Adam Ierymenko
b31071463c
Try another NAT traversal improvement.
2015-07-28 11:28:47 -07:00
Adam Ierymenko
821f1f366e
Fix to NAT escalation sequence.
2015-07-27 17:34:58 -07:00
Adam Ierymenko
e30ba3e138
Eliminate some aggressive port scanning NAT-t behavior that has proven ineffective.
2015-07-27 16:43:27 -07:00
Adam Ierymenko
fe20f0d7cd
Put back legacy code to listen for LAN announcements to support same network location with pre-1.0.4 clients.
2015-07-13 08:33:02 -07:00
Adam Ierymenko
3f567a07ca
Save a little bit of RAM by getting rid of overkill CMWC4096 non-crypto PRNG and replacing it with a simple non-crypto PRNG that just uses Salsa20.
2015-07-07 10:49:50 -07:00
Adam Ierymenko
41fc08b330
etherTypeName() is only used in Switch and only with ZT_TRACE
2015-07-07 10:06:05 -07:00
Adam Ierymenko
778c7e6e70
More cleanup to direct path push, comment fixes, etc.
2015-07-07 10:00:34 -07:00
Adam Ierymenko
cac55105c3
Fix a regression.
2015-07-06 16:40:23 -07:00
Adam Ierymenko
79e9a8bcc2
Almost everything for GitHub issue #180 except direct path map setup.
2015-07-06 15:28:48 -07:00
Adam Ierymenko
fad9dff2db
Almost all of GitHub issue #180
2015-07-06 15:05:04 -07:00
Adam Ierymenko
93bb934d4e
Some cleanup, docs, and Path -> Path > RemotePath refactor.
2015-07-06 14:08:13 -07:00
Adam Ierymenko
6bfbc43e3c
Include COM with EXT_FRAME in bridged case.
2015-07-06 12:46:27 -07:00
Adam Ierymenko
35b5dcf89d
Kill debug line.
2015-07-06 12:39:20 -07:00
Adam Ierymenko
e5f7c55c54
Documentation in Packet, more work on path push, and clean up ancient legacy support code in Switch.
2015-07-06 12:34:35 -07:00
Adam Ierymenko
57c7992c78
GitHub issue #191 - kill intra-network multicast rate limits (which were not well supported or easily configurable anyway) -- this is really left over from the old collaborative multicast propagation algorithm. New algorithm (in for a while) has been sender-side replication in which sender "pays" all bandwidth, which intrinsically limits multicast.
2015-06-26 12:36:45 -07:00
Adam Ierymenko
7bae95836c
Root server terminology cleanup, and tighten up a security check by checking full identity of peers instead of just address.
2015-06-19 10:23:25 -07:00
Kees Bos
a425bbc673
Renamed supernode to rootserver
2015-05-06 12:05:20 +02:00
Adam Ierymenko
5341e32729
Fix to GitHub issue #140 -- network preferred relays. Also go ahead and allow RENDEZVOUS from regular peers.
2015-06-01 19:05:27 -07:00
Adam Ierymenko
960ceb4791
Rest of GitHub issue #140 implementation.
2015-06-01 17:50:44 -07:00
Adam Ierymenko
d8783b14eb
Build fix.
2015-05-22 15:46:06 -07:00
Adam Ierymenko
6867922d9e
typo
2015-05-22 15:33:33 -07:00
Adam Ierymenko
196f27f1f0
Add delay to NAT-t escalation stuff to try to address GitHub issue #167
2015-05-22 13:11:55 -07:00
Adam Ierymenko
d9006712f6
Completely factor out "desperation" from the core. I thought of a significantly simpler way to move all of this logic entirely into the containing service, liberating the core from any concern over the nature of its pipe to the outside world.
2015-05-21 15:58:26 -07:00
Adam Ierymenko
a1005ca858
Do not unite() peers across different IP scopes as this would pretty much never work.
2015-04-26 16:03:16 -07:00
Adam Ierymenko
98bcc3d4b5
Disable a few noisy TRACEs, and limit how often we confirm new paths to avoid flooding.
