9cf8dacfbb
don't crash out of the controller heartbeat loop here
2022-06-30 11:40:04 -07:00
b5d7d71e1e
use connection pool instead of new connection for member status writes
...
redis plus plus has an annoying feature where it will open a new
connection for each tx or pipeline by default, rather than just fetching
an existing connection from the pool. Let's change that
2022-06-30 09:59:47 -07:00
6fdc7be502
redis connection pool tuning
2022-06-29 09:39:51 -07:00
0d7197381a
exit here on error
2022-06-28 09:28:35 -07:00
ff8da9d246
Play with online notification timing again
2022-06-24 10:03:30 -07:00
c1384422c3
just sleep 1 second
2022-06-22 10:58:23 -07:00
ccc0ebd0f9
don't spam the logs quite as much on first startup
...
sleep the thread 1 second every round until we're actually updating
members
2022-06-22 10:42:51 -07:00
9d4336d296
redis connection tuning
2022-06-22 10:30:58 -07:00
17bc9d3085
redis thread now uses this_thread::yield()
2022-06-22 10:07:55 -07:00
436f481a34
fix log line
2022-06-22 10:01:07 -07:00
9e8215b213
adjust sleep between onlineNotification runs. Added timer to output
2022-06-22 09:43:09 -07:00
caf8b15f6d
Merge pull request #1701 from tossp/sql2
...
fix sql
2022-06-19 18:09:28 -07:00
bc7f18064f
fix sql
...
bind message supplies 17 parameters, but prepared statement "" requires 16
2022-06-20 05:59:13 +08:00
355d3f44fb
logging & redis standalone fix
2022-06-16 11:52:35 -07:00
9de863e68b
update controller db record
2022-06-16 10:50:07 -07:00
64b7f8e445
quiet down logs more
2022-06-15 16:58:11 -07:00
626f488cb4
quiet down the controller logs a smidge
2022-06-15 16:58:07 -07:00
10212e376a
more redis in the controller
2022-06-15 16:58:04 -07:00
0ed339f19d
make sure value here is true, not just that the env var is set
2022-06-13 15:44:35 -07:00
c6fc3560f2
Merge branch 'dev' into redisrection
2022-06-13 13:09:36 -07:00
b65c1ed3a0
Add inja
...
Requries update to C++17 standard
2022-05-13 09:34:15 -07:00
9ddc0327d4
enable redis member status again
2022-05-10 08:36:39 -07:00
59151fbf86
remove max count for xread
2022-04-28 13:10:07 -07:00
1c700b7b41
Fix redis cluster usage
2022-04-28 13:05:02 -07:00
ff18bacd94
fix XREAD commands for redis message queue
2022-04-28 11:16:45 -07:00
ef08346a74
Fix a possible excessive memory use issue in controller and clean up a bunch of COM handling and other code in the normal node.
2022-04-19 19:59:54 -04:00
912036b260
Push credentials always if updated (client-side) and some controller-side cleanup that should be logically irrelevant but will prevent unnecessary DB lookups.
2022-04-19 12:41:38 -04:00
a4e8847664
Restore sending of rejections but move it exclusively to a thread, widen netconf window to 30 minutes.
2022-04-19 10:37:58 -04:00
c492bf7eea
Forgot to send error on v0 auth expiry.
2022-04-18 16:36:09 -04:00
cb086ff97f
Simplify SSO logic. SSO should just normally expire when it expires. No full deauth needed. Deauth is for really giving someone the boot.
2022-04-18 16:32:05 -04:00
55a99f34d0
Tighten certificate window and deprecate sending of revocations for ordinary SSO timeouts. Revocations should only be for deliberate deauth to kick people off networks. Cert window should now stay within refresh window for SSO so normal cert expiration should handle it just fine.
2022-04-15 14:23:26 -04:00
58119598ae
comment out some new deauth code
2022-04-13 23:10:11 -04:00
42a2afaef9
This may improve controller behavior with SSO and mixed SSO, needs testing!
2022-04-13 21:39:56 -04:00
f8e24f4629
Fix issue where restarting a controller causes a DB write for each network member
2022-02-28 12:26:32 -08:00
c09010c25a
handle nonce rotation in controller better
...
Won't generate new nonces until there are no active ones.
2022-01-20 15:14:29 -08:00
b3fbbd3124
refresh tokens now working
...
Still investigating the best way to do a couple things, but we have something working
2021-12-07 16:29:50 -08:00
730482e62f
encode network ID into sso state param
2021-12-01 15:02:21 -08:00
663a09b38d
oidc stuff coming across the wire properly and generating a working login URL
2021-12-01 13:01:32 -08:00
7cce23ae79
wip
2021-12-01 10:44:29 -08:00
dfdac7adbd
iomanip
2021-11-30 17:31:46 -08:00
a33d7c64fe
more fixin
2021-11-30 17:27:13 -08:00
d15516f0ef
query fix & controller build fix
2021-11-30 16:18:34 -08:00
fa21fdc1cc
rename stuff for clarity
...
authenticationURL will still be used by the client for v1 and v2 of sso
2021-11-11 16:19:26 -08:00
43433cdb5a
integrate rust build of zeroidc to linux
2021-11-04 17:16:23 -07:00
8d39c9a861
plumbing full flow from controller -> client network
2021-11-04 15:40:08 -07:00
3818351287
use pqxx::pipeline for online update thread
2021-10-06 09:39:30 -07:00
4d26b5a868
no reason for this to be a pointer
2021-10-05 17:02:50 -07:00
ac0dc7844f
rework commit thread & some connection pool borrowing issues
2021-10-05 09:25:24 -07:00
134d33c218
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring.
2021-09-20 15:40:55 -07:00
46adc1f059
ifdef this out
2021-09-20 15:39:53 -07:00
