re6stnet.git
3 years agoPROJECT_MOVED -> https://lab.nexedi.com/nexedi/re6stnet master
Kirill Smelkov [Mon, 25 Jan 2016 15:00:53 +0000 (18:00 +0300)]
PROJECT_MOVED -> https://lab.nexedi.com/nexedi/re6stnet

3 years agoFix issues with DH parameters
Julien Muchembled [Mon, 25 Jan 2016 10:36:39 +0000 (11:36 +0100)]
Fix issues with DH parameters

- registry: make --dh mandatory
- node: retry if the registry returns nothing (instead of writing an empty file)

3 years agoregistry: remove incomplete migration code
Julien Muchembled [Thu, 21 Jan 2016 11:06:38 +0000 (12:06 +0100)]
registry: remove incomplete migration code

I forgot the case where 'config' has slightly different schema.
Now, we don't have any old network left to upgrade.

3 years agodebian: "invoke-rc.d re6stnet stop" must not recreate pyc files in prerm
Julien Muchembled [Thu, 21 Jan 2016 11:02:43 +0000 (12:02 +0100)]
debian: "invoke-rc.d re6stnet stop" must not recreate pyc files in prerm

3 years agoupnp: fix hangs with routers that don't have any free port
Julien Muchembled [Wed, 20 Jan 2016 18:02:44 +0000 (19:02 +0100)]
upnp: fix hangs with routers that don't have any free port

3 years agoRevert "ship systemd services for Debian"
Julien Muchembled [Wed, 20 Jan 2016 13:14:27 +0000 (14:14 +0100)]
Revert "ship systemd services for Debian"

The presence of /lib/systemd/system/*.service files masked the fact that the
/etc/init.d/ scripts were enabled, and services were not enabled under
systemd (no symlink in /etc/systemd/system/multi-user.target.wants/).

Reverting commit 4c2284e2aa0e26ccbcb5e788c81afd6447979acc partially is the
easiest way to handle the case of OS upgrade (with a switch to systemd).

3 years agoFix parsing of --registry url with ipv6 host
Julien Muchembled [Wed, 20 Jan 2016 10:05:29 +0000 (11:05 +0100)]
Fix parsing of --registry url with ipv6 host

3 years agoDocument bug causing new version to not be propagated in --client mode
Julien Muchembled [Wed, 13 Jan 2016 17:12:18 +0000 (18:12 +0100)]
Document bug causing new version to not be propagated in --client mode

3 years agoFix install of OpenVPN hooks
Julien Muchembled [Wed, 6 Jan 2016 12:02:01 +0000 (13:02 +0100)]
Fix install of OpenVPN hooks

This fixes a regression caused by commit
  8df410f7744fd35b6584142dec3a15023cb4f6e0

3 years agodist: fix manifest to not include generated manpages
Julien Muchembled [Mon, 4 Jan 2016 02:17:39 +0000 (03:17 +0100)]
dist: fix manifest to not include generated manpages

3 years agodebian: make changelog more "stable"
Julien Muchembled [Wed, 30 Dec 2015 14:03:26 +0000 (15:03 +0100)]
debian: make changelog more "stable"

https://reproducible-builds.org/

3 years agodebian: drop support for Python 2.6
Julien Muchembled [Tue, 29 Dec 2015 15:14:11 +0000 (16:14 +0100)]
debian: drop support for Python 2.6

Anyway, OpenVPN >= 2.3 was already missing on Squeeze, even via backports.

3 years agoUse python2 instead python and fix install for a custom Python interpreter
Julien Muchembled [Tue, 29 Dec 2015 13:03:09 +0000 (14:03 +0100)]
Use python2 instead python and fix install for a custom Python interpreter

3 years agodoc: give examples of command to create key/dh files
Julien Muchembled [Mon, 28 Dec 2015 18:03:43 +0000 (19:03 +0100)]
doc: give examples of command to create key/dh files

3 years agorpm: better systemd integration
Julien Muchembled [Mon, 28 Dec 2015 18:02:31 +0000 (19:02 +0100)]
rpm: better systemd integration

- Suse wants units in /usr/lib/systemd/system
- respect system-preset

3 years agodist: refactoring, ship systemd services for Debian, fix section of re6stnet manpage
Julien Muchembled [Tue, 22 Dec 2015 16:30:13 +0000 (17:30 +0100)]
dist: refactoring, ship systemd services for Debian, fix section of re6stnet manpage

debian/rules is split into reusable parts for SlapOS-based packages.

