ipn: when enforcing defaults, set UsePacketFilter=true

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>

.github/workflows/cross-darwin.yml

@@ -3,7 +3,7 @@ name: Darwin-Cross
 on:
   push:
     branches:
-      - main
+      - master
   pull_request:
     branches:
       - '*'
@@ -16,10 +16,10 @@ jobs:
 
     steps:
 
-    - name: Set up Go
+    - name: Set up Go 1.13
       uses: actions/setup-go@v1
       with:
-        go-version: 1.14
+        go-version: 1.13
       id: go
 
     - name: Check out code into the Go module directory

.github/workflows/cross-freebsd.yml

@@ -3,7 +3,7 @@ name: FreeBSD-Cross
 on:
   push:
     branches:
-      - main
+      - master
   pull_request:
     branches:
       - '*'
@@ -16,10 +16,10 @@ jobs:
 
     steps:
 
-    - name: Set up Go
+    - name: Set up Go 1.13
       uses: actions/setup-go@v1
       with:
-        go-version: 1.14
+        go-version: 1.13
       id: go
 
     - name: Check out code into the Go module directory

.github/workflows/cross-openbsd.yml

@@ -3,7 +3,7 @@ name: OpenBSD-Cross
 on:
   push:
     branches:
-      - main
+      - master
   pull_request:
     branches:
       - '*'
@@ -16,10 +16,10 @@ jobs:
 
     steps:
 
-    - name: Set up Go
+    - name: Set up Go 1.13
       uses: actions/setup-go@v1
       with:
-        go-version: 1.14
+        go-version: 1.13
       id: go
 
     - name: Check out code into the Go module directory

.github/workflows/cross-windows.yml

@@ -3,7 +3,7 @@ name: Windows-Cross
 on:
   push:
     branches:
-      - main
+      - master
   pull_request:
     branches:
       - '*'
@@ -16,10 +16,10 @@ jobs:
 
     steps:
 
-    - name: Set up Go
+    - name: Set up Go 1.13
       uses: actions/setup-go@v1
       with:
-        go-version: 1.14
+        go-version: 1.13
       id: go
 
     - name: Check out code into the Go module directory

.github/workflows/license.yml

@@ -1,40 +0,0 @@
-name: license
-
-on:
-  push:
-    branches:
-      - main
-  pull_request:
-    branches:
-      - '*'
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-
-    steps:
-    - name: Set up Go
-      uses: actions/setup-go@v1
-      with:
-        go-version: 1.14
-
-    - name: Check out code
-      uses: actions/checkout@v1
-
-    - name: Run license checker
-      run: ./scripts/check_license_headers.sh .
-
-    - uses: k0kubun/action-slack@v2.0.0
-      with:
-        payload: |
-          {
-            "attachments": [{
-              "text": "${{ job.status }}: ${{ github.workflow }} <https://github.com/${{ github.repository }}/commit/${{ github.sha }}/checks|${{ env.COMMIT_DATE }} #${{ env.COMMIT_NUMBER_OF_DAY }}> " +
-                      "(<https://github.com/${{ github.repository }}/commit/${{ github.sha }}|" + "${{ github.sha }}".substring(0, 10) + ">) " +
-                      "of ${{ github.repository }}@" + "${{ github.ref }}".split('/').reverse()[0] + " by ${{ github.event.head_commit.committer.name }}",
-              "color": "danger"
-            }]
-          }
-      env:
-        SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
-      if: failure() && github.event_name == 'push'

.github/workflows/linux.yml

@@ -3,7 +3,7 @@ name: Linux
 on:
   push:
     branches:
-      - main
+      - master
   pull_request:
     branches:
       - '*'
@@ -16,10 +16,10 @@ jobs:
 
     steps:
 
-    - name: Set up Go
+    - name: Set up Go 1.13
       uses: actions/setup-go@v1
       with:
-        go-version: 1.14
+        go-version: 1.13
       id: go
 
     - name: Check out code into the Go module directory

.github/workflows/linux32.yml

@@ -1,48 +0,0 @@
-name: Linux 32-bit
-
-on:
-  push:
-    branches:
-      - main
-  pull_request:
-    branches:
-      - '*'
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-
-    if: "!contains(github.event.head_commit.message, '[ci skip]')"
-
-    steps:
-
-    - name: Set up Go
-      uses: actions/setup-go@v1
-      with:
-        go-version: 1.14
-      id: go
-
-    - name: Check out code into the Go module directory
-      uses: actions/checkout@v1
-
-    - name: Basic build
-      run: GOARCH=386 go build ./cmd/...
-
-    - name: Run tests on linux
-      run: GOARCH=386 go test ./...
-
-    - uses: k0kubun/action-slack@v2.0.0
-      with:
-        payload: |
-          {
-            "attachments": [{
-              "text": "${{ job.status }}: ${{ github.workflow }} <https://github.com/${{ github.repository }}/commit/${{ github.sha }}/checks|${{ env.COMMIT_DATE }} #${{ env.COMMIT_NUMBER_OF_DAY }}> " +
-                      "(<https://github.com/${{ github.repository }}/commit/${{ github.sha }}|" + "${{ github.sha }}".substring(0, 10) + ">) " +
-                      "of ${{ github.repository }}@" + "${{ github.ref }}".split('/').reverse()[0] + " by ${{ github.event.head_commit.committer.name }}",
-              "color": "danger"
-            }]
-          }
-      env:
-        SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
-      if: failure() && github.event_name == 'push'
-

.github/workflows/staticcheck.yml

@@ -3,7 +3,7 @@ name: staticcheck
 on:
   push:
     branches:
-      - main
+      - master
   pull_request:
     branches:
       - '*'
@@ -13,22 +13,19 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - name: Set up Go
+    - name: Set up Go 1.13
       uses: actions/setup-go@v1
       with:
-        go-version: 1.14
+        go-version: 1.13
 
     - name: Check out code
       uses: actions/checkout@v1
 
-    - name: Run go vet
-      run: go vet ./...
-
     - name: Print staticcheck version
       run: go run honnef.co/go/tools/cmd/staticcheck -version
 
     - name: Run staticcheck
-      run: "go run honnef.co/go/tools/cmd/staticcheck -- $(go list ./... | grep -v tempfork)"
+      run: go run honnef.co/go/tools/cmd/staticcheck -- ./...
 
     - uses: k0kubun/action-slack@v2.0.0
       with:

Dockerfile

@@ -2,26 +2,7 @@
 # Use of this source code is governed by a BSD-style
 # license that can be found in the LICENSE file.
 
-# This Dockerfile includes all the tailscale binaries.
-#
-# To build the Dockerfile:
-#
-#     $ docker build -t tailscale:tailscale .
-#
-# To run the tailscaled agent:
-#
-#     $ docker run -d --name=tailscaled -v /var/lib:/var/lib -v /dev/net/tun:/dev/net/tun --network=host --privileged tailscale:tailscale tailscaled
-#
-# To then log in:
-#
-#     $ docker exec tailscaled tailscale up
-#
-# To see status:
-#
-#     $ docker exec tailscaled tailscale status
-
-
-FROM golang:1.14-alpine AS build-env
+FROM golang:1.13-alpine AS build-env
 
 WORKDIR /go/src/tailscale
 
@@ -34,5 +15,5 @@ COPY . .
 RUN go install -v ./cmd/...
 
 FROM alpine:3.11
-RUN apk add --no-cache ca-certificates iptables iproute2
+RUN apk add --no-cache ca-certificates iptables
 COPY --from=build-env /go/bin/* /usr/local/bin/

Makefile

@@ -1,7 +0,0 @@
-usage:
-	echo "See Makefile"
-
-check: staticcheck
-
-staticcheck:
-	go run honnef.co/go/tools/cmd/staticcheck -- $$(go list ./... | grep -v tempfork)

