profile
viewpoint
Brad Fitzpatrick bradfitz Seattle https://bradfitz.com/ Xoogler. Ex @golang team (2010-2020). Currently making WireGuard easier and more magical @Tailscale.

bradfitz/exp-httpclient 551

experimental new HTTP client API for #golang (WIP)

bradfitz/embiggen-disk 424

embiggden-disk live-resizes a filesystem after first live-resizing any necessary layers below it: an optional LVM LV and PV, and an MBR or GPT partition table

bradfitz/gitbrute 327

brute-force a git commit hash

bradfitz/autocertdelegate 220

Get LetsEncrypt TLS certs for internal-only TLS servers via a delegated golang.org/x/crypto/acme/autocert server.

bradfitz/go-smtpd 193

SMTP server library for Go

bmizerany/perks 149

Effective Computation of Things

bradfitz/campher 116

Embed Perl in Go. This works, but was a joke for a presentation. Don't use.

bradfitz/deadbeef 100

Gimmicky commit hash made using bradfitz/gitbrute

bradfitz/go-sql-test 95

test ALL the databases

bradfitz/android-garage-opener 82

Android Garage Door Opener

issue commenttailscale/tailscale

Assorted Android bugs discovered while testing on ChromeOS

@eliasnaur, I can reproduce the flickering on an Acer Chromebook Spin 11 (significantly cheaper than a Pixelbook, fwiw).

apenwarr

comment created time in a day

issue openedtailscale/tailscale

windows: CreateTUN: Error registering rings: Error listing NDIS interfaces: no interfaces found

The Tailscale service doesn't start for some Windows users. Logs:

...
2020-07-05 01:26:33.6081829 +0300 +0300: exec: "C:\\Program Files (x86)\\Tailscale IPN\\tailscale-ipn.exe" [/subproc d97dc6ff5d0a8c099bb92d33ac5225271e40a3a461ed1166c09e8d33b7514c9d]
2020-07-05 01:26:33.6301312 +0300 +0300: Program starting: v0.95-0: []string{"C:\\Program Files (x86)\\Tailscale IPN\\tailscale-ipn.exe", "/subproc", "d97dc6ff5d0a8c099bb92d33ac5225271e40a3a461ed1166c09e8d33b7514c9d"}
2020-07-05 01:26:33.6301312 +0300 +0300: subproc mode: logid=d97dc6ff5d0a8c099bb92d33ac5225271e40a3a461ed1166c09e8d33b7514c9d
2020-07-05 01:26:33.6301312 +0300 +0300: srv: 1.3M/0.0M Starting userspace wireguard engine.
2020-07-05 01:26:33.6301312 +0300 +0300: srv: 1.3M/0.0M external packet routing via --tun=Tailscale enabled
2020-07-05 01:26:35.0389907 +0300 +0300: CreateTUN: Error registering rings: Error listing NDIS interfaces: no interfaces found
2020-07-05 01:26:35.0389907 +0300 +0300: wgengine.New: Error registering rings: Error listing NDIS interfaces: no interfaces found
2020-07-05 01:26:35.0509909 +0300 +0300: subprocess exited: exit status 1
2020-07-05 01:26:35.0509909 +0300 +0300: BabysitProc: backoff: 39637 msec
...

The Error listing NDIS interfaces is from:

https://github.com/tailscale/wireguard-go/blob/main/tun/wintun/wintun_windows.go

// handle returns a handle to the interface device object.                                                                                                                                  
func (wintun *Interface) handle() (windows.Handle, error) {
        interfaces, err := setupapi.CM_Get_Device_Interface_List(wintun.devInstanceID, &deviceInterfaceNetGUID, setupapi.CM_GET_DEVICE_INTERFACE_LIST_PRESENT)
        if err != nil {
                return windows.InvalidHandle, fmt.Errorf("Error listing NDIS interfaces: %v", err)
        }

Which calls this, which returns the `no interfaces found:

https://github.com/tailscale/wireguard-go/blob/de1f1af1f35f0892b833a64c7080b265d18cf17a/tun/wintun/setupapi/setupapi_windows.go#L503

