Skip to content

v1.66.1-sunos
Compare
Choose a tag to compare
@github-actions github-actions released this 12 May 01:54
· 11 commits to sunos-1.66 since this release
v1.66.1-sunos
8f5513b

Builds

Commits

  • 09524b5: VERSION.txt: this is v1.64.0 (Jenny Zhang) #11690
  • 2207643: VERSION.txt: this is v1.65.0 (Jenny Zhang) #11691
  • add gliderlabs/ssh license #11694 (Will Norris)
  • update license notices #11666 (License Updater)
  • 4d5d669: net/dns: unconditionally write NRPT rules to local settings (Aaron Klotz) #11684
  • optimize JSON processing (tailscale#11671) #11671 (Joe Tsai)
  • add exit destination for network flow logs node attribute (tailscale#11698) #11698 (Claire Wang)
  • enable allow LAN for android (tailscale#11709) #11709 (kari-ts)
  • a1abd12: cmd/tailscaled, net/tstun: build for aix/ppc64 (Brad Fitzpatrick) #11721
  • 65f2151: go.mod.sri: update SRI hash for go.mod changes (Flakes Updater) #11722
  • 170c618: ipn/ipnlocal: remove dead code now that Android uses LocalAPI instead (Brad Fitzpatrick) #11724
  • 970b1e2: ipn/ipnlocal: inline assertClientLocked into its now sole caller (Brad Fitzpatrick) #11725
  • 68043a1: ipn/ipnlocal: centralize assignments to cc + ccAuto in new method (Brad Fitzpatrick) #11725
  • 8186cd0: ipn/ipnlocal: delete redundant TestStatusWithoutPeers (Brad Fitzpatrick) #11725
  • bad3159: ipn/ipnlocal: delete useless SetControlClientGetterForTesting use (Brad Fitzpatrick) #11726
  • 271cfdb: util/syspolicy: clean up doc grammar and consistency (Brad Fitzpatrick) #11728
  • set default state path on AIX #11730 (Brad Fitzpatrick)
  • b9aa742: ipn/ipnlocal: remove some dead code (legacyBackend methods) from LocalBackend (Brad Fitzpatrick) #11739
  • fix default SYNO_ARCH in Makefile #11747 (Brad Fitzpatrick)
  • 38fb23f: cmd/k8s-operator,k8s-operator: allow users to configure proxy env vars via ProxyClass (tailscale#11743) (Irbe Krumina) #11743
  • 952e06a: wgengine/router: don't attempt route cleanup on Synology (Brad Fitzpatrick) #11746
  • 14c8b67: Revert "licenses: add gliderlabs/ssh license" (Will Norris) #11748
  • 449f46c: wgengine/magicsock: rebind/restun if a syscall.EPERM error is returned (tailscale#11711) (Charlotte Brandhorst-Satzkorn) #11711
  • 9171b21: cmd/tailscale, ipn/ipnlocal: add suggest exit node CLI option (tailscale#11407) (Claire Wang) #11407
  • 7ec0dc3: ipn/ipnlocal: make StartLoginInteractive take (yet unused) context (Brad Fitzpatrick) #11751
  • remove unused Options.LegacyMigrationPrefs #11752 (Brad Fitzpatrick)
  • 3c1e2bb: ipn/ipnlocal: remove outdated iOS hacky workaround in Start (Brad Fitzpatrick) #11754
  • document use of CapMap for peers #11759 (Adrian Dewhurst)
  • 26f9bbc: cmd/k8s-operator,k8s-operator: document tailscale.com Custom Resource Definitions better. (tailscale#11665) (Irbe Krumina) #11665
  • 0fba9e7: cmd/tailscale/cli: prevent concurrent Start calls in 'up' (Brad Fitzpatrick) #11761
  • 7e2b426: ipn/{localapi, ipnlocal}: forget the prior exit node when localAPI is used to zero the ExitNodeID (tailscale#11681) (Jonathan Nobels) #11681
  • 068db1f: net/interfaces: delete unused unexported function (Brad Fitzpatrick) #11765
  • use Go 1.22 range-over-int #11764 (Brad Fitzpatrick)
