void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-06-08 13:33:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Huge cleanup. Some of these things will come back but right now clean them out of this branch.

Browse source
This commit is contained in:
Adam Ierymenko 2021-08-04 12:36:15 -04:00
parent a8da84c055
commit 653a6dcf3c
No known key found for this signature in database
GPG key ID: C8877CF2D7A5D7F3
387 changed files with 0 additions and 99718 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

236
CMakeLists.txt
View file

@ -1,236 +0,0 @@
cmake_minimum_required (VERSION 3.8)
cmake_policy(SET CMP0048 NEW)
if(${CMAKE_VERSION} VERSION_LESS 3.15)
cmake_policy(VERSION ${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION})
else()
cmake_policy(VERSION 3.15)
endif()
set(ZEROTIER_VERSION_MAJOR 1 CACHE INTERNAL "")
set(ZEROTIER_VERSION_MINOR 9 CACHE INTERNAL "")
set(ZEROTIER_VERSION_REVISION 0 CACHE INTERNAL "")
set(ZEROTIER_VERSION_BUILD 0 CACHE INTERNAL "")
project(zerotier
VERSION ${ZEROTIER_VERSION_MAJOR}.${ZEROTIER_VERSION_MINOR}.${ZEROTIER_VERSION_REVISION}.${ZEROTIER_VERSION_BUILD}
DESCRIPTION "ZeroTier Network Hypervisor"
LANGUAGES CXX C)
if(NOT PACKAGE_STATIC)
set(default_build_type "Release")
if(WIN32)
set(CMAKE_CXX_STANDARD 17)
set(CMAKE_SYSTEM_VERSION "7" CACHE STRING INTERNAL FORCE)
else(WIN32)
if(APPLE)
set(CMAKE_CXX_STANDARD 17)
else(APPLE)
set(CMAKE_CXX_STANDARD 11)
endif(APPLE)
endif(WIN32)
if(NOT CMAKE_BUILD_TYPE AND NOT CMAKE_CONFIGURATION_TYPES)
message(STATUS "Setting build type to '${default_build_type}' as none was specified.")
set(CMAKE_BUILD_TYPE "${default_build_type}" CACHE STRING "Choose the type of build." FORCE)
set_property(CACHE CMAKE_BUILD_TYPE PROPERTY STRINGS "Debug" "Release" "MinSizeRel" "RelWithDebInfo")
endif()
option(BUILD_CENTRAL_CONTROLLER "Build ZeroTier Central Controller" OFF)
if(BUILD_CENTRAL_CONTROLLER)
find_package(PkgConfig REQUIRED)
if(APPLE)
set(CMAKE_PREFIX_PATH
${CMAKE_PREFIX_PATH}
/usr/local/opt/libpq
/usr/local/lib
)
endif(APPLE)
find_package(PostgreSQL REQUIRED)
pkg_check_modules(hiredis REQUIRED IMPORTED_TARGET hiredis)
add_subdirectory(controller/thirdparty/redis-plus-plus-1.1.1)
set(redispp_INCLUDE_DIRS ${CMAKE_CURRENT_SOURCE_DIR}/controller/thirdparty/redis-plus-plus-1.1.1/src/sw)
set(redispp_STATIC_LIB redispp_static)
endif(BUILD_CENTRAL_CONTROLLER)
if(CMAKE_BUILD_TYPE STREQUAL "Debug")
add_definitions(-DZT_DEBUG)
endif(CMAKE_BUILD_TYPE STREQUAL "Debug")
if(WIN32)
message("++ Setting Windows Compiler Flags ${CMAKE_BUILD_TYPE}")
add_definitions(-DNOMINMAX)
add_compile_options(
-Wall
-Wno-deprecated
-Wno-unused-function
-Wno-format
-Wno-attributes
$<$<CONFIG:DEBUG>:-g>
$<$<CONFIG:DEBUG>:-O0>
$<$<CONFIG:RELEASE>:-O3>
$<$<CONFIG:RELEASE>:-ffast-math>
$<$<CONFIG:RELWITHDEBINFO>:-O3>
$<$<CONFIG:RELWITHDEBINFO>:-g>
)
#set(GOFLAGS
# -a
# -trimpath
#)
if(BUILD_32BIT)
set(CMAKE_SYSTEM_PROCESSOR "x86" CACHE STRING "system processor")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -m32" CACHE STRING "c++ flags")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -m32" CACHE STRING "c flags")
set(GOARCH "GOARCH=386" CACHE STRING "go architecture")
add_compile_options(
-m32
)
add_link_options(
-m32
)
endif(BUILD_32BIT)
else(WIN32)
if(APPLE)
message("++ Setting MacOS Compiler Flags ${CMAKE_BUILD_TYPE}")
set(MACOS_VERSION_MIN "10.14")
add_compile_options(
-Wall
-Wno-deprecated
-Wno-unused-function
-Wno-attributes
-mmacosx-version-min=${MACOS_VERSION_MIN}
$<$<CONFIG:DEBUG>:-g>
$<$<CONFIG:DEBUG>:-O0>
$<$<CONFIG:RELEASE>:-Ofast>
$<$<CONFIG:RELEASE>:-ffast-math>
$<$<CONFIG:RELEASE>:-fPIE>
$<$<CONFIG:RELEASE>:-flto>
$<$<CONFIG:RELWITHDEBINFO>:-O1>
$<$<CONFIG:RELWITHDEBINFO>:-fPIE>
$<$<CONFIG:RELWITHDEBINFO>:-g>
)
add_link_options(
-mmacosx-version-min=${MACOS_VERSION_MIN}
$<$<CONFIG:RELEASE>:-flto>
)
else(APPLE)
message("++ Setting Linux/BSD/Posix Compiler Flags (${CMAKE_BUILD_TYPE})")
add_compile_options(
-Wall
-Wno-deprecated
-Wno-unused-function
-Wno-format
-Wno-attributes
$<$<CONFIG:DEBUG>:-g>
$<$<CONFIG:DEBUG>:-O0>
$<$<CONFIG:RELEASE>:-O3>
$<$<CONFIG:RELEASE>:-ffast-math>
$<$<CONFIG:RELEASE>:-fPIE>
$<$<CONFIG:RELWITHDEBINFO>:-O3>
$<$<CONFIG:RELWITHDEBINFO>:-fPIE>
$<$<CONFIG:RELWITHDEBINFO>:-g>
)
option(BUILD_32BIT "Force building as 32-bit binary" OFF)
option(BUILD_STATIC "Build statically linked executable" OFF)
if(BUILD_32BIT)
set(CMAKE_SYSTEM_PROCESSOR "x86" CACHE STRING "system processor")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -m32" CACHE STRING "c++ flags")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -m32" CACHE STRING "c flags")
add_compile_options(
-m32
)
endif(BUILD_32BIT)
if(BUILD_STATIC)
add_link_options(
-static
)
set(CMAKE_EXE_LINKER_FLAGS "-static ${CMAKE_EXE_LINKER_FLAGS}")
endif(BUILD_STATIC)
endif(APPLE)
endif(WIN32)
if (
CMAKE_SYSTEM_PROCESSOR MATCHES "aarch64" OR
CMAKE_SYSTEM_PROCESSOR MATCHES "arm64" OR
CMAKE_SYSTEM_PROCESSOR MATCHES "ARM64" OR
CMAKE_SYSTEM_PROCESSOR MATCHES "AARCH64"
)
message("++ Adding flags for processor ${CMAKE_SYSTEM_PROCESSOR}")
add_compile_options(-march=armv8-a+aes+crypto -mtune=generic -mstrict-align)
endif()
if(BUILD_CENTRAL_CONTROLLER)
add_definitions(-DZT_CONTROLLER_USE_LIBPQ=1)
endif(BUILD_CENTRAL_CONTROLLER)
add_subdirectory(core)
# add_subdirectory(controller)
add_subdirectory(osdep)
else(NOT PACKAGE_STATIC)
if(BUILD_32BIT)
set(CMAKE_SYSTEM_PROCESSOR "x86" CACHE STRING "system processor")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -m32" CACHE STRING "c++ flags")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -m32" CACHE STRING "c flags")
add_compile_options(
-m32
)
endif(BUILD_32BIT)
set(STATIC_BINARY ${CMAKE_BINARY_DIR}/zerotier)
set(IMPORTED_LOCATION ${CMAKE_BINARY_DIR})
add_executable(zerotier IMPORTED GLOBAL)
install(PROGRAMS ${STATIC_BINARY} DESTINATION bin)
endif(NOT PACKAGE_STATIC)
# Linux packaging
if("${CMAKE_SYSTEM_NAME}" EQUAL "Linux")
if(IS_DIRECTORY /lib/systemd/system)
install(
FILES ${CMAKE_CURRENT_SOURCE_DIR}/packaging/debian/zerotier.service
DESTINATION /lib/systemd/system
)
elseif(IS_DIRECTORY /usr/lib/systemd/system)
install(
FILES ${CMAKE_CURRENT_SOURCE_DIR}/packaging/debian/zerotier.service
DESTINATION /usr/lib/systemd/system
)
else()
install(
FILES ${CMAKE_CURRENT_SOURCE_DIR}/packaging/debian/zerotier.init
DESTINATION /etc/init.d
)
endif()
endif()
if("${ZT_PACKAGE_FORMAT}" MATCHES "DEB")
include(packaging/debian.cmake)
elseif("${ZT_PACKAGE_FORMAT}" MATCHES "RPM")
include(packaging/rpm.cmake)
else()
endif()

