Adam Ierymenko
64ba596e0b
C++ network config master ready to test.
2015-01-08 14:27:55 -08:00
Adam Ierymenko
4e95384ad6
Cleanup, add tristate to config code in Network, and happy new year!
2015-01-05 17:47:59 -08:00
Adam Ierymenko
96e9a90e8e
docs
2015-01-05 16:19:56 -08:00
Adam Ierymenko
87c599df5c
Back out service message type -- YAGNI violation.
2015-01-05 15:52:02 -08:00
Adam Ierymenko
56cfe1d603
Strip out old Service code, add new service message type.
2015-01-05 11:47:22 -08:00
Adam Ierymenko
5484cf4309
More cleanup, and fix a bug in Multicaster::gather()
2014-10-29 16:24:19 -07:00
Adam Ierymenko
5bb854e504
Fix a nasty bug introduced in packet fragmentation a while back during refactoring, and a few other things related to multicast.
2014-10-28 17:25:34 -07:00
Adam Ierymenko
4941c8a1f3
New multicast bug fixes, TRACE improvements, and temporarily disable legacy multicast for debugging purposes.
2014-10-09 17:58:31 -07:00
Adam Ierymenko
d5e0f7e3e4
Reorg multicast packet, and a whole bunch of refactoring around the pushing of certificates of membership.
2014-10-09 12:42:25 -07:00
Adam Ierymenko
87f1b1b1e3
Bug fix in new multicast frame handler, handling of old "P5" multicast frames in new way.
2014-10-06 13:16:16 -07:00
Adam Ierymenko
1109046782
Last steps before test: parse OK(MULTICAST_GATHER) and OK(MULTICAST_FRAME)
2014-10-02 13:50:37 -07:00
Adam Ierymenko
dee86e2448
But since we are now using middle 3 bits we can assign sane values for the cipher suite enum.
2014-10-02 11:13:53 -07:00
Adam Ierymenko
17da733f97
Gotta support old encrypted flag, move cipher spec to middle 3 bits... due to some shortsighted design early-on. In the future this can die once there are no old peers.
2014-10-02 11:08:59 -07:00
Adam Ierymenko
23836d4c11
Change "encrypted" flag to full cipher suite selector. Go ahead and reserve AES256-GCM which might be added in the future.
2014-10-02 10:54:34 -07:00
Adam Ierymenko
e53d208ea4
Improve security posture by eliminating non-const data() accessor from Buffer.
2014-10-02 10:06:29 -07:00
Adam Ierymenko
b41437780b
Add origin to new MULTICAST_FRAME, move security check for certs into Network to remove redundant code and bug-proneness, more work on IncomingPacket...
2014-09-30 17:26:34 -07:00
Adam Ierymenko
2659427864
Multicaster needs to be global, not per-network, and a bunch of other stuff.
2014-09-30 16:28:25 -07:00
Adam Ierymenko
8607aa7c3c
Everything in for new multicast except IncomingPacket parsing...
2014-09-30 08:38:03 -07:00
Adam Ierymenko
ed0ba49502
A few more revisions to new multicast verbs.
2014-09-26 14:18:25 -07:00
Adam Ierymenko
9e186bbd89
.
2014-09-25 15:57:43 -07:00
Adam Ierymenko
431476e2e4
Some more multicast algo work...
2014-09-24 13:45:58 -07:00
Adam Ierymenko
954f9cbc13
Yet more WIP on mulitcast algo...
2014-09-22 13:18:24 -07:00
Adam Ierymenko
d9abd4d9be
Work on defining new direct broadcast multicast algorithm.
2014-09-18 18:28:14 -07:00
Adam Ierymenko
9b93141dd0
Upgrade LZ4 to latest version.
2014-07-30 15:34:15 -07:00
Adam Ierymenko
aead1050fb
Bridging (GitHub issue #68 ) does indeed work! Just needed to fix a packet size thinko.
2014-06-21 12:29:33 -04:00
Adam Ierymenko
6e485833ef
.
2014-06-21 12:25:10 -04:00
Adam Ierymenko
d6a4f8d77b
Add flags to EXT_FRAME for better future proofness.
