17da733f97
Gotta support old encrypted flag, move cipher spec to middle 3 bits... due to some shortsighted design early-on. In the future this can die once there are no old peers.
12 years ago
23836d4c11
Change "encrypted" flag to full cipher suite selector. Go ahead and reserve AES256-GCM which might be added in the future.
12 years ago
e53d208ea4
Improve security posture by eliminating non-const data() accessor from Buffer.
12 years ago
b41437780b
Add origin to new MULTICAST_FRAME, move security check for certs into Network to remove redundant code and bug-proneness, more work on IncomingPacket...
12 years ago
2659427864
Multicaster needs to be global, not per-network, and a bunch of other stuff.
12 years ago
8607aa7c3c
Everything in for new multicast except IncomingPacket parsing...
12 years ago
ed0ba49502
A few more revisions to new multicast verbs.
12 years ago
9e186bbd89
.
12 years ago
431476e2e4
Some more multicast algo work...
12 years ago
954f9cbc13
Yet more WIP on mulitcast algo...
12 years ago
d9abd4d9be
Work on defining new direct broadcast multicast algorithm.
12 years ago
9b93141dd0
Upgrade LZ4 to latest version.
12 years ago
aead1050fb
Bridging (GitHub issue #68 ) does indeed work! Just needed to fix a packet size thinko.
12 years ago
6e485833ef
.
12 years ago
d6a4f8d77b
Add flags to EXT_FRAME for better future proofness.
12 years ago
c30f9832b0
Packet decoder work for EXT_FRAME for bridging - GitHub issue #68
12 years ago
fb31f93c52
Protocol messages for bridging. GitHub issue #68
12 years ago
aee742e767
More toward GitHub issue #56
12 years ago
b5c3a92be2
Boring stuff: update dates in copyrights across all files.
12 years ago
8b65b3e6d7
Yank PROBE stuff since it's not used and was a premature addition to the protocol.
12 years ago
07f505971c
Windows build fixes.
12 years ago
10df5dcf70
Fix several things:
...
(1) The changes to path learning in the two previous releases were poorly thought out,
and this version should remedy that by introducing PROBE. This is basically a kind of
ECHO request and is used to authenticate endpoints that are not learned via a valid
request/response pair. Thus we will still passively learn endpoints, but securely.
(2) Turns out there was a security oversight in _doHELLO() that could have permitted...
well... I'm not sure it was exploitable to do anything particularly interesting since
a bad identity would be discarded anyway, but fix it just the same.
12 years ago
612c17240a
Dead code removal, fix for cleanup GitHub issue #28
12 years ago
f5d397e8c8
Pull in-band file transfer stuff. Toyed around with that idea, but it seems that updates for some platforms are big enough and there are enough reliability concerns that just using TCP/HTTP is safer and easier.
12 years ago
9fdec3acfc
More updater work... coming along.
13 years ago
6c63bfce69
File transfer work, add identities for validation of updates.
13 years ago
ae138566a9
Updater code, work in progress...
13 years ago
17778a36ba
Clean up secure random, add packet definitions for update distribution facility.
13 years ago
942cc0ca21
Certificate of membership works now... had to fix multicast propagation so COM is pushed with multicast, which makes tremendous sense in retrospect.
13 years ago
8c9b73f67b
Make Salsa20 variable-round, allowing for Salsa20/12 to be used for Packet encrypt and decrypt. Profiling analysis found that Salsa20 encrypt was accounting for a nontrivial percentage of CPU time, so it makes sense to cut this load fundamentally. There are no published attacks against Salsa20/12, and DJB believes 20 rounds to be overkill. This should be more than enough for our needs. Obviously incorporating ASM Salsa20 is among the next steps for performance.
13 years ago
ce14ba9004
Take the 0.6.0 opportunity to add flags to a few protocol verbs and do a bit more cleanup. Also fix it so certificates wont be accepted unless they are newer than existing ones.
13 years ago
7e7e28f5f7
Add support for pushing network config refresh hints from a MEMORY queue table. That ways it will be possible for network changes to take effect almost immediately across all active peers.
13 years ago
46f868bd4f
Lots of cleanup, more work on certificates, some security fixes.
13 years ago
4d594b24bc
Automagically push netconf certs -- Network support.
13 years ago
dcbc9c8ddd
Rename error code for no membership certificate.
13 years ago
4267e7da93
Remove a whole bunch of now-unnecessary cruft from Topology and PacketDecoder.
13 years ago
4ecb9369b5
Fix for multicast propagation -- supernodes must always keep propagating. Also fix mac-tap build on new version of Xcode CL tools. Must use old llvm-g++ instead of clang for i686 -mkernel.
13 years ago
0dca9964bf
Whew, it builds!
13 years ago
4e010da54b
Work in progress...
13 years ago
24bad9f3d1
More work in progress in new multicast propagation...
13 years ago
f3128a18fe
Work in progress...
13 years ago
5557a8192d
Work in progress...
13 years ago
770fbaf4b2
New multicast algorithm work in progress...
13 years ago
64c9c2e06b
New packet formats for MULTICAST_FRAME, and MULTICAST_GOT. Not implemented yet in decoder, so wont compile. Work in progress.
13 years ago
4c06fcfc9d
More include formatting cleanup.
13 years ago
ceb024ab03
Integrating new crypto, work still in progress...
13 years ago
f6ad138561
Bit more of adding version to OK(HELLO)
13 years ago
d87a1d6b99
Add version info to OK(HELLO) so both sides know their version info.
13 years ago
d6414c9ff7
Windows compiles! (w/Visual Studio 2012) That's about all it does, but it's a start.
13 years ago
bf5c07f79a
Scratch that... more work wiring up netconf. Got to handle OK.
13 years ago
Adam Ierymenko
Adam Ierymenko