Grant Limberg
c1ea1329c1
Merge branch 'dev' into libpq
2018-09-28 10:56:40 -07:00
Adam Ierymenko
7a42416a78
Merge pull request #822 from dschulz/controller-patch1-dschulz
...
Add functionality to erase members from networks using file backend i…
2018-09-25 11:38:25 -07:00
Grant Limberg
17af09a5cc
Postgres Integration has begun
2018-08-31 14:58:15 -07:00
Diego Schulz
fc6dba0797
Add functionality to erase members from networks using file backend in controller microservice
...
Signed-off-by: Diego Schulz <dschulz@gmail.com>
2018-08-02 17:13:55 -04:00
Adam Ierymenko
f94aea8119
Return error 503 if RethinkDB is down when built as RethinkDB-based controller.
2018-07-11 10:42:31 -07:00
Adam Ierymenko
37ae3b2b80
Remote debug printf.
2018-07-03 12:52:35 -07:00
Adam Ierymenko
73e4286fbf
Fix two controller bugs: filesystem bug and another possible infinite recursion bug.
2018-07-03 12:51:41 -07:00
Grant Limberg
9463d4abe4
Fix for issue #778
...
Double quote before member name in `/controller/network/network_id/member` API
2018-06-05 12:55:39 -07:00
Adam Ierymenko
574b24c082
docs
2018-03-08 22:41:42 -08:00
Adam Ierymenko
f7019d9e80
Tie up the rest of hub and spoke designated replicator multicast mode.
2018-01-26 22:14:10 -05:00
Adam Ierymenko
4e689998f9
Sanity checks on array sizes and fix a bug in IPv4 auto-assign.
2018-01-12 10:38:19 -08:00
Adam Ierymenko
a1992d76f2
Doc updates and other fixes.
2018-01-10 14:31:28 -08:00
Adam Ierymenko
9bab49d2f9
Move DB stuff into Db.
2018-01-09 12:39:25 -08:00
Adam Ierymenko
0608704626
Some micro-optimizations, including a memcpy that is faster than Linux for most distro/compiler versions.
2017-12-15 11:03:20 -08:00
Adam Ierymenko
4704d115c4
Some controller fixes.
2017-12-14 08:53:24 -08:00
Adam Ierymenko
8d9464c414
docs, and make RethinkDB controller DB driver upsert into the Controller DB and also update the hostname field.
2017-12-07 13:39:25 -08:00
Adam Ierymenko
520b0601db
Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev
2017-12-05 14:51:06 -08:00
Adam Ierymenko
926ecf9640
docs
2017-12-05 14:50:59 -08:00
Adam Ierymenko
c57198decd
Add remoteTraceLevel to controller.
2017-12-05 17:49:20 -05:00
Adam Ierymenko
0fb22df633
Get ephemeral status fields out of the configs. They do not belong there and it just complicates things.
2017-11-09 17:01:16 -05:00
Adam Ierymenko
f7f658605d
Move more ephemeral stuff to a tiny MemberLastRequest table instead of the main Member table.
2017-11-08 20:19:46 -05:00
Adam Ierymenko
c12b68a6b2
More Central work.
2017-11-08 11:32:01 -08:00
Adam Ierymenko
4166d8ca35
Fix a deadlock and some more work on RethinkDB (for central) integration.
2017-11-08 11:06:14 -08:00
Adam Ierymenko
7fc9094d8e
More fixes to RethinkDB.
2017-11-03 22:40:26 -04:00
Adam Ierymenko
92c7070aa8
RethinkDB fixes.
2017-11-03 20:55:16 -04:00
Adam Ierymenko
b68bca35db
Linux build fixes, linux build rule for RethinkDB mode controller, also force disable shitty allocators in libstdc++.
2017-11-03 16:59:36 -04:00
Adam Ierymenko
d97adc8789
Preparing for test.
2017-11-03 12:32:56 -07:00
Adam Ierymenko
f5014d7d71
RethinkDB direct connectivity integration.
2017-11-03 11:39:27 -07:00
Adam Ierymenko
395d8b3139
Full and clearer implementation of GitHub issue #588
2017-10-24 13:33:53 -07:00
Grant Limberg
b1d60df44c
timestamps changed from uint64_t to int64_t
...
