void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-04-22 15:06:54 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: void:1.2.2
Branches Tags
void:dev
void:gl/cv2-ctl
void:dependabot/cargo/rustybits/crossbeam-channel-0.5.15
void:dev-extosdep
void:root
void:jh-fix-openbsd-tap
void:laduke/2361-phy-mtu
void:core-objs
void:1.14.2
void:hello-encryption
void:gone-fishin
void:jh-fix-bsd-tap-build-error
void:jh-fix-for-lbm
void:main
void:actions
void:fix-flows-for-bridge-mode-mp
void:proxy
void:release-chores
void:1.14.2
void:1.14.1
void:1.14.0
void:1.12.2
void:1.12.1
void:1.12.0
void:1.10.6
void:1.10.5
void:1.10.4
void:1.10.3
void:1.10.2
void:1.10.1
void:1.10.0
void:1.8.10
void:1.8.9
void:1.8.8
void:1.8.7
void:1.8.6
void:1.8.5
void:1.8.4
void:1.8.3
void:1.8.2
void:1.8.1
void:1.6.6-fixed-windows-inf
void:1.6.6
void:1.6.5
void:1.6.4
void:1.6.3
void:v2-before-rusting
void:1.6.2
void:1.6.1
void:1.6.0
void:1.5.0
void:central-controller-1.4.6-202003040912
void:central-controller-1.4.6-202003032249
void:central-controller-1.4.6-202003031336
void:1.4.6
void:1.4.4
void:1.4.2
void:1.4.0.1-2
void:1.4.0.1
void:1.4.0
void:v1.1.5-live-roots
void:1.2.12
void:1.2.10
void:1.2.8
void:1.2.6
void:cust-ixia
void:1.2.4
void:1.2.2
void:1.2.0
void:1.1.17-pre1.2.0
void:1.1.14
void:1.1.12
void:1.1.10
void:1.1.8
void:1.1.6
void:1.1.4
void:1.1.2
void:1.1.0
void:1.0.5
void:1.0.4
void:1.0.3
void:1.0.2
void:1.0.1
void:1.0.0
void:0.9.3
void:0.9.2
void:0.9.1
void:0.9.0
void:0.8.2
void:0.8.1
void:0.8.0
void:0.7.2
void:0.7.1
void:0.7.0
void:0.6.14
void:0.6.13
void:0.6.12
void:0.6.11
void:0.6.10
void:0.6.9
void:0.6.8
void:0.6.7
void:0.6.6
void:0.6.5
void:0.6.4
void:0.6.3
void:0.6.2
void:0.6.1
void:0.6.0
void:0.5.0
void:0.4.5
void:0.4.4
void:0.4.3
void:0.4.2
void:0.4.1
void:0.4.0
void:0.3.0
void:0.2.5
void:0.2.4
void:0.2.3
void:0.2.2
void:0.2.1
void:0.2.0
..
compare: void:dev
Branches Tags
void:gl/cv2-ctl
void:dependabot/cargo/rustybits/crossbeam-channel-0.5.15
void:dev
void:dev-extosdep
void:root
void:jh-fix-openbsd-tap
void:laduke/2361-phy-mtu
void:core-objs
void:1.14.2
void:hello-encryption
void:gone-fishin
void:jh-fix-bsd-tap-build-error
void:jh-fix-for-lbm
void:main
void:actions
void:fix-flows-for-bridge-mode-mp
void:proxy
void:release-chores
void:1.14.2
void:1.14.1
void:1.14.0
void:1.12.2
void:1.12.1
void:1.12.0
void:1.10.6
void:1.10.5
void:1.10.4
void:1.10.3
void:1.10.2
void:1.10.1
void:1.10.0
void:1.8.10
void:1.8.9
void:1.8.8
void:1.8.7
void:1.8.6
void:1.8.5
void:1.8.4
void:1.8.3
void:1.8.2
void:1.8.1
void:1.6.6-fixed-windows-inf
void:1.6.6
void:1.6.5
void:1.6.4
void:1.6.3
void:v2-before-rusting
void:1.6.2
void:1.6.1
void:1.6.0
void:1.5.0
void:central-controller-1.4.6-202003040912
void:central-controller-1.4.6-202003032249
void:central-controller-1.4.6-202003031336
void:1.4.6
void:1.4.4
void:1.4.2
void:1.4.0.1-2
void:1.4.0.1
void:1.4.0
void:v1.1.5-live-roots
void:1.2.12
void:1.2.10
void:1.2.8
void:1.2.6
void:cust-ixia
void:1.2.4
void:1.2.2
void:1.2.0
void:1.1.17-pre1.2.0
void:1.1.14
void:1.1.12
void:1.1.10
void:1.1.8
void:1.1.6
void:1.1.4
void:1.1.2
void:1.1.0
void:1.0.5
void:1.0.4
void:1.0.3
void:1.0.2
void:1.0.1
void:1.0.0
void:0.9.3
void:0.9.2
void:0.9.1
void:0.9.0
void:0.8.2
void:0.8.1
void:0.8.0
void:0.7.2
void:0.7.1
void:0.7.0
void:0.6.14
void:0.6.13
void:0.6.12
void:0.6.11
void:0.6.10
void:0.6.9
void:0.6.8
void:0.6.7
void:0.6.6
void:0.6.5
void:0.6.4
void:0.6.3
void:0.6.2
void:0.6.1
void:0.6.0
void:0.5.0
void:0.4.5
void:0.4.4
void:0.4.3
void:0.4.2
void:0.4.1
void:0.4.0
void:0.3.0
void:0.2.5
void:0.2.4
void:0.2.3
void:0.2.2
void:0.2.1
void:0.2.0

2706 commits
1.2.2 ... dev

Author SHA1 Message Date
Grant Limberg
dcadc2c4d4
Merge pull request #2449 from zerotier/dependabot/cargo/rustybits/openssl-0.10.72
Some checks failed
/ build_macos (push) Has been cancelled
Details
/ build_windows (push) Has been cancelled
Details
/ build_ubuntu (push) Has been cancelled
Details 
Bump openssl from 0.10.70 to 0.10.72 in /rustybits
 2025-04-08 10:36:25 -07:00
Grant Limberg
55ed5d61e0
Merge branch 'dev' into dependabot/cargo/rustybits/openssl-0.10.72 2025-04-08 08:08:28 -07:00
Grant Limberg
86f424130d
Merge pull request #2450 from zerotier/dependabot/cargo/rustybits/tokio-1.43.1 
Bump tokio from 1.42.0 to 1.43.1 in /rustybits
 2025-04-08 08:08:08 -07:00
dependabot[bot]
4e9b69f0a7
Bump tokio from 1.42.0 to 1.43.1 in /rustybits 
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.42.0 to 1.43.1.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.42.0...tokio-1.43.1)

---
updated-dependencies:
- dependency-name: tokio
  dependency-version: 1.43.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-08 02:02:25 +00:00
dependabot[bot]
0a17738f39
Bump openssl from 0.10.70 to 0.10.72 in /rustybits 
Bumps [openssl](https://github.com/sfackler/rust-openssl) from 0.10.70 to 0.10.72.
- [Release notes](https://github.com/sfackler/rust-openssl/releases)
- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.70...openssl-v0.10.72)

---
updated-dependencies:
- dependency-name: openssl
  dependency-version: 0.10.72
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-04 20:53:49 +00:00
Grant Limberg
cadfa0bc4d
Merge pull request #2445 from zerotier/docker-local-conf
Some checks failed
/ build_macos (push) Has been cancelled
Details
/ build_windows (push) Has been cancelled
Details
/ build_ubuntu (push) Has been cancelled
Details 
Allow setting local.conf content from Docker environment variable
 2025-04-03 09:42:11 -07:00
Grant Limberg
f2521c8536
Allow setting local.conf content from Docker environment variable 2025-03-26 11:23:46 -07:00
Grant Limberg
d353e0c6fa
Merge pull request #2442 from zerotier/dependabot/cargo/rustybits/ring-0.17.13 
Bump ring from 0.17.8 to 0.17.13 in /rustybits
 2025-03-19 08:30:23 -07:00
Grant Limberg
346731ea5d
Merge branch 'dev' into dependabot/cargo/rustybits/ring-0.17.13 2025-03-11 10:47:33 -07:00
Grant Limberg
2ef38d84d1
Merge pull request #2444 from zerotier:gl/temporal-sdk-fix 
temporal sdk fix
 2025-03-10 16:39:39 -07:00
Grant Limberg
5630d48a66 temporal sdk fix 
missing WorkflowIdConflictPolicy
 2025-03-10 16:35:10 -07:00
Grant Limberg
b44a9b8b62
Merge pull request #2443 from zerotier:gl/onelogin-fix 
Fix AuthInfo Provider not being set
 2025-03-10 16:20:06 -07:00
Grant Limberg
f5b0fc6a8f
Fix AuthInfo Provider not being set 2025-03-10 16:04:06 -07:00
dependabot[bot]
a20bc772f2
Bump ring from 0.17.8 to 0.17.13 in /rustybits 
Bumps [ring](https://github.com/briansmith/ring) from 0.17.8 to 0.17.13.
- [Changelog](https://github.com/briansmith/ring/blob/main/RELEASES.md)
- [Commits](https://github.com/briansmith/ring/commits)

---
updated-dependencies:
- dependency-name: ring
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-07 17:04:31 +00:00
Travis LaDuke
010c4b0d64
Merge pull request #2441 from zerotier/laduke/update-actions 
Run CI on pull requests
 2025-03-05 09:18:20 -08:00
travisladuke
5998f1497a
Run CI on pull requests 
If the PR is from an external repo,
the action won't run without approval.
right now we can't run the actions on external PRs.
 2025-03-03 10:01:33 -08:00
Grant Limberg
a2162c01e3
Merge pull request #2430 from zerotier/dependabot/cargo/rustybits/openssl-0.10.70 
Bump openssl from 0.10.68 to 0.10.70 in /rustybits
 2025-02-04 15:45:25 -08:00
Grant Limberg
870c221690
Merge branch 'dev' into dependabot/cargo/rustybits/openssl-0.10.70 2025-02-04 15:38:52 -08:00
Grant Limberg
87ad848202
Merge pull request #2432 from zerotier:ci-update 
Update upload-artifact action to use v4
 2025-02-04 15:38:14 -08:00
Grant Limberg
b736b6835d
Update upload-artifact action to use v4 
V3 is no longer supported and throws an error on use
 2025-02-04 15:30:25 -08:00
dependabot[bot]
91bec01da8
Bump openssl from 0.10.68 to 0.10.70 in /rustybits 
Bumps [openssl](https://github.com/sfackler/rust-openssl) from 0.10.68 to 0.10.70.
- [Release notes](https://github.com/sfackler/rust-openssl/releases)
- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.68...openssl-v0.10.70)

---
updated-dependencies:
- dependency-name: openssl
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-03 18:50:34 +00:00
Grant Limberg
b5c51796b9
Merge pull request #2417 from zerotier/rust-deps 
update rust dependencies
 2024-12-04 14:46:54 -08:00
Grant Limberg
724002f142
update rust dependencies 2024-12-04 13:43:34 -08:00
Grant Limberg
377a9d6f41
Merge pull request #2409 from zerotier/dependabot/cargo/rustybits/rustls-0.23.18 
Bump rustls from 0.23.15 to 0.23.18 in /rustybits
 2024-11-25 11:27:22 -08:00
dependabot[bot]
003b4cf876
Bump rustls from 0.23.15 to 0.23.18 in /rustybits 
Bumps [rustls](https://github.com/rustls/rustls) from 0.23.15 to 0.23.18.
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rustls/rustls/compare/v/0.23.15...v/0.23.18)

---
updated-dependencies:
- dependency-name: rustls
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-11-25 17:00:23 +00:00
Joseph Henry
b12dd19d44
Merge pull request #2405 from zerotier/jh-fix-openbsd-tap 
Build fix for OpenBSD - See ticket #2397
 2024-11-13 15:12:18 -08:00
Joseph Henry
82c6454950
Fix broken ifdef on OpenBSD 2024-11-13 09:01:09 -08:00
Joseph Henry
969c0ee6e3
Omit CPU pinning code on OpenBSD 2024-11-12 14:40:24 -08:00
Joseph Henry
c092b63987
Merge pull request #2365 from zerotier/laduke/2361-phy-mtu 
Lower ZT_MIN_PHYSMTU
 2024-11-12 09:38:11 -08:00
Joseph Henry
47efee1df4
Merge branch 'dev' into laduke/2361-phy-mtu 2024-11-12 06:20:29 -08:00
Joseph Henry
18a5452de8
Merge pull request #2395 from zerotier/core-objs 
Move osutils/OSUtils.o into CORE_OBJS
 2024-11-12 06:20:04 -08:00
Joseph Henry
c3794ba8d4
Merge branch 'dev' into core-objs 2024-11-12 06:05:51 -08:00
Joseph Henry
75a5b4438b
Build fix for OpenBSD - See ticket #2397 2024-11-12 05:59:49 -08:00
Adam Ierymenko
185a3a2c76
Merge pull request #2396 from zerotier/1.14.2 
1.14.2
 2024-10-25 14:37:17 -04:00
Adam Ierymenko
3fcef51137 Windows installer version bump. 2024-10-25 14:14:01 -04:00
Grant Limberg
f959c2f4ca
Move osutils/OSUtils.o into CORE_OBJS 
When building via `make core` to make libzerotiercore.a, you can't link unless OSUtils.cpp is also built & linked.
 2024-10-25 09:32:13 -07:00
Adam Ierymenko
b7a6e106fd
Version increments. 2024-10-23 14:08:57 -04:00
Adam Ierymenko
7dca7fac11
Bump Rust library versions. 2024-10-23 11:03:18 -04:00
Adam Ierymenko
4ef2d4cc8e
Merge pull request #2376 from sh1ve/patch-1 
Fix build error under certain character sets in Windows
 2024-10-23 10:09:40 -04:00
travisladuke
55bbd2aec6 Lower ZT_MIN_PHYSMTU 
regarding #2361
 2024-10-18 15:44:34 -07:00
Grant Limberg
36b4659f77
Merge pull request #2379 from zerotier/docker-release 
add `make docker-release`  command & update dockerfile
 2024-10-02 13:21:20 -07:00
Grant Limberg
0b5666bde2
Merge remote-tracking branch 'origin/dev' into docker-release 2024-10-02 13:07:23 -07:00
Grant Limberg
e1c72e6d51
add make docker-release command & update dockerfile 2024-10-02 12:59:21 -07:00
sh1ve
5799d9a15b
Fix build error under certain character sets 
Add some padding after non-ASCII comment
 2024-09-29 23:49:38 +08:00
Joseph Henry
d9d58c8bde
Merge pull request #2371 from zerotier/jh-fix-bsd-tap-build-error 
Fix build error for BSD tap driver
 2024-09-18 08:49:28 -07:00
Joseph Henry
d34481d830
Fix build error for BSD tap driver 2024-09-17 11:04:01 -07:00
Joseph Henry
4920b68d2c
Merge pull request #2364 from zerotier/jh-fix-for-lbm 
Fix for low-bandwidth mode
 2024-09-13 10:01:47 -07:00
Joseph Henry
5ce3d1e7a1
Fix for low-bandwidth mode 2024-09-13 09:46:36 -07:00
Adam Ierymenko
a0acc82e99
1.14.1 (#2362) 
* Bump version in most places.