502
Jenkinsfile vendored
View file

@ -1,502 +0,0 @@
pipeline {
options {
disableConcurrentBuilds()
preserveStashes(buildCount: 10)
timestamps()
}
parameters {
booleanParam(name: "BUILD_ALL", defaultValue: false, description: "Build all supported platform/architecture combos. Defaults to x86/x64 only")
}
environment {
PATH = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/go/bin:/home/jenkins-build/go/bin"
}
agent none
stages {
stage ("Build") {
steps {
script {
def tasks = [:]
tasks << buildStaticBinaries()
tasks << buildDebianNative()
tasks << buildCentosNative()
tasks << buildMacOS()
tasks << buildWindows()
tasks << buildFreeBSD()
parallel tasks
}
}
}
stage ("Package Static") {
steps {
script {
parallel packageStatic()
}
}
}
}
}
def buildMacOS() {
def tasks = [:]
tasks << getTasks(['mac'],['amd64'], {unused1, unused2 ->
def myNode = {
env.PATH = env.PATH + ":/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/go/bin:/home/jenkins-build/go/bin"
node ('mac') {
dir("build") {
checkout scm
sh 'make'
}
cleanWs deleteDirs: true, disableDeferredWipeout: true, notFailBuild: true
}
}
return myNode
})
return tasks
}
def buildWindows() {
def tasks = [:]
tasks << getTasks(['windows'], ['amd64', 'i386'], { unused1, platform ->
def myNode = {
node ('windows') {
env.SHELL = 'C:/Windows/System32/cmd.exe'
dir ("build") {
checkout scm
dir ("build") {
withEnv(["PATH=C:\\TDM-GCC-64\\bin;C:\\WINDOWS;C:\\Windows\\system32;C:\\CMake\\bin;C:\\Go\\bin"]) {
def cmakeFlags = ""
if (platform == "i386") {
cmakeFlags = '-DBUILD_32BIT=1'
}
bat """
cmake -G"MinGW Makefiles" -DCMAKE_BUILD_TYPE=Release ${cmakeFlags} ..
mingw32-make -j8
"""
}
}
cleanWs deleteDirs: true, disableDeferredWipeout: true, notFailBuild: true
}
}
}
return myNode
})
return tasks
}
def buildFreeBSD() {
def tasks = [:]
tasks << getTasks(['freebsd12'], ['amd64'], { unused1, unused2 ->
def myNode = {
node ('freebsd12') {
dir('build') {
checkout scm
sh 'make setup'
dir('build') {
sh 'make -j4'
}
}
cleanWs deleteDirs: true, disableDeferredWipeout: true, notFailBuild: true
}
}
return myNode
})
return tasks
}
def buildStaticBinaries() {
def tasks = [:]
def dist = ["alpine"]
def archs = []
if (params.BUILD_ALL == true) {
archs = ["arm64", "amd64", "i386", "armhf", "ppc64le", "s390x"]
} else {
archs = ["amd64", "i386"]
}
tasks << getTasks(dist, archs, { distro, platform ->
def myNode = {
node ('linux-build') {
env.PATH = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/go/bin:/home/jenkins-build/go/bin"
dir ("build") {
checkout scm
}
def runtime = docker.image("ztbuild/${distro}-${platform}:latest")
runtime.inside {
dir("build") {
def cmakeFlags = 'CMAKE_ARGS="-DBUILD_STATIC=1"'
if (platform == "i386") {
cmakeFlags = 'CMAKE_ARGS="-DBUILD_STATIC=1"'
} else if (platform == "armhf") {
cmakeFlags = 'CMAKE_ARGS="-DBUILD_STATIC=1 -DBUILD_ARM_V6=1"'
}
sh "${cmakeFlags} make"
dir("build") {
sh "mv zerotier zerotier-static-${platform}"
stash includes: 'zerotier-static-*', name: "static-${platform}"
}
}
cleanWs deleteDirs: true, disableDeferredWipeout: true, notFailBuild: true
}
}
}
return myNode
})
return tasks
}
def getTasks(axisDistro, axisPlatform, task) {
def tasks = [:]
for(int i=0; i< axisDistro.size(); i++) {
def axisDistroValue = axisDistro[i]
for(int j=0; j< axisPlatform.size(); j++) {
def axisPlatformValue = axisPlatform[j]
tasks["${axisDistroValue}/${axisPlatformValue}"] = task(axisDistroValue, axisPlatformValue)
}
}
return tasks
}
def packageStatic() {
def tasks = [:]
def centos7 = ["centos7"]
def centos7Arch = ["i386"]
tasks << getTasks(centos7, centos7Arch, { distro, arch ->
def myNode = {
node ('linux-build') {
env.PATH = env.PATH + ":/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/go/bin:/home/jenkins-build/go/bin"
dir ("build") {
checkout scm
}
def runtime = docker.image("ztbuild/${distro}-${arch}:latest")
runtime.inside {
dir("build") {
unstash "static-${arch}"
sh "mkdir -p build"
sh "mv zerotier-static-${arch} build/zerotier && chmod +x build/zerotier"
sh 'CMAKE_ARGS="-DBUILD_32BIT=1 -DPACKAGE_STATIC=1 -DZT_PACKAGE_FORMAT=RPM" make setup'
dir("build") {
sh 'make package -j4 VERBOSE=1'
}
sh "mkdir -p ${distro}"
sh "cp -av build/*.rpm ${distro}/"
archiveArtifacts artifacts: "${distro}/*.rpm", onlyIfSuccessful: true
}
}
cleanWs deleteDirs: true, disableDeferredWipeout: true, notFailBuild: true
}
}
return myNode
})
if (params.BUILD_ALL == true) {
def s390xStatics = ["clefos", "debian-buster", "debian-sid", "debian-bullseye", "debian-stretch", "ubuntu-bionic", "ubuntu-eoan", "ubuntu-focal"]
def s390x = ["s390x"]
tasks << getTasks(s390xStatics, s390x , { distro, arch ->
def myNode = {
node ('linux-build') {
env.PATH = env.PATH + ":/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/go/bin:/home/jenkins-build/go/bin"
dir ("build") {
checkout scm
}
def runtime = docker.image("ztbuild/${distro}-${arch}:latest")
def pkgFormat = "DEB"
if (distro == "clefos") {
pkgFormat = "RPM"
}
runtime.inside {
dir("build/") {
unstash "static-${arch}"
sh "mkdir -p build"
sh "mv zerotier-static-${arch} build/zerotier && chmod +x build/zerotier"
sh "CMAKE_ARGS=\"-DPACKAGE_STATIC=1 -DZT_PACKAGE_FORMAT=${pkgFormat}\" make setup"
dir("build") {
sh 'make package -j4 VERBOSE=1'
}
sh "mkdir -p ${distro}"
sh "cp -av build/*.rpm ${distro}/"
archiveArtifacts artifacts: "${distro}/*.rpm", onlyIfSuccessful: true
}
}
cleanWs deleteDirs: true, disableDeferredWipeout: true, notFailBuild: true
}
}
return myNode
})
}
def debianJessie = ["debian-jessie"]
def debianJessieArchs = []
if (params.BUILD_ALL == true) {
debianJessieArch = ["armhf", "amd64", "i386"]
} else {
debianJessieArch = ["amd64", "i386"]
}
tasks << getTasks(debianJessie, debianJessieArch, { distro, arch ->
def myNode = {
node ('linux-build') {
env.PATH = env.PATH + ":/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/go/bin:/home/jenkins-build/go/bin"
dir ("build") {
checkout scm
}
def runtime = docker.image("ztbuild/${distro}-${arch}:latest")
runtime.inside {
dir('build/') {
def cmakeFlags = 'CMAKE_ARGS="-DPACKAGE_STATIC=1 -DZT_PACKAGE_FORMAT=DEB"'
if (arch == "i386") {
cmakeFlags = 'CMAKE_ARGS="-DBUILD_32BIT=1 -DPACKAGE_STATIC=1 -DZT_PACKAGE_FORMAT=DEB"'
} else if (arch == "armel") {
cmakeFlags = 'CMAKE_ARGS="-DPACKAGE_STATIC=1 -DZT_PACKAGE_FORMAT=DEB -DBUILD_ARM_V5=1"'
} else if (arch == "armhf") {
cmakeFlags = 'CMAKE_ARGS="-DPACKAGE_STATIC=1 -DZT_PACKAGE_FORMAT=DEB -DBUILD_ARM_V6=1"'
}
unstash "static-${arch}"
sh "mkdir -p build"
sh "mv zerotier-static-${arch} build/zerotier && chmod +x build/zerotier"
sh "${cmakeFlags} make setup"
dir("build") {
sh 'make package -j4 VERBOSE=1'
}
sh "mkdir -p ${distro}"
sh "cp -av build/*.deb ${distro}/"
archiveArtifacts artifacts: "${distro}/*.deb", onlyIfSuccessful: true
}
}
cleanWs deleteDirs: true, disableDeferredWipeout: true, notFailBuild: true
}
}
return myNode
})
def ubuntuTrusty = ["ubuntu-trusty"]
def ubuntuTrustyArch = []
if (params.BUILD_ALL == true) {
ubuntuTrustyArch = ["i386", "amd64", "arm64", "ppc64le"]
} else {
ubuntuTrustyArch = ["i386", "amd64"]
}
tasks << getTasks(ubuntuTrusty, ubuntuTrustyArch, { distro, arch ->
def myNode = {
node ('linux-build') {
env.PATH = env.PATH + ":/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/go/bin:/home/jenkins-build/go/bin"
dir ("build") {
checkout scm
}
def runtime = docker.image("ztbuild/${distro}-${arch}:latest")
runtime.inside {
dir('build/') {
def cmakeFlags = 'CMAKE_ARGS="-DPACKAGE_STATIC=1 -DZT_PACKAGE_FORMAT=DEB"'
if (arch == "i386") {
cmakeFlags = 'CMAKE_ARGS="-DBUILD_32BIT=1 -DBUILD_STATIC=1 -DPACKAGE_STATIC=1 -DZT_PACKAGE_FORMAT=DEB"'
} else if (arch == "armel") {
cmakeFlags = 'CMAKE_ARGS="-DBUILD_STATIC=1 -DPACKAGE_STATIC=1 -DZT_PACKAGE_FORMAT=DEB -DBUILD_ARM_V5=1"'
} else if (arch == "armhf") {
cmakeFlags = 'CMAKE_ARGS="-DBUILD_STATIC=1 -DPACKAGE_STATIC=1 -DZT_PACKAGE_FORMAT=DEB -DBUILD_ARM_V6=1"'
}
unstash "static-${arch}"
sh "mkdir -p build"
sh "mv zerotier-static-${arch} build/zerotier && chmod +x build/zerotier"
sh "${cmakeFlags} make setup"
dir("build") {
sh 'make package -j4 VERBOSE=1'
}
sh "mkdir -p ${distro}"
sh "cp -av build/*.deb ${distro}/"
archiveArtifacts artifacts: "${distro}/*.deb", onlyIfSuccessful: true
}
}
cleanWs deleteDirs: true, disableDeferredWipeout: true, notFailBuild: true
}
}
return myNode
})
def debianWheezy = ["debian-wheezy"]
def debianWheezyArchs = []
if (params.BUILD_ALL == true) {
debianWheezyArchs = ["armhf", "amd64", "i386"]
} else {
debianWheezyArchs = ["amd64", "i386"]
}
tasks << getTasks(debianJessie, debianJessieArch, { distro, arch ->
def myNode = {
node ('linux-build') {
env.PATH = env.PATH + ":/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/go/bin:/home/jenkins-build/go/bin"
dir ("build") {
checkout scm
}
def runtime = docker.image("ztbuild/${distro}-${arch}:latest")
runtime.inside {
dir('build/') {
def cmakeFlags = 'CMAKE_ARGS="-DPACKAGE_STATIC=1 -DZT_PACKAGE_FORMAT=DEB"'
if (arch == "i386") {
cmakeFlags = 'CMAKE_ARGS="-DBUILD_32BIT=1 -DBUILD_STATIC=1 -DPACKAGE_STATIC=1 -DZT_PACKAGE_FORMAT=DEB"'
} else if (arch == "armel") {
cmakeFlags = 'CMAKE_ARGS="-DBUILD_STATIC=1 -DPACKAGE_STATIC=1 -DZT_PACKAGE_FORMAT=DEB -DBUILD_ARM_V5=1"'
} else if (arch == "armhf") {
cmakeFlags = 'CMAKE_ARGS="-DBUILD_STATIC=1 -DPACKAGE_STATIC=1 -DZT_PACKAGE_FORMAT=DEB -DBUILD_ARM_V6=1"'
}
unstash "static-${arch}"
sh "mkdir -p build"
sh "mv zerotier-static-${arch} build/zerotier && chmod +x build/zerotier"
sh "${cmakeFlags} make setup"
dir("build") {
sh 'make package -j4 VERBOSE=1'
}
sh "mkdir -p ${distro}"
sh "cp -av build/*.deb ${distro}/"
archiveArtifacts artifacts: "${distro}/*.deb", onlyIfSuccessful: true
}
}
cleanWs deleteDirs: true, disableDeferredWipeout: true, notFailBuild: true
}
}
return myNode
})
return tasks
}
def buildDebianNative() {
def tasks = [:]
def debian = ["debian-buster" , "debian-stretch", "debian-sid", "debian-bullseye"]
def debianArchs = []
if (params.BUILD_ALL) {
debianArchs = ["ppc64le", "i386", "armhf", "armel", "arm64", "amd64"]
} else {
debianArchs = ["amd64", "i386"]
}
def build = { distro, arch ->
def myNode = {
node ('linux-build') {
env.PATH = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/go/bin:/home/jenkins-build/go/bin"
dir ("build") {
checkout scm
}
def runtime = docker.image("ztbuild/${distro}-${arch}:latest")
runtime.inside {
def cmakeFlags = 'CMAKE_ARGS="-DZT_PACKAGE_FORMAT=DEB"'
if (arch == "i386") {
cmakeFlags = 'CMAKE_ARGS="-DBUILD_32BIT=1 -DZT_PACKAGE_FORMAT=DEB"'
} else if (arch == "armel") {
cmakeFlags = 'CMAKE_ARGS="-DZT_PACKAGE_FORMAT=DEB -DBUILD_ARM_V5=1"'
} else if (arch == "armhf") {
cmakeFlags = 'CMAKE_ARGS="-DZT_PACKAGE_FORMAT=DEB -DBUILD_ARM_V6=1"'
}
dir("build") {
sh "${cmakeFlags} make setup"
dir("build") {
sh "make package -j4 VERBOSE=1"
}
}
sh "mkdir -p ${distro}"
sh "mv build/build/*.deb ${distro}"
archiveArtifacts artifacts: "${distro}/*.deb", onlyIfSuccessful: true
cleanWs deleteDirs: true, disableDeferredWipeout: true, notFailBuild: true
}
}
}
return myNode
}
tasks << getTasks(debian, debianArchs, build)
// bash is broken when running under QEMU-s390x on Xenial
def xenial = ["ubuntu-xenial"]
def xenialArchs = []
if (params.BUILD_ALL == true) {
xenialArchs = ["i386", "amd64", "armhf", "arm64", "ppc64le"]
} else {
xenialArchs = ["i386", "amd64"]
}
tasks << getTasks(xenial, xenialArchs, build)
def ubuntu = ["ubuntu-bionic", "ubuntu-eoan"]
def ubuntuArchs = []
if (params.BUILD_ALL == true) {
ubuntuArchs = ["i386", "amd64", "armhf", "arm64", "ppc64le"]
} else {
ubuntuArchs = ["i386", "amd64"]
}
tasks << getTasks(ubuntu, ubuntuArchs, build)
def ubuntuFocal = ["ubuntu-focal"]
def ubuntuFocalArchs = []
if (params.BUILD_ALL == true) {
ubuntuFocalArchs = ["amd64", "arm64", "ppc64le"]
} else {
ubuntuFocalArchs = ["amd64"]
}
tasks << getTasks(ubuntuFocal, ubuntuFocalArchs, build)
def kali = ["kali-rolling"]
def kaliArchs = ["amd64"]
tasks << getTasks(kali, kaliArchs, build)
return tasks
}
def buildCentosNative() {
def tasks = [:]
def build = { distro, arch ->
def myNode = {
node ('linux-build') {
env.PATH = env.PATH + ":/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/go/bin:/home/jenkins-build/go/bin"
dir ("build") {
checkout scm
}
def runtime = docker.image("ztbuild/${distro}-${arch}:latest")
runtime.inside {
dir("build") {
if (distro == 'centos7' && arch == 'amd64') {
sh 'source scl_source enable devtoolset-8 llvm-toolset-7 && CMAKE_ARGS="-DZT_PACKAGE_FORMAT=RPM" make setup'
} else {
sh 'CMAKE_ARGS="-DZT_PACKAGE_FORMAT=RPM" make setup'
}
dir ("build") {
if (distro == 'centos7' && arch == 'amd64') {
sh 'source scl_source enable devtoolset-8 llvm-toolset-7 && make package -j4 VERBOSE=1'
} else {
sh 'make package -j4 VERBOSE=1'
}
}
}
sh "mkdir -p ${distro}"
sh "cp -av build/build/*.rpm ${distro}/"
archiveArtifacts artifacts: "${distro}/*.rpm", onlyIfSuccessful: true
cleanWs deleteDirs: true, disableDeferredWipeout: true, notFailBuild: true
}
}
}
return myNode
}
def centos8 = ["centos8"]
def centos8Archs = []
if (params.BUILD_ALL == true) {
centos8Archs = ["amd64", "arm64", "ppc64le"]
} else {
centos8Archs = ["amd64"]
}
tasks << getTasks(centos8, centos8Archs, build)
def centos7 = ["centos7"]
def centos7Archs = ["amd64"]
tasks << getTasks(centos7, centos7Archs, build)
return tasks
}

39
Makefile
View file

@ -1,39 +0,0 @@
BUILDDIR := build
TIMESTAMP=$(shell date +"%Y%m%d%H%M")
.PHONY: all
all: setup
cd ${BUILDDIR} && $(MAKE) -j4 VERBOSE=1
setup: FORCE
mkdir -p ${BUILDDIR} && cd ${BUILDDIR} && cmake .. -DCMAKE_BUILD_TYPE=Release ${CMAKE_ARGS}
setup-debug: FORCE
mkdir -p ${BUILDDIR} && cd ${BUILDDIR} && cmake .. -DCMAKE_BUILD_TYPE=Debug ${CMAKE_ARGS}
debug: FORCE
mkdir -p ${BUILDDIR} && cd ${BUILDDIR} && cmake .. -DCMAKE_BUILD_TYPE=Debug ${CMAKE_ARGS} && $(MAKE)
central-controller: FORCE
mkdir -p ${BUILDDIR} && cd ${BUILDDIR} && cmake .. -DCMAKE_BUILD_TYPE=Release -DBUILD_CENTRAL_CONTROLLER=1 ${CMAKE_ARGS} && $(MAKE) -j4
central-controller-debug: FORCE
mkdir -p ${BUILDDIR} && cd ${BUILDDIR} && cmake .. -DCMAKE_BUILD_TYPE=Debug -DBUILD_CENTRAL_CONTROLLER=1 ${CMAKE_ARGS} && $(MAKE) -j4
central-controller-docker: FORCE
docker build -t registry.zerotier.com/zerotier-central/ztcentral-controller:${TIMESTAMP} -f controller/central-docker/Dockerfile .
clean: FORCE
rm -rf ${BUILDDIR} rust-zerotier-core/target service/target rust-zerotier-core/src/capi.rs service/src/osdep.rs
distclean: FORCE
rm -rf ${BUILDDIR}
rust-bindgen: FORCE
cargo install bindgen
rm -f rust-zerotier-core/src/capi.rs service/src/osdep.rs
bindgen --no-doc-comments --no-layout-tests --no-derive-debug core/zerotier.h >rust-zerotier-core/src/capi.rs
bindgen --no-doc-comments --no-layout-tests --no-derive-debug osdep/rust-osdep.h >service/src/osdep.rs
FORCE:

