github/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/ZeroTier/ZeroTierOne synced 2025-08-24 07:05:50 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Commit graph

  • debc4c45ee Set trust established flag in MULTICAST_GATHER. Adam Ierymenko 2016-09-09 11:45:34 -07:00
  • ab9afbc749 (1) Public networks now get COMs even though they do not gate with them since they will need them to push auth for multicast stuff, (2) added a bunch of rate limit circuit breakers for anti-DOS, (3) cleanup. Adam Ierymenko 2016-09-09 11:36:10 -07:00
  • ef87069957 Fix gating of multicast GATHER replies since these can come from upstream, etc., and fix an issue with sending ECHO to recheck marginal paths. Adam Ierymenko 2016-09-09 09:32:00 -07:00
  • 0d4109a9f1 More refactoring to clean up code, and add a gate function to make sure we do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions. Adam Ierymenko 2016-09-09 08:43:58 -07:00
  • 16df2c3363 Clean up handling of COMs, network access control, and fix a backward compatiblity issue. Adam Ierymenko 2016-09-08 19:48:05 -07:00
  • 5ed5b22525 Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev Grant Limberg 2016-09-08 17:45:46 -07:00
  • dccca7df1a another couple of missing semicolons Grant Limberg 2016-09-08 17:45:40 -07:00
  • 1f6b13b7fd Fix bug causing null addresses to get in memberships[] hash. Adam Ierymenko 2016-09-08 16:09:56 -07:00
  • d23ade879b Do not bifurcate if not replacing an existing route. (Still need to tie up Linux and Windows.) Adam Ierymenko 2016-09-08 15:42:46 -07:00
  • 8afdb0aa65 GitHub issue #346 Adam Ierymenko 2016-09-07 17:07:06 -07:00
  • daf8a66ced More correct and efficient to initialize member relationship push stuff lazily when member is learned. Adam Ierymenko 2016-09-07 15:47:20 -07:00
  • 20278bb9e4 Also send MULTICAST_LIKEs to controllers. Adam Ierymenko 2016-09-07 15:34:34 -07:00
  • c7a4da3dd3 Turns out we do not need to pass network to receive(). Adam Ierymenko 2016-09-07 15:24:53 -07:00
  • 1908aa55f5 Refactor MULTICAST_LIKE pushing to eliminate redundant and unnecessary pushes and simplify code. Adam Ierymenko 2016-09-07 15:15:52 -07:00
  • 1c08f5e857 Tweak some expire times. Adam Ierymenko 2016-09-07 12:25:19 -07:00
  • c9ee8612e4 Credential TTL (tags/capabilities) should be credential time max delta, since we could get pushed one that is newer. Adam Ierymenko 2016-09-07 12:12:52 -07:00
  • a7d988745b Use ECHO instead of HELLO where possible. Adam Ierymenko 2016-09-07 12:01:03 -07:00
  • a9f404aac3 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev Adam Ierymenko 2016-09-07 11:20:47 -07:00
  • ff9f8b1c2b Typo fix. Adam Ierymenko 2016-09-07 11:15:36 -07:00
  • b5c86b6ba4 Bunch more path refactoring. Peers no longer forget paths, but do not normally use expired paths. Expired paths might still be tried if nothing else is reachable. Adam Ierymenko 2016-09-07 11:13:17 -07:00
  • 407ad659ea Reflect changes to strut ZT_PeerPhysicalPath Grant Limberg 2016-09-06 17:59:01 -07:00
  • f2d2df2b11 Cluster build fix. Adam Ierymenko 2016-09-06 15:06:07 -07:00
  • 48a374c82c (1) fix crazy bug introduced in doRENDEZVOUS(), (2) reclaim Paths after paths[] condense, (3) fix an edge case around symmetric NAT and external IP change detection. Adam Ierymenko 2016-09-06 14:05:58 -07:00
  • deee39343e Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev Adam Ierymenko 2016-09-06 12:45:37 -07:00
  • 8a2e8bd585 Rework how paths are set as remote cluster preferred. The code is now clearer and cluster preference indications are now very sticky as they should be. Adam Ierymenko 2016-09-06 12:45:28 -07:00
  • 43780742b0 comments, docs Adam Ierymenko 2016-09-06 11:10:04 -07:00
  • 68a966fa55 Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev Grant Limberg 2016-09-05 16:19:10 -07:00
  • 43b3ec4b1a forgot a semicolon in a JNI java type specifier. Grant Limberg 2016-09-05 16:19:04 -07:00