  • 62d4be8: cmd/tailscale/cli: fix drive --help usage identation (Paul Scott) #11757
  • a50e4e6: cmd/tailscale/cli: remove duplicate "tailscale " in drive subcmd usage (Paul Scott) #11757
  • eb34b8a: cmd/tailscale/cli: remove explicit usageFunc - its default (Paul Scott) #11757
  • 3ff3445: cmd/tailscale/cli: improve ShortHelp/ShortUsage unit test, fix new errors (Paul Scott) #11757
  • d07ede4: cmd/tailscale/cli: fix "subcommand required" errors when typod (Paul Scott) #11757
  • 454a03a: cmd/tailscale/cli: prepend "tailscale" to usage errors (Paul Scott) #11757
  • 226486e: net/interfaces: handle removed interfaces in State.Equal (Andrew Dunham) #11763
  • 3ef7f89: go.{mod,sum}: bump nftables to the latest commit (tailscale#11772) (Irbe Krumina) #11772
  • 21a0fe1: ipn/store: omit AWS & Kubernetes support on 'small' Linux GOARCHes (Brad Fitzpatrick) #11778
  • 82394de: cmd/tailscale: add shell tab-completion (Paul Scott) #11336
  • b85c2b2: net/dns/resolver: use SystemDial in DoH forwarder (Andrew Dunham) #11692
  • set SameSite=Strict, with an option for Lax (tailscale#11781) #11781 (Chris Palmer)
  • 22bd506: ipn/ipnlocal: hold the mutex when in onTailnetDefaultAutoUpdate (tailscale#11786) (Andrew Lytvynov) #11786
  • 03d5d1f: wgengine/magicsock: disable portmapper in tunchan-faked tests (Brad Fitzpatrick) #11787
  • c8b0adb: docs/windows/policy: add missing key expiration warning interval (Adrian Dewhurst) #11774
  • e775de3: go.mod: bump golang.org/x/net (tailscale#11775) (Andrew Lytvynov) #11775
  • allow object-src: self in CSP (tailscale#11782) #11782 (Chris Palmer)
  • 02c6af2: cmd/tailscale: clarify Taildrive grants in help text (Percy Wegmann) #11783
  • use Distro field for distinguishing Windows Server builds #11796 (Aaron Klotz)
  • create android impl (tailscale#11784) #11784 (kari-ts)
  • rename exit node destination network flow log node attribute (tailscale#11779) #11779 (Claire Wang)
  • rewrite Location headers #11798 (Percy Wegmann)
  • 94c0403: ipn/ipnlocal: strip origin and referer headers from Taildrive requests (Percy Wegmann) #11756
  • d16c129: ipn/ipnlocal: remove origin and referer headers from Taildrive requests (Percy Wegmann) #11756
  • bbe194c: cmd/k8s-operator: correctly determine cluster domain (tailscale#11512) (Irbe Krumina) #11512
  • return OS-specific version from LatestTailscaleVersion (tailscale#11812) #11812 (Andrew Lytvynov)
  • bff5276: ipn/ipnlocal,clientupdate: disallow auto-updates in containers (tailscale#11814) (Andrew Lytvynov) #11814
  • 9e1c869: wgengine\router: fix the Tailscale-In firewall rule to work on domain networks (Nick Khyl) #11817
  • 375617c: net/tsdial: assume all connections are affected if no default route is present (Andrew Dunham) #11811
  • pointerify RegisterRequest.Auth, omitemptify RegisterResponseAuth #11824 (Brad Fitzpatrick)
  • remove some unused fields from RegisterResponseAuth #11826 (Brad Fitzpatrick)
  • 5100bde: types/persist: remove unused field Persist.Provider (Brad Fitzpatrick) #11827
  • b743b85: ipn/ipnlocal,ssh/tailssh: reject c2n /update if SSH conns are active (tailscale#11820) (Andrew Lytvynov) #11820
  • 0a84215: release/dist/qnap: add qnap target builder (Sonia Appasamy) #11815
