ZeroTierOne

mirror of https://github.com/zerotier/ZeroTierOne.git synced 2024-12-19 04:57:53 +00:00

Author	SHA1	Message	Date
Grant Limberg	3c343eb775	query update for sso	2022-09-27 13:41:52 -07:00
Grant Limberg	8b67d06272	modify sso queries for schema change	2022-09-21 14:29:47 -07:00
Grant Limberg	9cf8dacfbb	don't crash out of the controller heartbeat loop here	2022-06-30 11:40:04 -07:00
Grant Limberg	b5d7d71e1e	use connection pool instead of new connection for member status writes redis plus plus has an annoying feature where it will open a new connection for each tx or pipeline by default, rather than just fetching an existing connection from the pool. Let's change that	2022-06-30 09:59:47 -07:00
Grant Limberg	6fdc7be502	redis connection pool tuning	2022-06-29 09:39:51 -07:00
Grant Limberg	0d7197381a	exit here on error	2022-06-28 09:28:35 -07:00
Grant Limberg	ff8da9d246	Play with online notification timing again	2022-06-24 10:03:30 -07:00
Grant Limberg	c1384422c3	just sleep 1 second	2022-06-22 10:58:23 -07:00
Grant Limberg	ccc0ebd0f9	don't spam the logs quite as much on first startup sleep the thread 1 second every round until we're actually updating members	2022-06-22 10:42:51 -07:00
Grant Limberg	9d4336d296	redis connection tuning	2022-06-22 10:30:58 -07:00
Grant Limberg	17bc9d3085	redis thread now uses this_thread::yield()	2022-06-22 10:07:55 -07:00
Grant Limberg	436f481a34	fix log line	2022-06-22 10:01:07 -07:00
Grant Limberg	9e8215b213	adjust sleep between onlineNotification runs. Added timer to output	2022-06-22 09:43:09 -07:00
Grant Limberg	caf8b15f6d	Merge pull request #1701 from tossp/sql2 fix sql	2022-06-19 18:09:28 -07:00
TossPig	bc7f18064f	fix sql bind message supplies 17 parameters, but prepared statement "" requires 16	2022-06-20 05:59:13 +08:00
Grant Limberg	355d3f44fb	logging & redis standalone fix	2022-06-16 11:52:35 -07:00
Grant Limberg	9de863e68b	update controller db record	2022-06-16 10:50:07 -07:00
Grant Limberg	64b7f8e445	quiet down logs more	2022-06-15 16:58:11 -07:00
Grant Limberg	626f488cb4	quiet down the controller logs a smidge	2022-06-15 16:58:07 -07:00
Grant Limberg	10212e376a	more redis in the controller	2022-06-15 16:58:04 -07:00
Grant Limberg	0ed339f19d	make sure value here is true, not just that the env var is set	2022-06-13 15:44:35 -07:00
Grant Limberg	c6fc3560f2	Merge branch 'dev' into redisrection	2022-06-13 13:09:36 -07:00
Grant Limberg	b65c1ed3a0	Add inja Requries update to C++17 standard	2022-05-13 09:34:15 -07:00
Grant Limberg	9ddc0327d4	enable redis member status again	2022-05-10 08:36:39 -07:00
Grant Limberg	59151fbf86	remove max count for xread	2022-04-28 13:10:07 -07:00
Grant Limberg	1c700b7b41	Fix redis cluster usage	2022-04-28 13:05:02 -07:00
Grant Limberg	ff18bacd94	fix XREAD commands for redis message queue	2022-04-28 11:16:45 -07:00
Adam Ierymenko	ef08346a74	Fix a possible excessive memory use issue in controller and clean up a bunch of COM handling and other code in the normal node.	2022-04-19 19:59:54 -04:00
Adam Ierymenko	912036b260	Push credentials always if updated (client-side) and some controller-side cleanup that should be logically irrelevant but will prevent unnecessary DB lookups.	2022-04-19 12:41:38 -04:00
Adam Ierymenko	a4e8847664	Restore sending of rejections but move it exclusively to a thread, widen netconf window to 30 minutes.	2022-04-19 10:37:58 -04:00