README.md

@@ -23,10 +23,10 @@ https://pkgs.tailscale.com .
 go install tailscale.com/cmd/tailscale{,d}
 ```
 
-We only guarantee to support the latest Go release and any Go beta or
-release candidate builds (currently Go 1.14) in module mode. It might
-work in earlier Go versions or in GOPATH mode, but we're making no
-effort to keep those working.
+We only support the latest Go release and any Go beta or release
+candidate builds (currently Go 1.13.x or Go 1.14) in module mode. It
+might work in earlier Go versions or in GOPATH mode, but we're making
+no effort to keep those working.
 
 ## Bugs
 

atomicfile/atomicfile.go

@@ -1,4 +1,4 @@
-// Copyright (c) 2019 Tailscale Inc & AUTHORS All rights reserved.
+// Copyright 2019 Tailscale & AUTHORS. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
@@ -9,39 +9,20 @@
 package atomicfile // import "tailscale.com/atomicfile"
 
 import (
+	"fmt"
 	"io/ioutil"
 	"os"
-	"path/filepath"
-	"runtime"
 )
 
 // WriteFile writes data to filename+some suffix, then renames it
 // into filename.
-func WriteFile(filename string, data []byte, perm os.FileMode) (err error) {
-	f, err := ioutil.TempFile(filepath.Dir(filename), filepath.Base(filename)+".tmp")
-	if err != nil {
-		return err
+func WriteFile(filename string, data []byte, perm os.FileMode) error {
+	tmpname := filename + ".new.tmp"
+	if err := ioutil.WriteFile(tmpname, data, perm); err != nil {
+		return fmt.Errorf("%#v: %v", tmpname, err)
 	}
-	tmpName := f.Name()
-	defer func() {
-		if err != nil {
-			f.Close()
-			os.Remove(tmpName)
-		}
-	}()
-	if _, err := f.Write(data); err != nil {
-		return err
+	if err := os.Rename(tmpname, filename); err != nil {
+		return fmt.Errorf("%#v->%#v: %v", tmpname, filename, err)
 	}
-	if runtime.GOOS != "windows" {
-		if err := f.Chmod(perm); err != nil {
-			return err
-		}
-	}
-	if err := f.Sync(); err != nil {
-		return err
-	}
-	if err := f.Close(); err != nil {
-		return err
-	}
-	return os.Rename(tmpName, filename)
+	return nil
 }

cmd/cloner/cloner.go

@@ -1,264 +0,0 @@
-// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Cloner is a tool to automate the creation of a Clone method.
-//
-// The result of the Clone method aliases no memory that can be edited
-// with the original.
-//
-// This tool makes lots of implicit assumptions about the types you feed it.
-// In particular, it can only write relatively "shallow" Clone methods.
-// That is, if a type contains another named struct type, cloner assumes that
-// named type will also have a Clone method.
-package main
-
-import (
-	"bytes"
-	"flag"
-	"fmt"
-	"go/ast"
-	"go/format"
-	"go/token"
-	"go/types"
-	"io/ioutil"
-	"log"
-	"os"
-	"strings"
-
-	"golang.org/x/tools/go/packages"
-)
-
-var (
-	flagTypes     = flag.String("type", "", "comma-separated list of types; required")
-	flagOutput    = flag.String("output", "", "output file; required")
-	flagBuildTags = flag.String("tags", "", "compiler build tags to apply")
-)
-
-func main() {
-	log.SetFlags(0)
-	log.SetPrefix("cloner: ")
-	flag.Parse()
-	if len(*flagTypes) == 0 {
-		flag.Usage()
-		os.Exit(2)
-	}
-	typeNames := strings.Split(*flagTypes, ",")
-
-	cfg := &packages.Config{
-		Mode:  packages.NeedTypes | packages.NeedTypesInfo | packages.NeedSyntax | packages.NeedName,
-		Tests: false,
-	}
-	if *flagBuildTags != "" {
-		cfg.BuildFlags = []string{"-tags=" + *flagBuildTags}
-	}
-	pkgs, err := packages.Load(cfg, ".")
-	if err != nil {
-		log.Fatal(err)
-	}
-	if len(pkgs) != 1 {
-		log.Fatalf("wrong number of packages: %d", len(pkgs))
-	}
-	pkg := pkgs[0]
-	buf := new(bytes.Buffer)
-	imports := make(map[string]struct{})
-	for _, typeName := range typeNames {
-		found := false
-		for _, file := range pkg.Syntax {
-			//var fbuf bytes.Buffer
-			//ast.Fprint(&fbuf, pkg.Fset, file, nil)
-			//fmt.Println(fbuf.String())
-
-			for _, d := range file.Decls {
-				decl, ok := d.(*ast.GenDecl)
-				if !ok || decl.Tok != token.TYPE {
-					continue
-				}
-				for _, s := range decl.Specs {
-					spec, ok := s.(*ast.TypeSpec)
-					if !ok || spec.Name.Name != typeName {
-						continue
-					}
-					typeNameObj := pkg.TypesInfo.Defs[spec.Name]
-					typ, ok := typeNameObj.Type().(*types.Named)
-					if !ok {
-						continue
-					}
-					pkg := typeNameObj.Pkg()
-					gen(buf, imports, typeName, typ, pkg)
-				}
-				found = true
-			}
-		}
-		if !found {
-			log.Fatalf("could not find type %s", typeName)
-		}
-	}
-
-	contents := new(bytes.Buffer)
-	fmt.Fprintf(contents, header, *flagTypes, pkg.Name)
-	fmt.Fprintf(contents, "import (\n")
-	for s := range imports {
-		fmt.Fprintf(contents, "\t%q\n", s)
-	}
-	fmt.Fprintf(contents, ")\n\n")
-	contents.Write(buf.Bytes())
-
-	out, err := format.Source(contents.Bytes())
-	if err != nil {
-		log.Fatalf("%s, in source:\n%s", err, contents.Bytes())
-	}
-
-	output := *flagOutput
-	if output == "" {
-		flag.Usage()
-		os.Exit(2)
-	}
-	if err := ioutil.WriteFile(output, out, 0666); err != nil {
-		log.Fatal(err)
-	}
-}
-
-const header = `// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Code generated by tailscale.com/cmd/cloner -type %s; DO NOT EDIT.
-
-package %s
-
-`
-
-func gen(buf *bytes.Buffer, imports map[string]struct{}, name string, typ *types.Named, thisPkg *types.Package) {
-	pkgQual := func(pkg *types.Package) string {
-		if thisPkg == pkg {
-			return ""
-		}
-		imports[pkg.Path()] = struct{}{}
-		return pkg.Name()
-	}
-	importedName := func(t types.Type) string {
-		return types.TypeString(t, pkgQual)
-	}
-
-	switch t := typ.Underlying().(type) {
-	case *types.Struct:
-		_ = t
-		name := typ.Obj().Name()
-		fmt.Fprintf(buf, "// Clone makes a deep copy of %s.\n", name)
-		fmt.Fprintf(buf, "// The result aliases no memory with the original.\n")
-		fmt.Fprintf(buf, "func (src *%s) Clone() *%s {\n", name, name)
-		writef := func(format string, args ...interface{}) {
-			fmt.Fprintf(buf, "\t"+format+"\n", args...)
-		}
-		writef("if src == nil {")
-		writef("\treturn nil")
-		writef("}")
-		writef("dst := new(%s)", name)
-		writef("*dst = *src")
-		for i := 0; i < t.NumFields(); i++ {
-			fname := t.Field(i).Name()
-			ft := t.Field(i).Type()
-			if !containsPointers(ft) {
-				continue
-			}
-			if named, _ := ft.(*types.Named); named != nil && !hasBasicUnderlying(ft) {
-				writef("dst.%s = *src.%s.Clone()", fname, fname)
-				continue
-			}
-			switch ft := ft.Underlying().(type) {
-			case *types.Slice:
-				if containsPointers(ft.Elem()) {
-					n := importedName(ft.Elem())
-					writef("dst.%s = make([]%s, len(src.%s))", fname, n, fname)
-					writef("for i := range dst.%s {", fname)
-					if _, isPtr := ft.Elem().(*types.Pointer); isPtr {
-						writef("\tdst.%s[i] = src.%s[i].Clone()", fname, fname)
-					} else {
-						writef("\tdst.%s[i] = *src.%s[i].Clone()", fname, fname)
-					}
-					writef("}")
-				} else {
-					writef("dst.%s = append(src.%s[:0:0], src.%s...)", fname, fname, fname)
-				}
-			case *types.Pointer:
-				if named, _ := ft.Elem().(*types.Named); named != nil && containsPointers(ft.Elem()) {
-					writef("dst.%s = src.%s.Clone()", fname, fname)
-					continue
-				}
-				n := importedName(ft.Elem())
-				writef("if dst.%s != nil {", fname)
-				writef("\tdst.%s = new(%s)", fname, n)
-				writef("\t*dst.%s = *src.%s", fname, fname)
-				if containsPointers(ft.Elem()) {
-					writef("\t" + `panic("TODO pointers in pointers")`)
-				}
-				writef("}")
-			case *types.Map:
-				writef("if dst.%s != nil {", fname)
-				writef("\tdst.%s = map[%s]%s{}", fname, importedName(ft.Key()), importedName(ft.Elem()))
-				if sliceType, isSlice := ft.Elem().(*types.Slice); isSlice {
-					n := importedName(sliceType.Elem())
-					writef("\tfor k := range src.%s {", fname)
-					// use zero-length slice instead of nil to ensure
-					// the key is always copied.
-					writef("\t\tdst.%s[k] = append([]%s{}, src.%s[k]...)", fname, n, fname)
-					writef("\t}")
-				} else if containsPointers(ft.Elem()) {
-					writef("\t\t" + `panic("TODO map value pointers")`)
-				} else {
-					writef("\tfor k, v := range src.%s {", fname)
-					writef("\t\tdst.%s[k] = v", fname)
-					writef("\t}")
-				}
-				writef("}")
-			case *types.Struct:
-				writef(`panic("TODO struct %s")`, fname)
-			default:
-				writef(`panic(fmt.Sprintf("TODO: %T", ft))`)
-			}
-		}
-		writef("return dst")
-		fmt.Fprintf(buf, "}\n\n")
-	}
-}
-
-func hasBasicUnderlying(typ types.Type) bool {
-	switch typ.Underlying().(type) {
-	case *types.Slice, *types.Map:
-		return true
-	default:
-		return false
-	}
-}
-
-func containsPointers(typ types.Type) bool {
-	switch typ.String() {
-	case "time.Time":
-		// time.Time contains a pointer that does not need copying
-		return false
-	case "inet.af/netaddr.IP":
-		return false
-	}
-	switch ft := typ.Underlying().(type) {
-	case *types.Array:
-		return containsPointers(ft.Elem())
-	case *types.Chan:
-		return true
-	case *types.Interface:
-		return true // a little too broad
-	case *types.Map:
-		return true
-	case *types.Pointer:
-		return true
-	case *types.Slice:
-		return true
-	case *types.Struct:
-		for i := 0; i < ft.NumFields(); i++ {
-			if containsPointers(ft.Field(i).Type()) {
-				return true
-			}
-		}
-	}
-	return false
-}

cmd/derper/derper.go

@@ -20,7 +20,6 @@ import (
 	"os"
 	"path/filepath"
 	"regexp"
-	"strings"
 	"time"
 
 	"github.com/tailscale/wireguard-go/wgcfg"
@@ -30,7 +29,7 @@ import (
 	"tailscale.com/derp/derphttp"
 	"tailscale.com/logpolicy"
 	"tailscale.com/metrics"
-	"tailscale.com/net/stun"
+	"tailscale.com/stun"
 	"tailscale.com/tsweb"
 	"tailscale.com/types/key"
 )
@@ -41,10 +40,9 @@ var (
 	configPath    = flag.String("c", "", "config file path")
 	certDir       = flag.String("certdir", tsweb.DefaultCertDir("derper-certs"), "directory to store LetsEncrypt certs, if addr's port is :443")
 	hostname      = flag.String("hostname", "derp.tailscale.com", "LetsEncrypt host name, if addr's port is :443")
+	mbps          = flag.Int("mbps", 5, "Mbps (mebibit/s) per-client rate limit; 0 means unlimited")
 	logCollection = flag.String("logcollection", "", "If non-empty, logtail collection to log to")
 	runSTUN       = flag.Bool("stun", false, "also run a STUN server")
-	meshPSKFile   = flag.String("mesh-psk-file", defaultMeshPSKFile(), "if non-empty, path to file containing the mesh pre-shared key file. It should contain some hex string; whitespace is trimmed.")
-	meshWith      = flag.String("mesh-with", "", "optional comma-separated list of hostnames to mesh with; the server's own hostname can be in the list")
 )
 
 type config struct {
@@ -121,21 +119,8 @@ func main() {
 	letsEncrypt := tsweb.IsProd443(*addr)
 
 	s := derp.NewServer(key.Private(cfg.PrivateKey), log.Printf)
-
-	if *meshPSKFile != "" {
-		b, err := ioutil.ReadFile(*meshPSKFile)
-		if err != nil {
-			log.Fatal(err)
-		}
-		key := strings.TrimSpace(string(b))
-		if matched, _ := regexp.MatchString(`(?i)^[0-9a-f]{64,}$`, key); !matched {
-			log.Fatalf("key in %s must contain 64+ hex digits", *meshPSKFile)
-		}
-		s.SetMeshKey(key)
-		log.Printf("DERP mesh key configured")
-	}
-	if err := startMesh(s); err != nil {
-		log.Fatalf("startMesh: %v", err)
+	if *mbps != 0 {
+		s.BytesPerSecond = (*mbps << 20) / 8
 	}
 	expvar.Publish("derp", s.ExpVar())
 
@@ -185,7 +170,7 @@ func main() {
 		}
 		httpsrv.TLSConfig = certManager.TLSConfig()
 		go func() {
-			err := http.ListenAndServe(":80", certManager.HTTPHandler(tsweb.Port80Handler{Main: mux}))
+			err := http.ListenAndServe(":80", certManager.HTTPHandler(tsweb.Port80Handler{mux}))
 			if err != nil {
 				if err != http.ErrServerClosed {
 					log.Fatal(err)
@@ -204,30 +189,20 @@ func main() {
 
 func debugHandler(s *derp.Server) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		if r.RequestURI == "/debug/check" {
-			err := s.ConsistencyCheck()
-			if err != nil {
-				http.Error(w, err.Error(), 500)
-			} else {
-				io.WriteString(w, "derp.Server ConsistencyCheck okay")
-			}
-			return
-		}
 		f := func(format string, args ...interface{}) { fmt.Fprintf(w, format, args...) }
 		f(`<html><body>
 <h1>DERP debug</h1>
 <ul>
 `)
 		f("<li><b>Hostname:</b> %v</li>\n", *hostname)
+		f("<li><b>Rate Limit:</b> %v Mbps</li>\n", *mbps)
 		f("<li><b>Uptime:</b> %v</li>\n", tsweb.Uptime())
-		f("<li><b>Mesh Key:</b> %v</li>\n", s.HasMeshKey())
 
 		f(`<li><a href="/debug/vars">/debug/vars</a> (Go)</li>
    <li><a href="/debug/varz">/debug/varz</a> (Prometheus)</li>
    <li><a href="/debug/pprof/">/debug/pprof/</a></li>
    <li><a href="/debug/pprof/goroutine?debug=1">/debug/pprof/goroutine</a> (collapsed)</li>
    <li><a href="/debug/pprof/goroutine?debug=2">/debug/pprof/goroutine</a> (full)</li>
-   <li><a href="/debug/check">/debug/check</a> internal consistency check</li>
 <ul>
 </html>
 `)
@@ -298,7 +273,7 @@ func serveSTUN() {
 	}
 }
 
-var validProdHostname = regexp.MustCompile(`^derp([^.]*)\.tailscale\.com\.?$`)
+var validProdHostname = regexp.MustCompile(`^derp(\d+|\-\w+)?\.tailscale\.com\.?$`)
 
 func prodAutocertHostPolicy(_ context.Context, host string) error {
 	if validProdHostname.MatchString(host) {
@@ -306,16 +281,3 @@ func prodAutocertHostPolicy(_ context.Context, host string) error {
 	}
 	return errors.New("invalid hostname")
 }
-
-func defaultMeshPSKFile() string {
-	try := []string{
-		"/home/derp/keys/derp-mesh.key",
-		filepath.Join(os.Getenv("HOME"), "keys", "derp-mesh.key"),
-	}
-	for _, p := range try {
-		if _, err := os.Stat(p); err == nil {
-			return p
-		}
-	}
-	return ""
-}

cmd/derper/derper_test.go

@@ -17,11 +17,10 @@ func TestProdAutocertHostPolicy(t *testing.T) {
 		{"derp.tailscale.com", true},
 		{"derp.tailscale.com.", true},
 		{"derp1.tailscale.com", true},
-		{"derp1b.tailscale.com", true},
 		{"derp2.tailscale.com", true},
 		{"derp02.tailscale.com", true},
 		{"derp-nyc.tailscale.com", true},
-		{"derpfoo.tailscale.com", true},
+		{"derpfoo.tailscale.com", false},
 		{"derp02.bar.tailscale.com", false},
 		{"example.net", false},
 	}

cmd/derper/mesh.go

@@ -1,45 +0,0 @@
-// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package main
-
-import (
-	"errors"
-	"fmt"
-	"log"
-	"strings"
-
-	"tailscale.com/derp"
-	"tailscale.com/derp/derphttp"
-	"tailscale.com/types/key"
-	"tailscale.com/types/logger"
-)
-
-func startMesh(s *derp.Server) error {
-	if *meshWith == "" {
-		return nil
-	}
-	if !s.HasMeshKey() {
-		return errors.New("--mesh-with requires --mesh-psk-file")
-	}
-	for _, host := range strings.Split(*meshWith, ",") {
-		if err := startMeshWithHost(s, host); err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func startMeshWithHost(s *derp.Server, host string) error {
-	logf := logger.WithPrefix(log.Printf, fmt.Sprintf("mesh(%q): ", host))
-	c, err := derphttp.NewClient(s.PrivateKey(), "https://"+host+"/derp", logf)
-	if err != nil {
-		return err
-	}
-	c.MeshKey = s.MeshKey()
-	add := func(k key.Public) { s.AddPacketForwarder(k, c) }
-	remove := func(k key.Public) { s.RemovePacketForwarder(k, c) }
-	go c.RunWatchConnectionLoop(s.PublicKey(), add, remove)
-	return nil
-}

cmd/microproxy/microproxy.go

@@ -1,175 +0,0 @@
-// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// microproxy proxies incoming HTTPS connections to another
-// destination. Instead of managing its own TLS certificates, it
-// borrows issued certificates and keys from an autocert directory.
-package main
-
-import (
-	"crypto/tls"
-	"encoding/json"
-	"flag"
-	"fmt"
-	"io"
-	"io/ioutil"
-	"log"
-	"net/http"
-	"net/http/httputil"
-	"net/url"
-	"path/filepath"
-	"sync"
-	"time"
-
-	"tailscale.com/logpolicy"
-	"tailscale.com/tsweb"
-)
-
-var (
-	addr          = flag.String("addr", ":4430", "server address")
-	certdir       = flag.String("certdir", "", "directory to borrow LetsEncrypt certificates from")
-	hostname      = flag.String("hostname", "", "hostname to serve")
-	logCollection = flag.String("logcollection", "", "If non-empty, logtail collection to log to")
-	nodeExporter  = flag.String("node-exporter", "http://localhost:9100", "URL of the local prometheus node exporter")
-	goVarsURL     = flag.String("go-vars-url", "http://localhost:8383/debug/vars", "URL of a local Go server's /debug/vars endpoint")
-)
-
-func main() {
-	flag.Parse()
-
-	if *logCollection != "" {
-		logpolicy.New(*logCollection)
-	}
-
-	ne, err := url.Parse(*nodeExporter)
-	if err != nil {
-		log.Fatalf("Couldn't parse URL %q: %v", *nodeExporter, err)
-	}
-	proxy := httputil.NewSingleHostReverseProxy(ne)
-	proxy.FlushInterval = time.Second
-
-	if _, err = url.Parse(*goVarsURL); err != nil {
-		log.Fatalf("Couldn't parse URL %q: %v", *goVarsURL, err)
-	}
-
-	mux := tsweb.NewMux(http.HandlerFunc(debugHandler))
-	mux.Handle("/metrics", tsweb.Protected(proxy))
-	mux.Handle("/varz", tsweb.Protected(tsweb.StdHandler(&goVarsHandler{*goVarsURL}, log.Printf)))
-
-	ch := &certHolder{
-		hostname: *hostname,
-		path:     filepath.Join(*certdir, *hostname),
-	}
-
-	httpsrv := &http.Server{
-		Addr:    *addr,
-		Handler: mux,
-		TLSConfig: &tls.Config{
-			GetCertificate: ch.GetCertificate,
-		},
-	}
-
-	if err := httpsrv.ListenAndServeTLS("", ""); err != nil && err != http.ErrServerClosed {
-		log.Fatal(err)
-	}
-}
-
-type goVarsHandler struct {
-	url string
-}
-
-func promPrint(w io.Writer, prefix string, obj map[string]interface{}) {
-	for k, i := range obj {
-		if prefix != "" {
-			k = prefix + "_" + k
-		}
-		switch v := i.(type) {
-		case map[string]interface{}:
-			promPrint(w, k, v)
-		case float64:
-			fmt.Fprintf(w, "%s %f\n", k, v)
-		default:
-			fmt.Fprintf(w, "# Skipping key %q, unhandled type %T\n", k, v)
-		}
-	}
-}
-
-func (h *goVarsHandler) ServeHTTPReturn(w http.ResponseWriter, r *http.Request) error {
-	resp, err := http.Get(h.url)
-	if err != nil {
-		return tsweb.Error(http.StatusInternalServerError, "fetch failed", err)
-	}
-	defer resp.Body.Close()
-	var mon map[string]interface{}
-	if err := json.NewDecoder(resp.Body).Decode(&mon); err != nil {
-		return tsweb.Error(http.StatusInternalServerError, "fetch failed", err)
-	}
-
-	w.WriteHeader(http.StatusOK)
-	promPrint(w, "", mon)
-	return nil
-}
-
-// certHolder loads and caches a TLS certificate from disk, reloading
-// it every hour.
-type certHolder struct {
-	hostname string // only hostname allowed in SNI
-	path     string // path of certificate+key combined PEM file
-
-	mu     sync.Mutex
-	cert   *tls.Certificate // cached parsed cert+key
-	loaded time.Time
-}
-
-func (c *certHolder) GetCertificate(ch *tls.ClientHelloInfo) (*tls.Certificate, error) {
-	if ch.ServerName != c.hostname {
-		return nil, fmt.Errorf("wrong client SNI %q", ch.ServerName)
-	}
-	c.mu.Lock()
-	defer c.mu.Unlock()
-	if time.Since(c.loaded) > time.Hour {
-		if err := c.loadLocked(); err != nil {
-			log.Printf("Reloading cert %q: %v", c.path, err)
-			// continue anyway, we might be able to serve off the stale cert.
-		}
-	}
-	return c.cert, nil
-}
-
-// load reloads the TLS certificate and key from disk. Caller must
-// hold mu.
-func (c *certHolder) loadLocked() error {
-	bs, err := ioutil.ReadFile(c.path)
-	if err != nil {
-		return fmt.Errorf("reading %q: %v", c.path, err)
-	}
-	cert, err := tls.X509KeyPair(bs, bs)
-	if err != nil {
-		return fmt.Errorf("parsing %q: %v", c.path, err)
-	}
-
-	c.cert = &cert
-	c.loaded = time.Now()
-	return nil
-}
-
-// debugHandler serves a page with links to tsweb-managed debug URLs
-// at /debug/.
-func debugHandler(w http.ResponseWriter, r *http.Request) {
-	f := func(format string, args ...interface{}) { fmt.Fprintf(w, format, args...) }
-	f(`<html><body>
-<h1>microproxy debug</h1>
-<ul>
-`)
-	f("<li><b>Hostname:</b> %v</li>\n", *hostname)
-	f("<li><b>Uptime:</b> %v</li>\n", tsweb.Uptime())
-	f(`<li><a href="/debug/vars">/debug/vars</a> (Go)</li>
-   <li><a href="/debug/varz">/debug/varz</a> (Prometheus)</li>
-   <li><a href="/debug/pprof/">/debug/pprof/</a></li>
-   <li><a href="/debug/pprof/goroutine?debug=1">/debug/pprof/goroutine</a> (collapsed)</li>
-   <li><a href="/debug/pprof/goroutine?debug=2">/debug/pprof/goroutine</a> (full)</li>
-<ul>
-</html>
-`)
-}

cmd/mkpkg/main.go

@@ -31,28 +31,17 @@ func parseFiles(s string) (map[string]string, error) {
 	return ret, nil
 }
 
-func parseEmptyDirs(s string) []string {
-	// strings.Split("", ",") would return []string{""}, which is not suitable:
-	// this would create an empty dir record with path "", breaking the package
-	if s == "" {
-		return nil
-	}
-	return strings.Split(s, ",")
-}
-
 func main() {
 	out := getopt.StringLong("out", 'o', "", "output file to write")
 	goarch := getopt.StringLong("arch", 'a', "amd64", "GOARCH this package is for")
 	pkgType := getopt.StringLong("type", 't', "deb", "type of package to build (deb or rpm)")
 	files := getopt.StringLong("files", 'F', "", "comma-separated list of files in src:dst form")
 	configFiles := getopt.StringLong("configs", 'C', "", "like --files, but for files marked as user-editable config files")
-	emptyDirs := getopt.StringLong("emptydirs", 'E', "", "comma-separated list of empty directories")
 	version := getopt.StringLong("version", 0, "0.0.0", "version of the package")
 	postinst := getopt.StringLong("postinst", 0, "", "debian postinst script path")
 	prerm := getopt.StringLong("prerm", 0, "", "debian prerm script path")
 	postrm := getopt.StringLong("postrm", 0, "", "debian postrm script path")
 	replaces := getopt.StringLong("replaces", 0, "", "package which this package replaces, if any")
-	depends := getopt.StringLong("depends", 0, "", "comma-separated list of packages this package depends on")
 	getopt.Parse()
 
 	filesMap, err := parseFiles(*files)
@@ -63,7 +52,6 @@ func main() {
 	if err != nil {
 		log.Fatalf("Parsing --configs: %v", err)
 	}
-	emptyDirList := parseEmptyDirs(*emptyDirs)
 	info := nfpm.WithDefaults(&nfpm.Info{
 		Name:        "tailscale",
 		Arch:        *goarch,
@@ -74,9 +62,8 @@ func main() {
 		Homepage:    "https://www.tailscale.com",
 		License:     "MIT",
 		Overridables: nfpm.Overridables{
-			EmptyFolders: emptyDirList,
-			Files:        filesMap,
-			ConfigFiles:  configsMap,
+			Files:       filesMap,
+			ConfigFiles: configsMap,
 			Scripts: nfpm.Scripts{
 				PostInstall: *postinst,
 				PreRemove:   *prerm,
@@ -85,9 +72,6 @@ func main() {
 		},
 	})
 
-	if len(*depends) != 0 {
-		info.Overridables.Depends = strings.Split(*depends, ",")
-	}
 	if *replaces != "" {
 		info.Overridables.Replaces = []string{*replaces}
 		info.Overridables.Conflicts = []string{*replaces}

cmd/relaynode/.gitignore

@@ -0,0 +1,14 @@
+/*.tar.gz
+/*.deb
+/*.rpm
+/*.spec
+/pkgver
+debian/changelog
+debian/debhelper-build-stamp
+debian/files
+debian/*.log
+debian/*.substvars
+debian/*.debhelper
+debian/tailscale-relay
+/tailscale-relay/
+/tailscale-relay-*

cmd/relaynode/clean.do

@@ -0,0 +1 @@
+rm -f debian/changelog *~ debian/*~

cmd/relaynode/clean.od

@@ -0,0 +1,13 @@
+exec >&2
+read -r package <package
+rm -f *~ .*~ \
+	debian/*~ debian/changelog debian/debhelper-build-stamp \
+	debian/*.log debian/files debian/*.substvars debian/*.debhelper \
+	*.tar.gz *.deb *.rpm *.spec pkgver relaynode *.exe
+[ -n "$package" ] && rm -rf "debian/$package"
+for d in */.stamp; do
+	if [ -e "$d" ]; then
+		dir=$(dirname "$d")
+		rm -rf "$dir"
+	fi
+done

cmd/relaynode/deb.od

@@ -0,0 +1,10 @@
+exec >&2
+dir=${1%/*}
+redo-ifchange "$S/$dir/package" "$S/oss/version/short.txt"
+read -r package <"$S/$dir/package"
+read -r version <"$S/oss/version/short.txt"
+arch=$(dpkg --print-architecture)
+
+redo-ifchange "$dir/${package}_$arch.deb"
+rm -f "$dir/${package}"_*_"$arch.deb"
+ln -sf "${package}_$arch.deb" "$dir/${package}_${version}_$arch.deb"

cmd/relaynode/debian/README.Debian

@@ -0,0 +1 @@
+Tailscale IPN relay daemon.

cmd/relaynode/debian/changelog.do

@@ -0,0 +1,5 @@
+redo-ifchange ../../../version/short.txt gen-changelog
+(
+	cd ..
+	debian/gen-changelog
+) >$3

cmd/relaynode/debian/compat

@@ -0,0 +1 @@
+9

cmd/relaynode/debian/control

@@ -0,0 +1,14 @@
+Source: tailscale-relay
+Section: net
+Priority: extra
+Maintainer: Avery Pennarun <apenwarr@tailscale.com>
+Build-Depends: debhelper (>= 10.2.5), dh-systemd (>= 1.5)
+Standards-Version: 3.9.2
+Homepage: https://tailscale.com/
+Vcs-Git: https://github.com/tailscale/tailscale
+Vcs-Browser: https://github.com/tailscale/tailscale
+
+Package: tailscale-relay
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Description: Traffic relay node for Tailscale IPN

cmd/relaynode/debian/copyright

@@ -0,0 +1,11 @@
+Format: http://svn.debian.org/wsvn/dep/web/deps/dep5.mdwn?op=file&rev=173
+Upstream-Name: tailscale-relay
+Upstream-Contact: Avery Pennarun <apenwarr@tailscale.com>
+Source: https://github.com/tailscale/tailscale/
+
+Files: *
+Copyright: © 2019 Tailscale Inc. <info@tailscale.com>
+License: Proprietary
+ *
+ * Copyright 2019 Tailscale Inc. All rights reserved.
+ *

cmd/relaynode/debian/gen-changelog

@@ -0,0 +1,25 @@
+#!/bin/sh
+read junk pkgname <debian/control
+read shortver <../../version/short.txt
+git log --pretty='format:'"$pkgname"' (SHA:%H) unstable; urgency=low
+
+  * %s
+  
+ -- %aN <%aE>  %aD
+' . |
+python -Sc '
+import os, re, subprocess, sys
+
+first = True
+def Describe(g):
+  global first
+  if first:
+    s = sys.argv[1]
+    first = False
+  else:
+    sha = g.group(1)
+    s = subprocess.check_output(["git", "describe", "--always", "--", sha]).strip().decode("utf-8")
+  return re.sub(r"^\D*", "", s)
+
+print(re.sub(r"SHA:([0-9a-f]+)", Describe, sys.stdin.read()))
+' "$shortver"

cmd/relaynode/debian/install

@@ -0,0 +1,3 @@
+relaynode			/usr/sbin
+tailscale-login			/usr/sbin
+taillogin			/usr/sbin

cmd/relaynode/debian/postinst

@@ -0,0 +1,8 @@
+#DEBHELPER#
+
+f=/var/lib/tailscale/relay.conf
+if ! [ -e "$f" ]; then
+	echo
+	echo "Note: Run tailscale-login to configure $f." >&2
+	echo
+fi

cmd/relaynode/debian/rules

@@ -0,0 +1,10 @@
+#!/usr/bin/make -f
+DESTDIR=debian/tailscale-relay
+
+override_dh_auto_test:
+override_dh_auto_install:
+	mkdir -p "${DESTDIR}/etc/default"
+	cp tailscale-relay.defaults "${DESTDIR}/etc/default/tailscale-relay"
+
+%:
+	dh $@ --with=systemd

cmd/relaynode/debian/tailscale-relay.service

@@ -0,0 +1,12 @@
+[Unit]
+Description=Traffic relay node for Tailscale IPN
+After=network.target
+ConditionPathExists=/var/lib/tailscale/relay.conf
+
+[Service]
+EnvironmentFile=/etc/default/tailscale-relay
+ExecStart=/usr/sbin/relaynode --config=/var/lib/tailscale/relay.conf --tun=wg0 $PORT $FLAGS
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target

cmd/relaynode/default.deb.od

@@ -0,0 +1,21 @@
+exec >&2
+dir=${1%/*}
+redo-ifchange "$S/oss/version/short.txt" "$S/$dir/package" "$dir/debtmp.dir"
+read -r package <"$S/$dir/package"
+read -r version <"$S/oss/version/short.txt"
+arch=$(dpkg --print-architecture)
+
+(
+	cd "$S/$dir"
+	git ls-files debian | xargs redo-ifchange debian/changelog
+)
+cp -a "$S/$dir/debian" "$dir/debtmp/"
+rm -f "$dir/debtmp/debian/$package.debhelper.log"
+rm -f "$dir/${package}_${version}_${arch}.deb"
+(
+	cd "$dir/debtmp" &&
+	debian/rules build &&
+	fakeroot debian/rules binary
+)
+
+mv "$dir/${package}_${version}_${arch}.deb" "$3"

cmd/relaynode/default.dir.od

@@ -0,0 +1,20 @@
+# Generate a directory tree suitable for forming a tarball of
+# this package.
+exec >&2
+dir=${1%/*}
+outdir=$PWD/${1%.dir}
+rm -rf "$outdir"
+mkdir "$outdir"
+touch $outdir/.stamp
+sfiles="
+	tailscale-login
+	debian/*.service
+	*.defaults
+"
+ofiles="
+	relaynode
+	../taillogin/taillogin
+"
+redo-ifchange "$outdir/.stamp"
+(cd "$S/$dir" && redo-ifchange $sfiles && cp $sfiles "$outdir/")
+(cd "$dir" && redo-ifchange $ofiles && cp $ofiles "$outdir/")

cmd/relaynode/default.rpm.od

@@ -0,0 +1,15 @@
+exec >&2
+dir=${1%/*}
+pkg=${1##*/}
+pkg=${pkg%.rpm}
+redo-ifchange "$S/oss/version/short.txt" "$dir/$pkg.tar.gz" "$dir/$pkg.spec"
+read -r pkgver junk <"$S/oss/version/short.txt"
+
+machine=$(uname -m)
+rpmbase=$HOME/rpmbuild
+
+mkdir -p "$rpmbase/SOURCES/"
+cp "$dir/$pkg.tar.gz" "$rpmbase/SOURCES/"
+rm -f "$rpmbase/RPMS/$machine/$pkg-$pkgver.$machine.rpm"
+rpmbuild -bb "$dir/$pkg.spec"
+mv "$rpmbase/RPMS/$machine/$pkg-$pkgver.$machine.rpm" $3

cmd/relaynode/default.spec.od

@@ -0,0 +1,7 @@
+redo-ifchange "$S/$1.in" "$S/oss/version/short.txt"
+read -r pkgver junk <"$S/oss/version/short.txt"
+basever=${pkgver%-*}
+subver=${pkgver#*-}
+sed -e "s/Version: 0.00$/Version: $basever/" \
+    -e "s/Release: 0$/Release: $subver/" \
+	<"$S/$1.in" >"$3"

cmd/relaynode/default.tar.gz.od

@@ -0,0 +1,8 @@
+exec >&2
+xdir=${1%.tar.gz}
+base=${xdir##*/}
+updir=${xdir%/*}
+redo-ifchange "$xdir.dir"
+OUT="$PWD/$3"
+
+cd "$updir" && tar -czvf "$OUT" --exclude "$base/.stamp" "$base"

cmd/relaynode/dist.od

@@ -0,0 +1,15 @@
+# Build packages for customer distribution.
+dir=${1%/*}
+cd "$dir"
+targets="tarball"
+if which dh_clean fakeroot dpkg >/dev/null; then
+	targets="$targets deb"
+else
+	echo "Skipping debian packages: debhelper and/or dpkg build tools missing." >&2
+fi
+if which rpm >/dev/null; then
+	targets="$targets rpm"
+else
+	echo "Skipping rpm packages: rpm build tools missing." >&2
+fi
+redo-ifchange $targets

cmd/relaynode/docker/.gitignore

@@ -0,0 +1 @@
+/relaynode

cmd/relaynode/docker/Dockerfile

@@ -0,0 +1,17 @@
+# Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
+# Use of this source code is governed by a BSD-style
+# license that can be found in the LICENSE file.
+
+# Build with: docker build -t tailcontrol-alpine .
+# Run with: docker run --cap-add=NET_ADMIN --device=/dev/net/tun:/dev/net/tun -it tailcontrol-alpine
+
+FROM debian:stretch-slim
+
+RUN apt-get update && apt-get -y install iproute2 iptables
+RUN apt-get -y install ca-certificates
+RUN apt-get -y install nginx-light
+
+COPY relaynode /
+
+# tailcontrol -tun=wg0 -dbdir=$HOME/taildb >> tailcontrol.log 2>&1 &
+CMD ["/relaynode", "-R", "--config", "relay.conf"]

cmd/relaynode/docker/all.do

@@ -0,0 +1 @@
+redo-ifchange build

cmd/relaynode/docker/build.do

@@ -0,0 +1,3 @@
+exec >&2
+redo-ifchange Dockerfile relaynode
+docker build -t tailscale .

cmd/relaynode/docker/relaynode.do

@@ -0,0 +1,2 @@
+redo-ifchange ../relaynode
+cp ../relaynode $3

cmd/relaynode/docker/run.sh

@@ -0,0 +1,10 @@
+#!/bin/sh
+# Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
+# Use of this source code is governed by a BSD-style
+# license that can be found in the LICENSE file.
+
+set -e
+redo-ifchange build
+docker run --cap-add=NET_ADMIN \
+	--device=/dev/net/tun:/dev/net/tun \
+	-it tailscale

cmd/relaynode/package

@@ -0,0 +1 @@
+tailscale-relay

cmd/relaynode/relaynode.go

@@ -0,0 +1,239 @@
+// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Relaynode is the old Linux Tailscale daemon.
+//
+// Deprecated: this program will be soon deleted. The replacement is
+// cmd/tailscaled.
+package main // import "tailscale.com/cmd/relaynode"
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"log"
+	"net/http"
+	"net/http/pprof"
+	"os"
+	"os/signal"
+	"strings"
+	"syscall"
+	"time"
+
+	"github.com/apenwarr/fixconsole"
+	"github.com/google/go-cmp/cmp"
+	"github.com/klauspost/compress/zstd"
+	"github.com/pborman/getopt/v2"
+	"github.com/tailscale/wireguard-go/wgcfg"
+	"tailscale.com/atomicfile"
+	"tailscale.com/control/controlclient"
+	"tailscale.com/logpolicy"
+	"tailscale.com/version"
+	"tailscale.com/wgengine"
+	"tailscale.com/wgengine/filter"
+	"tailscale.com/wgengine/magicsock"
+)
+
+func main() {
+	err := fixconsole.FixConsoleIfNeeded()
+	if err != nil {
+		log.Printf("fixConsoleOutput: %v\n", err)
+	}
+	config := getopt.StringLong("config", 'f', "", "path to config file")
+	server := getopt.StringLong("server", 's', "https://login.tailscale.com", "URL to tailcontrol server")
+	listenport := getopt.Uint16Long("port", 'p', magicsock.DefaultPort, "WireGuard port (0=autoselect)")
+	tunname := getopt.StringLong("tun", 0, "wg0", "tunnel interface name")
+	alwaysrefresh := getopt.BoolLong("always-refresh", 0, "force key refresh at startup")
+	fake := getopt.BoolLong("fake", 0, "fake tunnel+routing instead of tuntap")
+	nuroutes := getopt.BoolLong("no-single-routes", 'N', "disallow (non-subnet) routes to single nodes")
+	rroutes := getopt.BoolLong("remote-routes", 'R', "allow routing subnets to remote nodes")
+	droutes := getopt.BoolLong("default-routes", 'D', "allow default route on remote node")
+	routes := getopt.StringLong("routes", 0, "", "list of IP ranges this node can relay")
+	debug := getopt.StringLong("debug", 0, "", "Address of debug server")
+	getopt.Parse()
+	if len(getopt.Args()) > 0 {
+		log.Fatalf("too many non-flag arguments: %#v", getopt.Args()[0])
+	}
+	uflags := controlclient.UFlagsHelper(!*nuroutes, *rroutes, *droutes)
+	if *config == "" {
+		log.Fatal("no --config file specified")
+	}
+	if *tunname == "" {
+		log.Printf("Warning: no --tun device specified; routing disabled.\n")
+	}
+
+	pol := logpolicy.New("tailnode.log.tailscale.io")
+
+	logf := wgengine.RusagePrefixLog(log.Printf)
+
+	// The wgengine takes a wireguard configuration produced by the
+	// controlclient, and runs the actual tunnels and packets.
+	var e wgengine.Engine
+	if *fake {
+		e, err = wgengine.NewFakeUserspaceEngine(logf, *listenport)
+	} else {
+		e, err = wgengine.NewUserspaceEngine(logf, *tunname, *listenport)
+	}
+	if err != nil {
+		log.Fatalf("Error starting wireguard engine: %v\n", err)
+	}
+
+	e = wgengine.NewWatchdog(e)
+
+	// Default filter blocks everything, until Start() is called.
+	e.SetFilter(filter.NewAllowNone())
+
+	var lastNetMap *controlclient.NetworkMap
+	statusFunc := func(new controlclient.Status) {
+		if new.URL != "" {
+			fmt.Fprintf(os.Stderr, "To authenticate, visit:\n\n\t%s\n\n", new.URL)
+			return
+		}
+		if new.Err != "" {
+			log.Print(new.Err)
+			return
+		}
+		if new.Persist != nil {
+			if err := saveConfig(*config, *new.Persist); err != nil {
+				log.Println(err)
+			}
+		}
+
+		if m := new.NetMap; m != nil {
+			if lastNetMap != nil {
+				s1 := strings.Split(lastNetMap.Concise(), "\n")
+				s2 := strings.Split(new.NetMap.Concise(), "\n")
+				logf("netmap diff:\n%v\n", cmp.Diff(s1, s2))
+			}
+			lastNetMap = m
+
+			if m.Equal(&controlclient.NetworkMap{}) {
+				return
+			}
+
+			log.Printf("packet filter: %v\n", m.PacketFilter)
+			e.SetFilter(filter.New(m.PacketFilter))
+
+			wgcfg, err := m.WGCfg(uflags, m.DNS)
+			if err != nil {
+				log.Fatalf("Error getting wg config: %v\n", err)
+			}
+			err = e.Reconfig(wgcfg, m.DNSDomains)
+			if err != nil {
+				log.Fatalf("Error reconfiguring engine: %v\n", err)
+			}
+		}
+	}
+
+	cfg, err := loadConfig(*config)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	hi := controlclient.NewHostinfo()
+	hi.FrontendLogID = pol.PublicID.String()
+	hi.BackendLogID = pol.PublicID.String()
+	if *routes != "" {
+		for _, routeStr := range strings.Split(*routes, ",") {
+			cidr, err := wgcfg.ParseCIDR(routeStr)
+			if err != nil {
+				log.Fatalf("--routes: not an IP range: %s", routeStr)
+			}
+			hi.RoutableIPs = append(hi.RoutableIPs, *cidr)
+		}
+	}
+
+	c, err := controlclient.New(controlclient.Options{
+		Persist:   cfg,
+		ServerURL: *server,
+		Hostinfo:  hi,
+		NewDecompressor: func() (controlclient.Decompressor, error) {
+			return zstd.NewReader(nil)
+		},
+		KeepAlive: true,
+	})
+	c.SetStatusFunc(statusFunc)
+	if err != nil {
+		log.Fatal(err)
+	}
+	lf := controlclient.LoginDefault
+	if *alwaysrefresh {
+		lf |= controlclient.LoginInteractive
+	}
+	c.Login(nil, lf)
+
+	// Print the wireguard status when we get an update.
+	e.SetStatusCallback(func(s *wgengine.Status, err error) {
+		if err != nil {
+			log.Fatalf("Wireguard engine status error: %v\n", err)
+		}
+		var ss []string
+		for _, p := range s.Peers {
+			if p.LastHandshake.IsZero() {
+				ss = append(ss, "x")
+			} else {
+				ss = append(ss, fmt.Sprintf("%d/%d", p.RxBytes, p.TxBytes))
+			}
+		}
+		logf("v%v peers: %v\n", version.LONG, strings.Join(ss, " "))
+		c.UpdateEndpoints(0, s.LocalAddrs)
+	})
+
+	if *debug != "" {
+		go runDebugServer(*debug)
+	}
+
+	sigCh := make(chan os.Signal, 1)
+	signal.Notify(sigCh, os.Interrupt)
+	signal.Notify(sigCh, syscall.SIGTERM)
+
+	<-sigCh
+	logf("signal received, exiting")
+
+	ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second)
+	defer cancel()
+
+	e.Close()
+	pol.Shutdown(ctx)
+}
+
+func loadConfig(path string) (cfg controlclient.Persist, err error) {
+	b, err := ioutil.ReadFile(path)
+	if os.IsNotExist(err) {
+		log.Printf("config %s does not exist", path)
+		return controlclient.Persist{}, nil
+	}
+	if err := json.Unmarshal(b, &cfg); err != nil {
+		return controlclient.Persist{}, fmt.Errorf("load config: %v", err)
+	}
+	return cfg, nil
+}
+
+func saveConfig(path string, cfg controlclient.Persist) error {
+	b, err := json.MarshalIndent(cfg, "", "\t")
+	if err != nil {
+		return fmt.Errorf("save config: %v", err)
+	}
+	if err := atomicfile.WriteFile(path, b, 0666); err != nil {
+		return fmt.Errorf("save config: %v", err)
+	}
+	return nil
+}
+
+func runDebugServer(addr string) {
+	mux := http.NewServeMux()
+	mux.HandleFunc("/debug/pprof/", pprof.Index)
+	mux.HandleFunc("/debug/pprof/cmdline", pprof.Cmdline)
+	mux.HandleFunc("/debug/pprof/profile", pprof.Profile)
+	mux.HandleFunc("/debug/pprof/symbol", pprof.Symbol)
+	mux.HandleFunc("/debug/pprof/trace", pprof.Trace)
+	srv := http.Server{
+		Addr:    addr,
+		Handler: mux,
+	}
+	if err := srv.ListenAndServe(); err != nil {
+		log.Fatal(err)
+	}
+}

cmd/relaynode/relaynode.od

@@ -1 +0,0 @@
-# placeholder to work around redo bug

cmd/relaynode/rpm.od

@@ -0,0 +1,9 @@
+exec >&2
+dir=${2%/*}
+redo-ifchange "$S/$dir/package" "$S/oss/version/short.txt"
+read -r package <"$S/$dir/package"
+read -r pkgver <"$S/oss/version/short.txt"
+machine=$(uname -m)
+redo-ifchange "$dir/$package.rpm"
+rm -f "$dir/${package}"-*."$machine.rpm"
+ln -sf "$package.rpm" "$dir/$package-$pkgver.$machine.rpm"

cmd/relaynode/tailscale-login

@@ -0,0 +1,4 @@
+#!/bin/sh
+cfg=/var/lib/tailscale/relay.conf
+dir=$(dirname "$0")
+"$dir/taillogin" --config="$cfg"

cmd/relaynode/tailscale-relay.defaults

@@ -0,0 +1,8 @@
+# Set the port to listen on for incoming VPN packets.
+# Remote nodes will automatically be informed about the new port number,
