ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2024-12-19 13:07:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
5,880 Commits 15 Branches 105 Tags 179 MiB
e1f60e3f83
Commit Graph

322 Commits

Author SHA1 Message Date
Adam Ierymenko
508fa6a7fe A few fixes for cluster mode. 2017-10-25 15:44:10 -07:00
Adam Ierymenko
459f1e7bfb Refactor path stability stuff and add basic multipath support. 2017-10-25 12:42:14 -07:00
Adam Ierymenko
c7d370c17f Delete something that turns out not to be useful. This will be handled differently. 2017-10-24 14:49:38 -07:00
Grant Limberg
b1d60df44c timestamps changed from uint64_t to int64_t 
There were cases in the code where time calculations and comparisons were overflowing and causing connection instability.  This will keep time calculations within expected ranges.
 2017-10-02 15:52:57 -07:00
Adam Ierymenko
6ee201865b Clean up WHOIS code. 2017-08-23 16:42:17 -07:00
Adam Ierymenko
fcaf1d89c2 Get rid of some noisy remote traces that should not be needed. 2017-08-18 13:59:22 -07:00
Adam Ierymenko
727ccb1125 Cleanup and stdin/stdout harness mode for controller. 2017-07-18 13:57:37 -07:00
Adam Ierymenko
1685659e37 Remote tracing works. 2017-07-17 17:02:50 -07:00
Adam Ierymenko
ab0806a036 Cleanup. 2017-07-17 13:48:39 -07:00
Adam Ierymenko
3a1ec07db0 Remove some exception copypasta. 2017-07-17 10:43:28 -07:00
Adam Ierymenko
d939d8d21d A bit more remote tracing stuff. 2017-07-14 14:57:40 -07:00
Adam Ierymenko
4ecc0c59ca Plumbing through of remote trace into controller code. 2017-07-14 13:03:16 -07:00
Adam Ierymenko
495c5ce81d Bunch of remote tracing work. 2017-07-13 10:51:05 -07:00
Adam Ierymenko
dab0fb9e05 Remote trace: plumbing, replace old TRACE with calls to Trace object. 2017-07-07 16:58:05 -07:00
Adam Ierymenko
dff8c02cfe Pull out and deprecate old cluster code. New cluster code will not be merged yet. 2017-07-06 12:33:00 -07:00
Adam Ierymenko
f18158a52d . 2017-07-06 11:45:22 -07:00
Adam Ierymenko
2f20258807 . 2017-07-06 10:25:36 -07:00
Adam Ierymenko
baa10c2995 . 2017-06-30 17:32:07 -07:00
Adam Ierymenko
02d18af57d Remove Cluster.hpp 2017-06-23 16:10:26 -07:00
Adam Ierymenko
2ec88e8008 Remove old circuit test code. Rules engine will let us do this much better and more simply. 2017-05-30 10:19:45 -07:00
Adam Ierymenko
b9c1407013 Adjust PUSH_DIRECT_PATH circuit breaker, and comment out traces to reduce noise. 2017-05-08 09:36:37 -07:00
Adam Ierymenko
107e3e4106 First pass of configurable MTU and max MTU increase. 2017-05-04 17:12:02 -07:00
Adam Ierymenko
1b68d6dbdc License header update. 2017-04-27 20:47:25 -07:00
Adam Ierymenko
f1c0563c40 Fix for cluster handoff. 2017-04-14 18:02:04 -07:00
Adam Ierymenko
139c4b5633 Significant simplification to path logic. 2017-04-14 17:53:32 -07:00
Adam Ierymenko
e4896b257f Add thread PTR that gets passed through the entire ZT core call stack and then passed to handler functions resulting from a call. 2017-03-27 17:03:17 -07:00
Adam Ierymenko
e10325e133 GitHub issue #461 -- plus a bit of cleanup and optimization 2017-03-17 17:15:23 -07:00
Adam Ierymenko
cdc0eaec3a Fix attempt to WHOIS self. 2017-03-17 22:13:34 +00:00
Adam Ierymenko
a7cb738175 . 2017-03-17 14:25:54 -07:00
Adam Ierymenko
d1bb22a583 . 2017-03-17 14:09:30 -07:00
Adam Ierymenko
c6a39ed927 Fixes for possible ARM issues, cleanup, fix for spurious meaningless exceptions on NETWORK_CONFIG_REQUEST 2017-03-17 13:55:26 -07:00
Adam Ierymenko
0f3148bda2 Roots need to respond to lots of WHOISes 2017-03-10 20:08:07 -08:00
Adam Ierymenko
0c00b83702 cryptField() used to obscure extended fields in HELLO cannot use mangleKey() 2017-03-10 17:34:41 -08:00
Adam Ierymenko
d56f740dc6 Now with less bugs. 2017-03-03 13:49:21 -08:00
Adam Ierymenko
d79585d44d Circuit tests now report link quality. Also fixed a little thing in revocation propagation. 2017-03-01 15:12:17 -08:00
Adam Ierymenko
2bf9145ae6 Outgoing side of packet counter for link quality reporting. Also some cleanup and a cluster mode build fix. 2017-03-01 10:22:57 -08:00
Adam Ierymenko
