archive/slackhq_nebula
0
0
Fork 0
mirror of https://github.com/slackhq/nebula.git synced 2025-01-11 03:48:12 +00:00
Code Issues Projects Releases Wiki Activity

Commit graph

  • a95868b873 cleanup Wade Simmons 2023-05-09 10:56:47 -0400
  • 6275fdb6b3 typo Wade Simmons 2023-05-09 10:52:11 -0400
  • 129b729c3e document P256 and BoringCrypto Wade Simmons 2023-05-09 10:50:11 -0400
  • 3e5e48f937 use mutex_debug during Github Actions run Wade Simmons 2023-05-09 10:39:28 -0400
  • afde2080d6 Merge remote-tracking branch 'origin/master' into mutex-debug Wade Simmons 2023-05-09 10:29:37 -0400
  • db0cff3afa add Security mention to New issue template Wade Simmons 2023-05-09 10:27:33 -0400
  • aa53773d6b add SECURITY.md Wade Simmons 2023-05-09 10:12:18 -0400
  • d1f786419c
         Try rehandshaking a main hostinfo after releasing hostmap locks (#863) Nate Brown 2023-05-08 14:43:03 -0500
  • 1f119acece Try rehandshaking a main hostinfo after releasing hostmap locks Nate Brown 2023-05-08 13:05:47 -0500
  • 31ed9269d7
         add test for GOEXPERIMENT=boringcrypto (#861) Wade Simmons 2023-05-08 13:27:01 -0400
  • e6eeef785e mutex_debug Wade Simmons 2023-05-08 11:17:14 -0400
  • b468e5d55d cleanup tests Wade Simmons 2023-05-05 17:14:47 -0400
  • ba196d6f2f assert boring Wade Simmons 2023-05-05 17:11:59 -0400
  • 6122cac8f0 fix NebulaCertificate.Sign Wade Simmons 2023-05-05 17:05:25 -0400
  • 6bfebf1349 add test for GOEXPERIMENT=boringcrypto Wade Simmons 2023-05-05 16:05:04 -0400
  • 48eb63899f
         Have lighthouses ack updates to reduce test packet traffic (#851) Nate Brown 2023-05-05 14:44:03 -0500
  • 812f674c32 Switch to acknowledging lighthouse host updates Nate Brown 2023-05-05 09:45:35 -0500
  • 2d08a05502 Make testing lighthouses optional Nate Brown 2023-04-20 17:13:57 -0500
  • b26c13336f
         Fix test on master (#860) Nate Brown 2023-05-04 20:11:33 -0500
  • 605b0f0994 Fix test on master Nate Brown 2023-05-04 18:02:30 -0500
  • e0185c4b01
         Support NIST curve P256 (#769) Wade Simmons 2023-05-04 17:50:23 -0400
  • 702e1c59bd
         Always disconnect block listed hosts (#858) Nate Brown 2023-05-04 16:09:42 -0500
  • 47f21760e8 Always disconnect block listed hosts Nate Brown 2023-05-04 15:48:36 -0500
  • 5fe8f45d05
         Clear lighthouse cache for a vpn ip on a dead connection when its the final hostinfo (#857) Nate Brown 2023-05-04 15:42:12 -0500
  • bcd32fbd95 Clear lighthouse cache for a vpn ip on a dead connection when its the final hostinfo Nate Brown 2023-05-04 15:24:59 -0500
  • 03e4a7f988
         Rehandshaking (#838) Nate Brown 2023-05-04 15:16:37 -0500
  • 0b67b19771
         add boringcrypto Makefile targets (#856) Wade Simmons 2023-05-04 15:42:45 -0400
  • a0d3b93ae5
         update dependencies: 2023-05 (#855) Wade Simmons 2023-05-04 15:42:15 -0400
  • cba957f872 add boringcrypto Makefile targets Wade Simmons 2023-05-04 14:54:14 -0400
  • d942fb7cc7
         Update connection_manager.go Nate Brown 2023-05-04 13:27:59 -0500
  • affcb4eda3 update dependencies: 2023-05 Wade Simmons 2023-05-04 14:14:56 -0400
  • 250a8f163b Merge remote-tracking branch 'origin/master' into p256 Wade Simmons 2023-05-04 11:35:52 -0400
  • 58ec1f7a7b
         build with go1.20 (#854) Wade Simmons 2023-05-04 11:35:03 -0400
