Update

vendor/tailscale.com/tsweb/debug.go

@@ -0,0 +1,193 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+package tsweb
+
+import (
+	"expvar"
+	"fmt"
+	"html"
+	"io"
+	"net/http"
+	"net/url"
+	"os"
+	"runtime"
+
+	"tailscale.com/feature"
+	"tailscale.com/tsweb/varz"
+	"tailscale.com/version"
+)
+
+// DebugHandler is an http.Handler that serves a debugging "homepage",
+// and provides helpers to register more debug endpoints and reports.
+//
+// The rendered page consists of three sections: informational
+// key/value pairs, links to other pages, and additional
+// program-specific HTML. Callers can add to these sections using the
+// KV, URL and Section helpers respectively.
+//
+// Additionally, the Handle method offers a shorthand for correctly
+// registering debug handlers and cross-linking them from /debug/.
+type DebugHandler struct {
+	mux      *http.ServeMux                   // where this handler is registered
+	kvs      []func(io.Writer)                // output one <li>...</li> each, see KV()
+	urls     []string                         // one <li>...</li> block with link each
+	sections []func(io.Writer, *http.Request) // invoked in registration order prior to outputting </body>
+	title    string                           // title displayed on index page
+}
+
+// PrometheusHandler is an optional hook to enable native Prometheus
+// support in the debug handler. It is disabled by default. Import the
+// tailscale.com/tsweb/promvarz package to enable this feature.
+var PrometheusHandler feature.Hook[func(*DebugHandler)]
+
+// Debugger returns the DebugHandler registered on mux at /debug/,
+// creating it if necessary.
+func Debugger(mux *http.ServeMux) *DebugHandler {
+	h, pat := mux.Handler(&http.Request{URL: &url.URL{Path: "/debug/"}})
+	if d, ok := h.(*DebugHandler); ok && pat == "/debug/" {
+		return d
+	}
+	ret := &DebugHandler{
+		mux:   mux,
+		title: fmt.Sprintf("%s debug", version.CmdName()),
+	}
+	mux.Handle("/debug/", ret)
+
+	ret.KVFunc("Uptime", func() any { return varz.Uptime() })
+	ret.KV("Version", version.Long())
+	ret.Handle("vars", "Metrics (Go)", expvar.Handler())
+	if PrometheusHandler.IsSet() {
+		PrometheusHandler.Get()(ret)
+	} else {
+		ret.Handle("varz", "Metrics (Prometheus)", http.HandlerFunc(varz.Handler))
+	}
+
+	addProfilingHandlers(ret)
+	ret.Handle("gc", "force GC", http.HandlerFunc(gcHandler))
+	hostname, err := os.Hostname()
+	if err == nil {
+		ret.KV("Machine", hostname)
+	}
+	return ret
+}
+
+// ServeHTTP implements http.Handler.
+func (d *DebugHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	if !AllowDebugAccess(r) {
+		http.Error(w, "debug access denied", http.StatusForbidden)
+		return
+	}
+	if r.URL.Path != "/debug/" {
+		// Sub-handlers are handled by the parent mux directly.
+		http.NotFound(w, r)
+		return
+	}
+
+	AddBrowserHeaders(w)
+	f := func(format string, args ...any) { fmt.Fprintf(w, format, args...) }
+	f("<html><body><h1>%s</h1><ul>", html.EscapeString(d.title))
+	for _, kv := range d.kvs {
+		kv(w)
+	}
+	for _, url := range d.urls {
+		io.WriteString(w, url)
+	}
+	for _, section := range d.sections {
+		section(w, r)
+	}
+}
+
+func (d *DebugHandler) handle(slug string, handler http.Handler) string {
+	href := "/debug/" + slug
+	d.mux.Handle(href, Protected(debugBrowserHeaderHandler(handler)))
