You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Brad Fitzpatrick
a182b864ac
tsd, all: add Sys.ExtraRootCAs, plumb through TLS dial paths ...
Add ExtraRootCAs *x509.CertPool to tsd.System and plumb it through
the control client, noise transport, DERP, and wgengine layers so
that platforms like Android can inject user-installed CA certificates
into Go's TLS verification.
tlsdial.Config now honors base.RootCAs as additional trusted roots,
tried after system roots and before the baked-in LetsEncrypt fallback.
SetConfigExpectedCert gets the same treatment for domain-fronted DERP.
The Android client will set sys.ExtraRootCAs with a pool built from
x509.SystemCertPool + user-installed certs obtained via the Android
KeyStore API, replacing the current SSL_CERT_DIR environment variable
approach.
Updates #8085
Change-Id: Iecce0fd140cd5aa0331b124e55a7045e24d8e0c2
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
1 week ago
..
blockforever_conn.go
all: remove AUTHORS file and references to it
3 months ago
debughttp.go
all: remove AUTHORS file and references to it
3 months ago
debugknobs.go
wgengine/magicsock: make debugNeverDirectUDP influence remote peer decisions
3 months ago
debugknobs_stubs.go
all: remove AUTHORS file and references to it
3 months ago
derp.go
tsd, all: add Sys.ExtraRootCAs, plumb through TLS dial paths
1 week ago
derp_test.go
all: remove AUTHORS file and references to it
3 months ago
disco_atomic.go
all: remove AUTHORS file and references to it
3 months ago
disco_atomic_test.go
all: remove AUTHORS file and references to it
3 months ago
discopingpurpose_string.go
all: remove AUTHORS file and references to it
3 months ago
endpoint.go
wgengine/magicsock: send out disco keys over TSMP periodically ( #19212 )
2 weeks ago
endpoint_default.go
all: remove AUTHORS file and references to it
3 months ago
endpoint_stub.go
all: remove AUTHORS file and references to it
3 months ago
endpoint_test.go
cmd/vet: add subtestnames analyzer; fix all existing violations
2 weeks ago
endpoint_tracker.go
all: remove AUTHORS file and references to it
3 months ago
endpoint_tracker_test.go
all: remove AUTHORS file and references to it
3 months ago
magicsock.go
tsd, all: add Sys.ExtraRootCAs, plumb through TLS dial paths
1 week ago
magicsock_default.go
all: remove AUTHORS file and references to it
3 months ago
magicsock_linux.go
all: remove AUTHORS file and references to it
3 months ago
magicsock_linux_test.go
cmd/vet: add subtestnames analyzer; fix all existing violations
2 weeks ago
magicsock_notplan9.go
ipn/localapi: stop logging "broken pipe" errors ( #18487 )
3 months ago
magicsock_plan9.go
all: remove AUTHORS file and references to it
3 months ago
magicsock_test.go
cmd/vet: add subtestnames analyzer; fix all existing violations
2 weeks ago
peermap.go
all: remove AUTHORS file and references to it
3 months ago
peermap_test.go
all: remove AUTHORS file and references to it
3 months ago
peermtu.go
all: remove AUTHORS file and references to it
3 months ago
peermtu_darwin.go
all: remove AUTHORS file and references to it
3 months ago
peermtu_linux.go
all: remove AUTHORS file and references to it
3 months ago
peermtu_stubs.go
all: remove AUTHORS file and references to it
3 months ago
peermtu_unix.go
all: remove AUTHORS file and references to it
3 months ago
rebinding_conn.go
net/{batching,udprelay},wgengine/magicsock: add SO_RXQ_OVFL clientmetrics
1 month ago
relaymanager.go
all: remove AUTHORS file and references to it
3 months ago
relaymanager_test.go
cmd/vet: add subtestnames analyzer; fix all existing violations
2 weeks ago
Brad Fitzpatrick