summaryrefslogtreecommitdiff
path: root/node/IncomingPacket.cpp
AgeCommit message (Collapse)Author
2016-11-18Rate gate expensive validation of new identities in HELLO.Adam Ierymenko
2016-11-18Do packet MAC check before locallyValidate(), and add timing measurement in ↵Adam Ierymenko
selftest.
2016-11-17Add notion of upstream that is separate from root in Topology, etc.Adam Ierymenko
2016-11-10Refactor controller to permit sending of pushes as well as just replies to ↵Adam Ierymenko
config requests.
2016-10-13Remove unused POW code, will revisit later.Adam Ierymenko
2016-09-28TRACE verbosity increase on exceptions in NETWORK_CREDENTIALS.Adam Ierymenko
2016-09-27Send need credential error on more cases.Adam Ierymenko
2016-09-27Clusters can send multiple OKs so we must allow this.Adam Ierymenko
2016-09-27Simply network auth logic and always sent error on auth failure even for ↵Adam Ierymenko
unknown networks to prevent forensics.
2016-09-27Cleanup, and implement compression disable flag for networks.Adam Ierymenko
2016-09-27Refactored network config chunking to sign every chunk to prevent stupid DOS ↵Adam Ierymenko
attack potential, and implement network config fast propagate (though we probably will not use this for a bit).
2016-09-26It now builds.Adam Ierymenko
2016-09-26Bunch more refactoring and work on revocations, etc.Adam Ierymenko
2016-09-23Revocation work in progress, add WATCH which is TEE with implicit rate sync ↵Adam Ierymenko
(thanks JG@DCVC!), and clean up some cruft in Network.
2016-09-20Refactor COM stuff a bit, and respond to COM requests a bit more readily for ↵Adam Ierymenko
rapid setup. Will need to revisit later.
2016-09-13Implement relay policy, and setting multicast limit to 0 now disables ↵Adam Ierymenko
multicast on the network as would be expected.
2016-09-13Get rid of HELLO rate gate on path since its basically worthless. There are ↵Adam Ierymenko
65535 ports per IP.
2016-09-13Set trustEstablished in a few more places.Adam Ierymenko
2016-09-13Add a few more rate limit gates for anti-DOS hardening.Adam Ierymenko
2016-09-12Rate gate requests for COM.Adam Ierymenko
2016-09-09Set trust established flag in MULTICAST_GATHER.Adam Ierymenko
2016-09-09(1) Public networks now get COMs even though they do not gate with them ↵Adam Ierymenko
since they will need them to push auth for multicast stuff, (2) added a bunch of rate limit circuit breakers for anti-DOS, (3) cleanup.
2016-09-09Fix gating of multicast GATHER replies since these can come from upstream, ↵Adam Ierymenko
etc., and fix an issue with sending ECHO to recheck marginal paths.
2016-09-09More refactoring to clean up code, and add a gate function to make sure we ↵Adam Ierymenko
do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions.
2016-09-08Clean up handling of COMs, network access control, and fix a backward ↵Adam Ierymenko
compatiblity issue.
2016-09-07Turns out we do not need to pass network to receive().Adam Ierymenko
2016-09-07Refactor MULTICAST_LIKE pushing to eliminate redundant and unnecessary ↵Adam Ierymenko
pushes and simplify code.
2016-09-07Use ECHO instead of HELLO where possible.Adam Ierymenko
2016-09-07Bunch more path refactoring. Peers no longer forget paths, but do not ↵Adam Ierymenko
normally use expired paths. Expired paths might still be tried if nothing else is reachable.
2016-09-06(1) fix crazy bug introduced in doRENDEZVOUS(), (2) reclaim Paths after ↵Adam Ierymenko
paths[] condense, (3) fix an edge case around symmetric NAT and external IP change detection.
2016-09-02Cluster sub-optimal is in fact necessary...Adam Ierymenko
2016-09-02Tweaks to path handling...Adam Ierymenko
2016-09-02Rest of big Path canonicalization refactor.Adam Ierymenko
2016-08-31Think through and refine a few things in rules, especially edge case TEE and ↵Adam Ierymenko
REDIRECT behavior and semantics.
2016-08-29EXT_FRAME messages should always be accepted if we are the destination for a ↵Adam Ierymenko
matching TEE or REDIRECT rule.
2016-08-24Fix a missing receive().Adam Ierymenko
2016-08-24Set trust flag in network controllers if remote query is accepted to allow ↵Adam Ierymenko
NATed network controllers to better traverse.
2016-08-24Harden PUSH_DIRECT_PATHS and simplify things by only doing it on receive ↵Adam Ierymenko
when hops>0 and trust has been established.
2016-08-23Stub out USER_MESSAGE.Adam Ierymenko
2016-08-23Instantaneous blacklisting and credential revocation.Adam Ierymenko
2016-08-23Sign Dictionary in doNETWORK_CONFIG_REQUEST.Adam Ierymenko
2016-08-23Tidy up a few minor protocol things, improve documentation in Packet.hpp.Adam Ierymenko
2016-08-17Controller fixes...Adam Ierymenko
2016-08-10Rule parse fix.Adam Ierymenko
2016-08-09Minor bug fix and some instrumentation stuff for testing.Adam Ierymenko
2016-08-09More cleanup and removal of cruft due to obsolete network-specific relays ↵Adam Ierymenko
(will be replaced with federation stuff).
2016-08-09Minor cleanup.Adam Ierymenko
2016-08-09Put CONFIG_REFRESH back.Adam Ierymenko
2016-08-09Handling of multi-part chunked network configs on the inbound side.Adam Ierymenko
2016-08-09Chunking of network config replies.Adam Ierymenko
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-31 17:53:08 +0000