profile
viewpoint
Brad Fitzpatrick bradfitz Seattle https://bradfitz.com/ Xoogler. Ex @golang team (2010-2020). My side project is @perkeep.

bradfitz/exp-httpclient 554

experimental new HTTP client API for #golang (WIP)

bradfitz/embiggen-disk 413

embiggden-disk live-resizes a filesystem after first live-resizing any necessary layers below it: an optional LVM LV and PV, and an MBR or GPT partition table

bradfitz/gitbrute 324

brute-force a git commit hash

bradfitz/autocertdelegate 209

Get LetsEncrypt TLS certs for internal-only TLS servers via a delegated golang.org/x/crypto/acme/autocert server.

bradfitz/go-smtpd 193

SMTP server library for Go

bmizerany/perks 148

Effective Computation of Things

bradfitz/campher 112

Embed Perl in Go. This works, but was a joke for a presentation. Don't use.

bradfitz/deadbeef 95

Gimmicky commit hash made using bradfitz/gitbrute

bradfitz/go-sql-test 94

test ALL the databases

bradfitz/android-garage-opener 82

Android Garage Door Opener

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha d9fc7d735243f6e49e289bcffed2f58419a7b49c

Start of netcheck package & including network state in Hostinfo. * adds new packet "netcheck" to do the checking of UDP, IPv6, and nearest DERP server, and the Report type for all that (and more in the future, probably pulling in danderson's natprobe) * stunner support for IPv6 * new tailcfg.Hostinfo types * new opt package for an opt.Bool type that can mean empty (unknown/undefined), or true/false. * cmd/tailscale netcheck subcommand (tentative name, likely to change/move) to print out the netcheck.Report.

view details

push time in 5 hours

PR opened tailscale/tailscale

Reviewers
Start of netcheck package & including network state in Hostinfo.
  • adds new packet "netcheck" to do the checking of UDP, IPv6, and nearest DERP server, and the Report type for all that (and more in the future, probably pulling in danderson's natprobe)
  • stunner support for IPv6
  • new tailcfg.Hostinfo types
  • new opt package for an opt.Bool type that can mean empty (unknown/undefined), or true/false.
  • cmd/tailscale netcheck subcommand (tentative name, likely to change/move) to print out the netcheck.Report.
+342 -12

0 comment

14 changed files

pr created time in 5 hours

push eventtailscale/tailscale

David Crawshaw

commit sha 6879581891409115ff51736df7117a292a2deec5

controlclient: adjust user expiry test Signed-off-by: David Crawshaw <crawshaw@tailscale.com>

view details

Brad Fitzpatrick

commit sha 2489ea4268a2a5c2486c953d8fee5f9dd1249c03

stun: fix IPv6 bug, refactor a bit Fixes #104 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

Brad Fitzpatrick

commit sha 14abc820333377e88820e2c0b048f788b3e33dbe

stun: check high bits in Is, add tests Also use new stun.TxID type in stunner. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

Brad Fitzpatrick

commit sha 74650d6fb573c815e45d0e51e067c53af85b81fa

go.mod, go.sum: update

view details

Brad Fitzpatrick

commit sha 0e128f8f2268dece265c8a2bb62ccddc78705c19

stun: add server support Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

Brad Fitzpatrick

commit sha 00ad93ec254e7e3eaf01dbfb7401e460fc64545e

cmd/derper: add a STUN server Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

Brad Fitzpatrick

commit sha b1fa40d308ec0aecbf2ef8408939e6ce4900a865

Start of netcheck package & including network state in Hostinfo. * adds new packet "netcheck" to do the checking of UDP, IPv6, and nearest DERP server, and the Report type for all that (and more in the future, probably pulling in danderson's natprobe) * stunner support for IPv6 * new tailcfg.Hostinfo types * new opt package for an opt.Bool type that can mean empty (unknown/undefined), or true/false. * cmd/tailscale netcheck subcommand (tentative name, likely to change/move) to print out the netcheck.Report.

view details

push time in 5 hours

delete branch tailscale/tailscale

delete branch : bradfitz/derper_stun

delete time in 8 hours

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 00ad93ec254e7e3eaf01dbfb7401e460fc64545e

cmd/derper: add a STUN server Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 8 hours

create barnchtailscale/tailscale

branch : bradfitz/derper_stun

created branch time in 8 hours

delete branch tailscale/tailscale

delete branch : bradfitz/fake_derp

delete time in 12 hours

delete branch tailscale/tailscale

delete branch : bradfitz/stun

delete time in 12 hours

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 0e128f8f2268dece265c8a2bb62ccddc78705c19

stun: add server support Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 12 hours

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 74650d6fb573c815e45d0e51e067c53af85b81fa

go.mod, go.sum: update

view details

push time in 12 hours

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha a2e2bb5a12f24b05f161763167cca2ec3b94b4e7

stun: add server support Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 12 hours

create barnchtailscale/tailscale

branch : bradfitz/stun

created branch time in 13 hours

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 14abc820333377e88820e2c0b048f788b3e33dbe

stun: check high bits in Is, add tests Also use new stun.TxID type in stunner. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 16 hours

issue openedgolang/go

proposal: cmd/go: stamp git/vcs current HEAD hash/commit hash/dirty bit in binaries

(Related but different than #35667)

cmd/go currently embeds all the module dep information in binaries and it's readable with e.g. https://godoc.org/rsc.io/goversion/version but it does not include any information about the top-level module's version.

I propose that cmd/go look at {git,svn,etc} state and include in the binary:

  • HEAD commit time
  • HEAD hash
  • dirty bit (if there are uncommitted changes)

Currently many projects do this by hand with a build-program.sh and stamping it manually with --ldflags=-X foo=bar, but that means programs built the normal Go way lack that information, and people end up with non-portable (shell, often) build scripts.

I've hit this enough times with my own projects that it's actively frustrating me. It's worse when programs are clients that want to report their version number to a server (which might want to do analytics, build horizon enforcement, protocol version negotiation, etc) and then can't. There are alternative ways to do all that, but they're tedious.