  • 06502b9: ipn/ipnlocal: reset auto-updates if unsupported on profile load (tailscale#11838) (Andrew Lytvynov) #11838
  • 63b3c82: ipn/local: log OS-specific diagnostic information as JSON (tailscale#11700) (Joe Tsai) #11700
  • fix flaky test by deleting the code it tested (Watch) #11839 (Brad Fitzpatrick)
  • 9779eb6: api.md: move device posture api to api.md (Kristoffer Dalby) #11794
  • e985c6e: ssh/tailssh: try fetching group IDs for user with the 'id' command (Andrew Dunham) #11845
  • b7e5122: util/osuser: add unit test for parseGroupIds (Percy Wegmann) #11845
  • update license notices #11744 (License Updater)
  • 3af0f52: cmd{containerboot,k8s-operator},util/linuxfw: support ExternalName Services (tailscale#11802) (Irbe Krumina) #11802
  • add62af: util/linuxfw,go.{mod,sum}: don't log errors when deleting non-existant chains and rules (tailscale#11852) (Irbe Krumina) #11852
  • c8e9128: wgengine/router: consolidate routes before reconfiguring router for mobile clients (Percy Wegmann) #11850
  • 0cce456: release/dist/qnap: use tmp file directory for qpkg building (Sonia Appasamy) #11859
  • 1d3e77f: util/syspolicy: add ReadStringArray interface (tailscale#11857) (Andrea Gottardo) #11857
  • 31e6bdb: ipn/ipnlocal: always stop the engine on auth when key has expired (Anton Tolchanov) #11807
  • 14ac41f: cmd/k8s-operator,k8s-operator: proxyclass affinity (tailscale#11862) (Lee Briggs) #11862
  • 5d4b4ff: release/dist/qnap: update perms for tmpDir files (Sonia Appasamy) #11865
  • 955ad12: ipn/ipnlocal: only show Taildrive peers to which ACLs grant us access (Percy Wegmann) #11856
  • 18765cd: release/dist/qnap: omit .qpkg.codesigning files (Sonia Appasamy) #11866
  • add auto exit node attribute (tailscale#11871) #11871 (Claire Wang)
  • add Tracker type, in prep for removing global variables #11875 (Brad Fitzpatrick)
  • break Warnable into a global and per-Tracker value halves #11876 (Brad Fitzpatrick)
  • handle mux pattern collisions more generally (tailscale#11801) #11801 (Chris Palmer)
  • permit Tracker method calls on nil receiver #11877 (Brad Fitzpatrick)
  • 723c775: tsd, ipnlocal, etc: add tsd.System.HealthTracker, start some plumbing (Brad Fitzpatrick) #11878
  • df8f409: cmd/k8s-operator,k8s-operator: optionally serve tailscaled metrics on Pod IP (tailscale#11699) (Irbe Krumina) #11699
  • 6d69fc1: ipn/{ipnlocal,localapi},wgengine{,/magicsock}: plumb health.Tracker (Brad Fitzpatrick) #11881
  • a4a282c: control/controlclient: plumb health.Tracker (Brad Fitzpatrick) #11882
  • 7459314: health, all: remove health.Global, finish plumbing health.Tracker (Brad Fitzpatrick) #11884
  • 71e9258: ipn/ipnlocal: fix null dereference for early suggested exit node queries (tailscale#11885) (Jonathan Nobels) #11885
  • 7f587d0: health, wgengine/magicsock: remove last of health package globals (Brad Fitzpatrick) #11889
  • 4dece0c: net/netutil: remove a use of deprecated interfaces.GetState (Brad Fitzpatrick) #11891
  • 7a62ddd: net/netcheck, wgengine/magicsock: make netmon.Monitor required (Brad Fitzpatrick) #11892
  • 4f73a26: ipn/ipnlocal: skip TestOnTailnetDefaultAutoUpdate on macOS for now (Brad Fitzpatrick) #11895
  • 3672f29: net/netns, net/dns/resolver, etc: make netmon required in most places (Brad Fitzpatrick) #11896
