tailscale

Commit Graph

Author	SHA1	Message	Date
James Tucker	41b05e6910	go.mod: bump wireguard-go Updates #9555 Signed-off-by: James Tucker <james@tailscale.com>	8 months ago
James Tucker	0c8c374a41	go.mod: bump all dependencies except go-billy go-billy is held back at v5.4.1 in order to avoid a newly introduced subdependency that is not compatible with plan9. Updates #8043 Signed-off-by: James Tucker <james@tailscale.com>	8 months ago
James Tucker	84acf83019	go.mod,net/dnsfallback: bump go4.org/netipx Updates #8043 Signed-off-by: James Tucker <james@tailscale.com>	8 months ago
James Tucker	87bc831730	go.mod,cmd/tsconnect: bump esbuild Updates #8043 Signed-off-by: James Tucker <james@tailscale.com>	8 months ago
James Tucker	71f2c67c6b	go.mod: bump wingoes for cross-platform HRESULT definition Updates #9579 Signed-off-by: James Tucker <james@tailscale.com>	8 months ago
Andrea Barisani	b5b4298325	go.mod,*: bump gvisor Updates #9253 Signed-off-by: Andrea Barisani <andrea@inversepath.com> Signed-off-by: James Tucker <james@tailscale.com>	8 months ago
Joe Tsai	36242904f1	go.mod: update github.com/go-json-experiment/json (#9508 ) Update github.com/go-json-experiment/json to the latest version and fix the build in light of some breaking API changes. Updates #cleanup Signed-off-by: Joe Tsai <joetsai@digital-static.net>	8 months ago
Will Norris	652f77d236	client/web: switch to using prebuilt web client assets Updates tailscale/corp#13775 Co-authored-by: Sonia Appasamy <sonia@tailscale.com> Signed-off-by: Sonia Appasamy <sonia@tailscale.com> Signed-off-by: Will Norris <will@tailscale.com>	8 months ago
Andrew Lytvynov	4e72992900	clientupdate: add linux tarball updates (#9144 ) As a fallback to package managers, allow updating tailscale that was self-installed in some way. There are some tricky bits around updating the systemd unit (should we stick to local binary paths or to the ones in tailscaled.service?), so leaving that out for now. Updates #6995 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	9 months ago
Brad Fitzpatrick	98a5116434	all: adjust some build tags for plan9 I'm not saying it works, but it compiles. Updates #5794 Change-Id: I2f3c99732e67fe57a05edb25b758d083417f083e Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	9 months ago
Aaron Klotz	ea693eacb6	util/winutil: add RegisterForRestart, allowing programs to indicate their preferences to the Windows restart manager In order for the installer to restart the GUI correctly post-upgrade, we need the GUI to be able to register its restart preferences. This PR adds API support for doing so. I'm adding it to OSS so that it is available should we need to do any such registrations on OSS binaries in the future. Updates https://github.com/tailscale/corp/issues/13998 Signed-off-by: Aaron Klotz <aaron@tailscale.com>	9 months ago
Maisem Ali	4b13e6e087	go.mod: bump golang.org/x/net Theory is that our long lived http2 connection to control would get tainted by _something_ (unclear what) and would get closed. This picks up the fix for golang/go#60818. Updates tailscale/corp#5761 Signed-off-by: Maisem Ali <maisem@tailscale.com>	9 months ago
Sonia Appasamy	077bbb8403	client/web: add csrf protection to web client api Adds csrf protection and hooks up an initial POST request from the React web client. Updates tailscale/corp#13775 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	9 months ago
Brad Fitzpatrick	66f27c4beb	all: require Go 1.21 Updates #8419 Change-Id: I809b6a4d59d92a2ab6ec587ccbb9053376bf02c2 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	9 months ago
Andrew Lytvynov	eb6883bb5a	go.mod: upgrade nfpm to v2 (#8786 ) Upgrade the nfpm package to the latest version to pick up `24a43c5ad7`. The upgrade is from v0 to v2, so there was some breakage to fix. Generated packages should have the same contents as before. Updates https://github.com/tailscale/tailscale/issues/1882 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	10 months ago
