Update

2026-02-19 10:07:43 +00:00
parent 007438e372
commit 6e637ecf77
1763 changed files with 60820 additions and 279516 deletions
--- a/vendor/tailscale.com/net/sockopts/sockopts.go
+++ b/vendor/tailscale.com/net/sockopts/sockopts.go
@@ -0,0 +1,37 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+// Package sockopts contains logic for applying socket options.
+package sockopts
+
+import (
+	"net"
+	"runtime"
+
+	"tailscale.com/types/nettype"
+)
+
+// BufferDirection represents either the read/receive or write/send direction
+// of a socket buffer.
+type BufferDirection string
+
+const (
+	ReadDirection  BufferDirection = "read"
+	WriteDirection BufferDirection = "write"
+)
+
+func portableSetBufferSize(pconn nettype.PacketConn, direction BufferDirection, size int) error {
+	if runtime.GOOS == "plan9" {
+		// Not supported. Don't try. Avoid logspam.
+		return nil
+	}
+	var err error
+	if c, ok := pconn.(*net.UDPConn); ok {
+		if direction == WriteDirection {
+			err = c.SetWriteBuffer(size)
+		} else {
+			err = c.SetReadBuffer(size)
+		}
+	}
+	return err
+}
--- a/vendor/tailscale.com/net/sockopts/sockopts_default.go
+++ b/vendor/tailscale.com/net/sockopts/sockopts_default.go
@@ -0,0 +1,21 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build !linux
+
+package sockopts
+
+import (
+	"tailscale.com/types/nettype"
+)
+
+// SetBufferSize sets pconn's buffer to size for direction. size may be silently
+// capped depending on platform.
+//
+// errForce is only relevant for Linux, and will always be nil otherwise,
+// but we maintain a consistent cross-platform API.
+//
+// If pconn is not a [*net.UDPConn], then SetBufferSize is no-op.
+func SetBufferSize(pconn nettype.PacketConn, direction BufferDirection, size int) (errForce error, errPortable error) {
+	return nil, portableSetBufferSize(pconn, direction, size)
+}
--- a/vendor/tailscale.com/net/sockopts/sockopts_linux.go
+++ b/vendor/tailscale.com/net/sockopts/sockopts_linux.go
@@ -0,0 +1,40 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build linux
+
+package sockopts
+
+import (
+	"net"
+	"syscall"
+
+	"tailscale.com/types/nettype"
+)
+
+// SetBufferSize sets pconn's buffer to size for direction. It attempts
+// (errForce) to set SO_SNDBUFFORCE or SO_RECVBUFFORCE which can overcome the
+// limit of net.core.{r,w}mem_max, but require CAP_NET_ADMIN. It falls back to
+// the portable implementation (errPortable) if that fails, which may be
+// silently capped to net.core.{r,w}mem_max.
+//
+// If pconn is not a [*net.UDPConn], then SetBufferSize is no-op.
+func SetBufferSize(pconn nettype.PacketConn, direction BufferDirection, size int) (errForce error, errPortable error) {
+	opt := syscall.SO_RCVBUFFORCE
+	if direction == WriteDirection {
+		opt = syscall.SO_SNDBUFFORCE
+	}
+	if c, ok := pconn.(*net.UDPConn); ok {
+		var rc syscall.RawConn
+		rc, errForce = c.SyscallConn()
+		if errForce == nil {
+			rc.Control(func(fd uintptr) {
+				errForce = syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, opt, size)
+			})
+		}
+		if errForce != nil {
+			errPortable = portableSetBufferSize(pconn, direction, size)
+		}
+	}
+	return errForce, errPortable
+}
--- a/vendor/tailscale.com/net/sockopts/sockopts_notwindows.go
+++ b/vendor/tailscale.com/net/sockopts/sockopts_notwindows.go
@@ -0,0 +1,15 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build !windows
+
+package sockopts
+
+import (
+	"tailscale.com/types/nettype"
+)
+
+// SetICMPErrImmunity is no-op on non-Windows.
+func SetICMPErrImmunity(pconn nettype.PacketConn) error {
+	return nil
+}
--- a/vendor/tailscale.com/net/sockopts/sockopts_windows.go
+++ b/vendor/tailscale.com/net/sockopts/sockopts_windows.go
@@ -0,0 +1,62 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build windows
+
+package sockopts
+
+import (
+	"fmt"
+	"net"
+	"unsafe"
+
+	"golang.org/x/sys/windows"
+	"tailscale.com/types/nettype"
+)
+
+// SetICMPErrImmunity sets socket options on pconn to prevent ICMP reception,
+// e.g. ICMP Port Unreachable, from surfacing as a syscall error.
+//
+// If pconn is not a [*net.UDPConn], then SetICMPErrImmunity is no-op.
+func SetICMPErrImmunity(pconn nettype.PacketConn) error {
+	c, ok := pconn.(*net.UDPConn)
+	if !ok {
+		// not a UDP connection; nothing to do
+		return nil
+	}
+
+	sysConn, err := c.SyscallConn()
+	if err != nil {
+		return fmt.Errorf("SetICMPErrImmunity: getting SyscallConn failed: %v", err)
+	}
+
+	// Similar to https://github.com/golang/go/issues/5834 (which involved
+	// WSAECONNRESET), Windows can return a WSAENETRESET error, even on UDP
+	// reads. Disable this.
+	const SIO_UDP_NETRESET = windows.IOC_IN | windows.IOC_VENDOR | 15
+
+	var ioctlErr error
+	err = sysConn.Control(func(fd uintptr) {
+		ret := uint32(0)
+		flag := uint32(0)
+		size := uint32(unsafe.Sizeof(flag))
+		ioctlErr = windows.WSAIoctl(
+			windows.Handle(fd),
+			SIO_UDP_NETRESET,               // iocc
+			(*byte)(unsafe.Pointer(&flag)), // inbuf
+			size,                           // cbif
+			nil,                            // outbuf
+			0,                              // cbob
+			&ret,                           // cbbr
+			nil,                            // overlapped
+			0,                              // completionRoutine
+		)
+	})
+	if ioctlErr != nil {
+		return fmt.Errorf("SetICMPErrImmunity: could not set SIO_UDP_NETRESET: %v", ioctlErr)
+	}
+	if err != nil {
+		return fmt.Errorf("SetICMPErrImmunity: SyscallConn.Control failed: %v", err)
+	}
+	return nil
+}