Skip to content

Commit

Permalink
illumos/solaris support rebased onto 1.50.0
Browse files Browse the repository at this point in the history
  • Loading branch information
nshalman committed Nov 2, 2023
1 parent 31e1690 commit 0338d13
Show file tree
Hide file tree
Showing 21 changed files with 494 additions and 7 deletions.
32 changes: 32 additions & 0 deletions .github/workflows/cross-illumos.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
name: illumos-Cross

on:
push:
branches:
- main
- 'illumos-*'
pull_request:
branches:
- '*'

jobs:
build:
runs-on: ubuntu-latest

if: "!contains(github.event.head_commit.message, '[ci skip]')"

steps:
- name: Check out code
uses: actions/checkout@v3
with:
fetch-depth: 0

- name: Set up Go
uses: actions/setup-go@v4
with:
go-version-file: 'go.mod'
check-latest: true
id: go

- name: SunOS build script
run: bash -x build.sh
39 changes: 39 additions & 0 deletions .github/workflows/nshalman-sunos-releases.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
---
name: "tagged-release"

on:
push:
tags:
- "v*-sunos"

jobs:
tagged-release:
name: "SunOS Tagged Release"
runs-on: "ubuntu-latest"

steps:
- name: Check out code
uses: actions/checkout@v3
with:
fetch-depth: 0

- name: Set up Go
uses: actions/setup-go@v4
with:
go-version-file: 'go.mod'
check-latest: true
id: go

- name: SunOS build script
run: bash -x build.sh

- name: Create Release
uses: "marvinpinto/action-automatic-releases@latest"
with:
repo_token: "${{ secrets.GITHUB_TOKEN }}"
prerelease: false
files: |
cmd/tailscaled/tailscale.xml
sha256sums
tailscaled-illumos
tailscaled-solaris
1 change: 1 addition & 0 deletions AUTHORS
Original file line number Diff line number Diff line change
Expand Up @@ -15,3 +15,4 @@
# company that owns the rights to your contribution.

Tailscale Inc.
Nahum Shalman <[email protected]>
30 changes: 30 additions & 0 deletions build.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
#!/bin/bash

set -o xtrace
set -o errexit

export TS_USE_TOOLCHAIN=true
# This prevents illumos libc from leaking into Solaris binaries when built on illumos
export CGO_ENABLED=0

fix_osabi () {
if [[ $(uname -s) == SunOS ]]; then
/usr/bin/elfedit \
-e "ehdr:ei_osabi ELFOSABI_SOLARIS" \
-e "ehdr:ei_abiversion EAV_SUNW_CURRENT" \
"${1?}"
else
elfedit --output-osabi "Solaris" --output-abiversion "1" "${1?}"
fi
}

for GOOS in illumos solaris; do
export GOOS
bash -x ./build_dist.sh --box ./cmd/tailscaled
fix_osabi tailscaled
mv tailscaled{,-${GOOS}}
done

