Commit Graph

1748 Commits

Author SHA1 Message Date
David Crawshaw ebc70acac7 go.mod: update wireguard-go version 2020-02-21 21:30:00 -05:00
Brad Fitzpatrick cc7b9b0dff control/controlclient: fix priority of DERP server, add comment 2020-02-21 14:47:05 -08:00
Brad Fitzpatrick 3317531021 derp: fix JSON field typo, sort fields to make it easier to see inconsistencies 2020-02-21 14:18:09 -08:00
Brad Fitzpatrick 6cd81d5d1f derp: add more derp stats for dropped and received packets
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-21 14:13:50 -08:00
Brad Fitzpatrick c02f4b5a1f control/controlclient: add temporary mechanism to force derp on
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-21 14:09:24 -08:00
Brad Fitzpatrick 525bf1f3d2 wgengine/magicsock: remember fixed port number preference
So LinkChange events rebind to the same port when possible.
2020-02-21 13:51:18 -08:00
Brad Fitzpatrick c763901b1a cmd/derper: provide debug access over port 80 to trusted (tailscale) IPs
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-21 11:52:27 -08:00
David Anderson cc44e8a443 cmd/mkpkg: add small wrapper around nfpm to build deb/rpm packages.
Signed-Off-By: David Anderson <dave@natulte.net>
2020-02-21 10:45:59 -08:00
Brad Fitzpatrick 2612e54ad1 derp, cmd/derper: add debug handlers, stats
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-21 09:35:53 -08:00
Brad Fitzpatrick 433b917977 interfaces, cmd/tsshd: move interface lookup from tsshd to its own package
For reuse by derper, etc.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-21 08:13:21 -08:00
Brad Fitzpatrick 37e115834e cmd/derper: support logging to logtail
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-21 07:53:22 -08:00
Brad Fitzpatrick 379a3125fd derp, wgengine/magicsock: support more than just packets from Client.Recv
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-20 22:08:13 -08:00
Brad Fitzpatrick 88f1cc0c98 derp, cmd/derper: add rate limiting support, add default 5Mbps limit
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-20 15:26:30 -08:00
Brad Fitzpatrick 1166c34f6c derp: fix staticcheck warning
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-20 14:49:47 -08:00
Brad Fitzpatrick 322cb58b14 derp: deflake test I flaked up in earlier change
I broke an invariant in 11048b8932 (it was even nicely
documented then).

Also clean up the test a bit from while I was debugging it.

Fixes #84

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-20 14:41:39 -08:00
Brad Fitzpatrick f029c4c82d derp: change the protocol framing to always include a length
Addresses one of crawshaw's TODOs.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-20 13:37:44 -08:00
David Anderson c47f907a27 ipn: use *Prefs rather than Prefs throughout.
Prefs has become a heavy object with non-memcpy copy
semantics. We should not pass such a thing by value.

Signed-off-by: David Anderson <dave@natulte.net>
2020-02-20 11:31:10 -08:00
David Anderson 0c55777fed ipn: temporary support for loading legacy relaynode configs.
Signed-off-by: David Anderson <dave@natulte.net>
2020-02-20 11:31:10 -08:00
David Crawshaw 4ebc0fa70f wgengine: incremental update of peers on network map change
This is the first, and easier, part of incremental wireguard-go
reconfiguration. It means that a new node appearing on the
network does not cause all existing nodes to re-handshake with
the other nodes they are talking to.

(This code has been running on hello.ipn.dev for a few weeks and
peers have successfully reconnected to it through many network
map updates.)

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-02-20 13:48:34 -05:00
Brad Fitzpatrick 11048b8932 derp: add docs on current protocol overview, break accept apart a bit
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-20 09:57:05 -08:00
Brad Fitzpatrick 79af6054bf derp: don't start sending keepalives to client until after serverInfo sent
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-20 09:34:01 -08:00
Brad Fitzpatrick 1155716318 derp: rename some things in the client, add some docs
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-20 09:11:56 -08:00
Brad Fitzpatrick 4b461c2e77 derp: rename some things in the server, add some docs 2020-02-20 08:50:25 -08:00
Brad Fitzpatrick d298d5b1f8 wgengine/magicsock: support multiple derp servers, and not just for handshakes
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-20 08:10:12 -08:00
Martin Baillie a9bff99a9b wgengine: add OpenBSD router DNS update handling
Also removes validated TODO comments.

Signed-off-by: Martin Baillie <martin@baillie.email>
2020-02-20 08:03:07 -08:00
David Anderson 5868dd1a77 Lint: remove unused function.
Signed-off-by: David Anderson <dave@natulte.net>
2020-02-19 22:09:12 -08:00
Avery Pennarun 57bbafde84 cmd/relaynode: drop local --acl-file in favour of central packet filter.
relaynode itself is not long for this world, deprecated in favour of
tailscale/tailscaled. But now that the control server supports central
distribution of packet filters, let's actually take advantage of it in
a final, backward compatible release of relaynode.
2020-02-20 00:15:43 -05:00
David Anderson 77907a76a3 version: tag redo-generated version as +build redo.
staticcheck defaults to running with no tags set, which only
works if redo hasn't run and generated ver.go. If it has,
we end up with a redeclaration conflict.