3 years agodemo: don't show meaningless 'odot' arrows for routes
Julien Muchembled [Wed, 2 Dec 2015 20:32:51 +0000 (21:32 +0100)]
demo: don't show meaningless 'odot' arrows for routes

Unexpectedly, and contrary to 'dot', Graphviz does not draw it with penwidth=0
(without, that of the other side is striked). And anyway, we can just look at
the label to see if there's a route.

3 years agodemo: fix nemu with recent iproute
Julien Muchembled [Wed, 2 Dec 2015 20:23:08 +0000 (21:23 +0100)]
demo: fix nemu with recent iproute

iproute now shows the name of the paired interface for type veth. For example:

  172: NETNSif-476f004@NETNSif-476f003: ...

4 years agoNew upstream release of babeld
Julien Muchembled [Fri, 14 Aug 2015 11:59:26 +0000 (13:59 +0200)]
New upstream release of babeld

4 years agoFix babeld-only setup so that 'lo' only accepts configured ipv4 and not the whole...
Julien Muchembled [Thu, 9 Jul 2015 09:51:44 +0000 (11:51 +0200)]
Fix babeld-only setup so that 'lo' only accepts configured ipv4 and not the whole assigned range

When 10.42.3.1/24 was configured on 'lo', the kernel accepted packets to
any ip of 10.42.3.0/24, instead of only 10.42.3.1

4 years agoAdd support for recent iproute, which now recognizes babel protocol
Julien Muchembled [Thu, 9 Jul 2015 09:51:24 +0000 (11:51 +0200)]
Add support for recent iproute, which now recognizes babel protocol

4 years agoDocument the levels of --verbose option
Julien Muchembled [Wed, 8 Jul 2015 15:34:07 +0000 (17:34 +0200)]
Document the levels of --verbose option

4 years agodist: fix inclusion of ovpn-* scripts for setuptools < 0.6.29
Julien Muchembled [Thu, 11 Jun 2015 16:50:47 +0000 (18:50 +0200)]
dist: fix inclusion of ovpn-* scripts for setuptools < 0.6.29

4 years agodist: use new entry_points['console_scripts'] way to ship scripts
Julien Muchembled [Wed, 10 Jun 2015 13:10:46 +0000 (15:10 +0200)]
dist: use new entry_points['console_scripts'] way to ship scripts

The old distutils way is not compatible with zc.recipe.egg in develop mode,
because egg_info does not provide any information about such scripts.

4 years agodist: fix typo in MANIFEST.in
Julien Muchembled [Wed, 10 Jun 2015 19:13:04 +0000 (21:13 +0200)]
dist: fix typo in MANIFEST.in

4 years agoOpenVPN >= 2.3 is required
Julien Muchembled [Thu, 28 May 2015 15:47:00 +0000 (17:47 +0200)]
OpenVPN >= 2.3 is required

2.2.x branch has a patch[1] that renders tls_serial_* environment variables
in base 16, causing a ValueError exception in ovpn-server hook.

[1] https://github.com/OpenVPN/openvpn/commit/7d5e26cbb53e2700c966e6b6e815f0c824da8956

4 years agoLower again MTU for UDPv4 tunnels
Julien Muchembled [Mon, 27 Apr 2015 15:29:59 +0000 (17:29 +0200)]
Lower again MTU for UDPv4 tunnels

4 years agodoc: update 'Troubleshooting' section
Julien Muchembled [Thu, 16 Apr 2015 17:45:28 +0000 (19:45 +0200)]
doc: update 'Troubleshooting' section

It doesn't matter anymore if there are many off nodes, because the registry
only queries the addresses of nodes that are in the routing table.