+	return href
+}
+
+// Handle registers handler at /debug/<slug> and adds a link to it
+// on /debug/ with the provided description.
+func (d *DebugHandler) Handle(slug, desc string, handler http.Handler) {
+	href := d.handle(slug, handler)
+	d.URL(href, desc)
+}
+
+// Handle registers handler at /debug/<slug> and adds a link to it
+// on /debug/ with the provided description.
+func (d *DebugHandler) HandleFunc(slug, desc string, handler http.HandlerFunc) {
+	d.Handle(slug, desc, handler)
+}
+
+// HandleSilent registers handler at /debug/<slug>. It does not add
+// a descriptive entry in /debug/ for it. This should be used
+// sparingly, for things that need to be registered but would pollute
+// the list of debug links.
+func (d *DebugHandler) HandleSilent(slug string, handler http.Handler) {
+	d.handle(slug, handler)
+}
+
+// HandleSilent registers handler at /debug/<slug>. It does not add
+// a descriptive entry in /debug/ for it. This should be used
+// sparingly, for things that need to be registered but would pollute
+// the list of debug links.
+func (d *DebugHandler) HandleSilentFunc(slug string, handler http.HandlerFunc) {
+	d.HandleSilent(slug, handler)
+}
+
+// KV adds a key/value list item to /debug/.
+func (d *DebugHandler) KV(k string, v any) {
+	val := html.EscapeString(fmt.Sprintf("%v", v))
+	d.kvs = append(d.kvs, func(w io.Writer) {
+		fmt.Fprintf(w, "<li><b>%s:</b> %s</li>", k, val)
+	})
+}
+
+// KVFunc adds a key/value list item to /debug/. v is called on every
+// render of /debug/.
+func (d *DebugHandler) KVFunc(k string, v func() any) {
+	d.kvs = append(d.kvs, func(w io.Writer) {
+		val := html.EscapeString(fmt.Sprintf("%v", v()))
+		fmt.Fprintf(w, "<li><b>%s:</b> %s</li>", k, val)
+	})
+}
+
+// URL adds a URL and description list item to /debug/.
+func (d *DebugHandler) URL(url, desc string) {
+	if desc != "" {
+		desc = " (" + desc + ")"
+	}
+	d.urls = append(d.urls, fmt.Sprintf(`<li><a href="%s">%s</a>%s</li>`, url, url, html.EscapeString(desc)))
+}
+
+// Section invokes f on every render of /debug/ to add supplemental
+// HTML to the page body.
+func (d *DebugHandler) Section(f func(w io.Writer, r *http.Request)) {
+	d.sections = append(d.sections, f)
+}
+
+// Title sets the title at the top of the debug page.
+func (d *DebugHandler) Title(title string) {
+	d.title = title
+}
+
+func gcHandler(w http.ResponseWriter, r *http.Request) {
+	w.Write([]byte("running GC...\n"))
+	if f, ok := w.(http.Flusher); ok {
+		f.Flush()
+	}
+	runtime.GC()
+	w.Write([]byte("Done.\n"))
+}
+
+// debugBrowserHeaderHandler is a wrapper around BrowserHeaderHandler with a
+// more relaxed Content-Security-Policy that's acceptable for internal debug
+// pages. It should not be used on any public-facing handlers!
+func debugBrowserHeaderHandler(h http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		AddBrowserHeaders(w)
+		// The only difference from AddBrowserHeaders is that this policy
+		// allows inline CSS styles. They make debug pages much easier to
+		// prototype, while the risk of user-injected CSS is relatively low.
+		w.Header().Set("Content-Security-Policy", "default-src 'self'; frame-ancestors 'none'; form-action 'self'; base-uri 'self'; block-all-mixed-content; object-src 'none'; style-src 'self' 'unsafe-inline'")
+		h.ServeHTTP(w, r)
+	})
+}

