Grant Limberg
|
730482e62f
|
encode network ID into sso state param
|
2021-12-01 15:02:21 -08:00 |
|
Grant Limberg
|
663a09b38d
|
oidc stuff coming across the wire properly and generating a working login URL
|
2021-12-01 13:01:32 -08:00 |
|
Grant Limberg
|
7cce23ae79
|
wip
|
2021-12-01 10:44:29 -08:00 |
|
Grant Limberg
|
dfdac7adbd
|
iomanip
|
2021-11-30 17:31:46 -08:00 |
|
Grant Limberg
|
a33d7c64fe
|
more fixin
|
2021-11-30 17:27:13 -08:00 |
|
Grant Limberg
|
d15516f0ef
|
query fix & controller build fix
|
2021-11-30 16:18:34 -08:00 |
|
Grant Limberg
|
fa21fdc1cc
|
rename stuff for clarity
authenticationURL will still be used by the client for v1 and v2 of sso
|
2021-11-11 16:19:26 -08:00 |
|
Grant Limberg
|
43433cdb5a
|
integrate rust build of zeroidc to linux
|
2021-11-04 17:16:23 -07:00 |
|
Grant Limberg
|
8d39c9a861
|
plumbing full flow from controller -> client network
|
2021-11-04 15:40:08 -07:00 |
|
Grant Limberg
|
3818351287
|
use pqxx::pipeline for online update thread
|
2021-10-06 09:39:30 -07:00 |
|
Grant Limberg
|
4d26b5a868
|
no reason for this to be a pointer
|
2021-10-05 17:02:50 -07:00 |
|
Grant Limberg
|
ac0dc7844f
|
rework commit thread & some connection pool borrowing issues
|
2021-10-05 09:25:24 -07:00 |
|
Adam Ierymenko
|
134d33c218
|
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring.
|
2021-09-20 15:40:55 -07:00 |
|
Grant Limberg
|
46adc1f059
|
ifdef this out
|
2021-09-20 15:39:53 -07:00 |
|
Grant Limberg
|
9002555596
|
ensure count > 0
|
2021-09-20 15:39:44 -07:00 |
|
Grant Limberg
|
c3a42bf590
|
remove heartbeat log
|
2021-09-02 16:46:42 -07:00 |
|
Grant Limberg
|
8b95afa96a
|
logging
|
2021-09-02 16:32:40 -07:00 |
|
Grant Limberg
|
6a49a766ca
|
logging
|
2021-09-02 16:22:59 -07:00 |
|
Grant Limberg
|
16ff14bda7
|
identify controller in pool stats
|
2021-09-02 13:48:08 -07:00 |
|
Grant Limberg
|
57c1d96b71
|
math
|
2021-09-02 12:48:49 -07:00 |
|
Grant Limberg
|
40f376e2b9
|
print db pool stats periodically
|
2021-09-02 12:45:26 -07:00 |
|
Grant Limberg
|
dc61f78916
|
set psql application_name in startup script
|
2021-09-02 11:24:07 -07:00 |
|
Grant Limberg
|
a2ffe8c05e
|
dont generate nonce for deleted members
|
2021-09-02 11:24:04 -07:00 |
|
Grant Limberg
|
d0f4cfe6b4
|
print load status messages a little less often now that things go brrrrrrrrr
|
2021-08-20 10:34:00 -07:00 |
|
Grant Limberg
|
3ec23f92ec
|
helps to add part of the query
|
2021-08-20 10:30:37 -07:00 |
|
Grant Limberg
|
6baac1b4e0
|
more query optimizations
|
2021-08-20 10:27:45 -07:00 |
|
Grant Limberg
|
50b0b2e2e9
|
query optimization
|
2021-08-19 17:55:30 -07:00 |
|
Grant Limberg
|
20721491e8
|
kill some noisy logs
|
2021-08-19 13:03:56 -07:00 |
|
Grant Limberg
|
eec46a137e
|
optimize data loading from psql on startup
|
2021-08-19 12:44:02 -07:00 |
|
Grant Limberg
|
9eae444104
|
kill some verbose logs
|
2021-08-19 09:21:52 -07:00 |
|
Adam Ierymenko
|
576b4f03a5
|
Adjust deauth time window and send revocation when SSO members expire.
|
2021-08-18 12:17:40 -04:00 |
|
Adam Ierymenko
|
461810b06a
|
Move return so record gets created before URL.
|
2021-08-10 11:22:29 -04:00 |
|
Grant Limberg
|
613d7b5ece
|
fix backwards logic
|
2021-08-04 09:16:04 -07:00 |
|
Adam Ierymenko
|
c101d71d7c
|
Tweak auth timeout notify.
|
2021-07-30 18:44:34 -04:00 |
|
Adam Ierymenko
|
663e748b8d
|
Deauth expiring members right away.
