ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2024-12-22 14:22:23 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,725 Commits 15 Branches 105 Tags 179 MiB
b48a70db2e
Commit Graph

1467 Commits

Author SHA1 Message Date
Adam Ierymenko
723a9a6e9a Small additional efficiency improvement. 2017-02-06 17:20:22 -08:00
Adam Ierymenko
59ba7c8bf5 Improve efficiency of pushCredentials() method since it gets called a lot. 2017-02-06 17:10:20 -08:00
Adam Ierymenko
78d548458b Capabilities basically work but need to refactor a bit for performance reasons. 2017-02-06 16:38:48 -08:00
Adam Ierymenko
9ddc2a4331 Add a break action to rules engine to make capabilities easier to use. 2017-02-06 14:00:49 -08:00
Adam Ierymenko
435e4c4695 Fix HELLO parse bug. 2017-02-06 12:06:10 -08:00
Adam Ierymenko
21f4a97c35 CSPRNG performance improvement, self test build fix. 2017-02-06 11:49:41 -08:00
Adam Ierymenko
e0d63c50db One more tweak after thinking about related keys and key stream reuse. Just a precaution. 2017-02-06 07:45:57 -08:00
Adam Ierymenko
803f74634a Tweak how we do crypto of the masked portions of HELLO just to be more "boring" in the DJB sense. 2017-02-06 07:39:38 -08:00
Adam Ierymenko
f85a630a64 Docs and a small build fix in debug mode. 2017-02-06 07:17:45 -08:00
Adam Ierymenko
43182f8f57 Docs, code cleanup, and protect the extra new fields of HELLO with encryption as a precaution. 2017-02-05 16:19:03 -08:00
Adam Ierymenko
594cb1fad8 Small fix for duplicates in world definitions. 2017-02-04 19:29:39 -08:00
Adam Ierymenko
3587aa1ea7 Add and send certificates of representation to tell people what our valid upstreams are. These are not used yet but will be needed for future privacy modes, etc. Also some cleanup. 2017-02-04 13:17:00 -08:00
Adam Ierymenko
beb642faa5 Stub out CAN_REACH. 2017-02-04 10:21:31 -08:00
Adam Ierymenko
31db768e4d A bit of code cleanup. 2017-02-04 00:23:31 -08:00
Adam Ierymenko
d9e4ba1280 Eliminate a little copypasta. 2017-02-04 00:04:44 -08:00
Adam Ierymenko
dcb1233b0d Slight refactor to RENEDEZVOUS sending code for federation. 2017-02-03 23:54:02 -08:00
Adam Ierymenko
8a2ff0b31e Actual documentation. 2017-02-03 19:47:00 -08:00
Adam Ierymenko
9284e4edfe agree() must be called on our identity, the one with the secret 2017-02-01 15:22:14 -08:00
Adam Ierymenko
62a705af1c Eliminate another check in cluster frontplane mode. 2017-02-01 14:35:07 -08:00
Adam Ierymenko
29ec7bf3a2 Add more specific check in source==self case instead of dumping it. 2017-02-01 14:18:56 -08:00
Adam Ierymenko
fc3f4fb988 Yeah that could never have worked (normal packets in cluster mode). 2017-02-01 14:05:13 -08:00
Adam Ierymenko
60ff280dcb Another tweak to cluster I/O rules. 2017-02-01 13:52:53 -08:00
Adam Ierymenko
b378f5dcd7 Take 3 2017-02-01 13:20:51 -08:00
Adam Ierymenko
e778d45128 Still want to send WANT_PEER under two failure modes. 2017-02-01 12:51:52 -08:00
Adam Ierymenko
5e11cf6378 Can't armor() a packet until all flags are set. 2017-02-01 12:32:06 -08:00
Adam Ierymenko
5dbebc513a Minor send path refactor to make packet I/O work on clusters if they are members of networks. Also fix a crash if compiled in cluster mode but no cluster is enabled. 2017-02-01 12:00:25 -08:00
Adam Ierymenko
6d5a3cd2e2 Remove debug code. Cluster network config sharing seems to work. 2017-01-30 16:23:38 -08:00
Adam Ierymenko
f9ad80aa13 . 2017-01-30 16:15:47 -08:00
Adam Ierymenko
ed31cb76d6 Fix to cluster network configs. 2017-01-30 16:04:05 -08:00
Adam Ierymenko
eebd271bb1 Implement cross cluster sharing of network configs to make clusters able to actually join networks. 2017-01-30 15:40:22 -08:00
Adam Ierymenko
471108f2e4 Slightly increase thread stack size for safety (primary Alpine related) possibly GitHub #443 2017-01-30 08:01:36 -08:00
