Release v1.66.1-sunos · nshalman/tailscale

Builds

deps: bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (tailscale#11410) #11410 (dependabot[bot])
deps-dev: bump vite from 5.1.4 to 5.1.7 in /client/web #11609 (dependabot[bot])

Commits

09524b5: VERSION.txt: this is v1.64.0 (Jenny Zhang) #11690
2207643: VERSION.txt: this is v1.65.0 (Jenny Zhang) #11691
add gliderlabs/ssh license #11694 (Will Norris)
update license notices #11666 (License Updater)
4d5d669: net/dns: unconditionally write NRPT rules to local settings (Aaron Klotz) #11684
optimize JSON processing (tailscale#11671) #11671 (Joe Tsai)
add exit destination for network flow logs node attribute (tailscale#11698) #11698 (Claire Wang)
enable allow LAN for android (tailscale#11709) #11709 (kari-ts)
a1abd12: cmd/tailscaled, net/tstun: build for aix/ppc64 (Brad Fitzpatrick) #11721
65f2151: go.mod.sri: update SRI hash for go.mod changes (Flakes Updater) #11722
170c618: ipn/ipnlocal: remove dead code now that Android uses LocalAPI instead (Brad Fitzpatrick) #11724
970b1e2: ipn/ipnlocal: inline assertClientLocked into its now sole caller (Brad Fitzpatrick) #11725
68043a1: ipn/ipnlocal: centralize assignments to cc + ccAuto in new method (Brad Fitzpatrick) #11725
8186cd0: ipn/ipnlocal: delete redundant TestStatusWithoutPeers (Brad Fitzpatrick) #11725
bad3159: ipn/ipnlocal: delete useless SetControlClientGetterForTesting use (Brad Fitzpatrick) #11726
271cfdb: util/syspolicy: clean up doc grammar and consistency (Brad Fitzpatrick) #11728
set default state path on AIX #11730 (Brad Fitzpatrick)
b9aa742: ipn/ipnlocal: remove some dead code (legacyBackend methods) from LocalBackend (Brad Fitzpatrick) #11739
fix default SYNO_ARCH in Makefile #11747 (Brad Fitzpatrick)
38fb23f: cmd/k8s-operator,k8s-operator: allow users to configure proxy env vars via ProxyClass (tailscale#11743) (Irbe Krumina) #11743
952e06a: wgengine/router: don't attempt route cleanup on Synology (Brad Fitzpatrick) #11746
14c8b67: Revert "licenses: add gliderlabs/ssh license" (Will Norris) #11748
449f46c: wgengine/magicsock: rebind/restun if a syscall.EPERM error is returned (tailscale#11711) (Charlotte Brandhorst-Satzkorn) #11711
9171b21: cmd/tailscale, ipn/ipnlocal: add suggest exit node CLI option (tailscale#11407) (Claire Wang) #11407
7ec0dc3: ipn/ipnlocal: make StartLoginInteractive take (yet unused) context (Brad Fitzpatrick) #11751
remove unused Options.LegacyMigrationPrefs #11752 (Brad Fitzpatrick)
3c1e2bb: ipn/ipnlocal: remove outdated iOS hacky workaround in Start (Brad Fitzpatrick) #11754
document use of CapMap for peers #11759 (Adrian Dewhurst)
26f9bbc: cmd/k8s-operator,k8s-operator: document tailscale.com Custom Resource Definitions better. (tailscale#11665) (Irbe Krumina) #11665
0fba9e7: cmd/tailscale/cli: prevent concurrent Start calls in 'up' (Brad Fitzpatrick) #11761
7e2b426: ipn/{localapi, ipnlocal}: forget the prior exit node when localAPI is used to zero the ExitNodeID (tailscale#11681) (Jonathan Nobels) #11681
068db1f: net/interfaces: delete unused unexported function (Brad Fitzpatrick) #11765
use Go 1.22 range-over-int #11764 (Brad Fitzpatrick)
62d4be8: cmd/tailscale/cli: fix drive --help usage identation (Paul Scott) #11757
a50e4e6: cmd/tailscale/cli: remove duplicate "tailscale " in drive subcmd usage (Paul Scott) #11757
eb34b8a: cmd/tailscale/cli: remove explicit usageFunc - its default (Paul Scott) #11757
3ff3445: cmd/tailscale/cli: improve ShortHelp/ShortUsage unit test, fix new errors (Paul Scott) #11757
d07ede4: cmd/tailscale/cli: fix "subcommand required" errors when typod (Paul Scott) #11757
454a03a: cmd/tailscale/cli: prepend "tailscale" to usage errors (Paul Scott) #11757
226486e: net/interfaces: handle removed interfaces in State.Equal (Andrew Dunham) #11763
