Adam Ierymenko
bcc6799902
Send member uptime in pong posts.
2017-05-01 15:23:21 -07:00
Adam Ierymenko
718e1d6c08
Finish removing constantly changing stuff from controller.
2017-05-01 13:21:26 -07:00
Adam Ierymenko
a9ce773584
Remove lastModified field in config which literally nothing uses anywhere, and prevent some unnecessary writes.
2017-04-28 19:58:21 -07:00
Adam Ierymenko
62578a2162
Reduce memory use and a bit of cleanup.
2017-04-27 19:36:03 -07:00
Adam Ierymenko
9e80db0fd1
Cleanup, fix a valgrind error, stack use reduction.
2017-04-27 00:59:36 -07:00
Adam Ierymenko
e8ab6adf89
Deadlock fix.
2017-04-26 12:17:43 -07:00
Adam Ierymenko
7c184cf991
Another performance improvement to controller.
2017-04-26 10:35:59 -07:00
Adam Ierymenko
1205578935
Big cleanup of controller code, should help performance.
2017-04-26 06:48:08 -07:00
Adam Ierymenko
4e77365e8d
Remove a little cruft.
2017-04-25 16:17:54 -07:00
Adam Ierymenko
4f2a779769
JSONDB performance improvements, threading fix.
2017-04-24 20:51:02 -07:00
Adam Ierymenko
cafbe44dde
Controller optimizations -- make locking more fine-grained, use true hardware concurrency, etc.
2017-04-24 19:16:36 -07:00
Adam Ierymenko
f4feccc626
Do not serve controller requests until init is done.
2017-04-24 09:09:04 -07:00
Adam Ierymenko
ba0d73d102
Windows build fixes.
2017-04-20 10:21:40 -07:00
Adam Ierymenko
bc61357a44
HTTP backend support for JSONDB
2017-04-18 17:37:44 -07:00
Adam Ierymenko
f6d92eb737
JSONDB fix.
2017-04-18 13:48:19 -07:00
Adam Ierymenko
b48a70db2e
Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev
2017-04-04 08:39:22 -07:00
Adam Ierymenko
cd050b3423
Performance improvement in controller.
2017-04-04 08:39:19 -07:00
Adam Ierymenko
eddbc7e757
Logic simplification, cleanup, and memory use improvements in Membership. Also fix an issue that may cause network instability in some cases.
2017-04-04 08:07:38 -07:00
Adam Ierymenko
e5284771e4
Add ping/pong to API so controller supervisor in Central can do a full-path check of controller uptime, etc.
2017-03-30 09:54:04 -07:00
Adam Ierymenko
57b5a33fbb
Fix bug preventing default from being set to null if already set to an integer.
2017-03-29 12:32:59 -07:00
Adam Ierymenko
e4896b257f
Add thread PTR that gets passed through the entire ZT core call stack and then passed to handler functions resulting from a call.
2017-03-27 17:03:17 -07:00
Adam Ierymenko
6bb19e7947
build fix
2017-03-21 09:08:32 -07:00
Adam Ierymenko
5268909075
Add a facility for full flow-through uptime test of controller by Central.
2017-03-21 06:31:15 -07:00
Adam Ierymenko
c62141fd98
Make controller do a simple write-through cache without revalidating. Means you must restart if files change on disk, but will decrease I/O considerably.
2017-03-21 06:15:49 -07:00
Adam Ierymenko
4f3f471b4c
GitHub issue #460
2017-03-17 18:19:51 -07:00
Adam Ierymenko
8f592ff6e8
Controller performance tweaks.
2017-03-13 13:58:29 -07:00
Adam Ierymenko
37629aaf87
Use cache on requests to decrease DB load.
2017-03-13 12:22:06 -07:00
Adam Ierymenko
7ea7e1898a
Fix a bug that could cause duplicate IP address assignment on networks if many new members join the controller at once.
2017-03-06 16:21:49 -08:00
Adam Ierymenko
5e6a4e5f5e
Send revocations automatically on deauth for instant kill, also fix some issues with the RP.
2017-03-06 15:12:28 -08:00
Adam Ierymenko
66dfc33de9
Fix circuit test post in controller.
2017-03-06 11:23:46 -08:00
Adam Ierymenko
a109d341ef
Send timestamp with new circuit test response.
2017-03-02 14:35:38 -08:00
Adam Ierymenko
a577b8d381
Update how controller handles circuit tests -- save results to filesystem.
2017-03-01 16:33:34 -08:00
Adam Ierymenko
2b10a982e9
Match on tag sender equals or tag recipient equals.
2017-02-28 09:22:10 -08:00
Adam Ierymenko
10185e92fa
Certificate of ownership -- used to secure against IP address spoofing, especially for IPv4 and regular IPv6.
2017-02-23 11:47:36 -08:00
Adam Ierymenko
54fa73844c
Fix crash.
2017-02-21 13:48:29 -08:00
Adam Ierymenko
32f5a0ab18
Add default tag values and default set capabilities for new members.
2017-02-21 13:27:20 -08:00
Adam Ierymenko
672f17c6e9
Add a mask and value range to the IP tos rule field. This allows TOS to be matched more usefully. This will break anyone using tos in the beta, but nobody seems to be and its pre-release so now is the time.
