23 17:58:34 +00:00
|
|
|
w.Write(res)
|
2021-11-23 05:45:34 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func dohQuery(r *http.Request) (dnsQuery []byte, publicErr string) {
|
|
|
|
const maxQueryLen = 256 << 10
|
|
|
|
switch r.Method {
|
|
|
|
default:
|
|
|
|
return nil, "bad HTTP method"
|
|
|
|
case "GET":
|
|
|
|
q64 := r.FormValue("dns")
|
|
|
|
if q64 == "" {
|
|
|
|
return nil, "missing 'dns' parameter"
|
|
|
|
}
|
|
|
|
if base64.RawURLEncoding.DecodedLen(len(q64)) > maxQueryLen {
|
|
|
|
return nil, "query too large"
|
|
|
|
}
|
|
|
|
q, err := base64.RawURLEncoding.DecodeString(q64)
|
|
|
|
if err != nil {
|
|
|
|
return nil, "invalid 'dns' base64 encoding"
|
|
|
|
}
|
|
|
|
return q, ""
|
|
|
|
case "POST":
|
|
|
|
if r.Header.Get("Content-Type") != "application/dns-message" {
|
|
|
|
return nil, "unexpected Content-Type"
|
|
|
|
}
|
|
|
|
q, err := io.ReadAll(io.LimitReader(r.Body, maxQueryLen+1))
|
|
|
|
if err != nil {
|
|
|
|
return nil, "error reading post body with DNS query"
|
|
|
|
}
|
|
|
|
if len(q) > maxQueryLen {
|
|
|
|
return nil, "query too large"
|
|
|
|
}
|
|
|
|
return q, ""
|
|
|
|
}
|
|
|
|
}
|
2021-11-23 17:58:34 +00:00
|
|
|
|
|
|
|
func dnsQueryForName(name, typStr string) []byte {
|
|
|
|
typ := dnsmessage.TypeA
|
|
|
|
switch strings.ToLower(typStr) {
|
|
|
|
case "aaaa":
|
|
|
|
typ = dnsmessage.TypeAAAA
|
|
|
|
case "txt":
|
|
|
|
typ = dnsmessage.TypeTXT
|
|
|
|
}
|
|
|
|
b := dnsmessage.NewBuilder(nil, dnsmessage.Header{
|
|
|
|
OpCode: 0, // query
|
|
|
|
RecursionDesired: true,
|
2023-11-01 18:38:44 +00:00
|
|
|
ID: 1, // arbitrary, but 0 is rejected by some servers
|
2021-11-23 17:58:34 +00:00
|
|
|
})
|
|
|
|
if !strings.HasSuffix(name, ".") {
|
|
|
|
name += "."
|
|
|
|
}
|
|
|
|
b.StartQuestions()
|
|
|
|
b.Question(dnsmessage.Question{
|
|
|
|
Name: dnsmessage.MustNewName(name),
|
|
|
|
Type: typ,
|
|
|
|
Class: dnsmessage.ClassINET,
|
|
|
|
})
|
|
|
|
msg, _ := b.Finish()
|
|
|
|
return msg
|
|
|
|
}
|
|
|
|
|
|
|
|
func writePrettyDNSReply(w io.Writer, res []byte) (err error) {
|
|
|
|
defer func() {
|
|
|
|
if err != nil {
|
|
|
|
j, _ := json.Marshal(struct {
|
|
|
|
Error string
|
|
|
|
}{err.Error()})
|
2021-11-29 22:18:09 +00:00
|
|
|
j = append(j, '\n')
|
2021-11-23 17:58:34 +00:00
|
|
|
w.Write(j)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
var p dnsmessage.Parser
|
2021-11-29 22:18:09 +00:00
|
|
|
hdr, err := p.Start(res)
|
|
|
|
if err != nil {
|
2021-11-23 17:58:34 +00:00
|
|
|
return err
|
|
|
|
}
|
2021-11-29 22:18:09 +00:00
|
|
|
if hdr.RCode != dnsmessage.RCodeSuccess {
|
|
|
|
return fmt.Errorf("DNS RCode = %v", hdr.RCode)
|
|
|
|
}
|
2021-11-23 17:58:34 +00:00
|
|
|
if err := p.SkipAllQuestions(); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
var gotIPs []string
|
|
|
|
for {
|
|
|
|
h, err := p.AnswerHeader()
|
|
|
|
if err == dnsmessage.ErrSectionDone {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if h.Class != dnsmessage.ClassINET {
|
2024-01-31 21:49:52 +00:00
|
|
|
if err := p.SkipAnswer(); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2021-11-23 17:58:34 +00:00
|
|
|
continue
|
|
|
|
}
|
|
|
|
switch h.Type {
|
|
|
|
case dnsmessage.TypeA:
|
|
|
|
r, err := p.AResource()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
gotIPs = append(gotIPs, net.IP(r.A[:]).String())
|
|
|
|
case dnsmessage.TypeAAAA:
|
|
|
|
r, err := p.AAAAResource()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
gotIPs = append(gotIPs, net.IP(r.AAAA[:]).String())
|
|
|
|
case dnsmessage.TypeTXT:
|
|
|
|
r, err := p.TXTResource()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
gotIPs = append(gotIPs, r.TXT...)