4 years agodoc: update 'Setting a new network' howto
Julien Muchembled [Thu, 16 Apr 2015 14:47:40 +0000 (16:47 +0200)]
doc: update 'Setting a new network' howto

4 years agoNew upstream release of babeld
Julien Muchembled [Tue, 14 Apr 2015 14:51:18 +0000 (16:51 +0200)]
New upstream release of babeld

4 years agoRemove assert that was only there to debug the demo
Julien Muchembled [Tue, 14 Apr 2015 14:18:59 +0000 (16:18 +0200)]
Remove assert that was only there to debug the demo

4 years agoComment the method selecting the tunnel to kill
Julien Muchembled [Fri, 10 Apr 2015 14:37:21 +0000 (16:37 +0200)]
Comment the method selecting the tunnel to kill

4 years agoChange egg versioning scheme to comply with PEP 440
Rafael Monnerat [Thu, 9 Apr 2015 12:53:47 +0000 (14:53 +0200)]
Change egg versioning scheme to comply with PEP 440

4 years agoIncrease strength of hashes used for certificate signing
Julien Muchembled [Thu, 9 Apr 2015 10:06:57 +0000 (12:06 +0200)]
Increase strength of hashes used for certificate signing

This does not increase of any packet because the size of certificate signature
only depends on the size of the certificate key.

With 512-bit hashes, it's still possible to use RSA keys as small as 768 bits.

4 years agoBackward compatibility for Python 2.6
Julien Muchembled [Wed, 8 Apr 2015 09:44:40 +0000 (11:44 +0200)]
Backward compatibility for Python 2.6

4 years agoAdd support for ipv4 payload
Julien Muchembled [Tue, 7 Apr 2015 15:18:04 +0000 (17:18 +0200)]
Add support for ipv4 payload

There is no plan for a default ipv4 route.

4 years agodemo: show default route on the route graph
Julien Muchembled [Tue, 7 Apr 2015 16:34:58 +0000 (18:34 +0200)]
demo: show default route on the route graph

This is useful because the default one is not always the same as the route
to the registry.

Before, arrows were filled dot. Now only the default one is filled.

4 years agoOur fork of Babeld can now override RTA_(PREF)SRC locally
Julien Muchembled [Tue, 7 Apr 2015 15:17:55 +0000 (17:17 +0200)]
Our fork of Babeld can now override RTA_(PREF)SRC locally

This simplify network configuration a lot, and on recent kernels, this fixes
wrong source address for extra interfaces that already have a public IP.

4 years agodemo: duplicate code from Nemu for future monkey-patching
Julien Muchembled [Mon, 30 Mar 2015 15:19:08 +0000 (17:19 +0200)]
demo: duplicate code from Nemu for future monkey-patching

4 years agoStop specifying a rxcost for old nodes since there's none left with the new protocol
Julien Muchembled [Fri, 3 Apr 2015 16:16:09 +0000 (18:16 +0200)]
Stop specifying a rxcost for old nodes since there's none left with the new protocol

4 years agore6st-conf: generate private key compatible with the network
Julien Muchembled [Fri, 27 Mar 2015 18:23:40 +0000 (19:23 +0100)]
re6st-conf: generate private key compatible with the network

4 years agoBy default, get DH parameters from the registry instead of requiring each node to...
Julien Muchembled [Sat, 7 Mar 2015 16:51:14 +0000 (17:51 +0100)]
By default, get DH parameters from the registry instead of requiring each node to generate them

Generating them takes a lot of time and there's no reason to do this by default.
We keep --dh option in 're6stnet' to not break existing configuration.