+# but you might want to configure this in order to set external firewall
+# settings.
+PORT="--port=41641"
+
+# Extra flags you might want to pass to relaynode.
+FLAGS=""

cmd/relaynode/tailscale-relay.spec.in

@@ -0,0 +1,40 @@
+Name: tailscale-relay
+Version: 0.00
+Release: 0
+Summary: Traffic relay node for Tailscale
+Group: Network
+License: Proprietary
+URL: https://tailscale.com/
+Vendor: Tailscale Inc.
+#Source: https://github.com/tailscale/tailscale
+Source0: tailscale-relay.tar.gz
+#Prefix: %{_prefix}
+Packager: Avery Pennarun <apenwarr@tailscale.com>
+BuildRoot: %{_tmppath}/%{name}-root
+
+%description
+Traffic relay node for Tailscale.
+
+%prep
+%setup -n tailscale-relay
+
+%build
+
+%install
+D=$RPM_BUILD_ROOT
+[ "$D" = "/" -o -z "$D" ] && exit 99
+rm -rf "$D"
+mkdir -p $D/usr/sbin $D/lib/systemd/system $D/etc/default $D/etc/tailscale
+cp taillogin tailscale-login relaynode $D/usr/sbin
+cp tailscale-relay.service $D/lib/systemd/system/
+cp tailscale-relay.defaults $D/etc/default/tailscale-relay
+
+%clean
+
+%files
+%defattr(-,root,root)
+%config(noreplace) /etc/default/tailscale-relay
+/lib/systemd/system/tailscale-relay.service
+/usr/sbin/taillogin
+/usr/sbin/tailscale-login
+/usr/sbin/relaynode

cmd/relaynode/tarball.od

@@ -0,0 +1,7 @@
+dir=${1%/*}
+redo-ifchange "$S/$dir/package" "$S/oss/version/short.txt"
+read -r package <"$S/$dir/package"
+read -r version <"$S/oss/version/short.txt"
+redo-ifchange "$dir/$package.tar.gz"
+rm -f "$dir/$package"-*.tar.gz
+ln -sf "$package.tar.gz" "$dir/$package-$version.tar.gz"

cmd/taillogin/taillogin.go

@@ -0,0 +1,99 @@
+// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// The taillogin command, invoked via the tailscale-login shell script, is shipped
+// with the current (old) Linux client, to log in to Tailscale on a Linux box.
+//
+// Deprecated: this will be deleted, to be replaced by cmd/tailscale.
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"log"
+	"os"
+
+	"github.com/pborman/getopt/v2"
+	"tailscale.com/atomicfile"
+	"tailscale.com/control/controlclient"
+	"tailscale.com/logpolicy"
+)
+
+func main() {
+	config := getopt.StringLong("config", 'f', "", "path to config file")
+	server := getopt.StringLong("server", 's', "https://login.tailscale.com", "URL to tailgate server")
+	getopt.Parse()
+	if len(getopt.Args()) > 0 {
+		log.Fatal("too many non-flag arguments")
+	}
+	if *config == "" {
+		log.Fatal("no --config file specified")
+	}
+	pol := logpolicy.New("tailnode.log.tailscale.io")
+	defer pol.Close()
+
+	cfg, err := loadConfig(*config)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	hi := controlclient.NewHostinfo()
+	hi.FrontendLogID = pol.PublicID.String()
+	hi.BackendLogID = pol.PublicID.String()
+
+	done := make(chan struct{}, 1)
+	c, err := controlclient.New(controlclient.Options{
+		Persist:   cfg,
+		ServerURL: *server,
+		Hostinfo:  hi,
+	})
+	if err != nil {
+		log.Fatal(err)
+	}
+	c.SetStatusFunc(func(new controlclient.Status) {
+		if new.URL != "" {
+			fmt.Fprintf(os.Stderr, "To authenticate, visit:\n\n\t%s\n\n", new.URL)
+			return
+		}
+		if new.Err != "" {
+			log.Print(new.Err)
+			return
+		}
+		if new.Persist != nil {
+			if err := saveConfig(*config, *new.Persist); err != nil {
+				log.Println(err)
+			}
+		}
+		if new.NetMap != nil {
+			done <- struct{}{}
+		}
+	})
+	c.Login(nil, 0)
+	<-done
+	log.Printf("Success.\n")
+}
+
+func loadConfig(path string) (cfg controlclient.Persist, err error) {
+	b, err := ioutil.ReadFile(path)
+	if os.IsNotExist(err) {
+		log.Printf("config %s does not exist", path)
+		return controlclient.Persist{}, nil
+	}
+	if err := json.Unmarshal(b, &cfg); err != nil {
+		return controlclient.Persist{}, fmt.Errorf("load config: %v", err)
+	}
+	return cfg, nil
+}
+
+func saveConfig(path string, cfg controlclient.Persist) error {
+	b, err := json.MarshalIndent(cfg, "", "\t")
+	if err != nil {
+		return fmt.Errorf("save config: %v", err)
+	}
+	if err := atomicfile.WriteFile(path, b, 0666); err != nil {
+		return fmt.Errorf("save config: %v", err)
+	}
+	return nil
+}

cmd/tailscale/cli/cli.go

@@ -1,123 +0,0 @@
-// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package cli contains the cmd/tailscale CLI code in a package that can be included
-// in other wrapper binaries such as the Mac and Windows clients.
-package cli
-
-import (
-	"context"
-	"flag"
-	"log"
-	"net"
-	"os"
-	"os/signal"
-	"runtime"
-	"strings"
-	"syscall"
-
-	"github.com/peterbourgon/ff/v2/ffcli"
-	"tailscale.com/ipn"
-	"tailscale.com/paths"
-	"tailscale.com/safesocket"
-)
-
-// ActLikeCLI reports whether a GUI application should act like the
-// CLI based on os.Args, GOOS, the context the process is running in
-// (pty, parent PID), etc.
-func ActLikeCLI() bool {
-	if len(os.Args) < 2 {
-		return false
-	}
-	switch os.Args[1] {
-	case "up", "status", "netcheck", "version",
-		"-V", "--version", "-h", "--help":
-		return true
-	}
-	return false
-}
-
-// Run runs the CLI. The args do not include the binary name.
-func Run(args []string) error {
-	if len(args) == 1 && (args[0] == "-V" || args[0] == "--version") {
-		args = []string{"version"}
-	}
-
-	rootfs := flag.NewFlagSet("tailscale", flag.ExitOnError)
-	rootfs.StringVar(&rootArgs.socket, "socket", paths.DefaultTailscaledSocket(), "path to tailscaled's unix socket")
-
-	rootCmd := &ffcli.Command{
-		Name:       "tailscale",
-		ShortUsage: "tailscale subcommand [flags]",
-		ShortHelp:  "The easiest, most secure way to use WireGuard.",
-		LongHelp: strings.TrimSpace(`
-This CLI is still under active development. Commands and flags will
-change in the future.
-`),
-		Subcommands: []*ffcli.Command{
-			upCmd,
-			netcheckCmd,
-			statusCmd,
-			versionCmd,
-		},
-		FlagSet: rootfs,
-		Exec:    func(context.Context, []string) error { return flag.ErrHelp },
-	}
-
-	if err := rootCmd.Parse(args); err != nil {
-		return err
-	}
-
-	err := rootCmd.Run(context.Background())
-	if err == flag.ErrHelp {
-		return nil
-	}
-	return err
-}
-
-var rootArgs struct {
-	socket string
-}
-
-func connect(ctx context.Context) (net.Conn, *ipn.BackendClient, context.Context, context.CancelFunc) {
-	c, err := safesocket.Connect(rootArgs.socket, 41112)
-	if err != nil {
-		if runtime.GOOS != "windows" && rootArgs.socket == "" {
-			log.Fatalf("--socket cannot be empty")
-		}
-		log.Fatalf("Failed to connect to connect to tailscaled. (safesocket.Connect: %v)\n", err)
-	}
-	clientToServer := func(b []byte) {
-		ipn.WriteMsg(c, b)
-	}
-
-	ctx, cancel := context.WithCancel(ctx)
-
-	go func() {
-		interrupt := make(chan os.Signal, 1)
-		signal.Notify(interrupt, syscall.SIGINT, syscall.SIGTERM)
-		<-interrupt
-		c.Close()
-		cancel()
-	}()
-
-	bc := ipn.NewBackendClient(log.Printf, clientToServer)
-	return c, bc, ctx, cancel
-}
-
-// pump receives backend messages on conn and pushes them into bc.
-func pump(ctx context.Context, bc *ipn.BackendClient, conn net.Conn) {
-	defer conn.Close()
-	for ctx.Err() == nil {
-		msg, err := ipn.ReadMsg(conn)
-		if err != nil {
-			if ctx.Err() != nil {
-				return
-			}
-			log.Printf("ReadMsg: %v\n", err)
-			break
-		}
-		bc.GotNotifyMsg(msg)
-	}
-}

cmd/tailscale/cli/netcheck.go

@@ -1,162 +0,0 @@
-// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package cli
-
-import (
-	"context"
-	"encoding/json"
-	"flag"
-	"fmt"
-	"log"
-	"os"
-	"sort"
-	"strings"
-	"time"
-
-	"github.com/peterbourgon/ff/v2/ffcli"
-	"tailscale.com/derp/derpmap"
-	"tailscale.com/net/dnscache"
-	"tailscale.com/net/netcheck"
-	"tailscale.com/tailcfg"
-	"tailscale.com/types/logger"
-)
-
-var netcheckCmd = &ffcli.Command{
-	Name:       "netcheck",
-	ShortUsage: "netcheck",
-	ShortHelp:  "Print an analysis of local network conditions",
-	Exec:       runNetcheck,
-	FlagSet: (func() *flag.FlagSet {
-		fs := flag.NewFlagSet("netcheck", flag.ExitOnError)
-		fs.StringVar(&netcheckArgs.format, "format", "", `output format; empty (for human-readable), "json" or "json-line"`)
-		fs.DurationVar(&netcheckArgs.every, "every", 0, "if non-zero, do an incremental report with the given frequency")
-		fs.BoolVar(&netcheckArgs.verbose, "verbose", false, "verbose logs")
-		return fs
-	})(),
-}
-
-var netcheckArgs struct {
-	format  string
-	every   time.Duration
-	verbose bool
-}
-
-func runNetcheck(ctx context.Context, args []string) error {
-	c := &netcheck.Client{
-		DNSCache: dnscache.Get(),
-	}
-	if netcheckArgs.verbose {
-		c.Logf = logger.WithPrefix(log.Printf, "netcheck: ")
-		c.Verbose = true
-	} else {
-		c.Logf = logger.Discard
-	}
-
-	if strings.HasPrefix(netcheckArgs.format, "json") {
-		fmt.Fprintln(os.Stderr, "# Warning: this JSON format is not yet considered a stable interface")
-	}
-
-	dm := derpmap.Prod()
-	for {
-		t0 := time.Now()
-		report, err := c.GetReport(ctx, dm)
-		d := time.Since(t0)
-		if netcheckArgs.verbose {
-			c.Logf("GetReport took %v; err=%v", d.Round(time.Millisecond), err)
-		}
-		if err != nil {
-			log.Fatalf("netcheck: %v", err)
-		}
-		if err := printReport(dm, report); err != nil {
-			return err
-		}
-		if netcheckArgs.every == 0 {
-			return nil
-		}
-		time.Sleep(netcheckArgs.every)
-	}
-}
-
-func printReport(dm *tailcfg.DERPMap, report *netcheck.Report) error {
-	var j []byte
-	var err error
-	switch netcheckArgs.format {
-	case "":
-		break
-	case "json":
-		j, err = json.MarshalIndent(report, "", "\t")
-	case "json-line":
-		j, err = json.Marshal(report)
-	default:
-		return fmt.Errorf("unknown output format %q", netcheckArgs.format)
-	}
-	if err != nil {
-		return err
-	}
-	if j != nil {
-		j = append(j, '\n')
-		os.Stdout.Write(j)
-		return nil
-	}
-
-	fmt.Printf("\nReport:\n")
-	fmt.Printf("\t* UDP: %v\n", report.UDP)
-	if report.GlobalV4 != "" {
-		fmt.Printf("\t* IPv4: yes, %v\n", report.GlobalV4)
-	} else {
-		fmt.Printf("\t* IPv4: (no addr found)\n")
-	}
-	if report.GlobalV6 != "" {
-		fmt.Printf("\t* IPv6: yes, %v\n", report.GlobalV6)
-	} else if report.IPv6 {
-		fmt.Printf("\t* IPv6: (no addr found)\n")
-	} else {
-		fmt.Printf("\t* IPv6: no\n")
-	}
-	fmt.Printf("\t* MappingVariesByDestIP: %v\n", report.MappingVariesByDestIP)
-	fmt.Printf("\t* HairPinning: %v\n", report.HairPinning)
-	fmt.Printf("\t* PortMapping: %v\n", portMapping(report))
-
-	// When DERP latency checking failed,
-	// magicsock will try to pick the DERP server that
-	// most of your other nodes are also using
-	if len(report.RegionLatency) == 0 {
-		fmt.Printf("\t* Nearest DERP: unknown (no response to latency probes)\n")
-	} else {
-		fmt.Printf("\t* Nearest DERP: %v (%v)\n", report.PreferredDERP, dm.Regions[report.PreferredDERP].RegionCode)
-		fmt.Printf("\t* DERP latency:\n")
-		var rids []int
-		for rid := range dm.Regions {
-			rids = append(rids, rid)
-		}
-		sort.Ints(rids)
-		for _, rid := range rids {
-			d, ok := report.RegionLatency[rid]
-			var latency string
-			if ok {
-				latency = d.Round(time.Millisecond / 10).String()
-			}
-			fmt.Printf("\t\t- %v, %3s = %s\n", rid, dm.Regions[rid].RegionCode, latency)
-		}
-	}
-	return nil
-}
-
-func portMapping(r *netcheck.Report) string {
-	if !r.AnyPortMappingChecked() {
-		return "not checked"
-	}
-	var got []string
-	if r.UPnP.EqualBool(true) {
-		got = append(got, "UPnP")
-	}
-	if r.PMP.EqualBool(true) {
-		got = append(got, "NAT-PMP")
-	}
-	if r.PCP.EqualBool(true) {
-		got = append(got, "PCP")
-	}
-	return strings.Join(got, ", ")
-}

cmd/tailscale/cli/status.go

@@ -1,172 +0,0 @@
-// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package cli
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"flag"
-	"fmt"
-	"log"
-	"net"
-	"net/http"
-	"os"
-	"time"
-
-	"github.com/peterbourgon/ff/v2/ffcli"
-	"github.com/toqueteos/webbrowser"
-	"tailscale.com/ipn"
-	"tailscale.com/ipn/ipnstate"
-	"tailscale.com/net/interfaces"
-)
-
-var statusCmd = &ffcli.Command{
-	Name:       "status",
-	ShortUsage: "status [-active] [-web] [-json]",
-	ShortHelp:  "Show state of tailscaled and its connections",
-	Exec:       runStatus,
-	FlagSet: (func() *flag.FlagSet {
-		fs := flag.NewFlagSet("status", flag.ExitOnError)
-		fs.BoolVar(&statusArgs.json, "json", false, "output in JSON format (WARNING: format subject to change)")
-		fs.BoolVar(&statusArgs.web, "web", false, "run webserver with HTML showing status")
-		fs.BoolVar(&statusArgs.active, "active", false, "filter output to only peers with active sessions (not applicable to web mode)")
-		fs.StringVar(&statusArgs.listen, "listen", "127.0.0.1:8384", "listen address; use port 0 for automatic")
-		fs.BoolVar(&statusArgs.browser, "browser", true, "Open a browser in web mode")
-		return fs
-	})(),
-}
-
-var statusArgs struct {
-	json    bool   // JSON output mode
-	web     bool   // run webserver
-	listen  string // in web mode, webserver address to listen on, empty means auto
-	browser bool   // in web mode, whether to open browser
-	active  bool   // in CLI mode, filter output to only peers with active sessions
-}
-
-func runStatus(ctx context.Context, args []string) error {
-	c, bc, ctx, cancel := connect(ctx)
-	defer cancel()
-
-	bc.AllowVersionSkew = true
-
-	ch := make(chan *ipnstate.Status, 1)
-	bc.SetNotifyCallback(func(n ipn.Notify) {
-		if n.ErrMessage != nil {
-			log.Fatal(*n.ErrMessage)
-		}
-		if n.Status != nil {
-			ch <- n.Status
-		}
-	})
-	go pump(ctx, bc, c)
-
-	getStatus := func() (*ipnstate.Status, error) {
-		bc.RequestStatus()
-		select {
-		case st := <-ch:
-			return st, nil
-		case <-ctx.Done():
-			return nil, ctx.Err()
-		}
-	}
-	st, err := getStatus()
-	if err != nil {
-		return err
-	}
-	if statusArgs.json {
-		if statusArgs.active {
-			for peer, ps := range st.Peer {
-				if !peerActive(ps) {
-					delete(st.Peer, peer)
-				}
-			}
-		}
-		j, err := json.MarshalIndent(st, "", "  ")
-		if err != nil {
-			return err
-		}
-		fmt.Printf("%s", j)
-		return nil
-	}
-	if statusArgs.web {
-		ln, err := net.Listen("tcp", statusArgs.listen)
-		if err != nil {
-			return err
-		}
-		statusURL := interfaces.HTTPOfListener(ln)
-		fmt.Printf("Serving Tailscale status at %v ...\n", statusURL)
-		go func() {
-			<-ctx.Done()
-			ln.Close()
-		}()
-		if statusArgs.browser {
-			go webbrowser.Open(statusURL)
-		}
-		err = http.Serve(ln, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			if r.RequestURI != "/" {
-				http.NotFound(w, r)
-				return
-			}
-			st, err := getStatus()
-			if err != nil {
-				http.Error(w, err.Error(), 500)
-				return
-			}
-			w.Header().Set("Content-Type", "text/html; charset=utf-8")
-			st.WriteHTML(w)
-		}))
-		if ctx.Err() != nil {
-			return ctx.Err()
-		}
-		return err
-	}
-
-	var buf bytes.Buffer
-	f := func(format string, a ...interface{}) { fmt.Fprintf(&buf, format, a...) }
-	for _, peer := range st.Peers() {
-		ps := st.Peer[peer]
-		active := peerActive(ps)
-		if statusArgs.active && !active {
-			continue
-		}
-		f("%s %-7s %-15s %-18s tx=%8d rx=%8d ",
-			peer.ShortString(),
-			ps.OS,
-			ps.TailAddr,
-			ps.SimpleHostName(),
-			ps.TxBytes,
-			ps.RxBytes,
-		)
-		relay := ps.Relay
-		if active && relay != "" && ps.CurAddr == "" {
-			relay = "*" + relay + "*"
-		} else {
-			relay = " " + relay
-		}
-		f("%-6s", relay)
-		for i, addr := range ps.Addrs {
-			if i != 0 {
-				f(", ")
-			}
-			if addr == ps.CurAddr {
-				f("*%s*", addr)
-			} else {
-				f("%s", addr)
-			}
-		}
-		f("\n")
-	}
-	os.Stdout.Write(buf.Bytes())
-	return nil
-}
-
-// peerActive reports whether ps has recent activity.
-//
-// TODO: have the server report this bool instead.
-func peerActive(ps *ipnstate.PeerStatus) bool {
-	return !ps.LastWrite.IsZero() && time.Since(ps.LastWrite) < 2*time.Minute
-}

cmd/tailscale/cli/up.go

@@ -1,252 +0,0 @@
-// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package cli
-
-import (
-	"bytes"
-	"context"
-	"flag"
-	"fmt"
-	"log"
-	"os"
-	"os/exec"
-	"runtime"
-	"strconv"
-	"strings"
-
-	"github.com/peterbourgon/ff/v2/ffcli"
-	"github.com/tailscale/wireguard-go/wgcfg"
-	"tailscale.com/ipn"
-	"tailscale.com/tailcfg"
-	"tailscale.com/wgengine/router"
-)
-
-// globalStateKey is the ipn.StateKey that tailscaled loads on
-// startup.
-//
-// We have to support multiple state keys for other OSes (Windows in
-// particular), but right now Unix daemons run with a single
-// node-global state. To keep open the option of having per-user state
-// later, the global state key doesn't look like a username.
-const globalStateKey = "_daemon"
-
-var upCmd = &ffcli.Command{
-	Name:       "up",
-	ShortUsage: "up [flags]",
-	ShortHelp:  "Connect to your Tailscale network",
-
-	LongHelp: strings.TrimSpace(`
-"tailscale up" connects this machine to your Tailscale network,
-triggering authentication if necessary.
-
-The flags passed to this command are specific to this machine. If you don't
-specify any flags, options are reset to their default.
-`),
-	FlagSet: (func() *flag.FlagSet {
-		upf := flag.NewFlagSet("up", flag.ExitOnError)
-		upf.StringVar(&upArgs.server, "login-server", "https://login.tailscale.com", "base URL of control server")
-		upf.BoolVar(&upArgs.acceptRoutes, "accept-routes", false, "accept routes advertised by other Tailscale nodes")
-		upf.BoolVar(&upArgs.acceptDNS, "accept-dns", true, "accept DNS configuration from the admin panel")
-		upf.BoolVar(&upArgs.singleRoutes, "host-routes", true, "install host routes to other Tailscale nodes")
-		upf.BoolVar(&upArgs.shieldsUp, "shields-up", false, "don't allow incoming connections")
-		upf.StringVar(&upArgs.advertiseTags, "advertise-tags", "", "ACL tags to request (comma-separated, e.g. eng,montreal,ssh)")
-		upf.StringVar(&upArgs.authKey, "authkey", "", "node authorization key")
-		upf.StringVar(&upArgs.hostname, "hostname", "", "hostname to use instead of the one provided by the OS")
-		upf.BoolVar(&upArgs.enableDERP, "enable-derp", true, "enable the use of DERP servers")
-		if runtime.GOOS == "linux" || isBSD(runtime.GOOS) {
-			upf.StringVar(&upArgs.advertiseRoutes, "advertise-routes", "", "routes to advertise to other nodes (comma-separated, e.g. 10.0.0.0/8,192.168.0.0/24)")
-		}
-		if runtime.GOOS == "linux" {
-			upf.BoolVar(&upArgs.snat, "snat-subnet-routes", true, "source NAT traffic to local routes advertised with -advertise-routes")
-			upf.StringVar(&upArgs.netfilterMode, "netfilter-mode", "on", "netfilter mode (one of on, nodivert, off)")
-		}
-		return upf
-	})(),
-	Exec: runUp,
-}
-
-var upArgs struct {
-	server          string
-	acceptRoutes    bool
-	acceptDNS       bool
-	singleRoutes    bool
-	shieldsUp       bool
-	advertiseRoutes string
-	advertiseTags   string
-	enableDERP      bool
-	snat            bool
-	netfilterMode   string
-	authKey         string
-	hostname        string
-}
-
-// parseIPOrCIDR parses an IP address or a CIDR prefix. If the input
-// is an IP address, it is returned in CIDR form with a /32 mask for
-// IPv4 or a /128 mask for IPv6.
-func parseIPOrCIDR(s string) (wgcfg.CIDR, bool) {
-	if strings.Contains(s, "/") {
-		ret, err := wgcfg.ParseCIDR(s)
-		if err != nil {
-			return wgcfg.CIDR{}, false
-		}
-		return ret, true
-	}
-
-	ip, ok := wgcfg.ParseIP(s)
-	if !ok {
-		return wgcfg.CIDR{}, false
-	}
-	if ip.Is4() {
-		return wgcfg.CIDR{IP: ip, Mask: 32}, true
-	} else {
-		return wgcfg.CIDR{IP: ip, Mask: 128}, true
-	}
-}
-
-func isBSD(s string) bool {
-	return s == "dragonfly" || s == "freebsd" || s == "netbsd" || s == "openbsd"
-}
-
-func warning(format string, args ...interface{}) {
-	fmt.Printf("Warning: "+format+"\n", args...)
-}
-
-// checkIPForwarding prints warnings on linux if IP forwarding is not
-// enabled, or if we were unable to verify the state of IP forwarding.
-func checkIPForwarding() {
-	var key string
-
-	if runtime.GOOS == "linux" {
-		key = "net.ipv4.ip_forward"
-	} else if isBSD(runtime.GOOS) {
-		key = "net.inet.ip.forwarding"
-	} else {
-		return
-	}
-
-	bs, err := exec.Command("sysctl", "-n", key).Output()
-	if err != nil {
-		warning("couldn't check %s (%v).\nSubnet routes won't work without IP forwarding.", key, err)
-		return
-	}
-	on, err := strconv.ParseBool(string(bytes.TrimSpace(bs)))
-	if err != nil {
-		warning("couldn't parse %s (%v).\nSubnet routes won't work without IP forwarding.", key, err)
-		return
-	}
-	if !on {
-		warning("%s is disabled. Subnet routes won't work.", key)
-	}
-}
-
-func runUp(ctx context.Context, args []string) error {
-	if len(args) > 0 {
-		log.Fatalf("too many non-flag arguments: %q", args)
-	}
-
-	var routes []wgcfg.CIDR
-	if upArgs.advertiseRoutes != "" {
-		checkIPForwarding()
-		advroutes := strings.Split(upArgs.advertiseRoutes, ",")
-		for _, s := range advroutes {
-			cidr, ok := parseIPOrCIDR(s)
-			if !ok {
-				log.Fatalf("%q is not a valid IP address or CIDR prefix", s)
-			}
-			routes = append(routes, cidr)
-		}
-	}
-
-	var tags []string
-	if upArgs.advertiseTags != "" {
-		tags = strings.Split(upArgs.advertiseTags, ",")
-		for _, tag := range tags {
-			err := tailcfg.CheckTag(tag)
-			if err != nil {
-				log.Fatalf("tag: %q: %s", tag, err)
-			}
-		}
-	}
-
-	if len(upArgs.hostname) > 256 {
-		log.Fatalf("hostname too long: %d bytes (max 256)", len(upArgs.hostname))
-	}
-
-	// TODO(apenwarr): fix different semantics between prefs and uflags
-	// TODO(apenwarr): allow setting/using CorpDNS
-	prefs := ipn.NewPrefs()
-	prefs.ControlURL = upArgs.server
-	prefs.WantRunning = true
-	prefs.RouteAll = upArgs.acceptRoutes
-	prefs.CorpDNS = upArgs.acceptDNS
-	prefs.AllowSingleHosts = upArgs.singleRoutes
-	prefs.ShieldsUp = upArgs.shieldsUp
-	prefs.AdvertiseRoutes = routes
-	prefs.AdvertiseTags = tags
-	prefs.NoSNAT = !upArgs.snat
-	prefs.DisableDERP = !upArgs.enableDERP
-	prefs.Hostname = upArgs.hostname
-	if runtime.GOOS == "linux" {
-		switch upArgs.netfilterMode {
-		case "on":
-			prefs.NetfilterMode = router.NetfilterOn
-		case "nodivert":
-			prefs.NetfilterMode = router.NetfilterNoDivert
-			warning("netfilter=nodivert; add iptables calls to ts-* chains manually.")
-		case "off":
-			prefs.NetfilterMode = router.NetfilterOff
-			warning("netfilter=off; configure iptables yourself.")
-		default:
-			log.Fatalf("invalid value --netfilter-mode: %q", upArgs.netfilterMode)
-		}
-	}
-
-	c, bc, ctx, cancel := connect(ctx)
-	defer cancel()
-
-	var printed bool
-
-	bc.SetPrefs(prefs)
-	opts := ipn.Options{
-		StateKey: globalStateKey,
-		AuthKey:  upArgs.authKey,
-		Notify: func(n ipn.Notify) {
-			if n.ErrMessage != nil {
-				log.Fatalf("backend error: %v\n", *n.ErrMessage)
-			}
-			if s := n.State; s != nil {
-				switch *s {
-				case ipn.NeedsLogin:
-					printed = true
-					bc.StartLoginInteractive()
-				case ipn.NeedsMachineAuth:
-					printed = true
-					fmt.Fprintf(os.Stderr, "\nTo authorize your machine, visit (as admin):\n\n\t%s/admin/machines\n\n", upArgs.server)
-				case ipn.Starting, ipn.Running:
-					// Done full authentication process
-					if printed {
-						// Only need to print an update if we printed the "please click" message earlier.
-						fmt.Fprintf(os.Stderr, "Success.\n")
-					}
-					cancel()
-				}
-			}
-			if url := n.BrowseToURL; url != nil {
-				fmt.Fprintf(os.Stderr, "\nTo authenticate, visit:\n\n\t%s\n\n", *url)
-			}
-		},
-	}
-	// We still have to Start right now because it's the only way to
-	// set up notifications and whatnot. This causes a bunch of churn
-	// every time the CLI touches anything.
-	//
-	// TODO(danderson): redo the frontend/backend API to assume
-	// ephemeral frontends that read/modify/write state, once
-	// Windows/Mac state is moved into backend.
-	bc.Start(opts)
-	pump(ctx, bc, c)
-
-	return nil
-}

cmd/tailscale/cli/version.go

@@ -1,69 +0,0 @@
-// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package cli
-
-import (
-	"context"
-	"flag"
-	"fmt"
-	"log"
-
-	"github.com/peterbourgon/ff/v2/ffcli"
-	"tailscale.com/ipn"
-	"tailscale.com/version"
-)
-
-var versionCmd = &ffcli.Command{
-	Name:       "version",
-	ShortUsage: "version [flags]",
-	ShortHelp:  "Print Tailscale version",
-	FlagSet: (func() *flag.FlagSet {
-		fs := flag.NewFlagSet("version", flag.ExitOnError)
-		fs.BoolVar(&versionArgs.daemon, "daemon", false, "also print local node's daemon version")
-		return fs
-	})(),
-	Exec: runVersion,
-}
-
-var versionArgs struct {
-	daemon bool // also check local node's daemon version
-}
-
-func runVersion(ctx context.Context, args []string) error {
-	if len(args) > 0 {
-		log.Fatalf("too many non-flag arguments: %q", args)
-	}
-	if !versionArgs.daemon {
-		fmt.Println(version.LONG)
-		return nil
-	}
-	fmt.Printf("Client: %s\n", version.LONG)
-
-	c, bc, ctx, cancel := connect(ctx)
-	defer cancel()
-
-	bc.AllowVersionSkew = true
-
-	done := make(chan struct{})
-
-	bc.SetNotifyCallback(func(n ipn.Notify) {
-		if n.ErrMessage != nil {
-			log.Fatal(*n.ErrMessage)
-		}
-		if n.Status != nil {
-			fmt.Printf("Daemon: %s\n", n.Version)
-			close(done)
-		}
-	})
-	go pump(ctx, bc, c)
-
-	bc.RequestStatus()
-	select {
-	case <-done:
-		return nil
-	case <-ctx.Done():
-		return ctx.Err()
-	}
-}

cmd/tailscale/netcheck.go

@@ -0,0 +1,40 @@
+// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package main // import "tailscale.com/cmd/tailscale"
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"sort"
+	"time"
+
+	"tailscale.com/netcheck"
+)
+
+func runNetcheck(ctx context.Context, args []string) error {
+	ctx, cancel := context.WithTimeout(ctx, 5*time.Second)
+	defer cancel()
+	report, err := netcheck.GetReport(ctx, log.Printf)
+	if err != nil {
+		log.Fatalf("netcheck: %v", err)
+	}
+	fmt.Printf("\nReport:\n")
+	fmt.Printf("\t* UDP: %v\n", report.UDP)
+	fmt.Printf("\t* IPv6: %v\n", report.IPv6)
+	fmt.Printf("\t* MappingVariesByDestIP: %v\n", report.MappingVariesByDestIP)
+	fmt.Printf("\t* HairPinning: %v\n", report.HairPinning)
+	fmt.Printf("\t* Nearest DERP: %v (%v)\n", report.PreferredDERP, netcheck.DERPNodeLocation(report.PreferredDERP))
+	fmt.Printf("\t* DERP latency:\n")
+	var ss []string
+	for s := range report.DERPLatency {
+		ss = append(ss, s)
+	}
+	sort.Strings(ss)
+	for _, s := range ss {
+		fmt.Printf("\t\t- %s = %v\n", s, report.DERPLatency[s])
+	}
+	return nil
+}

cmd/tailscale/tailscale.go

@@ -7,22 +7,198 @@
 package main // import "tailscale.com/cmd/tailscale"
 
 import (
+	"context"
+	"flag"
 	"fmt"
 	"log"
+	"net"
 	"os"
+	"os/signal"
+	"strings"
+	"syscall"
 
 	"github.com/apenwarr/fixconsole"
-	"tailscale.com/cmd/tailscale/cli"
+	"github.com/pborman/getopt/v2"
+	"github.com/peterbourgon/ff/v2/ffcli"
+	"github.com/tailscale/wireguard-go/wgcfg"
+	"tailscale.com/ipn"
+	"tailscale.com/logpolicy"
+	"tailscale.com/paths"
+	"tailscale.com/safesocket"
 )
 
+// globalStateKey is the ipn.StateKey that tailscaled loads on
+// startup.
+//
+// We have to support multiple state keys for other OSes (Windows in
+// particular), but right now Unix daemons run with a single
+// node-global state. To keep open the option of having per-user state
+// later, the global state key doesn't look like a username.
+const globalStateKey = "_daemon"
+
+// pump receives backend messages on conn and pushes them into bc.
+func pump(ctx context.Context, bc *ipn.BackendClient, conn net.Conn) {
+	defer log.Printf("Control connection done.\n")
+	defer conn.Close()
+	for ctx.Err() == nil {
+		msg, err := ipn.ReadMsg(conn)
+		if err != nil {
+			log.Printf("ReadMsg: %v\n", err)
+			break
+		}
+		bc.GotNotifyMsg(msg)
+	}
+}
+
 func main() {
 	err := fixconsole.FixConsoleIfNeeded()
 	if err != nil {
 		log.Printf("fixConsoleOutput: %v\n", err)
 	}
 
-	if err := cli.Run(os.Args[1:]); err != nil {
-		fmt.Fprintln(os.Stderr, err)
-		os.Exit(1)
+	upf := flag.NewFlagSet("up", flag.ExitOnError)
+	upf.StringVar(&upArgs.socket, "socket", paths.DefaultTailscaledSocket(), "path to tailscaled's unix socket")
+	upf.StringVar(&upArgs.server, "login-server", "https://login.tailscale.com", "base URL of control server")
+	upf.BoolVar(&upArgs.acceptRoutes, "accept-routes", false, "accept routes advertised by other Tailscale nodes")
+	upf.BoolVar(&upArgs.noSingleRoutes, "no-single-routes", false, "don't install routes to single nodes")
+	upf.BoolVar(&upArgs.noPacketFilter, "no-packet-filter", false, "disable packet filter")
+	upf.StringVar(&upArgs.advertiseRoutes, "advertise-routes", "", "routes to advertise to other nodes (comma-separated, e.g. 10.0.0.0/8,192.168.0.0/24)")
+	upCmd := &ffcli.Command{
+		Name:       "up",
+		ShortUsage: "up [flags]",
+		ShortHelp:  "Connect to your Tailscale network",
+
+		LongHelp: strings.TrimSpace(`
+"tailscale up" connects this machine to your Tailscale network,
+triggering authentication if necessary.
+
+The flags passed to this command set tailscaled options that are
+specific to this machine, such as whether to advertise some routes to
+other nodes in the Tailscale network. If you don't specify any flags,
+options are reset to their default.
+`),
+		FlagSet: upf,
+		Exec:    runUp,
+	}
+
+	netcheckCmd := &ffcli.Command{
+		Name:       "netcheck",
+		ShortUsage: "netcheck",
+		ShortHelp:  "Print an analysis of local network conditions",
+		Exec:       runNetcheck,
+	}
+
+	rootCmd := &ffcli.Command{
+		Name:       "tailscale",
+		ShortUsage: "tailscale subcommand [flags]",
+		ShortHelp:  "The easiest, most secure way to use WireGuard.",
+		LongHelp: strings.TrimSpace(`
+This CLI is still under active development. Commands and flags will
+change in the future.
+`),
+		Subcommands: []*ffcli.Command{
+			upCmd,
+			netcheckCmd,
+		},
+		Exec: func(context.Context, []string) error { return flag.ErrHelp },
+	}
+
+	if err := rootCmd.ParseAndRun(context.Background(), os.Args[1:]); err != nil && err != flag.ErrHelp {
+		log.Fatal(err)
 	}
 }
+
+var upArgs = struct {
+	socket          string
+	server          string
+	acceptRoutes    bool
+	noSingleRoutes  bool
+	noPacketFilter  bool
+	advertiseRoutes string
+}{}
+
+func runUp(ctx context.Context, args []string) error {
+	pol := logpolicy.New("tailnode.log.tailscale.io")
+	if len(args) > 0 {
+		log.Fatalf("too many non-flag arguments: %#v", getopt.Args()[0])
+	}
+
+	defer pol.Close()
+
+	var adv []wgcfg.CIDR
+	if upArgs.advertiseRoutes != "" {
+		advroutes := strings.Split(upArgs.advertiseRoutes, ",")
+		for _, s := range advroutes {
+			cidr, err := wgcfg.ParseCIDR(s)
+			if err != nil {
+				log.Fatalf("%q is not a valid CIDR prefix: %v", s, err)
+			}
+			adv = append(adv, *cidr)
+		}
+	}
+
+	// TODO(apenwarr): fix different semantics between prefs and uflags
+	// TODO(apenwarr): allow setting/using CorpDNS
+	prefs := ipn.NewPrefs()
+	prefs.ControlURL = upArgs.server
+	prefs.WantRunning = true
+	prefs.RouteAll = upArgs.acceptRoutes
+	prefs.AllowSingleHosts = !upArgs.noSingleRoutes
+	prefs.UsePacketFilter = !upArgs.noPacketFilter
+	prefs.AdvertiseRoutes = adv
+
+	c, err := safesocket.Connect(upArgs.socket, 0)
+	if err != nil {
+		log.Fatalf("safesocket.Connect: %v\n", err)
+	}
+	clientToServer := func(b []byte) {
+		ipn.WriteMsg(c, b)
+	}
+
+	ctx, cancel := context.WithCancel(ctx)
+	defer cancel()
+
+	go func() {
+		interrupt := make(chan os.Signal, 1)
+		signal.Notify(interrupt, syscall.SIGINT, syscall.SIGTERM)
+		<-interrupt
+		c.Close()
+	}()
+
+	bc := ipn.NewBackendClient(log.Printf, clientToServer)
+	bc.SetPrefs(prefs)
+	opts := ipn.Options{
+		StateKey: globalStateKey,
+		Notify: func(n ipn.Notify) {
+			if n.ErrMessage != nil {
+				log.Fatalf("backend error: %v\n", *n.ErrMessage)
+			}
+			if s := n.State; s != nil {
+				switch *s {
+				case ipn.NeedsLogin:
+					bc.StartLoginInteractive()
+				case ipn.NeedsMachineAuth:
+					fmt.Fprintf(os.Stderr, "\nTo authorize your machine, visit (as admin):\n\n\t%s/admin/machines\n\n", upArgs.server)
+				case ipn.Starting, ipn.Running:
+					// Done full authentication process
+					fmt.Fprintf(os.Stderr, "\ntailscaled is authenticated, nothing more to do.\n\n")
+					cancel()
+				}
+			}
+			if url := n.BrowseToURL; url != nil {
+				fmt.Fprintf(os.Stderr, "\nTo authenticate, visit:\n\n\t%s\n\n", *url)
+			}
+		},
+	}
+	// We still have to Start right now because it's the only way to
+	// set up notifications and whatnot. This causes a bunch of churn
+	// every time the CLI touches anything.
+	//
+	// TODO(danderson): redo the frontend/backend API to assume
+	// ephemeral frontends that read/modify/write state, once
+	// Windows/Mac state is moved into backend.
+	bc.Start(opts)
+	pump(ctx, bc, c)
+
+	return nil
+}

cmd/tailscaled/tailscaled.defaults

@@ -4,5 +4,5 @@
 # settings.
 PORT="41641"
 
-# Extra flags you might want to pass to tailscaled.
+# Extra flags you might want to pass to relaynode.
 FLAGS=""

cmd/tailscaled/tailscaled.go

@@ -14,22 +14,14 @@ import (
 	"log"
 	"net/http"
 	"net/http/pprof"
-	"os"
-	"os/signal"
-	"runtime"
-	"runtime/debug"
-	"syscall"
-	"time"
 
 	"github.com/apenwarr/fixconsole"
 	"github.com/pborman/getopt/v2"
 	"tailscale.com/ipn/ipnserver"
 	"tailscale.com/logpolicy"
 	"tailscale.com/paths"
-	"tailscale.com/types/logger"
 	"tailscale.com/wgengine"
 	"tailscale.com/wgengine/magicsock"
-	"tailscale.com/wgengine/router"
 )
 
 // globalStateKey is the ipn.StateKey that tailscaled loads on
@@ -41,156 +33,78 @@ import (
 // later, the global state key doesn't look like a username.
 const globalStateKey = "_daemon"
 
-// defaultTunName returns the default tun device name for the platform.
-func defaultTunName() string {
-	switch runtime.GOOS {
-	case "openbsd":
-		return "tun"
-	case "windows":
-		return "Tailscale"
-	}
-	return "tailscale0"
-}
-
-var args struct {
-	cleanup    bool
-	fake       bool
-	debug      string
-	tunname    string
-	port       uint16
-	statepath  string
-	socketpath string
-}
-
 func main() {
-	// We aren't very performance sensitive, and the parts that are
-	// performance sensitive (wireguard) try hard not to do any memory
-	// allocations. So let's be aggressive about garbage collection,
-	// unless the user specifically overrides it in the usual way.
-	if _, ok := os.LookupEnv("GOGC"); !ok {
-		debug.SetGCPercent(10)
-	}
+	fake := getopt.BoolLong("fake", 0, "fake tunnel+routing instead of tuntap")
+	debug := getopt.StringLong("debug", 0, "", "Address of debug server")
+	tunname := getopt.StringLong("tun", 0, wgengine.DefaultTunName, "tunnel interface name")
+	listenport := getopt.Uint16Long("port", 'p', magicsock.DefaultPort, "WireGuard port (0=autoselect)")
+	statepath := getopt.StringLong("state", 0, paths.DefaultTailscaledStateFile(), "Path of state file")
+	socketpath := getopt.StringLong("socket", 's', paths.DefaultTailscaledSocket(), "Path of the service unix socket")
 
-	// Set default values for getopt.
-	args.tunname = defaultTunName()
-	args.port = magicsock.DefaultPort
-	args.statepath = paths.DefaultTailscaledStateFile()
-	args.socketpath = paths.DefaultTailscaledSocket()
-
-	getopt.FlagLong(&args.cleanup, "cleanup", 0, "clean up system state and exit")
-	getopt.FlagLong(&args.fake, "fake", 0, "fake tunnel+routing instead of tuntap")
-	getopt.FlagLong(&args.debug, "debug", 0, "address of debug server")
-	getopt.FlagLong(&args.tunname, "tun", 0, "tunnel interface name")
-	getopt.FlagLong(&args.port, "port", 'p', "WireGuard port (0=autoselect)")
-	getopt.FlagLong(&args.statepath, "state", 0, "path of state file")
-	getopt.FlagLong(&args.socketpath, "socket", 's', "path of the service unix socket")
+	logf := wgengine.RusagePrefixLog(log.Printf)
 
 	err := fixconsole.FixConsoleIfNeeded()
 	if err != nil {
-		log.Fatalf("fixConsoleOutput: %v", err)
+		logf("fixConsoleOutput: %v\n", err)
 	}
+	pol := logpolicy.New("tailnode.log.tailscale.io")
 
 	getopt.Parse()
 	if len(getopt.Args()) > 0 {
 		log.Fatalf("too many non-flag arguments: %#v", getopt.Args()[0])
 	}
 
-	if args.statepath == "" {
+	if *statepath == "" {
 		log.Fatalf("--state is required")
 	}
 
-	if args.socketpath == "" && runtime.GOOS != "windows" {
+	if *socketpath == "" {
 		log.Fatalf("--socket is required")
 	}
 
-	if err := run(); err != nil {
-		// No need to log; the func already did
-		os.Exit(1)
-	}
-}
-
-func run() error {
-	var err error
-
-	pol := logpolicy.New("tailnode.log.tailscale.io")
-	defer func() {
-		// Finish uploading logs after closing everything else.
-		ctx, cancel := context.WithTimeout(context.Background(), time.Second)
-		defer cancel()
-		pol.Shutdown(ctx)
-	}()
-
-	logf := wgengine.RusagePrefixLog(log.Printf)
-	logf = logger.RateLimitedFn(logf, 5*time.Second, 5, 100)
-
-	if args.cleanup {
-		router.Cleanup(logf, args.tunname)
-		return nil
-	}
-
-	var debugMux *http.ServeMux
-	if args.debug != "" {
-		debugMux = newDebugMux()
-		go runDebugServer(debugMux, args.debug)
+	if *debug != "" {
+		go runDebugServer(*debug)
 	}
 
 	var e wgengine.Engine
-	if args.fake {
+	if *fake {
 		e, err = wgengine.NewFakeUserspaceEngine(logf, 0)
 	} else {
-		e, err = wgengine.NewUserspaceEngine(logf, args.tunname, args.port)
+		e, err = wgengine.NewUserspaceEngine(logf, *tunname, *listenport)
 	}
 	if err != nil {
-		logf("wgengine.New: %v", err)
-		return err
+		log.Fatalf("wgengine.New: %v\n", err)
 	}
 	e = wgengine.NewWatchdog(e)
 
-	ctx, cancel := context.WithCancel(context.Background())
-	// Exit gracefully by cancelling the ipnserver context in most common cases:
-	// interrupted from the TTY or killed by a service manager.
-	go func() {
-		interrupt := make(chan os.Signal, 1)
-		signal.Notify(interrupt, syscall.SIGINT, syscall.SIGTERM)
-		select {
-		case <-interrupt:
-			cancel()
-		case <-ctx.Done():
-			// continue
-		}
-	}()
-
 	opts := ipnserver.Options{
-		SocketPath:         args.socketpath,
-		Port:               41112,
-		StatePath:          args.statepath,
+		SocketPath:         *socketpath,
+		StatePath:          *statepath,
 		AutostartStateKey:  globalStateKey,
-		LegacyConfigPath:   paths.LegacyConfigPath(),
+		LegacyConfigPath:   paths.LegacyConfigPath,
 		SurviveDisconnects: true,
-		DebugMux:           debugMux,
 	}
-	err = ipnserver.Run(ctx, logf, pol.PublicID.String(), opts, e)
-	// Cancelation is not an error: it is the only way to stop ipnserver.
-	if err != nil && err != context.Canceled {
-		logf("ipnserver.Run: %v", err)
-		return err
+	err = ipnserver.Run(context.Background(), logf, pol.PublicID.String(), opts, e)
+	if err != nil {
+		log.Fatalf("tailscaled: %v\n", err)
