starred/headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2026-04-11 03:27:20 +02:00
Code Issues 98 Packages Projects Releases 10 Wiki Activity
Files
3529fe0da16e9f79b34ce9d13cfcaf4035b9c751
headscale/hscontrol
History
Kristoffer Dalby 3529fe0da1 types: fix OIDC identifier path traversal dropping subject 
url.JoinPath resolves path-traversal segments like '..' and '.',
which silently drops the OIDC subject from the identifier. For
example, Iss='https://example.com' with Sub='..' produces
'https://example.com' — the subject is lost entirely. This causes
distinct OIDC users to receive colliding identifiers.

Replace url.JoinPath with simple string concatenation using a slash
separator. This preserves the subject literally regardless of its
content. url.PathEscape does not help because dots are valid URL
path characters and are not escaped.
2026-04-10 13:18:56 +01:00
..
assets
Swap favicon for updated version
2026-03-03 05:59:40 +01:00
capver
capver: regenerate for tailscale v1.96
2026-04-08 13:00:22 +01:00
db
db: fix slice aliasing in migration tag merge
2026-04-10 13:18:56 +01:00
derp
all: fix golangci-lint issues (#3064)
2026-02-06 21:45:32 +01:00
dns
Fix typo in comment about fsnotify behavior
2026-02-27 15:23:06 +01:00
mapper
types,mapper,integration: enable Taildrive and add cap/drive grant lifecycle test
2026-04-01 14:10:42 +01:00
policy
testdata: strip unused fields from all test data files (23MB -> 4MB)
2026-04-01 14:10:42 +01:00
routes
all: upgrade to Go 1.26rc2 and modernize codebase
2026-02-08 12:35:23 +01:00
servertest
servertest: use memnet networking and add WithNodeExpiry option
2026-04-08 13:00:22 +01:00
state
state: fix routesChanged mutating input Hostinfo
2026-04-10 13:18:56 +01:00
templates
templates: generalise auth templates for web and OIDC
2026-02-25 21:28:05 +01:00
types
types: fix OIDC identifier path traversal dropping subject
2026-04-10 13:18:56 +01:00
util
mapper/batcher: restructure internals for correctness
2026-03-14 02:52:28 -07:00
app.go
types: add node.expiry config, deprecate oidc.expiry
2026-04-08 13:00:22 +01:00
auth_tags_test.go
hscontrol: add tests for default node key expiry
2026-04-08 13:00:22 +01:00
auth_test.go
all: fix test flakiness and improve test infrastructure
2026-03-14 02:52:28 -07:00
auth.go
Update docs for auth-id changes
2026-03-01 13:38:22 +01:00
debug.go
mapper: remove Batcher interface, rename to Batcher struct
2026-03-14 02:52:28 -07:00
grpcv1_test.go
hscontrol: add tests for SetTags user_id database persistence
2026-04-08 14:32:08 +01:00
grpcv1.go
hscontrol, cli: add auth register and approve commands
2026-02-25 21:28:05 +01:00
handlers.go
Update docs for auth-id changes
2026-03-01 13:38:22 +01:00
metrics.go
all: fix golangci-lint issues (#3064)
2026-02-06 21:45:32 +01:00
noise_test.go
noise: limit request body size to prevent unauthenticated OOM
2026-03-16 09:28:31 +01:00
noise.go
noise: limit request body size to prevent unauthenticated OOM
2026-03-16 09:28:31 +01:00
oidc_template_test.go
templates: generalise auth templates for web and OIDC
2026-02-25 21:28:05 +01:00
oidc_test.go
oidc: make email verification configurable
2025-12-18 11:42:32 +00:00
oidc.go
types: add node.expiry config, deprecate oidc.expiry
2026-04-08 13:00:22 +01:00
platform_config.go
all: fix golangci-lint issues (#3064)
2026-02-06 21:45:32 +01:00
poll_test.go
poll: fix poll test linter violations
2026-03-12 01:27:34 -07:00
poll.go
types: add node.expiry config, deprecate oidc.expiry
2026-04-08 13:00:22 +01:00
tailsql.go
all: fix golangci-lint issues (#3064)
2026-02-06 21:45:32 +01:00
templates_consistency_test.go
templates: generalise auth templates for web and OIDC
2026-02-25 21:28:05 +01:00