Aaron Klotz	37925b3e7a	go.mod, cmd/tailscaled, ipn/localapi, util/osdiag, util/winutil, util/winutil/authenticode: add Windows module list to OS-specific logs that are written upon bugreport * We update wingoes to pick up new version information functionality (See pe/version.go in the https://github.com/dblohm7/wingoes repo); * We move the existing LogSupportInfo code (including necessary syscall stubs) out of util/winutil into a new package, util/osdiag, and implement the public LogSupportInfo function may be implemented for other platforms as needed; * We add a new reason argument to LogSupportInfo and wire that into localapi's bugreport implementation; * We add module information to the Windows implementation of LogSupportInfo when reason indicates a bugreport. We enumerate all loaded modules in our process, and for each one we gather debug, authenticode signature, and version information. Fixes #7802 Signed-off-by: Aaron Klotz <aaron@tailscale.com>	10 months ago
Aaron Klotz	7adf15f90e	cmd/tailscale/cli, util/winutil/authenticode: flesh out authenticode support Previously, tailscale upgrade was doing the bare minimum for checking authenticode signatures via `WinVerifyTrustEx`. This is fine, but we can do better: * WinVerifyTrustEx verifies that the binary's signature is valid, but it doesn't determine whose signature is valid; tailscale upgrade should also ensure that the binary is actually signed by us. * I added the ability to check the signatures of MSI files. * In future PRs I will be adding diagnostic logging that lists details about every module (ie, DLL) loaded into our process. As part of that metadata, I want to be able to extract information about who signed the binaries. This code is modelled on some C++ I wrote for Firefox back in the day. See https://searchfox.org/mozilla-central/rev/27e4816536c891d85d63695025f2549fd7976392/toolkit/xre/dllservices/mozglue/Authenticode.cpp for reference. Fixes #8284 Signed-off-by: Aaron Klotz <aaron@tailscale.com>	10 months ago
David Anderson	52212f4323	all: update exp/slices and fix call sites slices.SortFunc suffered a late-in-cycle API breakage. Updates #cleanup Signed-off-by: David Anderson <danderson@tailscale.com>	10 months ago
dependabot[bot]	8bdc03913c	go.mod: bump github.com/docker/distribution (#8121 ) Bumps [github.com/docker/distribution](https://github.com/docker/distribution) from 2.8.1+incompatible to 2.8.2+incompatible. - [Release notes](https://github.com/docker/distribution/releases) - [Commits](https://github.com/docker/distribution/compare/v2.8.1...v2.8.2) --- updated-dependencies: - dependency-name: github.com/docker/distribution dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	10 months ago
Andrew Lytvynov	7a82fd8dbe	ipn/ipnlocal: add optional support for ACME Renewal Info (ARI) (#8599 )	10 months ago
Adrian Dewhurst	8c0572e088	go.mod: bump wireguard-go This pulls in IP checksum optimization on amd64, see tailscale/wireguard-go@bb2c8f2. Updates tailscale/corp#9755 Change-Id: I60e932fc4031703b56eb86a676465c5d02d99236 Signed-off-by: Adrian Dewhurst <adrian@tailscale.com>	10 months ago
Andrew Dunham	b6d20e6f8f	go.mod, net/dns/recursive: update github.com/miekg/dns Updates #cleanup Change-Id: If4de6a84448a17dd81cc2a8af788bd18c3d0bbe3 Signed-off-by: Andrew Dunham <andrew@du.nham.ca>	11 months ago
Brad Fitzpatrick	67e912824a	all: adjust some build tags for wasi A start. Updates #8320 Change-Id: I64057f977be51ba63ce635c56d67de7ecec415d1 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	11 months ago
Vince Prignano	1a691ec5b2	cmd/k8s-operator: update controller-runtime to v0.15 Fixes #8170 Signed-off-by: Vince Prignano <vince@prigna.com>	12 months ago