  • 45f0721: cmd/containerboot: wait on tailscaled process only (tailscale#11897) (Irbe Krumina) #11897
  • 6b95219: net/netmon, add: add netmon.State type alias of interfaces.State (Brad Fitzpatrick) #11901
  • b9adbe2: net/{interfaces,netmon}, all: merge net/interfaces package into net/netmon (Brad Fitzpatrick) #11901
  • 1e6cdb7: api.md: fix missing links after move of device posture (Kristoffer Dalby) #11870
  • 1452faf: cmd/containerboot,kube,ipn/store/kubestore: allow interactive login on kube, check Secret create perms, allow empty state Secret (tailscale#11326) (Irbe Krumina) #11326
  • 74c3994: api.md: explicitly set content-type headers in POST CURL examples (tailscale#11916) (Mario Minardi) #11916
  • b2b49cb: wgengine/wgcfg/nmcfg: skip expired peers (Andrew Dunham) #11816
  • add RouteInfo struct and persist it to StateStore #11750 (Fran Bull)
  • add flag shouldStoreRoutes and controlknob for it #11750 (Fran Bull)
  • write discovered domains to StateStore #11750 (Fran Bull)
  • unadvertise routes when reconfiguring app connector #11750 (Fran Bull)
  • setting AdvertiseRoutes explicitly discards app connector routes #11750 (Fran Bull)
  • exec systemctl instead of using dbus to restart (tailscale#11923) #11923 (Andrew Lytvynov)
  • add suggest exit node UI node attribute (tailscale#11918) #11918 (Claire Wang)
  • d02f1be: scripts/installer.sh: enable Alpine community repo if needed (tailscale#11837) (Andrew Lytvynov) #11837
  • 7d9c3f9: cmd/k8s-operator/deploy/manifests: check if IPv6 module is loaded before using it (tailscale#11867) (Irbe Krumina) #11867
  • 7ba8f03: ipn/ipnlocal: fix TestOnTailnetDefaultAutoUpdate on unsupported platforms (tailscale#11921) (Andrew Lytvynov) #11921
  • ec04c67: api.md: add documentation for new split DNS endpoints (tailscale#11922) (Mario Minardi) #11922
  • a47ce61: net/tstun: implement env var for disabling UDP GRO on Linux (tailscale#11924) (Jordan Whited) #11924
  • 1fe0730: Reset dial plan when switching profile (tailscale#11933) (Shaw Drastin) #11933
  • 44aa809: cmd/{k8s-nameserver,k8s-operator},k8s-operator: add a kube nameserver, make operator deploy it (tailscale#11919) (Irbe Krumina) #11919
  • fix AtomicValue for interface kinds (tailscale#11943) #11943 (Joe Tsai)
  • c47f930: types/views: use slices.Contains{,Func} (Brad Fitzpatrick) #11944
  • fe009c1: ipn/ipnlocal: reset the dialPlan only when the URL is unchanged (Andrew Dunham) #11942
  • 7455e02: util/slicesx: add AppendMatching (Brad Fitzpatrick) #11946
  • don't allow DELETE on read-only shares #11949 (Percy Wegmann)
  • de85610: cmd/k8s-operator/deploy/chart: allow users to configure additional labels for the operator's Pod via Helm chart values. (Gabe Gorelick) #11948
  • fa1303d: net/netmon: swap to swift-derived defaultRoute on macos (tailscale#11936) (Jonathan Nobels) #11936
  • ba34943: cmd/tailscale/cli/ffcomplete: omit and clean completion results (Paul Scott) #11955
  • 4c08410: cmd/tailscale/cli: set localClient.UseSocketOnly during flag parsing (Paul Scott) #11955
  • 45b9aa0: net/netmon: remove spammy log statements (tailscale#11953) (Jonathan Nobels) #11953
  • 843afe7: ssh/tailssh: add integration test (Percy Wegmann) #11906
