Commit Graph

1938 Commits

Author SHA1 Message Date
Adam Ierymenko
fe6d5b1402 UPNP/NAT-PMP support with libminiupnpc (if built with it) -- GitHub issue #64 2015-07-28 14:32:02 -07:00
Adam Ierymenko
eea8d58afa docs,cleanup 2015-07-28 12:39:03 -07:00
Adam Ierymenko
21e6850722 Cancel NAT-t attempts if peer is no longer "alive" 2015-07-28 12:18:59 -07:00
Adam Ierymenko
5986d83738 Kill more kittens. 2015-07-28 12:04:14 -07:00
Adam Ierymenko
4564dd95ff Revert... no luck with any of that. 2015-07-28 12:00:50 -07:00
Adam Ierymenko
d2bfdfa6e7 Play with NAT-t tweaks some more. 2015-07-28 11:57:18 -07:00
Adam Ierymenko
b69afa010e Disable type punning on ARM by ifdef. 2015-07-28 11:50:01 -07:00
Adam Ierymenko
708aac1ea7 Remove some left over debug code, and fix attempt to send to self if we are an active bridge. 2015-07-28 11:43:09 -07:00
Adam Ierymenko
17bfd4d55e Add TRACE for NAT-t debugging. 2015-07-28 11:32:34 -07:00
Adam Ierymenko
b31071463c Try another NAT traversal improvement. 2015-07-28 11:28:47 -07:00
Adam Ierymenko
dda376c9eb Nuke some abandoned code. 2015-07-28 11:16:43 -07:00
Adam Ierymenko
40d5c79b62 Enable SO_NO_CHECK if available to skip UDP checksum on packet send for slight performance improvement. We do our own cryptographically secure authentication so UDP checksum is worthless. 2015-07-28 10:29:25 -07:00
Adam Ierymenko
1537109514 Merge branch 'master' into adamierymenko-dev 2015-07-28 09:40:54 -07:00
Adam Ierymenko
66c74f0ad9 Merge pull request #215 from nelsonjchen/patch-2
Update Application Mac Menu. Small MacGap leftover.
2015-07-28 09:39:42 -07:00
Adam Ierymenko
821f1f366e Fix to NAT escalation sequence. 2015-07-27 17:34:58 -07:00
Adam Ierymenko
e99eda4a4a Fix IP scoping bug, and disable remotely reported surface push... not helping. :( 2015-07-27 17:28:13 -07:00
Adam Ierymenko
fadb291962 Fix infinite loop typo. 2015-07-27 17:14:49 -07:00
Adam Ierymenko
f0003ea922 Push remote surface as reported by peers along with known interface direct paths to assist with (some) NAT traversal. (trying this, may back out if not effective) 2015-07-27 17:02:43 -07:00
Adam Ierymenko
e30ba3e138 Eliminate some aggressive port scanning NAT-t behavior that has proven ineffective. 2015-07-27 16:43:27 -07:00
Adam Ierymenko
7a15d8a7e3 Fix leaving of networks to actually call Network::destroy(). 2015-07-24 14:50:44 -07:00
Adam Ierymenko
dba91eaa09 Apply same Linux compiler-picker logic to Mac. 2015-07-24 13:17:41 -07:00
Adam Ierymenko
d57ea671d7 Add version to log. 2015-07-24 09:59:17 -07:00
Adam Ierymenko
d647a587a1 (1) Fix updating of network revision counter on member change.
(2) Go back to timestamp as certificate revision number. This is simpler
    and more robust than using the network revision number for this and
    forcing network revision fast-forward, which could cause some peers
    to fall off the horizon when you don't want them to.
2015-07-23 17:18:20 -07:00
Adam Ierymenko
a493fc23f4 Fix for make-linux: detect whether CC/CXX were explicitly overridden, and if not then use the gcc/clang selection logic. Otherwise ?= breaks this. 2015-07-23 13:05:18 -07:00
Adam Ierymenko
b3516c599b Add a rate limiting circuit breaker to the network controller to prevent flooding attacks and race conditions. 2015-07-23 10:10:17 -07:00
Adam Ierymenko
3ba54c7e35 Eliminate some poorly thought out optimizations from the netconf/controller interaction,
and go ahead and bump version to 1.0.4.

For a while in 1.0.3 -dev I was trying to optimize out repeated network controller
requests by using a ratcheting mechanism. If the client received a network config
that was indeed different from the one it had, it would respond by instantlly
requesting it again.

