Skip to content

v1.36.0-sunos

Choose a tag to compare

View all tags
@github-actions github-actions released this 26 Jan 01:41
· 4606 commits to sunos-1.90 since this release
v1.36.0-sunos
57ce85a

Features

Commits

  • c933b88: VERSION.txt: this is v1.35.0 (Denton Gentry) #6624
  • 9c773af: ipn/ipnlocal: fix use of stale profile while processing netmap (Tom DNetto) #6616
  • 3f16dec: api.md: change "admin panel" to "admin console" (Julia Stein) #6625
  • cb525a1: cmd/tailscaled: fix typo in netstack variable name (Mihai Parparita) #6626
  • 79f3a5d: net/netns, net/interfaces: explicitly bind sockets to the default interface on all Darwin variants (Mihai Parparita) #6566
  • update android licenses #6628 (License Updater)
  • 1598cd0: net/tsaddr: remove ContainsFunc helpers (they're now in x/exp/slices) (Brad Fitzpatrick) #6630
  • update win/apple licenses #6633 (License Updater)
  • 5ff946a: cmd/containerboot: fix TS_STATE_DIR environment variable (Anton Tolchanov) #6636
  • update win/apple licenses #6640 (License Updater)
  • a469ec8: cmd/containerboot: fix some lint. (David Anderson) #6632
  • e04aaa7: cmd/containerboot: split tailscaled bringup and auth phases. (David Anderson) #6632
  • e79a1eb: cmd/containerboot: refactor tests to have more explicit phases. (David Anderson) #6632
  • e36c27b: cmd/containerboot: check that k8s secret permissions are correct. (David Anderson) #6646
  • a887ca7: ipn/ipnlocal: improve redactErr to handle more cases (Andrew Dunham) #6642
  • 367228e: cmd/containerboot: gracefully degrade if missing patch permissions in k8s. (David Anderson) #6649
  • 98f2135: cmd/tailscaled: add a special command to tailscaled's Windows service for removing WinTun (Aaron Klotz) #6645
  • 55e0512: ipn/ipnlocal,cmd/tailscale: minor improvements to lock modify command (Tom DNetto) #6617
  • 1b65630: cmd/containerboot: switch to IPN bus monitoring instead of polling. (David Anderson) #6658
  • 98114bf: cmd/tailscale/cli, ipn/localapi: add funnel status to status command (tailscale#6402) (shayne) #6402
  • update win/apple licenses #6659 (License Updater)
  • 2d271f3: ipn/ipnlocal: disallow exit nodes from using exit nodes (salman) #6383
  • add HTTP client method to tsnet.Server (tailscale#6669) #6669 (Xe Iaso)
  • e27f4f0: cmd/tailscale/cli: add progress to tailscale file cp (Tom DNetto) #6547
  • bdc45b9: wgengine/magicsock: fix panic when rebinding fails (Mihai Parparita) #6650
  • 389238f: cmd/tailscale/cli: add workaround for improper named socket quoting in ssh command (James Tucker) #6673
  • 76389d8: net/tstun, wgengine/magicsock: enable vectorized I/O on Linux (tailscale#6663) (Jordan Whited) #6663
  • 383e203: cmd/tailscale/cli: update lock status help strings (tailscale#6675) (Walter Poupore) #6675
  • eb1adf6: net/tstun: reuse buffered packet from pool (Maisem Ali) #6678
  • b630944: wgengine/router: fix tests on systems with older Busybox 'ip' binary (Andrew Dunham) #6684
  • update golang.zx2c4.com/wireguard to github.com/tailscale/wireguard-go (tailscale#6692) #6692 (Jordan Whited)
  • update win/apple licenses #6693 (License Updater)
  • 9d335aa: cmd/tailscale/cli: [ssh] fix typo in help text (tailscale#6694) (shayne) #6694
  • 5a523fd: go.mod: update deps to add support for GOARCH=loong64 (Brad Fitzpatrick) #6701
  • 7b65b7f: go.mod: bump tailscale/wireguard-go for loong64 (Brad Fitzpatrick) #6703
  • 53e2010: cmd/tailscaled: change Windows implementation to shut down subprocess via closing its stdin (Aaron Klotz) #6682
  • 47002d9: ipn/ipnlocal: add a few metrics for PeerAPI and LocalAPI (Mihai Parparita) #6691
