re6stnet:fdc712ee2cf24069d07243523a9e3e43ecab192f commitshttps://lab.nexedi.com/nexedi/re6stnet/-/commits/fdc712ee2cf24069d07243523a9e3e43ecab192f2022-05-04T15:28:49+02:00https://lab.nexedi.com/nexedi/re6stnet/-/commit/fdc712ee2cf24069d07243523a9e3e43ecab192fAdd communities to re6st2022-05-04T15:28:49+02:00Joanne Hugéjoanne.huge@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/a536c63a485381e1f1a278ffe865eb08566c561fregistry: add mergePrefixes method2022-05-04T15:28:49+02:00Joanne Hugéjoanne.huge@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/8ea1ddfc9421b7529e30893460e224668486d18fregistry: clean-up2022-05-04T15:28:49+02:00Julien Muchembledjm@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/99cf2adc80f61374a35ce7b0ef04980163b2112bFor the moment, only OpenVPN 2.4.* is supported2022-05-04T12:03:47+02:00Julien Muchembledjm@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/63a4702c4a84255cb59afd3e956c97c8aa9c253aWhen installing, try 'python2' first, fall back on 'python'2022-05-04T11:54:22+02:00Julien Muchembledjm@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/4fe44ea39fd2c44e8a7f00987633c7e1c98e314bFix date format in logs2021-12-10T19:51:30+01:00Julien Muchembledjm@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/f1e956608a42eac5fd64b8d7fe5bb0bdc9065190debian: dh-systemd is a transitional package2021-07-31T20:43:29+02:00Julien Muchembledjm@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/865763b6c733ae6e7c007ca76a114d5dbdb88428debian: fix restart on old OS2021-07-31T20:42:42+02:00Julien Muchembledjm@nexedi.com
On Debian < 10:
- debhelper extends postint with 'try-restart', which caused re6st to
remain stopped after upgrading from a re6st package that stopped
services unconditionally in prerm (see previous commit);
- deb-systemd-invoke does not check whether the service is enabled
so 'try-restart' can't be replaced blindly with 'restart'
(as it is the case in recent Debian).https://lab.nexedi.com/nexedi/re6stnet/-/commit/111ddbc981889ac871fcc0a16900bead84861ab7debian: do not stop services until after the package upgrade has been completed2021-07-03T10:43:05+02:00Julien Muchembledjm@nexedi.com
In addition to minimize re6st downtime, this fixes upgrade from
versions that still use init scripts.
When we drop support for Debian 8, we'll increase debian/compat
and we'll revert this commit.https://lab.nexedi.com/nexedi/re6stnet/-/commit/a412977df36c8975e3ad01876413e4d9c9de59b2Empty commit to rebuild Debian package with greater version2021-07-01T15:35:25+02:00Julien Muchembledjm@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/5bdb32e6deb27624123e7966e769650df2fa7dc1debian: drop init scripts2021-06-30T19:45:34+02:00Julien Muchembledjm@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/ba573ab79903858e73766ede84d63bc283f52bf4Make nodes ask registry for their country2021-06-07T17:28:23+02:00Julien Muchembledjm@nexedi.com
To prepare for the removal of geoip2, we want nodes to ask the registry
for their country. geoip2 is kept in this update since nodes will still
need to figure out countries of other nodes which haven't updated yet.
Once all nodes will be updated to this version, geoip2 will be ready to
be deleted.
See merge request <a href="/nexedi/re6stnet/-/merge_requests/32" data-original="nexedi/re6stnet!32" data-link="false" data-link-reference="false" data-project="206" data-merge-request="4841" data-project-path="nexedi/re6stnet" data-iid="32" data-mr-title="Make nodes ask registry for their country" data-reference-type="merge_request" data-container="body" data-placement="top" data-html="true" title="" class="gfm gfm-merge_request">!32</a>https://lab.nexedi.com/nexedi/re6stnet/-/commit/dd943d7c03b6f86b29ecdbf7f537d3eee8a66be2Reduce width of lines over 80 characters2021-06-07T11:28:45+02:00Johan Hugéjohan.huge@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/3bc45368c64a6f23f6deb29e54a164469f489cd5Make country tunnel parameter naming consistent2021-06-07T11:28:45+02:00Johan Hugéjohan.huge@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/04a736f12bff97c78ff5284fb73fea30db5d0889Replace tab by spaces2021-06-07T11:28:45+02:00Johan Hugéjohan.huge@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/47d374bc1348541d377b5f6908a7d2be030d56a6Make nodes ask registry for their country2021-06-07T11:28:45+02:00Johan Hugéjohan.huge@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/e7229916d1cf83521c65fa79b1c626f69c7590acAdd getCountry RPC2021-06-07T11:28:42+02:00Johan Hugéjohan.huge@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/0f97c0266bb36dbb4723f7623a6ee0cba83169a3Fix issue causing nodes to ignore countries after restart2021-05-04T14:18:39+02:00Johan Hugéjohan.huge@nexedi.com
If a node restarts and has its address with its country in the cache, it
won't set the _country attribute, and will therefore ignore countries
when making tunnels.
