ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2024-12-21 22:07:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,759 Commits 15 Branches 105 Tags 179 MiB
e7a2c6ecef
Commit Graph

202 Commits

Author SHA1 Message Date
Adam Ierymenko
cecfa99b7b (1) cluster members send a flag indicating that a PUSH_DIRECT_PATHS is a cluster redirect, (2) 1.1.5 uses this to avoid a bug (this bug does not exist in 1.1.4) 2016-04-18 16:44:23 -07:00
Adam Ierymenko
284e5d83b5 Fix some broken TRACEs and a tiny reorder in a few ifs. 2016-03-28 12:15:24 -07:00
Adam Ierymenko
0c951b6e56 More tweaks to new symmetric NAT buster, and stop using old iterative method since this supersedes it. 2016-02-10 18:41:39 -08:00
Adam Ierymenko
4769dacf61 Tweak needsOurMembershipCertificate timing to resolve a possible source of occasional dropped packets. 2016-02-09 16:54:47 -08:00
Adam Ierymenko
4e4fd51117 boring doc stuff 2016-01-12 14:04:55 -08:00
Adam Ierymenko
3883ac08c7 Docs and cleanup. 2016-01-12 13:17:30 -08:00
Adam Ierymenko
740eb6ebc4 Simplify Peer locking to eliminate deadlock with new path recursion check code (and also probably improve performance). 2016-01-12 12:12:25 -08:00
Adam Ierymenko
b3e3d4cacc Instead of using binary packet comparison, add a callback to the API to explicitly check whether paths should be used. Check in with this callback (if present) when learning new paths or sending initial packets. 2016-01-11 10:17:44 -08:00
Adam Ierymenko
1023ef23b7 Remove somewhat ugly and costly anti-recursion hack -- we will switch to more explicit methods. 2016-01-11 09:06:10 -08:00
Adam Ierymenko
a56fbc1929 Close another potential anti-recursion loophole. 2016-01-06 15:35:27 -08:00
Adam Ierymenko
47ce52228b Roots should probably not do this since it would likely be a waste of packets. 2016-01-06 12:54:51 -08:00
Adam Ierymenko
9aee72099e AntiRecursion cleanup and some other minor things. 2016-01-06 10:59:39 -08:00
Adam Ierymenko
05b2c0743f Tighten up dead path detection. Should now auto-detect dead paths in less than 10 seconds at a very small cost in ECHO requests (or HELLOs for older peers). GitHib issue #272 2016-01-06 10:00:03 -08:00
Adam Ierymenko
4d94ae77b4 simplify if 2016-01-05 16:48:35 -08:00
Adam Ierymenko
d8143a5e18 Implement first pass on rapid dead path detection, and increment version to 1.1.3 (dev) 2016-01-05 16:41:54 -08:00
Adam Ierymenko
436c1fac1d Selectively move over changes from "edge" to "dev" excluding netcon. 2015-12-21 16:15:39 -08:00
Adam Ierymenko
0940d673db Always advertise to the cluster when we have a peer even if we have also initiated handoff. This might be the cause of the warmup problem -- will test later. At the very least it should not hurt anything due to pick-latest logic and the fact that cluster members with only suboptimal paths do not respond to WANT_PEER. 2015-11-11 14:36:22 -08:00
Adam Ierymenko
32ec378e3b Announce that we have peers on the cluster when we first see them to improve startup times, and add a result crunching script to tests/http. 2015-11-09 18:01:23 -08:00
Adam Ierymenko
2cc50bdb10 Try bringing back TTL escalation -- may help with Docker (IP-MASQ) type NAT 2015-11-09 15:44:13 -08:00
Adam Ierymenko
35c4e28f31 Mark geo-redirected paths as suboptimal and do not report that we have a peer if all we have is one of these. Also a few other small fixes. 2015-11-09 14:25:28 -08:00
Adam Ierymenko
