Wade Simmons
065e2ff88a
update golang.org/x/crypto ( #188 )
...
This version contains a fix for CVE-2020-9283, a remote crash bug:
- https://groups.google.com/forum/#!msg/golang-announce/3L45YRc91SY/ywEPcKLnGQAJ
2020-02-20 14:49:55 -05:00
Nathan Brown
45a5de2719
Print the udp listen address on startup ( #181 )
2020-02-06 21:17:43 -08:00
Wade Simmons
2d24ef7166
validate lighthouses and static hosts are in our subnet ( #170 )
...
Validate all lighthouse.hosts and static_host_map VPN IPs are in the
subnet defined in our cert. Exit with a fatal error if they are not in
our subnet, as this is an invalid configuration (we will not have the
proper routes set up to communicate with these hosts).
This error case could occur for the following invalid example:
nebula-cert sign -name "lighthouse" -ip "10.0.1.1/24"
nebula-cert sign -name "host" -ip "10.0.2.1/24"
config.yaml:
static_host_map:
"10.0.1.1": ["lighthouse.local:4242"]
lighthouse:
hosts:
- "10.0.1.1"
We will now return a fatal error for this config, since `10.0.1.1` is
not in the host cert's subnet of `10.0.2.1/24`
2020-01-20 15:52:55 -05:00
Wade Simmons
13941aa723
Prepare for 1.1.0 release. ( #167 )
...
Update the changelog to mark today as the release day for 1.1.0.
2020-01-17 12:29:42 -05:00
Wade Simmons
672edcaf73
add CHANGELOG.md ( #166 )
...
This is the initial creation of a CHANGELOG. When we are ready to cut
a release we can change the version at the top and update the links at
the bottom.
2020-01-17 09:23:54 -05:00
Ryan Huber
25bf80d8d3
add new invite link without expiration date ( #165 )
...
merging because link doesn't work rn and this is not a code change.
2020-01-16 10:09:45 -06:00
Alan Lam
5c126cd42b
conform to new build format for vagrant ( #153 )
...
* conform to new build format for vagrant
2020-01-08 11:32:28 -08:00
Ryan Huber
91f7b9c049
Update README.md
...
fix readme
2020-01-07 12:40:25 -06:00
Stephan
1592da921d
fix(nebula-cert): flag duration is optional, so reflect this is the cli help ( #117 )
...
* fix: nebula-cert duration is optional, so reflect this is the cli help
nebula-cert sign defaults the duration flag to 1 second before the CA expires, so it is not required to be provided.
* tests: Fix test for duration flag help message
* nebula-cert: add duration default value hint
2020-01-06 10:51:29 -08:00
Chad Harp
4e0da13180
Support unsafe_routes on Darwin ( #139 )
...
* Support unsafe_routes on darwin
* fix formatting in tun_darwin.go (spaces to tabs)
2020-01-06 10:09:56 -08:00
Gábor Lipták
e9b0498b21
Correct typo ( #150 )
2020-01-06 09:14:11 -08:00
Chad Harp
efe741ad66
Allow ValidateLHStaticEntries to check all static host map entries ( #141 )
...
* Allow ValidateLHStaticEntries to check all static host map entries
* Cleaner fix for ValidateLHStaticEntries
2020-01-02 21:04:18 -05:00
Ryan Huber
fd8ad5d0d7
Merge pull request #133 from slackhq/interval_zero_check
...
if interval is 0 don't even update lh (mobile use case)
2019-12-26 15:57:01 -06:00
Ryan Huber
df8e45c13b
if interval is 0 don't even update lh (mobile use case)
2019-12-26 21:12:31 +00:00
Wade Simmons
0eb5ce6b41
better windows targets in Makefile ( #125 )
...
This restores `make bin-windows` and also adds `make
build/nebula-windows-amd64.zip` to build the zip file.
Co-authored-by: Ryan Huber <rhuber@gmail.com>
2019-12-21 09:31:48 -05:00
Wade Simmons
8ed8419584
GitHub Action: add release script ( #124 )
...
This script will be triggered by any tag starting with `v[0-9]+.[0-9]+.[0-9]+` (i.e.
v1.1.0). It will create all of the .tar.gz files (or .zip for windows). The amd64 binaries will be
compiled on their target systems, the rest of the Linux architecures
will be cross compiled from the Linux amd64 host.
A SHASUM256.txt will also be generated and attached to the release.
2019-12-21 01:15:41 -05:00
Wade Simmons
e728b81573
Merge pull request #122 from slackhq/better-makefile
...