...
	if interfaces == nil {
		return nil, fmt.Errorf("no interfaces found")
	}
...

created time in a day

issue commenttailscale/tailscale

Expose a machine on many VPNs (like the IRC)

That'll be an upcoming feature. It's not available yet. The Hello test service is a special case for now.

toonsevrin

comment created time in 2 days

delete branch tailscale/tailscale

delete branch : bradfitz/version_git_abbrev

delete time in 2 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 0fc15dcbd551d7d5f93290fba8cb36e507e3142e

version: explicitly use 9 hex digits in git describe version number So it doesn't vary based on who's doing the release with which version of git. Fixes tailscale/corp#419

view details

push time in 2 days

PR merged tailscale/tailscale

Reviewers
version: explicitly use 9 hex digits in git describe version number

So it doesn't vary based on who's doing the release with which version of git.

Fixes tailscale/corp#419

<!-- Reviewable:start -->

This change is <img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/> <!-- Reviewable:end -->

+1 -1

0 comment

1 changed file

bradfitz

pr closed time in 2 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 5132edacf78999ee10d3bcd91696cfa84fc55f09

wgengine/magicsock: fix data race from undocumented wireguard-go requirement Endpoints need to be Stringers apparently. Fixes tailscale/corp#422

view details

push time in 2 days

PR opened tailscale/tailscale

Reviewers
version: explicitly use 9 hex digits in git describe version number

So it doesn't vary based on who's doing the release with which version of git.

Fixes tailscale/corp#419

+1 -1

0 comment

1 changed file

pr created time in 2 days

create barnchtailscale/tailscale

branch : bradfitz/version_git_abbrev

created branch time in 2 days

created tagtailscale/tailscale

tagv0.100.0

The easiest, most secure way to use WireGuard and 2FA.

created time in 3 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 9fbe8d7cf25442a9fd716d39ae3aa49908ee039f

go.mod: bump wireguard

view details

push time in 3 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 3f74859bb0e1b59ec02758176596917a80a9db33

version: new month, new date string

view details

Brad Fitzpatrick

commit sha c9089c82e8748acce85e10d4aa145705d69c5bfb

control/controlclient, tailcfg: turn active route discovery on by default Updates #483

view details

push time in 3 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 630379a1d06b9dd140a8ebe8d3668e74a5227fa4

cmd/tailscale: add tailscale status region name, last write, consistently star There's a lot of confusion around what tailscale status shows, so make it better: show region names, last write time, and put stars around DERP too if active. Now stars are always present if activity, and always somewhere.

view details

push time in 3 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 0ea51872c9085c468bb1ad2213234b638856ab49

types/logger: add rateFreePrefix rate-limiting-exempt log format prefixes Per conversation with @danderson.

view details

push time in 3 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 9a8700b02af03deb19e040d1a606543ac1c63a0e

wgengine/magicsock: add discoEndpoint heartbeat Updates #483

view details

push time in 3 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 9f930ef2bfc3fbfda4140dc754ec3d86fce53510

wgengine/magicsock: remove the discoEndpoint.timers map It ended up being more complicated than it was worth.

view details

push time in 3 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha f5f3885b5bf2ea5339c485d37886d15e4acfd94b

wgengine/magicsock: bunch of misc discovery path cleanups * fix tailscale status for peers using discovery * as part of that, pull out disco address selection into reusable and testable discoEndpoint.addrForSendLocked * truncate ping/pong logged hex txids in half to eliminate noise * move a bunch of random time constants into named constants with docs * track a history of per-endpoint pong replies for future use & status display * add "send" and " got" prefix to discovery message logging immediately before the frame type so it's easier to read than searching for the "<-" or "->" arrows earlier in the line; but keep those as the more reasily machine readable part for later. Updates #483

view details

push time in 3 days

issue commenttailscale/tailscale

Android: crashes some Chromebooks upon opening

We've ordered that laptop. Should have it tomorrow.

We'll likely escalate to the Chrome team as well.

But I can at least fix those permission errors.