3ef7f89: go.{mod,sum}: bump nftables to the latest commit (tailscale#11772) (Irbe Krumina) #11772
21a0fe1: ipn/store: omit AWS & Kubernetes support on 'small' Linux GOARCHes (Brad Fitzpatrick) #11778
82394de: cmd/tailscale: add shell tab-completion (Paul Scott) #11336
b85c2b2: net/dns/resolver: use SystemDial in DoH forwarder (Andrew Dunham) #11692
set SameSite=Strict, with an option for Lax (tailscale#11781) #11781 (Chris Palmer)
22bd506: ipn/ipnlocal: hold the mutex when in onTailnetDefaultAutoUpdate (tailscale#11786) (Andrew Lytvynov) #11786
03d5d1f: wgengine/magicsock: disable portmapper in tunchan-faked tests (Brad Fitzpatrick) #11787
c8b0adb: docs/windows/policy: add missing key expiration warning interval (Adrian Dewhurst) #11774
e775de3: go.mod: bump golang.org/x/net (tailscale#11775) (Andrew Lytvynov) #11775
allow object-src: self in CSP (tailscale#11782) #11782 (Chris Palmer)
02c6af2: cmd/tailscale: clarify Taildrive grants in help text (Percy Wegmann) #11783
use Distro field for distinguishing Windows Server builds #11796 (Aaron Klotz)
create android impl (tailscale#11784) #11784 (kari-ts)
rename exit node destination network flow log node attribute (tailscale#11779) #11779 (Claire Wang)
rewrite Location headers #11798 (Percy Wegmann)
94c0403: ipn/ipnlocal: strip origin and referer headers from Taildrive requests (Percy Wegmann) #11756
d16c129: ipn/ipnlocal: remove origin and referer headers from Taildrive requests (Percy Wegmann) #11756
bbe194c: cmd/k8s-operator: correctly determine cluster domain (tailscale#11512) (Irbe Krumina) #11512
return OS-specific version from LatestTailscaleVersion (tailscale#11812) #11812 (Andrew Lytvynov)
bff5276: ipn/ipnlocal,clientupdate: disallow auto-updates in containers (tailscale#11814) (Andrew Lytvynov) #11814
9e1c869: wgengine\router: fix the Tailscale-In firewall rule to work on domain networks (Nick Khyl) #11817
375617c: net/tsdial: assume all connections are affected if no default route is present (Andrew Dunham) #11811
pointerify RegisterRequest.Auth, omitemptify RegisterResponseAuth #11824 (Brad Fitzpatrick)
remove some unused fields from RegisterResponseAuth #11826 (Brad Fitzpatrick)
5100bde: types/persist: remove unused field Persist.Provider (Brad Fitzpatrick) #11827
b743b85: ipn/ipnlocal,ssh/tailssh: reject c2n /update if SSH conns are active (tailscale#11820) (Andrew Lytvynov) #11820
0a84215: release/dist/qnap: add qnap target builder (Sonia Appasamy) #11815
06502b9: ipn/ipnlocal: reset auto-updates if unsupported on profile load (tailscale#11838) (Andrew Lytvynov) #11838
63b3c82: ipn/local: log OS-specific diagnostic information as JSON (tailscale#11700) (Joe Tsai) #11700
fix flaky test by deleting the code it tested (Watch) #11839 (Brad Fitzpatrick)
9779eb6: api.md: move device posture api to api.md (Kristoffer Dalby) #11794
e985c6e: ssh/tailssh: try fetching group IDs for user with the 'id' command (Andrew Dunham) #11845
b7e5122: util/osuser: add unit test for parseGroupIds (Percy Wegmann) #11845
update license notices #11744 (License Updater)
3af0f52: cmd{containerboot,k8s-operator},util/linuxfw: support ExternalName Services (tailscale#11802) (Irbe Krumina) #11802
add62af: util/linuxfw,go.{mod,sum}: don't log errors when deleting non-existant chains and rules (tailscale#11852) (Irbe Krumina) #11852
c8e9128: wgengine/router: consolidate routes before reconfiguring router for mobile clients (Percy Wegmann) #11850
0cce456: release/dist/qnap: use tmp file directory for qpkg building (Sonia Appasamy) #11859
1d3e77f: util/syspolicy: add ReadStringArray interface (tailscale#11857) (Andrea Gottardo) #11857
31e6bdb: ipn/ipnlocal: always stop the engine on auth when key has expired (Anton Tolchanov) #11807