Makefile improvements
2019-12-20 14:15:58 -05:00
Wade Simmons
4c1725772b
make arm builds specific
2019-12-20 14:08:18 -05:00
Wade Simmons
f6aabf14a6
fix whitespace
2019-12-20 13:55:15 -05:00
Wade Simmons
bc7b3895f9
Makefile improvements
...
Simplify the makefile by using implicit rules. The new structure for the
build directory when using `make all` or `make release` is:
build/$GOOS-$GOARCH-$GOARM/nebula
(The GOARM part is optional, and only used for linux-arm-6)
So, releases end up like `nebula-linux-amd64.tar.gz` or
`nebula-linux-arm-6.tar.gz`
This change also adds `-trimpath` to the build, to make the pathnames
more generic in our releases.
2019-12-20 13:48:41 -05:00
Nathan Brown
fe8a71ed59
Merge pull request #121 from slackhq/txq-err
...
Make linux tx queue length an error log instead of a fatal on error
2019-12-20 09:21:46 -08:00
Nate Brown
9db16d226c
Make linux tx queue length an error log instead of a fatal on error
2019-12-20 09:10:26 -08:00
Ryan Huber
fe58cedd2e
Merge pull request #120 from slackhq/add_slack_link
...
add invitation link to readme
2019-12-20 08:33:38 -08:00
Ryan Huber
7ee692663d
add invitation link to readme
2019-12-20 16:28:17 +00:00
Nathan Brown
e465b13045
Merge pull request #113 from slackhq/fw-ca
...
Fixes the issues with caSha and caName
2019-12-19 09:06:50 -08:00
Nate Brown
2d8a8143de
Actual fix for the real issue with tests
2019-12-18 21:23:59 -08:00
Nathan Brown
b39fab3043
Merge pull request #114 from slackhq/mtu-optional
...
Move tun mtu failing to an error log instead of fatal
2019-12-18 16:57:40 -08:00
Nate Brown
55525654a8
Move tun mtu failing to an error log instead of fatal
2019-12-18 16:51:59 -08:00
Nate Brown
4e378fdb5b
Add test for current bug in master, reduce log output in test
2019-12-18 11:06:51 -08:00
Nate Brown
99cac0da55
Remove println
2019-12-17 23:48:33 -08:00
Nate Brown
c359a5cf71
Correct example config doc
2019-12-17 23:43:10 -08:00
Nate Brown
56657065e0
Fix ca* checks
2019-12-17 23:36:12 -08:00
Nathan Brown
8e6b72516b
Merge pull request #107 from slackhq/ca-ip
...
Support extra root assertions in `cert.Verify`
2019-12-17 19:09:52 -08:00
Nate Brown
328db6bb82
Root constraint usage and support in nebula-cert
2019-12-17 17:59:21 -08:00
Nate Brown
0dc9aafa14
Support root subnet asserts
2019-12-17 17:10:46 -08:00
Nate Brown
98d92ee4cf
Support root IP assertions in cert.Verify
2019-12-17 17:06:13 -08:00
Wade Simmons
8b2ee5cf34
Merge pull request #99 from slackhq/update-deps-2019-12
...
Update dependencies, December 2019
2019-12-17 13:29:21 -05:00
Wade Simmons
3978664083
Merge pull request #100 from slackhq/smoke-test
...
Github Actions: Smoke test
2019-12-17 13:14:47 -05:00
Wade Simmons
0d1da7579e
Merge pull request #106 from slackhq/fix-listen-host
...
fix listen.host
2019-12-17 12:11:13 -05:00
Wade Simmons
5350b9ef6f
fix listen.host
...
We were parsing listen.host, but not actually using it in the `bind`
call, so we were always binding to `0.0.0.0`.
2019-12-17 11:46:48 -05:00
Ryan Huber
2c8b0ec7b1
Merge pull request #105 from slackhq/fix_lighthouse_check
...
should be break not continue
2019-12-17 09:18:57 -06:00
Ryan Huber
5d0d916fc9
should be break not continue
2019-12-17 14:43:01 +00:00
Wade Simmons
c321e40d24
generate the smoke config files
2019-12-17 08:38:59 -05:00
Wade Simmons
73c6d555b5
Github Actions: Smoke test
...
This change adds a new Github Action, a 3 node smoke test. It starts
three docker containers (one lighthouse and two standard nodes) and
tests that they can all ping each other. This should hopefully detect
any basic runtime failures in PRs.
2019-12-17 00:17:25 -05:00
Wade Simmons
bdb442b970
Update dependencies, December 2019
...