vendor/tailscale.com/tsweb/log.go

@@ -0,0 +1,64 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+package tsweb
+
+import (
+	"encoding/json"
+	"strings"
+	"time"
+)
+
+// AccessLogRecord is a record of one HTTP request served.
+type AccessLogRecord struct {
+	// Timestamp at which request processing started.
+	Time time.Time `json:"time"`
+	// Time it took to finish processing the request. It does not
+	// include the entire lifetime of the underlying connection in
+	// cases like connection hijacking, only the lifetime of the HTTP
+	// request handler.
+	Seconds float64 `json:"duration,omitempty"`
+
+	// The client's ip:port.
+	RemoteAddr string `json:"remote_addr,omitempty"`
+	// The HTTP protocol version, usually "HTTP/1.1 or HTTP/2".
+	Proto string `json:"proto,omitempty"`
+	// Whether the request was received over TLS.
+	TLS bool `json:"tls,omitempty"`
+	// The target hostname in the request.
+	Host string `json:"host,omitempty"`
+	// The HTTP method invoked.
+	Method string `json:"method,omitempty"`
+	// The unescaped request URI, including query parameters.
+	RequestURI string `json:"request_uri,omitempty"`
+
+	// The client's user-agent
+	UserAgent string `json:"user_agent,omitempty"`
+	// Where the client was before making this request.
+	Referer string `json:"referer,omitempty"`
+
+	// The HTTP response code sent to the client.
+	Code int `json:"code,omitempty"`
+	// Number of bytes sent in response body to client. If the request
+	// was hijacked, only includes bytes sent up to the point of
+	// hijacking.
+	Bytes int `json:"bytes,omitempty"`
+	// Error encountered during request processing.
+	Err string `json:"err,omitempty"`
+	// RequestID is a unique ID for this request. If the *http.Request context
+	// carries this value via SetRequestID, then it will be displayed to the
+	// client immediately after the error text, as well as logged here. This
+	// makes it easier to correlate support requests with server logs. If a
+	// RequestID generator is not configured, RequestID will be empty.
+	RequestID RequestID `json:"request_id,omitempty"`
+}
+
+// String returns m as a JSON string.
+func (m AccessLogRecord) String() string {
+	if m.Time.IsZero() {
+		m.Time = time.Now()
+	}
+	var buf strings.Builder
+	json.NewEncoder(&buf).Encode(m)
+	return strings.TrimRight(buf.String(), "\n")
+}

vendor/tailscale.com/tsweb/pprof_default.go

@@ -0,0 +1,24 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build !js && !wasm
+
+package tsweb
+
+import (
+	"net/http"
+	"net/http/pprof"
+)
+
+func addProfilingHandlers(d *DebugHandler) {
+	// pprof.Index serves everything that runtime/pprof.Lookup finds:
+	// goroutine, threadcreate, heap, allocs, block, mutex
+	d.Handle("pprof/", "pprof (index)", http.HandlerFunc(pprof.Index))
+	// But register the other ones from net/http/pprof directly:
+	d.HandleSilent("pprof/cmdline", http.HandlerFunc(pprof.Cmdline))
+	d.HandleSilent("pprof/profile", http.HandlerFunc(pprof.Profile))
+	d.HandleSilent("pprof/symbol", http.HandlerFunc(pprof.Symbol))
+	d.HandleSilent("pprof/trace", http.HandlerFunc(pprof.Trace))
+	d.URL("/debug/pprof/goroutine?debug=1", "Goroutines (collapsed)")
+	d.URL("/debug/pprof/goroutine?debug=2", "Goroutines (full)")
+}

vendor/tailscale.com/tsweb/pprof_js.go

@@ -0,0 +1,10 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build js && wasm
+
+package tsweb
+
+func addProfilingHandlers(d *DebugHandler) {
+	// No pprof in js builds, pprof doesn't work and bloats the build.
+}

