From 8c9eff4f8b3c32e386cfb2c2d74751904e7b429b Mon Sep 17 00:00:00 2001
From: Josh Bleecher Snyder <josh@tailscale.com>
Date: Tue, 15 Mar 2022 12:51:49 -0700
Subject: [PATCH] [tailscale1.20] net: add TS_PANIC_ON_TEST_LISTEN_UNSPEC env
 to panic on unspecified addr listens

For debugging Mac firewall dialog boxes blocking+failing tests.

Change-Id: Ic1a0cd51de7fe553de1c1c9333fa1cc75b8490f2
(cherry picked from commit cd7323c47e65e19e4cb3d18274090a9d2ed49ecd)
---
 src/net/tcpsock_posix.go | 22 ++++++++++++++++++++++
 src/net/udpsock_posix.go |  4 ++++
 2 files changed, 26 insertions(+)

diff --git a/src/net/tcpsock_posix.go b/src/net/tcpsock_posix.go
index 0b3fa1ae0c3ae..f3fd1d3cd0ec7 100644
--- a/src/net/tcpsock_posix.go
+++ b/src/net/tcpsock_posix.go
@@ -164,7 +164,29 @@ func (ln *TCPListener) file() (*os.File, error) {
 	return f, nil
 }
 
+// Tailscale addition: if TS_PANIC_ON_TEST_LISTEN_UNSPEC is set, panic
+// if a listen tries to listen on all interfaces (for debugging Mac
+// firewall dialogs in tests).
+func panicOnUnspecListen(ip IP) bool {
+	if ip != nil && !ip.IsUnspecified() {
+		return false
+	}
+	v := os.Getenv("TS_PANIC_ON_TEST_LISTEN_UNSPEC")
+	if v == "" {
+		return false
+	}
+	switch v[0] {
+	case 't', 'T', '1':
+		return true
+	}
+	return false
+}
+
 func (sl *sysListener) listenTCP(ctx context.Context, laddr *TCPAddr) (*TCPListener, error) {
+	if panicOnUnspecListen(laddr.IP) {
+		panic("tailscale: can't listen on unspecified address in test")
+	}
+
 	var ctrlCtxFn func(cxt context.Context, network, address string, c syscall.RawConn) error
 	if sl.ListenConfig.Control != nil {
 		ctrlCtxFn = func(cxt context.Context, network, address string, c syscall.RawConn) error {
diff --git a/src/net/udpsock_posix.go b/src/net/udpsock_posix.go
index ffeec81cffdf1..031affc8cd34e 100644
--- a/src/net/udpsock_posix.go
+++ b/src/net/udpsock_posix.go
@@ -217,6 +217,10 @@ func (sd *sysDialer) dialUDP(ctx context.Context, laddr, raddr *UDPAddr) (*UDPCo
 }
 
 func (sl *sysListener) listenUDP(ctx context.Context, laddr *UDPAddr) (*UDPConn, error) {
+	if panicOnUnspecListen(laddr.IP) {
+		panic("tailscale: can't listen on unspecified address in test")
+	}
+
 	var ctrlCtxFn func(cxt context.Context, network, address string, c syscall.RawConn) error
 	if sl.ListenConfig.Control != nil {
 		ctrlCtxFn = func(cxt context.Context, network, address string, c syscall.RawConn) error {