tailscale

Commit Graph

Author	SHA1	Message	Date
Sonia Appasamy	53c722924b	tool/{node,yarn}: update node and yarn tools Syncing these up with what we've got in corp. Updates tailscale/corp#13775 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	10 months ago
Maisem Ali	d16946854f	control/controlclient: add Auto.updateRoutine Instead of having updates replace the map polls, create a third goroutine which is solely responsible for making sure that control is aware of the latest client state. This also makes it so that the streaming map polls are only broken when there are auth changes, or the client is paused. Updates tailscale/corp#5761 Signed-off-by: Maisem Ali <maisem@tailscale.com>	10 months ago
Brad Fitzpatrick	7a5263e6d0	util/linuxfw: rename ErrorFWModeNotSupported Go style is for error variables to start with "err" (or "Err") and for error types to end in "Error". Updates #cleanup Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	10 months ago
Will Norris	3d56cafd7d	tsnet: add new example serving the Tailscale web client Updates tailscale/corp#13775 Co-authored-by: Sonia Appasamy <sonia@tailscale.com> Signed-off-by: Will Norris <will@tailscale.com> Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	10 months ago
Will Norris	6ee85ba412	client/web: fix rendering of node owner profile Fixes #8837 Signed-off-by: Will Norris <will@tailscale.com>	10 months ago
Sonia Appasamy	2bc98abbd9	client/web: add web client Server struct Updates tailscale/corp#13775 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	10 months ago
Sonia Appasamy	7815fbe17a	tailscale/cli: add interactive flow for enabling Funnel Updates tailscale/corp#10577 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	10 months ago
Andrew Lytvynov	90081a25ca	control/controlhttp: remove tstest.Clock from tests (#8830 ) These specific tests rely on some timers in the controlhttp code. Without time moving forward and timers triggering, the tests fail. Updates #8587 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	10 months ago
Aaron Klotz	3d2e35c053	util/winutil/authenticode: fix an inaccurate doc comment A #cleanup PR Signed-off-by: Aaron Klotz <aaron@tailscale.com>	10 months ago
Will Norris	f9066ac1f4	client/web: extract web client from cli package move the tailscale web client out of the cmd/tailscale/cli package, into a new client/web package. The remaining cli/web.go file is still responsible for parsing CLI flags and such, and then calls into client/web. This will allow the web client to be hooked into from other contexts (for example, from a tsnet server), and provide a dedicated space to add more functionality to this client. Updates tailscale/corp#13775 Signed-off-by: Will Norris <will@tailscale.com>	10 months ago
Will Norris	69f1324c9e	cmd/tailscale: refactor shared utility methods Refactor two shared functions used by the tailscale cli, calcAdvertiseRoutes and licensesURL. These are used by the web client as well as other tailscale subcommands. The web client is being moved out of the cli package, so move these two functions to new locations. Updates tailscale/corp#13775 Signed-off-by: Will Norris <will@tailscale.com>	10 months ago
Brad Fitzpatrick	b3618c23bf	go.toolchain.rev: merge Go 1.21.0 final (non-rc) Diff: `d149af2823..593313088f` Updates #8419 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	10 months ago
Brad Fitzpatrick	be4eb6a39e	derp, net/dns/recursive: use Go 1.21 min Updates #8419 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	10 months ago
Brad Fitzpatrick	66f27c4beb	all: require Go 1.21 Updates #8419 Change-Id: I809b6a4d59d92a2ab6ec587ccbb9053376bf02c2 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	10 months ago
Maisem Ali	682fd72f7b	util/testenv: add new package to hold InTest Removes duplicated code. Updates #cleanup Signed-off-by: Maisem Ali <maisem@tailscale.com>	10 months ago
Maisem Ali	3e255d76e1	ipn/ipnlocal: fix profile duplication We would only look for duplicate profiles when a new login occurred but when using `--force-reauth` we could switch users which would end up with duplicate profiles. Updates #7726 Signed-off-by: Maisem Ali <maisem@tailscale.com>	10 months ago
Maisem Ali	500b9579d5	ipn/ipnlocal: add test to find issues with profile duplication There are a few situations where we end up with duplicate profiles. Add tests to identify those situations, fix in followup. Updates #7726 Signed-off-by: Maisem Ali <maisem@tailscale.com>	10 months ago
Maisem Ali	734928d3cb	control/controlclient: make Direct own all changes to Persist It was being modified in two places in Direct for the auth routine and then in LocalBackend when a new NetMap was received. This was confusing, so make Direct also own changes to Persist when a new NetMap is received. Updates #7726 Signed-off-by: Maisem Ali <maisem@tailscale.com>	10 months ago
