tailscale

webnet/tailscale

Fork 0

Commit Graph

Select branches

Hide Pull Requests

main

rebase/2026-05-18

webnet

#1

#2

#3

#4

#5

#6

#7

c76a6e5167 derp: track client-advertised non-ideal DERP connections in more places Brad Fitzpatrick 2024-10-20 13:22:31 -07:00
fd77965f23 net/tlsdial: call out firewalls blocking Tailscale in health warnings (#13840) Andrea Gottardo 2024-10-18 17:35:46 -07:00
e711ee5d22 release/dist: clamp min / max version for synology package centre (#13857) Mario Minardi 2024-10-18 14:20:40 -06:00
877fa504b4 net/netcheck: remove arbitrary deadlines from GetReport() tests (#13832) Jordan Whited 2024-10-18 13:12:07 -07:00
874db2173b ipn/{ipnauth,ipnlocal,ipnserver}: send the auth URL to the user who started interactive login Nick Khyl 2024-10-13 11:36:46 -05:00
bb60da2764 derp: add sclient write deadline timeout metric (#13831) Jordan Whited 2024-10-18 10:53:49 -07:00
18fc093c0d derp: give trusted mesh peers longer write timeouts Brad Fitzpatrick 2024-10-18 07:47:05 -07:00
c0a9895748 scripts/installer.sh: support DNF5 Andrew Dunham 2024-10-17 14:12:31 -04:00
fa95318a47 tool/gocross: add support for tvOS Simulator (#13847) Andrea Gottardo 2024-10-17 15:37:10 -07:00
22c89fcb19 cmd/tailscale,ipn,tailcfg: add tailscale advertise subcommand behind envknob (#13734) Naman Sood 2024-10-16 19:08:06 -04:00
d32d742af0 ipn/ipnlocal: error when trying to use exit node on unsupported platform (#13726) Mario Minardi 2024-10-16 14:09:53 -06:00
6a885dbc36 wgengine/magicsock: fix CI-only test warning of missing health tracker Brad Fitzpatrick 2024-10-16 09:33:21 -07:00
74dd24ce71 cmd/tsconnect, logpolicy: fixes for wasm_js.go Christian 2024-10-14 15:52:03 -07:00
ff5f233c3a util/syspolicy: add rsop package that provides access to the resultant policy Nick Khyl 2024-10-07 21:18:45 -05:00
2aa9125ac4 cmd/derpprobe: add /healthz endpoint Andrew Dunham 2024-10-15 16:18:04 -04:00
5f22f72636 hostinfo,build_docker.sh,tailcfg: more reliably detect being in a container (#13826) Tom Proctor 2024-10-15 19:38:11 +01:00
a8f9c0d6e4 licenses: update license notices License Updater 2024-10-14 15:03:08 +00:00
e0d711c478 {net/connstats,wgengine/magicsock}: fix packet counting in connstats Kristoffer Dalby 2024-09-23 17:07:38 +02:00
40c991f6b8 wgengine: instrument with usermetrics Kristoffer Dalby 2024-09-25 17:20:56 +02:00
adc8368964 tstest: avoid Fatal in ResourceCheck to show panic (#13790) Paul Scott 2024-10-14 10:02:04 +01:00
12e6094d9c ssh/tailssh: calculate passthrough environment at latest possible stage Percy Wegmann 2024-10-11 14:59:47 -05:00
ecc8035f73 types/bools: add Compare to compare boolean values (#13792) Joe Tsai 2024-10-11 13:12:18 -07:00
f07ff47922 net/dns/resolver: add tests for using a forwarder with multiple upstream resolvers Nick Khyl 2024-10-07 17:08:22 -05:00
c2144c44a3 net/dns/resolver: update (*forwarder).forwardWithDestChan to always return an error unless it sends a response to responseChan Nick Hill 2024-10-04 15:11:46 -05:00
