Commit Graph

137 Commits

Author SHA1 Message Date
Adam Ierymenko
84732fcb12 Wire through external path lookup. Static paths should now work. 2016-11-22 14:23:13 -08:00
Adam Ierymenko
39333c9e8e Modify unite() to deal with a second layer of upstreams. 2016-11-17 16:59:04 -08:00
Adam Ierymenko
c61ca1dea2 Keep connections up for netconf stuff as well as frames. 2016-11-09 16:04:08 -08:00
Adam Ierymenko
9f550292fe Simply network auth logic and always sent error on auth failure even for unknown networks to prevent forensics. 2016-09-27 13:49:43 -07:00
Adam Ierymenko
d3524f3609 Refactor COM stuff a bit, and respond to COM requests a bit more readily for rapid setup. Will need to revisit later. 2016-09-20 21:21:34 -07:00
Adam Ierymenko
5b6d27e659 Implement relay policy, and setting multicast limit to 0 now disables multicast on the network as would be expected. 2016-09-13 14:27:18 -07:00
Adam Ierymenko
cba37c6107 Add a few more rate limit gates for anti-DOS hardening. 2016-09-13 10:13:23 -07:00
Adam Ierymenko
ea1da3321a Rate gate requests for COM. 2016-09-12 15:19:21 -07:00
Adam Ierymenko
ab9afbc749 (1) Public networks now get COMs even though they do not gate with them since they will need them to push auth for multicast stuff, (2) added a bunch of rate limit circuit breakers for anti-DOS, (3) cleanup. 2016-09-09 11:36:10 -07:00
Adam Ierymenko
c7a4da3dd3 Turns out we do not need to pass network to receive(). 2016-09-07 15:24:53 -07:00
Adam Ierymenko
1908aa55f5 Refactor MULTICAST_LIKE pushing to eliminate redundant and unnecessary pushes and simplify code. 2016-09-07 15:15:52 -07:00
Adam Ierymenko
a7d988745b Use ECHO instead of HELLO where possible. 2016-09-07 12:01:03 -07:00
Adam Ierymenko
b5c86b6ba4 Bunch more path refactoring. Peers no longer forget paths, but do not normally use expired paths. Expired paths might still be tried if nothing else is reachable. 2016-09-07 11:13:17 -07:00
Adam Ierymenko
f2d2df2b11 Cluster build fix. 2016-09-06 15:06:07 -07:00
Adam Ierymenko
8a2e8bd585 Rework how paths are set as remote cluster preferred. The code is now clearer and cluster preference indications are now very sticky as they should be. 2016-09-06 12:45:28 -07:00
Adam Ierymenko
d7f2287ce9 More tweaks to path behavior. 2016-09-05 15:47:22 -07:00
Adam Ierymenko
eebcf08084 Tweaks to new Path code for dual-stack operation, and other fixes. 2016-09-03 15:39:05 -07:00
Adam Ierymenko
4992ac2d9f Cluster sub-optimal is in fact necessary... 2016-09-02 14:20:55 -07:00
Adam Ierymenko
412979ba8f Attempt to reactivate dead paths. 2016-09-02 13:55:33 -07:00
Adam Ierymenko
4f8253dcdb Tweaks to path handling... 2016-09-02 13:33:56 -07:00
Adam Ierymenko
e8f6b4b5d3 Rest of big Path canonicalization refactor. 2016-09-02 11:51:33 -07:00
Adam Ierymenko
c476285bd6 Harden PUSH_DIRECT_PATHS and simplify things by only doing it on receive when hops>0 and trust has been established. 2016-08-24 16:16:39 -07:00
Adam Ierymenko
e1310a764a More cleanup and removal of cruft due to obsolete network-specific relays (will be replaced with federation stuff). 2016-08-09 15:45:26 -07:00
Adam Ierymenko
e2f783ebbd . 2016-08-05 15:02:01 -07:00
Adam Ierymenko
f057bb63cd More work on tags and capabilities. 2016-08-04 09:02:35 -07:00
