tailscale/ipn/ipnlocal
Percy Wegmann 955ad12489 ipn/ipnlocal: only show Taildrive peers to which ACLs grant us access
This improves convenience and security.

* Convenience - no need to see nodes that can't share anything with you.
* Security - malicious nodes can't expose shares to peers that aren't
             allowed to access their shares.

Updates tailscale/corp#19432

Signed-off-by: Percy Wegmann <percy@tailscale.com>
2024-04-24 17:49:04 -05:00
..
testdata ipn/ipnlocal: fix the path for writing cert files (#7203) 2023-02-07 14:34:04 -08:00
breaktcp_darwin.go cmd/tailscale: add debug commands to break connections 2023-08-11 06:37:26 -07:00
breaktcp_linux.go cmd/tailscale: add debug commands to break connections 2023-08-11 06:37:26 -07:00
c2n_pprof.go ipn/ipnlocal: add c2n /debug/pprof/allocs endpoint 2024-03-22 17:29:59 -05:00
c2n_test.go util/cmpx: delete now that we're using Go 1.22 2024-02-07 18:10:15 -08:00
c2n.go ipn/ipnlocal,ssh/tailssh: reject c2n /update if SSH conns are active (#11820) 2024-04-22 10:27:12 -06:00
cert_js.go ipn/ipnlocal: add c2n method to check on TLS cert fetch status 2023-11-16 14:08:38 -08:00
cert_test.go all: use Go 1.21 slices, maps instead of x/exp/{slices,maps} 2023-08-17 08:42:35 -07:00
cert.go ipn/ipnlocal: remove ancient transition mechanism for https certs 2024-02-17 10:33:11 -08:00
dnsconfig_test.go util/cmpx: delete now that we're using Go 1.22 2024-02-07 18:10:15 -08:00
drive.go ipn/ipnlocal: only show Taildrive peers to which ACLs grant us access 2024-04-24 17:49:04 -05:00
expiry_test.go types/netmap, all: make NetworkMap.SelfNode a tailcfg.NodeView 2023-08-21 13:34:49 -07:00
expiry.go ssh/tailssh: use control server time instead of local time 2023-11-17 11:10:11 -06:00
local_test.go util/syspolicy: add ReadStringArray interface (#11857) 2024-04-23 22:23:48 -07:00
local.go ipn/ipnlocal: always stop the engine on auth when key has expired 2024-04-24 14:47:57 +01:00
loglines_test.go all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
network-lock_test.go ipn/ipnlocal,cmd/tailscale: persist tailnet name in user profile 2023-11-17 17:00:11 -05:00
network-lock.go all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
peerapi_h2c.go all: update copyright and license headers 2023-01-27 15:36:29 -08:00
peerapi_macios_ext.go all: update copyright and license headers 2023-01-27 15:36:29 -08:00
peerapi_test.go all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
peerapi.go tailscale: switch tailfs to drive syntax for api and logs (#11625) 2024-04-04 13:07:58 -07:00
profiles_notwindows.go ipn/ipnlocal: fix profile duplication 2023-08-08 13:43:37 -06:00
profiles_test.go ipn/ipnlocal: reset auto-updates if unsupported on profile load (#11838) 2024-04-22 16:55:25 -06:00
profiles_windows.go ipn/ipnlocal: better enforce system policies 2023-12-06 14:45:06 -05:00
profiles.go ipn/ipnlocal: reset auto-updates if unsupported on profile load (#11838) 2024-04-22 16:55:25 -06:00
serve_test.go ipn/ipnlocal: q-encode (RFC 2047) Tailscale serve header values 2024-04-03 09:08:29 -07:00
serve.go all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
ssh_stub.go ipnlocal: log failure to get ssh host keys 2024-01-30 16:57:16 -06:00
ssh_test.go ipn/ipnlocal: drop not required StateKey parameter 2023-01-30 17:58:55 -08:00
ssh.go ipnlocal: log failure to get ssh host keys 2024-01-30 16:57:16 -06:00
state_test.go all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
taildrop.go ipn/localapi: add support for multipart POST to file-put 2024-03-27 08:53:52 -05:00
web_client_stub.go ipn/ipnlocal: add mutex to webClient struct 2023-11-15 17:57:48 -05:00
web_client.go all: remove LenIter, use Go 1.22 range-over-int instead 2024-02-25 12:29:45 -08:00