Adam Ierymenko
a3db7d0728
Refactor: move network COMs out of Network and into Peer in prep for tightening up multicast lookup and other things.
2015-10-01 11:11:52 -07:00
Adam Ierymenko
f69454ec98
(1) Make ZT_ naming convention consistent (get rid of ZT1_), (2) Make local interface a full sockaddr_storage instead of an int identifier, which turns out to be better for multi-homing and other uses.
2015-09-24 16:21:36 -07:00
Adam Ierymenko
0d386f1c31
Add a bit of useful testing instrumentation to SqliteNetworkController.
2015-09-08 11:35:55 -07:00
Adam Ierymenko
307e44f7c8
Two for one! (std::map removal)
2015-09-04 14:14:32 -07:00
Adam Ierymenko
d1341578d8
... and another one!
2015-09-04 13:53:48 -07:00
Adam Ierymenko
7b8ce16057
Another std::map<> dies.
2015-09-04 13:42:19 -07:00
Adam Ierymenko
facb009a1d
Add security notice to auto-update info in -h output, and fix a missing paren.
2015-07-31 09:50:55 -07:00
Adam Ierymenko
8d09c37140
Remove a bit of redundant logic, and also announce MULTICAST_LIKEs to controllers (for future use).
2015-07-31 09:37:13 -07:00
Adam Ierymenko
3ba54c7e35
Eliminate some poorly thought out optimizations from the netconf/controller interaction,
...
and go ahead and bump version to 1.0.4.
For a while in 1.0.3 -dev I was trying to optimize out repeated network controller
requests by using a ratcheting mechanism. If the client received a network config
that was indeed different from the one it had, it would respond by instantlly
requesting it again.
Not sure what I was thinking. It's fundamentally unsafe to respond to a message
with another message of the same type -- it risks a race condition. In this case
that's exactly what could happen.
It just isn't worth the added complexity to avoid a tiny, tiny amount of network
overhead, so I've taken this whole path out.
A few extra bytes every two minutes isn't worth fretting about, but as I recall
the reason for this optimization was to save CPU on the controller. This can be
achieved by just caching responses in memory *there* and serving those same
responses back out if they haven't changed.
I think I developed that 'ratcheting' stuff before I went full time on this. It's
hard to develop stuff like this without hours of sustained focus.
2015-07-23 09:50:10 -07:00
Adam Ierymenko
07ea4fd4f9
Fix potential bug in controller config request.
2015-07-07 10:02:48 -07:00
Adam Ierymenko
f398952a6c
Revert some bad docs in Packet -- I think we will still use that. Also rename addMembershipCertificate to more security-descriptive validateAndAddMembershipCertificate, give it a return value, and drop unused force parameter.
2015-07-07 08:14:41 -07:00
Adam Ierymenko
dbee1b38b3
Fix semantics of std::unique() to actually remove duplicates (hidden memory leak?)
2015-06-29 10:21:28 -07:00
Kees Bos
8a68624dae
Fix cert verification check for self signed signatures
2015-06-26 07:22:13 +02:00
Adam Ierymenko
57c7992c78
GitHub issue #191 - kill intra-network multicast rate limits (which were not well supported or easily configurable anyway) -- this is really left over from the old collaborative multicast propagation algorithm. New algorithm (in for a while) has been sender-side replication in which sender "pays" all bandwidth, which intrinsically limits multicast.
2015-06-26 12:36:45 -07:00
Adam Ierymenko
7bae95836c
Root server terminology cleanup, and tighten up a security check by checking full identity of peers instead of just address.
2015-06-19 10:23:25 -07:00
Kees Bos
a425bbc673
Renamed supernode to rootserver
2015-05-06 12:05:20 +02:00
Adam Ierymenko
960ceb4791
Rest of GitHub issue #140 implementation.
2015-06-01 17:50:44 -07:00
Adam Ierymenko
b3b9af0dd8
Fix for GitHub issue #170
2015-06-01 11:56:15 -07:00
Adam Ierymenko
5e3c6d9e0d
Some nodeJS work, and apply fix from GitHub issue #166 plus a small optimization to avoid repeated calls to _allMulticastGroups().
