You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Nick Khyl
00fe8845b1
ipn/{ipnauth,ipnlocal,ipnserver}: move the AlwaysOn policy check from ipnserver to ipnauth ...
In this PR, we move the code that checks the AlwaysOn policy from ipnserver.actor to ipnauth.
It is intended to be used by ipnauth.Actor implementations, and we temporarily make it exported
while these implementations reside in ipnserver and in corp. We'll unexport it later.
We also update [ipnauth.Actor.CheckProfileAccess] to accept an auditLogger, which is called
to write details about the action to the audit log when required by the policy, and update
LocalBackend.EditPrefsAs to use an auditLogger that writes to the regular backend log.
Updates tailscale/corp#26146
Signed-off-by: Nick Khyl <nickk@tailscale.com>
1 year ago
..
conffile
ipn/conffile: don't depend on hujson on iOS/Android
2 years ago
ipnauth
ipn/{ipnauth,ipnlocal,ipnserver}: move the AlwaysOn policy check from ipnserver to ipnauth
1 year ago
ipnlocal
ipn/{ipnauth,ipnlocal,ipnserver}: move the AlwaysOn policy check from ipnserver to ipnauth
1 year ago
ipnserver
ipn/{ipnauth,ipnlocal,ipnserver}: move the AlwaysOn policy check from ipnserver to ipnauth
1 year ago
ipnstate
all: illumos/solaris userspace only support
1 year ago
localapi
derp/derphttp,ipn/localapi,net/captivedetection: add cache resistance to captive portal detection
1 year ago
policy
ipn,tailconfig: clean up unreleased and removed app connector service
2 years ago
store
kube/{kubeapi,kubeclient},ipn/store/kubestore,cmd/{containerboot,k8s-operator}: emit kube store Events ( #14112 )
1 year ago
backend.go
ipn: declare NotifyWatchOpt consts without using iota
1 year ago
conf.go
ipn/conf.go: add VIPServices to tailscaled configfile ( #14345 )
1 year ago
doc.go
ipn: generate LoginProfileView and use it instead of *LoginProfile where appropriate
1 year ago
ipn_clone.go
ipn: generate LoginProfileView and use it instead of *LoginProfile where appropriate
1 year ago
ipn_test.go
all: do not depend on the testing package
2 years ago
ipn_view.go
ipn: generate LoginProfileView and use it instead of *LoginProfile where appropriate
1 year ago
prefs.go
cmd/tailscale,ipn,tailcfg: add `tailscale advertise` subcommand behind envknob ( #13734 )
2 years ago
prefs_test.go
types/persist: remove Persist.LegacyFrontendPrivateMachineKey
1 year ago
serve.go
tailcfg: add ServiceName
1 year ago
serve_test.go
ipn: [serve] warn that foreground funnel won't work if shields are up ( #14685 )
1 year ago
store.go
ipn: add comment about thread-safety to StateStore
2 years ago
store_test.go
ipn: avoid useless no-op WriteState calls
3 years ago
Nick Khyl
00fe8845b1