  • dcf1f70868 re-adding file Grant Limberg 2016-09-05 16:12:29 -07:00
  • 598ca48ed6 Attempting to fix VirtualNetworkRoute having 2 entries in git. Yay non case sensitive filesystems Grant Limberg 2016-09-05 16:12:06 -07:00
  • 3790ebe77a Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev Adam Ierymenko 2016-09-05 15:49:07 -07:00
  • d7f2287ce9 More tweaks to path behavior. Adam Ierymenko 2016-09-05 15:47:22 -07:00
  • 9f717e79ea Fixing filename again.... Grant Limberg 2016-09-05 14:42:36 -07:00
  • 26d43c9b06 fix capitalization on file Grant Limberg 2016-09-05 14:27:44 -07:00
  • 8682c90c7d ensure routes are also equal when checking for equality on VirtualNetworkConfig objects Grant Limberg 2016-09-05 14:10:07 -07:00
  • d063f583ee Added VirtualNetworkRoute class and added it to VirtualNetworkConfig Grant Limberg 2016-09-05 13:52:29 -07:00
  • eebcf08084 Tweaks to new Path code for dual-stack operation, and other fixes. Adam Ierymenko 2016-09-03 15:39:05 -07:00
  • 01aa469591 Remove debug line. Adam Ierymenko 2016-09-02 14:26:04 -07:00
  • 4992ac2d9f Cluster sub-optimal is in fact necessary... Adam Ierymenko 2016-09-02 14:20:55 -07:00
  • 412979ba8f Attempt to reactivate dead paths. Adam Ierymenko 2016-09-02 13:55:33 -07:00
  • 4f8253dcdb Tweaks to path handling... Adam Ierymenko 2016-09-02 13:33:56 -07:00
  • 4931e44998 Implement "weak pointer" behavior on Topology Path canonicalization hash table. Adam Ierymenko 2016-09-02 12:34:02 -07:00
  • d1101441b3 Tweak some timings. Adam Ierymenko 2016-09-02 11:54:59 -07:00
  • e8f6b4b5d3 Rest of big Path canonicalization refactor. Adam Ierymenko 2016-09-02 11:51:33 -07:00
  • 94263ffcc1 Added error handling messages Grant Limberg 2016-09-01 19:02:27 -07:00
  • a3bdae9735 Work in progress: Path canonicalization refactor. Adam Ierymenko 2016-09-01 15:43:07 -07:00
  • d5e6f59004 . Adam Ierymenko 2016-09-01 13:45:32 -07:00
  • 22271f2a49 Cleanup. Adam Ierymenko 2016-09-01 13:36:41 -07:00
  • 8b6d23b9f6 Optimize filter code a bit, and add a network-level setting for what should happen if an unsupported or unknown MATCH is encountered in a rules table. Adam Ierymenko 2016-09-01 12:07:17 -07:00
  • 25056de5d3 Also need to send credentials when TEEing and REDIRECTing. Adam Ierymenko 2016-08-31 17:56:59 -07:00
  • 994b25af4e Simplify some logic. Adam Ierymenko 2016-08-31 17:45:55 -07:00
  • 74afef8eb1 Think through and refine a few things in rules, especially edge case TEE and REDIRECT behavior and semantics. Adam Ierymenko 2016-08-31 16:50:22 -07:00
  • 54489a7f61 rename SAMENESS to DIFFERENCE which is less confusing Adam Ierymenko 2016-08-31 14:14:58 -07:00
  • 8e3004591b Add overlooked MATCH_ICMP to rule set. Adam Ierymenko 2016-08-31 14:01:15 -07:00
  • 2ff2a8fd9a Cluster build fixes and warning elimination. Adam Ierymenko 2016-08-31 09:38:21 -07:00
  • c2a01f6db4 Added a path for error handling when fetching data from the ZeroTier daemon Grant Limberg 2016-08-30 20:28:52 -07:00
  • 7a00036954 Tweak log length to fit JSON for members within two 4096-kb blocks. Adam Ierymenko 2016-08-29 18:10:02 -07:00
  • 914c42537c Type fixes. Adam Ierymenko 2016-08-29 17:48:36 -07:00
  • cb63babac4 Debug output fixes. Adam Ierymenko 2016-08-29 16:38:10 -07:00
  • ac1c127b68 Debug output fixes. Adam Ierymenko 2016-08-29 16:24:08 -07:00
  • cb82193333 Debug output fixes. Adam Ierymenko 2016-08-29 16:19:26 -07:00
  • f0636ffd4a EXT_FRAME messages should always be accepted if we are the destination for a matching TEE or REDIRECT rule. Adam Ierymenko 2016-08-29 15:54:06 -07:00
  • 51a420671f Make rules engine debug a bit more verbose. Adam Ierymenko 2016-08-29 15:17:34 -07:00
  • 77c2bf3ad9 Kill dead field from network JSON. Adam Ierymenko 2016-08-29 14:47:19 -07:00
  • 7223685b96 . Adam Ierymenko 2016-08-26 15:30:20 -07:00