2014-06-12 11:40:30 -07:00
Adam Ierymenko
c30f9832b0
Packet decoder work for EXT_FRAME for bridging - GitHub issue #68
2014-06-10 21:41:34 -07:00
Adam Ierymenko
fb31f93c52
Protocol messages for bridging. GitHub issue #68
2014-06-10 15:25:15 -07:00
Adam Ierymenko
aee742e767
More toward GitHub issue #56
2014-04-10 16:30:15 -07:00
Adam Ierymenko
b5c3a92be2
Boring stuff: update dates in copyrights across all files.
2014-02-16 12:40:22 -08:00
Adam Ierymenko
8b65b3e6d7
Yank PROBE stuff since it's not used and was a premature addition to the protocol.
2014-01-28 10:41:43 -08:00
Adam Ierymenko
07f505971c
Windows build fixes.
2014-01-17 17:09:59 -08:00
Adam Ierymenko
10df5dcf70
Fix several things:
...
(1) The changes to path learning in the two previous releases were poorly thought out,
and this version should remedy that by introducing PROBE. This is basically a kind of
ECHO request and is used to authenticate endpoints that are not learned via a valid
request/response pair. Thus we will still passively learn endpoints, but securely.
(2) Turns out there was a security oversight in _doHELLO() that could have permitted...
well... I'm not sure it was exploitable to do anything particularly interesting since
a bad identity would be discarded anyway, but fix it just the same.
2013-12-31 11:03:45 -08:00
Adam Ierymenko
612c17240a
Dead code removal, fix for cleanup GitHub issue #28
2013-12-06 16:49:20 -08:00
Adam Ierymenko
f5d397e8c8
Pull in-band file transfer stuff. Toyed around with that idea, but it seems that updates for some platforms are big enough and there are enough reliability concerns that just using TCP/HTTP is safer and easier.
2013-12-04 10:45:15 -08:00
Adam Ierymenko
9fdec3acfc
More updater work... coming along.
2013-11-05 17:08:29 -05:00
Adam Ierymenko
6c63bfce69
File transfer work, add identities for validation of updates.
2013-11-04 17:31:00 -05:00
Adam Ierymenko
ae138566a9
Updater code, work in progress...
2013-11-01 12:38:38 -04:00
Adam Ierymenko
17778a36ba
Clean up secure random, add packet definitions for update distribution facility.
2013-10-27 07:26:50 -04:00
Adam Ierymenko
942cc0ca21
Certificate of membership works now... had to fix multicast propagation so COM is pushed with multicast, which makes tremendous sense in retrospect.
2013-10-25 14:51:55 -04:00
Adam Ierymenko
8c9b73f67b
Make Salsa20 variable-round, allowing for Salsa20/12 to be used for Packet encrypt and decrypt. Profiling analysis found that Salsa20 encrypt was accounting for a nontrivial percentage of CPU time, so it makes sense to cut this load fundamentally. There are no published attacks against Salsa20/12, and DJB believes 20 rounds to be overkill. This should be more than enough for our needs. Obviously incorporating ASM Salsa20 is among the next steps for performance.
2013-10-18 17:39:48 -04:00
Adam Ierymenko
ce14ba9004
Take the 0.6.0 opportunity to add flags to a few protocol verbs and do a bit more cleanup. Also fix it so certificates wont be accepted unless they are newer than existing ones.
2013-10-17 06:41:52 -04:00
Adam Ierymenko
7e7e28f5f7
Add support for pushing network config refresh hints from a MEMORY queue table. That ways it will be possible for network changes to take effect almost immediately across all active peers.
2013-10-17 05:37:01 -04:00
Adam Ierymenko
46f868bd4f
Lots of cleanup, more work on certificates, some security fixes.
2013-10-16 17:47:26 -04:00
Adam Ierymenko
4d594b24bc
Automagically push netconf certs -- Network support.
2013-10-07 16:13:52 -04:00
Adam Ierymenko
dcbc9c8ddd
Rename error code for no membership certificate.
2013-10-07 15:21:40 -04:00
Adam Ierymenko
4267e7da93
Remove a whole bunch of now-unnecessary cruft from Topology and PacketDecoder.
2013-10-05 10:19:12 -04:00
Adam Ierymenko
4ecb9369b5
Fix for multicast propagation -- supernodes must always keep propagating. Also fix mac-tap build on new version of Xcode CL tools. Must use old llvm-g++ instead of clang for i686 -mkernel.
2013-09-30 11:05:35 -04:00
Adam Ierymenko
0dca9964bf
Whew, it builds!
2013-09-27 16:03:13 -04:00