Not sure what I was thinking. It's fundamentally unsafe to respond to a message
with another message of the same type -- it risks a race condition. In this case
that's exactly what could happen.

It just isn't worth the added complexity to avoid a tiny, tiny amount of network
overhead, so I've taken this whole path out.

A few extra bytes every two minutes isn't worth fretting about, but as I recall
the reason for this optimization was to save CPU on the controller. This can be
achieved by just caching responses in memory *there* and serving those same
responses back out if they haven't changed.

I think I developed that 'ratcheting' stuff before I went full time on this. It's
hard to develop stuff like this without hours of sustained focus.
2015-07-23 09:50:10 -07:00
Nelson Chen
b41079ddf9 Update Application Mac Menu. Small MacGap leftover.
Hide ZeroTier One, not MacGap. 

Just a papercut.
2015-07-22 22:40:43 -07:00
Adam Ierymenko
e2a2993b18 Add a Log table to log queries for debugging and security logging. No JSON API support for querying the log yet, but will probably come via /network/###/member/###/log/... or something. 2015-07-22 14:01:49 -07:00
Adam Ierymenko
8ca885d27c Merge pull request #212 from keesbos/fix
Fix for output of empty (no members) network
2015-07-22 09:34:17 -07:00
Adam Ierymenko
7c761dea72 Fix to member listing: I wanted an object with member IDs as keys and member revisions as values, not an array. 2015-07-21 14:12:22 -07:00
Adam Ierymenko
3f8a5b8b76 List members in the form of a hash of member ID and member revision so code can quickly detect which members have changed. 2015-07-21 13:38:59 -07:00
Adam Ierymenko
a061aa3d87 Remove "members" from Network record and instead enumerate members via specific query to /network/nwid/member sub-path. More RESTful, scalable, and compatible with how OnePoint code works. 2015-07-21 12:57:01 -07:00
Adam Ierymenko
b343eac10d Fix IP auto-assign bug due to missing subnet routes. 2015-07-21 12:42:43 -07:00
Adam Ierymenko
649a12472b Report controllerInstanceId in all objects so that controller resets can be easily detected by whatever is using the service. 2015-07-21 10:39:29 -07:00
Adam Ierymenko
cac6be87ba Fix bug in rules JSON output. 2015-07-20 16:31:37 -07:00
Adam Ierymenko
38d34a7495 Proper handling of NULL entry for etherType in rules table. 2015-07-20 15:11:53 -07:00
Adam Ierymenko
fb4c3dd8d4 Fix string overwrite bug. 2015-07-20 14:31:33 -07:00
Adam Ierymenko
1ffd67e014 Get rid of false foreign key in Relay. 2015-07-20 14:28:30 -07:00
Adam Ierymenko
8c18c60c00 sp. 2015-07-17 15:30:13 -07:00
Adam Ierymenko
bca8886ff8 IP assignment pool range bug fix. 2015-07-17 15:09:28 -07:00
Adam Ierymenko
1f7bb67069 Fix some SQL and make instanceId more robustly random. 2015-07-17 13:09:53 -07:00
Adam Ierymenko
712e2785f2 Fix bad JSON in response. 2015-07-17 12:24:42 -07:00
Adam Ierymenko
5515909c1e Add a concept of an "instanceId" to the controller, which the OnePoint can use to determine whether it is the same running database instance it already knows. 2015-07-17 10:47:21 -07:00
Grant Limberg
5ef806c43c Fix addLocalInterfaceAddress call in OneService on Windows 2015-07-16 19:20:43 -07:00
Adam Ierymenko
0db7c94c90 Add memberRevision stuff to JSON output, and update docs. 2015-07-16 17:42:47 -07:00
Adam Ierymenko
99969b186b Add a concept of a member revision counter to networks. This can be used to select all members that have been added or changed since a given point. 2015-07-16 17:34:03 -07:00
Adam Ierymenko
f9f7de0ec7 Networks don't need their ID as a default name. 2015-07-14 15:54:56 -07:00
Adam Ierymenko
d27c14af48 Don't allow zero as a network number. 2015-07-14 12:32:57 -07:00
Adam Ierymenko
88949a750f Workaround for uclibc missing map::operator==() 2015-07-13 11:39:55 -07:00
Adam Ierymenko
547b1c6157 Add additional TRACE output in pushDirectPaths. 2015-07-13 10:35:33 -07:00