There were cases in the code where time calculations and comparisons were overflowing and causing connection instability. This will keep time calculations within expected ranges.
2017-10-02 15:52:57 -07:00
Adam Ierymenko
283e8d5bc0
Start threads in Central harnessed mode.
2017-08-31 18:01:21 -04:00
Adam Ierymenko
5bf5d5e9cb
Minor controller stuff.
2017-08-30 17:22:25 -07:00
Adam Ierymenko
106dff0d53
Make remote trace target null by default, which is probably what we want.
2017-08-18 13:52:10 -07:00
Adam Ierymenko
174ba8884e
Delete support in harnessed mode.
2017-08-17 13:10:10 -07:00
Adam Ierymenko
1ce0dcf0ea
Another Central harnessed mode fix.
2017-08-16 14:41:42 -07:00
Adam Ierymenko
50e7ea088b
More work on controller for new Central harnessed mode, remove old http mode.
2017-08-16 14:14:49 -07:00
Adam Ierymenko
2c682b4d1c
Small controller revisions, first run of controller API model JavaScript.
2017-08-09 14:37:19 -07:00
Adam Ierymenko
e4823381c6
.
2017-07-19 15:16:15 -07:00
Adam Ierymenko
66feaeb519
.
2017-07-19 15:06:23 -07:00
Adam Ierymenko
b62296a40b
Bug fixes in new harness mode.
2017-07-19 14:13:17 -07:00
Adam Ierymenko
31785f7f6e
Automatic periodic status dump from controller.
2017-07-18 15:36:33 -07:00
Adam Ierymenko
ae65eb5105
Cleanup and replace trace field names with sane ones because usability > a few bytes.
2017-07-18 14:28:38 -07:00
Adam Ierymenko
1685659e37
Remote tracing works.
2017-07-17 17:02:50 -07:00
Adam Ierymenko
d9552fb120
Add remoteTraceTarget to network and member configs in controller.
2017-07-14 14:33:36 -07:00
Adam Ierymenko
4ecc0c59ca
Plumbing through of remote trace into controller code.
2017-07-14 13:03:16 -07:00
Adam Ierymenko
d2415dee00
Cleanup.
2017-07-06 16:11:11 -07:00
Adam Ierymenko
355cce3938
Rename Utils::snprintf due to it being a #define on one platform.
2017-06-27 11:31:29 -07:00
Adam Ierymenko
2ec88e8008
Remove old circuit test code. Rules engine will let us do this much better and more simply.
2017-05-30 10:19:45 -07:00
Adam Ierymenko
d905607353
Small optimizations.
2017-05-08 08:35:55 -07:00
Adam Ierymenko
909a14fb48
MTU support in controller.
2017-05-04 17:22:24 -07:00
Adam Ierymenko
39db45e144
Fix crash on exit (sometimes) in controller.
2017-05-03 09:48:08 -07:00
Adam Ierymenko
d7c99728bc
Echo back ping payload.
2017-05-02 17:28:18 -07:00
Adam Ierymenko
8e19188f49
Do the sometimes rather big "pong" in a background worker thread.
2017-05-02 16:58:51 -07:00
Adam Ierymenko
625e3e8e25
Tiny optimization to prealloc string space.
2017-05-02 13:53:47 -07:00
Adam Ierymenko
132643cd4a
Fix small issue preventing pongs if there are never seen members.
2017-05-02 10:34:33 -07:00
Adam Ierymenko
faf7b81c01
Send last requets time in status, and do not set physicalAddr unless we know one.
2017-05-01 15:48:52 -07:00
Adam Ierymenko
bcc6799902
Send member uptime in pong posts.
2017-05-01 15:23:21 -07:00
Adam Ierymenko
718e1d6c08
Finish removing constantly changing stuff from controller.
2017-05-01 13:21:26 -07:00
Adam Ierymenko
a9ce773584
Remove lastModified field in config which literally nothing uses anywhere, and prevent some unnecessary writes.
2017-04-28 19:58:21 -07:00
Adam Ierymenko
62578a2162
Reduce memory use and a bit of cleanup.
2017-04-27 19:36:03 -07:00
Adam Ierymenko
9e80db0fd1
Cleanup, fix a valgrind error, stack use reduction.
2017-04-27 00:59:36 -07:00
Adam Ierymenko
1205578935
Big cleanup of controller code, should help performance.
