Adam Ierymenko
|
10185e92fa
|
Certificate of ownership -- used to secure against IP address spoofing, especially for IPv4 and regular IPv6.
|
2017-02-23 11:47:36 -08:00 |
|
Adam Ierymenko
|
803f74634a
|
Tweak how we do crypto of the masked portions of HELLO just to be more "boring" in the DJB sense.
|
2017-02-06 07:39:38 -08:00 |
|
Adam Ierymenko
|
f85a630a64
|
Docs and a small build fix in debug mode.
|
2017-02-06 07:17:45 -08:00 |
|
Adam Ierymenko
|
43182f8f57
|
Docs, code cleanup, and protect the extra new fields of HELLO with encryption as a precaution.
|
2017-02-05 16:19:03 -08:00 |
|
Adam Ierymenko
|
3587aa1ea7
|
Add and send certificates of representation to tell people what our valid upstreams are. These are not used yet but will be needed for future privacy modes, etc. Also some cleanup.
|
2017-02-04 13:17:00 -08:00 |
|
Adam Ierymenko
|
beb642faa5
|
Stub out CAN_REACH.
|
2017-02-04 10:21:31 -08:00 |
|
Adam Ierymenko
|
f102fd7f92
|
Extend in-band world updates to handle moons too.
|
2017-01-27 13:50:56 -08:00 |
|
Adam Ierymenko
|
0995c1dcaa
|
Encapsulate LZ4 in Packet.cpp to eliminate dependency.
|
2017-01-19 15:16:04 -08:00 |
|
Adam Ierymenko
|
7612bf3302
|
Fix LZ4 warning.
|
2017-01-19 14:54:39 -08:00 |
|
Adam Ierymenko
|
d5528e4e9a
|
Wire up VERB_USER_MESSAGE in core.
|
2017-01-09 15:55:07 -08:00 |
|
Adam Ierymenko
|
1615ef1114
|
Rename getBestRoot() etc.
|
2016-11-17 16:31:58 -08:00 |
|
Adam Ierymenko
|
bf8d71e82c
|
Add notion of upstream that is separate from root in Topology, etc.
|
2016-11-17 16:20:41 -08:00 |
|
Adam Ierymenko
|
93b4ac5cb2
|
Remove unused POW code, will revisit later.
|
2016-10-13 13:17:30 -07:00 |
|
Adam Ierymenko
|
cc4bacc199
|
Cleanup, and implement compression disable flag for networks.
|
2016-09-27 12:22:25 -07:00 |
|
Adam Ierymenko
|
15c07c58b6
|
Refactored network config chunking to sign every chunk to prevent stupid DOS attack potential, and implement network config fast propagate (though we probably will not use this for a bit).
|
2016-09-27 11:33:48 -07:00 |
|
Adam Ierymenko
|
7e4b6b594b
|
It now builds.
|
2016-09-26 17:05:39 -07:00 |
|
Adam Ierymenko
|
eac3667ec1
|
Bunch more refactoring and work on revocations, etc.
|
2016-09-26 16:17:02 -07:00 |
|
Adam Ierymenko
|
1f74dd4589
|
Revocation work in progress, add WATCH which is TEE with implicit rate sync (thanks JG@DCVC!), and clean up some cruft in Network.
|
2016-09-23 16:08:38 -07:00 |
|
Adam Ierymenko
|
0d4109a9f1
|
More refactoring to clean up code, and add a gate function to make sure we do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions.
|
2016-09-09 08:43:58 -07:00 |
|
Adam Ierymenko
|
16df2c3363
|
Clean up handling of COMs, network access control, and fix a backward compatiblity issue.
|
2016-09-08 19:48:05 -07:00 |
|
Adam Ierymenko
|
74afef8eb1
|
Think through and refine a few things in rules, especially edge case TEE and REDIRECT behavior and semantics.
|
2016-08-31 16:50:22 -07:00 |
|
Adam Ierymenko
|
8e3463d47a
|
Add length limit to TEE and REDIRECT, and completely factor out old C json-parser to eliminate a dependency.
|
2016-08-24 13:37:57 -07:00 |
|
Adam Ierymenko
|
0ee4d3554a
|
Stub out USER_MESSAGE.
|
2016-08-23 14:38:20 -07:00 |
|
Adam Ierymenko
|
0a7a33ef8f
|
Instantaneous blacklisting and credential revocation.
|
2016-08-23 13:46:36 -07:00 |
|
Adam Ierymenko
|
0dfc08b317
|
Tidy up a few minor protocol things, improve documentation in Packet.hpp.