10185e92fa Certificate of ownership -- used to secure against IP address spoofing, especially for IPv4 and regular IPv6. 2017-02-23 11:47:36 -08:00
Adam Ierymenko
af4e79735c Fix "orbit" semantics. Federation works. 2017-02-13 16:38:21 -08:00
Adam Ierymenko
969e09210d Fix loading of existing moons. 2017-02-13 16:14:48 -08:00
Adam Ierymenko
e4b6611201 Only accept world updates from upstreams. 2017-02-13 09:46:34 -08:00
Adam Ierymenko
42f28bce52 Cleanup and make moons (federated roots) a little easier to deal with. 2017-02-13 09:03:48 -08:00
Adam Ierymenko
cdc289fa9c Tags work. 2017-02-07 14:06:40 -08:00
Adam Ierymenko
435e4c4695 Fix HELLO parse bug. 2017-02-06 12:06:10 -08:00
Adam Ierymenko
f85a630a64 Docs and a small build fix in debug mode. 2017-02-06 07:17:45 -08:00
Adam Ierymenko
43182f8f57 Docs, code cleanup, and protect the extra new fields of HELLO with encryption as a precaution. 2017-02-05 16:19:03 -08:00
Adam Ierymenko
3587aa1ea7 Add and send certificates of representation to tell people what our valid upstreams are. These are not used yet but will be needed for future privacy modes, etc. Also some cleanup. 2017-02-04 13:17:00 -08:00
Adam Ierymenko
beb642faa5 Stub out CAN_REACH. 2017-02-04 10:21:31 -08:00
Adam Ierymenko
ed31cb76d6 Fix to cluster network configs. 2017-01-30 16:04:05 -08:00
Adam Ierymenko
eebd271bb1 Implement cross cluster sharing of network configs to make clusters able to actually join networks. 2017-01-30 15:40:22 -08:00
Adam Ierymenko
1d775af34a Fix moon persistence. 2017-01-27 15:35:21 -08:00
Adam Ierymenko
9f7919f71f Add comments to join ("orbit") moons. 2017-01-27 15:27:26 -08:00
Adam Ierymenko
bc218f9414 little fix 2017-01-27 13:52:29 -08:00
Adam Ierymenko
f102fd7f92 Extend in-band world updates to handle moons too. 2017-01-27 13:50:56 -08:00
Adam Ierymenko
64774d0d4f Replace piecemeal designation of upstreams with the concept of moons, which is simpler and easier to use and inherits all the cool live update stuff of worlds (now called planets) and global roots. 2017-01-27 13:27:52 -08:00
Adam Ierymenko
d5528e4e9a Wire up VERB_USER_MESSAGE in core. 2017-01-09 15:55:07 -08:00
Adam Ierymenko
42ba70e79e Replace long callback arg list with struct, and implement path whitelisting, path blacklisting, and local.conf support for roles. 2016-11-22 10:54:58 -08:00
Adam Ierymenko
2ea9f516e1 Rate gate expensive validation of new identities in HELLO. 2016-11-18 12:59:04 -08:00
Adam Ierymenko
ab4021dd0e Do packet MAC check before locallyValidate(), and add timing measurement in selftest. 2016-11-18 11:09:19 -08:00
Adam Ierymenko
bf8d71e82c Add notion of upstream that is separate from root in Topology, etc. 2016-11-17 16:20:41 -08:00
Adam Ierymenko
226123ca08 Refactor controller to permit sending of pushes as well as just replies to config requests. 2016-11-10 11:54:47 -08:00
Adam Ierymenko
93b4ac5cb2 Remove unused POW code, will revisit later. 2016-10-13 13:17:30 -07:00
Adam Ierymenko
7e90ab3534 TRACE verbosity increase on exceptions in NETWORK_CREDENTIALS. 2016-09-28 11:06:44 -07:00
Adam Ierymenko
5ee1ccd659 Send need credential error on more cases. 2016-09-27 16:41:08 -07:00
Adam Ierymenko
0b44919ba2 Clusters can send multiple OKs so we must allow this. 2016-09-27 16:33:37 -07:00
Adam Ierymenko
9f550292fe Simply network auth logic and always sent error on auth failure even for unknown networks to prevent forensics. 2016-09-27 13:49:43 -07:00
Adam Ierymenko
cc4bacc199 Cleanup, and implement compression disable flag for networks. 2016-09-27 12:22:25 -07:00
Adam Ierymenko
15c07c58b6 Refactored network config chunking to sign every chunk to prevent stupid DOS attack potential, and implement network config fast propagate (though we probably will not use this for a bit). 2016-09-27 11:33:48 -07:00
Adam Ierymenko
7e4b6b594b It now builds. 2016-09-26 17:05:39 -07:00
Adam Ierymenko
eac3667ec1 Bunch more refactoring and work on revocations, etc. 2016-09-26 16:17:02 -07:00
Adam Ierymenko
1f74dd4589 Revocation work in progress, add WATCH which is TEE with implicit rate sync (thanks JG@DCVC!), and clean up some cruft in Network. 2016-09-23 16:08:38 -07:00
