tailscale/control/controlclient
Adrian Dewhurst 04dd6d1dae
control/controlclient: sign RegisterRequest (#1549)
control/controlclient: sign RegisterRequest

Some customers wish to verify eligibility for devices to join their
tailnets using machine identity certificates. TLS client certs could
potentially fulfill this role but the initial customer for this feature
has technical requirements that prevent their use. Instead, the
certificate is loaded from the Windows local machine certificate store
and uses its RSA public key to sign the RegisterRequest message.

There is room to improve the flexibility of this feature in future and
it is currently only tested on Windows (although Darwin theoretically
works too), but this offers a reasonable starting place for now.

Updates tailscale/coral#6

Signed-off-by: Adrian Dewhurst <adrian@tailscale.com>
2021-03-26 10:01:08 -04:00
..
auto.go control, ipn, tailcfg: remove golang.org/x/oauth2 dep, add tailcfg.Oauth2Token 2021-03-19 10:40:48 -07:00
controlclient_test.go cover one more case in TestStatusEqual. 2021-01-08 10:23:32 -08:00
debug_test.go tailcfg, control/controlclient: add goroutine dump debug feature 2021-03-03 10:56:01 -08:00
debug.go tailcfg, control/controlclient: add goroutine dump debug feature 2021-03-03 10:56:01 -08:00
direct_test.go types/netmap: split controlclient.NetworkMap off into its own leaf package 2021-02-05 16:18:52 -08:00
direct.go control/controlclient: sign RegisterRequest (#1549) 2021-03-26 10:01:08 -04:00
filter.go wgengine/filter: remove the Matches type. 2020-11-09 21:39:25 -08:00
hostinfo_linux.go control/controlclient, version/distro: detect NixOS explicitly 2020-12-21 21:03:04 -08:00
hostinfo_windows.go control/controlclient: cache Windows version 2021-03-15 21:40:32 -07:00
sign_supported.go control/controlclient: sign RegisterRequest (#1549) 2021-03-26 10:01:08 -04:00
sign_unsupported.go control/controlclient: sign RegisterRequest (#1549) 2021-03-26 10:01:08 -04:00
sign.go control/controlclient: sign RegisterRequest (#1549) 2021-03-26 10:01:08 -04:00