2015-04-15 13:15:09 -07:00
Adam Ierymenko
1c9ca73065
Fix some deadlock issues, move awareness of broadcast subscription into core, other bug fixes.
2015-04-15 13:09:20 -07:00
Adam Ierymenko
5e331d6733
Restrict unite() to desperation==0 since NAT-t only works right now with direct links.
2015-04-10 10:13:50 -07:00
Adam Ierymenko
068d311ecc
TRACE compile fixes, other fixes, and it basically works! It says HELLO.
2015-04-09 20:54:00 -07:00
Adam Ierymenko
4d5a6a25d3
Add events for packet decode errors, etc., and re-implement TRACE as an event.
2015-04-08 16:49:21 -07:00
Adam Ierymenko
bf2ff964e1
Utils::now() removal and a bunch of compile fixes.
2015-04-08 15:26:45 -07:00
Adam Ierymenko
49f031ccb4
Tons of refactoring, change to desperation algorithm to use max of core or link, porting over core loop code from old Node.cpp to new CAPI version, etc.
2015-04-07 19:31:11 -07:00
Adam Ierymenko
24608d5ca3
Always use HELLO to contact, and we now confirm newly learned paths via a two-way handshake to prevent half-connects.
2015-04-07 12:22:33 -07:00
Adam Ierymenko
197d272287
More NAT strategy cleanup.
2015-04-06 15:08:45 -07:00
Adam Ierymenko
be4683a96d
Get rid of random port strategy -- research does not support.
2015-04-06 15:03:08 -07:00
Adam Ierymenko
a95f1e1418
Eliminate redundant SharedPtr assignment.
2015-04-03 17:01:07 -07:00
Adam Ierymenko
6eb9289367
Bunch more cleanup, improvements to NAT traversal logic, finished updating Switch.
2015-04-03 16:52:53 -07:00
Adam Ierymenko
ee0f56355b
Send path simplification.
2015-04-03 13:14:37 -07:00
Adam Ierymenko
a69e1876f1
The concept of link desperation (escalating to less desirable transports) simplifies a ton of stuff. Loads of spaghetti logic can die since we no longer have to make these decisions down in the core.
2015-04-02 17:54:56 -07:00
Adam Ierymenko
93012b0ee5
Re-incorporation: ZeroTier Networks -> ZeroTier, Inc. [Delaware]
2015-02-17 13:11:34 -08:00
Adam Ierymenko
4e95384ad6
Cleanup, add tristate to config code in Network, and happy new year!
2015-01-05 17:47:59 -08:00
Adam Ierymenko
0c85b4ef5f
Tweak to symmetric NAT buster to add one to the number of ports above the current one it attempts.
2014-11-20 13:42:18 -08:00
Adam Ierymenko
5bb854e504
Fix a nasty bug introduced in packet fragmentation a while back during refactoring, and a few other things related to multicast.
2014-10-28 17:25:34 -07:00
Adam Ierymenko
4941c8a1f3
New multicast bug fixes, TRACE improvements, and temporarily disable legacy multicast for debugging purposes.
2014-10-09 17:58:31 -07:00
Adam Ierymenko
d5e0f7e3e4
Reorg multicast packet, and a whole bunch of refactoring around the pushing of certificates of membership.
2014-10-09 12:42:25 -07:00
Adam Ierymenko
2c8321be1f
Pull logic to always send new multicasts to supernode since we need to do that differently, re-add support for active bridges, and remove some gratuitous use of std::set where not needed.
2014-10-04 13:15:02 -07:00
Adam Ierymenko
e7c81ef34e
Turns out that needed to be a list after all. Also clean up Multicaster::gather().
2014-10-03 22:03:19 -07:00
Adam Ierymenko
49dc47ff38
Make multicast gathering a bit smarter.
2014-10-02 11:35:37 -07:00
Adam Ierymenko
e1882b614b
Some cleanup, Multicaster now sends multicasts as it gets additional members.
