Arceliar
2c7b22db92
allow for multiple traffic types inside the session at the tuntap level, only implement typeSessionTraffic for now
2021-05-16 13:01:54 -05:00
Arceliar
dfca87ba80
start a reader to disard traffic if the tun is disabled
2021-05-15 16:44:56 -05:00
Arceliar
f61507238e
cleanup unused MTU code from tun keystore
2021-05-15 16:23:44 -05:00
Arceliar
5b00273dfc
move sessionfirewall into the tuntap. this needs testing. the name is also slightly wrong, since a crypto session can still be set up, packets are just accepted/rejected at the tun/tap level instead
2021-05-15 15:55:47 -05:00
Arceliar
7e10025ef0
get minimal admin socket working (introspection only, no ability to add peers etc)
2021-05-15 15:16:35 -05:00
Arceliar
85fae23919
remove TunnelRouting from config, remove Signing from key names
2021-05-15 15:00:12 -05:00
Arceliar
e83b5d08a8
remove ckr
2021-05-15 14:54:25 -05:00
Arceliar
cd4144f22b
add minimal src/yggdrasil/api.go functions inspect internal state
2021-05-15 14:50:56 -05:00
Arceliar
7d49b86456
set version to an obviously unstable value, fix peer address formatting in the connect/disconnect messages
2021-05-15 13:44:55 -05:00
Neil Alexander
577b7118ad
remove debug logging
2021-05-10 23:16:22 +01:00
Neil Alexander
815f2a2822
Respond with ICMPv6 Packet Too Big over network
2021-05-10 23:09:59 +01:00
Neil Alexander
57ea61b338
Remove reconfiguration on SIGHUP - it didn't work reliably anyway
2021-05-10 22:47:28 +01:00
Neil Alexander
e12c639c21
Remove obsolete switch options
2021-05-10 22:42:57 +01:00
Neil Alexander
05caf36f4e
Fix AllowedPublicKeys
2021-05-10 22:39:12 +01:00
Neil Alexander
c20b66f3b6
Metadata/version tweaks
2021-05-10 22:31:01 +01:00
Neil Alexander
bb92e61e68
Remove encryption public key options (they are now derived from ed25519 key conversion in IW), also bump link version number
2021-05-10 22:06:38 +01:00
Arceliar
6cb958e3dc
update genkeys to new address format
2021-05-10 05:58:06 -05:00
Arceliar
b48962a69a
limit MTU to no more than what the packetconn claims to support
2021-05-09 11:27:37 -05:00
Arceliar
3bfd891fd4
reduce time keystore mutex is held and (apparently) fix a deadlock
2021-05-09 09:20:28 -05:00
Arceliar
ed85cf08f2
WIP close the ironwood PacketConn when shutting down
2021-05-08 12:31:26 -05:00
Arceliar
b4224aa02d
fix ironwood dependency version
2021-05-08 11:57:54 -05:00
Arceliar
e6e55fb4d1
dependency update
2021-05-08 11:53:44 -05:00
Arceliar
8bed79370b
(broken state) WIP, compiles and passes the netns ping test
2021-05-08 11:52:22 -05:00
Arceliar
b345806e3f
(broken state) more WIP (cleanup)
2021-05-08 11:35:04 -05:00
Arceliar
0f787364de
(broken state) more tuntap WIP to add out-of-band key lookup
2021-05-08 11:32:57 -05:00
Arceliar
5b22392c66
(broken state) more WIP on tuntap stuff
2021-05-08 11:14:50 -05:00
Arceliar
0cff56fcc1
(broken state) WIP on tuntap
2021-05-08 10:39:07 -05:00
Arceliar
f1c37f8440
(broken state) WIP rewriting core to use ironwood
2021-05-08 08:35:58 -05:00
Arceliar
ace7b43b6d
(broken state) WIP address migration
2021-05-08 07:25:53 -05:00
Arceliar
ae96148008
Merge branch 'pathfinder' of https://github.com/Arceliar/yggdrasil-go into future
2021-05-08 06:45:10 -05:00
Neil Alexander
3c2e14801d
Merge pull request #772 from cwinfo/develop-something
...
Update Dockerfile
2021-03-24 13:41:53 +00:00
Christer Warén
9b67eb7ef2
Update Dockerfile
...
Removing personal information
2021-03-24 15:39:55 +02:00
Neil Alexander
983dfdb553
Merge pull request #770 from yggdrasil-network/develop
...
Version 0.3.16
2021-03-18 22:20:56 +00:00
Arceliar
ac375917c9
Update changelog for v0.3.16 release ( #769 )
...
