Commit Graph

225 Commits

Author SHA1 Message Date
Adam Ierymenko
b6725c4415 Optimize AntiRecursion. 2015-10-30 11:48:33 -07:00
Adam Ierymenko
da93712846 Clean up PUSH_DIRECT_PATH limits a bit more and make them a bit smarter. 2015-10-28 09:11:30 -07:00
Adam Ierymenko
cdc99bfee1 Add a circuit breaker for VERB_PUSH_DIRECT_PATHS. 2015-10-27 18:18:26 -07:00
Adam Ierymenko
cc1b275ad9 Replicate peer endpoints and forget paths if we have them -- this allows two clusters to talk to each other, whereas forgetting all paths does not. 2015-10-27 16:47:13 -07:00
Adam Ierymenko
a1a0ee4edb Fix infinite loop in Cluster, clean up some stuff elsewhere, and back out rate limiting in PUSH_DIRECT_PATHS for now (but we will do something else to mitigate amplification attacks) 2015-10-27 12:01:00 -07:00
Adam Ierymenko
62db18b6dd Lessen this limit just a bit to make cluster settle faster. 2015-10-27 11:01:58 -07:00
Adam Ierymenko
5ce3aac929 Add rate limit on receive of DIRECT_PATH_PUSH to prevent DOS exploitation. 2015-10-16 10:28:09 -07:00
Adam Ierymenko
2debde3451 GitHub issue #235, and I also see no reason not to communicate with people from other Worlds. 2015-10-15 07:22:17 -07:00
Adam Ierymenko
619e113748 Work in progress on Cluster for new root infrastructure, multi-homing. 2015-10-14 14:12:12 -07:00
Adam Ierymenko
7d62dbe9f7 Tune NAT-t keepalives so that timing is better obeyed, clean up a build warning, and fix a potential source of network recursion (though harmless). 2015-10-07 11:57:59 -07:00
Adam Ierymenko
a3db7d0728 Refactor: move network COMs out of Network and into Peer in prep for tightening up multicast lookup and other things. 2015-10-01 11:11:52 -07:00
Adam Ierymenko
f69454ec98 (1) Make ZT_ naming convention consistent (get rid of ZT1_), (2) Make local interface a full sockaddr_storage instead of an int identifier, which turns out to be better for multi-homing and other uses. 2015-09-24 16:21:36 -07:00
Adam Ierymenko
5986d83738 Kill more kittens. 2015-07-28 12:04:14 -07:00
Adam Ierymenko
b69afa010e Disable type punning on ARM by ifdef. 2015-07-28 11:50:01 -07:00
Adam Ierymenko
b31071463c Try another NAT traversal improvement. 2015-07-28 11:28:47 -07:00
Adam Ierymenko
d647a587a1 (1) Fix updating of network revision counter on member change.
(2) Go back to timestamp as certificate revision number. This is simpler
    and more robust than using the network revision number for this and
    forcing network revision fast-forward, which could cause some peers
    to fall off the horizon when you don't want them to.
2015-07-23 17:18:20 -07:00
Adam Ierymenko
79e9a8bcc2 Almost everything for GitHub issue #180 except direct path map setup. 2015-07-06 15:28:48 -07:00
Adam Ierymenko
255320e2a6 pushDirectPaths() implementation 2015-07-06 14:39:28 -07:00
Adam Ierymenko
7bae95836c Root server terminology cleanup, and tighten up a security check by checking full identity of peers instead of just address. 2015-06-19 10:23:25 -07:00
Kees Bos
a425bbc673 Renamed supernode to rootserver 2015-05-06 12:05:20 +02:00
Adam Ierymenko
cdec05af24 One second delay between NAT-t events. 2015-05-22 13:12:14 -07:00
Adam Ierymenko
d9006712f6 Completely factor out "desperation" from the core. I thought of a significantly simpler way to move all of this logic entirely into the containing service, liberating the core from any concern over the nature of its pipe to the outside world. 2015-05-21 15:58:26 -07:00
Adam Ierymenko
d0e0f5dd12 Basic OpenBSD compile fixes -- still need to update BSDEthernetTap, will do that later. Should be able to re-use FreeBSD port for OpenBSD, but we will see. 2015-05-15 08:48:53 -07:00
Adam Ierymenko
54954f5b88 First pass of Windows cleanup and build fixes... 2015-04-24 13:35:17 -07:00
Adam Ierymenko
98bcc3d4b5 Disable a few noisy TRACEs, and limit how often we confirm new paths to avoid flooding. 2015-04-15 13:15:09 -07:00
Adam Ierymenko
67f1f1892f Bunch of tap stuff, IP address assignment hookups, etc. 2015-04-14 17:57:51 -07:00
Adam Ierymenko
e34bc961db Add awareness of online status, and put old OS-dep utils in OSUtils. 2015-04-08 17:10:21 -07:00
Adam Ierymenko
