You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Brad Fitzpatrick
a182b864ac
tsd, all: add Sys.ExtraRootCAs, plumb through TLS dial paths ...
Add ExtraRootCAs *x509.CertPool to tsd.System and plumb it through
the control client, noise transport, DERP, and wgengine layers so
that platforms like Android can inject user-installed CA certificates
into Go's TLS verification.
tlsdial.Config now honors base.RootCAs as additional trusted roots,
tried after system roots and before the baked-in LetsEncrypt fallback.
SetConfigExpectedCert gets the same treatment for domain-fronted DERP.
The Android client will set sys.ExtraRootCAs with a pool built from
x509.SystemCertPool + user-installed certs obtained via the Android
KeyStore API, replacing the current SSL_CERT_DIR environment variable
approach.
Updates #8085
Change-Id: Iecce0fd140cd5aa0331b124e55a7045e24d8e0c2
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
1 month ago
..
auditlog
all: use Go 1.26 things, run most gofix modernizers
2 months ago
conffile
all: remove AUTHORS file and references to it
3 months ago
desktop
ipn/desktop: use runtime.Pinner to force heap-allocation of msg
1 month ago
ipnauth
all: remove AUTHORS file and references to it
3 months ago
ipnext
feature/conn25,ipn/ipnext,ipn/ipnlocal: add ExtraRouterConfigRoutes hook
1 month ago
ipnlocal
tsd, all: add Sys.ExtraRootCAs, plumb through TLS dial paths
1 month ago
ipnserver
ipn/ipnserver: use peercreds for actor.Username on freebsd (for Taildrive)
1 month ago
ipnstate
types/ptr: deprecate ptr.To, use Go 1.26 new
2 months ago
lapitest
types/ptr: deprecate ptr.To, use Go 1.26 new
2 months ago
localapi
ipn/localapi, cli, clientmetric: add ipnbus feature tag; fix omit.go stub
1 month ago
policy
all: remove AUTHORS file and references to it
3 months ago
store
all: use Go 1.26 things, run most gofix modernizers
2 months ago
backend.go
ipn,ipn/local: broadcast ClientVersion if AutoUpdate.Check ( #19107 )
1 month ago
backend_test.go
all: remove AUTHORS file and references to it
3 months ago
conf.go
ipn: fix the typo causing NoSNAT always set to true ( #19110 )
1 month ago
conf_test.go
ipn: reject advertised routes with non-address bits set ( #18649 )
2 months ago
doc.go
all: remove AUTHORS file and references to it
3 months ago
ipn_clone.go
tailcfg: reintroduce UserProfile.Groups
2 months ago
ipn_test.go
all: remove AUTHORS file and references to it
3 months ago
ipn_view.go
tailcfg: reintroduce UserProfile.Groups
2 months ago
prefs.go
ipn, cmd/tailscale/cli: allow setting FQDN sans dot as an exit node
1 month ago
prefs_test.go
cmd/vet: add subtestnames analyzer; fix all existing violations
1 month ago
serve.go
all: use Go 1.26 things, run most gofix modernizers
2 months ago
serve_expand_test.go
all: remove AUTHORS file and references to it
3 months ago
serve_test.go
cmd/vet: add subtestnames analyzer; fix all existing violations
1 month ago
store.go
all: remove AUTHORS file and references to it
3 months ago
store_test.go
all: remove AUTHORS file and references to it
3 months ago
Brad Fitzpatrick
a182b864ac