Commit Graph

260 Commits

Author SHA1 Message Date
Grant Limberg
c1ea1329c1 Merge branch 'dev' into libpq 2018-09-28 10:56:40 -07:00
Adam Ierymenko
7a42416a78
Merge pull request #822 from dschulz/controller-patch1-dschulz
Add functionality to erase members from networks using file backend i…
2018-09-25 11:38:25 -07:00
Grant Limberg
17af09a5cc Postgres Integration has begun 2018-08-31 14:58:15 -07:00
Diego Schulz
fc6dba0797
Add functionality to erase members from networks using file backend in controller microservice
Signed-off-by: Diego Schulz <dschulz@gmail.com>
2018-08-02 17:13:55 -04:00
Adam Ierymenko
f94aea8119 Return error 503 if RethinkDB is down when built as RethinkDB-based controller. 2018-07-11 10:42:31 -07:00
Adam Ierymenko
37ae3b2b80 Remote debug printf. 2018-07-03 12:52:35 -07:00
Adam Ierymenko
73e4286fbf Fix two controller bugs: filesystem bug and another possible infinite recursion bug. 2018-07-03 12:51:41 -07:00
Grant Limberg
9463d4abe4 Fix for issue #778
Double quote before member name in `/controller/network/network_id/member` API
2018-06-05 12:55:39 -07:00
Adam Ierymenko
574b24c082 docs 2018-03-08 22:41:42 -08:00
Adam Ierymenko
f7019d9e80 Tie up the rest of hub and spoke designated replicator multicast mode. 2018-01-26 22:14:10 -05:00
Adam Ierymenko
4e689998f9 Sanity checks on array sizes and fix a bug in IPv4 auto-assign. 2018-01-12 10:38:19 -08:00
Adam Ierymenko
a1992d76f2 Doc updates and other fixes. 2018-01-10 14:31:28 -08:00
Adam Ierymenko
9bab49d2f9 Move DB stuff into Db. 2018-01-09 12:39:25 -08:00
Adam Ierymenko
0608704626 Some micro-optimizations, including a memcpy that is faster than Linux for most distro/compiler versions. 2017-12-15 11:03:20 -08:00
Adam Ierymenko
4704d115c4 Some controller fixes. 2017-12-14 08:53:24 -08:00
Adam Ierymenko
8d9464c414 docs, and make RethinkDB controller DB driver upsert into the Controller DB and also update the hostname field. 2017-12-07 13:39:25 -08:00
Adam Ierymenko
520b0601db Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-12-05 14:51:06 -08:00
Adam Ierymenko
926ecf9640 docs 2017-12-05 14:50:59 -08:00
Adam Ierymenko
c57198decd Add remoteTraceLevel to controller. 2017-12-05 17:49:20 -05:00
Adam Ierymenko
0fb22df633 Get ephemeral status fields out of the configs. They do not belong there and it just complicates things. 2017-11-09 17:01:16 -05:00
Adam Ierymenko
f7f658605d Move more ephemeral stuff to a tiny MemberLastRequest table instead of the main Member table. 2017-11-08 20:19:46 -05:00
Adam Ierymenko
c12b68a6b2 More Central work. 2017-11-08 11:32:01 -08:00
Adam Ierymenko
4166d8ca35 Fix a deadlock and some more work on RethinkDB (for central) integration. 2017-11-08 11:06:14 -08:00
Adam Ierymenko
7fc9094d8e More fixes to RethinkDB. 2017-11-03 22:40:26 -04:00
Adam Ierymenko
92c7070aa8 RethinkDB fixes. 2017-11-03 20:55:16 -04:00
Adam Ierymenko
b68bca35db Linux build fixes, linux build rule for RethinkDB mode controller, also force disable shitty allocators in libstdc++. 2017-11-03 16:59:36 -04:00
Adam Ierymenko
d97adc8789 Preparing for test. 2017-11-03 12:32:56 -07:00
Adam Ierymenko
f5014d7d71 RethinkDB direct connectivity integration. 2017-11-03 11:39:27 -07:00
Adam Ierymenko
395d8b3139 Full and clearer implementation of GitHub issue #588 2017-10-24 13:33:53 -07:00
Grant Limberg
b1d60df44c timestamps changed from uint64_t to int64_t
There were cases in the code where time calculations and comparisons were overflowing and causing connection instability.  This will keep time calculations within expected ranges.
