John Maguire
a56a97e5c3
Add ability to encrypt CA private key at rest ( #386 )
...
Fixes #8 .
`nebula-cert ca` now supports encrypting the CA's private key with a
passphrase. Pass `-encrypt` in order to be prompted for a passphrase.
Encryption is performed using AES-256-GCM and Argon2id for KDF. KDF
parameters default to RFC recommendations, but can be overridden via CLI
flags `-argon-memory`, `-argon-parallelism`, and `-argon-iterations`.
2023-04-03 13:59:38 -04:00
Wade Simmons
61b784d2bb
Update dependencies 2023-03 ( #824 )
...
List of dependency updates that appear in the final binaries (other are
only used in tests, or don't actually get used by the modules we import):
Updated github.com/cespare/xxhash https://github.com/cespare/xxhash/compare/v2.1.2...v2.2.0
Updated github.com/golang/protobuf https://github.com/golang/protobuf/compare/v1.5.2...v1.5.3
Updated github.com/miekg/dns https://github.com/miekg/dns/compare/v1.1.50...v1.1.52
Updated github.com/prometheus/common https://github.com/prometheus/common/compare/v0.37.0...v0.42.0
Updated github.com/prometheus/procfs https://github.com/prometheus/procfs/compare/v0.8.0...v0.9.0
Updated github.com/vishvananda/netns https://github.com/vishvananda/netns/compare/v0.0.1...v0.0.4
Updated golang.org/x/crypto https://github.com/golang/crypto/compare/v0.3.0...v0.7.0
Updated golang.org/x/net https://github.com/golang/net/compare/v0.2.0...v0.8.0
Updated golang.org/x/sys https://github.com/golang/sys/compare/v0.2.0...v0.6.0
Updated golang.org/x/term https://github.com/golang/term/compare/v0.2.0...v0.6.0
Updated golang.zx2c4.com/wintun 415007cec224...0fa3db229ce2
Updated google.golang.org/protobuf v1.28.1...v1.29.0
2023-03-13 15:37:32 -04:00
Nate Brown
92cc32f844
Remove handshake race avoidance ( #820 )
...
Co-authored-by: Wade Simmons <wadey@slack-corp.com>
2023-03-13 12:35:14 -05:00
Wade Simmons
d4f9500ca5
Update dependencies (2022-11) ( #780 )
...
* update dependencies
Update to latest dependencies on Nov 21, 2022.
Here are the diffs for deps that actually end up in the binaries (based
on `go version -m`)
Updated github.com/imdario/mergo https://github.com/imdario/mergo/compare/v0.3.12...v0.3.13
Updated github.com/matttproud/golang_protobuf_extensions https://github.com/matttproud/golang_protobuf_extensions/compare/v1.0.1...v1.0.4
Updated github.com/miekg/dns https://github.com/miekg/dns/compare/v1.1.48...v1.1.50
Updated github.com/prometheus/client_golang https://github.com/prometheus/client_golang/compare/v1.12.1...v1.14.0
Updated github.com/prometheus/client_model https://github.com/prometheus/client_model/compare/v0.2.0...v0.3.0
Updated github.com/prometheus/common https://github.com/prometheus/common/compare/v0.33.0...v0.37.0
Updated github.com/prometheus/procfs https://github.com/prometheus/procfs/compare/v0.7.3...v0.8.0
Updated github.com/sirupsen/logrus https://github.com/sirupsen/logrus/compare/v1.8.1...v1.9.0
Updated github.com/vishvananda/netns https://github.com/vishvananda/netns/compare/50045581ed74...v0.0.1
Updated golang.org/x/crypto https://github.com/golang/crypto/compare/ae2d96664a29...v0.3.0
Updated golang.org/x/net https://github.com/golang/net/compare/749bd193bc2b...v0.2.0
Updated golang.org/x/sys https://github.com/golang/sys/compare/289d7a0edf71...v0.2.0
Updated golang.org/x/term https://github.com/golang/term/compare/03fcf44c2211...v0.2.0
Updated google.golang.org/protobuf v1.28.0...v1.28.1
* test that mergo merges like we expect
2022-11-23 10:46:41 -05:00
Wade Simmons
9af242dc47
switch to new sync/atomic helpers in go1.19 ( #728 )
...