ln cmd/tailscaled/tailscale.xml .
shasum -a 256 tailscaled-* tailscale.xml >sha256sums
rm ./tailscale.xml
36 changes: 36 additions & 0 deletions cmd/tailscaled/tailscale-smartos-gz.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
<?xml version='1.0'?>
<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
<service_bundle type='manifest' name='export'>
<service name='vpn/tailscale' type='service' version='0'>
<create_default_instance enabled='true'/>
<single_instance/>
<dependency name='network' grouping='require_all' restart_on='error' type='service'>
<service_fmri value='svc:/milestone/network:default'/>
</dependency>
<dependency name='filesystem' grouping='require_all' restart_on='error' type='service'>
<service_fmri value='svc:/system/filesystem/local'/>
</dependency>
<method_context>
<method_credential group='root' user='root'/>
</method_context>
<exec_method name='start' type='method' exec='/opt/local/sbin/tailscaled' timeout_seconds='60'>
<method_context>
<method_environment>
<envvar name='SSL_CERT_FILE' value='/opt/tools/share/mozilla-rootcerts/cacert.pem'/>
</method_environment>
</method_context>
</exec_method>
<exec_method name='stop' type='method' exec=':kill' timeout_seconds='60'/>
<property_group name='application' type='application'/>
<property_group name='startd' type='framework'>
<propval name='duration' type='astring' value='child'/>
<propval name='ignore_error' type='astring' value='core,signal'/>
</property_group>
<stability value='Evolving'/>
<template>
<common_name>
<loctext xml:lang='C'>Tailscale</loctext>
</common_name>
</template>
</service>
</service_bundle>
30 changes: 30 additions & 0 deletions cmd/tailscaled/tailscale.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
<?xml version='1.0'?>
<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
<service_bundle type='manifest' name='export'>
<service name='vpn/tailscale' type='service' version='0'>
<create_default_instance enabled='true'/>
<single_instance/>
<dependency name='network' grouping='require_all' restart_on='error' type='service'>
<service_fmri value='svc:/milestone/network:default'/>
</dependency>
<dependency name='filesystem' grouping='require_all' restart_on='error' type='service'>
<service_fmri value='svc:/system/filesystem/local'/>
</dependency>
<method_context>
<method_credential group='root' user='root'/>
</method_context>
<exec_method name='start' type='method' exec='/usr/local/sbin/tailscaled' timeout_seconds='60'/>
<exec_method name='stop' type='method' exec=':kill' timeout_seconds='60'/>
<property_group name='application' type='application'/>
<property_group name='startd' type='framework'>
<propval name='duration' type='astring' value='child'/>
<propval name='ignore_error' type='astring' value='core,signal'/>
</property_group>
<stability value='Evolving'/>
<template>
<common_name>
<loctext xml:lang='C'>Tailscale</loctext>
</common_name>
</template>
</service>
</service_bundle>
2 changes: 2 additions & 0 deletions cmd/tailscaled/tailscaled.go
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,8 @@ import (
// defaultTunName returns the default tun device name for the platform.
func defaultTunName() string {
switch runtime.GOOS {
case "illumos", "solaris":
return "tun"
case "openbsd":
return "tun"
case "windows":
Expand Down
Binary file added derper
Binary file not shown.
2 changes: 2 additions & 0 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -365,3 +365,5 @@ require (
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.3.0 // indirect
)

replace github.com/tailscale/wireguard-go => github.com/nshalman/wireguard-go v0.0.20200321-0.20230423150539-55df1b6c04ac
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -696,6 +696,8 @@ github.com/nishanths/exhaustive v0.10.0 h1:BMznKAcVa9WOoLq/kTGp4NJOJSMwEpcpjFNAV
github.com/nishanths/exhaustive v0.10.0/go.mod h1:IbwrGdVMizvDcIxPYGVdQn5BqWJaOwpCvg4RGb8r/TA=
github.com/nishanths/predeclared v0.2.2 h1:V2EPdZPliZymNAn79T8RkNApBjMmVKh5XRpLm/w98Vk=
github.com/nishanths/predeclared v0.2.2/go.mod h1:RROzoN6TnGQupbC+lqggsOlcgysk3LMK/HI84Mp280c=
github.com/nshalman/wireguard-go v0.0.20200321-0.20230423150539-55df1b6c04ac h1:wEG2xJ+7q062tBEU8gkJvN2hC5RpZWhEIWAug5LUC0k=
github.com/nshalman/wireguard-go v0.0.20200321-0.20230423150539-55df1b6c04ac/go.mod h1:J62uaH3KrbhKtrKXQJ6/Z+kcs0r4CdA7qd5AXQtl0/s=
github.com/nunnatsa/ginkgolinter v0.11.2 h1:xzQpAsEyZe5F1RMy2Z5kn8UFCGiWfKqJOUd2ZzBXA4M=
github.com/nunnatsa/ginkgolinter v0.11.2/go.mod h1:dJIGXYXbkBswqa/pIzG0QlVTTDSBMxDoCFwhsl4Uras=
github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec=
Expand Down Expand Up @@ -884,8 +886,6 @@ github.com/tailscale/netlink v1.1.1-0.20211101221916-cabfb018fe85 h1:zrsUcqrG2uQ
github.com/tailscale/netlink v1.1.1-0.20211101221916-cabfb018fe85/go.mod h1:NzVQi3Mleb+qzq8VmcWpSkcSYxXIg0DkI6XDzpVkhJ0=
github.com/tailscale/web-client-prebuilt v0.0.0-20230919211114-7bcd7bca7bc5 h1:wKUtQPRpjhZZvAuwYRMcjMZnpWSUEJWIbNJmLtDbR0k=
github.com/tailscale/web-client-prebuilt v0.0.0-20230919211114-7bcd7bca7bc5/go.mod h1:agQPE6y6ldqCOui2gkIh7ZMztTkIQKH049tv8siLuNQ=
github.com/tailscale/wireguard-go v0.0.0-20230929223258-2f6748dc88e7 h1:P1od5W+cX/LZZyvbKrNUXuuzxensnKEywLhxhPOeHuY=
github.com/tailscale/wireguard-go v0.0.0-20230929223258-2f6748dc88e7/go.mod h1:BOm5fXUBFM+m9woLNBoxI9TaBXXhGNP50LX/TGIvGb4=
github.com/tc-hib/winres v0.2.1 h1:YDE0FiP0VmtRaDn7+aaChp1KiF4owBiJa5l964l5ujA=
github.com/tc-hib/winres v0.2.1/go.mod h1:C/JaNhH3KBvhNKVbvdlDWkbMDO9H4fKKDaN7/07SSuk=
github.com/tcnksm/go-httpstat v0.2.0 h1:rP7T5e5U2HfmOBmZzGgGZjBQ5/GluWUylujl0tJ04I0=
Expand Down
2 changes: 1 addition & 1 deletion ipn/ipnlocal/local.go
Original file line number Diff line number Diff line change
Expand Up @@ -3141,7 +3141,7 @@ func (b *LocalBackend) peerAPIServicesLocked() (ret []tailcfg.Service) {
})
}
switch runtime.GOOS {
case "linux", "freebsd", "openbsd", "illumos", "darwin", "windows", "android", "ios":
case "linux", "freebsd", "openbsd", "illumos", "solaris", "darwin", "windows", "android", "ios":
// These are the platforms currently supported by
// net/dns/resolver/tsdns.go:Resolver.HandleExitNodeDNSQuery.
ret = append(ret, tailcfg.Service{
Expand Down
2 changes: 2 additions & 0 deletions ipn/ipnstate/ipnstate.go
Original file line number Diff line number Diff line change
Expand Up @@ -617,6 +617,8 @@ func osEmoji(os string) string {
return "🐡"
case "illumos":
return "☀️"
case "solaris":
return "🌤️"
}
return "👽"
}
Expand Down
2 changes: 1 addition & 1 deletion net/dns/manager_default.go
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
// Copyright (c) Tailscale Inc & AUTHORS
// SPDX-License-Identifier: BSD-3-Clause

