Adam Ierymenko
9150778757
.
2015-10-19 15:04:26 -07:00
Adam Ierymenko
50f3ccd3c9
.
2015-10-19 15:03:58 -07:00
Adam Ierymenko
584072fa6a
Fix for V4/V6 stable addressing.
2015-10-19 14:04:36 -07:00
Adam Ierymenko
3adb183c5f
Fix bad COM attachment bug and eliminate an unnecessary redundant check.
2015-10-19 13:38:27 -07:00
Adam Ierymenko
95953b48f9
Do not allow VERB_RENDEZVOUS from non-upstream peers to block potential DOS vector.
2015-10-19 12:56:29 -07:00
Adam Ierymenko
aa6e3c79a0
Some test stuff that will not be pushed elsewhere.
2015-10-19 10:49:31 -07:00
Adam Ierymenko
738fa5a5e5
.
2015-10-16 12:10:57 -07:00
Adam Ierymenko
cc4d0199e7
Fix vProto init.
2015-10-16 10:58:59 -07:00
Adam Ierymenko
781f06ef82
Accept OK for confirm of HELLO or ECHO.
2015-10-16 10:48:38 -07:00
Adam Ierymenko
f9f60f89d9
Peer save/restore fix.
2015-10-16 10:45:58 -07:00
Adam Ierymenko
5ce3aac929
Add rate limit on receive of DIRECT_PATH_PUSH to prevent DOS exploitation.
2015-10-16 10:28:09 -07:00
Adam Ierymenko
2229e91b57
IPv6 support fixes.
2015-10-16 10:10:12 -07:00
Adam Ierymenko
2debde3451
GitHub issue #235 , and I also see no reason not to communicate with people from other Worlds.
2015-10-15 07:22:17 -07:00
Adam Ierymenko
9ece8c465e
decrypt fix
2015-10-14 15:49:41 -07:00
Adam Ierymenko
59389b3dce
Untested cluster code, not enabled.
2015-10-14 14:17:55 -07:00
Adam Ierymenko
619e113748
Work in progress on Cluster for new root infrastructure, multi-homing.
2015-10-14 14:12:12 -07:00
Adam Ierymenko
c312ae221f
Fix for world size in OK(HELLO)
2015-10-14 10:45:33 -07:00
Adam Ierymenko
719233617c
Add uint16_t key to Hashtable, and make Salsa20 zero its keyspace on destruction.
2015-10-14 10:14:07 -07:00
Adam Ierymenko
489e1a5b83
Don't keep connections up longer than the alive timeout (unless they are relays or roots)
2015-10-13 13:51:54 -07:00
Adam Ierymenko
824ed99160
.
2015-10-13 12:42:54 -07:00
Adam Ierymenko
70d8e3ad94
Expose world ID and world timestamp in ZT_NodeStatus
2015-10-13 12:31:38 -07:00
Adam Ierymenko
e268d9492a
cleanup
2015-10-13 12:18:47 -07:00
Adam Ierymenko
123c466843
Full integration of World and World updates.
2015-10-13 12:17:47 -07:00
Adam Ierymenko
5d2f523e81
World stuff...
2015-10-13 12:10:44 -07:00
Adam Ierymenko
05677f57e2
Add C output to mkworld.
2015-10-13 08:55:21 -07:00
Adam Ierymenko
cae58f43f1
More World stuff, and mkworld.
2015-10-13 08:49:36 -07:00
Adam Ierymenko
1b1945c63e
Work in progress on refactoring root-topology into World and adding in-band updates.
2015-10-12 18:25:29 -07:00
Adam Ierymenko
70fe7dd1fd
cleanup
2015-10-12 16:40:57 -07:00
Adam Ierymenko
eff1fe3c61
Create files for each hop (more convenient) and fix a packet parse bug.
2015-10-09 16:22:34 -07:00
Adam Ierymenko
aec13b50fd
Be a bit more verbose in circuit test reports to more clearly track current and upstream hop in graph traversal history.
2015-10-09 15:05:26 -07:00
Adam Ierymenko
a95fa379cc
Circuit tests basically work but need some tweaks, and fix some issues found with valgrind.
2015-10-09 14:51:38 -07:00
Adam Ierymenko
0c498556d5
Unroll Salsa20 fully for a little more speed (non-SSE now almost as fast as SSE)
2015-10-09 09:39:27 -07:00
Adam Ierymenko
3fa6dd377f
docs
2015-10-09 08:51:57 -07:00
Adam Ierymenko
160278c489
Little bit of reorg in Salsa20 which seems to speed things up very slightly.