  • e7dff1c785 Change logic a little for self-as-destination in TEE and REDIRECT. Adam Ierymenko 2016-08-26 15:28:31 -07:00
  • a5383d83d8 Do not TEE or REDIRECT to self. Adam Ierymenko 2016-08-26 15:25:00 -07:00
  • a3c7627acf Push more than one packet for credentials if we happen to have a whole lot. Should not happen often but might if a member has tons of tags. Adam Ierymenko 2016-08-26 14:43:16 -07:00
  • 297b1b4258 Another tiny API bug fix. Adam Ierymenko 2016-08-26 14:16:55 -07:00
  • 35ac995d05 Fix setting of v6AssignMode in controller. Adam Ierymenko 2016-08-26 14:04:27 -07:00
  • 6bd5aba4fa fix frame size range bug Adam Ierymenko 2016-08-26 13:26:26 -07:00
  • fb5217761b Add missing names in filter debug code. Adam Ierymenko 2016-08-26 13:20:55 -07:00
  • 90f3e94565 Always output trace info when debugging rules. Adam Ierymenko 2016-08-26 12:21:44 -07:00
  • ded5a53a6c Documentation updates, add rules engine revision to network config request meta-data. Adam Ierymenko 2016-08-26 10:38:43 -07:00
  • d637988ccf Fix chicken or egg problem in tags, and better filter debug instrumentation. Adam Ierymenko 2016-08-25 18:21:20 -07:00
  • 858e8c5217 one more... Adam Ierymenko 2016-08-25 16:28:54 -07:00
  • df1ce856c9 A little bit more controller code cleanup. Adam Ierymenko 2016-08-25 16:25:28 -07:00
  • b5e0d014ab Controller bug fixes Adam Ierymenko 2016-08-25 16:08:40 -07:00
  • 5eaf397a94 Add a debug log feature in the filter, which only works if enabled in Network.cpp. Adam Ierymenko 2016-08-25 13:31:23 -07:00
  • 1814016eb7 Add daemon thread to controller and move network member cache refreshes there. Adam Ierymenko 2016-08-25 11:26:45 -07:00
  • 6ecb42b031 docs and null check in controller code Adam Ierymenko 2016-08-25 10:46:03 -07:00
  • 584228b2b5 Dead code removal, and get rid of reliable() because we will no longer make that distinction. Adam Ierymenko 2016-08-24 17:56:35 -07:00
  • cd3683f2ba Fix a missing receive(). Adam Ierymenko 2016-08-24 17:50:51 -07:00
  • 347ebcd899 Set trust flag in network controllers if remote query is accepted to allow NATed network controllers to better traverse. Adam Ierymenko 2016-08-24 17:48:13 -07:00
  • e52c2c41ec Add a circuit breaker to prevent too many credentials from being stored per member. Adam Ierymenko 2016-08-24 17:24:35 -07:00
  • 95ff057e04 Increase rule limits a little since chunking in netconf can accomodate this. Adam Ierymenko 2016-08-24 17:16:26 -07:00
  • 60bc291414 Add noAutoAssignIps for member of networks. Adam Ierymenko 2016-08-24 17:05:43 -07:00
  • c476285bd6 Harden PUSH_DIRECT_PATHS and simplify things by only doing it on receive when hops>0 and trust has been established. Adam Ierymenko 2016-08-24 16:16:39 -07:00
  • 63e8ad4cc3 TRACE stuff. Adam Ierymenko 2016-08-24 15:45:37 -07:00
  • 2cdda38dc4 It basically works... at least on current controllers. Adam Ierymenko 2016-08-24 15:26:18 -07:00
  • ccea3d04d6 Push NETWORK_CONFIG_REFRESH on POSTs to /member/... in controller. Adam Ierymenko 2016-08-24 14:28:16 -07:00
  • 90bd3e07a0 Remove http-parser from RPM spec. Adam Ierymenko 2016-08-24 13:53:24 -07:00
  • 8e3463d47a Add length limit to TEE and REDIRECT, and completely factor out old C json-parser to eliminate a dependency. Adam Ierymenko 2016-08-24 13:37:57 -07:00
  • 8d594f8b53 cleanup Adam Ierymenko 2016-08-23 16:05:10 -07:00
  • 5f4df0c6a9 Controller cleanup and perf improvements. Adam Ierymenko 2016-08-23 15:30:36 -07:00
  • 0ee4d3554a Stub out USER_MESSAGE. Adam Ierymenko 2016-08-23 14:38:20 -07:00
  • 0a7a33ef8f Instantaneous blacklisting and credential revocation. Adam Ierymenko 2016-08-23 13:46:36 -07:00
  • 32fa061700 Compute credential TTL et al. Adam Ierymenko 2016-08-23 13:02:59 -07:00
  • 7036831203 Sign Dictionary in doNETWORK_CONFIG_REQUEST. Adam Ierymenko 2016-08-23 11:57:56 -07:00
  • 68b4ca9b31 Cleanup. Adam Ierymenko 2016-08-23 11:52:10 -07:00