I used the Windows APIs wrong previously, but it had worked just
enough.
Updates #921
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
(cherry picked from commit eccc167733)
First remove the device (to clear its wireguard session key), and then
add it back.
Fixes#929
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
(cherry picked from commit d9e2edb5ae)
This fixes the problem where, while running `redo version-info.sh`, the
repo would always show up as dirty, because redo creates a temp file
named *.tmp. This caused the version code to always have a -dirty tag,
but not when you run version.sh by hand.
Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>
Instead of reverting to 0.0.0, keep the same version number (eg. 1.2.4)
but add an extra suffix with the change count,
eg. 1.2.4-6-tb35d95ad7-gcb8be72e6. This avoids the problem where a
small patch causes the code to report a totally different version to
the server, which might change its behaviour based on version code.
(The server might enable various bug workarounds since it thinks
0.0.0 is very old.)
Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>
This option isn't available on slightly older versions of git. We were
no longer using the real describe functionality anyway, so let's just do
something simpler to detect a dirty worktree.
While we're here, fix up a little bit of sh style.
Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>
These accidentally make the tag syntax more flexible than was intended,
which will create forward compatibility problems later. Let's go back
to the old stricter parser.
Revert "cmd/tailscale/cli: fix double tag: prefix in tailscale up"
Revert "cmd/tailscale/cli, tailcfg: allow tag without "tag:" prefix in 'tailscale up'"
This reverts commit a702921620.
This reverts commit cd07437ade.
Affects #861.
Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>
In 1.0, subnet relays were not specially handled when WPAD+PAC was
present on the network.
In 1.2, on Windows, subnet relays were disabled if WPAD+PAC was
present. That was what some users wanted, but not others.
This makes it configurable per domain, reverting back to the 1.0
default state of them not being special. Users who want that behavior
can then enable it.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
(cherry picked from commit d21956436a)
In tests, we force binding to localhost to avoid OS firewall warning
dialogs.
But for IPv6, we were trying (and failing) to bind to 127.0.0.1.
You'd think we'd just say "localhost", but that's apparently ill
defined. See
https://tools.ietf.org/html/draft-ietf-dnsop-let-localhost-be-localhost
and golang/go#22826. (It's bitten me in the past, but I can't
remember specific bugs.)
So use "::1" explicitly for "udp6", which makes the test quieter.
(cherry picked from commit 450cfedeba)
The output of `wc -l` on darwin starts with a tab:
git rev-list 266f6548611ad0de93e7470eb13731db819f184b..HEAD | wc -l
0
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
Seeing "frontend-provided legacy machine key" was weird (and not quite
accurate) on Linux machines where it comes from the _daemon key's
persist prefs, not the "frontend".
Make the log message distinguish between the cases.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
(cherry picked from commit 6bcb466096)
* origin/main:
wgengine/router/dns: run ipconfig /registerdns async, log timing
net/tshttpproxy: aggressively rate-limit error logs in Transport.Proxy path
ipn: only use Prefs, not computed stateKey, to determine server mode
VERSION: rename to version.txt to work around macOS limitations.
version: greatly simplify redo nonsense, now that we use VERSION.
ipn, ipn/ipnserver: add IPN state for server in use, handle explicitly
version: calculate version info without using git tags.
version: use -g as the "other" suffix, so that `git show` works.
ipn/ipnserver: remove "Server mode" from a user-visible error message
ipn: fix crash generating machine key on new installs
Change some os.IsNotExist to errors.Is(err, os.ErrNotExist) for non-os errors.
.github/workflows: use cache to speed up Windows tests
tsweb: add StatusCodeCounters to HandlerOptions
tsweb: add StdHandlerOpts that accepts an options struct
ipn: don't temporarilySetMachineKeyInPersist for Android clients
Otherwise log upload HTTP requests generate proxy errrors which
generate logs which generate HTTP requests which generate proxy
errors which generate more logs, etc.
Fixes#879
When the service was running without a client (e.g. after a reboot)
and then the owner logs in and the GUI attaches, the computed state
key changed to "" (driven by frontend prefs), and then it was falling
out of server mode, despite the GUI-provided prefs still saying it
wanted server mode.
Also add some logging. And remove a scary "Access denied" from a
user-visible error, making the two possible already-in-use error
messages consistent with each other.
On Windows, we were previously treating a server used by different
users as a fatal error, which meant the second user (upon starting
Tailscale, explicitly or via Start Up programs) got an invasive error
message dialog.
Instead, give it its own IPN state and change the Notify.ErrMessage to
be details in that state. Then the Windows GUI can be less aggresive
about that happening.
Also,
* wait to close the IPN connection until the server ownership state
changes so the GUI doesn't need to repeatedly reconnect to discover
changes.
* fix a bug discovered during testing: on system reboot, the
ipnserver's serverModeUser was getting cleared while the state
transitioned from Unknown to Running. Instead, track 'inServerMode'
explicitly and remove the old accessor method which was error prone.
* fix a rare bug where the client could start up and set the server
mode prefs in its Start call and we wouldn't persist that to the
StateStore storage's prefs start key. (Previously it was only via a
prefs toggle at runtime)
This makes it easier to integrate this version math into a submodule-ful
world. We'll continue to have regular git tags that parallel the information
in VERSION, so that builds out of this repository behave the same.
Signed-off-by: David Anderson <danderson@tailscale.com>
(cherry picked from commit 437142daa5)
(altered VERSION to reflect correct information for this release branch)
This makes it easier to integrate this version math into a submodule-ful
world. We'll continue to have regular git tags that parallel the information
in VERSION, so that builds out of this repository behave the same.
Signed-off-by: David Anderson <danderson@tailscale.com>
os.IsNotExist doesn't unwrap errors. errors.Is does.
The ioutil.ReadFile ones happened to be fine but I changed them so
we're consistent with the rule: if the error comes from os, you can
use os.IsNotExist, but from any other package, use errors.Is.
(errors.Is always would also work, but not worth updating all the code)
The motivation here was that we were logging about failure to migrate
legacy relay node prefs file on startup, even though the code tried
to avoid that.
See golang/go#41122
Avery Pennarun