Mostly I'm concerned that people have bespoke, often non-portable build scripts.

created time in 16 hours

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 2489ea4268a2a5c2486c953d8fee5f9dd1249c03

stun: fix IPv6 bug, refactor a bit Fixes #104 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 18 hours

issue closedtailscale/tailscale

stun: index out of range

Packet from [2604:a880:2:d1::c5:7001]:3478: "\x01\x01\x00H!\x12\xa4B\x06\xf5f\x85Ҋ\xf3\xe6\x9c\xe3A\xe2\x00\x01\x00\x14\x00\x02\x90\xce&\x02\x00Ѵ\xcf\xc1\x008\xb21\xff\xfe\xef\x96\xf6\x80+\x00\x14\x00\x02\r\x96&\x04\xa8\x80\x00\x02\x00\xd1\x00\x00\x00\x00\x00\xc5p\x01\x00 \x00\x14\x00\x02\xb1\xdc\a\x10\xa4\x93\xb2:\xa7\x85\xea8\xc2\x19b\f\xd7\x14"
panic: runtime error: index out of range [4] with length 4 
 
goroutine 12 [running]: 
tailscale.com/stun.xorMappedAddress(0xe6f38ad28566f506, 0xe241e39c, 0xc0001dc048, 0x14, 0xffb8, 0x4d46d1, 0xba7740, 0x85afc0, 0xc0002a2000, 0xc00004fd50, ...) 
        /home/bradfitz/src/tailscale.com/stun/stun.go:165 +0x27e 
tailscale.com/stun.ParseResponse(0xc0001dc000, 0x14, 0xffbc, 0xe6f38ad28566f506, 0xc0e241e39c, 0x3, 0xc00004fdd8, 0x4d46d1, 0x8, 0xc00004fd60, ...) 
        /home/bradfitz/src/tailscale.com/stun/stun.go:107 +0x462 
tailscale.com/stunner.(*Stunner).Receive(0xc000012780, 0xc0001dc000, 0x5c, 0x10000, 0xc00029e450) 
        /home/bradfitz/src/tailscale.com/stunner/stunner.go:54 +0x71 
tailscale.com/ipn.(*LocalBackend).populateNetworkConditions.func3(0xc000012780, 0x907160, 0xc0000100a0) 
        /home/bradfitz/src/tailscale.com/ipn/local.go:833 +0x1e9 
created by tailscale.com/ipn.(*LocalBackend).populateNetworkConditions 
        /home/bradfitz/src/tailscale.com/ipn/local.go:857 +0x9c3 
FAIL    tailscale.com/ipn       0.068s 
FAIL 

/cc @crawshaw but I can also figure this out if you're busy. I should learn STUN anyway.

closed time in 18 hours

bradfitz

create barnchtailscale/tailscale

branch : bradfitz/network_hostinfo

created branch time in a day

issue openedtailscale/tailscale

stun: index out of range

Packet from [2604:a880:2:d1::c5:7001]:3478: "\x01\x01\x00H!\x12\xa4B\x06\xf5f\x85Ҋ\xf3\xe6\x9c\xe3A\xe2\x00\x01\x00\x14\x00\x02\x90\xce&\x02\x00Ѵ\xcf\xc1\x008\xb21\xff\xfe\xef\x96\xf6\x80+\x00\x14\x00\x02\r\x96&\x04\xa8\x80\x00\x02\x00\xd1\x00\x00\x00\x00\x00\xc5p\x01\x00 \x00\x14\x00\x02\xb1\xdc\a\x10\xa4\x93\xb2:\xa7\x85\xea8\xc2\x19b\f\xd7\x14"
panic: runtime error: index out of range [4] with length 4 
 
goroutine 12 [running]: 
tailscale.com/stun.xorMappedAddress(0xe6f38ad28566f506, 0xe241e39c, 0xc0001dc048, 0x14, 0xffb8, 0x4d46d1, 0xba7740, 0x85afc0, 0xc0002a2000, 0xc00004fd50, ...) 
        /home/bradfitz/src/tailscale.com/stun/stun.go:165 +0x27e 
tailscale.com/stun.ParseResponse(0xc0001dc000, 0x14, 0xffbc, 0xe6f38ad28566f506, 0xc0e241e39c, 0x3, 0xc00004fdd8, 0x4d46d1, 0x8, 0xc00004fd60, ...) 
        /home/bradfitz/src/tailscale.com/stun/stun.go:107 +0x462 
tailscale.com/stunner.(*Stunner).Receive(0xc000012780, 0xc0001dc000, 0x5c, 0x10000, 0xc00029e450) 
        /home/bradfitz/src/tailscale.com/stunner/stunner.go:54 +0x71 
tailscale.com/ipn.(*LocalBackend).populateNetworkConditions.func3(0xc000012780, 0x907160, 0xc0000100a0) 
        /home/bradfitz/src/tailscale.com/ipn/local.go:833 +0x1e9 
created by tailscale.com/ipn.(*LocalBackend).populateNetworkConditions 
        /home/bradfitz/src/tailscale.com/ipn/local.go:857 +0x9c3 
FAIL    tailscale.com/ipn       0.068s 
FAIL 

/cc @crawshaw but I can also figure this out if you're busy. I should learn STUN anyway.

created time in a day

delete branch tailscale/tailscale

delete branch : bradfitz/ipn_local_ownership

delete time in 2 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha eefafad9f8a2a0ce14b001e9e6c2a6c27737d03b

ipn: fix some mutex/ownership issues Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 2 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 943d3cdc94c1d2131f186084e05f561282e585ad

ipn: fix some mutex/ownership issues Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 2 days

Pull request review commenttailscale/tailscale

ipn: fix some mutex/ownership issues

 func (b *LocalBackend) runPoller() { }  func (b *LocalBackend) send(n Notify) {-	if b.notify != nil {+	b.mu.Lock()+	notify := b.notify+	b.mu.Unlock()+	if notify != nil {

Done.

bradfitz

comment created time in 2 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha bb2c1168f9c3c271fd10ca9a889fe677473272a3

ipn: fix some mutex/ownership issues Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 2 days

PR opened tailscale/tailscale

Reviewers
ipn: fix some mutex/ownership issues
+72 -50

0 comment

3 changed files

pr created time in 2 days

create barnchtailscale/tailscale

branch : bradfitz/ipn_local_ownership

created branch time in 2 days

pull request commenttailscale/tailscale

wgengine: add pinger to generate initial spray packets

LGTM

crawshaw

comment created time in 2 days

delete branch tailscale/tailscale

delete branch : bradfitz/tsweb

delete time in 2 days

PR closed tailscale/tailscale

Reviewers
tsweb, cmd/derper: move common web/debug stuff from derper to new tsweb

We can move more in round two.