122
attic/Arp.cpp
View file

@ -1,122 +0,0 @@
/*
* Copyright (c)2013-2021 ZeroTier, Inc.
*
* Use of this software is governed by the Business Source License included
* in the LICENSE.TXT file in the project's root directory.
*
* Change Date: 2026-01-01
*
* On the date above, in accordance with the Business Source License, use
* of this software will be governed by version 2.0 of the Apache License.
*/
/****/
#include <string.h>
#include <stdlib.h>
#include "Arp.hpp"
#include "OSUtils.hpp"
namespace ZeroTier {
static const uint8_t ARP_REQUEST_HEADER[8] = {0x00, 0x01, 0x08, 0x00, 0x06, 0x04, 0x00, 0x01};
static const uint8_t ARP_RESPONSE_HEADER[8] = {0x00, 0x01, 0x08, 0x00, 0x06, 0x04, 0x00, 0x02};
Arp::Arp() :
_cache(),
_lastCleaned(OSUtils::now())
{
}
void Arp::addLocal(uint32_t ip, const MAC &mac)
{
_ArpEntry &e = _cache[ip];
e.lastQuerySent = 0; // local IP
e.lastResponseReceived = 0; // local IP
e.mac = mac;
e.local = true;
}
void Arp::remove(uint32_t ip)
{
_cache.erase(ip);
}
uint32_t Arp::processIncomingArp(const void *arp, unsigned int len, void *response, unsigned int &responseLen, MAC &responseDest)
{
const uint64_t now = OSUtils::now();
uint32_t ip = 0;
responseLen = 0;
responseDest.zero();
if (len >= 28) {
if (!memcmp(arp, ARP_REQUEST_HEADER, 8)) {
// Respond to ARP requests for locally-known IPs
Map< uint32_t, Arp::_ArpEntry >::const_iterator targetEntry(_cache.find(reinterpret_cast<const uint32_t *>(arp)[6]));
if ((targetEntry != _cache.end()) && (targetEntry->second.local)) {
memcpy(response, ARP_RESPONSE_HEADER, 8);
targetEntry->second.mac.copyTo(reinterpret_cast<uint8_t *>(response) + 8);
memcpy(reinterpret_cast<uint8_t *>(response) + 14, reinterpret_cast<const uint8_t *>(arp) + 24, 4);
memcpy(reinterpret_cast<uint8_t *>(response) + 18, reinterpret_cast<const uint8_t *>(arp) + 8, 10);
responseLen = 28;
responseDest.setTo(reinterpret_cast<const uint8_t *>(arp) + 8);
}
} else if (!memcmp(arp, ARP_RESPONSE_HEADER, 8)) {
// Learn cache entries for remote IPs from relevant ARP replies
uint32_t responseIp = 0;
memcpy(&responseIp, reinterpret_cast<const uint8_t *>(arp) + 14, 4);
Map< uint32_t, Arp::_ArpEntry >::iterator queryEntry(_cache.find(responseIp));
if ((queryEntry != _cache.end()) && (!queryEntry->second.local) && ((now - queryEntry->second.lastQuerySent) <= ZT_ARP_QUERY_MAX_TTL)) {
queryEntry->second.lastResponseReceived = now;
queryEntry->second.mac.setTo(reinterpret_cast<const uint8_t *>(arp) + 8);
ip = responseIp;
}
}
}
if ((now - _lastCleaned) >= ZT_ARP_EXPIRE) {
_lastCleaned = now;
for (Map< uint32_t, _ArpEntry >::iterator i(_cache.begin()); i != _cache.end();) {
if ((!i->second.local) && ((now - i->second.lastResponseReceived) >= ZT_ARP_EXPIRE))
_cache.erase(i++);
else ++i;
}
}
return ip;
}
MAC Arp::query(const MAC &localMac, uint32_t localIp, uint32_t targetIp, void *query, unsigned int &queryLen, MAC &queryDest)
{
const uint64_t now = OSUtils::now();
_ArpEntry &e = _cache[targetIp];
if (((e.mac) && ((now - e.lastResponseReceived) >= (ZT_ARP_EXPIRE / 3))) ||
((!e.mac) && ((now - e.lastQuerySent) >= ZT_ARP_QUERY_INTERVAL))) {
e.lastQuerySent = now;
uint8_t *q = reinterpret_cast<uint8_t *>(query);
memcpy(q, ARP_REQUEST_HEADER, 8);
q += 8; // ARP request header information, always the same
localMac.copyTo(q);
q += 6; // sending host MAC address
memcpy(q, &localIp, 4);
q += 4; // sending host IP (IP already in big-endian byte order)
memset(q, 0, 6);
q += 6; // sending zeros for target MAC address as thats what we want to find
memcpy(q, &targetIp, 4); // target IP address for resolution (IP already in big-endian byte order)
queryLen = 28;
if (e.mac)
queryDest = e.mac; // confirmation query, send directly to address holder
else queryDest = (uint64_t)0xffffffffffffULL; // broadcast query
} else {
queryLen = 0;
queryDest.zero();
}
return e.mac;
}
} // namespace ZeroTier

142
attic/Arp.hpp
View file

@ -1,142 +0,0 @@
/*
* Copyright (c)2013-2021 ZeroTier, Inc.
*
* Use of this software is governed by the Business Source License included
* in the LICENSE.TXT file in the project's root directory.
*
* Change Date: 2026-01-01
*
* On the date above, in accordance with the Business Source License, use
* of this software will be governed by version 2.0 of the Apache License.
*/
/****/
#ifndef ZT_ARP_HPP
#define ZT_ARP_HPP
#include "../core/Constants.hpp"
#include "../core/Containers.hpp"
#include "../core/MAC.hpp"
#include <utility>
#include <vector>
/**
* Maximum possible ARP length
*
* ARPs are 28 bytes in length, but specify a 128 byte buffer since
* some weird extensions we may support in the future can pad them
* out to as long as 72 bytes.
*/
#define ZT_ARP_BUF_LENGTH 128
/**
* Minimum permitted interval between sending ARP queries for a given IP
*/
#define ZT_ARP_QUERY_INTERVAL 2000
/**
* Maximum time between query and response, otherwise responses are discarded to prevent poisoning
*/
#define ZT_ARP_QUERY_MAX_TTL 5000
/**
* ARP expiration time
*/
#define ZT_ARP_EXPIRE 600000
namespace ZeroTier {
/**
* ARP cache and resolver
*
* To implement ARP:
*
* (1) Call processIncomingArp() on all ARP packets received and then always
* check responseLen after calling. If it is non-zero, send the contents
* of response to responseDest.
*
* (2) Call query() to look up IP addresses, and then check queryLen. If it
* is non-zero, send the contents of query to queryDest (usually broadcast).
*
* Note that either of these functions can technically generate a response or
* a query at any time, so their result parameters for sending ARPs should
* always be checked.
*
* This class is not thread-safe and must be guarded if used in multi-threaded
* code.
*/
class Arp
{
public:
Arp();
/**
* Set a local IP entry that we should respond to ARPs for
*
* @param mac Our local MAC address
* @param ip IP in big-endian byte order (sin_addr.s_addr)
*/
void addLocal(uint32_t ip,const MAC &mac);
/**
* Delete a local IP entry or a cached ARP entry
*
* @param ip IP in big-endian byte order (sin_addr.s_addr)
*/
void remove(uint32_t ip);
/**
* Process ARP packets
*
* For ARP queries, a response is generated and responseLen is set to its
* frame payload length in bytes.
*
* For ARP responses, the cache is populated and the IP address entry that
* was learned is returned.
*
* @param arp ARP frame data
* @param len Length of ARP frame (usually 28)
* @param response Response buffer -- MUST be a minimum of ZT_ARP_BUF_LENGTH in size
* @param responseLen Response length, or set to 0 if no response
* @param responseDest Destination of response, or set to null if no response
* @return IP address learned or 0 if no new IPs in cache
*/
uint32_t processIncomingArp(const void *arp,unsigned int len,void *response,unsigned int &responseLen,MAC &responseDest);
/**
* Get the MAC corresponding to an IP, generating a query if needed
*
* This returns a MAC for a remote IP. The local MAC is returned for local
* IPs as well. It may also generate a query if the IP is not known or the
* entry needs to be refreshed. In this case queryLen will be set to a
* non-zero value, so this should always be checked on return even if the
* MAC returned is non-null.
*
* @param localMac Local MAC address of host interface
* @param localIp Local IP address of host interface
* @param targetIp IP to look up
* @param query Buffer for generated query -- MUST be a minimum of ZT_ARP_BUF_LENGTH in size
* @param queryLen Length of generated query, or set to 0 if no query generated
* @param queryDest Destination of query, or set to null if no query generated
* @return MAC or 0 if no cached entry for this IP
*/
MAC query(const MAC &localMac,uint32_t localIp,uint32_t targetIp,void *query,unsigned int &queryLen,MAC &queryDest);
private:
struct _ArpEntry
{
_ArpEntry() : lastQuerySent(0),lastResponseReceived(0),mac(),local(false) {}
uint64_t lastQuerySent; // Time last query was sent or 0 for local IP
uint64_t lastResponseReceived; // Time of last ARP response or 0 for local IP
MAC mac; // MAC address of device responsible for IP or null if not known yet
bool local; // True if this is a local ARP entry
};
Map< uint32_t,_ArpEntry > _cache;
uint64_t _lastCleaned;
};
} // namespace ZeroTier
#endif

