0bdd56ebd6
A few revisions to PFS design.
2015-05-15 09:04:39 -07:00
e94518590d
First stab of PFS design work with PKC security -- may not implement in 1.0.3 but stubbing out.
2015-05-14 17:41:05 -07:00
a8835cd8b3
Some prep work to make room for perfect forward security (PFS). Will not affect existing clients.
2015-05-13 18:53:37 -07:00
e922324bc6
Stop inlining all the Packet armor/dearmor stuff to reduce binary bloat. This stuff is called all over the place.
2015-05-04 18:39:53 -07:00
49f031ccb4
Tons of refactoring, change to desperation algorithm to use max of core or link, porting over core loop code from old Node.cpp to new CAPI version, etc.
2015-04-07 19:31:11 -07:00
a2821e9000
Add code to check external surface against reported surface from other trusted peers, and also rename ExternalSurface to SelfAwareness because lulz.
2015-04-06 20:17:21 -07:00
6eb9289367
Bunch more cleanup, improvements to NAT traversal logic, finished updating Switch.
2015-04-03 16:52:53 -07:00
1f28ce3980
Tons more refactoring: simplify Network, move explicit management of Tap out, redo COM serialization, etc.
2015-04-01 19:09:18 -07:00
93012b0ee5
Re-incorporation: ZeroTier Networks -> ZeroTier, Inc. [Delaware]
2015-02-17 13:11:34 -08:00
89f0c948f8
Physical address change message verb.
2015-02-04 11:59:02 -08:00
64ba596e0b
C++ network config master ready to test.
2015-01-08 14:27:55 -08:00
4e95384ad6
Cleanup, add tristate to config code in Network, and happy new year!
2015-01-05 17:47:59 -08:00
96e9a90e8e
docs
2015-01-05 16:19:56 -08:00
87c599df5c
Back out service message type -- YAGNI violation.
2015-01-05 15:52:02 -08:00
56cfe1d603
Strip out old Service code, add new service message type.
2015-01-05 11:47:22 -08:00
5484cf4309
More cleanup, and fix a bug in Multicaster::gather()
2014-10-29 16:24:19 -07:00
5bb854e504
Fix a nasty bug introduced in packet fragmentation a while back during refactoring, and a few other things related to multicast.
2014-10-28 17:25:34 -07:00
4941c8a1f3
New multicast bug fixes, TRACE improvements, and temporarily disable legacy multicast for debugging purposes.
2014-10-09 17:58:31 -07:00
d5e0f7e3e4
Reorg multicast packet, and a whole bunch of refactoring around the pushing of certificates of membership.
2014-10-09 12:42:25 -07:00
87f1b1b1e3
Bug fix in new multicast frame handler, handling of old "P5" multicast frames in new way.
2014-10-06 13:16:16 -07:00
1109046782
Last steps before test: parse OK(MULTICAST_GATHER) and OK(MULTICAST_FRAME)
2014-10-02 13:50:37 -07:00
dee86e2448
But since we are now using middle 3 bits we can assign sane values for the cipher suite enum.
2014-10-02 11:13:53 -07:00
17da733f97
Gotta support old encrypted flag, move cipher spec to middle 3 bits... due to some shortsighted design early-on. In the future this can die once there are no old peers.
2014-10-02 11:08:59 -07:00
23836d4c11
Change "encrypted" flag to full cipher suite selector. Go ahead and reserve AES256-GCM which might be added in the future.
2014-10-02 10:54:34 -07:00
e53d208ea4
Improve security posture by eliminating non-const data() accessor from Buffer.
2014-10-02 10:06:29 -07:00
b41437780b
Add origin to new MULTICAST_FRAME, move security check for certs into Network to remove redundant code and bug-proneness, more work on IncomingPacket...
2014-09-30 17:26:34 -07:00
2659427864
Multicaster needs to be global, not per-network, and a bunch of other stuff.
2014-09-30 16:28:25 -07:00
8607aa7c3c
Everything in for new multicast except IncomingPacket parsing...
2014-09-30 08:38:03 -07:00
ed0ba49502
A few more revisions to new multicast verbs.
2014-09-26 14:18:25 -07:00
9e186bbd89
.
2014-09-25 15:57:43 -07:00
431476e2e4
Some more multicast algo work...
2014-09-24 13:45:58 -07:00
954f9cbc13
Yet more WIP on mulitcast algo...
2014-09-22 13:18:24 -07:00
d9abd4d9be
Work on defining new direct broadcast multicast algorithm.
2014-09-18 18:28:14 -07:00
9b93141dd0
Upgrade LZ4 to latest version.
2014-07-30 15:34:15 -07:00
aead1050fb
Bridging (GitHub issue #68 ) does indeed work! Just needed to fix a packet size thinko.
2014-06-21 12:29:33 -04:00
6e485833ef
.
2014-06-21 12:25:10 -04:00
d6a4f8d77b
Add flags to EXT_FRAME for better future proofness.
2014-06-12 11:40:30 -07:00
c30f9832b0
Packet decoder work for EXT_FRAME for bridging - GitHub issue #68
2014-06-10 21:41:34 -07:00
fb31f93c52
Protocol messages for bridging. GitHub issue #68
2014-06-10 15:25:15 -07:00
aee742e767
More toward GitHub issue #56
2014-04-10 16:30:15 -07:00
b5c3a92be2
Boring stuff: update dates in copyrights across all files.
2014-02-16 12:40:22 -08:00
8b65b3e6d7
Yank PROBE stuff since it's not used and was a premature addition to the protocol.
2014-01-28 10:41:43 -08:00
07f505971c
Windows build fixes.
2014-01-17 17:09:59 -08:00
10df5dcf70
Fix several things:
...
(1) The changes to path learning in the two previous releases were poorly thought out,
and this version should remedy that by introducing PROBE. This is basically a kind of
ECHO request and is used to authenticate endpoints that are not learned via a valid
request/response pair. Thus we will still passively learn endpoints, but securely.
(2) Turns out there was a security oversight in _doHELLO() that could have permitted...
well... I'm not sure it was exploitable to do anything particularly interesting since
a bad identity would be discarded anyway, but fix it just the same.
2013-12-31 11:03:45 -08:00
612c17240a
Dead code removal, fix for cleanup GitHub issue #28
2013-12-06 16:49:20 -08:00
f5d397e8c8
Pull in-band file transfer stuff. Toyed around with that idea, but it seems that updates for some platforms are big enough and there are enough reliability concerns that just using TCP/HTTP is safer and easier.
2013-12-04 10:45:15 -08:00
9fdec3acfc
More updater work... coming along.
2013-11-05 17:08:29 -05:00
6c63bfce69
File transfer work, add identities for validation of updates.
2013-11-04 17:31:00 -05:00
ae138566a9
Updater code, work in progress...
2013-11-01 12:38:38 -04:00
17778a36ba
Clean up secure random, add packet definitions for update distribution facility.
2013-10-27 07:26:50 -04:00
