Adam Ierymenko
|
ef08346a74
Fix a possible excessive memory use issue in controller and clean up a bunch of COM handling and other code in the normal node.
|
3 роки тому |
Adam Ierymenko
|
912036b260
Push credentials always if updated (client-side) and some controller-side cleanup that should be logically irrelevant but will prevent unnecessary DB lookups.
|
3 роки тому |
Adam Ierymenko
|
a4e8847664
Restore sending of rejections but move it exclusively to a thread, widen netconf window to 30 minutes.
|
3 роки тому |
Adam Ierymenko
|
c492bf7eea
Forgot to send error on v0 auth expiry.
|
3 роки тому |
Adam Ierymenko
|
cb086ff97f
Simplify SSO logic. SSO should just normally expire when it expires. No full deauth needed. Deauth is for really giving someone the boot.
|
3 роки тому |
Adam Ierymenko
|
55a99f34d0
Tighten certificate window and deprecate sending of revocations for ordinary SSO timeouts. Revocations should only be for deliberate deauth to kick people off networks. Cert window should now stay within refresh window for SSO so normal cert expiration should handle it just fine.
|
3 роки тому |
Adam Ierymenko
|
58119598ae
comment out some new deauth code
|
3 роки тому |
Adam Ierymenko
|
42a2afaef9
This may improve controller behavior with SSO and mixed SSO, needs testing!
|
3 роки тому |
Grant Limberg
|
b3fbbd3124
refresh tokens now working
|
3 роки тому |
Grant Limberg
|
7cce23ae79
wip
|
3 роки тому |
Grant Limberg
|
a33d7c64fe
more fixin
|
3 роки тому |
Grant Limberg
|
fa21fdc1cc
rename stuff for clarity
|
3 роки тому |
Grant Limberg
|
43433cdb5a
integrate rust build of zeroidc to linux
|
3 роки тому |
Grant Limberg
|
8d39c9a861
plumbing full flow from controller -> client network
|
3 роки тому |
Adam Ierymenko
|
134d33c218
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring.
|
3 роки тому |
Grant Limberg
|
20721491e8
kill some noisy logs
|
3 роки тому |
Grant Limberg
|
9eae444104
kill some verbose logs
|
3 роки тому |
Adam Ierymenko
|
576b4f03a5
Adjust deauth time window and send revocation when SSO members expire.
|
3 роки тому |
Adam Ierymenko
|
461810b06a
Move return so record gets created before URL.
|
4 роки тому |
Grant Limberg
|
613d7b5ece
fix backwards logic
|
4 роки тому |
Adam Ierymenko
|
663e748b8d
Deauth expiring members right away.
|
4 роки тому |
Adam Ierymenko
|
0cf62d334d
Remove pointless check.
|
4 роки тому |
Adam Ierymenko
|
0310bfa3e3
Include authentication URL in config
|
4 роки тому |
Adam Ierymenko
|
efe0e8aa7b
Notification of about-to-expire status... almost there.
|
4 роки тому |
Adam Ierymenko
|
5c7e51feaf
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev
|
4 роки тому |
Adam Ierymenko
|
34de579c91
Handling of soon-to-expire members
|
4 роки тому |
Grant Limberg
|
10215af96d
whoops
|
4 роки тому |
Grant Limberg
|
e67fee0264
debug logging
|
4 роки тому |
Grant Limberg
|
364ad87e2b
add ssoEnabled flag to network config
|
4 роки тому |
Grant Limberg
|
e6b4fb5af7
add "ssoRedirectURL" to local.conf
|
4 роки тому |