The easiest, most secure way to use WireGuard and 2FA.
Go to file
Andrew Dunham 1e67947cfa control/controlclient, tailcfg: add Node.Expired field, set for expired nodes
Nodes that are expired, taking into account the time delta calculated
from MapResponse.ControlTime have the newly-added Expired boolean set.
For additional defense-in-depth, also replicate what control does and
clear the Endpoints and DERP fields, and additionally set the node key
to a bogus value.

Updates #6932

Signed-off-by: Andrew Dunham <andrew@du.nham.ca>
Change-Id: Ia2bd6b56064416feee28aef5699ca7090940662a
2023-01-11 09:45:21 -05:00
.bencher bencher: add config to suppress failures on benchmark regressions. 2021-10-01 16:16:02 -07:00
.github feat(build): add support on Loongnix-Server (loong64) (#6233) 2022-12-11 20:16:40 -08:00
atomicfile refactor: move from io/ioutil to io and os packages 2022-09-15 21:45:53 -07:00
chirp all: fix spelling mistakes 2022-09-29 13:36:13 -07:00
client/tailscale client/tailscale: fix request object for key creation. 2022-12-13 13:49:35 -08:00
cmd cmd/tailscale: disable HTTPS verification for QNAP auth. 2023-01-10 21:49:28 -08:00
control control/controlclient, tailcfg: add Node.Expired field, set for expired nodes 2023-01-11 09:45:21 -05:00
derp derp: prevent concurrent access to multiForwarder map 2022-11-28 22:49:06 +00:00
disco all: use strs.CutPrefix and strs.CutSuffix more 2022-11-21 14:32:16 -08:00
docs docs/webhooks: use subtle.ConstantTimeCompare for comparing signatures 2022-11-30 11:58:25 -05:00
doctor doctor: add package for running in-depth healthchecks; use in bugreport (#5413) 2022-09-26 13:07:28 -04:00
envknob envknob: add time.Duration knob support 2022-12-21 08:34:49 -08:00
health health,ipn/ipnlocal: report the node being locked out as a health issue 2023-01-04 16:20:47 -08:00
hostinfo types/ptr: move all the ptrTo funcs to one new package's ptr.To 2022-11-30 17:50:51 -08:00
internal/tooldeps all: remove old +build tags 2022-11-04 07:25:42 -07:00
ipn ipn/ipnlocal: disallow unsigned peers from WoL 2023-01-10 15:54:48 -08:00
jsondb jsondb: small package to load/save JSON DBs. 2022-07-12 11:56:38 -07:00
kube kube: handle 201 as a valid status code. 2022-10-16 14:47:27 -07:00
licenses licenses: update tailscale{,d} licenses 2023-01-10 09:39:19 -08:00
log all: remove old +build tags 2022-11-04 07:25:42 -07:00
logpolicy all: fix spelling mistakes 2022-09-29 13:36:13 -07:00
logtail ipn/ipnlocal: add c2n handler to flush logtail for support debugging 2023-01-05 12:06:07 -08:00
metrics util/dirwalk, metrics, portlist: add new package for fast directory walking 2022-11-05 16:26:51 -07:00
net net/dns,userspace: remove unused DNS paths, normalize query limit on iOS 2023-01-05 11:56:14 -08:00
packages/deb refactor: move from io/ioutil to io and os packages 2022-09-15 21:45:53 -07:00
paths paths: set QNAP socket to /tmp. 2022-12-02 22:07:42 -08:00
portlist netstat, portlist: update Windows implementation to disambiguate svchost processes 2022-12-19 15:38:49 -06:00
prober prober: fix test flake 2022-11-02 09:58:40 -04:00
safesocket all: use named pipes on windows 2022-11-30 04:05:26 +05:00
scripts scripts: permit 2023 in license headers 2023-01-05 11:41:47 -08:00
smallzstd refactor: move from io/ioutil to io and os packages 2022-09-15 21:45:53 -07:00
ssh/tailssh ssh/tailssh: add OpenBSD support for Tailscale SSH 2023-01-09 12:58:15 -08:00
syncs syncs: add Map (#6260) 2022-11-10 10:55:26 -08:00
tailcfg control/controlclient, tailcfg: add Node.Expired field, set for expired nodes 2023-01-11 09:45:21 -05:00
tempfork all: remove old +build tags 2022-11-04 07:25:42 -07:00
tka cmd/tailscale,tka: make KeyID return an error instead of panicking 2023-01-04 09:51:31 -08:00
tool cmd/tsconnect: run wasm-opt on the generated wasm file 2022-10-25 13:16:37 -07:00
tsconst net/interfaces/windows: update Tailscale interface detection logic to 2021-11-08 07:44:33 -08:00
tsnet wgengine/netstack: change netstack API to require LocalBackend 2022-12-23 14:01:26 -08:00
tstest ssh/tailssh: add OpenBSD support for Tailscale SSH 2023-01-09 12:58:15 -08:00
tstime tstime: fix ParseDuration for '6' digit (#6363) 2022-11-16 21:01:09 -08:00
tsweb tsweb: export version metrics to Prometheus 2022-11-22 15:50:10 +00:00
types control/controlclient, tailcfg: add Node.Expired field, set for expired nodes 2023-01-11 09:45:21 -05:00
util control/controlclient, tailcfg: add Node.Expired field, set for expired nodes 2023-01-11 09:45:21 -05:00
version net/tlsdial,tstest,version: use go command from $PATH 2023-01-03 09:30:23 -08:00
wf all: remove old +build tags 2022-11-04 07:25:42 -07:00
wgengine net/dns,userspace: remove unused DNS paths, normalize query limit on iOS 2023-01-05 11:56:14 -08:00
words words: hybrid theory (#6404) 2022-11-24 10:28:11 -08:00
.gitattributes .: add .gitattributes entry to use Go hunk-header driver 2021-12-03 17:56:02 -08:00
.gitignore gitignore: ignore direnv nix-shell environment cache (#6520) 2022-11-26 09:30:00 -05:00
ALPINE.txt Docker: add ALPINE.txt to manage alpine versions 2022-06-29 11:47:09 -07:00
api.md api.md: change "admin panel" to "admin console" 2022-12-05 11:21:55 -08:00
AUTHORS Move Linux client & common packages into a public repo. 2020-02-09 09:32:57 -08:00
build_dist.sh cmd/tailscaled, net/tstun: add build tags to omit BIRD and TAP 2022-11-07 11:13:14 -05:00
build_docker.sh Makefile: add a target for doing dev builds of the k8s operator. 2022-12-13 09:50:57 -08:00
CODE_OF_CONDUCT.md Add a code of conduct. 2020-02-10 22:16:30 -08:00
Dockerfile cmd/containerboot: PID1 for running tailscaled in a container. 2022-11-03 15:30:32 -07:00
Dockerfile.base Dockerfile: bump alpine to 3.16 2022-06-29 10:29:37 -07:00
flake.lock flake.nix: init to ship unstable tailscale packages. 2022-12-24 14:49:03 -08:00
flake.nix flake.nix: rename package to just "tailscale". 2022-12-24 18:17:24 -08:00
go.mod go.mod: bump golang.org/x/net and dependencies 2023-01-10 09:30:44 -08:00
go.mod.sri flake.nix: init to ship unstable tailscale packages. 2022-12-24 14:49:03 -08:00
go.sum go.mod: bump golang.org/x/net and dependencies 2023-01-10 09:30:44 -08:00
go.toolchain.branch go.toolchain.rev: switch to Go 1.19rc2+ 2022-07-28 11:28:21 -07:00
go.toolchain.rev go.toolchain.rev: bump Go 2022-12-19 20:30:34 -08:00
go.toolchain.sri update-flake.sh: tooling to keep Nix SRI hashes in sync. 2022-12-24 15:22:41 -08:00
LICENSE LICENSE: Reformat for Github 2021-01-24 16:20:22 -08:00
Makefile Makefile: add a target for doing dev builds of the k8s operator. 2022-12-13 09:50:57 -08:00
PATENTS Move Linux client & common packages into a public repo. 2020-02-09 09:32:57 -08:00
pull-toolchain.sh update-flake.sh: tooling to keep Nix SRI hashes in sync. 2022-12-24 15:22:41 -08:00
README.md README.md: update with some new links, refresh 2023-01-05 13:06:45 -08:00
SECURITY.md Add a SECURITY.md for vulnerability reports. 2020-02-11 10:26:41 -08:00
shell.nix update-flake.sh: tooling to keep Nix SRI hashes in sync. 2022-12-24 15:22:41 -08:00
staticcheck.conf staticcheck.conf: remove unnecessary warning 2021-06-22 12:26:13 -07:00
update-flake.sh update-flake.sh: tooling to keep Nix SRI hashes in sync. 2022-12-24 15:22:41 -08:00
version_test.go Dockerfile: add test that build-env Alpine version matches go.mod 2022-09-16 12:19:09 -07:00
version-embed.go cmd/printdep: support printing the toolchain SRI hash. 2022-12-24 15:40:22 -08:00
VERSION.txt VERSION.txt: this is v1.35.0 2022-12-05 09:51:51 -08:00

