You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
tailscale/tka
Anton Tolchanov 01847e0123 ipn/ipnlocal: discard node keys that have been rotated out
A non-signing node can be allowed to re-sign its new node keys following
key renewal/rotation (e.g. via `tailscale up --force-reauth`). To be
able to do this, node's TLK is written into WrappingPubkey field of the
initial SigDirect signature, signed by a signing node.

The intended use of this field implies that, for each WrappingPubkey, we
typically expect to have at most one active node with a signature
tracing back to that key. Multiple valid signatures referring to the
same WrappingPubkey can occur if a client's state has been cloned, but
it's something we explicitly discourage and don't support:
https://tailscale.com/s/clone

This change propagates rotation details (wrapping public key, a list
of previous node keys that have been rotated out) to netmap processing,
and adds tracking of obsolete node keys that, when found, will get
filtered out.

Updates tailscale/corp#19764

Signed-off-by: Anton Tolchanov <anton@tailscale.com>
6 months ago
..
aum.go all: use new AppendEncode methods available in Go 1.22 (#11079) 10 months ago
aum_test.go all: update copyright and license headers 2 years ago
builder.go all: update copyright and license headers 2 years ago
builder_test.go all: update copyright and license headers 2 years ago
chaintest_test.go all: use Go 1.22 range-over-int 8 months ago
deeplink.go tka: add function for generating signing deeplinks (#8385) 1 year ago
deeplink_test.go tka: add function for generating signing deeplinks (#8385) 1 year ago
key.go tka: guard against key-length panics when verifying signatures 1 year ago
key_test.go all: update copyright and license headers 2 years ago
scenario_test.go all: cleanup unused code, part 1 (#10661) 11 months ago
sig.go ipn/ipnlocal: discard node keys that have been rotated out 6 months ago
sig_test.go ipn/ipnlocal: discard node keys that have been rotated out 6 months ago
state.go tka: clarify field comment 1 year ago
state_test.go various: add golangci-lint, fix issues (#7905) 2 years ago
sync.go all: use Go 1.22 range-over-int 8 months ago
sync_test.go all: update copyright and license headers 2 years ago
tailchonk.go all: use Go 1.22 range-over-int 8 months ago
tailchonk_test.go tka: fix go vet complaint on copy of lock value in tailchonk_test.go (#8208) 2 years ago
tka.go ipn/ipnlocal: discard node keys that have been rotated out 6 months ago
tka_test.go all: implement lock revoke-keys command 1 year ago