Joseph Henry
9933d83cf8
Merge pull request #1564 from zerotier/dev-whoami
...
Proactively seek, and distribute external surface addresses
This patch introduces a new "self-awareness" behavior which proactively queries peers for external surface addresses and distributes them via PUSH_DIRECT_PATHS. This has the effect of making ZT more responsive to interface changes.
Current behavior:
Previously, this type of information was only mediated via RENDEZVOUS and was only triggered when the client detected that it no longer had a single alive path to a peer. While PUSH_DIRECT_PATHS would correctly (and often) send local addresses, this was not the case for external addresses collected from response HELLOs. This would lead to situations where only one physical address would be distributed to peers. Additionally, if a new physical interface were to be made available to the client, the client would correctly bind to it but never seek information about its external mapping from a peer, and thus the new physical interface would remain unavailable for other peers to learn about until all paths on the previous interface have expired which can take a couple of minutes. In traditional usage of ZT this is not usually a problem, but it becomes a problem in the following scenarios:
Network interfaces go up and down while ZT is running (e.g. switching to LTE or WiFi from a wired connection)
Network interfaces are added or removed in multipath setups
Proposed behavior:
I propose that normal full HELLOs are sent not only on the first interface in use, but all interfaces. This causes planets to respond with a HELLO containing the surface address for each interface. We then collect each address using SelfAwareness::whoami() and distribute them via the normal PUSH_DIRECT_PATHS mechanism.
2022-02-25 11:30:45 -08:00
Joseph Henry
1918c29fd7
Change ECHO divisor from 20 to 6
2022-02-25 11:29:07 -08:00
Joseph Henry
618202d426
Increase min failover to 500 ms and probe period to 1/3rd of failover
2022-02-25 10:52:39 -08:00
Joseph Henry
d1335dca11
Change ECHO rate-limit divsor from 16 to 20
2022-02-21 16:22:33 -08:00
Joseph Henry
5e13b42abc
Rate gate ECHO per Path instead of per Peer
2022-02-21 14:37:39 -08:00
Joseph Henry
96aa1c30a6
Proactively seek, enumerate, and distribute external surface addresses
2022-02-17 15:39:17 -08:00
Joseph Henry
1b0c183913
Force non-leaf peers into local active-backup bond when multipath is enabled
2022-02-17 15:16:33 -08:00
Joseph Henry
40269c2a97
Comment out debug traces
2022-02-16 20:39:18 -08:00
Adam Ierymenko
3c85a7f074
Rev roots.
2022-02-15 09:13:58 -05:00
Joseph Henry
f9c84c8c52
Remove stray debug trace
2022-02-08 15:32:25 -08:00
Grant Limberg
aa97aabb4e
for now, only enable sso on certain platforms
...
mac, windows, linux x86/x86_64/aarch64
2022-02-01 11:07:37 -08:00
Joseph Henry
4190318c85
Fix typo in constant name
2022-01-28 10:41:21 -08:00
Joseph Henry
2f554fd6f8
Merge pull request #1552 from Shawn8410/master
...
FIX: fix wrong flag usage of rateGateCredentialsReceived
2022-01-28 10:12:16 -08:00
Shawn
ae93cccde6
FIX: fix wrong flag usage of rateGateCredentialsReceived
2022-01-27 11:59:21 +08:00
Joseph Henry
46e955e3a1
Split bond logs into two categories to reduce logging size
2022-01-26 15:14:02 -08:00
Joseph Henry
2850f131e2
Fix code style
2022-01-25 18:03:36 -08:00
Grant Limberg
d719137565
temp workaround for oidc auth dropping issue
...
Add a method to "kick" the refresh thread and re-post the tokens in the case where the thread is somehow still running & controller pushes out an AUTH_REQUIRED. This situation happens in a corner case still under investigation where the controller pushes out many copies of the network config repeatedly
2022-01-20 09:44:56 -08:00
Grant Limberg
dceba1f2f1
Merge branch 'dev' into zeroidc
2022-01-05 08:35:15 -08:00
Grant Limberg
73878fbdc4
Merge pull request #1531 from StephenCWills/mingw32-disable-salsasse
...
Disable Salsa20 SSE on MinGW 32-bit compiler
2022-01-04 17:42:40 -08:00
staphen
87d17088cc
Disable Salsa20 SSE on MinGW 32-bit compiler
2022-01-04 20:39:08 -05:00
Grant Limberg
cc6c48fca8
Merge pull request #1525 from StephenCWills/lowercase-windows-headers
...