49f031ccb4 Tons of refactoring, change to desperation algorithm to use max of core or link, porting over core loop code from old Node.cpp to new CAPI version, etc. 2015-04-07 19:31:11 -07:00
Adam Ierymenko
52c3b7c34e Implemented empirical determination of external addressing, paritioned per scope. 2015-04-07 11:56:10 -07:00
Adam Ierymenko
6eb9289367 Bunch more cleanup, improvements to NAT traversal logic, finished updating Switch. 2015-04-03 16:52:53 -07:00
Adam Ierymenko
a69e1876f1 The concept of link desperation (escalating to less desirable transports) simplifies a ton of stuff. Loads of spaghetti logic can die since we no longer have to make these decisions down in the core. 2015-04-02 17:54:56 -07:00
Adam Ierymenko
8130848020 More refactoring... and update the API a bit... turns out my strategy for reducing indirect function calls also increased memcpy()s which are more expensive. This is simpler and faster. 2015-04-01 14:59:44 -07:00
Adam Ierymenko
36eab4f1a9 Whole heap more cleanup and refactoring... 2015-03-31 17:53:34 -07:00
Adam Ierymenko
93012b0ee5 Re-incorporation: ZeroTier Networks -> ZeroTier, Inc. [Delaware] 2015-02-17 13:11:34 -08:00
Adam Ierymenko
b7148c107d Rip out network environment fingerprint. This will be replaced by constant monitoring of actual external address surface. 2015-02-02 16:40:57 -08:00
Adam Ierymenko
b1bf3f68c3 Drop support for legacy P5 multicast, as there are fewer than 1% of these remaining on the network. 2015-02-02 16:34:01 -08:00
Adam Ierymenko
60fb28a90a Cleanup, new C++ netconf code is almost ready to test! 2015-01-06 17:16:54 -08:00
Adam Ierymenko
4e95384ad6 Cleanup, add tristate to config code in Network, and happy new year! 2015-01-05 17:47:59 -08:00
Adam Ierymenko
0f505411cf Enable legacy multicast in Constants. 2014-11-25 14:12:33 -08:00
Adam Ierymenko
1bd5a1ebcd Make selftest build and run on FreeBSD 10 with gmake 2014-11-04 11:20:38 -08:00
Adam Ierymenko
0e84eb3852 Back off default multicast limit just a little. 2014-10-29 18:25:24 -07:00
Adam Ierymenko
4dec598fb8 Make multicast gather slightly more aggressive, and add total to list command in testnet. 2014-10-28 15:33:10 -07:00
Adam Ierymenko
03dc823ad7 (1) Back off a little on default max multicast limit since 128 is pretty bandwidth heavy, (2) add a little to default multicast rate limit since new MC algo is fairerererer, (3) decided not to involve netconf masters in multicast so take that out of list of who gets LIKEs. 2014-10-10 12:55:06 -07:00
Adam Ierymenko
62da7e67b6 Add some rate limiting to implicit gathers, and always send multicasts to at least one supernode so they can broadcast to old peers (temporary). 2014-10-03 22:30:10 -07:00
Adam Ierymenko
96fa3f7550 Work on in-place testnet support. 2014-10-02 16:33:08 -07:00
Adam Ierymenko
49dc47ff38 Make multicast gathering a bit smarter. 2014-10-02 11:35:37 -07:00
Adam Ierymenko
0778332747 . 2014-09-25 22:08:52 -07:00
Adam Ierymenko
9e186bbd89 . 2014-09-25 15:57:43 -07:00
Adam Ierymenko
050a0ce85d . 2014-09-25 15:08:29 -07:00
Adam Ierymenko
954f9cbc13 Yet more WIP on mulitcast algo... 2014-09-22 13:18:24 -07:00
Adam Ierymenko
d9abd4d9be Work on defining new direct broadcast multicast algorithm. 2014-09-18 18:28:14 -07:00
Adam Ierymenko
4708231046 Fix for GitHub issue #122 and other fixes 2014-09-18 10:01:30 -07:00
Adam Ierymenko
4e9280fc7a Rip out dead "firewall opener" code, replace in pipeline with anti-symmetric-NAT tactics. 2014-09-05 16:23:24 -07:00
Adam Ierymenko
7d4b6767eb Old-school GCC build fix -- make sure __GCC__ is defined 2014-09-05 17:48:59 +00:00
Adam Ierymenko
f5cbb45ab9 Increase sleep/wake detection threshold... might want to switch to using native interfaces to really detect this in the future since this is not 100% reliable. 2014-08-18 10:13:25 -04:00
Adam Ierymenko
aa59cfd545 Web request part of supernode resync (not quite done, needs test) 2014-08-15 23:37:35 -04:00
Adam Ierymenko
f8d4611d15 (1) Tweak LAN locator beacon frequencies, (2) Windows virtual networks
now show up as *real* networks and prompt the user to set their
location and firewall status (public, private, home/work, etc.).