2017-10-02 15:52:57 -07:00
Adam Ierymenko
283e8d5bc0 Start threads in Central harnessed mode. 2017-08-31 18:01:21 -04:00
Adam Ierymenko
5bf5d5e9cb Minor controller stuff. 2017-08-30 17:22:25 -07:00
Adam Ierymenko
106dff0d53 Make remote trace target null by default, which is probably what we want. 2017-08-18 13:52:10 -07:00
Adam Ierymenko
174ba8884e Delete support in harnessed mode. 2017-08-17 13:10:10 -07:00
Adam Ierymenko
1ce0dcf0ea Another Central harnessed mode fix. 2017-08-16 14:41:42 -07:00
Adam Ierymenko
50e7ea088b More work on controller for new Central harnessed mode, remove old http mode. 2017-08-16 14:14:49 -07:00
Adam Ierymenko
2c682b4d1c Small controller revisions, first run of controller API model JavaScript. 2017-08-09 14:37:19 -07:00
Adam Ierymenko
e4823381c6 . 2017-07-19 15:16:15 -07:00
Adam Ierymenko
66feaeb519 . 2017-07-19 15:06:23 -07:00
Adam Ierymenko
b62296a40b Bug fixes in new harness mode. 2017-07-19 14:13:17 -07:00
Adam Ierymenko
31785f7f6e Automatic periodic status dump from controller. 2017-07-18 15:36:33 -07:00
Adam Ierymenko
ae65eb5105 Cleanup and replace trace field names with sane ones because usability > a few bytes. 2017-07-18 14:28:38 -07:00
Adam Ierymenko
1685659e37 Remote tracing works. 2017-07-17 17:02:50 -07:00
Adam Ierymenko
d9552fb120 Add remoteTraceTarget to network and member configs in controller. 2017-07-14 14:33:36 -07:00
Adam Ierymenko
4ecc0c59ca Plumbing through of remote trace into controller code. 2017-07-14 13:03:16 -07:00
Adam Ierymenko
d2415dee00 Cleanup. 2017-07-06 16:11:11 -07:00
Adam Ierymenko
355cce3938 Rename Utils::snprintf due to it being a #define on one platform. 2017-06-27 11:31:29 -07:00
Adam Ierymenko
2ec88e8008 Remove old circuit test code. Rules engine will let us do this much better and more simply. 2017-05-30 10:19:45 -07:00
Adam Ierymenko
d905607353 Small optimizations. 2017-05-08 08:35:55 -07:00
Adam Ierymenko
909a14fb48 MTU support in controller. 2017-05-04 17:22:24 -07:00
Adam Ierymenko
39db45e144 Fix crash on exit (sometimes) in controller. 2017-05-03 09:48:08 -07:00
Adam Ierymenko
d7c99728bc Echo back ping payload. 2017-05-02 17:28:18 -07:00
Adam Ierymenko
8e19188f49 Do the sometimes rather big "pong" in a background worker thread. 2017-05-02 16:58:51 -07:00
Adam Ierymenko
625e3e8e25 Tiny optimization to prealloc string space. 2017-05-02 13:53:47 -07:00
Adam Ierymenko
132643cd4a Fix small issue preventing pongs if there are never seen members. 2017-05-02 10:34:33 -07:00
Adam Ierymenko
faf7b81c01 Send last requets time in status, and do not set physicalAddr unless we know one. 2017-05-01 15:48:52 -07:00
Adam Ierymenko
bcc6799902 Send member uptime in pong posts. 2017-05-01 15:23:21 -07:00
Adam Ierymenko
718e1d6c08 Finish removing constantly changing stuff from controller. 2017-05-01 13:21:26 -07:00
Adam Ierymenko
a9ce773584 Remove lastModified field in config which literally nothing uses anywhere, and prevent some unnecessary writes. 2017-04-28 19:58:21 -07:00
Adam Ierymenko
62578a2162 Reduce memory use and a bit of cleanup. 2017-04-27 19:36:03 -07:00
Adam Ierymenko
9e80db0fd1 Cleanup, fix a valgrind error, stack use reduction. 2017-04-27 00:59:36 -07:00
Adam Ierymenko
1205578935 Big cleanup of controller code, should help performance. 2017-04-26 06:48:08 -07:00
Adam Ierymenko
4f2a779769 JSONDB performance improvements, threading fix. 2017-04-24 20:51:02 -07:00
