Commit Graph

1938 Commits

Author SHA1 Message Date
Christine Dodrill 48c40eefd9 logpolicy: set log target on windows based on a registry key
Signed-off-by: Christine Dodrill <xe@tailscale.com>
2021-03-18 13:12:37 -04:00
Brad Fitzpatrick aa79a57f63 wgengine/netstack: use inet.af/netstack, remove 64-bit only limitation
This reverts the revert commit 84aba349d9.

And changes us to use inet.af/netstack.

Updates #1518

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-17 22:46:09 -07:00
Brad Fitzpatrick a217078f67 go.mod: update golang.org/x/oauth2
go.sum gets a bit wild, but tolerable.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-17 22:46:09 -07:00
Brad Fitzpatrick ec1b31ea83 go.mod: update golang.org/x/{crypto,sync,sys,term,time}
These ones don't have large dependency trees.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-17 22:46:09 -07:00
Brad Fitzpatrick a4fa2c5611 go.mod, go.sum: go mod tidy
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-17 19:54:01 -07:00
David Anderson 6fb5d4080c net/portmapper: silently handle PCP NOT_AUTHORIZED responses.
Fixes #1525.

Signed-off-by: David Anderson <danderson@tailscale.com>
2021-03-17 19:44:35 -07:00
Brad Fitzpatrick 4145bb7148 tailcfg: bump CurrentMapRequestVersion, forgotten earlier
In f45a9e291b (2021-03-04), I tried to bump CurrentMapRequestVersion
to 12 but only documented the meaning of 12 but forgot to actually
increase it from 11.

Mapver 11 was added in ea49b1e811 (2021-03-03).

Fix this in its own commit so we can cherry-pick it to the 1.6 release
branch.
2021-03-17 14:12:35 -07:00
David Anderson 4543e4202f VERSION.txt: this is 1.7.0. 2021-03-16 19:04:55 -07:00
David Anderson 6f48a8422a version: remove version-info.sh when cleaning. 2021-03-16 16:38:19 -07:00
David Anderson 84aba349d9 Revert "wgengine/netstack: update gvisor to remove 64-bit only limitation"
Breaks our corp repo due to gRPC dependency hell.

This reverts commit d42f8b7f9a.
2021-03-16 15:36:06 -07:00
Brad Fitzpatrick e0f2796b43 wgengine: don't diagnose iOS NWPathMonitor connection probe timeouts
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-16 14:13:02 -07:00
Brad Fitzpatrick 0f90586da8 wgengine/monitor: skip more route messages on darwin
Should help iOS battery life on NEProvider.wake/skip events
with useless route updates that shouldn't cause re-STUNs.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-16 12:59:26 -07:00
Brad Fitzpatrick d5fd373f09 net/interfaces: skip IPv6 link-local interfaces like we do for IPv4
We strip them control-side anyway, and we already strip IPv4 link
local, so there's no point uploading them.  And iOS has a ton of them,
which results in somewhat silly amount of traffic in the MapRequest.

We'll be doing same-LAN-inter-tailscaled link-local traffic a
different way, with same-LAN discovery.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-16 12:52:34 -07:00
Brad Fitzpatrick 469613b4c5 version: bump date
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-16 12:36:01 -07:00
Brad Fitzpatrick 27c4dd9a97 Revert "cmd/tailscaled, ipn/{ipnlocal,ipnserver}: let netstack get access to LocalBackend"
This reverts commit 2bc518dcb2.

@namansood didn't end up needing it in his 770aa71ffb.
2021-03-16 12:33:13 -07:00
Brad Fitzpatrick 9eb65601ef health, ipn/ipnlocal: track, log overall health
Updates #1505

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-16 09:12:39 -07:00
Brad Fitzpatrick 6fbc9b3a98 control/controlclient: cache Windows version
To atone for 1d7f9d5b4a, the revert of 4224b3f731.

At least it's fast again, even if it's shelling out to cmd.exe (once now).

