From 97204fdc526136b42ede74db7de0debc6e13803b Mon Sep 17 00:00:00 2001
From: Brad Fitzpatrick <bradfitz@tailscale.com>
Date: Mon, 19 Apr 2021 11:35:02 -0700
Subject: [PATCH] safesocket: remove/update some old TODOs

Windows auth is done by looking at the owner of the TCP connection.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
---
 safesocket/pipe_windows.go | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/safesocket/pipe_windows.go b/safesocket/pipe_windows.go
index e8c256adf..2b28d5570 100644
--- a/safesocket/pipe_windows.go
+++ b/safesocket/pipe_windows.go
@@ -15,7 +15,6 @@ func path(vendor, name string, port uint16) string {
 	return fmt.Sprintf("127.0.0.1:%v", port)
 }
 
-// TODO(apenwarr): handle magic cookie auth
 func connect(path string, port uint16) (net.Conn, error) {
 	pipe, err := net.Dial("tcp", fmt.Sprintf("127.0.0.1:%d", port))
 	if err != nil {
@@ -36,7 +35,7 @@ func setFlags(network, address string, c syscall.RawConn) error {
 //   built on top of an API that's a disaster. So for now we'll hack it by
 //   just always using a TCP session on a fixed port on localhost. As a
 //   result, on Windows we ignore the vendor and name strings.
-// TODO(apenwarr): handle magic cookie auth
+//   NOTE(bradfitz): Jason did a new pipe package: https://go-review.googlesource.com/c/sys/+/299009
 func listen(path string, port uint16) (_ net.Listener, gotPort uint16, _ error) {
 	lc := net.ListenConfig{
 		Control: setFlags,