|
2021-07-26 23:45:18 -04:00 |
|
Adam Ierymenko
|
0cf62d334d
|
Remove pointless check.
|
2021-07-26 13:38:35 -04:00 |
|
Adam Ierymenko
|
0872012cd9
|
small fix
|
2021-07-26 13:11:01 -04:00 |
|
Adam Ierymenko
|
c2d8fe46d5
|
About ready to test notify of SSO timeout...
|
2021-07-23 19:20:10 -04:00 |
|
Adam Ierymenko
|
0310bfa3e3
|
Include authentication URL in config
|
2021-07-23 19:17:42 -04:00 |
|
Adam Ierymenko
|
efe0e8aa7b
|
Notification of about-to-expire status... almost there.
|
2021-07-23 19:05:59 -04:00 |
|
Adam Ierymenko
|
5c7e51feaf
|
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev
|
2021-07-23 18:49:05 -04:00 |
|
Adam Ierymenko
|
34de579c91
|
Handling of soon-to-expire members
|
2021-07-23 18:49:00 -04:00 |
|
Grant Limberg
|
73ddea8864
|
use network ID, not controller ID for looking up network data
|
2021-07-06 14:15:01 -07:00 |
|
Grant Limberg
|
10215af96d
|
whoops
|
2021-07-06 13:18:08 -07:00 |
|
Grant Limberg
|
e67fee0264
|
debug logging
|
2021-07-06 13:08:21 -07:00 |
|
Grant Limberg
|
5ece4f734a
|
fix error message
|
2021-07-06 13:08:16 -07:00 |
|
Grant Limberg
|
f8ea7fdc2b
|
Fix for GitHub #859
Wrong DB::get() method being called to look up the network member for deletes
|
2021-06-24 10:32:21 -07:00 |
|
Grant Limberg
|
364ad87e2b
|
add ssoEnabled flag to network config
|
2021-06-05 13:44:45 -07:00 |
|
Grant Limberg
|
9380ef708a
|
debug strings & query fixes
|
2021-06-05 13:44:07 -07:00 |
|
Grant Limberg
|
fd174b3459
|
fix auth time lookup
|
2021-06-04 20:55:22 -07:00 |
|
Grant Limberg
|
21d27c314c
|
HMACSHA384 the nonce bytes, not the hex encoded nonce bytes
|
2021-06-04 20:06:04 -07:00 |
|
Grant Limberg
|
0b89a49201
|
typo
|
2021-06-04 16:56:28 -07:00 |
|
Grant Limberg
|
e6b4fb5af7
|
add "ssoRedirectURL" to local.conf
plumbed it through to the central controller code
|
2021-06-04 16:29:03 -07:00 |
|
Grant Limberg
|
c227330d09
|
fix redirect_uri substitution
|
2021-06-04 15:58:38 -07:00 |
|
Grant Limberg
|
b16f40c0de
|
.
|
2021-06-04 15:18:18 -07:00 |
|
Grant Limberg
|
fd85f87ade
|
handle null in result set
|
2021-06-04 15:15:42 -07:00 |
|
Grant Limberg
|
add33f1ab3
|
cast to bigint in query
|
2021-06-04 14:48:41 -07:00 |
|
Grant Limberg
|
3bfc438ae8
|
null handling
|
2021-06-04 14:40:14 -07:00 |
|
Adam Ierymenko
|
1dfe909bab
|
Increase authentication URL sizes.
|
2021-06-04 16:46:56 -04:00 |
|
Grant Limberg
|
75d17ea3c8
|
Helps to commit when trying to write a change to the db
|
2021-06-04 13:20:03 -07:00 |
|
Grant Limberg
|
96d15337bb
|
default 0
|
2021-06-04 13:19:39 -07:00 |
|
Grant Limberg
|
74a678c1e1
|
chicken or egg problem.
member must exist in the database before we can generate a nonce & SSO URL
|
2021-06-04 12:49:26 -07:00 |
|
Grant Limberg
|
fed1846c6f
|
need tres commas
|
2021-06-04 12:19:52 -07:00 |
|
Grant Limberg
|
f27d193cf6
|
.