* Update official release steps for desktop

* Version bump a bunch of Rust packages.

* Windows fix for disabling MT properly.

* Release notes.
 2024-09-12 18:48:34 -04:00
Adam Ierymenko
98e532de20
Merge pull request #2244 from zerotier/lel-amri-fix-mac-handling-in-rules-parser 
Fix mac handling in rules parser
 2024-09-11 14:56:10 -04:00
Adam Ierymenko
e1ee3eb494
Merge branch 'dev' into lel-amri-fix-mac-handling-in-rules-parser 2024-09-11 12:13:32 -04:00
Adam Ierymenko
4a485df0c7
Merge pull request #2234 from zerotier/jh-zerotier-multithreaded 
Add multi-core concurrent packet processing
 2024-09-11 10:17:22 -04:00
Travis LaDuke
2522d29fdc
Merge pull request #2360 from laduke/dev 
retain build artifacts from build action
 2024-09-10 13:55:29 -07:00
travisladuke
560d6fba1b tar mac and linux binary 
to keep the execute permission bit
 2024-09-10 13:45:50 -07:00
travisladuke
223ec0c59d retain build artifacts 
cleaned up all the github action deprecation warnings.
save zerotier-one binary for mac, windows, and linux
 2024-09-10 13:36:59 -07:00
Adam Ierymenko
6bc785e771
Merge branch 'dev' into jh-zerotier-multithreaded 2024-09-10 13:10:45 -04:00
Adam Ierymenko
fb8cbb69aa
Merge pull request #2354 from zerotier/jh-misc-multipath-patches 
Multipath improvements
 2024-09-10 13:08:37 -04:00
Adam Ierymenko
861147b845
Merge branch 'dev' into jh-zerotier-multithreaded 2024-09-09 16:22:48 -04:00
Adam Ierymenko
763caaebab
Merge pull request #2161 from parona-source/execstack 
Append noexecstack to linker flags instead of assembler flags
 2024-09-09 16:22:14 -04:00
Adam Ierymenko
276259394a
Merge branch 'dev' into jh-zerotier-multithreaded 2024-09-09 16:19:37 -04:00
Adam Ierymenko
46c0d1a732
Merge pull request #2320 from zerotier/report-os-arch 
Report os arch
 2024-09-09 16:13:47 -04:00
Adam Ierymenko
31d2dcec17
Merge pull request #2263 from fedepell/patch-1 
Update README.md minimal compilers
 2024-09-09 16:04:35 -04:00
Adam Ierymenko
c9234ee027
Merge branch 'dev' into patch-1 2024-09-09 16:03:41 -04:00
Adam Ierymenko
9a8d715666
Merge branch 'report-os-arch' of github.com:/zerotier/ZeroTierOne into report-os-arch 2024-09-09 14:36:43 -04:00
Adam Ierymenko
8d474e1395
Add ios differentiation, and .clangd that works w/Zed and clangd. 2024-09-09 14:36:22 -04:00
Adam Ierymenko
52e3d9b804
Merge branch 'dev' into report-os-arch 2024-09-09 14:26:53 -04:00
Joseph Henry
8f5cc4ed33
Completely remove vestigial RX code 2024-09-06 15:19:06 -07:00
Joseph Henry
059d05f41f
Comment out vestigial test code (improves mt performance) 2024-09-06 09:52:39 -07:00
Joseph Henry
c86b91c5f0
Fix condition where settings may be applied with multithreading is disabled 2024-09-04 12:14:20 -07:00
Joseph Henry
e42848d37d
Fix bug for when no multithreaded config is given 2024-09-04 11:00:23 -07:00
Joseph Henry
bf7dddbd84
Fix issues that prevent user multipath preferences from being respected 2024-08-29 10:09:19 -07:00
Joseph Henry
95983ba168
Build fix for FreeBSD 2024-08-26 12:54:36 -07:00
Joseph Henry
c97943d69d
Add packet mux source file to Windows project 2024-08-22 15:28:25 -07:00
Joseph Henry
b813ea70a5
Simplify packet critical path. Plus more platform fixes 2024-08-22 12:59:06 -07:00
Joseph Henry
e734019216
More platform-related build fixes 2024-08-21 14:06:25 -07:00
Joseph Henry
b7d9290de9
Fix build issue on macOS 2024-08-21 11:22:07 -07:00
Joseph Henry
b1a30ae4ff
Switch to local.conf-based config of multithreading 2024-08-20 13:39:15 -07:00
Joseph Henry
8283a6d6d4 Merge branch 'dev' into jh-zerotier-multithreaded 2024-08-18 15:08:42 -07:00
Joseph Henry
36adae3d82
Add packet multiplexer 2024-08-18 15:07:18 -07:00
Joseph Henry
f176e2539e
Merge pull request #2162 from parona-source/respect-ldflags 
Respect user LDFLAGS
 2024-07-31 09:54:19 -07:00
Joseph Henry
d6bfb8889a
Merge branch 'dev' into respect-ldflags 2024-07-31 09:52:50 -07:00
Joseph Henry
24fb1ced3c
Merge pull request #2169 from ChrisCarini/ChrisCarini/addArchToSynologyDSM7 
Add ARM architectures to Synology DSM7
 2024-07-25 15:01:33 -07:00
Joseph Henry
82b8a4f584
Merge pull request #2314 from Mic92/pwd 
macos: use more portable pwd instead of PWD
 2024-07-16 11:21:24 -07:00
Chris Carini
979bca57d5
Merge branch 'dev' into ChrisCarini/addArchToSynologyDSM7 2024-07-13 04:24:04 -07:00
Grant Limberg
93fd93da5c
Merge pull request #2330 from zerotier/controller-redis 
break up redis tx inserts into smaller chunks
 2024-07-08 14:30:14 -07:00
Grant Limberg
508527f7cd
break up redis tx inserts into smaller chunks 2024-07-08 14:08:54 -07:00
Joseph Henry
64634c916c
Fix build for macOS, tune to prevent packet re-ordering 2024-07-03 08:49:07 -07:00
Grant Limberg
34cc26176c
Merge pull request #2266 from zerotier/winbuild 
fix rebuild for x64
 2024-06-28 08:07:25 -07:00
Adam Ierymenko
e2840b0eb8 undo stuff from other branch 2024-06-24 18:54:05 -04:00
Adam Ierymenko
f4edb092b7 Merge branch 'dev' into rusty-tcp-relay 2024-06-24 18:53:25 -04:00
Adam Ierymenko
8caede300c Add OS_ARCH to network config metadata. 2024-06-24 18:02:58 -04:00
Jörg Thalheim
f9c6ee0181 macos: use more portable pwd instead of PWD 
In nixpkgs we use coreutils and do not have PWD available.
This change have any downsides on normal macOS systems, but helps
nixpkgs packaging a bit.

Signed-off-by: Jörg Thalheim <joerg@thalheim.io>
 2024-06-21 15:05:02 +02:00
Grant Limberg
f5cc7746b6
Merge branch 'dev' into winbuild 2024-06-18 16:57:47 -07:00
Grant Limberg
41a4690372
Merge pull request #2312 from zerotier/delete 2024-06-18 15:05:06 -07:00
Grant Limberg
9d57ccd7b1
deauth all members upon network delete 2024-06-17 16:38:41 -07:00
Grant Limberg
ad60d708e1
fix log line 2024-06-17 16:38:31 -07:00
Adam Ierymenko
f79af92599 Add Rust tcp-proxy base, add .clangd 2024-06-17 11:02:13 -04:00
Chris Carini
2f3ea8882b
Merge branch 'dev' into ChrisCarini/addArchToSynologyDSM7 2024-06-01 03:22:38 -07:00
Brenton Bostick
e32fecd16d Thread might actually be detached, so need to handle that 2024-05-21 13:12:22 -04:00
Brenton Bostick
dca77cb0d2 expand GETENV macro that needs to be modified 2024-05-21 13:12:22 -04:00
Alfred Wingate
9ec6c2901c
Respect user LDFLAGS 
* Respect user LDFLAGS instead of replacing them.

Signed-off-by: Alfred Wingate <parona@protonmail.com>
 2024-05-18 16:01:32 +03:00
Sean OMeara
e915d10953
cargo update rustybits (#2286) 2024-05-09 18:57:48 +02:00
Grant Limberg
ddb2759a52
Merge pull request #2287 from zerotier:actions 
Fix macOS GitHub Action
 2024-05-09 09:47:48 -07:00
Grant Limberg
28cf1423c9
also install x64 rust in github action 2024-05-09 09:35:54 -07:00
Grant Limberg
0fb9d43998
Merge pull request #2282 from zerotier/main 
Main -> dev
 2024-05-02 17:15:57 -07:00
Adam Ierymenko
91e7ce87f0
Merge pull request #2281 from zerotier/1.14.0 
1.14.0
 2024-05-02 19:48:52 -04:00
Adam Ierymenko
e59790b401 Update security readme. 2024-05-02 19:45:07 -04:00
Adam Ierymenko
d0b8f76ecb release notes 2024-05-02 19:31:57 -04:00
Adam Ierymenko
fe05372c67 Merge branch '1.14.0' of 10.95.0.50:/Users/api/Code/ZeroTier/local/ZeroTier-v1 into 1.14.0 2024-05-02 14:54:46 -04:00
Adam Ierymenko
4394ab58d7 Linux build fixes for Rust on some platforms, and OpenSSL on Fedora builds. 2024-05-02 14:52:57 -04:00
Adam Ierymenko
fcaf008beb Fix notarytool stuff for macOS 2024-04-17 18:20:06 -07:00
Adam Ierymenko
1e15a510fd Windows version bump. 2024-04-17 17:50:10 -07:00
Grant Limberg
9de2b90528 fix rebuild for x64 2024-03-27 14:40:38 -07:00
Adam Ierymenko
a71e0bf551 Merge branch 'dev' into 1.14.0 2024-03-27 12:15:46 -04:00
Federico Pellegrin
280cc77e23
Update README.md minimal compilers 
Update the minimal compilers in documentation. As `std=c++17` is used the minimal got quite bumped from last update. For gcc 7.x would seem possibly enough, but some of the dependencies (eg. libpqxx) need 8.x at least, so setting that as documented minimum.
 2024-03-25 05:06:22 +01:00
Joseph Henry
a681fbf533
Merge pull request #2262 from tas50/tas50/spellcheck 
Fix minor spelling errors in docs
 2024-03-23 08:15:37 -07:00
Tim Smith
448df73a35
Fix minor spelling errors in docs 
Nothing too fancy here. Just some spellchecking.

Signed-off-by: Tim Smith <tsmith84@gmail.com>
 2024-03-22 20:43:46 -07:00
Adam Ierymenko
1982071d46 1.14.0 version bump for Linux and macOS, date update. 2024-03-19 14:38:48 -07:00
Travis LaDuke
4dfb15e37c
Merge pull request #2258 from zerotier/version-bump 
Bump version.h to 1.14.0
 2024-03-19 12:49:07 -07:00
travisladuke
154b72b4f1 Bump version.h to 1.14.0 2024-03-19 12:22:21 -07:00
Grant Limberg
de4ee08ad4 add make target to build the central-controller run image 2024-03-19 11:31:05 -07:00
Lennon Day-Reynolds
5ae862ff54
Merge pull request #2255 from zerotier/ldr/update-rust-deps 
update temporal SDK + other Rust deps, strip debug symbols from release builds
 2024-03-19 11:28:06 -07:00
Lennon Day-Reynolds
859031dcd9
Merge branch 'dev' into ldr/update-rust-deps 2024-03-19 10:06:05 -07:00
Lennon Day-Reynolds
39e1aabd2a update temporal SDK version + other Rust dependencies, strip debug symbols from generated libraries in production builds 2024-03-19 10:03:15 -07:00
Travis LaDuke
9f499827af
Merge pull request #2253 from zerotier/freebsd-localhost 
Consider ::ffff:127.0.0.1 as a loopback address
 2024-03-19 09:04:32 -07:00
travisladuke
9bde5b9065 Consider ::ffff:127.0.0.1 as a loopback address 
cpp-httplib  sets IPV6_V6ONLY to false on it's sockets.
On FreeBSD, this makes all ipv4 addresses get get prefixed with ::ffff:
it makes them IPv6 addresses mapped to v4.