Adam Ierymenko
cafbe44dde Controller optimizations -- make locking more fine-grained, use true hardware concurrency, etc. 2017-04-24 19:16:36 -07:00
Adam Ierymenko
bc61357a44 HTTP backend support for JSONDB 2017-04-18 17:37:44 -07:00
Adam Ierymenko
f6d92eb737 JSONDB fix. 2017-04-18 13:48:19 -07:00
Adam Ierymenko
b48a70db2e Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-04-04 08:39:22 -07:00
Adam Ierymenko
cd050b3423 Performance improvement in controller. 2017-04-04 08:39:19 -07:00
Adam Ierymenko
eddbc7e757 Logic simplification, cleanup, and memory use improvements in Membership. Also fix an issue that may cause network instability in some cases. 2017-04-04 08:07:38 -07:00
Adam Ierymenko
e5284771e4 Add ping/pong to API so controller supervisor in Central can do a full-path check of controller uptime, etc. 2017-03-30 09:54:04 -07:00
Adam Ierymenko
57b5a33fbb Fix bug preventing default from being set to null if already set to an integer. 2017-03-29 12:32:59 -07:00
Adam Ierymenko
e4896b257f Add thread PTR that gets passed through the entire ZT core call stack and then passed to handler functions resulting from a call. 2017-03-27 17:03:17 -07:00
Adam Ierymenko
5268909075 Add a facility for full flow-through uptime test of controller by Central. 2017-03-21 06:31:15 -07:00
Adam Ierymenko
c62141fd98 Make controller do a simple write-through cache without revalidating. Means you must restart if files change on disk, but will decrease I/O considerably. 2017-03-21 06:15:49 -07:00
Adam Ierymenko
4f3f471b4c GitHub issue #460 2017-03-17 18:19:51 -07:00
Adam Ierymenko
8f592ff6e8 Controller performance tweaks. 2017-03-13 13:58:29 -07:00
Adam Ierymenko
37629aaf87 Use cache on requests to decrease DB load. 2017-03-13 12:22:06 -07:00
Adam Ierymenko
7ea7e1898a Fix a bug that could cause duplicate IP address assignment on networks if many new members join the controller at once. 2017-03-06 16:21:49 -08:00
Adam Ierymenko
5e6a4e5f5e Send revocations automatically on deauth for instant kill, also fix some issues with the RP. 2017-03-06 15:12:28 -08:00
Adam Ierymenko
66dfc33de9 Fix circuit test post in controller. 2017-03-06 11:23:46 -08:00
Adam Ierymenko
a109d341ef Send timestamp with new circuit test response. 2017-03-02 14:35:38 -08:00
Adam Ierymenko
a577b8d381 Update how controller handles circuit tests -- save results to filesystem. 2017-03-01 16:33:34 -08:00
Adam Ierymenko
2b10a982e9 Match on tag sender equals or tag recipient equals. 2017-02-28 09:22:10 -08:00
Adam Ierymenko
10185e92fa Certificate of ownership -- used to secure against IP address spoofing, especially for IPv4 and regular IPv6. 2017-02-23 11:47:36 -08:00
Adam Ierymenko
54fa73844c Fix crash. 2017-02-21 13:48:29 -08:00
Adam Ierymenko
32f5a0ab18 Add default tag values and default set capabilities for new members. 2017-02-21 13:27:20 -08:00
Adam Ierymenko
672f17c6e9 Add a mask and value range to the IP tos rule field. This allows TOS to be matched more usefully. This will break anyone using tos in the beta, but nobody seems to be and its pre-release so now is the time. 2017-02-07 09:33:39 -08:00
Adam Ierymenko
ac3e883c05 One more place to add "break". 2017-02-06 14:07:30 -08:00
Adam Ierymenko
31db768e4d A bit of code cleanup. 2017-02-04 00:23:31 -08:00
Adam Ierymenko
a064e19b8a Refactor some JSON stuff for performance, and fix a build error. 2017-01-10 13:51:10 -08:00
Adam Ierymenko