+123 -86

1 comment

2 changed files

bradfitz

pr closed time in 2 days

pull request commenttailscale/tailscale

tsweb, cmd/derper: move common web/debug stuff from derper to new tsweb

Already merged.

bradfitz

comment created time in 2 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 3988ddc85da469e44ced80b21a3a142ad3e105f6

types/logger: add WithPrefix, use it in two places Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 2 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 758744a4e3daddad3f544f48d2cecd7f3289995c

Fix some Hostinfo value usages from the previous commit.

view details

push time in 2 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha d8de11a01b277c041f76f8d6594673f7e1d4aa21

control: make Hostinfo accessed by pointer Fix potential races in copying aliased slices by value. Also few little doc updates. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 2 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 824f8255521e989996f30a504ce523b147ec4acf

tsweb, cmd/derper: move common web/debug stuff from derper to new tsweb Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 2 days

delete branch tailscale/tailscale

delete branch : bradfitz/cleanup

delete time in 2 days

PR closed tailscale/tailscale

Reviewers
ipn: misc cleanup
+38 -26

1 comment

3 changed files

bradfitz

pr closed time in 2 days

pull request commenttailscale/tailscale

ipn: misc cleanup

GitHub having problems. Pushed directly, as Rebase+Merge button in web UI failing.

bradfitz

comment created time in 2 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 367ffde21a05060f438378edff177a28a189d37b

ipn: misc cleanup Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 2 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 04e6b7777434d1c83d66e99ce1a22f213d6b30fc

safesocket: delete incorrect build tag Leftover from copying one file to another to create safesocket.go in the earlier documentation change (29f7d640910f8c37b5).

view details

push time in 2 days

Pull request review commenttailscale/tailscale

wgengine: add pinger to generate initial spray packets

 func newUserspaceEngineAdvanced(logf logger.Logf, tundev tun.Device, routerGen R 			// into it, and wireguard is what called us to get 			// here. 			go e.RequestStatus()++			if len(allowedIPs) > 0 {+				if ones, bits := allowedIPs[0].Mask.Size(); ones == bits && ones != 0 {+					var ip wgcfg.IP+					copy(ip.Addr[:], allowedIPs[0].IP.To16())

why just [0]? What if len(allowedIPs) > 1 ? Comment at least about what's going on?

crawshaw

comment created time in 2 days

Pull request review commenttailscale/tailscale

wgengine: add pinger to generate initial spray packets

 type userspaceEngine struct {  	wgLock       sync.Mutex // serializes all wgdev operations 	lastReconfig string+	lastCfg      wgcfg.Config 	lastRoutes   string  	mu           sync.Mutex 	peerSequence []wgcfg.Key 	endpoints    []string+	pingers      map[wgcfg.Key]chan struct{}

I don't like the chan struct{} here. It's not obvious what it's used for. I'd say docs, but I'd rather we replace it with something more explicit.

Can you create a defined type for it? CancelChan somewhere? Then it could even have a Cancel method to do the close on itself.

crawshaw

comment created time in 2 days

Pull request review commenttailscale/tailscale

wgengine: add pinger to generate initial spray packets

 func newUserspaceEngineAdvanced(logf logger.Logf, tundev tun.Device, routerGen R 	return e, nil } +// startPinger starts a goroutine that sends ping packets for a few seconds.+//+// These generated packets are used to ensure we trigger the spray logic in+// the magicsock package for NAT traversal.+func (e *userspaceEngine) startPinger(peerKey wgcfg.Key, ip wgcfg.IP) {+	e.logf("generating initial ping traffic to %s (%v)", peerKey.ShortString(), ip)+	var srcIP packet.IP++	e.wgLock.Lock()+	if len(e.lastCfg.Addresses) > 0 {+		srcIP = packet.NewIP(e.lastCfg.Addresses[0].IP.IP())+	}+	e.wgLock.Unlock()++	if srcIP == 0 {+		e.logf("generating initial ping traffic: no source IP")+		return+	}++	e.mu.Lock()+	if prevDonec := e.pingers[peerKey]; prevDonec != nil {+		close(prevDonec)+	}+	donec := make(chan struct{})+	e.pingers[peerKey] = donec+	e.mu.Unlock()++	// sendFreq is slightly longer than sprayFreq in magicsock to ensure+	// that if these ping packets are the only source of early packets+	// sent to the peer, that each one will be sprayed.+	const sendFreq = 300 * time.Millisecond+	const stopAfter = 3 * time.Second++	start := time.Now()+	dstIP := packet.NewIP(ip.IP())++	payload := []byte{0x01, 0x09, 0x02, 0x08}

What are these bytes? Add comment.

crawshaw

comment created time in 2 days

Pull request review commenttailscale/tailscale

wgengine: add pinger to generate initial spray packets

 func newUserspaceEngineAdvanced(logf logger.Logf, tundev tun.Device, routerGen R 	return e, nil } +// startPinger starts a goroutine that sends ping packets for a few seconds.+//+// These generated packets are used to ensure we trigger the spray logic in+// the magicsock package for NAT traversal.+func (e *userspaceEngine) startPinger(peerKey wgcfg.Key, ip wgcfg.IP) {+	e.logf("generating initial ping traffic to %s (%v)", peerKey.ShortString(), ip)+	var srcIP packet.IP++	e.wgLock.Lock()+	if len(e.lastCfg.Addresses) > 0 {+		srcIP = packet.NewIP(e.lastCfg.Addresses[0].IP.IP())+	}+	e.wgLock.Unlock()++	if srcIP == 0 {+		e.logf("generating initial ping traffic: no source IP")+		return+	}++	e.mu.Lock()+	if prevDonec := e.pingers[peerKey]; prevDonec != nil {+		close(prevDonec)+	}+	donec := make(chan struct{})+	e.pingers[peerKey] = donec+	e.mu.Unlock()++	// sendFreq is slightly longer than sprayFreq in magicsock to ensure+	// that if these ping packets are the only source of early packets+	// sent to the peer, that each one will be sprayed.+	const sendFreq = 300 * time.Millisecond+	const stopAfter = 3 * time.Second++	start := time.Now()+	dstIP := packet.NewIP(ip.IP())++	payload := []byte{0x01, 0x09, 0x02, 0x08}++	go func() {+		defer func() {+			e.mu.Lock()+			if e.pingers[peerKey] == donec {+				delete(e.pingers, peerKey)+			}+			e.mu.Unlock()+		}()++		ipid := uint16(1)+		t := time.NewTicker(sendFreq)

add a defer t.Stop() after this line instead and remove the t.Stop below.

