Commit Graph

659 Commits

Author SHA1 Message Date
Grant Limberg
9cf8dacfbb
don't crash out of the controller heartbeat loop here 2022-06-30 11:40:04 -07:00
Grant Limberg
b5d7d71e1e
use connection pool instead of new connection for member status writes
redis plus plus has an annoying feature where it will open a new
connection for each tx or pipeline by default, rather than just fetching
an existing connection from the pool.  Let's change that
2022-06-30 09:59:47 -07:00
Grant Limberg
6fdc7be502
redis connection pool tuning 2022-06-29 09:39:51 -07:00
Grant Limberg
0d7197381a
exit here on error 2022-06-28 09:28:35 -07:00
Grant Limberg
ff8da9d246
Play with online notification timing again 2022-06-24 10:03:30 -07:00
Grant Limberg
c1384422c3
just sleep 1 second 2022-06-22 10:58:23 -07:00
Grant Limberg
ccc0ebd0f9
don't spam the logs quite as much on first startup
sleep the thread 1 second every round until we're actually updating
members
2022-06-22 10:42:51 -07:00
Grant Limberg
9d4336d296
redis connection tuning 2022-06-22 10:30:58 -07:00
Grant Limberg
17bc9d3085
redis thread now uses this_thread::yield() 2022-06-22 10:07:55 -07:00
Grant Limberg
436f481a34
fix log line 2022-06-22 10:01:07 -07:00
Grant Limberg
9e8215b213
adjust sleep between onlineNotification runs. Added timer to output 2022-06-22 09:43:09 -07:00
Grant Limberg
caf8b15f6d
Merge pull request #1701 from tossp/sql2
fix sql
2022-06-19 18:09:28 -07:00
TossPig
bc7f18064f
fix sql
bind message supplies 17 parameters, but prepared statement "" requires 16
2022-06-20 05:59:13 +08:00
Grant Limberg
355d3f44fb
logging & redis standalone fix 2022-06-16 11:52:35 -07:00
Grant Limberg
9de863e68b
update controller db record 2022-06-16 10:50:07 -07:00
Grant Limberg
64b7f8e445
quiet down logs more 2022-06-15 16:58:11 -07:00
Grant Limberg
626f488cb4
quiet down the controller logs a smidge 2022-06-15 16:58:07 -07:00
Grant Limberg
10212e376a
more redis in the controller 2022-06-15 16:58:04 -07:00
Grant Limberg
0ed339f19d
make sure value here is true, not just that the env var is set 2022-06-13 15:44:35 -07:00
Grant Limberg
c6fc3560f2
Merge branch 'dev' into redisrection 2022-06-13 13:09:36 -07:00
Grant Limberg
b65c1ed3a0
Add inja
Requries update to C++17 standard
2022-05-13 09:34:15 -07:00
Grant Limberg
9ddc0327d4
enable redis member status again 2022-05-10 08:36:39 -07:00
Grant Limberg
59151fbf86
remove max count for xread 2022-04-28 13:10:07 -07:00
Grant Limberg
1c700b7b41
Fix redis cluster usage 2022-04-28 13:05:02 -07:00
Grant Limberg
ff18bacd94
fix XREAD commands for redis message queue 2022-04-28 11:16:45 -07:00
Adam Ierymenko
ef08346a74
Fix a possible excessive memory use issue in controller and clean up a bunch of COM handling and other code in the normal node. 2022-04-19 19:59:54 -04:00
Adam Ierymenko
912036b260
Push credentials always if updated (client-side) and some controller-side cleanup that should be logically irrelevant but will prevent unnecessary DB lookups. 2022-04-19 12:41:38 -04:00
Adam Ierymenko
a4e8847664
Restore sending of rejections but move it exclusively to a thread, widen netconf window to 30 minutes. 2022-04-19 10:37:58 -04:00
Adam Ierymenko
c492bf7eea
Forgot to send error on v0 auth expiry. 2022-04-18 16:36:09 -04:00
Adam Ierymenko
cb086ff97f
Simplify SSO logic. SSO should just normally expire when it expires. No full deauth needed. Deauth is for really giving someone the boot. 2022-04-18 16:32:05 -04:00
Adam Ierymenko
55a99f34d0
Tighten certificate window and deprecate sending of revocations for ordinary SSO timeouts. Revocations should only be for deliberate deauth to kick people off networks. Cert window should now stay within refresh window for SSO so normal cert expiration should handle it just fine. 2022-04-15 14:23:26 -04:00
Adam Ierymenko
58119598ae
comment out some new deauth code 2022-04-13 23:10:11 -04:00
Adam Ierymenko
42a2afaef9
This may improve controller behavior with SSO and mixed SSO, needs testing! 2022-04-13 21:39:56 -04:00
Grant Limberg
f8e24f4629
Fix issue where restarting a controller causes a DB write for each network member 2022-02-28 12:26:32 -08:00
Grant Limberg
c09010c25a
handle nonce rotation in controller better
Won't generate new nonces until there are no active ones.
2022-01-20 15:14:29 -08:00
Grant Limberg
b3fbbd3124
refresh tokens now working
Still investigating the best way to do a couple things, but we have something working
2021-12-07 16:29:50 -08:00
Grant Limberg
730482e62f
encode network ID into sso state param 2021-12-01 15:02:21 -08:00
Grant Limberg
663a09b38d
oidc stuff coming across the wire properly and generating a working login URL 2021-12-01 13:01:32 -08:00
Grant Limberg
7cce23ae79
wip 2021-12-01 10:44:29 -08:00
Grant Limberg
dfdac7adbd
iomanip 2021-11-30 17:31:46 -08:00
Grant Limberg
a33d7c64fe
more fixin 2021-11-30 17:27:13 -08:00
Grant Limberg
d15516f0ef
query fix & controller build fix 2021-11-30 16:18:34 -08:00
Grant Limberg
fa21fdc1cc
rename stuff for clarity
authenticationURL will still be used by the client for v1 and v2 of sso
2021-11-11 16:19:26 -08:00
Grant Limberg
43433cdb5a integrate rust build of zeroidc to linux 2021-11-04 17:16:23 -07:00
Grant Limberg
8d39c9a861
plumbing full flow from controller -> client network 2021-11-04 15:40:08 -07:00
Grant Limberg
3818351287
use pqxx::pipeline for online update thread 2021-10-06 09:39:30 -07:00
Grant Limberg
4d26b5a868
no reason for this to be a pointer 2021-10-05 17:02:50 -07:00
Grant Limberg
ac0dc7844f
rework commit thread & some connection pool borrowing issues 2021-10-05 09:25:24 -07:00
Adam Ierymenko
134d33c218
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring. 2021-09-20 15:40:55 -07:00
Grant Limberg
46adc1f059
ifdef this out 2021-09-20 15:39:53 -07:00