2014-10-01 14:05:25 -07:00
Adam Ierymenko
ae082c3cb8
Yay... now everything compiles! Getting close to testing on this. Still have not added backward compatibility support for relaying of multicasts to 0.9.X clients yet but that will be easy. Will test with heterogenous 1.0.0 clients only first.
2014-10-01 12:41:48 -07:00
Adam Ierymenko
8607aa7c3c
Everything in for new multicast except IncomingPacket parsing...
2014-09-30 08:38:03 -07:00
Adam Ierymenko
81b12b6826
Rename the ubiquitous _r pointer to RuntimeEnvironment to RR just to be a little more consistent about using _ to denote private member variables.
2014-09-24 13:53:03 -07:00
Adam Ierymenko
431476e2e4
Some more multicast algo work...
2014-09-24 13:45:58 -07:00
Adam Ierymenko
557801a09e
Rename PacketDecoder to much more descriptive IncomingPacket
2014-09-24 09:04:09 -07:00
Adam Ierymenko
d9abd4d9be
Work on defining new direct broadcast multicast algorithm.
2014-09-18 18:28:14 -07:00
Adam Ierymenko
4e9280fc7a
Rip out dead "firewall opener" code, replace in pipeline with anti-symmetric-NAT tactics.
2014-09-05 16:23:24 -07:00
Adam Ierymenko
282114e96c
Makefile changes, and make Topology::getBestSupernode() return the "next" supernode if I am a supernode. Also some comment cleanup.
2014-08-19 10:09:21 -07:00
Adam Ierymenko
8a804b5257
(1) Disable firewall openers (its easy to re-enable), (2) Do some prep work for making supernode topology hot-updatable.
2014-08-05 14:05:50 -07:00
Adam Ierymenko
88bdb81791
Keep track of basic aliveness for peers regardless if direct or indirect connectivity and use this for multicast propagation. Also consolidate adding of active bridges via the same functor as regular multicast next hops.
2014-06-30 11:31:04 -07:00
Adam Ierymenko
458f6ae7c3
Only add active bridges to top of MC propagation list if they are alive. Otherwise a dead active bridge might kill multicast for us.
2014-06-26 18:13:48 -07:00
Adam Ierymenko
ae7143d693
Comments and cleanup.
2014-06-21 12:19:10 -07:00
Adam Ierymenko
aead1050fb
Bridging (GitHub issue #68 ) does indeed work! Just needed to fix a packet size thinko.
2014-06-21 12:29:33 -04:00
Adam Ierymenko
11e1f7a3fb
.
2014-06-21 12:01:26 -04:00
Adam Ierymenko
0b0d5fabac
Bridging #68 should work now!
2014-06-21 11:59:08 -04:00
Adam Ierymenko
35aa0921ee
.
2014-06-21 11:47:26 -04:00
Adam Ierymenko
2f8936181c
Debug code -- temporary.
2014-06-21 08:36:23 -07:00
Adam Ierymenko
5d467f0f45
Some TRACE improvements and comment revs.
2014-06-18 08:25:30 -07:00
Adam Ierymenko
2162a419e3
Some logging fixes.
2014-06-17 13:52:55 -07:00
Adam Ierymenko
6802da457e
Bridging pretty much ready to test! Got Switch all wired up. Also fix a latent probably-never-triggered bug in MULTICAST_FRAME handling. GitHub issue #68
2014-06-13 21:06:34 -07:00
Adam Ierymenko
5682f0b772
Some more bridging work... wiring up in Switch - GitHub issue #68
2014-06-13 17:49:33 -07:00
Adam Ierymenko
657f6ae342
Don't transmit broadcasts if enableBroadcast is false on a network.
2014-05-23 19:52:39 -04:00
Adam Ierymenko
beb7b5bbe5
GitHub Issue #69 - make MAC assignment schema differ between virtual networks.
