| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Signed-off-by: Christine Dodrill <xe@tailscale.com>
|
|
Signed-off-by: Christine Dodrill <xe@tailscale.com>
|
|
Signed-off-by: Christine Dodrill <xe@tailscale.com>
|
|
Signed-off-by: Christine Dodrill <xe@tailscale.com>
|
|
Signed-off-by: Christine Dodrill <xe@tailscale.com>
|
|
Signed-off-by: Christine Dodrill <xe@tailscale.com>
|
|
Signed-off-by: Christine Dodrill <xe@tailscale.com>
|
|
|
|
c8c493f3d9bf925e9459236bf1ecea823be6f825 made it always say
`created=false` which scared me when I saw it, as that would've implied
things were broken much worse. Fortunately the logging was just wrong.
|
|
|
|
Fixes #1172
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
This adds a more wire-efficient way of updating peers' Node.LastSeen times.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Updates #1172
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
DstToString is used in two places in wireguard-go: Logging and uapi.
We are switching to use uapi for wireguard-go config.
To preserve existing behavior, we need the full set of addrs.
And for logging, having the full set of addrs seems useful.
(The Addrs method itself is slated for removal. When that happens,
the implementation will move to DstToString.)
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
|
|
To save CPU and wakeups, don't run the DERP cleanup timer regularly
unless there is a non-home DERP connection open.
Also eliminates the goroutine, moving to a time.AfterFunc.
Updates #1034
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
|
|
connection is closed"
This reverts commit 08baa17d9a785635891c3462d01e601759b8b8b6.
It caused deadlocks due to lock ordering violations.
It was not the right fix, and thus should simply be reverted
while we look for the right fix (if we haven't already found it
in the interim; we've fixed other logging-after-test issues).
Fixes #1161
|
|
|
|
The 'ok' from 'ipp, ok :=' above was the result parameter ok. Whoops.
|
|
name old time/op new time/op delta
ReceiveFrom-4 21.8µs ± 2% 20.9µs ± 2% -4.27% (p=0.000 n=10+10)
Updates #414
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
It's about to become a no-op in control.
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
name old time/op new time/op delta
ReceiveFrom-4 35.8µs ± 3% 21.9µs ± 5% -38.92% (p=0.008 n=5+5)
Fixes #1145
Updates #414
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
|
|
context.cancelCtx.Done involves a mutex and isn't as cheap as I
previously assumed. Convert the donec method into a struct field and
store the channel value once. Our one magicsock.Conn gets one pointer
larger, but it cuts ~1% of the CPU time of the ReceiveFrom benchmark
and removes a bubble from the --svg output :)
|
|
|
|
+ add a test for parseAndRemoveLogLevel()
+ add a test for drainPendingMessages()
+ test JSON log encoding including several special cases
Other tests frequently send logs but a) don't check the result and
b) do so by happenstance, such that the code in encode() was not
consistently being exercised and leading to spurious changes in
code coverage. These tests attempt to more systematically test
the logging function.
This is the second attempt to add these tests, the first attempt
(in https://github.com/tailscale/tailscale/pull/1114) had two issues:
1. httptest.NewServer creates multiple goroutine handlers, and
logtail uses goroutines to upload, but the first version had no
locking in the server to guard this.
Moved data handling into channels to get synchronization.
2. The channel to notify the test of the arrival of data had a depth
of 1, in cases where the Logger sent multiple uploads it would
block the server.
This resulted in the first iteration of these tests being flaky,
and we reverted it.
This new version of the tests has passed with
go test -race -count=10000
and seems solid.
Signed-off-by: Denton Gentry <dgentry@tailscale.com>
|
|
This test serves two purposes:
+ check that Write() returns an error if the tstun has been
closed.
+ ensure that the close-related code in tstun is exercised in
a test case. We were getting spurious code coverage adds/drops
based on timing of when the test case finished.
Signed-off-by: Denton Gentry <dgentry@tailscale.com>
|
|
Windows has a low resolution timer.
Some of the tests assumed that unblock takes effect immediately.
Consider:
t := time.Now()
elapsed := time.Now().After(t)
It seems plausible that elapsed should always be true.
However, with a low resolution timer, that might fail.
Change time.Now().After to !time.Now().Before,
so that unblocking always takes effect immediately.
Fixes #873.
|
|
If err == nil, then !errors.Is(err, anything).
|
|
This appears to have been an oversight.
|
|
|
|
|
|
22507adf5489a8293e03a5af06bd6af41d031468 stopped relying on
our fork of wireguard-go's UpdateDst callback.
As a result, we can unwind that code,
and the extra return value of ReceiveIPv{4,6}.
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
|
|
Test is flakey, remove it and figure out what to do differently later.
Signed-off-by: Denton Gentry <dgentry@tailscale.com>
|
|
TwoDevicePing is explicitly testing the behavior of the legacy codepath, everything
else is happy to assume that code no longer exists.
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
Used in tests to ensure we're not relying on behavior we're going
to remove eventually.
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
Previously, this benchmark relied on behavior of the legacy
receive codepath, which I changed in 22507adf. With this
change, the benchmark instead relies on the new active discovery
path.
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
This is a big hammer approach to helping with #1132.
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
|
|
is closed
This prevents us from continuing to do unnecessary work
(including logging) after the connection has closed.
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
|
|
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
|
|
We already do this in newUserspaceEngineAdvanced.
Apply it to newMagicStack as well.
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
|
|
Also suppress log lines like:
peer(Kksd…ySmc) - Routine: sequential sender - stopped
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
|
|
This adds a new IP Protocol type, TSMP on protocol number 99 for
sending inter-tailscale messages over WireGuard, currently just for
why a peer rejects TCP SYNs (ACL rejection, shields up, and in the
future: nothing listening, something listening on that port but wrong
interface, etc)
Updates #1094
Updates tailscale/corp#1185
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
This partially reverts d6e9fb1df0fd6, which modified the permissions
on the tailscaled Unix socket and thus required "sudo tailscale" even
for "tailscale status".
Instead, open the permissions back up (on Linux only) but have the
server look at the peer creds and only permit read-only actions unless
you're root.
In the future we'll also have a group that can do mutable actions.
On OpenBSD and FreeBSD, the permissions on the socket remain locked
down to 0600 from d6e9fb1df0fd6.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
