ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-01-09 22:42:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,110 Commits 15 Branches 105 Tags 179 MiB
24fce0be86
Commit Graph

1313 Commits

Author SHA1 Message Date
Adam Ierymenko
51a420671f Make rules engine debug a bit more verbose. 2016-08-29 15:17:34 -07:00
Adam Ierymenko
7223685b96 . 2016-08-26 15:30:20 -07:00
Adam Ierymenko
e7dff1c785 Change logic a little for self-as-destination in TEE and REDIRECT. 2016-08-26 15:28:31 -07:00
Adam Ierymenko
a5383d83d8 Do not TEE or REDIRECT to self. 2016-08-26 15:25:00 -07:00
Adam Ierymenko
a3c7627acf Push more than one packet for credentials if we happen to have a whole lot. Should not happen often but might if a member has tons of tags. 2016-08-26 14:43:16 -07:00
Adam Ierymenko
6bd5aba4fa fix frame size range bug 2016-08-26 13:26:26 -07:00
Adam Ierymenko
fb5217761b Add missing names in filter debug code. 2016-08-26 13:20:55 -07:00
Adam Ierymenko
90f3e94565 Always output trace info when debugging rules. 2016-08-26 12:21:44 -07:00
Adam Ierymenko
ded5a53a6c Documentation updates, add rules engine revision to network config request meta-data. 2016-08-26 10:38:43 -07:00
Adam Ierymenko
d637988ccf Fix chicken or egg problem in tags, and better filter debug instrumentation. 2016-08-25 18:21:20 -07:00
Adam Ierymenko
b5e0d014ab Controller bug fixes 2016-08-25 16:08:40 -07:00
Adam Ierymenko
5eaf397a94 Add a debug log feature in the filter, which only works if enabled in Network.cpp. 2016-08-25 13:31:23 -07:00
Adam Ierymenko
584228b2b5 Dead code removal, and get rid of reliable() because we will no longer make that distinction. 2016-08-24 17:56:35 -07:00
Adam Ierymenko
cd3683f2ba Fix a missing receive(). 2016-08-24 17:50:51 -07:00
Adam Ierymenko
347ebcd899 Set trust flag in network controllers if remote query is accepted to allow NATed network controllers to better traverse. 2016-08-24 17:48:13 -07:00
Adam Ierymenko
e52c2c41ec Add a circuit breaker to prevent too many credentials from being stored per member. 2016-08-24 17:24:35 -07:00
Adam Ierymenko
c476285bd6 Harden PUSH_DIRECT_PATHS and simplify things by only doing it on receive when hops>0 and trust has been established. 2016-08-24 16:16:39 -07:00
Adam Ierymenko
63e8ad4cc3 TRACE stuff. 2016-08-24 15:45:37 -07:00
Adam Ierymenko
2cdda38dc4 It basically works... at least on current controllers. 2016-08-24 15:26:18 -07:00
Adam Ierymenko
ccea3d04d6 Push NETWORK_CONFIG_REFRESH on POSTs to /member/... in controller. 2016-08-24 14:28:16 -07:00
Adam Ierymenko
8e3463d47a Add length limit to TEE and REDIRECT, and completely factor out old C json-parser to eliminate a dependency. 2016-08-24 13:37:57 -07:00
Adam Ierymenko
0ee4d3554a Stub out USER_MESSAGE. 2016-08-23 14:38:20 -07:00
Adam Ierymenko
0a7a33ef8f Instantaneous blacklisting and credential revocation. 2016-08-23 13:46:36 -07:00
Adam Ierymenko
32fa061700 Compute credential TTL et al. 2016-08-23 13:02:59 -07:00
Adam Ierymenko
7036831203 Sign Dictionary in doNETWORK_CONFIG_REQUEST. 2016-08-23 11:57:56 -07:00
Adam Ierymenko
68b4ca9b31 Cleanup. 2016-08-23 11:52:10 -07:00
Adam Ierymenko
0dfc08b317 Tidy up a few minor protocol things, improve documentation in Packet.hpp. 2016-08-23 11:29:02 -07:00
Adam Ierymenko
77f7dcf40a Obsolete "test network" removal. 2016-08-23 09:39:38 -07:00
Adam Ierymenko
9a3c652a51 Get rid of expiration in Capability and Tag and move this to NetworkConfig so it can be set network-wide and reset if needed. Also add NetworkConfig field for this and centralize checking of credential time validity. 2016-08-22 18:06:46 -07:00
Adam Ierymenko
b0d888d235 Signing of Capability and Tag objects. 2016-08-22 14:25:59 -07:00