|
2024-01-31 21:49:52 +00:00
|
|
|
default:
|
|
|
|
if err := p.SkipAnswer(); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2021-11-23 17:58:34 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
j, _ := json.Marshal(gotIPs)
|
|
|
|
j = append(j, '\n')
|
|
|
|
w.Write(j)
|
|
|
|
return nil
|
|
|
|
}
|
2022-04-20 19:57:34 +01:00
|
|
|
|
2024-03-26 20:14:43 +00:00
|
|
|
// httpResponseWrapper wraps an http.ResponseWrite and
|
|
|
|
// stores the status code and content length.
|
|
|
|
type httpResponseWrapper struct {
|
|
|
|
http.ResponseWriter
|
|
|
|
statusCode int
|
|
|
|
contentLength int64
|
|
|
|
}
|
|
|
|
|
|
|
|
// WriteHeader implements the WriteHeader interface.
|
|
|
|
func (hrw *httpResponseWrapper) WriteHeader(status int) {
|
|
|
|
hrw.statusCode = status
|
|
|
|
hrw.ResponseWriter.WriteHeader(status)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Write implements the Write interface.
|
|
|
|
func (hrw *httpResponseWrapper) Write(b []byte) (int, error) {
|
|
|
|
n, err := hrw.ResponseWriter.Write(b)
|
|
|
|
hrw.contentLength += int64(n)
|
|
|
|
return n, err
|
|
|
|
}
|
|
|
|
|
|
|
|
// requestBodyWrapper wraps an io.ReadCloser and stores
|
|
|
|
// the number of bytesRead.
|
|
|
|
type requestBodyWrapper struct {
|
|
|
|
io.ReadCloser
|
|
|
|
bytesRead int64
|
|
|
|
}
|
|
|
|
|
|
|
|
// Read implements the io.Reader interface.
|
|
|
|
func (rbw *requestBodyWrapper) Read(b []byte) (int, error) {
|
|
|
|
n, err := rbw.ReadCloser.Read(b)
|
|
|
|
rbw.bytesRead += int64(n)
|
|
|
|
return n, err
|
|
|
|
}
|
|
|
|
|
2024-02-09 17:26:43 +00:00
|
|
|
func (h *peerAPIHandler) handleServeTailFS(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if !h.ps.b.TailFSSharingEnabled() {
|
2024-03-26 20:14:43 +00:00
|
|
|
h.logf("tailfs: not enabled")
|
2024-02-02 18:45:32 +00:00
|
|
|
http.Error(w, "tailfs not enabled", http.StatusNotFound)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
capsMap := h.peerCaps()
|
2024-02-09 17:26:43 +00:00
|
|
|
tailfsCaps, ok := capsMap[tailcfg.PeerCapabilityTailFS]
|
2024-02-02 18:45:32 +00:00
|
|
|
if !ok {
|
2024-03-26 20:14:43 +00:00
|
|
|
h.logf("tailfs: not permitted")
|
2024-02-02 18:45:32 +00:00
|
|
|
http.Error(w, "tailfs not permitted", http.StatusForbidden)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
rawPerms := make([][]byte, 0, len(tailfsCaps))
|
|
|
|
for _, cap := range tailfsCaps {
|
|
|
|
rawPerms = append(rawPerms, []byte(cap))
|
|
|
|
}
|
|
|
|
|
|
|
|
p, err := tailfs.ParsePermissions(rawPerms)
|
|
|
|
if err != nil {
|
2024-03-26 20:14:43 +00:00
|
|
|
h.logf("tailfs: error parsing permissions: %w", err.Error())
|
2024-02-02 18:45:32 +00:00
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2024-02-09 17:26:43 +00:00
|
|
|
fs, ok := h.ps.b.sys.TailFSForRemote.GetOK()
|
|
|
|
if !ok {
|
2024-03-26 20:14:43 +00:00
|
|
|
h.logf("tailfs: not supported on platform")