507
attic/MacEthernetTap.cpp
View file

@ -1,507 +0,0 @@
/*
* Copyright (c)2019 ZeroTier, Inc.
*
* Use of this software is governed by the Business Source License included
* in the LICENSE.TXT file in the project's root directory.
*
* Change Date: 2026-01-01
*
* On the date above, in accordance with the Business Source License, use
* of this software will be governed by version 2.0 of the Apache License.
*/
/****/
#include "../node/Constants.hpp"
#ifdef __APPLE__
#include "../node/Utils.hpp"
#include "../node/Mutex.hpp"
#include "../node/Dictionary.hpp"
#include "OSUtils.hpp"
#include "MacEthernetTap.hpp"
#include "MacEthernetTapAgent.h"
#include "MacDNSHelper.hpp"
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <unistd.h>
#include <signal.h>
#include <fcntl.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/ioctl.h>
#include <sys/wait.h>
#include <sys/select.h>
#include <sys/cdefs.h>
#include <sys/uio.h>
#include <sys/param.h>
#include <sys/ioctl.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <net/route.h>
#include <net/if.h>
#include <net/if_dl.h>
#include <sys/sysctl.h>
#include <ifaddrs.h>
#include <string>
#include <map>
#include <set>
#include <algorithm>
#include <filesystem>
static const ZeroTier::MulticastGroup _blindWildcardMulticastGroup(ZeroTier::MAC(0xff),0);
namespace ZeroTier {
static Mutex globalTapCreateLock;
static bool globalTapInitialized = false;
MacEthernetTap::MacEthernetTap(
const char *homePath,
const MAC &mac,
unsigned int mtu,
unsigned int metric,
uint64_t nwid,
const char *friendlyName,
void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *data,unsigned int len),
void *arg) :
_handler(handler),
_arg(arg),
_nwid(nwid),
_homePath(homePath),
_mtu(mtu),
_metric(metric),
_devNo(0),
_agentStdin(-1),
_agentStdout(-1),
_agentStderr(-1),
_agentStdin2(-1),
_agentStdout2(-1),
_agentStderr2(-1),
_agentPid(-1),
_enabled(true)
{
char ethaddr[64],mtustr[16],devnostr[16],devstr[16],metricstr[16];
OSUtils::ztsnprintf(ethaddr,sizeof(ethaddr),"%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",(int)mac[0],(int)mac[1],(int)mac[2],(int)mac[3],(int)mac[4],(int)mac[5]);
OSUtils::ztsnprintf(mtustr,sizeof(mtustr),"%u",mtu);
OSUtils::ztsnprintf(metricstr,sizeof(metricstr),"%u",metric);
std::string agentPath(homePath);
agentPath.push_back(ZT_PATH_SEPARATOR);
agentPath.append("MacEthernetTapAgent");
if (!OSUtils::fileExists(agentPath.c_str()))
throw std::runtime_error("MacEthernetTapAgent not present in ZeroTier home");
Mutex::Lock _gl(globalTapCreateLock); // only make one at a time
// Destroy all feth devices on first tap start in case ZeroTier did not exit cleanly last time.
// We leave interfaces less than feth100 alone in case something else is messing with feth devices.
if (!globalTapInitialized) {
globalTapInitialized = true;
struct ifaddrs *ifa = (struct ifaddrs *)0;
std::set<std::string> deleted;
if (!getifaddrs(&ifa)) {
struct ifaddrs *p = ifa;
while (p) {
int nameLen = (int)strlen(p->ifa_name);
// Delete feth# from feth0 to feth9999, but don't touch >10000.
if ((!strncmp(p->ifa_name,"feth",4))&&(nameLen >= 5)&&(nameLen <= 8)&&(deleted.count(std::string(p->ifa_name)) == 0)) {
deleted.insert(std::string(p->ifa_name));
const char *args[4];
args[0] = "/sbin/ifconfig";
args[1] = p->ifa_name;
args[2] = "destroy";
args[3] = (char *)0;
const pid_t pid = vfork();
if (pid == 0) {
execv(args[0],const_cast<char **>(args));
_exit(-1);
} else if (pid > 0) {
int rv = 0;
waitpid(pid,&rv,0);
}
}
p = p->ifa_next;
}
freeifaddrs(ifa);
}
}
unsigned int devNo = 100 + ((nwid ^ (nwid >> 32) ^ (nwid >> 48)) % 4900);
for(;;) {
OSUtils::ztsnprintf(devnostr,sizeof(devnostr),"%u",devNo);
OSUtils::ztsnprintf(devstr,sizeof(devstr),"feth%u",devNo);
bool duplicate = false;
struct ifaddrs *ifa = (struct ifaddrs *)0;
if (!getifaddrs(&ifa)) {
struct ifaddrs *p = ifa;
while (p) {
if (!strcmp(p->ifa_name,devstr)) {
duplicate = true;
break;
}
p = p->ifa_next;
}
freeifaddrs(ifa);
}
if (duplicate) {
devNo = (devNo + 1) % 5000;
if (devNo < 100)
devNo = 100;
} else {
_dev = devstr;
_devNo = devNo;
break;
}
}
if (::pipe(_shutdownSignalPipe))
throw std::runtime_error("pipe creation failed");
int agentStdin[2];
int agentStdout[2];
int agentStderr[2];
if (::pipe(agentStdin))
throw std::runtime_error("pipe creation failed");
if (::pipe(agentStdout))
throw std::runtime_error("pipe creation failed");
if (::pipe(agentStderr))
throw std::runtime_error("pipe creation failed");
_agentStdin = agentStdin[1];
_agentStdout = agentStdout[0];
_agentStderr = agentStderr[0];
_agentStdin2 = agentStdin[0];
_agentStdout2 = agentStdout[1];
_agentStderr2 = agentStderr[1];
long apid = (long)fork();
if (apid < 0) {
throw std::runtime_error("fork failed");
} else if (apid == 0) {
::dup2(agentStdin[0],STDIN_FILENO);
::dup2(agentStdout[1],STDOUT_FILENO);
::dup2(agentStderr[1],STDERR_FILENO);
::close(agentStdin[0]);
::close(agentStdin[1]);
::close(agentStdout[0]);
::close(agentStdout[1]);
::close(agentStderr[0]);
::close(agentStderr[1]);
::execl(agentPath.c_str(),agentPath.c_str(),devnostr,ethaddr,mtustr,metricstr,(char *)0);
::_exit(-1);
} else {
_agentPid = apid;
}
Thread::sleep(100); // this causes them to come up in a more user-friendly order on launch
_thread = Thread::start(this);
}
MacEthernetTap::~MacEthernetTap()
{
char tmp[64];
const char *args[4];
pid_t pid0,pid1;
MacDNSHelper::removeDNS(_nwid);
Mutex::Lock _gl(globalTapCreateLock);
::write(_shutdownSignalPipe[1],"\0",1); // causes thread to exit
int ec = 0;
::kill(_agentPid,SIGKILL);
::waitpid(_agentPid,&ec,0);
args[0] = "/sbin/ifconfig";
args[1] = _dev.c_str();
args[2] = "destroy";
args[3] = (char *)0;
pid0 = vfork();
if (pid0 == 0) {
execv(args[0],const_cast<char **>(args));
_exit(-1);
}
snprintf(tmp,sizeof(tmp),"feth%u",_devNo + 5000);
//args[0] = "/sbin/ifconfig";
args[1] = tmp;
//args[2] = "destroy";
//args[3] = (char *)0;
pid1 = vfork();
if (pid1 == 0) {
execv(args[0],const_cast<char **>(args));
_exit(-1);
}
if (pid0 > 0) {
int rv = 0;
waitpid(pid0,&rv,0);
}
if (pid1 > 0) {
int rv = 0;
waitpid(pid1,&rv,0);
}
Thread::join(_thread);
}
void MacEthernetTap::setEnabled(bool en) { _enabled = en; }
bool MacEthernetTap::enabled() const { return _enabled; }
bool MacEthernetTap::addIp(const InetAddress &ip)
{
char tmp[128];
if (!ip)
return false;
std::string cmd;
cmd.push_back((char)ZT_MACETHERNETTAPAGENT_STDIN_CMD_IFCONFIG);
cmd.append((ip.ss_family == AF_INET6) ? "inet6" : "inet");
cmd.push_back(0);
cmd.append(ip.toString(tmp));
cmd.push_back(0);
cmd.append("alias");
cmd.push_back(0);
uint16_t l = (uint16_t)cmd.length();
_putLock.lock();
write(_agentStdin,&l,2);
write(_agentStdin,cmd.data(),cmd.length());
_putLock.unlock();
return true;
}
bool MacEthernetTap::removeIp(const InetAddress &ip)
{
char tmp[128];
if (!ip)
return false;
std::string cmd;
cmd.push_back((char)ZT_MACETHERNETTAPAGENT_STDIN_CMD_IFCONFIG);
cmd.append((ip.ss_family == AF_INET6) ? "inet6" : "inet");
cmd.push_back(0);
cmd.append(ip.toString(tmp));
cmd.push_back(0);
cmd.append("-alias");
cmd.push_back(0);
uint16_t l = (uint16_t)cmd.length();
_putLock.lock();
write(_agentStdin,&l,2);
write(_agentStdin,cmd.data(),cmd.length());
_putLock.unlock();
return true;
}
std::vector<InetAddress> MacEthernetTap::ips() const
{
struct ifaddrs *ifa = (struct ifaddrs *)0;
std::vector<InetAddress> r;
if (!getifaddrs(&ifa)) {
struct ifaddrs *p = ifa;
while (p) {
if ((p->ifa_name)&&(!strcmp(p->ifa_name,_dev.c_str()))&&(p->ifa_addr)) {
switch(p->ifa_addr->sa_family) {
case AF_INET: {
struct sockaddr_in *sin = (struct sockaddr_in *)p->ifa_addr;
struct sockaddr_in *nm = (struct sockaddr_in *)p->ifa_netmask;
r.push_back(InetAddress(&(sin->sin_addr.s_addr),4,Utils::countBits((uint32_t)nm->sin_addr.s_addr)));
} break;
case AF_INET6: {
struct sockaddr_in6 *sin = (struct sockaddr_in6 *)p->ifa_addr;
struct sockaddr_in6 *nm = (struct sockaddr_in6 *)p->ifa_netmask;
uint32_t b[4];
memcpy(b,nm->sin6_addr.s6_addr,sizeof(b));
r.push_back(InetAddress(sin->sin6_addr.s6_addr,16,Utils::countBits(b[0]) + Utils::countBits(b[1]) + Utils::countBits(b[2]) + Utils::countBits(b[3])));
} break;
}
}
p = p->ifa_next;
}
freeifaddrs(ifa);
}
std::sort(r.begin(),r.end());
r.erase(std::unique(r.begin(),r.end()),r.end());
return r;
}
void MacEthernetTap::put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len)
{
struct iovec iov[3];
unsigned char hdr[15];
uint16_t l;
if ((_agentStdin > 0)&&(len <= _mtu)&&(_enabled)) {
hdr[0] = ZT_MACETHERNETTAPAGENT_STDIN_CMD_PACKET;
to.copyTo(hdr + 1,6);
from.copyTo(hdr + 7,6);
hdr[13] = (unsigned char)((etherType >> 8) & 0xff);
hdr[14] = (unsigned char)(etherType & 0xff);
l = (uint16_t)(len + 15);
iov[0].iov_base = &l;
iov[0].iov_len = 2;
iov[1].iov_base = hdr;
iov[1].iov_len = 15;
iov[2].iov_base = const_cast<void *>(data);
iov[2].iov_len = len;
_putLock.lock();
writev(_agentStdin,iov,3);
_putLock.unlock();
}
}
std::string MacEthernetTap::deviceName() const { return _dev; }
void MacEthernetTap::setFriendlyName(const char *friendlyName) {}
void MacEthernetTap::scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed)
{
std::vector<MulticastGroup> newGroups;
struct ifmaddrs *ifmap = (struct ifmaddrs *)0;
if (!getifmaddrs(&ifmap)) {
struct ifmaddrs *p = ifmap;
while (p) {
if (p->ifma_addr->sa_family == AF_LINK) {
struct sockaddr_dl *in = (struct sockaddr_dl *)p->ifma_name;
struct sockaddr_dl *la = (struct sockaddr_dl *)p->ifma_addr;
if ((la->sdl_alen == 6)&&(in->sdl_nlen <= _dev.length())&&(!memcmp(_dev.data(),in->sdl_data,in->sdl_nlen)))
newGroups.push_back(MulticastGroup(MAC(la->sdl_data + la->sdl_nlen,6),0));
}
p = p->ifma_next;
}
freeifmaddrs(ifmap);
}
std::vector<InetAddress> allIps(ips());
for(std::vector<InetAddress>::iterator ip(allIps.begin());ip!=allIps.end();++ip)
newGroups.push_back(MulticastGroup::deriveMulticastGroupForAddressResolution(*ip));
std::sort(newGroups.begin(),newGroups.end());
newGroups.erase(std::unique(newGroups.begin(),newGroups.end()),newGroups.end());
for(std::vector<MulticastGroup>::iterator m(newGroups.begin());m!=newGroups.end();++m) {
if (!std::binary_search(_multicastGroups.begin(),_multicastGroups.end(),*m))
added.push_back(*m);
}
for(std::vector<MulticastGroup>::iterator m(_multicastGroups.begin());m!=_multicastGroups.end();++m) {
if (!std::binary_search(newGroups.begin(),newGroups.end(),*m))
removed.push_back(*m);
}
_multicastGroups.swap(newGroups);
}
void MacEthernetTap::setMtu(unsigned int mtu)
{
if (_mtu != mtu) {
char tmp[16];
std::string cmd;
cmd.push_back((char)ZT_MACETHERNETTAPAGENT_STDIN_CMD_IFCONFIG);
cmd.append("mtu");
cmd.push_back(0);
OSUtils::ztsnprintf(tmp,sizeof(tmp),"%u",mtu);
cmd.append(tmp);
cmd.push_back(0);
uint16_t l = (uint16_t)cmd.length();
_putLock.lock();
write(_agentStdin,&l,2);
write(_agentStdin,cmd.data(),cmd.length());
_putLock.unlock();
_mtu = mtu;
}
}
#define ZT_MACETHERNETTAP_AGENT_READ_BUF_SIZE 131072
void MacEthernetTap::threadMain()
throw()
{
char agentReadBuf[ZT_MACETHERNETTAP_AGENT_READ_BUF_SIZE];
char agentStderrBuf[256];
fd_set readfds,nullfds;
MAC to,from;
Thread::sleep(250);
const int nfds = std::max(std::max(_shutdownSignalPipe[0],_agentStdout),_agentStderr) + 1;
long agentReadPtr = 0;
fcntl(_agentStdout,F_SETFL,fcntl(_agentStdout,F_GETFL)|O_NONBLOCK);
fcntl(_agentStderr,F_SETFL,fcntl(_agentStderr,F_GETFL)|O_NONBLOCK);
FD_ZERO(&readfds);
FD_ZERO(&nullfds);
for(;;) {
FD_SET(_shutdownSignalPipe[0],&readfds);
FD_SET(_agentStdout,&readfds);
FD_SET(_agentStderr,&readfds);
select(nfds,&readfds,&nullfds,&nullfds,(struct timeval *)0);
if (FD_ISSET(_shutdownSignalPipe[0],&readfds))
break;
if (FD_ISSET(_agentStdout,&readfds)) {
long n = (long)read(_agentStdout,agentReadBuf + agentReadPtr,ZT_MACETHERNETTAP_AGENT_READ_BUF_SIZE - agentReadPtr);
if (n > 0) {
agentReadPtr += n;
while (agentReadPtr >= 2) {
long len = *((uint16_t *)agentReadBuf);
if (agentReadPtr >= (len + 2)) {
char *msg = agentReadBuf + 2;
if ((len > 14)&&(_enabled)) {
to.setTo(msg,6);
from.setTo(msg + 6,6);
_handler(_arg,(void *)0,_nwid,from,to,ntohs(((const uint16_t *)msg)[6]),0,(const void *)(msg + 14),(unsigned int)len - 14);
}
if (agentReadPtr > (len + 2)) {
memmove(agentReadBuf,agentReadBuf + len + 2,agentReadPtr -= (len + 2));
} else {
agentReadPtr = 0;
}
} else {
break;
}
}
}
}
if (FD_ISSET(_agentStderr,&readfds)) {
read(_agentStderr,agentStderrBuf,sizeof(agentStderrBuf));
/*
const ssize_t n = read(_agentStderr,agentStderrBuf,sizeof(agentStderrBuf));
if (n > 0)
write(STDERR_FILENO,agentStderrBuf,(size_t)n);
*/
}
}
::close(_agentStdin);
::close(_agentStdout);
::close(_agentStderr);
::close(_agentStdin2);
::close(_agentStdout2);
::close(_agentStderr2);
::close(_shutdownSignalPipe[0]);
::close(_shutdownSignalPipe[1]);
}
void MacEthernetTap::setDns(const char *domain, const std::vector<InetAddress> &servers)
{
MacDNSHelper::setDNS(this->_nwid, domain, servers);
}
} // namespace ZeroTier
#endif // __APPLE__

84
attic/MacEthernetTap.hpp
View file

@ -1,84 +0,0 @@
/*
* Copyright (c)2019 ZeroTier, Inc.
*
* Use of this software is governed by the Business Source License included
* in the LICENSE.TXT file in the project's root directory.
*
* Change Date: 2026-01-01
*
* On the date above, in accordance with the Business Source License, use
* of this software will be governed by version 2.0 of the Apache License.
*/
/****/
#ifndef ZT_OSXETHERNETTAP_HPP
#define ZT_OSXETHERNETTAP_HPP
#include "../node/Constants.hpp"
#include "../node/MAC.hpp"
#include "../node/InetAddress.hpp"
#include "../node/MulticastGroup.hpp"
#include "../node/Mutex.hpp"
#include "Thread.hpp"
#include "EthernetTap.hpp"
#include <stdio.h>
#include <stdlib.h>
#include <stdexcept>
#include <string>
#include <vector>
namespace ZeroTier {
class MacEthernetTap : public EthernetTap
{
public:
MacEthernetTap(
const char *homePath,
const MAC &mac,
unsigned int mtu,
unsigned int metric,
uint64_t nwid,
const char *friendlyName,
void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
void *arg);
virtual ~MacEthernetTap();
virtual void setEnabled(bool en);
virtual bool enabled() const;
virtual bool addIp(const InetAddress &ip);
virtual bool removeIp(const InetAddress &ip);
virtual std::vector<InetAddress> ips() const;
virtual void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
virtual std::string deviceName() const;
virtual void setFriendlyName(const char *friendlyName);
virtual void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
virtual void setMtu(unsigned int mtu);
virtual void setDns(const char *domain, const std::vector<InetAddress> &servers);
void threadMain()
throw();
private:
void (*_handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int);
void *_arg;
uint64_t _nwid;
Thread _thread;
std::string _homePath;
std::string _dev;
std::vector<MulticastGroup> _multicastGroups;
Mutex _putLock;
unsigned int _mtu;
unsigned int _metric;
unsigned int _devNo;
int _shutdownSignalPipe[2];
int _agentStdin,_agentStdout,_agentStderr,_agentStdin2,_agentStdout2,_agentStderr2;
long _agentPid;
volatile bool _enabled;
};
} // namespace ZeroTier
#endif

