Adam Ierymenko
|
8a62ba07e5
|
Membership cleanup work in progress.
|
2017-04-04 06:47:01 -07:00 |
|
Adam Ierymenko
|
91c9f4cb20
|
Fix TRACE and CLUSTER builds.
|
2017-03-27 17:33:25 -07:00 |
|
Adam Ierymenko
|
e4896b257f
|
Add thread PTR that gets passed through the entire ZT core call stack and then passed to handler functions resulting from a call.
|
2017-03-27 17:03:17 -07:00 |
|
Adam Ierymenko
|
78ef2c5f16
|
Windows build fixes, app about text revisions.
|
2017-03-17 20:01:58 -07:00 |
|
Adam Ierymenko
|
e10325e133
|
GitHub issue #461 -- plus a bit of cleanup and optimization
|
2017-03-17 17:15:23 -07:00 |
|
Adam Ierymenko
|
ef46d3c97d
|
LZ4 cleanup
|
2017-03-17 23:09:18 +00:00 |
|
Adam Ierymenko
|
a9c08c5975
|
.
|
2017-03-17 22:35:56 +00:00 |
|
Adam Ierymenko
|
c467c3b7e4
|
ARM tweaks
|
2017-03-17 22:26:08 +00:00 |
|
Adam Ierymenko
|
cdc0eaec3a
|
Fix attempt to WHOIS self.
|
2017-03-17 22:13:34 +00:00 |
|
Adam Ierymenko
|
a7cb738175
|
.
|
2017-03-17 14:25:54 -07:00 |
|
Adam Ierymenko
|
d1bb22a583
|
.
|
2017-03-17 14:09:30 -07:00 |
|
Adam Ierymenko
|
c6a39ed927
|
Fixes for possible ARM issues, cleanup, fix for spurious meaningless exceptions on NETWORK_CONFIG_REQUEST
|
2017-03-17 13:55:26 -07:00 |
|
Adam Ierymenko
|
010d0a7d56
|
Docs and a bit of cleanup. In particular ALL makes no sense for revocations because they have IDs. In that case you would just revoke the COM.
|
2017-03-13 06:53:23 -07:00 |
|
Adam Ierymenko
|
0f3148bda2
|
Roots need to respond to lots of WHOISes
|
2017-03-10 20:08:07 -08:00 |
|
Adam Ierymenko
|
e3b1fc2ac0
|
Tweak WHOIS path for federation.
|
2017-03-10 19:52:08 -08:00 |
|
Adam Ierymenko
|
db87d95c1d
|
getUpstreamPeer issue with interim federated roots
|
2017-03-10 19:31:51 -08:00 |
|
Adam Ierymenko
|
47166c9614
|
Sigh. Another thinko.
|
2017-03-10 17:54:14 -08:00 |
|
Adam Ierymenko
|
ecacdf27a9
|
Build fix (typo)
|
2017-03-10 17:45:05 -08:00 |
|
Adam Ierymenko
|
aad6f79efa
|
Also must mask off counter bits in IV in cryptField.
|
2017-03-10 17:44:25 -08:00 |
|
Adam Ierymenko
|
0c00b83702
|
cryptField() used to obscure extended fields in HELLO cannot use mangleKey()
|
2017-03-10 17:34:41 -08:00 |
|
Adam Ierymenko
|
a97918f812
|
Windows build fixes.
|
2017-03-07 13:57:31 -08:00 |
|
Adam Ierymenko
|
5e6a4e5f5e
|
Send revocations automatically on deauth for instant kill, also fix some issues with the RP.
|
2017-03-06 15:12:28 -08:00 |
|
Adam Ierymenko
|
d56f740dc6
|
Now with less bugs.
|
2017-03-03 13:49:21 -08:00 |
|
Adam Ierymenko
|
a577b8d381
|
Update how controller handles circuit tests -- save results to filesystem.
|
2017-03-01 16:33:34 -08:00 |
|
Adam Ierymenko
|
136fddc7f1
|
Fix FILTER_TRACE breakage.
|
2017-03-01 15:14:57 -08:00 |
|
Adam Ierymenko
|
ce0c87f8ff
|
Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev
|
2017-03-01 15:12:26 -08:00 |
|
Adam Ierymenko
|
d79585d44d
|
Circuit tests now report link quality. Also fixed a little thing in revocation propagation.
