void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-06-06 20:43:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev

Browse source
This commit is contained in:
Adam Ierymenko 2021-03-16 13:50:12 -04:00
commit 5262a2f753
No known key found for this signature in database
GPG key ID: C8877CF2D7A5D7F3
9 changed files with 85 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
Dockerfile.release Normal file
View file

@ -0,0 +1,22 @@
# vim: ft=dockerfile
FROM debian:buster as stage
ARG PACKAGE_BASEURL=https://download.zerotier.com/debian/buster/pool/main/z/zerotier-one/
ARG ARCH=amd64
ARG VERSION
RUN apt-get update -qq && apt-get install curl -y
RUN curl -sSL -o zerotier-one.deb "${PACKAGE_BASEURL}/zerotier-one_${VERSION}_${ARCH}.deb"
FROM debian:buster
COPY --from=stage zerotier-one.deb .
RUN dpkg -i zerotier-one.deb && rm -f zerotier-one.deb
RUN echo "${VERSION}" >/etc/zerotier-version
COPY entrypoint.sh.release /entrypoint.sh
RUN chmod 755 /entrypoint.sh
CMD /entrypoint.sh

30
entrypoint.sh.release Normal file
View file

@ -0,0 +1,30 @@
#!/bin/sh
grepzt() {
(find /proc -name exe | xargs -I{} readlink {}) 2>/dev/null | grep -q zerotier-one
return $?
}
echo "starting zerotier"
setsid /usr/sbin/zerotier-one &
while ! grepzt
do
echo "zerotier hasn't started, waiting a second"
sleep 1
done
echo "joining networks"
for i in "$@"
do
echo "joining $i"
while ! zerotier-cli join "$i"
do
echo "joining $i failed; trying again in 1s"
sleep 1
done
done
sleep infinity

4
ext/bin/tap-windows-ndis6/x64.old/zttap300.inf
View file

@ -34,7 +34,7 @@ DriverVer=08/13/2015,6.2.9200.20557
[Strings] [Strings]
DeviceDescription = "ZeroTier One Virtual Port" DeviceDescription = "ZeroTier One Virtual Port"
Provider = "ZeroTier Networks LLC" ; We're ZeroTier, Inc. now but kernel mode certs are $300+ so fuqdat. Provider = "ZeroTier Networks LLC"
; To build for x86, take NTamd64 off this and off the named section manually, build, then put it back! ; To build for x86, take NTamd64 off this and off the named section manually, build, then put it back!
[Manufacturer] [Manufacturer]
@ -70,7 +70,7 @@ AddService = zttap300, 2, zttap300.service
[zttap300.reg] [zttap300.reg]
HKR, Ndi, Service, 0, "zttap300" HKR, Ndi, Service, 0, "zttap300"
HKR, Ndi\Interfaces, UpperRange, 0, "ndis5" ; yes, 'ndis5' is correct... yup, Windows. HKR, Ndi\Interfaces, UpperRange, 0, "ndis5" ; 'ndis5' is correct
HKR, Ndi\Interfaces, LowerRange, 0, "ethernet" HKR, Ndi\Interfaces, LowerRange, 0, "ethernet"
HKR, , Manufacturer, 0, "%Provider%" HKR, , Manufacturer, 0, "%Provider%"
HKR, , ProductName, 0, "%DeviceDescription%" HKR, , ProductName, 0, "%DeviceDescription%"

2
ext/bin/tap-windows-ndis6/x64/zttap300.inf
View file

@ -70,7 +70,7 @@ AddService = zttap300, 2, zttap300.service
[zttap300.reg] [zttap300.reg]
HKR, Ndi, Service, 0, "zttap300" HKR, Ndi, Service, 0, "zttap300"
HKR, Ndi\Interfaces, UpperRange, 0, "ndis5" ; yes, 'ndis5' is correct... yup, Windows. HKR, Ndi\Interfaces, UpperRange, 0, "ndis5" ; 'ndis5' is correct
HKR, Ndi\Interfaces, LowerRange, 0, "ethernet" HKR, Ndi\Interfaces, LowerRange, 0, "ethernet"
HKR, , Manufacturer, 0, "%Provider%" HKR, , Manufacturer, 0, "%Provider%"
HKR, , ProductName, 0, "%DeviceDescription%" HKR, , ProductName, 0, "%DeviceDescription%"