bf2b9e3692 Auto-authorize new members on public networks properly. 2016-12-22 18:52:34 -08:00
Adam Ierymenko
0d066e3b08 Fix JSON parse bug in REDIRECT target. 2016-12-22 18:26:43 -08:00
Adam Ierymenko
fe530548bb Fix MATCH_RANDOM in controller. 2016-12-22 16:57:45 -08:00
Adam Ierymenko
a54c2b438c Basic support for streaming of changes via stdout from controller. 2016-12-15 15:08:47 -08:00
Adam Ierymenko
ccdd4ffda7 Move split() to OSUtils since it is not used in core. 2016-11-18 15:49:28 -08:00
Adam Ierymenko
25f9c294dc Small bug fix and warning removal. 2016-11-18 13:01:45 -08:00
Adam Ierymenko
07b2a3818c Fix TTL scaling in cert. 2016-11-15 14:26:05 -08:00
Adam Ierymenko
15c6e2ec70 Fix member deauthorization time threshold bug. 2016-11-15 14:06:25 -08:00
Adam Ierymenko
e26bee45fb Multithreading in network controller. Threads are only started if controller is used. 2016-11-10 13:57:01 -08:00
Adam Ierymenko
1b10d3413a Use circuit breaker only for requests. 2016-11-10 13:08:43 -08:00
Adam Ierymenko
f0fcd222a1 Actually push updates when things change. 2016-11-10 12:54:43 -08:00
Adam Ierymenko
298e4a9f14 Also avoid sending tags and caps to old members since there is no point. 2016-11-10 12:33:09 -08:00
Adam Ierymenko
226123ca08 Refactor controller to permit sending of pushes as well as just replies to config requests. 2016-11-10 11:54:47 -08:00
Adam Ierymenko
5ebf5077f5 Log last meta-data in controller, and ease up just a bit on keepalives. 2016-11-09 17:11:10 -08:00
Adam Ierymenko
1ebfca666d Memo-ize some computed stuff to control CPU utilization. 2016-11-09 12:34:20 -08:00
Adam Ierymenko
3d948a930e Send a blanket rule to old versions. New versions will still bidirecitonally enforce on the inbound side. 2016-11-08 14:24:30 -08:00
Adam Ierymenko
4524899e4d Update LM time on members on request. 2016-11-08 12:41:27 -08:00
Adam Ierymenko
360c84e035 Minor fixes. 2016-11-08 00:05:18 +00:00
Adam Ierymenko
4868d21526 Bug fixes in controller refactor. 2016-11-07 23:49:03 +00:00
Adam Ierymenko
a78d7311a6 Fix network list API call. 2016-11-04 16:23:41 -07:00
Adam Ierymenko
08ff666e99 . 2016-11-04 16:14:58 -07:00
Adam Ierymenko
0d108d37f6 . 2016-11-04 16:12:44 -07:00
Adam Ierymenko
b03c7b2f30 Refactor controller to use split-out DB for better performance and less ugly. 2016-11-04 15:18:31 -07:00
Grant Limberg
8ffae313fd add new files & remove old ones from VS project. Now builds & runs on Windows again 2016-11-03 12:10:50 -07:00
Adam Ierymenko
2cb760e0ac Fix ICMP json. 2016-10-13 14:14:46 -07:00
Adam Ierymenko
2d6a4e5974 cleanup 2016-10-13 13:52:45 -07:00
Adam Ierymenko
e53f63ca87 Broke down and added an OR to the rules engine. It is now possible to have a series of MATCHes that are ORed. 2016-10-11 12:00:16 -07:00
Adam Ierymenko
45c4ccb153 Add a tags both equal match. 2016-10-05 16:38:42 -07:00
Adam Ierymenko
adeb7e7da0 Make capability flags match more user-friendly and appropriate since "match any flag" is generally what we want. 2016-10-05 12:54:46 -07:00
Adam Ierymenko
988049f39b Add new rule to rules engine: random match. 2016-09-30 14:07:00 -07:00
Adam Ierymenko
f0794e09b7 Controller cleanup. 2016-09-30 13:04:26 -07:00
Adam Ierymenko
1eeebba2f7 Drop old /active path from network. 2016-09-29 17:59:27 -07:00
Adam Ierymenko
2fc3d12fb6 Minor tweaks to member code in controller, and fix Linux build. 2016-09-29 14:48:39 -07:00
Adam Ierymenko