These new helpers make the code a lot cleaner. I confirmed that the
simple helpers like `atomic.Int64` don't add any extra overhead as they
get inlined by the compiler. `atomic.Pointer` adds an extra method call
as it no longer gets inlined, but we aren't using these on the hot path
so it is probably okay.
2022-10-31 13:37:41 -04:00
Wade Simmons
45d1d2b6c6
Update dependencies - 2022-04 ( #664 )
...
Updated github.com/kardianos/service https://github.com/kardianos/service/compare/v1.2.0...v1.2.1
Updated github.com/miekg/dns https://github.com/miekg/dns/compare/v1.1.43...v1.1.48
Updated github.com/prometheus/client_golang https://github.com/prometheus/client_golang/compare/v1.11.0...v1.12.1
Updated github.com/prometheus/common https://github.com/prometheus/common/compare/v0.32.1...v0.33.0
Updated github.com/stretchr/testify https://github.com/stretchr/testify/compare/v1.7.0...v1.7.1
Updated golang.org/x/crypto 5770296d90...ae2d96664a
Updated golang.org/x/net 69e39bad7d...749bd193bc
Updated golang.org/x/sys 7861aae155...289d7a0edf
Updated golang.zx2c4.com/wireguard/windows v0.5.1...v0.5.3
Updated google.golang.org/protobuf v1.27.1...v1.28.0
2022-04-18 12:12:25 -04:00
Wade Simmons
3913062c43
build and test with go1.18 ( #656 )
...
- https://go.dev/doc/go1.18
2022-04-05 17:08:00 -04:00
Wade Simmons
127a116bfd
update golang.org/x/crypto ( #603 )
...
> Version v0.0.0-20211202192323-5770296d904e of golang.org/x/crypto fixes a vulnerability in the golang.org/x/crypto/ssh package which allowed unauthenticated clients to cause a panic in SSH servers.
>
> This issue was discovered and reported by Rod Hynes, Psiphon Inc., and is tracked as CVE-2021-43565 and Issue golang/go#49932 .
Updated golang.org/x/crypto 089bfa5675...5770296d90
Updated golang.org/x/net 4a448f8816...69e39bad7d
2021-12-06 14:07:05 -05:00
CzBiX
16be0ce566
Add Wintun support ( #289 )
2021-11-08 12:36:31 -06:00
Wade Simmons
a22c134bf5
Update dependencies, November 2021 ( #564 )
...
*Direct Dependencies*
Updated github.com/anmitsu/go-shlex 648efa6222...38f4b401e2
Updated github.com/flynn/noise https://github.com/flynn/noise/compare/4bdb43be3117...v1.0.0
Updated github.com/golang/protobuf https://github.com/golang/protobuf/compare/v1.5.0...v1.5.2
Updated github.com/kardianos/service https://github.com/kardianos/service/compare/v1.1.0...v1.2.0
Updated github.com/miekg/dns https://github.com/miekg/dns/compare/v1.1.25...v1.1.43
Updated github.com/nbrownus/go-metrics-prometheus https://github.com/nbrownus/go-metrics-prometheus/compare/6e6d5173d99c...974a6260965f
Updated github.com/prometheus/client_golang https://github.com/prometheus/client_golang/compare/v1.2.1...v1.11.0
Updated github.com/rcrowley/go-metrics https://github.com/rcrowley/go-metrics/compare/cac0b30c2563...cf1acfcdf475
Updated github.com/sirupsen/logrus https://github.com/sirupsen/logrus/compare/v1.4.2...v1.8.1
Updated github.com/songgao/water https://github.com/songgao/water/compare/fd331bda3f4b...2b4b6d7c09d8
Updated github.com/stretchr/testify https://github.com/stretchr/testify/compare/v1.6.1...v1.7.0
Updated github.com/vishvananda/netlink https://github.com/vishvananda/netlink/compare/00009fb8606a...v1.1.0
Updated golang.org/x/crypto https://github.com/golang/crypto/compare/0c34fe9e7dc2...089bfa567519