This is a partial fix for #2151. The cli will work again.
Something should probably also be adjusted with the httplib.

If you want to, for example, use the `allowManagementFrom` option in
local.conf
you will need to prefix it with "::ffff:", "::ffff:1.2.3.4"
which is a little surprising and inconsistent between BSD and other OSs.
 2024-03-15 11:00:13 -07:00
Joseph Henry
acaebbd75e
Merge pull request #2252 from zerotier/jh-fix-ab-failover 
Fix condition where active-backup would fail to engage
 2024-03-14 11:52:42 -07:00
Joseph Henry
3ed6379c4c
Fix condition where active-backup would fail to engage 2024-03-14 00:19:26 -07:00
travisladuke
b4eb39fb16 feat: static file server 
this lets you host web apps out of
:9993/app/{app_name}
:9993/app/{other_app}

from $ZT_HOME/app/{app_name}
 2024-03-13 12:39:21 -07:00
Lennon Day-Reynolds
6be0e67a5c
Merge pull request #2245 from zerotier/gl/win-arm64-fix 
more project updates for win ARM64
 2024-03-05 14:28:23 -08:00
Grant Limberg
abad7d8fe1 more project updates for win ARM64 2024-03-05 13:56:29 -08:00
Lennon Day-Reynolds
72cf3f2315 add Debug target fixes + README examples to run a custom binary 2024-03-05 12:17:51 -08:00
Lennon Day-Reynolds
c02ea1bf60 fix include + link paths for ARM64 2024-03-05 12:17:51 -08:00
Joseph Henry
b9d0cf9c89
Don't pass result of void function to string constructor 2024-03-05 12:14:12 -08:00
Joseph Henry
80cfc2bd26
Merge branch 'dev' into fix-mac-handling-in-rules-parser 2024-03-05 11:26:33 -08:00
Joseph Henry
08d85d4ae1
Merge pull request #2238 from zerotier/jh-multipath-improvements 
Port multipath improvements to newer version
 2024-03-05 10:59:05 -08:00
Joseph Henry
43b141547e
Merge branch 'dev' into fix-mac-handling-in-rules-parser 2024-03-05 10:48:58 -08:00
Joseph Henry
d658c1187c
Fix crash when multipath is used with forceTcpRelay 2024-03-05 10:44:55 -08:00
Joseph Henry
1f4c00c7b5
Improve CLI error message for write permission failures 2024-03-05 00:14:56 -08:00
Joseph Henry
bbe97dd080
Improve CLI error handling for setmtu command 2024-03-05 00:13:07 -08:00
Joseph Henry
9724e04e6e
Improve CLI error handling when showing non-existent bond 2024-03-04 23:23:14 -08:00
Joseph Henry
364ac499eb Merge branch 'dev' into jh-multipath-improvements 2024-03-04 20:28:32 -08:00
Joseph Henry
8b15fa2422
Merge pull request #2241 from zerotier/jh-comment-out-debug-traces 
Comment out debug traces in Rules Engine
 2024-03-04 20:12:47 -08:00
Joseph Henry
41cb6fb0d5
Comment out debug traces in Rules Engine 2024-03-04 16:38:10 -08:00
Joseph Henry
5d8bd674cd
Merge pull request #2232 from zerotier/unstable-api-fixes 
Unstable api fixes
 2024-03-04 13:11:30 -08:00
Joseph Henry
2e6cda38f6
Port multipath improvements to newer version 2024-03-01 15:43:28 -08:00
travisladuke
6e8fcce777 Fix unstable network member list endpoint 
It was returning an array of array instead of
just array
 2024-03-01 09:54:13 -08:00
travisladuke
559e8a907b Improve full controller network list api 
it was counting incorrectly in some cases and
returning empty objects.
Basically just handling if network data is null
 2024-03-01 09:54:13 -08:00
Joseph Henry
024649c175
Merge pull request #2229 from zerotier/tl-add-homedir 
Add homeDir to info json
 2024-03-01 09:44:21 -08:00
Grant Limberg
7fb3711ed6
Merge branch 'dev' into tl-add-homedir 2024-03-01 12:37:47 -05:00
Travis LaDuke
1dff0c6b5f
Merge pull request #2214 from zerotier/tl-tags-3 
Fix rules engine evaluation quirks
 2024-03-01 09:15:59 -08:00
travisladuke
768c6242cd Add homeDir to info json 
Want to show it in UIs. So need to get it via API.

It's also a pain to look up. You have to go to external docs.

zerotier-cli info -j

```json
"config": {
  "settings": {
   "allowTcpFallbackRelay": true,
   "forceTcpRelay": true,
   "homeDir": "/Library/Application Support/ZeroTier/One",
```
 2024-02-29 10:44:59 -08:00
travisladuke
bca650e1fc Printfs for rules debugging 
re-uses ZT_TRACE to enable.
 2024-02-29 10:41:12 -08:00
travisladuke
0bf67bf67c Fix rules engine quirks 
See #2200

Mostly makes Tag based rules work as expected
 2024-02-29 10:41:12 -08:00
Travis LaDuke
99ef1e2696
Merge pull request #2237 from zerotier/main-into-dev 
Main into dev
 2024-02-29 10:38:31 -08:00
travisladuke
57b6b790c1 docs: Add Contributing section to README 2024-02-29 10:34:09 -08:00
travisladuke
3593a2d49f Merge branch 'main' into main-into-dev 2024-02-29 10:24:22 -08:00
zjslqshqz
dad33c9bde
fix makefile -pthread (#2182) 2024-02-28 16:12:52 -08:00
Joseph Henry
683d332abc
Add multi-core concurrent packet processing 2024-02-23 09:57:39 -08:00
travisladuke
ac6d532651 Fix deleting controller network member directory 
That trailing slash was making it not work.

ZT_HOME/controller.d/network/$nwid
 2024-02-22 11:46:50 -08:00
travisladuke
d1a306a021 Prevent creating members on non-existent networks. 
```sh
curl -s -X POST "http://localhost:9993/controller/network/abcdabcdabcdabcd/member/1122334455"
```

Would return 200 and ZT_HOME/controller.d/abcdabcdabcdabcd/members/1122334455
would be created. Without a ZT_HOME/controller.d/abcdabcdabcdabcd.json

Then other parts of the system mistakenly think a abcdabcdabcdabcd
network sorta kinda exists and then fail in weird ways.
 2024-02-22 11:46:50 -08:00
Joseph Henry
4cd1dcfee1 Merge remote-tracking branch 'origin/tl-stuck' 2024-02-09 13:31:56 -08:00
travisladuke
3ab31545f4 Update cpp-httplib library 
There was as Windows directory traversal bug in the static
file server feature. We don't use that feature, so we are ok.

We are going to use that feature soon, so we are
taking the opportunity to update.
 2024-02-09 09:25:12 -08:00
Joseph Henry
197bbbb267
Merge pull request #2219 from zerotier/jh-minor-readme-update 
Update client JSON API endpoint address in README.md
 2024-02-08 10:26:38 -08:00
Joseph Henry
58adecc3a1
Reduce ambiguity in README text 2024-02-07 16:34:59 -08:00
Joseph Henry
830d96d2ed
Update client JSON API endpoint address in README.md 2024-02-07 16:16:31 -08:00
travisladuke
f027d8f519 Fix typo in metric name 2024-02-07 15:13:42 -08:00
Chris Carini
8b44ac984c
Merge branch 'dev' into ChrisCarini/addArchToSynologyDSM7 2024-02-05 02:45:32 -08:00
travisladuke
5542dbcc0b Fix random port rebinding 
It was checking for "offline" every loop.
But the port rebinding happens only ever X
loops. So the port would keep changing before it
would get bound.
 2024-02-01 14:39:54 -08:00
travisladuke
0ca8ae7970 Create an alternate networks list endpoint 
Add /unstable/controller/network endpoint

Similar to /unstable/controller/network/{id}/member, it returns actual network objects,
instead of just network ids.
Also includes the total network count,
and each network has it's member counts in meta{}.
 2024-02-01 13:12:24 -08:00
travisladuke
0b83f850e4 Create an alternate members list endpoint 
The current api at /controller/network/1111111111767f2f/member
Lists only the members' ID and revision number.
If you want details, you have to query each specific member.
So if you want to make a members list, and you have
10000 members on a network, you need to make
10000 http requests.

It's also in a hard to specify and use shape
{ [member-id-1]: 13, [member-id-2]: 14, ... }

GET http://localhost:9993/unstable/controller/network/1111111111767f2f/member ->

```
{
  data: [ {...member1}, {...member2}, ...],
  meta: { totalCount: 4, authorizedCount: 3 }
}

```
 2024-02-01 12:47:51 -08:00
travisladuke
06399c86f6 Store a network members name 
Because the GET request to get a specific member just dumps
the whole member object, `name` is included there too for free.
 2024-02-01 12:31:44 -08:00
Grant Limberg
663ed73768
Merge pull request #2165 from zerotier/network-check 
check hooks are enabled before firing
 2023-11-20 08:16:10 -08:00
Grant Limberg
d37dce508a
don't require temporal for central controller startup 2023-11-17 14:53:30 -08:00
Grant Limberg
2e882b4af2
Merge branch 'dev' into network-check 2023-11-16 09:34:14 -08:00
Léo El Amri
1aa31e0414 Fix how MAC addresses are handled by the rules parser 
It wasn't ignoring separator characters such as the colon and hyphen.
The rules compiler automatically add a colon to separate bytes, which is
not compatible with how they are parsed.
 2023-11-15 16:51:03 +01:00
Brenton Bostick
a477688e51 Remove extra '/' 
On macOS, dump gives this output:
% sudo zerotier-cli dump
Writing dump to: /Users/brenton/Desktop//zerotier_dump.txt

No reason for extra '/' in path
 2023-11-06 09:32:35 -05:00
ChrisCarini
5533b82450 Add ARM architectures to Synology DSM7 2023-11-03 18:19:56 -07:00
Grant Limberg
1bd2fecbf6
Merge pull request #2166 from zerotier/glimberg-patch-1 
Update SECURITY.md
 2023-10-31 19:42:34 -07:00
Grant Limberg
8b5ac93388
Update SECURITY.md 2023-10-31 22:42:23 -04:00
Grant Limberg
2fd50b104c
check hooks are enabled before firing 2023-10-31 12:16:26 -07:00
Grant Limberg
0088cef2fc
Merge pull request #2164 from zerotier/smee 
remove some debug logging
 2023-10-30 15:41:35 -07:00
Grant Limberg
85cab3d0f1
remove some debug logging 2023-10-30 15:20:09 -07:00
Grant Limberg
f89cde8186
Merge pull request #2163 from zerotier:temporal 
Temporal integration with hosted controllers
 2023-10-30 08:09:40 -07:00
Alfred Wingate
e171384c19
Append noexecstack to linker flags instead of assembler flags 
* Better compatibility with LLVM toolchain where clang -c doesn't
  support the flag, but the linker does. LLD already defaults to
  noexecstack, but adding it in the linker phase will avoid errors about
  unsupported options.

Signed-off-by: Alfred Wingate <parona@protonmail.com>
 2023-10-29 14:03:26 +02:00
Grant Limberg
c89683fb0f
update rust dependencies 2023-10-26 11:55:08 -07:00
Grant Limberg
e7ed1e4f93
Merge branch 'dev' into temporal 2023-10-18 10:58:12 -07:00
Adam Ierymenko
c6d5dc1534
Merge pull request #2129 from zerotier/1.12.2 
1.12.2
 2023-09-14 15:12:14 -04:00
Adam Ierymenko
9ae8b0b3b6
Merge pull request #2128 from zerotier/1.12.2 
1.12.2
 2023-09-14 15:10:16 -04:00
Adam Ierymenko
327eb9013b Doc fix. 2023-09-14 15:09:26 -04:00
Adam Ierymenko
42f290b037 Windows version bump. 2023-09-14 15:08:14 -04:00
Joseph Henry
b7fb4eeda5
Merge pull request #2127 from zerotier/brenton/fix-always-true 
Fix test that was always true
 2023-09-14 10:42:02 -07:00
Brenton Bostick
f03aae7a34 Fix test that was always true 
Intention was to have (x >= 0 && x <= 8) but rules[rn].v.qosBucket is
unsigned (thus always >= 0)
 2023-09-14 13:35:50 -04:00
Adam Ierymenko
78eb35010f Linux version bump 2023-09-12 16:46:54 -04:00
Adam Ierymenko
fd9afdce34 macOS version bump 2023-09-12 16:20:40 -04:00
travisladuke
21e4e2924e Relase Notes for 1.12.2 2023-09-12 10:54:39 -07:00
Grant Limberg
e3d1565261
Merge branch 'dev' into temporal 2023-09-08 12:31:08 -07:00
travisladuke
557b92a167 More reliable full tunnel on macOs 
This makes switching between physical networks
with full tunnel mode enabled more reliable.
There were issues with the physical default route or device
changing.
 2023-09-08 12:19:08 -07:00
Travis LaDuke
e299eea2b1
Merge pull request #2110 from zerotier/dev-experimental-reset-function 
Re-contact peers when default gateway changes
 2023-09-06 16:42:21 -07:00
travisladuke
e1f1d05e08 Improve time to reconnect to peers. 
When you move between physical networks.
Just moved some timings around basically.
 2023-09-06 16:26:27 -07:00
Grant Limberg
125257f264
Merge branch 'dev' into temporal 2023-09-06 09:52:22 -07:00
Grant Limberg
2d49931300
Merge pull request #2122 from zerotier:ctlapi 
fix /controller endpoint
 2023-09-06 09:44:58 -07:00
Grant Limberg
8426677c55
fix /controller endpoint 2023-09-06 09:44:25 -07:00
Grant Limberg
d322f332e8
simplify hook firing 
only need network and member IDs
 2023-08-30 14:51:39 -07:00
Travis LaDuke
f8359f554b
Merge pull request #2118 from zerotier/tl-main-to-dev 
merge main to dev
 2023-08-30 14:51:09 -07:00
Grant Limberg
60fb8c941a
fully wire up temporal. add startup script test to ensure temporal is running 2023-08-29 16:43:05 -07:00
travisladuke
cb6a99408c Merge branch 'main' into tl-main-to-dev 2023-08-29 15:58:50 -07:00
Grant Limberg
d865c42ef8
get connected to temporal 2023-08-29 12:19:28 -07:00
Grant Limberg
69c590ff81
Merge branch 'dev' into temporal 2023-08-28 12:54:29 -07:00
Grant Limberg
72533cbd13
Merge pull request #2115 from zerotier/gh-2114 
fix for issue #2114
 2023-08-28 08:50:36 -07:00
Grant Limberg
c974a159af
fix for issue #2114 2023-08-28 08:10:17 -07:00
Adam Ierymenko
54efb62731
1.12.1 merge to dev (#2111) 
* 1.10.6 merge to main (#1930)

* add note about forceTcpRelay

* Create a sample systemd unit for tcp proxy

* set gitattributes for rust & cargo so hashes dont conflict on Windows

* Revert "set gitattributes for rust & cargo so hashes dont conflict on Windows"

This reverts commit 032dc5c108.