Tailscale

https://tailscale.com

Private WireGuard® networks made easy

Overview

This repository contains the majority of Tailscale's open source code. Notably, it includes the tailscaled daemon and the tailscale CLI tool. The tailscaled daemon runs on Linux, Windows, macOS, and to varying degrees on FreeBSD and OpenBSD. The Tailscale iOS and Android apps use this repo's code, but this repo doesn't contain the mobile GUI code.

Other Tailscale repos of note:

For background on which parts of Tailscale are open source and why, see https://tailscale.com/opensource/.

Using

We serve packages for a variety of distros and platforms at https://pkgs.tailscale.com.

Other clients

The macOS, iOS, and Windows clients use the code in this repository but additionally include small GUI wrappers. The GUI wrappers on non-open source platforms are themselves not open source.

Building

We always require the latest Go release, currently Go 1.19. (While we build releases with our Go fork, its use is not required.)

go install tailscale.com/cmd/tailscale{,d}

If you're packaging Tailscale for distribution, use build_dist.sh instead, to burn commit IDs and version info into the binaries:

./build_dist.sh tailscale.com/cmd/tailscale
./build_dist.sh tailscale.com/cmd/tailscaled

If your distro has conventions that preclude the use of build_dist.sh, please do the equivalent of what it does in your distro's way, so that bug reports contain useful version information.

Bugs

Please file any issues about this code or the hosted service on the issue tracker.

Contributing

PRs welcome! But please file bugs. Commit messages should reference bugs.

We require Developer Certificate of Origin Signed-off-by lines in commits.

See git log for our commit message style. It's basically the same as Go's style.

About Us

Tailscale is primarily developed by the people at https://github.com/orgs/tailscale/people. For other contributors, see:

WireGuard is a registered trademark of Jason A. Donenfeld.