2017-04-26 06:48:08 -07:00
Adam Ierymenko
4f2a779769
JSONDB performance improvements, threading fix.
2017-04-24 20:51:02 -07:00
Adam Ierymenko
cafbe44dde
Controller optimizations -- make locking more fine-grained, use true hardware concurrency, etc.
2017-04-24 19:16:36 -07:00
Adam Ierymenko
bc61357a44
HTTP backend support for JSONDB
2017-04-18 17:37:44 -07:00
Adam Ierymenko
f6d92eb737
JSONDB fix.
2017-04-18 13:48:19 -07:00
Adam Ierymenko
b48a70db2e
Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev
2017-04-04 08:39:22 -07:00
Adam Ierymenko
cd050b3423
Performance improvement in controller.
2017-04-04 08:39:19 -07:00
Adam Ierymenko
eddbc7e757
Logic simplification, cleanup, and memory use improvements in Membership. Also fix an issue that may cause network instability in some cases.
2017-04-04 08:07:38 -07:00
Adam Ierymenko
e5284771e4
Add ping/pong to API so controller supervisor in Central can do a full-path check of controller uptime, etc.
2017-03-30 09:54:04 -07:00
Adam Ierymenko
57b5a33fbb
Fix bug preventing default from being set to null if already set to an integer.
2017-03-29 12:32:59 -07:00
Adam Ierymenko
e4896b257f
Add thread PTR that gets passed through the entire ZT core call stack and then passed to handler functions resulting from a call.
2017-03-27 17:03:17 -07:00
Adam Ierymenko
5268909075
Add a facility for full flow-through uptime test of controller by Central.
2017-03-21 06:31:15 -07:00
Adam Ierymenko
c62141fd98
Make controller do a simple write-through cache without revalidating. Means you must restart if files change on disk, but will decrease I/O considerably.
2017-03-21 06:15:49 -07:00
Adam Ierymenko
4f3f471b4c
GitHub issue #460
2017-03-17 18:19:51 -07:00
Adam Ierymenko
8f592ff6e8
Controller performance tweaks.
2017-03-13 13:58:29 -07:00
Adam Ierymenko
37629aaf87
Use cache on requests to decrease DB load.
2017-03-13 12:22:06 -07:00
Adam Ierymenko
7ea7e1898a
Fix a bug that could cause duplicate IP address assignment on networks if many new members join the controller at once.
2017-03-06 16:21:49 -08:00
Adam Ierymenko
5e6a4e5f5e
Send revocations automatically on deauth for instant kill, also fix some issues with the RP.
2017-03-06 15:12:28 -08:00
Adam Ierymenko
66dfc33de9
Fix circuit test post in controller.
2017-03-06 11:23:46 -08:00
Adam Ierymenko
a109d341ef
Send timestamp with new circuit test response.
2017-03-02 14:35:38 -08:00
Adam Ierymenko
a577b8d381
Update how controller handles circuit tests -- save results to filesystem.
2017-03-01 16:33:34 -08:00
Adam Ierymenko
2b10a982e9
Match on tag sender equals or tag recipient equals.
2017-02-28 09:22:10 -08:00
Adam Ierymenko
10185e92fa
Certificate of ownership -- used to secure against IP address spoofing, especially for IPv4 and regular IPv6.
2017-02-23 11:47:36 -08:00
Adam Ierymenko
54fa73844c
Fix crash.
2017-02-21 13:48:29 -08:00
Adam Ierymenko
32f5a0ab18
Add default tag values and default set capabilities for new members.
2017-02-21 13:27:20 -08:00
Adam Ierymenko
672f17c6e9
Add a mask and value range to the IP tos rule field. This allows TOS to be matched more usefully. This will break anyone using tos in the beta, but nobody seems to be and its pre-release so now is the time.
2017-02-07 09:33:39 -08:00
Adam Ierymenko
ac3e883c05
One more place to add "break".
2017-02-06 14:07:30 -08:00
Adam Ierymenko
31db768e4d
A bit of code cleanup.
2017-02-04 00:23:31 -08:00
Adam Ierymenko
a064e19b8a
Refactor some JSON stuff for performance, and fix a build error.
2017-01-10 13:51:10 -08:00
Adam Ierymenko
bf2b9e3692
Auto-authorize new members on public networks properly.
