Grant Limberg
364ad87e2b
add ssoEnabled flag to network config
2021-06-05 13:44:45 -07:00
Adam Ierymenko
b270d527f4
Basic plumbing for authentication requirement and piping through of URL information.
2021-05-24 22:58:17 -04:00
Adam Ierymenko
06730c7d1d
BSL date bump
2020-08-20 12:51:39 -07:00
Grant Limberg
c0c215c83c
single dns config per network
2020-08-12 13:08:47 -07:00
Grant Limberg
387039456d
Pass 1 at adding DNS to controller
2020-07-20 14:34:19 -07:00
Grant Limberg
ee91c81799
Initialize C arrays to NULL in NetworkConfig() constructor
2020-05-19 17:40:51 -07:00
Adam Ierymenko
52a166a71f
Relicense: GPLv3 -> ZeroTier BSL 1.1
2019-08-23 09:23:39 -07:00
Adam Ierymenko
d81549a7b1
Various other fixes including removal of more mem*() issues and netlink fixes for AARCH64.
2019-03-25 22:19:52 +00:00
Adam Ierymenko
e1091611da
More mem*() stuff...
2019-03-25 12:41:59 -07:00
Joseph Henry
0e597191b8
Updated licenses for 2019
2019-01-14 10:25:53 -08:00
Adam Ierymenko
f7019d9e80
Tie up the rest of hub and spoke designated replicator multicast mode.
2018-01-26 22:14:10 -05:00
Adam Ierymenko
65c07afe05
Copyright updates for 2018.
2018-01-08 14:33:28 -08:00
Adam Ierymenko
16613ab5fb
Clean up remote tracing code, add per-network remote trace settings, add remote trace level, and make local trace output readable again.
2017-12-04 14:40:10 -08:00
Adam Ierymenko
2d858b05ac
Another fix for ye old tyme clients.
2017-09-01 12:03:31 -07:00
Adam Ierymenko
dab0fb9e05
Remote trace: plumbing, replace old TRACE with calls to Trace object.
2017-07-07 16:58:05 -07:00
Adam Ierymenko
d2415dee00
Cleanup.
2017-07-06 16:11:11 -07:00
Adam Ierymenko
355cce3938
Rename Utils::snprintf due to it being a #define on one platform.
2017-06-27 11:31:29 -07:00
Adam Ierymenko
107e3e4106
First pass of configurable MTU and max MTU increase.
2017-05-04 17:12:02 -07:00
Adam Ierymenko
1b68d6dbdc
License header update.
2017-04-27 20:47:25 -07:00
Adam Ierymenko
10185e92fa
Certificate of ownership -- used to secure against IP address spoofing, especially for IPv4 and regular IPv6.
2017-02-23 11:47:36 -08:00
Adam Ierymenko
31db768e4d
A bit of code cleanup.
2017-02-04 00:23:31 -08:00
Adam Ierymenko
c9ee8612e4
Credential TTL (tags/capabilities) should be credential time max delta, since we could get pushed one that is newer.
2016-09-07 12:12:52 -07:00
Adam Ierymenko
68b4ca9b31
Cleanup.
2016-08-23 11:52:10 -07:00
Adam Ierymenko
9a3c652a51
Get rid of expiration in Capability and Tag and move this to NetworkConfig so it can be set network-wide and reset if needed. Also add NetworkConfig field for this and centralize checking of credential time validity.
2016-08-22 18:06:46 -07:00
Adam Ierymenko
4d498b3765
Handling of multi-part chunked network configs on the inbound side.
2016-08-09 13:14:38 -07:00
Adam Ierymenko
2ba9343607
Encode and decode of tags and capabilities in NetworkConfig.
2016-08-09 08:32:42 -07:00
Adam Ierymenko
91940cbcf5
Kill network preferred relays -- this feature is gone (and was seldom used anyway) in favor of federation.
2016-08-02 14:40:26 -07:00
Adam Ierymenko
d3b0081447
Cleanup...
2016-07-28 12:09:58 -07:00
Adam Ierymenko
eaf6d6c938
Basic L2/L3 filter for rules engine (not integrated yet) and some cleanup.
2016-07-25 15:52:16 -07:00
Adam Ierymenko
38dfebad8c
IPv6 NDP emulation flag in NetworkConfig, and implement Docker-friendly
...
(and other host friendly) IPv6 /80 magic subnetting to allow massive
multicast-free NDP emulated IPv6 networks where each host can have a
/48 worth of IPv6 IPs for internal containers, VMs, etc.