2017-02-07 09:33:39 -08:00
Adam Ierymenko
ac3e883c05
One more place to add "break".
2017-02-06 14:07:30 -08:00
Adam Ierymenko
31db768e4d
A bit of code cleanup.
2017-02-04 00:23:31 -08:00
Adam Ierymenko
fd460d93c4
docs
2017-01-19 10:53:44 -08:00
Adam Ierymenko
e9007b1f56
NodeJS migration script for old Sqlite controller.db to new controller data format.
2017-01-19 10:44:26 -08:00
Adam Ierymenko
d150f9b2bd
Windows update build in Advanced Installer, and warning removal.
2017-01-13 15:19:59 -08:00
Adam Ierymenko
a064e19b8a
Refactor some JSON stuff for performance, and fix a build error.
2017-01-10 13:51:10 -08:00
Adam Ierymenko
bf2b9e3692
Auto-authorize new members on public networks properly.
2016-12-22 18:52:34 -08:00
Adam Ierymenko
0d066e3b08
Fix JSON parse bug in REDIRECT target.
2016-12-22 18:26:43 -08:00
Adam Ierymenko
fe530548bb
Fix MATCH_RANDOM in controller.
2016-12-22 16:57:45 -08:00
Adam Ierymenko
a54c2b438c
Basic support for streaming of changes via stdout from controller.
2016-12-15 15:08:47 -08:00
Adam Ierymenko
ccdd4ffda7
Move split() to OSUtils since it is not used in core.
2016-11-18 15:49:28 -08:00
Adam Ierymenko
25f9c294dc
Small bug fix and warning removal.
2016-11-18 13:01:45 -08:00
Adam Ierymenko
07b2a3818c
Fix TTL scaling in cert.
2016-11-15 14:26:05 -08:00
Adam Ierymenko
15c6e2ec70
Fix member deauthorization time threshold bug.
2016-11-15 14:06:25 -08:00
Adam Ierymenko
e26bee45fb
Multithreading in network controller. Threads are only started if controller is used.
2016-11-10 13:57:01 -08:00
Adam Ierymenko
1b10d3413a
Use circuit breaker only for requests.
2016-11-10 13:08:43 -08:00
Adam Ierymenko
f0fcd222a1
Actually push updates when things change.
2016-11-10 12:54:43 -08:00
Adam Ierymenko
298e4a9f14
Also avoid sending tags and caps to old members since there is no point.
2016-11-10 12:33:09 -08:00
Adam Ierymenko
226123ca08
Refactor controller to permit sending of pushes as well as just replies to config requests.
2016-11-10 11:54:47 -08:00
Adam Ierymenko
5ebf5077f5
Log last meta-data in controller, and ease up just a bit on keepalives.
2016-11-09 17:11:10 -08:00
Adam Ierymenko
eea712a1ae
Field in wrong place fixed.
2016-11-09 13:26:14 -08:00
Adam Ierymenko
1ebfca666d
Memo-ize some computed stuff to control CPU utilization.
2016-11-09 12:34:20 -08:00
Adam Ierymenko
3d948a930e
Send a blanket rule to old versions. New versions will still bidirecitonally enforce on the inbound side.
2016-11-08 14:24:30 -08:00
Adam Ierymenko
4524899e4d
Update LM time on members on request.
2016-11-08 12:41:27 -08:00
Adam Ierymenko
360c84e035
Minor fixes.
2016-11-08 00:05:18 +00:00
Adam Ierymenko
4868d21526
Bug fixes in controller refactor.
2016-11-07 23:49:03 +00:00
Adam Ierymenko
5f63d5039b
Bug fixes, self test of JSONDB disabled by default.
2016-11-07 14:01:23 -08:00
Adam Ierymenko
a454a37a6e
Self test JSONDB.
2016-11-07 13:27:17 -08:00
Adam Ierymenko
a78d7311a6
Fix network list API call.
2016-11-04 16:23:41 -07:00
Adam Ierymenko
08ff666e99
.
2016-11-04 16:14:58 -07:00
Adam Ierymenko
0d108d37f6
.
2016-11-04 16:12:44 -07:00
Adam Ierymenko
cae9041c2a
.
2016-11-04 15:52:01 -07:00
Adam Ierymenko
330a07a554
cleanup
2016-11-04 15:48:23 -07:00
Adam Ierymenko
7729cbe313
Fix ambiguous error on some compilers.
2016-11-04 15:34:49 -07:00
Adam Ierymenko
b03c7b2f30
Refactor controller to use split-out DB for better performance and less ugly.
2016-11-04 15:18:31 -07:00
Adam Ierymenko
3c00cd0f88
Separate out JSON store from controller code.
2016-11-03 14:17:46 -07:00
Grant Limberg
8ffae313fd
add new files & remove old ones from VS project. Now builds & runs on Windows again
2016-11-03 12:10:50 -07:00
Adam Ierymenko
2cb760e0ac
Fix ICMP json.
2016-10-13 14:14:46 -07:00
Adam Ierymenko
2d6a4e5974
cleanup
2016-10-13 13:52:45 -07:00
Adam Ierymenko
e2509af163
Fix bug in default rules init in new networks.