57b71bfff0 Cluster simplification and refactor work in progress... 2015-11-08 13:57:02 -08:00
Adam Ierymenko
6bc8c9d8ef Clustering cleanup, still a work in progress. 2015-11-06 16:12:41 -08:00
Adam Ierymenko
5f39d5b7ea Further pare down Cluster messaging and rename some stuff. 2015-11-06 14:37:17 -08:00
Adam Ierymenko
a42d714a87 . 2015-11-03 11:18:45 -08:00
Adam Ierymenko
a994573a43 Eliminate some more dead code. We may do path trust, but not like that. 2015-10-29 09:42:15 -07:00
Adam Ierymenko
cdc99bfee1 Add a circuit breaker for VERB_PUSH_DIRECT_PATHS. 2015-10-27 18:18:26 -07:00
Adam Ierymenko
cc1b275ad9 Replicate peer endpoints and forget paths if we have them -- this allows two clusters to talk to each other, whereas forgetting all paths does not. 2015-10-27 16:47:13 -07:00
Adam Ierymenko
cc6080fe38 (1) No need to confirm if we are a root (small optimization), (2) Refactor peer affinity tracking. 2015-10-27 15:57:26 -07:00
Adam Ierymenko
218ef07d8e Build fix in TRACE mode. 2015-10-27 15:01:11 -07:00
Adam Ierymenko
16bc3e0398 Factor out RemotePath subclass of Path -- no longer needed, just cruft. 2015-10-27 15:00:16 -07:00
Adam Ierymenko
40976c02a4 Forget paths to peers if we are handing them off. 2015-10-27 14:37:38 -07:00
Adam Ierymenko
a1a0ee4edb Fix infinite loop in Cluster, clean up some stuff elsewhere, and back out rate limiting in PUSH_DIRECT_PATHS for now (but we will do something else to mitigate amplification attacks) 2015-10-27 12:01:00 -07:00
Adam Ierymenko
9617208e40 Some cleanup, and use VERB_PUSH_DIRECT_PATHS to redirect newer peers. 2015-10-27 09:53:43 -07:00
Adam Ierymenko
69857b4ba8 Refactor cluster redirects to move code to push peers out of the actual Cluster function that checks for redirect, and clean up Peer::received() to be a bit more logical. 2015-10-27 09:36:48 -07:00
Adam Ierymenko
e713f7a54c Can redirect in response to a few more verbs, just not these. 2015-10-26 18:20:40 -07:00
Adam Ierymenko
98d856daa2 Only send redirects to the sending InetAddress and only in response to a set of certain frame types to avoid potential race conditions. 2015-10-26 17:58:51 -07:00
Adam Ierymenko
8bfb02ba3c Only send redirects for the same address class, and elminiate some TRACE noise. 2015-10-26 16:55:55 -07:00
Adam Ierymenko
978b056a01 Wire in redirectPeer(), now about ready to test clustering! 2015-10-20 17:36:10 -07:00
Adam Ierymenko
2258e36a59 Move replication of COMs to avoid race condition. 2015-10-20 16:34:21 -07:00
Adam Ierymenko
59e1444b27 Finish wiring up Cluster, fix some issues with other recent changes. 2015-10-20 16:31:41 -07:00
Adam Ierymenko
eb79d4a2f3 Wire up peer announcement in cluster. 2015-10-20 16:24:21 -07:00
Adam Ierymenko
57e29857cf Cluster work -- integrating with the rest of the code. 2015-10-20 15:27:53 -07:00
Adam Ierymenko
cfdcce6d12 Fix very obscure IP scope classification logic bug. 2015-10-19 15:19:04 -07:00
Adam Ierymenko
9150778757 . 2015-10-19 15:04:26 -07:00
Adam Ierymenko
50f3ccd3c9 . 2015-10-19 15:03:58 -07:00
Adam Ierymenko
584072fa6a Fix for V4/V6 stable addressing. 2015-10-19 14:04:36 -07:00
Adam Ierymenko
cc4d0199e7 Fix vProto init. 2015-10-16 10:58:59 -07:00
Adam Ierymenko
781f06ef82 Accept OK for confirm of HELLO or ECHO. 2015-10-16 10:48:38 -07:00
Adam Ierymenko
5ce3aac929 Add rate limit on receive of DIRECT_PATH_PUSH to prevent DOS exploitation. 2015-10-16 10:28:09 -07:00
Adam Ierymenko
2229e91b57 IPv6 support fixes. 2015-10-16 10:10:12 -07:00
