Commit Graph

76 Commits

Author SHA1 Message Date
Adam Ierymenko
96e9a90e8e docs 2015-01-05 16:19:56 -08:00
Adam Ierymenko
87c599df5c Back out service message type -- YAGNI violation. 2015-01-05 15:52:02 -08:00
Adam Ierymenko
56cfe1d603 Strip out old Service code, add new service message type. 2015-01-05 11:47:22 -08:00
Adam Ierymenko
5484cf4309 More cleanup, and fix a bug in Multicaster::gather() 2014-10-29 16:24:19 -07:00
Adam Ierymenko
5bb854e504 Fix a nasty bug introduced in packet fragmentation a while back during refactoring, and a few other things related to multicast. 2014-10-28 17:25:34 -07:00
Adam Ierymenko
4941c8a1f3 New multicast bug fixes, TRACE improvements, and temporarily disable legacy multicast for debugging purposes. 2014-10-09 17:58:31 -07:00
Adam Ierymenko
d5e0f7e3e4 Reorg multicast packet, and a whole bunch of refactoring around the pushing of certificates of membership. 2014-10-09 12:42:25 -07:00
Adam Ierymenko
87f1b1b1e3 Bug fix in new multicast frame handler, handling of old "P5" multicast frames in new way. 2014-10-06 13:16:16 -07:00
Adam Ierymenko
1109046782 Last steps before test: parse OK(MULTICAST_GATHER) and OK(MULTICAST_FRAME) 2014-10-02 13:50:37 -07:00
Adam Ierymenko
dee86e2448 But since we are now using middle 3 bits we can assign sane values for the cipher suite enum. 2014-10-02 11:13:53 -07:00
Adam Ierymenko
17da733f97 Gotta support old encrypted flag, move cipher spec to middle 3 bits... due to some shortsighted design early-on. In the future this can die once there are no old peers. 2014-10-02 11:08:59 -07:00
Adam Ierymenko
23836d4c11 Change "encrypted" flag to full cipher suite selector. Go ahead and reserve AES256-GCM which might be added in the future. 2014-10-02 10:54:34 -07:00
Adam Ierymenko
e53d208ea4 Improve security posture by eliminating non-const data() accessor from Buffer. 2014-10-02 10:06:29 -07:00
Adam Ierymenko
b41437780b Add origin to new MULTICAST_FRAME, move security check for certs into Network to remove redundant code and bug-proneness, more work on IncomingPacket... 2014-09-30 17:26:34 -07:00
Adam Ierymenko
2659427864 Multicaster needs to be global, not per-network, and a bunch of other stuff. 2014-09-30 16:28:25 -07:00
Adam Ierymenko
8607aa7c3c Everything in for new multicast except IncomingPacket parsing... 2014-09-30 08:38:03 -07:00
Adam Ierymenko
ed0ba49502 A few more revisions to new multicast verbs. 2014-09-26 14:18:25 -07:00
Adam Ierymenko
9e186bbd89 . 2014-09-25 15:57:43 -07:00
Adam Ierymenko
431476e2e4 Some more multicast algo work... 2014-09-24 13:45:58 -07:00
Adam Ierymenko
954f9cbc13 Yet more WIP on mulitcast algo... 2014-09-22 13:18:24 -07:00
Adam Ierymenko
d9abd4d9be Work on defining new direct broadcast multicast algorithm. 2014-09-18 18:28:14 -07:00
Adam Ierymenko
9b93141dd0 Upgrade LZ4 to latest version. 2014-07-30 15:34:15 -07:00
Adam Ierymenko
aead1050fb Bridging (GitHub issue #68) does indeed work! Just needed to fix a packet size thinko. 2014-06-21 12:29:33 -04:00
Adam Ierymenko
6e485833ef . 2014-06-21 12:25:10 -04:00
Adam Ierymenko
d6a4f8d77b Add flags to EXT_FRAME for better future proofness. 2014-06-12 11:40:30 -07:00
Adam Ierymenko
c30f9832b0 Packet decoder work for EXT_FRAME for bridging - GitHub issue #68 2014-06-10 21:41:34 -07:00
Adam Ierymenko
fb31f93c52 Protocol messages for bridging. GitHub issue #68 2014-06-10 15:25:15 -07:00
Adam Ierymenko
aee742e767 More toward GitHub issue #56 2014-04-10 16:30:15 -07:00
Adam Ierymenko
b5c3a92be2 Boring stuff: update dates in copyrights across all files. 2014-02-16 12:40:22 -08:00
Adam Ierymenko
8b65b3e6d7 Yank PROBE stuff since it's not used and was a premature addition to the protocol. 2014-01-28 10:41:43 -08:00
Adam Ierymenko
07f505971c Windows build fixes. 2014-01-17 17:09:59 -08:00
Adam Ierymenko
10df5dcf70 Fix several things:
(1) The changes to path learning in the two previous releases were poorly thought out,
and this version should remedy that by introducing PROBE. This is basically a kind of
ECHO request and is used to authenticate endpoints that are not learned via a valid
request/response pair. Thus we will still passively learn endpoints, but securely.