vendor/tailscale.com/tsweb/request_id.go

@@ -0,0 +1,77 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+package tsweb
+
+import (
+	"context"
+	"net/http"
+	"time"
+
+	"tailscale.com/util/ctxkey"
+	"tailscale.com/util/rands"
+)
+
+// RequestID is an opaque identifier for a HTTP request, used to correlate
+// user-visible errors with backend server logs. The RequestID is typically
+// threaded through an HTTP Middleware (WithRequestID) and then can be extracted
+// by HTTP Handlers to include in their logs.
+//
+// RequestID is an opaque identifier for a HTTP request, used to correlate
+// user-visible errors with backend server logs. If present in the context, the
+// RequestID will be printed alongside the message text and logged in the
+// AccessLogRecord.
+//
+// A RequestID has the format "REQ-1{ID}", and the ID should be treated as an
+// opaque string. The current implementation uses a UUID.
+type RequestID string
+
+// String returns the string format of the request ID, for use in e.g. setting
+// a [http.Header].
+func (r RequestID) String() string {
+	return string(r)
+}
+
+// RequestIDKey stores and loads [RequestID] values within a [context.Context].
+var RequestIDKey ctxkey.Key[RequestID]
+
+// RequestIDHeader is a custom HTTP header that the WithRequestID middleware
+// uses to determine whether to re-use a given request ID from the client
+// or generate a new one.
+const RequestIDHeader = "X-Tailscale-Request-Id"
+
+// GenerateRequestID generates a new request ID with the current format.
+func GenerateRequestID() RequestID {
+	// Return a string of the form "REQ-<VersionByte><...>"
+	// Previously we returned "REQ-1<UUIDString>".
+	// Now we return "REQ-2" version, where the "2" doubles as the year 2YYY
+	// in a leading date.
+	now := time.Now().UTC()
+	return RequestID("REQ-" + now.Format("20060102150405") + rands.HexString(16))
+}
+
+// SetRequestID is an HTTP middleware that injects a RequestID in the
+// *http.Request Context. The value of that request id is either retrieved from
+// the RequestIDHeader or a randomly generated one if not exists. Inner
+// handlers can retrieve this ID from the RequestIDFromContext function.
+func SetRequestID(h http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		var rid RequestID
+		if id := r.Header.Get(RequestIDHeader); id != "" {
+			rid = RequestID(id)
+		} else {
+			rid = GenerateRequestID()
+		}
+		ctx := RequestIDKey.WithValue(r.Context(), rid)
+		r = r.WithContext(ctx)
+		h.ServeHTTP(w, r)
+	})
+}
+
+// RequestIDFromContext retrieves the RequestID from context that can be set by
+// the SetRequestID function.
+//
+// Deprecated: Use [RequestIDKey.Value] instead.
+func RequestIDFromContext(ctx context.Context) RequestID {
+	return RequestIDKey.Value(ctx)
+}

vendor/tailscale.com/tsweb/varz/varz.go

@@ -5,21 +5,28 @@
 package varz
 
 import (
+	"bufio"
 	"cmp"
 	"expvar"
 	"fmt"
 	"io"
 	"net/http"
+	"os"
+	"path/filepath"
 	"reflect"
 	"runtime"
 	"sort"
+	"strconv"
 	"strings"
 	"sync"
 	"time"
 	"unicode"
 	"unicode/utf8"
 
+	"golang.org/x/exp/constraints"
 	"tailscale.com/metrics"
+	"tailscale.com/syncs"
+	"tailscale.com/types/logger"
 	"tailscale.com/version"
 )
 
@@ -130,6 +137,9 @@ func writePromExpVar(w io.Writer, prefix string, kv expvar.KeyValue) {
 	case *expvar.Int:
 		fmt.Fprintf(w, "# TYPE %s %s\n%s %v\n", name, cmp.Or(typ, "counter"), name, v.Value())
 		return
+	case *syncs.ShardedInt:
+		fmt.Fprintf(w, "# TYPE %s %s\n%s %v\n", name, cmp.Or(typ, "counter"), name, v.Value())
+		return
 	case *expvar.Float:
 		fmt.Fprintf(w, "# TYPE %s %s\n%s %v\n", name, cmp.Or(typ, "gauge"), name, v.Value())
 		return
@@ -185,7 +195,11 @@ func writePromExpVar(w io.Writer, prefix string, kv expvar.KeyValue) {
 				return
 			}
 			if vs, ok := v.(string); ok && strings.HasSuffix(name, "version") {
-				fmt.Fprintf(w, "%s{version=%q} 1\n", name, vs)
+				if name == "version" {
+					fmt.Fprintf(w, "%s{version=%q,binary=%q} 1\n", name, vs, binaryName())
+				} else {
+					fmt.Fprintf(w, "%s{version=%q} 1\n", name, vs)
+				}
 				return
 			}
 			switch v := v.(type) {
@@ -304,6 +318,18 @@ func ExpvarDoHandler(expvarDoFunc func(f func(expvar.KeyValue))) func(http.Respo
 	}
 }
 
