|
|
a109d341ef
|
Send timestamp with new circuit test response.
|
2017-03-02 14:35:38 -08:00 |
|
|
|
a577b8d381
|
Update how controller handles circuit tests -- save results to filesystem.
|
2017-03-01 16:33:34 -08:00 |
|
|
|
2b10a982e9
|
Match on tag sender equals or tag recipient equals.
|
2017-02-28 09:22:10 -08:00 |
|
|
|
10185e92fa
|
Certificate of ownership -- used to secure against IP address spoofing, especially for IPv4 and regular IPv6.
|
2017-02-23 11:47:36 -08:00 |
|
|
|
54fa73844c
|
Fix crash.
|
2017-02-21 13:48:29 -08:00 |
|
|
|
32f5a0ab18
|
Add default tag values and default set capabilities for new members.
|
2017-02-21 13:27:20 -08:00 |
|
|
|
672f17c6e9
|
Add a mask and value range to the IP tos rule field. This allows TOS to be matched more usefully. This will break anyone using tos in the beta, but nobody seems to be and its pre-release so now is the time.
|
2017-02-07 09:33:39 -08:00 |
|
|
|
ac3e883c05
|
One more place to add "break".
|
2017-02-06 14:07:30 -08:00 |
|
|
|
31db768e4d
|
A bit of code cleanup.
|
2017-02-04 00:23:31 -08:00 |
|
|
|
a064e19b8a
|
Refactor some JSON stuff for performance, and fix a build error.
|
2017-01-10 13:51:10 -08:00 |
|
|
|
bf2b9e3692
|
Auto-authorize new members on public networks properly.
|
2016-12-22 18:52:34 -08:00 |
|
|
|
0d066e3b08
|
Fix JSON parse bug in REDIRECT target.
|
2016-12-22 18:26:43 -08:00 |
|
|
|
fe530548bb
|
Fix MATCH_RANDOM in controller.
|
2016-12-22 16:57:45 -08:00 |
|
|
|
a54c2b438c
|
Basic support for streaming of changes via stdout from controller.
|
2016-12-15 15:08:47 -08:00 |
|
|
|
ccdd4ffda7
|
Move split() to OSUtils since it is not used in core.
|
2016-11-18 15:49:28 -08:00 |
|
|
|
25f9c294dc
|
Small bug fix and warning removal.
|
2016-11-18 13:01:45 -08:00 |
|
|
|
07b2a3818c
|
Fix TTL scaling in cert.
|
2016-11-15 14:26:05 -08:00 |
|
|
|
15c6e2ec70
|
Fix member deauthorization time threshold bug.
|
2016-11-15 14:06:25 -08:00 |
|
|
|
e26bee45fb
|
Multithreading in network controller. Threads are only started if controller is used.
|
2016-11-10 13:57:01 -08:00 |
|
|
|
1b10d3413a
|
Use circuit breaker only for requests.
|
2016-11-10 13:08:43 -08:00 |
|
|
|
f0fcd222a1
|
Actually push updates when things change.
|
2016-11-10 12:54:43 -08:00 |
|
|
|
298e4a9f14
|
Also avoid sending tags and caps to old members since there is no point.
|
2016-11-10 12:33:09 -08:00 |
|
|
|
226123ca08
|
Refactor controller to permit sending of pushes as well as just replies to config requests.
|
2016-11-10 11:54:47 -08:00 |
|
|
|
5ebf5077f5
|
Log last meta-data in controller, and ease up just a bit on keepalives.
|
2016-11-09 17:11:10 -08:00 |
|
|
|
1ebfca666d
|
Memo-ize some computed stuff to control CPU utilization.
|
2016-11-09 12:34:20 -08:00 |
|
|
|
3d948a930e
|
Send a blanket rule to old versions. New versions will still bidirecitonally enforce on the inbound side.
|
2016-11-08 14:24:30 -08:00 |
|
|
|
4524899e4d
|
Update LM time on members on request.
|
2016-11-08 12:41:27 -08:00 |
|
|
|
360c84e035
|
Minor fixes.
|
2016-11-08 00:05:18 +00:00 |
|
|
|
4868d21526
|
Bug fixes in controller refactor.
|
2016-11-07 23:49:03 +00:00 |
|
|
|
a78d7311a6
|
Fix network list API call.
|
2016-11-04 16:23:41 -07:00 |
|
|
|
08ff666e99
|
.
|
2016-11-04 16:14:58 -07:00 |
|
|
|
0d108d37f6
|
.
|
2016-11-04 16:12:44 -07:00 |
|
|
|
b03c7b2f30
|
Refactor controller to use split-out DB for better performance and less ugly.
|
2016-11-04 15:18:31 -07:00 |
|
|
|
8ffae313fd
|
add new files & remove old ones from VS project. Now builds & runs on Windows again
|
2016-11-03 12:10:50 -07:00 |
|
|
|
2cb760e0ac
|
Fix ICMP json.
|
2016-10-13 14:14:46 -07:00 |
|
|
|
2d6a4e5974
|
cleanup
|
2016-10-13 13:52:45 -07:00 |
|
|
|
e53f63ca87
|
Broke down and added an OR to the rules engine. It is now possible to have a series of MATCHes that are ORed.
|
2016-10-11 12:00:16 -07:00 |
|
|
|
45c4ccb153
|
Add a tags both equal match.
|
2016-10-05 16:38:42 -07:00 |
|
|
|
adeb7e7da0
|
Make capability flags match more user-friendly and appropriate since "match any flag" is generally what we want.
|
2016-10-05 12:54:46 -07:00 |
|
|
|
988049f39b
|
Add new rule to rules engine: random match.
|
2016-09-30 14:07:00 -07:00 |
|
|
|
f0794e09b7
|
Controller cleanup.
|
2016-09-30 13:04:26 -07:00 |
|
|
|
1eeebba2f7
|
Drop old /active path from network.
|
2016-09-29 17:59:27 -07:00 |
|
|
|
2fc3d12fb6
|
Minor tweaks to member code in controller, and fix Linux build.
|
2016-09-29 14:48:39 -07:00 |
|
|
|
7e4b6b594b
|
It now builds.
|
2016-09-26 17:05:39 -07:00 |
|
|
|
1f74dd4589
|
Revocation work in progress, add WATCH which is TEE with implicit rate sync (thanks JG@DCVC!), and clean up some cruft in Network.
|
2016-09-23 16:08:38 -07:00 |
|
|
|
68e549233d
|
Revise bearer token code in controller, and add relay policy as a meta-data item presented to controller by nodes (to facilitate future meshiness).
|
2016-09-15 13:17:37 -07:00 |
|
|
|
ab9afbc749
|
(1) Public networks now get COMs even though they do not gate with them since they will need them to push auth for multicast stuff, (2) added a bunch of rate limit circuit breakers for anti-DOS, (3) cleanup.
|
2016-09-09 11:36:10 -07:00 |
|
|
|
0d4109a9f1
|
More refactoring to clean up code, and add a gate function to make sure we do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions.
|
2016-09-09 08:43:58 -07:00 |
|
|
|
c9ee8612e4
|
Credential TTL (tags/capabilities) should be credential time max delta, since we could get pushed one that is newer.
|
2016-09-07 12:12:52 -07:00 |
|
|
|
74afef8eb1
|
Think through and refine a few things in rules, especially edge case TEE and REDIRECT behavior and semantics.
|
2016-08-31 16:50:22 -07:00 |
|
