zerotier/ZeroTierOne
0
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2026-05-22 16:20:28 -07:00
Code Issues Packages Projects Releases Wiki Activity
5,724 Commits 15 Branches 106 Tags
c492bf7eea9311279ccece417f51ab2bde8716bd
Commit Graph

235 Commits

Author SHA1 Message Date
Adam Ierymenko c492bf7eea Forgot to send error on v0 auth expiry. 2022-04-18 16:36:09 -04:00
Adam Ierymenko cb086ff97f Simplify SSO logic. SSO should just normally expire when it expires. No full deauth needed. Deauth is for really giving someone the boot. 2022-04-18 16:32:05 -04:00
Adam Ierymenko 55a99f34d0 Tighten certificate window and deprecate sending of revocations for ordinary SSO timeouts. Revocations should only be for deliberate deauth to kick people off networks. Cert window should now stay within refresh window for SSO so normal cert expiration should handle it just fine. 2022-04-15 14:23:26 -04:00
Adam Ierymenko 58119598ae comment out some new deauth code 2022-04-13 23:10:11 -04:00
Adam Ierymenko 42a2afaef9 This may improve controller behavior with SSO and mixed SSO, needs testing! 2022-04-13 21:39:56 -04:00
Grant Limberg b3fbbd3124 refresh tokens now working 
Still investigating the best way to do a couple things, but we have something working
 2021-12-07 16:29:50 -08:00
Grant Limberg 7cce23ae79 wip 2021-12-01 10:44:29 -08:00
Grant Limberg a33d7c64fe more fixin 2021-11-30 17:27:13 -08:00
Grant Limberg fa21fdc1cc rename stuff for clarity 
authenticationURL will still be used by the client for v1 and v2 of sso
 2021-11-11 16:19:26 -08:00
Grant Limberg 43433cdb5a integrate rust build of zeroidc to linux 2021-11-04 17:16:23 -07:00
Grant Limberg 8d39c9a861 plumbing full flow from controller -> client network 2021-11-04 15:40:08 -07:00
Adam Ierymenko 134d33c218 Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring. 2021-09-20 15:40:55 -07:00
Grant Limberg 20721491e8 kill some noisy logs 2021-08-19 13:03:56 -07:00
Grant Limberg 9eae444104 kill some verbose logs 2021-08-19 09:21:52 -07:00
Adam Ierymenko 576b4f03a5 Adjust deauth time window and send revocation when SSO members expire. 2021-08-18 12:17:40 -04:00
Adam Ierymenko 461810b06a Move return so record gets created before URL. 2021-08-10 11:22:29 -04:00
Grant Limberg 613d7b5ece fix backwards logic 2021-08-04 09:16:04 -07:00
Adam Ierymenko 663e748b8d Deauth expiring members right away. 2021-07-26 23:45:18 -04:00
Adam Ierymenko 0cf62d334d Remove pointless check. 2021-07-26 13:38:35 -04:00
Adam Ierymenko 0310bfa3e3 Include authentication URL in config 2021-07-23 19:17:42 -04:00
Adam Ierymenko efe0e8aa7b Notification of about-to-expire status... almost there. 2021-07-23 19:05:59 -04:00
Adam Ierymenko 5c7e51feaf Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2021-07-23 18:49:05 -04:00
Adam Ierymenko 34de579c91 Handling of soon-to-expire members 2021-07-23 18:49:00 -04:00
Grant Limberg 10215af96d whoops 2021-07-06 13:18:08 -07:00
Grant Limberg e67fee0264 debug logging 2021-07-06 13:08:21 -07:00