Affected by GO-2022-1119 and 1 other vulnerabilities

GO-2022-1119: Tailscale daemon is vulnerable to information disclosure via CSRF in tailscale.com

GO-2022-1120: Tailscale Windows daemon is vulnerable to RCE via CSRF in tailscale.com

tsdial

package

v1.20.0 Latest Latest Go to latest Published: Jan 13, 2022 License: BSD-3-Clause Imports: 20 Imported by: 46

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/tailscale/tailscale

Links

Open Source Insights

Documentation ¶

Overview ¶

Package tsdial provides a Dialer type that can dial out of tailscaled.

Index ¶

type Dialer

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Dialer ¶

type Dialer struct {
	// UseNetstackForIP if non-nil is whether NetstackDialTCP (if
	// it's non-nil) should be used to dial the provided IP.
	UseNetstackForIP func(netaddr.IP) bool

	// NetstackDialTCP dials the provided IPPort using netstack.
	// If nil, it's not used.
	NetstackDialTCP func(context.Context, netaddr.IPPort) (net.Conn, error)
	// contains filtered or unexported fields
}

Dialer dials out of tailscaled, while taking care of details while handling the dozens of edge cases depending on the server mode (TUN, netstack), the OS network sandboxing style (macOS/iOS Extension, none), user-selected route acceptance prefs, etc.

func (*Dialer) PeerAPIHTTPClient ¶

func (d *Dialer) PeerAPIHTTPClient() *http.Client

PeerAPIHTTPClient returns an HTTP Client to call peers' peerapi endpoints. // The returned Client must not be mutated; it's owned by the Dialer and shared by callers.

func (*Dialer) PeerAPITransport ¶

func (d *Dialer) PeerAPITransport() *http.Transport

PeerAPITransport returns a Transport to call peers' peerapi endpoints.

The returned value must not be mutated; it's owned by the Dialer and shared by callers.

func (*Dialer) PeerDialControlFunc ¶

func (d *Dialer) PeerDialControlFunc() func(network, address string, c syscall.RawConn) error

PeerDialControlFunc returns a function that can assigned to net.Dialer.Control to set sockopts or whatnot to make a dial escape the current platform's network sandbox.

On many platforms the returned func will be nil.

Notably, this is non-nil on iOS and macOS when run as a Network or System Extension (the GUI variants).

func (*Dialer) SetExitDNSDoH ¶

func (d *Dialer) SetExitDNSDoH(doh string)

SetExitDNSDoH sets (or clears) the exit node DNS DoH server base URL to use. The doh URL should contain the scheme, authority, and path, but without a '?' and/or query parameters.

For example, "http://100.68.82.120:47830/dns-query".

func (*Dialer) SetLinkMonitor ¶

func (d *Dialer) SetLinkMonitor(mon *monitor.Mon)

func (*Dialer) SetNetMap ¶

func (d *Dialer) SetNetMap(nm *netmap.NetworkMap)

SetNetMap sets the current network map and notably, the DNS names in its DNS configuration.

func (*Dialer) SetTUNName ¶

func (d *Dialer) SetTUNName(name string)

SetTUNName sets the name of the tun device in use ("tailscale0", "utun6", etc). This is needed on some platforms to set sockopts to bind to the same interface index.

func (*Dialer) TUNName ¶

func (d *Dialer) TUNName() string

TUNName returns the name of the tun device in use, if any. Example format ("tailscale0", "utun6").

func (*Dialer) UserDial ¶

func (d *Dialer) UserDial(ctx context.Context, network, addr string) (net.Conn, error)

UserDial connects to the provided network address as if a user were initiating the dial. (e.g. from a SOCKS or HTTP outbound proxy)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL