| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
releases for macOS/darwin.
So the public can "brew install" tailscale and start it as a global boot daemon via brew services.
supported: Homebrew 3.0, go1.15 darwin/amd64, macOS Catalina 10.15.3, Intel 64-bit
probably also but unconfirmed: BigSur 11 and Apple M1 ARM64
NOTE: lots of upgrades and polish since 1st squashed WIP PR, and applies most prior feedback
Part of #177. (WIP)
Signed-off-by: Mike Kramlich <groglogic@gmail.com>
|
|
Fixes #1391
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Regression from code movement in d3efe8caf636aaa9a8e02b65877878954ea980b7
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
* move probing out of netcheck into new net/portmapper package
* use PCP ANNOUNCE op codes for PCP discovery, rather than causing
short-lived (sub-second) side effects with a 1-second-expiring map +
delete.
* track when we heard things from the router so we can be less wasteful
in querying the router's port mapping services in the future
* use portmapper from magicsock to map a public port
Fixes #1298
Fixes #1080
Fixes #1001
Updates #864
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Fixes #1388.
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
Fixes #1363
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
Part of #1177, preparing for doing fancier set operations on
the allowed local nets.
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
Signed-off-by: Matt Layher <mdlayher@gmail.com>
|
|
Importing the non-main package was missing some dependencies that
"go mod tidy" would then cleanup. Also added a non-ignore build tag to
avoid other tools getting upset about importing a main package.
Signed-off-by: Filippo Valsorda <hi@filippo.io>
|
|
$ GOOS=openbsd GOARCH=arm64 go install tailscale.com/cmd/...@latest
pkg/mod/github.com/kr/pty@v1.1.4-0.20190131011033-7dc38fb350b1/pty_openbsd.go:24:10: undefined: ptmget
pkg/mod/github.com/kr/pty@v1.1.4-0.20190131011033-7dc38fb350b1/pty_openbsd.go:25:34: undefined: ioctl_PTMGET
"go mod tidy" did some unrelated work in go.sum, maybe because it was
not run with Go 1.16 before.
Signed-off-by: Filippo Valsorda <hi@filippo.io>
|
|
Fixes #1370
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Updates #943
Updates #1370
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
|
|
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
|
|
|
|
Updates tailscale/corp#1338
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
This makes cidrDiff do as much as possible before failing, and makes a
delete of an already-deleted rule be a no-op. We should never do this
ourselves, but other things on the system can, and this should help us
recover a bit.
Also adds the start of root-requiring tests.
TODO: hook into wgengine/monitor and notice when routes are changed
behind our back, and invalidate our routes map and re-read from
kernel (via the ip command) at least on the next reconfig call.
Updates tailscale/corp#1338
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
and some minor style nits.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
|
|
Don't do it on all platforms, as Linux folk might be playing
container + capability games.
|
|
This allows proxy URLs such as:
http://azurediamond:hunter2@192.168.122.154:38274
to be used in order to dial out to control, logs or derp servers.
Signed-off-by: Christine Dodrill <xe@tailscale.com>
|
|
no generated code change.
|
|
Tangentially related to #987, #177, #594, #925, #505
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
And open up socket permissions like Linux, now that we know who
connections are from.
This uses the new inet.af/peercred that supports Linux and Darwin at
the moment.
Fixes #1347
Fixes #1348
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Fixes #1292
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Fixes tailscale/corp#440
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Updates tailscale/corp#440
|
|
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
|
|
|
|
|
|
I meant for these to be part of 52e24aa966ffa.
|
|
|
|
Tangentially related to #987, #177, #594, #925, #505
|
|
Fixes #1331
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Tangentially related to #987, #177, #594, #925, #505
Motivated by rebooting a launchd-controlled tailscaled and it going
into SetNetworkUp(false) mode immediately because there really is no
network up at system boot, but then it got stuck in that paused state
forever, without a monitor implementation.
|
|
launchd
Tangentially related to #987, #177, #594, #925.
|
|
|
|
The interface.State logging tried to only log interfaces which had
interesting IPs, but the what-is-interesting checks differed between
the code that gathered the interface names to print and the printing
of their addresses.
|
|
When a handshake race occurs, a queued data packet can get lost.
TestTwoDevicePing expected that the very first data packet would arrive.
This caused occasional flakes.
Change TestTwoDevicePing to repeatedly re-send packets
and succeed when one of them makes it through.
This is acceptable (vs making WireGuard not drop the packets)
because this only affects communication with extremely old clients.
And those extremely old clients will eventually connect,
because the kernel will retry sends on timeout.
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
|
|
|
|
|
|
Only do the type assertion to *net.UDPAddr when addr is non-nil.
This prevents a bunch of log spam during tests.
|
|
We modified the standard net package to not allocate a *net.UDPAddr
during a call to (*net.UDPConn).ReadFromUDP if the caller's use
of the *net.UDPAddr does not cause it to escape.
That is https://golang.org/cl/291390.
This is the companion change to magicsock.
There are two changes required.
First, call ReadFromUDP instead of ReadFrom, if possible.
ReadFrom returns a net.Addr, which is an interface, which always allocates.
Second, reduce the lifetime of the returned *net.UDPAddr.
We do this by immediately converting it into a netaddr.IPPort.
We left the existing RebindingUDPConn.ReadFrom method in place,
as it is required to satisfy the net.PacketConn interface.
With the upstream change and both of these fixes in place,
we have removed one large allocation per packet received.
name old time/op new time/op delta
ReceiveFrom-8 16.7µs ± 5% 16.4µs ± 8% ~ (p=0.310 n=5+5)
name old alloc/op new alloc/op delta
ReceiveFrom-8 112B ± 0% 64B ± 0% -42.86% (p=0.008 n=5+5)
name old allocs/op new allocs/op delta
ReceiveFrom-8 3.00 ± 0% 2.00 ± 0% -33.33% (p=0.008 n=5+5)
Co-authored-by: Sonia Appasamy <sonia@tailscale.com>
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
|
|
addrSet maintained duplicate lists of netaddr.IPPorts and net.UDPAddrs.
Unify to use the netaddr type only.
This makes (*Conn).ReceiveIPvN a bit uglier,
but that'll be cleaned up in a subsequent commit.
This is preparatory work to remove an allocation from ReceiveIPv4.
Co-authored-by: Sonia Appasamy <sonia@tailscale.com>
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
|
|
Co-authored-by: Sonia Appasamy <sonia@tailscale.com>
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
|