crawshaw

comment created time in 2 days

Pull request review commenttailscale/tailscale

wgengine: add pinger to generate initial spray packets

 type userspaceEngine struct {  	wgLock       sync.Mutex // serializes all wgdev operations 	lastReconfig string+	lastCfg      wgcfg.Config 	lastRoutes   string  	mu           sync.Mutex 	peerSequence []wgcfg.Key 	endpoints    []string+	pingers      map[wgcfg.Key]chan struct{}

Document that mu must be held to close the channel (mu guarding map access to pingers is obvious from struct ordering convention, but the chan closure is not)

crawshaw

comment created time in 2 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 29f7d640910f8c37b50a13a676bec65e137319c0

safesocket: document Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 2 days

PR opened tailscale/tailscale

Reviewers
tsweb, cmd/derper: move common web/debug stuff from derper to new tsweb

We can move more in round two.

+123 -86

0 comment

2 changed files

pr created time in 2 days

create barnchtailscale/tailscale

branch : bradfitz/tsweb

created branch time in 2 days

PR opened tailscale/tailscale

Reviewers
ipn: misc cleanup
+38 -26

0 comment

3 changed files

pr created time in 2 days

create barnchtailscale/tailscale

branch : bradfitz/cleanup

created branch time in 2 days

pull request commenttailscale/tailscale

wgengine: properly clean up freebsd routes and interfaces on close

LGTM but leaving for @crawshaw to review & approve.

wardn

comment created time in 2 days

Pull request review commentgo4org/go4

Initiate go module.

+module go4.org++go 1.13

Does anything in here actually require Go 1.13?

ldez

comment created time in 3 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 8696b17b5fcc32b7076a05cb270036dbafa44d74

wgengine/magicsock: turn off DERP log spamminess by default Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 3 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha f473965ca1117c80e56e6326d85007d0c8b09085

go.sum: update Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 3 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 7a3b91390b6c26dc2a5258599827fbdc527d853c

wgengine/magicsock: fix crash in Send when Endpoint isn't an AddrSet Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 3 days

issue commenttailscale/tailscale

Installing for Go noobs

@djc, no need to wait for your distro. You can use another Go compiler trivially:

$ go get golang.org/dl/go1.13.8
$ go1.13.8 download

Then:

$ GO111MODULE=on go1.13.8 install tailscale.com/cmd/tailscale{,d} 
djc

comment created time in 5 days

issue commenttailscale/tailscale

Magicsock refuses to downgrade from LAN to DERP

@crawshaw, yup, that was basically our conclusion. Or every new WireGuard handshake, we set the AddrSet curIndex back to -1 and let it re-upgrade back to the best it can.

danderson

comment created time in 5 days

push eventtailscale/tailscale

wardn

commit sha c51b8c206d97b696c95ba54b9a44ea606c12fc0e

wgengine: resolv.conf spelling corrections Signed-off-by: wardn <wardn@users.noreply.github.com>

view details

push time in 5 days

PR merged tailscale/tailscale

wgengine: resolv.conf spelling corrections

Signed-off-by: wardn wardn@users.noreply.github.com

+3 -3

0 comment

1 changed file

wardn

pr closed time in 5 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha cc7b9b0dff7b8aaab6022122e5cba5251b30e116

control/controlclient: fix priority of DERP server, add comment

view details

push time in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 3317531021d979bf7c854a5a9b224acc92e7a38d

derp: fix JSON field typo, sort fields to make it easier to see inconsistencies

view details

push time in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 6cd81d5d1f3dc8d713c97894b5abf068a3cb9506

derp: add more derp stats for dropped and received packets Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha c02f4b5a1f982944ab9986c09e37d96af8e266b6

control/controlclient: add temporary mechanism to force derp on Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 6 days

PR opened tailscale/tailscale

WIP hack: mechanism to force derp on
+10 -1

0 comment

2 changed files

pr created time in 6 days

create barnchtailscale/tailscale

branch : bradfitz/fake_derp

created branch time in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 525bf1f3d2747d66caa37913b73402fa0237e063

wgengine/magicsock: remember fixed port number preference So LinkChange events rebind to the same port when possible.

view details

push time in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha c763901b1ac5d5b1d0cff152d3815aa4b838f8cd

cmd/derper: provide debug access over port 80 to trusted (tailscale) IPs Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/derp_msg

delete time in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 2612e54ad1e4f1ea10d20717ff41027a2be4cca2

derp, cmd/derper: add debug handlers, stats Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 433b917977bb9e925cba89c6da37213e0fe52110

interfaces, cmd/tsshd: move interface lookup from tsshd to its own package For reuse by derper, etc. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 37e115834ee0e2876bf3ff0fec4a2d3e86618ddb

cmd/derper: support logging to logtail Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 379a3125fd39b3115b950931f1f6fd7cd9c2bd1b

derp, wgengine/magicsock: support more than just packets from Client.Recv Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 6 days

Pull request review commenttailscale/tailscale

derp, wgengine/magicsock: support more than just packets Client.Recv

 func (c *Client) send(dstKey key.Public, pkt []byte) (ret error) { 	return c.bw.Flush() } -// Recv reads a data packet from the DERP server.-// The provided buffer must be larger enough to receive a complete packet.+// ReceivedMessage represents a type returned by Client.Recv. Unless+// otherwise documented, the returned message aliases the byte slice+// provided to Recv and thus the message is only as good as that+// buffer, which is up to the caller.+type ReceivedMessage interface {+	msg()+}++// ReceivedPacket is a ReceivedMessage representing an incoming packet.+type ReceivedPacket []byte++func (ReceivedPacket) msg() {}++// Recv reads a message from the DERP server.+// The provided buffer must be large enough to receive a complete packet,+// which in practice are are 1.5-4 KB, but can be up to 64 KB.

There were existing 64KB constants in the code, so I'm using that for now as our max. (IP packet max size)

If we come up with a new max, then we can update this.