2015-05-25 14:21:05 -07:00
Adam Ierymenko
bdce679d84
Should fix deadlock issue in GitHub issue #166
2015-05-13 16:55:18 -07:00
Adam Ierymenko
f5848972f9
Windows now builds and runs selftest correctly, and fixed a Windows (and possibly other platforms) issue in Phy<>.
2015-04-24 15:05:28 -07:00
Adam Ierymenko
ea1859541c
More cleanup, and fix for the extremely unlikely case of identity collision.
2015-04-15 18:32:25 -07:00
Adam Ierymenko
6369c264e2
Rename netconf to controller and NetworkConfigMaster to NetworkController for consistency.
2015-04-15 15:12:09 -07:00
Adam Ierymenko
1c9ca73065
Fix some deadlock issues, move awareness of broadcast subscription into core, other bug fixes.
2015-04-15 13:09:20 -07:00
Adam Ierymenko
67f1f1892f
Bunch of tap stuff, IP address assignment hookups, etc.
2015-04-14 17:57:51 -07:00
Adam Ierymenko
347e98dcd2
Just return files from listDirectory() since that is all we need, fix network request on network restore logic, and remember saved networks in service/One
2015-04-14 15:32:05 -07:00
Adam Ierymenko
49d31613b9
Fix some minor issues, now to reintegrate taps.
2015-04-14 15:16:04 -07:00
Adam Ierymenko
4d5a6a25d3
Add events for packet decode errors, etc., and re-implement TRACE as an event.
2015-04-08 16:49:21 -07:00
Adam Ierymenko
bf2ff964e1
Utils::now() removal and a bunch of compile fixes.
2015-04-08 15:26:45 -07:00
Adam Ierymenko
59af674e74
Announce multicast groups on multicast subscribe.
2015-04-07 19:35:16 -07:00
Adam Ierymenko
76ad19f411
Use binary_search for multicast groups, which are kept in sorted order.
2015-04-06 19:41:55 -07:00
Adam Ierymenko
6807ccd710
Don't need to announce on multicast leave.
2015-04-06 18:28:18 -07:00
Adam Ierymenko
51f46a009a
Multicast group join/leave and group membership announcement.
2015-04-06 18:27:24 -07:00
Adam Ierymenko
8001b2c0cb
Network now calls port config function as per new API.
2015-04-06 16:52:52 -07:00
Adam Ierymenko
a86300c58f
Network build fixes and cleanup of remaining internal references to _tap
2015-04-06 15:47:57 -07:00
Adam Ierymenko
5f51653f9c
More cleanup.
2015-04-01 19:16:07 -07:00
Adam Ierymenko
0214dbc277
More cleanup.
2015-04-01 19:15:21 -07:00
Adam Ierymenko
1f28ce3980
Tons more refactoring: simplify Network, move explicit management of Tap out, redo COM serialization, etc.
2015-04-01 19:09:18 -07:00
Adam Ierymenko
fe94c9460b
Phy is a better name than Wire, and other cleanup.
2015-03-31 11:52:10 -07:00
Adam Ierymenko
93012b0ee5
Re-incorporation: ZeroTier Networks -> ZeroTier, Inc. [Delaware]
2015-02-17 13:11:34 -08:00
Adam Ierymenko
0b84c10ccc
Add confirmation step to new netconf, with the caveat that it will be disabled for older netconf servers to avoid race. Also add some comments.
2015-01-09 16:35:20 -05:00
Adam Ierymenko
60fb28a90a
Cleanup, new C++ netconf code is almost ready to test!
2015-01-06 17:16:54 -08:00
Adam Ierymenko
b644d2a893
Add timestamp field to network config requests.
2015-01-05 17:51:50 -08:00
Adam Ierymenko
4e95384ad6
Cleanup, add tristate to config code in Network, and happy new year!
2015-01-05 17:47:59 -08:00
Adam Ierymenko
7b6f10e859
Optimization: we don't need to verify signatures on certs if they're certs we already have and have verified.
2014-11-13 12:40:51 -08:00
Adam Ierymenko
95f421024a
Code cleanup, and fix some unsafe pointer handling in Network.