7e4b6b594b It now builds. 2016-09-26 17:05:39 -07:00
Adam Ierymenko
1f74dd4589 Revocation work in progress, add WATCH which is TEE with implicit rate sync (thanks JG@DCVC!), and clean up some cruft in Network. 2016-09-23 16:08:38 -07:00
Adam Ierymenko
68e549233d Revise bearer token code in controller, and add relay policy as a meta-data item presented to controller by nodes (to facilitate future meshiness). 2016-09-15 13:17:37 -07:00
Adam Ierymenko
ab9afbc749 (1) Public networks now get COMs even though they do not gate with them since they will need them to push auth for multicast stuff, (2) added a bunch of rate limit circuit breakers for anti-DOS, (3) cleanup. 2016-09-09 11:36:10 -07:00
Adam Ierymenko
0d4109a9f1 More refactoring to clean up code, and add a gate function to make sure we do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions. 2016-09-09 08:43:58 -07:00
Adam Ierymenko
c9ee8612e4 Credential TTL (tags/capabilities) should be credential time max delta, since we could get pushed one that is newer. 2016-09-07 12:12:52 -07:00
Adam Ierymenko
74afef8eb1 Think through and refine a few things in rules, especially edge case TEE and REDIRECT behavior and semantics. 2016-08-31 16:50:22 -07:00
Adam Ierymenko
54489a7f61 rename SAMENESS to DIFFERENCE which is less confusing 2016-08-31 14:14:58 -07:00
Adam Ierymenko
8e3004591b Add overlooked MATCH_ICMP to rule set. 2016-08-31 14:01:15 -07:00
Adam Ierymenko
7a00036954 Tweak log length to fit JSON for members within two 4096-kb blocks. 2016-08-29 18:10:02 -07:00
Adam Ierymenko
914c42537c Type fixes. 2016-08-29 17:48:36 -07:00
Adam Ierymenko
297b1b4258 Another tiny API bug fix. 2016-08-26 14:16:55 -07:00
Adam Ierymenko
35ac995d05 Fix setting of v6AssignMode in controller. 2016-08-26 14:04:27 -07:00
Adam Ierymenko
d637988ccf Fix chicken or egg problem in tags, and better filter debug instrumentation. 2016-08-25 18:21:20 -07:00
Adam Ierymenko
858e8c5217 one more... 2016-08-25 16:28:54 -07:00
Adam Ierymenko
df1ce856c9 A little bit more controller code cleanup. 2016-08-25 16:25:28 -07:00
Adam Ierymenko
b5e0d014ab Controller bug fixes 2016-08-25 16:08:40 -07:00
Adam Ierymenko
5eaf397a94 Add a debug log feature in the filter, which only works if enabled in Network.cpp. 2016-08-25 13:31:23 -07:00
Adam Ierymenko
1814016eb7 Add daemon thread to controller and move network member cache refreshes there. 2016-08-25 11:26:45 -07:00
Adam Ierymenko
6ecb42b031 docs and null check in controller code 2016-08-25 10:46:03 -07:00
Adam Ierymenko
60bc291414 Add noAutoAssignIps for member of networks. 2016-08-24 17:05:43 -07:00
Adam Ierymenko
ccea3d04d6 Push NETWORK_CONFIG_REFRESH on POSTs to /member/... in controller. 2016-08-24 14:28:16 -07:00
Adam Ierymenko
8e3463d47a Add length limit to TEE and REDIRECT, and completely factor out old C json-parser to eliminate a dependency. 2016-08-24 13:37:57 -07:00
Adam Ierymenko
8d594f8b53 cleanup 2016-08-23 16:05:10 -07:00
Adam Ierymenko
5f4df0c6a9 Controller cleanup and perf improvements. 2016-08-23 15:30:36 -07:00
Adam Ierymenko
32fa061700 Compute credential TTL et al. 2016-08-23 13:02:59 -07:00
Adam Ierymenko
9a3c652a51 Get rid of expiration in Capability and Tag and move this to NetworkConfig so it can be set network-wide and reset if needed. Also add NetworkConfig field for this and centralize checking of credential time validity. 2016-08-22 18:06:46 -07:00