Adam Ierymenko
faa9a06bf5 Controller fixes... 2016-08-17 17:37:37 -07:00
Adam Ierymenko
b72847d504 Finally implement network join auth tokens, at least at the protocol level. 2016-08-17 13:41:45 -07:00
Adam Ierymenko
b08ca49580 More controller work -- it builds! 2016-08-16 14:05:17 -07:00
Adam Ierymenko
bd15262e54 Bunch of rule JSON stuff. 2016-08-15 18:49:50 -07:00
Adam Ierymenko
7d906df805 Better instrumentation for filter, and filter bug fixes. 2016-08-10 14:27:52 -07:00
Adam Ierymenko
d166b494ee Rule parse fix. 2016-08-10 13:41:22 -07:00
Adam Ierymenko
81959f14af Refactor and redesign symmetric NAT predictor. This is cleaner. 2016-08-10 10:28:54 -07:00
Adam Ierymenko
c9d7845fea Minor bug fix and some instrumentation stuff for testing. 2016-08-09 17:00:01 -07:00
Adam Ierymenko
0b0cda2be4 ZT_TRACE fix. 2016-08-09 15:55:41 -07:00
Adam Ierymenko
e1310a764a More cleanup and removal of cruft due to obsolete network-specific relays (will be replaced with federation stuff). 2016-08-09 15:45:26 -07:00
Adam Ierymenko
dbf3e6c3c9 Dead code removal. 2016-08-09 15:01:46 -07:00
Adam Ierymenko
dee7f75f7e Minor cleanup. 2016-08-09 14:46:11 -07:00
Adam Ierymenko
774c7e0ea5 Put CONFIG_REFRESH back. 2016-08-09 13:52:08 -07:00
Adam Ierymenko
4d498b3765 Handling of multi-part chunked network configs on the inbound side. 2016-08-09 13:14:38 -07:00
Adam Ierymenko
bcd05fbdfa Chunking of network config replies. 2016-08-09 09:34:13 -07:00
Adam Ierymenko
2ba9343607 Encode and decode of tags and capabilities in NetworkConfig. 2016-08-09 08:32:42 -07:00
Adam Ierymenko
51cf49a24f cleanup 2016-08-08 17:40:22 -07:00
Adam Ierymenko
00fd9c3a15 It builds... almost ready to test some rules engine stuff. 2016-08-08 17:33:26 -07:00
Adam Ierymenko
8007ca56aa Refactor and tie-up of capabilities and tags and packet evaluation points. Some optimization is possible here but it is minor and we will make it work first. 2016-08-08 16:50:00 -07:00
Adam Ierymenko
4d7f625aa1 . 2016-08-05 15:55:38 -07:00
Adam Ierymenko
e2f783ebbd . 2016-08-05 15:02:01 -07:00
Adam Ierymenko
4d9b74b171 . 2016-08-04 15:27:20 -07:00
Adam Ierymenko
37d139177d Integrate Filter into OutboundMulticast properly. 2016-08-04 13:01:14 -07:00
Adam Ierymenko
8a7753cfe3 Filter cleanup, prep for filter integration in a few places. 2016-08-04 12:35:25 -07:00
Adam Ierymenko
331382cf2f More cleanup and a tiny federation prep item. 2016-08-04 12:14:13 -07:00
Adam Ierymenko
98152d974a More cleanup and removal of DeferredPackets, will do the latter in a more elegant way. 2016-08-04 11:40:38 -07:00
Adam Ierymenko
56febbf2ba . 2016-08-04 10:39:28 -07:00
Adam Ierymenko
5cf410490e . 2016-08-04 10:18:33 -07:00
Adam Ierymenko
404a0bbddd ... 2016-08-04 09:51:15 -07:00
Adam Ierymenko
f057bb63cd More work on tags and capabilities. 2016-08-04 09:02:35 -07:00
Adam Ierymenko
7e6e56e2bc Bunch of work on pushing and replication of tags and capabilities, and protocol cleanup. 2016-08-03 18:04:08 -07:00
Adam Ierymenko
67cb03742e Add tag rules and split out rule serialize/deserialize so the code can be reused. 2016-08-03 14:12:38 -07:00
Adam Ierymenko
91940cbcf5 Kill network preferred relays -- this feature is gone (and was seldom used anyway) in favor of federation. 2016-08-02 14:40:26 -07:00
Adam Ierymenko
ecc1324bb0 Rules engine work: capability based security model with tags and capabilities, and some cleanup across other places. 2016-08-02 13:36:17 -07:00
Adam Ierymenko
d3b0081447 Cleanup... 2016-07-28 12:09:58 -07:00
Adam Ierymenko
22e44c762b More rules engine work: key/value pair matching for microsegmentation. 2016-07-28 10:58:10 -07:00
Adam Ierymenko
4929be08f7 Cleanup and stub out new object transfer messages. 2016-07-26 12:33:51 -07:00