James Tucker	5def4f4a1c	go.mod: bump goreleaser deps Periodic update for start of cycle. goreleaser is not updated to v2 yet, but indirects updated. Updates #8043 Signed-off-by: James Tucker <james@tailscale.com>	1 year ago
James Tucker	48605226dd	go.mod: bump gvisor Periodic update for start of cycle. Updates #8043 Signed-off-by: James Tucker <james@tailscale.com>	1 year ago
Maisem Ali	f46c1aede0	go.mod: bump k8s libs The key is to update sigs.k8s.io/controller-runtime and let it update others. Updates #8043 Signed-off-by: Maisem Ali <maisem@tailscale.com>	1 year ago
Brad Fitzpatrick	9e9ea6e974	go.mod: bump all deps possible that don't break the build This holds back gvisor, kubernetes, goreleaser, and esbuild, which all had breaking API changes. Updates #8043 Updates #7381 Updates #8042 (updates u-root which adds deps) Change-Id: I889759bea057cd3963037d41f608c99eb7466a5b Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
dependabot[bot]	270942094f	build(deps): bump github.com/docker/docker Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.16+incompatible to 20.10.24+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](https://github.com/docker/docker/compare/v20.10.16...v20.10.24) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	1 year ago
Andrew Dunham	280255acae	various: add golangci-lint, fix issues (#7905 ) This adds an initial and intentionally minimal configuration for golang-ci, fixes the issues reported, and adds a GitHub Action to check new pull requests against this linter configuration. Signed-off-by: Andrew Dunham <andrew@du.nham.ca> Change-Id: I8f38fbc315836a19a094d0d3e986758b9313f163	1 year ago
Anton Tolchanov	11e6247d2a	tsweb: expose native Prometheus metrics in /debug/varz The handler will expose built-in process and Go metrics by default, which currently duplicate some of the expvar-proxied metrics (`goroutines` vs `go_goroutines`, `memstats` vs `go_memstats`), but as long as their names are different, Prometheus server will just scrape both. This will change /debug/varz behaviour for most tsweb binaries, but notably not for control, which configures a `tsweb.VarzHandler` [explicitly](`a5b5d5167f/cmd/tailcontrol/tailcontrol.go (L779)`) Updates https://github.com/tailscale/corp/issues/10205 Signed-off-by: Anton Tolchanov <anton@tailscale.com>	1 year ago
Jordan Whited	f571536598	go.mod: bump wireguard-go (#7836 ) This pulls in a synchronization optimization, see tailscale/wireguard-go@af17262. Updates tailscale/corp#8734 Signed-off-by: Jordan Whited <jordan@tailscale.com>	1 year ago
Jordan Whited	765d3253f3	go.mod: bump wireguard-go (#7792 ) Pull in TUN checksum optimizations and crypto channel changes. Updates tailscale/corp#8734 Signed-off-by: Jordan Whited <jordan@tailscale.com>	1 year ago
James Tucker	a31e43f760	go.mod: bump gvisor to 20230320 for dispatcher locking Upstream improved code around an issue showing up in CI, where sometimes shutdown will race on endpoint.dispatcher being nil'd, causing a panic down stack of injectInbound. The upstream patch makes some usage more safe, but it does not itself fix the local issue. See panic in https://github.com/tailscale/tailscale/actions/runs/4548299564/jobs/8019187385#step:7:843 See fix in google/gvisor@13d7bf69d8 Updates #7715 Signed-off-by: James Tucker <james@tailscale.com>	1 year ago
Jordan Whited	27e37cf9b3	go.mod, net/tstun, wgengine/magicsock: update wireguard-go (#7712 ) This commit updates the wireguard-go dependency to pull in fixes for the tun package, specifically 052af4a and aad7fca. Signed-off-by: Jordan Whited <jordan@tailscale.com>	1 year ago