Use lowercase when including Windows headers
2022-01-04 17:11:51 -08:00
staphen
1c956494a4
Use lowercase when including Windows headers
2021-12-29 16:29:08 -05:00
Grant Limberg
eee31605b1
Merge branch 'dev' into zeroidc
2021-12-15 14:17:26 -08:00
Andrej Binder
aeec7dae36
Prevent arithmetic error on interface change.
2021-12-15 22:22:02 +01:00
Adam Ierymenko
fa58909d44
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev
2021-12-15 12:32:41 -05:00
Adam Ierymenko
06ed114fb6
Release notes and GitHub issue #1512
2021-12-15 12:32:28 -05:00
Joseph Henry
bdef9d3bd7
Fix situation where too many ECHOs are sent to multipath peer
2021-12-14 21:20:58 -08:00
Joseph Henry
b154b7296c
Improve multipath logging output
2021-12-14 21:13:19 -08:00
Joseph Henry
1c6fd4125d
Fix custom policy parsing bug mentioned in issue #1507
2021-12-14 11:49:43 -08:00
Joseph Henry
e9375b50b0
Prevent path-amnesia
2021-12-13 11:54:23 -08:00
Joseph Henry
1f43a736b2
Fix active-backup path selection bug
2021-12-09 13:43:52 -08:00
Joseph Henry
05a0a20197
Fix multipath flow reallocation. Prevent allocation to dead paths
2021-12-08 14:32:58 -08:00
Grant Limberg
48b39ab005
removing comments
2021-12-03 17:46:37 -08:00
Grant Limberg
1192b1b422
refresh token run loop
...
Need central-side work to complete
2021-12-03 15:44:04 -08:00
Grant Limberg
663a09b38d
oidc stuff coming across the wire properly and generating a working login URL
2021-12-01 13:01:32 -08:00
Grant Limberg
eaccce743f
moar plumbing progress
2021-12-01 12:07:05 -08:00
Grant Limberg
7cce23ae79
wip
2021-12-01 10:44:29 -08:00
Grant Limberg
9ef75c0e13
Merge branch 'dev' into zeroidc
2021-11-29 14:12:10 -08:00
Grant Limberg
91e9b736dd
make service objs dependent on zeroidc
2021-11-18 10:42:12 -08:00
Adam Ierymenko
1ef385b685
Spinlock removed, causes long standing issues on single core machines.
2021-11-12 16:44:54 -05:00
Grant Limberg
fa21fdc1cc
rename stuff for clarity
...
authenticationURL will still be used by the client for v1 and v2 of sso
2021-11-11 16:19:26 -08:00
Grant Limberg
4d021e16a5
update field lengths
2021-11-08 09:30:13 -08:00
Grant Limberg
8d39c9a861
plumbing full flow from controller -> client network
2021-11-04 15:40:08 -07:00
Joseph Henry
cc6de583be
Prevent balance-xor from de-allocating from bad paths
2021-10-20 10:48:07 -07:00
Joseph Henry
9e8de2a702
Compilation fix
2021-10-01 11:19:04 -07:00
Joseph Henry
165757176a
Potential fix fro deadlock bug
2021-10-01 11:11:20 -07:00
Adam Ierymenko
9bc79f94df
Revert "Don't assume roots validated the identity, just in case they did not."
...
This reverts commit 39b97f9163
.
2021-09-20 22:05:49 -04:00
Adam Ierymenko
a0239e17e9
Revert "Use a faster method of fingerprinting identities."
...
This reverts commit b72e5e8386
.
2021-09-20 22:05:39 -04:00
Adam Ierymenko
b72e5e8386
Use a faster method of fingerprinting identities.
2021-09-20 20:02:39 -04:00
Adam Ierymenko
3f49570f45
Remove ancient controller support.
2021-09-20 18:38:29 -04:00
Adam Ierymenko
7c3166e9be
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring.
2021-09-20 18:26:49 -04:00
Adam Ierymenko
39b97f9163
Don't assume roots validated the identity, just in case they did not.