Adam Ierymenko
d3524f3609 Refactor COM stuff a bit, and respond to COM requests a bit more readily for rapid setup. Will need to revisit later. 2016-09-20 21:21:34 -07:00
Adam Ierymenko
5b6d27e659 Implement relay policy, and setting multicast limit to 0 now disables multicast on the network as would be expected. 2016-09-13 14:27:18 -07:00
Adam Ierymenko
8ef0e4bbaf Get rid of HELLO rate gate on path since its basically worthless. There are 65535 ports per IP. 2016-09-13 10:46:36 -07:00
Adam Ierymenko
0da9a9a3e0 Set trustEstablished in a few more places. 2016-09-13 10:33:03 -07:00
Adam Ierymenko
cba37c6107 Add a few more rate limit gates for anti-DOS hardening. 2016-09-13 10:13:23 -07:00
Adam Ierymenko
ea1da3321a Rate gate requests for COM. 2016-09-12 15:19:21 -07:00
Adam Ierymenko
debc4c45ee Set trust established flag in MULTICAST_GATHER. 2016-09-09 11:45:34 -07:00
Adam Ierymenko
ab9afbc749 (1) Public networks now get COMs even though they do not gate with them since they will need them to push auth for multicast stuff, (2) added a bunch of rate limit circuit breakers for anti-DOS, (3) cleanup. 2016-09-09 11:36:10 -07:00
Adam Ierymenko
ef87069957 Fix gating of multicast GATHER replies since these can come from upstream, etc., and fix an issue with sending ECHO to recheck marginal paths. 2016-09-09 09:32:00 -07:00
Adam Ierymenko
0d4109a9f1 More refactoring to clean up code, and add a gate function to make sure we do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions. 2016-09-09 08:43:58 -07:00
Adam Ierymenko
16df2c3363 Clean up handling of COMs, network access control, and fix a backward compatiblity issue. 2016-09-08 19:48:05 -07:00
Adam Ierymenko
c7a4da3dd3 Turns out we do not need to pass network to receive(). 2016-09-07 15:24:53 -07:00
Adam Ierymenko
1908aa55f5 Refactor MULTICAST_LIKE pushing to eliminate redundant and unnecessary pushes and simplify code. 2016-09-07 15:15:52 -07:00
Adam Ierymenko
a7d988745b Use ECHO instead of HELLO where possible. 2016-09-07 12:01:03 -07:00
Adam Ierymenko
b5c86b6ba4 Bunch more path refactoring. Peers no longer forget paths, but do not normally use expired paths. Expired paths might still be tried if nothing else is reachable. 2016-09-07 11:13:17 -07:00
Adam Ierymenko
48a374c82c (1) fix crazy bug introduced in doRENDEZVOUS(), (2) reclaim Paths after paths[] condense, (3) fix an edge case around symmetric NAT and external IP change detection. 2016-09-06 14:05:58 -07:00
Adam Ierymenko
4992ac2d9f Cluster sub-optimal is in fact necessary... 2016-09-02 14:20:55 -07:00
Adam Ierymenko
4f8253dcdb Tweaks to path handling... 2016-09-02 13:33:56 -07:00
Adam Ierymenko
e8f6b4b5d3 Rest of big Path canonicalization refactor. 2016-09-02 11:51:33 -07:00
Adam Ierymenko
74afef8eb1 Think through and refine a few things in rules, especially edge case TEE and REDIRECT behavior and semantics. 2016-08-31 16:50:22 -07:00
Adam Ierymenko
f0636ffd4a EXT_FRAME messages should always be accepted if we are the destination for a matching TEE or REDIRECT rule. 2016-08-29 15:54:06 -07:00
Adam Ierymenko
cd3683f2ba Fix a missing receive(). 2016-08-24 17:50:51 -07:00
Adam Ierymenko
347ebcd899 Set trust flag in network controllers if remote query is accepted to allow NATed network controllers to better traverse. 2016-08-24 17:48:13 -07:00
Adam Ierymenko
c476285bd6 Harden PUSH_DIRECT_PATHS and simplify things by only doing it on receive when hops>0 and trust has been established. 2016-08-24 16:16:39 -07:00
Adam Ierymenko
0ee4d3554a Stub out USER_MESSAGE. 2016-08-23 14:38:20 -07:00
Adam Ierymenko
0a7a33ef8f Instantaneous blacklisting and credential revocation. 2016-08-23 13:46:36 -07:00
Adam Ierymenko
7036831203 Sign Dictionary in doNETWORK_CONFIG_REQUEST. 2016-08-23 11:57:56 -07:00
Adam Ierymenko
0dfc08b317 Tidy up a few minor protocol things, improve documentation in Packet.hpp. 2016-08-23 11:29:02 -07:00
Adam Ierymenko
faa9a06bf5 Controller fixes... 2016-08-17 17:37:37 -07:00
Adam Ierymenko
d166b494ee Rule parse fix. 2016-08-10 13:41:22 -07:00