|
|
|
|
http.Error(w, "tailfs not supported on platform", http.StatusNotFound)
|
2024-02-02 18:45:32 +00:00
|
|
|
return
|
|
|
|
}
|
2024-03-26 20:14:43 +00:00
|
|
|
wr := &httpResponseWrapper{
|
|
|
|
ResponseWriter: w,
|
|
|
|
}
|
|
|
|
bw := &requestBodyWrapper{
|
|
|
|
ReadCloser: r.Body,
|
|
|
|
}
|
|
|
|
r.Body = bw
|
|
|
|
|
|
|
|
if r.Method == httpm.PUT || r.Method == httpm.GET {
|
|
|
|
defer func() {
|
|
|
|
switch wr.statusCode {
|
|
|
|
case 304:
|
|
|
|
// 304s are particularly chatty so skip logging.
|
|
|
|
default:
|
|
|
|
contentType := "unknown"
|
|
|
|
if ct := wr.Header().Get("Content-Type"); ct != "" {
|
|
|
|
contentType = ct
|
|
|
|
}
|
|
|
|
|
|
|
|
h.logf("tailfs: share: %s from %s to %s: status-code=%d ext=%q content-type=%q tx=%.f rx=%.f", r.Method, h.peerNode.Key().ShortString(), h.selfNode.Key().ShortString(), wr.statusCode, parseTailFSFileExtensionForLog(r.URL.Path), contentType, roundTraffic(wr.contentLength), roundTraffic(bw.bytesRead))
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
}
|
|
|
|
|
2024-02-09 17:26:43 +00:00
|
|
|
r.URL.Path = strings.TrimPrefix(r.URL.Path, tailFSPrefix)
|
2024-03-26 20:14:43 +00:00
|
|
|
fs.ServeHTTPWithPerms(p, wr, r)
|
|
|
|
}
|
|
|
|
|
|
|
|
// parseTailFSFileExtensionForLog parses the file extension, if available.
|
|
|
|
// If a file extension is not present or parsable, the file extension is
|
|
|
|
// set to "unknown". If the file extension contains a double quote, it is
|
|
|
|
// replaced with "removed".
|
|
|
|
// All whitespace is removed from a parsed file extension.
|
|
|
|
// File extensions including the leading ., e.g. ".gif".
|
|
|
|
func parseTailFSFileExtensionForLog(path string) string {
|
|
|
|
fileExt := "unknown"
|
|
|
|
if fe := filepath.Ext(path); fe != "" {
|
|
|
|
if strings.Contains(fe, "\"") {
|
|
|
|
// Do not log include file extensions with quotes within them.
|
|
|
|
return "removed"
|
|
|
|
}
|
|
|
|
// Remove white space from user defined inputs.
|
|
|
|
fileExt = strings.ReplaceAll(fe, " ", "")
|
|
|
|
}
|
|
|
|
|
|
|
|
return fileExt
|
2024-02-02 18:45:32 +00:00
|
|
|
}
|
|
|
|
|
2022-04-20 19:57:34 +01:00
|
|
|
// newFakePeerAPIListener creates a new net.Listener that acts like
|
|
|
|
// it's listening on the provided IP address and on TCP port 1.
|
|
|
|
//
|
|
|
|
// See docs on fakePeerAPIListener.
|
all: convert more code to use net/netip directly
perl -i -npe 's,netaddr.IPPrefixFrom,netip.PrefixFrom,' $(git grep -l -F netaddr.)
perl -i -npe 's,netaddr.IPPortFrom,netip.AddrPortFrom,' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPPrefix,netip.Prefix,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPPort,netip.AddrPort,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IP\b,netip.Addr,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPv6Raw\b,netip.AddrFrom16,g' $(git grep -l -F netaddr. )
goimports -w .