 	}
 
-	return nil
+	// TODO(crawshaw): It would be nice to start a timeout context the moment a signal
+	// is received and use that timeout to give us a moment to finish uploading logs
+	// here. But the signal is handled inside ipnserver.Run, so some plumbing is needed.
+	ctx, cancel := context.WithCancel(context.Background())
+	cancel()
+	pol.Shutdown(ctx)
 }
 
-func newDebugMux() *http.ServeMux {
+func runDebugServer(addr string) {
 	mux := http.NewServeMux()
 	mux.HandleFunc("/debug/pprof/", pprof.Index)
 	mux.HandleFunc("/debug/pprof/cmdline", pprof.Cmdline)
 	mux.HandleFunc("/debug/pprof/profile", pprof.Profile)
 	mux.HandleFunc("/debug/pprof/symbol", pprof.Symbol)
 	mux.HandleFunc("/debug/pprof/trace", pprof.Trace)
-	return mux
-}
-
-func runDebugServer(mux *http.ServeMux, addr string) {
-	srv := &http.Server{
+	srv := http.Server{
 		Addr:    addr,
 		Handler: mux,
 	}

cmd/tailscaled/tailscaled.service

@@ -9,7 +9,6 @@ StartLimitBurst=0
 [Service]
 EnvironmentFile=/etc/default/tailscaled
 ExecStart=/usr/sbin/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/run/tailscale/tailscaled.sock --port $PORT $FLAGS
-ExecStopPost=/usr/sbin/tailscaled --cleanup
 
 Restart=on-failure
 
@@ -17,8 +16,8 @@ RuntimeDirectory=tailscale
 RuntimeDirectoryMode=0755
 StateDirectory=tailscale
 StateDirectoryMode=0750
-CacheDirectory=tailscale
-CacheDirectoryMode=0750
+User=root
+Group=root
 
 [Install]
 WantedBy=multi-user.target

cmd/tsshd/tsshd.go

@@ -32,7 +32,7 @@ import (
 	"github.com/gliderlabs/ssh"
 	"github.com/kr/pty"
 	gossh "golang.org/x/crypto/ssh"
-	"tailscale.com/net/interfaces"
+	"tailscale.com/interfaces"
 )
 
 var (

control/controlclient/auto.go

@@ -17,46 +17,43 @@ import (
 	"sync"
 	"time"
 
-	"github.com/tailscale/wireguard-go/wgcfg"
 	"golang.org/x/oauth2"
 	"tailscale.com/logtail/backoff"
 	"tailscale.com/tailcfg"
 	"tailscale.com/types/empty"
 	"tailscale.com/types/logger"
-	"tailscale.com/types/structs"
 )
 
-// State is the high-level state of the client. It is used only in
-// unit tests for proper sequencing, don't depend on it anywhere else.
-// TODO(apenwarr): eliminate 'state', as it's now obsolete.
-type State int
+// TODO(apenwarr): eliminate the 'state' variable, as it's now obsolete.
+//  It's used only by the unit tests.
+type state int
 
 const (
-	StateNew = State(iota)
-	StateNotAuthenticated
-	StateAuthenticating
-	StateURLVisitRequired
-	StateAuthenticated
-	StateSynchronized // connected and received map update
+	stateNew = state(iota)
+	stateNotAuthenticated
+	stateAuthenticating
+	stateURLVisitRequired
+	stateAuthenticated
+	stateSynchronized // connected and received map update
 )
 
-func (s State) MarshalText() ([]byte, error) {
+func (s state) MarshalText() ([]byte, error) {
 	return []byte(s.String()), nil
 }
 
-func (s State) String() string {
+func (s state) String() string {
 	switch s {
-	case StateNew:
+	case stateNew:
 		return "state:new"
-	case StateNotAuthenticated:
+	case stateNotAuthenticated:
 		return "state:not-authenticated"
-	case StateAuthenticating:
+	case stateAuthenticating:
 		return "state:authenticating"
-	case StateURLVisitRequired:
+	case stateURLVisitRequired:
 		return "state:url-visit-required"
-	case StateAuthenticated:
+	case stateAuthenticated:
 		return "state:authenticated"
-	case StateSynchronized:
+	case stateSynchronized:
 		return "state:synchronized"
 	default:
 		return fmt.Sprintf("state:unknown:%d", int(s))
@@ -64,14 +61,13 @@ func (s State) String() string {
 }
 
 type Status struct {
-	_             structs.Incomparable
 	LoginFinished *empty.Message
 	Err           string
 	URL           string
 	Persist       *Persist          // locally persisted configuration
 	NetMap        *NetworkMap       // server-pushed configuration
 	Hostinfo      *tailcfg.Hostinfo // current Hostinfo data
-	State         State
+	state         state
 }
 
 // Equal reports whether s and s2 are equal.
@@ -86,7 +82,7 @@ func (s *Status) Equal(s2 *Status) bool {
 		reflect.DeepEqual(s.Persist, s2.Persist) &&
 		reflect.DeepEqual(s.NetMap, s2.NetMap) &&
 		reflect.DeepEqual(s.Hostinfo, s2.Hostinfo) &&
-		s.State == s2.State
+		s.state == s2.state
 }
 
 func (s Status) String() string {
@@ -94,11 +90,10 @@ func (s Status) String() string {
 	if err != nil {
 		panic(err)
 	}
-	return s.State.String() + " " + string(b)
+	return s.state.String() + " " + string(b)
 }
 
 type LoginGoal struct {
-	_            structs.Incomparable
 	wantLoggedIn bool          // true if we *want* to be logged in
 	token        *oauth2.Token // oauth token to use when logging in
 	flags        LoginFlags    // flags to use when logging in
@@ -123,7 +118,7 @@ type Client struct {
 	hostinfo     *tailcfg.Hostinfo
 	inPollNetMap bool // true if currently running a PollNetMap
 	inSendStatus int  // number of sendStatus calls currently in progress
-	state        State
+	state        state
 
 	authCtx    context.Context // context used for auth requests
 	mapCtx     context.Context // context used for netmap requests
@@ -207,7 +202,7 @@ func (c *Client) cancelMapSafely() {
 	c.mu.Lock()
 	defer c.mu.Unlock()
 
-	c.logf("cancelMapSafely: synced=%v", c.synced)
+	c.logf("cancelMapSafely: synced=%v\n", c.synced)
 
 	if c.inPollNetMap {
 		// received at least one netmap since the last
@@ -229,23 +224,23 @@ func (c *Client) cancelMapSafely() {
 		// request.
 		select {
 		case c.newMapCh <- struct{}{}:
-			c.logf("cancelMapSafely: wrote to channel")
+			c.logf("cancelMapSafely: wrote to channel\n")
 		default:
 			// if channel write failed, then there was already
 			// an outstanding newMapCh request. One is enough,
 			// since it'll always use the latest endpoints.
-			c.logf("cancelMapSafely: channel was full")
+			c.logf("cancelMapSafely: channel was full\n")
 		}
 	}
 }
 
 func (c *Client) authRoutine() {
 	defer close(c.authDone)
-	bo := backoff.NewBackoff("authRoutine", c.logf)
+	bo := backoff.Backoff{Name: "authRoutine"}
 
 	for {
 		c.mu.Lock()
-		c.logf("authRoutine: %s", c.state)
+		c.logf("authRoutine: %s\n", c.state)
 		expiry := c.expiry
 		goal := c.loginGoal
 		ctx := c.authCtx
@@ -254,13 +249,13 @@ func (c *Client) authRoutine() {
 
 		select {
 		case <-c.quit:
-			c.logf("authRoutine: quit")
+			c.logf("authRoutine: quit\n")
 			return
 		default:
 		}
 
 		report := func(err error, msg string) {
-			c.logf("%s: %v", msg, err)
+			c.logf("%s: %v\n", msg, err)
 			err = fmt.Errorf("%s: %v", msg, err)
 			// don't send status updates for context errors,
 			// since context cancelation is always on purpose.
@@ -289,14 +284,14 @@ func (c *Client) authRoutine() {
 			}
 			select {
 			case <-ctx.Done():
-				c.logf("authRoutine: context done.")
+				c.logf("authRoutine: context done.\n")
 			case <-exp:
 				// Unfortunately the key expiry isn't provided
 				// by the control server until mapRequest.
 				// So we have to do some hackery with c.expiry
 				// in here.
 				// TODO(apenwarr): add a key expiry field in RegisterResponse.
-				c.logf("authRoutine: key expiration check.")
+				c.logf("authRoutine: key expiration check.\n")
 				if synced && expiry != nil && !expiry.IsZero() && expiry.Before(c.timeNow()) {
 					c.logf("Key expired; setting loggedIn=false.")
 
@@ -321,7 +316,7 @@ func (c *Client) authRoutine() {
 			c.mu.Lock()
 			c.loggedIn = false
 			c.loginGoal = nil
-			c.state = StateNotAuthenticated
+			c.state = stateNotAuthenticated
 			c.synced = false
 			c.mu.Unlock()
 
@@ -330,9 +325,9 @@ func (c *Client) authRoutine() {
 		} else { // ie. goal.wantLoggedIn
 			c.mu.Lock()
 			if goal.url != "" {
-				c.state = StateURLVisitRequired
+				c.state = stateURLVisitRequired
 			} else {
-				c.state = StateAuthenticating
+				c.state = stateAuthenticating
 			}
 			c.mu.Unlock()
 
@@ -355,14 +350,13 @@ func (c *Client) authRoutine() {
 					err = fmt.Errorf("weird: server required a new url?")
 					report(err, "WaitLoginURL")
 				}
+				goal.url = url
+				goal.token = nil
+				goal.flags = LoginDefault
 
 				c.mu.Lock()
-				c.loginGoal = &LoginGoal{
-					wantLoggedIn: true,
-					flags:        LoginDefault,
-					url:          url,
-				}
-				c.state = StateURLVisitRequired
+				c.loginGoal = goal
+				c.state = stateURLVisitRequired
 				c.synced = false
 				c.mu.Unlock()
 
@@ -375,7 +369,7 @@ func (c *Client) authRoutine() {
 			c.mu.Lock()
 			c.loggedIn = true
 			c.loginGoal = nil
-			c.state = StateAuthenticated
+			c.state = stateAuthenticated
 			c.mu.Unlock()
 
 			c.sendStatus("authRoutine4", nil, "", nil)
@@ -385,40 +379,26 @@ func (c *Client) authRoutine() {
 	}
 }
 
-// Expiry returns the credential expiration time, or the zero time if
-// the expiration time isn't known. Used in tests only.
-func (c *Client) Expiry() *time.Time {
-	c.mu.Lock()
-	defer c.mu.Unlock()
-	return c.expiry
-}
-
-// Direct returns the underlying direct client object. Used in tests
-// only.
-func (c *Client) Direct() *Direct {
-	return c.direct
-}
-
 func (c *Client) mapRoutine() {
 	defer close(c.mapDone)
-	bo := backoff.NewBackoff("mapRoutine", c.logf)
+	bo := backoff.Backoff{Name: "mapRoutine"}
 
 	for {
 		c.mu.Lock()
-		c.logf("mapRoutine: %s", c.state)
+		c.logf("mapRoutine: %s\n", c.state)
 		loggedIn := c.loggedIn
 		ctx := c.mapCtx
 		c.mu.Unlock()
 
 		select {
 		case <-c.quit:
-			c.logf("mapRoutine: quit")
+			c.logf("mapRoutine: quit\n")
 			return
 		default:
 		}
 
 		report := func(err error, msg string) {
-			c.logf("%s: %v", msg, err)
+			c.logf("%s: %v\n", msg, err)
 			err = fmt.Errorf("%s: %v", msg, err)
 			// don't send status updates for context errors,
 			// since context cancelation is always on purpose.
@@ -436,9 +416,9 @@ func (c *Client) mapRoutine() {
 
 			select {
 			case <-ctx.Done():
-				c.logf("mapRoutine: context done.")
+				c.logf("mapRoutine: context done.\n")
 			case <-c.newMapCh:
-				c.logf("mapRoutine: new map needed while idle.")
+				c.logf("mapRoutine: new map needed while idle.\n")
 			}
 		} else {
 			// Be sure this is false when we're not inside
@@ -453,7 +433,7 @@ func (c *Client) mapRoutine() {
 
 				select {
 				case <-c.newMapCh:
-					c.logf("mapRoutine: new map request during PollNetMap. canceling.")
+					c.logf("mapRoutine: new map request during PollNetMap. canceling.\n")
 					c.cancelMapLocked()
 
 					// Don't emit this netmap; we're
@@ -466,7 +446,7 @@ func (c *Client) mapRoutine() {
 				c.synced = true
 				c.inPollNetMap = true
 				if c.loggedIn {
-					c.state = StateSynchronized
+					c.state = stateSynchronized
 				}
 				exp := nm.Expiry
 				c.expiry = &exp
@@ -475,7 +455,7 @@ func (c *Client) mapRoutine() {
 
 				c.mu.Unlock()
 
-				c.logf("mapRoutine: netmap received: %s", state)
+				c.logf("mapRoutine: netmap received: %s\n", state)
 				if stillAuthed {
 					c.sendStatus("mapRoutine2", nil, "", nm)
 				}
@@ -484,8 +464,8 @@ func (c *Client) mapRoutine() {
 			c.mu.Lock()
 			c.synced = false
 			c.inPollNetMap = false
-			if c.state == StateSynchronized {
-				c.state = StateAuthenticated
+			if c.state == stateSynchronized {
+				c.state = stateAuthenticated
 			}
 			c.mu.Unlock()
 
@@ -516,12 +496,7 @@ func (c *Client) SetHostinfo(hi *tailcfg.Hostinfo) {
 	if hi == nil {
 		panic("nil Hostinfo")
 	}
-	if !c.direct.SetHostinfo(hi) {
-		c.logf("[unexpected] duplicate Hostinfo: %v", hi)
-		return
-	}
-	c.logf("Hostinfo: %v", hi)
-
+	c.direct.SetHostinfo(hi)
 	// Send new Hostinfo to server
 	c.cancelMapSafely()
 }
@@ -530,12 +505,7 @@ func (c *Client) SetNetInfo(ni *tailcfg.NetInfo) {
 	if ni == nil {
 		panic("nil NetInfo")
 	}
-	if !c.direct.SetNetInfo(ni) {
-		c.logf("[unexpected] duplicate NetInfo: %v", ni)
-		return
-	}
-	c.logf("NetInfo: %v", ni)
-
+	c.direct.SetNetInfo(ni)
 	// Send new Hostinfo (which includes NetInfo) to server
 	c.cancelMapSafely()
 }
@@ -550,11 +520,11 @@ func (c *Client) sendStatus(who string, err error, url string, nm *NetworkMap) {
 	c.inSendStatus++
 	c.mu.Unlock()
 
-	c.logf("sendStatus: %s: %v", who, state)
+	c.logf("sendStatus: %s: %v\n", who, state)
 
 	var p *Persist
 	var fin *empty.Message
-	if state == StateAuthenticated {
+	if state == stateAuthenticated {
 		fin = new(empty.Message)
 	}
 	if nm != nil && loggedIn && synced {
@@ -571,7 +541,7 @@ func (c *Client) sendStatus(who string, err error, url string, nm *NetworkMap) {
 		Persist:       p,
 		NetMap:        nm,
 		Hostinfo:      hi,
-		State:         state,
+		state:         state,
 	}
 	if err != nil {
 		new.Err = err.Error()
@@ -586,7 +556,7 @@ func (c *Client) sendStatus(who string, err error, url string, nm *NetworkMap) {
 }
 
 func (c *Client) Login(t *oauth2.Token, flags LoginFlags) {
-	c.logf("client.Login(%v, %v)", t != nil, flags)
+	c.logf("client.Login(%v, %v)\n", t != nil, flags)
 
 	c.mu.Lock()
 	c.loginGoal = &LoginGoal{
@@ -600,7 +570,7 @@ func (c *Client) Login(t *oauth2.Token, flags LoginFlags) {
 }
 
 func (c *Client) Logout() {
-	c.logf("client.Logout()")
+	c.logf("client.Logout()\n")
 
 	c.mu.Lock()
 	c.loginGoal = &LoginGoal{
@@ -619,7 +589,7 @@ func (c *Client) UpdateEndpoints(localPort uint16, endpoints []string) {
 }
 
 func (c *Client) Shutdown() {
-	c.logf("client.Shutdown()")
+	c.logf("client.Shutdown()\n")
 
 	c.mu.Lock()
 	inSendStatus := c.inSendStatus
@@ -630,30 +600,13 @@ func (c *Client) Shutdown() {
 	}
 	c.mu.Unlock()
 
-	c.logf("client.Shutdown: inSendStatus=%v", inSendStatus)
+	c.logf("client.Shutdown: inSendStatus=%v\n", inSendStatus)
 	if !closed {
 		close(c.quit)
 		c.cancelAuth()
 		<-c.authDone
 		c.cancelMapUnsafely()
 		<-c.mapDone
-		c.logf("Client.Shutdown done.")
+		c.logf("Client.Shutdown done.\n")
 	}
 }
-
-// NodePublicKey returns the node public key currently in use. This is
-// used exclusively in tests.
-func (c *Client) TestOnlyNodePublicKey() wgcfg.Key {
-	priv := c.direct.GetPersist()
-	return priv.PrivateNodeKey.Public()
-}
-
-func (c *Client) TestOnlySetAuthKey(authkey string) {
-	c.direct.mu.Lock()
-	defer c.direct.mu.Unlock()
-	c.direct.authKey = authkey
-}
-
-func (c *Client) TestOnlyTimeNow() time.Time {
-	return c.timeNow()
-}

control/controlclient/controlclient_test.go

@@ -13,16 +13,14 @@ import (
 
 func fieldsOf(t reflect.Type) (fields []string) {
 	for i := 0; i < t.NumField(); i++ {
-		if name := t.Field(i).Name; name != "_" {
-			fields = append(fields, name)
-		}
+		fields = append(fields, t.Field(i).Name)
 	}
 	return
 }
 
 func TestStatusEqual(t *testing.T) {
 	// Verify that the Equal method stays in sync with reality
-	equalHandles := []string{"LoginFinished", "Err", "URL", "Persist", "NetMap", "Hostinfo", "State"}
+	equalHandles := []string{"LoginFinished", "Err", "URL", "Persist", "NetMap", "Hostinfo", "state"}
 	if have := fieldsOf(reflect.TypeOf(Status{})); !reflect.DeepEqual(have, equalHandles) {
 		t.Errorf("Status.Equal check might be out of sync\nfields: %q\nhandled: %q\n",
 			have, equalHandles)
@@ -48,13 +46,13 @@ func TestStatusEqual(t *testing.T) {
 			true,
 		},
 		{
-			&Status{State: StateNew},
-			&Status{State: StateNew},
+			&Status{state: stateNew},
+			&Status{state: stateNew},
 			true,
 		},
 		{
-			&Status{State: StateNew},
-			&Status{State: StateAuthenticated},
+			&Status{state: stateNew},
+			&Status{state: stateAuthenticated},
 			false,
 		},
 		{

control/controlclient/direct.go

@@ -16,9 +16,8 @@ import (
 	"io/ioutil"
 	"log"
 	"net/http"
-	"net/url"
 	"os"
-	"reflect"
+	"runtime"
 	"strconv"
 	"strings"
 	"sync"
@@ -27,17 +26,13 @@ import (
 	"github.com/tailscale/wireguard-go/wgcfg"
 	"golang.org/x/crypto/nacl/box"
 	"golang.org/x/oauth2"
-	"tailscale.com/log/logheap"
-	"tailscale.com/net/netns"
-	"tailscale.com/net/tlsdial"
 	"tailscale.com/tailcfg"
 	"tailscale.com/types/logger"
-	"tailscale.com/types/structs"
 	"tailscale.com/version"
+	"tailscale.com/wgengine/filter"
 )
 
 type Persist struct {
-	_                 structs.Incomparable
 	PrivateMachineKey wgcfg.PrivateKey
 	PrivateNodeKey    wgcfg.PrivateKey
 	OldPrivateNodeKey wgcfg.PrivateKey // needed to request key rotation
@@ -81,35 +76,29 @@ type Direct struct {
 	httpc           *http.Client // HTTP client used to talk to tailcontrol
 	serverURL       string       // URL of the tailcontrol server
 	timeNow         func() time.Time
-	lastPrintMap    time.Time
 	newDecompressor func() (Decompressor, error)
 	keepAlive       bool
 	logf            logger.Logf
-	discoPubKey     tailcfg.DiscoKey
 
 	mu           sync.Mutex // mutex guards the following fields
 	serverKey    wgcfg.Key
 	persist      Persist
-	authKey      string
 	tryingNewKey wgcfg.PrivateKey
 	expiry       *time.Time
-	// hostinfo is mutated in-place while mu is held.
-	hostinfo  *tailcfg.Hostinfo // always non-nil
-	endpoints []string
-	localPort uint16 // or zero to mean auto
+	hostinfo     *tailcfg.Hostinfo // always non-nil
+	endpoints    []string
+	localPort    uint16 // or zero to mean auto
 }
 
 type Options struct {
 	Persist         Persist           // initial persistent data
+	HTTPC           *http.Client      // HTTP client used to talk to tailcontrol
 	ServerURL       string            // URL of the tailcontrol server
-	AuthKey         string            // optional node auth key for auto registration
 	TimeNow         func() time.Time  // time.Now implementation used by Client
 	Hostinfo        *tailcfg.Hostinfo // non-nil passes ownership, nil means to use default using os.Hostname, etc
-	DiscoPublicKey  tailcfg.DiscoKey
 	NewDecompressor func() (Decompressor, error)
 	KeepAlive       bool
 	Logf            logger.Logf
-	HTTPTestClient  *http.Client // optional HTTP client to use (for tests only)
 }
 
 type Decompressor interface {
@@ -123,9 +112,8 @@ func NewDirect(opts Options) (*Direct, error) {
 		return nil, errors.New("controlclient.New: no server URL specified")
 	}
 	opts.ServerURL = strings.TrimRight(opts.ServerURL, "/")
-	serverURL, err := url.Parse(opts.ServerURL)
-	if err != nil {
-		return nil, err
+	if opts.HTTPC == nil {
+		opts.HTTPC = http.DefaultClient
 	}
 	if opts.TimeNow == nil {
 		opts.TimeNow = time.Now
@@ -135,27 +123,14 @@ func NewDirect(opts Options) (*Direct, error) {
 		// TODO(bradfitz): ... but then it shouldn't be in Options.
 		opts.Logf = log.Printf
 	}
-
-	httpc := opts.HTTPTestClient
-	if httpc == nil {
-		dialer := netns.NewDialer()
-		tr := http.DefaultTransport.(*http.Transport).Clone()
-		tr.DialContext = dialer.DialContext
-		tr.ForceAttemptHTTP2 = true
-		tr.TLSClientConfig = tlsdial.Config(serverURL.Host, tr.TLSClientConfig)
-		httpc = &http.Client{Transport: tr}
-	}
-
 	c := &Direct{
-		httpc:           httpc,
+		httpc:           opts.HTTPC,
 		serverURL:       opts.ServerURL,
 		timeNow:         opts.TimeNow,
 		logf:            opts.Logf,
 		newDecompressor: opts.NewDecompressor,
 		keepAlive:       opts.KeepAlive,
 		persist:         opts.Persist,
-		authKey:         opts.AuthKey,
-		discoPubKey:     opts.DiscoPublicKey,
 	}
 	if opts.Hostinfo == nil {
 		c.SetHostinfo(NewHostinfo())
@@ -165,34 +140,45 @@ func NewDirect(opts Options) (*Direct, error) {
 	return c, nil
 }
 
+func hostinfoOS() string {
+	os := runtime.GOOS
+	switch os {
+	case "darwin":
+		if version.IsMobile() {
+			return "iOS"
+		} else {
+			return "macOS"
+		}
+	default:
+		return os
+	}
+}
+
 func NewHostinfo() *tailcfg.Hostinfo {
 	hostname, _ := os.Hostname()
 	return &tailcfg.Hostinfo{
 		IPNVersion: version.LONG,
 		Hostname:   hostname,
-		OS:         version.OS(),
+		OS:         hostinfoOS(),
 	}
 }
 
 // SetHostinfo clones the provided Hostinfo and remembers it for the
-// next update. It reports whether the Hostinfo has changed.
-func (c *Direct) SetHostinfo(hi *tailcfg.Hostinfo) bool {
+// next update.
+func (c *Direct) SetHostinfo(hi *tailcfg.Hostinfo) {
 	if hi == nil {
 		panic("nil Hostinfo")
 	}
 	c.mu.Lock()
 	defer c.mu.Unlock()
 
-	if hi.Equal(c.hostinfo) {
-		return false
-	}
+	c.logf("Hostinfo: %v\n", hi)
 	c.hostinfo = hi.Clone()
-	return true
 }
 
 // SetNetInfo clones the provided NetInfo and remembers it for the
-// next update. It reports whether the NetInfo has changed.
-func (c *Direct) SetNetInfo(ni *tailcfg.NetInfo) bool {
+// next update.
+func (c *Direct) SetNetInfo(ni *tailcfg.NetInfo) {
 	if ni == nil {
 		panic("nil NetInfo")
 	}
@@ -201,13 +187,10 @@ func (c *Direct) SetNetInfo(ni *tailcfg.NetInfo) bool {
 
 	if c.hostinfo == nil {
 		c.logf("[unexpected] SetNetInfo called with no HostInfo; ignoring NetInfo update: %+v", ni)
-		return false
-	}
-	if reflect.DeepEqual(ni, c.hostinfo.NetInfo) {
-		return false
+		return
 	}
+	c.logf("NetInfo: %v\n", ni)
 	c.hostinfo.NetInfo = ni.Clone()
-	return true
 }
 
 func (c *Direct) GetPersist() Persist {
@@ -224,7 +207,7 @@ const (
 )
 
 func (c *Direct) TryLogout(ctx context.Context) error {
-	c.logf("direct.TryLogout()")
+	c.logf("direct.TryLogout()\n")
 
 	c.mu.Lock()
 	defer c.mu.Unlock()
@@ -240,12 +223,12 @@ func (c *Direct) TryLogout(ctx context.Context) error {
 }
 
 func (c *Direct) TryLogin(ctx context.Context, t *oauth2.Token, flags LoginFlags) (url string, err error) {
-	c.logf("direct.TryLogin(%v, %v)", t != nil, flags)
+	c.logf("direct.TryLogin(%v, %v)\n", t != nil, flags)
 	return c.doLoginOrRegen(ctx, t, flags, false, "")
 }
 
 func (c *Direct) WaitLoginURL(ctx context.Context, url string) (newUrl string, err error) {
-	c.logf("direct.WaitLoginURL")
+	c.logf("direct.WaitLoginURL\n")
 	return c.doLoginOrRegen(ctx, nil, LoginDefault, false, url)
 }
 
@@ -265,14 +248,11 @@ func (c *Direct) doLogin(ctx context.Context, t *oauth2.Token, flags LoginFlags,
 	persist := c.persist
 	tryingNewKey := c.tryingNewKey
 	serverKey := c.serverKey
-	authKey := c.authKey
-	hostinfo := c.hostinfo.Clone()
-	backendLogID := hostinfo.BackendLogID
 	expired := c.expiry != nil && !c.expiry.IsZero() && c.expiry.Before(c.timeNow())
 	c.mu.Unlock()
 
 	if persist.PrivateMachineKey == (wgcfg.PrivateKey{}) {
-		c.logf("Generating a new machinekey.")
+		c.logf("Generating a new machinekey.\n")
 		mkey, err := wgcfg.NewPrivateKey()
 		if err != nil {
 			log.Fatal(err)
@@ -281,15 +261,15 @@ func (c *Direct) doLogin(ctx context.Context, t *oauth2.Token, flags LoginFlags,
 	}
 
 	if expired {
-		c.logf("Old key expired -> regen=true")
+		c.logf("Old key expired -> regen=true\n")
 		regen = true
 	}
 	if (flags & LoginInteractive) != 0 {
-		c.logf("LoginInteractive -> regen=true")
+		c.logf("LoginInteractive -> regen=true\n")
 		regen = true
 	}
 
-	c.logf("doLogin(regen=%v, hasUrl=%v)", regen, url != "")
+	c.logf("doLogin(regen=%v, hasUrl=%v)\n", regen, url != "")
 	if serverKey == (wgcfg.Key{}) {
 		var err error
 		serverKey, err = loadServerKey(ctx, c.httpc, c.serverURL)
@@ -305,7 +285,7 @@ func (c *Direct) doLogin(ctx context.Context, t *oauth2.Token, flags LoginFlags,
 	var oldNodeKey wgcfg.Key
 	if url != "" {
 	} else if regen || persist.PrivateNodeKey == (wgcfg.PrivateKey{}) {
-		c.logf("Generating a new nodekey.")
+		c.logf("Generating a new nodekey.\n")
 		persist.OldPrivateNodeKey = persist.PrivateNodeKey
 		key, err := wgcfg.NewPrivateKey()
 		if err != nil {
@@ -322,9 +302,9 @@ func (c *Direct) doLogin(ctx context.Context, t *oauth2.Token, flags LoginFlags,
 	}
 
 	if tryingNewKey == (wgcfg.PrivateKey{}) {
-		log.Fatalf("tryingNewKey is empty, give up")
+		log.Fatalf("tryingNewKey is empty, give up\n")
 	}
-	if backendLogID == "" {
+	if c.hostinfo.BackendLogID == "" {
 		err = errors.New("hostinfo: BackendLogID missing")
 		return regen, url, err
 	}
@@ -332,16 +312,15 @@ func (c *Direct) doLogin(ctx context.Context, t *oauth2.Token, flags LoginFlags,
 		Version:    1,
 		OldNodeKey: tailcfg.NodeKey(oldNodeKey),
 		NodeKey:    tailcfg.NodeKey(tryingNewKey.Public()),
-		Hostinfo:   hostinfo,
+		Hostinfo:   c.hostinfo,
 		Followup:   url,
 	}
-	c.logf("RegisterReq: onode=%v node=%v fup=%v",
-		request.OldNodeKey.ShortString(),
-		request.NodeKey.ShortString(), url != "")
+	c.logf("RegisterReq: onode=%v node=%v fup=%v\n",
+		request.OldNodeKey.AbbrevString(),
+		request.NodeKey.AbbrevString(), url != "")
 	request.Auth.Oauth2Token = t
 	request.Auth.Provider = persist.Provider
 	request.Auth.LoginName = persist.LoginName
-	request.Auth.AuthKey = authKey
 	bodyData, err := encode(request, &serverKey, &persist.PrivateMachineKey)
 	if err != nil {
 		return regen, url, err
@@ -359,7 +338,7 @@ func (c *Direct) doLogin(ctx context.Context, t *oauth2.Token, flags LoginFlags,
 	if err != nil {
 		return regen, url, fmt.Errorf("register request: %v", err)
 	}
-	c.logf("RegisterReq: returned.")
+	c.logf("RegisterReq: returned.\n")
 	resp := tailcfg.RegisterResponse{}
 	if err := decode(res, &resp, &serverKey, &persist.PrivateMachineKey); err != nil {
 		return regen, url, fmt.Errorf("register request: %v", err)
@@ -370,7 +349,7 @@ func (c *Direct) doLogin(ctx context.Context, t *oauth2.Token, flags LoginFlags,
 			return true, "", fmt.Errorf("weird: regen=true but server says NodeKeyExpired: %v", request.NodeKey)
 		}
 		c.logf("server reports new node key %v has expired",
-			request.NodeKey.ShortString())
+			request.NodeKey.AbbrevString())
 		return true, "", nil
 	}
 	if persist.Provider == "" {
@@ -387,9 +366,9 @@ func (c *Direct) doLogin(ctx context.Context, t *oauth2.Token, flags LoginFlags,
 	//	- user is disabled
 
 	if resp.AuthURL != "" {
-		c.logf("AuthURL is %v", resp.AuthURL)
+		c.logf("AuthURL is %.20v...\n", resp.AuthURL)
 	} else {
-		c.logf("No AuthURL")
+		c.logf("No AuthURL\n")
 	}
 
 	c.mu.Lock()
@@ -436,7 +415,7 @@ func (c *Direct) newEndpoints(localPort uint16, endpoints []string) (changed boo
 	if c.localPort == localPort && sameStrings(c.endpoints, endpoints) {
 		return false // unchanged
 	}
-	c.logf("client.newEndpoints(%v, %v)", localPort, endpoints)
+	c.logf("client.newEndpoints(%v, %v)\n", localPort, endpoints)
 	c.localPort = localPort
 	c.endpoints = append(c.endpoints[:0], endpoints...)
 	return true // changed
@@ -456,34 +435,25 @@ func (c *Direct) PollNetMap(ctx context.Context, maxPolls int, cb func(*NetworkM
 	persist := c.persist
 	serverURL := c.serverURL
 	serverKey := c.serverKey
-	hostinfo := c.hostinfo.Clone()
-	backendLogID := hostinfo.BackendLogID
+	hostinfo := c.hostinfo
 	localPort := c.localPort
 	ep := append([]string(nil), c.endpoints...)
 	c.mu.Unlock()
 
-	if backendLogID == "" {
+	if hostinfo.BackendLogID == "" {
 		return errors.New("hostinfo: BackendLogID missing")
 	}
 
 	allowStream := maxPolls != 1
-	c.logf("PollNetMap: stream=%v :%v %v", maxPolls, localPort, ep)
-
-	vlogf := logger.Discard
-	if Debug.NetMap {
-		vlogf = c.logf
-	}
+	c.logf("PollNetMap: stream=%v :%v %v\n", maxPolls, localPort, ep)
 
 	request := tailcfg.MapRequest{
-		Version:         4,
-		IncludeIPv6:     true,
-		KeepAlive:       c.keepAlive,
-		NodeKey:         tailcfg.NodeKey(persist.PrivateNodeKey.Public()),
-		DiscoKey:        c.discoPubKey,
-		Endpoints:       ep,
-		Stream:          allowStream,
-		Hostinfo:        hostinfo,
-		DebugForceDisco: Debug.ForceDisco,
+		Version:   4,
+		KeepAlive: c.keepAlive,
+		NodeKey:   tailcfg.NodeKey(persist.PrivateNodeKey.Public()),
+		Endpoints: ep,
+		Stream:    allowStream,
+		Hostinfo:  hostinfo,
 	}
 	if c.newDecompressor != nil {
 		request.Compress = "zstd"
@@ -491,11 +461,9 @@ func (c *Direct) PollNetMap(ctx context.Context, maxPolls int, cb func(*NetworkM
 
 	bodyData, err := encode(request, &serverKey, &persist.PrivateMachineKey)
 	if err != nil {
-		vlogf("netmap: encode: %v", err)
 		return err
 	}
 
-	t0 := time.Now()
 	u := fmt.Sprintf("%s/machine/%s/map", serverURL, persist.PrivateMachineKey.Public().HexString())
 	req, err := http.NewRequest("POST", u, bytes.NewReader(bodyData))
 	if err != nil {
@@ -507,10 +475,8 @@ func (c *Direct) PollNetMap(ctx context.Context, maxPolls int, cb func(*NetworkM
 
 	res, err := c.httpc.Do(req)
 	if err != nil {
-		vlogf("netmap: Do: %v", err)
 		return err
 	}
-	vlogf("netmap: Do = %v after %v", res.StatusCode, time.Since(t0).Round(time.Millisecond))
 	if res.StatusCode != 200 {
 		msg, _ := ioutil.ReadAll(res.Body)
 		res.Body.Close()
@@ -525,35 +491,26 @@ func (c *Direct) PollNetMap(ctx context.Context, maxPolls int, cb func(*NetworkM
 	const pollTimeout = 120 * time.Second
 	timeout := time.NewTimer(pollTimeout)
 	timeoutReset := make(chan struct{})
-	pollDone := make(chan struct{})
-	defer close(pollDone)
+	defer close(timeoutReset)
 	go func() {
 		for {
 			select {
-			case <-pollDone:
-				vlogf("netmap: ending timeout goroutine")
-				return
 			case <-timeout.C:
 				c.logf("map response long-poll timed out!")
 				cancel()
 				return
-			case <-timeoutReset:
-				if !timeout.Stop() {
-					select {
-					case <-timeout.C:
-					case <-pollDone:
-						vlogf("netmap: ending timeout goroutine")
-						return
-					}
+			case _, ok := <-timeoutReset:
+				if !ok {
+					return // channel closed, shut down goroutine
+				}
+				if !timeout.Stop() {
+					<-timeout.C
 				}
-				vlogf("netmap: reset timeout timer")
 				timeout.Reset(pollTimeout)
 			}
 		}
 	}()
 
-	var lastDERPMap *tailcfg.DERPMap
-
 	// If allowStream, then the server will use an HTTP long poll to
 	// return incremental results. There is always one response right
 	// away, followed by a delay, and eventually others.
@@ -562,58 +519,33 @@ func (c *Direct) PollNetMap(ctx context.Context, maxPolls int, cb func(*NetworkM
 	// We can use this same read loop either way.
 	var msg []byte
 	for i := 0; i < maxPolls || maxPolls < 0; i++ {
-		vlogf("netmap: starting size read after %v (poll %v)", time.Since(t0).Round(time.Millisecond), i)
 		var siz [4]byte
 		if _, err := io.ReadFull(res.Body, siz[:]); err != nil {
-			vlogf("netmap: size read error after %v: %v", time.Since(t0).Round(time.Millisecond), err)
 			return err
 		}
 		size := binary.LittleEndian.Uint32(siz[:])
-		vlogf("netmap: read size %v after %v", size, time.Since(t0).Round(time.Millisecond))
 		msg = append(msg[:0], make([]byte, size)...)
 		if _, err := io.ReadFull(res.Body, msg); err != nil {
-			vlogf("netmap: body read error: %v", err)
 			return err
 		}
-		vlogf("netmap: read body after %v", time.Since(t0).Round(time.Millisecond))
 
 		var resp tailcfg.MapResponse
+
+		// Default filter if the key is missing from the incoming
+		// json (ie. old tailcontrol server without PacketFilter
+		// support). If even an empty PacketFilter is provided, this
+		// will be overwritten.
+		// TODO(apenwarr 2020-02-01): remove after tailcontrol is fully deployed.
+		resp.PacketFilter = filter.MatchAllowAll.Clone()
+
 		if err := c.decodeMsg(msg, &resp); err != nil {
-			vlogf("netmap: decode error: %v")
 			return err
 		}
 		if resp.KeepAlive {
-			vlogf("netmap: got keep-alive")
-			select {
-			case timeoutReset <- struct{}{}:
-				vlogf("netmap: sent keep-alive timer reset")
-			case <-ctx.Done():
-				c.logf("netmap: not resetting timer for keep-alive due to: %v", ctx.Err())
-				return ctx.Err()
-			}
+			c.logf("map response keep alive received")
+			timeoutReset <- struct{}{}
 			continue
 		}
-		vlogf("netmap: got new map")
-
-		if resp.DERPMap != nil {
-			vlogf("netmap: new map contains DERP map")
-			lastDERPMap = resp.DERPMap
-		}
-		if resp.Debug != nil && resp.Debug.LogHeapPprof {
-			go logheap.LogHeap(resp.Debug.LogHeapURL)
-		}
-		// Temporarily (2020-06-29) support removing all but
-		// discovery-supporting nodes during development, for
-		// less noise.
-		if Debug.OnlyDisco {
-			filtered := resp.Peers[:0]
-			for _, p := range resp.Peers {
-				if !p.DiscoKey.IsZero() {
-					filtered = append(filtered, p)
-				}
-			}
-			resp.Peers = filtered
-		}
 
 		nm := &NetworkMap{
 			NodeKey:      tailcfg.NodeKey(persist.PrivateNodeKey.Public()),
@@ -629,9 +561,15 @@ func (c *Direct) PollNetMap(ctx context.Context, maxPolls int, cb func(*NetworkM
 			DNS:          resp.DNS,
 			DNSDomains:   resp.SearchPaths,
 			Hostinfo:     resp.Node.Hostinfo,
-			PacketFilter: c.parsePacketFilter(resp.PacketFilter),
-			DERPMap:      lastDERPMap,
-			Debug:        resp.Debug,
+			PacketFilter: resp.PacketFilter,
+		}
+		// Temporary (2020-02-21) knob to force debug, during DERP testing:
+		if ok, _ := strconv.ParseBool(os.Getenv("DEBUG_FORCE_DERP")); ok {
+			c.logf("debug: adding DERP endpoints to all peers")
+			for i := range nm.Peers {
+				peer := &nm.Peers[i]
+				peer.Endpoints = append([]string{"127.3.3.40:1"}, peer.Endpoints...)
+			}
 		}
 		for _, profile := range resp.UserProfiles {
 			nm.UserProfiles[profile.ID] = profile
@@ -641,17 +579,7 @@ func (c *Direct) PollNetMap(ctx context.Context, maxPolls int, cb func(*NetworkM
 		} else {
 			nm.MachineStatus = tailcfg.MachineUnauthorized
 		}
-
-		// Printing the netmap can be extremely verbose, but is very
-		// handy for debugging. Let's limit how often we do it.
-		// Code elsewhere prints netmap diffs every time, so this
-		// occasional full dump, plus incremental diffs, should do
-		// the job.
-		now := c.timeNow()
-		if now.Sub(c.lastPrintMap) >= 5*time.Minute {
-			c.lastPrintMap = now
-			c.logf("new network map[%d]:\n%s", i, nm.Concise())
-		}
+		//c.logf("new network map[%d]:\n%s", i, nm.Concise())
 
 		c.mu.Lock()
 		c.expiry = &nm.Expiry
@@ -678,10 +606,8 @@ func decode(res *http.Response, v interface{}, serverKey *wgcfg.Key, mkey *wgcfg
 }
 
 func (c *Direct) decodeMsg(msg []byte, v interface{}) error {
-	c.mu.Lock()
 	mkey := c.persist.PrivateMachineKey
 	serverKey := c.serverKey
-	c.mu.Unlock()
 
 	decrypted, err := decryptMsg(msg, &serverKey, &mkey)
 	if err != nil {
@@ -691,6 +617,7 @@ func (c *Direct) decodeMsg(msg []byte, v interface{}) error {
 	if c.newDecompressor == nil {
 		b = decrypted
 	} else {
+		//decoder, err := zstd.NewReader(nil)
 		decoder, err := c.newDecompressor()
 		if err != nil {
 			return err
@@ -779,39 +706,3 @@ func loadServerKey(ctx context.Context, httpc *http.Client, serverURL string) (w
 	}
 	return key, nil
 }
-
-// Debug contains temporary internal-only debug knobs.
-// They're unexported to not draw attention to them.
-var Debug = initDebug()
-
-type debug struct {
-	NetMap     bool
-	OnlyDisco  bool
-	Disco      bool
-	ForceDisco bool // ask control server to not filter out our disco key
-}
-
-func initDebug() debug {
-	d := debug{
-		NetMap:     envBool("TS_DEBUG_NETMAP"),
-		OnlyDisco:  os.Getenv("TS_DEBUG_USE_DISCO") == "only",
-		ForceDisco: os.Getenv("TS_DEBUG_USE_DISCO") == "only" || envBool("TS_DEBUG_USE_DISCO"),
-	}
-	if d.ForceDisco || os.Getenv("TS_DEBUG_USE_DISCO") == "" {
-		// This is now defaults to on.
-		d.Disco = true
-	}
-	return d
-}
-
-func envBool(k string) bool {
-	e := os.Getenv(k)
-	if e == "" {
-		return false
-	}
-	v, err := strconv.ParseBool(e)
-	if err != nil {
-		panic(fmt.Sprintf("invalid non-bool %q for env var %q", e, k))
-	}
-	return v
-}

control/controlclient/direct_test.go

@@ -0,0 +1,305 @@
+// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build depends_on_currently_unreleased
+
+package controlclient
+
+import (
+	"context"
+	"io/ioutil"
+	"net/http"
+	"net/http/httptest"
+	"os"
+	"testing"
+	"time"
+
+	"github.com/klauspost/compress/zstd"
+	"github.com/tailscale/wireguard-go/wgcfg"
+	"tailscale.com/tailcfg"
+	"tailscale.io/control" // not yet released
+)
+
+func TestClientsReusingKeys(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "control-test-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	var server *control.Server
+	httpsrv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		server.ServeHTTP(w, r)
+	}))
+	server, err = control.New(tmpdir, httpsrv.URL, true)
+	if err != nil {
+		t.Fatal(err)
+	}
+	server.QuietLogging = true
+	defer func() {
+		httpsrv.CloseClientConnections()
+		httpsrv.Close()
+		os.RemoveAll(tmpdir)
+	}()
+
+	hi := NewHostinfo()
+	hi.FrontendLogID = "go-test-only"
+	hi.BackendLogID = "go-test-only"
+	c1, err := NewDirect(Options{
+		ServerURL: httpsrv.URL,
+		HTTPC:     httpsrv.Client(),
+		//TimeNow:   s.control.TimeNow,
+		Logf: func(fmt string, args ...interface{}) {
+			t.Helper()
+			t.Logf("c1: "+fmt, args...)
+		},
+		Hostinfo: hi,
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+	authURL, err := c1.TryLogin(ctx, nil, 0)
+	if err != nil {
+		t.Fatal(err)
+	}
+	const user = "testuser1@tailscale.onmicrosoft.com"
+	postAuthURL(t, ctx, httpsrv.Client(), user, authURL)
+	newURL, err := c1.WaitLoginURL(ctx, authURL)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if newURL != "" {
+		t.Fatalf("unexpected newURL: %s", newURL)
+	}
+
+	pollErrCh := make(chan error)
+	go func() {
+		err := c1.PollNetMap(ctx, -1, func(netMap *NetworkMap) {})
+		pollErrCh <- err
+	}()
+
+	select {
+	case err := <-pollErrCh:
+		t.Fatal(err)
+	default:
+	}
+
+	c2, err := NewDirect(Options{
+		ServerURL: httpsrv.URL,
+		HTTPC:     httpsrv.Client(),
+		Logf: func(fmt string, args ...interface{}) {
+			t.Helper()
+			t.Logf("c2: "+fmt, args...)
+		},
+		Persist:  c1.GetPersist(),
+		Hostinfo: hi,
+		NewDecompressor: func() (Decompressor, error) {
+			return zstd.NewReader(nil)
+		},
+		KeepAlive: true,
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+	authURL, err = c2.TryLogin(ctx, nil, 0)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if authURL != "" {
+		t.Errorf("unexpected authURL %s", authURL)
+	}
+
+	err = c2.PollNetMap(ctx, 1, func(netMap *NetworkMap) {})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	select {
+	case err := <-pollErrCh:
+		t.Logf("expected poll error: %v", err)
+	case <-time.After(5 * time.Second):
+		t.Fatal("first client poll failed to close")
+	}
+}
+
+func TestClientsReusingOldKey(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "control-test-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	var server *control.Server
+	httpsrv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		server.ServeHTTP(w, r)
+	}))
+	server, err = control.New(tmpdir, httpsrv.URL, true)
+	if err != nil {
+		t.Fatal(err)
+	}
+	server.QuietLogging = true
+	defer func() {
+		httpsrv.CloseClientConnections()
+		httpsrv.Close()
+		os.RemoveAll(tmpdir)
+	}()
+
+	hi := NewHostinfo()
+	hi.FrontendLogID = "go-test-only"
+	hi.BackendLogID = "go-test-only"
