0ae09577f6
Client & Central Controller updates to support additonal OIDC features ( #1848 )
...
Client side:
* Fix compatibility with OneLogin
* Requested scopes vary by OIDC provider. Different providers have different
Controller side:
*Update Postgres queries to latest Central schema
* Added Central Controller support for the different providers
* Base OIDC provider details are still attached to an org. Client ID & group/email lists are now associated with individual networks.
2023-01-19 15:39:15 -08:00
e1f60e3f83
Behavioral changes to multipath balance modes (See: #1745 and #1753 )
2022-10-09 23:07:16 -07:00
7ed5bde426
Fix for ab-mode link failure, QoS metrics (WIP)
2022-06-08 10:01:54 -07:00
ee0a194b25
Several more SSO/OIDC related fixes, and bump version to 1.8.9.
2022-04-19 21:29:11 -04:00
ef08346a74
Fix a possible excessive memory use issue in controller and clean up a bunch of COM handling and other code in the normal node.
2022-04-19 19:59:54 -04:00
cd70fefc5e
Clean up some credential push stuff.
2022-04-19 16:06:53 -04:00
a7dcfa18a2
Oops forgot last part of that fix for MAC errors.
2022-04-14 20:13:57 -04:00
4389b9feff
Likely fix for invalid MAC problem.
2022-04-14 20:10:20 -04:00
5e13b42abc
Rate gate ECHO per Path instead of per Peer
2022-02-21 14:37:39 -08:00
40269c2a97
Comment out debug traces
2022-02-16 20:39:18 -08:00
d719137565
temp workaround for oidc auth dropping issue
...
Add a method to "kick" the refresh thread and re-post the tokens in the case where the thread is somehow still running & controller pushes out an AUTH_REQUIRED. This situation happens in a corner case still under investigation where the controller pushes out many copies of the network config repeatedly
2022-01-20 09:44:56 -08:00
48b39ab005
removing comments
2021-12-03 17:46:37 -08:00
663a09b38d
oidc stuff coming across the wire properly and generating a working login URL
2021-12-01 13:01:32 -08:00
eaccce743f
moar plumbing progress
2021-12-01 12:07:05 -08:00
7cce23ae79
wip
2021-12-01 10:44:29 -08:00
fa21fdc1cc
rename stuff for clarity
...
authenticationURL will still be used by the client for v1 and v2 of sso
2021-11-11 16:19:26 -08:00
8d39c9a861
plumbing full flow from controller -> client network
2021-11-04 15:40:08 -07:00
30d5d5a892
Revert "Don't assume roots validated the identity, just in case they did not."
...
This reverts commit 39b97f9163
2021-09-20 19:27:01 -07:00
9cfb807fcb
Don't assume roots validated the identity, just in case they did not.
2021-09-20 15:40:44 -07:00
e1af003e4f
Consolidation of multipath logic. Better system separation
2021-09-01 21:37:49 -07:00
1dfe909bab
Increase authentication URL sizes.
2021-06-04 16:46:56 -04:00
6ce71c1bc3
Fix reporting of status.
2021-05-25 14:45:49 -04:00
6b3a7ec827
Fix a few things...
2021-05-25 14:40:40 -04:00
147945d20f
Lets try always supplying the AES keys to Packet dearmor() and see if that prevents the coma problem.
2021-02-13 00:01:49 -05:00
d64c5a92c6
Merge pull request #1233 from dosuperuser/improvement/optimizations
...
Minor C++ optimizations
2020-11-24 19:24:36 -05:00
7219ca0c0f
AES works! Only with this or newer nodes. Uses salsa with older ones as usual.
2020-09-14 20:44:21 -04:00
b7b01da742
Wire up dearmor() path.
2020-08-25 14:13:20 -07:00
2ac49d99dd
AES integrated on send side.
2020-08-21 14:23:31 -07:00
06730c7d1d
BSL date bump
2020-08-20 12:51:39 -07:00
ffebcd247f
2020/07/16, Minor optmizations
2020-07-16 18:31:56 +02:00
5f0ee4fc78
Fix invalid defaultBondingPolicy conditions, Add ZT_MultipathFlowRebalanceStrategy, Add basic hysteresis mechanism to flow re-assignment
2020-06-16 12:30:21 -07:00
a50e8e9878
Add Bonds, Slaves, and Flows
2020-05-12 01:35:48 -07:00
a6dff8ff2f
Add an extra catch as workaround for possible cause of ARM crash.
2019-08-30 17:47:13 -07:00
4281b6b448
Ignore MULTICAST_GATHER replies with the wrong count.
2019-08-30 17:45:10 -07:00
52a166a71f
Relicense: GPLv3 -> ZeroTier BSL 1.1
2019-08-23 09:23:39 -07:00
90872c906f
Fix FileDB stuff and latency measurement.
2019-07-15 16:30:34 -05:00
a3ef9b8a15
Cleanup
2019-06-25 10:06:50 -07:00
39e1021f62
Replace certificate based gating of multicast like/gather with a simpler more efficient method, fix some minor issues with request based com/cert push, and clean up some other random stuff.
2019-03-21 16:18:49 -07:00
63ec19674c
.
2019-03-19 16:43:43 -07:00
087c75d5ee
More cleanup.
2019-03-14 16:40:22 -07:00
e03102dbcb
Clean out some unnecessarily pedantic auth stuff in favor of a simpler way of gating multicast gathers.
2019-03-14 14:29:15 -07:00
0e597191b8
Updated licenses for 2019
2019-01-14 10:25:53 -08:00
9681fedbb4
Spellcheck sweep across codebase
2018-06-07 17:25:27 -07:00
b6d97af451
Added rate gates for QOS and ACK packets
2018-06-07 15:26:18 -07:00
91a22a686a
Added auto-escalation to multipath if both peers support it. Improved QoS/ACK tracking. Related bug fixes
2018-06-01 18:03:59 -07:00
46a7a2be2e
Added VERB_ACK and VERB_QOS_MEASUREMENT, refined notion of path quality
2018-05-30 17:45:29 -07:00
6a2ba4baca
Introduced basic multipath support
2018-05-01 16:32:15 -07:00
f7019d9e80
Tie up the rest of hub and spoke designated replicator multicast mode.
2018-01-26 22:14:10 -05:00
4419734a7d
Implement continuous contacting of designated anchors and multicast replicators - GitHub issue #666
2018-01-25 07:11:59 -05:00
65c07afe05
Copyright updates for 2018.
2018-01-08 14:33:28 -08:00