4 years agoCertificate revocation, with broadcast of CRL
Julien Muchembled [Fri, 6 Mar 2015 18:39:40 +0000 (19:39 +0100)]
Certificate revocation, with broadcast of CRL

4 years agoMove runtime files to a subdirectory and simplify command-line options
Julien Muchembled [Fri, 27 Feb 2015 12:00:22 +0000 (13:00 +0100)]
Move runtime files to a subdirectory and simplify command-line options

We consider using sockets to communicate with OpenVPN, via --management option.

4 years agoSome network option should be the same everywhere so move them to the registry
Julien Muchembled [Thu, 26 Feb 2015 00:28:29 +0000 (01:28 +0100)]
Some network option should be the same everywhere so move them to the registry

4 years agoAdd a way to define network parameters in the registry and propagate them efficiently
Julien Muchembled [Thu, 26 Feb 2015 00:31:34 +0000 (01:31 +0100)]
Add a way to define network parameters in the registry and propagate them efficiently

4 years agoNetwork parameters will be also cached so rename a few things
Julien Muchembled [Tue, 24 Feb 2015 19:47:37 +0000 (20:47 +0100)]
Network parameters will be also cached so rename a few things

db.py -> cache.py
PeerDB -> Cache
peers.db -> cache.db

4 years agoGenerate certificates with 2 serials for future needs (crl & ivp4)
Julien Muchembled [Thu, 19 Feb 2015 13:24:13 +0000 (14:24 +0100)]
Generate certificates with 2 serials for future needs (crl & ivp4)

And automatic renewal of existing certificates.

4 years agoRemove type specifier on config.value column
Julien Muchembled [Thu, 19 Feb 2015 13:00:49 +0000 (14:00 +0100)]
Remove type specifier on config.value column

For the registry at least, we'll want to store integers
without having to convert to/from strings.

To upgrade 'registry.db':
- dump it to a file
- fix create table statements
- load it

Nodes will restart with an empty cache.

4 years agoForget peers whose certificate expires
Julien Muchembled [Tue, 17 Feb 2015 13:49:17 +0000 (14:49 +0100)]
Forget peers whose certificate expires

4 years agoNew protocol between nodes with authentication
Julien Muchembled [Tue, 24 Feb 2015 17:50:16 +0000 (18:50 +0100)]
New protocol between nodes with authentication

4 years agore6st-conf: new --fingerprint option
Julien Muchembled [Tue, 24 Feb 2015 17:50:41 +0000 (18:50 +0100)]
re6st-conf: new --fingerprint option

4 years agoMake --client & --client-count=0 modes process UDP/326 messages
Julien Muchembled [Mon, 16 Feb 2015 19:34:56 +0000 (20:34 +0100)]
Make --client & --client-count=0 modes process UDP/326 messages

These modes are partly unified with the normal one by splitting TunnelManager.

4 years agore6stnet: verify certificate with CA at startup
Julien Muchembled [Thu, 5 Feb 2015 14:37:56 +0000 (15:37 +0100)]
re6stnet: verify certificate with CA at startup

4 years agorefactoring: move crypto code to a new file
Julien Muchembled [Thu, 5 Feb 2015 14:36:58 +0000 (15:36 +0100)]
refactoring: move crypto code to a new file

4 years agoUpdate TODO
Julien Muchembled [Tue, 24 Feb 2015 18:25:38 +0000 (19:25 +0100)]
Update TODO

4 years agodemo: abort quickly if there's an obvious error
Julien Muchembled [Thu, 19 Feb 2015 10:00:39 +0000 (11:00 +0100)]
demo: abort quickly if there's an obvious error

4 years agodemo: generate certs that expire quickly to check renewal
Julien Muchembled [Tue, 17 Feb 2015 15:45:22 +0000 (16:45 +0100)]
demo: generate certs that expire quickly to check renewal

4 years agodemo: add wrapper to easily monkey-patch re6st
Julien Muchembled [Tue, 17 Feb 2015 15:28:06 +0000 (16:28 +0100)]
demo: add wrapper to easily monkey-patch re6st

Also:
- use '/usr/bin/env python' to easily use a Python interpreter different than
  /usr/bin/python
- demo must be run by root so "dont_write_bytecode" to avoid having *.pyc files
  owned by root in the working copy

4 years agodemo: print executed command when re6stnet crashes
Julien Muchembled [Sat, 14 Feb 2015 19:54:10 +0000 (20:54 +0100)]
demo: print executed command when re6stnet crashes

This is then easier to restart it manually.