+	genOpts := func() Options {
+		return Options{
+			ServerURL: httpsrv.URL,
+			HTTPC:     httpsrv.Client(),
+			//TimeNow:   s.control.TimeNow,
+			Logf: func(fmt string, args ...interface{}) {
+				t.Helper()
+				t.Logf("c1: "+fmt, args...)
+			},
+			Hostinfo: hi,
+		}
+	}
+
+	// Login with a new node key. This requires authorization.
+	c1, err := NewDirect(genOpts())
+	if err != nil {
+		t.Fatal(err)
+	}
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+	authURL, err := c1.TryLogin(ctx, nil, 0)
+	if err != nil {
+		t.Fatal(err)
+	}
+	const user = "testuser1@tailscale.onmicrosoft.com"
+	postAuthURL(t, ctx, httpsrv.Client(), user, authURL)
+	newURL, err := c1.WaitLoginURL(ctx, authURL)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if newURL != "" {
+		t.Fatalf("unexpected newURL: %s", newURL)
+	}
+
+	if err := c1.PollNetMap(ctx, 1, func(netMap *NetworkMap) {}); err != nil {
+		t.Fatal(err)
+	}
+
+	newPrivKey := func(t *testing.T) wgcfg.PrivateKey {
+		t.Helper()
+		k, err := wgcfg.NewPrivateKey()
+		if err != nil {
+			t.Fatal(err)
+		}
+		return k
+	}
+
+	// Replace the previous key with a new key.
+	persist1 := c1.GetPersist()
+	persist2 := Persist{
+		PrivateMachineKey: persist1.PrivateMachineKey,
+		OldPrivateNodeKey: persist1.PrivateNodeKey,
+		PrivateNodeKey:    newPrivKey(t),
+	}
+	opts := genOpts()
+	opts.Persist = persist2
+
+	c1, err = NewDirect(opts)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if authURL, err := c1.TryLogin(ctx, nil, 0); err != nil {
+		t.Fatal(err)
+	} else if authURL == "" {
+		t.Fatal("expected authURL for reused oldNodeKey, got none")
+	} else {
+		postAuthURL(t, ctx, httpsrv.Client(), user, authURL)
+		if newURL, err := c1.WaitLoginURL(ctx, authURL); err != nil {
+			t.Fatal(err)
+		} else if newURL != "" {
+			t.Fatalf("unexpected newURL: %s", newURL)
+		}
+	}
+	if p := c1.GetPersist(); p.PrivateNodeKey != opts.Persist.PrivateNodeKey {
+		t.Error("unexpected node key change")
+	} else {
+		persist2 = p
+	}
+
+	// Here we simulate a client using using old persistent data.
+	// We use the key we have already replaced as the old node key.
+	// This requires the user to authenticate.
+	persist3 := Persist{
+		PrivateMachineKey: persist1.PrivateMachineKey,
+		OldPrivateNodeKey: persist1.PrivateNodeKey,
+		PrivateNodeKey:    newPrivKey(t),
+	}
+	opts = genOpts()
+	opts.Persist = persist3
+
+	c1, err = NewDirect(opts)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if authURL, err := c1.TryLogin(ctx, nil, 0); err != nil {
+		t.Fatal(err)
+	} else if authURL == "" {
+		t.Fatal("expected authURL for reused oldNodeKey, got none")
+	} else {
+		postAuthURL(t, ctx, httpsrv.Client(), user, authURL)
+		if newURL, err := c1.WaitLoginURL(ctx, authURL); err != nil {
+			t.Fatal(err)
+		} else if newURL != "" {
+			t.Fatalf("unexpected newURL: %s", newURL)
+		}
+	}
+	if err := c1.PollNetMap(ctx, 1, func(netMap *NetworkMap) {}); err != nil {
+		t.Fatal(err)
+	}
+
+	// At this point, there should only be one node for the machine key
+	// registered as active in the server.
+	mkey := tailcfg.MachineKey(persist1.PrivateMachineKey.Public())
+	nodeIDs, err := server.DB().MachineNodes(mkey)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(nodeIDs) != 1 {
+		t.Logf("active nodes for machine key %v:", mkey)
+		for i, nodeID := range nodeIDs {
+			nodeKey := server.DB().NodeKey(nodeID)
+			t.Logf("\tnode %d: id=%v, key=%v", i, nodeID, nodeKey)
+		}
+		t.Fatalf("want 1 active node for the client machine, got %d", len(nodeIDs))
+	}
+
+	// Now try the previous node key. It should fail.
+	opts = genOpts()
+	opts.Persist = persist2
+	c1, err = NewDirect(opts)
+	if err != nil {
+		t.Fatal(err)
+	}
+	// TODO(crawshaw): make this return an actual error.
+	// Have cfgdb track expired keys, and when an expired key is reused
+	// produce an error.
+	if authURL, err := c1.TryLogin(ctx, nil, 0); err != nil {
+		t.Fatal(err)
+	} else if authURL == "" {
+		t.Fatal("expected authURL for reused nodeKey, got none")
+	} else {
+		postAuthURL(t, ctx, httpsrv.Client(), user, authURL)
+		if newURL, err := c1.WaitLoginURL(ctx, authURL); err != nil {
+			t.Fatal(err)
+		} else if newURL != "" {
+			t.Fatalf("unexpected newURL: %s", newURL)
+		}
+	}
+	if err := c1.PollNetMap(ctx, 1, func(netMap *NetworkMap) {}); err != nil {
+		t.Fatal(err)
+	}
+	if nodeIDs, err := server.DB().MachineNodes(mkey); err != nil {
+		t.Fatal(err)
+	} else if len(nodeIDs) != 1 {
+		t.Fatalf("want 1 active node for the client machine, got %d", len(nodeIDs))
+	}
+}

control/controlclient/filter.go

@@ -1,84 +0,0 @@
-// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package controlclient
-
-import (
-	"fmt"
-	"net"
-	"tailscale.com/tailcfg"
-	"tailscale.com/wgengine/filter"
-)
-
-func parseIP(host string, defaultBits int) (filter.Net, error) {
-	ip := net.ParseIP(host)
-	if ip != nil && ip.IsUnspecified() {
-		// For clarity, reject 0.0.0.0 as an input
-		return filter.NetNone, fmt.Errorf("ports=%#v: to allow all IP addresses, use *:port, not 0.0.0.0:port", host)
-	} else if ip == nil && host == "*" {
-		// User explicitly requested wildcard dst ip
-		return filter.NetAny, nil
-	} else {
-		if ip != nil {
-			ip = ip.To4()
-		}
-		if ip == nil || len(ip) != 4 {
-			return filter.NetNone, fmt.Errorf("ports=%#v: invalid IPv4 address", host)
-		}
-		return filter.Net{
-			IP:   filter.NewIP(ip),
-			Mask: filter.Netmask(defaultBits),
-		}, nil
-	}
-}
-
-// Parse a backward-compatible FilterRule used by control's wire format,
-// producing the most current filter.Matches format.
-func (c *Direct) parsePacketFilter(pf []tailcfg.FilterRule) filter.Matches {
-	mm := make([]filter.Match, 0, len(pf))
-	var erracc error
-
-	for _, r := range pf {
-		m := filter.Match{}
-
-		for i, s := range r.SrcIPs {
-			bits := 32
-			if len(r.SrcBits) > i {
-				bits = r.SrcBits[i]
-			}
-			net, err := parseIP(s, bits)
-			if err != nil && erracc == nil {
-				erracc = err
-				continue
-			}
-			m.Srcs = append(m.Srcs, net)
-		}
-
-		for _, d := range r.DstPorts {
-			bits := 32
-			if d.Bits != nil {
-				bits = *d.Bits
-			}
-			net, err := parseIP(d.IP, bits)
-			if err != nil && erracc == nil {
-				erracc = err
-				continue
-			}
-			m.Dsts = append(m.Dsts, filter.NetPortRange{
-				Net: net,
-				Ports: filter.PortRange{
-					First: d.Ports.First,
-					Last:  d.Ports.Last,
-				},
-			})
-		}
-
-		mm = append(mm, m)
-	}
-
-	if erracc != nil {
-		c.logf("parsePacketFilter: %s\n", erracc)
-	}
-	return mm
-}

control/controlclient/netmap.go

@@ -5,18 +5,18 @@
 package controlclient
 
 import (
+	"bytes"
+	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"log"
 	"net"
-	"reflect"
-	"strconv"
 	"strings"
 	"time"
 
 	"github.com/tailscale/wireguard-go/wgcfg"
 	"tailscale.com/tailcfg"
-	"tailscale.com/types/logger"
+	"tailscale.com/version"
 	"tailscale.com/wgengine/filter"
 )
 
@@ -29,19 +29,12 @@ type NetworkMap struct {
 	Addresses     []wgcfg.CIDR
 	LocalPort     uint16 // used for debugging
 	MachineStatus tailcfg.MachineStatus
-	Peers         []*tailcfg.Node // sorted by Node.ID
+	Peers         []tailcfg.Node
 	DNS           []wgcfg.IP
 	DNSDomains    []string
 	Hostinfo      tailcfg.Hostinfo
 	PacketFilter  filter.Matches
 
-	// DERPMap is the last DERP server map received. It's reused
-	// between updates and should not be modified.
-	DERPMap *tailcfg.DERPMap
-
-	// Debug knobs from control server for debug or feature gating.
-	Debug *tailcfg.Debug
-
 	// ACLs
 
 	User   tailcfg.UserID
@@ -54,148 +47,55 @@ type NetworkMap struct {
 	// TODO(crawshaw): Capabilities []tailcfg.Capability
 }
 
+func (n *NetworkMap) Equal(n2 *NetworkMap) bool {
+	// TODO(crawshaw): this is crude, but is an easy way to avoid bugs.
+	b, err := json.Marshal(n)
+	if err != nil {
+		panic(err)
+	}
+	b2, err := json.Marshal(n2)
+	if err != nil {
+		panic(err)
+	}
+	return bytes.Equal(b, b2)
+}
+
 func (nm NetworkMap) String() string {
 	return nm.Concise()
 }
 
+func keyString(key [32]byte) string {
+	b64 := base64.StdEncoding.EncodeToString(key[:])
+	abbrev := "invalid"
+	if len(b64) == 44 {
+		abbrev = b64[0:4] + "…" + b64[39:43]
+	}
+	return fmt.Sprintf("[%s]", abbrev)
+}
+
 func (nm *NetworkMap) Concise() string {
 	buf := new(strings.Builder)
-
-	nm.printConciseHeader(buf)
+	fmt.Fprintf(buf, "NetworkMap: self: %v auth=%v :%v %v\n",
+		keyString(nm.NodeKey), nm.MachineStatus,
+		nm.LocalPort, nm.Addresses)
 	for _, p := range nm.Peers {
-		printPeerConcise(buf, p)
+		aip := make([]string, len(p.AllowedIPs))
+		for i, a := range p.AllowedIPs {
+			aip[i] = fmt.Sprint(a)
+		}
+		u := fmt.Sprint(p.User)
+		if strings.HasPrefix(u, "userid:") {
+			u = "u:" + u[7:]
+		}
+		f1 := fmt.Sprintf(" %v %-6v %v",
+			keyString(p.Key), u, p.Endpoints)
+		f2 := fmt.Sprintf(" %*v\n", 70-len(f1),
+			strings.Join(aip, " "))
+		fmt.Fprintf(buf, "%s%s", f1, f2)
 	}
 	return buf.String()
 }
 
-// printConciseHeader prints a concise header line representing nm to buf.
-//
-// If this function is changed to access different fields of nm, keep
-// in equalConciseHeader in sync.
-func (nm *NetworkMap) printConciseHeader(buf *strings.Builder) {
-	fmt.Fprintf(buf, "netmap: self: %v auth=%v",
-		nm.NodeKey.ShortString(), nm.MachineStatus)
-	if nm.LocalPort != 0 {
-		fmt.Fprintf(buf, " port=%v", nm.LocalPort)
-	}
-	if nm.Debug != nil {
-		j, _ := json.Marshal(nm.Debug)
-		fmt.Fprintf(buf, " debug=%s", j)
-	}
-	fmt.Fprintf(buf, " %v", nm.Addresses)
-	buf.WriteByte('\n')
-}
-
-// equalConciseHeader reports whether a and b are equal for the fields
-// used by printConciseHeader.
-func (a *NetworkMap) equalConciseHeader(b *NetworkMap) bool {
-	if a.NodeKey != b.NodeKey ||
-		a.MachineStatus != b.MachineStatus ||
-		a.LocalPort != b.LocalPort ||
-		len(a.Addresses) != len(b.Addresses) {
-		return false
-	}
-	for i, a := range a.Addresses {
-		if b.Addresses[i] != a {
-			return false
-		}
-	}
-	return (a.Debug == nil && b.Debug == nil) || reflect.DeepEqual(a.Debug, b.Debug)
-}
-
-// printPeerConcise appends to buf a line repsenting the peer p.
-//
-// If this function is changed to access different fields of p, keep
-// in nodeConciseEqual in sync.
-func printPeerConcise(buf *strings.Builder, p *tailcfg.Node) {
-	aip := make([]string, len(p.AllowedIPs))
-	for i, a := range p.AllowedIPs {
-		s := strings.TrimSuffix(fmt.Sprint(a), "/32")
-		aip[i] = s
-	}
-
-	ep := make([]string, len(p.Endpoints))
-	for i, e := range p.Endpoints {
-		// Align vertically on the ':' between IP and port
-		colon := strings.IndexByte(e, ':')
-		spaces := 0
-		for colon > 0 && len(e)+spaces-colon < 6 {
-			spaces++
-			colon--
-		}
-		ep[i] = fmt.Sprintf("%21v", e+strings.Repeat(" ", spaces))
-	}
-
-	derp := p.DERP
-	const derpPrefix = "127.3.3.40:"
-	if strings.HasPrefix(derp, derpPrefix) {
-		derp = "D" + derp[len(derpPrefix):]
-	}
-
-	// Most of the time, aip is just one element, so format the
-	// table to look good in that case. This will also make multi-
-	// subnet nodes stand out visually.
-	fmt.Fprintf(buf, " %v %-2v %-15v : %v\n",
-		p.Key.ShortString(), derp,
-		strings.Join(aip, " "),
-		strings.Join(ep, " "))
-}
-
-// nodeConciseEqual reports whether a and b are equal for the fields accessed by printPeerConcise.
-func nodeConciseEqual(a, b *tailcfg.Node) bool {
-	return a.Key == b.Key &&
-		a.DERP == b.DERP &&
-		eqCIDRsIgnoreNil(a.AllowedIPs, b.AllowedIPs) &&
-		eqStringsIgnoreNil(a.Endpoints, b.Endpoints)
-}
-
-func (b *NetworkMap) ConciseDiffFrom(a *NetworkMap) string {
-	var diff strings.Builder
-
-	// See if header (non-peers, "bare") part of the network map changed.
-	// If so, print its diff lines first.
-	if !a.equalConciseHeader(b) {
-		diff.WriteByte('-')
-		a.printConciseHeader(&diff)
-		diff.WriteByte('+')
-		b.printConciseHeader(&diff)
-	}
-
-	aps, bps := a.Peers, b.Peers
-	for len(aps) > 0 && len(bps) > 0 {
-		pa, pb := aps[0], bps[0]
-		switch {
-		case pa.ID == pb.ID:
-			if !nodeConciseEqual(pa, pb) {
-				diff.WriteByte('-')
-				printPeerConcise(&diff, pa)
-				diff.WriteByte('+')
-				printPeerConcise(&diff, pb)
-			}
-			aps, bps = aps[1:], bps[1:]
-		case pa.ID > pb.ID:
-			// New peer in b.
-			diff.WriteByte('+')
-			printPeerConcise(&diff, pb)
-			bps = bps[1:]
-		case pb.ID > pa.ID:
-			// Deleted peer in b.
-			diff.WriteByte('-')
-			printPeerConcise(&diff, pa)
-			aps = aps[1:]
-		}
-	}
-	for _, pa := range aps {
-		diff.WriteByte('-')
-		printPeerConcise(&diff, pa)
-	}
-	for _, pb := range bps {
-		diff.WriteByte('+')
-		printPeerConcise(&diff, pb)
-	}
-	return diff.String()
-}
-
 func (nm *NetworkMap) JSON() string {
 	b, err := json.MarshalIndent(*nm, "", "  ")
 	if err != nil {
@@ -204,141 +104,187 @@ func (nm *NetworkMap) JSON() string {
 	return string(b)
 }
 
-// WGConfigFlags is a bitmask of flags to control the behavior of the
-// wireguard configuration generation done by NetMap.WGCfg.
-type WGConfigFlags int
+// TODO(apenwarr): delete me once relaynode doesn't need this anymore.
+// control.go:userMap() supercedes it. This does not belong in the client.
+func (nm *NetworkMap) UserMap() map[string][]filter.IP {
+	// Make a lookup table of roles
+	log.Printf("roles list is: %v\n", nm.Roles)
+	roles := make(map[tailcfg.RoleID]tailcfg.Role)
+	for _, role := range nm.Roles {
+		roles[role.ID] = role
+	}
+
+	// First, go through each node's addresses and make a lookup table
+	// of IP->User.
+	fwd := make(map[wgcfg.IP]string)
+	for _, node := range nm.Peers {
+		for _, addr := range node.Addresses {
+			if addr.Mask == 32 && addr.IP.Is4() {
+				user, ok := nm.UserProfiles[node.User]
+				if ok {
+					fwd[addr.IP] = user.LoginName
+				}
+			}
+		}
+	}
+
+	// Next, reverse the mapping into User->IP.
+	rev := make(map[string][]filter.IP)
+	for ip, username := range fwd {
+		ip4 := ip.To4()
+		if ip4 != nil {
+			fip := filter.NewIP(net.IP(ip4))
+			rev[username] = append(rev[username], fip)
+		}
+	}
+
+	// Now add roles, which are lists of users, and therefore lists
+	// of those users' IP addresses.
+	for _, user := range nm.UserProfiles {
+		for _, roleid := range user.Roles {
+			role, ok := roles[roleid]
+			if ok {
+				rolename := "role:" + role.Name
+				rev[rolename] = append(rev[rolename], rev[user.LoginName]...)
+			}
+		}
+	}
+
+	//log.Printf("Usermap is: %v\n", rev)
+	return rev
+}
 
 const (
-	AllowSingleHosts WGConfigFlags = 1 << iota
-	AllowSubnetRoutes
-	AllowDefaultRoute
-	HackDefaultRoute
+	UAllowSingleHosts = 1 << iota
+	UAllowSubnetRoutes
+	UAllowDefaultRoute
+	UHackDefaultRoute
+
+	UDefault = 0
 )
 
-// TODO(bradfitz): UAPI seems to only be used by the old confnode and
-// pingnode; delete this when those are deleted/rewritten?
-func (nm *NetworkMap) UAPI(flags WGConfigFlags, dnsOverride []wgcfg.IP) string {
-	wgcfg, err := nm.WGCfg(log.Printf, flags, dnsOverride)
+// Several programs need to parse these arguments into uflags, so let's
+// centralize it here.
+func UFlagsHelper(uroutes, rroutes, droutes bool) int {
+	uflags := 0
+	if uroutes {
+		uflags |= UAllowSingleHosts
+	}
+	if rroutes {
+		uflags |= UAllowSubnetRoutes
+	}
+	if droutes {
+		uflags |= UAllowDefaultRoute
+	}
+	return uflags
+}
+
+func (nm *NetworkMap) UAPI(uflags int, dnsOverride []wgcfg.IP) string {
+	wgcfg, err := nm.WGCfg(uflags, dnsOverride)
 	if err != nil {
-		log.Fatalf("WGCfg() failed unexpectedly: %v", err)
+		log.Fatalf("WGCfg() failed unexpectedly: %v\n", err)
 	}
 	s, err := wgcfg.ToUAPI()
 	if err != nil {
-		log.Fatalf("ToUAPI() failed unexpectedly: %v", err)
+		log.Fatalf("ToUAPI() failed unexpectedly: %v\n", err)
 	}
 	return s
 }
 
-// EndpointDiscoSuffix is appended to the hex representation of a peer's discovery key
-// and is then the sole wireguard endpoint for peers with a non-zero discovery key.
-// This form is then recognize by magicsock's CreateEndpoint.
-const EndpointDiscoSuffix = ".disco.tailscale:12345"
+func (nm *NetworkMap) WGCfg(uflags int, dnsOverride []wgcfg.IP) (*wgcfg.Config, error) {
+	s := nm._WireGuardConfig(uflags, dnsOverride, true)
+	return wgcfg.FromWgQuick(s, "tailscale")
+}
 
-// WGCfg returns the NetworkMaps's Wireguard configuration.
-func (nm *NetworkMap) WGCfg(logf logger.Logf, flags WGConfigFlags, dnsOverride []wgcfg.IP) (*wgcfg.Config, error) {
-	cfg := &wgcfg.Config{
-		Name:       "tailscale",
-		PrivateKey: nm.PrivateKey,
-		Addresses:  nm.Addresses,
-		ListenPort: nm.LocalPort,
-		DNS:        append([]wgcfg.IP(nil), dnsOverride...),
-		Peers:      make([]wgcfg.Peer, 0, len(nm.Peers)),
+// TODO(apenwarr): This mode is dangerous.
+// Discarding the extra endpoints is almost universally the wrong choice.
+// Except that plain wireguard can't handle a peer with multiple endpoints.
+// (Yet?)
+func (nm *NetworkMap) WireGuardConfigOneEndpoint(uflags int, dnsOverride []wgcfg.IP) string {
+	return nm._WireGuardConfig(uflags, dnsOverride, false)
+}
+
+func (nm *NetworkMap) _WireGuardConfig(uflags int, dnsOverride []wgcfg.IP, allEndpoints bool) string {
+	buf := new(strings.Builder)
+	fmt.Fprintf(buf, "[Interface]\n")
+	fmt.Fprintf(buf, "PrivateKey = %s\n", base64.StdEncoding.EncodeToString(nm.PrivateKey[:]))
+	if len(nm.Addresses) > 0 {
+		fmt.Fprintf(buf, "Address = ")
+		for i, cidr := range nm.Addresses {
+			if i > 0 {
+				fmt.Fprintf(buf, ", ")
+			}
+			fmt.Fprintf(buf, "%s", cidr)
+		}
+		fmt.Fprintf(buf, "\n")
 	}
+	fmt.Fprintf(buf, "ListenPort = %d\n", nm.LocalPort)
+	if len(dnsOverride) > 0 {
+		dnss := []string{}
+		for _, ip := range dnsOverride {
+			dnss = append(dnss, ip.String())
+		}
+		fmt.Fprintf(buf, "DNS = %s\n", strings.Join(dnss, ","))
+	}
+	fmt.Fprintf(buf, "\n")
 
-	for _, peer := range nm.Peers {
-		if Debug.OnlyDisco && peer.DiscoKey.IsZero() {
+	for i, peer := range nm.Peers {
+		if (uflags&UAllowSingleHosts) == 0 && len(peer.AllowedIPs) < 2 {
+			log.Printf("wgcfg: %v skipping a single-host peer.\n", peer.Key.AbbrevString())
 			continue
 		}
-		if (flags&AllowSingleHosts) == 0 && len(peer.AllowedIPs) < 2 {
-			logf("wgcfg: %v skipping a single-host peer.", peer.Key.ShortString())
-			continue
+		if i > 0 {
+			fmt.Fprintf(buf, "\n")
 		}
-		cfg.Peers = append(cfg.Peers, wgcfg.Peer{
-			PublicKey: wgcfg.Key(peer.Key),
-		})
-		cpeer := &cfg.Peers[len(cfg.Peers)-1]
-		if peer.KeepAlive {
-			cpeer.PersistentKeepalive = 25 // seconds
+		fmt.Fprintf(buf, "[Peer]\n")
+		fmt.Fprintf(buf, "PublicKey = %s\n", base64.StdEncoding.EncodeToString(peer.Key[:]))
+		var endpoints []string
+		if peer.DERP != "" {
+			endpoints = append(endpoints, peer.DERP)
 		}
-
-		if !peer.DiscoKey.IsZero() {
-			if err := appendEndpoint(cpeer, fmt.Sprintf("%x%s", peer.DiscoKey[:], EndpointDiscoSuffix)); err != nil {
-				return nil, err
-			}
-			cpeer.Endpoints = []wgcfg.Endpoint{{Host: fmt.Sprintf("%x.disco.tailscale", peer.DiscoKey[:]), Port: 12345}}
-		} else {
-			if err := appendEndpoint(cpeer, peer.DERP); err != nil {
-				return nil, err
-			}
-			for _, ep := range peer.Endpoints {
-				if err := appendEndpoint(cpeer, ep); err != nil {
-					return nil, err
-				}
+		endpoints = append(endpoints, peer.Endpoints...)
+		if len(endpoints) > 0 {
+			if len(endpoints) == 1 {
+				fmt.Fprintf(buf, "Endpoint = %s", endpoints[0])
+			} else if allEndpoints {
+				// TODO(apenwarr): This mode is incompatible.
+				// Normal wireguard clients don't know how to
+				// parse it (yet?)
+				fmt.Fprintf(buf, "Endpoint = %s",
+					strings.Join(endpoints, ","))
+			} else {
+				fmt.Fprintf(buf, "Endpoint = %s # other endpoints: %s",
+					endpoints[0],
+					strings.Join(endpoints[1:], ", "))
 			}
+			buf.WriteByte('\n')
 		}
+		var aips []string
 		for _, allowedIP := range peer.AllowedIPs {
+			aip := allowedIP.String()
 			if allowedIP.Mask == 0 {
-				if (flags & AllowDefaultRoute) == 0 {
-					logf("wgcfg: %v skipping default route", peer.Key.ShortString())
+				if (uflags & UAllowDefaultRoute) == 0 {
+					log.Printf("wgcfg: %v skipping default route\n", peer.Key.AbbrevString())
 					continue
 				}
-				if (flags & HackDefaultRoute) != 0 {
-					allowedIP = wgcfg.CIDR{IP: wgcfg.IPv4(10, 0, 0, 0), Mask: 8}
-					logf("wgcfg: %v converting default route => %v", peer.Key.ShortString(), allowedIP.String())
+				if (uflags & UHackDefaultRoute) != 0 {
+					aip = "10.0.0.0/8"
+					log.Printf("wgcfg: %v converting default route => %v\n", peer.Key.AbbrevString(), aip)
 				}
 			} else if allowedIP.Mask < 32 {
-				if (flags & AllowSubnetRoutes) == 0 {
-					logf("wgcfg: %v skipping subnet route", peer.Key.ShortString())
+				if (uflags & UAllowSubnetRoutes) == 0 {
+					log.Printf("wgcfg: %v skipping subnet route\n", peer.Key.AbbrevString())
 					continue
 				}
 			}
-			cpeer.AllowedIPs = append(cpeer.AllowedIPs, allowedIP)
+			aips = append(aips, aip)
+		}
+		fmt.Fprintf(buf, "AllowedIPs = %s\n", strings.Join(aips, ", "))
+		doKeepAlives := !version.IsMobile()
+		if doKeepAlives {
+			fmt.Fprintf(buf, "PersistentKeepalive = 25\n")
 		}
 	}
 
-	return cfg, nil
-}
-
-func appendEndpoint(peer *wgcfg.Peer, epStr string) error {
-	if epStr == "" {
-		return nil
-	}
-	host, port, err := net.SplitHostPort(epStr)
-	if err != nil {
-		return fmt.Errorf("malformed endpoint %q for peer %v", epStr, peer.PublicKey.ShortString())
-	}
-	port16, err := strconv.ParseUint(port, 10, 16)
-	if err != nil {
-		return fmt.Errorf("invalid port in endpoint %q for peer %v", epStr, peer.PublicKey.ShortString())
-	}
-	peer.Endpoints = append(peer.Endpoints, wgcfg.Endpoint{Host: host, Port: uint16(port16)})
-	return nil
-}
-
-// eqStringsIgnoreNil reports whether a and b have the same length and
-// contents, but ignore whether a or b are nil.
-func eqStringsIgnoreNil(a, b []string) bool {
-	if len(a) != len(b) {
-		return false
-	}
-	for i, v := range a {
-		if v != b[i] {
-			return false
-		}
-	}
-	return true
-}
-
-// eqCIDRsIgnoreNil reports whether a and b have the same length and
-// contents, but ignore whether a or b are nil.
-func eqCIDRsIgnoreNil(a, b []wgcfg.CIDR) bool {
-	if len(a) != len(b) {
-		return false
-	}
-	for i, v := range a {
-		if v != b[i] {
-			return false
-		}
-	}
-	return true
+	return buf.String()
 }

control/controlclient/netmap_test.go

@@ -1,217 +0,0 @@
-// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package controlclient
-
-import (
-	"testing"
-
-	"tailscale.com/tailcfg"
-)
-
-func testNodeKey(b byte) (ret tailcfg.NodeKey) {
-	for i := range ret {
-		ret[i] = b
-	}
-	return
-}
-
-func TestNetworkMapConcise(t *testing.T) {
-	for _, tt := range []struct {
-		name string
-		nm   *NetworkMap
-		want string
-	}{
-		{
-			name: "basic",
-			nm: &NetworkMap{
-				NodeKey: testNodeKey(1),
-				Peers: []*tailcfg.Node{
-					{
-						Key:       testNodeKey(2),
-						DERP:      "127.3.3.40:2",
-						Endpoints: []string{"192.168.0.100:12", "192.168.0.100:12354"},
-					},
-					{
-						Key:       testNodeKey(3),
-						DERP:      "127.3.3.40:4",
-						Endpoints: []string{"10.2.0.100:12", "10.1.0.100:12345"},
-					},
-				},
-			},
-			want: "netmap: self: [AQEBA] auth=machine-unknown []\n [AgICA] D2                 :    192.168.0.100:12     192.168.0.100:12354\n [AwMDA] D4                 :       10.2.0.100:12        10.1.0.100:12345\n",
-		},
-		{
-			name: "debug_non_nil",
-			nm: &NetworkMap{
-				NodeKey: testNodeKey(1),
-				Debug:   &tailcfg.Debug{},
-			},
-			want: "netmap: self: [AQEBA] auth=machine-unknown debug={} []\n",
-		},
-		{
-			name: "debug_values",
-			nm: &NetworkMap{
-				NodeKey: testNodeKey(1),
-				Debug:   &tailcfg.Debug{LogHeapPprof: true},
-			},
-			want: "netmap: self: [AQEBA] auth=machine-unknown debug={\"LogHeapPprof\":true} []\n",
-		},
-	} {
-		t.Run(tt.name, func(t *testing.T) {
-			var got string
-			n := int(testing.AllocsPerRun(1000, func() {
-				got = tt.nm.Concise()
-			}))
-			t.Logf("Allocs = %d", n)
-			if got != tt.want {
-				t.Errorf("Wrong output\n Got: %q\nWant: %q\n## Got (unescaped):\n%s\n## Want (unescaped):\n%s\n", got, tt.want, got, tt.want)
-			}
-		})
-	}
-}
-
-func TestConciseDiffFrom(t *testing.T) {
-	for _, tt := range []struct {
-		name string
-		a, b *NetworkMap
-		want string
-	}{
-		{
-			name: "no_change",
-			a: &NetworkMap{
-				NodeKey: testNodeKey(1),
-				Peers: []*tailcfg.Node{
-					{
-						Key:       testNodeKey(2),
-						DERP:      "127.3.3.40:2",
-						Endpoints: []string{"192.168.0.100:12", "192.168.0.100:12354"},
-					},
-				},
-			},
-			b: &NetworkMap{
-				NodeKey: testNodeKey(1),
-				Peers: []*tailcfg.Node{
-					{
-						Key:       testNodeKey(2),
-						DERP:      "127.3.3.40:2",
-						Endpoints: []string{"192.168.0.100:12", "192.168.0.100:12354"},
-					},
-				},
-			},
-			want: "",
-		},
-		{
-			name: "header_change",
-			a: &NetworkMap{
-				NodeKey: testNodeKey(1),
-				Peers: []*tailcfg.Node{
-					{
-						Key:       testNodeKey(2),
-						DERP:      "127.3.3.40:2",
-						Endpoints: []string{"192.168.0.100:12", "192.168.0.100:12354"},
-					},
-				},
-			},
-			b: &NetworkMap{
-				NodeKey: testNodeKey(2),
-				Peers: []*tailcfg.Node{
-					{
-						Key:       testNodeKey(2),
-						DERP:      "127.3.3.40:2",
-						Endpoints: []string{"192.168.0.100:12", "192.168.0.100:12354"},
-					},
-				},
-			},
-			want: "-netmap: self: [AQEBA] auth=machine-unknown []\n+netmap: self: [AgICA] auth=machine-unknown []\n",
-		},
-		{
-			name: "peer_add",
-			a: &NetworkMap{
-				NodeKey: testNodeKey(1),
-				Peers: []*tailcfg.Node{
-					{
-						ID:        2,
-						Key:       testNodeKey(2),
-						DERP:      "127.3.3.40:2",
-						Endpoints: []string{"192.168.0.100:12", "192.168.0.100:12354"},
-					},
-				},
-			},
-			b: &NetworkMap{
-				NodeKey: testNodeKey(1),
-				Peers: []*tailcfg.Node{
-					{
-						ID:        1,
-						Key:       testNodeKey(1),
-						DERP:      "127.3.3.40:1",
-						Endpoints: []string{"192.168.0.100:12", "192.168.0.100:12354"},
-					},
-					{
-						ID:        2,
-						Key:       testNodeKey(2),
-						DERP:      "127.3.3.40:2",
-						Endpoints: []string{"192.168.0.100:12", "192.168.0.100:12354"},
-					},
-					{
-						ID:        3,
-						Key:       testNodeKey(3),
-						DERP:      "127.3.3.40:3",
-						Endpoints: []string{"192.168.0.100:12", "192.168.0.100:12354"},
-					},
-				},
-			},
-			want: "+ [AQEBA] D1                 :    192.168.0.100:12     192.168.0.100:12354\n+ [AwMDA] D3                 :    192.168.0.100:12     192.168.0.100:12354\n",
-		},
-		{
-			name: "peer_remove",
-			a: &NetworkMap{
-				NodeKey: testNodeKey(1),
-				Peers: []*tailcfg.Node{
-					{
-						ID:        1,
-						Key:       testNodeKey(1),
-						DERP:      "127.3.3.40:1",
-						Endpoints: []string{"192.168.0.100:12", "192.168.0.100:12354"},
-					},
-					{
-						ID:        2,
-						Key:       testNodeKey(2),
-						DERP:      "127.3.3.40:2",
-						Endpoints: []string{"192.168.0.100:12", "192.168.0.100:12354"},
-					},
-					{
-						ID:        3,
-						Key:       testNodeKey(3),
-						DERP:      "127.3.3.40:3",
-						Endpoints: []string{"192.168.0.100:12", "192.168.0.100:12354"},
-					},
-				},
-			},
-			b: &NetworkMap{
-				NodeKey: testNodeKey(1),
-				Peers: []*tailcfg.Node{
-					{
-						ID:        2,
-						Key:       testNodeKey(2),
-						DERP:      "127.3.3.40:2",
-						Endpoints: []string{"192.168.0.100:12", "192.168.0.100:12354"},
-					},
-				},
-			},
-			want: "- [AQEBA] D1                 :    192.168.0.100:12     192.168.0.100:12354\n- [AwMDA] D3                 :    192.168.0.100:12     192.168.0.100:12354\n",
-		},
-	} {
-		t.Run(tt.name, func(t *testing.T) {
-			var got string
-			n := int(testing.AllocsPerRun(50, func() {
-				got = tt.b.ConciseDiffFrom(tt.a)
-			}))
-			t.Logf("Allocs = %d", n)
-			if got != tt.want {
-				t.Errorf("Wrong output\n Got: %q\nWant: %q\n## Got (unescaped):\n%s\n## Want (unescaped):\n%s\n", got, tt.want, got, tt.want)
-			}
-		})
-	}
-}

derp/derp.go

@@ -32,11 +32,10 @@ const MaxPacketSize = 64 << 10
 const magic = "DERP🔑" // 8 bytes: 0x44 45 52 50 f0 9f 94 91
 
 const (
-	nonceLen       = 24
-	frameHeaderLen = 1 + 4 // frameType byte + 4 byte length
-	keyLen         = 32
-	maxInfoLen     = 1 << 20
-	keepAlive      = 60 * time.Second
+	nonceLen   = 24
+	keyLen     = 32
+	maxInfoLen = 1 << 20
+	keepAlive  = 60 * time.Second
 )
 
 // protocolVersion is bumped whenever there's a wire-incompatible change.
@@ -72,35 +71,9 @@ const (
 	frameClientInfo    = frameType(0x02) // 32B pub key + 24B nonce + naclbox(json)
 	frameServerInfo    = frameType(0x03) // 24B nonce + naclbox(json)
 	frameSendPacket    = frameType(0x04) // 32B dest pub key + packet bytes
-	frameForwardPacket = frameType(0x0a) // 32B src pub key + 32B dst pub key + packet bytes
 	frameRecvPacket    = frameType(0x05) // v0/1: packet bytes, v2: 32B src pub key + packet bytes
 	frameKeepAlive     = frameType(0x06) // no payload, no-op (to be replaced with ping/pong)
 	frameNotePreferred = frameType(0x07) // 1 byte payload: 0x01 or 0x00 for whether this is client's home node
-
-	// framePeerGone is sent from server to client to signal that
-	// a previous sender is no longer connected. That is, if A
-	// sent to B, and then if A disconnects, the server sends
-	// framePeerGone to B so B can forget that a reverse path
-	// exists on that connection to get back to A.
-	framePeerGone = frameType(0x08) // 32B pub key of peer that's gone
-
-	// framePeerPresent is like framePeerGone, but for other
-	// members of the DERP region when they're meshed up together.
-	framePeerPresent = frameType(0x09) // 32B pub key of peer that's connected
-
-	// frameWatchConns is how one DERP node in a regional mesh
-	// subscribes to the others in the region.
-	// There's no payload. If the sender doesn't have permission, the connection
-	// is closed. Otherwise, the client is initially flooded with
-	// framePeerPresent for all connected nodes, and then a stream of
-	// framePeerPresent & framePeerGone has peers connect and disconnect.
-	frameWatchConns = frameType(0x10)
-
-	// frameClosePeer is a privileged frame type (requires the
-	// mesh key for now) that closes the provided peer's
-	// connection. (To be used for cluster load balancing
-	// purposes, when clients end up on a non-ideal node)
-	frameClosePeer = frameType(0x11) // 32B pub key of peer to close.
 )
 
 var bin = binary.BigEndian
@@ -158,8 +131,7 @@ func readFrame(br *bufio.Reader, maxSize uint32, b []byte) (t frameType, frameLe
 	if frameLen > maxSize {
 		return 0, 0, fmt.Errorf("frame header size %d exceeds reader limit of %d", frameLen, maxSize)
 	}
-
-	n, err := io.ReadFull(br, b[:minUint32(frameLen, uint32(len(b)))])
+	n, err := io.ReadFull(br, b[:frameLen])
 	if err != nil {
 		return 0, 0, err
 	}
@@ -200,10 +172,3 @@ func minInt(a, b int) int {
 	}
 	return b
 }
-
-func minUint32(a, b uint32) uint32 {
-	if a < b {
-		return a
-	}
-	return b
-}

derp/derp_client.go

@@ -11,6 +11,7 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"net"
 	"sync"
 	"time"
 
@@ -19,57 +20,21 @@ import (
 	"tailscale.com/types/logger"
 )
 
-// Client is a DERP client.
 type Client struct {
 	serverKey    key.Public // of the DERP server; not a machine or node key
 	privateKey   key.Private
 	publicKey    key.Public // of privateKey
 	protoVersion int        // min of server+client
 	logf         logger.Logf
-	nc           Conn
+	nc           net.Conn
 	br           *bufio.Reader
-	meshKey      string
 
-	wmu sync.Mutex // hold while writing to bw
-	bw  *bufio.Writer
-
-	// Owned by Recv:
-	peeked  int   // bytes to discard on next Recv
+	wmu     sync.Mutex // hold while writing to bw
+	bw      *bufio.Writer
 	readErr error // sticky read error
 }
 
-// ClientOpt is an option passed to NewClient.
-type ClientOpt interface {
-	update(*clientOpt)
-}
-
-type clientOptFunc func(*clientOpt)
-
-func (f clientOptFunc) update(o *clientOpt) { f(o) }
-
-// clientOpt are the options passed to newClient.
-type clientOpt struct {
-	MeshKey string
-}
-
-// MeshKey returns a ClientOpt to pass to the DERP server during connect to get
-// access to join the mesh.
-//
-// An empty key means to not use a mesh key.
-func MeshKey(key string) ClientOpt { return clientOptFunc(func(o *clientOpt) { o.MeshKey = key }) }
-
-func NewClient(privateKey key.Private, nc Conn, brw *bufio.ReadWriter, logf logger.Logf, opts ...ClientOpt) (*Client, error) {
-	var opt clientOpt
-	for _, o := range opts {
-		if o == nil {
-			return nil, errors.New("nil ClientOpt")
-		}
-		o.update(&opt)
-	}
-	return newClient(privateKey, nc, brw, logf, opt)
-}
-
-func newClient(privateKey key.Private, nc Conn, brw *bufio.ReadWriter, logf logger.Logf, opt clientOpt) (*Client, error) {
+func NewClient(privateKey key.Private, nc net.Conn, brw *bufio.ReadWriter, logf logger.Logf) (*Client, error) {
 	c := &Client{
 		privateKey: privateKey,
 		publicKey:  privateKey.Public(),
@@ -77,8 +42,8 @@ func newClient(privateKey key.Private, nc Conn, brw *bufio.ReadWriter, logf logg
 		nc:         nc,
 		br:         brw.Reader,
 		bw:         brw.Writer,
-		meshKey:    opt.MeshKey,
 	}
+
 	if err := c.recvServerKey(); err != nil {
 		return nil, fmt.Errorf("derp.Client: failed to receive server key: %v", err)
 	}
@@ -145,12 +110,6 @@ func (c *Client) recvServerInfo() (*serverInfo, error) {
 
 type clientInfo struct {
 	Version int // `json:"version,omitempty"`
-
-	// MeshKey optionally specifies a pre-shared key used by
-	// trusted clients.  It's required to subscribe to the
-	// connection list & forward packets. It's empty for regular
-	// users.
-	MeshKey string // `json:"meshKey,omitempty"`
 }
 
 func (c *Client) sendClientKey() error {
@@ -158,10 +117,7 @@ func (c *Client) sendClientKey() error {
 	if _, err := crand.Read(nonce[:]); err != nil {
 		return err
 	}
-	msg, err := json.Marshal(clientInfo{
-		Version: protocolVersion,
-		MeshKey: c.meshKey,
-	})
+	msg, err := json.Marshal(clientInfo{Version: protocolVersion})
 	if err != nil {
 		return err
 	}
@@ -174,9 +130,6 @@ func (c *Client) sendClientKey() error {
 	return writeFrame(c.bw, frameClientInfo, buf)
 }
 
-// ServerPublicKey returns the server's public key.
-func (c *Client) ServerPublicKey() key.Public { return c.serverKey }
-
 // Send sends a packet to the Tailscale node identified by dstKey.
 //
 // It is an error if the packet is larger than 64KB.
@@ -185,7 +138,7 @@ func (c *Client) Send(dstKey key.Public, pkt []byte) error { return c.send(dstKe
 func (c *Client) send(dstKey key.Public, pkt []byte) (ret error) {
 	defer func() {
 		if ret != nil {
-			ret = fmt.Errorf("derp.Send: %w", ret)
+			ret = fmt.Errorf("derp.Send: %v", ret)
 		}
 	}()
 
@@ -208,40 +161,6 @@ func (c *Client) send(dstKey key.Public, pkt []byte) (ret error) {
 	return c.bw.Flush()
 }
 
-func (c *Client) ForwardPacket(srcKey, dstKey key.Public, pkt []byte) (err error) {
-	defer func() {
-		if err != nil {
-			err = fmt.Errorf("derp.ForwardPacket: %w", err)
-		}
-	}()
-
-	if len(pkt) > MaxPacketSize {
-		return fmt.Errorf("packet too big: %d", len(pkt))
-	}
-
-	c.wmu.Lock()
-	defer c.wmu.Unlock()
-
-	timer := time.AfterFunc(5*time.Second, c.writeTimeoutFired)
-	defer timer.Stop()
-
-	if err := writeFrameHeader(c.bw, frameForwardPacket, uint32(keyLen*2+len(pkt))); err != nil {
-		return err
-	}
-	if _, err := c.bw.Write(srcKey[:]); err != nil {
-		return err
-	}
-	if _, err := c.bw.Write(dstKey[:]); err != nil {
-		return err
-	}
-	if _, err := c.bw.Write(pkt); err != nil {
-		return err
-	}
-	return c.bw.Flush()
-}
-
-func (c *Client) writeTimeoutFired() { c.nc.Close() }
-
 // NotePreferred sends a packet that tells the server whether this
 // client is the user's preferred server. This is only used in the
 // server for stats.
@@ -268,25 +187,6 @@ func (c *Client) NotePreferred(preferred bool) (err error) {
 	return c.bw.Flush()
 }
 
-// WatchConnectionChanges sends a request to subscribe to the peer's connection list.
-// It's a fatal error if the client wasn't created using MeshKey.
-func (c *Client) WatchConnectionChanges() error {
-	c.wmu.Lock()
-	defer c.wmu.Unlock()
-	if err := writeFrameHeader(c.bw, frameWatchConns, 0); err != nil {
-		return err
-	}
-	return c.bw.Flush()
-}
-
-// ClosePeer asks the server to close target's TCP connection.
-// It's a fatal error if the client wasn't created using MeshKey.
-func (c *Client) ClosePeer(target key.Public) error {
-	c.wmu.Lock()
-	defer c.wmu.Unlock()
-	return writeFrame(c.bw, frameClosePeer, target[:])
-}
-
 // ReceivedMessage represents a type returned by Client.Recv. Unless
 // otherwise documented, the returned message aliases the byte slice
 // provided to Recv and thus the message is only as good as that
@@ -305,80 +205,27 @@ type ReceivedPacket struct {
 
 func (ReceivedPacket) msg() {}
 
-// PeerGoneMessage is a ReceivedMessage that indicates that the client
-// identified by the underlying public key had previously sent you a
-// packet but has now disconnected from the server.
-type PeerGoneMessage key.Public
-
-func (PeerGoneMessage) msg() {}
-
-// PeerPresentMessage is a ReceivedMessage that indicates that the client
-// is connected to the server. (Only used by trusted mesh clients)
-type PeerPresentMessage key.Public
-
-func (PeerPresentMessage) msg() {}
-
 // Recv reads a message from the DERP server.
-//
-// The returned message may alias memory owned by the Client; it
-// should only be accessed until the next call to Client.
-//
+// The provided buffer must be large enough to receive a complete packet,
+// which in practice are are 1.5-4 KB, but can be up to 64 KB.
 // Once Recv returns an error, the Client is dead forever.
-func (c *Client) Recv() (m ReceivedMessage, err error) {
-	return c.recvTimeout(120 * time.Second)
-}
-
-func (c *Client) recvTimeout(timeout time.Duration) (m ReceivedMessage, err error) {
+func (c *Client) Recv(b []byte) (m ReceivedMessage, err error) {
 	if c.readErr != nil {
 		return nil, c.readErr
 	}
 	defer func() {
 		if err != nil {
-			err = fmt.Errorf("derp.Recv: %w", err)
+			err = fmt.Errorf("derp.Recv: %v", err)
 			c.readErr = err
 		}
 	}()
 
 	for {
-		c.nc.SetReadDeadline(time.Now().Add(timeout))
-