Smittyvb

comment created time in 3 days

issue commenttailscale/tailscale

Android: crashes some Chromebooks upon opening

We should have no access to crash your Chromebook even if we wanted to. This seems like a bug that Google and/or Acer should work on.

I suppose we could try to avoid it, though, but that's not the real fix.

/cc @eliasnaur

Smittyvb

comment created time in 3 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 6c70cf7222d9472c603d2ad83fbadf4baa2dddf7

wgengine/magicsock: stop ping timeout timer on pong receipt, misc log cleanup Updates #483

view details

Brad Fitzpatrick

commit sha 7883e5c5e762a8f2af1f2c8c44294ee0ffa99930

go.mod: restore staticcheck module, make it stick around, go mod tidy It kept coming & going as different people ran go mod tidy and others ran staticcheck. Make it stop going away with go mod tidy by adding a dep to it.

view details

push time in 3 days

Pull request review commenttailscale/tailscale

Add HandlePacket and Inject, so machines can optionally mangle packets

 func TestMultiNetwork(t *testing.T) { 		t.Errorf("addr = %q; want %q", addr, natLANAddr) 	} }++func TestPacketHandler(t *testing.T) {+	lan := &Network{+		Name:    "lan",+		Prefix4: mustPrefix("192.168.0.0/24"),+		Prefix6: mustPrefix("fd00:916::/64"),+	}+	internet := NewInternet()++	client := &Machine{Name: "client"}+	nat := &Machine{Name: "nat"}+	lan.SetDefaultGateway(nat)+	server := &Machine{Name: "server"}++	ifClient := client.Attach("eth0", lan)+	ifNATWAN := nat.Attach("wan", internet)+	_ = nat.Attach("lan", lan)+	ifServer := server.Attach("server", internet)++	nat.HandlePacket = func(p []byte, dst, src netaddr.IPPort) PacketVerdict {+		switch {+		case dst.IP.Is6():+			return Continue // no NAT for ipv6+		case src.IP == ifClient.V4():+			nat.Inject(p, dst, netaddr.IPPort{IP: ifNATWAN.V4(), Port: src.Port})

when we do a real nat impl somewhere reusable we'll want to do things not like do this .V4() lookup on each packet probably. But again, I should not care for this code :)

danderson

comment created time in 3 days

Pull request review commenttailscale/tailscale

Add HandlePacket and Inject, so machines can optionally mangle packets

 func TestMultiNetwork(t *testing.T) { 		t.Errorf("addr = %q; want %q", addr, natLANAddr) 	} }++func TestPacketHandler(t *testing.T) {+	lan := &Network{+		Name:    "lan",+		Prefix4: mustPrefix("192.168.0.0/24"),+		Prefix6: mustPrefix("fd00:916::/64"),+	}+	internet := NewInternet()++	client := &Machine{Name: "client"}+	nat := &Machine{Name: "nat"}+	lan.SetDefaultGateway(nat)+	server := &Machine{Name: "server"}++	ifClient := client.Attach("eth0", lan)+	ifNATWAN := nat.Attach("wan", internet)+	_ = nat.Attach("lan", lan)+	ifServer := server.Attach("server", internet)++	nat.HandlePacket = func(p []byte, dst, src netaddr.IPPort) PacketVerdict {

add comment above this saying what type of NAT this implements?

danderson

comment created time in 3 days

Pull request review commenttailscale/tailscale

Add HandlePacket and Inject, so machines can optionally mangle packets

 type Network struct { 	Prefix4 netaddr.IPPrefix 	Prefix6 netaddr.IPPrefix -	mu      sync.Mutex-	machine map[netaddr.IP]*Machine-	lastV4  netaddr.IP-	lastV6  netaddr.IP+	mu        sync.Mutex+	machine   map[netaddr.IP]*Machine+	defaultGW *Machine

// optional

(Little obvious, but.)

danderson

comment created time in 3 days

Pull request review commenttailscale/tailscale

Add HandlePacket and Inject, so machines can optionally mangle packets

 type routeEntry struct { 	iface  *Interface } -// NewMachine returns a new Machine without any network connection.-// The name is just for debugging and need not be globally unique.-// Use Attach to add networks.-func NewMachine(name string) *Machine {-	return &Machine{name: name}-}+// A PacketHandler is a function that can process packets.+type PacketHandler func(p []byte, dst, src netaddr.IPPort) (drop bool)  // A Machine is a representation of an operating system's network stack. // It has a network routing table and can have multiple attached networks.