  • 13e1355: scripts/installer.sh: remove unnecessary escaping in grep (tailscale#11950) (Andrew Lytvynov) #11950
  • 10497ac: net/tstun: refactor natConfig to not be per-family (Andrew Dunham) #11945
  • be663c8: net/tstun: rename natConfig to peerConfig (Andrew Dunham) #11958
  • 96712e1: health, ipn/ipnlocal: move more health warning code into health.Tracker (Brad Fitzpatrick) #11964
  • a49ed2e: derp,ipn/ipnlocal: stop calling rand.Seed (Maisem Ali) #11965
  • 19b31ac: cmd/{k8s-operator,k8s-nameserver},k8s-operator: update nameserver config with records for ingress/egress proxies (tailscale#11019) (Irbe Krumina) #11019
  • add exit destination logging enable for wgengine logger (tailscale#11952) #11952 (Claire Wang)
  • f97d0ac: net/dns/resolver: add better error wrapping (Andrew Dunham) #11969
  • cd633a7: cmd/k8s-operator/deploy,k8s-operator: document that metrics are unstable (tailscale#11979) (Irbe Krumina) #11979
  • use secret token to authenticate access to file server on localhost #11956 (Percy Wegmann)
  • use secret token to authenticate access to file server on localhost #11956 (Percy Wegmann)
  • use secret token to authenticate access to file server on localhost #11956 (Percy Wegmann)
  • use secret token to authenticate access to file server on localhost #11956 (Percy Wegmann)
  • use secret token to authenticate access to file server on localhost #11956 (Percy Wegmann)
  • use secret token to authenticate access to file server on localhost #11956 (Percy Wegmann)
  • ee3bd4d: derp/derphttp, net/netcheck: plumb netmon.Monitor to derp netcheck client (Brad Fitzpatrick) #11990
  • 4fa6cbe: ssh/tailssh: use ptr.To in test (Brad Fitzpatrick) #11990
  • 46f3fea: ssh/tailssh: plumb health.Tracker in test (Brad Fitzpatrick) #11990
  • 1fe0983: cmd/derper,tstest/nettest: skip network-needing test in airplane mode (Brad Fitzpatrick) #11990
  • 15fc6cd: derp/derphttp: fix netcheck HTTPS probes (Brad Fitzpatrick) #11990
  • e42c439: net/netcheck: don't spam on ICMP socket permission denied errors (Brad Fitzpatrick) #11990
  • e9505e5: ipn/ipnlocal: plumb health.Tracker into profileManager constructor (Andrew Dunham) #11987
  • b62cfc4: tstest/integration/testcontrol: fix data race (Brad Fitzpatrick) #11995
  • 35872e8: ipnlocal, magicsock: store last suggested exit node id in local backend (tailscale#11959) (Claire Wang) #11959
  • 4062936: cmd/k8s-operator: cleanup runReconciler signature (tailscale#11993) (Irbe Krumina) #11993
  • actually cache results on statcache #11978 (Percy Wegmann)
  • 817badf: ipn/ipnlocal: reuse transport across Taildrive remotes (Percy Wegmann) #11978
  • ensure in-flight requests are always marked as finished #12001 (Will Norris)
  • fd6ba43: types/views: remove duplicate SliceContainsFunc (Maisem Ali) #12004
  • ed843e6: types/views: add AppendStrings util func (Maisem Ali) #12004
  • remove redundant bumpStartIfNeeded func #12002 (Will Norris)
  • 1a96334: util/set: add Of variant of SetOf that takes variadic parameter (Brad Fitzpatrick) #12014
  • 41f2195: util/syspolicy: add auto exit node related keys (tailscale#11996) (Claire Wang) #11996
  • make more tests pass/skip in airplane mode #12013 (Brad Fitzpatrick)
  • update license notices #11915 (License Updater)