Updated golang.org/x/net https://github.com/golang/net/compare/e18ecbb05110...4a448f8816b3
Updated golang.org/x/sys https://github.com/golang/sys/compare/f84b799fce68...4dd72447c267
Updated google.golang.org/protobuf v1.26.0...v1.27.1
Updated gopkg.in/yaml.v2 v2.2.7...v2.4.0
*Indirect Dependencies*
Updated github.com/alecthomas/units https://github.com/alecthomas/units/compare/c3de453c63f4...f65c72e2690d
Updated github.com/cespare/xxhash https://github.com/cespare/xxhash/compare/v2.1.1...v2.1.2
Updated github.com/go-logfmt/logfmt https://github.com/go-logfmt/logfmt/compare/v0.4.0...v0.5.0
Updated github.com/json-iterator/go https://github.com/json-iterator/go/compare/v1.1.7...v1.1.11
Updated github.com/julienschmidt/httprouter https://github.com/julienschmidt/httprouter/compare/v1.2.0...v1.3.0
Updated github.com/konsorten/go-windows-terminal-sequences https://github.com/konsorten/go-windows-terminal-sequences/compare/v1.0.2...v1.0.3
Updated github.com/mwitkow/go-conntrack https://github.com/mwitkow/go-conntrack/compare/cc309e4a2223...2f068394615f
Updated github.com/pkg/errors https://github.com/pkg/errors/compare/v0.8.1...v0.9.1
Updated github.com/prometheus/client_model https://github.com/prometheus/client_model/compare/d1d2010b5bee...v0.2.0
Updated github.com/prometheus/common https://github.com/prometheus/common/compare/v0.7.0...v0.32.1
Updated github.com/prometheus/procfs https://github.com/prometheus/procfs/compare/v0.0.8...v0.7.3
Updated github.com/vishvananda/netns https://github.com/vishvananda/netns/compare/0a2b9b5464df...50045581ed74
Updated golang.org/x/sync https://github.com/golang/sync/compare/67f06af15bc9...036812b2e83c
Updated golang.org/x/term https://github.com/golang/term/compare/7de9c90e9dd1...03fcf44c2211
Updated golang.org/x/text https://github.com/golang/text/compare/v0.3.3...v0.3.6
Added cloud.google.com/go v0.65.0
Added cloud.google.com/go/bigquery v1.8.0
Added cloud.google.com/go/datastore v1.1.0
Added cloud.google.com/go/pubsub v1.3.1
Added cloud.google.com/go/storage v1.10.0
Added dmitri.shuralyov.com/gpu/mtl 666a987793e9
Added github.com/BurntSushi/toml https://github.com/BurntSushi/toml/tree/v0.3.1
Added github.com/BurntSushi/xgb https://github.com/BurntSushi/xgb/tree/27f122750802
Added github.com/census-instrumentation/opencensus-proto https://github.com/census-instrumentation/opencensus-proto/tree/v0.2.1
Added github.com/chzyer/logex https://github.com/chzyer/logex/tree/v1.1.10
Added github.com/chzyer/readline https://github.com/chzyer/readline/tree/2972be24d48e
Added github.com/chzyer/test https://github.com/chzyer/test/tree/a1ea475d72b1
Added github.com/client9/misspell https://github.com/client9/misspell/tree/v0.3.4
Added github.com/cncf/udpa/go https://github.com/cncf/udpa/go/tree/269d4d468f6f
Added github.com/envoyproxy/go-control-plane https://github.com/envoyproxy/go-control-plane/tree/v0.9.4
Added github.com/envoyproxy/protoc-gen-validate https://github.com/envoyproxy/protoc-gen-validate/tree/v0.1.0
Added github.com/go-gl/glfw https://github.com/go-gl/glfw/tree/e6da0acd62b1
Added github.com/go-gl/glfw/v3.3/glfw https://github.com/go-gl/glfw/v3.3/glfw/tree/6f7a984d4dc4
Added github.com/go-kit/log https://github.com/go-kit/log/tree/v0.1.0
Added github.com/golang/glog https://github.com/golang/glog/tree/23def4e6c14b