4 years agoregistry: increase/fix timeouts for requests done by getBootstrapPeer/topology RPC
Julien Muchembled [Fri, 13 Feb 2015 13:39:09 +0000 (14:39 +0100)]
registry: increase/fix timeouts for requests done by getBootstrapPeer/topology RPC

4 years agoLimit number of client tunnels if NAT is not configured properly
Julien Muchembled [Mon, 2 Feb 2015 19:30:34 +0000 (20:30 +0100)]
Limit number of client tunnels if NAT is not configured properly

If too many nodes create client tunnels without serving any, working servers
saturate and the network collapses.

4 years agoUPnP: randomize external port
Julien Muchembled [Mon, 2 Feb 2015 17:19:23 +0000 (18:19 +0100)]
UPnP: randomize external port

Some routers are so broken that UPnP NAT don't report ConflictInMappingEntry
when redirecting the same port several times.

Here is for example what we had with a Numericable Box (France):

0 (1024, 'TCP', ('192.168.0.29', 1194), 're6stnet openvpn server (1194/tcp)', '1', '', 0)
1 (1024, 'TCP', ('192.168.0.16', 1194), 're6stnet openvpn server (1194/tcp)', '1', '', 0)
2 (1024, 'TCP', ('192.168.0.33', 1194), 're6stnet openvpn server (1194/tcp)', '1', '', 0)
3 (1024, 'TCP', ('192.168.0.20', 1194), 're6stnet openvpn server (1194/tcp)', '1', '', 0)
('192.168.0.29', 1194, 're6stnet openvpn server (1194/tcp)', True, 0)

Obviously, this can't work.

It seems that this router also accepts a limited number of NAT rules, far less
than we'd like, so even if there's still a probability of conflict with this
commit, it will be good enough for our use.

4 years agologging: higher severity for UDP errors other than ENETUNREACH
Julien Muchembled [Tue, 30 Dec 2014 11:11:08 +0000 (12:11 +0100)]
logging: higher severity for UDP errors other than ENETUNREACH

ENETUNREACH is the only error I've ever seen since the beginning of the project.

4 years agoReread routing table when a established tunnel breaks
Julien Muchembled [Mon, 29 Dec 2014 21:14:55 +0000 (22:14 +0100)]
Reread routing table when a established tunnel breaks

The main reason is to speed up recovery from temporary network cut:
- by not wasting time trying remaining distant peers that were collected during
  the last read of the routing table.
- by not blacklisting good peers, which would happen if too many of them were
  retried before network is back

4 years agoDo not send TERM signal to a process that has already been waited on
Julien Muchembled [Thu, 11 Dec 2014 21:28:55 +0000 (22:28 +0100)]
Do not send TERM signal to a process that has already been waited on

4 years agoRotate babeld log
Julien Muchembled [Fri, 26 Dec 2014 14:14:48 +0000 (15:14 +0100)]
Rotate babeld log

4 years agoFaster recovery of registry node (e.g. restart or temporary network cut)
Julien Muchembled [Mon, 22 Dec 2014 00:14:57 +0000 (01:14 +0100)]
Faster recovery of registry node (e.g. restart or temporary network cut)

4 years agoWhen logging that a tunnel broke, format prefix in CN format (base10/len10) instead...
Julien Muchembled [Sun, 21 Dec 2014 15:40:25 +0000 (16:40 +0100)]
When logging that a tunnel broke, format prefix in CN format (base10/len10) instead of base2

For consistency with other log messages.

