v1.62.0-sunos
·
338 commits
to sunos-1.66
since this release
Commits
- 7c0651a: scripts/installer.sh: add tuxedoOS to the Ubuntu copies (Nathan Woodburn) #11050
- b0e96a6: net/dns: log more info when openresolv commands fail (Andrew Dunham) #11130
- 61a1644: go.mod, all: move away from inet.af domain seized by Taliban (Brad Fitzpatrick) #11132
- 7ad2bb8: go.mod.sri: update SRI hash for go.mod changes (Flakes Updater) #11133
- b7104cd: util/topk: add package containing a probabilistic top-K tracker (Andrew Dunham) #11029
- disable auto update on NixOS (tailscale#11136) #11136 (Patrick O'Doherty)
- 52f16b5: doctor/ethtool, ipn/ipnlocal: add ethtool bugreport check (Andrew Dunham) #11138
- 4d66841: wgengine/router: fix ip rule restoration (Jason Barnett) #10858
- 3aca29e: VERSION.txt: this is v1.61.0 (Percy Wegmann) #11148
- 69f5664: ipn/ipnlocal: fix doctor API endpoint (tailscale#11155) (San) #11155
- 2448781: cmd/tailscale: make web client URL clickable (Will Norris) #11164
- 6b582cb: cmd/tailscale: support clickable IPv6 web client addresses (Will Norris) #11165
- 44e337c: tool/gocross: pass flags for visionOS and visionOS Simulator (tailscale#11127) (Andrea Gottardo) #11127
- 70b7201: net/dns: fix infinite loop when run on Amazon Linux 2023 (Andrew Dunham) #11163
- allow longer idle log upload connections #11167 (James Tucker)
- 794af40: ipn/ipnlocal: remove ancient transition mechanism for https certs (Brad Fitzpatrick) #11168
- add TLS probe constructor to split dial addr from cert name #11177 (Brad Fitzpatrick)
- 8fe5042: net/ktimeout: add a package to set TCP user timeout (James Tucker) #11181
- d756622: util/syspolicy: add ManagedBy keys for Windows (tailscale#11183) (Andrea Gottardo) #11183
- 91a1019: cmd/testwrapper: apply results of all unit tests to coverage for all packages (Percy Wegmann) #11188
- 7708ab6: cmd/tailscale/cli: pass "-o 'CanonicalizeHostname no'" to ssh (Paul Scott) #10368
- plumb context to Server.verifyClient #11192 (Brad Fitzpatrick)
- 10d130b: cmd/derper, derp, tailcfg: add admission controller URL option (Brad Fitzpatrick) #11193
- 0359c2f: util/syspolicy: add 'ResetToDefaults' (tailscale#11194) (Andrea Gottardo) #11194
- edbad6d: cmd/derper: add user timeout and reduce TCP keepalive (James Tucker) #11182
- 72140da: client/web: update vite-plugin-svgr to latest version (tailscale#11197) (Mario Minardi) #11197
- 713d292: client/web: update plugin-react-swc to latest version (tailscale#11199) (Mario Minardi) #11199
- e8d2fc7: net/tshttpproxy: log when we're using a proxy (Andrew Dunham) #11203
- 131f909: wgengine/wglog: quieten WireGuard logs for allowedips (James Tucker) #11213
- 15b2c67: cmd/tailscale: add node attribute instructions to share command help (Percy Wegmann) #11212
- ac281dd: client/web: update vite and vitest to latest versions (tailscale#11200) (Mario Minardi) #11200
- c8c999d: cli/debug: rename DERP debug mode (tailscale#11220) (Andrea Gottardo) #11220
- 651c489: net/interfaces: reduce & cleanup logs on iOS (James Tucker) #11221
- c9b6d19: .github/workflows: fix typo in XDG_CACHE_HOME (James Tucker) #11223
- 0c5e65e: cmd/derper: apply TCP keepalive and timeout to TLS as well (James Tucker) #11225
- 8d0d464: net/dns: timeout DOH requests after 10s without response headers (James Tucker) #11227
- 8b9474b: wgengine/wgcfg: don't send UAPI to disable keep-alives on new peers (Brad Fitzpatrick) #11231
- 6ad6d6b: wgengine/wglog: add TS_DEBUG_RAW_WGLOG envknob for raw wg logs (Brad Fitzpatrick) #11232
