diff options
| author | Grant Limberg <glimberg@gmail.com> | 2016-07-14 19:29:10 -0700 |
|---|---|---|
| committer | Grant Limberg <glimberg@gmail.com> | 2016-07-14 19:29:10 -0700 |
| commit | 2afe3d89d00c0336db3e293d2e9dbd8d0e0083e7 (patch) | |
| tree | f07d029f5a76ac3cbea1ac92491e2cfa59391572 /include | |
| parent | 8a15b42dabbacd522bfc7c2042591fa71692136c (diff) | |
| parent | bdc3b0834bb8abc621ee6dbc9a92769b57376bee (diff) | |
| download | infinitytier-2afe3d89d00c0336db3e293d2e9dbd8d0e0083e7.tar.gz infinitytier-2afe3d89d00c0336db3e293d2e9dbd8d0e0083e7.zip | |
Merge branch 'master' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne
Diffstat (limited to 'include')
| -rw-r--r-- | include/ZeroTierOne.h | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/include/ZeroTierOne.h b/include/ZeroTierOne.h index d46c64b8..2d7b007b 100644 --- a/include/ZeroTierOne.h +++ b/include/ZeroTierOne.h @@ -117,6 +117,11 @@ extern "C" { #define ZT_MAX_PEER_NETWORK_PATHS 4 /** + * Maximum number of trusted physical network paths + */ +#define ZT_MAX_TRUSTED_PATHS 16 + +/** * Maximum number of hops in a ZeroTier circuit test * * This is more or less the max that can be fit in a given packet (with @@ -888,6 +893,11 @@ typedef struct uint64_t lastReceive; /** + * Is this a trusted path? If so this will be its nonzero ID. + */ + uint64_t trustedPathId; + + /** * Is path active? */ int active; @@ -1838,6 +1848,29 @@ void ZT_Node_clusterHandleIncomingMessage(ZT_Node *node,const void *msg,unsigned void ZT_Node_clusterStatus(ZT_Node *node,ZT_ClusterStatus *cs); /** + * Set trusted paths + * + * A trusted path is a physical network (network/bits) over which both + * encryption and authentication can be skipped to improve performance. + * Each trusted path must have a non-zero unique ID that is the same across + * all participating nodes. + * + * We don't recommend using trusted paths at all unless you really *need* + * near-bare-metal performance. Even on a LAN authentication and encryption + * are never a bad thing, and anything that introduces an "escape hatch" + * for encryption should be treated with the utmost care. + * + * Calling with NULL pointers for networks and ids and a count of zero clears + * all trusted paths. + * + * @param node Node instance + * @param networks Array of [count] networks + * @param ids Array of [count] corresponding non-zero path IDs (zero path IDs are ignored) + * @param count Number of trusted paths-- values greater than ZT_MAX_TRUSTED_PATHS are clipped + */ +void ZT_Node_setTrustedPaths(ZT_Node *node,const struct sockaddr_storage *networks,const uint64_t *ids,unsigned int count); + +/** * Do things in the background until Node dies * * This function can be called from one or more background threads to process |