更新 cmd/derper/cert.go

更新 .github/workflows/go-licenses.yml.disabled
更新 .github/workflows/golangci-lint.yml.disabled
2023-07-10 18:43:34 +08:00 · 2023-07-10 18:14:44 +08:00 · 2023-07-10 18:14:28 +08:00 · 2023-07-10 18:14:17 +08:00 · 2023-07-10 18:14:04 +08:00 · 2023-07-10 18:13:47 +08:00
20 changed files with 64 additions and 68 deletions
--- a/.github/workflows/codeql-analysis.yml.disabled
+++ b/.github/workflows/codeql-analysis.yml.disabled
--- a/.github/workflows/docker-file-build.yml.disabled
+++ b/.github/workflows/docker-file-build.yml.disabled
--- a/.github/workflows/go-licenses.yml.disabled
+++ b/.github/workflows/go-licenses.yml.disabled
--- a/.github/workflows/golangci-lint.yml.disabled
+++ b/.github/workflows/golangci-lint.yml.disabled
--- a/.github/workflows/installer.yml.disabled
+++ b/.github/workflows/installer.yml.disabled
--- a/.github/workflows/test.yml.disabled
+++ b/.github/workflows/test.yml.disabled
--- a/.github/workflows/update-flake.yml.disabled
+++ b/.github/workflows/update-flake.yml.disabled
--- a/cmd/derper/cert.go
+++ b/cmd/derper/cert.go
@ -72,7 +72,7 @@ func NewManualCertManager(certdir, hostname string) (certProvider, error) {
 		return nil, fmt.Errorf("can not load cert: %w", err)
 	}
 	if err := x509Cert.VerifyHostname(hostname); err != nil {
-		return nil, fmt.Errorf("cert invalid for hostname %q: %w", hostname, err)
+		// return nil, fmt.Errorf("cert invalid for hostname %q: %w", hostname, err)
 	}
 	return &manualCertManager{cert: &cert, hostname: hostname}, nil
 }
@ -89,7 +89,7 @@ func (m *manualCertManager) TLSConfig() *tls.Config {

 func (m *manualCertManager) getCertificate(hi *tls.ClientHelloInfo) (*tls.Certificate, error) {
 	if hi.ServerName != m.hostname {
-		return nil, fmt.Errorf("cert mismatch with hostname: %q", hi.ServerName)
+		//return nil, fmt.Errorf("cert mismatch with hostname: %q", hi.ServerName)
 	}

 	// Return a shallow copy of the cert so the caller can append to its
--- a/control/controlclient/noise.go
+++ b/control/controlclient/noise.go
@ -287,6 +287,25 @@ func (nc *NoiseClient) GetSingleUseRoundTripper(ctx context.Context) (http.Round
 	return nil, nil, errors.New("[unexpected] failed to reserve a request on a connection")
 }

+// contextErr is an error that wraps another error and is used to indicate that
+// the error was because a context expired.
+type contextErr struct {
+	err error
+}
+
+func (e contextErr) Error() string {
+	return e.err.Error()
+}
+
+func (e contextErr) Unwrap() error {
+	return e.err
+}
+
+// getConn returns a noiseConn that can be used to make requests to the
+// coordination server. It may return a cached connection or create a new one.
+// Dials are singleflighted, so concurrent calls to getConn may only dial once.
+// As such, context values may not be respected as there are no guarantees that
+// the context passed to getConn is the same as the context passed to dial.
 func (nc *NoiseClient) getConn(ctx context.Context) (*noiseConn, error) {
 	nc.mu.Lock()
 	if last := nc.last; last != nil && last.canTakeNewRequest() {
@ -295,11 +314,35 @@ func (nc *NoiseClient) getConn(ctx context.Context) (*noiseConn, error) {
 	}
 	nc.mu.Unlock()