But I agree that in practice the MTU will be 1500. But with two nodes with jumbo frames talking over DERP, what'll confine it to 1500? I wasn't sure, so keeping the 64KB limit I saw in the code (and that @crawshaw had mentioned) seemed a fine upper bound for now.

bradfitz

comment created time in 6 days

Pull request review commenttailscale/tailscale

cmd/mkpkg: add small wrapper around nfpm to build deb/rpm packages.

+// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.+// Use of this source code is governed by a BSD-style+// license that can be found in the LICENSE file.++// mkpkg builds the tailscale rpm and deb packages.+package main++import (+	"fmt"+	"log"+	"os"+	"strings"++	"github.com/goreleaser/nfpm"+	_ "github.com/goreleaser/nfpm/deb"+	_ "github.com/goreleaser/nfpm/rpm"+	"github.com/pborman/getopt"+)++func parseFiles(s string) (map[string]string, error) {+	ret := map[string]string{}+	for _, f := range strings.Split(s, ",") {+		fs := strings.Split(f, ":")+		if len(fs) != 2 {+			return nil, fmt.Errorf("unparseable file field %q", f)+		}+		ret[fs[0]] = fs[1]+	}+	return ret, nil+}++func main() {+	out := getopt.StringLong("out", 'o', "", "output file to write")+	goarch := getopt.StringLong("arch", 'a', "amd64", "goarch this package is for")+	pkgType := getopt.StringLong("type", 't', "deb", "type of package to build (deb or rpm)")+	files := getopt.StringLong("files", 'F', "", "comma-separated list of files in src:dst form")+	configFiles := getopt.StringLong("configs", 'C', "", "like --files, but for files marked as user-editable config files")+	version := getopt.StringLong("version", 0, "0.0.0", "version of the package")+	getopt.Parse()++	filesMap, err := parseFiles(*files)+	if err != nil {+		log.Fatalf("Parsing --files: %v", err)+	}+	configsMap, err := parseFiles(*configFiles)+	if err != nil {+		log.Fatalf("Parsing --configs: %v", err)+	}+	info := nfpm.WithDefaults(&nfpm.Info{+		Name:        "tailscale",+		Arch:        *goarch,+		Platform:    "linux",+		Version:     *version,+		Maintainer:  "Tailscale Inc <info@tailscale.com>",+		Description: "The easiest, most secure, cross platform way to use WireGuard + oauth2 + 2FA/SSO",

drop cross platform and oauth2 at least?

danderson

comment created time in 6 days

Pull request review commenttailscale/tailscale

cmd/mkpkg: add small wrapper around nfpm to build deb/rpm packages.

+// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.+// Use of this source code is governed by a BSD-style+// license that can be found in the LICENSE file.++// mkpkg builds the tailscale rpm and deb packages.+package main++import (+	"fmt"+	"log"+	"os"+	"strings"++	"github.com/goreleaser/nfpm"+	_ "github.com/goreleaser/nfpm/deb"+	_ "github.com/goreleaser/nfpm/rpm"+	"github.com/pborman/getopt"+)++func parseFiles(s string) (map[string]string, error) {

what is this map key/values?

danderson

comment created time in 6 days

Pull request review commenttailscale/tailscale

cmd/mkpkg: add small wrapper around nfpm to build deb/rpm packages.

+// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.+// Use of this source code is governed by a BSD-style+// license that can be found in the LICENSE file.++// mkpkg builds the tailscale rpm and deb packages.+package main++import (+	"fmt"+	"log"+	"os"+	"strings"++	"github.com/goreleaser/nfpm"+	_ "github.com/goreleaser/nfpm/deb"+	_ "github.com/goreleaser/nfpm/rpm"+	"github.com/pborman/getopt"+)++func parseFiles(s string) (map[string]string, error) {+	ret := map[string]string{}+	for _, f := range strings.Split(s, ",") {+		fs := strings.Split(f, ":")+		if len(fs) != 2 {+			return nil, fmt.Errorf("unparseable file field %q", f)+		}+		ret[fs[0]] = fs[1]+	}+	return ret, nil+}++func main() {+	out := getopt.StringLong("out", 'o', "", "output file to write")+	goarch := getopt.StringLong("arch", 'a', "amd64", "goarch this package is for")

"GOARCH ...

danderson

comment created time in 6 days

Pull request review commenttailscale/tailscale

cmd/mkpkg: add small wrapper around nfpm to build deb/rpm packages.

+// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.+// Use of this source code is governed by a BSD-style+// license that can be found in the LICENSE file.++// mkpkg builds the tailscale rpm and deb packages.

Tailscale?

danderson

comment created time in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 8e2d44f1c27f3706d461d060b04d4070fba4a149

derp, wgengine/magicsock: support more than just packets from Client.Recv Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 6 days

Pull request review commenttailscale/tailscale

derp, wgengine/magicsock: support more than just packets Client.Recv

 func (c *Client) Recv(b []byte) (n int, err error) { 			// require ack pongs. 			continue 		case frameRecvPacket:-			return int(n), nil+			return ReceivedPacket(b[:n]), nil

This is a small allocation (a slice header, 24 bytes) but I'm not worried about it yet.

I'll care about performance later.

I'll find this back from profiling later if/when it matters.

bradfitz

comment created time in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 986e5b9ac777d7c542033065b4d9d31d53e13029

derp, wgengine/magicsock: support more than just packets from Client.Recv Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 6 days

create barnchtailscale/tailscale

branch : brafitz/derp_msg

created branch time in 6 days

delete branch tailscale/tailscale

delete branch : brafitz/derp_msg

delete time in 6 days

create barnchtailscale/tailscale

branch : bradfitz/derp_msg

created branch time in 6 days

pull request commenttailscale/tailscale

cmd/mkpkg: add small wrapper around nfpm to build deb/rpm packages.

Ah nevermind. I read the diffstat wrong in the email.

danderson

comment created time in 6 days

pull request commenttailscale/tailscale

cmd/mkpkg: add small wrapper around nfpm to build deb/rpm packages.