14ac41f: cmd/k8s-operator,k8s-operator: proxyclass affinity (tailscale#11862) (Lee Briggs) #11862
5d4b4ff: release/dist/qnap: update perms for tmpDir files (Sonia Appasamy) #11865
955ad12: ipn/ipnlocal: only show Taildrive peers to which ACLs grant us access (Percy Wegmann) #11856
18765cd: release/dist/qnap: omit .qpkg.codesigning files (Sonia Appasamy) #11866
add auto exit node attribute (tailscale#11871) #11871 (Claire Wang)
add Tracker type, in prep for removing global variables #11875 (Brad Fitzpatrick)
break Warnable into a global and per-Tracker value halves #11876 (Brad Fitzpatrick)
handle mux pattern collisions more generally (tailscale#11801) #11801 (Chris Palmer)
permit Tracker method calls on nil receiver #11877 (Brad Fitzpatrick)
723c775: tsd, ipnlocal, etc: add tsd.System.HealthTracker, start some plumbing (Brad Fitzpatrick) #11878
df8f409: cmd/k8s-operator,k8s-operator: optionally serve tailscaled metrics on Pod IP (tailscale#11699) (Irbe Krumina) #11699
6d69fc1: ipn/{ipnlocal,localapi},wgengine{,/magicsock}: plumb health.Tracker (Brad Fitzpatrick) #11881
a4a282c: control/controlclient: plumb health.Tracker (Brad Fitzpatrick) #11882
7459314: health, all: remove health.Global, finish plumbing health.Tracker (Brad Fitzpatrick) #11884
71e9258: ipn/ipnlocal: fix null dereference for early suggested exit node queries (tailscale#11885) (Jonathan Nobels) #11885
7f587d0: health, wgengine/magicsock: remove last of health package globals (Brad Fitzpatrick) #11889
4dece0c: net/netutil: remove a use of deprecated interfaces.GetState (Brad Fitzpatrick) #11891
7a62ddd: net/netcheck, wgengine/magicsock: make netmon.Monitor required (Brad Fitzpatrick) #11892
4f73a26: ipn/ipnlocal: skip TestOnTailnetDefaultAutoUpdate on macOS for now (Brad Fitzpatrick) #11895
3672f29: net/netns, net/dns/resolver, etc: make netmon required in most places (Brad Fitzpatrick) #11896
45f0721: cmd/containerboot: wait on tailscaled process only (tailscale#11897) (Irbe Krumina) #11897
6b95219: net/netmon, add: add netmon.State type alias of interfaces.State (Brad Fitzpatrick) #11901
b9adbe2: net/{interfaces,netmon}, all: merge net/interfaces package into net/netmon (Brad Fitzpatrick) #11901
1e6cdb7: api.md: fix missing links after move of device posture (Kristoffer Dalby) #11870
1452faf: cmd/containerboot,kube,ipn/store/kubestore: allow interactive login on kube, check Secret create perms, allow empty state Secret (tailscale#11326) (Irbe Krumina) #11326
74c3994: api.md: explicitly set content-type headers in POST CURL examples (tailscale#11916) (Mario Minardi) #11916
b2b49cb: wgengine/wgcfg/nmcfg: skip expired peers (Andrew Dunham) #11816
add RouteInfo struct and persist it to StateStore #11750 (Fran Bull)
add flag shouldStoreRoutes and controlknob for it #11750 (Fran Bull)
write discovered domains to StateStore #11750 (Fran Bull)
unadvertise routes when reconfiguring app connector #11750 (Fran Bull)
setting AdvertiseRoutes explicitly discards app connector routes #11750 (Fran Bull)
exec systemctl instead of using dbus to restart (tailscale#11923) #11923 (Andrew Lytvynov)
add suggest exit node UI node attribute (tailscale#11918) #11918 (Claire Wang)
d02f1be: scripts/installer.sh: enable Alpine community repo if needed (tailscale#11837) (Andrew Lytvynov) #11837
7d9c3f9: cmd/k8s-operator/deploy/manifests: check if IPv6 module is loaded before using it (tailscale#11867) (Irbe Krumina) #11867
7ba8f03: ipn/ipnlocal: fix TestOnTailnetDefaultAutoUpdate on unsupported platforms (tailscale#11921) (Andrew Lytvynov) #11921
ec04c67: api.md: add documentation for new split DNS endpoints (tailscale#11922) (Mario Minardi) #11922
a47ce61: net/tstun: implement env var for disabling UDP GRO on Linux (tailscale#11924) (Jordan Whited) #11924