-	conn, err, _ := nc.sfDial.Do(struct{}{}, nc.dial)
-	if err != nil {
-		return nil, err
+	for {
+		// We singeflight the dial to avoid making multiple connections, however
+		// that means that we can't simply cancel the dial if the context is
+		// canceled. Instead, we have to additionally check that the context
+		// which was canceled is our context and retry if our context is still
+		// valid.
+		conn, err, _ := nc.sfDial.Do(struct{}{}, func() (*noiseConn, error) {
+			c, err := nc.dial(ctx)
+			if err != nil {
+				if ctx.Err() != nil {
+					return nil, contextErr{ctx.Err()}
+				}
+				return nil, err
+			}
+			return c, nil
+		})
+		var ce contextErr
+		if err == nil || !errors.As(err, &ce) {
+			return conn, err
+		}
+		if ctx.Err() == nil {
+			// The dial failed because of a context error, but our context
+			// is still valid. Retry.
+			continue
+		}
+		// The dial failed because our context was canceled. Return the
+		// underlying error.
+		return nil, ce.Unwrap()
 	}
-	return conn, nil
 }

 func (nc *NoiseClient) RoundTrip(req *http.Request) (*http.Response, error) {
@ -344,7 +387,7 @@ func (nc *NoiseClient) Close() error {

 // dial opens a new connection to tailcontrol, fetching the server noise key
 // if not cached.
-func (nc *NoiseClient) dial() (*noiseConn, error) {
+func (nc *NoiseClient) dial(ctx context.Context) (*noiseConn, error) {
 	nc.mu.Lock()
 	connID := nc.nextID
 	nc.nextID++
@ -392,7 +435,7 @@ func (nc *NoiseClient) dial() (*noiseConn, error) {
 	}

 	timeout := time.Duration(timeoutSec * float64(time.Second))
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(ctx, timeout)
 	defer cancel()

 	clientConn, err := (&controlhttp.Dialer{
--- a/ipn/ipnlocal/local.go
+++ b/ipn/ipnlocal/local.go
@ -742,7 +742,6 @@ func (b *LocalBackend) populatePeerStatusLocked(sb *ipnstate.StatusBuilder) {
 			HostName:     p.Hostinfo.Hostname(),
 			DNSName:      p.Name,
 			OS:           p.Hostinfo.OS(),
-			KeepAlive:    p.KeepAlive,
 			LastSeen:     lastSeen,
 			Online:       p.Online != nil && *p.Online,
 			ShareeNode:   p.Hostinfo.ShareeNode(),
--- a/ipn/ipnstate/ipnstate.go
+++ b/ipn/ipnstate/ipnstate.go
@ -223,9 +223,8 @@ type PeerStatus struct {
 	LastSeen       time.Time // last seen to tailcontrol; only present if offline
 	LastHandshake  time.Time // with local wireguard
 	Online         bool      // whether node is connected to the control plane
-	KeepAlive      bool
-	ExitNode       bool // true if this is the currently selected exit node.
-	ExitNodeOption bool // true if this node can be an exit node (offered && approved)
+	ExitNode       bool      // true if this is the currently selected exit node.
+	ExitNodeOption bool      // true if this node can be an exit node (offered && approved)

 	// Active is whether the node was recently active. The
 	// definition is somewhat undefined but has historically and
@ -437,9 +436,6 @@ func (sb *StatusBuilder) AddPeer(peer key.NodePublic, st *PeerStatus) {
 	if st.InEngine {
 		e.InEngine = true
 	}
-	if st.KeepAlive {
-		e.KeepAlive = true
-	}
 	if st.ExitNode {
 		e.ExitNode = true
 	}
--- a/tailcfg/tailcfg.go
+++ b/tailcfg/tailcfg.go
@ -242,8 +242,6 @@ type Node struct {
 	// current node doesn't have permission to know.
 	Online *bool `json:",omitempty"`