// The zero value is valid, but lacks any networking capabilities until Attach is called.

danderson

comment created time in 3 days

Pull request review commenttailscale/tailscale

Add HandlePacket and Inject, so machines can optionally mangle packets

 type Machine struct { 	conns6 map[netaddr.IPPort]*conn // conns that want IPv6 packets } +// Inject transmits p from src to dst, without the need for a local socket.+// Useful for implementing e.g. NAT boxes that need to mangle IPs.

// It's useful for ...

(complete sentence with subject)

danderson

comment created time in 3 days

Pull request review commenttailscale/tailscale

Add HandlePacket and Inject, so machines can optionally mangle packets

 type routeEntry struct { 	iface  *Interface } -// NewMachine returns a new Machine without any network connection.-// The name is just for debugging and need not be globally unique.-// Use Attach to add networks.-func NewMachine(name string) *Machine {-	return &Machine{name: name}-}+// A PacketHandler is a function that can process packets.+type PacketHandler func(p []byte, dst, src netaddr.IPPort) (drop bool)  // A Machine is a representation of an operating system's network stack. // It has a network routing table and can have multiple attached networks. type Machine struct {-	name string+	// Name is a pretty name for debugging and packet tracing. It need+	// not be globally unique.+	Name string+	// HandlePacket, if not nil, is a function that gets invoked for

blank line before

danderson

comment created time in 3 days

Pull request review commenttailscale/tailscale

Add HandlePacket and Inject, so machines can optionally mangle packets

 type routeEntry struct { 	iface  *Interface } -// NewMachine returns a new Machine without any network connection.-// The name is just for debugging and need not be globally unique.-// Use Attach to add networks.-func NewMachine(name string) *Machine {-	return &Machine{name: name}-}+// A PacketHandler is a function that can process packets.+type PacketHandler func(p []byte, dst, src netaddr.IPPort) (drop bool)

how about return a specific action type instead so code looks like return Accept and return Drop instead of boolean literals which are basically always terrible? :)

danderson

comment created time in 3 days

Pull request review commenttailscale/tailscale

tstest/natlab: correctly handle dual-stacked PacketConns.

 func (m *Machine) ListenPacket(network, address string) (net.PacketConn, error) 		ipp: ipp, 		in:  make(chan incomingPacket, 100), // arbitrary 	}-	if err := m.registerConn(c); err != nil {-		return nil, err+	switch c.fam {+	case 0:+		if err := m.registerConn4(c); err != nil {+			return nil, err+		}+		if err := m.registerConn6(c); err != nil {

if this fails, unregisterConn4?

danderson

comment created time in 3 days

Pull request review commenttailscale/tailscale

tstest/natlab: correctly handle dual-stacked PacketConns.

 func (m *Machine) writePacket(p []byte, dst, src netaddr.IPPort) (n int, err err 	case src.IP == v4unspec: 		src.IP = iface.V4() 	case src.IP == v6unspec:-		src.IP = iface.V6()+		// v6unspec in Go means "any src, but match address families"

nice fix

danderson

comment created time in 3 days

Pull request review commenttailscale/tailscale

tstest/natlab: correctly handle dual-stacked PacketConns.

 func TestSendPacket(t *testing.T) { 	} } -func TestLAN(t *testing.T) {-	// TODO: very duplicate-ey with the previous test, but important-	// right now to test explicit construction of Networks.+func TestMultiNetwork(t *testing.T) { 	lan := Network{-		Name:    "lan1",+		Name:    "lan", 		Prefix4: mustPrefix("192.168.0.0/24"), 	}+	internet := NewInternet() -	foo := NewMachine("foo")-	bar := NewMachine("bar")-	ifFoo := foo.Attach("eth0", &lan)-	ifBar := bar.Attach("eth0", &lan)+	client := NewMachine("client")+	nat := NewMachine("nat")+	server := NewMachine("server")++	ifClient := client.Attach("eth0", &lan)

then you can remove all these &

danderson

comment created time in 3 days

Pull request review commenttailscale/tailscale

tstest/natlab: correctly handle dual-stacked PacketConns.