(2) Turns out there was a security oversight in _doHELLO() that could have permitted...
well... I'm not sure it was exploitable to do anything particularly interesting since
a bad identity would be discarded anyway, but fix it just the same.
2013-12-31 11:03:45 -08:00
Adam Ierymenko
612c17240a Dead code removal, fix for cleanup GitHub issue #28 2013-12-06 16:49:20 -08:00
Adam Ierymenko
f5d397e8c8 Pull in-band file transfer stuff. Toyed around with that idea, but it seems that updates for some platforms are big enough and there are enough reliability concerns that just using TCP/HTTP is safer and easier. 2013-12-04 10:45:15 -08:00
Adam Ierymenko
9fdec3acfc More updater work... coming along. 2013-11-05 17:08:29 -05:00
Adam Ierymenko
6c63bfce69 File transfer work, add identities for validation of updates. 2013-11-04 17:31:00 -05:00
Adam Ierymenko
ae138566a9 Updater code, work in progress... 2013-11-01 12:38:38 -04:00
Adam Ierymenko
17778a36ba Clean up secure random, add packet definitions for update distribution facility. 2013-10-27 07:26:50 -04:00
Adam Ierymenko
942cc0ca21 Certificate of membership works now... had to fix multicast propagation so COM is pushed with multicast, which makes tremendous sense in retrospect. 2013-10-25 14:51:55 -04:00
Adam Ierymenko
8c9b73f67b Make Salsa20 variable-round, allowing for Salsa20/12 to be used for Packet encrypt and decrypt. Profiling analysis found that Salsa20 encrypt was accounting for a nontrivial percentage of CPU time, so it makes sense to cut this load fundamentally. There are no published attacks against Salsa20/12, and DJB believes 20 rounds to be overkill. This should be more than enough for our needs. Obviously incorporating ASM Salsa20 is among the next steps for performance. 2013-10-18 17:39:48 -04:00
Adam Ierymenko
ce14ba9004 Take the 0.6.0 opportunity to add flags to a few protocol verbs and do a bit more cleanup. Also fix it so certificates wont be accepted unless they are newer than existing ones. 2013-10-17 06:41:52 -04:00
Adam Ierymenko
7e7e28f5f7 Add support for pushing network config refresh hints from a MEMORY queue table. That ways it will be possible for network changes to take effect almost immediately across all active peers. 2013-10-17 05:37:01 -04:00
Adam Ierymenko
46f868bd4f Lots of cleanup, more work on certificates, some security fixes. 2013-10-16 17:47:26 -04:00
Adam Ierymenko
4d594b24bc Automagically push netconf certs -- Network support. 2013-10-07 16:13:52 -04:00
Adam Ierymenko
dcbc9c8ddd Rename error code for no membership certificate. 2013-10-07 15:21:40 -04:00
Adam Ierymenko
4267e7da93 Remove a whole bunch of now-unnecessary cruft from Topology and PacketDecoder. 2013-10-05 10:19:12 -04:00
Adam Ierymenko
4ecb9369b5 Fix for multicast propagation -- supernodes must always keep propagating. Also fix mac-tap build on new version of Xcode CL tools. Must use old llvm-g++ instead of clang for i686 -mkernel. 2013-09-30 11:05:35 -04:00
Adam Ierymenko
0dca9964bf Whew, it builds! 2013-09-27 16:03:13 -04:00
Adam Ierymenko
4e010da54b Work in progress... 2013-09-26 17:45:19 -04:00
Adam Ierymenko
24bad9f3d1 More work in progress in new multicast propagation... 2013-09-25 17:41:49 -04:00