-		// Discard any peeked bytes from a previous Recv call.
-		if c.peeked != 0 {
-			if n, err := c.br.Discard(c.peeked); err != nil || n != c.peeked {
-				// Documented to never fail, but might as well check.
-				return nil, fmt.Errorf("bufio.Reader.Discard(%d bytes): got %v, %v", c.peeked, n, err)
-			}
-			c.peeked = 0
-		}
-
-		t, n, err := readFrameHeader(c.br)
+		c.nc.SetReadDeadline(time.Now().Add(120 * time.Second))
+		t, n, err := readFrame(c.br, 1<<20, b)
 		if err != nil {
 			return nil, err
 		}
-		if n > 1<<20 {
-			return nil, fmt.Errorf("unexpectedly large frame of %d bytes returned", n)
-		}
-
-		var b []byte // frame payload (past the 5 byte header)
-
-		// If the frame fits in our bufio.Reader buffer, just use it.
-		// In practice it's 4KB (from derphttp.Client's bufio.NewReader(httpConn)) and
-		// in practive, WireGuard packets (and thus DERP frames) are under 1.5KB.
-		// So This is the common path.
-		if int(n) <= c.br.Size() {
-			b, err = c.br.Peek(int(n))
-			c.peeked = int(n)
-		} else {
-			// But if for some reason we read a large DERP message (which isn't necessarily
-			// a Wireguard packet), then just allocate memory for it.
-			// TODO(bradfitz): use a pool if large frames ever happen in practice.
-			b = make([]byte, n)
-			_, err = io.ReadFull(c.br, b)
-		}
-		if err != nil {
-			return nil, err
-		}
-
 		switch t {
 		default:
 			continue
@@ -386,24 +233,6 @@ func (c *Client) recvTimeout(timeout time.Duration) (m ReceivedMessage, err erro
 			// TODO: eventually we'll have server->client pings that
 			// require ack pongs.
 			continue
-		case framePeerGone:
-			if n < keyLen {
-				c.logf("[unexpected] dropping short peerGone frame from DERP server")
-				continue
-			}
-			var pg PeerGoneMessage
-			copy(pg[:], b[:keyLen])
-			return pg, nil
-
-		case framePeerPresent:
-			if n < keyLen {
-				c.logf("[unexpected] dropping short peerPresent frame from DERP server")
-				continue
-			}
-			var pg PeerPresentMessage
-			copy(pg[:], b[:keyLen])
-			return pg, nil
-
 		case frameRecvPacket:
 			var rp ReceivedPacket
 			if c.protoVersion < protocolSrcAddrs {

derp/derp_test.go

@@ -6,25 +6,15 @@ package derp
 
 import (
 	"bufio"
-	"context"
 	crand "crypto/rand"
-	"errors"
-	"expvar"
-	"fmt"
-	"io"
 	"net"
-	"reflect"
-	"sync"
 	"testing"
 	"time"
 
-	"tailscale.com/net/nettest"
 	"tailscale.com/types/key"
-	"tailscale.com/types/logger"
 )
 
 func newPrivateKey(t *testing.T) (k key.Private) {
-	t.Helper()
 	if _, err := crand.Read(k[:]); err != nil {
 		t.Fatal(err)
 	}
@@ -45,14 +35,14 @@ func TestSendRecv(t *testing.T) {
 		clientKeys = append(clientKeys, priv.Public())
 	}
 
-	ln, err := net.Listen("tcp", "127.0.0.1:0")
+	ln, err := net.Listen("tcp", ":0")
 	if err != nil {
 		t.Fatal(err)
 	}
 	defer ln.Close()
 
 	var clients []*Client
-	var connsOut []Conn
+	var connsOut []net.Conn
 	var recvChs []chan []byte
 	errCh := make(chan error, 3)
 
@@ -70,8 +60,7 @@ func TestSendRecv(t *testing.T) {
 			t.Fatal(err)
 		}
 		defer cin.Close()
-		brwServer := bufio.NewReadWriter(bufio.NewReader(cin), bufio.NewWriter(cin))
-		go s.Accept(cin, brwServer, fmt.Sprintf("test-client-%d", i))
+		go s.Accept(cin, bufio.NewReadWriter(bufio.NewReader(cin), bufio.NewWriter(cin)))
 
 		key := clientPrivateKeys[i]
 		brw := bufio.NewReadWriter(bufio.NewReader(cout), bufio.NewWriter(cout))
@@ -84,13 +73,12 @@ func TestSendRecv(t *testing.T) {
 		t.Logf("Connected client %d.", i)
 	}
 
-	var peerGoneCount expvar.Int
-
 	t.Logf("Starting read loops")
 	for i := 0; i < numClients; i++ {
 		go func(i int) {
 			for {
-				m, err := clients[i].Recv()
+				b := make([]byte, 1<<16)
+				m, err := clients[i].Recv(b)
 				if err != nil {
 					errCh <- err
 					return
@@ -99,13 +87,11 @@ func TestSendRecv(t *testing.T) {
 				default:
 					t.Errorf("unexpected message type %T", m)
 					continue
-				case PeerGoneMessage:
-					peerGoneCount.Add(1)
 				case ReceivedPacket:
 					if m.Source.IsZero() {
 						t.Errorf("zero Source address in ReceivedPacket")
 					}
-					recvChs[i] <- append([]byte(nil), m.Data...)
+					recvChs[i] <- m.Data
 				}
 			}
 		}(i)
@@ -145,18 +131,6 @@ func TestSendRecv(t *testing.T) {
 		t.Errorf("total/home=%v/%v; want %v/%v", gotTotal, gotHome, total, home)
 	}
 
-	wantClosedPeers := func(want int64) {
-		t.Helper()
-		var got int64
-		dl := time.Now().Add(5 * time.Second)
-		for time.Now().Before(dl) {
-			if got = peerGoneCount.Value(); got == want {
-				return
-			}
-		}
-		t.Errorf("peer gone count = %v; want %v", got, want)
-	}
-
 	msg1 := []byte("hello 0->1\n")
 	if err := clients[0].Send(clientKeys[1], msg1); err != nil {
 		t.Fatal(err)
@@ -186,559 +160,13 @@ func TestSendRecv(t *testing.T) {
 	wantActive(3, 1)
 	connsOut[1].Close()
 	wantActive(2, 0)
-	wantClosedPeers(1)
 	clients[2].NotePreferred(true)
 	wantActive(2, 1)
 	clients[2].NotePreferred(false)
 	wantActive(2, 0)
 	connsOut[2].Close()
 	wantActive(1, 0)
-	wantClosedPeers(1)
 
 	t.Logf("passed")
 	s.Close()
-
-}
-
-func TestSendFreeze(t *testing.T) {
-	serverPrivateKey := newPrivateKey(t)
-	s := NewServer(serverPrivateKey, t.Logf)
-	defer s.Close()
-	s.WriteTimeout = 100 * time.Millisecond
-
-	// We send two streams of messages:
-	//
-	//	alice --> bob
-	//	alice --> cathy
-	//
-	// Then cathy stops processing messsages.
-	// That should not interfere with alice talking to bob.
-
-	newClient := func(name string, k key.Private) (c *Client, clientConn nettest.Conn) {
-		t.Helper()
-		c1, c2 := nettest.NewConn(name, 1024)
-		go s.Accept(c1, bufio.NewReadWriter(bufio.NewReader(c1), bufio.NewWriter(c1)), name)
-
-		brw := bufio.NewReadWriter(bufio.NewReader(c2), bufio.NewWriter(c2))
-		c, err := NewClient(k, c2, brw, t.Logf)
-		if err != nil {
-			t.Fatal(err)
-		}
-		return c, c2
-	}
-
-	aliceKey := newPrivateKey(t)
-	aliceClient, aliceConn := newClient("alice", aliceKey)
-
-	bobKey := newPrivateKey(t)
-	bobClient, bobConn := newClient("bob", bobKey)
-
-	cathyKey := newPrivateKey(t)
-	cathyClient, cathyConn := newClient("cathy", cathyKey)
-
-	var (
-		aliceCh = make(chan struct{}, 32)
-		bobCh   = make(chan struct{}, 32)
-		cathyCh = make(chan struct{}, 32)
-	)
-	chs := func(name string) chan struct{} {
-		switch name {
-		case "alice":
-			return aliceCh
-		case "bob":
-			return bobCh
-		case "cathy":
-			return cathyCh
-		default:
-			panic("unknown ch: " + name)
-		}
-	}
-
-	errCh := make(chan error, 4)
-	recv := func(name string, client *Client) {
-		ch := chs(name)
-		for {
-			m, err := client.Recv()
-			if err != nil {
-				errCh <- fmt.Errorf("%s: %w", name, err)
-				return
-			}
-			switch m := m.(type) {
-			default:
-				errCh <- fmt.Errorf("%s: unexpected message type %T", name, m)
-				return
-			case ReceivedPacket:
-				if m.Source.IsZero() {
-					errCh <- fmt.Errorf("%s: zero Source address in ReceivedPacket", name)
-					return
-				}
-				select {
-				case ch <- struct{}{}:
-				default:
-				}
-			}
-		}
-	}
-	go recv("alice", aliceClient)
-	go recv("bob", bobClient)
-	go recv("cathy", cathyClient)
-
-	var cancel func()
-	go func() {
-		t := time.NewTicker(2 * time.Millisecond)
-		defer t.Stop()
-		var ctx context.Context
-		ctx, cancel = context.WithCancel(context.Background())
-		for {
-			select {
-			case <-t.C:
-			case <-ctx.Done():
-				errCh <- nil
-				return
-			}
-
-			msg1 := []byte("hello alice->bob\n")
-			if err := aliceClient.Send(bobKey.Public(), msg1); err != nil {
-				errCh <- fmt.Errorf("alice send to bob: %w", err)
-				return
-			}
-			msg2 := []byte("hello alice->cathy\n")
-
-			// TODO: an error is expected here.
-			// We ignore it, maybe we should log it somehow?
-			aliceClient.Send(cathyKey.Public(), msg2)
-		}
-	}()
-
-	drainAny := func(ch chan struct{}) {
-		// We are draining potentially infinite sources,
-		// so place some reasonable upper limit.
-		//
-		// The important thing here is to make sure that
-		// if any tokens remain in the channel, they
-		// must have been generated after drainAny was
-		// called.
-		for i := 0; i < cap(ch); i++ {
-			select {
-			case <-ch:
-			default:
-				return
-			}
-		}
-	}
-	drain := func(t *testing.T, name string) bool {
-		t.Helper()
-		timer := time.NewTimer(1 * time.Second)
-		defer timer.Stop()
-
-		// Ensure ch has at least one element.
-		ch := chs(name)
-		select {
-		case <-ch:
-		case <-timer.C:
-			t.Errorf("no packet received by %s", name)
-			return false
-		}
-		// Drain remaining.
-		drainAny(ch)
-		return true
-	}
-	isEmpty := func(t *testing.T, name string) {
-		t.Helper()
-		select {
-		case <-chs(name):
-			t.Errorf("packet received by %s, want none", name)
-		default:
-		}
-	}
-
-	t.Run("initial send", func(t *testing.T) {
-		drain(t, "bob")
-		drain(t, "cathy")
-		isEmpty(t, "alice")
-	})
-
-	t.Run("block cathy", func(t *testing.T) {
-		// Block cathy. Now the cathyConn buffer will fill up quickly,
-		// and the derp server will back up.
-		cathyConn.SetReadBlock(true)
-		time.Sleep(2 * s.WriteTimeout)
-
-		drain(t, "bob")
-		drainAny(chs("cathy"))
-		isEmpty(t, "alice")
-
-		// Now wait a little longer, and ensure packets still flow to bob
-		if !drain(t, "bob") {
-			t.Errorf("connection alice->bob frozen by alice->cathy")
-		}
-	})
-
-	// Cleanup, make sure we process all errors.
-	t.Logf("TEST COMPLETE, cancelling sender")
-	cancel()
-	t.Logf("closing connections")
-	aliceConn.Close()
-	bobConn.Close()
-	cathyConn.Close()
-
-	for i := 0; i < cap(errCh); i++ {
-		err := <-errCh
-		if err != nil {
-			if errors.Is(err, io.EOF) {
-				continue
-			}
-			t.Error(err)
-		}
-	}
-}
-
-type testServer struct {
-	s    *Server
-	ln   net.Listener
-	logf logger.Logf
-
-	mu      sync.Mutex
-	pubName map[key.Public]string
-	clients map[*testClient]bool
-}
-
-func (ts *testServer) addTestClient(c *testClient) {
-	ts.mu.Lock()
-	defer ts.mu.Unlock()
-	ts.clients[c] = true
-}
-
-func (ts *testServer) addKeyName(k key.Public, name string) {
-	ts.mu.Lock()
-	defer ts.mu.Unlock()
-	ts.pubName[k] = name
-	ts.logf("test adding named key %q for %x", name, k)
-}
-
-func (ts *testServer) keyName(k key.Public) string {
-	ts.mu.Lock()
-	defer ts.mu.Unlock()
-	if name, ok := ts.pubName[k]; ok {
-		return name
-	}
-	return k.ShortString()
-}
-
-func (ts *testServer) close(t *testing.T) error {
-	ts.ln.Close()
-	ts.s.Close()
-	for c := range ts.clients {
-		c.close(t)
-	}
-	return nil
-}
-
-func newTestServer(t *testing.T) *testServer {
-	t.Helper()
-	logf := logger.WithPrefix(t.Logf, "derp-server: ")
-	s := NewServer(newPrivateKey(t), logf)
-	s.SetMeshKey("mesh-key")
-	ln, err := net.Listen("tcp", "127.0.0.1:0")
-	if err != nil {
-		t.Fatal(err)
-	}
-	go func() {
-		i := 0
-		for {
-			i++
-			c, err := ln.Accept()
-			if err != nil {
-				return
-			}
-			// TODO: register c in ts so Close also closes it?
-			go func(i int) {
-				brwServer := bufio.NewReadWriter(bufio.NewReader(c), bufio.NewWriter(c))
-				go s.Accept(c, brwServer, fmt.Sprintf("test-client-%d", i))
-			}(i)
-		}
-	}()
-	return &testServer{
-		s:       s,
-		ln:      ln,
-		logf:    logf,
-		clients: map[*testClient]bool{},
-		pubName: map[key.Public]string{},
-	}
-}
-
-type testClient struct {
-	name   string
-	c      *Client
-	nc     net.Conn
-	pub    key.Public
-	ts     *testServer
-	closed bool
-}
-
-func newTestClient(t *testing.T, ts *testServer, name string, newClient func(net.Conn, key.Private, logger.Logf) (*Client, error)) *testClient {
-	t.Helper()
-	nc, err := net.Dial("tcp", ts.ln.Addr().String())
-	if err != nil {
-		t.Fatal(err)
-	}
-	key := newPrivateKey(t)
-	ts.addKeyName(key.Public(), name)
-	c, err := newClient(nc, key, logger.WithPrefix(t.Logf, "client-"+name+": "))
-	if err != nil {
-		t.Fatal(err)
-	}
-	tc := &testClient{
-		name: name,
-		nc:   nc,
-		c:    c,
-		ts:   ts,
-		pub:  key.Public(),
-	}
-	ts.addTestClient(tc)
-	return tc
-}
-
-func newRegularClient(t *testing.T, ts *testServer, name string) *testClient {
-	return newTestClient(t, ts, name, func(nc net.Conn, priv key.Private, logf logger.Logf) (*Client, error) {
-		brw := bufio.NewReadWriter(bufio.NewReader(nc), bufio.NewWriter(nc))
-		return NewClient(priv, nc, brw, logf)
-	})
-}
-
-func newTestWatcher(t *testing.T, ts *testServer, name string) *testClient {
-	return newTestClient(t, ts, name, func(nc net.Conn, priv key.Private, logf logger.Logf) (*Client, error) {
-		brw := bufio.NewReadWriter(bufio.NewReader(nc), bufio.NewWriter(nc))
-		c, err := NewClient(priv, nc, brw, logf, MeshKey("mesh-key"))
-		if err != nil {
-			return nil, err
-		}
-		if err := c.WatchConnectionChanges(); err != nil {
-			return nil, err
-		}
-		return c, nil
-	})
-}
-
-func (tc *testClient) wantPresent(t *testing.T, peers ...key.Public) {
-	t.Helper()
-	want := map[key.Public]bool{}
-	for _, k := range peers {
-		want[k] = true
-	}
-
-	for {
-		m, err := tc.c.recvTimeout(time.Second)
-		if err != nil {
-			t.Fatal(err)
-		}
-		switch m := m.(type) {
-		case PeerPresentMessage:
-			got := key.Public(m)
-			if !want[got] {
-				t.Fatalf("got peer present for %v; want present for %v", tc.ts.keyName(got), logger.ArgWriter(func(bw *bufio.Writer) {
-					for _, pub := range peers {
-						fmt.Fprintf(bw, "%s ", tc.ts.keyName(pub))
-					}
-				}))
-			}
-			delete(want, got)
-			if len(want) == 0 {
-				return
-			}
-		default:
-			t.Fatalf("unexpected message type %T", m)
-		}
-	}
-}
-
-func (tc *testClient) wantGone(t *testing.T, peer key.Public) {
-	t.Helper()
-	m, err := tc.c.recvTimeout(time.Second)
-	if err != nil {
-		t.Fatal(err)
-	}
-	switch m := m.(type) {
-	case PeerGoneMessage:
-		got := key.Public(m)
-		if peer != got {
-			t.Errorf("got gone message for %v; want gone for %v", tc.ts.keyName(got), tc.ts.keyName(peer))
-		}
-	default:
-		t.Fatalf("unexpected message type %T", m)
-	}
-}
-
-func (c *testClient) close(t *testing.T) {
-	t.Helper()
-	if c.closed {
-		return
-	}
-	c.closed = true
-	t.Logf("closing client %q (%x)", c.name, c.pub)
-	c.nc.Close()
-}
-
-// TestWatch tests the connection watcher mechanism used by regional
-// DERP nodes to mesh up with each other.
-func TestWatch(t *testing.T) {
-	ts := newTestServer(t)
-	defer ts.close(t)
-
-	w1 := newTestWatcher(t, ts, "w1")
-	w1.wantPresent(t, w1.pub)
-
-	c1 := newRegularClient(t, ts, "c1")
-	w1.wantPresent(t, c1.pub)
-
-	c2 := newRegularClient(t, ts, "c2")
-	w1.wantPresent(t, c2.pub)
-
-	w2 := newTestWatcher(t, ts, "w2")
-	w1.wantPresent(t, w2.pub)
-	w2.wantPresent(t, w1.pub, w2.pub, c1.pub, c2.pub)
-
-	c3 := newRegularClient(t, ts, "c3")
-	w1.wantPresent(t, c3.pub)
-	w2.wantPresent(t, c3.pub)
-
-	c2.close(t)
-	w1.wantGone(t, c2.pub)
-	w2.wantGone(t, c2.pub)
-
-	w3 := newTestWatcher(t, ts, "w3")
-	w1.wantPresent(t, w3.pub)
-	w2.wantPresent(t, w3.pub)
-	w3.wantPresent(t, c1.pub, c3.pub, w1.pub, w2.pub, w3.pub)
-
-	c1.close(t)
-	w1.wantGone(t, c1.pub)
-	w2.wantGone(t, c1.pub)
-	w3.wantGone(t, c1.pub)
-}
-
-type testFwd int
-
-func (testFwd) ForwardPacket(key.Public, key.Public, []byte) error { panic("not called in tests") }
-
-func pubAll(b byte) (ret key.Public) {
-	for i := range ret {
-		ret[i] = b
-	}
-	return
-}
-
-func TestForwarderRegistration(t *testing.T) {
-	s := &Server{
-		clients:     make(map[key.Public]*sclient),
-		clientsMesh: map[key.Public]PacketForwarder{},
-	}
-	want := func(want map[key.Public]PacketForwarder) {
-		t.Helper()
-		if got := s.clientsMesh; !reflect.DeepEqual(got, want) {
-			t.Fatalf("mismatch\n got: %v\nwant: %v\n", got, want)
-		}
-	}
-	wantCounter := func(c *expvar.Int, want int) {
-		t.Helper()
-		if got := c.Value(); got != int64(want) {
-			t.Errorf("counter = %v; want %v", got, want)
-		}
-	}
-
-	u1 := pubAll(1)
-	u2 := pubAll(2)
-	u3 := pubAll(3)
-
-	s.AddPacketForwarder(u1, testFwd(1))
-	s.AddPacketForwarder(u2, testFwd(2))
-	want(map[key.Public]PacketForwarder{
-		u1: testFwd(1),
-		u2: testFwd(2),
-	})
-
-	// Verify a remove of non-registered forwarder is no-op.
-	s.RemovePacketForwarder(u2, testFwd(999))
-	want(map[key.Public]PacketForwarder{
-		u1: testFwd(1),
-		u2: testFwd(2),
-	})
-
-	// Verify a remove of non-registered user is no-op.
-	s.RemovePacketForwarder(u3, testFwd(1))
-	want(map[key.Public]PacketForwarder{
-		u1: testFwd(1),
-		u2: testFwd(2),
-	})
-
-	// Actual removal.
-	s.RemovePacketForwarder(u2, testFwd(2))
-	want(map[key.Public]PacketForwarder{
-		u1: testFwd(1),
-	})
-
-	// Adding a dup for a user.
-	wantCounter(&s.multiForwarderCreated, 0)
-	s.AddPacketForwarder(u1, testFwd(100))
-	want(map[key.Public]PacketForwarder{
-		u1: multiForwarder{
-			testFwd(1):   1,
-			testFwd(100): 2,
-		},
-	})
-	wantCounter(&s.multiForwarderCreated, 1)
-
-	// Removing a forwarder in a multi set that doesn't exist; does nothing.
-	s.RemovePacketForwarder(u1, testFwd(55))
-	want(map[key.Public]PacketForwarder{
-		u1: multiForwarder{
-			testFwd(1):   1,
-			testFwd(100): 2,
-		},
-	})
-
-	// Removing a forwarder in a multi set that does exist should collapse it away
-	// from being a multiForwarder.
-	wantCounter(&s.multiForwarderDeleted, 0)
-	s.RemovePacketForwarder(u1, testFwd(1))
-	want(map[key.Public]PacketForwarder{
-		u1: testFwd(100),
-	})
-	wantCounter(&s.multiForwarderDeleted, 1)
-
-	// Removing an entry for a client that's still connected locally should result
-	// in a nil forwarder.
-	u1c := &sclient{
-		key:  u1,
-		logf: logger.Discard,
-	}
-	s.clients[u1] = u1c
-	s.RemovePacketForwarder(u1, testFwd(100))
-	want(map[key.Public]PacketForwarder{
-		u1: nil,
-	})
-
-	// But once that client disconnects, it should go away.
-	s.unregisterClient(u1c)
-	want(map[key.Public]PacketForwarder{})
-
-	// But if it already has a forwarder, it's not removed.
-	s.AddPacketForwarder(u1, testFwd(2))
-	s.unregisterClient(u1c)
-	want(map[key.Public]PacketForwarder{
-		u1: testFwd(2),
-	})
-
-	// Now pretend u1 was already connected locally (so clientsMesh[u1] is nil), and then we heard
-	// that they're also connected to a peer of ours. That sholdn't transition the forwarder
-	// from nil to the new one, not a multiForwarder.
-	s.clients[u1] = u1c
-	s.clientsMesh[u1] = nil
-	want(map[key.Public]PacketForwarder{
-		u1: nil,
-	})
-	s.AddPacketForwarder(u1, testFwd(3))
-	want(map[key.Public]PacketForwarder{
-		u1: testFwd(3),
-	})
 }

derp/derphttp/derphttp_client.go

@@ -18,18 +18,15 @@ import (
 	"fmt"
 	"io"
 	"io/ioutil"
+	"log"
 	"net"
 	"net/http"
 	"net/url"
 	"sync"
 	"time"
 
-	"inet.af/netaddr"
 	"tailscale.com/derp"
 	"tailscale.com/net/dnscache"
-	"tailscale.com/net/netns"
-	"tailscale.com/net/tlsdial"
-	"tailscale.com/tailcfg"
 	"tailscale.com/types/key"
 	"tailscale.com/types/logger"
 )
@@ -41,51 +38,25 @@ import (
 // Send/Recv will completely re-establish the connection (unless Close
 // has been called).
 type Client struct {
-	TLSConfig *tls.Config        // optional; nil means default
-	DNSCache  *dnscache.Resolver // optional; nil means no caching
-	MeshKey   string             // optional; for trusted clients
+	TLSConfig *tls.Config        // for sever connection, optional, nil means default
+	DNSCache  *dnscache.Resolver // optional; if nil, no caching
 
 	privateKey key.Private
 	logf       logger.Logf
-
-	// Either url or getRegion is non-nil:
-	url       *url.URL
-	getRegion func() *tailcfg.DERPRegion
+	url        *url.URL
 
 	ctx       context.Context // closed via cancelCtx in Client.Close
 	cancelCtx context.CancelFunc
 
-	mu           sync.Mutex
-	preferred    bool
-	closed       bool
-	netConn      io.Closer
-	client       *derp.Client
-	connGen      int // incremented once per new connection; valid values are >0
-	serverPubKey key.Public
-}
-
-// NewRegionClient returns a new DERP-over-HTTP client. It connects lazily.
-// To trigger a connection, use Connect.
-func NewRegionClient(privateKey key.Private, logf logger.Logf, getRegion func() *tailcfg.DERPRegion) *Client {
-	ctx, cancel := context.WithCancel(context.Background())
-	c := &Client{
-		privateKey: privateKey,
-		logf:       logf,
-		getRegion:  getRegion,
-		ctx:        ctx,
-		cancelCtx:  cancel,
-	}
-	return c
-}
-
-// NewNetcheckClient returns a Client that's only able to have its DialRegion method called.
-// It's used by the netcheck package.
-func NewNetcheckClient(logf logger.Logf) *Client {
-	return &Client{logf: logf}
+	mu        sync.Mutex
+	preferred bool
+	closed    bool
+	netConn   io.Closer
+	client    *derp.Client
 }
 
 // NewClient returns a new DERP-over-HTTP client. It connects lazily.
-// To trigger a connection, use Connect.
+// To trigger a connection use Connect.
 func NewClient(privateKey key.Private, serverURL string, logf logger.Logf) (*Client, error) {
 	u, err := url.Parse(serverURL)
 	if err != nil {
@@ -94,7 +65,6 @@ func NewClient(privateKey key.Private, serverURL string, logf logger.Logf) (*Cli
 	if urlPort(u) == "" {
 		return nil, fmt.Errorf("derphttp.NewClient: invalid URL scheme %q", u.Scheme)
 	}
-
 	ctx, cancel := context.WithCancel(context.Background())
 	c := &Client{
 		privateKey: privateKey,
@@ -109,20 +79,10 @@ func NewClient(privateKey key.Private, serverURL string, logf logger.Logf) (*Cli
 // Connect connects or reconnects to the server, unless already connected.
 // It returns nil if there was already a good connection, or if one was made.
 func (c *Client) Connect(ctx context.Context) error {
-	_, _, err := c.connect(ctx, "derphttp.Client.Connect")
+	_, err := c.connect(ctx, "derphttp.Client.Connect")
 	return err
 }
 
-// ServerPublicKey returns the server's public key.
-//
-// It only returns a non-zero value once a connection has succeeded
-// from an earlier call.
-func (c *Client) ServerPublicKey() key.Public {
-	c.mu.Lock()
-	defer c.mu.Unlock()
-	return c.serverPubKey
-}
-
 func urlPort(u *url.URL) string {
 	if p := u.Port(); p != "" {
 		return p
@@ -136,45 +96,18 @@ func urlPort(u *url.URL) string {
 	return ""
 }
 
-func (c *Client) targetString(reg *tailcfg.DERPRegion) string {
-	if c.url != nil {
-		return c.url.String()
-	}
-	return fmt.Sprintf("region %d (%v)", reg.RegionID, reg.RegionCode)
-}
-
-func (c *Client) useHTTPS() bool {
-	if c.url != nil && c.url.Scheme == "http" {
-		return false
-	}
-	return true
-}
-
-// tlsServerName returns the tls.Config.ServerName value (for the TLS ClientHello).
-func (c *Client) tlsServerName(node *tailcfg.DERPNode) string {
-	if c.url != nil {
-		return c.url.Host
-	}
-	return node.HostName
-}
-
-func (c *Client) urlString(node *tailcfg.DERPNode) string {
-	if c.url != nil {
-		return c.url.String()
-	}
-	return fmt.Sprintf("https://%s/derp", node.HostName)
-}
-
-func (c *Client) connect(ctx context.Context, caller string) (client *derp.Client, connGen int, err error) {
+func (c *Client) connect(ctx context.Context, caller string) (client *derp.Client, err error) {
 	c.mu.Lock()
 	defer c.mu.Unlock()
 	if c.closed {
-		return nil, 0, ErrClientClosed
+		return nil, ErrClientClosed
 	}
 	if c.client != nil {
-		return c.client, c.connGen, nil
+		return c.client, nil
 	}
 
+	c.logf("%s: connecting to %v", caller, c.url)
+
 	// timeout is the fallback maximum time (if ctx doesn't limit
 	// it further) to do all of: DNS + TCP + TLS + HTTP Upgrade +
 	// DERP upgrade.
@@ -194,42 +127,39 @@ func (c *Client) connect(ctx context.Context, caller string) (client *derp.Clien
 	}()
 	defer cancel()
 
-	var reg *tailcfg.DERPRegion // nil when using c.url to dial
-	if c.getRegion != nil {
-		reg = c.getRegion()
-		if reg == nil {
-			return nil, 0, errors.New("DERP region not available")
-		}
-	}
-
 	var tcpConn net.Conn
-
 	defer func() {
 		if err != nil {
 			if ctx.Err() != nil {
 				err = fmt.Errorf("%v: %v", ctx.Err(), err)
 			}
-			err = fmt.Errorf("%s connect to %v: %v", caller, c.targetString(reg), err)
+			err = fmt.Errorf("%s connect to %v: %v", caller, c.url, err)
 			if tcpConn != nil {
 				go tcpConn.Close()
 			}
 		}
 	}()
 
-	var node *tailcfg.DERPNode // nil when using c.url to dial
-	if c.url != nil {
-		c.logf("%s: connecting to %v", caller, c.url)
-		tcpConn, err = c.dialURL(ctx)
-	} else {
-		c.logf("%s: connecting to derp-%d (%v)", caller, reg.RegionID, reg.RegionCode)
-		tcpConn, node, err = c.dialRegion(ctx, reg)
-	}
-	if err != nil {
-		return nil, 0, err
+	host := c.url.Hostname()
+	hostOrIP := host
+
+	var d net.Dialer
+	log.Printf("Dialing: %q", net.JoinHostPort(host, urlPort(c.url)))
+
+	if c.DNSCache != nil {
+		ip, err := c.DNSCache.LookupIP(ctx, host)
+		if err != nil {
+			return nil, err
+		}
+		hostOrIP = ip.String()
 	}
 
-	// Now that we have a TCP connection, force close it if the
-	// TLS handshake + DERP setup takes too long.
+	tcpConn, err = d.DialContext(ctx, "tcp", net.JoinHostPort(hostOrIP, urlPort(c.url)))
+	if err != nil {
+		return nil, fmt.Errorf("dial of %q: %v", host, err)
+	}
+
+	// Now that we have a TCP connection, force close it.
 	done := make(chan struct{})
 	defer close(done)
 	go func() {
@@ -253,251 +183,66 @@ func (c *Client) connect(ctx context.Context, caller string) (client *derp.Clien
 	}()
 
 	var httpConn net.Conn // a TCP conn or a TLS conn; what we speak HTTP to
-	if c.useHTTPS() {
-		httpConn = c.tlsClient(tcpConn, node)
+	if c.url.Scheme == "https" {
+		tlsConfig := &tls.Config{}
+		if c.TLSConfig != nil {
+			tlsConfig = c.TLSConfig.Clone()
+		}
+		tlsConfig.ServerName = c.url.Host
+		httpConn = tls.Client(tcpConn, tlsConfig)
 	} else {
 		httpConn = tcpConn
 	}
 
 	brw := bufio.NewReadWriter(bufio.NewReader(httpConn), bufio.NewWriter(httpConn))
 
-	req, err := http.NewRequest("GET", c.urlString(node), nil)
+	req, err := http.NewRequest("GET", c.url.String(), nil)
 	if err != nil {
-		return nil, 0, err
+		return nil, err
 	}
 	req.Header.Set("Upgrade", "DERP")
 	req.Header.Set("Connection", "Upgrade")
 
 	if err := req.Write(brw); err != nil {
-		return nil, 0, err
+		return nil, err
 	}
 	if err := brw.Flush(); err != nil {
-		return nil, 0, err
+		return nil, err
 	}
 
 	resp, err := http.ReadResponse(brw.Reader, req)
 	if err != nil {
-		return nil, 0, err
+		return nil, err
 	}
 	if resp.StatusCode != http.StatusSwitchingProtocols {
 		b, _ := ioutil.ReadAll(resp.Body)
 		resp.Body.Close()
-		return nil, 0, fmt.Errorf("GET failed: %v: %s", err, b)
+		return nil, fmt.Errorf("GET failed: %v: %s", err, b)
 	}
 
-	derpClient, err := derp.NewClient(c.privateKey, httpConn, brw, c.logf, derp.MeshKey(c.MeshKey))
+	derpClient, err := derp.NewClient(c.privateKey, httpConn, brw, c.logf)
 	if err != nil {
-		return nil, 0, err
+		return nil, err
 	}
 	if c.preferred {
 		if err := derpClient.NotePreferred(true); err != nil {
 			go httpConn.Close()
-			return nil, 0, err
-		}
-	}
-
-	c.serverPubKey = derpClient.ServerPublicKey()
-	c.client = derpClient
-	c.netConn = tcpConn
-	c.connGen++
-	return c.client, c.connGen, nil
-}
-
-func (c *Client) dialURL(ctx context.Context) (net.Conn, error) {
-	host := c.url.Hostname()
-	hostOrIP := host
-
-	dialer := netns.NewDialer()
-
-	if c.DNSCache != nil {
-		ip, err := c.DNSCache.LookupIP(ctx, host)
-		if err == nil {
-			hostOrIP = ip.String()
-		}
-		if err != nil && netns.IsSOCKSDialer(dialer) {
-			// Return an error if we're not using a dial
-			// proxy that can do DNS lookups for us.
 			return nil, err
 		}
 	}
 
-	tcpConn, err := dialer.DialContext(ctx, "tcp", net.JoinHostPort(hostOrIP, urlPort(c.url)))
-	if err != nil {
-		return nil, fmt.Errorf("dial of %v: %v", host, err)
-	}
-	return tcpConn, nil
-}
-
-// dialRegion returns a TCP connection to the provided region, trying
-// each node in order (with dialNode) until one connects or ctx is
-// done.
-func (c *Client) dialRegion(ctx context.Context, reg *tailcfg.DERPRegion) (net.Conn, *tailcfg.DERPNode, error) {
-	if len(reg.Nodes) == 0 {
-		return nil, nil, fmt.Errorf("no nodes for %s", c.targetString(reg))
-	}
-	var firstErr error
-	for _, n := range reg.Nodes {
-		if n.STUNOnly {
-			if firstErr == nil {
-				firstErr = fmt.Errorf("no non-STUNOnly nodes for %s", c.targetString(reg))
-			}
-			continue
-		}
-		c, err := c.dialNode(ctx, n)
-		if err == nil {
-			return c, n, nil
-		}
-		if firstErr == nil {
-			firstErr = err
-		}
-	}
-	return nil, nil, firstErr
-}
-
-func (c *Client) tlsClient(nc net.Conn, node *tailcfg.DERPNode) *tls.Conn {
-	tlsConf := tlsdial.Config(c.tlsServerName(node), c.TLSConfig)
-	if node != nil {
-		if node.DERPTestPort != 0 {
-			tlsConf.InsecureSkipVerify = true
-		}
-		if node.CertName != "" {
-			tlsdial.SetConfigExpectedCert(tlsConf, node.CertName)
-		}
-	}
-	return tls.Client(nc, tlsConf)
-}
-
-func (c *Client) DialRegionTLS(ctx context.Context, reg *tailcfg.DERPRegion) (tlsConn *tls.Conn, connClose io.Closer, err error) {
-	tcpConn, node, err := c.dialRegion(ctx, reg)
-	if err != nil {
-		return nil, nil, err
-	}
-	done := make(chan bool) // unbufferd
-	defer close(done)
-
-	tlsConn = c.tlsClient(tcpConn, node)
-	go func() {
-		select {
-		case <-done:
-		case <-ctx.Done():
-			tcpConn.Close()
-		}
-	}()
-	err = tlsConn.Handshake()
-	if err != nil {
-		return nil, nil, err
-	}
-	select {
-	case done <- true:
-		return tlsConn, tcpConn, nil
-	case <-ctx.Done():
-		return nil, nil, ctx.Err()
-	}
-}
-
-func (c *Client) dialContext(ctx context.Context, proto, addr string) (net.Conn, error) {
-	return netns.NewDialer().DialContext(ctx, proto, addr)
-}
-
-// shouldDialProto reports whether an explicitly provided IPv4 or IPv6
-// address (given in s) is valid. An empty value means to dial, but to
-// use DNS. The predicate function reports whether the non-empty
-// string s contained a valid IP address of the right family.
-func shouldDialProto(s string, pred func(netaddr.IP) bool) bool {
-	if s == "" {
-		return true
-	}
-	ip, _ := netaddr.ParseIP(s)
-	return pred(ip)
-}
-
-const dialNodeTimeout = 1500 * time.Millisecond
-
-// dialNode returns a TCP connection to node n, racing IPv4 and IPv6
-// (both as applicable) against each other.
-// A node is only given dialNodeTimeout to connect.
-//
-// TODO(bradfitz): longer if no options remain perhaps? ...  Or longer
-// overall but have dialRegion start overlapping races?
-func (c *Client) dialNode(ctx context.Context, n *tailcfg.DERPNode) (net.Conn, error) {
-	type res struct {
-		c   net.Conn
-		err error
-	}
-	resc := make(chan res) // must be unbuffered
-	ctx, cancel := context.WithTimeout(ctx, dialNodeTimeout)
-	defer cancel()
-
-	nwait := 0
-	startDial := func(dstPrimary, proto string) {
-		nwait++
-		go func() {
-			dst := dstPrimary
-			if dst == "" {
-				dst = n.HostName
-			}
-			port := "443"
-			if n.DERPTestPort != 0 {
-				port = fmt.Sprint(n.DERPTestPort)
-			}
-			c, err := c.dialContext(ctx, proto, net.JoinHostPort(dst, port))
-			select {
-			case resc <- res{c, err}:
-			case <-ctx.Done():
-				if c != nil {
-					c.Close()
-				}
-			}
-		}()
-	}
-	if shouldDialProto(n.IPv4, netaddr.IP.Is4) {
-		startDial(n.IPv4, "tcp4")
-	}
-	if shouldDialProto(n.IPv6, netaddr.IP.Is6) {
-		startDial(n.IPv6, "tcp6")
-	}
-	if nwait == 0 {
-		return nil, errors.New("both IPv4 and IPv6 are explicitly disabled for node")
-	}
-
-	var firstErr error
-	for {
-		select {
-		case res := <-resc:
-			nwait--
-			if res.err == nil {
-				return res.c, nil
-			}
-			if firstErr == nil {
-				firstErr = res.err
-			}
-			if nwait == 0 {
-				return nil, firstErr
-			}
-		case <-ctx.Done():
-			return nil, ctx.Err()
-		}
-	}
+	c.client = derpClient
+	c.netConn = tcpConn
+	return c.client, nil
 }
 
 func (c *Client) Send(dstKey key.Public, b []byte) error {
-	client, _, err := c.connect(context.TODO(), "derphttp.Client.Send")
+	client, err := c.connect(context.TODO(), "derphttp.Client.Send")
 	if err != nil {
 		return err
 	}
 	if err := client.Send(dstKey, b); err != nil {
-		c.closeForReconnect(client)
-	}
-	return err
-}
-
-func (c *Client) ForwardPacket(from, to key.Public, b []byte) error {
-	client, _, err := c.connect(context.TODO(), "derphttp.Client.ForwardPacket")
-	if err != nil {
-		return err
-	}
-	if err := client.ForwardPacket(from, to, b); err != nil {
-		c.closeForReconnect(client)
+		c.closeForReconnect()
 	}
 	return err
 }
@@ -516,63 +261,23 @@ func (c *Client) NotePreferred(v bool) {
 
 	if client != nil {
 		if err := client.NotePreferred(v); err != nil {
-			c.closeForReconnect(client)
+			c.closeForReconnect()
 		}
 	}
 }
 
-// WatchConnectionChanges sends a request to subscribe to
-// notifications about clients connecting & disconnecting.
-//
-// Only trusted connections (using MeshKey) are allowed to use this.
-func (c *Client) WatchConnectionChanges() error {
-	client, _, err := c.connect(context.TODO(), "derphttp.Client.WatchConnectionChanges")
+func (c *Client) Recv(b []byte) (derp.ReceivedMessage, error) {
+	client, err := c.connect(context.TODO(), "derphttp.Client.Recv")
 	if err != nil {
-		return err
+		return nil, err
 	}
-	err = client.WatchConnectionChanges()
+	m, err := client.Recv(b)
 	if err != nil {
-		c.closeForReconnect(client)
+		c.closeForReconnect()
 	}
-	return err
-}
-
-// ClosePeer asks the server to close target's TCP connection.
-//
-// Only trusted connections (using MeshKey) are allowed to use this.
-func (c *Client) ClosePeer(target key.Public) error {
-	client, _, err := c.connect(context.TODO(), "derphttp.Client.ClosePeer")
-	if err != nil {
-		return err
-	}
-	err = client.ClosePeer(target)
-	if err != nil {
-		c.closeForReconnect(client)
-	}
-	return err
-}
-
-// Recv reads a message from c. The returned message may alias memory from Client.
-// The message should only be used until the next Client call.
-func (c *Client) Recv() (derp.ReceivedMessage, error) {
-	m, _, err := c.RecvDetail()
 	return m, err
 }
 
-// RecvDetail is like Recv, but additional returns the connection generation on each message.
-// The connGen value is incremented every time the derphttp.Client reconnects to the server.
-func (c *Client) RecvDetail() (m derp.ReceivedMessage, connGen int, err error) {
-	client, connGen, err := c.connect(context.TODO(), "derphttp.Client.Recv")
-	if err != nil {
-		return nil, 0, err
-	}
-	m, err = client.Recv()
-	if err != nil {
-		c.closeForReconnect(client)
-	}
-	return m, connGen, err
-}
-
 // Close closes the client. It will not automatically reconnect after
 // being closed.
 func (c *Client) Close() error {
@@ -593,19 +298,9 @@ func (c *Client) Close() error {
 // closeForReconnect closes the underlying network connection and
 // zeros out the client field so future calls to Connect will
 // reconnect.
-//
-// The provided brokenClient is the client to forget. If current
-// client is not brokenClient, closeForReconnect does nothing. (This
-// prevents a send and receive goroutine from failing at the ~same
-// time and both calling closeForReconnect and the caller goroutines
-// forever calling closeForReconnect in lockstep endlessly;
-// https://github.com/tailscale/tailscale/pull/264)
-func (c *Client) closeForReconnect(brokenClient *derp.Client) {
+func (c *Client) closeForReconnect() {
 	c.mu.Lock()
 	defer c.mu.Unlock()
-	if c.client != brokenClient {
-		return
-	}
 	if c.netConn != nil {
 		c.netConn.Close()
 		c.netConn = nil

derp/derphttp/derphttp_server.go

@@ -32,6 +32,6 @@ func Handler(s *derp.Server) http.Handler {
 			http.Error(w, "HTTP does not support general TCP support", 500)
 			return
 		}
-		s.Accept(netConn, conn, netConn.RemoteAddr().String())
+		s.Accept(netConn, conn)
 	})
 }

derp/derphttp/derphttp_test.go

@@ -93,7 +93,8 @@ func TestSendRecv(t *testing.T) {
 					return
 				default:
 				}
-				m, err := c.Recv()
+				b := make([]byte, 1<<16)
+				m, err := c.Recv(b)
 				if err != nil {
 					t.Logf("client%d: %v", i, err)
 					break
@@ -102,10 +103,8 @@ func TestSendRecv(t *testing.T) {
 				default:
 					t.Errorf("unexpected message type %T", m)
 					continue
-				case derp.PeerGoneMessage:
-					// Ignore.
 				case derp.ReceivedPacket:
-					recvChs[i] <- append([]byte(nil), m.Data...)
+					recvChs[i] <- m.Data
 				}
 			}
 		}(i)

derp/derphttp/mesh_client.go

@@ -1,122 +0,0 @@
-// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package derphttp
-
-import (
-	"sync"
-	"time"
-
-	"tailscale.com/derp"
-	"tailscale.com/types/key"
-)
-
-// RunWatchConnectionLoop loops forever, sending WatchConnectionChanges and subscribing to
-// connection changes.
-//
-// If the server's public key is ignoreServerKey, RunWatchConnectionLoop returns.
-//
-// Otherwise, the add and remove funcs are called as clients come & go.
-func (c *Client) RunWatchConnectionLoop(ignoreServerKey key.Public, add, remove func(key.Public)) {
-	logf := c.logf
-	const retryInterval = 5 * time.Second
-	const statusInterval = 10 * time.Second
-	var (
-		mu              sync.Mutex
-		present         = map[key.Public]bool{}
-		loggedConnected = false
-	)
-	clear := func() {
-		mu.Lock()
-		defer mu.Unlock()
-		if len(present) == 0 {
-			return
-		}
-		logf("reconnected; clearing %d forwarding mappings", len(present))
-		for k := range present {
-			remove(k)
-		}
-		present = map[key.Public]bool{}
-	}
-	lastConnGen := 0
-	lastStatus := time.Now()
-	logConnectedLocked := func() {
-		if loggedConnected {
-			return
-		}
-		logf("connected; %d peers", len(present))
-		loggedConnected = true
-	}
-
-	const logConnectedDelay = 200 * time.Millisecond
-	timer := time.AfterFunc(2*time.Second, func() {
-		mu.Lock()
-		defer mu.Unlock()
-		logConnectedLocked()
-	})
-	defer timer.Stop()
-
-	updatePeer := func(k key.Public, isPresent bool) {
-		if isPresent {
-			add(k)
-		} else {
-			remove(k)
-		}
-
-		mu.Lock()
-		defer mu.Unlock()
-		if isPresent {
-			present[k] = true
-			if !loggedConnected {
-				timer.Reset(logConnectedDelay)
-			}
-		} else {
-			// If we got a peerGone message, that means the initial connection's
-			// flood of peerPresent messages is done, so we can log already:
-			logConnectedLocked()
-			delete(present, k)
-		}
-	}
-
-	for {
-		err := c.WatchConnectionChanges()
-		if err != nil {
-			clear()
-			logf("WatchConnectionChanges: %v", err)
-			time.Sleep(retryInterval)
-			continue
-		}
-
-		if c.ServerPublicKey() == ignoreServerKey {
-			logf("detected self-connect; ignoring host")
-			return
-		}
-		for {
-			m, connGen, err := c.RecvDetail()
-			if err != nil {