e7545f2eac net/dns/resolver: translate 5xx DoH server errors into SERVFAIL DNS responses Nick Hill 2024-10-04 12:34:41 -05:00
17335d2104 net/dns/resolver: forward SERVFAIL responses over PeerDNS Nick Hill 2024-10-04 12:23:34 -05:00
f9949cde8b client/tailscale,cmd/{cli,get-authkey,k8s-operator}: set distinct User-Agents Percy Wegmann 2024-10-11 08:06:53 -05:00
33029d4486 net/netcheck: fix netcheck cli-triggered nil pointer deref (#13782) Jordan Whited 2024-10-10 15:52:47 -07:00
acb4a22dcc VERSION.txt: this is v1.77.0 (#13779) Jonathan Nobels 2024-10-10 14:34:14 -04:00
508980603b ipn/conffile: don't depend on hujson on iOS/Android Brad Fitzpatrick 2024-10-10 07:57:09 -07:00
91f58c5e63 tsnet: fix panic caused by logging after test finishes Andrew Dunham 2024-10-09 18:14:50 -04:00
1938685d39 clientupdate: don't link distsign on platforms that don't download Brad Fitzpatrick 2024-10-09 20:34:11 -07:00
db1519cc9f k8s-operator/apis: revert ProxyGroup readiness cond name change (#13770) Irbe Krumina 2024-10-10 13:00:32 +01:00
2531065d10 clientupdate, ipn/localapi: don't use google/uuid, thin iOS deps Brad Fitzpatrick 2024-10-09 18:06:56 -07:00
fb420be176 safesocket: don't depend on go-ps on iOS Brad Fitzpatrick 2024-10-09 17:55:42 -07:00
367fba8520 control/controlhttp: don't link ts2021 server + websocket code on iOS Brad Fitzpatrick 2024-10-09 18:16:42 -07:00
52ef27ab7c taildrop: fix defer in loop (#13757) Joe Tsai 2024-10-09 14:09:58 -07:00
5b7303817e syncs: allocate map with Map.WithLock (#13755) Joe Tsai 2024-10-09 14:03:37 -07:00
c763b7a7db syncs: delete Map.Range, update callers to iterators Brad Fitzpatrick 2024-10-09 13:48:18 -07:00
2cadb80fb2 util/vizerror: add WrapWithMessage Percy Wegmann 2024-10-09 12:05:33 -05:00
910b4e8e6a syncs: add iterators to Map (#13739) Joe Tsai 2024-10-09 10:28:12 -07:00
89ee6bbdae cmd/k8s-operator,k8s-operator/apis: set a readiness condition on egress Services for ProxyGroup (#13746) Irbe Krumina 2024-10-09 18:23:40 +01:00
94c79659fa types/views: add iterators to the three Map view types Brad Fitzpatrick 2024-10-09 08:02:45 -07:00
f6d4d03355 cmd/k8s-operator: don't error out if ProxyClass for ProxyGroup not found. (#13736) Irbe Krumina 2024-10-09 13:23:00 +01:00
60011e73b8 cmd/k8s-operator: fix Pod IP selection (#13743) Irbe Krumina 2024-10-09 13:22:50 +01:00
da40609abd util/syspolicy, ipn: add "tailscale debug component-logs" support Nick Khyl 2024-10-08 13:59:50 -05:00
29cf59a9b4 util/syspolicy/setting: update Snapshot to use Go 1.23 iterators Nick Khyl 2024-10-08 12:32:28 -05:00
07c157ee9f cmd/k8s-operator: base ProxyGroup StatefulSet on common proxy.yaml definition (#13714) Tom Proctor 2024-10-08 20:05:08 +01:00
83efadee9f kube/egressservices: improve egress ports config readability (#13722) Tom Proctor 2024-10-08 19:48:18 +01:00
841eaacb07 net/sockstats: quiet some log spam in release builds Brad Fitzpatrick 2024-10-08 10:34:08 -07:00
