|  Adam Ierymenko | 226123ca08
							
							Refactor controller to permit sending of pushes as well as just replies to config requests. | 9 年之前 | 
				
					
						|  Adam Ierymenko | 9f550292fe
							
							Simply network auth logic and always sent error on auth failure even for unknown networks to prevent forensics. | 9 年之前 | 
				
					
						|  Adam Ierymenko | 15c07c58b6
							
							Refactored network config chunking to sign every chunk to prevent stupid DOS attack potential, and implement network config fast propagate (though we probably will not use this for a bit). | 9 年之前 | 
				
					
						|  Adam Ierymenko | eac3667ec1
							
							Bunch more refactoring and work on revocations, etc. | 9 年之前 | 
				
					
						|  Adam Ierymenko | 1f74dd4589
							
							Revocation work in progress, add WATCH which is TEE with implicit rate sync (thanks JG@DCVC!), and clean up some cruft in Network. | 9 年之前 | 
				
					
						|  Adam Ierymenko | d3524f3609
							
							Refactor COM stuff a bit, and respond to COM requests a bit more readily for rapid setup. Will need to revisit later. | 9 年之前 | 
				
					
						|  Adam Ierymenko | ab9afbc749
							
							(1) Public networks now get COMs even though they do not gate with them since they will need them to push auth for multicast stuff, (2) added a bunch of rate limit circuit breakers for anti-DOS, (3) cleanup. | 9 年之前 | 
				
					
						|  Adam Ierymenko | ef87069957
							
							Fix gating of multicast GATHER replies since these can come from upstream, etc., and fix an issue with sending ECHO to recheck marginal paths. | 9 年之前 | 
				
					
						|  Adam Ierymenko | 0d4109a9f1
							
							More refactoring to clean up code, and add a gate function to make sure we do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions. | 9 年之前 | 
				
					
						|  Adam Ierymenko | 16df2c3363
							
							Clean up handling of COMs, network access control, and fix a backward compatiblity issue. | 9 年之前 | 
				
					
						|  Adam Ierymenko | daf8a66ced
							
							More correct and efficient to initialize member relationship push stuff lazily when member is learned. | 9 年之前 | 
				
					
						|  Adam Ierymenko | 1908aa55f5
							
							Refactor MULTICAST_LIKE pushing to eliminate redundant and unnecessary pushes and simplify code. | 9 年之前 | 
				
					
						|  Adam Ierymenko | 74afef8eb1
							
							Think through and refine a few things in rules, especially edge case TEE and REDIRECT behavior and semantics. | 9 年之前 | 
				
					
						|  Adam Ierymenko | f0636ffd4a
							
							EXT_FRAME messages should always be accepted if we are the destination for a matching TEE or REDIRECT rule. | 9 年之前 | 
				
					
						|  Adam Ierymenko | 2cdda38dc4
							
							It basically works... at least on current controllers. | 9 年之前 | 
				
					
						|  Adam Ierymenko | ccea3d04d6
							
							Push NETWORK_CONFIG_REFRESH on POSTs to /member/... in controller. | 9 年之前 | 
				
					
						|  Adam Ierymenko | 0a7a33ef8f
							
							Instantaneous blacklisting and credential revocation. | 9 年之前 | 
				
					
						|  Adam Ierymenko | 4d498b3765
							
							Handling of multi-part chunked network configs on the inbound side. | 9 年之前 | 
				
					
						|  Adam Ierymenko | 00fd9c3a15
							
							It builds... almost ready to test some rules engine stuff. | 9 年之前 | 
				
					
						|  Adam Ierymenko | 8007ca56aa
							
							Refactor and tie-up of capabilities and tags and packet evaluation points. Some optimization is possible here but it is minor and we will make it work first. | 9 年之前 | 
				
					
						|  Adam Ierymenko | e2f783ebbd
							
							. | 9 年之前 | 
				
					
						|  Adam Ierymenko | 37d139177d
							
							Integrate Filter into OutboundMulticast properly. | 9 年之前 | 
				
					
						|  Adam Ierymenko | e09c1a1c11
							
							Big refactor mostly builds. We now have a uniform backward compatible netconf. | 9 年之前 | 
				
					
						|  Adam Ierymenko | 4446dbde5e
							
							Big refactor in service code to prep for plumbing through route management. | 9 年之前 | 
				
					
						|  Adam Ierymenko | 90e1262a8b
							
							More refactoring to remove old Dictionary dependencies. | 9 年之前 | 
				
					
						|  Adam Ierymenko | 2f18a92e20
							
							Cleanup in numerous places, reduce network chattiness around MULTICAST_LIKE, and fix a "how was that working" latent bug causing some control traffic to take the scenic route. | 9 年之前 | 
				
					
						|  Adam Ierymenko | 51fecc0be9
							
							Refactor Network for new NetworkConfig. | 9 年之前 | 
				
					
						|  Adam Ierymenko | 6f854c8391
							
							NetworkConfig refactor part 1 | 9 年之前 | 
				
					
						|  Adam Ierymenko | 4e4fd51117
							
							boring doc stuff | 9 年之前 | 
				
					
						|  Adam Ierymenko | 3883ac08c7
							
							Docs and cleanup. | 9 年之前 |