4
ext/bin/tap-windows-ndis6/x86.old/zttap300.inf
View file

@ -34,7 +34,7 @@ DriverVer=08/13/2015,6.2.9200.20557
[Strings] [Strings]
DeviceDescription = "ZeroTier One Virtual Port" DeviceDescription = "ZeroTier One Virtual Port"
Provider = "ZeroTier Networks LLC" ; We're ZeroTier, Inc. now but kernel mode certs are $300+ so fuqdat. Provider = "ZeroTier Networks LLC"
; To build for x86, take NTamd64 off this and off the named section manually, build, then put it back! ; To build for x86, take NTamd64 off this and off the named section manually, build, then put it back!
[Manufacturer] [Manufacturer]
@ -70,7 +70,7 @@ AddService = zttap300, 2, zttap300.service
[zttap300.reg] [zttap300.reg]
HKR, Ndi, Service, 0, "zttap300" HKR, Ndi, Service, 0, "zttap300"
HKR, Ndi\Interfaces, UpperRange, 0, "ndis5" ; yes, 'ndis5' is correct... yup, Windows. HKR, Ndi\Interfaces, UpperRange, 0, "ndis5" ; 'ndis5' is correct
HKR, Ndi\Interfaces, LowerRange, 0, "ethernet" HKR, Ndi\Interfaces, LowerRange, 0, "ethernet"
HKR, , Manufacturer, 0, "%Provider%" HKR, , Manufacturer, 0, "%Provider%"
HKR, , ProductName, 0, "%DeviceDescription%" HKR, , ProductName, 0, "%DeviceDescription%"

2
ext/bin/tap-windows-ndis6/x86/zttap300.inf
View file

@ -67,7 +67,7 @@ AddService = zttap300, 2, zttap300.service
[zttap300.reg] [zttap300.reg]
HKR, Ndi, Service, 0, "zttap300" HKR, Ndi, Service, 0, "zttap300"
HKR, Ndi\Interfaces, UpperRange, 0, "ndis5" ; yes, 'ndis5' is correct... yup, Windows. HKR, Ndi\Interfaces, UpperRange, 0, "ndis5" ; 'ndis5' is correct
HKR, Ndi\Interfaces, LowerRange, 0, "ethernet" HKR, Ndi\Interfaces, LowerRange, 0, "ethernet"
HKR, , Manufacturer, 0, "%Provider%" HKR, , Manufacturer, 0, "%Provider%"
HKR, , ProductName, 0, "%DeviceDescription%" HKR, , ProductName, 0, "%DeviceDescription%"

6
make-linux.mk
View file

@ -45,10 +45,6 @@ endif
# Trying to use dynamically linked libhttp-parser causes tons of compatibility problems. # Trying to use dynamically linked libhttp-parser causes tons of compatibility problems.
ONE_OBJS+=ext/http-parser/http_parser.o ONE_OBJS+=ext/http-parser/http_parser.o
# Build with address sanitization library for advanced debugging (clang)
ifeq ($(ZT_SANITIZE),1)
DEFS+=-fsanitize=address -DASAN_OPTIONS=symbolize=1
endif
ifeq ($(ZT_DEBUG_TRACE),1) ifeq ($(ZT_DEBUG_TRACE),1)
DEFS+=-DZT_DEBUG_TRACE DEFS+=-DZT_DEBUG_TRACE
endif endif
@ -62,7 +58,7 @@ endif
# Build with address sanitization library for advanced debugging (clang) # Build with address sanitization library for advanced debugging (clang)
ifeq ($(ZT_SANITIZE),1) ifeq ($(ZT_SANITIZE),1)
SANFLAGS+=-fsanitize=address -DASAN_OPTIONS=symbolize=1 override DEFS+=-fsanitize=address -DASAN_OPTIONS=symbolize=1
endif endif
ifeq ($(ZT_DEBUG),1) ifeq ($(ZT_DEBUG),1)
override CFLAGS+=-Wall -Wno-deprecated -g -O -pthread $(INCLUDES) $(DEFS) override CFLAGS+=-Wall -Wno-deprecated -g -O -pthread $(INCLUDES) $(DEFS)