861dc3631c cmd/{k8s-operator,containerboot},kube/egressservices: fix Pod IP check for dual stack clusters (#13721) Irbe Krumina 2024-10-08 18:35:23 +01:00
8ee7f82bf4 net/netcheck: don't panic if a region has no Nodes Andrew Dunham 2024-10-08 12:27:00 -04:00
36cb2e4e5f cmd/k8s-operator,k8s-operator: use default ProxyClass if set for ProxyGroup (#13720) Tom Proctor 2024-10-08 17:34:34 +01:00
cba2e76568 cmd/containerboot: simplify k8s setup logic (#13627) Tom Proctor 2024-10-08 17:13:00 +01:00
866714a894 .github: Bump github/codeql-action from 3.26.9 to 3.26.11 (#13710) dependabot[bot] 2024-10-07 22:15:40 -06:00
266c14d6ca .github: Bump actions/cache from 4.0.2 to 4.1.0 (#13711) dependabot[bot] 2024-10-07 20:48:06 -06:00
9a73462ea4 types/lazy: add DeferredInit type Nick Hill 2024-10-06 10:41:11 -05:00
f3de4e96a8 derp: fix omitted word in comment Brad Fitzpatrick 2024-10-07 12:12:49 -07:00
7f016baa87 cmd/k8s-operator,k8s-operator: create ConfigMap for egress services + small fixes for egress services (#13715) Irbe Krumina 2024-10-07 20:12:56 +01:00
38f236c725 derp: add server metric for batch write sizes Brad Fitzpatrick 2024-10-04 18:05:23 -07:00
c588c36233 types/key: use tlpub: in error message (#13707) Erisa A 2024-10-07 17:28:45 +01:00
cb10eddc26 tool/gocross: fix argument order to find Brad Fitzpatrick 2024-10-07 08:01:42 -07:00
e48cddfbb3 cmd/{containerboot,k8s-operator},k8s-operator,kube: add ProxyGroup controller (#13684) Tom Proctor 2024-10-07 14:58:45 +01:00
1005cbc1e4 tailscaleroot: panic if tailscale_go build tag but Go toolchain mismatch Brad Fitzpatrick 2024-10-06 12:12:44 -07:00
c48cc08de2 wgengine: stop conntrack log spam about Canonical net probes Brad Fitzpatrick 2024-10-04 18:20:06 -07:00
12f1bc7c77 envknob: support disk-based envknobs on the macsys build Andrew Dunham 2024-10-04 16:52:11 -04:00
4ad3f01225 safeweb: allow passing http.Server in safeweb.Config (#13688) Patrick O'Doherty 2024-10-04 19:57:00 +01:00
8fdffb8da0 hostinfo: update SetPackage doc with new Android values (#13537) kari-ts 2024-10-04 09:35:19 -07:00
f30d85310c cmd/tailscale/cli: don't print disablement secrets if init fails (#13673) Erisa A 2024-10-04 16:01:48 +01:00
e8bb5d1be5 cmd/{k8s-operator,containerboot},k8s-operator,kube: reconcile ExternalName Services for ProxyGroup (#13635) Irbe Krumina 2024-10-04 13:11:35 +01:00
9bd158cc09 cmd/containerboot,util/linuxfw: create a SNAT rule for dst/src only once, clean up if needed (#13658) Irbe Krumina 2024-10-03 20:15:00 +01:00
a3c6a3a34f safeweb: add StrictTransportSecurityOptions config (#13679) Patrick O'Doherty 2024-10-03 19:38:29 +01:00
dc60c8d786 ssh/tailssh: pass window size pixels in IoctlSetWinsize events Brad Fitzpatrick 2024-10-03 09:05:29 -07:00
58c6bc2991 logpolicy: force TLS 1.3 handshake Andrea Gottardo 2024-10-02 11:20:49 -07:00
5f88b65764 wgengine/netstack: check userspace ping success on Windows Brad Fitzpatrick 2024-10-02 10:01:46 -07:00