Updates #1478

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-15 21:40:32 -07:00
Brad Fitzpatrick 1d7f9d5b4a Revert "control/controlclient: use API to get Windows version number"
This reverts commit 4224b3f731.

From https://github.com/tailscale/tailscale/pull/1494#discussion_r594852889 ...

> Actually, I want all four numbers back. I spent the evening
> debugging an issue for a user running an old version of Windows
> and then going to to
> https://en.wikipedia.org/wiki/Windows_10_version_history_(version_1809)
> and reading all the revision notes in the footnotes of that wikipedia
> page.
>
> I'm going to revert this for now for Tailscale 1.6. We can land it
> again later when we figure out how to get the fourth numbers.

Updates #1478
2021-03-15 21:28:48 -07:00
Brad Fitzpatrick d42f8b7f9a wgengine/netstack: update gvisor to remove 64-bit only limitation
gVisor fixed their google/gvisor#1446 so we can include gVisor mode
on 32-bit machines.

A few minor upstream API changes, as normal.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-15 21:02:51 -07:00
Brad Fitzpatrick 98ab533324 cmd/tailscale/cli: include GOOS in BSD warning message
instead of just lowercase "bsd"

Updates #1475

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-15 21:02:16 -07:00
David Anderson 380a3526f6 cmd/tailscale/cli: warn if using subnet routing on BSD
Fixes #1475.

Signed-off-by: David Anderson <danderson@tailscale.com>
2021-03-15 17:25:59 -07:00
Brad Fitzpatrick 232cfda280 wgengine/router: report to control when setPrivateNetwork fails
Fixes #1503

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-15 16:19:40 -07:00
Brad Fitzpatrick ba8c6d0775 health, controlclient, ipn, magicsock: tell health package state of things
Not yet checking anything. Just plumbing states into the health package.

Updates #1505

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-15 15:20:55 -07:00
Naman Sood 770aa71ffb client, cmd/hello, ipn, wgengine: fix whois for netstack-forwarded connections
Updates #504

Updates #707

Signed-off-by: Naman Sood <mail@nsood.in>
2021-03-15 18:14:09 -04:00
Brad Fitzpatrick 44ab0acbdb net/portmapper, wgengine/monitor: cache gateway IP info until link changes
Cuts down allocs & CPU in steady state (on regular STUN probes) when network
is unchanging.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-15 14:27:39 -07:00
Brad Fitzpatrick d580b3f09e wgengine/router: fix go vet failure on BSDs
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-15 14:27:39 -07:00
Brad Fitzpatrick 974be2ec5c net/interfaces: rewrite the darwin likelyHomeRouterIP from C to Go
We basically already had the RIB-parsing Go code for this in both
net/interfaces and wgengine/monitor, for other reasons.

Fixes #1426
Fixes #1471

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-15 13:27:36 -07:00
Christine Dodrill deff20edc6
cmd/tailscale/cli: don't permit setting self IP as exit node (#1491)
This change makes it impossible to set your own IP address as the exit node for this system.

Fixes #1489

Signed-off-by: Christine Dodrill <xe@tailscale.com>
2021-03-15 15:44:56 -04:00
Brad Fitzpatrick ab2a8a7493 derp: return keep-alive message up to callers
To be used by health checking, which wants to see activity, even if idle.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-15 10:43:48 -07:00
Aleksandar Pesic 4224b3f731 control/controlclient: use API to get Windows version number
Fixes #1478

Signed-off-by: Aleksandar Pesic <peske.nis@gmail.com>
2021-03-15 10:06:42 -07:00
Brad Fitzpatrick 2bc518dcb2 cmd/tailscaled, ipn/{ipnlocal,ipnserver}: let netstack get access to LocalBackend
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-15 09:31:25 -07:00
Aleksandar Pesic 25d2dd868b wgengine/router: flushdns in windows when router config changes
Fixes: https://github.com/tailscale/tailscale/issues/1430