|
2017-03-01 15:12:17 -08:00 |
|
Grant Limberg
|
592b628523
|
comment broken TRACE message
|
2017-03-01 14:50:28 -08:00 |
|
Adam Ierymenko
|
1d39be61b2
|
ZeroTier now has link quality measurement. We are not using this yet but decided to put it in to prep for future QoS support and SD-WAN stuff.
|
2017-03-01 14:36:52 -08:00 |
|
Adam Ierymenko
|
2bf9145ae6
|
Outgoing side of packet counter for link quality reporting. Also some cleanup and a cluster mode build fix.
|
2017-03-01 10:22:57 -08:00 |
|
Adam Ierymenko
|
127bcb02ff
|
Save space in expecting-reply-to tracking.
|
2017-03-01 09:41:37 -08:00 |
|
Adam Ierymenko
|
2b10a982e9
|
Match on tag sender equals or tag recipient equals.
|
2017-02-28 09:22:10 -08:00 |
|
Adam Ierymenko
|
31bece7fa0
|
Add ipauth handling of IPv6 NDP neighbor solicitations and advertisements. IPv6 works well now with ipauth.
|
2017-02-28 07:43:40 -08:00 |
|
Adam Ierymenko
|
4436824faf
|
ipauth characteristic now works with ARP
|
2017-02-27 17:51:58 -08:00 |
|
Adam Ierymenko
|
9d7ff26f25
|
Helps if you actually add the ipauth mask to the characteristics mask.
|
2017-02-23 14:27:31 -08:00 |
|
Adam Ierymenko
|
010dbc8b2b
|
Merge.
|
2017-02-23 12:35:20 -08:00 |
|
Adam Ierymenko
|
72653e54f9
|
Finish wiring up ipauth and macauth to Network filter.
|
2017-02-23 12:34:17 -08:00 |
|
Grant Limberg
|
93ec86a26e
|
iOS fixes
|
2017-02-23 12:26:11 -08:00 |
|
Adam Ierymenko
|
10185e92fa
|
Certificate of ownership -- used to secure against IP address spoofing, especially for IPv4 and regular IPv6.
|
2017-02-23 11:47:36 -08:00 |
|
Adam Ierymenko
|
b679ebde3b
|
Ad-hoc networks, a cool and easy to implement little feature that allows controllerless networks. These only allow IPv6 6plane, no multicast, and the network ID encodes the allowed port range.
|
2017-02-22 15:32:55 -08:00 |
|
Adam Ierymenko
|
afba19e01c
|
When deciding whether to send PUSH_DIRECT_PATHS we should check global trust flag, not the one passed into receive().
|
2017-02-16 09:44:04 -08:00 |
|
Adam Ierymenko
|
af4e79735c
|
Fix "orbit" semantics. Federation works.
|
2017-02-13 16:38:21 -08:00 |
|
Adam Ierymenko
|
969e09210d
|
Fix loading of existing moons.
|
2017-02-13 16:14:48 -08:00 |
|
Adam Ierymenko
|
4b11566505
|
Integrate moon concept into http config bus, and clean up that code quite a bit.
|
2017-02-13 14:27:08 -08:00 |
|
Adam Ierymenko
|
e4b6611201
|
Only accept world updates from upstreams.
|
2017-02-13 09:46:34 -08:00 |
|
Adam Ierymenko
|
e6840a1863
|
Can't erase from vector using const_iterator on some C++ compilers.'
|
2017-02-13 09:26:05 -08:00 |
|
Adam Ierymenko
|
42f28bce52
|
Cleanup and make moons (federated roots) a little easier to deal with.
|
2017-02-13 09:03:48 -08:00 |
|
Adam Ierymenko
|
cdc289fa9c
|
Tags work.
|
2017-02-07 14:06:40 -08:00 |
|
Adam Ierymenko
|
672f17c6e9
|
Add a mask and value range to the IP tos rule field. This allows TOS to be matched more usefully. This will break anyone using tos in the beta, but nobody seems to be and its pre-release so now is the time.
|
2017-02-07 09:33:39 -08:00 |
|
Adam Ierymenko
|
723a9a6e9a
|
Small additional efficiency improvement.