Adam Ierymenko
088bbd1c08 Filter fixes. 2016-07-25 17:03:26 -07:00
Adam Ierymenko
7404eb46c4 Integration of Filter into inbound and outbound packet path. 2016-07-25 16:51:10 -07:00
Adam Ierymenko
eaf6d6c938 Basic L2/L3 filter for rules engine (not integrated yet) and some cleanup. 2016-07-25 15:52:16 -07:00
Adam Ierymenko
faf864b8a2 Merge branch 'master' into dev 2016-07-21 19:07:50 -07:00
Adam Ierymenko
f21af60a13 Init trusted path count to zero. Meh. 2016-07-21 19:06:18 -07:00
Adam Ierymenko
10564d8e14 Init trusted path count to zero. Meh. 2016-07-21 19:05:14 -07:00
Moritz Warning
b3073f44a2 move sourceAddress out of scope 
sourceAddress is used in the catch block
 2016-07-21 23:03:04 +02:00
Adam Ierymenko
6320879fe1 Fix for GitHub issue #358 and bump version to 1.1.13 (dev) 2016-07-18 10:56:33 -07:00
Adam Ierymenko
9785fde32a Trusted paths work! 2016-07-12 11:40:45 -07:00
Adam Ierymenko
9657675755 Plumbing through trusted path stuff to OneService. 2016-07-12 11:30:22 -07:00
Adam Ierymenko
765082fdb6 Trusted path support, and version bump to 1.1.9 2016-07-12 08:29:50 -07:00
Adam Ierymenko
6d8de214eb Docs and controller API version 2016-07-08 13:10:02 -07:00
Adam Ierymenko
901e2fd692 Fix silly one-liner bug... retag time. 2016-06-29 18:12:35 -07:00
Adam Ierymenko
19735e7050 Revert backgrounding of controller requests hack. Controller code is not really parallel anyway and we fixed the perf problem. 2016-06-29 11:43:22 -07:00
Adam Ierymenko
b4fcf2ee60 Fix a valgrind warning. 2016-06-29 11:11:16 -07:00
Adam Ierymenko
7b7ab823b0 Fix getPeer(self) bug if I am the controller. 2016-06-28 22:49:01 +00:00
Adam Ierymenko
45f315e603 Defer NETWORK_CONFIG_REQUEST packets and allow multithreaded processing. 2016-06-27 17:09:04 -07:00
Adam Ierymenko
ee649ae69a Add 6plane assignment support to network controller, and cleanup. 2016-06-24 06:40:50 -07:00
Adam Ierymenko
20d155e630 . 2016-06-24 05:21:25 -07:00
Adam Ierymenko
be5996daca Cleanup of 6plane stuff. 2016-06-24 04:54:05 -07:00
Adam Ierymenko
38dfebad8c IPv6 NDP emulation flag in NetworkConfig, and implement Docker-friendly 
(and other host friendly) IPv6 /80 magic subnetting to allow massive
multicast-free NDP emulated IPv6 networks where each host can have a
/48 worth of IPv6 IPs for internal containers, VMs, etc.

Alan Kay, thou art avenged.

https://ivanovivan.wordpress.com/2010/09/13/alan-kay-quotes/
 2016-06-23 22:41:14 -07:00
Adam Ierymenko
674b84d908 Plumbing for network setting control, and GitHub issue #330 2016-06-21 14:58:30 -07:00
Adam Ierymenko
330c80f3f5 Add rule type to match a COM field of the peer by ID and value because this will be powerful. 2016-06-21 08:09:20 -07:00
Adam Ierymenko
eee59ec9ce Fix Buffer<> version of Dictionary.get(). 2016-06-21 08:00:40 -07:00
Adam Ierymenko
0959d33ba0 Add a few technically unnecessary but feel-good paranoia bounds checks in Dictionary.get(). 2016-06-21 07:59:42 -07:00
Adam Ierymenko
0c05b2cb50 Comment cleanup and fuzzing improvements. 2016-06-21 07:49:46 -07:00
Adam Ierymenko
b2d048aa0e Make Dictionary templatable so it can be used where we want a higher capacity. 2016-06-21 07:32:58 -07:00
Adam Ierymenko
1bf1c38b30 Default route population works on Mac! 2016-06-16 18:23:33 -07:00
Adam Ierymenko
37afa876a7 Linux bug fixes, small controller fix. 2016-06-17 00:21:58 +00:00
Adam Ierymenko
601c51b351 Bug fix. 2016-06-16 23:18:20 +00:00
Adam Ierymenko
901b75e756 New format now integrated, and it works. 2016-06-16 15:48:58 -07:00
Adam Ierymenko
490d20e8fb Self test for dictionary, and fixes. 2016-06-16 14:45:36 -07:00
Adam Ierymenko
2113c21fdc devicemap now works again in OSXEthernetTap 2016-06-16 14:09:09 -07:00