ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2024-12-19 13:07:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,318 Commits 15 Branches 105 Tags 179 MiB
e94518590d
Commit Graph

87 Commits

Author SHA1 Message Date
Adam Ierymenko
e94518590d First stab of PFS design work with PKC security -- may not implement in 1.0.3 but stubbing out. 2015-05-14 17:41:05 -07:00
Adam Ierymenko
a8835cd8b3 Some prep work to make room for perfect forward security (PFS). Will not affect existing clients. 2015-05-13 18:53:37 -07:00
Adam Ierymenko
e922324bc6 Stop inlining all the Packet armor/dearmor stuff to reduce binary bloat. This stuff is called all over the place. 2015-05-04 18:39:53 -07:00
Adam Ierymenko
49f031ccb4 Tons of refactoring, change to desperation algorithm to use max of core or link, porting over core loop code from old Node.cpp to new CAPI version, etc. 2015-04-07 19:31:11 -07:00
Adam Ierymenko
a2821e9000 Add code to check external surface against reported surface from other trusted peers, and also rename ExternalSurface to SelfAwareness because lulz. 2015-04-06 20:17:21 -07:00
Adam Ierymenko
6eb9289367 Bunch more cleanup, improvements to NAT traversal logic, finished updating Switch. 2015-04-03 16:52:53 -07:00
Adam Ierymenko
1f28ce3980 Tons more refactoring: simplify Network, move explicit management of Tap out, redo COM serialization, etc. 2015-04-01 19:09:18 -07:00
Adam Ierymenko
93012b0ee5 Re-incorporation: ZeroTier Networks -> ZeroTier, Inc. [Delaware] 2015-02-17 13:11:34 -08:00
Adam Ierymenko
89f0c948f8 Physical address change message verb. 2015-02-04 11:59:02 -08:00
Adam Ierymenko
64ba596e0b C++ network config master ready to test. 2015-01-08 14:27:55 -08:00
Adam Ierymenko
4e95384ad6 Cleanup, add tristate to config code in Network, and happy new year! 2015-01-05 17:47:59 -08:00
Adam Ierymenko
96e9a90e8e docs 2015-01-05 16:19:56 -08:00
Adam Ierymenko
87c599df5c Back out service message type -- YAGNI violation. 2015-01-05 15:52:02 -08:00
Adam Ierymenko
56cfe1d603 Strip out old Service code, add new service message type. 2015-01-05 11:47:22 -08:00
Adam Ierymenko
5484cf4309 More cleanup, and fix a bug in Multicaster::gather() 2014-10-29 16:24:19 -07:00
Adam Ierymenko
5bb854e504 Fix a nasty bug introduced in packet fragmentation a while back during refactoring, and a few other things related to multicast. 2014-10-28 17:25:34 -07:00
Adam Ierymenko
4941c8a1f3 New multicast bug fixes, TRACE improvements, and temporarily disable legacy multicast for debugging purposes. 2014-10-09 17:58:31 -07:00
Adam Ierymenko
d5e0f7e3e4 Reorg multicast packet, and a whole bunch of refactoring around the pushing of certificates of membership. 2014-10-09 12:42:25 -07:00
Adam Ierymenko
87f1b1b1e3 Bug fix in new multicast frame handler, handling of old "P5" multicast frames in new way. 2014-10-06 13:16:16 -07:00
Adam Ierymenko
1109046782 Last steps before test: parse OK(MULTICAST_GATHER) and OK(MULTICAST_FRAME) 2014-10-02 13:50:37 -07:00
Adam Ierymenko
dee86e2448 But since we are now using middle 3 bits we can assign sane values for the cipher suite enum. 2014-10-02 11:13:53 -07:00
Adam Ierymenko
17da733f97 Gotta support old encrypted flag, move cipher spec to middle 3 bits... due to some shortsighted design early-on. In the future this can die once there are no old peers. 2014-10-02 11:08:59 -07:00
Adam Ierymenko
23836d4c11 Change "encrypted" flag to full cipher suite selector. Go ahead and reserve AES256-GCM which might be added in the future. 2014-10-02 10:54:34 -07:00
Adam Ierymenko
e53d208ea4 Improve security posture by eliminating non-const data() accessor from Buffer. 2014-10-02 10:06:29 -07:00
Adam Ierymenko
b41437780b Add origin to new MULTICAST_FRAME, move security check for certs into Network to remove redundant code and bug-proneness, more work on IncomingPacket... 2014-09-30 17:26:34 -07:00
Adam Ierymenko
2659427864 Multicaster needs to be global, not per-network, and a bunch of other stuff. 2014-09-30 16:28:25 -07:00
Adam Ierymenko
8607aa7c3c Everything in for new multicast except IncomingPacket parsing... 2014-09-30 08:38:03 -07:00
Adam Ierymenko
ed0ba49502 A few more revisions to new multicast verbs. 2014-09-26 14:18:25 -07:00
Adam Ierymenko
9e186bbd89 . 2014-09-25 15:57:43 -07:00
Adam Ierymenko
431476e2e4 Some more multicast algo work... 2014-09-24 13:45:58 -07:00
Adam Ierymenko
954f9cbc13 Yet more WIP on mulitcast algo... 2014-09-22 13:18:24 -07:00
Adam Ierymenko
d9abd4d9be Work on defining new direct broadcast multicast algorithm. 2014-09-18 18:28:14 -07:00
Adam Ierymenko
9b93141dd0 Upgrade LZ4 to latest version. 2014-07-30 15:34:15 -07:00
Adam Ierymenko
aead1050fb Bridging (GitHub issue #68) does indeed work! Just needed to fix a packet size thinko. 2014-06-21 12:29:33 -04:00
Adam Ierymenko
6e485833ef . 2014-06-21 12:25:10 -04:00
Adam Ierymenko
d6a4f8d77b Add flags to EXT_FRAME for better future proofness. 2014-06-12 11:40:30 -07:00
Adam Ierymenko
c30f9832b0 Packet decoder work for EXT_FRAME for bridging - GitHub issue #68 2014-06-10 21:41:34 -07:00
Adam Ierymenko
fb31f93c52 Protocol messages for bridging. GitHub issue #68 2014-06-10 15:25:15 -07:00
Adam Ierymenko
aee742e767 More toward GitHub issue #56 2014-04-10 16:30:15 -07:00
Adam Ierymenko
b5c3a92be2 Boring stuff: update dates in copyrights across all files. 2014-02-16 12:40:22 -08:00
Adam Ierymenko
8b65b3e6d7 Yank PROBE stuff since it's not used and was a premature addition to the protocol. 2014-01-28 10:41:43 -08:00
Adam Ierymenko
07f505971c Windows build fixes. 2014-01-17 17:09:59 -08:00
Adam Ierymenko
10df5dcf70 Fix several things: 
(1) The changes to path learning in the two previous releases were poorly thought out,
and this version should remedy that by introducing PROBE. This is basically a kind of
ECHO request and is used to authenticate endpoints that are not learned via a valid
request/response pair. Thus we will still passively learn endpoints, but securely.