The hack used to achieve #2 should not be examined by children or those
suffering from epilepsy or heart conditions.
2014-08-12 17:20:34 -07:00
Adam Ierymenko
8a804b5257 (1) Disable firewall openers (its easy to re-enable), (2) Do some prep work for making supernode topology hot-updatable. 2014-08-05 14:05:50 -07:00
Adam Ierymenko
b80c229d87 Tons of code cleanup, refactor Network to use EthernetTapFactory, probably also fix GitHub issue #90 2014-07-31 14:09:32 -07:00
Adam Ierymenko
4c4675e3ac Cleanup, add __BSD__ 2014-07-15 20:49:13 -07:00
Adam Ierymenko
88bdb81791 Keep track of basic aliveness for peers regardless if direct or indirect connectivity and use this for multicast propagation. Also consolidate adding of active bridges via the same functor as regular multicast next hops. 2014-06-30 11:31:04 -07:00
Adam Ierymenko
5d467f0f45 Some TRACE improvements and comment revs. 2014-06-18 08:25:30 -07:00
Adam Ierymenko
6802da457e Bridging pretty much ready to test! Got Switch all wired up. Also fix a latent probably-never-triggered bug in MULTICAST_FRAME handling. GitHub issue #68 2014-06-13 21:06:34 -07:00
Adam Ierymenko
5682f0b772 Some more bridging work... wiring up in Switch - GitHub issue #68 2014-06-13 17:49:33 -07:00
Adam Ierymenko
d44e1349d8 Bridge routing table - GitHub issue #68 2014-06-10 17:18:59 -07:00
Adam Ierymenko
4e1f49258b Bridging in NetworkConfig - GitHub Issue #68 2014-06-10 15:47:20 -07:00
Adam Ierymenko
beb7b5bbe5 GitHub Issue #69 - make MAC assignment schema differ between virtual networks. 2014-05-23 14:32:31 -07:00
Adam Ierymenko
99c5fae9da Make Service communicate via empty-line-delimited Dictionary objects instead of the old size prefix way. 2014-05-08 21:27:59 +00:00
Adam Ierymenko
aee742e767 More toward GitHub issue #56 2014-04-10 16:30:15 -07:00
Adam Ierymenko
c9294c1a78 Prevent recursive transit of ZeroTier packets, toward GitHub issue #56 2014-04-10 14:22:25 -07:00
Adam Ierymenko
119ef5ecbf More logic cleanup and some documentation / comment improvements. 2014-04-10 10:00:20 -07:00
Adam Ierymenko
8fb442d81a Yet more cleanup to TCP logic, this time adding a master switch and adding UDP preference in send(). 2014-04-09 17:08:35 -07:00
Adam Ierymenko
28a6d328a5 Some adjustments to TCP logic for GitHub issue #60 2014-04-09 11:55:24 -07:00
Adam Ierymenko
158002d2d1 Tweak some timings and stuff. 2014-04-03 16:19:41 -07:00
Adam Ierymenko
c96d3ebf8c Such ping logic. So edge case. 2014-04-03 14:36:52 -07:00
Adam Ierymenko
700a450806 More tweaks to algorithm for determining when to fail over to TCP, and stop supernodes from resynchronizing unless explicitly ordered. 2014-04-01 18:39:10 -07:00
Adam Ierymenko
595b386afc Increase maximum packet fragments to make room for huge multicasts with certificates of membership tagged onto them. This likely will not actually increase the number of fragments in practice much, since these are then subsequently compressed. But the buffer needs to be allocated with room for them, otherwise these packets get dropped with a range_error exception internally. 2014-03-31 14:53:33 -07:00
Adam Ierymenko
181369964f Make TCP optional, rename port constant. 2014-03-27 18:22:53 -07:00
Adam Ierymenko
ba3f04deed Work in progress: refactoring paths, adding TCP fallback. 2014-03-20 20:07:35 -07:00
Adam Ierymenko
45e823d27c Reworking of paths in Peer work-in-progress, and TCP connect support in SocketManager. Also add FD_SETSIZE checking for the default select implementation of sockets. 2014-03-20 18:49:33 -07:00
Adam Ierymenko
abc82d6a52 IPC changes and SocketManager changes all build! 2014-03-19 13:56:48 -07:00
Adam Ierymenko
bb25128406 TCP socket. 2014-03-18 11:53:53 -07:00
Adam Ierymenko