* draft of changelog
* more changelog
2021-03-18 18:58:20 +00:00
Neil Alexander
f0a5cd542c
Build MSIs for Windows using CircleCI ( #766 )
...
* Try to build MSIs from CircleCI using wixl/msitools
* Upload msis
* Change condition
* Update Platform
* Update Platform
* Don't build ARM, it's apparently not well supported
* Don't build ARM, it's apparently not well supported
* Remove appveyor config
* Update comments
* newline
2021-03-07 14:03:34 +00:00
Neil Alexander
7174cfce40
Move up to Go 1.16, upgrade dependencies ( #765 )
2021-03-07 08:45:47 +00:00
Neil Alexander
0ab2685489
Fix wireguard dependency
2021-02-18 09:36:45 +00:00
Arceliar
6eb74a40e1
Merge pull request #751 from Arceliar/bugfix
...
Fix goroutine leak in link.go
2020-12-19 11:04:13 -06:00
Arceliar
78073429a2
Merge branch 'pathfinder' of https://github.com/Arceliar/yggdrasil-go into pathfinder
2020-12-19 06:03:59 -06:00
Arceliar
0ba2ad74fe
use source routes in the dht (when available)
2020-12-19 06:03:28 -06:00
Arceliar
a8810c7ee9
if the link handler exits early due to an existing connection, then have it return a channel to that connection which closes when the connection is closed, so we can choose to block on that to avoid spamming connection attempts with dial
2020-12-13 16:29:03 -06:00
Arceliar
1daf3e7bd7
remove link.go block on oldIntf if we already have a connection to the same node, this spams connections, so it's not a good long-term fix if that's where the goroutine leak is
2020-12-13 16:16:14 -06:00
rany
5b326d8bb8
Update generate.sh ( #736 )
...
The AppArmor profile in contrib forbids `/usr/bin/yggdrasil` from reading the file in `/var/backups/yggdrasil.conf...`. This works around that restriction by having the shell do the reading of `/var/backups/yggdrasil.conf...` file while providing the same exact functionality without making the AppArmor profile less restrictive.
Another change is the safe perms for the `/etc/yggdrasil.conf` (so that config will have 0640 permissions). This is important because if we kept the default of 644 then any user (privileged or unprivileged) will have the ability to read the yggdrasil private key. We use a restrictive umask of 0027 to make this possible.
2020-12-06 20:52:54 +00:00
rany
709ea6976c
apparmor: allow yggdrasil to resolve hostnames ( #739 )
...
The apparmor profile in it's current state won't allow resolving hostnames. We need `<abstractions/nameservice>` because we simply can't just allow `/etc/resolv.conf`. This is because systemd-resolved, resolvconf, and others rely on symbolic links to `/etc/resolv.conf` which would make this extremely complicated. `<abstractions/nameservice>` deals with this complexity to allow every single one of those packages (systemd-resolved, resolvconf, ... ).
```
network inet stream,
network inet dgram,
network inet6 dgram,
network inet6 stream,
network netlink raw,
```
was removed because it's already included in `<abstractions/nameservice>`. Some permissions that are no longer needed in newer yggdrasil versions were also removed.
`owner /sys/kernel/mm/transparent_hugepage/hpage_pmd_size r,` was changed to `/sys/kernel/mm/transparent_hugepage/hpage_pmd_size r,` because there is no guarantee that yggdrasil will always be run as root. (`owner` makes sure that the process's user and the file have the same owner, in that case, root. This might not always be the case so `owner` was removed)
2020-12-06 20:52:10 +00:00
Neil Alexander
b9f35c5530
Return ICMPv6 Destination Unreachable for unknown destinations ( #748 )
...
* Return ICMPv6 Destination Unreachable for unknown destinations
* Update go.mod/go.sum for yggdrasil-extras
* go mod tidy
2020-12-06 19:47:25 +00:00
Neil Alexander
cb3d8647de
Merge pull request #744 from octeep/master
...
Fix DefaultIfName for OpenBSD
2020-12-06 13:48:09 +00:00
Arceliar
df1239b054
attempting to debug/fix a possible goroutine leak
2020-11-25 02:44:13 -06:00
Neil Alexander
ea58a0f181
Clean go.mod/go.sum
2020-11-15 13:32:28 +00:00
Arceliar
939ffb02f8
adjust when dht reqs are reset
2020-11-14 15:05:02 -06:00
octeep
04e890fcc3
Change DefaultIfName from "/dev/tun0" to "tun0"
...
Specifying the full path to the interface in OpenBSD would result in:
panic: Interface name must be tun[0-9]*
Therefore, DefaultIfName should be changed to tun0 in order to make yggdrasil work out of the box.
2020-11-13 06:38:27 +00:00