4 years agoLog when the destruction of a tunnel is aborted
Julien Muchembled [Fri, 19 Dec 2014 19:33:00 +0000 (20:33 +0100)]
Log when the destruction of a tunnel is aborted

4 years agoDo not hardcode executable path in re6st-registry.service
Julien Muchembled [Thu, 18 Dec 2014 16:57:15 +0000 (17:57 +0100)]
Do not hardcode executable path in re6st-registry.service

To be consistent with re6stnet.service

4 years agoAdd 2 new experimental commands: re6st-cn & re6st-geo
Julien Muchembled [Thu, 18 Dec 2014 16:30:31 +0000 (17:30 +0100)]
Add 2 new experimental commands: re6st-cn & re6st-geo

4 years agoOn exit, stop babeld first to give a change to send wildcard retractions
Julien Muchembled [Thu, 18 Dec 2014 14:07:39 +0000 (15:07 +0100)]
On exit, stop babeld first to give a change to send wildcard retractions

4 years agoSend User-Agent header when querying the registry
Julien Muchembled [Thu, 18 Dec 2014 14:00:16 +0000 (15:00 +0100)]
Send User-Agent header when querying the registry

4 years agoregistry: increase grace period when cleaning old certs
Julien Muchembled [Wed, 17 Dec 2014 16:33:39 +0000 (17:33 +0100)]
registry: increase grace period when cleaning old certs

4 years agoregistry: fix security of some RPC when serving behind proxy
Julien Muchembled [Wed, 17 Dec 2014 16:03:20 +0000 (17:03 +0100)]
registry: fix security of some RPC when serving behind proxy

4 years agoregistry: document that workaround is only useful for old Python
Julien Muchembled [Wed, 17 Dec 2014 15:55:58 +0000 (16:55 +0100)]
registry: document that workaround is only useful for old Python

4 years agoFix creation of tunnel ignoring routing table updates until all peers are tried
Julien Muchembled [Fri, 14 Nov 2014 14:33:36 +0000 (15:33 +0100)]
Fix creation of tunnel ignoring routing table updates until all peers are tried

4 years agoLower MTU for UDPv4 tunnels behind SFR ADSL (France)
Julien Muchembled [Mon, 3 Nov 2014 13:42:12 +0000 (14:42 +0100)]
Lower MTU for UDPv4 tunnels behind SFR ADSL (France)

4 years agoregistry: fix stuck requests leading to "Too many open files" errors
Julien Muchembled [Mon, 3 Nov 2014 13:40:57 +0000 (14:40 +0100)]
registry: fix stuck requests leading to "Too many open files" errors

4 years agoFix startup from working copy when Git is too old
Julien Muchembled [Thu, 23 Oct 2014 15:48:47 +0000 (17:48 +0200)]
Fix startup from working copy when Git is too old

4 years agoregistry: do not retry/wait forever if something goes wrong with babeld
Julien Muchembled [Wed, 22 Oct 2014 09:08:35 +0000 (11:08 +0200)]
registry: do not retry/wait forever if something goes wrong with babeld

babeld could be in bad state, or it could be incompatible (too old or too new).

4 years agoregistry: new RPC to get versions of all running nodes
Julien Muchembled [Tue, 21 Oct 2014 18:19:37 +0000 (20:19 +0200)]
registry: new RPC to get versions of all running nodes

4 years agoregistry: fix use of socket connection to babeld
Julien Muchembled [Tue, 21 Oct 2014 18:19:26 +0000 (20:19 +0200)]
registry: fix use of socket connection to babeld

- getBootstrapPeer was stuck as long as there was no other request being served
- registry crashed when re6stnet is stopped

4 years agoFix code of message sending back the version
Julien Muchembled [Tue, 21 Oct 2014 14:34:59 +0000 (16:34 +0200)]
Fix code of message sending back the version

Code 4 was reused by mistake for 'kill' messages.