425
attic/MacEthernetTapAgent.c
View file

@ -1,425 +0,0 @@
/*
* Copyright (c)2019 ZeroTier, Inc.
*
* Use of this software is governed by the Business Source License included
* in the LICENSE.TXT file in the project's root directory.
*
* Change Date: 2026-01-01
*
* On the date above, in accordance with the Business Source License, use
* of this software will be governed by version 2.0 of the Apache License.
*/
/****/
/*
* This creates a pair of feth devices with the lower numbered device
* being the ZeroTier virtual interface and the other being the device
* used to actually read and write packets. The latter gets no IP config
* and is only used for I/O. The behavior of feth is similar to the
* veth pairs that exist on Linux.
*
* The feth device has only existed since MacOS Sierra, but that's fairly
* long ago in Mac terms.
*
* I/O with feth must be done using two different sockets. The BPF socket
* is used to receive packets, while an AF_NDRV (low-level network driver
* access) socket must be used to inject. AF_NDRV can't read IP frames
* since BSD doesn't forward packets out the NDRV tap if they've already
* been handled, and while BPF can inject its MTU for injected packets
* is limited to 2048. AF_NDRV packet injection is required to inject
* ZeroTier's large MTU frames.
*
* All this stuff is basically undocumented. A lot of tracing through
* the Darwin/XNU kernel source was required to figure out how to make
* this actually work.
*
* We hope to develop a DriverKit-based driver in the near-mid future to
* replace this weird hack, but it works for now through Big Sur in our
* testing.
*
* See also:
*
* https://apple.stackexchange.com/questions/337715/fake-ethernet-interfaces-feth-if-fake-anyone-ever-seen-this
* https://opensource.apple.com/source/xnu/xnu-4570.41.2/bsd/net/if_fake.c.auto.html
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdarg.h>
#include <unistd.h>
#include <signal.h>
#include <fcntl.h>
#include <errno.h>
#include <sys/signal.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/ioctl.h>
#include <sys/wait.h>
#include <sys/select.h>
#include <sys/cdefs.h>
#include <sys/uio.h>
#include <sys/param.h>
#include <sys/ioctl.h>
#include <sys/socket.h>
#include <sys/sysctl.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <net/bpf.h>
#include <net/route.h>
#include <net/if.h>
#include <net/if_arp.h>
#include <net/if_dl.h>
#include <net/if_media.h>
#include <net/ndrv.h>
#include <netinet/in_var.h>
#include <netinet/icmp6.h>
#include <netinet6/in6_var.h>
#include <netinet6/nd6.h>
#include <ifaddrs.h>
#include "../version.h"
#include "MacEthernetTapAgent.h"
#ifndef SIOCAUTOCONF_START
#define SIOCAUTOCONF_START _IOWR('i', 132, struct in6_ifreq) /* accept rtadvd on this interface */
#endif
#ifndef SIOCAUTOCONF_STOP
#define SIOCAUTOCONF_STOP _IOWR('i', 133, struct in6_ifreq) /* stop accepting rtadv for this interface */
#endif
#define P_IFCONFIG "/sbin/ifconfig"
static unsigned char s_pktReadBuf[131072] __attribute__ ((__aligned__(16)));
static unsigned char s_stdinReadBuf[131072] __attribute__ ((__aligned__(16)));
static char s_deviceName[IFNAMSIZ];
static char s_peerDeviceName[IFNAMSIZ];
static int s_bpffd = -1;
static int s_ndrvfd = -1;
static pid_t s_parentPid;
static void configureIpv6Parameters(const char *ifname,int performNUD,int acceptRouterAdverts)
{
struct in6_ndireq nd;
struct in6_ifreq ifr;
int s = socket(AF_INET6,SOCK_DGRAM,0);
if (s <= 0)
return;
memset(&nd,0,sizeof(nd));
strncpy(nd.ifname,ifname,sizeof(nd.ifname));
if (ioctl(s,SIOCGIFINFO_IN6,&nd)) {
close(s);
return;
}
unsigned long oldFlags = (unsigned long)nd.ndi.flags;
if (performNUD)
nd.ndi.flags |= ND6_IFF_PERFORMNUD;
else nd.ndi.flags &= ~ND6_IFF_PERFORMNUD;
if (oldFlags != (unsigned long)nd.ndi.flags) {
if (ioctl(s,SIOCSIFINFO_FLAGS,&nd)) {
close(s);
return;
}
}
memset(&ifr,0,sizeof(ifr));
strncpy(ifr.ifr_name,ifname,sizeof(ifr.ifr_name));
if (ioctl(s,acceptRouterAdverts ? SIOCAUTOCONF_START : SIOCAUTOCONF_STOP,&ifr)) {
close(s);
return;
}
close(s);
}
static int run(const char *path,...)
{
va_list ap;
char *args[16];
int argNo = 1;
va_start(ap,path);
args[0] = (char *)path;
for(;argNo<15;++argNo) {
args[argNo] = va_arg(ap,char *);
if (!args[argNo]) {
break;
}
}
args[argNo++] = (char *)0;
va_end(ap);
pid_t pid = vfork();
if (pid < 0) {
return -1;
} else if (pid == 0) {
dup2(STDERR_FILENO,STDOUT_FILENO);
execv(args[0],args);
_exit(-1);
}
int rv = 0;
waitpid(pid,&rv,0);
return rv;
}
static void die()
{
if (s_ndrvfd >= 0)
close(s_ndrvfd);
if (s_bpffd >= 0)
close(s_bpffd);
if (s_deviceName[0])
run("/sbin/ifconfig",s_deviceName,"destroy",(char *)0);
if (s_peerDeviceName[0])
run("/sbin/ifconfig",s_peerDeviceName,"destroy",(char *)0);
}
int main(int argc,char **argv)
{
char buf[128];
struct ifreq ifr;
u_int fl;
fd_set rfds,wfds,efds;
struct iovec iov[2];
s_deviceName[0] = 0;
s_peerDeviceName[0] = 0;
s_parentPid = getppid();
atexit(&die);
signal(SIGIO,SIG_IGN);
signal(SIGCHLD,SIG_IGN);
signal(SIGPIPE,SIG_IGN);
signal(SIGUSR1,SIG_IGN);
signal(SIGUSR2,SIG_IGN);
signal(SIGALRM,SIG_IGN);
signal(SIGQUIT,&exit);
signal(SIGTERM,&exit);
signal(SIGKILL,&exit);
signal(SIGINT,&exit);
signal(SIGPIPE,&exit);
if (getuid() != 0) {
if (setuid(0) != 0) {
fprintf(stderr,"E must be run as root or with root setuid bit on executable\n");
return ZT_MACETHERNETTAPAGENT_EXIT_CODE_INVALID_REQUEST;
}
}
if (argc < 5) {
fprintf(stderr,"E invalid or missing argument(s) (usage: MacEthernetTapAgent <0-4999> <mac> <mtu> <metric>)\n");
return ZT_MACETHERNETTAPAGENT_EXIT_CODE_INVALID_REQUEST;
}
const int deviceNo = atoi(argv[1]);
if ((deviceNo < 0)||(deviceNo > 4999)) {
fprintf(stderr,"E invalid or missing argument(s) (usage: MacEthernetTapAgent <0-4999> <mac> <mtu> <metric>)\n");
return ZT_MACETHERNETTAPAGENT_EXIT_CODE_INVALID_REQUEST;
}
const char *mac = argv[2];
const char *mtu = argv[3];
const char *metric = argv[4];
s_ndrvfd = socket(AF_NDRV,SOCK_RAW,0);
if (s_ndrvfd < 0) {
fprintf(stderr,"E unable to open AF_NDRV socket\n");
return ZT_MACETHERNETTAPAGENT_EXIT_CODE_UNABLE_TO_CREATE;
}
snprintf(s_deviceName,sizeof(s_deviceName),"feth%d",deviceNo);
snprintf(s_peerDeviceName,sizeof(s_peerDeviceName),"feth%d",deviceNo+5000);
if (run(P_IFCONFIG,s_peerDeviceName,"create",(char *)0) != 0) {
fprintf(stderr,"E unable to create %s\n",s_deviceName);
return ZT_MACETHERNETTAPAGENT_EXIT_CODE_UNABLE_TO_CREATE;
}
usleep(10);
if (run(P_IFCONFIG,s_deviceName,"create",(char *)0) != 0) {
fprintf(stderr,"E unable to create %s\n",s_deviceName);
return ZT_MACETHERNETTAPAGENT_EXIT_CODE_UNABLE_TO_CREATE;
}
run(P_IFCONFIG,s_deviceName,"lladdr",mac,(char *)0);
usleep(10);
run(P_IFCONFIG,s_peerDeviceName,"peer",s_deviceName,(char *)0);
usleep(10);
run(P_IFCONFIG,s_peerDeviceName,"mtu","16370","up",(char *)0); /* 16370 is the largest MTU MacOS/Darwin seems to allow */
usleep(10);
run(P_IFCONFIG,s_deviceName,"mtu",mtu,"metric",metric,"up",(char *)0);
usleep(10);
configureIpv6Parameters(s_deviceName,1,0);
usleep(10);
struct sockaddr_ndrv nd;
nd.snd_len = sizeof(struct sockaddr_ndrv);
nd.snd_family = AF_NDRV;
memcpy(nd.snd_name,s_peerDeviceName,sizeof(nd.snd_name));
if (bind(s_ndrvfd,(struct sockaddr *)&nd,sizeof(nd)) != 0) {
fprintf(stderr,"E unable to bind AF_NDRV socket\n");
return ZT_MACETHERNETTAPAGENT_EXIT_CODE_UNABLE_TO_CREATE;
}
if (connect(s_ndrvfd,(struct sockaddr *)&nd,sizeof(nd)) != 0) {
fprintf(stderr,"E unable to connect AF_NDRV socket\n");
return ZT_MACETHERNETTAPAGENT_EXIT_CODE_UNABLE_TO_CREATE;
}
/* Start at /dev/bpf1 since some simple bpf-using net utilities hard-code /dev/bpf0.
* Things like libpcap are smart enough to search. */
for(int bpfno=1;bpfno<5000;++bpfno) {
char tmp[32];
snprintf(tmp,sizeof(tmp),"/dev/bpf%d",bpfno);
s_bpffd = open(tmp,O_RDWR);
if (s_bpffd >= 0) {
break;
}
}
if (s_bpffd < 0) {
fprintf(stderr,"E unable to open bpf device\n");
return ZT_MACETHERNETTAPAGENT_EXIT_CODE_UNABLE_TO_CREATE;
}
fl = sizeof(s_pktReadBuf);
if (ioctl(s_bpffd,BIOCSBLEN,&fl) != 0) {
return ZT_MACETHERNETTAPAGENT_EXIT_CODE_UNABLE_TO_CREATE;
}
const size_t readPktSize = (size_t)fl;
fl = 1;
if (ioctl(s_bpffd,BIOCIMMEDIATE,&fl) != 0) {
return ZT_MACETHERNETTAPAGENT_EXIT_CODE_UNABLE_TO_CREATE;
}
fl = 0;
if (ioctl(s_bpffd,BIOCSSEESENT,&fl) != 0) {
return ZT_MACETHERNETTAPAGENT_EXIT_CODE_UNABLE_TO_CREATE;
}
memset(&ifr,0,sizeof(ifr));
memcpy(ifr.ifr_name,s_peerDeviceName,IFNAMSIZ);
if (ioctl(s_bpffd,BIOCSETIF,&ifr) != 0) {
return ZT_MACETHERNETTAPAGENT_EXIT_CODE_UNABLE_TO_CREATE;
}
fl = 1;
if (ioctl(s_bpffd,BIOCSHDRCMPLT,&fl) != 0) {
return ZT_MACETHERNETTAPAGENT_EXIT_CODE_UNABLE_TO_CREATE;
}
fl = 1;
if (ioctl(s_bpffd,BIOCPROMISC,&fl) != 0) {
return ZT_MACETHERNETTAPAGENT_EXIT_CODE_UNABLE_TO_CREATE;
}
fprintf(stderr,"I %s %s %d.%d.%d.%d\n",s_deviceName,s_peerDeviceName,ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION,ZEROTIER_ONE_VERSION_BUILD);
FD_ZERO(&rfds);
FD_ZERO(&wfds);
FD_ZERO(&efds);
long stdinReadPtr = 0;
for(;;) {
FD_SET(STDIN_FILENO,&rfds);
FD_SET(s_bpffd,&rfds);
if (select(s_bpffd+1,&rfds,&wfds,&efds,(struct timeval *)0) < 0) {
if ((errno == EAGAIN)||(errno == EINTR)) {
usleep(10);
continue;
}
return ZT_MACETHERNETTAPAGENT_EXIT_CODE_READ_ERROR;
}
if (FD_ISSET(s_bpffd,&rfds)) {
long n = (long)read(s_bpffd,s_pktReadBuf,readPktSize);
if (n > 0) {
for(unsigned char *p=s_pktReadBuf,*eof=p+n;p<eof;) {
struct bpf_hdr *h = (struct bpf_hdr *)p;
if ((h->bh_caplen > 0)&&((p + h->bh_hdrlen + h->bh_caplen) <= eof)) {
uint16_t len = (uint16_t)h->bh_caplen;
iov[0].iov_base = &len;
iov[0].iov_len = 2;
iov[1].iov_base = p + h->bh_hdrlen;
iov[1].iov_len = h->bh_caplen;
writev(STDOUT_FILENO,iov,2);
}
p += BPF_WORDALIGN(h->bh_hdrlen + h->bh_caplen);
}
}
}
if (FD_ISSET(STDIN_FILENO,&rfds)) {
long n = (long)read(STDIN_FILENO,s_stdinReadBuf + stdinReadPtr,sizeof(s_stdinReadBuf) - stdinReadPtr);
if (n > 0) {
stdinReadPtr += n;
while (stdinReadPtr >= 2) {
long len = *((uint16_t *)s_stdinReadBuf);
if (stdinReadPtr >= (len + 2)) {
if (len > 0) {
unsigned char *msg = s_stdinReadBuf + 2;
switch(msg[0]) {
case ZT_MACETHERNETTAPAGENT_STDIN_CMD_PACKET:
if (len > 1) {
if (write(s_ndrvfd,msg+1,len-1) < 0) {
fprintf(stderr,"E inject failed size==%ld errno==%d\n",len-1,errno);
}
}
break;
case ZT_MACETHERNETTAPAGENT_STDIN_CMD_IFCONFIG: {
char *args[16];
args[0] = P_IFCONFIG;
args[1] = s_deviceName;
int argNo = 2;
for(int argPtr=0,k=1,l=(int)len;k<l;++k) {
if (!msg[k]) {
if (argPtr > 0) {
argPtr = 0;
++argNo;
if (argNo >= 15) {
break;
}
}
} else {
if (argPtr == 0) {
args[argNo] = (char *)(msg + k);
}
argPtr++;
}
}
args[argNo] = (char *)0;
if (argNo > 2) {
pid_t pid = fork();
if (pid < 0) {
return -1;
} else if (pid == 0) {
dup2(STDERR_FILENO,STDOUT_FILENO);
execv(args[0],args);
_exit(-1);
}
int rv = 0;
waitpid(pid,&rv,0);
}
} break;
case ZT_MACETHERNETTAPAGENT_STDIN_CMD_EXIT:
return ZT_MACETHERNETTAPAGENT_EXIT_CODE_SUCCESS;
default:
fprintf(stderr,"E unrecognized message type over pipe from host process: %d (length: %d)\n",(int)msg[0],(int)len);
break;
}
}
if (stdinReadPtr > (len + 2)) {
memmove(s_stdinReadBuf,s_stdinReadBuf + len + 2,stdinReadPtr -= (len + 2));
} else {
stdinReadPtr = 0;
}
} else {
break;
}
}
}
}
}
return ZT_MACETHERNETTAPAGENT_EXIT_CODE_SUCCESS;
}

28
attic/MacEthernetTapAgent.h
View file

@ -1,28 +0,0 @@
/*
* Copyright (c)2019 ZeroTier, Inc.
*
* Use of this software is governed by the Business Source License included
* in the LICENSE.TXT file in the project's root directory.
*
* Change Date: 2026-01-01
*
* On the date above, in accordance with the Business Source License, use
* of this software will be governed by version 2.0 of the Apache License.
*/
/****/
#ifndef ZT_MACETHERNETTAPAGENT_H
#define ZT_MACETHERNETTAPAGENT_H
#define ZT_MACETHERNETTAPAGENT_EXIT_CODE_SUCCESS 0
#define ZT_MACETHERNETTAPAGENT_EXIT_CODE_INVALID_REQUEST -1
#define ZT_MACETHERNETTAPAGENT_EXIT_CODE_UNABLE_TO_CREATE -2
#define ZT_MACETHERNETTAPAGENT_EXIT_CODE_READ_ERROR -3
#define ZT_MACETHERNETTAPAGENT_STDIN_CMD_PACKET 0
#define ZT_MACETHERNETTAPAGENT_STDIN_CMD_IFCONFIG 1
#define ZT_MACETHERNETTAPAGENT_STDIN_CMD_EXIT 2
#define ZT_MACETHERNETTAPAGENT_DEFAULT_SYSTEM_PATH "/Library/Application Support/ZeroTier/One/MacEthernetTapAgent"
#endif