2014-10-29 13:57:37 -07:00
Adam Ierymenko
a8bd8fff93
Make several changes to eliminate potential deadlock or recursive lock conditions, and add back rescan of multicast groups on network startup.
2014-10-14 16:38:27 -07:00
Adam Ierymenko
a94b0e6a43
Get rid of rescanMulticastGroups() in Network thread since this can deadlock... the fact that this can happen is probably bad design.
2014-10-14 15:58:03 -07:00
Adam Ierymenko
42d644a57e
More fixes to legacy support, and to a potential issue on quit.
2014-10-14 12:37:35 -07:00
Adam Ierymenko
03dc823ad7
(1) Back off a little on default max multicast limit since 128 is pretty bandwidth heavy, (2) add a little to default multicast rate limit since new MC algo is fairerererer, (3) decided not to involve netconf masters in multicast so take that out of list of who gets LIKEs.
2014-10-10 12:55:06 -07:00
Adam Ierymenko
d5e0f7e3e4
Reorg multicast packet, and a whole bunch of refactoring around the pushing of certificates of membership.
2014-10-09 12:42:25 -07:00
Adam Ierymenko
2c8321be1f
Pull logic to always send new multicasts to supernode since we need to do that differently, re-add support for active bridges, and remove some gratuitous use of std::set where not needed.
2014-10-04 13:15:02 -07:00
Adam Ierymenko
496109fdcc
Announce multicast group changes on network rescanMulticastGroups()
2014-10-03 18:27:42 -07:00
Adam Ierymenko
aad344bb84
Add test network support to Network.
2014-10-03 16:14:34 -07:00
Adam Ierymenko
e53d208ea4
Improve security posture by eliminating non-const data() accessor from Buffer.
2014-10-02 10:06:29 -07:00
Adam Ierymenko
b41437780b
Add origin to new MULTICAST_FRAME, move security check for certs into Network to remove redundant code and bug-proneness, more work on IncomingPacket...
2014-09-30 17:26:34 -07:00
Adam Ierymenko
2659427864
Multicaster needs to be global, not per-network, and a bunch of other stuff.
2014-09-30 16:28:25 -07:00
Adam Ierymenko
8607aa7c3c
Everything in for new multicast except IncomingPacket parsing...
2014-09-30 08:38:03 -07:00
Adam Ierymenko
2d41055bdc
Some Network code cleanup.
2014-09-26 12:23:43 -07:00
Adam Ierymenko
027060dad1
Most of new multicast code builds... now on to packet parsing.
2014-09-25 22:13:31 -07:00
Adam Ierymenko
9e186bbd89
.
2014-09-25 15:57:43 -07:00
Adam Ierymenko
81b12b6826
Rename the ubiquitous _r pointer to RuntimeEnvironment to RR just to be a little more consistent about using _ to denote private member variables.
2014-09-24 13:53:03 -07:00
Adam Ierymenko
9180a30986
.
2014-09-24 09:01:58 -07:00
Adam Ierymenko
61d0f27d2a
Make MulticastTopology have its own mutex.
2014-09-23 10:26:30 -07:00
Adam Ierymenko
954f9cbc13
Yet more WIP on mulitcast algo...
2014-09-22 13:18:24 -07:00
Adam Ierymenko
d9abd4d9be
Work on defining new direct broadcast multicast algorithm.
2014-09-18 18:28:14 -07:00
Adam Ierymenko
d02ecfb288
IP assignment and change cleanup -- leave IPs that were never configured via ZT static assignment alone.
2014-09-05 15:35:09 -07:00
Adam Ierymenko
eadff71d37
Another fix to Network life cycle.
2014-08-21 18:07:27 -07:00
Adam Ierymenko
de4e29288d
Fix for crazy Windows threading bug... repeatedly adding and removing a network now doesn't leave networks in limbo.
2014-08-21 17:49:05 -07:00
Adam Ierymenko
f8d4611d15
(1) Tweak LAN locator beacon frequencies, (2) Windows virtual networks
...
now show up as *real* networks and prompt the user to set their
location and firewall status (public, private, home/work, etc.).