Adam Ierymenko
2ceb162df0 Merge pull request #442 from zielmicha/allow-managed 
allow user to specify arbitrary allowed IP networks in allowManaged
 2017-01-30 06:54:49 -08:00
Adam Ierymenko
5fa1d9796c zerotier-idtool commands to init and generate moons 2017-01-27 17:34:39 -08:00
Adam Ierymenko
77a1dd4737 Dead code removal, fix minor issue in upstream endpoint check. 2017-01-27 16:25:53 -08:00
Adam Ierymenko
9e7c778cc8 Fix deadlock. 2017-01-27 16:16:06 -08:00
Adam Ierymenko
1d775af34a Fix moon persistence. 2017-01-27 15:35:21 -08:00
Adam Ierymenko
9f7919f71f Add comments to join ("orbit") moons. 2017-01-27 15:27:26 -08:00
Adam Ierymenko
0b3b994241 Relay policy can now be computed. 2017-01-27 14:05:09 -08:00
Adam Ierymenko
bc218f9414 little fix 2017-01-27 13:52:29 -08:00
Adam Ierymenko
f102fd7f92 Extend in-band world updates to handle moons too. 2017-01-27 13:50:56 -08:00
Adam Ierymenko
64774d0d4f Replace piecemeal designation of upstreams with the concept of moons, which is simpler and easier to use and inherits all the cool live update stuff of worlds (now called planets) and global roots. 2017-01-27 13:27:52 -08:00
Michał Zieliński
8f2a42d1ad allow user to specify arbitrary allowed IP networks in allowManaged 2017-01-23 12:16:40 +01:00
Adam Ierymenko
9a475eeff9 Windows build fix, warning removal. 2017-01-20 12:00:18 -08:00
Adam Ierymenko
0995c1dcaa Encapsulate LZ4 in Packet.cpp to eliminate dependency. 2017-01-19 15:16:04 -08:00
Adam Ierymenko
7612bf3302 Fix LZ4 warning. 2017-01-19 14:54:39 -08:00
Adam Ierymenko
0fb3d1d582 Add a build version for software update use so we can do very minor updates within a version. 2017-01-18 09:16:23 -08:00
Adam Ierymenko
1346e31a8e Windows build fixes, Software update fix, warning removal. 2017-01-13 14:22:36 -08:00
Adam Ierymenko
d7e7ad4f88 Can't send a user message to self. 2017-01-11 17:46:52 -08:00
Adam Ierymenko
d5528e4e9a Wire up VERB_USER_MESSAGE in core. 2017-01-09 15:55:07 -08:00
Adam Ierymenko
c8554504f3 . 2016-12-22 18:37:46 -08:00
Adam Ierymenko
6b12d86209 Add a workaround for an edge case in TEE/REDIRECT if we are the inbound destination and teeing is only being done on the outbound side. 2016-12-22 18:06:35 -08:00
Adam Ierymenko
fe530548bb Fix MATCH_RANDOM in controller. 2016-12-22 16:57:45 -08:00
Adam Ierymenko
2eaff6d484 Fix to characteristcs in rules engine. 2016-12-22 16:36:38 -08:00
Adam Ierymenko
244f37179c Minor security: lock roots to only be reachable via World IPs. 2016-12-05 16:09:42 -08:00
Adam Ierymenko
fa2bb91ae5 Kill some old debug code. 2016-11-30 10:48:09 -08:00
Adam Ierymenko
84732fcb12 Wire through external path lookup. Static paths should now work. 2016-11-22 14:23:13 -08:00
Adam Ierymenko
42ba70e79e Replace long callback arg list with struct, and implement path whitelisting, path blacklisting, and local.conf support for roles. 2016-11-22 10:54:58 -08:00
Adam Ierymenko
cbaef66e82 Fix a deadlock in federation/upstream code. 2016-11-21 16:04:01 -08:00
Adam Ierymenko
97d915b06c Expose relay policy in node settings. 2016-11-21 15:35:18 -08:00
Adam Ierymenko
ccdd4ffda7 Move split() to OSUtils since it is not used in core. 2016-11-18 15:49:28 -08:00
Adam Ierymenko
673c0c811e Wire through upstream stuff and add setRole(). 2016-11-18 13:48:49 -08:00
Adam Ierymenko
6e1da35c12 Remove debug. 2016-11-18 13:15:58 -08:00
Adam Ierymenko
25f9c294dc Small bug fix and warning removal. 2016-11-18 13:01:45 -08:00
Adam Ierymenko
2ea9f516e1 Rate gate expensive validation of new identities in HELLO. 2016-11-18 12:59:04 -08:00
Adam Ierymenko
ab4021dd0e Do packet MAC check before locallyValidate(), and add timing measurement in selftest. 2016-11-18 11:09:19 -08:00
Adam Ierymenko