2015-10-08 17:42:53 -07:00
Adam Ierymenko
558775d544
Merge branch 'adamierymenko-dev' of http://10.6.6.2/zerotier/ZeroTierOne into adamierymenko-dev
2015-10-08 13:26:43 -07:00
Adam Ierymenko
a3876353ca
Abiltiy to post a test via the controller web API, and parsing of CIRCUIT_TEST_REPORT messages.
2015-10-08 13:25:38 -07:00
Adam Ierymenko
273f0d18b0
docs
2015-10-08 09:05:25 -07:00
Grant Limberg
9347d6c866
Make it so ZeroTierOne.h can be used with a C compiler again.
2015-10-07 18:04:40 -07:00
Adam Ierymenko
fea1b6b2c3
docs
2015-10-07 16:25:08 -07:00
Adam Ierymenko
0ce0bc00d2
Make sure received() gets called for some new messages, and docs.
2015-10-07 16:20:54 -07:00
Adam Ierymenko
69b44bf9a5
Finally add an ECHO.
2015-10-07 16:11:50 -07:00
Adam Ierymenko
73cafbe0ec
Limit proof of work difficulty to something sane.
2015-10-07 13:46:44 -07:00
Adam Ierymenko
e5f168f599
Add proof of work request for future DDOS mitigation use.
2015-10-07 13:35:46 -07:00
Adam Ierymenko
7d62dbe9f7
Tune NAT-t keepalives so that timing is better obeyed, clean up a build warning, and fix a potential source of network recursion (though harmless).
2015-10-07 11:57:59 -07:00
Adam Ierymenko
13f14c2f4c
Kill debug line.
2015-10-07 10:56:47 -07:00
Adam Ierymenko
c952fbbd8d
Only enable 128-bit Poly1305 on X86_64 right now. Has compilation issues on ARM, but the 64-bit version should be fine.
2015-10-07 10:40:59 -07:00
Adam Ierymenko
ab0228f626
More cleanup and simple refactoring, consolidate InetAddres serialize/deserialize into the class.
2015-10-07 10:30:47 -07:00
Adam Ierymenko
1b2cac0cc5
Trim some cruft that is not used and probably never would be.
2015-10-07 09:38:33 -07:00
Adam Ierymenko
598a1d8dd7
Try reopening /dev/urandom if there is a problem.
2015-10-06 18:10:40 -07:00
Adam Ierymenko
64aaea3978
Cleanup, and add an even faster Poly1305 on systems that support it.
2015-10-06 18:04:53 -07:00
Adam Ierymenko
477feee8a3
Some work on CIRCUIT_TEST, and a significant speedup to Poly1305.
2015-10-06 17:55:57 -07:00
Adam Ierymenko
3593fb3462
Send initial CIRCUIT_TEST packet.
2015-10-06 15:16:41 -07:00
Adam Ierymenko
d3f29d09e8
Plumbing through circuit test stuff.
2015-10-06 14:42:51 -07:00
Adam Ierymenko
5341afcdcd
Handling of CIRCUIT_TEST, should be ready to test.
2015-10-06 11:47:16 -07:00
Adam Ierymenko
57c857e89a
Fix TRACE output.
2015-10-06 06:57:00 -07:00
Grant Limberg
c16ad053b6
no toString() method on peer. Commenting out for now.
2015-10-02 19:39:46 -07:00
Grant Limberg
6080a45c9c
change cert to com. no variable named cert.
2015-10-02 19:39:13 -07:00
Adam Ierymenko
5384f185ae
Simplify Dictionary and reduce memory usage, now no more std::maps in core.
2015-10-01 18:12:16 -07:00
Adam Ierymenko
76a95dc58f
The return of peer peristence.
2015-10-01 17:09:01 -07:00
Adam Ierymenko
5076c49210
Peer serialization and related changes.
2015-10-01 15:40:54 -07:00
Adam Ierymenko
2fa21aa676
.
2015-10-01 13:43:57 -07:00
Adam Ierymenko
3999e468b7
Need to hold nconf so *com does not die while being used.
2015-10-01 13:43:15 -07:00
Adam Ierymenko
6693149f3e
Send COM with MULTICAST_GATHER for future use.
2015-10-01 13:34:12 -07:00
Adam Ierymenko
2c196307ee
--bugs;
2015-10-01 13:01:18 -07:00
Adam Ierymenko
d6676a9d6c
Always announce multicast groups, not just to peers with direct links, and push network COMs to any MULTICAST_LIKE recipient for future use.
2015-10-01 12:50:19 -07:00
Adam Ierymenko
a7409850d6
Get trim() out of core where it is not needed.
