a6c254c87a
more nodeinfo WIP, still needs admin socket support
2021-05-16 14:00:37 -05:00
2e45e970c6
work-in-progress adding nodeinfo
2021-05-16 13:52:52 -05:00
2d01386d6e
Refactor admin socket, export request/response structs, remove types package
2021-05-16 19:51:09 +01:00
2c7b22db92
allow for multiple traffic types inside the session at the tuntap level, only implement typeSessionTraffic for now
2021-05-16 13:01:54 -05:00
dfca87ba80
start a reader to disard traffic if the tun is disabled
2021-05-15 16:44:56 -05:00
f61507238e
cleanup unused MTU code from tun keystore
2021-05-15 16:23:44 -05:00
5b00273dfc
move sessionfirewall into the tuntap. this needs testing. the name is also slightly wrong, since a crypto session can still be set up, packets are just accepted/rejected at the tun/tap level instead
2021-05-15 15:55:47 -05:00
7e10025ef0
get minimal admin socket working (introspection only, no ability to add peers etc)
2021-05-15 15:16:35 -05:00
85fae23919
remove TunnelRouting from config, remove Signing from key names
2021-05-15 15:00:12 -05:00
e83b5d08a8
remove ckr
2021-05-15 14:54:25 -05:00
cd4144f22b
add minimal src/yggdrasil/api.go functions inspect internal state
2021-05-15 14:50:56 -05:00
7d49b86456
set version to an obviously unstable value, fix peer address formatting in the connect/disconnect messages
2021-05-15 13:44:55 -05:00
577b7118ad
remove debug logging
2021-05-10 23:16:22 +01:00
815f2a2822
Respond with ICMPv6 Packet Too Big over network
2021-05-10 23:09:59 +01:00
57ea61b338
Remove reconfiguration on SIGHUP - it didn't work reliably anyway
2021-05-10 22:47:28 +01:00
e12c639c21
Remove obsolete switch options
2021-05-10 22:42:57 +01:00
05caf36f4e
Fix AllowedPublicKeys
2021-05-10 22:39:12 +01:00
c20b66f3b6
Metadata/version tweaks
2021-05-10 22:31:01 +01:00
bb92e61e68
Remove encryption public key options (they are now derived from ed25519 key conversion in IW), also bump link version number
2021-05-10 22:06:38 +01:00
6cb958e3dc
update genkeys to new address format
2021-05-10 05:58:06 -05:00
b48962a69a
limit MTU to no more than what the packetconn claims to support
2021-05-09 11:27:37 -05:00
3bfd891fd4
reduce time keystore mutex is held and (apparently) fix a deadlock
2021-05-09 09:20:28 -05:00
ed85cf08f2
WIP close the ironwood PacketConn when shutting down
2021-05-08 12:31:26 -05:00
b4224aa02d
fix ironwood dependency version
2021-05-08 11:57:54 -05:00
e6e55fb4d1
dependency update
2021-05-08 11:53:44 -05:00
8bed79370b
(broken state) WIP, compiles and passes the netns ping test
2021-05-08 11:52:22 -05:00
b345806e3f
(broken state) more WIP (cleanup)
2021-05-08 11:35:04 -05:00
0f787364de
(broken state) more tuntap WIP to add out-of-band key lookup
2021-05-08 11:32:57 -05:00
5b22392c66
(broken state) more WIP on tuntap stuff
2021-05-08 11:14:50 -05:00
0cff56fcc1
(broken state) WIP on tuntap
2021-05-08 10:39:07 -05:00
f1c37f8440
(broken state) WIP rewriting core to use ironwood
2021-05-08 08:35:58 -05:00
ace7b43b6d
(broken state) WIP address migration
2021-05-08 07:25:53 -05:00
ae96148008
Merge branch 'pathfinder' of https://github.com/Arceliar/yggdrasil-go into future
2021-05-08 06:45:10 -05:00
3c2e14801d
Merge pull request #772 from cwinfo/develop-something
...
Update Dockerfile
2021-03-24 13:41:53 +00:00
9b67eb7ef2
Update Dockerfile
...
Removing personal information
2021-03-24 15:39:55 +02:00
983dfdb553
Merge pull request #770 from yggdrasil-network/develop
...
