Commit Graph

236 Commits

Author SHA1 Message Date
Adam Ierymenko
bf2b9e3692 Auto-authorize new members on public networks properly. 2016-12-22 18:52:34 -08:00
Adam Ierymenko
0d066e3b08 Fix JSON parse bug in REDIRECT target. 2016-12-22 18:26:43 -08:00
Adam Ierymenko
fe530548bb Fix MATCH_RANDOM in controller. 2016-12-22 16:57:45 -08:00
Adam Ierymenko
a54c2b438c Basic support for streaming of changes via stdout from controller. 2016-12-15 15:08:47 -08:00
Adam Ierymenko
ccdd4ffda7 Move split() to OSUtils since it is not used in core. 2016-11-18 15:49:28 -08:00
Adam Ierymenko
25f9c294dc Small bug fix and warning removal. 2016-11-18 13:01:45 -08:00
Adam Ierymenko
07b2a3818c Fix TTL scaling in cert. 2016-11-15 14:26:05 -08:00
Adam Ierymenko
15c6e2ec70 Fix member deauthorization time threshold bug. 2016-11-15 14:06:25 -08:00
Adam Ierymenko
e26bee45fb Multithreading in network controller. Threads are only started if controller is used. 2016-11-10 13:57:01 -08:00
Adam Ierymenko
1b10d3413a Use circuit breaker only for requests. 2016-11-10 13:08:43 -08:00
Adam Ierymenko
f0fcd222a1 Actually push updates when things change. 2016-11-10 12:54:43 -08:00
Adam Ierymenko
298e4a9f14 Also avoid sending tags and caps to old members since there is no point. 2016-11-10 12:33:09 -08:00
Adam Ierymenko
226123ca08 Refactor controller to permit sending of pushes as well as just replies to config requests. 2016-11-10 11:54:47 -08:00
Adam Ierymenko
5ebf5077f5 Log last meta-data in controller, and ease up just a bit on keepalives. 2016-11-09 17:11:10 -08:00
Adam Ierymenko
eea712a1ae Field in wrong place fixed. 2016-11-09 13:26:14 -08:00
Adam Ierymenko
1ebfca666d Memo-ize some computed stuff to control CPU utilization. 2016-11-09 12:34:20 -08:00
Adam Ierymenko
3d948a930e Send a blanket rule to old versions. New versions will still bidirecitonally enforce on the inbound side. 2016-11-08 14:24:30 -08:00
Adam Ierymenko
4524899e4d Update LM time on members on request. 2016-11-08 12:41:27 -08:00
Adam Ierymenko
360c84e035 Minor fixes. 2016-11-08 00:05:18 +00:00
Adam Ierymenko
4868d21526 Bug fixes in controller refactor. 2016-11-07 23:49:03 +00:00
Adam Ierymenko
5f63d5039b Bug fixes, self test of JSONDB disabled by default. 2016-11-07 14:01:23 -08:00
Adam Ierymenko
a454a37a6e Self test JSONDB. 2016-11-07 13:27:17 -08:00
Adam Ierymenko
a78d7311a6 Fix network list API call. 2016-11-04 16:23:41 -07:00
Adam Ierymenko
08ff666e99 . 2016-11-04 16:14:58 -07:00
Adam Ierymenko
0d108d37f6 . 2016-11-04 16:12:44 -07:00
Adam Ierymenko
cae9041c2a . 2016-11-04 15:52:01 -07:00
Adam Ierymenko
330a07a554 cleanup 2016-11-04 15:48:23 -07:00
Adam Ierymenko
7729cbe313 Fix ambiguous error on some compilers. 2016-11-04 15:34:49 -07:00
Adam Ierymenko
b03c7b2f30 Refactor controller to use split-out DB for better performance and less ugly. 2016-11-04 15:18:31 -07:00
Adam Ierymenko
3c00cd0f88 Separate out JSON store from controller code. 2016-11-03 14:17:46 -07:00
Grant Limberg
8ffae313fd add new files & remove old ones from VS project. Now builds & runs on Windows again 2016-11-03 12:10:50 -07:00
Adam Ierymenko
2cb760e0ac Fix ICMP json. 2016-10-13 14:14:46 -07:00
Adam Ierymenko
2d6a4e5974 cleanup 2016-10-13 13:52:45 -07:00
Adam Ierymenko
e2509af163 Fix bug in default rules init in new networks. 2016-10-12 12:30:32 -07:00
Adam Ierymenko
e53f63ca87 Broke down and added an OR to the rules engine. It is now possible to have a series of MATCHes that are ORed. 2016-10-11 12:00:16 -07:00
Adam Ierymenko
45c4ccb153 Add a tags both equal match. 2016-10-05 16:38:42 -07:00
Adam Ierymenko
adeb7e7da0 Make capability flags match more user-friendly and appropriate since "match any flag" is generally what we want. 2016-10-05 12:54:46 -07:00
Adam Ierymenko
988049f39b Add new rule to rules engine: random match. 2016-09-30 14:07:00 -07:00
Adam Ierymenko
f0794e09b7 Controller cleanup. 2016-09-30 13:04:26 -07:00
Adam Ierymenko
1eeebba2f7 Drop old /active path from network. 2016-09-29 17:59:27 -07:00
Adam Ierymenko
2fc3d12fb6 Minor tweaks to member code in controller, and fix Linux build. 2016-09-29 14:48:39 -07:00
Adam Ierymenko
7e4b6b594b It now builds. 2016-09-26 17:05:39 -07:00
Adam Ierymenko
1f74dd4589 Revocation work in progress, add WATCH which is TEE with implicit rate sync (thanks JG@DCVC!), and clean up some cruft in Network. 2016-09-23 16:08:38 -07:00
Adam Ierymenko
68e549233d Revise bearer token code in controller, and add relay policy as a meta-data item presented to controller by nodes (to facilitate future meshiness). 2016-09-15 13:17:37 -07:00
Adam Ierymenko
ab9afbc749 (1) Public networks now get COMs even though they do not gate with them since they will need them to push auth for multicast stuff, (2) added a bunch of rate limit circuit breakers for anti-DOS, (3) cleanup. 2016-09-09 11:36:10 -07:00
Adam Ierymenko
0d4109a9f1 More refactoring to clean up code, and add a gate function to make sure we do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions. 2016-09-09 08:43:58 -07:00
Adam Ierymenko
c9ee8612e4 Credential TTL (tags/capabilities) should be credential time max delta, since we could get pushed one that is newer. 2016-09-07 12:12:52 -07:00
Adam Ierymenko
74afef8eb1 Think through and refine a few things in rules, especially edge case TEE and REDIRECT behavior and semantics. 2016-08-31 16:50:22 -07:00
Adam Ierymenko
54489a7f61 rename SAMENESS to DIFFERENCE which is less confusing 2016-08-31 14:14:58 -07:00
Adam Ierymenko
8e3004591b Add overlooked MATCH_ICMP to rule set. 2016-08-31 14:01:15 -07:00