 func (m *Machine) hasv6() bool { 	return false } -func (m *Machine) registerConn(c *conn) error {+func (m *Machine) registerConn4(c *conn) error {+	m.mu.Lock()+	defer m.mu.Unlock()+	if c.ipp.IP.Is6() && c.ipp.IP != v6unspec {+		return fmt.Errorf("registerConn4 got IPv6 %s", c.ipp)+	}+	if _, ok := m.conns4[c.ipp]; ok {

at least from here down can be shared with registerConn6 with a new helper registerConn(m *map[net.IPPort]*conn, ipp net.IPPort, c *conn)

danderson

comment created time in 3 days

Pull request review commenttailscale/tailscale

tstest/natlab: correctly handle dual-stacked PacketConns.

 type Machine struct { 	interfaces []*Interface 	routes     []routeEntry // sorted by longest prefix to shortest -	conns map[netaddr.IPPort]*conn+	conns4 map[netaddr.IPPort]*conn

comments on these?

danderson

comment created time in 3 days

Pull request review commenttailscale/tailscale

tstest/natlab: correctly handle dual-stacked PacketConns.

 type Machine struct { 	interfaces []*Interface 	routes     []routeEntry // sorted by longest prefix to shortest -	conns map[netaddr.IPPort]*conn+	conns4 map[netaddr.IPPort]*conn+	conns6 map[netaddr.IPPort]*conn }  func (m *Machine) deliverIncomingPacket(p []byte, dst, src netaddr.IPPort) { 	m.mu.Lock() 	defer m.mu.Unlock() -	// TODO(danderson): check behavior of dual stack sockets-	c, ok := m.conns[dst]-	if !ok {-		dst = netaddr.IPPort{IP: unspecOf(dst.IP), Port: dst.Port}-		c, ok = m.conns[dst]+	conns := m.conns4+	if dst.IP.Is6() {+		conns = m.conns6+	}+	possibleDsts := []netaddr.IPPort{+		dst,+		netaddr.IPPort{IP: v6unspec, Port: dst.Port},+		netaddr.IPPort{IP: v4unspec, Port: dst.Port},+	}+	for _, dst := range possibleDsts {+		c, ok := conns[dst] 		if !ok {-			return+			continue+		}+		select {+		case c.in <- incomingPacket{src: src, p: p}:+		default:+			// Queue overflow. Just drop it.

I think you want to return now, not keep looping through possibleDsts?

danderson

comment created time in 3 days

Pull request review commenttailscale/tailscale

tstest/natlab: correctly handle dual-stacked PacketConns.

 func TestSendPacket(t *testing.T) { 	} } -func TestLAN(t *testing.T) {-	// TODO: very duplicate-ey with the previous test, but important-	// right now to test explicit construction of Networks.+func TestMultiNetwork(t *testing.T) { 	lan := Network{

style nit: &Network (since it's used as a pointer receiver)

danderson

comment created time in 3 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 97910ce712be6f3413ad224fd0100c7f21575752

tstest/natlab: remove unused PacketConner type

view details

push time in 4 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 14b4213c17ffd661dcfb4c172c12542983e841bd

tstest/natlab: add missing tests from earlier commits Now you can actually see that packet delivery works. Pairing with @danderson

view details

push time in 4 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 3f4f1cfe66dfa6c335a314f862ffde9039eaa56d

tstest/natlab: basic NAT-free packet delivery works Pairing with @danderson

view details

push time in 4 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha a477e70632789df7b738af502fb5070f44c20fb7

tstest/natlab: network address allocation Pairing with @danderson

view details

push time in 4 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha bb1a9e4700a4d34c960fb5a6680d350f64243186

tstest/natlab: bit more of in-memory network testing package Pairing with @danderson

view details

push time in 4 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 23c93da942def32ab4de10e179682edf335d6cff

tstest/natlab: start of in-memory network testing package Pairing with @danderson

view details

push time in 4 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha c52905abaa57dcc81d4709bb5d3ca8142b225aba

wgengine/magicsock: log less on no-op disco route switches Also, renew trustBestAddrUntil even if latency isn't better.

