330 Commits

Author SHA1 Message Date
Adam Ierymenko
96ba1079b2
Clang-format!!! 2024-09-26 08:52:29 -04:00
Adam Ierymenko
307befa892
Rename C25519.* to ECC.* 2024-09-15 17:34:01 -04:00
Adam Ierymenko
7647c8e8d1
Rename ECC key and signature size defines to be generic. 2024-09-15 16:33:41 -04:00
Adam Ierymenko
8caede300c Add OS_ARCH to network config metadata. 2024-06-24 18:02:58 -04:00
Adam Ierymenko
1982071d46 1.14.0 version bump for Linux and macOS, date update. 2024-03-19 14:38:48 -07:00
Joseph Henry
41cb6fb0d5
Comment out debug traces in Rules Engine 2024-03-04 16:38:10 -08:00
travisladuke
bca650e1fc Printfs for rules debugging
re-uses ZT_TRACE to enable.
2024-02-29 10:41:12 -08:00
travisladuke
0bf67bf67c Fix rules engine quirks
See #2200

Mostly makes Tag based rules work as expected
2024-02-29 10:41:12 -08:00
Brenton Bostick
f03aae7a34 Fix test that was always true
Intention was to have (x >= 0 && x <= 8) but rules[rn].v.qosBucket is
unsigned (thus always >= 0)
2023-09-14 13:35:50 -04:00
Grant Limberg
00d55fc4b4
Metrics consolidation (#1997)
* Rename zt_packet_incoming -> zt_packet

Also consolidate zt_peer_packets into a single metric with tx and rx labels.  Same for ztc_tcp_data and ztc_udp_data

* Further collapse tcp & udp into metric labels for zt_data

* Fix zt_data metric description

* zt_peer_packets description fix

* Consolidate incoming/outgoing network packets to a single metric

* zt_incoming_packet_error -> zt_packet_error

* Disable peer metrics for central controllers

Can change in the future if needed, but given the traffic our controllers serve, that's going to be a *lot* of data

* Disable peer metrics for controllers pt 2
2023-05-04 11:12:55 -07:00
Grant Limberg
925599cab0
Network-metrics (#1994)
* Add a couple quick functions for converting a uint64_t network ID/node ID into std::string

* Network metrics
2023-05-03 13:43:45 -07:00
Brenton Bostick
f73e51e94c
Brenton/curly braces (#1971)
* fix formatting

* properly adjust various lines
breakup multiple statements onto multiple lines

* insert {} around if, for, etc.
2023-05-01 11:48:16 -07:00
Grant Limberg
0ae09577f6
Client & Central Controller updates to support additonal OIDC features (#1848)
Client side:
* Fix compatibility with OneLogin
* Requested scopes vary by OIDC provider. Different providers have different