2015-10-01 12:37:18 -07:00
Adam Ierymenko
53e5f94b99
.
2015-10-01 12:25:43 -07:00
Adam Ierymenko
64bf3ffe6c
Mutex cleanup.
2015-10-01 11:44:09 -07:00
Adam Ierymenko
9405150b11
Restore group announcement on Peer::receive() but centralize packet composition in one place.
2015-10-01 11:37:02 -07:00
Adam Ierymenko
a3db7d0728
Refactor: move network COMs out of Network and into Peer in prep for tightening up multicast lookup and other things.
2015-10-01 11:11:52 -07:00
Adam Ierymenko
11ff96ba1d
Consider IPv6 paths reliable (no constant keepalives needed)
2015-09-30 15:20:08 -07:00
Adam Ierymenko
0d0039674f
Add new verb names, and fix some Mac compiler flags.
2015-09-30 14:48:07 -07:00
Adam Ierymenko
789046ca57
Speed up Salsa20 just a bit.
2015-09-30 14:35:05 -07:00
Adam Ierymenko
1a4f16e0ed
More work on circuit testing...
2015-09-30 13:59:05 -07:00
Adam Ierymenko
2d0adb562d
Specify circuit test messages.
2015-09-27 11:37:39 -07:00
Adam Ierymenko
f69454ec98
(1) Make ZT_ naming convention consistent (get rid of ZT1_), (2) Make local interface a full sockaddr_storage instead of an int identifier, which turns out to be better for multi-homing and other uses.
2015-09-24 16:21:36 -07:00
Adam Ierymenko
0e5aac6a11
Prefer IPv6 paths if available.
2015-09-23 16:16:36 -07:00
Adam Ierymenko
a3ed5277ef
Make sure ZT_NO_TYPE_PUNNING also obeyed here.
2015-09-23 14:09:27 -07:00
Adam Ierymenko
2a527ea82e
Fix for timer jitter problem.
2015-09-23 14:01:41 -07:00
Adam Ierymenko
367ffde00c
Plumb through localInterfaceId to track local interfaces corresponding with remote addresses.
2015-09-23 13:49:56 -07:00
Adam Ierymenko
4464fa5d39
Eliminate another warning.
2015-09-23 10:29:05 -07:00
Adam Ierymenko
86996d4315
Eliminate compiler warning.
2015-09-23 10:27:53 -07:00
Adam Ierymenko
d656e87395
Send a random small payload for NAT keepalives, since zero byte packets seem to fail to keep associations alive behind some NATs.
2015-09-22 15:58:00 -07:00
Adam Ierymenko
3664966340
Generate local IPv6 addresses from network IDs and addresses.
2015-09-17 21:30:32 -07:00
Adam Ierymenko
c1a53a2653
ARP cache and responder agent code for use in netcon and iOS.
2015-09-11 11:45:04 -07:00
Adam Ierymenko
0d386f1c31
Add a bit of useful testing instrumentation to SqliteNetworkController.
2015-09-08 11:35:55 -07:00
Adam Ierymenko
85b90f122a
Final std::map<> from Switch, and add some smallish default values for hash size.
2015-09-04 15:35:43 -07:00
Adam Ierymenko
3dba016a93
Almost done... very few std::map<>s remaining in any spot that matters.
2015-09-04 15:21:22 -07:00
Adam Ierymenko
db0369e9b8
Remove way-overkill multimap from Switch.
2015-09-04 14:56:39 -07:00
Adam Ierymenko
0ab3e49be9
Starting in on Switch... kill map in defrag queue, which will probably improve performance pretty decently under high load with lots of peers.
2015-09-04 14:44:22 -07:00
Adam Ierymenko
f116c4b9c0
... and another ...
2015-09-04 14:24:31 -07:00
Adam Ierymenko
307e44f7c8
Two for one! (std::map removal)
2015-09-04 14:14:32 -07:00
Adam Ierymenko
d1341578d8
... and another one!
2015-09-04 13:53:48 -07:00
Adam Ierymenko
7b8ce16057
Another std::map<> dies.
2015-09-04 13:42:19 -07:00
Adam Ierymenko
3a959a7763
Swap out std::map<> for Hashtable<> for main peer database in Topology. (ongoing std::map-ectomy)
2015-09-04 12:14:21 -07:00
Adam Ierymenko
cfd101c9b8
Add entries() to go with keys() for future use.
2015-09-04 11:50:12 -07:00
Adam Ierymenko
da9a720c3f
Hash table bug fix, and add copy constructor and assignment operator for principle of least surprise.
2015-09-03 17:33:06 -07:00
Adam Ierymenko
b11ffc9635
Integrate Hashtable into Multicaster, where @mwarning found heaviest std::map() overhead.