|
2017-02-06 17:20:22 -08:00 |
|
Adam Ierymenko
|
59ba7c8bf5
|
Improve efficiency of pushCredentials() method since it gets called a lot.
|
2017-02-06 17:10:20 -08:00 |
|
Adam Ierymenko
|
78d548458b
|
Capabilities basically work but need to refactor a bit for performance reasons.
|
2017-02-06 16:38:48 -08:00 |
|
Adam Ierymenko
|
9ddc2a4331
|
Add a break action to rules engine to make capabilities easier to use.
|
2017-02-06 14:00:49 -08:00 |
|
Adam Ierymenko
|
435e4c4695
|
Fix HELLO parse bug.
|
2017-02-06 12:06:10 -08:00 |
|
Adam Ierymenko
|
21f4a97c35
|
CSPRNG performance improvement, self test build fix.
|
2017-02-06 11:49:41 -08:00 |
|
Adam Ierymenko
|
e0d63c50db
|
One more tweak after thinking about related keys and key stream reuse. Just a precaution.
|
2017-02-06 07:45:57 -08:00 |
|
Adam Ierymenko
|
803f74634a
|
Tweak how we do crypto of the masked portions of HELLO just to be more "boring" in the DJB sense.
|
2017-02-06 07:39:38 -08:00 |
|
Adam Ierymenko
|
f85a630a64
|
Docs and a small build fix in debug mode.
|
2017-02-06 07:17:45 -08:00 |
|
Adam Ierymenko
|
43182f8f57
|
Docs, code cleanup, and protect the extra new fields of HELLO with encryption as a precaution.
|
2017-02-05 16:19:03 -08:00 |
|
Adam Ierymenko
|
594cb1fad8
|
Small fix for duplicates in world definitions.
|
2017-02-04 19:29:39 -08:00 |
|
Adam Ierymenko
|
3587aa1ea7
|
Add and send certificates of representation to tell people what our valid upstreams are. These are not used yet but will be needed for future privacy modes, etc. Also some cleanup.
|
2017-02-04 13:17:00 -08:00 |
|
Adam Ierymenko
|
beb642faa5
|
Stub out CAN_REACH.
|
2017-02-04 10:21:31 -08:00 |
|
Adam Ierymenko
|
31db768e4d
|
A bit of code cleanup.
|
2017-02-04 00:23:31 -08:00 |
|
Adam Ierymenko
|
d9e4ba1280
|
Eliminate a little copypasta.
|
2017-02-04 00:04:44 -08:00 |
|
Adam Ierymenko
|
dcb1233b0d
|
Slight refactor to RENEDEZVOUS sending code for federation.
|
2017-02-03 23:54:02 -08:00 |
|
Adam Ierymenko
|
8a2ff0b31e
|
Actual documentation.
|
2017-02-03 19:47:00 -08:00 |
|
Adam Ierymenko
|
9284e4edfe
|
agree() must be called on our identity, the one with the secret
|
2017-02-01 15:22:14 -08:00 |
|
Adam Ierymenko
|
62a705af1c
|
Eliminate another check in cluster frontplane mode.
|
2017-02-01 14:35:07 -08:00 |
|
Adam Ierymenko
|
29ec7bf3a2
|
Add more specific check in source==self case instead of dumping it.
|
2017-02-01 14:18:56 -08:00 |
|
Adam Ierymenko
|
fc3f4fb988
|
Yeah that could never have worked (normal packets in cluster mode).
|
2017-02-01 14:05:13 -08:00 |
|
Adam Ierymenko
|
60ff280dcb
|
Another tweak to cluster I/O rules.
|
2017-02-01 13:52:53 -08:00 |
|
Adam Ierymenko
|
b378f5dcd7
|
Take 3
|
2017-02-01 13:20:51 -08:00 |
|
Adam Ierymenko
|
e778d45128
|
Still want to send WANT_PEER under two failure modes.
|
2017-02-01 12:51:52 -08:00 |
|
Adam Ierymenko
|
5e11cf6378
|
Can't armor() a packet until all flags are set.
