summaryrefslogtreecommitdiffhomepage
path: root/control/controlclient
AgeCommit message (Collapse)AuthorFilesLines
2022-03-17all: use any instead of interface{}Josh Bleecher Snyder2-6/+6
My favorite part of generics. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2022-03-16go.mod: update to latest certstoreJosh Bleecher Snyder3-6/+6
It includes a fix to allow us to use Go 1.18. We can now remove our Tailscale-only build tags. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2022-03-16control/controlclient: only build certstore-related code with the Tailscale ↵Josh Bleecher Snyder3-6/+6
Go toolchain The certstore code is impacted by golang/go#51726. The Tailscale Go toolchain fork contains a temporary workaround, so it can compile it. Once the upstream toolchain can compile certstore, presumably in Go 1.18.1, we can revert this change. Note that depaware runs with the upstream toolchain. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2022-03-10ssh/tailssh, ipnlocal, controlclient: fetch next SSHAction from networkBrad Fitzpatrick3-0/+17
Updates #3802 Change-Id: I08e98805ab86d6bbabb6c365ed4526f54742fd8e Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-10control/controlclient: proactively close TLS connection after /key fetchBrad Fitzpatrick1-0/+8
When using Noise. Updates #3488 Change-Id: I1049963763075a15b72fd8065dcf44a9cf37975f Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-09control/controlclient, localapi: shorten expiry time via localapi (#4112)Nick O'Neill3-2/+27
Signed-off-by: Nick O'Neill <nick@tailscale.com>
2022-03-09control/controlclient: make MapRequests go over noise.Maisem Ali1-10/+32
Updates #3488 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-08control/controlclient: call direct.Close after map requests are completeMaisem Ali1-3/+3
This was causing a flake in another repo. Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-08control/controlclient: make Auto.Shutdown call Direct.CloseMaisem Ali1-0/+4
Updates #3488 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-08control/controlclient: make RegisterRequest go over NoiseMaisem Ali1-17/+49
Updates #3488 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-08control/controlclient: fix Noise HTTP/2 regression from earlier commitBrad Fitzpatrick1-0/+9
Fix regression from 21069124db caught by tests in another repo. The HTTP/2 Transport that was being returned had a ConnPool that never dialed. Updates #3488 Change-Id: I3184d6393813448ae143d37ece14eb732334c05f Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-08control/controlclient: fix the Noise HTTP/2 timeout configBrad Fitzpatrick1-6/+15
We want to close the connection after a minute of inactivity, not heartbeat once a minute to keep it alive forever. Updates #3488 Change-Id: I4b5275e8d1f2528e13de2d54808773c70537db91 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-07control/controlclient: make SetDNS attempt to go over Noise firstMaisem Ali1-1/+43
Updates #3488 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-07tailcfg: add SetDNSResponseMaisem Ali1-1/+1
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-07control/controlclient: add Noise clientMaisem Ali2-0/+191
Updates #3488 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-07control/controlclient: start fetching the server noise keyMaisem Ali1-15/+29
Updates #3488 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-06tailcfg: rename map request version to "capability version"Brad Fitzpatrick1-2/+2
And add a CapabilityVersion type, primarily for documentation. This makes MapRequest.Version, RegisterRequest.Version, and SetDNSRequest.Version all use the same version, which will avoid confusing in the future if Register or SetDNS ever changed their semantics on Version change. (Currently they're both always 1) This will requre a control server change to allow a SetDNSRequest.Version value other than 1 to be deployed first. Change-Id: I073042a216e0d745f52ee2dbc45cf336b9f84b7c Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-18control/controlclient: use structured logging for MapResponse.ControlTimeJosh Bleecher Snyder1-1/+1
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2022-02-18tailcfg: make MapResponse.ControlTime a pointerJosh Bleecher Snyder1-1/+1
Otherwise omitempty doesn't work. This is wire-compatible with a non-pointer type, so switching is safe, now and in the future. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2022-02-16tailcfg: add MapResponse.ControlTime fieldJosh Bleecher Snyder1-0/+3
And log it when provided in map responses. The test uses the date on which I joined Tailscale. :) Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2022-02-16tailcfg: make Node.Hostinfo a HostinfoViewMaisem Ali1-1/+3
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-02-15tailcfg: add start of SSH policy to be sent from control plane to nodesBrad Fitzpatrick1-0/+5
Updates #3802 Change-Id: Iec58f35d445aaa267d0f7e7e2f30c049c1df4c0e Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-12control/controlclient: remove dummy endpoint in endpoint stripping modeBrad Fitzpatrick1-4/+1
The TODO is done. Magicsock doesn't require any endpoints to create an *endpoint now. Verified both in code and empirically: I can use the env knob and access everything. Change-Id: I4fe7ed5b11c5c5e94b21ef3d77be149daeab998a Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-12all: adjust some log verbosityBrad Fitzpatrick2-12/+12
Updates #1548 Change-Id: Ia55f1b5dc7dfea09a08c90324226fb92cd10fa00 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-11control/controlclient: select newer certificateAdrian Dewhurst2-5/+267