b5c3a92be2 Boring stuff: update dates in copyrights across all files. 2014-02-16 12:40:22 -08:00
Adam Ierymenko
d04e5a1fe0 Add a simple but very nice mechanism for avoiding potentially dead supernodes. 2014-02-03 11:09:09 -08:00
Adam Ierymenko
ce0bd93289 Make software update run a little more often for now. 2014-02-02 16:46:27 -08:00
Adam Ierymenko
07f505971c Windows build fixes. 2014-01-17 17:09:59 -08:00
Adam Ierymenko
c8166b2db1 Bump version to 0.6.4 for testing, integrate software updater auto-check into PacketDecoder decode path and main loop. 2013-12-26 20:57:17 -08:00
Adam Ierymenko
92969b4426 Fix for GitHub issue #20 (untested) 2013-12-24 10:39:29 -08:00
Adam Ierymenko
bf0da9f2f7 Rest of software updater, ready to test... 2013-12-10 15:30:53 -08:00
Adam Ierymenko
612c17240a Dead code removal, fix for cleanup GitHub issue #28 2013-12-06 16:49:20 -08:00
Adam Ierymenko
ac4e657aaa Updater work in progress... 2013-11-01 20:39:31 -04:00
Adam Ierymenko
3de76fcab1 Make network autoconf a little more frequent to tighten up expiration times. 2013-10-21 16:11:29 -04:00
Adam Ierymenko
5e71e07f59 Add persistent identity caching for use on supernodes. Activate by just making an iddb.d directory in the ZeroTier home folder. Also clean up some obsolete cruft from makefiles. 2013-10-21 14:12:00 -04:00
Adam Ierymenko
40e4f39181 Peers are now dumped on shutdown in a persistence cache and reloaded on startup, which is good enough for clients right now. Supernodes will get something else for long-term authoritative identity caching. 2013-10-21 11:15:47 -04:00
Adam Ierymenko
e13d4df9ab Forgot to set defaults if multicast parameters are unset. 2013-10-18 15:50:31 -04:00
Adam Ierymenko
4267e7da93 Remove a whole bunch of now-unnecessary cruft from Topology and PacketDecoder. 2013-10-05 10:19:12 -04:00
Adam Ierymenko
c7590634e8 Eliminate a lot of redundant WHOIS requests, clean up WHOIS clutter in TRACE, flesh out multicast tracing a bit. 2013-10-03 14:38:07 -04:00
Adam Ierymenko
58538500f2 Clean up some routine stuff like pings, and stop keeping links open forever even if there are no frames passing between them. 2013-10-02 16:12:10 -04:00
Adam Ierymenko
3443b203e4 Each peer now tracks the last time it announced multicast LIKEs independently and does so frequently enough to prevent expires. Also add a multicast debug facility for use on the testnet. 2013-10-01 16:01:36 -04:00
Adam Ierymenko
9db7939d38 Make new multicast depth and prefix bits parameters configurable. 2013-09-30 13:51:56 -04:00
Adam Ierymenko
0dca9964bf Whew, it builds! 2013-09-27 16:03:13 -04:00
Adam Ierymenko
4e010da54b Work in progress... 2013-09-26 17:45:19 -04:00
Adam Ierymenko
770fbaf4b2 New multicast algorithm work in progress... 2013-09-21 16:46:00 -04:00
Adam Ierymenko
f9079a110e Make network multicast breadth/depth parameters configurable on a per-net basis. 2013-09-17 16:11:57 -04:00
Adam Ierymenko
300588c5e8 Add port and control port command line options to daemon and command line client, add new supernode keys to Defaults. 2013-09-17 14:47:48 -04:00
Adam Ierymenko
55e7ddba1e Get a default rate that works for multicast. 2013-09-12 12:11:21 -04:00
Adam Ierymenko
37931d8589 Multicast bandwidth accounting work in progress, and some config field changes and cleanup. 2013-09-04 09:27:56 -04:00
Adam Ierymenko
08fe84d707 Windows builds, self test runs in Debug mode! 2013-08-14 13:23:25 -04:00
Adam Ierymenko
fc18334dbb Version 0.4.3 (the real one): fix Gentoo ip config failures and crashes
This version fixes problems with locating the 'ip' command on Gentoo
and possibly other Linux systems, and a problem that could cause a
crash if EthernetTap was unable to locate one of the commands it
invokes to configure IP information on tap devices.

