ipn, tailcfg: change Windows subnet disabling behavior w/ WPAD

In 1.0, subnet relays were not specially handled when WPAD+PAC was
present on the network.

In 1.2, on Windows, subnet relays were disabled if WPAD+PAC was
present. That was what some users wanted, but not others.

This makes it configurable per domain, reverting back to the 1.0
default state of them not being special. Users who want that behavior
can then enable it.

Signed-off-by: Brad Fitzpatrick <[email protected]>

ipn/local.go

@@ -1154,6 +1154,7 @@ func (b *LocalBackend) authReconfig() {
 	uc := b.prefs
 	nm := b.netMap
 	hasPAC := b.prevIfState.HasPAC()
+	disableSubnetsIfPAC := nm != nil && nm.Debug != nil && nm.Debug.DisableSubnetsIfPAC.EqualBool(true)
 	b.mu.Unlock()
 
 	if blocked {
@@ -1178,13 +1179,7 @@ func (b *LocalBackend) authReconfig() {
 	if uc.AllowSingleHosts {
 		flags |= controlclient.AllowSingleHosts
 	}
-	if hasPAC {
-		// TODO(bradfitz): make this policy configurable per
-		// domain, flesh out all the edge cases where subnet
-		// routes might shadow corp HTTP proxies, DNS servers,
-		// domain controllers, etc. For now we just want
-		// Tailscale to stay enabled while laptops roam
-		// between corp & non-corp networks.
+	if hasPAC && disableSubnetsIfPAC {
 		if flags&controlclient.AllowSubnetRoutes != 0 {
 			b.logf("authReconfig: have PAC; disabling subnet routes")
 			flags &^= controlclient.AllowSubnetRoutes

tailcfg/tailcfg.go

@@ -673,6 +673,10 @@ type Debug struct {
 	// TrimWGConfig controls whether Tailscale does lazy, on-demand
 	// wireguard configuration of peers.
 	TrimWGConfig opt.Bool `json:",omitempty"`
+
+	// DisableSubnetsIfPAC controls whether subnet routers should be
+	// disabled if WPAD is present on the network.
+	DisableSubnetsIfPAC opt.Bool `json:",omitempty"`
 }
 
 func (k MachineKey) String() string                   { return fmt.Sprintf("mkey:%x", k[:]) }