See merge request <a href="/nexedi/re6stnet/-/merge_requests/31" data-original="nexedi/re6stnet!31" data-link="false" data-link-reference="false" data-project="206" data-merge-request="4765" data-project-path="nexedi/re6stnet" data-iid="31" data-mr-title="Fix issue causing nodes to ignore countries after restart" data-reference-type="merge_request" data-container="body" data-placement="top" data-html="true" title="" class="gfm gfm-merge_request">!31</a>https://lab.nexedi.com/nexedi/re6stnet/-/commit/e8629de5fdd23bee672970a976b519e0a60f1292Do not kill a preferred tunnel if it would recreate the same tunnel afterwards2021-04-08T16:32:42+02:00Julien Muchembledjm@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/721f9d4355b40c8cdcdc9bb91383c37a30fa8940fix typo in documentation2021-03-31T10:05:47+02:00Thomas Gambierthomas.gambier@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/1adefd5d1cdb073bd12b8dc25bd67199ea7ec83fsame_country: fix UnicodeEncodeError in Peer.encode2021-03-27T18:32:02+01:00Julien Muchembledjm@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/ecda9f0657601616fdeee92c9b3e193357552c4dFix TypeError in _updateCountry2021-03-23T12:00:09+01:00Johan Hugéjohan.huge@nexedi.com
Addresses passed to _updateCountry can contain countries if
cache.my_address is used to initialize address in BaseTunnelManager init
function, which causes resolve to be called with too many arguments.https://lab.nexedi.com/nexedi/re6stnet/-/commit/bbde1c0d4e106c7e7345d32ab280c0d180c745d3Fix two issues related to handleHello2021-03-22T18:06:19+01:00Johan Hugéjohan.huge@nexedi.com
In some circumstances, the hello_protocol attribute could get modified
on the wrong peer, which would raise an AttributeError.
On reception of seqno 1 from a peer with protocol < 7, protocol could be
equal to zero which would cause handleHello to not return True, causing
the handshake to fail.https://lab.nexedi.com/nexedi/re6stnet/-/commit/85d77bd84aef55c7ab0b0af36a203bcd69d29d42New --country option; add country in addresses2021-02-11T14:42:26+01:00Johan Hugéjohan.huge@nexedi.com
This commit concerns networks that use the --same-country option.
We recently discovered that the IP geolocation database contains
incorrect entries. To work around this, the protocol needs to be
changed by adding the country as 4th field in addresses (the first 3
are: ip, port, protocol) and the new --country option allows a node
to announce a country that differs from the one the GeoIP DB.
Thanks to the previous commits it's possible to implement backward
compatibility, by not sending the 4th field (country) to nodes that
can't parse it. Of course, these old nodes would continue to not
create appropriate tunnels and after a while, the administrator of
the network may decide to increase registry's --min-protocol (7).
In a network with only nodes that implement this last version of the
protocol, the nodes may only use the GeoIP DB to resolve their own IPs.
See merge request <a href="/nexedi/re6stnet/-/merge_requests/27" data-original="nexedi/re6stnet!27" data-link="false" data-link-reference="false" data-project="206" data-merge-request="4561" data-project-path="nexedi/re6stnet" data-iid="27" data-mr-title="WIP: Add version protocol in hello handshakes and add country in addresses" data-reference-type="merge_request" data-container="body" data-placement="top" data-html="true" title="" class="gfm gfm-merge_request">!27</a>https://lab.nexedi.com/nexedi/re6stnet/-/commit/bb7e637659d0ee82a6e38233cac119b9bd09c20fAdd protocol to handshake with registry2021-02-11T14:41:25+01:00Johan Hugéjohan.huge@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/4f327e1b5d4ced9ad424acd8d1cdf022d928c452Add protocol to handshake between nodes2021-02-11T14:38:48+01:00Julien Muchembledjm@nexedi.com
There is a need to be able to extend the protocol without breaking
compatibility with old nodes. This is done by sending version.protocol
during inter-node handshake, in seqno 1 and seqno 2, so that a node
knows what version the peers speak and use appropriate format.