|
2017-02-01 12:32:06 -08:00 |
|
Adam Ierymenko
|
5dbebc513a
|
Minor send path refactor to make packet I/O work on clusters if they are members of networks. Also fix a crash if compiled in cluster mode but no cluster is enabled.
|
2017-02-01 12:00:25 -08:00 |
|
Adam Ierymenko
|
6d5a3cd2e2
|
Remove debug code. Cluster network config sharing seems to work.
|
2017-01-30 16:23:38 -08:00 |
|
Adam Ierymenko
|
f9ad80aa13
|
.
|
2017-01-30 16:15:47 -08:00 |
|
Adam Ierymenko
|
ed31cb76d6
|
Fix to cluster network configs.
|
2017-01-30 16:04:05 -08:00 |
|
Adam Ierymenko
|
eebd271bb1
|
Implement cross cluster sharing of network configs to make clusters able to actually join networks.
|
2017-01-30 15:40:22 -08:00 |
|
Adam Ierymenko
|
471108f2e4
|
Slightly increase thread stack size for safety (primary Alpine related) possibly GitHub #443
|
2017-01-30 08:01:36 -08:00 |
|
Adam Ierymenko
|
2ceb162df0
|
Merge pull request #442 from zielmicha/allow-managed
allow user to specify arbitrary allowed IP networks in allowManaged
|
2017-01-30 06:54:49 -08:00 |
|
Adam Ierymenko
|
5fa1d9796c
|
zerotier-idtool commands to init and generate moons
|
2017-01-27 17:34:39 -08:00 |
|
Adam Ierymenko
|
77a1dd4737
|
Dead code removal, fix minor issue in upstream endpoint check.
|
2017-01-27 16:25:53 -08:00 |
|
Adam Ierymenko
|
9e7c778cc8
|
Fix deadlock.
|
2017-01-27 16:16:06 -08:00 |
|
Adam Ierymenko
|
1d775af34a
|
Fix moon persistence.
|
2017-01-27 15:35:21 -08:00 |
|
Adam Ierymenko
|
9f7919f71f
|
Add comments to join ("orbit") moons.
|
2017-01-27 15:27:26 -08:00 |
|
Adam Ierymenko
|
0b3b994241
|
Relay policy can now be computed.
|
2017-01-27 14:05:09 -08:00 |
|
Adam Ierymenko
|
bc218f9414
|
little fix
|
2017-01-27 13:52:29 -08:00 |
|
Adam Ierymenko
|
f102fd7f92
|
Extend in-band world updates to handle moons too.
|
2017-01-27 13:50:56 -08:00 |
|
Adam Ierymenko
|
64774d0d4f
|
Replace piecemeal designation of upstreams with the concept of moons, which is simpler and easier to use and inherits all the cool live update stuff of worlds (now called planets) and global roots.
|
2017-01-27 13:27:52 -08:00 |
|
Michał Zieliński
|
8f2a42d1ad
|
allow user to specify arbitrary allowed IP networks in allowManaged
|
2017-01-23 12:16:40 +01:00 |
|
Adam Ierymenko
|
9a475eeff9
|
Windows build fix, warning removal.
|
2017-01-20 12:00:18 -08:00 |
|
Adam Ierymenko
|
0995c1dcaa
|
Encapsulate LZ4 in Packet.cpp to eliminate dependency.
|
2017-01-19 15:16:04 -08:00 |
|
Adam Ierymenko
|
7612bf3302
|
Fix LZ4 warning.
|
2017-01-19 14:54:39 -08:00 |
|
Adam Ierymenko
|
0fb3d1d582
|
Add a build version for software update use so we can do very minor updates within a version.
|
2017-01-18 09:16:23 -08:00 |
|
Adam Ierymenko
|
1346e31a8e
|
Windows build fixes, Software update fix, warning removal.
|
2017-01-13 14:22:36 -08:00 |
|
Adam Ierymenko
|
d7e7ad4f88
|
Can't send a user message to self.
|
2017-01-11 17:46:52 -08:00 |
|
Adam Ierymenko
|
d5528e4e9a
|
Wire up VERB_USER_MESSAGE in core.
|
2017-01-09 15:55:07 -08:00 |
|
Adam Ierymenko
|
c8554504f3
|
.