-	KeepAlive bool `json:",omitempty"` // open and keep open a connection to this peer
-
 	MachineAuthorized bool `json:",omitempty"` // TODO(crawshaw): replace with MachineStatus

 	// Capabilities are capabilities that the node has.
@ -1284,7 +1282,7 @@ type DNSConfig struct {
 	// match.
 	//
 	// Matches are case insensitive.
-	ExitNodeFilteredSet []string
+	ExitNodeFilteredSet []string `json:",omitempty"`
 }

 // DNSRecord is an extra DNS record to add to MagicDNS.
--- a/tailcfg/tailcfg_clone.go
+++ b/tailcfg/tailcfg_clone.go
@ -93,7 +93,6 @@ var _NodeCloneNeedsRegeneration = Node(struct {
 	PrimaryRoutes                 []netip.Prefix
 	LastSeen                      *time.Time
 	Online                        *bool
-	KeepAlive                     bool
 	MachineAuthorized             bool
 	Capabilities                  []string
 	UnsignedPeerAPIOnly           bool
--- a/tailcfg/tailcfg_test.go
+++ b/tailcfg/tailcfg_test.go
@ -347,7 +347,7 @@ func TestNodeEqual(t *testing.T) {
 		"Key", "KeyExpiry", "KeySignature", "Machine", "DiscoKey",
 		"Addresses", "AllowedIPs", "Endpoints", "DERP", "Hostinfo",
 		"Created", "Cap", "Tags", "PrimaryRoutes",
-		"LastSeen", "Online", "KeepAlive", "MachineAuthorized",
+		"LastSeen", "Online", "MachineAuthorized",
 		"Capabilities",
 		"UnsignedPeerAPIOnly",
 		"ComputedName", "computedHostIfDifferent", "ComputedNameWithHost",
--- a/tailcfg/tailcfg_view.go
+++ b/tailcfg/tailcfg_view.go
@ -168,7 +168,6 @@ func (v NodeView) Online() *bool {
 	return &x
 }

-func (v NodeView) KeepAlive() bool                   { return v.ж.KeepAlive }
 func (v NodeView) MachineAuthorized() bool           { return v.ж.MachineAuthorized }
 func (v NodeView) Capabilities() views.Slice[string] { return views.SliceOf(v.ж.Capabilities) }
 func (v NodeView) UnsignedPeerAPIOnly() bool         { return v.ж.UnsignedPeerAPIOnly }
@ -210,7 +209,6 @@ var _NodeViewNeedsRegeneration = Node(struct {
 	PrimaryRoutes                 []netip.Prefix
 	LastSeen                      *time.Time
 	Online                        *bool
-	KeepAlive                     bool
 	MachineAuthorized             bool
 	Capabilities                  []string
 	UnsignedPeerAPIOnly           bool
--- a/tsnet/tsnet_test.go
+++ b/tsnet/tsnet_test.go
@ -283,6 +283,7 @@ func TestConn(t *testing.T) {
 }

 func TestLoopbackLocalAPI(t *testing.T) {
+	flakytest.Mark(t, "https://github.com/tailscale/tailscale/issues/8557")
 	tstest.ResourceCheck(t)
 	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
 	defer cancel()
--- a/util/deephash/deephash_test.go
+++ b/util/deephash/deephash_test.go
@ -581,8 +581,8 @@ func TestGetTypeHasher(t *testing.T) {
 		{
 			name:  "tailcfg.Node",
 			val:   &tailcfg.Node{},
-			out:   "\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\tn\x88\xf1\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\tn\x88\xf1\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
-			out32: "\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\tn\x88\xf1\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\tn\x88\xf1\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+			out:   "\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\tn\x88\xf1\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\tn\x88\xf1\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+			out32: "\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\tn\x88\xf1\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\tn\x88\xf1\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
 		},
 	}
 	for _, tt := range tests {
--- a/wgengine/magicsock/magicsock.go
+++ b/wgengine/magicsock/magicsock.go
@ -30,6 +30,7 @@ import (