2014-05-23 14:32:31 -07:00
Adam Ierymenko
aee742e767
More toward GitHub issue #56
2014-04-10 16:30:15 -07:00
Adam Ierymenko
c9294c1a78
Prevent recursive transit of ZeroTier packets, toward GitHub issue #56
2014-04-10 14:22:25 -07:00
Adam Ierymenko
b117ff5435
Probable fix for GitHub issue #63 - do not unite() if either path is TCP, since doing so can result in asymmetric failed NAT-t over UDP if one side has a firewall that permits outgoing UDP but not incoming.
2014-04-10 11:17:54 -07:00
Adam Ierymenko
316e8d1939
Build fix.
2014-03-31 22:30:08 -07:00
Adam Ierymenko
f13493edb2
Oops... turns out we need to differentiate incoming from outgoing TCP and indeed learn incoming TCP paths. Otherwise the recipient of a TCP connection does not know to reply via TCP! Heh.
2014-03-31 22:23:55 -07:00
Adam Ierymenko
daaec84c6b
Add TCP channel support for supernode list, make Peer pick the first path if all paths are equally dead.
2014-03-26 15:35:15 -07:00
Adam Ierymenko
ab5a460177
Apply multicast rate limits on a network to ourselves and do not send multicasts that would exceed limits, for GitHub issue #55
2014-03-25 21:38:54 -07:00
Adam Ierymenko
6f5a4d7e29
Fix blocking socket issues in new socket I/O code.
2014-03-20 13:21:58 -07:00
Adam Ierymenko
abc82d6a52
IPC changes and SocketManager changes all build!
2014-03-19 13:56:48 -07:00
Adam Ierymenko
91fef21973
More ripping out of old condition stuff.
2014-03-18 12:21:22 -07:00
Adam Ierymenko
b5c3a92be2
Boring stuff: update dates in copyrights across all files.
2014-02-16 12:40:22 -08:00
Adam Ierymenko
5b97bb247e
More Windows service work... it builds! Now to do a new installer and test. Also fix a Windows compile warning in Switch.cpp.
2014-02-06 23:12:12 -08:00
Adam Ierymenko
bf5f09a0c7
Yank a code path it turns out we probably don't want.
2014-02-03 10:46:37 -08:00
Adam Ierymenko
525ab3faa9
Take TRACE back out of Mac makefile, fix a few decode little things.
2014-01-30 15:26:12 -08:00
Adam Ierymenko
490e86dde3
Bunch of fixes to startup, pinging, and choice of route. Also some TRACE updates.
2014-01-30 14:23:52 -08:00
Adam Ierymenko
6e076e77d8
More work on connection reset stuff...
2014-01-29 22:04:23 -08:00
Adam Ierymenko
372566295e
Alternate order of packet emission in unite().
2014-01-29 12:11:01 -08:00
Adam Ierymenko
8b65b3e6d7
Yank PROBE stuff since it's not used and was a premature addition to the protocol.
2014-01-28 10:41:43 -08:00
Adam Ierymenko
f80ec871f6
Make EthernetTap creation occur in a background thread in Network since it's a time consuming operation on Windows. This fixes one of the last remaining Windows problems.
2014-01-27 23:13:36 -08:00
Adam Ierymenko
370dd6c4da
Several things:
...
(1) Add a bunch of tedious type casts to eliminate unnecessary compiler warnings on Windows X64 builds.
(2) Some EthernetTap work to integrate Windows custom IOCTL for multicast group lookup (not done quite yet).
(3) Dump some more info in selftest to make sure our Windows path lookup functions are returning sane results.
2014-01-21 13:07:22 -08:00
Adam Ierymenko
10df5dcf70
Fix several things:
...
(1) The changes to path learning in the two previous releases were poorly thought out,
and this version should remedy that by introducing PROBE. This is basically a kind of
ECHO request and is used to authenticate endpoints that are not learned via a valid
request/response pair. Thus we will still passively learn endpoints, but securely.
(2) Turns out there was a security oversight in _doHELLO() that could have permitted...
well... I'm not sure it was exploitable to do anything particularly interesting since
a bad identity would be discarded anyway, but fix it just the same.