* Turn off autocrlf for rust source

Doesn't appear to play nice well when it comes to git and vendored cargo package hashes

* Fix #1883 (#1886)

Still unknown as to why, but the call to `nc->GetProperties()` can fail
when setting a friendly name on the Windows virtual ethernet adapter.
Ensure that `ncp` is not null before continuing and accessing the device
GUID.

* Don't vendor packages for zeroidc (#1885)

* Added docker environment way to join networks (#1871)

* add StringUtils

* fix headers
use recommended headers and remove unused headers

* move extern "C"
only JNI functions need to be exported

* cleanup

* fix ANDROID-50: RESULT_ERROR_BAD_PARAMETER typo

* fix typo in log message

* fix typos in JNI method signatures

* fix typo

* fix ANDROID-51: fieldName is uninitialized

* fix ANDROID-35: memory leak

* fix missing DeleteLocalRef in loops

* update to use unique error codes

* add GETENV macro

* add LOG_TAG defines

* ANDROID-48: add ZT_jnicache.cpp

* ANDROID-48: use ZT_jnicache.cpp and remove ZT_jnilookup.cpp and ZT_jniarray.cpp

* add Event.fromInt

* add PeerRole.fromInt

* add ResultCode.fromInt

* fix ANDROID-36: issues with ResultCode

* add VirtualNetworkConfigOperation.fromInt

* fix ANDROID-40: VirtualNetworkConfigOperation out-of-sync with ZT_VirtualNetworkConfigOperation enum

* add VirtualNetworkStatus.fromInt

* fix ANDROID-37: VirtualNetworkStatus out-of-sync with ZT_VirtualNetworkStatus enum

* add VirtualNetworkType.fromInt

* make NodeStatus a plain data class

* fix ANDROID-52: synchronization bug with nodeMap

* Node init work: separate Node construction and init

* add Node.toString

* make PeerPhysicalPath a plain data class

* remove unused PeerPhysicalPath.fixed

* add array functions

* make Peer a plain data class

* make Version a plain data class

* fix ANDROID-42: copy/paste error

* fix ANDROID-49: VirtualNetworkConfig.equals is wrong

* reimplement VirtualNetworkConfig.equals

* reimplement VirtualNetworkConfig.compareTo

* add VirtualNetworkConfig.hashCode

* make VirtualNetworkConfig a plain data class

* remove unused VirtualNetworkConfig.enabled

* reimplement VirtualNetworkDNS.equals

* add VirtualNetworkDNS.hashCode

* make VirtualNetworkDNS a plain data class

* reimplement VirtualNetworkRoute.equals

* reimplement VirtualNetworkRoute.compareTo

* reimplement VirtualNetworkRoute.toString

* add VirtualNetworkRoute.hashCode

* make VirtualNetworkRoute a plain data class

* add isSocketAddressEmpty

* add addressPort

* add fromSocketAddressObject

* invert logic in a couple of places and return early

* newInetAddress and newInetSocketAddress work
allow newInetSocketAddress to return NULL if given empty address

* fix ANDROID-38: stack corruption in onSendPacketRequested

* use GETENV macro

* JniRef work
JniRef does not use callbacks struct, so remove
fix NewGlobalRef / DeleteGlobalRef mismatch

* use PRId64 macros

* switch statement work

* comments and logging

* Modifier 'public' is redundant for interface members

* NodeException can be made a checked Exception

* 'NodeException' does not define a 'serialVersionUID' field

* 'finalize()' should not be overridden
this is fine to do because ZeroTierOneService calls close() when it is done

* error handling, error reporting, asserts, logging

* simplify loadLibrary

* rename Node.networks -> Node.networkConfigs

* Windows file permissions fix (#1887)

* Allow macOS interfaces to use multiple IP addresses (#1879)

Co-authored-by: Sean OMeara <someara@users.noreply.github.com>
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* Fix condition where full HELLOs might not be sent when necessary (#1877)

Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* 1.10.4 version bumps

* Add security policy to repo (#1889)

* [+] add e2k64 arch (#1890)

* temp fix for ANDROID-56: crash inside newNetworkConfig from too many args

* 1.10.4 release notes

* Windows 1.10.4 Advanced Installer bump

* Revert "temp fix for ANDROID-56: crash inside newNetworkConfig from too many args"

This reverts commit dd627cd7f4.

* actual fix for ANDROID-56: crash inside newNetworkConfig
cast all arguments to varargs functions as good style

* Fix addIp being called with applied ips (#1897)

This was getting called outside of the check for existing ips
Because of the added ifdef and a brace getting moved to the
wrong place.

```
if (! n.tap()->addIp(*ip)) {
	fprintf(stderr, "ERROR: unable to add ip address %s" ZT_EOL_S, ip->toString(ipbuf));
}
WinFWHelper::newICMPRule(*ip, n.config().nwid);

```

* 1.10.5 (#1905)

* 1.10.5 bump

* 1.10.5 for Windows

* 1.10.5

* Prevent path-learning loops (#1914)

* Prevent path-learning loops

* Only allow new overwrite if not bonded

* fix binding temporary ipv6 addresses on macos (#1910)

The check code wasn't running.

I don't know why !defined(TARGET_OS_IOS) would exclude code on
desktop macOS. I did a quick search and changed it to defined(TARGET_OS_MAC).
Not 100% sure what the most correct solution there is.

You can verify the old and new versions with

`ifconfig | grep temporary`

plus

`zerotier-cli info -j` -> listeningOn

* 1.10.6 (#1929)

* 1.10.5 bump

* 1.10.6

* 1.10.6 AIP for Windows.

---------

Co-authored-by: travis laduke <travisladuke@gmail.com>
Co-authored-by: Grant Limberg <grant.limberg@zerotier.com>
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>
Co-authored-by: Leonardo Amaral <leleobhz@users.noreply.github.com>
Co-authored-by: Brenton Bostick <bostick@gmail.com>
Co-authored-by: Sean OMeara <someara@users.noreply.github.com>
Co-authored-by: Joseph Henry <joseph-henry@users.noreply.github.com>
Co-authored-by: Roman Peshkichev <roman.peshkichev@gmail.com>

* 1.12.0 merge to main (#2104)

* add note about forceTcpRelay

* Create a sample systemd unit for tcp proxy

* set gitattributes for rust & cargo so hashes dont conflict on Windows

* Revert "set gitattributes for rust & cargo so hashes dont conflict on Windows"

This reverts commit 032dc5c108.

* Turn off autocrlf for rust source

Doesn't appear to play nice well when it comes to git and vendored cargo package hashes

* Fix #1883 (#1886)

Still unknown as to why, but the call to `nc->GetProperties()` can fail
when setting a friendly name on the Windows virtual ethernet adapter.
Ensure that `ncp` is not null before continuing and accessing the device
GUID.

* Don't vendor packages for zeroidc (#1885)

* Added docker environment way to join networks (#1871)

* add StringUtils

* fix headers
use recommended headers and remove unused headers

* move extern "C"
only JNI functions need to be exported

* cleanup

* fix ANDROID-50: RESULT_ERROR_BAD_PARAMETER typo

* fix typo in log message

* fix typos in JNI method signatures

* fix typo

* fix ANDROID-51: fieldName is uninitialized

* fix ANDROID-35: memory leak

* fix missing DeleteLocalRef in loops

* update to use unique error codes

* add GETENV macro

* add LOG_TAG defines

* ANDROID-48: add ZT_jnicache.cpp

* ANDROID-48: use ZT_jnicache.cpp and remove ZT_jnilookup.cpp and ZT_jniarray.cpp

* add Event.fromInt

* add PeerRole.fromInt

* add ResultCode.fromInt

* fix ANDROID-36: issues with ResultCode

* add VirtualNetworkConfigOperation.fromInt

* fix ANDROID-40: VirtualNetworkConfigOperation out-of-sync with ZT_VirtualNetworkConfigOperation enum

* add VirtualNetworkStatus.fromInt

* fix ANDROID-37: VirtualNetworkStatus out-of-sync with ZT_VirtualNetworkStatus enum

* add VirtualNetworkType.fromInt

* make NodeStatus a plain data class

* fix ANDROID-52: synchronization bug with nodeMap

* Node init work: separate Node construction and init

* add Node.toString

* make PeerPhysicalPath a plain data class

* remove unused PeerPhysicalPath.fixed

* add array functions

* make Peer a plain data class

* make Version a plain data class

* fix ANDROID-42: copy/paste error

* fix ANDROID-49: VirtualNetworkConfig.equals is wrong

* reimplement VirtualNetworkConfig.equals

* reimplement VirtualNetworkConfig.compareTo

* add VirtualNetworkConfig.hashCode

* make VirtualNetworkConfig a plain data class

* remove unused VirtualNetworkConfig.enabled

* reimplement VirtualNetworkDNS.equals

* add VirtualNetworkDNS.hashCode

* make VirtualNetworkDNS a plain data class

* reimplement VirtualNetworkRoute.equals

* reimplement VirtualNetworkRoute.compareTo

* reimplement VirtualNetworkRoute.toString

* add VirtualNetworkRoute.hashCode

* make VirtualNetworkRoute a plain data class

* add isSocketAddressEmpty

* add addressPort

* add fromSocketAddressObject

* invert logic in a couple of places and return early

* newInetAddress and newInetSocketAddress work
allow newInetSocketAddress to return NULL if given empty address

* fix ANDROID-38: stack corruption in onSendPacketRequested

* use GETENV macro

* JniRef work
JniRef does not use callbacks struct, so remove
fix NewGlobalRef / DeleteGlobalRef mismatch

* use PRId64 macros

* switch statement work

* comments and logging

* Modifier 'public' is redundant for interface members

* NodeException can be made a checked Exception

* 'NodeException' does not define a 'serialVersionUID' field

* 'finalize()' should not be overridden
this is fine to do because ZeroTierOneService calls close() when it is done

* error handling, error reporting, asserts, logging

* simplify loadLibrary

* rename Node.networks -> Node.networkConfigs

* Windows file permissions fix (#1887)

* Allow macOS interfaces to use multiple IP addresses (#1879)

Co-authored-by: Sean OMeara <someara@users.noreply.github.com>
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* Fix condition where full HELLOs might not be sent when necessary (#1877)

Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* 1.10.4 version bumps

* Add security policy to repo (#1889)

* [+] add e2k64 arch (#1890)

* temp fix for ANDROID-56: crash inside newNetworkConfig from too many args

* 1.10.4 release notes

* Windows 1.10.4 Advanced Installer bump

* Revert "temp fix for ANDROID-56: crash inside newNetworkConfig from too many args"

This reverts commit dd627cd7f4.

* actual fix for ANDROID-56: crash inside newNetworkConfig
cast all arguments to varargs functions as good style

* Fix addIp being called with applied ips (#1897)

This was getting called outside of the check for existing ips
Because of the added ifdef and a brace getting moved to the
wrong place.

```
if (! n.tap()->addIp(*ip)) {
	fprintf(stderr, "ERROR: unable to add ip address %s" ZT_EOL_S, ip->toString(ipbuf));
}
WinFWHelper::newICMPRule(*ip, n.config().nwid);

```

* 1.10.5 (#1905)

* 1.10.5 bump

* 1.10.5 for Windows

* 1.10.5

* Prevent path-learning loops (#1914)

* Prevent path-learning loops

* Only allow new overwrite if not bonded

* fix binding temporary ipv6 addresses on macos (#1910)

The check code wasn't running.

I don't know why !defined(TARGET_OS_IOS) would exclude code on
desktop macOS. I did a quick search and changed it to defined(TARGET_OS_MAC).
Not 100% sure what the most correct solution there is.

