Commit Graph

81 Commits

Author SHA1 Message Date
Grant Limberg
364ad87e2b
add ssoEnabled flag to network config 2021-06-05 13:44:45 -07:00
Adam Ierymenko
b270d527f4
Basic plumbing for authentication requirement and piping through of URL information. 2021-05-24 22:58:17 -04:00
Adam Ierymenko
06730c7d1d BSL date bump 2020-08-20 12:51:39 -07:00
Grant Limberg
c0c215c83c
single dns config per network 2020-08-12 13:08:47 -07:00
Grant Limberg
387039456d
Pass 1 at adding DNS to controller 2020-07-20 14:34:19 -07:00
Grant Limberg
ee91c81799
Initialize C arrays to NULL in NetworkConfig() constructor 2020-05-19 17:40:51 -07:00
Adam Ierymenko
52a166a71f
Relicense: GPLv3 -> ZeroTier BSL 1.1 2019-08-23 09:23:39 -07:00
Adam Ierymenko
d81549a7b1 Various other fixes including removal of more mem*() issues and netlink fixes for AARCH64. 2019-03-25 22:19:52 +00:00
Adam Ierymenko
e1091611da More mem*() stuff... 2019-03-25 12:41:59 -07:00
Joseph Henry
0e597191b8 Updated licenses for 2019 2019-01-14 10:25:53 -08:00
Adam Ierymenko
f7019d9e80 Tie up the rest of hub and spoke designated replicator multicast mode. 2018-01-26 22:14:10 -05:00
Adam Ierymenko
65c07afe05 Copyright updates for 2018. 2018-01-08 14:33:28 -08:00
Adam Ierymenko
16613ab5fb Clean up remote tracing code, add per-network remote trace settings, add remote trace level, and make local trace output readable again. 2017-12-04 14:40:10 -08:00
Adam Ierymenko
2d858b05ac Another fix for ye old tyme clients. 2017-09-01 12:03:31 -07:00
Adam Ierymenko
dab0fb9e05 Remote trace: plumbing, replace old TRACE with calls to Trace object. 2017-07-07 16:58:05 -07:00
Adam Ierymenko
d2415dee00 Cleanup. 2017-07-06 16:11:11 -07:00
Adam Ierymenko
355cce3938 Rename Utils::snprintf due to it being a #define on one platform. 2017-06-27 11:31:29 -07:00
Adam Ierymenko
107e3e4106 First pass of configurable MTU and max MTU increase. 2017-05-04 17:12:02 -07:00
Adam Ierymenko
1b68d6dbdc License header update. 2017-04-27 20:47:25 -07:00
Adam Ierymenko
10185e92fa Certificate of ownership -- used to secure against IP address spoofing, especially for IPv4 and regular IPv6. 2017-02-23 11:47:36 -08:00
Adam Ierymenko
31db768e4d A bit of code cleanup. 2017-02-04 00:23:31 -08:00
Adam Ierymenko
c9ee8612e4 Credential TTL (tags/capabilities) should be credential time max delta, since we could get pushed one that is newer. 2016-09-07 12:12:52 -07:00
Adam Ierymenko
68b4ca9b31 Cleanup. 2016-08-23 11:52:10 -07:00
Adam Ierymenko
9a3c652a51 Get rid of expiration in Capability and Tag and move this to NetworkConfig so it can be set network-wide and reset if needed. Also add NetworkConfig field for this and centralize checking of credential time validity. 2016-08-22 18:06:46 -07:00
Adam Ierymenko
4d498b3765 Handling of multi-part chunked network configs on the inbound side. 2016-08-09 13:14:38 -07:00
Adam Ierymenko
2ba9343607 Encode and decode of tags and capabilities in NetworkConfig. 2016-08-09 08:32:42 -07:00
Adam Ierymenko
91940cbcf5 Kill network preferred relays -- this feature is gone (and was seldom used anyway) in favor of federation. 2016-08-02 14:40:26 -07:00
Adam Ierymenko
d3b0081447 Cleanup... 2016-07-28 12:09:58 -07:00
Adam Ierymenko
eaf6d6c938 Basic L2/L3 filter for rules engine (not integrated yet) and some cleanup. 2016-07-25 15:52:16 -07:00
Adam Ierymenko
38dfebad8c IPv6 NDP emulation flag in NetworkConfig, and implement Docker-friendly
(and other host friendly) IPv6 /80 magic subnetting to allow massive
multicast-free NDP emulated IPv6 networks where each host can have a
/48 worth of IPv6 IPs for internal containers, VMs, etc.