1fe0730: Reset dial plan when switching profile (tailscale#11933) (Shaw Drastin) #11933
44aa809: cmd/{k8s-nameserver,k8s-operator},k8s-operator: add a kube nameserver, make operator deploy it (tailscale#11919) (Irbe Krumina) #11919
fix AtomicValue for interface kinds (tailscale#11943) #11943 (Joe Tsai)
c47f930: types/views: use slices.Contains{,Func} (Brad Fitzpatrick) #11944
fe009c1: ipn/ipnlocal: reset the dialPlan only when the URL is unchanged (Andrew Dunham) #11942
7455e02: util/slicesx: add AppendMatching (Brad Fitzpatrick) #11946
don't allow DELETE on read-only shares #11949 (Percy Wegmann)
de85610: cmd/k8s-operator/deploy/chart: allow users to configure additional labels for the operator's Pod via Helm chart values. (Gabe Gorelick) #11948
fa1303d: net/netmon: swap to swift-derived defaultRoute on macos (tailscale#11936) (Jonathan Nobels) #11936
ba34943: cmd/tailscale/cli/ffcomplete: omit and clean completion results (Paul Scott) #11955
4c08410: cmd/tailscale/cli: set localClient.UseSocketOnly during flag parsing (Paul Scott) #11955
45b9aa0: net/netmon: remove spammy log statements (tailscale#11953) (Jonathan Nobels) #11953
843afe7: ssh/tailssh: add integration test (Percy Wegmann) #11906
13e1355: scripts/installer.sh: remove unnecessary escaping in grep (tailscale#11950) (Andrew Lytvynov) #11950
10497ac: net/tstun: refactor natConfig to not be per-family (Andrew Dunham) #11945
be663c8: net/tstun: rename natConfig to peerConfig (Andrew Dunham) #11958
96712e1: health, ipn/ipnlocal: move more health warning code into health.Tracker (Brad Fitzpatrick) #11964
a49ed2e: derp,ipn/ipnlocal: stop calling rand.Seed (Maisem Ali) #11965
19b31ac: cmd/{k8s-operator,k8s-nameserver},k8s-operator: update nameserver config with records for ingress/egress proxies (tailscale#11019) (Irbe Krumina) #11019
add exit destination logging enable for wgengine logger (tailscale#11952) #11952 (Claire Wang)
f97d0ac: net/dns/resolver: add better error wrapping (Andrew Dunham) #11969
cd633a7: cmd/k8s-operator/deploy,k8s-operator: document that metrics are unstable (tailscale#11979) (Irbe Krumina) #11979
use secret token to authenticate access to file server on localhost #11956 (Percy Wegmann)
use secret token to authenticate access to file server on localhost #11956 (Percy Wegmann)
use secret token to authenticate access to file server on localhost #11956 (Percy Wegmann)
use secret token to authenticate access to file server on localhost #11956 (Percy Wegmann)
use secret token to authenticate access to file server on localhost #11956 (Percy Wegmann)
use secret token to authenticate access to file server on localhost #11956 (Percy Wegmann)
ee3bd4d: derp/derphttp, net/netcheck: plumb netmon.Monitor to derp netcheck client (Brad Fitzpatrick) #11990
4fa6cbe: ssh/tailssh: use ptr.To in test (Brad Fitzpatrick) #11990
46f3fea: ssh/tailssh: plumb health.Tracker in test (Brad Fitzpatrick) #11990
1fe0983: cmd/derper,tstest/nettest: skip network-needing test in airplane mode (Brad Fitzpatrick) #11990
15fc6cd: derp/derphttp: fix netcheck HTTPS probes (Brad Fitzpatrick) #11990
e42c439: net/netcheck: don't spam on ICMP socket permission denied errors (Brad Fitzpatrick) #11990
e9505e5: ipn/ipnlocal: plumb health.Tracker into profileManager constructor (Andrew Dunham) #11987
b62cfc4: tstest/integration/testcontrol: fix data race (Brad Fitzpatrick) #11995
35872e8: ipnlocal, magicsock: store last suggested exit node id in local backend (tailscale#11959) (Claire Wang) #11959
4062936: cmd/k8s-operator: cleanup runReconciler signature (tailscale#11993) (Irbe Krumina) #11993
actually cache results on statcache #11978 (Percy Wegmann)
817badf: ipn/ipnlocal: reuse transport across Taildrive remotes (Percy Wegmann) #11978
