diff options
| author | David Crawshaw <crawshaw@tailscale.com> | 2021-03-30 09:21:22 -0700 |
|---|---|---|
| committer | David Crawshaw <crawshaw@tailscale.com> | 2021-03-30 09:23:08 -0700 |
| commit | 2cf0fdb76047d029ad7da944f58524776bd4f839 (patch) | |
| tree | 132959efa65575f1fd0c890526eed761fafc4e97 /client | |
| parent | 33bc69cf1f7a026221368c1cebbbdcee66529a80 (diff) | |
| download | tailscale-crawshaw/socket.tar.xz tailscale-crawshaw/socket.zip | |
client/tailscale, cmd/tailscale/cli: plumb --socket throughcrawshaw/socket
Without this, `tailscale status` ignores the --socket flag on macOS and
always talks to the IPNExtension, even if you wanted it to inspect a
userspace tailscaled.
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
Diffstat (limited to 'client')
| -rw-r--r-- | client/tailscale/tailscale.go | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/client/tailscale/tailscale.go b/client/tailscale/tailscale.go index 3947f4ff5..62e0e69fc 100644 --- a/client/tailscale/tailscale.go +++ b/client/tailscale/tailscale.go @@ -16,10 +16,14 @@ import ( "strconv" "tailscale.com/ipn/ipnstate" + "tailscale.com/paths" "tailscale.com/safesocket" "tailscale.com/tailcfg" ) +// TailscaledSocket is the tailscaled Unix socket. +var TailscaledSocket = paths.DefaultTailscaledSocket() + // tsClient does HTTP requests to the local Tailscale daemon. var tsClient = &http.Client{ Transport: &http.Transport{ @@ -27,14 +31,16 @@ var tsClient = &http.Client{ if addr != "local-tailscaled.sock:80" { return nil, fmt.Errorf("unexpected URL address %q", addr) } - // On macOS, when dialing from non-sandboxed program to sandboxed GUI running - // a TCP server on a random port, find the random port. For HTTP connections, - // we don't send the token. It gets added in an HTTP Basic-Auth header. - if port, _, err := safesocket.LocalTCPPortAndToken(); err == nil { - var d net.Dialer - return d.DialContext(ctx, "tcp", "localhost:"+strconv.Itoa(port)) + if TailscaledSocket == paths.DefaultTailscaledSocket() { + // On macOS, when dialing from non-sandboxed program to sandboxed GUI running + // a TCP server on a random port, find the random port. For HTTP connections, + // we don't send the token. It gets added in an HTTP Basic-Auth header. + if port, _, err := safesocket.LocalTCPPortAndToken(); err == nil { + var d net.Dialer + return d.DialContext(ctx, "tcp", "localhost:"+strconv.Itoa(port)) + } } - return safesocket.ConnectDefault() + return safesocket.Connect(TailscaledSocket, 41112) }, }, } |