Mirror of tailscale/tailscale@github.com
Go to file
Brad Fitzpatrick bfc1261ab6 crypto/x509: keep smaller root cert representation in memory until needed
(from patchset 1, c12c890c64dd6372b3893af1e6f5ab11802c9e81, of
https://go-review.googlesource.com/c/go/+/230025/1, with merges fixes
due to parent commit's differents from its ps1..ps3)

Instead of parsing the PEM files and then storing the *Certificate
values forever, still parse them to see if they're valid and pick out
some fields, but then only store the decoded pem.Block.Bytes until
that cert is first needed.

Saves about 500K of memory on my (Debian stable) machine after doing a
tls.Dial or calling x509.SystemCertPool.

A more aggressive version of this is still possible: we can not keep
the pem.Block.Bytes in memory either, and re-read them from disk when
necessary. But dealing with files disappearing and even large
multi-cert PEM files changing (with offsets sliding around) made this
conservative version attractive. It doesn't change the
slurp-roots-on-startup semantics. It just does so with less memory
retained.

Change-Id: I3aea333f4749ae3b0026042ec3ff7ac015c72204
2020-04-24 21:27:48 -07:00
.github Disable staticcheck for tempfork packages. 2020-04-24 20:46:06 -07:00
atomicfile scripts: add a license header checker. 2020-03-17 21:34:44 -07:00
cmd cmd/taillogin: delete it 2020-04-19 21:40:52 -07:00
control/controlclient control/controlclient: add missing vlog, for consistency with other sites 2020-04-21 15:36:46 -07:00
derp derp/derphttp: avoid endless reconnect race on failure 2020-04-11 13:37:20 -07:00
ipn all: remove unnecessary trailing newlines in format patterns for consistency 2020-04-11 08:35:34 -07:00
logpolicy logpolicy: include Go version in version log 2020-04-09 14:46:19 -07:00
logtail logtail: add ParsePublicID that doesn't allocate 2020-04-13 08:54:35 -07:00
metrics metrics: add a LabelMap type for variables with 1 label dimension. 2020-03-04 13:22:50 -08:00
net net/interfaces: add IsExpensive and up state to State 2020-04-10 20:25:12 -07:00
netcheck netcheck: aggregate spammy logging onto one concise line 2020-04-09 13:14:38 -07:00
paths paths: use /var/db for state on BSDs, and /var/run for sockets. 2020-03-03 17:49:31 -08:00
portlist portlist: don't depend on osexec package on ios, even if it's unused 2020-04-07 08:09:13 -07:00
ratelimit Move Linux client & common packages into a public repo. 2020-02-09 09:32:57 -08:00
safesocket safesocket: gofmt 2020-03-30 11:23:18 -07:00
scripts scripts: add a license header checker. 2020-03-17 21:34:44 -07:00
stun stun, stunner: clarify an error log message more 2020-03-15 22:19:45 -07:00
stunner stunner: fix data race. 2020-03-25 23:11:22 -07:00
syncs syncs: add new package for extra sync types 2020-03-12 11:13:33 -07:00
tailcfg tailcfg: add auth key to RegisterRequest 2020-04-09 20:17:09 +10:00
tempfork crypto/x509: keep smaller root cert representation in memory until needed 2020-04-24 21:27:48 -07:00
testy testy: fix clock initialization when Start is provided. 2020-04-17 13:20:09 -07:00
tstime tstime: hand-implement parseInt for specific needs of rfc3339 parsing. 2020-04-14 12:36:55 -07:00
tsweb tsweb: add ReturnHandlerFunc. 2020-04-22 15:34:28 -07:00
types all: remove unnecessary trailing newlines in format patterns for consistency 2020-04-11 08:35:34 -07:00
version version: bump date 2020-04-10 08:23:36 -07:00
wgengine wgengine/monitor: disable monitor on Android 2020-04-24 06:35:31 -07:00
.gitattributes .gitattributes: add a smudge filter for go.mod. 2020-02-19 20:02:02 -05:00
.gitignore cmd/relaynode: drop local --acl-file in favour of central packet filter. 2020-02-20 00:15:43 -05:00
AUTHORS Move Linux client & common packages into a public repo. 2020-02-09 09:32:57 -08:00
CODE_OF_CONDUCT.md Add a code of conduct. 2020-02-10 22:16:30 -08:00
Dockerfile Dockerfile: add some usage docs, bump to Go 1.14 2020-04-06 07:57:47 -07:00
LICENSE Move Linux client & common packages into a public repo. 2020-02-09 09:32:57 -08:00
PATENTS Move Linux client & common packages into a public repo. 2020-02-09 09:32:57 -08:00
README.md Dockerfile: add some usage docs, bump to Go 1.14 2020-04-06 07:57:47 -07:00
SECURITY.md Add a SECURITY.md for vulnerability reports. 2020-02-11 10:26:41 -08:00
go.mod wgengine/magicsock: use netaddr more 2020-04-17 15:15:42 -07:00
go.sum wgengine/magicsock: use netaddr more 2020-04-17 15:15:42 -07:00

README.md

Tailscale

https://tailscale.com

Private WireGuard® networks made easy

Overview

This repository contains all the open source Tailscale code. It currently includes the Linux client.

The Linux client is currently cmd/relaynode, but will soon be replaced by cmd/tailscaled.

Using

We serve packages for a variety of distros at https://pkgs.tailscale.com .

Building

go install tailscale.com/cmd/tailscale{,d}

We only guarantee to support the latest Go release and any Go beta or release candidate builds (currently Go 1.14) in module mode. It might work in earlier Go versions or in GOPATH mode, but we're making no effort to keep those working.

Bugs

Please file any issues about this code or the hosted service on the issue tracker.

Contributing

under_construction.gif

PRs welcome, but we are still working out our contribution process and tooling.

We require Developer Certificate of Origin Signed-off-by lines in commits.

About Us

We are apenwarr, bradfitz, crawshaw, danderson, dfcarney, from Tailscale Inc. You can learn more about us from our website.

WireGuard is a registered trademark of Jason A. Donenfeld.