  • b2d4abf: cmd/k8s-operator: add a kubernetes operator. (David Anderson) #6713
  • 041a0e3: client/tailscale: add APIs for auth key management. (tailscale#6715) (Dave Anderson) #6715
  • c47578b: util/multierr: add Range (tailscale#6643) (Joe Tsai) #6643
  • bd2995c: ipn/ipnlocal: simplify redactErr (tailscale#6716) (Joe Tsai) #6716
  • ca08e31: util/endian: delete package; use updated josharian/native instead (Brad Fitzpatrick) #6717
  • 3b7ae39: cmd/k8s-operator: use the client's authkey method to create auth keys. (David Anderson) #6718
  • bc8f5a7: cmd/k8s-operator: add a basic unit test. (David Anderson) #6718
  • 53a9cc7: cmd/k8s-operator: rename main.go -> operator.go. (David Anderson) #6718
  • 8dbb3b8: cmd/k8s-operator: remove unused structs. Cleanup missed in tailscale#6718. (David Anderson) #6719
  • c902190: cmd/k8s-operator: factor out some of the larger expected test outputs. (David Anderson) #6720
  • 9c77205: cmd/k8s-operator: add more tests for "normal" paths. (David Anderson) #6720
  • add a target for doing dev builds of the k8s operator. #6722 (David Anderson)
  • 0d47cd2: wgengine/monitor: fix panic due to race on Windows (Andrew Dunham) #6723
  • 44be59c: wgengine/magicsock: fix panic in wireguard-go rate limiting path (Brad Fitzpatrick) #6724
  • 3f4d51c: net/dns: don't send on closed channel when message too large (Andrew Dunham) #6728
  • c0fcab0: client/tailscale: fix request object for key creation. (David Anderson) #6729
  • 8ccd707: cmd/k8s-operator: remove times requeues in proxy deletion path. (David Anderson) #6729
  • d857fd0: cmd/k8s-operator: sprinkle debug logging throughout. (David Anderson) #6732
  • 835a73c: cmd/k8s-operator: remove unnecessary timed requeue. (David Anderson) #6732
  • da53b13: cmd/gitops-pusher: support alternate api-server URLs (Denton Gentry) #6709
  • a7ab342: cmd/k8s-operator: refactor reconcile loop, un-plumbing reconcile.Result. (David Anderson) #6744
  • 3a5fc23: cmd/k8s-operator: use oauth credentials for API access. (David Anderson) #6746
  • 55b2400: net/tstun: don't return early from a partial tun.Read() (tailscale#6745) (Jordan Whited) #6745
  • 350aab0: util/multierr: optimize New for nil cases (tailscale#6750) (Joe Tsai) #6750
  • 56f7da0: ssh/tailssh: set default Tailscale SSH $PATH for non-interactive commands (Brad Fitzpatrick) #6748
  • 8171eb6: cmd/k8s-operator: move the operator into its own namespace. (David Anderson) #6749
  • 53c4892: ipn/ipnserver: propagate http.Serve error (Anton Tolchanov) #6753
  • update win/apple licenses #6711 (License Updater)
  • update tailscale{,d} licenses #6488 (License Updater)
  • c02ccf6: go.mod: bump dhcp dep to remove another endian package from our tree (Brad Fitzpatrick) #6756
  • update tailscale{,d} licenses #6757 (License Updater)
  • 651e0d8: ssh/tailssh: add envknob for default PATH (Brad Fitzpatrick) #6759
  • d9df023: net/connstats: enforce maximum number of connections (tailscale#6760) (Joe Tsai) #6760
  • update win/apple licenses #6765 (License Updater)
  • af31277: cmd/containerboot: allow disabling secret storage in k8s. (David Anderson) #6767
  • 914d115: go.mod: bump tailscale/wireguard-go for big-endian fix (tailscale#6785) (Jordan Whited) #6785
  • update tailscale{,d} licenses #6787 (License Updater)
  • 3c452b9: util/winutil: fix erroneous condition in implementation of getRegIntegerInternal (Aaron Klotz) #6789
  • 0f60492: ipn/ipnlocal: fix StatusWithoutPeers not populating parts of Status (Brad Fitzpatrick) #6783
  • 5caf609: go.toolchain.rev: bump Go to 1.19.4 (Brad Fitzpatrick) #6790