view details

push time in 4 days

Pull request review commenttailscale/tailscale

smallzstd: new package that constructs zstd small encoders/decoders.

+// package smallzstd produces zstd encoders and decoders optimized for

copyright, and capital Package

danderson

comment created time in 4 days

Pull request review commenttailscale/tailscale

smallzstd: new package that constructs zstd small encoders/decoders.

+// package smallzstd produces zstd encoders and decoders optimized for+// low memory usage, at the expense of compression efficiency.+package smallzstd++import (+	"io"++	"github.com/klauspost/compress/zstd"+)++// This package is optimized primarily for the memory cost of+// compressing and decompressing data. We reduce this cost in two+// major ways: disable parallelism within the library (i.e. don't use+// multiple CPU cores to decompress), and drop the compression window+// down from the defaults of 4-16MiB, to 8kiB.+//+// Decompressors cost 2x the window size in RAM to run, so by using an+// 8kiB window, we can run ~1000 more decompressors per unit of memory+// than with the defaults.+//+// Depending on context, the benefit is either being able to run more+// decoders (e.g. in our logs processing system), or having a lower+// memory footprint when using compression in network protocols+// (e.g. in tailscaled, which should have a minimal RAM cost).++const WindowSize = 8 << 10 // 8kiB++func NewSmallDecoder(r io.Reader, options ...zstd.DOption) (*zstd.Decoder, error) {

the name "Small" in these funcs are stuttery with the package name (classic https://golang.org/doc/effective_go.html#package-names example)

danderson

comment created time in 4 days

Pull request review commenttailscale/tailscale

smallzstd: new package that constructs zstd small encoders/decoders.

+// package smallzstd produces zstd encoders and decoders optimized for+// low memory usage, at the expense of compression efficiency.+package smallzstd++import (+	"io"++	"github.com/klauspost/compress/zstd"+)++// This package is optimized primarily for the memory cost of

move this to package doc?

danderson

comment created time in 4 days

Pull request review commenttailscale/tailscale

smallzstd: new package that constructs zstd small encoders/decoders.

+package smallzstd

copyright

danderson

comment created time in 4 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 847b6f039b714a189889218b53bbd57a266ebb27

disco: simplify expression, appease staticcheck Was: disco/disco.go:164:10: unnecessary use of fmt.Sprintf (S1039)

view details

push time in 4 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 57e893116042adc174411b7f46e2c7ce50a15e22

control/controlclient: fix copy/paste-o in debug knob accessor Introduced in a975e86bb8a42f0be9faf16067ee55a6da55d767. Only affected TS_DEBUG_* env users.

view details

push time in 4 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 0f0ed3dca0e409528cd61f5693d0f82bdd069a0c

wgengine/magicsock: clean up discovery logging Updates #483

view details

push time in 4 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 056fbee4eff539a564a6a380b1f035d3d1e2a91d

wgengine/magicsock: add TS_DEBUG_OMIT_LOCAL_ADDRS knob to force STUN use only For debugging.

view details

push time in 4 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 6233fd7ac348362ba1b8e33fa0a7fce939577213

control/controlclient: don't truncate AuthURL in log It's useful to copy/paste directly from there, without using tailscale up. If it's truncated for some specific reason, it doesn't say why.