The hack used to achieve #2 should not be examined by children or those
suffering from epilepsy or heart conditions.
2014-08-12 17:20:34 -07:00
Adam Ierymenko
77457cbff1
Windows compile fixes, compiler warning fix, unfreed memory fix in main.c (though it would not have mattered since program exits immediately after).
2014-08-07 19:08:41 -07:00
Adam Ierymenko
adfb71fa6b
Compile for for TRACE, remove old TESTNET cruft.
2014-08-07 08:49:43 -07:00
Adam Ierymenko
b80c229d87
Tons of code cleanup, refactor Network to use EthernetTapFactory, probably also fix GitHub issue #90
2014-07-31 14:09:32 -07:00
Adam Ierymenko
45a1e048bb
Add enabled/disabled status to network.
2014-06-26 17:05:07 -07:00
Adam Ierymenko
cf4700bc26
Simplify network briding modes -- we only need passive toggle and active bridge list, not three mode types. Also change isOpen to isPublic for terminology consistency.
2014-06-14 20:24:19 +00:00
Adam Ierymenko
08b7bb3c7a
Network memory for bridge-side multicast groups that we learn - GitHub issue #68
2014-06-13 14:06:34 -07:00
Adam Ierymenko
d44e1349d8
Bridge routing table - GitHub issue #68
2014-06-10 17:18:59 -07:00
Adam Ierymenko
31ddc49da2
GitHub issue #67
2014-05-23 15:13:34 -07:00
Adam Ierymenko
beb7b5bbe5
GitHub Issue #69 - make MAC assignment schema differ between virtual networks.
2014-05-23 14:32:31 -07:00
Adam Ierymenko
d9836adbf6
.... aaaaaand... GitHub issue #61 was caused by the fact that we were no longer deleting taps on Windows!
2014-04-09 15:34:03 -07:00
Adam Ierymenko
0b8d6c7f4a
Builds and runs on Unix with EthernetTap changes, now for Windows... and for what we did this for: a refactor of the Windows tap connector.
2014-04-07 15:39:33 -07:00
Adam Ierymenko
6f5a4d7e29
Fix blocking socket issues in new socket I/O code.
2014-03-20 13:21:58 -07:00
Adam Ierymenko
d0b506c12b
Fix crash on uninitialized taps.
2014-03-06 15:11:08 -08:00
Adam Ierymenko
b5c3a92be2
Boring stuff: update dates in copyrights across all files.
2014-02-16 12:40:22 -08:00
Adam Ierymenko
3f912eb4ad
Fix for GitHub issue #37 : remember *nix device names.
2014-02-11 14:21:59 -08:00
Adam Ierymenko
ffffc0179f
Fix a couple compile items.
2014-01-27 23:16:15 -08:00
Adam Ierymenko
f80ec871f6
Make EthernetTap creation occur in a background thread in Network since it's a time consuming operation on Windows. This fixes one of the last remaining Windows problems.
2014-01-27 23:13:36 -08:00
Adam Ierymenko
afbbf61588
Delete persistent tap device on Windows when we leave a network.
2014-01-26 22:47:08 -08:00
Adam Ierymenko
9d67a02b5f
Lock down individual files in networks.d instead of directory since directory ACLs are more complex on Windows.
2014-01-26 10:32:12 -08:00
Adam Ierymenko
370dd6c4da
Several things:
...
(1) Add a bunch of tedious type casts to eliminate unnecessary compiler warnings on Windows X64 builds.
(2) Some EthernetTap work to integrate Windows custom IOCTL for multicast group lookup (not done quite yet).
(3) Dump some more info in selftest to make sure our Windows path lookup functions are returning sane results.
2014-01-21 13:07:22 -08:00
Adam Ierymenko
010616e3ae
Add some more TRACE output for certs.
2013-10-25 13:43:04 -04:00
Adam Ierymenko
5901972958
More tying up of certificate of membership stuff in the client.
2013-10-24 16:57:26 -04:00
Adam Ierymenko
40e4f39181
Peers are now dumped on shutdown in a persistence cache and reloaded on startup, which is good enough for clients right now. Supernodes will get something else for long-term authoritative identity caching.
