bfc1261ab6
(from patchset 1, c12c890c64dd6372b3893af1e6f5ab11802c9e81, of https://go-review.googlesource.com/c/go/+/230025/1, with merges fixes due to parent commit's differents from its ps1..ps3) Instead of parsing the PEM files and then storing the *Certificate values forever, still parse them to see if they're valid and pick out some fields, but then only store the decoded pem.Block.Bytes until that cert is first needed. Saves about 500K of memory on my (Debian stable) machine after doing a tls.Dial or calling x509.SystemCertPool. A more aggressive version of this is still possible: we can not keep the pem.Block.Bytes in memory either, and re-read them from disk when necessary. But dealing with files disappearing and even large multi-cert PEM files changing (with offsets sliding around) made this conservative version attractive. It doesn't change the slurp-roots-on-startup semantics. It just does so with less memory retained. Change-Id: I3aea333f4749ae3b0026042ec3ff7ac015c72204 |
||
---|---|---|
.github | ||
atomicfile | ||
cmd | ||
control/controlclient | ||
derp | ||
ipn | ||
logpolicy | ||
logtail | ||
metrics | ||
net | ||
netcheck | ||
paths | ||
portlist | ||
ratelimit | ||
safesocket | ||
scripts | ||
stun | ||
stunner | ||
syncs | ||
tailcfg | ||
tempfork | ||
testy | ||
tstime | ||
tsweb | ||
types | ||
version | ||
wgengine | ||
.gitattributes | ||
.gitignore | ||
AUTHORS | ||
CODE_OF_CONDUCT.md | ||
Dockerfile | ||
LICENSE | ||
PATENTS | ||
README.md | ||
SECURITY.md | ||
go.mod | ||
go.sum |
README.md
Tailscale
Private WireGuard® networks made easy
Overview
This repository contains all the open source Tailscale code. It currently includes the Linux client.
The Linux client is currently cmd/relaynode
, but will
soon be replaced by cmd/tailscaled
.
Using
We serve packages for a variety of distros at https://pkgs.tailscale.com .
Building
go install tailscale.com/cmd/tailscale{,d}
We only guarantee to support the latest Go release and any Go beta or release candidate builds (currently Go 1.14) in module mode. It might work in earlier Go versions or in GOPATH mode, but we're making no effort to keep those working.
Bugs
Please file any issues about this code or the hosted service on the issue tracker.
Contributing
under_construction.gif
PRs welcome, but we are still working out our contribution process and tooling.
We require Developer Certificate of
Origin
Signed-off-by
lines in commits.
About Us
We are apenwarr, bradfitz, crawshaw, danderson, dfcarney, from Tailscale Inc. You can learn more about us from our website.
WireGuard is a registered trademark of Jason A. Donenfeld.