2013-12-31 11:03:45 -08:00
Adam Ierymenko
92969b4426
Fix for GitHub issue #20 (untested)
2013-12-24 10:39:29 -08:00
Adam Ierymenko
942cc0ca21
Certificate of membership works now... had to fix multicast propagation so COM is pushed with multicast, which makes tremendous sense in retrospect.
2013-10-25 14:51:55 -04:00
Adam Ierymenko
03b909603a
Clean up the awful Network::Config mess and break that out into NetworkConfig.
2013-10-18 13:20:34 -04:00
Adam Ierymenko
797bba04dd
Get rid of not used and maybe never to be used Filter code.
2013-10-17 13:07:53 -04:00
Adam Ierymenko
ce14ba9004
Take the 0.6.0 opportunity to add flags to a few protocol verbs and do a bit more cleanup. Also fix it so certificates wont be accepted unless they are newer than existing ones.
2013-10-17 06:41:52 -04:00
Adam Ierymenko
46f868bd4f
Lots of cleanup, more work on certificates, some security fixes.
2013-10-16 17:47:26 -04:00
Adam Ierymenko
58fa6cab43
Auto-pushing of membership certs on: MULTICAST_FRAME,FRAME,MULTICAST_LIKE and on receipt of MULTICAST_LIKE.
2013-10-07 17:00:53 -04:00
Adam Ierymenko
c7590634e8
Eliminate a lot of redundant WHOIS requests, clean up WHOIS clutter in TRACE, flesh out multicast tracing a bit.
2013-10-03 14:38:07 -04:00
Adam Ierymenko
58538500f2
Clean up some routine stuff like pings, and stop keeping links open forever even if there are no frames passing between them.
2013-10-02 16:12:10 -04:00
Adam Ierymenko
2cfa76fa8b
Multicast propagation is now working from non-supernodes, and working quite well. Time for some more simulation before 0.5.0!
2013-10-02 13:50:42 -04:00
Adam Ierymenko
3443b203e4
Each peer now tracks the last time it announced multicast LIKEs independently and does so frequently enough to prevent expires. Also add a multicast debug facility for use on the testnet.
2013-10-01 16:01:36 -04:00
Adam Ierymenko
9db7939d38
Make new multicast depth and prefix bits parameters configurable.
2013-09-30 13:51:56 -04:00
Adam Ierymenko
4ecb9369b5
Fix for multicast propagation -- supernodes must always keep propagating. Also fix mac-tap build on new version of Xcode CL tools. Must use old llvm-g++ instead of clang for i686 -mkernel.
2013-09-30 11:05:35 -04:00
Adam Ierymenko
0dca9964bf
Whew, it builds!
2013-09-27 16:03:13 -04:00
Adam Ierymenko
f9079a110e
Make network multicast breadth/depth parameters configurable on a per-net basis.
2013-09-17 16:11:57 -04:00
Adam Ierymenko
0133da1dcd
Get rid of onSent(), which was never used consistently anyway.
2013-09-17 15:33:34 -04:00
Adam Ierymenko
e376c6f6a9
New crypto integrated -- going to be testing new identity address generation algo a bit more before finalizing.
2013-09-16 13:57:57 -04:00
Adam Ierymenko
ceb024ab03
Integrating new crypto, work still in progress...
2013-09-16 13:02:10 -04:00
Adam Ierymenko
55e7ddba1e
Get a default rate that works for multicast.
2013-09-12 12:11:21 -04:00
Adam Ierymenko
a40b8c07f4
Apply multicast rate limits to my own multicasts. Will run locally and on a variety of system types to test the result of this.
2013-09-07 15:49:38 -04:00
Adam Ierymenko
55616388ea
Check network ethernet type whitelist instead of hard-coded ethernet types.
2013-08-28 16:01:27 -04:00
Adam Ierymenko
487eb17ec0
ZeroTierOne for Windows binary project, builds and runs and mostly works but still some issues with tap.