You can verify the old and new versions with

`ifconfig | grep temporary`

plus

`zerotier-cli info -j` -> listeningOn

* 1.10.6 (#1929)

* 1.10.5 bump

* 1.10.6

* 1.10.6 AIP for Windows.

* Release notes for 1.10.6 (#1931)

* Minor tweak to Synology Docker image script (#1936)

* Change if_def again so ios can build (#1937)

All apple's variables are "defined"
but sometimes they are defined as "0"

* move begin/commit into try/catch block (#1932)

Thread was exiting in some cases

* Bump openssl from 0.10.45 to 0.10.48 in /zeroidc (#1938)

Bumps [openssl](https://github.com/sfackler/rust-openssl) from 0.10.45 to 0.10.48.
- [Release notes](https://github.com/sfackler/rust-openssl/releases)
- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.45...openssl-v0.10.48)

---
updated-dependencies:
- dependency-name: openssl
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* new drone bits

* Fix multiple network join from environment entrypoint.sh.release (#1961)

* _bond_m guards _bond, not _paths_m (#1965)

* Fix: warning: mutex '_aqm_m' is not held on every path through here [-Wthread-safety-analysis] (#1964)

* Bump h2 from 0.3.16 to 0.3.17 in /zeroidc (#1963)

Bumps [h2](https://github.com/hyperium/h2) from 0.3.16 to 0.3.17.
- [Release notes](https://github.com/hyperium/h2/releases)
- [Changelog](https://github.com/hyperium/h2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hyperium/h2/compare/v0.3.16...v0.3.17)

---
updated-dependencies:
- dependency-name: h2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* Add note that binutils is required on FreeBSD (#1968)

* Add prometheus metrics for Central controllers (#1969)

* add header-only prometheus lib to ext

* rename folder

* Undo rename directory

* prometheus simpleapi included on mac & linux

* wip

* wire up some controller stats

* Get windows building with prometheus

* bsd build flags for prometheus

* Fix multiple network join from environment entrypoint.sh.release (#1961)

* _bond_m guards _bond, not _paths_m (#1965)

* Fix: warning: mutex '_aqm_m' is not held on every path through here [-Wthread-safety-analysis] (#1964)

* Serve prom metrics from /metrics endpoint

* Add prom metrics for Central controller specific things

* reorganize metric initialization

* testing out a labled gauge on Networks

* increment error counter on throw

* Consolidate metrics definitions

Put all metric definitions into node/Metrics.hpp.  Accessed as needed
from there.

* Revert "testing out a labled gauge on Networks"

This reverts commit 499ed6d95e.

* still blows up but adding to the record for completeness right now

* Fix runtime issues with metrics

* Add metrics files to visual studio project

* Missed an "extern"

* add copyright headers to new files

* Add metrics for sent/received bytes (total)

* put /metrics endpoint behind auth

* sendto returns int on Win32

---------

Co-authored-by: Leonardo Amaral <leleobhz@users.noreply.github.com>
Co-authored-by: Brenton Bostick <bostick@gmail.com>

* Central startup update (#1973)

* allow specifying authtoken in central startup

* set allowManagedFrom

* move redis_mem_notification to the correct place

* add node checkins metric

* wire up min/max connection pool size metrics

* x86_64-unknown-linux-gnu on ubuntu runner (#1975)

* adding incoming zt packet type metrics (#1976)

* use cpp-httplib for HTTP control plane (#1979)

refactored the old control plane code to use [cpp-httplib](https://github.com/yhirose/cpp-httplib) instead of a hand rolled HTTP server.  Makes the control plane code much more legible.  Also no longer randomly stops responding.

* Outgoing Packet Metrics (#1980)

add tx/rx labels to packet counters and add metrics for outgoing packets

* Add short-term validation test workflow (#1974)

Add short-term validation test workflow

* Brenton/curly braces (#1971)

* fix formatting

* properly adjust various lines
breakup multiple statements onto multiple lines

* insert {} around if, for, etc.

* Fix rust dependency caching (#1983)

* fun with rust caching

* kick

* comment out invalid yaml keys for now

* Caching should now work

* re-add/rename key directives

* bump

* bump

* bump

* Don't force rebuild on Windows build GH Action (#1985)

Switching `/t:ZeroTierOne:Rebuild` to just `/t:ZeroTierOne` allows the Windows build to use the rust cache.  `/t:ZeroTierOne:Rebuild` cleared the cache before building.

* More packet metrics (#1982)

* found path negotation sends that weren't accounted for

* Fix histogram so it will actually compile

* Found more places for packet metrics

* separate the bind & listen calls on the http backplane (#1988)

* fix memory leak (#1992)

* fix a couple of metrics (#1989)

* More aggressive CLI spamming (#1993)

* fix type signatures (#1991)

* Network-metrics (#1994)

* Add a couple quick functions for converting a uint64_t network ID/node ID into std::string

* Network metrics

* Peer metrics (#1995)

* Adding peer metrics

still need to be wired up for use

* per peer packet metrics

* Fix crash from bad instantiation of histogram

* separate alive & dead path counts

* Add peer metric update block

* add peer latency values in doPingAndKeepalive

* prevent deadlock

* peer latency histogram actually works now

* cleanup

* capture counts of packets to specific peers

---------

Co-authored-by: Joseph Henry <joseph.henry@zerotier.com>

* Metrics consolidation (#1997)

* Rename zt_packet_incoming -> zt_packet

Also consolidate zt_peer_packets into a single metric with tx and rx labels.  Same for ztc_tcp_data and ztc_udp_data

* Further collapse tcp & udp into metric labels for zt_data

* Fix zt_data metric description

* zt_peer_packets description fix

* Consolidate incoming/outgoing network packets to a single metric

* zt_incoming_packet_error -> zt_packet_error

* Disable peer metrics for central controllers

Can change in the future if needed, but given the traffic our controllers serve, that's going to be a *lot* of data

* Disable peer metrics for controllers pt 2

* Update readme files for metrics (#2000)

* Controller Metrics & Network Config Request Fix (#2003)

* add new metrics for network config request queue size and sso expirations
* move sso expiration to its own thread in the controller
* fix potential undefined behavior when modifying a set

* Enable RTTI in Windows build

The new prometheus histogram stuff needs it.

Access violation - no RTTI data!INVALID packet 636ebd9ee8cac6c0 from cafe9efeb9(2605:9880:200:1200:30:571:e34:51/9993) (unexpected exception in tryDecode())

* Don't re-apply routes on BSD

See issue #1986

* Capture setContent by-value instead of by-reference (#2006)

Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* fix typos (#2010)

* central controller metrics & request path updates (#2012)

* internal db metrics

* use shared mutexes for read/write locks

* remove this lock. only used for a metric

* more metrics

* remove exploratory metrics

place controller request benchmarks behind ifdef

* Improve validation test (#2013)

* fix init order for EmbeddedNetworkController (#2014)

* add constant for getifaddrs cache time

* cache getifaddrs - mac

* cache getifaddrs - linux

* cache getifaddrs - bsd

* cache getifaddrs - windows

* Fix oidc client lookup query

join condition referenced the wrong table.  Worked fine unless there were multiple identical client IDs

* Fix udp sent metric

was only incrementing by 1 for each packet sent

* Allow sending all surface addresses to peer in low-bandwidth mode

* allow enabling of low bandwidth mode on controllers

* don't unborrow bad connections

pool will clean them up later

* Multi-arch controller container (#2037)

create arm64 & amd64 images for central controller

* Update README.md

issue #2009

* docker tags change

* fix oidc auth url memory leak (#2031)

getAuthURL() was not calling zeroidc::free_cstr(url);

the only place authAuthURL is called, the url can be retrieved
from the network config instead.

You could alternatively copy the string and call free_cstr in getAuthURL.
If that's better we can change the PR.

Since now there are no callers of getAuthURL I deleted it.

Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* Bump openssl from 0.10.48 to 0.10.55 in /zeroidc (#2034)

Bumps [openssl](https://github.com/sfackler/rust-openssl) from 0.10.48 to 0.10.55.
- [Release notes](https://github.com/sfackler/rust-openssl/releases)
- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.48...openssl-v0.10.55)

---
updated-dependencies:
- dependency-name: openssl
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* zeroidc cargo warnings (#2029)

* fix unused struct member cargo warning

* fix unused import cargo warning

* fix unused return value cargo warning

---------

Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* fix memory leak in macos ipv6/dns helper (#2030)

Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* Consider ZEROTIER_JOIN_NETWORKS in healthcheck (#1978)

* Add a 2nd auth token only for access to /metrics (#2043)

* Add a 2nd auth token for /metrics

Allows administrators to distribute a token that only has access to read
metrics and nothing else.

Also added support for using bearer auth tokens for both types of tokens

Separate endpoint for metrics #2041

* Update readme

* fix a couple of cases of writing the wrong token

* Add warning to cli for allow default on FreeBSD

It doesn't work.
Not possible to fix with deficient network
stack and APIs.

ZeroTierOne-freebsd # zerotier-cli set 9bee8941b5xxxxxx allowDefault=1
400 set Allow Default does not work properly on FreeBSD. See #580
root@freebsd13-a:~/ZeroTierOne-freebsd # zerotier-cli get 9bee8941b5xxxxxx allowDefault
1

* ARM64 Support for TapDriver6 (#1949)

* Release memory previously allocated by UPNP_GetValidIGD

* Fix ifdef that breaks libzt on iOS (#2050)

* less drone (#2060)

* Exit if loading an invalid identity from disk (#2058)

* Exit if loading an invalid identity from disk

Previously, if an invalid identity was loaded from disk, ZeroTier would
generate a new identity & chug along and generate a brand new identity
as if nothing happened.  When running in containers, this introduces the
possibility for key matter loss; especially when running in containers
where the identity files are mounted in the container read only.  In
this case, ZT will continue chugging along with a brand new identity
with no possibility of recovering the private key.

ZeroTier should exit upon loading of invalid identity.public/identity.secret #2056

* add validation test for #2056

* tcp-proxy: fix build

* Adjust tcp-proxy makefile to support metrics

There's no way to get the metrics yet. Someone will
have to add the http service.

* remove ZT_NO_METRIC ifdef

* Implement recvmmsg() for Linux to reduce syscalls. (#2046)

Between 5% and 40% speed improvement on Linux, depending on system configuration and load.

* suppress warnings: comparison of integers of different signs: 'int64_t' (aka 'long') and 'uint64_t' (aka 'unsigned long') [-Wsign-compare] (#2063)

* fix warning: 'OS_STRING' macro redefined [-Wmacro-redefined] (#2064)

Even though this is in ext, these particular chunks of code were added
by us, so are ok to modify.

* Apply default route a different way - macOS

The original way we applied default route, by forking
0.0.0.0/0 into 0/1 and 128/1 works, but if mac os has any networking
hiccups -if you change SSIDs or sleep/wake- macos erases the system default route.
And then all networking on the computer is broken.

to summarize the new way:
allowDefault=1
```
sudo route delete default 192.168.82.1
sudo route add default 10.2.0.2
sudo route add -ifscope en1 default 192.168.82.1
```

gives us this routing table
```
Destination        Gateway            RT_IFA             Flags        Refs      Use    Mtu          Netif Expire    rtt(ms) rttvar(ms)
default            10.2.0.2           10.2.0.18          UGScg          90        1   2800       feth4823
default            192.168.82.1       192.168.82.217     UGScIg
```

allowDefault=0
```
sudo route delete default
sudo route delete -ifscope en1 default
sudo route add default 192.168.82.1
```

Notice the I flag, for -ifscope, on the physical default route.

route change does not seem to work reliably.

* fix docker tag for controllers (#2066)

* Update build.sh (#2068)

fix mkwork compilation errors

* Fix network DNS on macOS

It stopped working for ipv4 only networks in Monterey.
See #1696

We add some config like so to System Configuration

```
scutil
show State:/Network/Service/9bee8941b5xxxxxx/IPv4
<dictionary> {
  Addresses : <array> {
    0 : 10.2.1.36
  }
  InterfaceName : feth4823
  Router : 10.2.1.36
  ServerAddress : 127.0.0.1
}

```

* Add search domain to macos dns configuration

Stumbled upon this while debugging something else.
If we add search domain to our system configuration for
network DNS, then search domains work:

```
ping server1                                                                                                                                                                                    ~
PING server1.my.domain (10.123.3.1): 56 data bytes
64 bytes from 10.123.3.1
```

* Fix reporting of secondaryPort and tertiaryPort See: #2039

* Fix typos (#2075)

* Disable executable stacks on assembly objects (#2071)

Add `--noexecstack` to the assembler flags so the resulting binary
will link with a non-executable stack.

Fixes zerotier/ZeroTierOne#1179

Co-authored-by: Joseph Henry <joseph.henry@zerotier.com>

* Test that starting zerotier before internet works

* Don't skip hellos when there are no paths available

working on #2082

* Update validate-1m-linux.sh

* Save zt node log files on abort

* Separate test and summary step in validator script

* Don't apply default route until zerotier is "online"

I was running into issues with restarting the zerotier service while
"full tunnel" mode is enabled.
When zerotier first boots, it gets network state from the cache
on disk. So it immediately applies all the routes it knew about
before it shutdown.
The network config may have change in this time.
If it has, then your default route is via a route
you are blocked from talking on. So you  can't get the current
network config, so your internet does not work.

Other options include
- don't use cached network state on boot
- find a better criteria than "online"

* Fix node time-to-online counter in validator script

* Export variables so that they are accessible by exit function

* Fix PortMapper issue on ZeroTier startup

See issue #2082

We use a call to libnatpmp::ininatpp to make sure the computer
has working network sockets before we go into the main
nat-pmp/upnp logic.

