diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 4bab0f663..05f17cf28 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -47,6 +47,12 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 + # Install a more recent Go that understands modern go.mod content. + - name: Install Go + uses: actions/setup-go@v4 + with: + go-version-file: go.mod + # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL uses: github/codeql-action/init@v2 diff --git a/cmd/tailscaled/depaware.txt b/cmd/tailscaled/depaware.txt index b2fb5787d..52387e849 100644 --- a/cmd/tailscaled/depaware.txt +++ b/cmd/tailscaled/depaware.txt @@ -193,13 +193,13 @@ tailscale.com/cmd/tailscaled dependencies: (generated by github.com/tailscale/de 💣 gvisor.dev/gvisor/pkg/sync/locking from gvisor.dev/gvisor/pkg/tcpip/stack gvisor.dev/gvisor/pkg/tcpip from gvisor.dev/gvisor/pkg/tcpip/header+ gvisor.dev/gvisor/pkg/tcpip/adapters/gonet from tailscale.com/wgengine/netstack - gvisor.dev/gvisor/pkg/tcpip/checksum from gvisor.dev/gvisor/pkg/buffer+ + 💣 gvisor.dev/gvisor/pkg/tcpip/checksum from gvisor.dev/gvisor/pkg/buffer+ gvisor.dev/gvisor/pkg/tcpip/hash/jenkins from gvisor.dev/gvisor/pkg/tcpip/stack+ gvisor.dev/gvisor/pkg/tcpip/header from gvisor.dev/gvisor/pkg/tcpip/header/parse+ gvisor.dev/gvisor/pkg/tcpip/header/parse from gvisor.dev/gvisor/pkg/tcpip/network/ipv4+ gvisor.dev/gvisor/pkg/tcpip/internal/tcp from gvisor.dev/gvisor/pkg/tcpip/stack+ gvisor.dev/gvisor/pkg/tcpip/link/channel from tailscale.com/wgengine/netstack - gvisor.dev/gvisor/pkg/tcpip/network/hash from gvisor.dev/gvisor/pkg/tcpip/network/ipv4+ + gvisor.dev/gvisor/pkg/tcpip/network/hash from gvisor.dev/gvisor/pkg/tcpip/network/ipv4 gvisor.dev/gvisor/pkg/tcpip/network/internal/fragmentation from gvisor.dev/gvisor/pkg/tcpip/network/ipv4+ gvisor.dev/gvisor/pkg/tcpip/network/internal/ip from gvisor.dev/gvisor/pkg/tcpip/network/ipv4+ gvisor.dev/gvisor/pkg/tcpip/network/internal/multicast from gvisor.dev/gvisor/pkg/tcpip/network/ipv4+ @@ -495,7 +495,7 @@ tailscale.com/cmd/tailscaled dependencies: (generated by github.com/tailscale/de hash from crypto+ hash/adler32 from compress/zlib+ hash/crc32 from compress/gzip+ - hash/fnv from tailscale.com/wgengine/magicsock+ + hash/fnv from tailscale.com/wgengine/magicsock hash/maphash from go4.org/mem html from tailscale.com/ipn/ipnlocal+ html/template from github.com/gorilla/csrf diff --git a/go.mod b/go.mod index 85dfeb644..b080bf19c 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,8 @@ module tailscale.com -go 1.21 +go 1.21.1 + +toolchain go1.21.5 require ( filippo.io/mkcert v1.4.4 @@ -92,7 +94,7 @@ require ( golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 golang.zx2c4.com/wireguard/windows v0.5.3 gopkg.in/square/go-jose.v2 v2.6.0 - gvisor.dev/gvisor v0.0.0-20230928000133-4fe30062272c + gvisor.dev/gvisor v0.0.0-20240119233241-c9c1d4f9b186 honnef.co/go/tools v0.4.6 inet.af/peercred v0.0.0-20210906144145-0893ea02156a inet.af/tcpproxy v0.0.0-20231102063150-2862066fc2a9 diff --git a/go.sum b/go.sum index 7879e1003..06f2d293d 100644 --- a/go.sum +++ b/go.sum @@ -1401,8 +1401,8 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gotest.tools/v3 v3.4.0 h1:ZazjZUfuVeZGLAmlKKuyv3IKP5orXcwtOwDQH6YVr6o= gotest.tools/v3 v3.4.0/go.mod h1:CtbdzLSsqVhDgMtKsx03ird5YTGB3ar27v0u/yKBW5g= -gvisor.dev/gvisor v0.0.0-20230928000133-4fe30062272c h1:bYb98Ra11fJ8F2xFbZx0zg2VQ28lYqC1JxfaaF53xqY= -gvisor.dev/gvisor v0.0.0-20230928000133-4fe30062272c/go.mod h1:AVgIgHMwK63XvmAzWG9vLQ41YnVHN0du0tEC46fI7yY= +gvisor.dev/gvisor v0.0.0-20240119233241-c9c1d4f9b186 h1:VWRSJX9ghfqsRSZGMAILL6QpYRKWnHcYPi24SCubQRs= +gvisor.dev/gvisor v0.0.0-20240119233241-c9c1d4f9b186/go.mod h1:10sU+Uh5KKNv1+2x2A0Gvzt8FjD3ASIhorV3YsauXhk= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/version_test.go b/version_test.go index 33c22dd79..1f434e682 100644 --- a/version_test.go +++ b/version_test.go @@ -16,7 +16,7 @@ func TestDockerfileVersion(t *testing.T) { if err != nil { t.Fatal(err) } - m := regexp.MustCompile(`(?m)^go (\d\.\d+)\r?$`).FindStringSubmatch(string(goMod)) + m := regexp.MustCompile(`(?m)^go (\d\.\d+)\r?($|\.)`).FindStringSubmatch(string(goMod)) if m == nil { t.Fatalf("didn't find go version in go.mod") } diff --git a/wgengine/netstack/netstack.go b/wgengine/netstack/netstack.go index abe04668a..2c2214d8d 100644 --- a/wgengine/netstack/netstack.go +++ b/wgengine/netstack/netstack.go @@ -1062,7 +1062,7 @@ func (ns *Impl) acceptUDP(r *udp.ForwarderRequest) { return // Only MagicDNS traffic runs on the service IPs for now. } - c := gonet.NewUDPConn(ns.ipstack, &wq, ep) + c := gonet.NewUDPConn(&wq, ep) go ns.handleMagicDNSUDP(srcAddr, c) return } @@ -1074,12 +1074,12 @@ func (ns *Impl) acceptUDP(r *udp.ForwarderRequest) { ep.Close() return } - go h(gonet.NewUDPConn(ns.ipstack, &wq, ep)) + go h(gonet.NewUDPConn(&wq, ep)) return } } - c := gonet.NewUDPConn(ns.ipstack, &wq, ep) + c := gonet.NewUDPConn(&wq, ep) go ns.forwardUDP(c, srcAddr, dstAddr) }