If multiple certificates match when selecting a certificate, use the one issued the most recently (as determined by the NotBefore timestamp). This also adds some tests for the function that performs that comparison. Updates tailscale/coral#6 Signed-off-by: Adrian Dewhurst <adrian@tailscale.com>
2022-02-07control/controlclient: turn off Go's implicit compressionBrad Fitzpatrick1-0/+4
We don't use it anyway, so be explicit that we're not using it. Change-Id: Iec953271ef0169a2e227811932f5b65b479624af Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-01-24envknob: add new package for all the strconv.ParseBool(os.Getenv(..))Brad Fitzpatrick2-23/+10
A new package can also later record/report which knobs are checked and set. It also makes the code cleaner & easier to grep for env knobs. Change-Id: Id8a123ab7539f1fadbd27e0cbeac79c2e4f09751 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-11-29control/controlclient: stop logging about goal.url invariantJosh Bleecher Snyder1-5/+3
This isn't the ideal solution, but it's good enough for now. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2021-11-18net/netns: thread logf into control functionsJosh Bleecher Snyder1-1/+1
So that darwin can log there without panicking during tests. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2021-11-16netcheck, controlclient, magicsock: add more metricsBrad Fitzpatrick1-1/+43
Updates #3307 Change-Id: Ibb33425764a75bde49230632f1b472f923551126 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-11-10hostinfo, control/controlclient: tell control when Ubuntu has disabled ↵Brad Fitzpatrick1-0/+3
Tailscale's sources Fixes #3177 Updates #2500 Change-Id: Iff2a8e27ec7d36a1c210263d6218f20ebed37924 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-11-10control/controlclient: rename a variable to not shadow a package nameBrad Fitzpatrick1-8/+8
Change-Id: I1bcb577cb2c47e936d545ad57f308e57399de323 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-11-07control/controlclient: make js/wasm work with Go 1.18+Brad Fitzpatrick1-0/+7
Updates #3157 Change-Id: I2d67e582842ab3638d720bb5db4701b878ad4473 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-11-03ipn/ipnlocal, control/controlclient: don't propagate all map errors to UIBrad Fitzpatrick2-1/+7
Fixes regression from 81cabf48ec1f0d306f7dcf0c8a58a6eae6594c76 which made all map errors be sent to the frontend UI. Fixes #3230 Change-Id: I7f142c801c7d15e268a24ddf901c3e6348b6729c Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-11-03all: replace tailcfg.DiscoKey with key.DiscoPublic.David Anderson1-2/+2
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-11-02tailcfg: use key.NodePublic in wire protocol types.David Anderson1-3/+3
Updates #3206. Signed-off-by: David Anderson <danderson@tailscale.com>
2021-11-01types/netmap: use key.NodePublic instead of tailcfg.NodeKey.David Anderson1-1/+1
Update #3206 Signed-off-by: David Anderson <danderson@tailscale.com>
2021-11-01tailcfg, control/controlclient: add method to exit client from control planeBrad Fitzpatrick1-0/+4
Change-Id: Ic28ef283ba63396b68fab86bfb0a8ee8f432474c Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-10-29various: use NodePublic.AsNodeKey() instead of tailcfg.NodeKeyFromNodePublic()David Anderson2-4/+4
Updates #3206 Signed-off-by: David Anderson <danderson@tailscale.com>
2021-10-28control/controlclient: stop using wgkey.David Anderson4-31/+19
Updates #3206 Signed-off-by: David Anderson <danderson@tailscale.com>
2021-10-28control/controlclient: add a LoginEphemeral LoginFlags bitBrad Fitzpatrick2-0/+2
Change-Id: Ib9029ea0c49aa2ee1b6aac6e464ab1f16aef92e8 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-10-28types/netmap: use new node key type.David Anderson1-1/+2
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-10-28types/persist: use new node key type.David Anderson2-7/+7
Updates #3206 Signed-off-by: David Anderson <danderson@tailscale.com>
2021-10-27control/controlclient,tailcfg: propagate registration errors to the frontendMaisem Ali3-6/+6
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2021-10-12all: fix spelling mistakesnicksherron2-2/+2
Signed-off-by: nicksherron <nsherron90@gmail.com>
2021-09-19tailcfg, health: add way for control plane to add problems to health checkBrad Fitzpatrick1-0/+5
So if the control plane knows that something's broken about the node, it can include problem(s) in MapResponse and "tailscale status" will show it. (and GUIs in the future, as it's in ipnstate.Status/JSON) This also bumps the MapRequest.Version, though it's not strictly required. Doesn't hurt. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-09-17control/controlclient: update machine certificate signature versionAdrian Dewhurst2-9/+24
This iterates on the original signature format. Signed-off-by: Adrian Dewhurst <adrian@tailscale.com>
2021-09-15control/controlclient: replace TODO with explanationJosh Bleecher Snyder1-1/+1
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2021-09-03types/key: add a special key with custom serialization for control private ↵Dave Anderson6-82/+55
keys (#2792) * Revert "Revert "types/key: add MachinePrivate and MachinePublic."" This reverts commit 61c3b98a24317dcfd5cbe3db29e7d6b64b8c27a7. Signed-off-by: David Anderson <danderson@tailscale.com> * types/key: add ControlPrivate, with custom serialization. ControlPrivate is just a MachinePrivate that serializes differently in JSON, to be compatible with how the Tailscale control plane historically serialized its private key. Signed-off-by: David Anderson <danderson@tailscale.com>
2021-09-03Revert "types/key: add MachinePrivate and MachinePublic."David Anderson6-55/+82
Broke the tailscale control plane due to surprise different serialization. This reverts commit 4fdb88efe1d9b4f8af0aad99bbacc814323ef92a.
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.