- ff1391a: net/dns/publicdns: add Mullvad family DNS to the list of known DoH servers (mrrfv) #11215
- remove LenIter, use Go 1.22 range-over-int instead #11241 (Brad Fitzpatrick)
- replace webdavfs with reverse proxies #11187 (Percy Wegmann)
- cd9cf93: wgengine/netstack: expose TCP forwarder drops via clientmetrics (Anton Tolchanov) #11245
- 9aa704a: client/web: restrict serveAPI endpoints to peer capabilities (Sonia Appasamy) #11217
- 95f2656: client/web: use grants on web UI frontend (Sonia Appasamy) #11217
- 82c569a: go.mod: update web-client-prebuilt module (OSS Updater) #11254
- b42b981: net/dns: do not wait for the interface registry key to appear if the windowsManager is being closed (Nick Khyl) #11224
- 7ef1fb1: cmd/tailscaled, ipn/ipnlocal, wgengine: shutdown tailscaled if wgdevice is closed (Nick Khyl) #11224
- warn about reverse path filtering and exit nodes #11191 (Anton Tolchanov)
- 9a8c2f4: types/key: remove copy returning array by value (Brad Fitzpatrick) #11239
- reduce critical section #11239 (Brad Fitzpatrick)
- make pendOpen time later, after dup check #11239 (Brad Fitzpatrick)
- 1cf8582: ipn/ipnstate, wgengine/wgint: add handshake attempts accessors (Brad Fitzpatrick) #11239
- 086ef19: scripts/installer.sh: auto-start tailscale on Alpine (tailscale#11214) (Keli) #11214
- fix race condition in tailfs_test #11262 (Percy Wegmann)
- 45d27fa: cmd/k8s-operator,k8s-operator,go.{mod,sum},tstest/tools: add Tailscale Kubernetes operator API docs (tailscale#11246) (Irbe Krumina) #11246
- 303125d: cmd/k8s-operator: configure all proxies with declarative config (tailscale#11238) (Irbe Krumina) #11238
- 95dcc17: cmd/k8s-operator: reconcile tailscale Ingresses when their backend Services change. (tailscale#11255) (Irbe Krumina) #11255
- add latitude, longitude for node location (tailscale#11162) #11162 (Claire Wang)
- c5abbcd: wgengine/netstack: add a per-client limit for in-flight TCP forwards (Andrew Dunham) #11258
- 7912d76: client/web: update to typescript 5.3.3 (tailscale#11267) (Mario Minardi) #11267
- expose function to generate request IDs #11273 (Andrew Dunham)
- a20e46a: util/cache: fix missing interface methods (tailscale#11275) (Andrew Dunham) #11275
- 3dd8ae2: net/tstun: fix spelling of "WireGuard" (Andrew Dunham) #11278
- 74b8985: ipn/ipnstate, wgengine: make PeerStatusLite.LastHandshake zero Time means none (Brad Fitzpatrick) #11277
- use slices.Clone in two places #11277 (Brad Fitzpatrick)
- rename local variable from 'found' to conventional 'ok' #11277 (Brad Fitzpatrick)
- 7e17aeb: .github/workflows: fix regular breakage of go toolchains (James Tucker) #11279
- 69f4b45: wgengine{,/wgint}: add wgint.Peer wrapper type, add to wgengine.Engine (Brad Fitzpatrick) #11284
- e83e2e8: client/web: fix Vite CJS deprecation warning (tailscale#11288) (Ross Zurowski) #11288
- 2d5d6f5: ipn,wgengine: only intercept TailFS traffic on quad 100 (Percy Wegmann) #11294
- b68a09c: ipn/ipnlocal: make active IPN sessions keyed by sessionID (Brad Fitzpatrick) #11291
- allow empty redirect URL in CleanRedirectURL (tailscale#11295) #11295 (Andrew Lytvynov)
- plumb the PeerByKey from wgengine to magicsock #11297 (Brad Fitzpatrick)
- support storing bookmark data on shares #11276 (Percy Wegmann)
- include full tailfs shares in ipn notifications #11276 (Percy Wegmann)
- 097c5ed: util/linuxfw: insert rather than append nftables DNAT rule (tailscale#11303) (Irbe Krumina) #11303
- handle multiple versions in "apk info tailscale" output (tailscale#11310) #11310 (Andrew Lytvynov)