2016-12-22 18:52:34 -08:00
Adam Ierymenko
0d066e3b08
Fix JSON parse bug in REDIRECT target.
2016-12-22 18:26:43 -08:00
Adam Ierymenko
fe530548bb
Fix MATCH_RANDOM in controller.
2016-12-22 16:57:45 -08:00
Adam Ierymenko
a54c2b438c
Basic support for streaming of changes via stdout from controller.
2016-12-15 15:08:47 -08:00
Adam Ierymenko
ccdd4ffda7
Move split() to OSUtils since it is not used in core.
2016-11-18 15:49:28 -08:00
Adam Ierymenko
25f9c294dc
Small bug fix and warning removal.
2016-11-18 13:01:45 -08:00
Adam Ierymenko
07b2a3818c
Fix TTL scaling in cert.
2016-11-15 14:26:05 -08:00
Adam Ierymenko
15c6e2ec70
Fix member deauthorization time threshold bug.
2016-11-15 14:06:25 -08:00
Adam Ierymenko
e26bee45fb
Multithreading in network controller. Threads are only started if controller is used.
2016-11-10 13:57:01 -08:00
Adam Ierymenko
1b10d3413a
Use circuit breaker only for requests.
2016-11-10 13:08:43 -08:00
Adam Ierymenko
f0fcd222a1
Actually push updates when things change.
2016-11-10 12:54:43 -08:00
Adam Ierymenko
298e4a9f14
Also avoid sending tags and caps to old members since there is no point.
2016-11-10 12:33:09 -08:00
Adam Ierymenko
226123ca08
Refactor controller to permit sending of pushes as well as just replies to config requests.
2016-11-10 11:54:47 -08:00
Adam Ierymenko
5ebf5077f5
Log last meta-data in controller, and ease up just a bit on keepalives.
2016-11-09 17:11:10 -08:00
Adam Ierymenko
1ebfca666d
Memo-ize some computed stuff to control CPU utilization.
2016-11-09 12:34:20 -08:00
Adam Ierymenko
3d948a930e
Send a blanket rule to old versions. New versions will still bidirecitonally enforce on the inbound side.
2016-11-08 14:24:30 -08:00
Adam Ierymenko
4524899e4d
Update LM time on members on request.
2016-11-08 12:41:27 -08:00
Adam Ierymenko
360c84e035
Minor fixes.
2016-11-08 00:05:18 +00:00
Adam Ierymenko
4868d21526
Bug fixes in controller refactor.
2016-11-07 23:49:03 +00:00
Adam Ierymenko
a78d7311a6
Fix network list API call.
2016-11-04 16:23:41 -07:00
Adam Ierymenko
08ff666e99
.
2016-11-04 16:14:58 -07:00
Adam Ierymenko
0d108d37f6
.
2016-11-04 16:12:44 -07:00
Adam Ierymenko
b03c7b2f30
Refactor controller to use split-out DB for better performance and less ugly.
2016-11-04 15:18:31 -07:00
Grant Limberg
8ffae313fd
add new files & remove old ones from VS project. Now builds & runs on Windows again
2016-11-03 12:10:50 -07:00
Adam Ierymenko
2cb760e0ac
Fix ICMP json.
2016-10-13 14:14:46 -07:00
Adam Ierymenko
2d6a4e5974
cleanup
2016-10-13 13:52:45 -07:00
Adam Ierymenko
e53f63ca87
Broke down and added an OR to the rules engine. It is now possible to have a series of MATCHes that are ORed.
2016-10-11 12:00:16 -07:00
Adam Ierymenko
45c4ccb153
Add a tags both equal match.
2016-10-05 16:38:42 -07:00
Adam Ierymenko
adeb7e7da0
Make capability flags match more user-friendly and appropriate since "match any flag" is generally what we want.
2016-10-05 12:54:46 -07:00
Adam Ierymenko
988049f39b
Add new rule to rules engine: random match.
2016-09-30 14:07:00 -07:00
Adam Ierymenko
f0794e09b7
Controller cleanup.
2016-09-30 13:04:26 -07:00
Adam Ierymenko
1eeebba2f7
Drop old /active path from network.
2016-09-29 17:59:27 -07:00
Adam Ierymenko
2fc3d12fb6
Minor tweaks to member code in controller, and fix Linux build.