  • 82fd69e199 use go install Wade Simmons 2023-05-04 11:12:47 -0400
  • 7a5554f9ce need the quotes Wade Simmons 2023-05-04 11:12:38 -0400
  • 6353020e81 build with go1.20 Wade Simmons 2023-05-04 11:03:08 -0400
  • 58d47e0b97 remove other ecdh uses of crypto/elliptic Wade Simmons 2023-05-04 10:55:54 -0400
  • 2413e2d009 use crypto/ecdh Wade Simmons 2023-05-04 10:32:53 -0400
  • 28ecfcbc03 Merge remote-tracking branch 'origin/master' into multiport Wade Simmons 2023-05-03 10:50:06 -0400
  • 6f3fb46925 Merge remote-tracking branch 'origin/master' into p256 Wade Simmons 2023-05-01 13:50:13 -0400
  • 21547c6c3b Only record In and handle roaming for authenticated packets Brad Higgins 2023-04-21 09:56:17 -0400
  • 309b322885
         Improve the systemd unit: Fabio Alessandro Locati 2023-04-19 10:37:50 +0200
  • a3e2af1a05 Test the correct hostinfo handshake packets for dupes Nate Brown 2023-04-18 14:45:24 -0500
  • f42a91613f Dont record test packets as outbound traffic, do less if debug logs arent on Nate Brown 2023-04-18 09:00:43 -0500
  • 5eb55e5608 Only log if we are actually sending a test packet Nate Brown 2023-04-17 17:28:13 -0500
  • effb2e5ec5 Make sure overwrites are tracked as well Nate Brown 2023-04-12 10:23:20 -0500
  • f65f9518e7 Add ability to respect the system route table for unsafe route on linux Nate Brown 2023-04-03 17:08:14 -0500
  • 2082a2f524 Change dns lookup cadence from 5m to 30s. Should the dns lookup fail on startup, a 30s cadence will resolve the issue more quickly. Brad Higgins 2022-12-19 14:39:35 -0500
  • 18f57fdedc Moar configs Brad Higgins 2022-12-14 13:08:29 -0500
  • 69288d4c37 Actually stop the DNS goroutine Brad Higgins 2022-12-13 17:09:02 -0500
  • 7bb3b408f5 configuralbe cadence, undocumented and reconfigurable. Brad Higgins 2022-12-13 16:48:44 -0500
  • a9756ac50f Remove IP's not in the remote allow list Brad Higgins 2022-12-13 15:44:40 -0500
  • 88629965e3 Also plumb through a shouldRebuild set when the DNS lookup values change Brad Higgins 2022-12-13 13:28:40 -0500
  • 978db0a216 Goroutine to handle dns lookups Brad Higgins 2022-12-13 11:48:37 -0500
  • 468f57ecf4 Add context to lighthouse Brad Higgins 2022-12-13 11:17:40 -0500
  • 924cbac6b1 Move hostname and port processing to HostnamesResults Brad Higgins 2022-12-13 11:11:59 -0500
  • 4f88bb0211 Move parsing to addStaticRemote Brad Higgins 2022-12-13 10:10:15 -0500
  • aae308ca09 Update loadStaticMap to pass all remote IPs in one fell swoop. Brad Higgins 2022-12-13 09:39:10 -0500
  • 397fe5f879
         Add ability to skip installing unsafe routes on the os routing table (#831) Nate Brown 2023-04-10 12:32:37 -0500
  • b4db068e7f dns_server.go: parseQuery: set NXDOMAIN if there's no Answer to return NODA Kai 2023-04-09 18:25:42 +0800
  • 80c150ce76 If the relay itself generated the relay request, don't automatically send a CreateRelayResponse to the relayed peer. Brad Higgins 2023-04-06 17:02:48 -0400
  • 5ef6e87024 aand it works. but what ought it do? Brad Higgins 2023-04-06 12:03:41 -0400
  • 37cb596ff5 Migrate relays from old hostinfos to new hostinofs when detected in use. Brad Higgins 2023-04-04 10:16:13 -0400
  • d4bfad6863 be less weird with locks Nate Brown 2023-04-04 12:12:27 -0500
  • 0aaf2fa745 Support relays where main host info does not hold relay state Brad Higgins 2023-03-31 11:44:04 -0400