Maisem Ali	6aaf1d48df	types/persist: drop duplicated Persist.LoginName It was duplicated from Persist.UserProfile.LoginName, drop it. Updates #7726 Signed-off-by: Maisem Ali <maisem@tailscale.com>	10 months ago
KevinLiang10	ae63c51ff1	wgengine/router: add auto selection heuristic for iptables/nftables This commit replaces the TS_DEBUG_USE_NETLINK_NFTABLES envknob with a TS_DEBUG_FIREWALL_MODE that should be set to either 'iptables' or 'nftables' to select firewall mode manually, other wise tailscaled will automatically choose between iptables and nftables depending on environment and system availability. updates: #319 Signed-off-by: KevinLiang10 <kevinliang@tailscale.com>	10 months ago
Maisem Ali	17ed2da94d	control/controlclient: use ptr.To Updates #cleanup Signed-off-by: Maisem Ali <maisem@tailscale.com>	10 months ago
Maisem Ali	82454b57dd	ipn/ipnlocal: make tests pass when offline Updates #cleanup Signed-off-by: Maisem Ali <maisem@tailscale.com>	10 months ago
salman aljammaz	25a7204bb4	wgengine,ipn,cmd/tailscale: add size option to ping (#8739 ) This adds the capability to pad disco ping message payloads to reach a specified size. It also plumbs it through to the tailscale ping -size flag. Disco pings used for actual endpoint discovery do not use this yet. Updates #311. Signed-off-by: salman <salman@tailscale.com> Co-authored-by: Val <valerie@tailscale.com>	10 months ago
Sonia Appasamy	49896cbdfa	ipn/ipnlocal: add profile pic header to serve HTTP proxy Fixes #8807 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	10 months ago
Brad Fitzpatrick	c56e94af2d	ipn: avoid useless no-op WriteState calls Rather than make each ipn.StateStore implementation guard against useless writes (a write of the same value that's already in the store), do writes via a new wrapper that has a fast path for the unchanged case. This then fixes profileManager's flood of useless writes to AWS SSM, etc. Updates #8785 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	10 months ago
License Updater	a3f11e7710	licenses: update android licenses Signed-off-by: License Updater <noreply+license-updater@tailscale.com>	10 months ago
Flakes Updater	10acc06389	go.mod.sri: update SRI hash for go.mod changes Signed-off-by: Flakes Updater <noreply+flakes-updater@tailscale.com>	10 months ago
Claire Wang	a17c45fd6e	control: use tstime instead of time (#8595 ) Updates #8587 Signed-off-by: Claire Wang <claire@tailscale.com>	10 months ago
License Updater	a8e32f1a4b	licenses: update tailscale{,d} licenses Signed-off-by: License Updater <noreply+license-updater@tailscale.com>	10 months ago
Andrew Lytvynov	371e1ebf07	cmd/dist,release/dist: expose RPM signing hook (#8789 ) Plumb a signing callback function to `unixpkgs.rpmTarget` to allow signing RPMs. This callback is optional and RPMs will build unsigned if not set, just as before. Updates https://github.com/tailscale/tailscale/issues/1882 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	10 months ago
Andrew Lytvynov	eb6883bb5a	go.mod: upgrade nfpm to v2 (#8786 ) Upgrade the nfpm package to the latest version to pick up `24a43c5ad7`. The upgrade is from v0 to v2, so there was some breakage to fix. Generated packages should have the same contents as before. Updates https://github.com/tailscale/tailscale/issues/1882 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	10 months ago
Aaron Klotz	37925b3e7a	go.mod, cmd/tailscaled, ipn/localapi, util/osdiag, util/winutil, util/winutil/authenticode: add Windows module list to OS-specific logs that are written upon bugreport * We update wingoes to pick up new version information functionality (See pe/version.go in the https://github.com/dblohm7/wingoes repo); * We move the existing LogSupportInfo code (including necessary syscall stubs) out of util/winutil into a new package, util/osdiag, and implement the public LogSupportInfo function may be implemented for other platforms as needed; * We add a new reason argument to LogSupportInfo and wire that into localapi's bugreport implementation; * We add module information to the Windows implementation of LogSupportInfo when reason indicates a bugreport. We enumerate all loaded modules in our process, and for each one we gather debug, authenticode signature, and version information. Fixes #7802 Signed-off-by: Aaron Klotz <aaron@tailscale.com>	10 months ago
Sonia Appasamy	301e59f398	tailcfg,ipn/localapi,client/tailscale: add QueryFeature endpoint Updates tailscale/corp#10577 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	10 months ago
Brad Fitzpatrick	ab7749aed7	go.toolchain.rev: go1.21rc4 (now that VERSION file is updated upstream) Updates #8419 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	10 months ago