 	"github.com/tailscale/wireguard-go/conn"
 	"go4.org/mem"
+	"golang.org/x/exp/maps"
 	"golang.org/x/net/ipv4"
 	"golang.org/x/net/ipv6"
 	"tailscale.com/control/controlclient"
@ -4409,16 +4410,12 @@ func (de *endpoint) addrForWireGuardSendLocked(now mono.Time) (udpAddr netip.Add
 		return udpAddr, false
 	}

-	candidates := make([]netip.AddrPort, 0, len(de.endpointState))
-	for ipp := range de.endpointState {
-		if ipp.Addr().Is4() && de.c.noV4.Load() {
-			continue
-		}
-		if ipp.Addr().Is6() && de.c.noV6.Load() {
-			continue
-		}
-		candidates = append(candidates, ipp)
+	candidates := maps.Keys(de.endpointState)
+	if len(candidates) == 0 {
+		de.c.logf("magicsock: addrForSendWireguardLocked: [unexpected] no candidates available for endpoint")
+		return udpAddr, false
 	}
+
 	// Randomly select an address to use until we retrieve latency information
 	// and give it a short trustBestAddrUntil time so we avoid flapping between
 	// addresses while waiting on latency information to be populated.
--- a/wgengine/magicsock/magicsock_test.go
+++ b/wgengine/magicsock/magicsock_test.go
@ -2809,36 +2809,6 @@ func TestAddrForSendLockedForWireGuardOnly(t *testing.T) {
 			},
 			want: netip.MustParseAddrPort("[2345:0425:2CA1:0000:0000:0567:5673:23b5]:222"),
 		},
-		{
-			name:       "choose IPv4 when IPv6 is not useable",
-			sendWGPing: false,
-			noV6:       true,
-			ep: []endpointDetails{
-				{
-					addrPort: netip.MustParseAddrPort("1.1.1.1:111"),
-					latency:  100 * time.Millisecond,
-				},
-				{
-					addrPort: netip.MustParseAddrPort("[1::1]:567"),
-				},
-			},
-			want: netip.MustParseAddrPort("1.1.1.1:111"),
-		},
-		{
-			name:       "choose IPv6 when IPv4 is not useable",
-			sendWGPing: false,
-			noV4:       true,
-			ep: []endpointDetails{
-				{
-					addrPort: netip.MustParseAddrPort("1.1.1.1:111"),
-				},
-				{
-					addrPort: netip.MustParseAddrPort("[1::1]:567"),
-					latency:  100 * time.Millisecond,
-				},
-			},
-			want: netip.MustParseAddrPort("[1::1]:567"),
-		},
 		{
 			name:       "choose IPv6 address when latency is the same for v4 and v6",
 			sendWGPing: true,
@ -2865,8 +2835,6 @@ func TestAddrForSendLockedForWireGuardOnly(t *testing.T) {
 				noV6: atomic.Bool{},
 			},
 		}
-		endpoint.c.noV4.Store(test.noV4)
-		endpoint.c.noV6.Store(test.noV6)

 		for _, epd := range test.ep {
 			endpoint.endpointState[epd.addrPort] = &endpointState{}
--- a/wgengine/wgcfg/nmcfg/nmcfg.go
+++ b/wgengine/wgcfg/nmcfg/nmcfg.go
@ -96,9 +96,6 @@ func WGCfg(nm *netmap.NetworkMap, logf logger.Logf, flags netmap.WGConfigFlags,
 			DiscoKey:  peer.DiscoKey,
 		})
 		cpeer := &cfg.Peers[len(cfg.Peers)-1]
-		if peer.KeepAlive {
-			cpeer.PersistentKeepalive = 25 // seconds
-		}