I'd prefer a new repo over a nested module.

danderson

comment created time in 6 days

delete branch tailscale/tailscale

delete branch : bradfitz/derp_rate

delete time in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 0d84edd2d89911611e6670e3925987877f94432c

derp, cmd/derper: add rate limiting support, add default 5Mbps limit Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 6 days

create barnchtailscale/tailscale

branch : bradfitz/derp_rate

created branch time in 6 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 1166c34f6c86b1432922172d7df8f1a222f483cc

derp: fix staticcheck warning Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 7 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 322cb58b148bffe5a53e1c54913e9eb9228f421d

derp: deflake test I flaked up in earlier change I broke an invariant in 11048b893285cf601a224 (it was even nicely documented then). Also clean up the test a bit from while I was debugging it. Fixes #84 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 7 days

issue closedtailscale/tailscale

DERP test sometimes deadlocks

About 1 in 3 runs of go test -count=1000 -timeout=30s deadlocks and times out. Other runs complete the 1000 passes in ~3s.

panic: test timed out after 30s

goroutine 782 [running]:
testing.(*M).startAlarm.func1()
	/usr/lib/go/src/testing/testing.go:1377 +0xdf
created by time.goFunc
	/usr/lib/go/src/time/sleep.go:168 +0x44

goroutine 1 [chan receive]:
testing.(*T).Run(0xc0001aa700, 0x5f7c9a, 0xc, 0x602468, 0x47df06)
	/usr/lib/go/src/testing/testing.go:961 +0x377
testing.runTests.func1(0xc0001aa600)
	/usr/lib/go/src/testing/testing.go:1202 +0x78
testing.tRunner(0xc0001aa600, 0xc000058dc0)
	/usr/lib/go/src/testing/testing.go:909 +0xc9
testing.runTests(0xc0000b00a0, 0x750f70, 0x1, 0x1, 0x0)
	/usr/lib/go/src/testing/testing.go:1200 +0x2a7
testing.(*M).Run(0xc0000cc000, 0x0)
	/usr/lib/go/src/testing/testing.go:1117 +0x176
main.main()
	_testmain.go:44 +0x135

goroutine 753 [IO wait]:
internal/poll.runtime_pollWait(0x7f08f459f438, 0x72, 0xffffffffffffffff)
	/usr/lib/go/src/runtime/netpoll.go:184 +0x55
internal/poll.(*pollDesc).wait(0xc0004ccf18, 0x72, 0x1000, 0x1000, 0xffffffffffffffff)
	/usr/lib/go/src/internal/poll/fd_poll_runtime.go:87 +0x45
internal/poll.(*pollDesc).waitRead(...)
	/usr/lib/go/src/internal/poll/fd_poll_runtime.go:92
internal/poll.(*FD).Read(0xc0004ccf00, 0xc00039c000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
	/usr/lib/go/src/internal/poll/fd_unix.go:169 +0x1cf
net.(*netFD).Read(0xc0004ccf00, 0xc00039c000, 0x1000, 0x1000, 0x77314b86295c5, 0x31de88a8f7a83, 0x825decee2a01)
	/usr/lib/go/src/net/fd_unix.go:202 +0x4f
net.(*conn).Read(0xc000306088, 0xc00039c000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
	/usr/lib/go/src/net/net.go:184 +0x68
bufio.(*Reader).Read(0xc000354e40, 0xc00001e870, 0x4, 0x4, 0xc0000ed998, 0x445d8c, 0x10)
	/usr/lib/go/src/bufio/bufio.go:226 +0x26a
io.ReadAtLeast(0x62ef20, 0xc000354e40, 0xc00001e870, 0x4, 0x4, 0x4, 0xa0, 0x98, 0x5e0b40)
	/usr/lib/go/src/io/io.go:310 +0x87
io.ReadFull(...)
	/usr/lib/go/src/io/io.go:329
tailscale.com/derp.readUint32(0x62ef20, 0xc000354e40, 0xffffffff, 0x44261b530dd35, 0xc0000eda90, 0x582dfa)
	/home/dave/tail/corp/oss/derp/derp.go:92 +0x8b
tailscale.com/derp.(*Client).recvServerKey(0xc0000ca460, 0xc0000ca460, 0x47cd4edbb5cfdde4)
	/home/dave/tail/corp/oss/derp/derp_client.go:57 +0x47
tailscale.com/derp.NewClient(0xf351173c4620dba1, 0xb6fd75af9c2a49e4, 0x47cd4edbb5cfdde4, 0xc79436433359349, 0x6329a0, 0xc000306088, 0xc0000ede50, 0xc0000604a0, 0xc0002225a0, 0x0, ...)
	/home/dave/tail/corp/oss/derp/derp_client.go:42 +0x112
tailscale.com/derp.TestSendRecv(0xc0001aa700)
	/home/dave/tail/corp/oss/derp/derp_test.go:67 +0xef5
testing.tRunner(0xc0001aa700, 0x602468)
	/usr/lib/go/src/testing/testing.go:909 +0xc9
created by testing.(*T).Run
	/usr/lib/go/src/testing/testing.go:960 +0x350

goroutine 778 [IO wait]:
internal/poll.runtime_pollWait(0x7f08f459f5d8, 0x72, 0xffffffffffffffff)
	/usr/lib/go/src/runtime/netpoll.go:184 +0x55
internal/poll.(*pollDesc).wait(0xc0004cd098, 0x72, 0x1000, 0x1000, 0xffffffffffffffff)
	/usr/lib/go/src/internal/poll/fd_poll_runtime.go:87 +0x45
internal/poll.(*pollDesc).waitRead(...)
	/usr/lib/go/src/internal/poll/fd_poll_runtime.go:92
internal/poll.(*FD).Read(0xc0004cd080, 0xc000360000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
	/usr/lib/go/src/internal/poll/fd_unix.go:169 +0x1cf
net.(*netFD).Read(0xc0004cd080, 0xc000360000, 0x1000, 0x1000, 0x8, 0xc00034e188, 0xc000029750)
	/usr/lib/go/src/net/fd_unix.go:202 +0x4f
net.(*conn).Read(0xc0003060a0, 0xc000360000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
	/usr/lib/go/src/net/net.go:184 +0x68
bufio.(*Reader).fill(0xc000029500)
	/usr/lib/go/src/bufio/bufio.go:100 +0x103
bufio.(*Reader).ReadByte(0xc000029500, 0x10, 0xc00012a850, 0xc000029428)
	/usr/lib/go/src/bufio/bufio.go:252 +0x39
tailscale.com/derp.readType(0xc000029500, 0xc0000ff403, 0x5c19a0, 0x1c6834c46b8cb701)
	/home/dave/tail/corp/oss/derp/derp.go:73 +0x2f
tailscale.com/derp.(*Server).recvPacket(0xc0000293e0, 0xc000029500, 0xc0000293e0, 0x631700, 0xc000012a40, 0xc000029740, 0x0, 0x0, 0x0, 0x76, ...)
	/home/dave/tail/corp/oss/derp/derp_server.go:285 +0x4e
tailscale.com/derp.(*Server).accept(0xc0000293e0, 0x6329a0, 0xc0003060a0, 0xc00012a7d0, 0x0, 0x0)
	/home/dave/tail/corp/oss/derp/derp_server.go:161 +0x564
tailscale.com/derp.(*Server).Accept(0xc0000293e0, 0x6329a0, 0xc0003060a0, 0xc00012a7d0)
	/home/dave/tail/corp/oss/derp/derp_server.go:90 +0x18b
created by tailscale.com/derp.TestSendRecv
	/home/dave/tail/corp/oss/derp/derp_test.go:57 +0x7c9

