tailscale

History

Codinget fde5f11895 feat(tsconnect): expose dialTLS to JS Add ipn.dialTLS(addr, opts?) which dials a TCP connection through the Tailscale dialer and performs a TLS handshake on top, returning a JS Conn just like ipn.dial. WASM has no system root pool, so verification defaults to the baked-in LetsEncrypt ISRG roots already linked via net/bakedroots. That covers any tailnet HTTPS endpoint provisioned via `tailscale cert`. Callers can override with opts.caCerts (PEM) or bypass entirely with opts.insecureSkipVerify, and override SNI with opts.serverName. Marginal binary cost is ~10 KiB on top of the existing ~31.6 MiB wasm: crypto/tls and the x509 verification path are already pulled in by control/controlclient and net/tlsdial.	2 weeks ago
..
wasm_js.go	feat(tsconnect): expose dialTLS to JS	2 weeks ago

Codinget fde5f11895 feat(tsconnect): expose dialTLS to JS

Add ipn.dialTLS(addr, opts?) which dials a TCP connection through
the Tailscale dialer and performs a TLS handshake on top, returning
a JS Conn just like ipn.dial.

WASM has no system root pool, so verification defaults to the
baked-in LetsEncrypt ISRG roots already linked via net/bakedroots.
That covers any tailnet HTTPS endpoint provisioned via
`tailscale cert`. Callers can override with opts.caCerts (PEM) or
bypass entirely with opts.insecureSkipVerify, and override SNI with
opts.serverName.

Marginal binary cost is ~10 KiB on top of the existing ~31.6 MiB
wasm: crypto/tls and the x509 verification path are already pulled
in by control/controlclient and net/tlsdial.

2 weeks ago

wasm_js.go

feat(tsconnect): expose dialTLS to JS

2 weeks ago