  • 7e0dd61: ipn/ipnlocal, tstest/integration: add panic to catch flaky test in the act (Brad Fitzpatrick) #12018
  • ce8969d: net/portmapper: add envknob to disable portmapper in localhost integration tests (Brad Fitzpatrick) #12018
  • caa3d75: ipn/ipnlocal, net/tsdial: plumb routes into tsdial and use them in UserDial (Nick Khyl) #11975
  • e26f76a: tstest/integration: add more debugging, logs to catch flaky test (Brad Fitzpatrick) #12026
  • aadb8d9: ipn/ipnlocal: don't send an empty BrowseToURL w/ WatchIPNBus NotifyInitialState (Brad Fitzpatrick) #12026
  • f3d2fd2: cmd/tailscale/cli: don't start WatchIPNBus until after up's initial Start (Brad Fitzpatrick) #12026
  • 5ef178f: net/tstun: refactor peerConfig to allow storing more details (Maisem Ali) #12023
  • implement stateful firewalling on Linux (tailscale#12025) #12025 (Andrew Lytvynov)
  • f62e678: net/dns/resolver, control/controlknobs, tailcfg: use UserDial instead of SystemDial to dial DNS servers (Nick Khyl) #11977
  • e670695: ipn/ipnlocal,net/tstun,wgengine: create and plumb jailed packet filter (Maisem Ali) #12024
  • af97e7a: tailcfg,all: add/plumb Node.IsJailed (Maisem Ali) #12024
  • bump capver for using NodeAttrUserDialUseRoutes for DNS #12029 (Maisem Ali)
  • 78fa698: cmd/tailscale/cli/ffcomplete: remove fullstop from ShortHelp (Paul Scott) #12034
  • 4717317: ipn/ipnlocal: set default NoStatefulFiltering in ipn.NewPrefs (tailscale#12031) (Andrew Lytvynov) #12031
  • 80df8ff: control/controlclient: early return and outdent some code (Brad Fitzpatrick) #12041
  • use EditPrefs instead of passing UpdatePrefs to starting (tailscale#12040) #12040 (kari-ts)
  • d7bdd8e: go.toolchain.rev: update to Go 1.22.3 (Brad Fitzpatrick) #12045
  • 85b9a6c: net/netcheck: do not add derps if IPv4/IPv6 is set to "none" (Maisem Ali) #12047
  • e1011f1: ipn/ipnlocal: call SetNetInfoCallback from NewLocalBackend (Maisem Ali) #12050
  • 9380e2d: ipn/ipnlocal: use lockAndGetUnlock in Start (Maisem Ali) #12049
  • 32bc596: ipn/ipnlocal: acquire b.mu once in Start (Maisem Ali) #12052
  • 727c0d6: ipn/ipnserver: close a small race in ipnserver, ~simplify code (Brad Fitzpatrick) #12053
  • 21509db: ipn/ipnlocal, all: plumb health trackers in tests (Brad Fitzpatrick) #12055
  • e5ef358: ipn/ipnlocal: fix read of keyExpired outside mutex (Brad Fitzpatrick) #12056
  • e968b0e: cmd/tailscale,controlclient,ipnlocal: fix 'up', deflake tests more (Brad Fitzpatrick) #12033
  • 6f4a1dc: ipn/ipnlocal: fix another read of keyExpired outside mutex (Anton Tolchanov) #12057
  • 8130656: api.md: remove extraneous commas in json examples (Sonia Appasamy) #12062
  • e2a0fc0: VERSION.txt: this is v1.66.0 (Nick O'Neill)
  • 60d8965: util/linuxfw: fix stateful packet filtering in nftables mode (Anton Tolchanov)
  • b10ee74: cmd/tailscale: add missing set flags for linux (Maisem Ali)
  • d904990: util/linuxfw: fix table name in DelStatefulRule (Andrew Dunham)
  • d77499e: wgengine/router: print Docker warning when stateful filtering is enabled (Andrew Dunham)
  • 88e23b6: VERSION.txt: this is v1.66.1 (Nick O'Neill)
  • 6531d20: illumos/solaris support rebased onto 1.66.1 (Nahum Shalman)
  • 8f5513b: build tailscale client (Kevin Meziere)
Assets 10