Then delete some stuff from the net/netaddr shim package which is no
longer neeed.
Updates #5162
Change-Id: Ia7a86893fe21c7e3ee1ec823e8aba288d4566cd8
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-07-26 05:14:09 +01:00
|
|
|
func newFakePeerAPIListener(ip netip.Addr) net.Listener {
|
2022-04-20 19:57:34 +01:00
|
|
|
return &fakePeerAPIListener{
|
all: convert more code to use net/netip directly
perl -i -npe 's,netaddr.IPPrefixFrom,netip.PrefixFrom,' $(git grep -l -F netaddr.)
perl -i -npe 's,netaddr.IPPortFrom,netip.AddrPortFrom,' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPPrefix,netip.Prefix,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPPort,netip.AddrPort,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IP\b,netip.Addr,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPv6Raw\b,netip.AddrFrom16,g' $(git grep -l -F netaddr. )
goimports -w .
Then delete some stuff from the net/netaddr shim package which is no
longer neeed.
Updates #5162
Change-Id: Ia7a86893fe21c7e3ee1ec823e8aba288d4566cd8
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-07-26 05:14:09 +01:00
|
|
|
addr: net.TCPAddrFromAddrPort(netip.AddrPortFrom(ip, 1)),
|
2022-04-20 19:57:34 +01:00
|
|
|
closed: make(chan struct{}),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// fakePeerAPIListener is a net.Listener that has an Addr method returning a TCPAddr
|
|
|
|
// for a given IP on port 1 (arbitrary) and can be Closed, but otherwise Accept
|
|
|
|
// just blocks forever until closed. The purpose of this is to let the rest
|
|
|
|
// of the LocalBackend/PeerAPI code run and think it's talking to the kernel,
|
|
|
|
// even if the kernel isn't cooperating (like on Android: Issue 4449, 4293, etc)
|
|
|
|
// or we lack permission to listen on a port. It's okay to not actually listen via
|
|
|
|
// the kernel because on almost all platforms (except iOS as of 2022-04-20) we
|
2022-09-25 19:29:55 +01:00
|
|
|
// also intercept incoming netstack TCP requests to our peerapi port and hand them over
|
2022-04-20 19:57:34 +01:00
|
|
|
// directly to peerapi, without involving the kernel. So this doesn't need to be
|
|
|
|
// real. But the port number we return (1, in this case) is the port number we advertise
|
|
|
|
// to peers and they connect to. 1 seems pretty safe to use. Even if the kernel's
|
|
|
|
// using it, it doesn't matter, as we intercept it first in netstack and the kernel
|
|
|
|
// never notices.
|
|
|
|
//
|
|
|
|
// Eventually we'll remove this code and do this on all platforms, when iOS also uses
|
|
|
|
// netstack.
|
|
|
|
type fakePeerAPIListener struct {
|
|
|
|
addr net.Addr
|
|
|
|
|
|
|
|
closeOnce sync.Once
|
|
|
|
closed chan struct{}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (fl *fakePeerAPIListener) Close() error {
|
|
|
|
fl.closeOnce.Do(func() { close(fl.closed) })
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (fl *fakePeerAPIListener) Accept() (net.Conn, error) {
|
|
|
|
<-fl.closed
|
2022-04-25 19:02:59 +01:00
|
|
|
return nil, net.ErrClosed
|
2022-04-20 19:57:34 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
func (fl *fakePeerAPIListener) Addr() net.Addr { return fl.addr }
|
2022-12-09 22:21:53 +00:00
|
|
|
|
|
|
|
var (
|
|
|
|
metricInvalidRequests = clientmetric.NewCounter("peerapi_invalid_requests")
|
|
|
|
|
|
|
|
// Non-debug PeerAPI endpoints.
|
|
|
|
metricPutCalls = clientmetric.NewCounter("peerapi_put")
|
|
|
|
metricDNSCalls = clientmetric.NewCounter("peerapi_dns")
|
|
|
|
metricWakeOnLANCalls = clientmetric.NewCounter("peerapi_wol")
|
|
|
|
metricIngressCalls = clientmetric.NewCounter("peerapi_ingress")
|
|
|
|
)
|