2016-10-12 12:30:32 -07:00
Adam Ierymenko
e53f63ca87
Broke down and added an OR to the rules engine. It is now possible to have a series of MATCHes that are ORed.
2016-10-11 12:00:16 -07:00
Adam Ierymenko
45c4ccb153
Add a tags both equal match.
2016-10-05 16:38:42 -07:00
Adam Ierymenko
adeb7e7da0
Make capability flags match more user-friendly and appropriate since "match any flag" is generally what we want.
2016-10-05 12:54:46 -07:00
Adam Ierymenko
988049f39b
Add new rule to rules engine: random match.
2016-09-30 14:07:00 -07:00
Adam Ierymenko
f0794e09b7
Controller cleanup.
2016-09-30 13:04:26 -07:00
Adam Ierymenko
1eeebba2f7
Drop old /active path from network.
2016-09-29 17:59:27 -07:00
Adam Ierymenko
2fc3d12fb6
Minor tweaks to member code in controller, and fix Linux build.
2016-09-29 14:48:39 -07:00
Adam Ierymenko
7e4b6b594b
It now builds.
2016-09-26 17:05:39 -07:00
Adam Ierymenko
1f74dd4589
Revocation work in progress, add WATCH which is TEE with implicit rate sync (thanks JG@DCVC!), and clean up some cruft in Network.
2016-09-23 16:08:38 -07:00
Adam Ierymenko
68e549233d
Revise bearer token code in controller, and add relay policy as a meta-data item presented to controller by nodes (to facilitate future meshiness).
2016-09-15 13:17:37 -07:00
Adam Ierymenko
ab9afbc749
(1) Public networks now get COMs even though they do not gate with them since they will need them to push auth for multicast stuff, (2) added a bunch of rate limit circuit breakers for anti-DOS, (3) cleanup.
2016-09-09 11:36:10 -07:00
Adam Ierymenko
0d4109a9f1
More refactoring to clean up code, and add a gate function to make sure we do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions.
2016-09-09 08:43:58 -07:00
Adam Ierymenko
c9ee8612e4
Credential TTL (tags/capabilities) should be credential time max delta, since we could get pushed one that is newer.
2016-09-07 12:12:52 -07:00
Adam Ierymenko
74afef8eb1
Think through and refine a few things in rules, especially edge case TEE and REDIRECT behavior and semantics.
2016-08-31 16:50:22 -07:00
Adam Ierymenko
54489a7f61
rename SAMENESS to DIFFERENCE which is less confusing
2016-08-31 14:14:58 -07:00
Adam Ierymenko
8e3004591b
Add overlooked MATCH_ICMP to rule set.
2016-08-31 14:01:15 -07:00
Adam Ierymenko
7a00036954
Tweak log length to fit JSON for members within two 4096-kb blocks.
2016-08-29 18:10:02 -07:00
Adam Ierymenko
914c42537c
Type fixes.
2016-08-29 17:48:36 -07:00
Adam Ierymenko
77c2bf3ad9
Kill dead field from network JSON.
2016-08-29 14:47:19 -07:00
Adam Ierymenko
297b1b4258
Another tiny API bug fix.
2016-08-26 14:16:55 -07:00
Adam Ierymenko
35ac995d05
Fix setting of v6AssignMode in controller.
2016-08-26 14:04:27 -07:00
Adam Ierymenko
ded5a53a6c
Documentation updates, add rules engine revision to network config request meta-data.
2016-08-26 10:38:43 -07:00
Adam Ierymenko
d637988ccf
Fix chicken or egg problem in tags, and better filter debug instrumentation.
2016-08-25 18:21:20 -07:00
Adam Ierymenko
858e8c5217
one more...
2016-08-25 16:28:54 -07:00
Adam Ierymenko
df1ce856c9
A little bit more controller code cleanup.
2016-08-25 16:25:28 -07:00
Adam Ierymenko
b5e0d014ab
Controller bug fixes
2016-08-25 16:08:40 -07:00
Adam Ierymenko
5eaf397a94
Add a debug log feature in the filter, which only works if enabled in Network.cpp.
2016-08-25 13:31:23 -07:00
Adam Ierymenko
1814016eb7
Add daemon thread to controller and move network member cache refreshes there.
2016-08-25 11:26:45 -07:00
Adam Ierymenko
6ecb42b031
docs and null check in controller code
2016-08-25 10:46:03 -07:00
Adam Ierymenko
60bc291414
Add noAutoAssignIps for member of networks.
2016-08-24 17:05:43 -07:00
Adam Ierymenko
ccea3d04d6
Push NETWORK_CONFIG_REFRESH on POSTs to /member/... in controller.
2016-08-24 14:28:16 -07:00
Adam Ierymenko
8e3463d47a
Add length limit to TEE and REDIRECT, and completely factor out old C json-parser to eliminate a dependency.
2016-08-24 13:37:57 -07:00
Adam Ierymenko
8d594f8b53
cleanup
2016-08-23 16:05:10 -07:00
Adam Ierymenko
5f4df0c6a9
Controller cleanup and perf improvements.
2016-08-23 15:30:36 -07:00
Adam Ierymenko
32fa061700
Compute credential TTL et al.
