0ae09577f6
Client & Central Controller updates to support additonal OIDC features ( #1848 )
...
Client side:
* Fix compatibility with OneLogin
* Requested scopes vary by OIDC provider. Different providers have different
Controller side:
*Update Postgres queries to latest Central schema
* Added Central Controller support for the different providers
* Base OIDC provider details are still attached to an org. Client ID & group/email lists are now associated with individual networks.
2023-01-19 15:39:15 -08:00
ee0a194b25
Several more SSO/OIDC related fixes, and bump version to 1.8.9.
2022-04-19 21:29:11 -04:00
ef08346a74
Fix a possible excessive memory use issue in controller and clean up a bunch of COM handling and other code in the normal node.
2022-04-19 19:59:54 -04:00
f9c84c8c52
Remove stray debug trace
2022-02-08 15:32:25 -08:00
d719137565
temp workaround for oidc auth dropping issue
...
Add a method to "kick" the refresh thread and re-post the tokens in the case where the thread is somehow still running & controller pushes out an AUTH_REQUIRED. This situation happens in a corner case still under investigation where the controller pushes out many copies of the network config repeatedly
2022-01-20 09:44:56 -08:00
663a09b38d
oidc stuff coming across the wire properly and generating a working login URL
2021-12-01 13:01:32 -08:00
eaccce743f
moar plumbing progress
2021-12-01 12:07:05 -08:00
91e9b736dd
make service objs dependent on zeroidc
2021-11-18 10:42:12 -08:00
fa21fdc1cc
rename stuff for clarity
...
authenticationURL will still be used by the client for v1 and v2 of sso
2021-11-11 16:19:26 -08:00
8d39c9a861
plumbing full flow from controller -> client network
2021-11-04 15:40:08 -07:00
134d33c218
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring.
2021-09-20 15:40:55 -07:00
364ad87e2b
add ssoEnabled flag to network config
2021-06-05 13:44:45 -07:00
810e2a761f
Fix authentication URL...
2021-05-25 14:49:06 -04:00
6ce71c1bc3
Fix reporting of status.
2021-05-25 14:45:49 -04:00
b270d527f4
Basic plumbing for authentication requirement and piping through of URL information.
2021-05-24 22:58:17 -04:00
dc806dd718
Try pipelining tap reads on Linux for a little more speed.
2020-11-16 18:56:00 -05:00
06730c7d1d
BSL date bump
2020-08-20 12:51:39 -07:00
c0c215c83c
single dns config per network
2020-08-12 13:08:47 -07:00
88a3c685fb
latest
2020-08-04 13:52:57 -07:00
d098a99d09
fix memory init issue
...
and another place where dns data needs to be copied
2020-07-31 11:42:03 -07:00
52a166a71f
Relicense: GPLv3 -> ZeroTier BSL 1.1
2019-08-23 09:23:39 -07:00
3db0197865
Add try/catch in LFDB and add introspection into multicast subscriptions in client network status API
2019-08-06 15:22:57 -05:00
e2900f4f3c
Fix valgrind warning... not sure if it is an actual issue.
2019-06-17 15:23:52 -07:00
aa831dd843
More stack->heap...
2019-06-17 14:55:33 -07:00
2966eac64f
Get rid of ZT_FAST_MEMCPY because this is not really needed.
2019-03-22 15:50:15 -07:00
63ec19674c
.
2019-03-19 16:43:43 -07:00
e03102dbcb
Clean out some unnecessarily pedantic auth stuff in favor of a simpler way of gating multicast gathers.
2019-03-14 14:29:15 -07:00
0e597191b8
Updated licenses for 2019
2019-01-14 10:25:53 -08:00
65b0030342
Added basic QoS rule handling
2018-07-11 16:55:13 -07:00
28cb40529d
Rough draft of fq-codel implementation
2018-07-10 16:50:12 -07:00
c908b9f67a
Add anchor and multicast hub address field to new multicast enabled ad-hoc address format.
2018-03-21 15:27:26 -07:00
78d9cee416
Other fixes to IPv4 ad-hoc networks.
2018-03-09 00:10:01 -08:00
bbdb2aa672
Some work on IPv4 enabled ad-hoc networks.
2018-03-08 23:53:57 -08:00
f7019d9e80
Tie up the rest of hub and spoke designated replicator multicast mode.
2018-01-26 22:14:10 -05:00
f03fd57997
Clean up some multicast code.
2018-01-26 20:38:44 -05:00
384e5b66de
More work on GitHub issue #666
2018-01-25 14:16:07 -05:00
65c07afe05
Copyright updates for 2018.
2018-01-08 14:33:28 -08:00
0608704626
Some micro-optimizations, including a memcpy that is faster than Linux for most distro/compiler versions.
2017-12-15 11:03:20 -08:00
395d8b3139
Full and clearer implementation of GitHub issue #588
2017-10-24 13:33:53 -07:00
b1d60df44c
timestamps changed from uint64_t to int64_t
...
There were cases in the code where time calculations and comparisons were overflowing and causing connection instability. This will keep time calculations within expected ranges.
2017-10-02 15:52:57 -07:00
f8014413a3
Add UDP MTU configurability.
2017-09-01 16:25:34 -07:00
495c5ce81d
Bunch of remote tracing work.
2017-07-13 10:51:05 -07:00
dab0fb9e05
Remote trace: plumbing, replace old TRACE with calls to Trace object.
2017-07-07 16:58:05 -07:00
d2415dee00
Cleanup.
2017-07-06 16:11:11 -07:00
2f20258807
.
2017-07-06 10:25:36 -07:00
baa10c2995
.
2017-06-30 17:32:07 -07:00
355cce3938
Rename Utils::snprintf due to it being a #define on one platform.
2017-06-27 11:31:29 -07:00
02d18af57d
Remove Cluster.hpp
2017-06-23 16:10:26 -07:00
9b287392a4
.
2017-06-05 12:15:28 -07:00
6015b529a0
More clustering work.
2017-06-01 12:33:05 -07:00
