From a4b585947ddd9f790d3f2be0eef932675fda40fc Mon Sep 17 00:00:00 2001
From: Brad Fitzpatrick <bradfitz@tailscale.com>
Date: Fri, 5 Mar 2021 12:07:00 -0800
Subject: [PATCH] ipn/localapi, client/tailscale: add a goroutine dump handler

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
---
 client/tailscale/tailscale.go | 20 ++++++++++++++++++++
 ipn/localapi/localapi.go      | 16 ++++++++++++++++
 2 files changed, 36 insertions(+)

diff --git a/client/tailscale/tailscale.go b/client/tailscale/tailscale.go
index 69fc84eb1..9ebbf8fcb 100644
--- a/client/tailscale/tailscale.go
+++ b/client/tailscale/tailscale.go
@@ -88,3 +88,23 @@ func WhoIs(ctx context.Context, remoteAddr string) (*tailcfg.WhoIsResponse, erro
 	}
 	return r, nil
 }
+
+func Goroutines(ctx context.Context) ([]byte, error) {
+	req, err := http.NewRequestWithContext(ctx, "GET", "http://local-tailscaled.sock/localapi/v0/goroutines", nil)
+	if err != nil {
+		return nil, err
+	}
+	res, err := DoLocalRequest(req)
+	if err != nil {
+		return nil, err
+	}
+	defer res.Body.Close()
+	body, err := ioutil.ReadAll(res.Body)
+	if err != nil {
+		return nil, err
+	}
+	if res.StatusCode != 200 {
+		return nil, fmt.Errorf("HTTP %s: %s", res.Status, body)
+	}
+	return body, nil
+}
diff --git a/ipn/localapi/localapi.go b/ipn/localapi/localapi.go
index 7b537d404..7162a65ee 100644
--- a/ipn/localapi/localapi.go
+++ b/ipn/localapi/localapi.go
@@ -9,6 +9,7 @@ import (
 	"encoding/json"
 	"io"
 	"net/http"
+	"runtime"
 
 	"inet.af/netaddr"
 	"tailscale.com/ipn/ipnlocal"
@@ -53,6 +54,8 @@ func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	switch r.URL.Path {
 	case "/localapi/v0/whois":
 		h.serveWhoIs(w, r)
+	case "/localapi/v0/goroutines":
+		h.serveGoroutines(w, r)
 	default:
 		io.WriteString(w, "tailscaled\n")
 	}
@@ -93,3 +96,16 @@ func (h *Handler) serveWhoIs(w http.ResponseWriter, r *http.Request) {
 	w.Header().Set("Content-Type", "application/json")
 	w.Write(j)
 }
+
+func (h *Handler) serveGoroutines(w http.ResponseWriter, r *http.Request) {
+	// Require write access out of paranoia that the goroutine dump
+	// (at least its arguments) might contain something sensitive.
+	if !h.PermitWrite {
+		http.Error(w, "goroutine dump access denied", http.StatusForbidden)
+		return
+	}
+	buf := make([]byte, 2<<20)
+	buf = buf[:runtime.Stack(buf, true)]
+	w.Header().Set("Content-Type", "text/plain")
+	w.Write(buf)
+}