Controller side:
*Update Postgres queries to latest Central schema
* Added Central Controller support for the different providers
* Base OIDC provider details are still attached to an org. Client ID & group/email lists are now associated with individual networks.
2023-01-19 15:39:15 -08:00
Adam Ierymenko
ee0a194b25
Several more SSO/OIDC related fixes, and bump version to 1.8.9. 2022-04-19 21:29:11 -04:00
Adam Ierymenko
ef08346a74
Fix a possible excessive memory use issue in controller and clean up a bunch of COM handling and other code in the normal node. 2022-04-19 19:59:54 -04:00
Joseph Henry
f9c84c8c52
Remove stray debug trace 2022-02-08 15:32:25 -08:00
Grant Limberg
d719137565
temp workaround for oidc auth dropping issue
Add a method to "kick" the refresh thread and re-post the tokens in the case where the thread is somehow still running & controller pushes out an AUTH_REQUIRED.  This situation happens in a corner case still under investigation where the controller pushes out many copies of the network config repeatedly
2022-01-20 09:44:56 -08:00
Grant Limberg
663a09b38d
oidc stuff coming across the wire properly and generating a working login URL 2021-12-01 13:01:32 -08:00
Grant Limberg
eaccce743f
moar plumbing progress 2021-12-01 12:07:05 -08:00
Grant Limberg
91e9b736dd
make service objs dependent on zeroidc 2021-11-18 10:42:12 -08:00
Grant Limberg
fa21fdc1cc
rename stuff for clarity
authenticationURL will still be used by the client for v1 and v2 of sso
2021-11-11 16:19:26 -08:00
Grant Limberg
8d39c9a861
plumbing full flow from controller -> client network 2021-11-04 15:40:08 -07:00
Adam Ierymenko
134d33c218
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring. 2021-09-20 15:40:55 -07:00
Grant Limberg
364ad87e2b
add ssoEnabled flag to network config 2021-06-05 13:44:45 -07:00
Adam Ierymenko
810e2a761f
Fix authentication URL... 2021-05-25 14:49:06 -04:00
Adam Ierymenko
6ce71c1bc3
Fix reporting of status. 2021-05-25 14:45:49 -04:00
Adam Ierymenko
b270d527f4
Basic plumbing for authentication requirement and piping through of URL information. 2021-05-24 22:58:17 -04:00
Adam Ierymenko
dc806dd718
Try pipelining tap reads on Linux for a little more speed. 2020-11-16 18:56:00 -05:00
Adam Ierymenko
06730c7d1d BSL date bump 2020-08-20 12:51:39 -07:00
Grant Limberg
c0c215c83c
single dns config per network 2020-08-12 13:08:47 -07:00
Grant Limberg
88a3c685fb
latest 2020-08-04 13:52:57 -07:00
Grant Limberg
d098a99d09
fix memory init issue
and another place where dns data needs to be copied
2020-07-31 11:42:03 -07:00
Adam Ierymenko
52a166a71f
Relicense: GPLv3 -> ZeroTier BSL 1.1 2019-08-23 09:23:39 -07:00
Adam Ierymenko
3db0197865
Add try/catch in LFDB and add introspection into multicast subscriptions in client network status API 2019-08-06 15:22:57 -05:00
Adam Ierymenko
e2900f4f3c Fix valgrind warning... not sure if it is an actual issue. 2019-06-17 15:23:52 -07:00
Adam Ierymenko
aa831dd843 More stack->heap... 2019-06-17 14:55:33 -07:00
Adam Ierymenko
2966eac64f Get rid of ZT_FAST_MEMCPY because this is not really needed. 2019-03-22 15:50:15 -07:00
Adam Ierymenko
63ec19674c . 2019-03-19 16:43:43 -07:00
Adam Ierymenko
e03102dbcb Clean out some unnecessarily pedantic auth stuff in favor of a simpler way of gating multicast gathers. 2019-03-14 14:29:15 -07:00
Joseph Henry
0e597191b8 Updated licenses for 2019 2019-01-14 10:25:53 -08:00
Joseph Henry
65b0030342 Added basic QoS rule handling 2018-07-11 16:55:13 -07:00
Joseph Henry
28cb40529d Rough draft of fq-codel implementation 2018-07-10 16:50:12 -07:00
Adam Ierymenko
c908b9f67a Add anchor and multicast hub address field to new multicast enabled ad-hoc address format. 2018-03-21 15:27:26 -07:00
Adam Ierymenko
78d9cee416 Other fixes to IPv4 ad-hoc networks. 2018-03-09 00:10:01 -08:00
Adam Ierymenko
bbdb2aa672 Some work on IPv4 enabled ad-hoc networks. 2018-03-08 23:53:57 -08:00
Adam Ierymenko
f7019d9e80 Tie up the rest of hub and spoke designated replicator multicast mode. 2018-01-26 22:14:10 -05:00
Adam Ierymenko
f03fd57997 Clean up some multicast code. 2018-01-26 20:38:44 -05:00
Adam Ierymenko
384e5b66de More work on GitHub issue #666 2018-01-25 14:16:07 -05:00
Adam Ierymenko
65c07afe05 Copyright updates for 2018. 2018-01-08 14:33:28 -08:00
Adam Ierymenko
0608704626 Some micro-optimizations, including a memcpy that is faster than Linux for most distro/compiler versions. 2017-12-15 11:03:20 -08:00