  • a06217a: cmd/tailscale/cli: hide Windows named pipe default name in flag help (Brad Fitzpatrick) #6791
  • 296f535: netstat, portlist: update Windows implementation to disambiguate svchost processes (Aaron Klotz) #6081
  • update android licenses #6794 (License Updater)
  • e5fe205: cmd/sync-containers: program to sync tags between container registries. (David Anderson) #6796
  • a1ded4c: cmd/sync-containers: add a dry-run option. (David Anderson) #6797
  • 243490f: go.mod: bump x/sys for linux/arm64 cpu SIGILL fix (Brad Fitzpatrick) #6798
  • 7c77c48: go.toolchain.rev: bump Go (Brad Fitzpatrick) #6801
  • update tailscale{,d} licenses #6800 (License Updater)
  • 0372e14: net/dns: bump DNS-over-TCP size limit to 4k (Andrew Dunham) #6805
  • 2eff9c8: wgengine/magicsock: avoid ReadBatch/WriteBatch on old Linux kernels (Brad Fitzpatrick) #6808
  • f837d17: ssh/tailssh: fix typo in error message (Brad Fitzpatrick) #6810
  • 8aac77a: cmd/tailscale: fix "up" warning about netfilter-mode on Synology (Brad Fitzpatrick) #6812
  • 14e8afe: go.mod, etc: bump gvisor (andig) #6820
  • add time.Duration knob support #6819 (Brad Fitzpatrick)
  • be10b52: wgengine/magicsock: add TS_DISCO_PONG_IPV4_DELAY knob to bias IPv6 paths (Brad Fitzpatrick) #6819
  • 1011e64: wgengine/monitor: don't log unhandled RTM_{NEW,DEL}LINK messages (Andrew Dunham) #6822
  • 82b9689: ipn/ipnlocal: maintain a proxy handler per backend (tailscale#6804) (Anton Tolchanov) #6804
  • caa2fe3: wgengine/netstack: delete some dead code, old comment, use atomic int types (Brad Fitzpatrick) #6831
  • update win/apple licenses #6795 (License Updater)
  • update tailscale{,d} licenses #6821 (License Updater)
  • 84eaef0: ssh/tailssh: don't swallow process exit code in be-child (Brad Fitzpatrick) #6837
  • a45c9f9: wgengine/netstack: change netstack API to require LocalBackend (Claire Wang) #6835
  • update win/apple licenses #6838 (License Updater)
  • 2a1f1c7: scripts/installer.sh: add SUSE Enterprise Server. (Denton Gentry) #6841
  • construct short hash in dev mode if GitCommit is given. #6844 (David Anderson)
  • a7f05c6: flake.nix: init to ship unstable tailscale packages. (David Anderson) #6844
  • 3599364: cmd/nardump: Go tool to build Nix NARs and compute their hashes. (Brad Fitzpatrick) #6846
  • d2beaea: update-flake.sh: tooling to keep Nix SRI hashes in sync. (David Anderson) #6846
  • 7bfb999: cmd/printdep: support printing the toolchain SRI hash. (David Anderson) #6847
  • c86d9f2: flake.nix: rename package to just "tailscale". (David Anderson) #6848
  • update android licenses #6857 (License Updater)
  • ea70aa3: net/dns/resolvconffile: fix handling of multiple search domains (Brad Fitzpatrick) #6876
  • aad6830: util/codegen, all: use latest year, not time.Now, in generated files (Brad Fitzpatrick) #6877
  • 467ace7: cmd/tailscale: use localhost for QNAP authLogin.cgi (Denton Gentry) #6858
  • b2c55e6: net/tlsdial,tstest,version: use go command from $PATH (James Tucker) #6690
  • update android licenses #6864 (License Updater)
  • 91e64ca: cmd/tailscale/cli: redact private key in debug netmap output by default (David Anderson) #6825
  • b2b8e62: util/codegen: permit running in directories without copyright headers (Brad Fitzpatrick) #6883
  • eafbf88: ipn/localapi: add localapi debug endpoints for packet filter/matches (Brad Fitzpatrick) #6886
  • c4e262a: ipn/profiles: set default prefs based on Windows registry (tailscale#6803) (Kristoffer Dalby) #6803
  • 8724aa2: cmd/tailscale,tka: implement compat for TKA messages, minor UX tweaks (Tom DNetto) #6882