4 years agoFix typo in RPM spec
Julien Muchembled [Mon, 20 Oct 2014 13:58:00 +0000 (15:58 +0200)]
Fix typo in RPM spec

4 years agobabeld with new control socket is required
Julien Muchembled [Thu, 16 Oct 2014 16:38:40 +0000 (18:38 +0200)]
babeld with new control socket is required

4 years agoDo not delete a tunnel if there are still routes through it
Cédric Le Ninivin [Tue, 16 Sep 2014 16:32:03 +0000 (18:32 +0200)]
Do not delete a tunnel if there are still routes through it

Co-authored-by: Julien Muchembled <jm@nexedi.com>
4 years agoUse new control socket of babeld to get routes
Julien Muchembled [Tue, 9 Sep 2014 16:11:33 +0000 (18:11 +0200)]
Use new control socket of babeld to get routes

4 years agoAdd support for writeable selectable objects
Julien Muchembled [Thu, 9 Oct 2014 13:04:55 +0000 (15:04 +0200)]
Add support for writeable selectable objects

4 years agoReview API between the main loop and the various select-able objects
Julien Muchembled [Fri, 12 Sep 2014 17:50:01 +0000 (19:50 +0200)]
Review API between the main loop and the various select-able objects

4 years agoregistry: whitelist RPCs rather than blacklist methods to not publish
Julien Muchembled [Wed, 8 Oct 2014 17:27:57 +0000 (19:27 +0200)]
registry: whitelist RPCs rather than blacklist methods to not publish

Here, it's simpler and safer. We will also want to have private methods that
don't start with an underscore.

4 years agoregistry: fix condition to decide when to refresh list of peers
Julien Muchembled [Thu, 9 Oct 2014 13:47:42 +0000 (15:47 +0200)]
registry: fix condition to decide when to refresh list of peers

4 years agodemo: fix command to start recent versions of miniupnpd
Julien Muchembled [Mon, 6 Oct 2014 15:17:51 +0000 (17:17 +0200)]
demo: fix command to start recent versions of miniupnpd

5 years agoTODO & code documentation
Julien Muchembled [Wed, 3 Sep 2014 16:03:05 +0000 (18:03 +0200)]
TODO & code documentation

5 years agoNew version of babeld: 1.5.1
Julien Muchembled [Tue, 2 Sep 2014 15:09:30 +0000 (17:09 +0200)]
New version of babeld: 1.5.1

5 years agoregistry: delete unused accounts and old tokens automatically
Julien Muchembled [Sat, 23 Aug 2014 19:33:05 +0000 (21:33 +0200)]
registry: delete unused accounts and old tokens automatically

Certificates are deleted 30 days after they get invalid,
so that unused prefixes can be reallocated.

5 years agoDo not fail on unexpected 'route_up' notifications from OpenVPN clients
Julien Muchembled [Wed, 20 Aug 2014 12:07:29 +0000 (14:07 +0200)]
Do not fail on unexpected 'route_up' notifications from OpenVPN clients

This fixes the following error:

  TypeError: unsupported operand type(s) for -: 'NoneType' and 'int'
  Traceback (most recent call last):
    File "/usr/sbin/re6stnet", line 438, in main
      tunnel_manager.handleTunnelEvent(read_pipe.readline())
    File "/usr/lib/python2.7/dist-packages/re6st/tunnel.py", line 389, in handleTunnelEvent
      m(*args)
    File "/usr/lib/python2.7/dist-packages/re6st/tunnel.py", line 412, in _ovpn_route_up
      self._connection_dict[prefix].connected()
    File "/usr/lib/python2.7/dist-packages/re6st/tunnel.py", line 76, in connected
      i = self._retry - 1

What happened is probably that a route_up notification was received just before
killing/recreating the connection for the same node, and then process twice
the same OpenVPN notification: in this case, the first was for a previous
connection and should have been ignored.

5 years agoregistry: fix permission of 'topology' RPC
Julien Muchembled [Thu, 31 Jul 2014 15:36:44 +0000 (17:36 +0200)]
registry: fix permission of 'topology' RPC

5 years agoFix typos in README
Julien Muchembled [Thu, 31 Jul 2014 14:06:49 +0000 (16:06 +0200)]
Fix typos in README