-				clear()
-				logf("Recv: %v", err)
-				time.Sleep(retryInterval)
-				break
-			}
-			if connGen != lastConnGen {
-				lastConnGen = connGen
-				clear()
-			}
-			switch m := m.(type) {
-			case derp.PeerPresentMessage:
-				updatePeer(key.Public(m), true)
-			case derp.PeerGoneMessage:
-				updatePeer(key.Public(m), false)
-			default:
-				continue
-			}
-			if now := time.Now(); now.Sub(lastStatus) > statusInterval {
-				lastStatus = now
-				logf("%d peers", len(present))
-			}
-		}
-	}
-
-}

derp/derpmap/derpmap.go

@@ -1,65 +0,0 @@
-// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package derpmap contains information about Tailscale.com's production DERP nodes.
-package derpmap
-
-import (
-	"fmt"
-	"strings"
-
-	"tailscale.com/tailcfg"
-)
-
-func derpNode(suffix, v4, v6 string) *tailcfg.DERPNode {
-	return &tailcfg.DERPNode{
-		Name:     suffix, // updated later
-		RegionID: 0,      // updated later
-		IPv4:     v4,
-		IPv6:     v6,
-	}
-}
-
-func derpRegion(id int, code string, nodes ...*tailcfg.DERPNode) *tailcfg.DERPRegion {
-	region := &tailcfg.DERPRegion{
-		RegionID:   id,
-		RegionCode: code,
-		Nodes:      nodes,
-	}
-	for _, n := range nodes {
-		n.Name = fmt.Sprintf("%d%s", id, n.Name)
-		n.RegionID = id
-		n.HostName = fmt.Sprintf("derp%s.tailscale.com", strings.TrimSuffix(n.Name, "a"))
-	}
-	return region
-}
-
-// Prod returns Tailscale's map of relay servers.
-//
-// This list is only used by cmd/tailscale's netcheck subcommand. In
-// normal operation the Tailscale nodes get this sent to them from the
-// control server.
-//
-// This list is subject to change and should not be relied on.
-func Prod() *tailcfg.DERPMap {
-	return &tailcfg.DERPMap{
-		Regions: map[int]*tailcfg.DERPRegion{
-			1: derpRegion(1, "nyc",
-				derpNode("a", "159.89.225.99", "2604:a880:400:d1::828:b001"),
-			),
-			2: derpRegion(2, "sfo",
-				derpNode("a", "167.172.206.31", "2604:a880:2:d1::c5:7001"),
-			),
-			3: derpRegion(3, "sin",
-				derpNode("a", "68.183.179.66", "2400:6180:0:d1::67d:8001"),
-			),
-			4: derpRegion(4, "fra",
-				derpNode("a", "167.172.182.26", "2a03:b0c0:3:e0::36e:9001"),
-			),
-			5: derpRegion(5, "syd",
-				derpNode("a", "103.43.75.49", "2001:19f0:5801:10b7:5400:2ff:feaa:284c"),
-			),
-		},
-	}
-}

disco/disco.go

@@ -1,179 +0,0 @@
-// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package disco contains the discovery message types.
-//
-// A discovery message is:
-//
-// Header:
-//     magic          [6]byte  // “TS💬” (0x54 53 f0 9f 92 ac)
-//     senderDiscoPub [32]byte // nacl public key
-//     nonce          [24]byte
-//
-// The recipient then decrypts the bytes following (the nacl secretbox)
-// and then the inner payload structure is:
-//
-//     messageType    byte  (the MessageType constants below)
-//     messageVersion byte  (0 for now; but always ignore bytes at the end)
-//     message-paylod [...]byte
-package disco
-
-import (
-	"encoding/binary"
-	"errors"
-	"fmt"
-	"net"
-
-	"inet.af/netaddr"
-)
-
-// Magic is the 6 byte header of all discovery messages.
-const Magic = "TS💬" // 6 bytes: 0x54 53 f0 9f 92 ac
-
-const keyLen = 32
-
-// NonceLen is the length of the nonces used by nacl secretboxes.
-const NonceLen = 24
-
-type MessageType byte
-
-const (
-	TypePing        = MessageType(0x01)
-	TypePong        = MessageType(0x02)
-	TypeCallMeMaybe = MessageType(0x03)
-)
-
-const v0 = byte(0)
-
-var errShort = errors.New("short message")
-
-// LooksLikeDiscoWrapper reports whether p looks like it's a packet
-// containing an encrypted disco message.
-func LooksLikeDiscoWrapper(p []byte) bool {
-	if len(p) < len(Magic)+keyLen+NonceLen {
-		return false
-	}
-	return string(p[:len(Magic)]) == Magic
-}
-
-// Parse parses the encrypted part of the message from inside the
-// nacl secretbox.
-func Parse(p []byte) (Message, error) {
-	if len(p) < 2 {
-		return nil, errShort
-	}
-	t, ver, p := MessageType(p[0]), p[1], p[2:]
-	switch t {
-	case TypePing:
-		return parsePing(ver, p)
-	case TypePong:
-		return parsePong(ver, p)
-	case TypeCallMeMaybe:
-		return CallMeMaybe{}, nil
-	default:
-		return nil, fmt.Errorf("unknown message type 0x%02x", byte(t))
-	}
-}
-
-// Message a discovery message.
-type Message interface {
-	// AppendMarshal appends the message's marshaled representation.
-	AppendMarshal([]byte) []byte
-}
-
-// appendMsgHeader appends two bytes (for t and ver) and then also
-// dataLen bytes to b, returning the appended slice in all. The
-// returned data slice is a subslice of all with just dataLen bytes of
-// where the caller will fill in the data.
-func appendMsgHeader(b []byte, t MessageType, ver uint8, dataLen int) (all, data []byte) {
-	// TODO: optimize this?
-	all = append(b, make([]byte, dataLen+2)...)
-	all[len(b)] = byte(t)
-	all[len(b)+1] = ver
-	data = all[len(b)+2:]
-	return
-}
-
-type Ping struct {
-	TxID [12]byte
-}
-
-func (m *Ping) AppendMarshal(b []byte) []byte {
-	ret, d := appendMsgHeader(b, TypePing, v0, 12)
-	copy(d, m.TxID[:])
-	return ret
-}
-
-func parsePing(ver uint8, p []byte) (m *Ping, err error) {
-	if len(p) < 12 {
-		return nil, errShort
-	}
-	m = new(Ping)
-	copy(m.TxID[:], p)
-	return m, nil
-}
-
-// CallMeMaybe is a message sent only over DERP to request that the recipient try
-// to open up a magicsock path back to the sender.
-//
-// The sender should've already sent UDP packets to the peer to open
-// up the stateful firewall mappings inbound.
-//
-// The recipient may choose to not open a path back, if it's already
-// happy with its path. But usually it will.
-type CallMeMaybe struct{}
-
-func (CallMeMaybe) AppendMarshal(b []byte) []byte {
-	ret, _ := appendMsgHeader(b, TypeCallMeMaybe, v0, 0)
-	return ret
-}
-
-// Pong is a response a Ping.
-//
-// It includes the sender's source IP + port, so it's effectively a
-// STUN response.
-type Pong struct {
-	TxID [12]byte
-	Src  netaddr.IPPort // 18 bytes (16+2) on the wire; v4-mapped ipv6 for IPv4
-}
-
-const pongLen = 12 + 16 + 2
-
-func (m *Pong) AppendMarshal(b []byte) []byte {
-	ret, d := appendMsgHeader(b, TypePong, v0, pongLen)
-	d = d[copy(d, m.TxID[:]):]
-	ip16 := m.Src.IP.As16()
-	d = d[copy(d, ip16[:]):]
-	binary.BigEndian.PutUint16(d, m.Src.Port)
-	return ret
-}
-
-func parsePong(ver uint8, p []byte) (m *Pong, err error) {
-	if len(p) < pongLen {
-		return nil, errShort
-	}
-	m = new(Pong)
-	copy(m.TxID[:], p)
-	p = p[12:]
-
-	m.Src.IP, _ = netaddr.FromStdIP(net.IP(p[:16]))
-	p = p[16:]
-
-	m.Src.Port = binary.BigEndian.Uint16(p)
-	return m, nil
-}
-
-// MessageSummary returns a short summary of m for logging purposes.
-func MessageSummary(m Message) string {
-	switch m := m.(type) {
-	case *Ping:
-		return fmt.Sprintf("ping tx=%x", m.TxID[:6])
-	case *Pong:
-		return fmt.Sprintf("pong tx=%x", m.TxID[:6])
-	case CallMeMaybe:
-		return "call-me-maybe"
-	default:
-		return fmt.Sprintf("%#v", m)
-	}
-}

disco/disco_test.go

@@ -1,82 +0,0 @@
-// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package disco
-
-import (
-	"fmt"
-	"reflect"
-	"strings"
-	"testing"
-
-	"inet.af/netaddr"
-)
-
-func TestMarshalAndParse(t *testing.T) {
-	tests := []struct {
-		name string
-		want string
-		m    Message
-	}{
-		{
-			name: "ping",
-			m: &Ping{
-				TxID: [12]byte{1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12},
-			},
-			want: "01 00 01 02 03 04 05 06 07 08 09 0a 0b 0c",
-		},
-		{
-			name: "pong",
-			m: &Pong{
-				TxID: [12]byte{1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12},
-				Src:  mustIPPort("2.3.4.5:1234"),
-			},
-			want: "02 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 00 00 00 00 00 00 00 00 00 00 ff ff 02 03 04 05 04 d2",
-		},
-		{
-			name: "pongv6",
-			m: &Pong{
-				TxID: [12]byte{1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12},
-				Src:  mustIPPort("[fed0::12]:6666"),
-			},
-			want: "02 00 01 02 03 04 05 06 07 08 09 0a 0b 0c fe d0 00 00 00 00 00 00 00 00 00 00 00 00 00 12 1a 0a",
-		},
-		{
-			name: "call_me_maybe",
-			m:    CallMeMaybe{},
-			want: "03 00",
-		},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			foo := []byte("foo")
-			got := string(tt.m.AppendMarshal(foo))
-			if !strings.HasPrefix(got, "foo") {
-				t.Fatalf("didn't start with foo: got %q", got)
-			}
-			got = strings.TrimPrefix(got, "foo")
-
-			gotHex := fmt.Sprintf("% x", got)
-			if gotHex != tt.want {
-				t.Fatalf("wrong marshal\n got: %s\nwant: %s\n", gotHex, tt.want)
-			}
-
-			back, err := Parse([]byte(got))
-			if err != nil {
-				t.Fatalf("parse back: %v", err)
-			}
-			if !reflect.DeepEqual(back, tt.m) {
-				t.Errorf("message in %+v doesn't match Parse back result %+v", tt.m, back)
-			}
-		})
-	}
-}
-
-func mustIPPort(s string) netaddr.IPPort {
-	ipp, err := netaddr.ParseIPPort(s)
-	if err != nil {
-		panic(err)
-	}
-	return ipp
-}

go.mod

@@ -1,6 +1,6 @@
 module tailscale.com
 
-go 1.14
+go 1.13
 
 require (
 	github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 // indirect
@@ -9,30 +9,26 @@ require (
 	github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568 // indirect
 	github.com/gliderlabs/ssh v0.2.2
 	github.com/go-ole/go-ole v1.2.4
-	github.com/godbus/dbus/v5 v5.0.3
 	github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e
 	github.com/google/go-cmp v0.4.0
 	github.com/goreleaser/nfpm v1.1.10
-	github.com/jsimonetti/rtnetlink v0.0.0-20200117123717-f846d4f6c1f4
-	github.com/klauspost/compress v1.10.10
+	github.com/klauspost/compress v1.9.8
 	github.com/kr/pty v1.1.1
 	github.com/mdlayher/netlink v1.1.0
-	github.com/miekg/dns v1.1.30
 	github.com/pborman/getopt v0.0.0-20190409184431-ee0cd42419d3
+	github.com/peterbourgon/ff v1.7.0 // indirect
 	github.com/peterbourgon/ff/v2 v2.0.0
-	github.com/tailscale/winipcfg-go v0.0.0-20200413171540-609dcf2df55f
-	github.com/tailscale/wireguard-go v0.0.0-20200724155040-d554a2a5e7e1
-	github.com/tcnksm/go-httpstat v0.2.0
-	github.com/toqueteos/webbrowser v1.2.0
-	go4.org/mem v0.0.0-20200706164138-185c595c3ecc
-	golang.org/x/crypto v0.0.0-20200317142112-1b76d66859c6
-	golang.org/x/net v0.0.0-20200301022130-244492dfa37a
+	github.com/tailscale/hujson v0.0.0-20190930033718-5098e564d9b3 // indirect
+	github.com/tailscale/winipcfg-go v0.0.0-20200213045944-185b07f8233f
+	github.com/tailscale/wireguard-go v0.0.0-20200307073332-1d43cf6b424f
+	golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073
+	golang.org/x/net v0.0.0-20200301022130-244492dfa37a // indirect
 	golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
 	golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e
-	golang.org/x/sys v0.0.0-20200501052902-10377860bb8e
+	golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527
 	golang.org/x/time v0.0.0-20191024005414-555d28b269f0
-	golang.org/x/tools v0.0.0-20191216052735-49a3e744a425
-	honnef.co/go/tools v0.0.1-2020.1.4
-	inet.af/netaddr v0.0.0-20200718043157-99321d6ad24c
+	gortc.io/stun v1.22.1
+	honnef.co/go/tools v0.0.1-2020.1.3 // indirect
 	rsc.io/goversion v1.2.0
 )
+

go.sum

@@ -30,8 +30,6 @@ github.com/gliderlabs/ssh v0.2.2 h1:6zsha5zo/TWhRhwqCD3+EarCAgZ2yN28ipRnGPnwkI0=
 github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
 github.com/go-ole/go-ole v1.2.4 h1:nNBDSCOigTSiarFpYE9J/KtEA1IOW4CNeqT9TQDqCxI=
 github.com/go-ole/go-ole v1.2.4/go.mod h1:XCwSNxSkXRo4vlyPy93sltvi/qJq0jqQhjqQNIwKuxM=
-github.com/godbus/dbus/v5 v5.0.3 h1:ZqHaoEF7TBzh4jzPmqVhE/5A1z9of6orkAe5uHoAeME=
-github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
 github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e h1:1r7pUrabqp18hOBcwBwiTsbnFeTZHV9eER/QT5JVZxY=
 github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM=
@@ -51,8 +49,8 @@ github.com/jsimonetti/rtnetlink v0.0.0-20190606172950-9527aa82566a/go.mod h1:Oz+
 github.com/jsimonetti/rtnetlink v0.0.0-20200117123717-f846d4f6c1f4 h1:nwOc1YaOrYJ37sEBrtWZrdqzK22hiJs3GpDmP3sR2Yw=
 github.com/jsimonetti/rtnetlink v0.0.0-20200117123717-f846d4f6c1f4/go.mod h1:WGuG/smIU4J/54PblvSbh+xvCZmpJnFgr3ds6Z55XMQ=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
-github.com/klauspost/compress v1.10.10 h1:a/y8CglcM7gLGYmlbP/stPE5sR3hbhFRUjCBfd/0B3I=
-github.com/klauspost/compress v1.10.10/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
+github.com/klauspost/compress v1.9.8 h1:VMAMUUOh+gaxKTMk+zqbjsSjsIcUcL/LF4o63i82QyA=
+github.com/klauspost/compress v1.9.8/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=
 github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pty v1.1.1 h1:VkoXIwSboBpnk99O/KFauAEILuNHv5DVFKZMBN/gUgw=
@@ -65,13 +63,14 @@ github.com/mdlayher/netlink v0.0.0-20190409211403-11939a169225/go.mod h1:eQB3mZE
 github.com/mdlayher/netlink v1.0.0/go.mod h1:KxeJAFOFLG6AjpyDkQ/iIhxygIUKD+vcwqcnu43w/+M=
 github.com/mdlayher/netlink v1.1.0 h1:mpdLgm+brq10nI9zM1BpX1kpDbh3NLl3RSnVq6ZSkfg=
 github.com/mdlayher/netlink v1.1.0/go.mod h1:H4WCitaheIsdF9yOYu8CFmCgQthAPIWZmcKp9uZHgmY=
-github.com/miekg/dns v1.1.30 h1:Qww6FseFn8PRfw07jueqIXqodm0JKiiKuK0DeXSqfyo=
-github.com/miekg/dns v1.1.30/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM=
+github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo=
 github.com/op/go-logging v0.0.0-20160315200505-970db520ece7 h1:lDH9UUVJtmYCjyT0CI4q8xvlXPxeZ0gYCVvWbmPlp88=
 github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk=
 github.com/pborman/getopt v0.0.0-20190409184431-ee0cd42419d3 h1:YtFkrqsMEj7YqpIhRteVxJxCeC3jJBieuLr0d4C4rSA=
 github.com/pborman/getopt v0.0.0-20190409184431-ee0cd42419d3/go.mod h1:85jBQOZwpVEaDAr341tbn15RS4fCAsIst0qp7i8ex1o=
 github.com/pelletier/go-toml v1.6.0/go.mod h1:5N711Q9dKgbdkxHL+MEfF31hpT7l0S0s/t2kKREewys=
+github.com/peterbourgon/ff v1.7.0 h1:hknvTgsh90jNBIjPq7xeq32Y9AmSbpXvjrFW4sJwW+A=
+github.com/peterbourgon/ff v1.7.0/go.mod h1:/KKxnU5cBj4w21jEMj4Rway/kslRP6XAOHh7CH8AyAM=
 github.com/peterbourgon/ff/v2 v2.0.0 h1:lx0oYI5qr/FU1xnpNhQ+EZM04gKgn46jyYvGEEqBBbY=
 github.com/peterbourgon/ff/v2 v2.0.0/go.mod h1:xjwr+t+SjWm4L46fcj/D+Ap+6ME7+HqFzaP22pP5Ggk=
 github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
@@ -84,33 +83,63 @@ github.com/sassoftware/go-rpmutils v0.0.0-20190420191620-a8f1baeba37b/go.mod h1:
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
-github.com/tailscale/winipcfg-go v0.0.0-20200413171540-609dcf2df55f h1:uFj5bslHsMzxIM8UTjAhq4VXeo6GfNW91rpoh/WMJaY=
-github.com/tailscale/winipcfg-go v0.0.0-20200413171540-609dcf2df55f/go.mod h1:x880GWw5fvrl2DVTQ04ttXQD4DuppTt1Yz6wLibbjNE=
-github.com/tcnksm/go-httpstat v0.2.0 h1:rP7T5e5U2HfmOBmZzGgGZjBQ5/GluWUylujl0tJ04I0=
-github.com/tcnksm/go-httpstat v0.2.0/go.mod h1:s3JVJFtQxtBEBC9dwcdTTXS9xFnM3SXAZwPG41aurT8=
-github.com/toqueteos/webbrowser v1.2.0 h1:tVP/gpK69Fx+qMJKsLE7TD8LuGWPnEV71wBN9rrstGQ=
-github.com/toqueteos/webbrowser v1.2.0/go.mod h1:XWoZq4cyp9WeUeak7w7LXRUQf1F1ATJMir8RTqb4ayM=
+github.com/tailscale/hujson v0.0.0-20190930033718-5098e564d9b3 h1:rdtXEo9yffOjh4vZQJw3heaY+ggXKp+zvMX5fihh6lI=
+github.com/tailscale/hujson v0.0.0-20190930033718-5098e564d9b3/go.mod h1:STqf+YV0ADdzk4ejtXFsGqDpATP9JoL0OB+hiFQbkdE=
+github.com/tailscale/winipcfg-go v0.0.0-20200213045944-185b07f8233f h1:q2ynfOHxHaaMnkZ1YHswWeO6wEk7IyOnkFozytZ1ztc=
+github.com/tailscale/winipcfg-go v0.0.0-20200213045944-185b07f8233f/go.mod h1:x880GWw5fvrl2DVTQ04ttXQD4DuppTt1Yz6wLibbjNE=
+github.com/tailscale/wireguard-go v0.0.0-20191108062213-b93cdd0582db h1:oP0crfwOb3WZSVrMVm/o51NXN2JirDlcdlNEIPTmgI0=
+github.com/tailscale/wireguard-go v0.0.0-20200207221558-a158079b156a h1:5TWA3nl2QUfL9OiE3tlBpqJd4GYd4hbGtDNkWQQ2fyc=
+github.com/tailscale/wireguard-go v0.0.0-20200207221558-a158079b156a/go.mod h1:QPS8HjBzzAXoQNndUNx2efJaQbCCz8nI2Cv1ksTUHyY=
+github.com/tailscale/wireguard-go v0.0.0-20200208161837-3cd0a483944a h1:vIyObUBvnXB1XTKTBM4AgoUFR9RHiz/kslGHClkXQVg=
+github.com/tailscale/wireguard-go v0.0.0-20200208161837-3cd0a483944a/go.mod h1:JPm5cTfu1K+qDFRbiHy0sOlHUylYQbpl356sdYFD8V4=
+github.com/tailscale/wireguard-go v0.0.0-20200208214841-2981baf46731 h1:sNmny/5pHqHdm081Fx8rcNFnwt0zTGuee/0+Jz+tXCA=
+github.com/tailscale/wireguard-go v0.0.0-20200208214841-2981baf46731/go.mod h1:JPm5cTfu1K+qDFRbiHy0sOlHUylYQbpl356sdYFD8V4=
+github.com/tailscale/wireguard-go v0.0.0-20200211020303-f39bc8eeee1b h1:99LOgoPy0PcmT+yg1HiPJXk/aV/KWeGGh4WtSVB7noM=
+github.com/tailscale/wireguard-go v0.0.0-20200211020303-f39bc8eeee1b/go.mod h1:JPm5cTfu1K+qDFRbiHy0sOlHUylYQbpl356sdYFD8V4=
+github.com/tailscale/wireguard-go v0.0.0-20200213180345-a7c4b7719b1d h1:LVJovgZxbmPxtY6kJm4vwMtk0HpcNeI+vU2jB3T8M40=
+github.com/tailscale/wireguard-go v0.0.0-20200213180345-a7c4b7719b1d/go.mod h1:JPm5cTfu1K+qDFRbiHy0sOlHUylYQbpl356sdYFD8V4=
+github.com/tailscale/wireguard-go v0.0.0-20200219153015-ff5ce9e55c86 h1:yVWApjTol2CR3dVbiiSOI78KnElu3AlHFvntYM2egBU=
+github.com/tailscale/wireguard-go v0.0.0-20200219153015-ff5ce9e55c86/go.mod h1:JPm5cTfu1K+qDFRbiHy0sOlHUylYQbpl356sdYFD8V4=
+github.com/tailscale/wireguard-go v0.0.0-20200224122332-ad79bbddc844 h1:CChfZok8JbY2dT+BNLHAcCLcGuCTBEhrkYtUwOk5rVY=
+github.com/tailscale/wireguard-go v0.0.0-20200224122332-ad79bbddc844/go.mod h1:JPm5cTfu1K+qDFRbiHy0sOlHUylYQbpl356sdYFD8V4=
+github.com/tailscale/wireguard-go v0.0.0-20200225215529-3ec48fad1002 h1:F/IqMilbeud18Ef4kU5oAFDgjD9tgl7pq3OFcqoCEKM=
+github.com/tailscale/wireguard-go v0.0.0-20200225215529-3ec48fad1002/go.mod h1:JPm5cTfu1K+qDFRbiHy0sOlHUylYQbpl356sdYFD8V4=
+github.com/tailscale/wireguard-go v0.0.0-20200228112021-e513af474d50 h1:A3jG81hD8NVUdzrIus7RfGnZy8i47xHQW4CXjQFnnCY=
+github.com/tailscale/wireguard-go v0.0.0-20200228112021-e513af474d50/go.mod h1:JPm5cTfu1K+qDFRbiHy0sOlHUylYQbpl356sdYFD8V4=
+github.com/tailscale/wireguard-go v0.0.0-20200228184309-3f8d44fb81cd h1:d+WIJL0sRFBqxOjLlUD3exOV68oEVqndTvAzjAZpGNA=
+github.com/tailscale/wireguard-go v0.0.0-20200228184309-3f8d44fb81cd/go.mod h1:JPm5cTfu1K+qDFRbiHy0sOlHUylYQbpl356sdYFD8V4=
+github.com/tailscale/wireguard-go v0.0.0-20200301084640-52819259e449 h1:MySSF619UHACu0gIDUq032SlZXGTl3M6S2zSl3A2gt8=
+github.com/tailscale/wireguard-go v0.0.0-20200301084640-52819259e449/go.mod h1:JPm5cTfu1K+qDFRbiHy0sOlHUylYQbpl356sdYFD8V4=
+github.com/tailscale/wireguard-go v0.0.0-20200301090855-c9a152bc3b51 h1:9U7gdTXXgX7zoPAShuOnh9KTi3nInbkihuTGcNpuCow=
+github.com/tailscale/wireguard-go v0.0.0-20200301090855-c9a152bc3b51/go.mod h1:JPm5cTfu1K+qDFRbiHy0sOlHUylYQbpl356sdYFD8V4=
+github.com/tailscale/wireguard-go v0.0.0-20200301220325-351e6067e97c h1:Fxmm2RUWZEC6H1a+9CoKm0vjvwr4VUv9H930PBRNh6s=
+github.com/tailscale/wireguard-go v0.0.0-20200301220325-351e6067e97c/go.mod h1:JPm5cTfu1K+qDFRbiHy0sOlHUylYQbpl356sdYFD8V4=
+github.com/tailscale/wireguard-go v0.0.0-20200305022019-7888c7edfed2 h1:qjA3efFS6+yVTOqZAeXq6lY9A0oUn6zp+zWYb/alfCA=
+github.com/tailscale/wireguard-go v0.0.0-20200305022019-7888c7edfed2/go.mod h1:JPm5cTfu1K+qDFRbiHy0sOlHUylYQbpl356sdYFD8V4=
 github.com/ulikunitz/xz v0.5.6 h1:jGHAfXawEGZQ3blwU5wnWKQJvAraT7Ftq9EXjnXYgt8=
 github.com/ulikunitz/xz v0.5.6/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8=
 github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 h1:nIPpBwaJSVYIxUFsDv3M8ofmx9yWTog9BfvIu0q41lo=
 github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8/go.mod h1:HUYIGzjTL3rfEspMxjDjgmT5uz5wzYJKVo23qUhYTos=
-go4.org/mem v0.0.0-20200706164138-185c595c3ecc h1:paujszgN6SpsO/UsXC7xax3gQAKz/XQKCYZLQdU34Tw=
-go4.org/mem v0.0.0-20200706164138-185c595c3ecc/go.mod h1:NEYvpHWemiG/E5UWfaN5QAIGZeT1sa0Z2UNk6oeMb/k=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20191002192127-34f69633bfdc/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20200317142112-1b76d66859c6 h1:TjszyFsQsyZNHwdVdZ5m7bjmreu0znc2kRYsEml9/Ww=
-golang.org/x/crypto v0.0.0-20200317142112-1b76d66859c6/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200206161412-a0c6ece9d31a h1:aczoJ0HPNE92XKa7DrIzkNN6esOKO2TBwiiYoKcINhA=
+golang.org/x/crypto v0.0.0-20200206161412-a0c6ece9d31a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200208060501-ecb85df21340 h1:KOcEaR10tFr7gdJV2GCKw8Os5yED1u1aOqHjOAb6d2Y=
+golang.org/x/crypto v0.0.0-20200208060501-ecb85df21340/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200210222208-86ce3cb69678 h1:wCWoJcFExDgyYx2m2hpHgwz8W3+FPdfldvIgzqDIhyg=
+golang.org/x/crypto v0.0.0-20200210222208-86ce3cb69678/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d h1:1ZiEyfaQIg3Qh0EoqpwAakHVhecoE5wlSg5GjnafJGw=
+golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073 h1:xMPOj6Pz6UipU1wXLkrtqpHbR0AVFnyPEQq/wRWz9lM=
+golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
-golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20191003171128-d98b1b443823/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20191007182048-72f939374954/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200202094626-16171245cfb2 h1:CCH4IOTTfewWjGOlSp+zGcjutRKlBEZQ6wTn8ozI/nI=
@@ -121,6 +150,7 @@ golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d h1:TzXSXBo42m9gQenoE3b9BG
 golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4 h1:YUO/7uOKsKeq9UokNS62b8FYywz3ker1l1vDZRCRefw=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58 h1:8gQV6CLnAEikrhgkHFbMAEhagSSnXWGV915qUMm9mrU=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e h1:vcxGaoTs7kV8m5Np9uUNQin4BrLOthgV7252N8V+FwY=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -131,27 +161,34 @@ golang.org/x/sys v0.0.0-20190405154228-4b34438f7a67/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20190411185658-b44545bcd369/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191003212358-c178f38b412c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5 h1:LfCXLvNmTYH9kEmVgqbnsWfruoXZIrh4YBgqVHtDvw0=
 golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200501052902-10377860bb8e h1:hq86ru83GdWTlfQFZGO4nZJTU4Bs2wfHl8oFHRaXsfc=
-golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4 h1:sfkvUWPNGwSV+8/fNqctR5lS2AqCSqYwXdrjCxp/dXo=
+golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200217220822-9197077df867 h1:JoRuNIf+rpHl+VhScRQQvzbHed86tKkqwPMV34T8myw=
+golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200301040627-c5d0d7b4ec88 h1:LNVdAhESTW4gWDhYvciNcGoS9CEcxRiUKE9kSgw+X3s=
+golang.org/x/sys v0.0.0-20200301040627-c5d0d7b4ec88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200301204400-5d559ad92b82 h1:lMQVwSjnOFtj3Ssuec21gK8stJac9xnIo2CjVk2cczw=
+golang.org/x/sys v0.0.0-20200301204400-5d559ad92b82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527 h1:uYVVQ9WP/Ds2ROhcaGPeIdVq0RIXVLwsHlnvJ+cT1So=
+golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0 h1:/5xXl8Y5W96D+TtHSlonuFqGHIWVuyCkGJLwGh9JJFs=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d h1:/iIZNFGxc/a7C3yWjGcnboV+Tkc7mxr+p6fDztwoxuM=
+golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac h1:MQEvx39qSf8vyrx3XRaOe+j1UDIzKwkYOVObRgGPVqI=
+golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
 golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20191216052735-49a3e744a425 h1:VvQyQJN0tSuecqgcIxMWnnfG5kSmgy9KZR9sW3W5QeA=
-golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.zx2c4.com/wireguard v0.0.20200121 h1:vcswa5Q6f+sylDfjqyrVNNrjsFUUbPsgAQTBCAg/Qf8=
+golang.zx2c4.com/wireguard v0.0.20200121/go.mod h1:P2HsVp8SKwZEufsnezXZA4GRX/T49/HlU7DGuelXsU4=
 google.golang.org/appengine v1.4.0 h1:/wp5JvzpHIxhs/dumFmF7BXTf3Z+dd4uXta4kVyO508=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
@@ -163,9 +200,11 @@ gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.7 h1:VUgggvou5XRW9mHwD/yXxIYSMtY0zoKQf/v226p2nyo=
 gopkg.in/yaml.v2 v2.2.7/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-honnef.co/go/tools v0.0.1-2020.1.4 h1:UoveltGrhghAA7ePc+e+QYDHXrBps2PqFZiHkGR/xK8=
-honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-inet.af/netaddr v0.0.0-20200718043157-99321d6ad24c h1:si3Owrfem175Ry6gKqnh59eOXxDojyBTIHxUKuvK/Eo=
-inet.af/netaddr v0.0.0-20200718043157-99321d6ad24c/go.mod h1:qqYzz/2whtrbWJvt+DNWQyvekNN4ePQZcg2xc2/Yjww=
+gortc.io/stun v1.22.1 h1:96mOdDATYRqhYB+TZdenWBg4CzL2Ye5kPyBXQ8KAB+8=
+gortc.io/stun v1.22.1/go.mod h1:XD5lpONVyjvV3BgOyJFNo0iv6R2oZB4L+weMqxts+zg=
+honnef.co/go/tools v0.0.1-2019.2.3 h1:3JgtbtFHMiCmsznwGVTUWbgGov+pVqnlf1dEJTNAXeM=
+honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
+honnef.co/go/tools v0.0.1-2020.1.3 h1:sXmLre5bzIR6ypkjXCDI3jHPssRhc8KD/Ome589sc3U=
+honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
 rsc.io/goversion v1.2.0 h1:SPn+NLTiAG7w30IRK/DKp1BjvpWabYgxlLp/+kx5J8w=
 rsc.io/goversion v1.2.0/go.mod h1:Eih9y/uIBS3ulggl7KNJ09xGSLcuNaLgmvvqa07sgfo=

interfaces/interfaces.go

@@ -0,0 +1,154 @@
+// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package interfaces contains helpers for looking up system network interfaces.
+package interfaces
+
+import (
+	"net"
+	"strings"
+)
+
+// Tailscale returns the current machine's Tailscale interface, if any.
+// If none is found, all zero values are returned.
+// A non-nil error is only returned on a problem listing the system interfaces.
+func Tailscale() (net.IP, *net.Interface, error) {
+	ifs, err := net.Interfaces()
+	if err != nil {
+		return nil, nil, err
+	}
+	for _, iface := range ifs {
+		if !maybeTailscaleInterfaceName(iface.Name) {
+			continue
+		}
+		addrs, err := iface.Addrs()
+		if err != nil {
+			continue
+		}
+		for _, a := range addrs {
+			if ipnet, ok := a.(*net.IPNet); ok && IsTailscaleIP(ipnet.IP) {
+				return ipnet.IP, &iface, nil
+			}
+		}
+	}
+	return nil, nil, nil
+}
+
+// HaveIPv6GlobalAddress reports whether the machine appears to have a
+// global scope unicast IPv6 address.
+//
+// It only returns an error if there's a problem querying the system
+// interfaces.
+func HaveIPv6GlobalAddress() (bool, error) {
+	ifs, err := net.Interfaces()
+	if err != nil {
+		return false, err
+	}
+	for i := range ifs {
+		iface := &ifs[i]
+		if !isUp(iface) || isLoopback(iface) {
+			continue
+		}
+		addrs, err := iface.Addrs()
+		if err != nil {
+			continue
+		}
+		for _, a := range addrs {
+			ipnet, ok := a.(*net.IPNet)
+			if !ok {
+				continue
+			}
+			if ipnet.IP.To4() != nil || !ipnet.IP.IsGlobalUnicast() {
+				continue
+			}
+			return true, nil
+		}
+	}
+	return false, nil
+}
+
+// maybeTailscaleInterfaceName reports whether s is an interface
+// name that might be used by Tailscale.
+func maybeTailscaleInterfaceName(s string) bool {
+	return strings.HasPrefix(s, "wg") ||
+		strings.HasPrefix(s, "ts") ||
+		strings.HasPrefix(s, "tailscale") ||
+		strings.HasPrefix(s, "utun")
+}
+
+// IsTailscaleIP reports whether ip is an IP in a range used by
+// Tailscale virtual network interfaces.
+func IsTailscaleIP(ip net.IP) bool {
+	return cgNAT.Contains(ip)
+}
+
+func isUp(nif *net.Interface) bool       { return nif.Flags&net.FlagUp != 0 }
+func isLoopback(nif *net.Interface) bool { return nif.Flags&net.FlagLoopback != 0 }
+
+// LocalAddresses returns the machine's IP addresses, separated by
+// whether they're loopback addresses.
+func LocalAddresses() (regular, loopback []string, err error) {
+	// TODO(crawshaw): don't serve interface addresses that we are routing
+	ifaces, err := net.Interfaces()
+	if err != nil {
+		return nil, nil, err
+	}
+	for i := range ifaces {
+		iface := &ifaces[i]
+		if !isUp(iface) {
+			// Down interfaces don't count
+			continue
+		}
+		ifcIsLoopback := isLoopback(iface)
+
+		addrs, err := iface.Addrs()
+		if err != nil {
+			return nil, nil, err
+		}
+		for _, a := range addrs {
+			switch v := a.(type) {
+			case *net.IPNet:
+				// TODO(crawshaw): IPv6 support.
+				// Easy to do here, but we need good endpoint ordering logic.
+				ip := v.IP.To4()
+				if ip == nil {
+					continue
+				}
+				// TODO(apenwarr): don't special case cgNAT.
+				// In the general wireguard case, it might
+				// very well be something we can route to
+				// directly, because both nodes are
+				// behind the same CGNAT router.
+				if cgNAT.Contains(ip) {
+					continue
+				}
+				if linkLocalIPv4.Contains(ip) {
+					continue
+				}
+				if ip.IsLoopback() || ifcIsLoopback {
+					loopback = append(loopback, ip.String())
+				} else {
+					regular = append(regular, ip.String())
+				}
+			}
+		}
+	}
+	return regular, loopback, nil
+}
+
+var cgNAT = func() *net.IPNet {
+	_, ipNet, err := net.ParseCIDR("100.64.0.0/10")
+	if err != nil {
+		panic(err)
+	}
+	return ipNet
+}()
+
+var linkLocalIPv4 = func() *net.IPNet {
+	_, ipNet, err := net.ParseCIDR("169.254.0.0/16")
+	if err != nil {
+		panic(err)
+	}
+	return ipNet
+}()

interfaces/interfaces_test.go

@@ -27,32 +27,5 @@ func TestIsTailscaleIP(t *testing.T) {
 			t.Errorf("F(%q) = %v; want %v", tt.ip, got, tt.want)
 		}
 	}
-}
-
-func TestGetState(t *testing.T) {
-	st, err := GetState()
-	if err != nil {
-		t.Fatal(err)
-	}
-	t.Logf("Got: %#v", st)
-
-	st2, err := GetState()
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	if !st.Equal(st2) {
-		// let's assume nobody was changing the system network interfaces between
-		// the two GetState calls.
-		t.Fatal("two States back-to-back were not equal")
-	}
-}
-
-func TestLikelyHomeRouterIP(t *testing.T) {
-	gw, my, ok := LikelyHomeRouterIP()
-	if !ok {
-		t.Logf("no result")
-		return
-	}
-	t.Logf("myIP = %v; gw = %v", my, gw)
+
 }

internal/deepprint/deepprint.go

@@ -1,93 +0,0 @@
-// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package deepprint walks a Go value recursively, in a predictable
-// order, without looping, and prints each value out to a given
-// Writer, which is assumed to be a hash.Hash, as this package doesn't
-// format things nicely.
-//
-// This is intended as a lighter version of go-spew, etc. We don't need its
-// features when our writer is just a hash.
-package deepprint
-
-import (
-	"crypto/sha256"
-	"fmt"
-	"io"
-	"reflect"
-)
-
-func Hash(v interface{}) string {
-	h := sha256.New()
-	Print(h, v)
-	return fmt.Sprintf("%x", h.Sum(nil))
-}
-
-func Print(w io.Writer, v interface{}) {
-	print(w, reflect.ValueOf(v), make(map[uintptr]bool))
-}
-
-func print(w io.Writer, v reflect.Value, visited map[uintptr]bool) {
-	if !v.IsValid() {
-		return
-	}
-	switch v.Kind() {
-	default:
-		panic(fmt.Sprintf("unhandled kind %v for type %v", v.Kind(), v.Type()))
-	case reflect.Ptr:
-		ptr := v.Pointer()
-		if visited[ptr] {
-			return
-		}
-		visited[ptr] = true
-		print(w, v.Elem(), visited)
-		return
-	case reflect.Struct:
-		fmt.Fprintf(w, "struct{\n")
-		t := v.Type()
-		for i, n := 0, v.NumField(); i < n; i++ {
-			sf := t.Field(i)
-			fmt.Fprintf(w, "%s: ", sf.Name)
-			print(w, v.Field(i), visited)
-			fmt.Fprintf(w, "\n")
-		}
-	case reflect.Slice, reflect.Array:
-		if v.Type().Elem().Kind() == reflect.Uint8 && v.CanInterface() {
-			fmt.Fprintf(w, "%q", v.Interface())
-			return
-		}
-		fmt.Fprintf(w, "[%d]{\n", v.Len())
-		for i, ln := 0, v.Len(); i < ln; i++ {
-			fmt.Fprintf(w, " [%d]: ", i)
-			print(w, v.Index(i), visited)
-			fmt.Fprintf(w, "\n")
-		}
-		fmt.Fprintf(w, "}\n")
-	case reflect.Interface:
-		print(w, v.Elem(), visited)
-	case reflect.Map:
-		sm := newSortedMap(v)
-		fmt.Fprintf(w, "map[%d]{\n", len(sm.Key))
-		for i, k := range sm.Key {
-			print(w, k, visited)
-			fmt.Fprintf(w, ": ")
-			print(w, sm.Value[i], visited)
-			fmt.Fprintf(w, "\n")
-		}
-		fmt.Fprintf(w, "}\n")
-
-	case reflect.String:
-		fmt.Fprintf(w, "%s", v.String())
-	case reflect.Bool:
-		fmt.Fprintf(w, "%v", v.Bool())
-	case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
-		fmt.Fprintf(w, "%v", v.Int())
-	case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
-		fmt.Fprintf(w, "%v", v.Uint())
-	case reflect.Float32, reflect.Float64:
-		fmt.Fprintf(w, "%v", v.Float())
-	case reflect.Complex64, reflect.Complex128:
-		fmt.Fprintf(w, "%v", v.Complex())
-	}
-}

internal/deepprint/deepprint_test.go

@@ -1,70 +0,0 @@
-// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package deepprint
-
-import (
-	"bytes"
-	"testing"
-
-	"github.com/tailscale/wireguard-go/wgcfg"
-	"inet.af/netaddr"
-	"tailscale.com/wgengine/router"
-)
-
-func TestDeepPrint(t *testing.T) {
-	// v contains the types of values we care about for our current callers.
-	// Mostly we're just testing that we don't panic on handled types.
-	v := getVal()
-
-	var buf bytes.Buffer
-	Print(&buf, v)
-	t.Logf("Got: %s", buf.Bytes())
-
-	hash1 := Hash(v)
-	t.Logf("hash: %v", hash1)
-	for i := 0; i < 20; i++ {
-		hash2 := Hash(getVal())
-		if hash1 != hash2 {
-			t.Error("second hash didn't match")
-		}
-	}
-}
-
-func getVal() []interface{} {
-	return []interface{}{
-		&wgcfg.Config{
-			Name:       "foo",
-			Addresses:  []wgcfg.CIDR{{Mask: 5, IP: wgcfg.IP{Addr: [16]byte{3: 3}}}},
-			ListenPort: 5,
-			Peers: []wgcfg.Peer{
-				{
-					Endpoints: []wgcfg.Endpoint{
-						{
-							Host: "foo",
-							Port: 5,
-						},
-					},
-				},
-			},
-		},
-		&router.Config{
-			DNSConfig: router.DNSConfig{
-				Nameservers: []netaddr.IP{netaddr.IPv4(8, 8, 8, 8)},
-				Domains:     []string{"tailscale.net"},
-			},
-		},
-		map[string]string{
-			"key1": "val1",
-			"key2": "val2",
-			"key3": "val3",
-			"key4": "val4",
-			"key5": "val5",
-			"key6": "val6",
-			"key7": "val7",
-			"key8": "val8",
-			"key9": "val9",
-		},
-	}
-}

internal/deepprint/fmtsort.go

@@ -1,224 +0,0 @@
-// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// and
-
-// Copyright 2018 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// This is a slightly modified fork of Go's src/internal/fmtsort/sort.go
-
-package deepprint
-
-import (
-	"reflect"
-	"sort"
-)
-
-// Note: Throughout this package we avoid calling reflect.Value.Interface as
-// it is not always legal to do so and it's easier to avoid the issue than to face it.
-
-// sortedMap represents a map's keys and values. The keys and values are
-// aligned in index order: Value[i] is the value in the map corresponding to Key[i].
-type sortedMap struct {
-	Key   []reflect.Value
-	Value []reflect.Value
-}
-
-func (o *sortedMap) Len() int           { return len(o.Key) }
-func (o *sortedMap) Less(i, j int) bool { return compare(o.Key[i], o.Key[j]) < 0 }
-func (o *sortedMap) Swap(i, j int) {
-	o.Key[i], o.Key[j] = o.Key[j], o.Key[i]
-	o.Value[i], o.Value[j] = o.Value[j], o.Value[i]
-}
-
-// Sort accepts a map and returns a sortedMap that has the same keys and
-// values but in a stable sorted order according to the keys, modulo issues
-// raised by unorderable key values such as NaNs.
-//
-// The ordering rules are more general than with Go's < operator:
-//
-//  - when applicable, nil compares low
-//  - ints, floats, and strings order by <
-//  - NaN compares less than non-NaN floats
-//  - bool compares false before true
-//  - complex compares real, then imag
-//  - pointers compare by machine address
-//  - channel values compare by machine address
-//  - structs compare each field in turn
-//  - arrays compare each element in turn.
-//    Otherwise identical arrays compare by length.
-//  - interface values compare first by reflect.Type describing the concrete type
-//    and then by concrete value as described in the previous rules.
-//
-func newSortedMap(mapValue reflect.Value) *sortedMap {
-	if mapValue.Type().Kind() != reflect.Map {
-		return nil
-	}
-	// Note: this code is arranged to not panic even in the presence
-	// of a concurrent map update. The runtime is responsible for
-	// yelling loudly if that happens. See issue 33275.
-	n := mapValue.Len()
-	key := make([]reflect.Value, 0, n)
-	value := make([]reflect.Value, 0, n)
-	iter := mapValue.MapRange()
-	for iter.Next() {
-		key = append(key, iter.Key())
-		value = append(value, iter.Value())
-	}
-	sorted := &sortedMap{
-		Key:   key,
-		Value: value,
-	}
-	sort.Stable(sorted)
-	return sorted
-}
-
-// compare compares two values of the same type. It returns -1, 0, 1
-// according to whether a > b (1), a == b (0), or a < b (-1).
-// If the types differ, it returns -1.
-// See the comment on Sort for the comparison rules.
-func compare(aVal, bVal reflect.Value) int {
-	aType, bType := aVal.Type(), bVal.Type()
-	if aType != bType {
-		return -1 // No good answer possible, but don't return 0: they're not equal.
-	}
-	switch aVal.Kind() {
-	case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
-		a, b := aVal.Int(), bVal.Int()
-		switch {
-		case a < b:
-			return -1
-		case a > b:
-			return 1
-		default:
-			return 0
-		}
-	case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
-		a, b := aVal.Uint(), bVal.Uint()
-		switch {
-		case a < b:
-			return -1
-		case a > b:
-			return 1
-		default:
-			return 0
-		}
-	case reflect.String:
-		a, b := aVal.String(), bVal.String()
-		switch {
-		case a < b:
-			return -1
-		case a > b:
-			return 1
-		default:
-			return 0
-		}
-	case reflect.Float32, reflect.Float64:
-		return floatCompare(aVal.Float(), bVal.Float())
-	case reflect.Complex64, reflect.Complex128:
-		a, b := aVal.Complex(), bVal.Complex()
-		if c := floatCompare(real(a), real(b)); c != 0 {
-			return c
-		}
-		return floatCompare(imag(a), imag(b))
-	case reflect.Bool:
-		a, b := aVal.Bool(), bVal.Bool()
-		switch {
-		case a == b:
-			return 0
-		case a:
-			return 1
-		default:
-			return -1
-		}
-	case reflect.Ptr:
-		a, b := aVal.Pointer(), bVal.Pointer()
-		switch {
-		case a < b:
-			return -1
-		case a > b:
-			return 1
-		default:
-			return 0
-		}
-	case reflect.Chan:
-		if c, ok := nilCompare(aVal, bVal); ok {
-			return c
-		}
-		ap, bp := aVal.Pointer(), bVal.Pointer()
-		switch {
-		case ap < bp:
-			return -1
-		case ap > bp:
-			return 1
-		default:
-			return 0
-		}
-	case reflect.Struct:
-		for i := 0; i < aVal.NumField(); i++ {
-			if c := compare(aVal.Field(i), bVal.Field(i)); c != 0 {
-				return c
-			}
-		}
-		return 0
-	case reflect.Array:
-		for i := 0; i < aVal.Len(); i++ {
-			if c := compare(aVal.Index(i), bVal.Index(i)); c != 0 {
-				return c
-			}
-		}
-		return 0
-	case reflect.Interface:
-		if c, ok := nilCompare(aVal, bVal); ok {
-			return c
-		}
-		c := compare(reflect.ValueOf(aVal.Elem().Type()), reflect.ValueOf(bVal.Elem().Type()))
-		if c != 0 {
-			return c
-		}
-		return compare(aVal.Elem(), bVal.Elem())
-	default:
-		// Certain types cannot appear as keys (maps, funcs, slices), but be explicit.
-		panic("bad type in compare: " + aType.String())
-	}
-}
-
-// nilCompare checks whether either value is nil. If not, the boolean is false.