view details

push time in 4 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha e03cc2ef57932dea808d525cdeefb2cdedc21aa8

wgengine/magicsock: populate discoOfAddr upon receiving ping frames Updates #483

view details

push time in 4 days

CommitCommentEvent

push eventinetaf/netaddr

Brad Fitzpatrick

commit sha 4591d218f82c3fb751d036c37614f649f58dd513

Simplify IPPort.IsZero implementation, add IsZero for IP and IPPrefix. As pointed out by @mdlayher: https://github.com/inetaf/netaddr/commit/10bc159763c46b4ba93620eaa28ef357e08ee9dc And while I'm here, add IsZero methods to all the types for consistency so the caller doesn't need to remember which ones have it.

view details

push time in 4 days

CommitCommentEvent

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 275a20f8178cf9d028ab0c051c80ffd637c1fd02

wgengine/magicsock: keep discoOfAddr populated, use it for findEndpoint Update the mapping from ip:port to discokey, so when we retrieve a packet from the network, we can find the same conn.Endpoint that we gave to wireguard-go previously, without making it think we've roamed. (We did, but we're not using its roaming.) Updates #483

view details

push time in 4 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 710ee88e9404d650ce3482bfc356924d109ac8b1

wgengine/magicsock: add timeout on discovery pings, clean up state Updates #483

view details

Brad Fitzpatrick

commit sha 77e89c4a72caa1c2c8ce36800adf02f418bad92e

wgengine/magicsock: handle CallMeMaybe discovery mesages Roughly feature complete now. Testing and polish remains. Updates #483

view details

push time in 5 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 77d3ef36f4a5c934ca751990655cf4e0fcb224df

wgengine/magicsock: hook up discovery messages, upgrade to LAN works Ping messages now go out somewhat regularly, pong replies are sent, and pong replies are now partially handled enough to upgrade off DERP to LAN. CallMeMaybe packets are sent & received over DERP, but aren't yet handled. That's next (and regular maintenance timers), and then WAN should work. Updates #483

view details

push time in 5 days

push eventinetaf/netaddr

Brad Fitzpatrick

commit sha 10bc159763c46b4ba93620eaa28ef357e08ee9dc

add IPPort.IsZero

view details

push time in 5 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 9b8ca219a1f4a5863c35de766e2c367299bfd768

wgengine/magicsock: remove allocs in UDP write, use new netaddr.PutUDPAddr The allocs were only introduced yesterday with a TODO. Now they're gone again.

view details

push time in 5 days

push eventinetaf/netaddr

Brad Fitzpatrick

commit sha 6509743f79d948d4bbdcf3ea6efcdac75ddfa3d3

Add PutUDPAddr and make IPPort.UDPAddr alloc-free in best case

view details

push time in 5 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 7b3c0bb7f6ac4b297f22de51673b3a0cd936f52f

wgengine/magicsock: fix crash reading DERP packet Starting at yesterday's e96f22e5600702 (convering some UDPAddrs to IPPorts), Conn.ReceiveIPv4 could return a nil addr, which would make its way through wireguard-go and blow up later. The DERP read path wasn't initializing the addr result parameter any more, and wgRecvAddr wasn't checking it either. Fixes #515

view details

push time in 5 days

issue closedtailscale/tailscale

Tailscaled crash at HEAD

Jun 30 22:35:54 vega tailscaled[14137]: [signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0x86ea1c]
Jun 30 22:35:54 vega tailscaled[14137]: goroutine 223 [running]:
Jun 30 22:35:54 vega tailscaled[14137]: github.com/tailscale/wireguard-go/device.(*Peer).SetEndpointAddress(0xc0006a3c00, 0x0)
Jun 30 22:35:54 vega tailscaled[14137]:         github.com/tailscale/wireguard-go@v0.0.0/device/peer.go:328 +0x5c
Jun 30 22:35:54 vega tailscaled[14137]: github.com/tailscale/wireguard-go/device.(*Peer).RoutineSequentialReceiver(0xc0006a3c00)
Jun 30 22:35:54 vega tailscaled[14137]:         github.com/tailscale/wireguard-go@v0.0.0/device/receive.go:561 +0x270
Jun 30 22:35:54 vega tailscaled[14137]: created by github.com/tailscale/wireguard-go/device.(*Peer).Start
Jun 30 22:35:54 vega tailscaled[14137]:         github.com/tailscale/wireguard-go@v0.0.0/device/peer.go:240 +0x329

cc @bradfitz guessing related to new discovery endpoints?