Adam Ierymenko	c492bf7eea	Forgot to send error on v0 auth expiry.	2022-04-18 16:36:09 -04:00
Adam Ierymenko	cb086ff97f	Simplify SSO logic. SSO should just normally expire when it expires. No full deauth needed. Deauth is for really giving someone the boot.	2022-04-18 16:32:05 -04:00
Adam Ierymenko	55a99f34d0	Tighten certificate window and deprecate sending of revocations for ordinary SSO timeouts. Revocations should only be for deliberate deauth to kick people off networks. Cert window should now stay within refresh window for SSO so normal cert expiration should handle it just fine.	2022-04-15 14:23:26 -04:00
Adam Ierymenko	58119598ae	comment out some new deauth code	2022-04-13 23:10:11 -04:00
Adam Ierymenko	42a2afaef9	This may improve controller behavior with SSO and mixed SSO, needs testing!	2022-04-13 21:39:56 -04:00
Grant Limberg	f8e24f4629	Fix issue where restarting a controller causes a DB write for each network member	2022-02-28 12:26:32 -08:00
Grant Limberg	c09010c25a	handle nonce rotation in controller better Won't generate new nonces until there are no active ones.	2022-01-20 15:14:29 -08:00
Grant Limberg	b3fbbd3124	refresh tokens now working Still investigating the best way to do a couple things, but we have something working	2021-12-07 16:29:50 -08:00
Grant Limberg	730482e62f	encode network ID into sso state param	2021-12-01 15:02:21 -08:00
Grant Limberg	663a09b38d	oidc stuff coming across the wire properly and generating a working login URL	2021-12-01 13:01:32 -08:00
Grant Limberg	7cce23ae79	wip	2021-12-01 10:44:29 -08:00
Grant Limberg	dfdac7adbd	iomanip	2021-11-30 17:31:46 -08:00
Grant Limberg	a33d7c64fe	more fixin	2021-11-30 17:27:13 -08:00
Grant Limberg	d15516f0ef	query fix & controller build fix	2021-11-30 16:18:34 -08:00
Grant Limberg	fa21fdc1cc	rename stuff for clarity authenticationURL will still be used by the client for v1 and v2 of sso	2021-11-11 16:19:26 -08:00
Grant Limberg	43433cdb5a	integrate rust build of zeroidc to linux	2021-11-04 17:16:23 -07:00
Grant Limberg	8d39c9a861	plumbing full flow from controller -> client network	2021-11-04 15:40:08 -07:00
Grant Limberg	3818351287	use pqxx::pipeline for online update thread	2021-10-06 09:39:30 -07:00
Grant Limberg	4d26b5a868	no reason for this to be a pointer	2021-10-05 17:02:50 -07:00
Grant Limberg	ac0dc7844f	rework commit thread & some connection pool borrowing issues	2021-10-05 09:25:24 -07:00
Adam Ierymenko	134d33c218	Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring.	2021-09-20 15:40:55 -07:00
Grant Limberg	46adc1f059	ifdef this out	2021-09-20 15:39:53 -07:00
Grant Limberg	9002555596	ensure count > 0	2021-09-20 15:39:44 -07:00
Grant Limberg	c3a42bf590	remove heartbeat log	2021-09-02 16:46:42 -07:00
Grant Limberg	8b95afa96a	logging	2021-09-02 16:32:40 -07:00
Grant Limberg	6a49a766ca	logging	2021-09-02 16:22:59 -07:00
Grant Limberg	16ff14bda7	identify controller in pool stats	2021-09-02 13:48:08 -07:00
Grant Limberg	57c1d96b71	math	2021-09-02 12:48:49 -07:00
Grant Limberg	40f376e2b9	print db pool stats periodically	2021-09-02 12:45:26 -07:00
Grant Limberg	dc61f78916	set psql application_name in startup script	2021-09-02 11:24:07 -07:00
Grant Limberg	a2ffe8c05e	dont generate nonce for deleted members	2021-09-02 11:24:04 -07:00
Grant Limberg	d0f4cfe6b4	print load status messages a little less often now that things go brrrrrrrrr	2021-08-20 10:34:00 -07:00