-// If either value is nil, the boolean is true and the integer is the comparison
-// value. The comparison is defined to be 0 if both are nil, otherwise the one
-// nil value compares low. Both arguments must represent a chan, func,
-// interface, map, pointer, or slice.
-func nilCompare(aVal, bVal reflect.Value) (int, bool) {
-	if aVal.IsNil() {
-		if bVal.IsNil() {
-			return 0, true
-		}
-		return -1, true
-	}
-	if bVal.IsNil() {
-		return 1, true
-	}
-	return 0, false
-}
-
-// floatCompare compares two floating-point values. NaNs compare low.
-func floatCompare(a, b float64) int {
-	switch {
-	case isNaN(a):
-		return -1 // No good answer if b is a NaN so don't bother checking.
-	case isNaN(b):
-		return 1
-	case a < b:
-		return -1
-	case a > b:
-		return 1
-	}
-	return 0
-}
-
-func isNaN(a float64) bool {
-	return a != a
-}

ipn/backend.go

@@ -5,15 +5,11 @@
 package ipn
 
 import (
-	"net/http"
 	"time"
 
-	"golang.org/x/oauth2"
 	"tailscale.com/control/controlclient"
-	"tailscale.com/ipn/ipnstate"
 	"tailscale.com/tailcfg"
 	"tailscale.com/types/empty"
-	"tailscale.com/types/structs"
 	"tailscale.com/wgengine"
 )
 
@@ -28,10 +24,6 @@ const (
 	Running
 )
 
-// GoogleIDToken Type is the oauth2.Token.TokenType for the Google
-// ID tokens used by the Android client.
-const GoogleIDTokenType = "ts_android_google_login"
-
 func (s State) String() string {
 	return [...]string{"NoState", "NeedsLogin", "NeedsMachineAuth",
 		"Stopped", "Starting", "Running"}[s]
@@ -41,33 +33,26 @@ func (s State) String() string {
 type EngineStatus struct {
 	RBytes, WBytes wgengine.ByteCount
 	NumLive        int
-	LiveDERPs      int // number of active DERP connections
 	LivePeers      map[tailcfg.NodeKey]wgengine.PeerStatus
 }
 
+type NetworkMap = controlclient.NetworkMap
+
 // Notify is a communication from a backend (e.g. tailscaled) to a frontend
 // (cmd/tailscale, iOS, macOS, Win Tasktray).
 // In any given notification, any or all of these may be nil, meaning
 // that they have not changed.
 // They are JSON-encoded on the wire, despite the lack of struct tags.
 type Notify struct {
-	_             structs.Incomparable
-	Version       string                    // version number of IPN backend
-	ErrMessage    *string                   // critical error message, if any
-	LoginFinished *empty.Message            // event: non-nil when login process succeeded
-	State         *State                    // current IPN state has changed
-	Prefs         *Prefs                    // preferences were changed
-	NetMap        *controlclient.NetworkMap // new netmap received
-	Engine        *EngineStatus             // wireguard engine stats
-	Status        *ipnstate.Status          // full status
-	BrowseToURL   *string                   // UI should open a browser right now
-	BackendLogID  *string                   // public logtail id used by backend
-
-	// LocalTCPPort, if non-nil, informs the UI frontend which
-	// (non-zero) localhost TCP port it's listening on.
-	// This is currently only used by Tailscale when run in the
-	// macOS Network Extension.
-	LocalTCPPort *uint16 `json:",omitempty"`
+	Version       string         // version number of IPN backend
+	ErrMessage    *string        // critical error message, if any
+	LoginFinished *empty.Message // event: non-nil when login process succeeded
+	State         *State         // current IPN state has changed
+	Prefs         *Prefs         // preferences were changed
+	NetMap        *NetworkMap    // new netmap received
+	Engine        *EngineStatus  // wireguard engine stats
+	BrowseToURL   *string        // UI should open a browser right now
+	BackendLogID  *string        // public logtail id used by backend
 
 	// type is mirrored in xcode/Shared/IPN.swift
 }
@@ -103,9 +88,6 @@ type Options struct {
 	//    an initial overwrite of backend state with Prefs.
 	StateKey StateKey
 	Prefs    *Prefs
-	// AuthKey is an optional node auth key used to authorize a
-	// new node key without user interaction.
-	AuthKey string
 	// LegacyConfigPath optionally specifies the old-style relaynode
 	// relay.conf location. If both LegacyConfigPath and StateKey are
 	// specified and the requested state doesn't exist in the backend
@@ -116,9 +98,6 @@ type Options struct {
 	LegacyConfigPath string
 	// Notify is called when backend events happen.
 	Notify func(Notify) `json:"-"`
-	// HTTPTestClient is an optional HTTP client to pass to controlclient
-	// (for tests only).
-	HTTPTestClient *http.Client
 }
 
 // Backend is the interface between Tailscale frontends
@@ -134,8 +113,6 @@ type Backend interface {
 	// flow. This should trigger a new BrowseToURL notification
 	// eventually.
 	StartLoginInteractive()
-	// Login logs in with an OAuth2 token.
-	Login(token *oauth2.Token)
 	// Logout terminates the current login session and stops the
 	// wireguard engine.
 	Logout()
@@ -148,9 +125,6 @@ type Backend interface {
 	// counts. Connection events are emitted automatically without
 	// polling.
 	RequestEngineStatus()
-	// RequestStatus requests that a full Status update
-	// notification is sent.
-	RequestStatus()
 	// FakeExpireAfter pretends that the current key is going to
 	// expire after duration x. This is useful for testing GUIs to
 	// make sure they react properly with keys that are going to

ipn/e2e_test.go

@@ -0,0 +1,229 @@
+// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build depends_on_currently_unreleased
+
+package ipn
+
+import (
+	"bytes"
+	"io/ioutil"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+	"time"
+
+	"github.com/tailscale/wireguard-go/tun/tuntest"
+	"tailscale.com/control/controlclient"
+	"tailscale.com/tailcfg"
+	"tailscale.com/testy"
+	"tailscale.com/wgengine"
+	"tailscale.com/wgengine/magicsock"
+	"tailscale.io/control" // not yet released
+)
+
+func TestIPN(t *testing.T) {
+	testy.FixLogs(t)
+	defer testy.UnfixLogs(t)
+
+	// Turn off STUN for the test to make it hermitic.
+	// TODO(crawshaw): add a test that runs against a local STUN server.
+	origDefaultSTUN := magicsock.DefaultSTUN
+	magicsock.DefaultSTUN = nil
+	defer func() {
+		magicsock.DefaultSTUN = origDefaultSTUN
+	}()
+
+	// TODO(apenwarr): Make resource checks actually pass.
+	// They don't right now, because (at least) wgengine doesn't fully
+	// shut down.
+	//	rc := testy.NewResourceCheck()
+	//	defer rc.Assert(t)
+
+	var ctl *control.Server
+
+	ctlHandler := func(w http.ResponseWriter, r *http.Request) {
+		ctl.ServeHTTP(w, r)
+	}
+	https := httptest.NewServer(http.HandlerFunc(ctlHandler))
+	serverURL := https.URL
+	defer https.Close()
+	defer https.CloseClientConnections()
+
+	tmpdir, err := ioutil.TempDir("", "ipntest")
+	if err != nil {
+		t.Fatalf("create tempdir: %v\n", err)
+	}
+	ctl, err = control.New(tmpdir, serverURL, true)
+	if err != nil {
+		t.Fatalf("create control server: %v\n", ctl)
+	}
+
+	n1 := newNode(t, "n1", https)
+	defer n1.Backend.Shutdown()
+	n1.Backend.StartLoginInteractive()
+
+	n2 := newNode(t, "n2", https)
+	defer n2.Backend.Shutdown()
+	n2.Backend.StartLoginInteractive()
+
+	t.Run("login", func(t *testing.T) {
+		var s1, s2 State
+		for {
+			t.Logf("\n\nn1.state=%v n2.state=%v\n\n", s1, s2)
+
+			// TODO(crawshaw): switch from || to &&. To do this we need to
+			// transmit some data so that the handshake completes on both
+			// sides. (Because handshakes are 1RTT, it is the data
+			// transmission that completes the handshake.)
+			if s1 == Running || s2 == Running {
+				// TODO(apenwarr): ensure state sequence.
+				// Right now we'll just exit as soon as
+				// state==Running, even if the backend is lying or
+				// something. Not a great test.
+				break
+			}
+
+			select {
+			case n := <-n1.NotifyCh:
+				t.Logf("n1n: %v\n", n)
+				if n.State != nil {
+					s1 = *n.State
+					if s1 == NeedsMachineAuth {
+						authNode(t, ctl, n1.Backend)
+					}
+				}
+			case n := <-n2.NotifyCh:
+				t.Logf("n2n: %v\n", n)
+				if n.State != nil {
+					s2 = *n.State
+					if s2 == NeedsMachineAuth {
+						authNode(t, ctl, n2.Backend)
+					}
+				}
+			case <-time.After(3 * time.Second):
+				t.Fatalf("\n\n\nFATAL: timed out waiting for notifications.\n\n\n")
+			}
+		}
+	})
+
+	n1addr := n1.Backend.NetMap().Addresses[0].IP
+	n2addr := n2.Backend.NetMap().Addresses[0].IP
+	t.Run("ping n2", func(t *testing.T) {
+		t.Skip("TODO(crawshaw): skipping ping test, it is flaky")
+		msg := tuntest.Ping(n2addr.IP(), n1addr.IP())
+		n1.ChannelTUN.Outbound <- msg
+		select {
+		case msgRecv := <-n2.ChannelTUN.Inbound:
+			if !bytes.Equal(msg, msgRecv) {
+				t.Error("bad ping")
+			}
+		case <-time.After(1 * time.Second):
+			t.Error("no ping seen")
+		}
+	})
+	t.Run("ping n1", func(t *testing.T) {
+		t.Skip("TODO(crawshaw): skipping ping test, it is flaky")
+		msg := tuntest.Ping(n1addr.IP(), n2addr.IP())
+		n2.ChannelTUN.Outbound <- msg
+		select {
+		case msgRecv := <-n1.ChannelTUN.Inbound:
+			if !bytes.Equal(msg, msgRecv) {
+				t.Error("bad ping")
+			}
+		case <-time.After(1 * time.Second):
+			t.Error("no ping seen")
+		}
+	})
+
+drain:
+	for {
+		select {
+		case <-n1.NotifyCh:
+		case <-n2.NotifyCh:
+		default:
+			break drain
+		}
+	}
+
+	n1.Backend.Logout()
+
+	t.Run("logout", func(t *testing.T) {
+		select {
+		case n := <-n1.NotifyCh:
+			if n.State != nil {
+				if *n.State != NeedsLogin {
+					t.Errorf("n.State=%v, want %v", n.State, NeedsLogin)
+					return
+				}
+			}
+		case <-time.After(3 * time.Second):
+			t.Fatalf("timeout waiting for logout notification")
+		}
+	})
+}
+
+type testNode struct {
+	Backend    *LocalBackend
+	ChannelTUN *tuntest.ChannelTUN
+	NotifyCh   <-chan Notify
+}
+
+// Create a new IPN node.
+func newNode(t *testing.T, prefix string, https *httptest.Server) testNode {
+	t.Helper()
+	logfe := func(fmt string, args ...interface{}) {
+		t.Logf(prefix+".e: "+fmt, args...)
+	}
+	logf := func(fmt string, args ...interface{}) {
+		t.Logf(prefix+": "+fmt, args...)
+	}
+
+	tun := tuntest.NewChannelTUN()
+	e1, err := wgengine.NewUserspaceEngineAdvanced(logfe, tun.TUN(), wgengine.NewFakeRouter, 0)
+	if err != nil {
+		t.Fatalf("NewFakeEngine: %v\n", err)
+	}
+	n, err := NewLocalBackend(logf, prefix, &MemoryStore{}, e1)
+	if err != nil {
+		t.Fatalf("NewLocalBackend: %v\n", err)
+	}
+	nch := make(chan Notify, 1000)
+	c := controlclient.Persist{
+		Provider:  "google",
+		LoginName: "test1@tailscale.com",
+	}
+	prefs := NewPrefs()
+	prefs.ControlURL = https.URL
+	prefs.Persist = &c
+	n.Start(Options{
+		FrontendLogID: prefix + "-f",
+		Prefs:         prefs,
+		Notify: func(n Notify) {
+			// Automatically visit auth URLs
+			if n.BrowseToURL != nil {
+				t.Logf("\n\n\nURL! %vv\n", *n.BrowseToURL)
+				hc := https.Client()
+				_, err := hc.Get(*n.BrowseToURL)
+				if err != nil {
+					t.Logf("BrowseToURL: %v\n", err)
+				}
+			}
+			nch <- n
+		},
+	})
+
+	return testNode{
+		Backend:    n,
+		ChannelTUN: tun,
+		NotifyCh:   nch,
+	}
+}
+
+// Tell the control server to authorize the given node.
+func authNode(t *testing.T, ctl *control.Server, n *LocalBackend) {
+	mk := n.prefs.Persist.PrivateMachineKey.Public()
+	nk := n.prefs.Persist.PrivateNodeKey.Public()
+	ctl.AuthorizeMachine(tailcfg.MachineKey(mk), tailcfg.NodeKey(nk))
+}

ipn/fake.go

@@ -7,10 +7,6 @@ package ipn
 import (
 	"log"
 	"time"
-
-	"golang.org/x/oauth2"
-	"tailscale.com/control/controlclient"
-	"tailscale.com/ipn/ipnstate"
 )
 
 type FakeBackend struct {
@@ -43,18 +39,10 @@ func (b *FakeBackend) newState(s State) {
 func (b *FakeBackend) StartLoginInteractive() {
 	u := b.serverURL + "/this/is/fake"
 	b.notify(Notify{BrowseToURL: &u})
-	b.login()
-}
-
-func (b *FakeBackend) Login(token *oauth2.Token) {
-	b.login()
-}
-
-func (b *FakeBackend) login() {
 	b.newState(NeedsMachineAuth)
 	b.newState(Stopped)
 	// TODO(apenwarr): Fill in a more interesting netmap here.
-	b.notify(Notify{NetMap: &controlclient.NetworkMap{}})
+	b.notify(Notify{NetMap: &NetworkMap{}})
 	b.newState(Starting)
 	// TODO(apenwarr): Fill in a more interesting status.
 	b.notify(Notify{Engine: &EngineStatus{}})
@@ -83,10 +71,6 @@ func (b *FakeBackend) RequestEngineStatus() {
 	b.notify(Notify{Engine: &EngineStatus{}})
 }
 
-func (b *FakeBackend) RequestStatus() {
-	b.notify(Notify{Status: &ipnstate.Status{}})
-}
-
 func (b *FakeBackend) FakeExpireAfter(x time.Duration) {
-	b.notify(Notify{NetMap: &controlclient.NetworkMap{}})
+	b.notify(Notify{NetMap: &NetworkMap{}})
 }

ipn/handle.go

@@ -9,8 +9,6 @@ import (
 	"time"
 
 	"github.com/tailscale/wireguard-go/wgcfg"
-	"golang.org/x/oauth2"
-	"tailscale.com/control/controlclient"
 	"tailscale.com/types/logger"
 )
 
@@ -22,7 +20,7 @@ type Handle struct {
 
 	// Mutex protects everything below
 	mu                sync.Mutex
-	netmapCache       *controlclient.NetworkMap
+	netmapCache       *NetworkMap
 	engineStatusCache EngineStatus
 	stateCache        State
 	prefsCache        *Prefs
@@ -64,7 +62,7 @@ func (h *Handle) Reset() {
 func (h *Handle) notify(n Notify) {
 	h.mu.Lock()
 	if n.BackendLogID != nil {
-		h.logf("Handle: logs: be:%v fe:%v",
+		h.logf("Handle: logs: be:%v fe:%v\n",
 			*n.BackendLogID, h.frontendLogID)
 	}
 	if n.State != nil {
@@ -129,7 +127,7 @@ func (h *Handle) LocalAddrs() []wgcfg.CIDR {
 	return []wgcfg.CIDR{}
 }
 
-func (h *Handle) NetMap() *controlclient.NetworkMap {
+func (h *Handle) NetMap() *NetworkMap {
 	h.mu.Lock()
 	defer h.mu.Unlock()
 
@@ -155,10 +153,6 @@ func (h *Handle) StartLoginInteractive() {
 	h.b.StartLoginInteractive()
 }
 
-func (h *Handle) Login(token *oauth2.Token) {
-	h.b.Login(token)
-}
-
 func (h *Handle) Logout() {
 	h.b.Logout()
 }
@@ -167,10 +161,6 @@ func (h *Handle) RequestEngineStatus() {
 	h.b.RequestEngineStatus()
 }
 
-func (h *Handle) RequestStatus() {
-	h.b.RequestStatus()
-}
-
 func (h *Handle) FakeExpireAfter(x time.Duration) {
 	h.b.FakeExpireAfter(x)
 }

ipn/ipnserver/server.go

@@ -10,19 +10,20 @@ import (
 	"fmt"
 	"log"
 	"net"
-	"net/http"
 	"os"
 	"os/exec"
 	"os/signal"
+	"strings"
 	"sync"
 	"syscall"
 	"time"
 
+	"github.com/google/go-cmp/cmp"
+	"github.com/klauspost/compress/zstd"
 	"tailscale.com/control/controlclient"
 	"tailscale.com/ipn"
 	"tailscale.com/logtail/backoff"
 	"tailscale.com/safesocket"
-	"tailscale.com/smallzstd"
 	"tailscale.com/types/logger"
 	"tailscale.com/version"
 	"tailscale.com/wgengine"
@@ -33,19 +34,15 @@ type Options struct {
 	// SocketPath, on unix systems, is the unix socket path to listen
 	// on for frontend connections.
 	SocketPath string
-
 	// Port, on windows, is the localhost TCP port to listen on for
 	// frontend connections.
 	Port int
-
 	// StatePath is the path to the stored agent state.
 	StatePath string
-
 	// AutostartStateKey, if non-empty, immediately starts the agent
 	// using the given StateKey. If empty, the agent stays idle and
 	// waits for a frontend to start it.
 	AutostartStateKey ipn.StateKey
-
 	// LegacyConfigPath optionally specifies the old-style relaynode
 	// relay.conf location. If both LegacyConfigPath and
 	// AutostartStateKey are specified and the requested state doesn't
@@ -55,150 +52,48 @@ type Options struct {
 	// TODO(danderson): remove some time after the transition to
 	// tailscaled is done.
 	LegacyConfigPath string
-
 	// SurviveDisconnects specifies how the server reacts to its
 	// frontend disconnecting. If true, the server keeps running on
 	// its existing state, and accepts new frontend connections. If
 	// false, the server dumps its state and becomes idle.
-	//
-	// To support CLI connections (notably, "tailscale status"),
-	// the actual definition of "disconnect" is when the
-	// connection count transitions from 1 to 0.
 	SurviveDisconnects bool
-
-	// DebugMux, if non-nil, specifies an HTTP ServeMux in which
-	// to register a debug handler.
-	DebugMux *http.ServeMux
-
-	// ErrorMessage, if not empty, signals that the server will exist
-	// only to relay the provided critical error message to the user.
-	ErrorMessage string
 }
 
-// server is an IPN backend and its set of 0 or more active connections
-// talking to an IPN backend.
-type server struct {
-	resetOnZero bool // call bs.Reset on transition from 1->0 connections
+func pump(logf logger.Logf, ctx context.Context, bs *ipn.BackendServer, s net.Conn) {
+	defer logf("Control connection done.\n")
 
-	bsMu sync.Mutex // lock order: bsMu, then mu
-	bs   *ipn.BackendServer
-
-	mu      sync.Mutex
-	clients map[net.Conn]bool
-}
-
-func (s *server) serveConn(ctx context.Context, c net.Conn, logf logger.Logf) {
-	s.addConn(c)
-	logf("incoming control connection")
-	defer s.removeAndCloseConn(c)
-	for ctx.Err() == nil {
-		msg, err := ipn.ReadMsg(c)
+	for ctx.Err() == nil && !bs.GotQuit {
+		msg, err := ipn.ReadMsg(s)
 		if err != nil {
-			if ctx.Err() == nil {
-				logf("ReadMsg: %v", err)
-			}
-			return
+			logf("ReadMsg: %v\n", err)
+			break
 		}
-		s.bsMu.Lock()
-		if err := s.bs.GotCommandMsg(msg); err != nil {
-			logf("GotCommandMsg: %v", err)
-		}
-		gotQuit := s.bs.GotQuit
-		s.bsMu.Unlock()
-		if gotQuit {
-			return
+		err = bs.GotCommandMsg(msg)
+		if err != nil {
+			logf("GotCommandMsg: %v\n", err)
+			break
 		}
 	}
 }
 
-func (s *server) addConn(c net.Conn) {
-	s.mu.Lock()
-	defer s.mu.Unlock()
-	if s.clients == nil {
-		s.clients = map[net.Conn]bool{}
-	}
-	s.clients[c] = true
-}
-
-func (s *server) removeAndCloseConn(c net.Conn) {
-	s.mu.Lock()
-	delete(s.clients, c)
-	remain := len(s.clients)
-	s.mu.Unlock()
-
-	if remain == 0 && s.resetOnZero {
-		s.bsMu.Lock()
-		s.bs.Reset()
-		s.bsMu.Unlock()
-	}
-	c.Close()
-}
-
-func (s *server) stopAll() {
-	s.mu.Lock()
-	defer s.mu.Unlock()
-	for c := range s.clients {
-		safesocket.ConnCloseRead(c)
-		safesocket.ConnCloseWrite(c)
-	}
-	s.clients = nil
-}
-
-func (s *server) writeToClients(b []byte) {
-	s.mu.Lock()
-	defer s.mu.Unlock()
-	for c := range s.clients {
-		ipn.WriteMsg(c, b)
-	}
-}
-
-func Run(ctx context.Context, logf logger.Logf, logid string, opts Options, e wgengine.Engine) error {
-	runDone := make(chan struct{})
-	defer close(runDone)
+func Run(rctx context.Context, logf logger.Logf, logid string, opts Options, e wgengine.Engine) (err error) {
+	runDone := make(chan error, 1)
+	defer func() { runDone <- err }()
 
 	listen, _, err := safesocket.Listen(opts.SocketPath, uint16(opts.Port))
 	if err != nil {
 		return fmt.Errorf("safesocket.Listen: %v", err)
 	}
 
-	server := &server{
-		resetOnZero: !opts.SurviveDisconnects,
-	}
-
-	// When the context is closed or when we return, whichever is first, close our listner
-	// and all open connections.
+	// Go listeners can't take a context, close it instead.
 	go func() {
 		select {
-		case <-ctx.Done():
+		case <-rctx.Done():
 		case <-runDone:
 		}
-		server.stopAll()
 		listen.Close()
 	}()
-	logf("Listening on %v", listen.Addr())
-
-	bo := backoff.NewBackoff("ipnserver", logf)
-
-	if opts.ErrorMessage != "" {
-		for i := 1; ctx.Err() == nil; i++ {
-			s, err := listen.Accept()
-			if err != nil {
-				logf("%d: Accept: %v", i, err)
-				bo.BackOff(ctx, err)
-				continue
-			}
-			serverToClient := func(b []byte) {
-				ipn.WriteMsg(s, b)
-			}
-			go func() {
-				defer s.Close()
-				bs := ipn.NewBackendServer(logf, nil, serverToClient)
-				bs.SendErrorMessage(opts.ErrorMessage)
-				s.Read(make([]byte, 1))
-			}()
-		}
-		return ctx.Err()
-	}
+	logf("Listening on %v\n", listen.Addr())
 
 	var store ipn.StateStore
 	if opts.StatePath != "" {
@@ -214,24 +109,22 @@ func Run(ctx context.Context, logf logger.Logf, logid string, opts Options, e wg
 	if err != nil {
 		return fmt.Errorf("NewLocalBackend: %v", err)
 	}
-	defer b.Shutdown()
 	b.SetDecompressor(func() (controlclient.Decompressor, error) {
-		return smallzstd.NewDecoder(nil)
+		return zstd.NewReader(nil)
 	})
+	b.SetCmpDiff(func(x, y interface{}) string { return cmp.Diff(x, y) })
 
-	if opts.DebugMux != nil {
-		opts.DebugMux.HandleFunc("/debug/ipn", func(w http.ResponseWriter, r *http.Request) {
-			w.Header().Set("Content-Type", "text/html; charset=utf-8")
-			st := b.Status()
-			// TODO(bradfitz): add LogID and opts to st?
-			st.WriteHTML(w)
-		})
+	var s net.Conn
+	serverToClient := func(b []byte) {
+		if s != nil { // TODO: racy access to s?
+			ipn.WriteMsg(s, b)
+		}
 	}
 
-	server.bs = ipn.NewBackendServer(logf, b, server.writeToClients)
+	bs := ipn.NewBackendServer(logf, b, serverToClient)
 
 	if opts.AutostartStateKey != "" {
-		server.bs.GotCommand(&ipn.Command{
+		bs.GotCommand(&ipn.Command{
 			Version: version.LONG,
 			Start: &ipn.StartArgs{
 				Opts: ipn.Options{
@@ -242,18 +135,55 @@ func Run(ctx context.Context, logf logger.Logf, logid string, opts Options, e wg
 		})
 	}
 
-	for i := 1; ctx.Err() == nil; i++ {
-		c, err := listen.Accept()
+	var (
+		oldS   net.Conn
+		ctx    context.Context
+		cancel context.CancelFunc
+	)
+	stopAll := func() {
+		// Currently we only support one client connection at a time.
+		// Theoretically we could allow multiple clients, by passing
+		// notifications to all of them and accepting commands from
+		// any of them, but there doesn't seem to be much need for
+		// that right now.
+		if oldS != nil {
+			cancel()
+			safesocket.ConnCloseRead(oldS)
+			safesocket.ConnCloseWrite(oldS)
+		}
+	}
+
+	bo := backoff.Backoff{Name: "ipnserver"}
+
+	for i := 1; rctx.Err() == nil; i++ {
+		s, err = listen.Accept()
 		if err != nil {
-			if ctx.Err() == nil {
-				logf("ipnserver: Accept: %v", err)
-				bo.BackOff(ctx, err)
-			}
+			logf("%d: Accept: %v\n", i, err)
+			bo.BackOff(rctx, err)
 			continue
 		}
-		go server.serveConn(ctx, c, logger.WithPrefix(logf, fmt.Sprintf("ipnserver: conn%d: ", i)))
+		logf("%d: Incoming control connection.\n", i)
+		stopAll()
+
+		ctx, cancel = context.WithCancel(rctx)
+		oldS = s
+
+		go func(ctx context.Context, s net.Conn, i int) {
+			logf := logger.WithPrefix(logf, fmt.Sprintf("%d: ", i))
+			pump(logf, ctx, bs, s)
+			if !opts.SurviveDisconnects || bs.GotQuit {
+				bs.Reset()
+				s.Close()
+			}
+			// Quitting not allowed, just keep going.
+			bs.GotQuit = false
+		}(ctx, s, i)
+
+		bo.BackOff(ctx, nil)
 	}
-	return ctx.Err()
+	stopAll()
+
+	return rctx.Err()
 }
 
 func BabysitProc(ctx context.Context, args []string, logf logger.Logf) {
@@ -275,10 +205,10 @@ func BabysitProc(ctx context.Context, args []string, logf logger.Logf) {
 		var sig os.Signal
 		select {
 		case sig = <-interrupt:
-			logf("BabysitProc: got signal: %v", sig)
+			logf("BabysitProc: got signal: %v\n", sig)
 			close(done)
 		case <-ctx.Done():
-			logf("BabysitProc: context done")
+			logf("BabysitProc: context done\n")
 			sig = os.Kill
 			close(done)
 		}
@@ -288,11 +218,11 @@ func BabysitProc(ctx context.Context, args []string, logf logger.Logf) {
 		proc.mu.Unlock()
 	}()
 
-	bo := backoff.NewBackoff("BabysitProc", logf)
+	bo := backoff.Backoff{Name: "BabysitProc"}
 
 	for {
 		startTime := time.Now()
-		log.Printf("exec: %#v %v", executable, args)
+		log.Printf("exec: %#v %v\n", executable, args)
 		cmd := exec.Command(executable, args...)
 
 		// Create a pipe object to use as the subproc's stdin.
@@ -303,7 +233,7 @@ func BabysitProc(ctx context.Context, args []string, logf logger.Logf) {
 		// We never need to actually write to wStdin.
 		rStdin, wStdin, err := os.Pipe()
 		if err != nil {
-			log.Printf("os.Pipe 1: %v", err)
+			log.Printf("os.Pipe 1: %v\n", err)
 			return
 		}
 
@@ -315,7 +245,7 @@ func BabysitProc(ctx context.Context, args []string, logf logger.Logf) {
 		// logf() calls. bufio is more appropriate.
 		rStdout, wStdout, err := os.Pipe()
 		if err != nil {
-			log.Printf("os.Pipe 2: %v", err)
+			log.Printf("os.Pipe 2: %v\n", err)
 		}
 		go func(r *os.File) {
 			defer r.Close()
@@ -323,7 +253,7 @@ func BabysitProc(ctx context.Context, args []string, logf logger.Logf) {
 			for {
 				s, err := rb.ReadString('\n')
 				if s != "" {
-					logf("%s", s)
+					logf("%s\n", strings.TrimSuffix(s, "\n"))
 				}
 				if err != nil {
 					break

ipn/ipnstate/ipnstate.go

@@ -1,304 +0,0 @@
-// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package ipnstate captures the entire state of the Tailscale network.
-//
-// It's a leaf package so ipn, wgengine, and magicsock can all depend on it.
-package ipnstate
-
-import (
-	"bytes"
-	"fmt"
-	"html"
-	"io"
-	"log"
-	"sort"
-	"strings"
-	"sync"
-	"time"
-
-	"tailscale.com/tailcfg"
-	"tailscale.com/types/key"
-)
-
-// Status represents the entire state of the IPN network.
-type Status struct {
-	BackendState string
-	Peer         map[key.Public]*PeerStatus
-	User         map[tailcfg.UserID]tailcfg.UserProfile
-}
-
-func (s *Status) Peers() []key.Public {
-	kk := make([]key.Public, 0, len(s.Peer))
-	for k := range s.Peer {
-		kk = append(kk, k)
-	}
-	sort.Slice(kk, func(i, j int) bool { return bytes.Compare(kk[i][:], kk[j][:]) < 0 })
-	return kk
-}
-
-type PeerStatus struct {
-	PublicKey key.Public
-	HostName  string // HostInfo's Hostname (not a DNS name or necessarily unique)
-	OS        string // HostInfo.OS
-	UserID    tailcfg.UserID
-
-	TailAddr string // Tailscale IP
-
-	// Endpoints:
-	Addrs   []string
-	CurAddr string // one of Addrs, or unique if roaming
-	Relay   string // DERP region
-
-	RxBytes       int64
-	TxBytes       int64
-	Created       time.Time // time registered with tailcontrol
-	LastWrite     time.Time // time last packet sent
-	LastSeen      time.Time // last seen to tailcontrol
-	LastHandshake time.Time // with local wireguard
-	KeepAlive     bool
-
-	// InNetworkMap means that this peer was seen in our latest network map.
-	// In theory, all of InNetworkMap and InMagicSock and InEngine should all be true.
-	InNetworkMap bool
-
-	// InMagicSock means that this peer is being tracked by magicsock.
-	// In theory, all of InNetworkMap and InMagicSock and InEngine should all be true.
-	InMagicSock bool
-
-	// InEngine means that this peer is tracked by the wireguard engine.
-	// In theory, all of InNetworkMap and InMagicSock and InEngine should all be true.
-	InEngine bool
-}
-
-// SimpleHostName returns a potentially simplified version of ps.HostName for display purposes.
-func (ps *PeerStatus) SimpleHostName() string {
-	n := ps.HostName
-	n = strings.TrimSuffix(n, ".local")
-	n = strings.TrimSuffix(n, ".localdomain")
-	return n
-}
-
-type StatusBuilder struct {
-	mu     sync.Mutex
-	locked bool
-	st     Status
-}
-
-func (sb *StatusBuilder) Status() *Status {
-	sb.mu.Lock()
-	defer sb.mu.Unlock()
-	sb.locked = true
-	return &sb.st
-}
-
-// AddUser adds a user profile to the status.
-func (sb *StatusBuilder) AddUser(id tailcfg.UserID, up tailcfg.UserProfile) {
-	sb.mu.Lock()
-	defer sb.mu.Unlock()
-	if sb.locked {
-		log.Printf("[unexpected] ipnstate: AddUser after Locked")
-		return
-	}
-
-	if sb.st.User == nil {
-		sb.st.User = make(map[tailcfg.UserID]tailcfg.UserProfile)
-	}
-
-	sb.st.User[id] = up
-}
-
-// AddPeer adds a peer node to the status.
-//
-// Its PeerStatus is mixed with any previous status already added.
-func (sb *StatusBuilder) AddPeer(peer key.Public, st *PeerStatus) {
-	if st == nil {
-		panic("nil PeerStatus")
-	}
-
-	sb.mu.Lock()
-	defer sb.mu.Unlock()
-	if sb.locked {
-		log.Printf("[unexpected] ipnstate: AddPeer after Locked")
-		return
-	}
-
-	if sb.st.Peer == nil {
-		sb.st.Peer = make(map[key.Public]*PeerStatus)
-	}
-	e, ok := sb.st.Peer[peer]
-	if !ok {
-		sb.st.Peer[peer] = st
-		st.PublicKey = peer
-		return
-	}
-
-	if v := st.HostName; v != "" {
-		e.HostName = v
-	}
-	if v := st.Relay; v != "" {
-		e.Relay = v
-	}
-	if v := st.UserID; v != 0 {
-		e.UserID = v
-	}
-	if v := st.TailAddr; v != "" {
-		e.TailAddr = v
-	}
-	if v := st.OS; v != "" {
-		e.OS = st.OS
-	}
-	if v := st.Addrs; v != nil {
-		e.Addrs = v
-	}
-	if v := st.CurAddr; v != "" {
-		e.CurAddr = v
-	}
-	if v := st.RxBytes; v != 0 {
-		e.RxBytes = v
-	}
-	if v := st.TxBytes; v != 0 {
-		e.TxBytes = v
-	}
-	if v := st.LastHandshake; !v.IsZero() {
-		e.LastHandshake = v
-	}
-	if v := st.Created; !v.IsZero() {
-		e.Created = v
-	}
-	if v := st.LastSeen; !v.IsZero() {
-		e.LastSeen = v
-	}
-	if v := st.LastWrite; !v.IsZero() {
-		e.LastWrite = v
-	}
-	if st.InNetworkMap {
-		e.InNetworkMap = true
-	}
-	if st.InMagicSock {
-		e.InMagicSock = true
-	}
-	if st.InEngine {
-		e.InEngine = true
-	}
-	if st.KeepAlive {
-		e.KeepAlive = true
-	}
-}
-
-type StatusUpdater interface {
-	UpdateStatus(*StatusBuilder)
-}
-
-func (st *Status) WriteHTML(w io.Writer) {
-	f := func(format string, args ...interface{}) { fmt.Fprintf(w, format, args...) }
-
-	f(`<!DOCTYPE html>
-<html lang="en">
-<head>
-<title>Tailscale State</title>
-<style>
-body { font-family: monospace; }
-.owner { text-decoration: underline; }
-.tailaddr { font-style: italic; }
-.acenter { text-align: center; }
-.aright { text-align: right; }
-table, th, td { border: 1px solid black; border-spacing : 0; border-collapse : collapse; }
-thead { background-color: #FFA500; }
-th, td { padding: 5px; }
-td { vertical-align: top; }
-table tbody tr:nth-child(even) td { background-color: #f5f5f5; }
-</style>
-</head>
-<body>
-<h1>Tailscale State</h1>
-`)
-
-	//f("<p><b>logid:</b> %s</p>\n", logid)
-	//f("<p><b>opts:</b> <code>%s</code></p>\n", html.EscapeString(fmt.Sprintf("%+v", opts)))
-
-	f("<table>\n<thead>\n")
-	f("<tr><th>Peer</th><th>Node</th><th>Owner</th><th>Rx</th><th>Tx</th><th>Activity</th><th>Endpoints</th></tr>\n")
-	f("</thead>\n<tbody>\n")
-
-	now := time.Now()
-
-	for _, peer := range st.Peers() {
-		ps := st.Peer[peer]
-		var actAgo string
-		if !ps.LastWrite.IsZero() {
-			ago := now.Sub(ps.LastWrite)
-			actAgo = ago.Round(time.Second).String() + " ago"
-			if ago < 5*time.Minute {
-				actAgo = "<b>" + actAgo + "</b>"
-			}
-		}
-		var owner string
-		if up, ok := st.User[ps.UserID]; ok {
-			owner = up.LoginName
-			if i := strings.Index(owner, "@"); i != -1 {
-				owner = owner[:i]
-			}
-		}
-		f("<tr><td>%s</td><td>%s %s<br><span class=\"tailaddr\">%s</span></td><td class=\"acenter owner\">%s</td><td class=\"aright\">%v</td><td class=\"aright\">%v</td><td class=\"aright\">%v</td>",
-			peer.ShortString(),
-			html.EscapeString(ps.SimpleHostName()),
-			osEmoji(ps.OS),
-			ps.TailAddr,
-			html.EscapeString(owner),
-			ps.RxBytes,
-			ps.TxBytes,
-			actAgo,
-		)
-		f("<td class=\"aright\">")
-		// TODO: let server report this active bool instead
-		active := !ps.LastWrite.IsZero() && time.Since(ps.LastWrite) < 2*time.Minute
-		relay := ps.Relay
-		if relay != "" {
-			if active && ps.CurAddr == "" {
-				f("🔗 <b>derp-%v</b><br>", html.EscapeString(relay))
-			} else {
-				f("derp-%v<br>", html.EscapeString(relay))
-			}
-		}
-
-		match := false
-		for _, addr := range ps.Addrs {
-			if addr == ps.CurAddr {
-				match = true
-				f("🔗 <b>%s</b><br>", addr)
-			} else {
-				f("%s<br>", addr)
-			}
-		}
-		if ps.CurAddr != "" && !match {
-			f("<b>%s</b> \xf0\x9f\xa7\xb3<br>", ps.CurAddr)
-		}
-		f("</td>") // end Addrs
-
-		f("</tr>\n")
-	}
-	f("</tbody>\n</table>\n")
-	f("</body>\n</html>\n")
-}
-
-func osEmoji(os string) string {
-	switch os {
-	case "linux":
-		return "🐧"
-	case "macOS":
-		return "🍎"
-	case "windows":
-		return "🖥️"
-	case "iOS":
-		return "📱"
-	case "android":
-		return "🤖"
-	case "freebsd":
-		return "👿"
-	case "openbsd":
-		return "🐡"
-	}
-	return "👽"
-}

ipn/message.go

@@ -13,9 +13,7 @@ import (
 	"log"
 	"time"
 
-	"golang.org/x/oauth2"
 	"tailscale.com/types/logger"
-	"tailscale.com/types/structs"
 	"tailscale.com/version"
 )
 
@@ -36,25 +34,15 @@ type FakeExpireAfterArgs struct {
 // Command is a command message that is JSON encoded and sent by a
 // frontend to a backend.
 type Command struct {
-	_ structs.Incomparable
-
-	// Version is the binary version of the frontend (the client).
 	Version string
 
-	// AllowVersionSkew controls whether it's permitted for the
-	// client and server to have a different version. The default
-	// (false) means to be strict.
-	AllowVersionSkew bool
-
 	// Exactly one of the following must be non-nil.
 	Quit                  *NoArgs
 	Start                 *StartArgs
 	StartLoginInteractive *NoArgs
-	Login                 *oauth2.Token
 	Logout                *NoArgs
 	SetPrefs              *SetPrefsArgs
 	RequestEngineStatus   *NoArgs
-	RequestStatus         *NoArgs
 	FakeExpireAfter       *FakeExpireAfterArgs
 }
 
@@ -77,38 +65,26 @@ func (bs *BackendServer) send(n Notify) {
 	n.Version = version.LONG
 	b, err := json.Marshal(n)
 	if err != nil {
-		log.Fatalf("Failed json.Marshal(notify): %v\n%#v", err, n)
+		log.Fatalf("Failed json.Marshal(notify): %v\n%#v\n", err, n)
 	}
 	bs.sendNotifyMsg(b)
 }
 
-func (bs *BackendServer) SendErrorMessage(msg string) {
-	bs.send(Notify{ErrMessage: &msg})
-}
-
 // GotCommandMsg parses the incoming message b as a JSON Command and
 // calls GotCommand with it.
 func (bs *BackendServer) GotCommandMsg(b []byte) error {
 	cmd := &Command{}
-	if len(b) == 0 {
-		return nil
-	}
 	if err := json.Unmarshal(b, cmd); err != nil {
 		return err
 	}
 	return bs.GotCommand(cmd)
 }
 
-func (bs *BackendServer) GotFakeCommand(cmd *Command) error {
-	cmd.Version = version.LONG
-	return bs.GotCommand(cmd)
-}
-
 func (bs *BackendServer) GotCommand(cmd *Command) error {
-	if cmd.Version != version.LONG && !cmd.AllowVersionSkew {
-		vs := fmt.Sprintf("GotCommand: Version mismatch! frontend=%#v backend=%#v",
+	if cmd.Version != version.LONG {
+		vs := fmt.Sprintf("Version mismatch! frontend=%#v backend=%#v\n",
 			cmd.Version, version.LONG)
-		bs.logf("%s", vs)
+		bs.logf("%s\n", vs)
 		// ignore the command, but send a message back to the
 		// caller so it can realize the version mismatch too.
 		// We don't want to exit because it might cause a crash
@@ -130,9 +106,6 @@ func (bs *BackendServer) GotCommand(cmd *Command) error {
 	} else if c := cmd.StartLoginInteractive; c != nil {
 		bs.b.StartLoginInteractive()
 		return nil
-	} else if c := cmd.Login; c != nil {
-		bs.b.Login(c)
-		return nil
 	} else if c := cmd.Logout; c != nil {
 		bs.b.Logout()
 		return nil
@@ -142,9 +115,6 @@ func (bs *BackendServer) GotCommand(cmd *Command) error {
 	} else if c := cmd.RequestEngineStatus; c != nil {
 		bs.b.RequestEngineStatus()
 		return nil
-	} else if c := cmd.RequestStatus; c != nil {
-		bs.b.RequestStatus()
-		return nil
 	} else if c := cmd.FakeExpireAfter; c != nil {
 		bs.b.FakeExpireAfter(c.Duration)
 		return nil
@@ -156,17 +126,13 @@ func (bs *BackendServer) GotCommand(cmd *Command) error {
 func (bs *BackendServer) Reset() error {
 	// Tell the backend we got a Logout command, which will cause it
 	// to forget all its authentication information.
-	return bs.GotFakeCommand(&Command{Logout: &NoArgs{}})
+	return bs.GotCommand(&Command{Logout: &NoArgs{}})
 }
 
 type BackendClient struct {
 	logf           logger.Logf
 	sendCommandMsg func(jsonb []byte)
 	notify         func(Notify)
-
-	// AllowVersionSkew controls whether to allow mismatched
-	// frontend & backend versions.
-	AllowVersionSkew bool
 }
 
 func NewBackendClient(logf logger.Logf, sendCommandMsg func(jsonb []byte)) *BackendClient {
@@ -177,18 +143,14 @@ func NewBackendClient(logf logger.Logf, sendCommandMsg func(jsonb []byte)) *Back
 }
 
 func (bc *BackendClient) GotNotifyMsg(b []byte) {
-	if len(b) == 0 {
-		// not interesting
-		return
-	}
 	n := Notify{}
 	if err := json.Unmarshal(b, &n); err != nil {
-		log.Fatalf("BackendClient.Notify: cannot decode message (length=%d)\n%#v", len(b), string(b))
+		log.Fatalf("BackendClient.Notify: cannot decode message")
 	}
-	if n.Version != version.LONG && !bc.AllowVersionSkew {
-		vs := fmt.Sprintf("GotNotify: Version mismatch! frontend=%#v backend=%#v",
+	if n.Version != version.LONG {
+		vs := fmt.Sprintf("Version mismatch! frontend=%#v backend=%#v",
 			version.LONG, n.Version)
-		bc.logf("%s", vs)
+		bc.logf("%s\n", vs)
 		// delete anything in the notification except the version,
 		// to prevent incorrect operation.
 		n = Notify{
@@ -210,10 +172,6 @@ func (bc *BackendClient) send(cmd Command) {
 	bc.sendCommandMsg(b)
 }
 
-func (bc *BackendClient) SetNotifyCallback(fn func(Notify)) {
-	bc.notify = fn
-}
-
 func (bc *BackendClient) Quit() error {
 	bc.send(Command{Quit: &NoArgs{}})
 	return nil
@@ -230,10 +188,6 @@ func (bc *BackendClient) StartLoginInteractive() {
 	bc.send(Command{StartLoginInteractive: &NoArgs{}})
 }
 
-func (bc *BackendClient) Login(token *oauth2.Token) {
-	bc.send(Command{Login: token})
-}
-
 func (bc *BackendClient) Logout() {
 	bc.send(Command{Logout: &NoArgs{}})
 }
@@ -246,10 +200,6 @@ func (bc *BackendClient) RequestEngineStatus() {
 	bc.send(Command{RequestEngineStatus: &NoArgs{}})
 }
 
-func (bc *BackendClient) RequestStatus() {
-	bc.send(Command{AllowVersionSkew: true, RequestStatus: &NoArgs{}})
-}
-
 func (bc *BackendClient) FakeExpireAfter(x time.Duration) {
 	bc.send(Command{FakeExpireAfter: &FakeExpireAfterArgs{Duration: x}})
 }
@@ -270,13 +220,10 @@ func ReadMsg(r io.Reader) ([]byte, error) {
 		return nil, fmt.Errorf("ipn.Read: message too large: %v bytes", n)
 	}
 	b := make([]byte, n)
-	nn, err := io.ReadFull(r, b)
+	_, err = io.ReadFull(r, b)
 	if err != nil {
 		return nil, err
 	}
-	if nn != int(n) {
-		return nil, fmt.Errorf("ipn.Read: expected %v bytes, got %v", n, nn)
-	}
 	return b, nil
 }
 

ipn/message_test.go

@@ -9,14 +9,14 @@ import (
 	"testing"
 	"time"
 
-	"golang.org/x/oauth2"
-	"tailscale.com/tstest"
+	"tailscale.com/testy"
 )
 
 func TestReadWrite(t *testing.T) {
-	tstest.PanicOnLog()
+	testy.FixLogs(t)
+	defer testy.UnfixLogs(t)
 
-	rc := tstest.NewResourceCheck()
+	rc := testy.NewResourceCheck()
 	defer rc.Assert(t)
 
 	buf := bytes.Buffer{}
@@ -62,9 +62,10 @@ func TestReadWrite(t *testing.T) {
 }
 
 func TestClientServer(t *testing.T) {
-	tstest.PanicOnLog()
+	testy.FixLogs(t)
+	defer testy.UnfixLogs(t)
 
-	rc := tstest.NewResourceCheck()
+	rc := testy.NewResourceCheck()
 	defer rc.Assert(t)
 
 	b := &FakeBackend{}
@@ -178,10 +179,4 @@ func TestClientServer(t *testing.T) {
 
 	h.Logout()
 	flushUntil(NeedsLogin)
-
-	h.Login(&oauth2.Token{
-		AccessToken: "google_id_token",
-		TokenType:   GoogleIDTokenType,
-	})
-	flushUntil(Running)
 }