mirrors
/
tailscale
mirror of https://github.com/tailscale/tailscale.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
tailscale/ipn
History
Tom DNetto f1ab11e961 ipn/ipnlocal,tailcfg: introduce capability to gate TKA init paths 
Previously, `TAILSCALE_USE_WIP_CODE` was needed to hit a bunch of the TKA paths. With
this change:

 - Enablement codepaths (NetworkLockInit) and initialization codepaths (tkaBootstrapFromGenesisLocked via tkaSyncIfNeeded)
   require either the WIP envknob or CapabilityTailnetLockAlpha.
 - Normal operation codepaths (tkaSyncIfNeeded, tkaFilterNetmapLocked) require TKA to be initialized, or either-or the
   envknob / capability.
 - Auxillary commands (ie: changing tka keys) require TKA to be initialized.

The end result is that it shouldn't be possible to initialize TKA (or subsequently use any of its features) without being
sent the capability or setting the envknob on tailscaled yourself.

I've also pulled out a bunch of unnecessary checks for CanSupportNetworkLock().

Signed-off-by: Tom DNetto <tom@tailscale.com>
 		2022-11-30 13:50:22 -08:00
..
ipnauth all: use named pipes on windows 2022-11-30 04:05:26 +05:00
ipnlocal ipn/ipnlocal,tailcfg: introduce capability to gate TKA init paths 2022-11-30 13:50:22 -08:00
ipnserver cmd/tailscaled: unify the two Windows paths + separate IPN server path 2022-11-28 13:31:49 -08:00
ipnstate cmd/tailscale,ipn: surface TKA-filtered peers in lock status command 2022-11-30 13:25:31 -08:00
localapi cmd/tailscale,ipn: store disallowed TKA's in prefs, lock local-disable 2022-11-29 13:43:38 -08:00
policy ipn/policy: treat DNS service as interesting so it's not filtered out 2021-12-03 12:55:54 -08:00
store all: remove old +build tags 2022-11-04 07:25:42 -07:00
backend.go ipn: remove unused Backend interface 2022-11-28 19:03:27 -08:00
doc.go ipn: add WebServerConfig, add views 2022-11-09 06:17:45 -08:00
fake_test.go ipn/ipnlocal: add support for multiple user profiles 2022-11-11 10:45:47 +05:00
ipn_clone.go ipn,types/persist: add DisallowedTKAStateIDs, refactor as view type 2022-11-29 12:29:42 -08:00
ipn_view.go ipn,types/persist: add DisallowedTKAStateIDs, refactor as view type 2022-11-29 12:29:42 -08:00
prefs.go ipn: be more consistent with omitempty on debug/rare Prefs 2022-11-30 04:33:27 -08:00
prefs_test.go ipn: add ability to name profiles 2022-11-22 04:03:24 +05:00
serve.go cmd/tailscale/cli, ipn: move serve CLI funcs on to ServeConfig (#6401) 2022-11-19 09:42:14 -05:00
store.go cmd/tailscale/cli, ipn: move serve CLI funcs on to ServeConfig (#6401) 2022-11-19 09:42:14 -05:00