Added github.com/golang/groupcache https://github.com/golang/groupcache/tree/8c9f03a8e57e
Added github.com/golang/mock https://github.com/golang/mock/tree/v1.4.4
Added github.com/google/btree https://github.com/google/btree/tree/v1.0.0
Added github.com/google/martian https://github.com/google/martian/tree/v2.1.0+incompatible
Added github.com/google/martian https://github.com/google/martian/tree/v3.0.0
Added github.com/google/pprof https://github.com/google/pprof/tree/1a94d8640e99
Added github.com/google/renameio https://github.com/google/renameio/tree/v0.1.0
Added github.com/googleapis/gax-go https://github.com/googleapis/gax-go/tree/v2.0.5
Added github.com/hashicorp/golang-lru https://github.com/hashicorp/golang-lru/tree/v0.5.1
Added github.com/ianlancetaylor/demangle https://github.com/ianlancetaylor/demangle/tree/5e5cf60278f6
Added github.com/jpillora/backoff https://github.com/jpillora/backoff/tree/v1.0.0
Added github.com/jstemmer/go-junit-report https://github.com/jstemmer/go-junit-report/tree/v0.9.1
Added github.com/rogpeppe/go-internal https://github.com/rogpeppe/go-internal/tree/v1.3.0
Added go.opencensus.io v0.22.4
Added golang.org/x/exp https://github.com/golang/exp/tree/6cc2880d07d6
Added golang.org/x/image https://github.com/golang/image/tree/cff245a6509b
Added golang.org/x/mobile https://github.com/golang/mobile/tree/d2bd2a29d028
Added golang.org/x/oauth2 https://github.com/golang/oauth2/tree/f6687ab2804c
Added golang.org/x/time https://github.com/golang/time/tree/555d28b269f0
Added google.golang.org/api v0.30.0
Added google.golang.org/appengine v1.6.6
Added google.golang.org/genproto 8632dd797987
Added google.golang.org/grpc v1.31.0
Added gopkg.in/errgo.v2 v2.1.0
Added honnef.co/go/tools v0.0.1-2020.1.4
Added rsc.io/binaryregexp v0.2.0
Added rsc.io/quote v3.1.0
Added rsc.io/sampler v1.3.0
Removed github.com/flynn/go-shlex https://github.com/flynn/go-shlex/tree/3f9db97f8568
2021-11-04 10:25:13 -04:00
Nate Brown
32cd9a93f1
Bump to go1.17 ( #553 )
2021-10-21 16:24:11 -05:00
Nathan Brown
75f7bda0a4
Lighthouse performance pass ( #418 )
2021-03-31 17:32:02 -05:00
Nathan Brown
e7e55618ff
Include bad backets in the good handshake test ( #428 )
2021-03-31 13:36:10 -05:00
Nathan Brown
830d6d4639
Start of end to end testing with a good handshake between two nodes ( #425 )
2021-03-29 14:29:20 -05:00
Nathan Brown
7073d204a8
IPv6 support for outside (udp) ( #369 )
2021-03-18 20:37:24 -05:00
Nathan Brown
29c5f31f90
Add a check in the makefile to ensure a minimum version of go is installed ( #383 )
2021-03-02 13:29:05 -06:00
Nathan Brown
d4b81f9b8d
Add QR code support to `nebula-cert` ( #297 )
2021-02-11 18:53:25 -06:00
Ryan Huber
0d6b55e495
Bring in the new version of kardianos/service and output logfiles on osx ( #303 )
...
* this brings in the new version of kardianos/service which properly
outputs logs from launchd services
* add go sum
* is it really this easy?
* Update CHANGELOG.md
2020-09-24 15:34:08 -07:00
Nathan Brown
68e3e84fdc
More like a library ( #279 )
2020-09-18 09:20:09 -05:00
Wade Simmons
065e2ff88a
update golang.org/x/crypto ( #188 )
...
This version contains a fix for CVE-2020-9283, a remote crash bug:
- https://groups.google.com/forum/#!msg/golang-announce/3L45YRc91SY/ywEPcKLnGQAJ
2020-02-20 14:49:55 -05:00
Wade Simmons
bdb442b970
Update dependencies, December 2019
...