2013-10-21 11:15:47 -04:00
Adam Ierymenko
5a8f213c23
Work in progress...
2013-10-18 12:01:48 -04:00
Adam Ierymenko
e6eb65be00
Netconf support for ARP and NDP caching TTLs.
2013-10-17 16:49:31 -04:00
Adam Ierymenko
ce14ba9004
Take the 0.6.0 opportunity to add flags to a few protocol verbs and do a bit more cleanup. Also fix it so certificates wont be accepted unless they are newer than existing ones.
2013-10-17 06:41:52 -04:00
Adam Ierymenko
46f868bd4f
Lots of cleanup, more work on certificates, some security fixes.
2013-10-16 17:47:26 -04:00
Adam Ierymenko
58fa6cab43
Auto-pushing of membership certs on: MULTICAST_FRAME,FRAME,MULTICAST_LIKE and on receipt of MULTICAST_LIKE.
2013-10-07 17:00:53 -04:00
Adam Ierymenko
4d594b24bc
Automagically push netconf certs -- Network support.
2013-10-07 16:13:52 -04:00
Adam Ierymenko
b4ae1adfbf
Break out certificate of membership into its own class.
2013-10-07 15:29:03 -04:00
Adam Ierymenko
2fa2796f2a
Another tweak, hopefully final, to reduce variance on identity generation times.
2013-10-07 14:31:13 -04:00
Adam Ierymenko
bc715fbd51
Make new identity hashcash algo memory hard, and tweak generation time a bit. Current hashcash cost should be overkill for what we need but still tolerable to users.
2013-10-05 14:15:59 -04:00
Adam Ierymenko
ea4e1136dd
Flesh out membership certificate with signature, better serialize/deserialize, and rename parameter to qualifier to make better conceptual sense.
2013-10-04 12:24:21 -04:00
Adam Ierymenko
9db7939d38
Make new multicast depth and prefix bits parameters configurable.
2013-09-30 13:51:56 -04:00
Adam Ierymenko
4e010da54b
Work in progress...
2013-09-26 17:45:19 -04:00
Adam Ierymenko
24bad9f3d1
More work in progress in new multicast propagation...
2013-09-25 17:41:49 -04:00
Adam Ierymenko
f3128a18fe
Work in progress...
2013-09-25 10:55:27 -04:00
Adam Ierymenko
5557a8192d
Work in progress...
2013-09-24 17:35:05 -04:00
Adam Ierymenko
157aba5c3f
Get rid of 000000000000000.mcerts junk files.
2013-09-17 16:28:17 -04:00
Adam Ierymenko
f9079a110e
Make network multicast breadth/depth parameters configurable on a per-net basis.
2013-09-17 16:11:57 -04:00
Adam Ierymenko
b2b24ca41b
Some file format cleanup.
2013-09-17 15:46:56 -04:00
Adam Ierymenko
e376c6f6a9
New crypto integrated -- going to be testing new identity address generation algo a bit more before finalizing.
2013-09-16 13:57:57 -04:00
Adam Ierymenko
55e7ddba1e
Get a default rate that works for multicast.
2013-09-12 12:11:21 -04:00
Adam Ierymenko
0e62857841
A few logging changes.
2013-09-11 16:32:53 -04:00
Adam Ierymenko
75471ee0e0
Small method rename.
2013-09-11 16:17:51 -04:00
Adam Ierymenko
9cdaefdb9a
Drop old Certificate type from Network.
2013-09-11 15:13:05 -04:00
Adam Ierymenko
de744e6df6
Version two of network certificate of membership, a much more concise and fast approach.
2013-09-11 15:09:53 -04:00
Adam Ierymenko
3a563250f7
Finish stripping minBalance from BandwidthAccount
2013-09-10 14:13:04 -04:00
Adam Ierymenko
a40b8c07f4
Apply multicast rate limits to my own multicasts. Will run locally and on a variety of system types to test the result of this.
2013-09-07 15:49:38 -04:00
Adam Ierymenko
cdb96726df
updateAndCheckMulticastBalance and friends
2013-09-07 12:23:53 -04:00
Adam Ierymenko
56d8bbf780
Bit more netconf cleanup...
