tailscale

mirror of https://github.com/tailscale/tailscale.git synced 2024-11-25 19:15:34 +00:00

Author	SHA1	Message	Date
Tom DNetto	7ca17b6bdb	tka: validate key after UpdateKey before applying state Signed-off-by: Tom DNetto <tom@tailscale.com>	2022-08-30 15:23:30 -07:00
Tom DNetto	f580f4484f	tka: move disablement logic out-of-band from AUMs It doesn't make a ton of sense for disablement to be communicated as an AUM, because any failure in the AUM or chain mechanism will mean disablement wont function. Instead, tracking of the disablement secrets remains inside the state machine, but actual disablement and communication of the disablement secret is done by the caller. Signed-off-by: Tom DNetto <tom@tailscale.com>	2022-08-25 14:25:34 -07:00
Tom DNetto	f50043f6cb	tka,types/key: remove dependency for tailcfg & types/ packages on tka Following the pattern elsewhere, we create a new tka-specific types package for the types that need to couple between the serialized structure types, and tka. Signed-off-by: Tom DNetto <tom@tailscale.com>	2022-08-04 12:51:58 -07:00
Tom DNetto	c13fab2a67	tka: add attack-scenario unit tests, defensive checks, resolve TODOs Signed-off-by: Tom DNetto <tom@tailscale.com>	2022-08-03 15:42:09 -07:00
Tom DNetto	023d4e2216	tka,types/key: implement NLPrivate glue for tailnet key authority keys Signed-off-by: Tom DNetto <tom@tailscale.com>	2022-07-29 12:16:32 -07:00
Tom DNetto	3709074e55	tka: implement State and applying AUMs Signed-off-by: Tom DNetto <tom@tailscale.com>	2022-07-07 11:25:26 -07:00