690
attic/MacKextEthernetTap.cpp
View file

@ -1,690 +0,0 @@
/*
* Copyright (c)2013-2021 ZeroTier, Inc.
*
* Use of this software is governed by the Business Source License included
* in the LICENSE.TXT file in the project's root directory.
*
* Change Date: 2026-01-01
*
* On the date above, in accordance with the Business Source License, use
* of this software will be governed by version 2.0 of the Apache License.
*/
/****/
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <unistd.h>
#include <signal.h>
#include <fcntl.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/ioctl.h>
#include <sys/wait.h>
#include <sys/select.h>
#include <sys/cdefs.h>
#include <sys/uio.h>
#include <sys/param.h>
#include <sys/ioctl.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <net/route.h>
#include <net/if.h>
#include <net/if_arp.h>
#include <net/if_dl.h>
#include <net/if_media.h>
#include <sys/sysctl.h>
#include <netinet6/in6_var.h>
#include <netinet/in_var.h>
#include <netinet/icmp6.h>
// OSX compile fix... in6_var defines this in a struct which namespaces it for C++ ... why?!?
struct prf_ra {
u_char onlink : 1;
u_char autonomous : 1;
u_char reserved : 6;
} prf_ra;
#include <netinet6/nd6.h>
#include <ifaddrs.h>
// These are KERNEL_PRIVATE... why?
#ifndef SIOCAUTOCONF_START
#define SIOCAUTOCONF_START _IOWR('i', 132, struct in6_ifreq) /* accept rtadvd on this interface */
#endif
#ifndef SIOCAUTOCONF_STOP
#define SIOCAUTOCONF_STOP _IOWR('i', 133, struct in6_ifreq) /* stop accepting rtadv for this interface */
#endif
// --------------------------------------------------------------------------
// --------------------------------------------------------------------------
// This source is from:
// http://www.opensource.apple.com/source/Libinfo/Libinfo-406.17/gen.subproj/getifmaddrs.c?txt
// It's here because OSX 10.6 does not have this convenience function.
#define SALIGN (sizeof(uint32_t) - 1)
#define SA_RLEN(sa) ((sa)->sa_len ? (((sa)->sa_len + SALIGN) & ~SALIGN) : \
(SALIGN + 1))
#define MAX_SYSCTL_TRY 5
#define RTA_MASKS (RTA_GATEWAY | RTA_IFP | RTA_IFA)
/* FreeBSD uses NET_RT_IFMALIST and RTM_NEWMADDR from <sys/socket.h> */
/* We can use NET_RT_IFLIST2 and RTM_NEWMADDR2 on Darwin */
//#define DARWIN_COMPAT
//#ifdef DARWIN_COMPAT
#define GIM_SYSCTL_MIB NET_RT_IFLIST2
#define GIM_RTM_ADDR RTM_NEWMADDR2
//#else
//#define GIM_SYSCTL_MIB NET_RT_IFMALIST
//#define GIM_RTM_ADDR RTM_NEWMADDR
//#endif
// Not in 10.6 includes so use our own
struct _intl_ifmaddrs {
struct _intl_ifmaddrs *ifma_next;
struct sockaddr *ifma_name;
struct sockaddr *ifma_addr;
struct sockaddr *ifma_lladdr;
};
static inline int _intl_getifmaddrs(struct _intl_ifmaddrs **pif)
{
int icnt = 1;
int dcnt = 0;
int ntry = 0;
size_t len;
size_t needed;
int mib[6];
int i;
char *buf;
char *data;
char *next;
char *p;
struct ifma_msghdr2 *ifmam;
struct _intl_ifmaddrs *ifa, *ift;
struct rt_msghdr *rtm;
struct sockaddr *sa;
mib[0] = CTL_NET;
mib[1] = PF_ROUTE;
mib[2] = 0; /* protocol */
mib[3] = 0; /* wildcard address family */
mib[4] = GIM_SYSCTL_MIB;
mib[5] = 0; /* no flags */
do {
if (sysctl(mib, 6, NULL, &needed, NULL, 0) < 0)
return (-1);
if ((buf = (char *)malloc(needed)) == NULL)
return (-1);
if (sysctl(mib, 6, buf, &needed, NULL, 0) < 0) {
if (errno != ENOMEM || ++ntry >= MAX_SYSCTL_TRY) {
free(buf);
return (-1);
}
free(buf);
buf = NULL;
}
} while (buf == NULL);
for (next = buf; next < buf + needed; next += rtm->rtm_msglen) {
rtm = (struct rt_msghdr *)(void *)next;
if (rtm->rtm_version != RTM_VERSION)
continue;
switch (rtm->rtm_type) {
case GIM_RTM_ADDR:
ifmam = (struct ifma_msghdr2 *)(void *)rtm;
if ((ifmam->ifmam_addrs & RTA_IFA) == 0)
break;
icnt++;
p = (char *)(ifmam + 1);
for (i = 0; i < RTAX_MAX; i++) {
if ((RTA_MASKS & ifmam->ifmam_addrs &
(1 << i)) == 0)
continue;
sa = (struct sockaddr *)(void *)p;
len = SA_RLEN(sa);
dcnt += len;
p += len;
}
break;
}
}
data = (char *)malloc(sizeof(struct _intl_ifmaddrs) * icnt + dcnt);
if (data == NULL) {
free(buf);
return (-1);
}
ifa = (struct _intl_ifmaddrs *)(void *)data;
data += sizeof(struct _intl_ifmaddrs) * icnt;
memset(ifa, 0, sizeof(struct _intl_ifmaddrs) * icnt);
ift = ifa;
for (next = buf; next < buf + needed; next += rtm->rtm_msglen) {
rtm = (struct rt_msghdr *)(void *)next;
if (rtm->rtm_version != RTM_VERSION)
continue;
switch (rtm->rtm_type) {
case GIM_RTM_ADDR:
ifmam = (struct ifma_msghdr2 *)(void *)rtm;
if ((ifmam->ifmam_addrs & RTA_IFA) == 0)
break;
p = (char *)(ifmam + 1);
for (i = 0; i < RTAX_MAX; i++) {
if ((RTA_MASKS & ifmam->ifmam_addrs &
(1 << i)) == 0)
continue;
sa = (struct sockaddr *)(void *)p;
len = SA_RLEN(sa);
switch (i) {
case RTAX_GATEWAY:
ift->ifma_lladdr =
(struct sockaddr *)(void *)data;
memcpy(data, p, len);
data += len;
break;
case RTAX_IFP:
ift->ifma_name =
(struct sockaddr *)(void *)data;
memcpy(data, p, len);
data += len;
break;
case RTAX_IFA:
ift->ifma_addr =
(struct sockaddr *)(void *)data;
memcpy(data, p, len);
data += len;
break;
default:
data += len;
break;
}
p += len;
}
ift->ifma_next = ift + 1;
ift = ift->ifma_next;
break;
}
}
free(buf);
if (ift > ifa) {
ift--;
ift->ifma_next = NULL;
*pif = ifa;
} else {
*pif = NULL;
free(ifa);
}
return (0);
}
static inline void _intl_freeifmaddrs(struct _intl_ifmaddrs *ifmp)
{
free(ifmp);
}
// --------------------------------------------------------------------------
// --------------------------------------------------------------------------
#include <string>
#include <map>
#include <set>
#include <algorithm>
#include "../core/Constants.hpp"
#include "../core/Utils.hpp"
#include "../core/Mutex.hpp"
#include "../core/Dictionary.hpp"
#include "OSUtils.hpp"
#include "MacKextEthernetTap.hpp"
// ff:ff:ff:ff:ff:ff with no ADI
static const ZeroTier::MulticastGroup _blindWildcardMulticastGroup(ZeroTier::MAC(0xff),0);
static inline bool _setIpv6Stuff(const char *ifname,bool performNUD,bool acceptRouterAdverts)
{
struct in6_ndireq nd;
struct in6_ifreq ifr;
int s = socket(AF_INET6,SOCK_DGRAM,0);
if (s <= 0)
return false;
memset(&nd,0,sizeof(nd));
strncpy(nd.ifname,ifname,sizeof(nd.ifname));
if (ioctl(s,SIOCGIFINFO_IN6,&nd)) {
close(s);
return false;
}
unsigned long oldFlags = (unsigned long)nd.ndi.flags;
if (performNUD)
nd.ndi.flags |= ND6_IFF_PERFORMNUD;
else nd.ndi.flags &= ~ND6_IFF_PERFORMNUD;
if (oldFlags != (unsigned long)nd.ndi.flags) {
if (ioctl(s,SIOCSIFINFO_FLAGS,&nd)) {
close(s);
return false;
}
}
memset(&ifr,0,sizeof(ifr));
strncpy(ifr.ifr_name,ifname,sizeof(ifr.ifr_name));
if (ioctl(s,acceptRouterAdverts ? SIOCAUTOCONF_START : SIOCAUTOCONF_STOP,&ifr)) {
close(s);
return false;
}
close(s);
return true;
}
namespace ZeroTier {
static long globalTapsRunning = 0;
static Mutex globalTapCreateLock;
MacKextEthernetTap::MacKextEthernetTap(
const char *homePath,
const MAC &mac,
unsigned int mtu,
unsigned int metric,
uint64_t nwid,
const char *friendlyName,
void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *data,unsigned int len),
void *arg) :
_handler(handler),
_arg(arg),
_nwid(nwid),
_homePath(homePath),
_mtu(mtu),
_metric(metric),
_fd(0),
_enabled(true)
{
char devpath[64],ethaddr[64],mtustr[32],metstr[32],nwids[32];
struct stat stattmp;
OSUtils::ztsnprintf(nwids,sizeof(nwids),"%.16llx",nwid);
Mutex::Lock _gl(globalTapCreateLock);
if (::stat("/dev/zt0",&stattmp)) {
long kextpid = (long)vfork();
if (kextpid == 0) {
::chdir(homePath);
OSUtils::redirectUnixOutputs("/dev/null",(const char *)0);
::execl("/sbin/kextload","/sbin/kextload","-q","-repository",homePath,"tap.kext",(const char *)0);
::_exit(-1);
} else if (kextpid > 0) {
int exitcode = -1;
::waitpid(kextpid,&exitcode,0);
}
::usleep(500); // give tap device driver time to start up and try again
if (::stat("/dev/zt0",&stattmp))
throw std::runtime_error("/dev/zt# tap devices do not exist and cannot load tap.kext");
}
// Try to reopen the last device we had, if we had one and it's still unused.
std::map<std::string,std::string> globalDeviceMap;
FILE *devmapf = fopen((_homePath + ZT_PATH_SEPARATOR_S + "devicemap").c_str(),"r");
if (devmapf) {
char buf[256];
while (fgets(buf,sizeof(buf),devmapf)) {
char *x = (char *)0;
char *y = (char *)0;
char *saveptr = (char *)0;
for(char *f=Utils::stok(buf,"\r\n=",&saveptr);(f);f=Utils::stok((char *)0,"\r\n=",&saveptr)) {
if (!x) x = f;
else if (!y) y = f;
else break;
}
if ((x)&&(y)&&(x[0])&&(y[0]))
globalDeviceMap[x] = y;
}
fclose(devmapf);
}
bool recalledDevice = false;
std::map<std::string,std::string>::const_iterator gdmEntry = globalDeviceMap.find(nwids);
if (gdmEntry != globalDeviceMap.end()) {
std::string devpath("/dev/"); devpath.append(gdmEntry->second);
if (stat(devpath.c_str(),&stattmp) == 0) {
_fd = ::open(devpath.c_str(),O_RDWR);
if (_fd > 0) {
_dev = gdmEntry->second;
recalledDevice = true;
}
}
}
// Open the first unused tap device if we didn't recall a previous one.
if (!recalledDevice) {
for(int i=0;i<64;++i) {
OSUtils::ztsnprintf(devpath,sizeof(devpath),"/dev/zt%d",i);
if (stat(devpath,&stattmp))
throw std::runtime_error("no more TAP devices available");
_fd = ::open(devpath,O_RDWR);
if (_fd > 0) {
char foo[16];
OSUtils::ztsnprintf(foo,sizeof(foo),"zt%d",i);
_dev = foo;
break;
}
}
}
if (_fd <= 0)
throw std::runtime_error("unable to open TAP device or no more devices available");
if (fcntl(_fd,F_SETFL,fcntl(_fd,F_GETFL) & ~O_NONBLOCK) == -1) {
::close(_fd);
throw std::runtime_error("unable to set flags on file descriptor for TAP device");
}
// Configure MAC address and MTU, bring interface up
OSUtils::ztsnprintf(ethaddr,sizeof(ethaddr),"%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",(int)mac[0],(int)mac[1],(int)mac[2],(int)mac[3],(int)mac[4],(int)mac[5]);
OSUtils::ztsnprintf(mtustr,sizeof(mtustr),"%u",_mtu);
OSUtils::ztsnprintf(metstr,sizeof(metstr),"%u",_metric);
long cpid = (long)vfork();
if (cpid == 0) {
::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"lladdr",ethaddr,"mtu",mtustr,"metric",metstr,"up",(const char *)0);
::_exit(-1);
} else if (cpid > 0) {
int exitcode = -1;
::waitpid(cpid,&exitcode,0);
if (exitcode) {
::close(_fd);
throw std::runtime_error("ifconfig failure setting link-layer address and activating tap interface");
}
}
_setIpv6Stuff(_dev.c_str(),true,false);
// Set close-on-exec so that devices cannot persist if we fork/exec for update
fcntl(_fd,F_SETFD,fcntl(_fd,F_GETFD) | FD_CLOEXEC);
::pipe(_shutdownSignalPipe);
++globalTapsRunning;
globalDeviceMap[nwids] = _dev;
devmapf = fopen((_homePath + ZT_PATH_SEPARATOR_S + "devicemap").c_str(),"w");
if (devmapf) {
gdmEntry = globalDeviceMap.begin();
while (gdmEntry != globalDeviceMap.end()) {
fprintf(devmapf,"%s=%s\n",gdmEntry->first.c_str(),gdmEntry->second.c_str());
++gdmEntry;
}
fclose(devmapf);
}
_thread = Thread::start(this);
}
MacKextEthernetTap::~MacKextEthernetTap()
{
::write(_shutdownSignalPipe[1],"\0",1); // causes thread to exit
Thread::join(_thread);
::close(_fd);
::close(_shutdownSignalPipe[0]);
::close(_shutdownSignalPipe[1]);
{
Mutex::Lock _gl(globalTapCreateLock);
if (--globalTapsRunning <= 0) {
globalTapsRunning = 0; // sanity check -- should not be possible
char tmp[16384];
sprintf(tmp,"%s/%s",_homePath.c_str(),"tap.kext");
long kextpid = (long)vfork();
if (kextpid == 0) {
OSUtils::redirectUnixOutputs("/dev/null",(const char *)0);
::execl("/sbin/kextunload","/sbin/kextunload",tmp,(const char *)0);
::_exit(-1);
} else if (kextpid > 0) {
int exitcode = -1;
::waitpid(kextpid,&exitcode,0);
}
}
}
}
void MacKextEthernetTap::setEnabled(bool en)
{
_enabled = en;
// TODO: interface status change
}
bool MacKextEthernetTap::enabled() const
{
return _enabled;
}
bool MacKextEthernetTap::addIp(const InetAddress &ip)
{
if (!ip)
return false;
long cpid = (long)vfork();
if (cpid == 0) {
char tmp[128];
::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),(ip.family() == AF_INET6) ? "inet6" : "inet",ip.toString(tmp),"alias",(const char *)0);
::_exit(-1);
} else if (cpid > 0) {
int exitcode = -1;
::waitpid(cpid,&exitcode,0);
return (exitcode == 0);
} // else return false...
return false;
}
bool MacKextEthernetTap::removeIp(const InetAddress &ip)
{
if (!ip)
return true;
std::vector<InetAddress> allIps(ips());
for(std::vector<InetAddress>::iterator i(allIps.begin());i!=allIps.end();++i) {
if (*i == ip) {
long cpid = (long)vfork();
if (cpid == 0) {
char tmp[128];
execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),(ip.family() == AF_INET6) ? "inet6" : "inet",ip.toIpString(tmp),"-alias",(const char *)0);
_exit(-1);
} else if (cpid > 0) {
int exitcode = -1;
waitpid(cpid,&exitcode,0);
return (exitcode == 0);
}
}
}
return false;
}
std::vector<InetAddress> MacKextEthernetTap::ips() const
{
struct ifaddrs *ifa = (struct ifaddrs *)0;
if (getifaddrs(&ifa))
return std::vector<InetAddress>();
std::vector<InetAddress> r;
struct ifaddrs *p = ifa;
while (p) {
if ((!strcmp(p->ifa_name,_dev.c_str()))&&(p->ifa_addr)&&(p->ifa_netmask)&&(p->ifa_addr->sa_family == p->ifa_netmask->sa_family)) {
switch(p->ifa_addr->sa_family) {
case AF_INET: {
struct sockaddr_in *sin = (struct sockaddr_in *)p->ifa_addr;
struct sockaddr_in *nm = (struct sockaddr_in *)p->ifa_netmask;
r.push_back(InetAddress(&(sin->sin_addr.s_addr),4,Utils::countBits((uint32_t)nm->sin_addr.s_addr)));
} break;
case AF_INET6: {
struct sockaddr_in6 *sin = (struct sockaddr_in6 *)p->ifa_addr;
struct sockaddr_in6 *nm = (struct sockaddr_in6 *)p->ifa_netmask;
uint32_t b[4];
memcpy(b,nm->sin6_addr.s6_addr,sizeof(b));
r.push_back(InetAddress(sin->sin6_addr.s6_addr,16,Utils::countBits(b[0]) + Utils::countBits(b[1]) + Utils::countBits(b[2]) + Utils::countBits(b[3])));
} break;
}
}
p = p->ifa_next;
}
if (ifa)
freeifaddrs(ifa);
std::sort(r.begin(),r.end());
r.erase(std::unique(r.begin(),r.end()),r.end());
return r;
}
void MacKextEthernetTap::put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len)
{
char putBuf[ZT_MAX_MTU + 64];
if ((_fd > 0)&&(len <= _mtu)&&(_enabled)) {
to.copyTo((uint8_t *)putBuf);
from.copyTo((uint8_t *)(putBuf + 6));
*((uint16_t *)(putBuf + 12)) = htons((uint16_t)etherType);
memcpy(putBuf + 14,data,len);
len += 14;
::write(_fd,putBuf,len);
}
}
std::string MacKextEthernetTap::deviceName() const
{
return _dev;
}
void MacKextEthernetTap::setFriendlyName(const char *friendlyName)
{
}
void MacKextEthernetTap::scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed)
{
std::vector<MulticastGroup> newGroups;
struct _intl_ifmaddrs *ifmap = (struct _intl_ifmaddrs *)0;
if (!_intl_getifmaddrs(&ifmap)) {
struct _intl_ifmaddrs *p = ifmap;
while (p) {
if (p->ifma_addr->sa_family == AF_LINK) {
struct sockaddr_dl *in = (struct sockaddr_dl *)p->ifma_name;
struct sockaddr_dl *la = (struct sockaddr_dl *)p->ifma_addr;
if ((la->sdl_alen == 6)&&(in->sdl_nlen <= _dev.length())&&(!memcmp(_dev.data(),in->sdl_data,in->sdl_nlen)))
newGroups.push_back(MulticastGroup(MAC((uint8_t *)(la->sdl_data + la->sdl_nlen)),0));
}
p = p->ifma_next;
}
_intl_freeifmaddrs(ifmap);
}
std::vector<InetAddress> allIps(ips());
for(std::vector<InetAddress>::iterator ip(allIps.begin());ip!=allIps.end();++ip)
newGroups.push_back(MulticastGroup::deriveMulticastGroupForAddressResolution(*ip));
std::sort(newGroups.begin(),newGroups.end());
std::unique(newGroups.begin(),newGroups.end());
for(std::vector<MulticastGroup>::iterator m(newGroups.begin());m!=newGroups.end();++m) {
if (!std::binary_search(_multicastGroups.begin(),_multicastGroups.end(),*m))
added.push_back(*m);
}
for(std::vector<MulticastGroup>::iterator m(_multicastGroups.begin());m!=_multicastGroups.end();++m) {
if (!std::binary_search(newGroups.begin(),newGroups.end(),*m))
removed.push_back(*m);
}
_multicastGroups.swap(newGroups);
}
void MacKextEthernetTap::setMtu(unsigned int mtu)
{
if (mtu != _mtu) {
_mtu = mtu;
long cpid = (long)vfork();
if (cpid == 0) {
char tmp[64];
OSUtils::ztsnprintf(tmp,sizeof(tmp),"%u",mtu);
execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"mtu",tmp,(const char *)0);
_exit(-1);
} else if (cpid > 0) {
int exitcode = -1;
waitpid(cpid,&exitcode,0);
}
}
}
void MacKextEthernetTap::threadMain()
throw()
{
fd_set readfds,nullfds;
MAC to,from;
int n,nfds,r;
char getBuf[ZT_MAX_MTU + 64];
Thread::sleep(500);
FD_ZERO(&readfds);
FD_ZERO(&nullfds);
nfds = (int)std::max(_shutdownSignalPipe[0],_fd) + 1;
r = 0;
for(;;) {
FD_SET(_shutdownSignalPipe[0],&readfds);
FD_SET(_fd,&readfds);
select(nfds,&readfds,&nullfds,&nullfds,(struct timeval *)0);
if (FD_ISSET(_shutdownSignalPipe[0],&readfds)) // writes to shutdown pipe terminate thread
break;
if (FD_ISSET(_fd,&readfds)) {
n = (int)::read(_fd,getBuf + r,sizeof(getBuf) - r);
if (n < 0) {
if ((errno != EINTR)&&(errno != ETIMEDOUT))
break;
} else {
// Some tap drivers like to send the ethernet frame and the
// payload in two chunks, so handle that by accumulating
// data until we have at least a frame.
r += n;
if (r > 14) {
if (r > ((int)_mtu + 14)) // sanity check for weird TAP behavior on some platforms
r = _mtu + 14;
if (_enabled) {
to.setTo((uint8_t *)getBuf);
from.setTo((uint8_t *)(getBuf + 6));
unsigned int etherType = ntohs(((const uint16_t *)getBuf)[6]);
// TODO: VLAN support
_handler(_arg,(void *)0,_nwid,from,to,etherType,0,(const void *)(getBuf + 14),r - 14);
}
r = 0;
}
}
}
}
}
} // namespace ZeroTier