1f8eea53a8 control/controlclient: include HTTP status string in error message too Brad Fitzpatrick 2024-10-03 08:30:27 -07:00
6f694da912 wgengine/magicsock: avoid log spam from ReceiveFunc on shutdown Brad Fitzpatrick 2024-10-02 18:10:20 -07:00
09ec2f39b5 tailcfg: add func to check for known valid ServiceProtos (#13668) Naman Sood 2024-10-02 22:54:02 -04:00
383120c534 ipn/ipnlocal: don't run portlist code unless service collection is on Brad Fitzpatrick 2024-10-02 16:55:01 -07:00
d837e0252f wf/firewall: allow link-local multicast for permitted local routes when the killswitch is on on Windows Nick Khyl 2024-10-02 17:34:21 -05:00
b8af93310a tstest: add the start of a testing wishlist Brad Fitzpatrick 2024-10-02 16:01:45 -07:00
6de6ab015f net/dns: tweak DoH timeout, limit MaxConnsPerHost, require TLS 1.3 (#13564) Andrea Gottardo 2024-10-02 09:26:11 -07:00
a01b545441 control/control{client,http}: don't noise dial localhost:443 in http-only tests Brad Fitzpatrick 2024-10-01 20:08:55 -07:00
6b03e18975 control/controlhttp: rename a param from addr to optAddr for clarity Brad Fitzpatrick 2024-10-01 20:07:58 -07:00
f49d218cfe net/dnscache: don't fall back to an IPv6 dial if we don't have IPv6 Brad Fitzpatrick 2024-10-01 20:03:32 -07:00
30f0fa95d9 control/controlclient: bound ReportHealthChange context lifetime to Direct client's Brad Fitzpatrick 2024-10-02 08:16:43 -07:00
ed1ac799c8 net/captivedetection: set Timeout on net.Dialer (#13613) Andrea Gottardo 2024-10-02 08:29:46 -07:00
e66fe1f2e8 docs/windows/policy: add ADMX policy setting to configure the AuthKey Nick Khyl 2024-10-01 16:00:06 -05:00
992ee6dd0b .github: Bump github/codeql-action from 3.26.8 to 3.26.9 (#13625) dependabot[bot] 2024-10-01 23:27:30 -06:00
262c526c4e net/portmapper: don't treat 0.0.0.0 as a valid IP Brad Fitzpatrick 2024-10-01 11:51:24 -07:00
16ef88754d net/portmapper: don't return unspecified/local external IPs Andrew Dunham 2024-10-01 12:17:59 -04:00
1eaad7d3de control/controlhttp: fix connectivity on Alaska Air wifi Brad Fitzpatrick 2024-09-26 10:24:08 -07:00
fd32f0ddf4 control/controlhttp: factor out some code in prep for future change Brad Fitzpatrick 2024-10-01 09:13:57 -07:00
d3f302d8e2 cmd/tailscale/cli: make 'tailscale debug ts2021' try twice Brad Fitzpatrick 2024-10-01 09:12:39 -07:00
8f44ba1cd6 ssh: Add logic to set accepted environment variables in SSH session (#13559) Mario Minardi 2024-09-30 21:47:45 -06:00
dd6b808acf .github: Bump peter-evans/create-pull-request from 7.0.1 to 7.0.5 (#13626) dependabot[bot] 2024-09-30 21:12:44 -06:00
a70287d324 logpolicy: don't create a filch buffer if logging is disabled Anton Tolchanov 2024-09-28 13:31:00 +02:00
fb0f8fc0ae cmd/tsidp: add --dir flag Maisem Ali 2024-09-26 06:18:15 -07:00
096b090caf cmd/containerboot,kube,util/linuxfw: configure kube egress proxies to route to 1+ tailnet targets (#13531) Irbe Krumina 2024-09-29 16:30:53 +01:00
c62b0732d2 cmd/k8s-operator: remove auth key once proxy has logged in (#13612) Irbe Krumina 2024-09-27 17:47:27 +01:00