goroutine 776 [IO wait]:
internal/poll.runtime_pollWait(0x7f08f459fab8, 0x72, 0xffffffffffffffff)
	/usr/lib/go/src/runtime/netpoll.go:184 +0x55
internal/poll.(*pollDesc).wait(0xc0004ccf98, 0x72, 0x1000, 0x1000, 0xffffffffffffffff)
	/usr/lib/go/src/internal/poll/fd_poll_runtime.go:87 +0x45
internal/poll.(*pollDesc).waitRead(...)
	/usr/lib/go/src/internal/poll/fd_poll_runtime.go:92
internal/poll.(*FD).Read(0xc0004ccf80, 0xc00035c000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
	/usr/lib/go/src/internal/poll/fd_unix.go:169 +0x1cf
net.(*netFD).Read(0xc0004ccf80, 0xc00035c000, 0x1000, 0x1000, 0x8, 0xc00034e168, 0xc000029630)
	/usr/lib/go/src/net/fd_unix.go:202 +0x4f
net.(*conn).Read(0xc000306090, 0xc00035c000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
	/usr/lib/go/src/net/net.go:184 +0x68
bufio.(*Reader).fill(0xc000029440)
	/usr/lib/go/src/bufio/bufio.go:100 +0x103
bufio.(*Reader).ReadByte(0xc000029440, 0x10, 0xc00012a810, 0xc000029428)
	/usr/lib/go/src/bufio/bufio.go:252 +0x39
tailscale.com/derp.readType(0xc000029440, 0xc0000ff203, 0x5c19a0, 0x1c6834c46b8cb701)
	/home/dave/tail/corp/oss/derp/derp.go:73 +0x2f
tailscale.com/derp.(*Server).recvPacket(0xc0000293e0, 0xc000029440, 0xc0000293e0, 0x631700, 0xc0000129c0, 0xc000029620, 0x0, 0x0, 0x0, 0x0, ...)
	/home/dave/tail/corp/oss/derp/derp_server.go:285 +0x4e
tailscale.com/derp.(*Server).accept(0xc0000293e0, 0x6329a0, 0xc000306090, 0xc00012a7b0, 0x0, 0x0)
	/home/dave/tail/corp/oss/derp/derp_server.go:161 +0x564
tailscale.com/derp.(*Server).Accept(0xc0000293e0, 0x6329a0, 0xc000306090, 0xc00012a7b0)
	/home/dave/tail/corp/oss/derp/derp_server.go:90 +0x18b
created by tailscale.com/derp.TestSendRecv
	/home/dave/tail/corp/oss/derp/derp_test.go:57 +0x7c9

goroutine 780 [IO wait]:
internal/poll.runtime_pollWait(0x7f08f4623a88, 0x72, 0xffffffffffffffff)
	/usr/lib/go/src/runtime/netpoll.go:184 +0x55
internal/poll.(*pollDesc).wait(0xc0004ccd18, 0x72, 0x1000, 0x1000, 0xffffffffffffffff)
	/usr/lib/go/src/internal/poll/fd_poll_runtime.go:87 +0x45
internal/poll.(*pollDesc).waitRead(...)
	/usr/lib/go/src/internal/poll/fd_poll_runtime.go:92
internal/poll.(*FD).Read(0xc0004ccd00, 0xc000362000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
	/usr/lib/go/src/internal/poll/fd_unix.go:169 +0x1cf
net.(*netFD).Read(0xc0004ccd00, 0xc000362000, 0x1000, 0x1000, 0x18, 0xc00016b5c0, 0x483ea7)
	/usr/lib/go/src/net/fd_unix.go:202 +0x4f
net.(*conn).Read(0xc000306078, 0xc000362000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
	/usr/lib/go/src/net/net.go:184 +0x68
bufio.(*Reader).fill(0xc0000295c0)
	/usr/lib/go/src/bufio/bufio.go:100 +0x103
bufio.(*Reader).ReadByte(0xc0000295c0, 0xbf8bd7412899df3f, 0x1c0685c47d, 0x759860)
	/usr/lib/go/src/bufio/bufio.go:252 +0x39
tailscale.com/derp.(*Client).Recv(0xc000222500, 0xc0003f0000, 0x10000, 0x10000, 0x0, 0x0, 0x0)
	/home/dave/tail/corp/oss/derp/derp_client.go:166 +0x10d
tailscale.com/derp.TestSendRecv.func1(0xc000222500, 0xc000029560, 0xc0000b0c80, 0x0)
	/home/dave/tail/corp/oss/derp/derp_test.go:77 +0x93
created by tailscale.com/derp.TestSendRecv
	/home/dave/tail/corp/oss/derp/derp_test.go:74 +0xc83