 		didExitNodeWarn := false
 		cpeer.V4MasqAddr = peer.SelfNodeV4MasqAddrForThisPeer
Author	SHA1	Message	Date
落雨宸	e02da8ea72	更新 cmd/derper/cert.go	2023-07-10 18:43:34 +08:00
落雨宸	945a6dc677	更新 .github/workflows/go-licenses.yml.disabled	2023-07-10 18:14:44 +08:00
落雨宸	d0a385c4ea	更新 .github/workflows/golangci-lint.yml.disabled	2023-07-10 18:14:28 +08:00
落雨宸	6ee1ad3488	更新 .github/workflows/test.yml.disabled	2023-07-10 18:14:17 +08:00
落雨宸	d186897551	更新 .github/workflows/update-flake.yml.disabled CI / licenses (push) Waiting to run Details CI / staticcheck (386, windows) (push) Waiting to run Details CI / staticcheck (amd64, darwin) (push) Waiting to run Details CI / staticcheck (amd64, linux) (push) Waiting to run Details CI / staticcheck (amd64, windows) (push) Waiting to run Details CI / notify_slack (push) Blocked by required conditions Details CI / check_mergeability (push) Blocked by required conditions Details CI / test (-race, amd64) (push) Has been cancelled Details CI / test (386) (push) Has been cancelled Details CI / test (amd64) (push) Has been cancelled Details CI / windows (push) Has been cancelled Details CI / vm (push) Has been cancelled Details CI / cross (386, linux) (push) Has been cancelled Details CI / cross (amd64, darwin) (push) Has been cancelled Details CI / cross (amd64, freebsd) (push) Has been cancelled Details CI / cross (amd64, openbsd) (push) Has been cancelled Details CI / cross (amd64, windows) (push) Has been cancelled Details CI / cross (arm, 5, linux) (push) Has been cancelled Details CI / cross (arm, 7, linux) (push) Has been cancelled Details CI / cross (arm64, linux) (push) Has been cancelled Details CI / cross (arm64, darwin) (push) Has been cancelled Details CI / cross (arm64, windows) (push) Has been cancelled Details CI / cross (loong64, linux) (push) Has been cancelled Details CI / android (push) Has been cancelled Details CI / ios (push) Has been cancelled Details CI / wasm (push) Has been cancelled Details CI / tailscale_go (push) Has been cancelled Details CI / depaware (push) Has been cancelled Details CI / go_generate (push) Has been cancelled Details CI / fuzz (push) Has been cancelled Details	2023-07-10 18:14:04 +08:00
落雨宸	d4d7eb0ac2	更新 .github/workflows/installer.yml.disabled CI / test (386) (push) Has been cancelled Details CI / test (amd64) (push) Has been cancelled Details CI / windows (push) Has been cancelled Details CI / vm (push) Has been cancelled Details CI / cross (386, linux) (push) Has been cancelled Details CI / cross (amd64, darwin) (push) Has been cancelled Details CI / cross (amd64, freebsd) (push) Has been cancelled Details CI / cross (amd64, openbsd) (push) Has been cancelled Details CI / cross (amd64, windows) (push) Has been cancelled Details CI / cross (arm, 5, linux) (push) Has been cancelled Details CI / cross (arm, 7, linux) (push) Has been cancelled Details CI / cross (arm64, darwin) (push) Has been cancelled Details CI / cross (arm64, linux) (push) Has been cancelled Details CI / cross (arm64, windows) (push) Has been cancelled Details CI / cross (loong64, linux) (push) Has been cancelled Details CI / ios (push) Has been cancelled Details CI / android (push) Has been cancelled Details CI / wasm (push) Has been cancelled Details CI / tailscale_go (push) Has been cancelled Details CI / fuzz (push) Has been cancelled Details CI / depaware (push) Has been cancelled Details CI / go_generate (push) Has been cancelled Details CI / go_mod_tidy (push) Has been cancelled Details CI / licenses (push) Has been cancelled Details CI / staticcheck (386, windows) (push) Has been cancelled Details CI / staticcheck (amd64, darwin) (push) Has been cancelled Details CI / staticcheck (amd64, linux) (push) Has been cancelled Details CI / staticcheck (amd64, windows) (push) Has been cancelled Details CI / notify_slack (push) Has been cancelled Details CI / check_mergeability (push) Has been cancelled Details	2023-07-10 18:13:47 +08:00