2016-08-23 13:02:59 -07:00
Adam Ierymenko
9a3c652a51
Get rid of expiration in Capability and Tag and move this to NetworkConfig so it can be set network-wide and reset if needed. Also add NetworkConfig field for this and centralize checking of credential time validity.
2016-08-22 18:06:46 -07:00
Adam Ierymenko
b0d888d235
Signing of Capability and Tag objects.
2016-08-22 14:25:59 -07:00
Adam Ierymenko
4dce71879f
.
2016-08-18 18:18:50 -07:00
Adam Ierymenko
212a5af9a5
Capabilities and tags in POST JSON.
2016-08-18 14:37:56 -07:00
Adam Ierymenko
1cadbfb4d1
Little fixes.
2016-08-18 13:47:02 -07:00
Adam Ierymenko
f119c4a456
Cache network members for performance, add network non-persisted fields.
2016-08-18 12:59:48 -07:00
Adam Ierymenko
faa9a06bf5
Controller fixes...
2016-08-17 17:37:37 -07:00
Adam Ierymenko
b7ebf6edbf
Cleanup and log how member was authorized.
2016-08-17 13:54:32 -07:00
Adam Ierymenko
b72847d504
Finally implement network join auth tokens, at least at the protocol level.
2016-08-17 13:41:45 -07:00
Adam Ierymenko
168b86fdcd
Controller docs and API fix.
2016-08-17 12:27:07 -07:00
Adam Ierymenko
a13f4d8353
We now always build the controller in ZeroTier One, at least for desktop and server targets. Also means that ZeroTier One now requires C++11. (Still keeping C++11 out of the core in node/ though.)
2016-08-17 10:42:32 -07:00
Adam Ierymenko
cc808cc2dd
Rules parsing stuff.
2016-08-17 10:25:25 -07:00
Adam Ierymenko
ce001198d8
.
2016-08-16 16:57:45 -07:00
Adam Ierymenko
c0639ccd37
Just about ready to test.
2016-08-16 16:46:08 -07:00
Adam Ierymenko
58701c1ca8
.
2016-08-16 14:08:08 -07:00
Adam Ierymenko
b08ca49580
More controller work -- it builds!
2016-08-16 14:05:17 -07:00
Adam Ierymenko
bd15262e54
Bunch of rule JSON stuff.
2016-08-15 18:49:50 -07:00
Adam Ierymenko
3cb2e1197f
.
2016-08-12 15:32:45 -07:00
Adam Ierymenko
c30f74987f
Starting refactor of controller...
2016-08-12 11:30:27 -07:00
Adam Ierymenko
22e44c762b
More rules engine work: key/value pair matching for microsegmentation.
2016-07-28 10:58:10 -07:00
Adam Ierymenko
0e2964261f
docs
2016-07-08 13:42:04 -07:00
Adam Ierymenko
ffe7d8d024
docs
2016-07-08 13:40:21 -07:00
Adam Ierymenko
c01ebbcbde
docs
2016-07-08 13:38:47 -07:00
Adam Ierymenko
a6e5914aa7
docs
2016-07-08 13:37:51 -07:00
Adam Ierymenko
6d8de214eb
Docs and controller API version
2016-07-08 13:10:02 -07:00
Adam Ierymenko
2d7c58540f
v6AssignMode bug fix
2016-07-07 17:05:12 -07:00
Adam Ierymenko
951038a304
Ignore /bits in IP assignments and just copy it from the corresponding LAN-local route. Having each managed IP assignment have its own bits field was just a source of user error and poor UX and was completely worthless.
2016-07-07 16:28:43 -07:00
Adam Ierymenko
b9329dc49a
Fix to IPv6 picking for small ranges.
2016-07-07 15:55:40 -07:00
Adam Ierymenko
6e08e1ae97
A few controller changes: (1) assign managed IPs that are assigned regardless of "assign mode" which now only controls auto-assignment or special addressing, (2) support proper issuing of managed IPv6 IPs, (3) support IPv6 auto-assign ranges
2016-07-07 15:42:10 -07:00
Adam Ierymenko
dd1d2b4d00
GitHub issue #343 -- fix authorizedMemberCount
2016-07-07 14:49:54 -07:00
Adam Ierymenko
030dfde38e
Unused printf removal while we are at it.
2016-06-29 18:14:49 -07:00
Adam Ierymenko
bb63646682
Fix broken SQL in controller.
2016-06-29 11:37:28 -07:00
Adam Ierymenko
d9eacd1616
Controller fixes...
2016-06-29 17:02:03 +00:00
Adam Ierymenko
0410fd4824
Refactor recent member request history to fix performance problem in controller.
2016-06-28 12:44:47 -07:00
Adam Ierymenko
12037961ff
small perf improvement in sqlite db.
2016-06-27 18:48:02 -07:00
Adam Ierymenko
8c572dead1
Query optimization.
2016-06-27 18:28:18 -07:00
Adam Ierymenko
3ddfebe742
dead code removal
2016-06-27 17:15:39 -07:00
Adam Ierymenko
972bbb7e06
Allow further concurrency on network controller.
2016-06-27 17:14:47 -07:00
Adam Ierymenko
3740b83f63
Don't back up sqlite db if it hasn't changed to prevent constant thrashing on inactive controllers.