With basic exponenetial delay up to 30 seconds.

* testing

* Comment out PortMapper debug

this got left turned on in a confusing merge previously

* fix macos default route again

see commit fb6af1971 * Fix network DNS on macOS
adding that stuff to System Config causes this extra route to be added
which breaks ipv4 default route.
We figured out a weird System Coniguration setting
that works.

--- old
couldn't figure out how to fix it in SystemConfiguration
so here we are# Please enter the commit message for your changes. Lines starting

We also moved the dns setter to before the syncIps stuff
to help with a race condition. It didn't always work when
you re-joined a network with default route enabled.

* Catch all conditions in switch statement, remove trailing whitespaces

* Add setmtu command, fix bond lifetime issue

* Basic cleanups

* Check if null is passed to VirtualNetworkConfig.equals and name fixes

* ANDROID-96: Simplify and use return code from node_init directly

* Windows arm64 (#2099)

* ARM64 changes for 1.12

* 1.12 Windows advanced installer updates and updates for ARM64

* 1.12.0

* Linux build fixes for old distros.

* release notes

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: travis laduke <travisladuke@gmail.com>
Co-authored-by: Grant Limberg <grant.limberg@zerotier.com>
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>
Co-authored-by: Leonardo Amaral <leleobhz@users.noreply.github.com>
Co-authored-by: Brenton Bostick <bostick@gmail.com>
Co-authored-by: Sean OMeara <someara@users.noreply.github.com>
Co-authored-by: Joseph Henry <joseph-henry@users.noreply.github.com>
Co-authored-by: Roman Peshkichev <roman.peshkichev@gmail.com>
Co-authored-by: Joseph Henry <joseph.henry@zerotier.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
Co-authored-by: Jake Vis <jakevis@outlook.com>
Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
Co-authored-by: lison <imlison@foxmail.com>
Co-authored-by: Kenny MacDermid <kenny@macdermid.ca>

* Fix primary port binding issue in 1.12 (#2107)

* Add test for primary port bindings to validator - See #2105

* Add delay to binding test

* Remove TCP binding logic from Binder to fix #2105

* add second control plane socket for ipv6

* fix controller network post endpoint

* exit if we can't bind at least one of IPV4 or IPV6 for control plane port

---------

Co-authored-by: Grant Limberg <grant.limberg@zerotier.com>

* Version bump, Linux version stuff, Debian dependencies from 1.12.0 rebuild, release notes.

* macOS version bump in installer

* Windows version bump.

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: travis laduke <travisladuke@gmail.com>
Co-authored-by: Grant Limberg <grant.limberg@zerotier.com>
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>
Co-authored-by: Leonardo Amaral <leleobhz@users.noreply.github.com>
Co-authored-by: Brenton Bostick <bostick@gmail.com>
Co-authored-by: Sean OMeara <someara@users.noreply.github.com>
Co-authored-by: Joseph Henry <joseph-henry@users.noreply.github.com>
Co-authored-by: Roman Peshkichev <roman.peshkichev@gmail.com>
Co-authored-by: Joseph Henry <joseph.henry@zerotier.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
Co-authored-by: Jake Vis <jakevis@outlook.com>
Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
Co-authored-by: lison <imlison@foxmail.com>
Co-authored-by: Kenny MacDermid <kenny@macdermid.ca>
 2023-08-25 19:05:48 -04:00
Adam Ierymenko
464bca5d20
1.12.1 (#2112) 
* Fix primary port binding issue in 1.12 (#2107)

* Add test for primary port bindings to validator - See #2105

* Add delay to binding test

* Remove TCP binding logic from Binder to fix #2105

* add second control plane socket for ipv6

* fix controller network post endpoint

* exit if we can't bind at least one of IPV4 or IPV6 for control plane port

---------

Co-authored-by: Grant Limberg <grant.limberg@zerotier.com>

* Version bump, Linux version stuff, Debian dependencies from 1.12.0 rebuild, release notes.

* macOS version bump in installer

* Windows version bump.

---------

Co-authored-by: Joseph Henry <joseph.henry@zerotier.com>
Co-authored-by: Grant Limberg <grant.limberg@zerotier.com>
 2023-08-25 19:03:03 -04:00
Joseph Henry
7637ef10d7
Fix primary port binding issue in 1.12 (#2107) 
* Add test for primary port bindings to validator - See #2105

* Add delay to binding test

* Remove TCP binding logic from Binder to fix #2105

* add second control plane socket for ipv6

* fix controller network post endpoint

* exit if we can't bind at least one of IPV4 or IPV6 for control plane port

---------

Co-authored-by: Grant Limberg <grant.limberg@zerotier.com>
 2023-08-25 12:51:33 -04:00
Adam Ierymenko
0e5651f353
1.12.0 merge to main (#2104) 
* add note about forceTcpRelay

* Create a sample systemd unit for tcp proxy

* set gitattributes for rust & cargo so hashes dont conflict on Windows

* Revert "set gitattributes for rust & cargo so hashes dont conflict on Windows"

This reverts commit 032dc5c108.

* Turn off autocrlf for rust source

Doesn't appear to play nice well when it comes to git and vendored cargo package hashes

* Fix #1883 (#1886)

Still unknown as to why, but the call to `nc->GetProperties()` can fail
when setting a friendly name on the Windows virtual ethernet adapter.
Ensure that `ncp` is not null before continuing and accessing the device
GUID.

* Don't vendor packages for zeroidc (#1885)

* Added docker environment way to join networks (#1871)

* add StringUtils

* fix headers
use recommended headers and remove unused headers

* move extern "C"
only JNI functions need to be exported

* cleanup

* fix ANDROID-50: RESULT_ERROR_BAD_PARAMETER typo

* fix typo in log message

* fix typos in JNI method signatures

* fix typo

* fix ANDROID-51: fieldName is uninitialized

* fix ANDROID-35: memory leak

* fix missing DeleteLocalRef in loops

* update to use unique error codes

* add GETENV macro

* add LOG_TAG defines

* ANDROID-48: add ZT_jnicache.cpp

* ANDROID-48: use ZT_jnicache.cpp and remove ZT_jnilookup.cpp and ZT_jniarray.cpp

* add Event.fromInt

* add PeerRole.fromInt

* add ResultCode.fromInt

* fix ANDROID-36: issues with ResultCode

* add VirtualNetworkConfigOperation.fromInt

* fix ANDROID-40: VirtualNetworkConfigOperation out-of-sync with ZT_VirtualNetworkConfigOperation enum

* add VirtualNetworkStatus.fromInt

* fix ANDROID-37: VirtualNetworkStatus out-of-sync with ZT_VirtualNetworkStatus enum

* add VirtualNetworkType.fromInt

* make NodeStatus a plain data class

* fix ANDROID-52: synchronization bug with nodeMap

* Node init work: separate Node construction and init

* add Node.toString

* make PeerPhysicalPath a plain data class

* remove unused PeerPhysicalPath.fixed

* add array functions

* make Peer a plain data class

* make Version a plain data class

* fix ANDROID-42: copy/paste error

* fix ANDROID-49: VirtualNetworkConfig.equals is wrong

* reimplement VirtualNetworkConfig.equals

* reimplement VirtualNetworkConfig.compareTo

* add VirtualNetworkConfig.hashCode

* make VirtualNetworkConfig a plain data class

* remove unused VirtualNetworkConfig.enabled

* reimplement VirtualNetworkDNS.equals

* add VirtualNetworkDNS.hashCode

* make VirtualNetworkDNS a plain data class

* reimplement VirtualNetworkRoute.equals

* reimplement VirtualNetworkRoute.compareTo

* reimplement VirtualNetworkRoute.toString

* add VirtualNetworkRoute.hashCode

* make VirtualNetworkRoute a plain data class

* add isSocketAddressEmpty

* add addressPort

* add fromSocketAddressObject

* invert logic in a couple of places and return early

* newInetAddress and newInetSocketAddress work
allow newInetSocketAddress to return NULL if given empty address

* fix ANDROID-38: stack corruption in onSendPacketRequested

* use GETENV macro

* JniRef work
JniRef does not use callbacks struct, so remove
fix NewGlobalRef / DeleteGlobalRef mismatch

* use PRId64 macros

* switch statement work

* comments and logging

* Modifier 'public' is redundant for interface members

* NodeException can be made a checked Exception

* 'NodeException' does not define a 'serialVersionUID' field

* 'finalize()' should not be overridden
this is fine to do because ZeroTierOneService calls close() when it is done

* error handling, error reporting, asserts, logging

* simplify loadLibrary

* rename Node.networks -> Node.networkConfigs

* Windows file permissions fix (#1887)

* Allow macOS interfaces to use multiple IP addresses (#1879)

Co-authored-by: Sean OMeara <someara@users.noreply.github.com>
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* Fix condition where full HELLOs might not be sent when necessary (#1877)

Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* 1.10.4 version bumps

* Add security policy to repo (#1889)

* [+] add e2k64 arch (#1890)

* temp fix for ANDROID-56: crash inside newNetworkConfig from too many args

* 1.10.4 release notes

* Windows 1.10.4 Advanced Installer bump

* Revert "temp fix for ANDROID-56: crash inside newNetworkConfig from too many args"

This reverts commit dd627cd7f4.

* actual fix for ANDROID-56: crash inside newNetworkConfig
cast all arguments to varargs functions as good style

* Fix addIp being called with applied ips (#1897)

This was getting called outside of the check for existing ips
Because of the added ifdef and a brace getting moved to the
wrong place.

```
if (! n.tap()->addIp(*ip)) {
	fprintf(stderr, "ERROR: unable to add ip address %s" ZT_EOL_S, ip->toString(ipbuf));
}
WinFWHelper::newICMPRule(*ip, n.config().nwid);

```

* 1.10.5 (#1905)

* 1.10.5 bump

* 1.10.5 for Windows

* 1.10.5

* Prevent path-learning loops (#1914)

* Prevent path-learning loops

* Only allow new overwrite if not bonded

* fix binding temporary ipv6 addresses on macos (#1910)

The check code wasn't running.

I don't know why !defined(TARGET_OS_IOS) would exclude code on
desktop macOS. I did a quick search and changed it to defined(TARGET_OS_MAC).
Not 100% sure what the most correct solution there is.

You can verify the old and new versions with

`ifconfig | grep temporary`

plus

`zerotier-cli info -j` -> listeningOn

* 1.10.6 (#1929)

* 1.10.5 bump

* 1.10.6

* 1.10.6 AIP for Windows.

* Release notes for 1.10.6 (#1931)

* Minor tweak to Synology Docker image script (#1936)

* Change if_def again so ios can build (#1937)

All apple's variables are "defined"
but sometimes they are defined as "0"

* move begin/commit into try/catch block (#1932)

Thread was exiting in some cases

* Bump openssl from 0.10.45 to 0.10.48 in /zeroidc (#1938)

Bumps [openssl](https://github.com/sfackler/rust-openssl) from 0.10.45 to 0.10.48.
- [Release notes](https://github.com/sfackler/rust-openssl/releases)
- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.45...openssl-v0.10.48)

---
updated-dependencies:
- dependency-name: openssl
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* new drone bits

* Fix multiple network join from environment entrypoint.sh.release (#1961)

* _bond_m guards _bond, not _paths_m (#1965)

* Fix: warning: mutex '_aqm_m' is not held on every path through here [-Wthread-safety-analysis] (#1964)

* Bump h2 from 0.3.16 to 0.3.17 in /zeroidc (#1963)

Bumps [h2](https://github.com/hyperium/h2) from 0.3.16 to 0.3.17.
- [Release notes](https://github.com/hyperium/h2/releases)
- [Changelog](https://github.com/hyperium/h2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hyperium/h2/compare/v0.3.16...v0.3.17)

---
updated-dependencies:
- dependency-name: h2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* Add note that binutils is required on FreeBSD (#1968)

* Add prometheus metrics for Central controllers (#1969)

* add header-only prometheus lib to ext

* rename folder

* Undo rename directory

* prometheus simpleapi included on mac & linux

* wip

* wire up some controller stats

* Get windows building with prometheus

* bsd build flags for prometheus

* Fix multiple network join from environment entrypoint.sh.release (#1961)

* _bond_m guards _bond, not _paths_m (#1965)

* Fix: warning: mutex '_aqm_m' is not held on every path through here [-Wthread-safety-analysis] (#1964)

* Serve prom metrics from /metrics endpoint

* Add prom metrics for Central controller specific things

* reorganize metric initialization

* testing out a labled gauge on Networks

* increment error counter on throw

* Consolidate metrics definitions

Put all metric definitions into node/Metrics.hpp.  Accessed as needed
from there.

* Revert "testing out a labled gauge on Networks"

This reverts commit 499ed6d95e.

* still blows up but adding to the record for completeness right now

* Fix runtime issues with metrics

* Add metrics files to visual studio project

* Missed an "extern"

* add copyright headers to new files

* Add metrics for sent/received bytes (total)

* put /metrics endpoint behind auth

* sendto returns int on Win32

---------

Co-authored-by: Leonardo Amaral <leleobhz@users.noreply.github.com>
Co-authored-by: Brenton Bostick <bostick@gmail.com>

* Central startup update (#1973)

* allow specifying authtoken in central startup

* set allowManagedFrom

* move redis_mem_notification to the correct place

* add node checkins metric

* wire up min/max connection pool size metrics

* x86_64-unknown-linux-gnu on ubuntu runner (#1975)

* adding incoming zt packet type metrics (#1976)

* use cpp-httplib for HTTP control plane (#1979)

refactored the old control plane code to use [cpp-httplib](https://github.com/yhirose/cpp-httplib) instead of a hand rolled HTTP server.  Makes the control plane code much more legible.  Also no longer randomly stops responding.