//go:build !linux && !freebsd && !openbsd && !windows && !darwin
//go:build !linux && !freebsd && !openbsd && !windows && !darwin && !illumos && !solaris

package dns

Expand Down
12 changes: 12 additions & 0 deletions net/dns/manager_solaris.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
// Copyright (c) Tailscale Inc & AUTHORS
// SPDX-License-Identifier: BSD-3-Clause

package dns

import (
"tailscale.com/types/logger"
)

func NewOSConfigurator(logf logger.Logf, _ string) (OSConfigurator, error) {
return newDirectManager(logf), nil
}
2 changes: 1 addition & 1 deletion net/dns/resolver/tsdns.go
Original file line number Diff line number Diff line change
Expand Up @@ -350,7 +350,7 @@ func (r *Resolver) HandleExitNodeDNSQuery(ctx context.Context, q []byte, from ne
// but for now that's probably good enough. Later we'll
// want to blend in everything from scutil --dns.
fallthrough
case "linux", "freebsd", "openbsd", "illumos", "ios":
case "linux", "freebsd", "openbsd", "illumos", "solaris", "ios":
nameserver, err := stubResolverForOS()
if err != nil {
r.logf("stubResolverForOS: %v", err)
Expand Down
27 changes: 27 additions & 0 deletions net/netutil/ip_forward.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"fmt"
"net/netip"
"os"
"os/exec"
"path/filepath"
"runtime"
"strconv"
Expand Down Expand Up @@ -62,6 +63,11 @@ func CheckIPForwarding(routes []netip.Prefix, state *interfaces.State) (warn, er
switch runtime.GOOS {
case "dragonfly", "freebsd", "netbsd", "openbsd":
return fmt.Errorf("Subnet routing and exit nodes only work with additional manual configuration on %v, and is not currently officially supported.", runtime.GOOS), nil
case "illumos", "solaris":
_, err := ipForwardingEnabledSunOS(ipv4, "")
if err != nil {
return nil, fmt.Errorf("Couldn't check system's IP forwarding configuration, subnet routing/exit nodes may not work: %w%s", err, "")
}
}
return nil, nil
}
Expand Down Expand Up @@ -221,3 +227,24 @@ func ipForwardingEnabledLinux(p protocol, iface string) (bool, error) {
on := val == 1 || val == 2
return on, nil
}