80
attic/MacKextEthernetTap.hpp
View file

@ -1,80 +0,0 @@
/*
* Copyright (c)2013-2021 ZeroTier, Inc.
*
* Use of this software is governed by the Business Source License included
* in the LICENSE.TXT file in the project's root directory.
*
* Change Date: 2026-01-01
*
* On the date above, in accordance with the Business Source License, use
* of this software will be governed by version 2.0 of the Apache License.
*/
/****/
#ifndef ZT_MacKextEthernetTap_HPP
#define ZT_MacKextEthernetTap_HPP
#include <stdio.h>
#include <stdlib.h>
#include <stdexcept>
#include <string>
#include <vector>
#include "../core/Constants.hpp"
#include "../core/MAC.hpp"
#include "../core/InetAddress.hpp"
#include "../core/MulticastGroup.hpp"
#include "Thread.hpp"
#include "EthernetTap.hpp"
namespace ZeroTier {
class MacKextEthernetTap : public EthernetTap
{
public:
MacKextEthernetTap(
const char *homePath,
const MAC &mac,
unsigned int mtu,
unsigned int metric,
uint64_t nwid,
const char *friendlyName,
void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
void *arg);
virtual ~MacKextEthernetTap();
virtual void setEnabled(bool en);
virtual bool enabled() const;
virtual bool addIp(const InetAddress &ip);
virtual bool removeIp(const InetAddress &ip);
virtual std::vector<InetAddress> ips() const;
virtual void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
virtual std::string deviceName() const;
virtual void setFriendlyName(const char *friendlyName);
virtual void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
virtual void setMtu(unsigned int mtu);
void threadMain()
throw();
private:
void (*_handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int);
void *_arg;
uint64_t _nwid;
Thread _thread;
std::string _homePath;
std::string _dev;
std::vector<MulticastGroup> _multicastGroups;
unsigned int _mtu;
unsigned int _metric;
int _fd;
int _shutdownSignalPipe[2];
volatile bool _enabled;
};
} // namespace ZeroTier
#endif

255
attic/NeighborDiscovery.cpp
View file

@ -1,255 +0,0 @@
/*
* Copyright (c)2013-2021 ZeroTier, Inc.
*
* Use of this software is governed by the Business Source License included
* in the LICENSE.TXT file in the project's root directory.
*
* Change Date: 2026-01-01
*
* On the date above, in accordance with the Business Source License, use
* of this software will be governed by version 2.0 of the Apache License.
*/
/****/
#include "../core/Constants.hpp"
#include "NeighborDiscovery.hpp"
#include "OSUtils.hpp"
#include <cstdlib>
#include <cstring>
namespace ZeroTier {
uint16_t calc_checksum(uint16_t *addr, int len)
{
int count = len;
uint32_t sum = 0;
uint16_t answer = 0;
// Sum up 2-byte values until none or only one byte left.
while (count > 1) {
sum += *(addr++);
count -= 2;
}
// Add left-over byte, if any.
if (count > 0) {
sum += *(uint8_t *)addr;
}
// Fold 32-bit sum into 16 bits; we lose information by doing this,
// increasing the chances of a collision.
// sum = (lower 16 bits) + (upper 16 bits shifted right 16 bits)
while (sum >> 16) {
sum = (sum & 0xffff) + (sum >> 16);
}
// Checksum is one's compliment of sum.
answer = ~sum;
return (answer);
}
struct _pseudo_header
{
uint8_t sourceAddr[16];
uint8_t targetAddr[16];
uint32_t length;
uint8_t zeros[3];
uint8_t next; // 58
};
struct _option
{
_option(int optionType)
: type(optionType), length(8)
{
memset(mac, 0, sizeof(mac));
}
uint8_t type;
uint8_t length;
uint8_t mac[6];
};
struct _neighbor_solicitation
{
_neighbor_solicitation()
: type(135), code(0), checksum(0), option(1)
{
memset(&reserved, 0, sizeof(reserved));
memset(target, 0, sizeof(target));
}
void calculateChecksum(const sockaddr_storage &sourceIp, const sockaddr_storage &destIp)
{
_pseudo_header ph;
memset(&ph, 0, sizeof(_pseudo_header));
const sockaddr_in6 *src = (const sockaddr_in6 *)&sourceIp;
const sockaddr_in6 *dest = (const sockaddr_in6 *)&destIp;
memcpy(ph.sourceAddr, &src->sin6_addr, sizeof(struct in6_addr));
memcpy(ph.targetAddr, &dest->sin6_addr, sizeof(struct in6_addr));
ph.next = 58;
ph.length = htonl(sizeof(_neighbor_solicitation));
size_t len = sizeof(_pseudo_header) + sizeof(_neighbor_solicitation);
uint8_t *tmp = (uint8_t *)malloc(len);
memcpy(tmp, &ph, sizeof(_pseudo_header));
memcpy(tmp + sizeof(_pseudo_header), this, sizeof(_neighbor_solicitation));
checksum = calc_checksum((uint16_t *)tmp, (int)len);
free(tmp);
tmp = NULL;
}
uint8_t type; // 135
uint8_t code; // 0
uint16_t checksum;
uint32_t reserved;
uint8_t target[16];
_option option;
};
struct _neighbor_advertisement
{
_neighbor_advertisement()
: type(136), code(0), checksum(0), rso(0x40), option(2)
{
memset(padding, 0, sizeof(padding));
memset(target, 0, sizeof(target));
}
void calculateChecksum(const sockaddr_storage &sourceIp, const InetAddress &destIp)
{
_pseudo_header ph;
memset(&ph, 0, sizeof(_pseudo_header));
const sockaddr_in6 *src = (const sockaddr_in6 *)&sourceIp;
const sockaddr_in6 *dest = (const sockaddr_in6 *)&destIp;
memcpy(ph.sourceAddr, &src->sin6_addr, sizeof(struct in6_addr));
memcpy(ph.targetAddr, &dest->sin6_addr, sizeof(struct in6_addr));
ph.next = 58;
ph.length = htonl(sizeof(_neighbor_advertisement));
size_t len = sizeof(_pseudo_header) + sizeof(_neighbor_advertisement);
uint8_t *tmp = (uint8_t *)malloc(len);
memcpy(tmp, &ph, sizeof(_pseudo_header));
memcpy(tmp + sizeof(_pseudo_header), this, sizeof(_neighbor_advertisement));
checksum = calc_checksum((uint16_t *)tmp, (int)len);
free(tmp);
tmp = NULL;
}
uint8_t type; // 136
uint8_t code; // 0
uint16_t checksum;
uint8_t rso;
uint8_t padding[3];
uint8_t target[16];
_option option;
};
NeighborDiscovery::NeighborDiscovery()
: _cache(), _lastCleaned(OSUtils::now())
{}
void NeighborDiscovery::addLocal(const sockaddr_storage &address, const MAC &mac)
{
_NDEntry &e = _cache[InetAddress(address)];
e.lastQuerySent = 0;
e.lastResponseReceived = 0;
e.mac = mac;
e.local = true;
}
void NeighborDiscovery::remove(const sockaddr_storage &address)
{
_cache.erase(InetAddress(address));
}
sockaddr_storage NeighborDiscovery::processIncomingND(const uint8_t *nd, unsigned int len, const sockaddr_storage &localIp, uint8_t *response, unsigned int &responseLen, MAC &responseDest)
{
// assert(sizeof(_neighbor_solicitation) == 28);
// assert(sizeof(_neighbor_advertisement) == 32);
const uint64_t now = OSUtils::now();
InetAddress ip;
if (len >= sizeof(_neighbor_solicitation) && nd[0] == 0x87) {
// respond to Neighbor Solicitation request for local address
_neighbor_solicitation solicitation;
memcpy(&solicitation, nd, len);
InetAddress targetAddress(solicitation.target, 16, 0);
Map<InetAddress, NeighborDiscovery::_NDEntry>::const_iterator targetEntry(_cache.find(targetAddress));
if ((targetEntry != _cache.end()) && targetEntry->second.local) {
_neighbor_advertisement adv;
targetEntry->second.mac.copyTo(adv.option.mac);
memcpy(adv.target, solicitation.target, 16);
adv.calculateChecksum(localIp, targetAddress);
memcpy(response, &adv, sizeof(_neighbor_advertisement));
responseLen = sizeof(_neighbor_advertisement);
responseDest.setTo(solicitation.option.mac);
}
} else if (len >= sizeof(_neighbor_advertisement) && nd[0] == 0x88) {
_neighbor_advertisement adv;
memcpy(&adv, nd, len);
InetAddress responseAddress(adv.target, 16, 0);
Map<InetAddress, NeighborDiscovery::_NDEntry>::iterator queryEntry(_cache.find(responseAddress));
if ((queryEntry != _cache.end()) && !queryEntry->second.local && (now - queryEntry->second.lastQuerySent <= ZT_ND_QUERY_MAX_TTL)) {
queryEntry->second.lastResponseReceived = now;
queryEntry->second.mac.setTo(adv.option.mac);
ip = responseAddress;
}
}
if ((now - _lastCleaned) >= ZT_ND_EXPIRE) {
_lastCleaned = now;
for (Map< InetAddress, _NDEntry >::iterator i(_cache.begin()); i != _cache.end();) {
if (!i->second.local && (now - i->second.lastResponseReceived) >= ZT_ND_EXPIRE) {
_cache.erase(i++);
} else {
++i;
}
}
}
return *reinterpret_cast<sockaddr_storage *>(&ip);
}
MAC NeighborDiscovery::query(const MAC &localMac, const sockaddr_storage &localIp, const sockaddr_storage &targetIp, uint8_t *query, unsigned int &queryLen, MAC &queryDest)
{
const uint64_t now = OSUtils::now();
InetAddress localAddress(localIp);
localAddress.setPort(0);
InetAddress targetAddress(targetIp);
targetAddress.setPort(0);
_NDEntry &e = _cache[targetAddress];
if ((e.mac && ((now - e.lastResponseReceived) >= (ZT_ND_EXPIRE / 3))) ||
(!e.mac && ((now - e.lastQuerySent) >= ZT_ND_QUERY_INTERVAL))) {
e.lastQuerySent = now;
_neighbor_solicitation ns;
memcpy(ns.target, targetAddress.rawIpData(), 16);
localMac.copyTo(ns.option.mac);
ns.calculateChecksum(localIp, targetIp);
if (e.mac) {
queryDest = e.mac;
} else {
queryDest = (uint64_t)0xffffffffffffULL;
}
} else {
queryLen = 0;
queryDest.zero();
}
return e.mac;
}
}

69
attic/NeighborDiscovery.hpp
View file

@ -1,69 +0,0 @@
/*
* Copyright (c)2013-2021 ZeroTier, Inc.
*
* Use of this software is governed by the Business Source License included
* in the LICENSE.TXT file in the project's root directory.
*
* Change Date: 2026-01-01
*
* On the date above, in accordance with the Business Source License, use
* of this software will be governed by version 2.0 of the Apache License.
*/
/****/
#ifndef ZT_NEIGHBORDISCOVERY_HPP
#define ZT_NEIGHBORDISCOVERY_HPP
#include "../core/Containers.hpp"
#include "../core/MAC.hpp"
#include "../core/InetAddress.hpp"
#define ZT_ND_QUERY_INTERVAL 2000
#define ZT_ND_QUERY_MAX_TTL 5000
#define ZT_ND_EXPIRE 600000
namespace ZeroTier {
class NeighborDiscovery
{
public:
NeighborDiscovery();
/**
* Set a local IP entry that we should respond to Neighbor Requests withPrefix64k
*
* @param mac Our local MAC address
* @param ip Our IPv6 address
*/
void addLocal(const sockaddr_storage &address, const MAC &mac);
/**
* Delete a local IP entry or cached Neighbor entry
*
* @param address IPv6 address to remove
*/
void remove(const sockaddr_storage &address);
sockaddr_storage processIncomingND(const uint8_t *nd, unsigned int len, const sockaddr_storage &localIp, uint8_t *response, unsigned int &responseLen, MAC &responseDest);
MAC query(const MAC &localMac, const sockaddr_storage &localIp, const sockaddr_storage &targetIp, uint8_t *query, unsigned int &queryLen, MAC &queryDest);
private:
struct _NDEntry
{
_NDEntry() : lastQuerySent(0), lastResponseReceived(0), mac(), local(false)
{}
uint64_t lastQuerySent;
uint64_t lastResponseReceived;
MAC mac;
bool local;
};
Map< InetAddress, _NDEntry > _cache;
uint64_t _lastCleaned;
};
} // namespace ZeroTier
#endif

33
attic/OFFICIAL-RELEASE-STEPS.md
View file

@ -1,33 +0,0 @@
ZeroTier Official Release Steps
======
This is mostly for ZeroTier internal use, but others who want to do builds might find it helpful.
Note: Many of these steps will require GPG and other signing keys that are kept in cold storage and must be mounted.
# Bumping the Version and Preparing Installers
The version must be incremented in all of the following files:
/version.h
/zerotier-one.spec
/debian/changelog
/ext/installfiles/mac/ZeroTier One.pkgproj
/ext/installfiles/windows/ZeroTier One.aip
/windows/WinUI/AboutView.xaml
The final .AIP file can only be edited on Windows with [Advanced Installer Enterprise](http://www.advancedinstaller.com/). In addition to incrementing the version be sure that a new product code is generated. (The "upgrade code" GUID on the other hand must never change.)
# Building for Supported Platforms
## Macintosh
Mac's easy. Just type:
make official
You will need [Packages](http://s.sudre.free.fr/Software/Packages/about.html) and our release signing key in the keychain.
## Windows
First load the Visual Studio solution and rebuild the UI and ZeroTier One in both x64 and i386 `Release` mode. Then load [Advanced Installer Enterprise](http://www.advancedinstaller.com/), check that the version is correct, and build. The build will fail if any build artifacts are missing, and Windows must have our product singing key (from DigiCert) available to sign the resulting MSI file. The MSI must then be tested on at least a few different CLEAN Windows VMs to ensure that the installer is valid and properly signed.