2013-08-26 17:22:20 -04:00
Adam Ierymenko
2efc9b31bd
Huge convoluted logic de-tangling in multicast propagation, supernodes now do random propagation for more efficient coverage with less bias in sparse graph cases.
2013-08-21 11:45:06 -04:00
Adam Ierymenko
d6414c9ff7
Windows compiles! (w/Visual Studio 2012) That's about all it does, but it's a start.
2013-08-12 21:25:36 -04:00
Adam Ierymenko
5076c75b07
More Windows port work.
2013-08-12 16:57:34 -04:00
Adam Ierymenko
f5717f4427
Fix a bug and wow, it works.
2013-08-07 11:55:55 -04:00
Adam Ierymenko
e4c5ad9f43
More work on network membership certs, and it builds now. Still in heavy development.
2013-07-29 17:11:00 -04:00
Adam Ierymenko
9cf734b74a
Sane-ify Address, get rid of goofy union thingy.
2013-07-25 13:24:39 -04:00
Adam Ierymenko
195ded4608
Cleanup, comments, regularize TRACE messages.
2013-07-13 14:45:39 -04:00
Adam Ierymenko
97cbd98bc5
Compile fixes, integration of fast PRNG.
2013-07-13 14:28:26 -04:00
Adam Ierymenko
aa59c1de10
Bunch of little bug fixes in newly refactored code.
2013-07-12 22:07:48 -04:00
Adam Ierymenko
f934b81703
Several bug fixes in newly refactored code.
2013-07-12 16:40:59 -04:00
Adam Ierymenko
a86e1cdb88
A bit more minor cleanup before testing.
2013-07-11 22:45:12 -04:00
Adam Ierymenko
2510f594e5
It builds now. The Switch object has been put on a diet. Now to test on the testnet before merge to master.
2013-07-11 22:25:12 -04:00
Adam Ierymenko
339b2314ea
More work in progress on Switch / PacketDecoder refactor.
2013-07-11 22:06:25 -04:00
Adam Ierymenko
ae93c95151
More major Switch refactor work... still in progress.
2013-07-11 17:52:04 -04:00
Adam Ierymenko
ffad0b2780
Factoring out packet decoder from Switch to put that object on a little bit of a diet. Work in progress, wont build yet.
2013-07-11 16:19:06 -04:00
Adam Ierymenko
bcd079b70e
Adding signatures to multicast frames, work in progress, does not build yet
2013-07-10 22:58:43 -04:00
Adam Ierymenko
9e28bbfbb2
Factored out multicast propagation algorithm from Switch and Topology, also cleaned up and clarified it a bit.
2013-07-10 17:24:27 -04:00
Adam Ierymenko
41cd980bf7
Further increase verbosity of TRACE messages for duplicate multicasts
2013-07-09 10:13:13 -04:00
Adam Ierymenko
775fef9ce9
Silly multicast propagation fix: exclude upstream sender to never send duplicate multicasts back to where they came from
2013-07-08 20:53:05 -04:00
Adam Ierymenko
e7f20ad5f9
More filter development. It builds but is not integrated with the rest of the code.
2013-07-08 19:52:40 -04:00
Adam Ierymenko
3397273322
Increase verbosity of TRACE messages for dropped duplicate multicast frames to help debug multicast propagation
2013-07-06 22:18:19 -04:00
Adam Ierymenko
ef08494237
Send HELLO instead of NOP for NAT-t in order to measure latency always. Also prevents a race that can cause the first NAT-t to fail where the NOP arrives before the WHOIS reply from the supernode. Now NAT-t initiators will push their own public keys anyway so that doesnt matter.
2013-07-06 16:20:35 -04:00
Adam Ierymenko
2eaac3891e
Enable ff:ff:ff:ff:ff:ff w/no ADI a.k.a. broadcast. YOLO.
2013-07-06 15:56:12 -04:00
Adam Ierymenko
150850b800
New git repository for release - version 0.2.0 tagged
2013-07-04 16:56:19 -04:00