Links to the diffs below, of note is this fix for `water` which might fix some
Windows issues:
- https://github.com/songgao/water/pull/70
*Direct Dependencies*
Updated github.com/golang/protobuf https://github.com/golang/protobuf/compare/v1.3.1...v1.3.2
Updated github.com/imdario/mergo https://github.com/imdario/mergo/compare/v0.3.7...v0.3.8
Updated github.com/miekg/dns https://github.com/miekg/dns/compare/v1.1.12...v1.1.25
Updated github.com/prometheus/client_golang https://github.com/prometheus/client_golang/compare/v0.9.3...v1.2.1
Updated github.com/rcrowley/go-metrics 3113b8401b...cac0b30c25
Updated github.com/songgao/water 6ad6edefb1...fd331bda3f
Updated github.com/stretchr/testify https://github.com/stretchr/testify/compare/v1.3.0...v1.4.0
Updated golang.org/x/crypto 22d7a77e9e...e9b2fee464
Updated golang.org/x/net f3200d17e0...c0dbc17a35
Updated golang.org/x/sys dbbf3f1254...ac6580df44
Updated gopkg.in/yaml.v2 v2.2.2...v2.2.7
*Indirect Dependencies*
Updated github.com/alecthomas/template a0175ee3bc...fb15b899a7
Updated github.com/alecthomas/units 2efee857e7...c3de453c63
Updated github.com/beorn7/perks https://github.com/beorn7/perks/compare/v1.0.0...v1.0.1
Updated github.com/cespare/xxhash https://github.com/cespare/xxhash/compare/v1.1.0...v2.1.1
Updated github.com/go-kit/kit https://github.com/go-kit/kit/compare/v0.8.0...v0.9.0
Updated github.com/pkg/errors https://github.com/pkg/errors/compare/v0.8.0...v0.8.1
Updated github.com/prometheus/client_model fd36f4220a...d1d2010b5b
Updated github.com/prometheus/common https://github.com/prometheus/common/compare/v0.4.1...v0.7.0
Updated github.com/prometheus/procfs https://github.com/prometheus/procfs/compare/a7aeb8df3389...v0.0.8
Updated github.com/vishvananda/netns https://github.com/vishvananda/netns/compare/13995c7128cc...0a2b9b5464df
Updated golang.org/x/sync https://github.com/golang/sync/compare/112230192c58...cd5d95a43a6e
Updated golang.org/x/text https://github.com/golang/text/compare/v0.3.0...v0.3.2
Added github.com/google/go-cmp https://github.com/google/go-cmp/tree/v0.3.1
Added github.com/google/gofuzz https://github.com/google/gofuzz/tree/v1.0.0
Added github.com/json-iterator/go https://github.com/json-iterator/go/tree/v1.1.7
Added github.com/modern-go/concurrent https://github.com/modern-go/concurrent/tree/bacd9c7ef1dd
Added github.com/modern-go/reflect2 https://github.com/modern-go/reflect2/tree/v1.0.1
Added golang.org/x/tools https://github.com/golang/tools/tree/2ca718005c18
Added golang.org/x/xerrors https://github.com/golang/xerrors/tree/a985d3407aa7
Removed github.com/OneOfOne/xxhash https://github.com/OneOfOne/xxhash/tree/v1.2.2
Removed github.com/dgryski/go-sip13 https://github.com/dgryski/go-sip13/tree/e10d5fee7954
Removed github.com/oklog/ulid https://github.com/oklog/ulid/tree/v1.3.1
Removed github.com/prometheus/tsdb https://github.com/prometheus/tsdb/tree/v0.7.1
Removed github.com/spaolacci/murmur3 https://github.com/spaolacci/murmur3/tree/f09979ecbc72
2019-12-16 15:49:31 -05:00
Ryan Huber
8ed69c8eaf
make nebula a service that can install itself
2019-11-28 16:20:57 +00:00
Slack Security Team
f22b4b584d
Public Release
2019-11-19 17:00:20 +00:00