2021-09-20 16:15:59 -04:00
Joseph Henry
ff8044f0c0
Improve multipath startup time
2021-09-10 13:26:29 -07:00
Joseph Henry
e607348c7e
Fix bad index bug (during switching) in balance-rr
2021-09-07 21:41:54 -07:00
Joseph Henry
b6ed919fbc
Call recordOutgoingPacket regardless of policy to generate sufficient entropy for bond layer
2021-09-07 13:44:02 -07:00
Joseph Henry
109252be4e
Remove debug trace
2021-09-06 20:13:13 -07:00
Joseph Henry
a4b98518e3
Nominate newly-learned paths to bond
2021-09-06 15:29:03 -07:00
Joseph Henry
e1af003e4f
Consolidation of multipath logic. Better system separation
2021-09-01 21:37:49 -07:00
Joseph Henry
0ed9db05d2
Restore original ECHO rate limiting (changed for multipath)
2021-07-20 19:06:47 -07:00
Grant Limberg
8dd3639576
set ssoEnabled = true on network config if we get ERROR_NETWORK_AUTHENTICATION_REQUIRED
2021-06-05 14:00:03 -07:00
Grant Limberg
364ad87e2b
add ssoEnabled flag to network config
2021-06-05 13:44:45 -07:00
Adam Ierymenko
98722ed7ea
Increase URL buffer sizes
2021-06-04 18:52:10 -04:00
Adam Ierymenko
1dfe909bab
Increase authentication URL sizes.
2021-06-04 16:46:56 -04:00
Adam Ierymenko
810e2a761f
Fix authentication URL...
2021-05-25 14:49:06 -04:00
Adam Ierymenko
6ce71c1bc3
Fix reporting of status.
2021-05-25 14:45:49 -04:00
Adam Ierymenko
6b3a7ec827
Fix a few things...
2021-05-25 14:40:40 -04:00
Adam Ierymenko
8bb5bc736d
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev
2021-05-24 22:58:36 -04:00
Adam Ierymenko
b270d527f4
Basic plumbing for authentication requirement and piping through of URL information.
2021-05-24 22:58:17 -04:00
Joseph Henry
be7fca254f
Merge branch 'master' of https://github.com/xumng123/ZeroTierOne into xumng123-master
...
Remove unnecessary include
2021-05-18 00:24:19 -07:00
Joseph Henry
24615ed24b
Fix erroneous cast of verb to double that causes invalid tracing output
2021-05-04 08:59:52 -07:00
Joseph Henry
13481cea18
Fix (some) compile-time warnings on Windows
2021-05-03 21:12:45 -07:00
Joseph Henry
7faaa55436
Merge branch 'dev' of https://github.com/zerotier/ZeroTierOne into dev-multipath
2021-05-03 19:41:41 -07:00
Joseph Henry
11ddbc6f30
Fix (some) compile-time warnings on Linux
2021-05-03 19:35:28 -07:00
Joseph Henry
29e5880d8b
Match formatting of Bond-related sources to ZeroTier standard (no functional changes)
2021-05-03 17:59:31 -07:00
Adam Ierymenko
df0007d532
Update hard-coded default planet to latest.
2021-04-14 12:25:35 -04:00
xumng123
537ce83498
yes
2021-04-13 16:12:11 +00:00
Joseph Henry
1732f7371c
Minor bonding CLI fix
2021-04-07 15:15:35 -07:00
Adam Ierymenko
147945d20f
Lets try always supplying the AES keys to Packet dearmor() and see if that prevents the coma problem.
2021-02-13 00:01:49 -05:00
Adam Ierymenko
ac808d51d6
Crash fix
2021-02-03 18:56:07 -05:00
Adam Ierymenko
378bc73bf8
Clean up some peer path learning logic, use a cheaper data structure.
2021-02-03 14:30:03 -05:00
Adam Ierymenko
697c8c9882
Delete old code.
2021-02-02 16:17:53 -05:00
Adam Ierymenko
72d48da210
Fix duplicate paths and reduce thrashing issues.
2021-02-02 16:11:13 -05:00
Adam Ierymenko
b2b3271a96
Possible fix for path issues in 1.6.2
2021-02-02 14:55:47 -05:00
Vincent Milum Jr
a624dfd776
Fixing regression in AES for ARM targets
2020-11-27 08:22:55 +00:00
Adam Ierymenko
9d66d876f4
Likely fix for some alignment issues on ARM.
2020-11-25 14:28:41 -05:00
Adam Ierymenko
bc4bd29488
Merge branch 'master' of github.com:zerotier/ZeroTierOne
2020-11-25 10:50:35 -05:00
Adam Ierymenko
d64c5a92c6
Merge pull request #1233 from dosuperuser/improvement/optimizations
...