2016-06-24 06:53:23 -07:00
Adam Ierymenko
90cdef8400
Forgot NDP emulation flag.
2016-06-24 06:43:23 -07:00
Adam Ierymenko
ee649ae69a
Add 6plane assignment support to network controller, and cleanup.
2016-06-24 06:40:50 -07:00
Adam Ierymenko
20d155e630
.
2016-06-24 05:21:25 -07:00
Adam Ierymenko
b2d048aa0e
Make Dictionary templatable so it can be used where we want a higher capacity.
2016-06-21 07:32:58 -07:00
Adam Ierymenko
37afa876a7
Linux bug fixes, small controller fix.
2016-06-17 00:21:58 +00:00
Adam Ierymenko
20d4dada40
Refactor controller for new merged format.
2016-06-16 16:05:57 -07:00
Adam Ierymenko
769351b30f
Fix to routes config in controller API.
2016-06-13 15:58:00 -07:00
Adam Ierymenko
734cbb2f1e
Controller modifications for default route are ready to test. Will require slight changes in ZeroTier Central when it goes live.
2016-06-10 15:58:35 -07:00
Adam Ierymenko
acbe8ad398
More controller work, and some RedHat fixes.
2016-06-10 08:26:27 -07:00
Adam Ierymenko
9898066b47
Remove some deprecated stuff in controller -- not done yet.
2016-06-09 11:02:42 -07:00
Adam Ierymenko
7e68791bee
Fix include for system json-parser.
2016-06-08 12:57:22 -07:00
Adam Ierymenko
683254a0db
Don't bother signing if we are not using the legacy netconf.
2016-06-07 11:17:38 -07:00
Adam Ierymenko
2885aea65c
Only send new format netconf for PV>=6
2016-06-07 11:13:18 -07:00
Adam Ierymenko
7ee3743c3d
Refactor controller to send both old and new format netconf.
2016-05-11 08:49:15 -07:00
Adam Ierymenko
8b9519f0af
Simplify a bunch of NetworkConfig stuff by eliminating accessors, also makes network controller easier to refactor.
2016-05-06 16:13:11 -07:00
Adam Ierymenko
2b3e1d5c10
Ignore IP assignment pool ranges that begin with 0.0.0.0 or that contain no IPs.
2016-03-24 13:34:01 -07:00
Adam Ierymenko
2c328d61ad
Do not auto-assign IP addresses on bridges. IPs can still be assigned manually.
2016-03-24 13:32:01 -07:00
Adam Ierymenko
9f31cbd8b8
Make /network/???/active return more info.
2016-03-17 13:05:51 -07:00
Adam Ierymenko
9b59bcd995
Clean controller circuit test memory.
2016-02-22 15:48:27 -08:00
Adam Ierymenko
69a438d64d
Small tweak to active threshold.
2016-02-19 09:10:31 -08:00
Adam Ierymenko
10bb9919f1
Tweak certificate of membership revision/time tolerance to eliminate boundary packet loss issues occasionally seen in the wild.
2016-02-10 09:32:42 -08:00
Adam Ierymenko
69b1da2e1d
return 200 instead of 404 when test is fetched
2016-02-04 16:27:25 -08:00
Adam Ierymenko
dc3d899e70
Return test ID when we post a test.
2016-02-04 16:09:26 -08:00
Adam Ierymenko
78c1d9006a
flood protection fix
2016-02-04 14:39:43 -08:00
Adam Ierymenko
5dad73647d
Lengthen backup period again
2016-02-04 14:22:54 -08:00
Adam Ierymenko
13b39a0c3e
SQLite perf tuning
2016-02-04 14:03:37 -08:00
Adam Ierymenko
90801a94d3
Track client version and tell whether active nodes support circuit test.
2016-02-04 13:38:42 -08:00
Adam Ierymenko
fab6f4450d
/active subpath off networks
2016-02-04 12:17:55 -08:00
Adam Ierymenko
2e04dc03f2
Logging to NodeHistory, SQL queries.
2016-02-03 18:10:56 -08:00
Adam Ierymenko
f8eb6b0067
Add NodeHistory table on sqlite controller.
2016-02-03 13:56:35 -08:00
Adam Ierymenko
9cb4bbe2b8
Save test results for circuit tests in memory and then cancel the test and send the results when the test is queried later. This way you can POST a test and then come GET the result at the appointed time.
2016-01-26 12:42:44 -08:00
Ren Jie
21656ba015
Update controller README.md
...
Sync make parameter with code.
2016-01-12 22:51:08 +08:00
Adam Ierymenko
436c1fac1d
Selectively move over changes from "edge" to "dev" excluding netcon.
2015-12-21 16:15:39 -08:00
Adam Ierymenko
523412edfb
Abort backup in progress if thread is told to shut down.
2015-11-03 16:03:00 -08:00
Adam Ierymenko
f7a407ffa0
Tweak timings and use lock in backup to make it a bit faster and still permit main thread to work.
2015-11-03 15:56:24 -08:00
Adam Ierymenko
7903f24a8f
Create periodic backup copies of controller.db in network controller from the main process itself to facilitate easier and safer backups of controller.db.
2015-11-03 15:52:10 -08:00
Adam Ierymenko
eff1fe3c61
Create files for each hop (more convenient) and fix a packet parse bug.
