Nate Brown
c82db210ef
Change windows unsafe routes to link routes, fix sshd reload bug ( #1709 )
gofmt / Run gofmt (push) Failing after 3s
smoke-extra / freebsd-amd64 (push) Failing after 3s
smoke-extra / linux-amd64-ipv6disable (push) Failing after 2s
smoke-extra / netbsd-amd64 (push) Failing after 2s
smoke-extra / openbsd-amd64 (push) Failing after 3s
smoke-extra / linux-386 (push) Failing after 2s
smoke / Run multi node smoke test (push) Failing after 2s
Build and test / Build all and test on ubuntu-linux (push) Failing after 3s
Build and test / Build and test on linux with boringcrypto (push) Failing after 3s
Build and test / Build and test on linux with pkcs11 (push) Failing after 3s
Build and test / Build and test on macos-latest (push) Has been cancelled
Build and test / Build and test on windows-latest (push) Has been cancelled
2026-05-07 11:30:26 -05:00
Nate Brown
213dd46588
Stop leaking goroutines past Control.Stop, consolidate punching in Punchy ( #1708 )
2026-05-06 16:21:16 -05:00
Nate Brown
d0f02ba873
Switch to slog, remove logrus ( #1672 )
2026-04-27 09:41:47 -05:00
brad-defined
db85d61c23
SSH handshake in goroutine and defer close ( #1640 )
...
gofmt / Run gofmt (push) Failing after 2s
smoke-extra / Run extra smoke tests (push) Failing after 3s
smoke / Run multi node smoke test (push) Failing after 2s
Build and test / Build all and test on ubuntu-linux (push) Failing after 3s
Build and test / Build and test on linux with boringcrypto (push) Failing after 2s
Build and test / Build and test on linux with pkcs11 (push) Failing after 2s
Build and test / Build and test on macos-latest (push) Has been cancelled
Build and test / Build and test on windows-latest (push) Has been cancelled
* SSH handshake in goroutine and defer close
2026-04-23 14:53:52 -04:00
Wade Simmons
879852c32a
upgrade to yaml.v3 ( #1148 )
...
gofmt / Run gofmt (push) Successful in 37s
smoke-extra / Run extra smoke tests (push) Failing after 20s
smoke / Run multi node smoke test (push) Failing after 1m25s
Build and test / Build all and test on ubuntu-linux (push) Failing after 18m51s
Build and test / Build and test on linux with boringcrypto (push) Failing after 2m44s
Build and test / Build and test on linux with pkcs11 (push) Failing after 2m27s
Build and test / Build and test on macos-latest (push) Has been cancelled
Build and test / Build and test on windows-latest (push) Has been cancelled
* upgrade to yaml.v3
The main nice fix here is that maps unmarshal into `map[string]any`
instead of `map[any]any`, so it cleans things up a bit.
* add config.AsBool
Since yaml.v3 doesn't automatically convert yes to bool now, for
backwards compat
* use type aliases for m
* more cleanup
* more cleanup
* more cleanup
* go mod cleanup
2025-03-31 16:08:34 -04:00
Nate Brown
d97ed57a19
V2 certificate format ( #1216 )
...
Co-authored-by: Nate Brown <nbrown.us@gmail.com >
Co-authored-by: Jack Doan <jackdoan@rivian.com >
Co-authored-by: brad-defined <77982333+brad-defined@users.noreply.github.com >
Co-authored-by: Jack Doan <me@jackdoan.com >
2025-03-06 11:28:26 -06:00
John Maguire
f31bab5f1a
Add support for SSH CAs ( #1098 )
...
- Accept certs signed by trusted CAs
- Username must match the cert principal if set
- Any username can be used if cert principal is empty
- Don't allow removed pubkeys/CAs to be used after reload
2024-04-30 10:50:17 -04:00
Nathan Brown
a0735dd7d5
Add locking around ssh conns to avoid concurrent map access on reload ( #447 )
2021-04-23 14:43:16 -05:00
brad-defined
17106f83a0
Ensure the Nebula device exists before attempting to bind to the Nebula IP ( #375 )
2021-04-16 10:34:28 -05:00
Wade Simmons
aba42f9fa6
enforce the use of goimports ( #248 )
...
* enforce the use of goimports
Instead of enforcing `gofmt`, enforce `goimports`, which also asserts
a separate section for non-builtin packages.
* run `goimports` everywhere
* exclude generated .pb.go files
2020-06-30 18:53:30 -04:00
Slack Security Team
f22b4b584d
Public Release
2019-11-19 17:00:20 +00:00