落雨宸	b27de27db3	更新 .github/workflows/docker-file-build.yml.disabled CI / notify_slack (push) Blocked by required conditions Details CI / check_mergeability (push) Blocked by required conditions Details CI / test (-race, amd64) (push) Has been cancelled Details CI / test (386) (push) Has been cancelled Details CI / test (amd64) (push) Has been cancelled Details CI / windows (push) Has been cancelled Details CI / vm (push) Has been cancelled Details CI / cross (386, linux) (push) Has been cancelled Details CI / cross (amd64, darwin) (push) Has been cancelled Details CI / cross (amd64, freebsd) (push) Has been cancelled Details CI / cross (amd64, openbsd) (push) Has been cancelled Details CI / cross (amd64, windows) (push) Has been cancelled Details CI / cross (arm, 5, linux) (push) Has been cancelled Details CI / cross (arm, 7, linux) (push) Has been cancelled Details CI / cross (arm64, darwin) (push) Has been cancelled Details CI / cross (arm64, linux) (push) Has been cancelled Details CI / cross (arm64, windows) (push) Has been cancelled Details CI / cross (loong64, linux) (push) Has been cancelled Details CI / ios (push) Has been cancelled Details CI / android (push) Has been cancelled Details CI / wasm (push) Has been cancelled Details CI / tailscale_go (push) Has been cancelled Details CI / fuzz (push) Has been cancelled Details CI / depaware (push) Has been cancelled Details CI / go_generate (push) Has been cancelled Details CI / go_mod_tidy (push) Has been cancelled Details CI / licenses (push) Has been cancelled Details CI / staticcheck (386, windows) (push) Has been cancelled Details CI / staticcheck (amd64, linux) (push) Has been cancelled Details CI / staticcheck (amd64, darwin) (push) Has been cancelled Details	2023-07-10 18:13:26 +08:00
落雨宸	76df8def85	更新 .github/workflows/codeql-analysis.yml.disabled CI / cross (amd64, darwin) (push) Failing after 13s Details CI / cross (amd64, windows) (push) Failing after 21s Details CI / test (-race, amd64) (push) Failing after 17s Details CI / cross (arm, 7, linux) (push) Failing after 14s Details CI / cross (amd64, freebsd) (push) Failing after 22s Details CI / cross (amd64, openbsd) (push) Failing after 12s Details CI / windows (push) Has been cancelled Details CI / vm (push) Has been cancelled Details CI / cross (386, linux) (push) Failing after 14s Details CI / cross (arm64, windows) (push) Has been cancelled Details CI / cross (loong64, linux) (push) Has been cancelled Details CI / test (amd64) (push) Failing after 22s Details CI / ios (push) Has been cancelled Details CI / cross (arm64, darwin) (push) Has been cancelled Details CI / android (push) Has been cancelled Details CI / wasm (push) Has been cancelled Details CI / tailscale_go (push) Has been cancelled Details CI / fuzz (push) Has been cancelled Details CI / cross (arm, 5, linux) (push) Failing after 12s Details CI / depaware (push) Has been cancelled Details CI / go_generate (push) Has been cancelled Details CI / cross (arm64, linux) (push) Has been cancelled Details CI / go_mod_tidy (push) Has been cancelled Details CI / licenses (push) Has been cancelled Details CI / staticcheck (386, windows) (push) Has been cancelled Details CI / staticcheck (amd64, darwin) (push) Has been cancelled Details CI / staticcheck (amd64, linux) (push) Has been cancelled Details CI / staticcheck (amd64, windows) (push) Has been cancelled Details CI / notify_slack (push) Has been cancelled Details CI / check_mergeability (push) Has been cancelled Details	2023-07-10 18:13:14 +08:00
