To prepare for the removal of geoip2, we want nodes to ask the registry
for their country. geoip2 is kept in this update since nodes will still
need to figure out countries of other nodes which haven't updated yet.
Once all nodes will be updated to this version, geoip2 will be ready to
be deleted.

See merge request !32

If a node restarts and has its address with its country in the cache, it
won't set the _country attribute, and will therefore ignore countries
when making tunnels.

See merge request !31

Addresses passed to _updateCountry can contain countries if
cache.my_address is used to initialize address in BaseTunnelManager init
function, which causes resolve to be called with too many arguments.

In some circumstances, the hello_protocol attribute could get modified
on the wrong peer, which would raise an AttributeError.
On reception of seqno 1 from a peer with protocol < 7, protocol could be
equal to zero which would cause handleHello to not return True, causing
the handshake to fail.

This commit concerns networks that use the --same-country option.
We recently discovered that the IP geolocation database contains
incorrect entries. To work around this, the protocol needs to be
changed by adding the country as 4th field in addresses (the first 3
are: ip, port, protocol) and the new --country option allows a node
to announce a country that differs from the one the GeoIP DB.

Thanks to the previous commits it's possible to implement backward
compatibility, by not sending the 4th field (country) to nodes that
can't parse it. Of course, these old nodes would continue to not
create appropriate tunnels and after a while, the administrator of
the network may decide to increase registry's --min-protocol (7).

In a network with only nodes that implement this last version of the
protocol, the nodes may only use the GeoIP DB to resolve their own IPs.

See merge request !27

There is a need to be able to extend the protocol without breaking
compatibility with old nodes. This is done by sending version.protocol
during inter-node handshake, in seqno 1 and seqno 2, so that a node
knows what version the peers speak and use appropriate format.

This is implemented with partial backward compatibility: handshake with
an old node succeeds when the new node does not have to send seqno 1.

Behaviour changed in commit 5a8e4186.

On machines using systemd, services were not enabled by default.

To reenable RTT-based metric, we usually want to force old nodes
to upgrade, so that they don't always look faster that others.

This reenables RTT-based metric, which
was disabled since we moved to v1.8+.

See commit 5a8e4186.

Commit 40d4e496 is not reverted
because Python 3 will also require to keep the distinction between
blob and text.

This feature was mainly for laptops but users:
- often don't care having the daemon running all the time;
- may not want to use the 'main-interface' option because the interface that
  provides internet access is not always the same, e.g. wifi & wired;
- may want other kinds of conditions,
  e.g. only specific wifi access points.

So in practice, main-interface is currently only use to set up a DHCP server or
provide IPv6 autoconfiguration. For such case, it is preferred to start/stop
re6stnet like a normal service.

This should fix strange bugs after running the demo for a long time,
with certificate renewal happening every few minutes.

The previous commit, which adds --ipv6, has the issue
that it does not check whether given IPs are valid.
Since IPv4 & IPv6 use completely different address
representation, --ip can be used for both.

When re6st attempts to use UPnP and IPv6 is enabled at the same time,
the external IPv4 was published for IPv6 protocols.
For example, machine6 in the demo had:
  10.0.1.3,1194,tcp;10.0.1.3,1194,udp;10.0.1.3,1195,udp6

This caused re6stnet to crash (socket.gaierror) if GEOIP2_MMDB is set.

With this commit, IPv4 & IPv6 are now processed independently.

/reviewed-on !21

/reviewed-on !19

The detection of the attribute `_private` was performed on a string
object representing the name of the method instead of the method itself,
leading to the registry allowing anyone to call private methods.

The purpose is to check that HMAC prevents routes from being exchanged
between the 2 networks. This happened when 2 nodes of 2 different re6st
networks are in the same LAN, and it caused many issues.

/reviewed-on !15

This reverts commit 24fea8cd.

The client up hook is required when IPv4 is not enabled.

HMAC is added in babel call to prevent babel communication between nodes of different re6st networks. 
This solves the problem of machines in different re6st networks but on the same LAN that exchange routes through babel. 
The key used to authenticate packets is randomly created on 16 bytes by the registry and sent to nodes when they fetch network parameters. 
This uses the WIP hmac branch of jech/babeld with Nexedi patches and the added possibility to not check HMAC in incoming packets for better HMAC integration on a HMAC-less network.

/reviewed-on !18