1. 11 Feb, 2021 1 commit
    • Joanne Hugé's avatar
      New --country option; add country in addresses · 85d77bd8
      Joanne Hugé authored
      This commit concerns networks that use the --same-country option.
      We recently discovered that the IP geolocation database contains
      incorrect entries. To work around this, the protocol needs to be
      changed by adding the country as 4th field in addresses (the first 3
      are: ip, port, protocol) and the new --country option allows a node
      to announce a country that differs from the one the GeoIP DB.
      
      Thanks to the previous commits it's possible to implement backward
      compatibility, by not sending the 4th field (country) to nodes that
      can't parse it. Of course, these old nodes would continue to not
      create appropriate tunnels and after a while, the administrator of
      the network may decide to increase registry's --min-protocol (7).
      
      In a network with only nodes that implement this last version of the
      protocol, the nodes may only use the GeoIP DB to resolve their own IPs.
      
      See merge request !27
      85d77bd8
  2. 10 Jan, 2020 1 commit
  3. 27 Dec, 2019 1 commit
  4. 08 Nov, 2019 1 commit
    • Julien Muchembled's avatar
      Fix file descriptor leaks · 9fab68ee
      Julien Muchembled authored
      This should fix strange bugs after running the demo for a long time,
      with certificate renewal happening every few minutes.
      9fab68ee
  5. 07 Nov, 2019 1 commit
    • Julien Muchembled's avatar
      Remove --ipv6, reuse --ip instead · 343e910a
      Julien Muchembled authored
      The previous commit, which adds --ipv6, has the issue
      that it does not check whether given IPs are valid.
      Since IPv4 & IPv6 use completely different address
      representation, --ip can be used for both.
      343e910a
  6. 06 Nov, 2019 1 commit
    • Julien Muchembled's avatar
      New --ipv6 option and fix learning of external IPv6 from other peers · 0106e2f9
      Julien Muchembled authored
      When re6st attempts to use UPnP and IPv6 is enabled at the same time,
      the external IPv4 was published for IPv6 protocols.
      For example, machine6 in the demo had:
        10.0.1.3,1194,tcp;10.0.1.3,1194,udp;10.0.1.3,1195,udp6
      
      This caused re6stnet to crash (socket.gaierror) if GEOIP2_MMDB is set.
      
      With this commit, IPv4 & IPv6 are now processed independently.
      0106e2f9
  7. 19 Jun, 2019 1 commit
    • Killian Lufau's avatar
      Implement HMAC for babel · 12ba2ee4
      Killian Lufau authored
      HMAC is added in babel call to prevent babel communication between nodes of different re6st networks. 
      This solves the problem of machines in different re6st networks but on the same LAN that exchange routes through babel. 
      The key used to authenticate packets is randomly created on 16 bytes by the registry and sent to nodes when they fetch network parameters. 
      This uses the WIP hmac branch of jech/babeld with Nexedi patches and the added possibility to not check HMAC in incoming packets for better HMAC integration on a HMAC-less network.
      
      /reviewed-on !18
      12ba2ee4
  8. 15 May, 2019 1 commit
    • Killian Lufau's avatar
      Fix --disable-proto · 120fff13
      Killian Lufau authored
      argparse is error-prone in that `action='append'` starts from (a copy of) the
      given default when it adds values from command-line, rather than restarting
      from an empty list. For example, simply passing `--disable-proto udp` resulted
      in ['udp', 'udp6', 'udp'], which caused 'udp6' to remain disabled.
      
      /reviewed-on !17
      120fff13
  9. 02 Oct, 2018 1 commit
  10. 30 Aug, 2018 2 commits
  11. 07 Aug, 2018 1 commit
    • Julien Muchembled's avatar
      Log signals that are sent to kill subprocesses and increase default log level · 9e6ece7a
      Julien Muchembled authored
      We currently have issues with OpenVPN hook scripts that aren't always killed
      at exit. Such orphan processes prevent re6st from starting again (EADDRINUSE).
      
      We want to know if it's an OpenVPN that does not exit cleanly on TERM,
      or if it sometimes does not exit at all after 5s (then re6st sends a KILL
      signal and at that point we should indeed make sure that any subprocess is
      also KILLed).
      9e6ece7a
  12. 02 Jul, 2018 1 commit
  13. 29 Jun, 2018 1 commit
  14. 07 Mar, 2017 2 commits
  15. 19 Sep, 2016 1 commit
  16. 12 Aug, 2016 2 commits
  17. 21 Apr, 2016 1 commit
  18. 25 Jan, 2016 1 commit
  19. 30 Dec, 2015 1 commit
  20. 28 Dec, 2015 1 commit
  21. 09 Jul, 2015 2 commits
  22. 08 Jul, 2015 1 commit
  23. 10 Jun, 2015 1 commit