- 00554ad: go.mod.sri: update SRI hash for go.mod changes (Flakes Updater) #11247
- only impersonate unprivileged user if able to sudo -u as that user #11314 (Percy Wegmann)
- dff6f33: docs/k8s: update docs (tailscale#11307) (Irbe Krumina) #11307
- add more test cases for TestCleanRedirectURL (tailscale#11331) #11331 (Chris Palmer)
- add suggest exit node related node attribute (tailscale#11329) #11329 (Claire Wang)
- 2fa20e3: util/cmpver: add Less/LessEq helper funcs (Paul Scott) #11334
- 8780e33: go.toolchain.rev: bump Go toolchain to 1.22.1 (Brad Fitzpatrick) #11337
- 65c3c69: {ipn/serve,cmd/tailscale/cli}: move some shared funcs to ipn (Sonia Appasamy) #11338
- 4338db2: wgengine/magicsock: prefer link-local addresses to private ones (Andrew Dunham) #11340
- update tailscale{,d} licenses #11073 (License Updater)
- update win/apple licenses #11100 (License Updater)
- update android licenses #11093 (License Updater)
- 65255b0: client/tailscale: add postures to UserRuleMatch (Kristoffer Dalby) #11250
- c58c59e: {ipn,cmd/tailscale/cli}: move ServeConfig mutation logic to ipn/serve (Sonia Appasamy) #11339
- 00373f0: ipn/ipnlocal: exclude mullvad exit nodes from TailFS peers list (Percy Wegmann) #11349
- 0cb8646: ipn/localapi: add set-gui-visible endpoint (Andrea Gottardo) #11308
- add comment about thread-safety to StateStore #11350 (Percy Wegmann)
- fd942b5: ipn/ipnlocal: reduce allocations in TailFS share notifications (Percy Wegmann) #11312
- 90c4067: util/linuxfw: add container-friendly IPv6 NAT check (tailscale#11353) (Irbe Krumina) #11353
- add String method to tsweb.RequestID #11356 (Andrew Dunham)
- 62cf83e: go.mod: bump gvisor (Andrew Dunham) #11357
- 9884d06: net/interfaces: fix test hang on Darwin (Andrew Dunham) #11358
- 3047b62: docs/k8s: don't run subnet router in userspace mode (tailscale#11363) (Irbe Krumina) #11363
- 3417643: cmd/derper, types/logger: move log filter to shared package (Andrew Dunham) #11149
- c662bd9: client/web: dedupe packages in yarn.lock (tailscale#11327) (Mario Minardi) #11327
- bump CapabilityVersion (tailscale#11368) #11368 (Claire Wang)
- 54e5253: version/mkversion: enforce synology versions within int32 range (Sonia Appasamy) #11377
- f072d01: wgengine/magicsock: don't change DERP home when not connected to control (Andrew Dunham) #11378
- 16ae0f6: cmd/viewer: import views when generating byteSliceField (Percy Wegmann) #11366
- 6c160e6: ipn,tailfs: tie TailFS share configuration to user profile (Percy Wegmann) #11366
- e496451: ipn,cmd/tailscale,client/tailscale: add support for renaming TailFS shares (Percy Wegmann) #11366
- 50a570a: Code Improvements (tailscale#11311) (panchajanya) #11311
- 43fba6e: util/linuxfw: correct logical error in NAT table check (tailscale#11380) (James Tucker) #11380
- 055117a: util/linuxfw: fix support for containers without IPv6 iptables filters (tailscale#11381) (James Tucker) #11381
- 04fceae: go.mod.sri: update SRI hash for go.mod changes (Flakes Updater) #11359
- ad33e47: ipn/{ipnlocal,localapi}: add debug verb to force spam IPN bus NetMap (Brad Fitzpatrick) #11387
- 7429e89: wgengine/netstack: fix bug with duplicate SYN packets in client limit (Andrew Dunham) #11298
- export probe counters and cumulative latency #11287 (Anton Tolchanov)
- remove unused derp prober latency measurements #11287 (Anton Tolchanov)
- add a DERP bandwidth probe #11287 (Anton Tolchanov)
- cc950c0: VERSION.txt: this is v1.62.0 (Anton Tolchanov)
- 555416a: illumos/solaris support rebased onto 1.62.0 (Nahum Shalman)