+var binaryName = sync.OnceValue(func() string {
+	exe, err := os.Executable()
+	if err != nil {
+		return ""
+	}
+	exe2, err := filepath.EvalSymlinks(exe)
+	if err != nil {
+		return filepath.Base(exe)
+	}
+	return filepath.Base(exe2)
+})
+
 // PrometheusMetricsReflectRooter is an optional interface that expvar.Var implementations
 // can implement to indicate that they should be walked recursively with reflect to find
 // sets of fields to export.
@@ -316,21 +342,52 @@ type PrometheusMetricsReflectRooter interface {
 
 var expvarDo = expvar.Do // pulled out for tests
 
-func writeMemstats(w io.Writer, ms *runtime.MemStats) {
-	out := func(name, typ string, v uint64, help string) {
-		if help != "" {
-			fmt.Fprintf(w, "# HELP memstats_%s %s\n", name, help)
-		}
-		fmt.Fprintf(w, "# TYPE memstats_%s %s\nmemstats_%s %v\n", name, typ, name, v)
+func writeMemstat[V constraints.Integer | constraints.Float](bw *bufio.Writer, typ, name string, v V, help string) {
+	if help != "" {
+		bw.WriteString("# HELP memstats_")
+		bw.WriteString(name)
+		bw.WriteString(" ")
+		bw.WriteString(help)
+		bw.WriteByte('\n')
 	}
-	g := func(name string, v uint64, help string) { out(name, "gauge", v, help) }
-	c := func(name string, v uint64, help string) { out(name, "counter", v, help) }
-	g("heap_alloc", ms.HeapAlloc, "current bytes of allocated heap objects (up/down smoothly)")
-	c("total_alloc", ms.TotalAlloc, "cumulative bytes allocated for heap objects")
-	g("sys", ms.Sys, "total bytes of memory obtained from the OS")
-	c("mallocs", ms.Mallocs, "cumulative count of heap objects allocated")
-	c("frees", ms.Frees, "cumulative count of heap objects freed")
-	c("num_gc", uint64(ms.NumGC), "number of completed GC cycles")
+	bw.WriteString("# TYPE memstats_")
+	bw.WriteString(name)
+	bw.WriteString(" ")
+	bw.WriteString(typ)
+	bw.WriteByte('\n')
+	bw.WriteString("memstats_")
+	bw.WriteString(name)
+	bw.WriteByte(' ')
+	rt := reflect.TypeOf(v)
+	switch {
+	case rt == reflect.TypeFor[int]() ||
+		rt == reflect.TypeFor[uint]() ||
+		rt == reflect.TypeFor[int8]() ||
+		rt == reflect.TypeFor[uint8]() ||
+		rt == reflect.TypeFor[int16]() ||
+		rt == reflect.TypeFor[uint16]() ||
+		rt == reflect.TypeFor[int32]() ||
+		rt == reflect.TypeFor[uint32]() ||
+		rt == reflect.TypeFor[int64]() ||
+		rt == reflect.TypeFor[uint64]() ||
+		rt == reflect.TypeFor[uintptr]():
+		bw.Write(strconv.AppendInt(bw.AvailableBuffer(), int64(v), 10))
+	case rt == reflect.TypeFor[float32]() || rt == reflect.TypeFor[float64]():
+		bw.Write(strconv.AppendFloat(bw.AvailableBuffer(), float64(v), 'f', -1, 64))
+	}
+	bw.WriteByte('\n')
+}
+
+func writeMemstats(w io.Writer, ms *runtime.MemStats) {
+	fmt.Fprintf(w, "%v", logger.ArgWriter(func(bw *bufio.Writer) {
+		writeMemstat(bw, "gauge", "heap_alloc", ms.HeapAlloc, "current bytes of allocated heap objects (up/down smoothly)")
+		writeMemstat(bw, "counter", "total_alloc", ms.TotalAlloc, "cumulative bytes allocated for heap objects")
+		writeMemstat(bw, "gauge", "sys", ms.Sys, "total bytes of memory obtained from the OS")
+		writeMemstat(bw, "counter", "mallocs", ms.Mallocs, "cumulative count of heap objects allocated")
+		writeMemstat(bw, "counter", "frees", ms.Frees, "cumulative count of heap objects freed")
+		writeMemstat(bw, "counter", "num_gc", ms.NumGC, "number of completed GC cycles")
+		writeMemstat(bw, "gauge", "gc_cpu_fraction", ms.GCCPUFraction, "fraction of CPU time used by GC")
+	}))
 }
 
 // sortedStructField is metadata about a struct field used both for sorting once