This is implemented with partial backward compatibility: handshake with
an old node succeeds when the new node does not have to send seqno 1.https://lab.nexedi.com/nexedi/re6stnet/-/commit/ee93c63ec8de040bb4f38b228e928381cd93f5b4doc: clarify system configuration when using --default2020-12-22T13:37:53+01:00Johan Hugéjohan.huge@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/426e929942a9eea219a8bc4d502289dce7e032e0doc: update manpage about automatic startup2020-12-03T12:04:28+01:00Julien Muchembledjm@nexedi.com
Behaviour changed in commit <a href="/nexedi/re6stnet/-/commit/5a8e41868c76cf7f1c3827c01a743ab8dca57ae2" data-original="5a8e41868c76cf7f1c3827c01a743ab8dca57ae2" data-link="false" data-link-reference="false" data-project="206" data-commit="5a8e41868c76cf7f1c3827c01a743ab8dca57ae2" data-reference-type="commit" data-container="body" data-placement="top" data-html="true" title="Drop NetworkManager/ifupdown support for setups that are bound to an interface" class="gfm gfm-commit has-tooltip">5a8e4186</a>.https://lab.nexedi.com/nexedi/re6stnet/-/commit/4397261559f7803f14f5a5d8345407abcf598833fixup! debian: also ship systemd units2020-01-13T13:56:50+01:00Julien Muchembledjm@nexedi.com
On machines using systemd, services were not enabled by default.https://lab.nexedi.com/nexedi/re6stnet/-/commit/5b765db035e611b2d03ef81962b7d2ace503e440Bump protocol version2020-01-10T17:24:35+01:00Julien Muchembledjm@nexedi.com
To reenable RTT-based metric, we usually want to force old nodes
to upgrade, so that they don't always look faster that others.https://lab.nexedi.com/nexedi/re6stnet/-/commit/8c2adc3622dd83e2f3ee6545fd057ad60100fa13Tell babeld that openvpn interfaces are of type tunnel2020-01-10T15:07:49+01:00Julien Muchembledjm@nexedi.com
This reenables RTT-based metric, which
was disabled since we moved to v1.8+.https://lab.nexedi.com/nexedi/re6stnet/-/commit/21ad8a0788259e54829728b36489975f785b4714debian: fix removal of obsolete files in /etc2020-01-02T20:22:23+01:00Julien Muchembledjm@nexedi.com
See commit <a href="/nexedi/re6stnet/-/commit/5a8e41868c76cf7f1c3827c01a743ab8dca57ae2" data-original="5a8e41868c76cf7f1c3827c01a743ab8dca57ae2" data-link="false" data-link-reference="false" data-project="206" data-commit="5a8e41868c76cf7f1c3827c01a743ab8dca57ae2" data-reference-type="commit" data-container="body" data-placement="top" data-html="true" title="Drop NetworkManager/ifupdown support for setups that are bound to an interface" class="gfm gfm-commit has-tooltip">5a8e4186</a>.https://lab.nexedi.com/nexedi/re6stnet/-/commit/889fde3b4f34dff0e2d10c46c7ae17e6b44dab20Drop support for Python 2.62019-12-27T17:17:38+01:00Julien Muchembledjm@nexedi.com
Commit <a href="/nexedi/re6stnet/-/commit/40d4e4969bbf8718fb7933b9514e77fcfab4f50b" data-original="40d4e4969bbf8718fb7933b9514e77fcfab4f50b" data-link="false" data-link-reference="false" data-project="206" data-commit="40d4e4969bbf8718fb7933b9514e77fcfab4f50b" data-reference-type="commit" data-container="body" data-placement="top" data-html="true" title="Backward compatibility for Python 2.6" class="gfm gfm-commit has-tooltip">40d4e496</a> is not reverted
because Python 3 will also require to keep the distinction between
blob and text.https://lab.nexedi.com/nexedi/re6stnet/-/commit/c8b11bf3a672326529590242fabdbe0c0543ea90debian: do not stop re6stnet until after the package upgrade has been completed2019-12-27T16:21:17+01:00Julien Muchembledjm@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/41218752d32b5709cdc1353458511aa525b3c323debian: Squeeze is not supported anymore2019-12-27T16:21:17+01:00Julien Muchembledjm@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/09219dadde4d1100928352fcb2091dbbc11ea0bcdebian: also ship systemd units2019-12-27T16:21:17+01:00Julien Muchembledjm@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/5a8e41868c76cf7f1c3827c01a743ab8dca57ae2Drop NetworkManager/ifupdown support for setups that are bound to an interface2019-12-27T16:21:17+01:00Julien Muchembledjm@nexedi.com
This feature was mainly for laptops but users:
- often don't care having the daemon running all the time;
- may not want to use the 'main-interface' option because the interface that
provides internet access is not always the same, e.g. wifi & wired;
- may want other kinds of conditions,
e.g. only specific wifi access points.
So in practice, main-interface is currently only use to set up a DHCP server or
provide IPv6 autoconfiguration. For such case, it is preferred to start/stop
re6stnet like a normal service.https://lab.nexedi.com/nexedi/re6stnet/-/commit/4198f9d59760cefdb6cfcca7b5fb8fa2490f0423Document that /etc/re6stnet does not have to contain a dh2048.pem file2019-12-27T15:07:00+01:00Julien Muchembledjm@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/321ed7f0139b6b6b99b079a0da02994d1d6909e5fixup! Fix renewal of expired certificate with recent OpenSSL2019-12-11T12:08:35+01:00Julien Muchembledjm@nexedi.comhttps://lab.nexedi.com/nexedi/re6stnet/-/commit/6532a739ba36c102616a957878f8eba1a19f73c0New release of babeld2019-12-11T12:01:17+01:00Julien Muchembledjm@nexedi.com