3adb183c5f
Fix bad COM attachment bug and eliminate an unnecessary redundant check.
2015-10-19 13:38:27 -07:00
95953b48f9
Do not allow VERB_RENDEZVOUS from non-upstream peers to block potential DOS vector.
2015-10-19 12:56:29 -07:00
5ce3aac929
Add rate limit on receive of DIRECT_PATH_PUSH to prevent DOS exploitation.
2015-10-16 10:28:09 -07:00
2debde3451
GitHub issue #235 , and I also see no reason not to communicate with people from other Worlds.
2015-10-15 07:22:17 -07:00
c312ae221f
Fix for world size in OK(HELLO)
2015-10-14 10:45:33 -07:00
123c466843
Full integration of World and World updates.
2015-10-13 12:17:47 -07:00
5d2f523e81
World stuff...
2015-10-13 12:10:44 -07:00
cae58f43f1
More World stuff, and mkworld.
2015-10-13 08:49:36 -07:00
1b1945c63e
Work in progress on refactoring root-topology into World and adding in-band updates.
2015-10-12 18:25:29 -07:00
eff1fe3c61
Create files for each hop (more convenient) and fix a packet parse bug.
2015-10-09 16:22:34 -07:00
aec13b50fd
Be a bit more verbose in circuit test reports to more clearly track current and upstream hop in graph traversal history.
2015-10-09 15:05:26 -07:00
0c498556d5
Unroll Salsa20 fully for a little more speed (non-SSE now almost as fast as SSE)
2015-10-09 09:39:27 -07:00
a3876353ca
Abiltiy to post a test via the controller web API, and parsing of CIRCUIT_TEST_REPORT messages.
2015-10-08 13:25:38 -07:00
0ce0bc00d2
Make sure received() gets called for some new messages, and docs.
2015-10-07 16:20:54 -07:00
69b44bf9a5
Finally add an ECHO.
2015-10-07 16:11:50 -07:00
73cafbe0ec
Limit proof of work difficulty to something sane.
2015-10-07 13:46:44 -07:00
e5f168f599
Add proof of work request for future DDOS mitigation use.
2015-10-07 13:35:46 -07:00
13f14c2f4c
Kill debug line.
2015-10-07 10:56:47 -07:00
ab0228f626
More cleanup and simple refactoring, consolidate InetAddres serialize/deserialize into the class.
2015-10-07 10:30:47 -07:00
1b2cac0cc5
Trim some cruft that is not used and probably never would be.
2015-10-07 09:38:33 -07:00
3593fb3462
Send initial CIRCUIT_TEST packet.
2015-10-06 15:16:41 -07:00
d3f29d09e8
Plumbing through circuit test stuff.
2015-10-06 14:42:51 -07:00
5341afcdcd
Handling of CIRCUIT_TEST, should be ready to test.
2015-10-06 11:47:16 -07:00
a3db7d0728
Refactor: move network COMs out of Network and into Peer in prep for tightening up multicast lookup and other things.
2015-10-01 11:11:52 -07:00
1a4f16e0ed
More work on circuit testing...
2015-09-30 13:59:05 -07:00
f69454ec98
(1) Make ZT_ naming convention consistent (get rid of ZT1_), (2) Make local interface a full sockaddr_storage instead of an int identifier, which turns out to be better for multi-homing and other uses.
2015-09-24 16:21:36 -07:00
367ffde00c
Plumb through localInterfaceId to track local interfaces corresponding with remote addresses.
2015-09-23 13:49:56 -07:00
0d386f1c31
Add a bit of useful testing instrumentation to SqliteNetworkController.
2015-09-08 11:35:55 -07:00
b31071463c
Try another NAT traversal improvement.
2015-07-28 11:28:47 -07:00
b3516c599b
Add a rate limiting circuit breaker to the network controller to prevent flooding attacks and race conditions.