|
2016-08-23 11:29:02 -07:00 |
|
Adam Ierymenko
|
c9d7845fea
|
Minor bug fix and some instrumentation stuff for testing.
|
2016-08-09 17:00:01 -07:00 |
|
Adam Ierymenko
|
bcd05fbdfa
|
Chunking of network config replies.
|
2016-08-09 09:34:13 -07:00 |
|
Adam Ierymenko
|
00fd9c3a15
|
It builds... almost ready to test some rules engine stuff.
|
2016-08-08 17:33:26 -07:00 |
|
Adam Ierymenko
|
e2f783ebbd
|
.
|
2016-08-05 15:02:01 -07:00 |
|
Adam Ierymenko
|
404a0bbddd
|
...
|
2016-08-04 09:51:15 -07:00 |
|
Adam Ierymenko
|
7e6e56e2bc
|
Bunch of work on pushing and replication of tags and capabilities, and protocol cleanup.
|
2016-08-03 18:04:08 -07:00 |
|
Adam Ierymenko
|
ecc1324bb0
|
Rules engine work: capability based security model with tags and capabilities, and some cleanup across other places.
|
2016-08-02 13:36:17 -07:00 |
|
Adam Ierymenko
|
4929be08f7
|
Cleanup and stub out new object transfer messages.
|
2016-07-26 12:33:51 -07:00 |
|
Adam Ierymenko
|
765082fdb6
|
Trusted path support, and version bump to 1.1.9
|
2016-07-12 08:29:50 -07:00 |
|
Adam Ierymenko
|
6c6b18d003
|
Fix include for system lz4.
|
2016-06-08 12:50:56 -07:00 |
|
Adam Ierymenko
|
523ea68ae2
|
Increment protocol version to indicate support for binary network config and config request meta-data.
|
2016-06-07 11:08:36 -07:00 |
|
Adam Ierymenko
|
9da8bf37d7
|
docs
|
2016-04-28 21:31:10 +02:00 |
|
Adam Ierymenko
|
4c455876f9
|
Revise peer path weighting to always prioritize cluster-optimal paths.
|
2016-04-19 09:22:51 -07:00 |
|
Adam Ierymenko
|
cecfa99b7b
|
(1) cluster members send a flag indicating that a PUSH_DIRECT_PATHS is a cluster redirect, (2) 1.1.5 uses this to avoid a bug (this bug does not exist in 1.1.4)
|
2016-04-18 16:44:23 -07:00 |
|
Adam Ierymenko
|
43fff1a87e
|
Deprecate reporting of local clock in circuit tests since a small number of users might have security problems with this.
|
2016-02-22 12:59:26 -08:00 |
|
Adam Ierymenko
|
4e4fd51117
|
boring doc stuff
|
2016-01-12 14:04:55 -08:00 |
|
Adam Ierymenko
|
d8143a5e18
|
Implement first pass on rapid dead path detection, and increment version to 1.1.3 (dev)
|
2016-01-05 16:41:54 -08:00 |
|
Adam Ierymenko
|
cba739fd6b
|
more dead code
|
2016-01-05 14:46:26 -08:00 |
|
Adam Ierymenko
|
fb5237d5b6
|
Outline dead path detection mechanism.
|
2016-01-05 14:42:56 -08:00 |
|
Adam Ierymenko
|
258f95b2cd
|
dead code removal
|
2016-01-05 14:19:16 -08:00 |
|
Adam Ierymenko
|
436c1fac1d
|
Selectively move over changes from "edge" to "dev" excluding netcon.
|
2015-12-21 16:15:39 -08:00 |
|
Adam Ierymenko
|
57b71bfff0
|
Cluster simplification and refactor work in progress...
|
2015-11-08 13:57:02 -08:00 |
|
Adam Ierymenko
|
f1b6427e63
|
Decided to make this 1.1.0 (semantic versioning increment is warranted), and add a legacy hack for older clients working with clusters.
|
2015-11-02 09:32:56 -08:00 |
|
Adam Ierymenko
|
9617208e40
|
Some cleanup, and use VERB_PUSH_DIRECT_PATHS to redirect newer peers.
|
2015-10-27 09:53:43 -07:00 |
|
Adam Ierymenko
|
619e113748
|
Work in progress on Cluster for new root infrastructure, multi-homing.
|
2015-10-14 14:12:12 -07:00 |
|
Adam Ierymenko
|
824ed99160
|
.