2015-10-09 16:22:34 -07:00
Adam Ierymenko
7d01fab132
Reorg fields to be in same order as FS scheme.
2015-10-09 15:18:01 -07:00
Adam Ierymenko
aec13b50fd
Be a bit more verbose in circuit test reports to more clearly track current and upstream hop in graph traversal history.
2015-10-09 15:05:26 -07:00
Adam Ierymenko
a95fa379cc
Circuit tests basically work but need some tweaks, and fix some issues found with valgrind.
2015-10-09 14:51:38 -07:00
Adam Ierymenko
6b5bb0b278
Eliminate format string warnings.
2015-10-09 12:22:13 -07:00
Adam Ierymenko
59da8b2a4b
Logging of circuit test results to disk.
2015-10-08 15:44:06 -07:00
Adam Ierymenko
a3876353ca
Abiltiy to post a test via the controller web API, and parsing of CIRCUIT_TEST_REPORT messages.
2015-10-08 13:25:38 -07:00
Adam Ierymenko
7394ec6f6a
Prep in controller code to run tests.
2015-10-06 15:56:18 -07:00
Adam Ierymenko
a7bd1eaa40
Never assign v4 IPs ending in .255 even within range.
2015-09-28 15:28:30 -07:00
Adam Ierymenko
ddf3d1f949
Controller side support for IPv6 assignment.
2015-09-18 13:35:00 -07:00
Adam Ierymenko
610ab0750c
Drop Sqlite-based Log table for now and switch to an in-memory log for recent activity. Log table gets too big on busy nodes. Should probably support push of events to some kind of event system later.
2015-09-15 10:59:23 -07:00
Adam Ierymenko
ef316ced3b
Fix JSON.
2015-09-14 11:59:43 -07:00
Adam Ierymenko
cd005341c5
Extra statement to clean up Members -- cascade did not seem to work, possibly due to dual key.
2015-09-11 15:02:26 -07:00
Adam Ierymenko
a35fa7ac93
Add expansion of netconf in _test field.
2015-09-10 15:14:10 -07:00
Adam Ierymenko
bebe3d7cfa
Fix deadlock in test mode.
2015-09-10 14:47:04 -07:00
Adam Ierymenko
1f7a41cff8
Fix to allowing identity to be populated if not present.
2015-09-10 14:37:34 -07:00
Adam Ierymenko
4fbcad2468
Allow identity to be populated for newly inserted Member objects to permit transfer from old network controller and testing.
2015-09-08 13:02:42 -07:00
Adam Ierymenko
0d386f1c31
Add a bit of useful testing instrumentation to SqliteNetworkController.
2015-09-08 11:35:55 -07:00
Adam Ierymenko
2aa1b5d9b7
Add clock helper field to both member and network to permit time duration calculation easily.
2015-08-24 12:44:07 -07:00
Adam Ierymenko
9a5be0a092
typo
2015-08-24 11:24:33 -07:00
Adam Ierymenko
4da794b389
Add authorizedMemberCount to controller network config records.
2015-08-19 11:43:56 -07:00
Adam Ierymenko
0a5429cab0
Lookup of member must be a left outer join in case the member is being manually inserted before we see the node.
2015-08-17 21:08:02 +00:00
Adam Ierymenko
fcc5bf1e66
Go ahead and spec out controller DB support for AuthToken -- GitHub issue #211 -- even though full implementation won't make it into 1.0.4.
2015-07-29 15:09:23 -07:00
Adam Ierymenko
d57ea671d7
Add version to log.
2015-07-24 09:59:17 -07:00
Adam Ierymenko
d647a587a1
(1) Fix updating of network revision counter on member change.
...
(2) Go back to timestamp as certificate revision number. This is simpler
and more robust than using the network revision number for this and
forcing network revision fast-forward, which could cause some peers
to fall off the horizon when you don't want them to.
2015-07-23 17:18:20 -07:00
Adam Ierymenko
b3516c599b
Add a rate limiting circuit breaker to the network controller to prevent flooding attacks and race conditions.
2015-07-23 10:10:17 -07:00
Adam Ierymenko
3ba54c7e35
Eliminate some poorly thought out optimizations from the netconf/controller interaction,
...
and go ahead and bump version to 1.0.4.
For a while in 1.0.3 -dev I was trying to optimize out repeated network controller
requests by using a ratcheting mechanism. If the client received a network config
that was indeed different from the one it had, it would respond by instantlly
requesting it again.
Not sure what I was thinking. It's fundamentally unsafe to respond to a message
with another message of the same type -- it risks a race condition. In this case
that's exactly what could happen.
It just isn't worth the added complexity to avoid a tiny, tiny amount of network
overhead, so I've taken this whole path out.
A few extra bytes every two minutes isn't worth fretting about, but as I recall
the reason for this optimization was to save CPU on the controller. This can be
achieved by just caching responses in memory *there* and serving those same
responses back out if they haven't changed.
I think I developed that 'ratcheting' stuff before I went full time on this. It's
hard to develop stuff like this without hours of sustained focus.
2015-07-23 09:50:10 -07:00
Adam Ierymenko
e2a2993b18
Add a Log table to log queries for debugging and security logging. No JSON API support for querying the log yet, but will probably come via /network/###/member/###/log/... or something.