Alan Kay, thou art avenged.
https://ivanovivan.wordpress.com/2010/09/13/alan-kay-quotes/
2016-06-23 22:41:14 -07:00
Adam Ierymenko
330c80f3f5
Add rule type to match a COM field of the peer by ID and value because this will be powerful.
2016-06-21 08:09:20 -07:00
Adam Ierymenko
b2d048aa0e
Make Dictionary templatable so it can be used where we want a higher capacity.
2016-06-21 07:32:58 -07:00
Adam Ierymenko
37afa876a7
Linux bug fixes, small controller fix.
2016-06-17 00:21:58 +00:00
Adam Ierymenko
901b75e756
New format now integrated, and it works.
2016-06-16 15:48:58 -07:00
Adam Ierymenko
e09c1a1c11
Big refactor mostly builds. We now have a uniform backward compatible netconf.
2016-06-16 12:28:43 -07:00
Adam Ierymenko
7ee3743c3d
Refactor controller to send both old and new format netconf.
2016-05-11 08:49:15 -07:00
Adam Ierymenko
8b9519f0af
Simplify a bunch of NetworkConfig stuff by eliminating accessors, also makes network controller easier to refactor.
2016-05-06 16:13:11 -07:00
Adam Ierymenko
0f17077b3d
Merge gateways and routes in netconf since they are the same thing.
2016-05-06 10:57:53 -07:00
Adam Ierymenko
b9dba97fdb
Bunch more refactoring for an even more compact NetworkConfig representation, especially rules.
2016-04-26 17:11:25 -07:00
Adam Ierymenko
e731fc1a3a
Replace two bools in NetworkConfig with a flags field.
2016-04-26 08:40:26 -07:00
Adam Ierymenko
90e1262a8b
More refactoring to remove old Dictionary dependencies.
2016-04-26 08:20:03 -07:00
Adam Ierymenko
d736074301
Refactor rules table in-memory structure in new NetworkConfig to permit far more rules with better space efficiency.
2016-04-22 15:40:53 -07:00
Adam Ierymenko
6f854c8391
NetworkConfig refactor part 1
2016-04-12 12:11:34 -07:00
Adam Ierymenko
4e4fd51117
boring doc stuff
2016-01-12 14:04:55 -08:00
Adam Ierymenko
0034efafe4
On semi-undocumented test net, assign a RFC4193 IPv6 address too. Will be useful for our at-scale tests.
2015-10-28 11:08:15 -07:00
Adam Ierymenko
5384f185ae
Simplify Dictionary and reduce memory usage, now no more std::maps in core.
2015-10-01 18:12:16 -07:00
Adam Ierymenko
f69454ec98
(1) Make ZT_ naming convention consistent (get rid of ZT1_), (2) Make local interface a full sockaddr_storage instead of an int identifier, which turns out to be better for multi-homing and other uses.
2015-09-24 16:21:36 -07:00
Adam Ierymenko
3ba54c7e35
Eliminate some poorly thought out optimizations from the netconf/controller interaction,
...
and go ahead and bump version to 1.0.4.
For a while in 1.0.3 -dev I was trying to optimize out repeated network controller
requests by using a ratcheting mechanism. If the client received a network config
that was indeed different from the one it had, it would respond by instantlly
requesting it again.
Not sure what I was thinking. It's fundamentally unsafe to respond to a message
with another message of the same type -- it risks a race condition. In this case
that's exactly what could happen.
It just isn't worth the added complexity to avoid a tiny, tiny amount of network
overhead, so I've taken this whole path out.
A few extra bytes every two minutes isn't worth fretting about, but as I recall
the reason for this optimization was to save CPU on the controller. This can be
achieved by just caching responses in memory *there* and serving those same
responses back out if they haven't changed.
I think I developed that 'ratcheting' stuff before I went full time on this. It's
hard to develop stuff like this without hours of sustained focus.
2015-07-23 09:50:10 -07:00
Adam Ierymenko
dbee1b38b3
Fix semantics of std::unique() to actually remove duplicates (hidden memory leak?)
2015-06-29 10:21:28 -07:00
Adam Ierymenko
57c7992c78
GitHub issue #191 - kill intra-network multicast rate limits (which were not well supported or easily configurable anyway) -- this is really left over from the old collaborative multicast propagation algorithm. New algorithm (in for a while) has been sender-side replication in which sender "pays" all bandwidth, which intrinsically limits multicast.
2015-06-26 12:36:45 -07:00