Adam Ierymenko
5d2f523e81 World stuff... 2015-10-13 12:10:44 -07:00
Adam Ierymenko
7d62dbe9f7 Tune NAT-t keepalives so that timing is better obeyed, clean up a build warning, and fix a potential source of network recursion (though harmless). 2015-10-07 11:57:59 -07:00
Adam Ierymenko
ab0228f626 More cleanup and simple refactoring, consolidate InetAddres serialize/deserialize into the class. 2015-10-07 10:30:47 -07:00
Grant Limberg
6080a45c9c change cert to com. no variable named cert. 2015-10-02 19:39:13 -07:00
Adam Ierymenko
2c196307ee --bugs; 2015-10-01 13:01:18 -07:00
Adam Ierymenko
53e5f94b99 . 2015-10-01 12:25:43 -07:00
Adam Ierymenko
9405150b11 Restore group announcement on Peer::receive() but centralize packet composition in one place. 2015-10-01 11:37:02 -07:00
Adam Ierymenko
a3db7d0728 Refactor: move network COMs out of Network and into Peer in prep for tightening up multicast lookup and other things. 2015-10-01 11:11:52 -07:00
Adam Ierymenko
f69454ec98 (1) Make ZT_ naming convention consistent (get rid of ZT1_), (2) Make local interface a full sockaddr_storage instead of an int identifier, which turns out to be better for multi-homing and other uses. 2015-09-24 16:21:36 -07:00
Adam Ierymenko
367ffde00c Plumb through localInterfaceId to track local interfaces corresponding with remote addresses. 2015-09-23 13:49:56 -07:00
Adam Ierymenko
86996d4315 Eliminate compiler warning. 2015-09-23 10:27:53 -07:00
Adam Ierymenko
d656e87395 Send a random small payload for NAT keepalives, since zero byte packets seem to fail to keep associations alive behind some NATs. 2015-09-22 15:58:00 -07:00
Adam Ierymenko
8d09c37140 Remove a bit of redundant logic, and also announce MULTICAST_LIKEs to controllers (for future use). 2015-07-31 09:37:13 -07:00
Adam Ierymenko
708aac1ea7 Remove some left over debug code, and fix attempt to send to self if we are an active bridge. 2015-07-28 11:43:09 -07:00
Adam Ierymenko
dda376c9eb Nuke some abandoned code. 2015-07-28 11:16:43 -07:00
Adam Ierymenko
e99eda4a4a Fix IP scoping bug, and disable remotely reported surface push... not helping. :( 2015-07-27 17:28:13 -07:00
Adam Ierymenko
f0003ea922 Push remote surface as reported by peers along with known interface direct paths to assist with (some) NAT traversal. (trying this, may back out if not effective) 2015-07-27 17:02:43 -07:00
Adam Ierymenko
547b1c6157 Add additional TRACE output in pushDirectPaths. 2015-07-13 10:35:33 -07:00
Adam Ierymenko
0b354803f3 Clean up some YAGNI issues with implementation of GitHub issue #180, and make best path choice aware of path rank. 2015-07-13 10:03:04 -07:00
Adam Ierymenko
4bf3bcbd55 Fixes to PUSH_DIRECT_PATHS. 2015-07-13 09:29:51 -07:00
Adam Ierymenko
778c7e6e70 More cleanup to direct path push, comment fixes, etc. 2015-07-07 10:00:34 -07:00
Adam Ierymenko
84ba365c77 Fix bug in direct path push send. 2015-07-06 17:20:41 -07:00
Adam Ierymenko
a87cd2d094 Unix side of local interface address awareness for GitHub issue #180. 2015-07-06 16:32:34 -07:00
Adam Ierymenko
79e9a8bcc2 Almost everything for GitHub issue #180 except direct path map setup. 2015-07-06 15:28:48 -07:00
Adam Ierymenko
255320e2a6 pushDirectPaths() implementation 2015-07-06 14:39:28 -07:00
Adam Ierymenko
93bb934d4e Some cleanup, docs, and Path -> Path > RemotePath refactor. 2015-07-06 14:08:13 -07:00
Adam Ierymenko