closed time in 5 days

danderson

issue commenttailscale/tailscale

Tailscaled crash at HEAD

I can reproduce. Seems to start at e96f22e56007025dbce35015d481853f71bbc062

danderson

comment created time in 5 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 47b4a19786384688cc747205b069efe2b100aecb

wgengine/magicsock: use netaddr.ParseIPPort instead of net.ResolveUDPAddr

view details

push time in 5 days

issue commenttailscale/tailscale

Tailscaled crashloop at HEAD

discovery stuff should all be off by default. Probably some related netaddr changes? Will look tomorrow. Not sure how I didn't hit it myself though.

danderson

comment created time in 5 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha f7124c7f06b761f8e7cb4822a897855ffc4cbb7e

wgengine/magicsock: start of discoEndpoint state tracking Updates #483

view details

push time in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 92252b098862cad0b38a4a776498e9ba1626fe12

wgengine/magicsock: add a little LRU cache for netaddr.IPPort lookups And while plumbing, a bit of discovery work I'll need: the endpointOfAddr map to map from validated paths to the discoEndpoint. Not being populated yet. Updates #483

view details

push time in 6 days

pull request commentWireGuard/wireguard-go

device: remove some unnecessary unsafe

Intrinisfied or not, won't this still add latency on big endian?

An endian swap instruction is barely measurable next to the system call. This isn't the place to go looking for performance wins.

Might be safer though to declare an int and unsafe cast that to [4]byte, to ensure alignment.

The point is to remove unsafe.

bradfitz

comment created time in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 9070aacdeedbbf3e37b1ef8713e2a742d9292f01

wgengine/magicsock: minor comments & logging & TODO changes

view details

Brad Fitzpatrick

commit sha 2d6e84e19ef86c7617e53cb87ea5017ef9fc2e65

net/netcheck, wgengine/magicsock: replace more UDPAddr with netaddr.IPPort

view details

push time in 6 days

pull request commentWireGuard/wireguard-go

device: remove some unnecessary unsafe

/cc @crawshaw

bradfitz

comment created time in 6 days

create barnchbradfitz/wireguard-go

branch : bradfitz/less_unsafe

created branch time in 6 days

fork bradfitz/wireguard-go

Mirror only. Official repository is at https://git.zx2c4.com/wireguard-go

fork in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha e96f22e56007025dbce35015d481853f71bbc062

wgengine/magicsock: start handling disco message, use netaddr.IPPort more Updates #483

view details

push time in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 790ef2bc5f2681e2ed4e4fb9757d5b0feb505dbf

internal/deepprint: update copyright header to appease license checker script Plus mention that it's not an exact copy.

view details

push time in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha eb4eb34f374276a8523b13015b3f30c554e2ca43

disco: new package for parsing & marshaling discovery messages Updates #483

view details

push time in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 7ca911a5c60501d9df498be0a2d2ee10ae4747fb

internal/deepprint: add missing copyright headers

view details

push time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/wgcfg

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/tsweb

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/stun_at_least_one_ipv4

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/safesocket_darwin

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/rename_tsweb_handler

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/redundant_check

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/portlist

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/paths

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/logtail_http1_log

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/logtail_http1

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/logtail_enc_alloc

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/log_mutex

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/ipv6_on

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/disco

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/derp_route

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/derp_peers

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/derp_no_lock

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/derp_map

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/derp_disable

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/createtun_log_why

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/callback_start

delete time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/autocert_email

delete time in 6 days

issue closedgolang/go

x/playground: support third-party imports

It's time for the playground to support importing third-party packages.

We have https://proxy.golang.org/ now which is the hard piece.

It might have to assume @latest for now, unless we let people write a go.mod file somehow (magic comments either one per module version, or magic comments separating the textarea into N logical files, ala mime/multipart by easier to type?)

/cc @bcmills @dmitshur @ysmolsky

closed time in 6 days

bradfitz
more