2015-08-27 16:17:21 -07:00
Adam Ierymenko
3947807b1f
A simple and fast Hashtable, tested but not yet integrated with anything.
2015-08-27 15:36:13 -07:00
Adam Ierymenko
5fcef91278
Ignore old root-topology if present -- fix for upgrading on Linux and possibly elsewhere.
2015-08-25 09:42:37 -07:00
Adam Ierymenko
facb009a1d
Add security notice to auto-update info in -h output, and fix a missing paren.
2015-07-31 09:50:55 -07:00
Adam Ierymenko
8d09c37140
Remove a bit of redundant logic, and also announce MULTICAST_LIKEs to controllers (for future use).
2015-07-31 09:37:13 -07:00
Adam Ierymenko
f6ced547be
Dead code removal.
2015-07-31 08:56:31 -07:00
Adam Ierymenko
eea8d58afa
docs,cleanup
2015-07-28 12:39:03 -07:00
Adam Ierymenko
21e6850722
Cancel NAT-t attempts if peer is no longer "alive"
2015-07-28 12:18:59 -07:00
Adam Ierymenko
5986d83738
Kill more kittens.
2015-07-28 12:04:14 -07:00
Adam Ierymenko
4564dd95ff
Revert... no luck with any of that.
2015-07-28 12:00:50 -07:00
Adam Ierymenko
d2bfdfa6e7
Play with NAT-t tweaks some more.
2015-07-28 11:57:18 -07:00
Adam Ierymenko
b69afa010e
Disable type punning on ARM by ifdef.
2015-07-28 11:50:01 -07:00
Adam Ierymenko
708aac1ea7
Remove some left over debug code, and fix attempt to send to self if we are an active bridge.
2015-07-28 11:43:09 -07:00
Adam Ierymenko
17bfd4d55e
Add TRACE for NAT-t debugging.
2015-07-28 11:32:34 -07:00
Adam Ierymenko
b31071463c
Try another NAT traversal improvement.
2015-07-28 11:28:47 -07:00
Adam Ierymenko
dda376c9eb
Nuke some abandoned code.
2015-07-28 11:16:43 -07:00
Adam Ierymenko
821f1f366e
Fix to NAT escalation sequence.
2015-07-27 17:34:58 -07:00
Adam Ierymenko
e99eda4a4a
Fix IP scoping bug, and disable remotely reported surface push... not helping. :(
2015-07-27 17:28:13 -07:00
Adam Ierymenko
fadb291962
Fix infinite loop typo.
2015-07-27 17:14:49 -07:00
Adam Ierymenko
f0003ea922
Push remote surface as reported by peers along with known interface direct paths to assist with (some) NAT traversal. (trying this, may back out if not effective)
2015-07-27 17:02:43 -07:00
Adam Ierymenko
e30ba3e138
Eliminate some aggressive port scanning NAT-t behavior that has proven ineffective.
2015-07-27 16:43:27 -07:00
Adam Ierymenko
7a15d8a7e3
Fix leaving of networks to actually call Network::destroy().
2015-07-24 14:50:44 -07:00
Adam Ierymenko
d647a587a1
(1) Fix updating of network revision counter on member change.
...
(2) Go back to timestamp as certificate revision number. This is simpler
and more robust than using the network revision number for this and
forcing network revision fast-forward, which could cause some peers
to fall off the horizon when you don't want them to.
2015-07-23 17:18:20 -07:00
Adam Ierymenko
b3516c599b
Add a rate limiting circuit breaker to the network controller to prevent flooding attacks and race conditions.
2015-07-23 10:10:17 -07:00
Adam Ierymenko
3ba54c7e35
Eliminate some poorly thought out optimizations from the netconf/controller interaction,
...
and go ahead and bump version to 1.0.4.
For a while in 1.0.3 -dev I was trying to optimize out repeated network controller
requests by using a ratcheting mechanism. If the client received a network config
that was indeed different from the one it had, it would respond by instantlly
requesting it again.
Not sure what I was thinking. It's fundamentally unsafe to respond to a message
with another message of the same type -- it risks a race condition. In this case
that's exactly what could happen.
It just isn't worth the added complexity to avoid a tiny, tiny amount of network
overhead, so I've taken this whole path out.
A few extra bytes every two minutes isn't worth fretting about, but as I recall
the reason for this optimization was to save CPU on the controller. This can be
achieved by just caching responses in memory *there* and serving those same
responses back out if they haven't changed.
I think I developed that 'ratcheting' stuff before I went full time on this. It's
hard to develop stuff like this without hours of sustained focus.