|
2015-10-13 12:42:54 -07:00 |
|
Adam Ierymenko
|
5d2f523e81
|
World stuff...
|
2015-10-13 12:10:44 -07:00 |
|
Adam Ierymenko
|
cae58f43f1
|
More World stuff, and mkworld.
|
2015-10-13 08:49:36 -07:00 |
|
Adam Ierymenko
|
1b1945c63e
|
Work in progress on refactoring root-topology into World and adding in-band updates.
|
2015-10-12 18:25:29 -07:00 |
|
Adam Ierymenko
|
aec13b50fd
|
Be a bit more verbose in circuit test reports to more clearly track current and upstream hop in graph traversal history.
|
2015-10-09 15:05:26 -07:00 |
|
Adam Ierymenko
|
3fa6dd377f
|
docs
|
2015-10-09 08:51:57 -07:00 |
|
Adam Ierymenko
|
273f0d18b0
|
docs
|
2015-10-08 09:05:25 -07:00 |
|
Adam Ierymenko
|
fea1b6b2c3
|
docs
|
2015-10-07 16:25:08 -07:00 |
|
Adam Ierymenko
|
0ce0bc00d2
|
Make sure received() gets called for some new messages, and docs.
|
2015-10-07 16:20:54 -07:00 |
|
Adam Ierymenko
|
69b44bf9a5
|
Finally add an ECHO.
|
2015-10-07 16:11:50 -07:00 |
|
Adam Ierymenko
|
e5f168f599
|
Add proof of work request for future DDOS mitigation use.
|
2015-10-07 13:35:46 -07:00 |
|
Adam Ierymenko
|
ab0228f626
|
More cleanup and simple refactoring, consolidate InetAddres serialize/deserialize into the class.
|
2015-10-07 10:30:47 -07:00 |
|
Adam Ierymenko
|
d3f29d09e8
|
Plumbing through circuit test stuff.
|
2015-10-06 14:42:51 -07:00 |
|
Adam Ierymenko
|
5341afcdcd
|
Handling of CIRCUIT_TEST, should be ready to test.
|
2015-10-06 11:47:16 -07:00 |
|
Adam Ierymenko
|
0d0039674f
|
Add new verb names, and fix some Mac compiler flags.
|
2015-09-30 14:48:07 -07:00 |
|
Adam Ierymenko
|
1a4f16e0ed
|
More work on circuit testing...
|
2015-09-30 13:59:05 -07:00 |
|
Adam Ierymenko
|
2d0adb562d
|
Specify circuit test messages.
|
2015-09-27 11:37:39 -07:00 |
|
Adam Ierymenko
|
0b354803f3
|
Clean up some YAGNI issues with implementation of GitHub issue #180, and make best path choice aware of path rank.
|
2015-07-13 10:03:04 -07:00 |
|
Adam Ierymenko
|
778c7e6e70
|
More cleanup to direct path push, comment fixes, etc.
|
2015-07-07 10:00:34 -07:00 |
|
Adam Ierymenko
|
c863ff3f02
|
A bunch of comments and cleanup, including some to yesterday's direct path pushing changes. Move path viability check to one place, and stop trying to use link-local addresses since they are not reliable.
|
2015-07-07 08:54:48 -07:00 |
|
Adam Ierymenko
|
f398952a6c
|
Revert some bad docs in Packet -- I think we will still use that. Also rename addMembershipCertificate to more security-descriptive validateAndAddMembershipCertificate, give it a return value, and drop unused force parameter.
|
2015-07-07 08:14:41 -07:00 |
|
Adam Ierymenko
|
79e9a8bcc2
|
Almost everything for GitHub issue #180 except direct path map setup.
|
2015-07-06 15:28:48 -07:00 |
|
Adam Ierymenko
|
255320e2a6
|
pushDirectPaths() implementation
|
2015-07-06 14:39:28 -07:00 |
|
Adam Ierymenko
|
93bb934d4e
|
Some cleanup, docs, and Path -> Path > RemotePath refactor.
|
2015-07-06 14:08:13 -07:00 |
|
Adam Ierymenko
|
9743db3538
|
docs
|
2015-07-06 12:37:37 -07:00 |
|
Adam Ierymenko
|
e5f7c55c54
|
Documentation in Packet, more work on path push, and clean up ancient legacy support code in Switch.
