You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
tailscale/ipn
Aaron Klotz d7962e3bcf ipn/ipnserver, util/winutil: update workaround for os/user.LookupId failures on Windows to reject SIDs from deleted/invalid security principals.
Our current workaround made the user check too lax, thus allowing deleted
users. This patch adds a helper function to winutil that checks that the
uid's SID represents a valid Windows security principal.

Now if `lookupUserFromID` determines that the SID is invalid, we simply
propagate the error.

Updates https://github.com/tailscale/tailscale/issues/869

Signed-off-by: Aaron Klotz <aaron@tailscale.com>
3 years ago
..
ipnlocal ipn/ipnlocal, wgengine/netstack: use netstack for peerapi server 3 years ago
ipnserver ipn/ipnserver, util/winutil: update workaround for os/user.LookupId failures on Windows to reject SIDs from deleted/invalid security principals. 3 years ago
ipnstate ipn/ipnstate: add TailnetName to status 3 years ago
localapi ipn/ipnserver: add TS_PERMIT_CERT_UID envknob to give webservers cert access 3 years ago
policy ipn/policy: treat DNS service as interesting so it's not filtered out 3 years ago
store/aws ipn/store/aws: support using sub-paths in parameters 3 years ago
backend.go ipn: use key.NodePublic instead of tailcfg.NodeKey 3 years ago
doc.go
fake_test.go
handle.go
message.go
message_test.go
prefs.go wgengine/netstack: add an SSH server experiment 3 years ago
prefs_clone.go wgengine/netstack: add an SSH server experiment 3 years ago
prefs_test.go wgengine/netstack: add an SSH server experiment 3 years ago
store.go ipn: remove mention of wgkey in comment. 3 years ago
store_test.go