* Outgoing Packet Metrics (#1980)

add tx/rx labels to packet counters and add metrics for outgoing packets

* Add short-term validation test workflow (#1974)

Add short-term validation test workflow

* Brenton/curly braces (#1971)

* fix formatting

* properly adjust various lines
breakup multiple statements onto multiple lines

* insert {} around if, for, etc.

* Fix rust dependency caching (#1983)

* fun with rust caching

* kick

* comment out invalid yaml keys for now

* Caching should now work

* re-add/rename key directives

* bump

* bump

* bump

* Don't force rebuild on Windows build GH Action (#1985)

Switching `/t:ZeroTierOne:Rebuild` to just `/t:ZeroTierOne` allows the Windows build to use the rust cache.  `/t:ZeroTierOne:Rebuild` cleared the cache before building.

* More packet metrics (#1982)

* found path negotation sends that weren't accounted for

* Fix histogram so it will actually compile

* Found more places for packet metrics

* separate the bind & listen calls on the http backplane (#1988)

* fix memory leak (#1992)

* fix a couple of metrics (#1989)

* More aggressive CLI spamming (#1993)

* fix type signatures (#1991)

* Network-metrics (#1994)

* Add a couple quick functions for converting a uint64_t network ID/node ID into std::string

* Network metrics

* Peer metrics (#1995)

* Adding peer metrics

still need to be wired up for use

* per peer packet metrics

* Fix crash from bad instantiation of histogram

* separate alive & dead path counts

* Add peer metric update block

* add peer latency values in doPingAndKeepalive

* prevent deadlock

* peer latency histogram actually works now

* cleanup

* capture counts of packets to specific peers

---------

Co-authored-by: Joseph Henry <joseph.henry@zerotier.com>

* Metrics consolidation (#1997)

* Rename zt_packet_incoming -> zt_packet

Also consolidate zt_peer_packets into a single metric with tx and rx labels.  Same for ztc_tcp_data and ztc_udp_data

* Further collapse tcp & udp into metric labels for zt_data

* Fix zt_data metric description

* zt_peer_packets description fix

* Consolidate incoming/outgoing network packets to a single metric

* zt_incoming_packet_error -> zt_packet_error

* Disable peer metrics for central controllers

Can change in the future if needed, but given the traffic our controllers serve, that's going to be a *lot* of data

* Disable peer metrics for controllers pt 2

* Update readme files for metrics (#2000)

* Controller Metrics & Network Config Request Fix (#2003)

* add new metrics for network config request queue size and sso expirations
* move sso expiration to its own thread in the controller
* fix potential undefined behavior when modifying a set

* Enable RTTI in Windows build

The new prometheus histogram stuff needs it.

Access violation - no RTTI data!INVALID packet 636ebd9ee8cac6c0 from cafe9efeb9(2605:9880:200:1200:30:571:e34:51/9993) (unexpected exception in tryDecode())

* Don't re-apply routes on BSD

See issue #1986

* Capture setContent by-value instead of by-reference (#2006)

Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* fix typos (#2010)

* central controller metrics & request path updates (#2012)

* internal db metrics

* use shared mutexes for read/write locks

* remove this lock. only used for a metric

* more metrics

* remove exploratory metrics

place controller request benchmarks behind ifdef

* Improve validation test (#2013)

* fix init order for EmbeddedNetworkController (#2014)

* add constant for getifaddrs cache time

* cache getifaddrs - mac

* cache getifaddrs - linux

* cache getifaddrs - bsd

* cache getifaddrs - windows

* Fix oidc client lookup query

join condition referenced the wrong table.  Worked fine unless there were multiple identical client IDs

* Fix udp sent metric

was only incrementing by 1 for each packet sent

* Allow sending all surface addresses to peer in low-bandwidth mode

* allow enabling of low bandwidth mode on controllers

* don't unborrow bad connections

pool will clean them up later

* Multi-arch controller container (#2037)

create arm64 & amd64 images for central controller

* Update README.md

issue #2009

* docker tags change

* fix oidc auth url memory leak (#2031)

getAuthURL() was not calling zeroidc::free_cstr(url);

the only place authAuthURL is called, the url can be retrieved
from the network config instead.

You could alternatively copy the string and call free_cstr in getAuthURL.
If that's better we can change the PR.

Since now there are no callers of getAuthURL I deleted it.

Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* Bump openssl from 0.10.48 to 0.10.55 in /zeroidc (#2034)

Bumps [openssl](https://github.com/sfackler/rust-openssl) from 0.10.48 to 0.10.55.
- [Release notes](https://github.com/sfackler/rust-openssl/releases)
- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.48...openssl-v0.10.55)

---
updated-dependencies:
- dependency-name: openssl
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* zeroidc cargo warnings (#2029)

* fix unused struct member cargo warning

* fix unused import cargo warning

* fix unused return value cargo warning

---------

Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* fix memory leak in macos ipv6/dns helper (#2030)

Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* Consider ZEROTIER_JOIN_NETWORKS in healthcheck (#1978)

* Add a 2nd auth token only for access to /metrics (#2043)

* Add a 2nd auth token for /metrics

Allows administrators to distribute a token that only has access to read
metrics and nothing else.

Also added support for using bearer auth tokens for both types of tokens

Separate endpoint for metrics #2041

* Update readme

* fix a couple of cases of writing the wrong token

* Add warning to cli for allow default on FreeBSD

It doesn't work.
Not possible to fix with deficient network
stack and APIs.

ZeroTierOne-freebsd # zerotier-cli set 9bee8941b5xxxxxx allowDefault=1
400 set Allow Default does not work properly on FreeBSD. See #580
root@freebsd13-a:~/ZeroTierOne-freebsd # zerotier-cli get 9bee8941b5xxxxxx allowDefault
1

* ARM64 Support for TapDriver6 (#1949)

* Release memory previously allocated by UPNP_GetValidIGD

* Fix ifdef that breaks libzt on iOS (#2050)

* less drone (#2060)

* Exit if loading an invalid identity from disk (#2058)

* Exit if loading an invalid identity from disk

Previously, if an invalid identity was loaded from disk, ZeroTier would
generate a new identity & chug along and generate a brand new identity
as if nothing happened.  When running in containers, this introduces the
possibility for key matter loss; especially when running in containers
where the identity files are mounted in the container read only.  In
this case, ZT will continue chugging along with a brand new identity
with no possibility of recovering the private key.

ZeroTier should exit upon loading of invalid identity.public/identity.secret #2056

* add validation test for #2056

* tcp-proxy: fix build

* Adjust tcp-proxy makefile to support metrics

There's no way to get the metrics yet. Someone will
have to add the http service.

* remove ZT_NO_METRIC ifdef

* Implement recvmmsg() for Linux to reduce syscalls. (#2046)

Between 5% and 40% speed improvement on Linux, depending on system configuration and load.

* suppress warnings: comparison of integers of different signs: 'int64_t' (aka 'long') and 'uint64_t' (aka 'unsigned long') [-Wsign-compare] (#2063)

* fix warning: 'OS_STRING' macro redefined [-Wmacro-redefined] (#2064)

Even though this is in ext, these particular chunks of code were added
by us, so are ok to modify.

* Apply default route a different way - macOS

The original way we applied default route, by forking
0.0.0.0/0 into 0/1 and 128/1 works, but if mac os has any networking
hiccups -if you change SSIDs or sleep/wake- macos erases the system default route.
And then all networking on the computer is broken.

to summarize the new way:
allowDefault=1
```
sudo route delete default 192.168.82.1
sudo route add default 10.2.0.2
sudo route add -ifscope en1 default 192.168.82.1
```

gives us this routing table
```
Destination        Gateway            RT_IFA             Flags        Refs      Use    Mtu          Netif Expire    rtt(ms) rttvar(ms)
default            10.2.0.2           10.2.0.18          UGScg          90        1   2800       feth4823
default            192.168.82.1       192.168.82.217     UGScIg
```

allowDefault=0
```
sudo route delete default
sudo route delete -ifscope en1 default
sudo route add default 192.168.82.1
```

Notice the I flag, for -ifscope, on the physical default route.

route change does not seem to work reliably.

* fix docker tag for controllers (#2066)

* Update build.sh (#2068)

fix mkwork compilation errors

* Fix network DNS on macOS

It stopped working for ipv4 only networks in Monterey.
See #1696

We add some config like so to System Configuration

```
scutil
show State:/Network/Service/9bee8941b5xxxxxx/IPv4
<dictionary> {
  Addresses : <array> {
    0 : 10.2.1.36
  }
  InterfaceName : feth4823
  Router : 10.2.1.36
  ServerAddress : 127.0.0.1
}

```

* Add search domain to macos dns configuration

Stumbled upon this while debugging something else.
If we add search domain to our system configuration for
network DNS, then search domains work:

```
ping server1                                                                                                                                                                                    ~
PING server1.my.domain (10.123.3.1): 56 data bytes
64 bytes from 10.123.3.1
```

* Fix reporting of secondaryPort and tertiaryPort See: #2039

* Fix typos (#2075)

* Disable executable stacks on assembly objects (#2071)

Add `--noexecstack` to the assembler flags so the resulting binary
will link with a non-executable stack.

Fixes zerotier/ZeroTierOne#1179

Co-authored-by: Joseph Henry <joseph.henry@zerotier.com>

* Test that starting zerotier before internet works

* Don't skip hellos when there are no paths available

working on #2082

* Update validate-1m-linux.sh

* Save zt node log files on abort

* Separate test and summary step in validator script

* Don't apply default route until zerotier is "online"

I was running into issues with restarting the zerotier service while
"full tunnel" mode is enabled.
When zerotier first boots, it gets network state from the cache
on disk. So it immediately applies all the routes it knew about
before it shutdown.
The network config may have change in this time.
If it has, then your default route is via a route
you are blocked from talking on. So you  can't get the current
network config, so your internet does not work.

Other options include
- don't use cached network state on boot
- find a better criteria than "online"

* Fix node time-to-online counter in validator script

* Export variables so that they are accessible by exit function

* Fix PortMapper issue on ZeroTier startup

See issue #2082

We use a call to libnatpmp::ininatpp to make sure the computer
has working network sockets before we go into the main
nat-pmp/upnp logic.

With basic exponenetial delay up to 30 seconds.

* testing

* Comment out PortMapper debug

this got left turned on in a confusing merge previously

* fix macos default route again

see commit fb6af1971 * Fix network DNS on macOS
adding that stuff to System Config causes this extra route to be added
which breaks ipv4 default route.
We figured out a weird System Coniguration setting
that works.

--- old
couldn't figure out how to fix it in SystemConfiguration
so here we are# Please enter the commit message for your changes. Lines starting

We also moved the dns setter to before the syncIps stuff
to help with a race condition. It didn't always work when
you re-joined a network with default route enabled.

* Catch all conditions in switch statement, remove trailing whitespaces

* Add setmtu command, fix bond lifetime issue

* Basic cleanups

* Check if null is passed to VirtualNetworkConfig.equals and name fixes

* ANDROID-96: Simplify and use return code from node_init directly

* Windows arm64 (#2099)

* ARM64 changes for 1.12

* 1.12 Windows advanced installer updates and updates for ARM64

* 1.12.0

* Linux build fixes for old distros.

* release notes

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: travis laduke <travisladuke@gmail.com>
Co-authored-by: Grant Limberg <grant.limberg@zerotier.com>
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>
Co-authored-by: Leonardo Amaral <leleobhz@users.noreply.github.com>
Co-authored-by: Brenton Bostick <bostick@gmail.com>
Co-authored-by: Sean OMeara <someara@users.noreply.github.com>
Co-authored-by: Joseph Henry <joseph-henry@users.noreply.github.com>
Co-authored-by: Roman Peshkichev <roman.peshkichev@gmail.com>
Co-authored-by: Joseph Henry <joseph.henry@zerotier.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
Co-authored-by: Jake Vis <jakevis@outlook.com>
Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
Co-authored-by: lison <imlison@foxmail.com>
Co-authored-by: Kenny MacDermid <kenny@macdermid.ca>
 2023-08-23 14:24:21 -04:00
Adam Ierymenko
ffb63f3ee5
1.12.0 release notes (#2103) 
* 1.12.0

* Linux build fixes for old distros.

* release notes
 2023-08-23 13:07:38 -04:00
Adam Ierymenko
0859a0d1e5
1.12.0 (#2102) 
* 1.12.0

* Linux build fixes for old distros.
 2023-08-23 13:03:57 -04:00
travisladuke
e41a6f2ec4 update readme 2023-08-22 09:29:03 -07:00
Joseph Henry
c53c6bd9c3
Merge pull request #2100 from zerotier/brenton/fix-rx-in-tx 
Fix problem of doing RX while inside of TX
 2023-08-21 13:09:49 -07:00
Brenton Bostick
707d7deed2 Fix problem of doing RX while inside of TX 
Part of fix for:
https://github.com/zerotier/libzt/issues/211
 2023-08-21 15:04:48 -04:00
Adam Ierymenko
ed0a388bcd
Windows arm64 (#2099) 
* ARM64 changes for 1.12

* 1.12 Windows advanced installer updates and updates for ARM64
 2023-08-17 12:48:48 -04:00
Brenton Bostick
826a1ee346 ANDROID-96: Simplify and use return code from node_init directly 2023-08-16 09:18:06 -04:00
Brenton Bostick
d4e63fcdfe Check if null is passed to VirtualNetworkConfig.equals and name fixes 2023-08-16 09:18:06 -04:00
Brenton Bostick
0806b881ea Basic cleanups 2023-08-16 09:18:06 -04:00
Grant Limberg
5becb41bd4
pass hook_id instead of url 2023-08-15 14:51:14 -07:00
Joseph Henry
ead68038a3
Merge pull request #2096 from zerotier/dev-multipath-improvements 
Add setmtu command, fix bond lifetime issue
 2023-08-15 13:24:08 -07:00
Joseph Henry
b8b5d0bff8
Add setmtu command, fix bond lifetime issue 2023-08-15 12:59:58 -07:00
Joseph Henry
e18172d434
Merge pull request #2095 from zerotier/dev-minor-oneservice-fixes 
Catch all conditions in switch statement, remove trailing whitespaces
 2023-08-15 08:58:43 -07:00
Joseph Henry
a15883d49b
Catch all conditions in switch statement, remove trailing whitespaces 2023-08-15 08:54:05 -07:00
Grant Limberg
714ef59814
Merge branch 'dev' into temporal 2023-08-15 08:45:28 -07:00
travisladuke
1d095e81d9 fix macos default route again 
see commit fb6af1971 * Fix network DNS on macOS
adding that stuff to System Config causes this extra route to be added
which breaks ipv4 default route.
We figured out a weird System Coniguration setting
that works.