|
2015-07-06 12:34:35 -07:00 |
|
Adam Ierymenko
|
0cbbcf2884
|
Rename VERB_CMA to the more descriptive VERB_PHYSICAL_ADDRESS_PUSH
|
2015-06-29 16:01:01 -07:00 |
|
Adam Ierymenko
|
7bae95836c
|
Root server terminology cleanup, and tighten up a security check by checking full identity of peers instead of just address.
|
2015-06-19 10:23:25 -07:00 |
|
Kees Bos
|
a425bbc673
|
Renamed supernode to rootserver
|
2015-05-06 12:05:20 +02:00 |
|
Adam Ierymenko
|
845955dea5
|
Add definition for VERB_CMA -- GitHub issue #180
|
2015-06-13 18:08:00 +02:00 |
|
Adam Ierymenko
|
0bdd56ebd6
|
A few revisions to PFS design.
|
2015-05-15 09:04:39 -07:00 |
|
Adam Ierymenko
|
e94518590d
|
First stab of PFS design work with PKC security -- may not implement in 1.0.3 but stubbing out.
|
2015-05-14 17:41:05 -07:00 |
|
Adam Ierymenko
|
a8835cd8b3
|
Some prep work to make room for perfect forward security (PFS). Will not affect existing clients.
|
2015-05-13 18:53:37 -07:00 |
|
Adam Ierymenko
|
e922324bc6
|
Stop inlining all the Packet armor/dearmor stuff to reduce binary bloat. This stuff is called all over the place.
|
2015-05-04 18:39:53 -07:00 |
|
Adam Ierymenko
|
49f031ccb4
|
Tons of refactoring, change to desperation algorithm to use max of core or link, porting over core loop code from old Node.cpp to new CAPI version, etc.
|
2015-04-07 19:31:11 -07:00 |
|
Adam Ierymenko
|
a2821e9000
|
Add code to check external surface against reported surface from other trusted peers, and also rename ExternalSurface to SelfAwareness because lulz.
|
2015-04-06 20:17:21 -07:00 |
|
Adam Ierymenko
|
6eb9289367
|
Bunch more cleanup, improvements to NAT traversal logic, finished updating Switch.
|
2015-04-03 16:52:53 -07:00 |
|
Adam Ierymenko
|
1f28ce3980
|
Tons more refactoring: simplify Network, move explicit management of Tap out, redo COM serialization, etc.
|
2015-04-01 19:09:18 -07:00 |
|
Adam Ierymenko
|
93012b0ee5
|
Re-incorporation: ZeroTier Networks -> ZeroTier, Inc. [Delaware]
|
2015-02-17 13:11:34 -08:00 |
|
Adam Ierymenko
|
89f0c948f8
|
Physical address change message verb.
|
2015-02-04 11:59:02 -08:00 |
|
Adam Ierymenko
|
64ba596e0b
|
C++ network config master ready to test.
|
2015-01-08 14:27:55 -08:00 |
|
Adam Ierymenko
|
4e95384ad6
|
Cleanup, add tristate to config code in Network, and happy new year!
|
2015-01-05 17:47:59 -08:00 |
|
Adam Ierymenko
|
96e9a90e8e
|
docs
|
2015-01-05 16:19:56 -08:00 |
|
Adam Ierymenko
|
87c599df5c
|
Back out service message type -- YAGNI violation.
|
2015-01-05 15:52:02 -08:00 |
|
Adam Ierymenko
|
56cfe1d603
|
Strip out old Service code, add new service message type.
|
2015-01-05 11:47:22 -08:00 |
|
Adam Ierymenko
|
5484cf4309
|
More cleanup, and fix a bug in Multicaster::gather()
|
2014-10-29 16:24:19 -07:00 |
|
Adam Ierymenko
|
5bb854e504
|
Fix a nasty bug introduced in packet fragmentation a while back during refactoring, and a few other things related to multicast.
|
2014-10-28 17:25:34 -07:00 |
|
Adam Ierymenko
|
4941c8a1f3
|
New multicast bug fixes, TRACE improvements, and temporarily disable legacy multicast for debugging purposes.
|
2014-10-09 17:58:31 -07:00 |
|
Adam Ierymenko
|
d5e0f7e3e4
|
Reorg multicast packet, and a whole bunch of refactoring around the pushing of certificates of membership.
|
2014-10-09 12:42:25 -07:00 |
|
Adam Ierymenko
|
87f1b1b1e3
|
Bug fix in new multicast frame handler, handling of old "P5" multicast frames in new way.
|
2014-10-06 13:16:16 -07:00 |
|