Grant Limberg	3ec23f92ec	helps to add part of the query	2021-08-20 10:30:37 -07:00
Grant Limberg	6baac1b4e0	more query optimizations	2021-08-20 10:27:45 -07:00
Grant Limberg	50b0b2e2e9	query optimization	2021-08-19 17:55:30 -07:00
Grant Limberg	20721491e8	kill some noisy logs	2021-08-19 13:03:56 -07:00
Grant Limberg	eec46a137e	optimize data loading from psql on startup	2021-08-19 12:44:02 -07:00
Grant Limberg	9eae444104	kill some verbose logs	2021-08-19 09:21:52 -07:00
Adam Ierymenko	576b4f03a5	Adjust deauth time window and send revocation when SSO members expire.	2021-08-18 12:17:40 -04:00
Adam Ierymenko	461810b06a	Move return so record gets created before URL.	2021-08-10 11:22:29 -04:00
Grant Limberg	613d7b5ece	fix backwards logic	2021-08-04 09:16:04 -07:00
Adam Ierymenko	c101d71d7c	Tweak auth timeout notify.	2021-07-30 18:44:34 -04:00
Adam Ierymenko	663e748b8d	Deauth expiring members right away.	2021-07-26 23:45:18 -04:00
Adam Ierymenko	0cf62d334d	Remove pointless check.	2021-07-26 13:38:35 -04:00
Adam Ierymenko	0872012cd9	small fix	2021-07-26 13:11:01 -04:00
Adam Ierymenko	c2d8fe46d5	About ready to test notify of SSO timeout...	2021-07-23 19:20:10 -04:00
Adam Ierymenko	0310bfa3e3	Include authentication URL in config	2021-07-23 19:17:42 -04:00
Adam Ierymenko	efe0e8aa7b	Notification of about-to-expire status... almost there.	2021-07-23 19:05:59 -04:00
Adam Ierymenko	5c7e51feaf	Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev	2021-07-23 18:49:05 -04:00
Adam Ierymenko	34de579c91	Handling of soon-to-expire members	2021-07-23 18:49:00 -04:00
Grant Limberg	73ddea8864	use network ID, not controller ID for looking up network data	2021-07-06 14:15:01 -07:00
Grant Limberg	10215af96d	whoops	2021-07-06 13:18:08 -07:00
Grant Limberg	e67fee0264	debug logging	2021-07-06 13:08:21 -07:00
Grant Limberg	5ece4f734a	fix error message	2021-07-06 13:08:16 -07:00
Grant Limberg	f8ea7fdc2b	Fix for GitHub #859 Wrong DB::get() method being called to look up the network member for deletes	2021-06-24 10:32:21 -07:00
Grant Limberg	364ad87e2b	add ssoEnabled flag to network config	2021-06-05 13:44:45 -07:00
Grant Limberg	9380ef708a	debug strings & query fixes	2021-06-05 13:44:07 -07:00
Grant Limberg	fd174b3459	fix auth time lookup	2021-06-04 20:55:22 -07:00
Grant Limberg	21d27c314c	HMACSHA384 the nonce bytes, not the hex encoded nonce bytes	2021-06-04 20:06:04 -07:00
Grant Limberg	0b89a49201	typo	2021-06-04 16:56:28 -07:00
Grant Limberg	e6b4fb5af7	add "ssoRedirectURL" to local.conf plumbed it through to the central controller code	2021-06-04 16:29:03 -07:00
Grant Limberg	c227330d09	fix redirect_uri substitution	2021-06-04 15:58:38 -07:00
Grant Limberg	b16f40c0de	.	2021-06-04 15:18:18 -07:00
Grant Limberg	fd85f87ade	handle null in result set	2021-06-04 15:15:42 -07:00
Grant Limberg	add33f1ab3	cast to bigint in query	2021-06-04 14:48:41 -07:00
Grant Limberg	3bfc438ae8	null handling	2021-06-04 14:40:14 -07:00
Adam Ierymenko	1dfe909bab	Increase authentication URL sizes.	2021-06-04 16:46:56 -04:00
Grant Limberg	75d17ea3c8	Helps to commit when trying to write a change to the db	2021-06-04 13:20:03 -07:00
Grant Limberg	96d15337bb	default 0	2021-06-04 13:19:39 -07:00
Grant Limberg	74a678c1e1	chicken or egg problem. member must exist in the database before we can generate a nonce & SSO URL	2021-06-04 12:49:26 -07:00

1 2 3 4 5 ...

711 Commits