  • 907f85c: cmd/tailscale,tka: make KeyID return an error instead of panicking (Tom DNetto) #6882
  • 0088c5d: health,ipn/ipnlocal: report the node being locked out as a health issue (Tom DNetto) #6892
  • make logs flush delay dynamic #6769 (Mihai Parparita)
  • permit 2023 in license headers #6898 (Brad Fitzpatrick)
  • 673b3d8: net/dns,userspace: remove unused DNS paths, normalize query limit on iOS (Tom DNetto) #6897
  • 69c0b7e: ipn/ipnlocal: add c2n handler to flush logtail for support debugging (Brad Fitzpatrick) #6896
  • 39efba5: cmd/containerboot: use TS_AUTHKEY as the parameter for auth keys (David Anderson) #6885
  • ebbf5c5: README.md: update with some new links, refresh (Brad Fitzpatrick) #6899
  • 8047dfa: ssh/tailssh: unify some of the incubator_* GOOS files into incubator.go (Brad Fitzpatrick) #6904
  • be67b8e: ssh/tailssh: fix Tailscale SSH to non-root tailscaled (Brad Fitzpatrick) #6904
  • 1116602: ssh/tailssh: add OpenBSD support for Tailscale SSH (Brad Fitzpatrick) #6909
  • update tailscale{,d} licenses #6921 (License Updater)
  • fff617c: go.mod: bump golang.org/x/net and dependencies (Will Norris) #6927
  • update tailscale{,d} licenses #6928 (License Updater)
  • 2afa167: ipn/ipnlocal: disallow unsigned peers from WoL (James Tucker) #6933
  • 22ebb25: cmd/tailscale: disable HTTPS verification for QNAP auth. (Denton Gentry) #6919
  • 1e67947: control/controlclient, tailcfg: add Node.Expired field, set for expired nodes (Andrew Dunham) #6929
  • 3becf82: types/views: add SliceEqualAnyOrder func (Will Norris) #6939
  • 2ac5474: net/flowtrack,wgengine/filter: refactor Cache to use generics (Tom DNetto) #6938
  • document zero value for KeyExpiry #6942 (Andrew Dunham)
  • update win/apple licenses #6945 (License Updater)
  • 25a0091: net/portmapper: relax handling of UPnP resp (tailscale#6946) (Jordan Whited) #6946
  • advertise unstable track in CLI, daemon start-up #6950 (Brad Fitzpatrick)
  • 8a1201a: cmd/tailscale: correct order for -terminate-tls flag in serve tcp usage (salman) #6951
  • 61dfbc0: cmd/tailscale/cli: plumb TUN mode into tailscale web template (Brad Fitzpatrick) #6952
  • 355c3b2: control/controlhttp: fix header case-sensitivity (Matthias Gabriel) #6955
  • 5eded58: cmd/tailscale/cli: make web show/link Synology outgoing connection mode/docs (Brad Fitzpatrick) #6957
  • 11ce5b7: ipn/ipnlocal, wgengine/magicsock: check Expired bool on Node; print error in Ping (Andrew Dunham) #6956
  • f011a09: cmd/tailscale/cli: style synology outgoing access info (tailscale#6959) (phirework) #6959
  • 67f82e6: ipn/ipnlocal: add Expired to PeerStatus (Mihai Parparita) #6960
  • d9144c7: cmd/tailscale: add start of "tailscale update" command (Brad Fitzpatrick) #6894
  • 006ec65: wgengine/filter: reorder RunOut disjunctive cases to match RunIn above (Brad Fitzpatrick) #6964
  • 3386a59: wgengine/filter: include IP proto number in unknown protocol errors (Brad Fitzpatrick) #6964
  • c1a2e2c: net/{packet,tstun},wgengine/filter: fix unknown IP protocol handling (Brad Fitzpatrick) #6965
  • 6d85a94: net/{packet,tstun}: fix typo in test helper docs (Brad Fitzpatrick) #6968
  • 3a018e5: ipn/ipnlocal: move handling of expired nodes to LocalBackend (Andrew Dunham) #6937
  • 3582628: net/dns/resolvconffile: link to FAQ about resolv.conf being overwritten (Brad Fitzpatrick) #6967
  • 72cc70e: flake.nix: update vendor hash. (David Anderson) #6969
  • 5f96d62: Remove redundant type declaration (andig) #6710
  • b657187: cmd/tailscale, logtail: add 'tailscale debug daemon-logs' logtail mechanism (Brad Fitzpatrick) #6971
  • update win/apple licenses #6983 (License Updater)