2015-07-23 09:50:10 -07:00
Adam Ierymenko
8c18c60c00
sp.
2015-07-17 15:30:13 -07:00
Adam Ierymenko
88949a750f
Workaround for uclibc missing map::operator==()
2015-07-13 11:39:55 -07:00
Adam Ierymenko
547b1c6157
Add additional TRACE output in pushDirectPaths.
2015-07-13 10:35:33 -07:00
Adam Ierymenko
0b354803f3
Clean up some YAGNI issues with implementation of GitHub issue #180 , and make best path choice aware of path rank.
2015-07-13 10:03:04 -07:00
Adam Ierymenko
0b9524f23d
Merge branch 'adamierymenko-dev' of http://git.int.zerotier.com/zerotier/zerotierone into adamierymenko-dev
2015-07-13 09:30:02 -07:00
Adam Ierymenko
4bf3bcbd55
Fixes to PUSH_DIRECT_PATHS.
2015-07-13 09:29:51 -07:00
Adam Ierymenko
3f0eca72f7
ZT_TRACE build fix.
2015-07-13 08:36:22 -07:00
Adam Ierymenko
fe20f0d7cd
Put back legacy code to listen for LAN announcements to support same network location with pre-1.0.4 clients.
2015-07-13 08:33:02 -07:00
Adam Ierymenko
a297e4a5bf
Add build def ZT_NO_TYPE_PUNNING, which when defined disables type punning code that might cause unaligned access errors on architectures that care (e.g. Android/ARM)
2015-07-08 09:12:51 -07:00
Adam Ierymenko
412389ec75
Implement ERROR_UNWATNED_MULTICAST
2015-07-07 11:49:38 -07:00
Adam Ierymenko
cf6f30963c
Kill a potential source of type punning BUS errors on Android, and besides that hack probably did not improve performance at all given the short lenghts of things compared with secureEq()
2015-07-07 10:59:59 -07:00
Adam Ierymenko
3f567a07ca
Save a little bit of RAM by getting rid of overkill CMWC4096 non-crypto PRNG and replacing it with a simple non-crypto PRNG that just uses Salsa20.
2015-07-07 10:49:50 -07:00
Adam Ierymenko
41fc08b330
etherTypeName() is only used in Switch and only with ZT_TRACE
2015-07-07 10:06:05 -07:00
Adam Ierymenko
07ea4fd4f9
Fix potential bug in controller config request.
2015-07-07 10:02:48 -07:00
Adam Ierymenko
778c7e6e70
More cleanup to direct path push, comment fixes, etc.
2015-07-07 10:00:34 -07:00
Adam Ierymenko
c863ff3f02
A bunch of comments and cleanup, including some to yesterday's direct path pushing changes. Move path viability check to one place, and stop trying to use link-local addresses since they are not reliable.
2015-07-07 08:54:48 -07:00
Adam Ierymenko
f398952a6c
Revert some bad docs in Packet -- I think we will still use that. Also rename addMembershipCertificate to more security-descriptive validateAndAddMembershipCertificate, give it a return value, and drop unused force parameter.
2015-07-07 08:14:41 -07:00
Adam Ierymenko
6da9d2d36f
Remove debug printf().
2015-07-06 17:23:22 -07:00
Adam Ierymenko
f881cdd767
Add new .h file to VS build, and Windows side of local interface address enumeration.
2015-07-06 17:22:37 -07:00
Adam Ierymenko
84ba365c77
Fix bug in direct path push send.
2015-07-06 17:20:41 -07:00
Adam Ierymenko
cac55105c3
Fix a regression.
2015-07-06 16:40:23 -07:00
Adam Ierymenko
a87cd2d094
Unix side of local interface address awareness for GitHub issue #180 .
2015-07-06 16:32:34 -07:00
Adam Ierymenko
235f4762b7
Plumbing for local interface addresses -- GitHub issue #180
2015-07-06 15:51:04 -07:00
Adam Ierymenko
79e9a8bcc2
Almost everything for GitHub issue #180 except direct path map setup.
2015-07-06 15:28:48 -07:00
Adam Ierymenko
fad9dff2db
Almost all of GitHub issue #180
2015-07-06 15:05:04 -07:00
Adam Ierymenko
1632aec102
Check Network::isAllowed() always on multicast send.
2015-07-06 14:53:27 -07:00
Adam Ierymenko
255320e2a6
pushDirectPaths() implementation
2015-07-06 14:39:28 -07:00
Adam Ierymenko
93bb934d4e
Some cleanup, docs, and Path -> Path > RemotePath refactor.
2015-07-06 14:08:13 -07:00