|
2021-06-04 11:56:12 -07:00 |
|
Grant Limberg
|
7941b63543
|
another typo
|
2021-06-04 11:43:42 -07:00 |
|
Grant Limberg
|
21965ac8e8
|
yet another query fix
|
2021-06-04 11:40:03 -07:00 |
|
Grant Limberg
|
7ca2ecb421
|
put expiry time back on nc object
|
2021-06-04 11:39:52 -07:00 |
|
Grant Limberg
|
1dcfc03cbc
|
another query fix
|
2021-06-04 11:22:30 -07:00 |
|
Grant Limberg
|
0702e581a1
|
remove some noisy log lines & fix a query error
|
2021-06-04 11:06:54 -07:00 |
|
Grant Limberg
|
c78792a705
|
moar temporary debug printfs
|
2021-06-04 11:00:51 -07:00 |
|
Grant Limberg
|
287c19e822
|
move this outside the auth block. If SSO is enabled, it should be checked whether authorized or not
|
2021-06-04 09:46:31 -07:00 |
|
Grant Limberg
|
bc901d613d
|
check for nulls
|
2021-06-04 09:20:39 -07:00 |
|
Grant Limberg
|
6cb4c58d9a
|
linux docker build
|
2021-06-03 18:30:32 -07:00 |
|
Grant Limberg
|
4f521baafd
|
Big SSO update
make things hopefully work
|
2021-06-03 14:38:26 -07:00 |
|
Grant Limberg
|
81fda3f5b8
|
set a default and goes boom 🤦♂️
|
2021-06-02 15:07:53 -07:00 |
|
Grant Limberg
|
91c4dfc7c0
|
database version
|
2021-06-02 14:49:12 -07:00 |
|
Grant Limberg
|
fc6d90a04a
|
set the correct default
|
2021-06-02 14:27:58 -07:00 |
|
Grant Limberg
|
faf0c6bbfa
|
make sure to commit on online notification thread
|
2021-06-02 14:08:09 -07:00 |
|
Grant Limberg
|
79f1e81745
|
debug printf typo & line break
|
2021-06-02 13:51:47 -07:00 |
|
Grant Limberg
|
7427961fcf
|
bug fixes & debug code
|
2021-06-02 13:46:54 -07:00 |
|
Grant Limberg
|
d2f1d05a06
|
handle cases where authenticationURL and authenticationExpiryTime don't exist
|
2021-06-02 13:46:43 -07:00 |
|
Grant Limberg
|
19f4146aca
|
make DB::_memberChanged and _networkChanged virtual
|
2021-06-02 13:46:11 -07:00 |
|
Grant Limberg
|
47154fa623
|
transiton to libpqxx & connection pool for central controllers
|
2021-06-02 11:44:00 -07:00 |
|
Grant Limberg
|
c2efdcabc5
|
fix
|
2021-05-28 15:01:42 -07:00 |
|
Grant Limberg
|
6d8c96b89f
|
formatting
|
2021-05-28 14:19:13 -07:00 |
|
Adam Ierymenko
|
c470c6255e
|
Postgres code for SSO (almost certainly needs work)
|
2021-05-28 17:08:24 -04:00 |
|
Adam Ierymenko
|
6b3a7ec827
|
Fix a few things...
|
2021-05-25 14:40:40 -04:00 |
|
Adam Ierymenko
|
1ce71f9dc0
|
Build fix.
|
2021-05-25 13:05:06 -04:00 |
|
Adam Ierymenko
|
18508b5a2e
|
Build fix.
|
2021-05-25 13:04:14 -04:00 |
|
Adam Ierymenko
|
621898f3c5
|
Forgot to set auth info in NetworkConfig.
|
2021-05-25 13:02:06 -04:00 |
|
Adam Ierymenko
|
2c1d7f3dcc
|
CLI printing of URL.
|
2021-05-25 12:58:33 -04:00 |
|
Adam Ierymenko
|
b270d527f4
|
Basic plumbing for authentication requirement and piping through of URL information.
|
2021-05-24 22:58:17 -04:00 |
|
Adam Ierymenko
|
d64c5a92c6
|
Merge pull request #1233 from dosuperuser/improvement/optimizations
Minor C++ optimizations
|
2020-11-24 19:24:36 -05:00 |
|
Adam Ierymenko
|
24769219b5
|
Merge branch 'dev'
|
2020-10-08 18:08:24 -04:00 |
|
Grant Limberg
|
c80843e496
|
Revert "remove redundant writes when changes come from Central"
This reverts commit f9396f979f .
|
2020-10-05 13:32:47 -07:00 |
|
Grant Limberg
|
f9396f979f
|
remove redundant writes when changes come from Central
network & member changes tagged with `"fromCentral": true` will not be rewritten to the db
|
2020-10-05 11:03:03 -07:00 |
|
Adam Ierymenko
|
bb45f9ca3c
|
Upgrade cpp-httplib
|
2020-09-30 15:21:58 -04:00 |
|
Grant Limberg
|
ff23d3051f
|
self hosted controller JSON format fix for DNS
|
2020-09-23 12:16:23 -07:00 |
|
Grant Limberg
|
3db263284b
|
not sure how this got reverted
|
2020-09-10 13:18:25 -07:00 |
|
Grant Limberg
|
43c108f077
|
missed a rollback
|
2020-08-26 15:50:36 -07:00 |
|