2013-09-06 15:06:51 -04:00
Adam Ierymenko
37931d8589
Multicast bandwidth accounting work in progress, and some config field changes and cleanup.
2013-09-04 09:27:56 -04:00
Adam Ierymenko
f3ad05347e
Improve code security posture by replacing sprintf with a safer function.
2013-08-30 17:05:43 -04:00
Adam Ierymenko
55616388ea
Check network ethernet type whitelist instead of hard-coded ethernet types.
2013-08-28 16:01:27 -04:00
Adam Ierymenko
01a70d09db
Jigger with shutdown method to avoid a crash on CTRL+C in Windows. Feels a big hacky, might revisit later.
2013-08-27 18:00:07 -04:00
Adam Ierymenko
cd907a7662
More tap work -- DHCP configuration and such.
2013-08-27 15:55:32 -04:00
Adam Ierymenko
2536352e5d
Make that an arbitrary tag to identify persistent taps...
2013-08-21 08:13:48 -04:00
Adam Ierymenko
dbb509a302
Add an interface description to EthernetTap, mostly for Windows.
2013-08-19 17:44:46 -04:00
Adam Ierymenko
d6414c9ff7
Windows compiles! (w/Visual Studio 2012) That's about all it does, but it's a start.
2013-08-12 21:25:36 -04:00
Adam Ierymenko
95a23dc7ec
Fix for another wonderful C++ threading race condition.
2013-08-09 17:20:40 -04:00
Adam Ierymenko
6a24ac4f00
Add a concept of debt to RateLimiter, save a bit of RAM.
2013-08-09 16:36:58 -04:00
Adam Ierymenko
5cabb60a6f
Actually report a meaningful network status instead of always OK
2013-08-08 10:41:17 -04:00
Adam Ierymenko
86056fdbd9
Generalize unlink to OS-dep code in Utils, just a little prep for Windows port.
2013-08-08 10:06:39 -04:00
Adam Ierymenko
b342f56bec
Network constructor deuglification, remove unused old encrypt/decrypt methods from Identity.
2013-08-06 10:15:05 -04:00
Adam Ierymenko
28a73b620e
Bunch more debugging and loop closing on new netconf.
2013-08-06 01:28:56 -04:00
Adam Ierymenko
e73c4cb68b
Whole bunch of stuff: netconf, bug fixes, tweaks to ping and firewall opener timing code.
2013-08-06 00:05:39 -04:00
Adam Ierymenko
a7c4cbe53a
CLI debugging, got rid of nasty old Thread class and replaced with newer cleaner portable idiom.
2013-08-05 16:06:16 -04:00
Adam Ierymenko
bf5c07f79a
Scratch that... more work wiring up netconf. Got to handle OK.
2013-08-03 12:53:46 -04:00
Adam Ierymenko
7e156b2622
Call clean on all networks periodically, generalize Topology clean cycle to an overall clean cycle.
2013-07-30 11:14:53 -04:00
Adam Ierymenko
e4c5ad9f43
More work on network membership certs, and it builds now. Still in heavy development.
2013-07-29 17:11:00 -04:00
Adam Ierymenko
439e602d5a
Fix a bunch of errors due to minor method signature changes, still a work in progress.
2013-07-29 16:18:29 -04:00
Adam Ierymenko
a53cfc9096
Network membership certificate work in progress... does not build yet.
2013-07-29 13:56:20 -04:00
Adam Ierymenko
ef3e319c64
Several things:
...
(1) Probable fix for issue #7 and major cleanup of EthernetTap code with consolidation for all unix-like systems and specialization for different flavors only when needed.
(2) Refactor of Buffer<> to make its members private, and Packet to use Buffer's methods exclusively to access them. This improves clarity and means we're no longer lying about Buffer's role in the code's security posture.
(3) Add -fstack-protect to Makefile to bounds check stack variables.
2013-07-09 14:06:55 -04:00
Adam Ierymenko
150850b800
New git repository for release - version 0.2.0 tagged
2013-07-04 16:56:19 -04:00