Minor C++ optimizations
2020-11-24 19:24:36 -05:00
Grant Limberg
a1b72f0e1a
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev
2020-11-23 14:54:39 -08:00
Grant Limberg
de308f05e0
missing break in InetAddress::ipScope()
2020-11-23 14:54:13 -08:00
Joseph Henry
ecfac0601a
Add new bond control commands to CLI
2020-11-23 09:59:28 -08:00
Joseph Henry
24339092f7
Merge branch 'dev' of https://github.com/zerotier/ZeroTierOne into dev
2020-11-17 14:05:33 -08:00
Adam Ierymenko
2fcc344299
Some buffer tuning.
2020-11-17 15:34:42 -05:00
Adam Ierymenko
dc806dd718
Try pipelining tap reads on Linux for a little more speed.
2020-11-16 18:56:00 -05:00
Adam Ierymenko
31d8758ad9
Apple "fat binaries" are back!
2020-11-16 16:30:15 -05:00
Joseph Henry
a690ffdb7c
Merge branch 'dev' of https://github.com/zerotier/ZeroTierOne into dev
2020-11-15 19:00:02 -08:00
Adam Ierymenko
44af828aa4
Tweak multicast settings to prevent failures due to TX queue overflow.
2020-11-12 22:21:43 -05:00
Adam Ierymenko
26a0cbcd73
Revert "Push credentials in multicast."
...
This reverts commit 1316ee3127
.
2020-11-12 20:53:23 -05:00
Adam Ierymenko
1a106bca3b
Revert "Build fix, and move multicast pushCredentialsIfNeeded."
...
This reverts commit cc42d6f4e0
.
2020-11-12 20:53:14 -05:00
Adam Ierymenko
cc42d6f4e0
Build fix, and move multicast pushCredentialsIfNeeded.
2020-11-12 20:40:10 -05:00
Adam Ierymenko
1316ee3127
Push credentials in multicast.
2020-11-12 20:33:31 -05:00
Adam Ierymenko
9480ff1f37
Fix some timestamp signedness mismatches.
2020-11-11 11:46:09 -05:00
Adam Ierymenko
e9e20fdad8
Increase multicast announce frequency a little.
2020-11-10 16:16:52 -05:00
Adam Ierymenko
53ba413d32
Dont use AES in HELLO.
2020-11-09 20:52:49 -05:00
Adam Ierymenko
7280fcdec2
Only define FreeBSD hwcaps stuff if ARM crypto is enabled for compiled.
2020-11-09 19:54:32 -05:00
Vince
83a2dcb65a
FreeBSD ARMv6, ARMv7, and Aarch64 support
2020-11-07 14:16:03 -08:00
Adam Ierymenko
dd65680150
Windows build fixes, version bump in AIP.
2020-11-06 11:18:41 -08:00
Adam Ierymenko
90f18f7ee7
Fix for ZTO-33 (Jira), only assign routes if there is a viable source IP.
2020-11-06 11:01:45 -05:00
Adam Ierymenko
f2c490345c
Remove unnecessary includes that can cause compile problems.
2020-10-30 16:14:59 -04:00
Joseph Henry
927bc2e33d
Merge branch 'dev' of https://github.com/zerotier/ZeroTierOne into dev
2020-10-22 14:04:41 -07:00
Joseph Henry
1331739ee4
Remove (some) debug tracing in Bond which may cause a segfault
2020-10-21 18:40:55 -07:00
Adam Ierymenko
ed9b09e980
Missing flag.
2020-10-20 18:52:36 -04:00
Adam Ierymenko
70f37962cf
Backport AES fixes for compiler, arch, and splitting into separate files.
2020-10-20 18:50:28 -04:00
Joseph Henry
fd7f61bab7
Merge branch 'dev' of https://github.com/zerotier/ZeroTierOne into dev
2020-10-14 18:40:38 -07:00
Joseph Henry
5f8714a0cd
Remove minor non-functional flow hashing stubs
2020-10-14 18:40:20 -07:00
Adam Ierymenko
8d83b9b7c5
Revert change to path quality to fix IPv6 issue in beta. We will rework this in 2.x.
2020-10-14 20:41:58 -04:00
Adam Ierymenko
2c75be0d64
Do not always enable SSE4 on X64 due to old Atom chips. Enable instead only for AES-NI code which is only run if AES-NI is present, which it is not on these old chips.
2020-10-13 16:08:30 -04:00
Adam Ierymenko
255dee7a5e
MacOS build fixes.