2015-07-23 10:10:17 -07:00
3ba54c7e35
Eliminate some poorly thought out optimizations from the netconf/controller interaction,
...
and go ahead and bump version to 1.0.4.
For a while in 1.0.3 -dev I was trying to optimize out repeated network controller
requests by using a ratcheting mechanism. If the client received a network config
that was indeed different from the one it had, it would respond by instantlly
requesting it again.
Not sure what I was thinking. It's fundamentally unsafe to respond to a message
with another message of the same type -- it risks a race condition. In this case
that's exactly what could happen.
It just isn't worth the added complexity to avoid a tiny, tiny amount of network
overhead, so I've taken this whole path out.
A few extra bytes every two minutes isn't worth fretting about, but as I recall
the reason for this optimization was to save CPU on the controller. This can be
achieved by just caching responses in memory *there* and serving those same
responses back out if they haven't changed.
I think I developed that 'ratcheting' stuff before I went full time on this. It's
hard to develop stuff like this without hours of sustained focus.
2015-07-23 09:50:10 -07:00
0b354803f3
Clean up some YAGNI issues with implementation of GitHub issue #180 , and make best path choice aware of path rank.
2015-07-13 10:03:04 -07:00
0b9524f23d
Merge branch 'adamierymenko-dev' of http://git.int.zerotier.com/zerotier/zerotierone into adamierymenko-dev
2015-07-13 09:30:02 -07:00
4bf3bcbd55
Fixes to PUSH_DIRECT_PATHS.
2015-07-13 09:29:51 -07:00
3f0eca72f7
ZT_TRACE build fix.
2015-07-13 08:36:22 -07:00
412389ec75
Implement ERROR_UNWATNED_MULTICAST
2015-07-07 11:49:38 -07:00
778c7e6e70
More cleanup to direct path push, comment fixes, etc.
2015-07-07 10:00:34 -07:00
c863ff3f02
A bunch of comments and cleanup, including some to yesterday's direct path pushing changes. Move path viability check to one place, and stop trying to use link-local addresses since they are not reliable.
2015-07-07 08:54:48 -07:00
f398952a6c
Revert some bad docs in Packet -- I think we will still use that. Also rename addMembershipCertificate to more security-descriptive validateAndAddMembershipCertificate, give it a return value, and drop unused force parameter.
2015-07-07 08:14:41 -07:00
6da9d2d36f
Remove debug printf().
2015-07-06 17:23:22 -07:00
f881cdd767
Add new .h file to VS build, and Windows side of local interface address enumeration.
2015-07-06 17:22:37 -07:00
79e9a8bcc2
Almost everything for GitHub issue #180 except direct path map setup.
2015-07-06 15:28:48 -07:00
fad9dff2db
Almost all of GitHub issue #180
2015-07-06 15:05:04 -07:00
e5f7c55c54
Documentation in Packet, more work on path push, and clean up ancient legacy support code in Switch.
2015-07-06 12:34:35 -07:00
7bae95836c
Root server terminology cleanup, and tighten up a security check by checking full identity of peers instead of just address.
2015-06-19 10:23:25 -07:00
87bb0086de
Almost certain fix for GitHub issue #184 on -dev
2015-06-17 12:46:12 -07:00
a425bbc673
Renamed supernode to rootserver
2015-05-06 12:05:20 +02:00
5341e32729
Fix to GitHub issue #140 -- network preferred relays. Also go ahead and allow RENDEZVOUS from regular peers.
2015-06-01 19:05:27 -07:00
d9006712f6
Completely factor out "desperation" from the core. I thought of a significantly simpler way to move all of this logic entirely into the containing service, liberating the core from any concern over the nature of its pipe to the outside world.
2015-05-21 15:58:26 -07:00
b4b067bf12
So we need to keep track of external surface per reporter, since some NATs assign different external IPs for each external destination. Keeping just one known surface could create a race condition.
2015-05-04 18:34:30 -07:00