|
2016-12-22 18:37:46 -08:00 |
|
Adam Ierymenko
|
6b12d86209
|
Add a workaround for an edge case in TEE/REDIRECT if we are the inbound destination and teeing is only being done on the outbound side.
|
2016-12-22 18:06:35 -08:00 |
|
Adam Ierymenko
|
fe530548bb
|
Fix MATCH_RANDOM in controller.
|
2016-12-22 16:57:45 -08:00 |
|
Adam Ierymenko
|
2eaff6d484
|
Fix to characteristcs in rules engine.
|
2016-12-22 16:36:38 -08:00 |
|
Adam Ierymenko
|
244f37179c
|
Minor security: lock roots to only be reachable via World IPs.
|
2016-12-05 16:09:42 -08:00 |
|
Adam Ierymenko
|
fa2bb91ae5
|
Kill some old debug code.
|
2016-11-30 10:48:09 -08:00 |
|
Adam Ierymenko
|
84732fcb12
|
Wire through external path lookup. Static paths should now work.
|
2016-11-22 14:23:13 -08:00 |
|
Adam Ierymenko
|
42ba70e79e
|
Replace long callback arg list with struct, and implement path whitelisting, path blacklisting, and local.conf support for roles.
|
2016-11-22 10:54:58 -08:00 |
|
Adam Ierymenko
|
cbaef66e82
|
Fix a deadlock in federation/upstream code.
|
2016-11-21 16:04:01 -08:00 |
|
Adam Ierymenko
|
97d915b06c
|
Expose relay policy in node settings.
|
2016-11-21 15:35:18 -08:00 |
|
Adam Ierymenko
|
ccdd4ffda7
|
Move split() to OSUtils since it is not used in core.
|
2016-11-18 15:49:28 -08:00 |
|
Adam Ierymenko
|
673c0c811e
|
Wire through upstream stuff and add setRole().
|
2016-11-18 13:48:49 -08:00 |
|
Adam Ierymenko
|
6e1da35c12
|
Remove debug.
|
2016-11-18 13:15:58 -08:00 |
|
Adam Ierymenko
|
25f9c294dc
|
Small bug fix and warning removal.
|
2016-11-18 13:01:45 -08:00 |
|
Adam Ierymenko
|
2ea9f516e1
|
Rate gate expensive validation of new identities in HELLO.
|
2016-11-18 12:59:04 -08:00 |
|
Adam Ierymenko
|
ab4021dd0e
|
Do packet MAC check before locallyValidate(), and add timing measurement in selftest.
|
2016-11-18 11:09:19 -08:00 |
|
Adam Ierymenko
|
1fcbb1fbed
|
Proactively auto-load designated upstreams.
|
2016-11-18 10:39:26 -08:00 |
|
Adam Ierymenko
|
39333c9e8e
|
Modify unite() to deal with a second layer of upstreams.
|
2016-11-17 16:59:04 -08:00 |
|
Adam Ierymenko
|
1615ef1114
|
Rename getBestRoot() etc.
|
2016-11-17 16:31:58 -08:00 |
|
Adam Ierymenko
|
bf8d71e82c
|
Add notion of upstream that is separate from root in Topology, etc.
|
2016-11-17 16:20:41 -08:00 |
|
Adam Ierymenko
|
12d32b9311
|
Small fix to send pushes if not a reply.
|
2016-11-10 11:57:45 -08:00 |
|
Adam Ierymenko
|
226123ca08
|
Refactor controller to permit sending of pushes as well as just replies to config requests.
|
2016-11-10 11:54:47 -08:00 |
|
Adam Ierymenko
|
5ebf5077f5
|
Log last meta-data in controller, and ease up just a bit on keepalives.
|
2016-11-09 17:11:10 -08:00 |
|
Adam Ierymenko
|
c61ca1dea2
|
Keep connections up for netconf stuff as well as frames.
|
2016-11-09 16:04:08 -08:00 |
|
Grant Limberg
|
8ffae313fd
|
add new files & remove old ones from VS project. Now builds & runs on Windows again
|
2016-11-03 12:10:50 -07:00 |
|
Adam Ierymenko
|
27d997a2e5
|
.