goroutine 758 [IO wait]:
internal/poll.runtime_pollWait(0x7f08f4623268, 0x72, 0xffffffffffffffff)
	/usr/lib/go/src/runtime/netpoll.go:184 +0x55
internal/poll.(*pollDesc).wait(0xc0004cce18, 0x72, 0x1000, 0x1000, 0xffffffffffffffff)
	/usr/lib/go/src/internal/poll/fd_poll_runtime.go:87 +0x45
internal/poll.(*pollDesc).waitRead(...)
	/usr/lib/go/src/internal/poll/fd_poll_runtime.go:92
internal/poll.(*FD).Read(0xc0004cce00, 0xc00039a000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
	/usr/lib/go/src/internal/poll/fd_unix.go:169 +0x1cf
net.(*netFD).Read(0xc0004cce00, 0xc00039a000, 0x1000, 0x1000, 0x18, 0xc0001685c0, 0x483ea7)
	/usr/lib/go/src/net/fd_unix.go:202 +0x4f
net.(*conn).Read(0xc000306080, 0xc00039a000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
	/usr/lib/go/src/net/net.go:184 +0x68
bufio.(*Reader).fill(0xc0000296e0)
	/usr/lib/go/src/bufio/bufio.go:100 +0x103
bufio.(*Reader).ReadByte(0xc0000296e0, 0xbf8bd74128b4162b, 0x1c069ffbd7, 0x759860)
	/usr/lib/go/src/bufio/bufio.go:252 +0x39
tailscale.com/derp.(*Client).Recv(0xc0002225a0, 0xc000400000, 0x10000, 0x10000, 0x0, 0x0, 0x0)
	/home/dave/tail/corp/oss/derp/derp_client.go:166 +0x10d
tailscale.com/derp.TestSendRecv.func1(0xc0002225a0, 0xc000029560, 0xc0000b0c80, 0x1)
	/home/dave/tail/corp/oss/derp/derp_test.go:77 +0x93
created by tailscale.com/derp.TestSendRecv
	/home/dave/tail/corp/oss/derp/derp_test.go:74 +0xc83

goroutine 779 [select]:
tailscale.com/derp.(*sclient).keepAliveLoop(0xc000029620, 0x631700, 0xc0000129c0, 0x0, 0x0)
	/home/dave/tail/corp/oss/derp/derp_server.go:328 +0x208
tailscale.com/derp.(*Server).sendClientKeepAlives(0xc0000293e0, 0x631700, 0xc0000129c0, 0xc000029620)
	/home/dave/tail/corp/oss/derp/derp_server.go:194 +0x46
created by tailscale.com/derp.(*Server).accept
	/home/dave/tail/corp/oss/derp/derp_server.go:158 +0x52c

goroutine 781 [select]:
tailscale.com/derp.(*sclient).keepAliveLoop(0xc000029740, 0x631700, 0xc000012a40, 0x0, 0x0)
	/home/dave/tail/corp/oss/derp/derp_server.go:328 +0x208
tailscale.com/derp.(*Server).sendClientKeepAlives(0xc0000293e0, 0x631700, 0xc000012a40, 0xc000029740)
	/home/dave/tail/corp/oss/derp/derp_server.go:194 +0x46
created by tailscale.com/derp.(*Server).accept
	/home/dave/tail/corp/oss/derp/derp_server.go:158 +0x52c
FAIL	tailscale.com/derp	30.006s
FAIL

closed time in 7 days

danderson

delete branch tailscale/tailscale

delete branch : bradfitz/derp_framing

delete time in 7 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha f029c4c82dbc56c06a4503847b5e4db0a24e98b9

derp: change the protocol framing to always include a length Addresses one of crawshaw's TODOs. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 7 days

PR merged tailscale/tailscale

derp: change the protocol framing to always include a length

Addresses one of crawshaw's TODOs.

+193 -151

0 comment

3 changed files

bradfitz

pr closed time in 7 days

push eventtailscale/tailscale

Brad Fitzpatrick

commit sha 9663ceb986f06b0b2f39e3c6dcd3d0c94e43dc9c

derp: change the protocol framing to always include a length Addresses one of crawshaw's TODOs. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

view details

push time in 7 days

Pull request review commenttailscale/tailscale

derp: change the protocol framing to always include a length

 func (c *Client) recvServerInfo() (*serverInfo, error) { }  func (c *Client) sendClientKey() error {-	var nonce [24]byte+	var nonce [nonceLen]byte 	if _, err := crand.Read(nonce[:]); err != nil { 		return err 	} 	msg := []byte("{}") // no clientInfo for now 	msgbox := box.Seal(nil, msg, &nonce, c.serverKey.B32(), c.privateKey.B32()) -	if _, err := c.bw.Write(c.publicKey[:]); err != nil {-		return err-	}-	if _, err := c.bw.Write(nonce[:]); err != nil {-		return err-	}-	if err := putUint32(c.bw, uint32(len(msgbox))); err != nil {-		return err-	}-	if _, err := c.bw.Write(msgbox); err != nil {-		return err-	}-	return c.bw.Flush()+	buf := make([]byte, 0, nonceLen+keyLen+len(msgbox))+	buf = append(buf, c.publicKey[:]...)+	buf = append(buf, nonce[:]...)+	buf = append(buf, msgbox...)+	return writeFrame(c.bw, frameClientInfo, buf) } -func (c *Client) Send(dstKey key.Public, msg []byte) (err error) {+func (c *Client) Send(dstKey key.Public, msg []byte) error { return c.send(dstKey, msg) }++func (c *Client) send(dstKey key.Public, msg []byte) (ret error) { 	defer func() {-		if err != nil {-			err = fmt.Errorf("derp.Send: %v", err)+		if ret != nil {+			ret = fmt.Errorf("derp.Send: %v", ret) 		} 	}() -	if err := typeSendPacket.Write(c.bw); err != nil {-		return err+	// Verify len(msg) + 4 fits in a uint32 with a sanity check.+	// This isn't a real limit, but is much higher than a IP+	// packet size.+	if len(msg) > 10<<20 {

Done. Capped and documented at 64<<10. (Let's only use shifts of 10, 20, 30 like Go)

bradfitz

comment created time in 7 days

Pull request review commenttailscale/tailscale

derp: change the protocol framing to always include a length

 func (s *Server) verifyClient(clientKey key.Public, info *sclientInfo) error { }  func (s *Server) sendServerKey(bw *bufio.Writer) error {-	if err := putUint32(bw, magic); err != nil {-		return err-	}-	if err := typeServerKey.Write(bw); err != nil {-		return err+	buf := make([]byte, 0, 40)+	buf = append(buf, magic...)+	buf = append(buf, s.publicKey[:]...)+	if len(buf) != 40 {+		panic("")

Just removed.

bradfitz

comment created time in 7 days

more