summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
Diffstat
-rw-r--r--client/tailscale/tailscale.go20
-rw-r--r--cmd/tailscale/cli/cli.go3
-rw-r--r--safesocket/safesocket.go7
3 files changed, 16 insertions, 14 deletions
diff --git a/client/tailscale/tailscale.go b/client/tailscale/tailscale.go
index 3947f4ff5..62e0e69fc 100644
--- a/client/tailscale/tailscale.go
+++ b/client/tailscale/tailscale.go
@@ -16,10 +16,14 @@ import (
"strconv"
"tailscale.com/ipn/ipnstate"
+ "tailscale.com/paths"
"tailscale.com/safesocket"
"tailscale.com/tailcfg"
)
+// TailscaledSocket is the tailscaled Unix socket.
+var TailscaledSocket = paths.DefaultTailscaledSocket()
+
// tsClient does HTTP requests to the local Tailscale daemon.
var tsClient = &http.Client{
Transport: &http.Transport{
@@ -27,14 +31,16 @@ var tsClient = &http.Client{
if addr != "local-tailscaled.sock:80" {
return nil, fmt.Errorf("unexpected URL address %q", addr)
}
- // On macOS, when dialing from non-sandboxed program to sandboxed GUI running
- // a TCP server on a random port, find the random port. For HTTP connections,
- // we don't send the token. It gets added in an HTTP Basic-Auth header.
- if port, _, err := safesocket.LocalTCPPortAndToken(); err == nil {
- var d net.Dialer
- return d.DialContext(ctx, "tcp", "localhost:"+strconv.Itoa(port))
+ if TailscaledSocket == paths.DefaultTailscaledSocket() {
+ // On macOS, when dialing from non-sandboxed program to sandboxed GUI running
+ // a TCP server on a random port, find the random port. For HTTP connections,
+ // we don't send the token. It gets added in an HTTP Basic-Auth header.
+ if port, _, err := safesocket.LocalTCPPortAndToken(); err == nil {
+ var d net.Dialer
+ return d.DialContext(ctx, "tcp", "localhost:"+strconv.Itoa(port))
+ }
}
- return safesocket.ConnectDefault()
+ return safesocket.Connect(TailscaledSocket, 41112)
},
},
}
diff --git a/cmd/tailscale/cli/cli.go b/cmd/tailscale/cli/cli.go
index daabb3eed..b9d01522f 100644
--- a/cmd/tailscale/cli/cli.go
+++ b/cmd/tailscale/cli/cli.go
@@ -20,6 +20,7 @@ import (
"text/tabwriter"
"github.com/peterbourgon/ff/v2/ffcli"
+ "tailscale.com/client/tailscale"
"tailscale.com/ipn"
"tailscale.com/paths"
"tailscale.com/safesocket"
@@ -88,6 +89,8 @@ change in the future.
return err
}
+ tailscale.TailscaledSocket = rootArgs.socket
+
err := rootCmd.Run(context.Background())
if err == flag.ErrHelp {
return nil
diff --git a/safesocket/safesocket.go b/safesocket/safesocket.go
index 5769c2145..9f93117f3 100644
--- a/safesocket/safesocket.go
+++ b/safesocket/safesocket.go
@@ -10,8 +10,6 @@ import (
"errors"
"net"
"runtime"
-
- "tailscale.com/paths"
)
type closeable interface {
@@ -31,11 +29,6 @@ func ConnCloseWrite(c net.Conn) error {
return c.(closeable).CloseWrite()
}
-// ConnectDefault connects to the local Tailscale daemon.
-func ConnectDefault() (net.Conn, error) {
- return Connect(paths.DefaultTailscaledSocket(), 41112)
-}
-
// Connect connects to either path (on Unix) or the provided localhost port (on Windows).
func Connect(path string, port uint16) (net.Conn, error) {
return connect(path, port)
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.