Adam Ierymenko
7e6e56e2bc Bunch of work on pushing and replication of tags and capabilities, and protocol cleanup. 2016-08-03 18:04:08 -07:00
Adam Ierymenko
2f18a92e20 Cleanup in numerous places, reduce network chattiness around MULTICAST_LIKE, and fix a "how was that working" latent bug causing some control traffic to take the scenic route. 2016-04-19 12:09:35 -07:00
Adam Ierymenko
4c455876f9 Revise peer path weighting to always prioritize cluster-optimal paths. 2016-04-19 09:22:51 -07:00
Adam Ierymenko
0c951b6e56 More tweaks to new symmetric NAT buster, and stop using old iterative method since this supersedes it. 2016-02-10 18:41:39 -08:00
Adam Ierymenko
4e4fd51117 boring doc stuff 2016-01-12 14:04:55 -08:00
Adam Ierymenko
3883ac08c7 Docs and cleanup. 2016-01-12 13:17:30 -08:00
Adam Ierymenko
740eb6ebc4 Simplify Peer locking to eliminate deadlock with new path recursion check code (and also probably improve performance). 2016-01-12 12:12:25 -08:00
Adam Ierymenko
d8143a5e18 Implement first pass on rapid dead path detection, and increment version to 1.1.3 (dev) 2016-01-05 16:41:54 -08:00
Adam Ierymenko
436c1fac1d Selectively move over changes from "edge" to "dev" excluding netcon. 2015-12-21 16:15:39 -08:00
Adam Ierymenko
ceaef19fb7 Fix for GitHub issue #260 -- fix for (non-exploitable) crash in network preferred relay code 2015-11-30 17:20:12 -08:00
Adam Ierymenko
2cc50bdb10 Try bringing back TTL escalation -- may help with Docker (IP-MASQ) type NAT 2015-11-09 15:44:13 -08:00
Adam Ierymenko
35c4e28f31 Mark geo-redirected paths as suboptimal and do not report that we have a peer if all we have is one of these. Also a few other small fixes. 2015-11-09 14:25:28 -08:00
Adam Ierymenko
5f39d5b7ea Further pare down Cluster messaging and rename some stuff. 2015-11-06 14:37:17 -08:00
Adam Ierymenko
4e9d430476 Make root and relay selection somewhat more robust. 2015-11-02 16:03:28 -08:00
Adam Ierymenko
7fbe2f7adf Tweak some more timings for better reliability. 2015-11-02 15:38:53 -08:00
Adam Ierymenko
883c84bdb9 Tweak some timings, and remove some dead code. 2015-10-29 09:39:36 -07:00
Adam Ierymenko
0fd15d9cf3 Fix inverted sense bug. 2015-10-28 10:38:37 -07:00
Adam Ierymenko
cdc99bfee1 Add a circuit breaker for VERB_PUSH_DIRECT_PATHS. 2015-10-27 18:18:26 -07:00
Adam Ierymenko
cc1b275ad9 Replicate peer endpoints and forget paths if we have them -- this allows two clusters to talk to each other, whereas forgetting all paths does not. 2015-10-27 16:47:13 -07:00
Adam Ierymenko
16bc3e0398 Factor out RemotePath subclass of Path -- no longer needed, just cruft. 2015-10-27 15:00:16 -07:00
Adam Ierymenko
a1a0ee4edb Fix infinite loop in Cluster, clean up some stuff elsewhere, and back out rate limiting in PUSH_DIRECT_PATHS for now (but we will do something else to mitigate amplification attacks) 2015-10-27 12:01:00 -07:00
Adam Ierymenko
cc4d0199e7 Fix vProto init. 2015-10-16 10:58:59 -07:00
Adam Ierymenko
f9f60f89d9 Peer save/restore fix. 2015-10-16 10:45:58 -07:00
Adam Ierymenko
5ce3aac929 Add rate limit on receive of DIRECT_PATH_PUSH to prevent DOS exploitation. 2015-10-16 10:28:09 -07:00
Adam Ierymenko
2229e91b57 IPv6 support fixes. 2015-10-16 10:10:12 -07:00