2016-09-29 14:48:39 -07:00
Adam Ierymenko
7e4b6b594b
It now builds.
2016-09-26 17:05:39 -07:00
Adam Ierymenko
1f74dd4589
Revocation work in progress, add WATCH which is TEE with implicit rate sync (thanks JG@DCVC!), and clean up some cruft in Network.
2016-09-23 16:08:38 -07:00
Adam Ierymenko
68e549233d
Revise bearer token code in controller, and add relay policy as a meta-data item presented to controller by nodes (to facilitate future meshiness).
2016-09-15 13:17:37 -07:00
Adam Ierymenko
ab9afbc749
(1) Public networks now get COMs even though they do not gate with them since they will need them to push auth for multicast stuff, (2) added a bunch of rate limit circuit breakers for anti-DOS, (3) cleanup.
2016-09-09 11:36:10 -07:00
Adam Ierymenko
0d4109a9f1
More refactoring to clean up code, and add a gate function to make sure we do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions.
2016-09-09 08:43:58 -07:00
Adam Ierymenko
c9ee8612e4
Credential TTL (tags/capabilities) should be credential time max delta, since we could get pushed one that is newer.
2016-09-07 12:12:52 -07:00
Adam Ierymenko
74afef8eb1
Think through and refine a few things in rules, especially edge case TEE and REDIRECT behavior and semantics.
2016-08-31 16:50:22 -07:00
Adam Ierymenko
54489a7f61
rename SAMENESS to DIFFERENCE which is less confusing
2016-08-31 14:14:58 -07:00
Adam Ierymenko
8e3004591b
Add overlooked MATCH_ICMP to rule set.
2016-08-31 14:01:15 -07:00
Adam Ierymenko
7a00036954
Tweak log length to fit JSON for members within two 4096-kb blocks.
2016-08-29 18:10:02 -07:00
Adam Ierymenko
914c42537c
Type fixes.
2016-08-29 17:48:36 -07:00
Adam Ierymenko
297b1b4258
Another tiny API bug fix.
2016-08-26 14:16:55 -07:00
Adam Ierymenko
35ac995d05
Fix setting of v6AssignMode in controller.
2016-08-26 14:04:27 -07:00
Adam Ierymenko
d637988ccf
Fix chicken or egg problem in tags, and better filter debug instrumentation.
2016-08-25 18:21:20 -07:00
Adam Ierymenko
858e8c5217
one more...
2016-08-25 16:28:54 -07:00
Adam Ierymenko
df1ce856c9
A little bit more controller code cleanup.
2016-08-25 16:25:28 -07:00
Adam Ierymenko
b5e0d014ab
Controller bug fixes
2016-08-25 16:08:40 -07:00
Adam Ierymenko
5eaf397a94
Add a debug log feature in the filter, which only works if enabled in Network.cpp.
2016-08-25 13:31:23 -07:00
Adam Ierymenko
1814016eb7
Add daemon thread to controller and move network member cache refreshes there.
2016-08-25 11:26:45 -07:00
Adam Ierymenko
6ecb42b031
docs and null check in controller code
2016-08-25 10:46:03 -07:00
Adam Ierymenko
60bc291414
Add noAutoAssignIps for member of networks.
2016-08-24 17:05:43 -07:00
Adam Ierymenko
ccea3d04d6
Push NETWORK_CONFIG_REFRESH on POSTs to /member/... in controller.
2016-08-24 14:28:16 -07:00
Adam Ierymenko
8e3463d47a
Add length limit to TEE and REDIRECT, and completely factor out old C json-parser to eliminate a dependency.
2016-08-24 13:37:57 -07:00
Adam Ierymenko
8d594f8b53
cleanup
2016-08-23 16:05:10 -07:00
Adam Ierymenko
5f4df0c6a9
Controller cleanup and perf improvements.
2016-08-23 15:30:36 -07:00
Adam Ierymenko
32fa061700
Compute credential TTL et al.
2016-08-23 13:02:59 -07:00
Adam Ierymenko
9a3c652a51
Get rid of expiration in Capability and Tag and move this to NetworkConfig so it can be set network-wide and reset if needed. Also add NetworkConfig field for this and centralize checking of credential time validity.
2016-08-22 18:06:46 -07:00