2015-07-22 14:01:49 -07:00
Kees Bos
53c7f61f98
Fix for output of empty (no members) network
2015-07-05 13:27:27 +02:00
Adam Ierymenko
7c761dea72
Fix to member listing: I wanted an object with member IDs as keys and member revisions as values, not an array.
2015-07-21 14:12:22 -07:00
Adam Ierymenko
3f8a5b8b76
List members in the form of a hash of member ID and member revision so code can quickly detect which members have changed.
2015-07-21 13:38:59 -07:00
Adam Ierymenko
a061aa3d87
Remove "members" from Network record and instead enumerate members via specific query to /network/nwid/member sub-path. More RESTful, scalable, and compatible with how OnePoint code works.
2015-07-21 12:57:01 -07:00
Adam Ierymenko
b343eac10d
Fix IP auto-assign bug due to missing subnet routes.
2015-07-21 12:42:43 -07:00
Adam Ierymenko
649a12472b
Report controllerInstanceId in all objects so that controller resets can be easily detected by whatever is using the service.
2015-07-21 10:39:29 -07:00
Adam Ierymenko
cac6be87ba
Fix bug in rules JSON output.
2015-07-20 16:31:37 -07:00
Adam Ierymenko
38d34a7495
Proper handling of NULL entry for etherType in rules table.
2015-07-20 15:11:53 -07:00
Adam Ierymenko
fb4c3dd8d4
Fix string overwrite bug.
2015-07-20 14:31:33 -07:00
Adam Ierymenko
1ffd67e014
Get rid of false foreign key in Relay.
2015-07-20 14:28:30 -07:00
Adam Ierymenko
bca8886ff8
IP assignment pool range bug fix.
2015-07-17 15:09:28 -07:00
Adam Ierymenko
1f7bb67069
Fix some SQL and make instanceId more robustly random.
2015-07-17 13:09:53 -07:00
Adam Ierymenko
712e2785f2
Fix bad JSON in response.
2015-07-17 12:24:42 -07:00
Adam Ierymenko
5515909c1e
Add a concept of an "instanceId" to the controller, which the OnePoint can use to determine whether it is the same running database instance it already knows.
2015-07-17 10:47:21 -07:00
Adam Ierymenko
0db7c94c90
Add memberRevision stuff to JSON output, and update docs.
2015-07-16 17:42:47 -07:00
Adam Ierymenko
99969b186b
Add a concept of a member revision counter to networks. This can be used to select all members that have been added or changed since a given point.
2015-07-16 17:34:03 -07:00
Adam Ierymenko
f9f7de0ec7
Networks don't need their ID as a default name.
2015-07-14 15:54:56 -07:00
Adam Ierymenko
d27c14af48
Don't allow zero as a network number.
2015-07-14 12:32:57 -07:00
Adam Ierymenko
30e4a188d0
ipLocalRoutes now exposed via network objects in JSON controller API, and documentation changes.
2015-06-29 15:34:26 -07:00
Adam Ierymenko
5c9411a671
Untested -- modifications to support IP ranges instead of ip/mask for IP assignment pools, also add portId to Rule for future use.
2015-06-29 14:52:09 -07:00
Adam Ierymenko
48a2ad032a
(1) Both nodeId and portId in Rule can be NULL, (2) remove on delete cascade since rules should never mysteriously disappear from the rules table. If it let you delete a node with rules, that would be a UI or cleanup function bug.
2015-06-29 10:47:47 -07:00
Adam Ierymenko
f05e62deae
DB schema changes: separate portId in rules, ranges in IP assignment pools. (No code changes yet so code is broken.)
2015-06-29 10:40:31 -07:00
Adam Ierymenko
dbee1b38b3
Fix semantics of std::unique() to actually remove duplicates (hidden memory leak?)
2015-06-29 10:21:28 -07:00
Kees Bos
3eca5d9c29
Fix reporting of ipAssignments for ipv4
2015-06-26 07:22:30 +02:00
Adam Ierymenko
57c7992c78
GitHub issue #191 - kill intra-network multicast rate limits (which were not well supported or easily configurable anyway) -- this is really left over from the old collaborative multicast propagation algorithm. New algorithm (in for a while) has been sender-side replication in which sender "pays" all bandwidth, which intrinsically limits multicast.
2015-06-26 12:36:45 -07:00
Kees Bos
50d4f66d73
Fixed member authorization bug and minor cleanup
2015-06-19 21:19:42 +02:00
Kees Bos
16eae132fa
Fix for ipv4 assignment
2015-06-18 19:14:52 +02:00
Kees Bos
4affa10ca0
Fix 404 on creation of new network
2015-06-15 10:29:12 +02:00
Kees Bos
2e1d363a86
Removed a superfluous cross join
2015-06-15 03:19:25 +02:00
Kees Bos
1cbdae65fe
Fix controller/network/*/member/*
...
Cross join works other than expected or something changed. The
_sGetMember2 returned too many rows. Replaced it with an explicit
join statement.
