derp/derphttp: make DERP client use netns for dial-outs.
This commit is contained in:
parent
9e3ad4f79f
commit
e9f7d01b91
|
@ -27,6 +27,7 @@ import (
|
|||
"inet.af/netaddr"
|
||||
"tailscale.com/derp"
|
||||
"tailscale.com/net/dnscache"
|
||||
"tailscale.com/net/netns"
|
||||
"tailscale.com/net/tlsdial"
|
||||
"tailscale.com/tailcfg"
|
||||
"tailscale.com/types/key"
|
||||
|
@ -296,7 +297,7 @@ func (c *Client) dialURL(ctx context.Context) (net.Conn, error) {
|
|||
host := c.url.Hostname()
|
||||
hostOrIP := host
|
||||
|
||||
var stdDialer dialer = new(net.Dialer)
|
||||
var stdDialer dialer = netns.Dialer()
|
||||
var dialer = stdDialer
|
||||
if wrapDialer != nil {
|
||||
dialer = wrapDialer(dialer)
|
||||
|
@ -345,7 +346,7 @@ func (c *Client) dialRegion(ctx context.Context, reg *tailcfg.DERPRegion) (net.C
|
|||
}
|
||||
|
||||
func (c *Client) dialContext(ctx context.Context, proto, addr string) (net.Conn, error) {
|
||||
var stdDialer dialer = new(net.Dialer)
|
||||
var stdDialer dialer = netns.Dialer()
|
||||
var dialer = stdDialer
|
||||
if wrapDialer != nil {
|
||||
dialer = wrapDialer(dialer)
|
||||
|
|
|
@ -23,6 +23,13 @@ func Listener() *net.ListenConfig {
|
|||
return &net.ListenConfig{Control: control}
|
||||
}
|
||||
|
||||
// Dialer returns a new net.Dialer with its Control hook func
|
||||
// initialized as necessary to run in a logical network namespace that
|
||||
// doesn't route back into Tailscale.
|
||||
func Dialer() *net.Dialer {
|
||||
return &net.Dialer{Control: control}
|
||||
}
|
||||
|
||||
// control marks c as necessary to dial in a separate network namespace.
|
||||
//
|
||||
// It's intentionally the same signature as net.Dialer.Control
|
||||
|
|
Loading…
Reference in New Issue