(2) Turns out there was a security oversight in _doHELLO() that could have permitted...
well... I'm not sure it was exploitable to do anything particularly interesting since
a bad identity would be discarded anyway, but fix it just the same.
 2013-12-31 11:03:45 -08:00
Adam Ierymenko
612c17240a Dead code removal, fix for cleanup GitHub issue #28 2013-12-06 16:49:20 -08:00
Adam Ierymenko
f5d397e8c8 Pull in-band file transfer stuff. Toyed around with that idea, but it seems that updates for some platforms are big enough and there are enough reliability concerns that just using TCP/HTTP is safer and easier. 2013-12-04 10:45:15 -08:00
Adam Ierymenko
9fdec3acfc More updater work... coming along. 2013-11-05 17:08:29 -05:00
Adam Ierymenko
6c63bfce69 File transfer work, add identities for validation of updates. 2013-11-04 17:31:00 -05:00
Adam Ierymenko
ae138566a9 Updater code, work in progress... 2013-11-01 12:38:38 -04:00
Adam Ierymenko
17778a36ba Clean up secure random, add packet definitions for update distribution facility. 2013-10-27 07:26:50 -04:00
Adam Ierymenko
942cc0ca21 Certificate of membership works now... had to fix multicast propagation so COM is pushed with multicast, which makes tremendous sense in retrospect. 2013-10-25 14:51:55 -04:00