Signed-off-by: David Anderson <dave@natulte.net>
2020-02-19 19:59:28 -08:00
David Anderson 15b4d26d92 logpolicy: automatically figure out paths and filenames.
The autoselection should pick sensible paths for all of:
 - Windows (LocalAppData)
 - Mac (Library/Caches)
 - Unix user (XDG_CACHE_DIR)
 - Linux systemd service (CACHE_DIRECTORY)

As a last resort, if cache dir lookup fails, plops sufficiently
uniquely named files into the current working directory.

Signed-off-by: David Anderson <dave@natulte.net>
2020-02-19 18:52:41 -08:00
Avery Pennarun bec17d05cb .gitattributes: add a smudge filter for go.mod.
This is used when we want to do development against a local wireguard-go
repository checkout.
2020-02-19 20:02:02 -05:00
Brad Fitzpatrick f266e2d1eb version: add CmdName func for future use by logpolicy
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

Change-Id: I02a7c907844f71242ef06ed097f2a92ece7ae091
2020-02-19 11:34:45 -08:00
David Anderson cf1e386cbd ipn: move Options.ServerURL into Prefs.
We can't rely on a frontend to provide a control
server URL, so this naturally belongs in server-persisted
state.

Signed-off-by: David Anderson <dave@natulte.net>
2020-02-19 10:34:39 -08:00
David Crawshaw 45d687e213 wgengine: fix build on linux/freebsd/openbsd/windows
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-02-19 11:58:59 -05:00
David Crawshaw 431929c09a go.mod: fix wireguard-go version 2020-02-19 11:48:59 -05:00
David Crawshaw d0f697ee07 wgengine: update for wgcfg changes
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-02-19 11:44:37 -05:00
David Anderson c4f6f622f0 tailscaled: remove comment from systemd unit.
No need to ship TODOs to end user systems.

Signed-off-by: David Anderson <dave@natulte.net>
2020-02-18 14:46:02 -08:00
David Anderson 20e6fc1d78 tailscaled: fix systemd unit definition.
Port number has to be by itself for substitution to work.

Disabling the restart rate-limiting has to be in [Unit] not
[Service].

Signed-off-by: David Anderson <dave@natulte.net>
2020-02-18 13:46:03 -08:00
David Anderson 5d4b96b8f2 tailscaled: add a systemd unit.
Signed-off-by: David Anderson <dave@natulte.net>
2020-02-18 13:30:54 -08:00
David Anderson 85ac82c386 tailscaled: default to a sock in current dir, for development.
Signed-off-by: David Anderson <dave@natulte.net>
2020-02-18 13:30:23 -08:00
David Anderson 76819e7432 tailscaled: call the network interface tailscale0, not ts0.
Signed-off-by: David Anderson <dave@natulte.net>
2020-02-18 13:15:15 -08:00
David Anderson 4460bd638b safesocket: simplify API.
On unix, we want to provide a full path to the desired unix socket.

On windows, currently we want to provide a TCP port, but someday
we'll also provide a "path-ish" object for a named pipe.

For now, simplify the API down to exactly a path and a TCP port.

Signed-off-by: David Anderson <dave@natulte.net>
2020-02-18 12:56:19 -08:00
Brad Fitzpatrick b72e6446e2 cmd/derper: add a basic DERP server
Mostly Crawshaw's earlier code, refactored a bit.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-18 11:25:11 -08:00
David Anderson c7e2fcd517 Dockerfile: install iptables in the container.
We need iptables to make subnet routing work. Without it,
Tailscale mostly works, but subnet routing mysteriously doesn't.

Signed-off-by: David Anderson <dave@natulte.net>
2020-02-18 11:05:24 -08:00
Brad Fitzpatrick fd1aa4f7f6 wgengine/magicsock: add a reSTUN method
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-18 10:55:36 -08:00
Brad Fitzpatrick 619697063e derp: more misc cleanups
And add an explicit derphttp.Client.Connect in the test now that it's
done lazily.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-18 10:09:37 -08:00
Brad Fitzpatrick e06ca40650 wgengine, magicsock, derp: misc cleanups, docs
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-18 08:58:00 -08:00
David Crawshaw a23a0d9c9f tailcfg: add RegisterRequest.Copy
Add some docs while I'm here.

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-02-18 06:45:56 -05:00
David Anderson 47da432991 ipn: handle advertised routes provided by frontend.
Signed-off-by: David Anderson <dave@natulte.net>
2020-02-17 20:47:45 -08:00
wardn 5d79530caa wgengine: create freebsd-specific implementation
Signed-off-by: wardn <wardn@users.noreply.github.com>
2020-02-17 19:16:08 -08:00
Dave Anderson a0af5655a8
Merge pull request #67 from tailscale/danderson/adv-routes
ipn: add AdvertiseRoutes to Prefs.
2020-02-17 16:03:33 -08:00