Trim mount point prefix from serve HTTP proxy paths.
Fix X-Forwarded-For IP address for Funnel.
Linux
Fix cert storage to actually use Kubernetes secrets.
Windows
We upgraded the Walk framework for the GUI client to improve menu responsiveness.
1.38.2
All Platforms
rename tailnet lock tskey-wrap to tailnet lock sign
FreeBSD
fixes a bug setting the effective group ID on some non-interactive Tailscale SSH sessions. This issue is specific to FreeBSD's implementation of setgroups and does not impact other platforms.
Early warning: as early as August 2023, Windows 7, 8, Server 2008 and Server 2012 will no longer be supported. Similarly, for macOS, macOS 10.13 High Sierra or 10.14 Mojave will no longer be supported and macOS 10.15 Catalina or later will be required.
All platforms
The tailscale debug portmap command replaces tailscaled debug -portmap; this is now available on platforms without a tailscaled binary (like the macOS App Store).
Several improvements to UPnP portmapping have been made that should allow it to work with a broader set of home routers (#7377).
Add tailscale configure to help configure third party applications to use Tailscale features.
Add tailscale debug derp to help diagnose DERP-related difficulty.
Allow tailnet-lock to be used with preauth keys.
The tailscale serve command has been overhauled, and we've moved Funnel to its own command, tailscale funnel (docs).
Added tailscale debug capture to write pcaps for debugging.
Linux
Allow certificates to be stored in Kubernetes secret storage.
Windows
MSI installers start the GUI without user interaction, to allow remote upgrade.
macOS
Add a notification upon node key expiration (only on macOS 10.14 and later).
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps tailscale.com from 1.36.2 to 1.38.3.
Release notes
Sourced from tailscale.com's releases.
... (truncated)
Commits
47ebe6f
VERSION.txt: this is v1.38.3c750186
ipn/ipnlocal: [serve] Trim mountPoint prefix from proxy path (#7334)d7bbd4f
ipn/ipnlocal: [serve/funnel] use actual SrcAddr as X-Forwarded-For (#7600)ac0c0b0
funnel: change references from alpha to beta (#7613)068ed7d
ipn/ipnlocal: use atomicfile.WriteFile in certFileStore26bf7c4
ipn/ipnlocal: fix cert storage in Kubernetesd47b74e
ipn/ipnlocal: also store ACME keys in the certStore3db61d0
VERSION.txt: this is v1.38.2817aa28
net/sockstats: export cellular-only clientmetricsd00c046
ssh/tailssh: fix privilege dropping on FreeBSD; add testsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)