Brad Fitzpatrick	1410682fb6	cmd/sniproxy: add start of a tsnet-based SNI proxy $ curl https://canhazip.com/ 170.173.0.21 $ curl --resolve canhazip.com:443:100.85.165.81 https://canhazip.com/ 34.223.127.151 Updates #1748 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Andrew Dunham	d8286d0dc2	go.mod: bump golang.org/x/image to latest version This resolves a dependabot alert, though the alert does not affect us: https://github.com/tailscale/tailscale/security/dependabot/6 Signed-off-by: Andrew Dunham <andrew@du.nham.ca> Change-Id: I087de6f22fb4821d0035fc16b603f9692581b9bd	1 year ago
Brad Fitzpatrick	e8a028cf82	go.mod: bump x/crypto No particular reason. Just good point of our release cycle for some #cleanup. It also makes dependabot happy about something we're not using? Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Brad Fitzpatrick	607c3eb813	go.toolchain.rev: update to Go 1.20.1 And bump x/net for the HTTP/2 fixes. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Andrew Dunham	ba48ec5e39	util/linuxfw: initial implementation of package This package is an initial implementation of something that can read netfilter and iptables rules from the Linux kernel without needing to shell out to an external utility; it speaks directly to the kernel using syscalls and parses the data returned. Currently this is read-only since it only knows how to parse a subset of the available data. Signed-off-by: Andrew Dunham <andrew@tailscale.com> Change-Id: Iccadf5dcc081b73268d8ccf8884c24eb6a6f1ff5	1 year ago
Brad Fitzpatrick	03645f0c27	net/{netns,netstat}: use new x/sys/cpu.IsBigEndian See golang/go#57237 Change-Id: If47ab6de7c1610998a5808e945c4177c561eab45 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Brad Fitzpatrick	b1248442c3	all: update to Go 1.20, use strings.CutPrefix/Suffix instead of our fork Updates #7123 Updates #5309 Change-Id: I90bcd87a2fb85a91834a0dd4be6e03db08438672 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Brad Fitzpatrick	0d794a10ff	go.mod: bump wintun-go For https://git.zx2c4.com/wintun-go/commit/?id=0fa3db229ce2036ae779de8ba03d336b7aa826bd Updates #6647 Change-Id: I1686b2c77df331fcb9fa4fae88e08232bb95f10b Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Brad Fitzpatrick	6793685bba	go.mod: bump AWS SDK past a breaking API change of theirs They changed a type in their SDK which meant others using the AWS APIs in their Go programs (with newer AWS modules in their caller go.mod) and then depending on Tailscale (for e.g. tsnet) then couldn't compile ipn/store/awsstore. Thanks to @thisisaaronland for bringing this up. Fixes #7019 Change-Id: I8d2919183dabd6045a96120bb52940a9bb27193b Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Will Norris	fff617c988	go.mod: bump golang.org/x/net and dependencies I don't think CVE-2022-41717 necessarily impacts us (maybe as part of funnel?), but it came up in a recent security scan so worth updating anyway. Signed-off-by: Will Norris <will@tailscale.com>	1 year ago
Brad Fitzpatrick	1116602d4c	ssh/tailssh: add OpenBSD support for Tailscale SSH And bump go.mod for https://github.com/u-root/u-root/pull/2593 Change-Id: I36ec94c5b2b76d671cb739f1e9a1a43ca1d9d1b1 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
andig	14e8afe444	go.mod, etc: bump gvisor Fixes #6554 Change-Id: Ia04ae37a47b67fa57091c9bfe1d45a1842589aa8 Signed-off-by: andig <cpuidle@gmx.de>	1 year ago
Brad Fitzpatrick	243490f932	go.mod: bump x/sys for linux/arm64 cpu SIGILL fix Bump to get `2204b6615f` Updates #5793 Change-Id: I6ab78824047cb2c8d042f3f3bf47368ec6da5a34 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago
Jordan Whited	914d115f65	go.mod: bump tailscale/wireguard-go for big-endian fix (#6785 ) Signed-off-by: Jordan Whited <jordan@tailscale.com>	1 year ago
Brad Fitzpatrick	c02ccf6424	go.mod: bump dhcp dep to remove another endian package from our tree To pull in insomniacslk/dhcp#484 to pull in u-root/uio#8 Updates golang/go#57237 Change-Id: I1e56656e0dc9ec0b870f799fe3bc18b3caac1ee4 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 year ago

1 2 3 4 5 ...

355 Commits (249edaa34918f87d75b41eb5bc0b0119c1f12eb9)