Links to the diffs below, of note is this fix for `water` which might fix some
Windows issues:
- https://github.com/songgao/water/pull/70
*Direct Dependencies*
Updated github.com/golang/protobuf https://github.com/golang/protobuf/compare/v1.3.1...v1.3.2
Updated github.com/imdario/mergo https://github.com/imdario/mergo/compare/v0.3.7...v0.3.8
Updated github.com/miekg/dns https://github.com/miekg/dns/compare/v1.1.12...v1.1.25
Updated github.com/prometheus/client_golang https://github.com/prometheus/client_golang/compare/v0.9.3...v1.2.1
Updated github.com/rcrowley/go-metrics 3113b8401b...cac0b30c25
Updated github.com/songgao/water 6ad6edefb1...fd331bda3f
Updated github.com/stretchr/testify https://github.com/stretchr/testify/compare/v1.3.0...v1.4.0
Updated golang.org/x/crypto 22d7a77e9e...e9b2fee464
Updated golang.org/x/net f3200d17e0...c0dbc17a35
Updated golang.org/x/sys dbbf3f1254...ac6580df44
Updated gopkg.in/yaml.v2 v2.2.2...v2.2.7
*Indirect Dependencies*
Updated github.com/alecthomas/template a0175ee3bc...fb15b899a7
Updated github.com/alecthomas/units 2efee857e7...c3de453c63
Updated github.com/beorn7/perks https://github.com/beorn7/perks/compare/v1.0.0...v1.0.1
Updated github.com/cespare/xxhash https://github.com/cespare/xxhash/compare/v1.1.0...v2.1.1
Updated github.com/go-kit/kit https://github.com/go-kit/kit/compare/v0.8.0...v0.9.0
Updated github.com/pkg/errors https://github.com/pkg/errors/compare/v0.8.0...v0.8.1
Updated github.com/prometheus/client_model fd36f4220a...d1d2010b5b
Updated github.com/prometheus/common https://github.com/prometheus/common/compare/v0.4.1...v0.7.0
Updated github.com/prometheus/procfs https://github.com/prometheus/procfs/compare/a7aeb8df3389...v0.0.8
Updated github.com/vishvananda/netns https://github.com/vishvananda/netns/compare/13995c7128cc...0a2b9b5464df
Updated golang.org/x/sync https://github.com/golang/sync/compare/112230192c58...cd5d95a43a6e
Updated golang.org/x/text https://github.com/golang/text/compare/v0.3.0...v0.3.2
Added github.com/google/go-cmp https://github.com/google/go-cmp/tree/v0.3.1
Added github.com/google/gofuzz https://github.com/google/gofuzz/tree/v1.0.0
Added github.com/json-iterator/go https://github.com/json-iterator/go/tree/v1.1.7
Added github.com/modern-go/concurrent https://github.com/modern-go/concurrent/tree/bacd9c7ef1dd
Added github.com/modern-go/reflect2 https://github.com/modern-go/reflect2/tree/v1.0.1
Added golang.org/x/tools https://github.com/golang/tools/tree/2ca718005c18
Added golang.org/x/xerrors https://github.com/golang/xerrors/tree/a985d3407aa7
Removed github.com/OneOfOne/xxhash https://github.com/OneOfOne/xxhash/tree/v1.2.2
Removed github.com/dgryski/go-sip13 https://github.com/dgryski/go-sip13/tree/e10d5fee7954
Removed github.com/oklog/ulid https://github.com/oklog/ulid/tree/v1.3.1
Removed github.com/prometheus/tsdb https://github.com/prometheus/tsdb/tree/v0.7.1
Removed github.com/spaolacci/murmur3 https://github.com/spaolacci/murmur3/tree/f09979ecbc72
2019-12-16 15:49:31 -05:00
Ryan Huber
a680ac29f5
Merge pull request #98 from slackhq/warn_not_error
...
make this a warning, even though i believe it is fundamentally an error (in judgement)
2019-12-13 16:03:36 -06:00
Ryan Huber
ad7079d370
make this a warning, even though i believe it is fundamentally an error
...
(in judgement)
2019-12-13 21:55:01 +00:00
Nathan Brown
8b029e7907
Merge pull request #97 from slackhq/fw-group
...
Detect group array usage and try to be kind
2019-12-13 13:51:09 -08:00
Nate Brown
a9c93da8cb
Detect group array usage and try to be kind
2019-12-13 13:46:42 -08:00
Ryan Huber
6a37b26f9a
Merge pull request #94 from infinytum/patch-1
...
Fix for Issue #90
2019-12-13 10:42:59 -06:00