The code also now builds on Windows. It doesn't run yet, but it's a
step. Windows port is in full swing.

Finally, the multicast rate limit defaults were raised a little. More
testing is needed here, and real world measurments.
2013-08-13 15:14:03 -04:00
Adam Ierymenko
d6414c9ff7 Windows compiles! (w/Visual Studio 2012) That's about all it does, but it's a start. 2013-08-12 21:25:36 -04:00
Adam Ierymenko
7c3a446499 Tweak default multicast rate limits. 2013-08-09 17:02:06 -04:00
Adam Ierymenko
6a24ac4f00 Add a concept of debt to RateLimiter, save a bit of RAM. 2013-08-09 16:36:58 -04:00
Adam Ierymenko
3af55f4423 Add RateLimiter for rate limiting multicast, not tested yet. 2013-08-08 17:20:35 -04:00
Adam Ierymenko
95c0790a88 Back off a little on multicast propagation depth. Eventually this will be a network parameter. 2013-08-08 12:55:01 -04:00
Adam Ierymenko
3368330b77 Poll for network autoconf, and a few other documentation changes. 2013-08-05 12:34:54 -04:00
Adam Ierymenko
7e156b2622 Call clean on all networks periodically, generalize Topology clean cycle to an overall clean cycle. 2013-07-30 11:14:53 -04:00
Adam Ierymenko
b0a83093ce Back out of RPC... blech. Have a better idea. 2013-07-27 13:36:27 -04:00
Adam Ierymenko
af8fcac0fc RPC infrastructure work in progress. 2013-07-25 15:19:35 -04:00
Adam Ierymenko
76bc9968ff New simpler command interface via loopback UDP protected by a crypto token. 2013-07-17 14:10:44 -04:00
Adam Ierymenko
aa59c1de10 Bunch of little bug fixes in newly refactored code. 2013-07-12 22:07:48 -04:00
Adam Ierymenko
bcd079b70e Adding signatures to multicast frames, work in progress, does not build yet 2013-07-10 22:58:43 -04:00
Adam Ierymenko
9e28bbfbb2 Factored out multicast propagation algorithm from Switch and Topology, also cleaned up and clarified it a bit. 2013-07-10 17:24:27 -04:00
Adam Ierymenko
ef3e319c64 Several things:
(1) Probable fix for issue #7 and major cleanup of EthernetTap code with consolidation for all unix-like systems and specialization for different flavors only when needed.

(2) Refactor of Buffer<> to make its members private, and Packet to use Buffer's methods exclusively to access them. This improves clarity and means we're no longer lying about Buffer's role in the code's security posture.

(3) Add -fstack-protect to Makefile to bounds check stack variables.
2013-07-09 14:06:55 -04:00
Adam Ierymenko
7c85a638b0 Added creation and periodic update of a file called "status" in the home directory that contains peer link status. Useful for debugging and statistics. Send it SIGHUP to force an update now. Otherwise it updates every 120 seconds. 2013-07-06 14:58:34 -04:00
Adam Ierymenko
150850b800 New git repository for release - version 0.2.0 tagged 2013-07-04 16:56:19 -04:00