ZeroTierOne

mirror of https://github.com/zerotier/ZeroTierOne.git synced 2024-12-25 23:51:06 +00:00

Author	SHA1	Message	Date
Grant Limberg	64b7f8e445	quiet down logs more	2022-06-15 16:58:11 -07:00
Adam Ierymenko	ef08346a74	Fix a possible excessive memory use issue in controller and clean up a bunch of COM handling and other code in the normal node.	2022-04-19 19:59:54 -04:00
Adam Ierymenko	912036b260	Push credentials always if updated (client-side) and some controller-side cleanup that should be logically irrelevant but will prevent unnecessary DB lookups.	2022-04-19 12:41:38 -04:00
Adam Ierymenko	a4e8847664	Restore sending of rejections but move it exclusively to a thread, widen netconf window to 30 minutes.	2022-04-19 10:37:58 -04:00
Adam Ierymenko	c492bf7eea	Forgot to send error on v0 auth expiry.	2022-04-18 16:36:09 -04:00
Adam Ierymenko	cb086ff97f	Simplify SSO logic. SSO should just normally expire when it expires. No full deauth needed. Deauth is for really giving someone the boot.	2022-04-18 16:32:05 -04:00
Adam Ierymenko	55a99f34d0	Tighten certificate window and deprecate sending of revocations for ordinary SSO timeouts. Revocations should only be for deliberate deauth to kick people off networks. Cert window should now stay within refresh window for SSO so normal cert expiration should handle it just fine.	2022-04-15 14:23:26 -04:00
Adam Ierymenko	58119598ae	comment out some new deauth code	2022-04-13 23:10:11 -04:00
Adam Ierymenko	42a2afaef9	This may improve controller behavior with SSO and mixed SSO, needs testing!	2022-04-13 21:39:56 -04:00
Grant Limberg	b3fbbd3124	refresh tokens now working Still investigating the best way to do a couple things, but we have something working	2021-12-07 16:29:50 -08:00
Grant Limberg	7cce23ae79	wip	2021-12-01 10:44:29 -08:00
Grant Limberg	a33d7c64fe	more fixin	2021-11-30 17:27:13 -08:00
Grant Limberg	fa21fdc1cc	rename stuff for clarity authenticationURL will still be used by the client for v1 and v2 of sso	2021-11-11 16:19:26 -08:00
Grant Limberg	43433cdb5a	integrate rust build of zeroidc to linux	2021-11-04 17:16:23 -07:00
Grant Limberg	8d39c9a861	plumbing full flow from controller -> client network	2021-11-04 15:40:08 -07:00
Adam Ierymenko	134d33c218	Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring.	2021-09-20 15:40:55 -07:00
Grant Limberg	20721491e8	kill some noisy logs	2021-08-19 13:03:56 -07:00
Grant Limberg	9eae444104	kill some verbose logs	2021-08-19 09:21:52 -07:00
Adam Ierymenko	576b4f03a5	Adjust deauth time window and send revocation when SSO members expire.	2021-08-18 12:17:40 -04:00
Adam Ierymenko	461810b06a	Move return so record gets created before URL.	2021-08-10 11:22:29 -04:00
Grant Limberg	613d7b5ece	fix backwards logic	2021-08-04 09:16:04 -07:00
Adam Ierymenko	663e748b8d	Deauth expiring members right away.	2021-07-26 23:45:18 -04:00
Adam Ierymenko	0cf62d334d	Remove pointless check.	2021-07-26 13:38:35 -04:00
Adam Ierymenko	0310bfa3e3	Include authentication URL in config	2021-07-23 19:17:42 -04:00
Adam Ierymenko	efe0e8aa7b	Notification of about-to-expire status... almost there.	2021-07-23 19:05:59 -04:00
Adam Ierymenko	5c7e51feaf	Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev	2021-07-23 18:49:05 -04:00
Adam Ierymenko	34de579c91	Handling of soon-to-expire members	2021-07-23 18:49:00 -04:00
Grant Limberg	10215af96d	whoops	2021-07-06 13:18:08 -07:00
Grant Limberg	e67fee0264	debug logging	2021-07-06 13:08:21 -07:00
Grant Limberg	364ad87e2b	add ssoEnabled flag to network config	2021-06-05 13:44:45 -07:00
Grant Limberg	e6b4fb5af7	add "ssoRedirectURL" to local.conf plumbed it through to the central controller code	2021-06-04 16:29:03 -07:00
Adam Ierymenko	1dfe909bab	Increase authentication URL sizes.	2021-06-04 16:46:56 -04:00
Grant Limberg	74a678c1e1	chicken or egg problem. member must exist in the database before we can generate a nonce & SSO URL	2021-06-04 12:49:26 -07:00
Grant Limberg	f27d193cf6	.	2021-06-04 11:56:12 -07:00
Grant Limberg	7ca2ecb421	put expiry time back on nc object	2021-06-04 11:39:52 -07:00
Grant Limberg	0702e581a1	remove some noisy log lines & fix a query error	2021-06-04 11:06:54 -07:00
Grant Limberg	c78792a705	moar temporary debug printfs	2021-06-04 11:00:51 -07:00
Grant Limberg	287c19e822	move this outside the auth block. If SSO is enabled, it should be checked whether authorized or not	2021-06-04 09:46:31 -07:00
Grant Limberg	4f521baafd	Big SSO update make things hopefully work	2021-06-03 14:38:26 -07:00
Grant Limberg	fc6d90a04a	set the correct default	2021-06-02 14:27:58 -07:00
Grant Limberg	d2f1d05a06	handle cases where authenticationURL and authenticationExpiryTime don't exist	2021-06-02 13:46:43 -07:00
Adam Ierymenko	c470c6255e	Postgres code for SSO (almost certainly needs work)	2021-05-28 17:08:24 -04:00
Adam Ierymenko	6b3a7ec827	Fix a few things...	2021-05-25 14:40:40 -04:00
Adam Ierymenko	1ce71f9dc0	Build fix.	2021-05-25 13:05:06 -04:00
Adam Ierymenko	18508b5a2e	Build fix.	2021-05-25 13:04:14 -04:00
Adam Ierymenko	621898f3c5	Forgot to set auth info in NetworkConfig.	2021-05-25 13:02:06 -04:00
Adam Ierymenko	2c1d7f3dcc	CLI printing of URL.	2021-05-25 12:58:33 -04:00
Adam Ierymenko	b270d527f4	Basic plumbing for authentication requirement and piping through of URL information.	2021-05-24 22:58:17 -04:00
Adam Ierymenko	d64c5a92c6	Merge pull request #1233 from dosuperuser/improvement/optimizations Minor C++ optimizations	2020-11-24 19:24:36 -05:00
Grant Limberg	ff23d3051f	self hosted controller JSON format fix for DNS	2020-09-23 12:16:23 -07:00

1 2 3 4 5

239 Commits