You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Tom DNetto
3496d62ed3
ipn/ipnlocal: add empty address to the app-connector localNets set ...
App connectors handle DNS requests for app domains over PeerAPI,
but a safety check verifies the requesting peer has at least permission
to send traffic to 0.0.0.0:53 (or 2000:: for IPv6) before handling the DNS
request. The correct filter rules are synthesized by the coordination server
and sent down, but the address needs to be part of the 'local net' for the
filter package to even bother checking the filter rules, so we set them here.
See: https://github.com/tailscale/corp/issues/11961 for more information.
Signed-off-by: Tom DNetto <tom@tailscale.com>
Updates: ENG-2405
2 years ago
..
testdata
ipn/ipnlocal: fix the path for writing cert files ( #7203 )
3 years ago
breaktcp_darwin.go
cmd/tailscale: add debug commands to break connections
3 years ago
breaktcp_linux.go
cmd/tailscale: add debug commands to break connections
3 years ago
c2n.go
tailcfg,ipn,appc: add c2n endpoint for appc domain routes
3 years ago
c2n_pprof.go
tailcfg: move LogHeapPprof from Debug to c2n [capver 69]
3 years ago
cert.go
ipn/ipnlocal: do unexpired cert renewals in the background
3 years ago
cert_js.go
ipn/ipnlocal: do unexpired cert renewals in the background
3 years ago
cert_test.go
all: use Go 1.21 slices, maps instead of x/exp/{slices,maps}
3 years ago
dnsconfig_test.go
types/netmap: remove NetworkMap.{Addresses,MachineStatus}
3 years ago
expiry.go
types/netmap, all: make NetworkMap.SelfNode a tailcfg.NodeView
3 years ago
expiry_test.go
types/netmap, all: make NetworkMap.SelfNode a tailcfg.NodeView
3 years ago
local.go
ipn/ipnlocal: add empty address to the app-connector localNets set
2 years ago
local_test.go
appc,cmd/sniproxy,ipn/ipnlocal: split sniproxy configuration code out of appc
3 years ago
loglines_test.go
tsd: add package with System type to unify subsystem init, discovery
3 years ago
network-lock.go
ipn/ipnlocal: add tailnet MagicDNS name to ipn.LoginProfile
3 years ago
network-lock_test.go
ipn/ipnlocal: add tailnet MagicDNS name to ipn.LoginProfile
3 years ago
peerapi.go
ipn/ipnlocal: add empty address to the app-connector localNets set
2 years ago
peerapi_h2c.go
all: update copyright and license headers
3 years ago
peerapi_macios_ext.go
all: update copyright and license headers
3 years ago
peerapi_test.go
appc,cmd/sniproxy,ipn/ipnlocal: split sniproxy configuration code out of appc
3 years ago
profiles.go
Revert "ipn/ipnlocal: add new DNS and subnet router policies" ( #9962 )
3 years ago
profiles_notwindows.go
ipn/ipnlocal: fix profile duplication
3 years ago
profiles_test.go
ipn/ipnlocal: add tailnet MagicDNS name to ipn.LoginProfile
3 years ago
profiles_windows.go
Revert "ipn/ipnlocal: add new DNS and subnet router policies" ( #9962 )
3 years ago
serve.go
ipn/ipnlocal: prevent changing serve config if conf.Locked
3 years ago
serve_test.go
ipn/ipnlocal: close connections for removed proxy transports ( #9884 )
3 years ago
ssh.go
all: use Go 1.21 slices, maps instead of x/exp/{slices,maps}
3 years ago
ssh_stub.go
all: update copyright and license headers
3 years ago
ssh_test.go
ipn/ipnlocal: drop not required StateKey parameter
3 years ago
state_test.go
ipn/ipnlocal: add tailnet MagicDNS name to ipn.LoginProfile
3 years ago
web_client.go
client/web: add some security checks for full client
3 years ago
web_client_stub.go
client/web: add some security checks for full client
3 years ago
Tom DNetto
3496d62ed3