  • update android licenses #6977 (License Updater)
  • ee6d18e: cmd/tailscale/cli: implement --json for lock status and lock log cmds (Tom DNetto) #6940
  • 3eb986f: control/controlhttp: add TS_FORCE_NOISE_443, TS_DEBUG_NOISE_DIAL envknobs (Brad Fitzpatrick) #6986
  • eec734a: ipn/{ipnlocal,localapi}: ensure watcher is installed before /watch-ipn-bus/ responds with 200 (salman) #6936
  • 3addcac: net/dns: fix recently added URL scheme from http to https (Brad Fitzpatrick) #6992
  • 2df38b1: wgengine/magicsock: quiet log flood at tailscaled shutdown (Brad Fitzpatrick) #6993
  • aea251d: cmd/testwrapper: move from corp; mark magicsock test as flaky (Andrew Dunham) #6998
  • bump capver for Node.Expired #7003 (Andrew Dunham)
  • 58ad21b: wgengine/netstack: fix data race in tests (Andrew Dunham) #7010
  • mark more tests as flaky #7009 (Andrew Dunham)
  • 71a7b85: cmd/tailscale/cli: make "update" work on Windows (Brad Fitzpatrick) #6996
  • c129bf1: cmd/tailscale/cli: un-alpha login+switch in ShortUsage docs (Brad Fitzpatrick) #7012
  • start groundwork for using capver for localapi & peerapi #7016 (Brad Fitzpatrick)
  • fec8885: wgengine/magicsock: retry failed single packet ops across rebinds (tailscale#6990) (Jordan Whited) #6990
  • 73399f7: cmd/tailscale/cli: use mock impl of LocalClient for serve cmd (tailscale#6422) (shayne) #6422
  • 6793685: go.mod: bump AWS SDK past a breaking API change of theirs (Brad Fitzpatrick) #7025
  • 4471e40: ipn/ipnlocal: [serve] listen on all-interfaces for macOS sandboxed (tailscale#6771) (shayne) #6771
  • 5ca22a0: cmd/tailscale/cli: make 'tailscale update' support Debian/Ubuntu apt (Brad Fitzpatrick) #7028
  • ba5aa2c: version, cmd/tailscale: add version.Meta, tailscale version --json (Brad Fitzpatrick) #7029
  • d5100e0: net/connstats: mark TestConcurrent as flaky (Brad Fitzpatrick) #7032
  • fd92fbd: cmd/tailscale/cli: only give systemctl hint on systemd systems (Brad Fitzpatrick) #7033
  • 64547b2: tailcfg,hostinfo: add Hostinfo.Machine and Hostinfo.GoArchVar (Brad Fitzpatrick) #7035
  • update tailscale{,d} licenses #7026 (License Updater)
  • b74db24: tstest/integration: mark all integration tests as flaky (Andrew Dunham) #7037
  • b6aa1c1: envknob, hostinfo, ipn/ipnlocal: add start of opt-in remote update support (Brad Fitzpatrick) #7031
  • 06fff46: ipn/ipnstate: add PeerStatus.KeyExpiry for tailscale status --json (Brad Fitzpatrick) #7040
  • e002260: wgengine/wglog: add a prefix for all wireguard logs (James Tucker) #7042
  • 140b9aa: ipn/ipnlocal: fire expiry timer when the current node expires (Andrew Dunham) #7044
  • c8db70f: cmd/tailscale/cli: add debug set-expire command for testing (Brad Fitzpatrick) #7043
  • 6e5faff: ipn/ipnlocal: add health warning for Tailscale SSH + SELinux (Brad Fitzpatrick) #7046
  • c1daa42: client/tailscale/keys: fix client.Keys unmarshalling (Harry Bowron) #7021
  • e8b6956: cmd/mkpkg: allow specifying recommended dependencies (Anton Tolchanov) #7049
  • add an environment type for Replit #7051 (Anton Tolchanov)
  • explicitly install tailscale-archive-keyring #7052 (Anton Tolchanov)
  • 3038040: cmd/k8s-operator: remove use of InjectClient (deprecated) (Vince Prignano) #7017
  • d8feeee: wgengine/magicsock: fix buggy fast path in Conn.SetNetworkMap (Brad Fitzpatrick) #7057
  • 44d73ce: ipn/ipnlocal, net/dnscache: allow configuring dnscache logging via capability (Andrew Dunham) #7054
  • ab998de: VERSION.txt: this is v1.36.0 (Denton Gentry)
  • 0cebdd5: illumos/solaris support rebased onto 1.36 (Nahum Shalman)
  • 57ce85a: XXX go mod tidy (Nahum Shalman)
Assets 6
Loading