119
attic/PeerList.hpp
View file

@ -1,119 +0,0 @@
/*
* Copyright (c)2013-2021 ZeroTier, Inc.
*
* Use of this software is governed by the Business Source License included
* in the LICENSE.TXT file in the project's root directory.
*
* Change Date: 2026-01-01
*
* On the date above, in accordance with the Business Source License, use
* of this software will be governed by version 2.0 of the Apache License.
*/
/****/
#ifndef ZT_PEERLIST_HPP
#define ZT_PEERLIST_HPP
#include "Constants.hpp"
#include "SharedPtr.hpp"
#include "Peer.hpp"
namespace ZeroTier {
/**
* A list of peers
*
* This is a simple vector optimized for the case where there will almost always
* be zero or one element. In that case it doesn't allocate. If there's more than
* one element, it will grow to include all elements.
*
* It's used to return lookups in Topology where there will almost always be zero
* or one peers returned but where there technically (but very rarely) can be more.
*/
class PeerList
{
public:
ZT_INLINE PeerList() noexcept:
m_onePeer(),
m_peers(&m_onePeer),
m_peerCount(0)
{}
ZT_INLINE PeerList(const PeerList &pl)
{
const unsigned int pc = pl.m_peerCount;
if (likely(pc <= 1)) {
m_onePeer = pl.m_onePeer;
m_peers = &m_onePeer;
} else {
m_peers = new SharedPtr<Peer>[pc];
for (unsigned int i = 0;i < pc;++i)
m_peers[i] = pl.m_peers[i];
}
m_peerCount = pc;
}
ZT_INLINE ~PeerList()
{
if (unlikely(m_peers != &m_onePeer))
delete[] m_peers;
}
ZT_INLINE PeerList &operator=(const PeerList &pl)
{
if (&pl != this) {
if (unlikely(m_peers != &m_onePeer))
delete[] m_peers;
if (likely(pl.m_peerCount <= 1)) {
m_onePeer = pl.m_onePeer;
m_peers = &m_onePeer;
} else {
m_onePeer.zero();
m_peers = new SharedPtr<Peer>[pl.m_peerCount];
for (unsigned int i = 0;i < pl.m_peerCount;++i)
m_peers[i] = pl.m_peers[i];
}
m_peerCount = pl.m_peerCount;
}
return *this;
}
/**
* Resize the peer list to store a given number of members
*
* To populate the list, this must be called first followed by each member
* being set with the [] operator. List content after this call is undefined
* and may contain old data if the object is being re-used.
*
* @param s New size of list
*/
ZT_INLINE void resize(const unsigned int s)
{
if (unlikely(m_peers != &m_onePeer))
delete[] m_peers;
m_peerCount = s;
if (likely(s <= 1)) {
m_peers = &m_onePeer;
} else {
m_peers = new SharedPtr<Peer>[s];
}
}
ZT_INLINE SharedPtr <Peer> &operator[](const unsigned int i) noexcept
{ return m_peers[i]; }
ZT_INLINE const SharedPtr <Peer> &operator[](const unsigned int i) const noexcept
{ return m_peers[i]; }
ZT_INLINE unsigned int size() const noexcept
{ return m_peerCount; }
private:
SharedPtr <Peer> m_onePeer;
SharedPtr <Peer> *m_peers;
unsigned int m_peerCount;
};
} // namespace ZeroTier
#endif

26
attic/central-controller-docker/Dockerfile
View file

@ -1,26 +0,0 @@
# Dockerfile for ZeroTier Central Controllers
FROM centos:7 as builder
MAINTAINER Adam Ierymekno <adam.ierymenko@zerotier.com>, Grant Limberg <grant.limberg@zerotier.com>
ARG git_branch=master
RUN yum update -y
RUN yum install -y https://download.postgresql.org/pub/repos/yum/10/redhat/rhel-7-x86_64/pgdg-centos10-10-2.noarch.rpm
RUN yum -y install epel-release && yum -y update && yum clean all
RUN yum groupinstall -y "Development Tools"
RUN yum install -y bash postgresql10 postgresql10-devel libpqxx-devel glibc-static libstdc++-static clang jemalloc jemalloc-devel
RUN git clone http://git.int.zerotier.com/zerotier/ZeroTierOne.git
RUN if [ "$git_branch" != "master" ]; then cd ZeroTierOne && git checkout -b $git_branch origin/$git_branch; fi
RUN ldconfig
RUN cd ZeroTierOne && make central-controller
FROM centos:7
COPY --from=builder /ZeroTierOne/zerotier-one /usr/local/bin/zerotier-one
RUN chmod a+x /usr/local/bin/zerotier-one
ADD ext/central-controller-docker/main.sh /
RUN chmod a+x /main.sh
ENTRYPOINT /main.sh

3
attic/central-controller-docker/README.md
View file

@ -1,3 +0,0 @@
# ZeroTier Central Controller Docker Image
Dockerfile & startup script for use with [ZeroTier Central](https://my.zerotier.com). Not intended for public use.

80
attic/central-controller-docker/main.sh
View file

@ -1,80 +0,0 @@
#!/bin/bash
if [ -z "$ZT_IDENTITY_PATH" ]; then
echo '*** FAILED: ZT_IDENTITY_PATH environment variable is not defined'
exit 1
fi
if [ -z "$ZT_DB_HOST" ]; then
echo '*** FAILED: ZT_DB_HOST environment variable not defined'
exit 1
fi
if [ -z "$ZT_DB_PORT" ]; then
echo '*** FAILED: ZT_DB_PORT environment variable not defined'
exit 1
fi
if [ -z "$ZT_DB_NAME" ]; then
echo '*** FAILED: ZT_DB_NAME environment variable not defined'
exit 1
fi
if [ -z "$ZT_DB_USER" ]; then
echo '*** FAILED: ZT_DB_USER environment variable not defined'
exit 1
fi
if [ -z "$ZT_DB_PASSWORD" ]; then
echo '*** FAILED: ZT_DB_PASSWORD environment variable not defined'
exit 1
fi
RMQ=""
if [ "$ZT_USE_RABBITMQ" == "true" ]; then
if [ -z "$RABBITMQ_HOST" ]; then
echo '*** FAILED: RABBITMQ_HOST environment variable not defined'
exit 1
fi
if [ -z "$RABBITMQ_PORT" ]; then
echo '*** FAILED: RABBITMQ_PORT environment variable not defined'
exit 1
fi
if [ -z "$RABBITMQ_USERNAME" ]; then
echo '*** FAILED: RABBITMQ_USERNAME environment variable not defined'
exit 1
fi
if [ -z "$RABBITMQ_PASSWORD" ]; then
echo '*** FAILED: RABBITMQ_PASSWORD environment variable not defined'
exit 1
fi
RMQ=", \"rabbitmq\": {
\"host\": \"${RABBITMQ_HOST}\",
\"port\": ${RABBITMQ_PORT},
\"username\": \"${RABBITMQ_USERNAME}\",
\"password\": \"${RABBITMQ_PASSWORD}\"
}"
fi
mkdir -p /var/lib/zerotier-one
pushd /var/lib/zerotier-one
ln -s $ZT_IDENTITY_PATH/identity.public identity.public
ln -s $ZT_IDENTITY_PATH/identity.secret identity.secret
popd
DEFAULT_PORT=9993
echo "{
\"settings\": {
\"portMappingEnabled\": true,
\"softwareUpdate\": \"disable\",
\"interfacePrefixBlacklist\": [
\"inot\",
\"nat64\"
],
\"controllerDbPath\": \"postgres:host=${ZT_DB_HOST} port=${ZT_DB_PORT} dbname=${ZT_DB_NAME} user=${ZT_DB_USER} password=${ZT_DB_PASSWORD} sslmode=prefer sslcert=${DB_CLIENT_CERT} sslkey=${DB_CLIENT_KEY} sslrootcert=${DB_SERVER_CA}\"
${RMQ}
}
}
" > /var/lib/zerotier-one/local.conf
export GLIBCXX_FORCE_NEW=1
export GLIBCPP_FORCE_NEW=1
export LD_PRELOAD="/usr/lib64/libjemalloc.so"
exec /usr/local/bin/zerotier-one -p${ZT_CONTROLLER_PORT:-$DEFAULT_PORT} /var/lib/zerotier-one

0
core/AES.cpp → attic/core/AES.cpp
View file

0
core/AES.hpp → attic/core/AES.hpp
View file

0
core/AES_aesni.cpp → attic/core/AES_aesni.cpp
View file

0
core/AES_armcrypto.cpp → attic/core/AES_armcrypto.cpp
View file

0
core/Address.hpp → attic/core/Address.hpp
View file

0
core/Buf.cpp → attic/core/Buf.cpp
View file

0
core/Buf.hpp → attic/core/Buf.hpp
View file

0
core/C25519.cpp → attic/core/C25519.cpp
View file

0
core/C25519.hpp → attic/core/C25519.hpp
View file

0
core/CAPI.cpp → attic/core/CAPI.cpp
View file

0
core/CMakeLists.txt → attic/core/CMakeLists.txt
View file

0
core/CallContext.hpp → attic/core/CallContext.hpp
View file

0
core/CapabilityCredential.cpp → attic/core/CapabilityCredential.cpp
View file

0
core/CapabilityCredential.hpp → attic/core/CapabilityCredential.hpp
View file

0
core/Certificate.cpp → attic/core/Certificate.cpp
View file

0
core/Certificate.hpp → attic/core/Certificate.hpp
View file

0
core/Constants.hpp → attic/core/Constants.hpp
View file

0
core/Containers.hpp → attic/core/Containers.hpp
View file

0
core/Context.hpp → attic/core/Context.hpp
View file

0
core/Credential.cpp → attic/core/Credential.cpp
View file

0
core/Credential.hpp → attic/core/Credential.hpp
View file

0
core/Defaults.cpp → attic/core/Defaults.cpp
View file

0
core/Defaults.hpp → attic/core/Defaults.hpp
View file

0
core/Defragmenter.hpp → attic/core/Defragmenter.hpp
View file

0
core/Dictionary.cpp → attic/core/Dictionary.cpp
View file

0
core/Dictionary.hpp → attic/core/Dictionary.hpp
View file

0
core/ECC384.cpp → attic/core/ECC384.cpp
View file

0
core/ECC384.hpp → attic/core/ECC384.hpp
View file

0
core/Endpoint.cpp → attic/core/Endpoint.cpp
View file

0
core/Endpoint.hpp → attic/core/Endpoint.hpp
View file

0
core/Expect.hpp → attic/core/Expect.hpp
View file

0
core/FCV.hpp → attic/core/FCV.hpp
View file

0
core/Fingerprint.hpp → attic/core/Fingerprint.hpp
View file

0
core/Identity.cpp → attic/core/Identity.cpp
View file

0
core/Identity.hpp → attic/core/Identity.hpp
View file

0
core/InetAddress.cpp → attic/core/InetAddress.cpp
View file

0
core/InetAddress.hpp → attic/core/InetAddress.hpp
View file

0
core/LZ4.cpp → attic/core/LZ4.cpp
View file

0
core/LZ4.hpp → attic/core/LZ4.hpp
View file

0
core/Locator.cpp → attic/core/Locator.cpp
View file

0
core/Locator.hpp → attic/core/Locator.hpp
View file

0
core/MAC.hpp → attic/core/MAC.hpp
View file

0
core/MIMC52.cpp → attic/core/MIMC52.cpp
View file

0
core/MIMC52.hpp → attic/core/MIMC52.hpp
View file

0
core/Member.cpp → attic/core/Member.cpp
View file

0
core/Member.hpp → attic/core/Member.hpp
View file

0
core/MembershipCredential.cpp → attic/core/MembershipCredential.cpp
View file

0
core/MembershipCredential.hpp → attic/core/MembershipCredential.hpp
View file

0
core/Meter.hpp → attic/core/Meter.hpp
View file

0
core/MulticastGroup.hpp → attic/core/MulticastGroup.hpp
View file

0
core/Mutex.hpp → attic/core/Mutex.hpp
View file

0
core/Network.cpp → attic/core/Network.cpp
View file

0
core/Network.hpp → attic/core/Network.hpp
View file

0
core/NetworkConfig.cpp → attic/core/NetworkConfig.cpp
View file

0
core/NetworkConfig.hpp → attic/core/NetworkConfig.hpp
View file

0
core/NetworkController.hpp → attic/core/NetworkController.hpp
View file

0
core/Node.cpp → attic/core/Node.cpp
View file

0
core/Node.hpp → attic/core/Node.hpp
View file

0
core/OS.hpp → attic/core/OS.hpp
View file

0
core/OwnershipCredential.cpp → attic/core/OwnershipCredential.cpp
View file

0
core/OwnershipCredential.hpp → attic/core/OwnershipCredential.hpp
View file

0
core/Path.cpp → attic/core/Path.cpp
View file

0
core/Path.hpp → attic/core/Path.hpp
View file

0
core/Peer.cpp → attic/core/Peer.cpp
View file

0
core/Peer.hpp → attic/core/Peer.hpp
View file

0
core/Poly1305.cpp → attic/core/Poly1305.cpp
View file

0
core/Poly1305.hpp → attic/core/Poly1305.hpp
View file

0
core/Protocol.hpp → attic/core/Protocol.hpp
View file

0
core/README.md → attic/core/README.md
View file

0
core/RevocationCredential.cpp → attic/core/RevocationCredential.cpp
View file

0
core/RevocationCredential.hpp → attic/core/RevocationCredential.hpp
View file

0
core/SHA512.cpp → attic/core/SHA512.cpp
View file

0
core/SHA512.hpp → attic/core/SHA512.hpp
View file

0
core/Salsa20.cpp → attic/core/Salsa20.cpp
View file

0
core/Salsa20.hpp → attic/core/Salsa20.hpp
View file

0
core/ScopedPtr.hpp → attic/core/ScopedPtr.hpp
View file

0
core/SelfAwareness.cpp → attic/core/SelfAwareness.cpp
View file

0
core/SelfAwareness.hpp → attic/core/SelfAwareness.hpp
View file

0
core/SharedPtr.hpp → attic/core/SharedPtr.hpp
View file

0
core/Spinlock.hpp → attic/core/Spinlock.hpp
View file

0
core/Store.hpp → attic/core/Store.hpp
View file

0
core/SymmetricKey.hpp → attic/core/SymmetricKey.hpp
View file

Some files were not shown because too many files have changed in this diff Show more