7bae95836c Root server terminology cleanup, and tighten up a security check by checking full identity of peers instead of just address. 2015-06-19 10:23:25 -07:00
Kees Bos
a425bbc673 Renamed supernode to rootserver 2015-05-06 12:05:20 +02:00
Adam Ierymenko
d9006712f6 Completely factor out "desperation" from the core. I thought of a significantly simpler way to move all of this logic entirely into the containing service, liberating the core from any concern over the nature of its pipe to the outside world. 2015-05-21 15:58:26 -07:00
Adam Ierymenko
9279bac385 Fix deadlock in SelfAwareness by deferring reconnects. 2015-04-30 21:09:41 -07:00
Adam Ierymenko
98bcc3d4b5 Disable a few noisy TRACEs, and limit how often we confirm new paths to avoid flooding. 2015-04-15 13:15:09 -07:00
Adam Ierymenko
1cfa67bbdd Bunch more control plane work, and shelve old UI -- React FTW. 2015-04-14 13:56:28 -07:00
Adam Ierymenko
9e651b39e4 Add some TRACE around pinging (for now), and refactor service/One to just run in the foreground as some platforms may not require threads at all. 2015-04-10 11:40:45 -07:00
Adam Ierymenko
5e331d6733 Restrict unite() to desperation==0 since NAT-t only works right now with direct links. 2015-04-10 10:13:50 -07:00
Adam Ierymenko
ccc73b920e Node peer list function for CAPI, and some Peer cleanup. 2015-04-08 18:45:21 -07:00
Adam Ierymenko
40bfe37a19 Use max of core or most recent path desperation for pings. 2015-04-08 14:58:23 -07:00
Adam Ierymenko
49f031ccb4 Tons of refactoring, change to desperation algorithm to use max of core or link, porting over core loop code from old Node.cpp to new CAPI version, etc. 2015-04-07 19:31:11 -07:00
Adam Ierymenko
24608d5ca3 Always use HELLO to contact, and we now confirm newly learned paths via a two-way handshake to prevent half-connects. 2015-04-07 12:22:33 -07:00
Adam Ierymenko
52c3b7c34e Implemented empirical determination of external addressing, paritioned per scope. 2015-04-07 11:56:10 -07:00
Adam Ierymenko
4e691c8e22 build fixes 2015-04-06 18:56:08 -07:00
Adam Ierymenko
51f46a009a Multicast group join/leave and group membership announcement. 2015-04-06 18:27:24 -07:00
Adam Ierymenko
ee0f56355b Send path simplification. 2015-04-03 13:14:37 -07:00
Adam Ierymenko
a69e1876f1 The concept of link desperation (escalating to less desirable transports) simplifies a ton of stuff. Loads of spaghetti logic can die since we no longer have to make these decisions down in the core. 2015-04-02 17:54:56 -07:00
Adam Ierymenko
93012b0ee5 Re-incorporation: ZeroTier Networks -> ZeroTier, Inc. [Delaware] 2015-02-17 13:11:34 -08:00
Adam Ierymenko
4e95384ad6 Cleanup, add tristate to config code in Network, and happy new year! 2015-01-05 17:47:59 -08:00
Adam Ierymenko
ee9e6a3c6b Change path selection logic to exclude non-fixed and non-active paths -- possible fix for "NAT traversal coma" issue. Also fix a typo. 2014-11-20 13:20:16 -08:00
Adam Ierymenko
0e47f13f14 Simplify locking semantics some more to address a deadlock. 2014-10-21 10:42:04 -07:00
Adam Ierymenko
2416491cbc Permanently retire peers.persist, but make iddb.d always enabled instead since identities are what we really want to cache. 2014-10-13 14:12:51 -07:00
Adam Ierymenko
0d017c043f Stop persisting last announcement time since Multicaster is volatile. Also some more legacy multicast fixes. 2014-10-11 16:26:02 -07:00
Adam Ierymenko
87f1b1b1e3 Bug fix in new multicast frame handler, handling of old "P5" multicast frames in new way. 2014-10-06 13:16:16 -07:00