6d8e1e8783
More cleanup of old stuff.
2018-01-26 21:34:56 -05:00
65c07afe05
Copyright updates for 2018.
2018-01-08 14:33:28 -08:00
b1d60df44c
timestamps changed from uint64_t to int64_t
...
There were cases in the code where time calculations and comparisons were overflowing and causing connection instability. This will keep time calculations within expected ranges.
2017-10-02 15:52:57 -07:00
b9e1d53d7a
Minor cleanup.
2017-07-17 14:21:09 -07:00
495c5ce81d
Bunch of remote tracing work.
2017-07-13 10:51:05 -07:00
6015b529a0
More clustering work.
2017-06-01 12:33:05 -07:00
1b68d6dbdc
License header update.
2017-04-27 20:47:25 -07:00
88a4a3b1ba
Pass tptr on leave.
2017-04-11 08:47:02 -07:00
e4896b257f
Add thread PTR that gets passed through the entire ZT core call stack and then passed to handler functions resulting from a call.
2017-03-27 17:03:17 -07:00
e10325e133
GitHub issue #461 -- plus a bit of cleanup and optimization
2017-03-17 17:15:23 -07:00
10185e92fa
Certificate of ownership -- used to secure against IP address spoofing, especially for IPv4 and regular IPv6.
2017-02-23 11:47:36 -08:00
ed31cb76d6
Fix to cluster network configs.
2017-01-30 16:04:05 -08:00
226123ca08
Refactor controller to permit sending of pushes as well as just replies to config requests.
2016-11-10 11:54:47 -08:00
9f550292fe
Simply network auth logic and always sent error on auth failure even for unknown networks to prevent forensics.
2016-09-27 13:49:43 -07:00
15c07c58b6
Refactored network config chunking to sign every chunk to prevent stupid DOS attack potential, and implement network config fast propagate (though we probably will not use this for a bit).
2016-09-27 11:33:48 -07:00
eac3667ec1
Bunch more refactoring and work on revocations, etc.
2016-09-26 16:17:02 -07:00
1f74dd4589
Revocation work in progress, add WATCH which is TEE with implicit rate sync (thanks JG@DCVC!), and clean up some cruft in Network.
2016-09-23 16:08:38 -07:00
d3524f3609
Refactor COM stuff a bit, and respond to COM requests a bit more readily for rapid setup. Will need to revisit later.
2016-09-20 21:21:34 -07:00
ab9afbc749
(1) Public networks now get COMs even though they do not gate with them since they will need them to push auth for multicast stuff, (2) added a bunch of rate limit circuit breakers for anti-DOS, (3) cleanup.
2016-09-09 11:36:10 -07:00
ef87069957
Fix gating of multicast GATHER replies since these can come from upstream, etc., and fix an issue with sending ECHO to recheck marginal paths.
2016-09-09 09:32:00 -07:00
0d4109a9f1
More refactoring to clean up code, and add a gate function to make sure we do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions.
2016-09-09 08:43:58 -07:00
16df2c3363
Clean up handling of COMs, network access control, and fix a backward compatiblity issue.
2016-09-08 19:48:05 -07:00
daf8a66ced
More correct and efficient to initialize member relationship push stuff lazily when member is learned.
2016-09-07 15:47:20 -07:00
1908aa55f5
Refactor MULTICAST_LIKE pushing to eliminate redundant and unnecessary pushes and simplify code.
2016-09-07 15:15:52 -07:00
74afef8eb1
Think through and refine a few things in rules, especially edge case TEE and REDIRECT behavior and semantics.
2016-08-31 16:50:22 -07:00
f0636ffd4a
EXT_FRAME messages should always be accepted if we are the destination for a matching TEE or REDIRECT rule.
2016-08-29 15:54:06 -07:00
2cdda38dc4
It basically works... at least on current controllers.
2016-08-24 15:26:18 -07:00
ccea3d04d6
Push NETWORK_CONFIG_REFRESH on POSTs to /member/... in controller.
2016-08-24 14:28:16 -07:00
0a7a33ef8f
Instantaneous blacklisting and credential revocation.
2016-08-23 13:46:36 -07:00
4d498b3765
Handling of multi-part chunked network configs on the inbound side.
2016-08-09 13:14:38 -07:00
00fd9c3a15
It builds... almost ready to test some rules engine stuff.
2016-08-08 17:33:26 -07:00
8007ca56aa
Refactor and tie-up of capabilities and tags and packet evaluation points. Some optimization is possible here but it is minor and we will make it work first.
2016-08-08 16:50:00 -07:00
e2f783ebbd
.
2016-08-05 15:02:01 -07:00
37d139177d
Integrate Filter into OutboundMulticast properly.
2016-08-04 13:01:14 -07:00
e09c1a1c11
Big refactor mostly builds. We now have a uniform backward compatible netconf.
2016-06-16 12:28:43 -07:00
4446dbde5e
Big refactor in service code to prep for plumbing through route management.
2016-06-14 10:09:26 -07:00
90e1262a8b
More refactoring to remove old Dictionary dependencies.
2016-04-26 08:20:03 -07:00
2f18a92e20
Cleanup in numerous places, reduce network chattiness around MULTICAST_LIKE, and fix a "how was that working" latent bug causing some control traffic to take the scenic route.
2016-04-19 12:09:35 -07:00
51fecc0be9
Refactor Network for new NetworkConfig.
2016-04-12 12:16:29 -07:00
6f854c8391
NetworkConfig refactor part 1
2016-04-12 12:11:34 -07:00
4e4fd51117
boring doc stuff
2016-01-12 14:04:55 -08:00
3883ac08c7
Docs and cleanup.
2016-01-12 13:17:30 -08:00
d6f0f1a82a
Use network user ptr in lookup for Ethernet frame handling to eliminate map lookup.
2016-01-12 11:34:22 -08:00
83ef98a9dc
Add a network-associated user ptr in API.
2016-01-12 11:04:35 -08:00
35676217e8
Refactor multicast group announcement to work directly or indirectly.
2015-10-23 14:50:07 -07:00
d6676a9d6c
Always announce multicast groups, not just to peers with direct links, and push network COMs to any MULTICAST_LIKE recipient for future use.
2015-10-01 12:50:19 -07:00
9405150b11
Restore group announcement on Peer::receive() but centralize packet composition in one place.
2015-10-01 11:37:02 -07:00
a3db7d0728
Refactor: move network COMs out of Network and into Peer in prep for tightening up multicast lookup and other things.
2015-10-01 11:11:52 -07:00
f69454ec98
(1) Make ZT_ naming convention consistent (get rid of ZT1_), (2) Make local interface a full sockaddr_storage instead of an int identifier, which turns out to be better for multi-homing and other uses.
2015-09-24 16:21:36 -07:00
307e44f7c8
Two for one! (std::map removal)
2015-09-04 14:14:32 -07:00