Version 0.3.16
2021-03-18 22:20:56 +00:00
ac375917c9
Update changelog for v0.3.16 release ( #769 )
...
* draft of changelog
* more changelog
2021-03-18 18:58:20 +00:00
f0a5cd542c
Build MSIs for Windows using CircleCI ( #766 )
...
* Try to build MSIs from CircleCI using wixl/msitools
* Upload msis
* Change condition
* Update Platform
* Update Platform
* Don't build ARM, it's apparently not well supported
* Don't build ARM, it's apparently not well supported
* Remove appveyor config
* Update comments
* newline
2021-03-07 14:03:34 +00:00
7174cfce40
Move up to Go 1.16, upgrade dependencies ( #765 )
2021-03-07 08:45:47 +00:00
0ab2685489
Fix wireguard dependency
2021-02-18 09:36:45 +00:00
6eb74a40e1
Merge pull request #751 from Arceliar/bugfix
...
Fix goroutine leak in link.go
2020-12-19 11:04:13 -06:00
78073429a2
Merge branch 'pathfinder' of https://github.com/Arceliar/yggdrasil-go into pathfinder
2020-12-19 06:03:59 -06:00
0ba2ad74fe
use source routes in the dht (when available)
2020-12-19 06:03:28 -06:00
a8810c7ee9
if the link handler exits early due to an existing connection, then have it return a channel to that connection which closes when the connection is closed, so we can choose to block on that to avoid spamming connection attempts with dial
2020-12-13 16:29:03 -06:00
1daf3e7bd7
remove link.go block on oldIntf if we already have a connection to the same node, this spams connections, so it's not a good long-term fix if that's where the goroutine leak is
2020-12-13 16:16:14 -06:00
5b326d8bb8
Update generate.sh ( #736 )
...
The AppArmor profile in contrib forbids `/usr/bin/yggdrasil` from reading the file in `/var/backups/yggdrasil.conf...`. This works around that restriction by having the shell do the reading of `/var/backups/yggdrasil.conf...` file while providing the same exact functionality without making the AppArmor profile less restrictive.
Another change is the safe perms for the `/etc/yggdrasil.conf` (so that config will have 0640 permissions). This is important because if we kept the default of 644 then any user (privileged or unprivileged) will have the ability to read the yggdrasil private key. We use a restrictive umask of 0027 to make this possible.
2020-12-06 20:52:54 +00:00
709ea6976c
apparmor: allow yggdrasil to resolve hostnames ( #739 )
...
The apparmor profile in it's current state won't allow resolving hostnames. We need `<abstractions/nameservice>` because we simply can't just allow `/etc/resolv.conf`. This is because systemd-resolved, resolvconf, and others rely on symbolic links to `/etc/resolv.conf` which would make this extremely complicated. `<abstractions/nameservice>` deals with this complexity to allow every single one of those packages (systemd-resolved, resolvconf, ... ).
```
network inet stream,
network inet dgram,
network inet6 dgram,
network inet6 stream,
network netlink raw,
```
was removed because it's already included in `<abstractions/nameservice>`. Some permissions that are no longer needed in newer yggdrasil versions were also removed.
`owner /sys/kernel/mm/transparent_hugepage/hpage_pmd_size r,` was changed to `/sys/kernel/mm/transparent_hugepage/hpage_pmd_size r,` because there is no guarantee that yggdrasil will always be run as root. (`owner` makes sure that the process's user and the file have the same owner, in that case, root. This might not always be the case so `owner` was removed)
2020-12-06 20:52:10 +00:00
b9f35c5530
Return ICMPv6 Destination Unreachable for unknown destinations ( #748 )
...
* Return ICMPv6 Destination Unreachable for unknown destinations
* Update go.mod/go.sum for yggdrasil-extras
* go mod tidy
2020-12-06 19:47:25 +00:00
cb3d8647de
Merge pull request #744 from octeep/master
...
Fix DefaultIfName for OpenBSD
2020-12-06 13:48:09 +00:00
df1239b054
attempting to debug/fix a possible goroutine leak
2020-11-25 02:44:13 -06:00