落雨宸	1bc9e46c17	更新 cmd/derper/cert.go CI / cross (amd64, freebsd) (push) Failing after 13s Details CI / cross (arm, 7, linux) (push) Failing after 12s Details CI / ios (push) Successful in 4m9s Details CI / test (386) (push) Failing after 13s Details CI / cross (386, linux) (push) Failing after 9s Details CI / cross (amd64, openbsd) (push) Failing after 10s Details CI / cross (arm64, darwin) (push) Failing after 19s Details CI / android (push) Failing after 17m9s Details CI / wasm (push) Failing after 46s Details CI / test (-race, amd64) (push) Failing after 2m4s Details CI / fuzz (push) Has been skipped Details CI / tailscale_go (push) Failing after 2m53s Details CI / cross (amd64, windows) (push) Failing after 12s Details CI / cross (arm64, linux) (push) Failing after 14s Details CI / cross (arm64, windows) (push) Failing after 12s Details CI / windows (push) Has been cancelled Details CI / vm (push) Has been cancelled Details CI / cross (amd64, darwin) (push) Failing after 15s Details CI / cross (arm, 5, linux) (push) Failing after 10s Details CI / cross (loong64, linux) (push) Failing after 18s Details CI / depaware (push) Has started running Details CI / go_generate (push) Has started running Details CI / go_mod_tidy (push) Has been cancelled Details CI / licenses (push) Has been cancelled Details CI / staticcheck (386, windows) (push) Has been cancelled Details CI / staticcheck (amd64, darwin) (push) Has been cancelled Details CI / staticcheck (amd64, linux) (push) Has been cancelled Details CI / staticcheck (amd64, windows) (push) Has been cancelled Details CI / notify_slack (push) Has been cancelled Details CI / check_mergeability (push) Has been cancelled Details	2023-07-10 17:36:22 +08:00
Brad Fitzpatrick	ffaa6be8a4	tailcfg: add json omitempty to DNSConfig.ExitNodeFilteredSet We were storing a lot of "ExitNodeFilteredSet":null in the database. Updates tailscale/corp#1818 (found in the process) Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	2023-07-08 19:58:23 -07:00
Brad Fitzpatrick	7b1c3dfd28	tailcfg,etc: remove unused tailcfg.Node.KeepAlive field The server hasn't sent it in ages. Updates #cleanup Change-Id: I9695ab0f074ec6fb006e11faf3cdfc5ca049fbf8 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	2023-07-08 06:57:10 -07:00
Charlotte Brandhorst-Satzkorn	f05a9f3e7f	tsnet: mark TestLoopbackLocalAPI as flakey Test flaked in CI. Updates #8557 Signed-off-by: Charlotte Brandhorst-Satzkorn <charlotte@tailscale.com>	2023-07-07 21:23:48 -07:00
Charlotte Brandhorst-Satzkorn	339397ab74	wgengine/magicsock: remove noV4/noV6 check in addrForSendWireGuardLocked This change removes the noV4/noV6 check from addrForSendWireGuardLocked. On Android, the client panics when reaching `rand.Intn()`, likely due to the candidates list being containing no candidates. The suspicion is that the `noV4` and the `noV6` are both being triggered causing the loop to continue. Updates tailscale/corp#12938 Updates #7826 Signed-off-by: Charlotte Brandhorst-Satzkorn <charlotte@tailscale.com>	2023-07-07 18:59:19 -07:00
Maisem Ali	9d1a3a995c	control/controlclient: use ctx passed down to NoiseClient.getConn Without this, the client would just get stuck dialing even if the context was canceled. Updates tailscale/corp#12590 Signed-off-by: Maisem Ali <maisem@tailscale.com>	2023-07-07 15:11:44 -07:00