tailscale

Commit Graph

Author	SHA1	Message	Date
Will Norris	71029cea2d	all: update copyright and license headers This updates all source files to use a new standard header for copyright and license declaration. Notably, copyright no longer includes a date, and we now use the standard SPDX-License-Identifier header. This commit was done almost entirely mechanically with perl, and then some minimal manual fixes. Updates #6865 Signed-off-by: Will Norris <will@tailscale.com>	1 year ago
Aaron Klotz	3c452b9880	util/winutil: fix erroneous condition in implementation of getRegIntegerInternal We only want to log when err != registry.ErrNotExist. The condition was backward. Signed-off-by: Aaron Klotz <aaron@tailscale.com>	2 years ago
Aaron Klotz	6e33d2da2b	ipn/ipnauth, util/winutil: add temporary LookupPseudoUser workaround to address os/user.LookupId errors on Windows I added util/winutil/LookupPseudoUser, which essentially consists of the bits that I am in the process of adding to Go's standard library. We check the provided SID for "S-1-5-x" where 17 <= x <= 20 (which are the known pseudo-users) and then manually populate a os/user.User struct with the correct information. Fixes https://github.com/tailscale/tailscale/issues/869 Fixes https://github.com/tailscale/tailscale/issues/2894 Signed-off-by: Aaron Klotz <aaron@tailscale.com>	2 years ago
Adrian Dewhurst	c3a5489e72	util/winutil: remove log spam for missing registry keys It's normal for HKLM\SOFTWARE\Policies\Tailscale to not exist but that currently produces a lot of log spam. Signed-off-by: Adrian Dewhurst <adrian@tailscale.com>	2 years ago
Maisem Ali	545639ee44	util/winutil: consolidate interface specific registry keys Code movement to allow reuse in a follow up PR. Updates #1659 Signed-off-by: Maisem Ali <maisem@tailscale.com>	2 years ago
Aaron Klotz	b005b79236	net/dns, paths, util/winutil: change net/dns/windowsManager NRPT management to support more than 50 domains. AFAICT this isn't documented on MSDN, but based on the issue referenced below, NRPT rules are not working when a rule specifies > 50 domains. This patch modifies our NRPT rule generator to split the list of domains into chunks as necessary, and write a separate rule for each chunk. For compatibility reasons, we continue to use the hard-coded rule ID, but as additional rules are required, we generate new GUIDs. Those GUIDs are stored under the Tailscale registry path so that we know which rules are ours. I made some changes to winutils to add additional helper functions in support of both the code and its test: I added additional registry accessors, and also moved some token accessors from paths to util/winutil. Fixes https://github.com/tailscale/coral/issues/63 Signed-off-by: Aaron Klotz <aaron@tailscale.com>	2 years ago
Aaron Klotz	82cd98609f	util/winutil: migrate corp's winutil into OSS. It makes the most sense to have all our utility functions reside in one place. There was nothing in corp that could not reasonably live in OSS. I also updated `StartProcessAsChild` to no longer depend on `futureexec`, thus reducing the amount of code that needed migration. I tested this change with `tswin` and it is working correctly. I have a follow-up PR to remove the corresponding code from corp. The migrated code was mostly written by @alexbrainman. Sourced from corp revision 03e90cfcc4dd7b8bc9b25eb13a26ec3a24ae0ef9 Signed-off-by: Aaron Klotz <aaron@tailscale.com>	2 years ago
Aaron Klotz	3a74f2d2d7	cmd/tailscaled, util/winutil: add accessor functions for Windows system policies. This patch adds new functions to be used when accessing system policies, and revises callers to use the new functions. They first attempt the new registry path for policies, and if that fails, attempt to fall back to the legacy path. We keep non-policy variants of these functions because we should be able to retain the ability to read settings from locations that are not exposed to sysadmins for group policy edits. The remaining changes will be done in corp. Updates https://github.com/tailscale/tailscale/issues/3584 Signed-off-by: Aaron Klotz <aaron@tailscale.com>	2 years ago
Aaron Klotz	d7962e3bcf	ipn/ipnserver, util/winutil: update workaround for os/user.LookupId failures on Windows to reject SIDs from deleted/invalid security principals. Our current workaround made the user check too lax, thus allowing deleted users. This patch adds a helper function to winutil that checks that the uid's SID represents a valid Windows security principal. Now if `lookupUserFromID` determines that the SID is invalid, we simply propagate the error. Updates https://github.com/tailscale/tailscale/issues/869 Signed-off-by: Aaron Klotz <aaron@tailscale.com>	2 years ago

9 Commits (da75e49223910080d2aaa0a0b0716d4b79a5045a)