Alan Kay, thou art avenged.

https://ivanovivan.wordpress.com/2010/09/13/alan-kay-quotes/
2016-06-23 22:41:14 -07:00
Adam Ierymenko
330c80f3f5 Add rule type to match a COM field of the peer by ID and value because this will be powerful. 2016-06-21 08:09:20 -07:00
Adam Ierymenko
b2d048aa0e Make Dictionary templatable so it can be used where we want a higher capacity. 2016-06-21 07:32:58 -07:00
Adam Ierymenko
37afa876a7 Linux bug fixes, small controller fix. 2016-06-17 00:21:58 +00:00
Adam Ierymenko
901b75e756 New format now integrated, and it works. 2016-06-16 15:48:58 -07:00
Adam Ierymenko
e09c1a1c11 Big refactor mostly builds. We now have a uniform backward compatible netconf. 2016-06-16 12:28:43 -07:00
Adam Ierymenko
7ee3743c3d Refactor controller to send both old and new format netconf. 2016-05-11 08:49:15 -07:00
Adam Ierymenko
8b9519f0af Simplify a bunch of NetworkConfig stuff by eliminating accessors, also makes network controller easier to refactor. 2016-05-06 16:13:11 -07:00
Adam Ierymenko
0f17077b3d Merge gateways and routes in netconf since they are the same thing. 2016-05-06 10:57:53 -07:00
Adam Ierymenko
b9dba97fdb Bunch more refactoring for an even more compact NetworkConfig representation, especially rules. 2016-04-26 17:11:25 -07:00
Adam Ierymenko
e731fc1a3a Replace two bools in NetworkConfig with a flags field. 2016-04-26 08:40:26 -07:00
Adam Ierymenko
90e1262a8b More refactoring to remove old Dictionary dependencies. 2016-04-26 08:20:03 -07:00
Adam Ierymenko
d736074301 Refactor rules table in-memory structure in new NetworkConfig to permit far more rules with better space efficiency. 2016-04-22 15:40:53 -07:00
Adam Ierymenko
6f854c8391 NetworkConfig refactor part 1 2016-04-12 12:11:34 -07:00
Adam Ierymenko
4e4fd51117 boring doc stuff 2016-01-12 14:04:55 -08:00
Adam Ierymenko
0034efafe4 On semi-undocumented test net, assign a RFC4193 IPv6 address too. Will be useful for our at-scale tests. 2015-10-28 11:08:15 -07:00
Adam Ierymenko
5384f185ae Simplify Dictionary and reduce memory usage, now no more std::maps in core. 2015-10-01 18:12:16 -07:00
Adam Ierymenko
f69454ec98 (1) Make ZT_ naming convention consistent (get rid of ZT1_), (2) Make local interface a full sockaddr_storage instead of an int identifier, which turns out to be better for multi-homing and other uses. 2015-09-24 16:21:36 -07:00
Adam Ierymenko
3ba54c7e35 Eliminate some poorly thought out optimizations from the netconf/controller interaction,
and go ahead and bump version to 1.0.4.

For a while in 1.0.3 -dev I was trying to optimize out repeated network controller
requests by using a ratcheting mechanism. If the client received a network config
that was indeed different from the one it had, it would respond by instantlly
requesting it again.

Not sure what I was thinking. It's fundamentally unsafe to respond to a message
with another message of the same type -- it risks a race condition. In this case
that's exactly what could happen.

It just isn't worth the added complexity to avoid a tiny, tiny amount of network
overhead, so I've taken this whole path out.

A few extra bytes every two minutes isn't worth fretting about, but as I recall
the reason for this optimization was to save CPU on the controller. This can be
achieved by just caching responses in memory *there* and serving those same
responses back out if they haven't changed.

I think I developed that 'ratcheting' stuff before I went full time on this. It's
hard to develop stuff like this without hours of sustained focus.
2015-07-23 09:50:10 -07:00
Adam Ierymenko
dbee1b38b3 Fix semantics of std::unique() to actually remove duplicates (hidden memory leak?) 2015-06-29 10:21:28 -07:00
Adam Ierymenko
57c7992c78 GitHub issue #191 - kill intra-network multicast rate limits (which were not well supported or easily configurable anyway) -- this is really left over from the old collaborative multicast propagation algorithm. New algorithm (in for a while) has been sender-side replication in which sender "pays" all bandwidth, which intrinsically limits multicast. 2015-06-26 12:36:45 -07:00