1fcbb1fbed Proactively auto-load designated upstreams. 2016-11-18 10:39:26 -08:00
Adam Ierymenko
39333c9e8e Modify unite() to deal with a second layer of upstreams. 2016-11-17 16:59:04 -08:00
Adam Ierymenko
1615ef1114 Rename getBestRoot() etc. 2016-11-17 16:31:58 -08:00
Adam Ierymenko
bf8d71e82c Add notion of upstream that is separate from root in Topology, etc. 2016-11-17 16:20:41 -08:00
Adam Ierymenko
12d32b9311 Small fix to send pushes if not a reply. 2016-11-10 11:57:45 -08:00
Adam Ierymenko
226123ca08 Refactor controller to permit sending of pushes as well as just replies to config requests. 2016-11-10 11:54:47 -08:00
Adam Ierymenko
5ebf5077f5 Log last meta-data in controller, and ease up just a bit on keepalives. 2016-11-09 17:11:10 -08:00
Adam Ierymenko
c61ca1dea2 Keep connections up for netconf stuff as well as frames. 2016-11-09 16:04:08 -08:00
Grant Limberg
8ffae313fd add new files & remove old ones from VS project. Now builds & runs on Windows again 2016-11-03 12:10:50 -07:00
Adam Ierymenko
27d997a2e5 . 2016-10-13 15:17:17 -07:00
Adam Ierymenko
6469aa9df9 typo 2016-10-13 14:28:39 -07:00
Adam Ierymenko
ce6b5bc6f5 . 2016-10-13 14:21:24 -07:00
Adam Ierymenko
4f3775bb86 Fix ICMP match. 2016-10-13 14:21:00 -07:00
Adam Ierymenko
8850a8610a Fix filter trace. 2016-10-13 13:59:17 -07:00
Adam Ierymenko
2d6a4e5974 cleanup 2016-10-13 13:52:45 -07:00
Adam Ierymenko
93b4ac5cb2 Remove unused POW code, will revisit later. 2016-10-13 13:17:30 -07:00
Adam Ierymenko
3f4c166861 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2016-10-11 12:00:38 -07:00
Adam Ierymenko
e53f63ca87 Broke down and added an OR to the rules engine. It is now possible to have a series of MATCHes that are ORed. 2016-10-11 12:00:16 -07:00
Grant Limberg
6a50291aa2 Fix the case for InetAddress::containsAddress for IPv6 route of :: 2016-10-07 14:29:06 -07:00
Adam Ierymenko
45c4ccb153 Add a tags both equal match. 2016-10-05 16:38:42 -07:00
Adam Ierymenko
adeb7e7da0 Make capability flags match more user-friendly and appropriate since "match any flag" is generally what we want. 2016-10-05 12:54:46 -07:00
Adam Ierymenko
d5f4d381d0 Go ahead and loop back packets whose destination is self. Some OSes require this since they aactually follow the full network path even for local IPs. 2016-10-05 10:12:06 -07:00
Adam Ierymenko
988049f39b Add new rule to rules engine: random match. 2016-09-30 14:07:00 -07:00
Adam Ierymenko
9eaa3756f8 Fix deadlock-causing regression in Network. 2016-09-30 12:22:54 -07:00
Adam Ierymenko
4fe9a4fe83 Fix memory leak. 2016-09-28 16:13:59 -07:00
Adam Ierymenko
01129d02b3 hashCode() for InetAddress 2016-09-28 13:45:25 -07:00
Adam Ierymenko
e1fbf7b34c Check multicast limit on send after NDP emulation code. 2016-09-28 12:21:08 -07:00
Adam Ierymenko
7e90ab3534 TRACE verbosity increase on exceptions in NETWORK_CREDENTIALS. 2016-09-28 11:06:44 -07:00
Adam Ierymenko
5ee1ccd659 Send need credential error on more cases. 2016-09-27 16:41:08 -07:00
Adam Ierymenko
0b44919ba2 Clusters can send multiple OKs so we must allow this. 2016-09-27 16:33:37 -07:00
Adam Ierymenko
9f550292fe Simply network auth logic and always sent error on auth failure even for unknown networks to prevent forensics. 2016-09-27 13:49:43 -07:00
Adam Ierymenko
5ba7ca91c0 TRACE build fix. 2016-09-27 12:44:44 -07:00
Adam Ierymenko
cc4bacc199 Cleanup, and implement compression disable flag for networks. 2016-09-27 12:22:25 -07:00
Adam Ierymenko
15c07c58b6 Refactored network config chunking to sign every chunk to prevent stupid DOS attack potential, and implement network config fast propagate (though we probably will not use this for a bit). 2016-09-27 11:33:48 -07:00
Adam Ierymenko
7e4b6b594b It now builds. 2016-09-26 17:05:39 -07:00