Grant Limberg
0ae09577f6
Client & Central Controller updates to support additonal OIDC features ( #1848 )
...
Client side:
* Fix compatibility with OneLogin
* Requested scopes vary by OIDC provider. Different providers have different
Controller side:
*Update Postgres queries to latest Central schema
* Added Central Controller support for the different providers
* Base OIDC provider details are still attached to an org. Client ID & group/email lists are now associated with individual networks.
2023-01-19 15:39:15 -08:00
Brenton Bostick
f74a594e98
fix typos in comments and strings
2022-11-28 09:23:45 -05:00
Adam Ierymenko
a4e8847664
Restore sending of rejections but move it exclusively to a thread, widen netconf window to 30 minutes.
2022-04-19 10:37:58 -04:00
Adam Ierymenko
55a99f34d0
Tighten certificate window and deprecate sending of revocations for ordinary SSO timeouts. Revocations should only be for deliberate deauth to kick people off networks. Cert window should now stay within refresh window for SSO so normal cert expiration should handle it just fine.
2022-04-15 14:23:26 -04:00
Grant Limberg
7cce23ae79
wip
2021-12-01 10:44:29 -08:00
Grant Limberg
fa21fdc1cc
rename stuff for clarity
...
authenticationURL will still be used by the client for v1 and v2 of sso
2021-11-11 16:19:26 -08:00
Grant Limberg
4d021e16a5
update field lengths
2021-11-08 09:30:13 -08:00
Grant Limberg
8d39c9a861
plumbing full flow from controller -> client network
2021-11-04 15:40:08 -07:00
Grant Limberg
364ad87e2b
add ssoEnabled flag to network config
2021-06-05 13:44:45 -07:00
Adam Ierymenko
98722ed7ea
Increase URL buffer sizes
2021-06-04 18:52:10 -04:00
Adam Ierymenko
1dfe909bab
Increase authentication URL sizes.
2021-06-04 16:46:56 -04:00
Adam Ierymenko
b270d527f4
Basic plumbing for authentication requirement and piping through of URL information.
2021-05-24 22:58:17 -04:00
Adam Ierymenko
06730c7d1d
BSL date bump
2020-08-20 12:51:39 -07:00
Grant Limberg
c0c215c83c
single dns config per network
2020-08-12 13:08:47 -07:00
Grant Limberg
387039456d
Pass 1 at adding DNS to controller
2020-07-20 14:34:19 -07:00
Grant Limberg
ee91c81799
Initialize C arrays to NULL in NetworkConfig() constructor
2020-05-19 17:40:51 -07:00
Adam Ierymenko
52a166a71f
Relicense: GPLv3 -> ZeroTier BSL 1.1
2019-08-23 09:23:39 -07:00
Joseph Henry
6958ba9557
Added ZT_DISABLE_COMPRESSION build flag for SDK and low-end NAS builds
2019-07-23 12:39:07 -07:00
Joseph Henry
90d324ae96
Fixed ZT_SDK build issue. Moved ZT_SDK preprocessor directives to more permanent homes
2019-05-17 10:15:40 -07:00
Adam Ierymenko
678116b6d1
One more.
2019-03-25 12:36:54 -07:00
Adam Ierymenko
2966eac64f
Get rid of ZT_FAST_MEMCPY because this is not really needed.
2019-03-22 15:50:15 -07:00
Joseph Henry
0e597191b8
Updated licenses for 2019
2019-01-14 10:25:53 -08:00
Joseph Henry
9681fedbb4
Spellcheck sweep across codebase
2018-06-07 17:25:27 -07:00
Adam Ierymenko
f7019d9e80
Tie up the rest of hub and spoke designated replicator multicast mode.
2018-01-26 22:14:10 -05:00
Adam Ierymenko
d3d58ba8a7
Add support for designated multicast replicators to Multicaster::send().
2018-01-26 21:19:51 -05:00
Adam Ierymenko
f03fd57997
Clean up some multicast code.
2018-01-26 20:38:44 -05:00
Adam Ierymenko
384e5b66de
More work on GitHub issue #666
2018-01-25 14:16:07 -05:00
Adam Ierymenko
4419734a7d
Implement continuous contacting of designated anchors and multicast replicators - GitHub issue #666
2018-01-25 07:11:59 -05:00
Adam Ierymenko
f821db29f3
.
2018-01-24 17:12:53 -05:00
Adam Ierymenko
6c64f1816d
cleanup
2018-01-24 16:16:00 -05:00
Adam Ierymenko
34e2ad0dfc
Stub out NetworkConfig for GitHub issue #666
2018-01-24 14:43:04 -05:00
Adam Ierymenko
07cb62a503
cleanup
2018-01-09 11:41:26 -08:00
Adam Ierymenko
65c07afe05
Copyright updates for 2018.
2018-01-08 14:33:28 -08:00
Adam Ierymenko
0608704626
Some micro-optimizations, including a memcpy that is faster than Linux for most distro/compiler versions.
2017-12-15 11:03:20 -08:00
Adam Ierymenko
16613ab5fb
Clean up remote tracing code, add per-network remote trace settings, add remote trace level, and make local trace output readable again.
2017-12-04 14:40:10 -08:00
Grant Limberg
099bedd2e9
A few more uint64_t -> int64_t changes for timestamps
2017-10-04 12:01:17 -07:00
Adam Ierymenko
1685659e37
Remote tracing works.
2017-07-17 17:02:50 -07:00
Adam Ierymenko
b9e1d53d7a
Minor cleanup.
2017-07-17 14:21:09 -07:00
Adam Ierymenko
dab0fb9e05
Remote trace: plumbing, replace old TRACE with calls to Trace object.
2017-07-07 16:58:05 -07:00
Adam Ierymenko
107e3e4106
First pass of configurable MTU and max MTU increase.
2017-05-04 17:12:02 -07:00
Adam Ierymenko
1b68d6dbdc
License header update.
2017-04-27 20:47:25 -07:00
Adam Ierymenko
10185e92fa
Certificate of ownership -- used to secure against IP address spoofing, especially for IPv4 and regular IPv6.
2017-02-23 11:47:36 -08:00
Adam Ierymenko
0b3b994241
Relay policy can now be computed.
2017-01-27 14:05:09 -08:00
Adam Ierymenko
cc4bacc199
Cleanup, and implement compression disable flag for networks.
2016-09-27 12:22:25 -07:00
Adam Ierymenko
68e549233d
Revise bearer token code in controller, and add relay policy as a meta-data item presented to controller by nodes (to facilitate future meshiness).
2016-09-15 13:17:37 -07:00
Adam Ierymenko
ef87069957
Fix gating of multicast GATHER replies since these can come from upstream, etc., and fix an issue with sending ECHO to recheck marginal paths.
2016-09-09 09:32:00 -07:00
Adam Ierymenko
c9ee8612e4
Credential TTL (tags/capabilities) should be credential time max delta, since we could get pushed one that is newer.
2016-09-07 12:12:52 -07:00
Adam Ierymenko
8b6d23b9f6
Optimize filter code a bit, and add a network-level setting for what should happen if an unsupported or unknown MATCH is encountered in a rules table.
2016-09-01 12:07:17 -07:00
Adam Ierymenko
ded5a53a6c
Documentation updates, add rules engine revision to network config request meta-data.
2016-08-26 10:38:43 -07:00
Adam Ierymenko
0a7a33ef8f
Instantaneous blacklisting and credential revocation.
2016-08-23 13:46:36 -07:00