Adam Ierymenko
|
395d8b3139
|
Full and clearer implementation of GitHub issue #588
|
2017-10-24 13:33:53 -07:00 |
|
Grant Limberg
|
099bedd2e9
|
A few more uint64_t -> int64_t changes for timestamps
|
2017-10-04 12:01:17 -07:00 |
|
Adam Ierymenko
|
b9e1d53d7a
|
Minor cleanup.
|
2017-07-17 14:21:09 -07:00 |
|
Adam Ierymenko
|
1b68d6dbdc
|
License header update.
|
2017-04-27 20:47:25 -07:00 |
|
Adam Ierymenko
|
eddbc7e757
|
Logic simplification, cleanup, and memory use improvements in Membership. Also fix an issue that may cause network instability in some cases.
|
2017-04-04 08:07:38 -07:00 |
|
Adam Ierymenko
|
e4896b257f
|
Add thread PTR that gets passed through the entire ZT core call stack and then passed to handler functions resulting from a call.
|
2017-03-27 17:03:17 -07:00 |
|
Adam Ierymenko
|
010d0a7d56
|
Docs and a bit of cleanup. In particular ALL makes no sense for revocations because they have IDs. In that case you would just revoke the COM.
|
2017-03-13 06:53:23 -07:00 |
|
Adam Ierymenko
|
2b10a982e9
|
Match on tag sender equals or tag recipient equals.
|
2017-02-28 09:22:10 -08:00 |
|
Adam Ierymenko
|
10185e92fa
|
Certificate of ownership -- used to secure against IP address spoofing, especially for IPv4 and regular IPv6.
|
2017-02-23 11:47:36 -08:00 |
|
Adam Ierymenko
|
672f17c6e9
|
Add a mask and value range to the IP tos rule field. This allows TOS to be matched more usefully. This will break anyone using tos in the beta, but nobody seems to be and its pre-release so now is the time.
|
2017-02-07 09:33:39 -08:00 |
|
Adam Ierymenko
|
3587aa1ea7
|
Add and send certificates of representation to tell people what our valid upstreams are. These are not used yet but will be needed for future privacy modes, etc. Also some cleanup.
|
2017-02-04 13:17:00 -08:00 |
|
Adam Ierymenko
|
e53f63ca87
|
Broke down and added an OR to the rules engine. It is now possible to have a series of MATCHes that are ORed.
|
2016-10-11 12:00:16 -07:00 |
|
Adam Ierymenko
|
45c4ccb153
|
Add a tags both equal match.
|
2016-10-05 16:38:42 -07:00 |
|
Adam Ierymenko
|
adeb7e7da0
|
Make capability flags match more user-friendly and appropriate since "match any flag" is generally what we want.
|
2016-10-05 12:54:46 -07:00 |
|
Adam Ierymenko
|
988049f39b
|
Add new rule to rules engine: random match.
|
2016-09-30 14:07:00 -07:00 |
|
Adam Ierymenko
|
1f74dd4589
|
Revocation work in progress, add WATCH which is TEE with implicit rate sync (thanks JG@DCVC!), and clean up some cruft in Network.
|
2016-09-23 16:08:38 -07:00 |
|
Adam Ierymenko
|
74afef8eb1
|
Think through and refine a few things in rules, especially edge case TEE and REDIRECT behavior and semantics.
|
2016-08-31 16:50:22 -07:00 |
|
Adam Ierymenko
|
54489a7f61
|
rename SAMENESS to DIFFERENCE which is less confusing
|
2016-08-31 14:14:58 -07:00 |
|
Adam Ierymenko
|
8e3004591b
|
Add overlooked MATCH_ICMP to rule set.
|
2016-08-31 14:01:15 -07:00 |
|
Adam Ierymenko
|
6bd5aba4fa
|
fix frame size range bug
|
2016-08-26 13:26:26 -07:00 |
|
Adam Ierymenko
|
5eaf397a94
|
Add a debug log feature in the filter, which only works if enabled in Network.cpp.
|
2016-08-25 13:31:23 -07:00 |
|
Adam Ierymenko
|
8e3463d47a
|
Add length limit to TEE and REDIRECT, and completely factor out old C json-parser to eliminate a dependency.
|
2016-08-24 13:37:57 -07:00 |
|
Adam Ierymenko
|
9a3c652a51
|
Get rid of expiration in Capability and Tag and move this to NetworkConfig so it can be set network-wide and reset if needed. Also add NetworkConfig field for this and centralize checking of credential time validity.
|
2016-08-22 18:06:46 -07:00 |
|
Adam Ierymenko
|
b0d888d235
|
Signing of Capability and Tag objects.
|
2016-08-22 14:25:59 -07:00 |
|
Adam Ierymenko
|
d166b494ee
|
Rule parse fix.
|
2016-08-10 13:41:22 -07:00 |
|
Adam Ierymenko
|
2ba9343607
|
Encode and decode of tags and capabilities in NetworkConfig.
|
2016-08-09 08:32:42 -07:00 |
|
Adam Ierymenko
|
00fd9c3a15
|
It builds... almost ready to test some rules engine stuff.
|
2016-08-08 17:33:26 -07:00 |
|
Adam Ierymenko
|
e2f783ebbd
|
.
|
2016-08-05 15:02:01 -07:00 |
|
Adam Ierymenko
|
98152d974a
|
More cleanup and removal of DeferredPackets, will do the latter in a more elegant way.
|
2016-08-04 11:40:38 -07:00 |
|
Adam Ierymenko
|
f057bb63cd
|
More work on tags and capabilities.
|
2016-08-04 09:02:35 -07:00 |
|
Adam Ierymenko
|
7e6e56e2bc
|
Bunch of work on pushing and replication of tags and capabilities, and protocol cleanup.
|
2016-08-03 18:04:08 -07:00 |
|
Adam Ierymenko
|
67cb03742e
|
Add tag rules and split out rule serialize/deserialize so the code can be reused.
|
2016-08-03 14:12:38 -07:00 |
|
Adam Ierymenko
|
ecc1324bb0
|
Rules engine work: capability based security model with tags and capabilities, and some cleanup across other places.
|
2016-08-02 13:36:17 -07:00 |
|