Commit Graph

69 Commits

Author SHA1 Message Date
Adam Ierymenko
0d066e3b08 Fix JSON parse bug in REDIRECT target. 2016-12-22 18:26:43 -08:00
Adam Ierymenko
fe530548bb Fix MATCH_RANDOM in controller. 2016-12-22 16:57:45 -08:00
Adam Ierymenko
a54c2b438c Basic support for streaming of changes via stdout from controller. 2016-12-15 15:08:47 -08:00
Adam Ierymenko
ccdd4ffda7 Move split() to OSUtils since it is not used in core. 2016-11-18 15:49:28 -08:00
Adam Ierymenko
25f9c294dc Small bug fix and warning removal. 2016-11-18 13:01:45 -08:00
Adam Ierymenko
07b2a3818c Fix TTL scaling in cert. 2016-11-15 14:26:05 -08:00
Adam Ierymenko
15c6e2ec70 Fix member deauthorization time threshold bug. 2016-11-15 14:06:25 -08:00
Adam Ierymenko
e26bee45fb Multithreading in network controller. Threads are only started if controller is used. 2016-11-10 13:57:01 -08:00
Adam Ierymenko
1b10d3413a Use circuit breaker only for requests. 2016-11-10 13:08:43 -08:00
Adam Ierymenko
f0fcd222a1 Actually push updates when things change. 2016-11-10 12:54:43 -08:00
Adam Ierymenko
298e4a9f14 Also avoid sending tags and caps to old members since there is no point. 2016-11-10 12:33:09 -08:00
Adam Ierymenko
226123ca08 Refactor controller to permit sending of pushes as well as just replies to config requests. 2016-11-10 11:54:47 -08:00
Adam Ierymenko
5ebf5077f5 Log last meta-data in controller, and ease up just a bit on keepalives. 2016-11-09 17:11:10 -08:00
Adam Ierymenko
1ebfca666d Memo-ize some computed stuff to control CPU utilization. 2016-11-09 12:34:20 -08:00
Adam Ierymenko
3d948a930e Send a blanket rule to old versions. New versions will still bidirecitonally enforce on the inbound side. 2016-11-08 14:24:30 -08:00
Adam Ierymenko
4524899e4d Update LM time on members on request. 2016-11-08 12:41:27 -08:00
Adam Ierymenko
360c84e035 Minor fixes. 2016-11-08 00:05:18 +00:00
Adam Ierymenko
4868d21526 Bug fixes in controller refactor. 2016-11-07 23:49:03 +00:00
Adam Ierymenko
a78d7311a6 Fix network list API call. 2016-11-04 16:23:41 -07:00
Adam Ierymenko
08ff666e99 . 2016-11-04 16:14:58 -07:00
Adam Ierymenko
0d108d37f6 . 2016-11-04 16:12:44 -07:00
Adam Ierymenko
b03c7b2f30 Refactor controller to use split-out DB for better performance and less ugly. 2016-11-04 15:18:31 -07:00
Grant Limberg
8ffae313fd add new files & remove old ones from VS project. Now builds & runs on Windows again 2016-11-03 12:10:50 -07:00
Adam Ierymenko
2cb760e0ac Fix ICMP json. 2016-10-13 14:14:46 -07:00
Adam Ierymenko
2d6a4e5974 cleanup 2016-10-13 13:52:45 -07:00
Adam Ierymenko
e53f63ca87 Broke down and added an OR to the rules engine. It is now possible to have a series of MATCHes that are ORed. 2016-10-11 12:00:16 -07:00
Adam Ierymenko
45c4ccb153 Add a tags both equal match. 2016-10-05 16:38:42 -07:00
Adam Ierymenko
adeb7e7da0 Make capability flags match more user-friendly and appropriate since "match any flag" is generally what we want. 2016-10-05 12:54:46 -07:00
Adam Ierymenko
988049f39b Add new rule to rules engine: random match. 2016-09-30 14:07:00 -07:00
Adam Ierymenko
f0794e09b7 Controller cleanup. 2016-09-30 13:04:26 -07:00
Adam Ierymenko
1eeebba2f7 Drop old /active path from network. 2016-09-29 17:59:27 -07:00
Adam Ierymenko
2fc3d12fb6 Minor tweaks to member code in controller, and fix Linux build. 2016-09-29 14:48:39 -07:00
Adam Ierymenko
7e4b6b594b It now builds. 2016-09-26 17:05:39 -07:00
Adam Ierymenko
1f74dd4589 Revocation work in progress, add WATCH which is TEE with implicit rate sync (thanks JG@DCVC!), and clean up some cruft in Network. 2016-09-23 16:08:38 -07:00
Adam Ierymenko
68e549233d Revise bearer token code in controller, and add relay policy as a meta-data item presented to controller by nodes (to facilitate future meshiness). 2016-09-15 13:17:37 -07:00
Adam Ierymenko
ab9afbc749 (1) Public networks now get COMs even though they do not gate with them since they will need them to push auth for multicast stuff, (2) added a bunch of rate limit circuit breakers for anti-DOS, (3) cleanup. 2016-09-09 11:36:10 -07:00
Adam Ierymenko
0d4109a9f1 More refactoring to clean up code, and add a gate function to make sure we do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions. 2016-09-09 08:43:58 -07:00
Adam Ierymenko
c9ee8612e4 Credential TTL (tags/capabilities) should be credential time max delta, since we could get pushed one that is newer. 2016-09-07 12:12:52 -07:00
Adam Ierymenko
74afef8eb1 Think through and refine a few things in rules, especially edge case TEE and REDIRECT behavior and semantics. 2016-08-31 16:50:22 -07:00
Adam Ierymenko
54489a7f61 rename SAMENESS to DIFFERENCE which is less confusing 2016-08-31 14:14:58 -07:00
Adam Ierymenko
8e3004591b Add overlooked MATCH_ICMP to rule set. 2016-08-31 14:01:15 -07:00
Adam Ierymenko
7a00036954 Tweak log length to fit JSON for members within two 4096-kb blocks. 2016-08-29 18:10:02 -07:00
Adam Ierymenko
914c42537c Type fixes. 2016-08-29 17:48:36 -07:00
Adam Ierymenko
297b1b4258 Another tiny API bug fix. 2016-08-26 14:16:55 -07:00
Adam Ierymenko
35ac995d05 Fix setting of v6AssignMode in controller. 2016-08-26 14:04:27 -07:00
Adam Ierymenko
d637988ccf Fix chicken or egg problem in tags, and better filter debug instrumentation. 2016-08-25 18:21:20 -07:00
Adam Ierymenko
858e8c5217 one more... 2016-08-25 16:28:54 -07:00
Adam Ierymenko
df1ce856c9 A little bit more controller code cleanup. 2016-08-25 16:25:28 -07:00
Adam Ierymenko
b5e0d014ab Controller bug fixes 2016-08-25 16:08:40 -07:00
Adam Ierymenko
5eaf397a94 Add a debug log feature in the filter, which only works if enabled in Network.cpp. 2016-08-25 13:31:23 -07:00