Andrew Lytvynov	f57cc19ba2	cmd/tailscale/cli: add latest version output to "tailscale version" (#8700 ) Add optional `--upstream` flag to `tailscale version` to fetch the latest upstream release version from `pkgs.tailscale.com`. This is useful to diagnose `tailscale update` behavior or write other tooling. Example output: $ tailscale version --upstream --json { "majorMinorPatch": "1.47.35", "short": "1.47.35", "long": "1.47.35-t6afffece8", "unstableBranch": true, "gitCommit": "6afffece8a32509aa7a4dc2972415ec58d8316de", "cap": 66, "upstream": "1.45.61" } Fixes #8669 RELNOTE=adds "tailscale version --upstream" Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	10 months ago
License Updater	b4c1f039b6	licenses: update android licenses Signed-off-by: License Updater <noreply+license-updater@tailscale.com>	10 months ago
Brad Fitzpatrick	c3b979a176	go.toolchain.rev: bump to ~go1.21rc4 Updates tailscale/go#69 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	10 months ago
Sonia Appasamy	34bfd7b419	tailcfg: add CapabilityHTTPS const A #cleanup Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	10 months ago
Brad Fitzpatrick	66e46bf501	ipnlocal, net/*: deprecate interfaces.GetState, use netmon more for it Updates #cleanup Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	10 months ago
License Updater	6d65c04987	licenses: update tailscale{,d} licenses Signed-off-by: License Updater <noreply+license-updater@tailscale.com>	10 months ago
Tom DNetto	767e839db5	all: implement lock revoke-keys command The revoke-keys command allows nodes with tailnet lock keys to collaborate to erase the use of a compromised key, and remove trust in it. Signed-off-by: Tom DNetto <tom@tailscale.com> Updates ENG-1848	10 months ago
Aaron Klotz	7adf15f90e	cmd/tailscale/cli, util/winutil/authenticode: flesh out authenticode support Previously, tailscale upgrade was doing the bare minimum for checking authenticode signatures via `WinVerifyTrustEx`. This is fine, but we can do better: * WinVerifyTrustEx verifies that the binary's signature is valid, but it doesn't determine whose signature is valid; tailscale upgrade should also ensure that the binary is actually signed by us. * I added the ability to check the signatures of MSI files. * In future PRs I will be adding diagnostic logging that lists details about every module (ie, DLL) loaded into our process. As part of that metadata, I want to be able to extract information about who signed the binaries. This code is modelled on some C++ I wrote for Firefox back in the day. See https://searchfox.org/mozilla-central/rev/27e4816536c891d85d63695025f2549fd7976392/toolkit/xre/dllservices/mozglue/Authenticode.cpp for reference. Fixes #8284 Signed-off-by: Aaron Klotz <aaron@tailscale.com>	10 months ago
Denton Gentry	ec9213a627	cmd/sniproxy: add client metrics Count number of sessions, number of DNS queries answered successfully and in error, and number of http->https redirects. Updates #1748 Signed-off-by: Denton Gentry <dgentry@tailscale.com>	10 months ago
Andrew Lytvynov	eef15b4ffc	cmd/dist,release/dist: sign release tarballs with an ECDSA key (#8759 ) Pass an optional PEM-encoded ECDSA key to `cmd/dist` to sign all built tarballs. The signature is stored next to the tarball with a `.sig` extension. Tested this with an `openssl`-generated key pair and verified the resulting signature. Updates #8760 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	10 months ago
David Anderson	ed46442cb1	client/tailscale/apitype: document never-nil property of WhoIsResponse Every time I use WhoIsResponse I end up writing mildly irritating nil-checking for both Node and UserProfile, but it turns out our code guarantees that both are non-nil in successful whois responses. Updates #cleanup Signed-off-by: David Anderson <danderson@tailscale.com>	10 months ago
Brad Fitzpatrick	5ebb271322	derp/derphttp: add optional Client.BaseContext hook Like net/http.Server.BaseContext, this lets callers specify a base context for dials. Updates tailscale/corp#12702 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	10 months ago
Maisem Ali	058d427fa6	tailcfg: add helper to unmarshal PeerCap values Updates #4217 Signed-off-by: Maisem Ali <maisem@tailscale.com>	10 months ago
salman aljammaz	68f8e5678e	wgengine/magicsock: remove dead code (#8745 ) The nonce value is not read by anything, and di.sharedKey.Seal() a few lines below generates its own. #cleanup Signed-off-by: salman <salman@tailscale.com>	10 months ago
License Updater	0554deb48c	licenses: update tailscale{,d} licenses Signed-off-by: License Updater <noreply+license-updater@tailscale.com>	10 months ago
David Anderson	6114247d0a	types/logid: add a Compare method Updates #cleanup Signed-off-by: David Anderson <danderson@tailscale.com>	10 months ago

1 2 3 4 5 ...

6001 Commits (53c722924bb2d834d051f1344804764638af02de) All Branches Search

6001 Commits (53c722924bb2d834d051f1344804764638af02de)

All Branches