func ipForwardingEnabledSunOS(p protocol, iface string) (bool, error) {
var proto string
if p == ipv4 {
proto = "ipv4"
} else if p == ipv6 {
proto = "ipv6"
} else {
return false, fmt.Errorf("unknown protocol")
}

ipadmCmd := "\"ipadm show-prop " + proto + " -p forwarding -o CURRENT -c\""
bs, err := exec.Command("ipadm", "show-prop", proto, "-p", "forwarding", "-o", "CURRENT", "-c").Output()
if err != nil {
return false, fmt.Errorf("couldn't check %s (%v).\nSubnet routes won't work without IP forwarding.", ipadmCmd, err)
}
if string(bs) != "on\n" {
return false, fmt.Errorf("IP forwarding is set to off. Subnet routes won't work. Try 'routeadm -u -e " + proto + "-forwarding'")
}
return true, nil
}
2 changes: 1 addition & 1 deletion paths/paths_unix.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ func init() {

func statePath() string {
switch runtime.GOOS {
case "linux":
case "linux", "illumos", "solaris":
return "/var/lib/tailscale/tailscaled.state"
case "freebsd", "openbsd":
return "/var/db/tailscale/tailscaled.state"
Expand Down
6 changes: 6 additions & 0 deletions tool/go
Original file line number Diff line number Diff line change
Expand Up @@ -4,4 +4,10 @@
# currently-desired version from https://github.com/tailscale/go,
# downloading it first if necessary.

case $(uname -s) in
SunOS)
exec go "$@"
;;
esac

exec "$(dirname "$0")/../tool/gocross/gocross-wrapper.sh" "$@"
2 changes: 1 addition & 1 deletion wgengine/router/router_default.go
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
// Copyright (c) Tailscale Inc & AUTHORS
// SPDX-License-Identifier: BSD-3-Clause

//go:build !windows && !linux && !darwin && !openbsd && !freebsd
//go:build !windows && !linux && !darwin && !openbsd && !freebsd && !illumos && !solaris

package router

Expand Down
45 changes: 45 additions & 0 deletions wgengine/router/router_solaris.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
// Copyright (c) Tailscale Inc & AUTHORS
// SPDX-License-Identifier: BSD-3-Clause

package router

import (
"strings"

"github.com/tailscale/wireguard-go/tun"
"tailscale.com/types/logger"
"tailscale.com/net/netmon"
)

// For now this router only supports the userspace WireGuard implementations.

func newUserspaceRouter(logf logger.Logf, tundev tun.Device, linkMon *netmon.Monitor) (Router, error) {
return newUserspaceSunosRouter(logf, tundev, linkMon)
}

func cleanup(logf logger.Logf, interfaceName string) {
ipadm := []string{"ipadm", "show-addr", "-p", "-o", "addrobj"}
out, err := cmd(ipadm...).Output()
if err != nil {
logf("ipadm show-addr: %v\n%s", err, out)
}
for _, a := range strings.Fields(string(out)) {
s := strings.Split(a, "/")
if len(s) > 1 && strings.Contains(s[1], "tailscale") {
ipadm = []string{"ipadm", "down-addr", "-t", a}
cmdVerbose(logf, ipadm)
ipadm = []string{"ipadm", "delete-addr", a}
cmdVerbose(logf, ipadm)
ipadm = []string{"ipadm", "delete-if", s[0]}
cmdVerbose(logf, ipadm)
}
}
ifcfg := []string{"ifconfig", interfaceName, "unplumb"}
if out, err := cmd(ifcfg...).CombinedOutput(); err != nil {
logf("ifconfig unplumb: %v\n%s", err, out)
}
ifcfg = []string{"ifconfig", interfaceName, "inet6", "unplumb"}
if out, err := cmd(ifcfg...).CombinedOutput(); err != nil {
logf("ifconfig inet6 unplumb: %v\n%s", err, out)
}
}
Loading

0 comments on commit 0338d13

Please sign in to comment.