|
2016-10-13 15:17:17 -07:00 |
|
Adam Ierymenko
|
6469aa9df9
|
typo
|
2016-10-13 14:28:39 -07:00 |
|
Adam Ierymenko
|
ce6b5bc6f5
|
.
|
2016-10-13 14:21:24 -07:00 |
|
Adam Ierymenko
|
4f3775bb86
|
Fix ICMP match.
|
2016-10-13 14:21:00 -07:00 |
|
Adam Ierymenko
|
8850a8610a
|
Fix filter trace.
|
2016-10-13 13:59:17 -07:00 |
|
Adam Ierymenko
|
2d6a4e5974
|
cleanup
|
2016-10-13 13:52:45 -07:00 |
|
Adam Ierymenko
|
93b4ac5cb2
|
Remove unused POW code, will revisit later.
|
2016-10-13 13:17:30 -07:00 |
|
Adam Ierymenko
|
3f4c166861
|
Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev
|
2016-10-11 12:00:38 -07:00 |
|
Adam Ierymenko
|
e53f63ca87
|
Broke down and added an OR to the rules engine. It is now possible to have a series of MATCHes that are ORed.
|
2016-10-11 12:00:16 -07:00 |
|
Grant Limberg
|
6a50291aa2
|
Fix the case for InetAddress::containsAddress for IPv6 route of ::
|
2016-10-07 14:29:06 -07:00 |
|
Adam Ierymenko
|
45c4ccb153
|
Add a tags both equal match.
|
2016-10-05 16:38:42 -07:00 |
|
Adam Ierymenko
|
adeb7e7da0
|
Make capability flags match more user-friendly and appropriate since "match any flag" is generally what we want.
|
2016-10-05 12:54:46 -07:00 |
|
Adam Ierymenko
|
d5f4d381d0
|
Go ahead and loop back packets whose destination is self. Some OSes require this since they aactually follow the full network path even for local IPs.
|
2016-10-05 10:12:06 -07:00 |
|
Adam Ierymenko
|
988049f39b
|
Add new rule to rules engine: random match.
|
2016-09-30 14:07:00 -07:00 |
|
Adam Ierymenko
|
9eaa3756f8
|
Fix deadlock-causing regression in Network.
|
2016-09-30 12:22:54 -07:00 |
|
Adam Ierymenko
|
4fe9a4fe83
|
Fix memory leak.
|
2016-09-28 16:13:59 -07:00 |
|
Adam Ierymenko
|
01129d02b3
|
hashCode() for InetAddress
|
2016-09-28 13:45:25 -07:00 |
|
Adam Ierymenko
|
e1fbf7b34c
|
Check multicast limit on send after NDP emulation code.
|
2016-09-28 12:21:08 -07:00 |
|
Adam Ierymenko
|
7e90ab3534
|
TRACE verbosity increase on exceptions in NETWORK_CREDENTIALS.
|
2016-09-28 11:06:44 -07:00 |
|
Adam Ierymenko
|
5ee1ccd659
|
Send need credential error on more cases.
|
2016-09-27 16:41:08 -07:00 |
|
Adam Ierymenko
|
0b44919ba2
|
Clusters can send multiple OKs so we must allow this.
|
2016-09-27 16:33:37 -07:00 |
|
Adam Ierymenko
|
9f550292fe
|
Simply network auth logic and always sent error on auth failure even for unknown networks to prevent forensics.
|
2016-09-27 13:49:43 -07:00 |
|
Adam Ierymenko
|
5ba7ca91c0
|
TRACE build fix.
|
2016-09-27 12:44:44 -07:00 |
|
Adam Ierymenko
|
cc4bacc199
|
Cleanup, and implement compression disable flag for networks.
|
2016-09-27 12:22:25 -07:00 |
|
Adam Ierymenko
|
15c07c58b6
|
Refactored network config chunking to sign every chunk to prevent stupid DOS attack potential, and implement network config fast propagate (though we probably will not use this for a bit).
|
2016-09-27 11:33:48 -07:00 |
|
Adam Ierymenko
|
7e4b6b594b
|
It now builds.
|
2016-09-26 17:05:39 -07:00 |
|
Adam Ierymenko
|
eac3667ec1
|
Bunch more refactoring and work on revocations, etc.
|
2016-09-26 16:17:02 -07:00 |
|