ensure in-flight requests are always marked as finished #12001 (Will Norris)
fd6ba43: types/views: remove duplicate SliceContainsFunc (Maisem Ali) #12004
ed843e6: types/views: add AppendStrings util func (Maisem Ali) #12004
remove redundant bumpStartIfNeeded func #12002 (Will Norris)
1a96334: util/set: add Of variant of SetOf that takes variadic parameter (Brad Fitzpatrick) #12014
41f2195: util/syspolicy: add auto exit node related keys (tailscale#11996) (Claire Wang) #11996
make more tests pass/skip in airplane mode #12013 (Brad Fitzpatrick)
update license notices #11915 (License Updater)
7e0dd61: ipn/ipnlocal, tstest/integration: add panic to catch flaky test in the act (Brad Fitzpatrick) #12018
ce8969d: net/portmapper: add envknob to disable portmapper in localhost integration tests (Brad Fitzpatrick) #12018
caa3d75: ipn/ipnlocal, net/tsdial: plumb routes into tsdial and use them in UserDial (Nick Khyl) #11975
e26f76a: tstest/integration: add more debugging, logs to catch flaky test (Brad Fitzpatrick) #12026
aadb8d9: ipn/ipnlocal: don't send an empty BrowseToURL w/ WatchIPNBus NotifyInitialState (Brad Fitzpatrick) #12026
f3d2fd2: cmd/tailscale/cli: don't start WatchIPNBus until after up's initial Start (Brad Fitzpatrick) #12026
5ef178f: net/tstun: refactor peerConfig to allow storing more details (Maisem Ali) #12023
implement stateful firewalling on Linux (tailscale#12025) #12025 (Andrew Lytvynov)
f62e678: net/dns/resolver, control/controlknobs, tailcfg: use UserDial instead of SystemDial to dial DNS servers (Nick Khyl) #11977
e670695: ipn/ipnlocal,net/tstun,wgengine: create and plumb jailed packet filter (Maisem Ali) #12024
af97e7a: tailcfg,all: add/plumb Node.IsJailed (Maisem Ali) #12024
bump capver for using NodeAttrUserDialUseRoutes for DNS #12029 (Maisem Ali)
78fa698: cmd/tailscale/cli/ffcomplete: remove fullstop from ShortHelp (Paul Scott) #12034
4717317: ipn/ipnlocal: set default NoStatefulFiltering in ipn.NewPrefs (tailscale#12031) (Andrew Lytvynov) #12031
80df8ff: control/controlclient: early return and outdent some code (Brad Fitzpatrick) #12041
use EditPrefs instead of passing UpdatePrefs to starting (tailscale#12040) #12040 (kari-ts)
d7bdd8e: go.toolchain.rev: update to Go 1.22.3 (Brad Fitzpatrick) #12045
85b9a6c: net/netcheck: do not add derps if IPv4/IPv6 is set to "none" (Maisem Ali) #12047
e1011f1: ipn/ipnlocal: call SetNetInfoCallback from NewLocalBackend (Maisem Ali) #12050
9380e2d: ipn/ipnlocal: use lockAndGetUnlock in Start (Maisem Ali) #12049
32bc596: ipn/ipnlocal: acquire b.mu once in Start (Maisem Ali) #12052
727c0d6: ipn/ipnserver: close a small race in ipnserver, ~simplify code (Brad Fitzpatrick) #12053
21509db: ipn/ipnlocal, all: plumb health trackers in tests (Brad Fitzpatrick) #12055
e5ef358: ipn/ipnlocal: fix read of keyExpired outside mutex (Brad Fitzpatrick) #12056
e968b0e: cmd/tailscale,controlclient,ipnlocal: fix 'up', deflake tests more (Brad Fitzpatrick) #12033
6f4a1dc: ipn/ipnlocal: fix another read of keyExpired outside mutex (Anton Tolchanov) #12057
8130656: api.md: remove extraneous commas in json examples (Sonia Appasamy) #12062
e2a0fc0: VERSION.txt: this is v1.66.0 (Nick O'Neill)
60d8965: util/linuxfw: fix stateful packet filtering in nftables mode (Anton Tolchanov)
b10ee74: cmd/tailscale: add missing set flags for linux (Maisem Ali)
d904990: util/linuxfw: fix table name in DelStatefulRule (Andrew Dunham)
d77499e: wgengine/router: print Docker warning when stateful filtering is enabled (Andrew Dunham)
88e23b6: VERSION.txt: this is v1.66.1 (Nick O'Neill)
6531d20: illumos/solaris support rebased onto 1.66.1 (Nahum Shalman)
8f5513b: build tailscale client (Kevin Meziere)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

v1.66.1-sunos

Builds

Commits