Signed-off-by: Aleksandar Pesic <peske.nis@gmail.com>
2021-03-15 13:03:01 +01:00
Brad Fitzpatrick d491adbf09 cmd/tailscaled: on Synology, fall back to netstack if needed
Updates tailscale/tailscale-synology#35

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-12 15:04:13 -08:00
Brad Fitzpatrick c6358f2247 net/netcheck: add a few more STUN retries for prior DERP home
For #1310, maybe.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-12 11:46:08 -08:00
Brad Fitzpatrick 0a84359d2d tailcfg, net/netcheck: let control mark "Avoid" bit on DERP regions
So a region can be used if needed, but won't be STUN-probed or used as
its home.

This gives us another possible debugging mechanism for #1310, or can
be used as a short-term measure against DERP flip-flops for people
equidistant between regions if our hysteresis still isn't good enough.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-12 10:43:24 -08:00
Brad Fitzpatrick c81814e4f8 derp{,/derphttp},magicsock: tell DERP server when ping acks can be expected
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-12 09:55:02 -08:00
Brad Fitzpatrick f9f3b67f3a wgengine{,tsdns}: rebind MagicDNS forwarders on link change
Fixes #1480

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-12 08:56:53 -08:00
David Crawshaw bdb91a20eb ipnstate, ipnlocal: add AuthURL to status
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2021-03-12 08:07:20 -08:00
David Anderson 1bc3c03562 control/controlclient: allow for an unset linkMon.
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-03-11 21:21:15 -08:00
David Anderson fa6110e47b wgengine/router: don't touch interface routes
Developed by a cast of dozens.

Fixes #1448

Signed-off-by: David Anderson <danderson@tailscale.com>
2021-03-11 21:09:25 -08:00
Brad Fitzpatrick c576fea60e wgengine/magicsock: delete unused WhoIs method that was moved elsewhere
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-11 11:44:01 -08:00
David Anderson 0b66cfe1e0 control/controlclient: report broken IP forwarding more precisely.
IP forwarding is not required when advertising a machine's local IPs
over Tailscale.

Fixes #1435.

Signed-off-by: David Anderson <danderson@tailscale.com>
2021-03-11 10:49:57 -08:00
Brad Fitzpatrick 0430c2dd12 wgengine/tsdns: truncate Map.PrettyDiffFrom string at 1KB
Hello's were painful.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-10 07:31:11 -08:00
Brad Fitzpatrick cc99059fc2 Revert "--advertise-routes option enabled in Mac tailscale CLI; it checks for IP forwarding enabled"
This reverts commit 08949d4ef1.

I think this code was aspirational. There's no code that sets up the
appropriate NAT code using pfctl/etc. See #911 and #1475.

Updates #1475
Updates #911
2021-03-09 19:30:26 -08:00
David Anderson bf0740b011 Merge branch 'main' of github.com:tailscale/tailscale into danderson/filter-privacy 2021-03-09 16:33:55 -08:00
David Anderson a7f12a110a wgengine/filter: only log packets to/from non-default routes.
Fixes tailscale/corp#1429.

Signed-off-by: David Anderson <danderson@tailscale.com>
2021-03-09 16:28:43 -08:00
David Anderson d79a2f3809 wgengine/filter: only log packets to/from non-default routes.
Fixes tailscale/corp#1429.

Signed-off-by: David Anderson <danderson@tailscale.com>
2021-03-09 16:24:09 -08:00
Brad Fitzpatrick ef7bac2895 tailcfg, net/portmapper, wgengine/magicsock: add NetInfo.HavePortMap
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-09 15:17:24 -08:00
Brad Fitzpatrick 79d8288f0a wgengine/magicsock, derp, derp/derphttp: respond to DERP server->client pings
No server support yet, but we want Tailscale 1.6 clients to be able to respond
to them when the server can do it.

Updates #1310

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-09 13:56:13 -08:00
Brad Fitzpatrick 66480755c2 cmd/tailscale/cli: document how to see subcommand usage
From user feedback.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-09 12:52:25 -08:00