4
one.cpp
View file

@ -287,7 +287,7 @@ static int cli(int argc,char **argv)
} }
#endif #endif
if (!authToken.length()) { if (!authToken.length()) {
fprintf(stderr,"%s: missing authentication token and authtoken.secret not found (or readable) in %s" ZT_EOL_S,argv[0],homeDir.c_str()); fprintf(stderr,"%s: authtoken.secret not found or readable in %s (try again as root)" ZT_EOL_S,argv[0],homeDir.c_str());
return 2; return 2;
} }
} }
@ -1333,7 +1333,7 @@ static int cli(int argc,char **argv)
if (ioctl(sock, SIOCGIFHWADDR, &ifr) == 0) { if (ioctl(sock, SIOCGIFHWADDR, &ifr) == 0) {
unsigned char mac_addr[6]; unsigned char mac_addr[6];
memcpy(mac_addr, ifr.ifr_hwaddr.sa_data, 6); memcpy(mac_addr, ifr.ifr_hwaddr.sa_data, 6);
char macStr[16]; char macStr[18];
sprintf(macStr, "%02x:%02x:%02x:%02x:%02x:%02x", sprintf(macStr, "%02x:%02x:%02x:%02x:%02x:%02x",
mac_addr[0], mac_addr[0],
mac_addr[1], mac_addr[1],

19
service/OneService.cpp
View file

@ -274,10 +274,12 @@ static void _peerToJson(nlohmann::json &pj,const ZT_Peer *peer)
pj["latency"] = peer->latency; pj["latency"] = peer->latency;
pj["role"] = prole; pj["role"] = prole;
pj["isBonded"] = peer->isBonded; pj["isBonded"] = peer->isBonded;
pj["bondingPolicy"] = peer->bondingPolicy; if (peer->isBonded) {
pj["isHealthy"] = peer->isHealthy; pj["bondingPolicy"] = peer->bondingPolicy;
pj["numAliveLinks"] = peer->numAliveLinks; pj["isHealthy"] = peer->isHealthy;
pj["numTotalLinks"] = peer->numTotalLinks; pj["numAliveLinks"] = peer->numAliveLinks;
pj["numTotalLinks"] = peer->numTotalLinks;
}
nlohmann::json pa = nlohmann::json::array(); nlohmann::json pa = nlohmann::json::array();
for(unsigned int i=0;i<peer->pathCount;++i) { for(unsigned int i=0;i<peer->pathCount;++i) {
@ -676,6 +678,9 @@ public:
readLocalSettings(); readLocalSettings();
applyLocalConfig(); applyLocalConfig();
// Save original port number to show it if bind error
const int _configuredPort = _primaryPort;
// Make sure we can use the primary port, and hunt for one if configured to do so // Make sure we can use the primary port, and hunt for one if configured to do so
const int portTrials = (_primaryPort == 0) ? 256 : 1; // if port is 0, pick random const int portTrials = (_primaryPort == 0) ? 256 : 1; // if port is 0, pick random
for(int k=0;k<portTrials;++k) { for(int k=0;k<portTrials;++k) {
@ -693,7 +698,7 @@ public:
if (_ports[0] == 0) { if (_ports[0] == 0) {
Mutex::Lock _l(_termReason_m); Mutex::Lock _l(_termReason_m);
_termReason = ONE_UNRECOVERABLE_ERROR; _termReason = ONE_UNRECOVERABLE_ERROR;
_fatalErrorMessage = "cannot bind to local control interface port"; _fatalErrorMessage = std::string("cannot bind to local control interface port ")+std::to_string(_configuredPort);
return _termReason; return _termReason;
} }
@ -3039,7 +3044,9 @@ public:
if (!strncmp(p->c_str(),ifname,p->length())) if (!strncmp(p->c_str(),ifname,p->length()))
return false; return false;
} }
return _node->bondController()->allowedToBind(std::string(ifname)); if (!_node->bondController()->allowedToBind(std::string(ifname))) {
return false;
}
} }
{ {
// Check global blacklists // Check global blacklists