2015-06-15 03:19:25 +02:00
Kees Bos
dcbae5f313
Bugfix controller get member info
2015-06-15 03:19:25 +02:00
Adam Ierymenko
96a58becf8
Gateways support in network controller schema and database (not implemented yet in client) toward GitHub issue #178
2015-06-13 11:34:31 +02:00
Adam Ierymenko
8a9715f183
Rename ruleId to ruleNo and optimize some indexes in Sqlite3 schema.
2015-06-13 10:05:34 +02:00
Kees Bos
7a55c6b388
Return 404 on delete if network member is missing (controller)
2015-06-11 12:20:52 +02:00
Kees Bos
c2ce018202
Return 404 on delete if network doesn't exist (controller)
2015-06-11 12:10:25 +02:00
Kees Bos
0d0af07ce9
Get deletion of networks in controller going
...
Multiple statements in a sqlite3_prepare_v2 is not usable. Only
the first statement will be executed.
Since the schema now uses 'ON DELETE CASCADE', there's only
one statement needed.
If multiple statements are needed, there should be either multiple
sqlite3_prepare_v2 calls be used or the sqlite3_exec function.
2015-06-11 11:49:13 +02:00
Kees Bos
de697a1c45
Change schema to enforce foreing keys
...
The foreign keys have 'ON DELETE CASCADE' to simplify the removal
of networks etc. (controller code)
Some unique constraints are replaced with a multi column primary
key.
To update an existing database:
* install updated binaries
* stop service
* sqlite3 controller.db .dump | \
egrep '((^PRAGMA)|(^BEGIN)|(^INSERT)|(^COMMIT))' | \
grep -v 'schemaVersion' > data.sql
* mv controller.db controller.db.backup
* start service
* stop service
* sqlite3 controller.db < data.sql
* start service
2015-06-11 11:35:25 +02:00
Adam Ierymenko
d8ad555b9a
Go ahead and add flags and invFlags to the Rule table.
2015-05-25 13:20:10 -07:00
Adam Ierymenko
d41b6eb0c8
docs
2015-05-17 10:14:12 -07:00
Adam Ierymenko
651e67f2e5
Add a feature to generate a new network ID on POST.
2015-05-17 09:36:35 -07:00
Adam Ierymenko
69ceb7e730
Basic controller JSON API seems to be working.
2015-05-16 17:12:29 -07:00
Adam Ierymenko
cf51961d52
.
2015-05-16 16:32:13 -07:00
Adam Ierymenko
c9fd8de007
.
2015-05-16 16:22:38 -07:00
Adam Ierymenko
a187d290f1
Fixes to control plane, API, eliminate problematic inheritance pattern, and start on a NodeJS class for talking to the network controller.
2015-05-16 16:09:28 -07:00
Adam Ierymenko
4be4908914
Fix some prepared statement problems.
2015-05-16 14:34:51 -07:00
Adam Ierymenko
0bb92715f4
DELETE function in network controller JSON API, and a newIdentity convenience request in ControlPlane for scripted testing.
2015-05-16 13:42:53 -07:00
Adam Ierymenko
78769900a9
More network controller cleanup, and some features to permit scripted testing.
2015-05-16 12:50:42 -07:00
Adam Ierymenko
65a9a9a6f2
typo
2015-05-15 15:30:44 -07:00
Adam Ierymenko
e269846f84
Netconf docs, add clock field to status, simplify netconf a bit by eliminating caching for now. We will re-add if it is needed.
2015-05-15 15:20:12 -07:00
Adam Ierymenko
6d2376eb9c
Controller API status message.
2015-05-15 09:41:45 -07:00
Adam Ierymenko
f693d4d0c8
Network controller cleanup and an extra sanity check.
2015-05-15 09:32:10 -07:00
Adam Ierymenko
883a216d2a
Build fixes.
2015-04-24 12:29:31 -07:00
Adam Ierymenko
5202fbdaf3
CRUD
2015-04-22 18:06:26 -07:00
Adam Ierymenko
103dcb072d
CRUD
2015-04-21 19:49:04 -07:00
Adam Ierymenko
79f63ba30a
Fix: make sure we do not assign broadcast address as an IP to new members.
2015-04-21 18:37:17 -07:00
Adam Ierymenko
71f006cbeb
More CRUD, almost done...
2015-04-21 18:08:33 -07:00
Adam Ierymenko
e4046964f0
Forgot to run schema2c.
2015-04-21 16:50:02 -07:00
Adam Ierymenko
ddebe2d4c7
Network controller CRUD... :P
2015-04-21 16:41:35 -07:00
Adam Ierymenko
ed107c4daf
Network preferred relay stuff in netconf controller.
2015-04-20 17:47:12 -07:00
Adam Ierymenko
69076f8a45
Add per-network relay stuff to sqlite table schema.
2015-04-20 15:46:20 -07:00
Adam Ierymenko
740121504f
Add a timestamp to netconf cache, fix some SQL queries in NC.
2015-04-17 15:21:53 -07:00
Adam Ierymenko
91ca238163
Compile fixes.
2015-04-15 18:47:38 -07:00
Adam Ierymenko
ea1859541c
More cleanup, and fix for the extremely unlikely case of identity collision.
2015-04-15 18:32:25 -07:00
Adam Ierymenko
6369c264e2
Rename netconf to controller and NetworkConfigMaster to NetworkController for consistency.
2015-04-15 15:12:09 -07:00