Kristoffer Dalby e4e742c776 noise: pin outer RemoteAddr onto tunnel requests ...

The HTTP/2 server inside the Noise tunnel fills r.RemoteAddr from the
hijacked TCP socket, so /machine/register and /machine/map logged the
reverse proxy's loopback peer (e.g. 127.0.0.1:44388) even with
trusted_proxies set. The outer router's realIPMiddleware had already
resolved the client IP onto req.RemoteAddr; that value never crossed
the hijack.

Replace the inner realIPMiddleware mount — dead inside the encrypted
tunnel — with overrideRemoteAddr(req.RemoteAddr) so requests served
over the tunnel report the outer-resolved client IP.

2026-05-20 11:30:41 +02:00

..

assets

assets: fix logo alignment and error icon centering

2026-04-13 17:23:47 +01:00

capver

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

db

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

derp

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

dns

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

mapper

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

policy

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

servertest

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

state

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

templates

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

types

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

util

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

app_test.go

app: add security headers middleware

2026-04-17 16:31:49 +01:00

app.go

all: annotate gosec false positives with rationale

2026-05-19 09:55:22 +02:00

auth_tags_test.go

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

auth_test.go

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

auth.go

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

debug.go

all: mechanical lint fixes

2026-05-19 09:55:22 +02:00

grpcv1_test.go

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

grpcv1.go

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

handlers_test.go

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

handlers.go

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

metrics.go

metrics, policy/v2: drop unused scaffolding + nil-error returns

2026-05-19 09:55:22 +02:00

noise_test.go

noise: pin outer RemoteAddr onto tunnel requests

2026-05-20 11:30:41 +02:00

noise.go

noise: pin outer RemoteAddr onto tunnel requests

2026-05-20 11:30:41 +02:00

oidc_confirm_test.go

all: annotate gosec false positives with rationale

2026-05-19 09:55:22 +02:00

oidc_template_test.go

oidc: render HTML error pages for browser-facing failures

2026-04-13 17:23:47 +01:00

oidc_test.go

oidc: make email verification configurable

2025-12-18 11:42:32 +00:00

oidc.go

all: annotate gosec false positives with rationale

2026-05-19 09:55:22 +02:00

platform_config.go

all: fix golangci-lint issues (#3064)

2026-02-06 21:45:32 +01:00

poll_test.go

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

poll.go

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

realip_test.go

hscontrol: gate proxy header trust on trusted_proxies

2026-05-18 17:17:55 +02:00

realip.go

all: apply godoc [Name] link conventions across comments

2026-05-19 09:55:22 +02:00

tailsql.go

all: annotate gosec false positives with rationale

2026-05-19 09:55:22 +02:00

templates_consistency_test.go

Update links to Tailscale documentation

2026-04-18 09:33:41 +02:00