  • 4afecb9242 Direct tunnel rehandshaking Nate Brown 2023-03-31 10:28:55 -0500
  • 9b03053191
         update EncReader and EncWriter interface function args to have concrete types (#844) brad-defined 2023-04-07 14:28:37 -0400
  • 77d3ba84f5 Also update linux udp ListenOut Brad Higgins 2023-04-07 12:39:36 -0400
  • 8b9db72b97 EncReader, too Brad Higgins 2023-04-07 12:24:12 -0400
  • 1c966fd481 Move EncWriter to interface Brad Higgins 2023-04-07 11:57:36 -0400
  • c623c32ec0 Update LightHouseHandlerFunc to remove EncWriter param. Brad Higgins 2023-04-07 11:33:12 -0400
  • 3cb4e0ef57
         Allow listen.host to contain names (#825) Nate Brown 2023-04-05 11:29:26 -0500
  • e0553822b0
         Use NewGCMTLS (when using experiment boringcrypto) (#803) Wade Simmons 2023-04-05 11:08:23 -0400
  • d3fe3efcb0
         Fix handshake retry regression (#842) Nate Brown 2023-04-05 10:04:30 -0500
  • b982db8ea9 Fix handshake retry regression Nate Brown 2023-04-04 16:44:51 -0500
  • fd99ce9a71
         Use fewer test packets (#840) Nate Brown 2023-04-04 13:42:24 -0500
  • dee3c83071 Use fewer test packets Nate Brown 2023-04-04 11:00:16 -0500
  • ced272a981 fix mismerge Wade Simmons 2023-04-04 12:15:03 -0400
  • d100babd1c Merge remote-tracking branch 'origin/master' into p256 Wade Simmons 2023-04-04 11:57:34 -0400
  • 6685856b5d
         emit certificate.expiration_ttl_seconds metric (#782) Wade Simmons 2023-04-03 21:18:16 -0400
  • 75648e165c Update metric name Nate Brown 2023-04-03 20:03:53 -0500
  • 08958bf69b emit certificate.expiration_ttl_seconds metric Wade Simmons 2022-11-23 11:00:46 -0500
  • a56a97e5c3
         Add ability to encrypt CA private key at rest (#386) John Maguire 2023-04-03 13:59:38 -0400
  • 46b09b19c2 fix link to test vector Wade Simmons 2023-04-03 11:43:10 -0400
  • 194e9202a6 need to lock around EncryptDanger in SendVia Wade Simmons 2023-04-03 11:34:34 -0400
  • e71059a410 Merge remote-tracking branch 'origin/master' into multiport Wade Simmons 2023-04-03 11:30:41 -0400
  • b4bec48341 add cert.Curve argument to Sign method Wade Simmons 2023-04-03 11:25:06 -0400
  • f8c96d224f Merge remote-tracking branch 'origin/master' into p256 Wade Simmons 2023-04-03 11:16:32 -0400
  • ee8e1348e9
         Use connection manager to drive NAT maintenance (#835) Nate Brown 2023-03-31 15:45:05 -0500
  • f340f8da2f Allow target_everything to occur for relayed hosts Nate Brown 2023-03-31 15:29:35 -0500
  • 03ecd56592 Fix tests, remove debug logs Nate Brown 2023-03-30 09:51:33 -0500
  • fbe2e5975f Use connection manager to drive NAT maintenance Nate Brown 2023-03-29 21:37:14 -0500
  • 1a6c657451
         Normalize logs (#837) Nate Brown 2023-03-30 15:07:31 -0500
  • fd4a0cb210 Normalize logs Nate Brown 2023-03-30 13:34:27 -0500
  • 6b3d42efa5
         Use atomic.Pointer for certState (#833) Nate Brown 2023-03-30 13:04:09 -0500
  • 2801fb2286
         Fix relay (#827) brad-defined 2023-03-30 12:09:20 -0400
  • adc16b8254 Hold even more locks Brad Higgins 2023-03-30 11:58:35 -0400
  • 2c89c92e05 hold test lock longer Brad Higgins 2023-03-30 11:56:59 -0400
  • 621ed393cb s/hostInfo/vpnIp/ Brad Higgins 2023-03-30 10:31:00 -0400
  • 8fd7663539 Review comments Brad Higgins 2023-03-30 09:18:35 -0400