top | item 46535527

(no title)

cronos | 1 month ago

On macOS we have 3 ways to run Tailscale: https://tailscale.com/kb/1065/macos-variants Two of them have a GUI component and use the Keychain to store their state.

The third one is just the open-source tailscaled binary that you have to compile yourself, and it doesn't talk to the Keychain. It stores a plaintext file on disk like the Linux variant without state encryption. Unlike the GUI variants, this one is not a Swift program that can easily talk to the Keychain API.

discuss

cyberax|1 month ago

You don't need Swift to use the Keychain API. It's doable from pure C.

johncolanduoni|1 month ago

In fact, SecurityFramework doesn’t have a real Swift/Obj-C API. The relevant functions are all direct bindings to C ABIs (just with wrappers around the CoreFoundation types).

cronos|1 month ago

Good to know, my understanding of the macOS system APIs is fairly limited. I'm sure it's doable, with some elbow grease and CGO. We just haven't prioritized that variant of the client due to relatively low usage.

reader9274|1 month ago

Only one of the ways uses Keychain per that page.

cronos|1 month ago

Ah, looks like another KB update is needed, thanks for calling it out!