2020-09-25 14:32:53 -04:00
Grant Limberg
7d8cfb1fee
more magic incantations to make crypto extensions work on Android/ARM64
2020-09-22 10:28:31 -07:00
Grant Limberg
9e6dba9066
Enable AES-NI on Android X86-64
...
Need to find the magic incantation to enable it on ARM64 still
2020-09-21 18:05:25 -07:00
Grant Limberg
0f2887265c
AES-NI/NEON detection for iOS
...
Requires 64-bit CPU
2020-09-21 13:18:05 -07:00
Adam Ierymenko
1ff45020e2
Prefer IPv6 if all else is equal.
2020-09-18 16:27:41 -04:00
Adam Ierymenko
04f6140da6
AES builds and works now on ARM64.
2020-09-16 22:47:13 +00:00
Grant Limberg
221e4ecb12
Add "documentation" networks as IP_SCOPE_PRIVATE
...
https://en.wikipedia.org/wiki/Reserved_IP_addresses
2020-09-16 10:24:36 -07:00
Grant Limberg
1883a8c9ee
Set 198.18.0.0/15 to IP_SCOPE_PRIVATE
2020-09-16 10:15:42 -07:00
Adam Ierymenko
9adf656db5
Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev
2020-09-14 20:44:46 -04:00
Adam Ierymenko
7219ca0c0f
AES works! Only with this or newer nodes. Uses salsa with older ones as usual.
2020-09-14 20:44:21 -04:00
Grant Limberg
df640dc39b
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev
2020-09-14 12:45:11 -07:00
Grant Limberg
d980bba49f
fix windows compilation
2020-09-14 12:42:51 -07:00
Joseph Henry
cf47618ffb
Change ZT_MULTIPATH_FLOW_EXPIRATION_INTERVAL from 30 seconds to 5 minutes
2020-09-11 16:09:46 -07:00
Joseph Henry
0e8b54f7a1
Add minor trace output formatting changes. Change ZT_MULTIPATH_BOND_STATUS_INTERVAL from 30000 to 60000
2020-09-11 14:47:18 -07:00
Adam Ierymenko
cb8d773634
Disable unicast compression as it almost never helps and usually just wastes CPU.
2020-09-11 13:36:21 -04:00
Adam Ierymenko
e6b5f8aabd
AES work... but disabled in this commit.
2020-09-10 15:43:40 -04:00
Adam Ierymenko
1ad555a071
More selective push of AES modifications and refactoring stuff.
2020-09-10 14:48:48 -04:00
Adam Ierymenko
b7b01da742
Wire up dearmor() path.
2020-08-25 14:13:20 -07:00
Adam Ierymenko
93d6b41898
Disable AES in commit so as not to break other builds.
2020-08-25 08:08:54 -07:00
Adam Ierymenko
47e9fb3ddb
Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev
2020-08-25 08:07:23 -07:00
Joseph Henry
b1ddba0438
Remove a few old comments
2020-08-24 18:56:49 -07:00
Adam Ierymenko
2ac49d99dd
AES integrated on send side.
2020-08-21 14:23:31 -07:00
Adam Ierymenko
3fd8efe642
AES builds now
2020-08-21 09:56:53 -07:00
Adam Ierymenko
06730c7d1d
BSL date bump
2020-08-20 12:51:39 -07:00
Grant Limberg
8d0a3563e4
Merge branch 'dns' into dev
2020-08-12 13:56:21 -07:00
Grant Limberg
c0c215c83c
single dns config per network
2020-08-12 13:08:47 -07:00
Joseph Henry
edd960566a
Improve bond tracing, fix bond initialization bugs, remove vestigial debug code
2020-08-06 18:10:40 -07:00
Grant Limberg
88a3c685fb
latest
2020-08-04 13:52:57 -07:00
Grant Limberg
d098a99d09
fix memory init issue
...
and another place where dns data needs to be copied
2020-07-31 11:42:03 -07:00
Grant Limberg
6b197e067a
Merge branch 'dev' into dns
2020-07-30 13:15:43 -07:00
Joseph Henry
9f4985b11a
Add basic bond health status reporting (listbonds)
2020-07-27 23:01:12 -07:00
Joseph Henry
29ebda62ef
Remove (some) debug functions and traces
2020-07-23 00:32:39 -07:00
Joseph Henry
a1b2ff772a
Add new replacement condition in peer path redundancy logic to fix duplicate paths
2020-07-23 00:15:38 -07:00
Joseph Henry
dc784f6213
Comment out Bond and BondController debug traces
2020-07-21 10:22:10 -07:00