--- old
couldn't figure out how to fix it in SystemConfiguration
so here we are# Please enter the commit message for your changes. Lines starting

We also moved the dns setter to before the syncIps stuff
to help with a race condition. It didn't always work when
you re-joined a network with default route enabled.
 2023-08-14 17:06:05 -07:00
travisladuke
d976a9f5a0 Comment out PortMapper debug 
this got left turned on in a confusing merge previously
 2023-08-14 17:06:05 -07:00
travisladuke
f2060e0c76 testing 2023-08-11 11:26:21 -07:00
travisladuke
b81ad9a84d Fix PortMapper issue on ZeroTier startup 
See issue #2082

We use a call to libnatpmp::ininatpp to make sure the computer
has working network sockets before we go into the main
nat-pmp/upnp logic.

With basic exponenetial delay up to 30 seconds.
 2023-08-11 11:26:21 -07:00
Joseph Henry
53bc05fe89
Merge pull request #2093 from zerotier/dev-validator-fix-dump-at-abort 
Export variables so that they are accessible by exit function
 2023-08-11 10:37:16 -07:00
Joseph Henry
a6d5c452d5
Export variables so that they are accessible by exit function 2023-08-11 10:35:42 -07:00
Joseph Henry
515fdc22a5
Merge pull request #2092 from zerotier/dev-validator-fix-dump-at-abort 
Fix node time-to-online counter in validator script
 2023-08-11 10:15:28 -07:00
Joseph Henry
424e276150
Fix node time-to-online counter in validator script 2023-08-11 10:14:29 -07:00
travisladuke
b071d6bbec Don't apply default route until zerotier is "online" 
I was running into issues with restarting the zerotier service while
"full tunnel" mode is enabled.
When zerotier first boots, it gets network state from the cache
on disk. So it immediately applies all the routes it knew about
before it shutdown.
The network config may have change in this time.
If it has, then your default route is via a route
you are blocked from talking on. So you  can't get the current
network config, so your internet does not work.

Other options include
- don't use cached network state on boot
- find a better criteria than "online"
 2023-08-11 10:13:34 -07:00
Joseph Henry
27a9cc6254
Merge pull request #2091 from zerotier/dev-validator-fix-dump-at-abort 
Separate test and summary step in validator script
 2023-08-10 15:38:27 -07:00
Joseph Henry
bb9ad5e41a
Separate test and summary step in validator script 2023-08-10 15:37:45 -07:00
Joseph Henry
d91f80464d
Merge pull request #2090 from zerotier/dev-validator-fix-dump-at-abort 
Save zt node log files on abort
 2023-08-10 11:08:52 -07:00
Joseph Henry
d826ddb294
Save zt node log files on abort 2023-08-10 11:02:37 -07:00
Joseph Henry
a7600c8072
Merge pull request #2089 from zerotier/dev-validator-fix-dump-at-abort 
Save ZT dump files on validator abort
 2023-08-10 10:55:41 -07:00
Joseph Henry
82a9122fc3
Update validate-1m-linux.sh 2023-08-10 09:58:47 -07:00
Joseph Henry
0e9e7f2ebc
Merge pull request #2086 from zerotier/tl-2082 
Don't skip hellos when there are no paths available
 2023-08-09 11:49:42 -07:00
travisladuke
14671009f8 Don't skip hellos when there are no paths available 
working on #2082
 2023-08-09 09:35:12 -07:00
Grant Limberg
802c9907a1
limit to hooks with hook_type = NETWORK_JOIN enabled 2023-08-08 13:14:55 -07:00
Grant Limberg
88b96265d7
look up hook URLs dynamically 2023-08-07 16:42:23 -07:00
travisladuke
0bc10923a1 Test that starting zerotier before internet works 2023-08-07 13:25:15 -07:00
Grant Limberg
0dc92c2d7b
update openidconnect rust lib 2023-08-07 10:41:19 -07:00
Grant Limberg
04a3206e53
fix rust cache in github actions 2023-08-04 15:38:49 -07:00
Grant Limberg
98360d94a5
attempt at fixing the windows build 2023-08-04 15:28:52 -07:00
Grant Limberg
a9c8307d97
should only run this if smee is configured 2023-08-04 15:14:40 -07:00
Grant Limberg
581489f67b
this should theoretically send the new member notification 2023-08-04 15:02:37 -07:00
Grant Limberg
5e89d5a03f
fix a typo 2023-08-04 15:02:30 -07:00
Grant Limberg
d71d051c53
instantiate smee client 2023-08-04 14:31:35 -07:00
Grant Limberg
d2aeff6752
another mac fix 2023-08-04 14:04:20 -07:00
Grant Limberg
36be14de06
fix zeroidc include path 2023-08-04 13:31:24 -07:00
Grant Limberg
f9af9a15f2
rusftormat zeroidc 2023-08-04 13:09:14 -07:00
Grant Limberg
4674bb5c8b
add smee client 2023-08-04 13:08:41 -07:00
Grant Limberg
a6b764bf7c
move zeroidc to rustybits folder 2023-08-03 14:57:00 -07:00
Kenny MacDermid
c6f07ee19f
Disable executable stacks on assembly objects (#2071) 
Add `--noexecstack` to the assembler flags so the resulting binary
will link with a non-executable stack.

Fixes zerotier/ZeroTierOne#1179

Co-authored-by: Joseph Henry <joseph.henry@zerotier.com>
 2023-08-02 15:12:49 -07:00
Brenton Bostick
e36127283c
Fix typos (#2075) 2023-08-01 08:53:55 -07:00
Joseph Henry
230ae6bd16 Fix reporting of secondaryPort and tertiaryPort See: #2039 2023-07-31 20:44:16 -07:00
travisladuke
5b5ef07350 Add search domain to macos dns configuration 
Stumbled upon this while debugging something else.
If we add search domain to our system configuration for
network DNS, then search domains work:

```
ping server1                                                                                                                                                                                    ~
PING server1.my.domain (10.123.3.1): 56 data bytes
64 bytes from 10.123.3.1
```
 2023-07-31 12:37:59 -07:00
travisladuke
fb6af1971b Fix network DNS on macOS 
It stopped working for ipv4 only networks in Monterey.
See #1696

We add some config like so to System Configuration

```
scutil
show State:/Network/Service/9bee8941b5xxxxxx/IPv4
<dictionary> {
  Addresses : <array> {
    0 : 10.2.1.36
  }
  InterfaceName : feth4823
  Router : 10.2.1.36
  ServerAddress : 127.0.0.1
}

```
 2023-07-27 14:26:36 -07:00
lison
41f9bdc5db
Update build.sh (#2068) 
fix mkwork compilation errors
 2023-07-27 12:43:31 -04:00
Grant Limberg
12e64aa191
fix docker tag for controllers (#2066) 2023-07-20 16:22:03 -07:00
travis laduke
22ab673480 Apply default route a different way - macOS 
The original way we applied default route, by forking
0.0.0.0/0 into 0/1 and 128/1 works, but if mac os has any networking
hiccups -if you change SSIDs or sleep/wake- macos erases the system default route.
And then all networking on the computer is broken.

to summarize the new way:
allowDefault=1
```
sudo route delete default 192.168.82.1
sudo route add default 10.2.0.2
sudo route add -ifscope en1 default 192.168.82.1
```

gives us this routing table
```
Destination        Gateway            RT_IFA             Flags        Refs      Use    Mtu          Netif Expire    rtt(ms) rttvar(ms)
default            10.2.0.2           10.2.0.18          UGScg          90        1   2800       feth4823
default            192.168.82.1       192.168.82.217     UGScIg
```

allowDefault=0
```
sudo route delete default
sudo route delete -ifscope en1 default
sudo route add default 192.168.82.1
```

Notice the I flag, for -ifscope, on the physical default route.

route change does not seem to work reliably.
 2023-07-20 13:37:05 -07:00
Brenton Bostick
03841dcb81
fix warning: 'OS_STRING' macro redefined [-Wmacro-redefined] (#2064) 
Even though this is in ext, these particular chunks of code were added
by us, so are ok to modify.
 2023-07-20 11:38:08 -04:00
Brenton Bostick
64c2634b71
suppress warnings: comparison of integers of different signs: 'int64_t' (aka 'long') and 'uint64_t' (aka 'unsigned long') [-Wsign-compare] (#2063) 2023-07-20 11:37:50 -04:00
Adam Ierymenko
f1019dc4ee
Implement recvmmsg() for Linux to reduce syscalls. (#2046) 
Between 5% and 40% speed improvement on Linux, depending on system configuration and load.
 2023-07-20 11:36:37 -04:00
travisladuke
50ede37a58 remove ZT_NO_METRIC ifdef 2023-07-19 13:42:49 -07:00
travisladuke
60ddca1354 Adjust tcp-proxy makefile to support metrics 
There's no way to get the metrics yet. Someone will
have to add the http service.
 2023-07-19 13:42:49 -07:00
Jörg Thalheim
19f1f02d91 tcp-proxy: fix build 2023-07-19 13:42:49 -07:00
Grant Limberg
5a36b315a3
Exit if loading an invalid identity from disk (#2058) 
* Exit if loading an invalid identity from disk

Previously, if an invalid identity was loaded from disk, ZeroTier would
generate a new identity & chug along and generate a brand new identity
as if nothing happened.  When running in containers, this introduces the
possibility for key matter loss; especially when running in containers
where the identity files are mounted in the container read only.  In
this case, ZT will continue chugging along with a brand new identity
with no possibility of recovering the private key.

ZeroTier should exit upon loading of invalid identity.public/identity.secret #2056

* add validation test for #2056
 2023-07-18 14:10:31 -04:00
Sean OMeara
b67cd2cf7a
less drone (#2060) 2023-07-18 10:57:38 +02:00
Joseph Henry
97492eec7c
Fix ifdef that breaks libzt on iOS (#2050) 2023-07-17 16:49:58 -07:00
Joseph Henry
fdc2e0f692 Release memory previously allocated by UPNP_GetValidIGD 2023-07-13 16:34:14 -07:00
Jake Vis
2672d037a8
ARM64 Support for TapDriver6 (#1949) 2023-07-13 16:52:06 -04:00
travis laduke
ee663d61cd Add warning to cli for allow default on FreeBSD 
It doesn't work.
Not possible to fix with deficient network
stack and APIs.

ZeroTierOne-freebsd # zerotier-cli set 9bee8941b5xxxxxx allowDefault=1
400 set Allow Default does not work properly on FreeBSD. See #580
root@freebsd13-a:~/ZeroTierOne-freebsd # zerotier-cli get 9bee8941b5xxxxxx allowDefault
1
 2023-07-13 13:20:22 -07:00
Grant Limberg
008a768f15
Add a 2nd auth token only for access to /metrics (#2043) 
* Add a 2nd auth token for /metrics

Allows administrators to distribute a token that only has access to read
metrics and nothing else.

Also added support for using bearer auth tokens for both types of tokens

Separate endpoint for metrics #2041

* Update readme

* fix a couple of cases of writing the wrong token
 2023-07-07 16:43:32 -07:00
Stavros Kois
33b2e6a856
Consider ZEROTIER_JOIN_NETWORKS in healthcheck (#1978) 2023-07-06 12:45:58 -07:00
Travis LaDuke
6540107ccb
fix memory leak in macos ipv6/dns helper (#2030) 
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>
 2023-07-06 12:32:10 -07:00
Travis LaDuke
1ce08a62a9
zeroidc cargo warnings (#2029) 
* fix unused struct member cargo warning

* fix unused import cargo warning

* fix unused return value cargo warning

---------

Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>
 2023-07-06 12:13:00 -07:00
dependabot[bot]
b82bdc7782
Bump openssl from 0.10.48 to 0.10.55 in /zeroidc (#2034) 
Bumps [openssl](https://github.com/sfackler/rust-openssl) from 0.10.48 to 0.10.55.
- [Release notes](https://github.com/sfackler/rust-openssl/releases)
- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.48...openssl-v0.10.55)

---
updated-dependencies:
- dependency-name: openssl
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>
 2023-07-06 11:45:32 -07:00
Travis LaDuke
e0e21dfdda
fix oidc auth url memory leak (#2031) 
getAuthURL() was not calling zeroidc::free_cstr(url);

the only place authAuthURL is called, the url can be retrieved
from the network config instead.

You could alternatively copy the string and call free_cstr in getAuthURL.
If that's better we can change the PR.

Since now there are no callers of getAuthURL I deleted it.

Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>
 2023-07-06 11:27:54 -07:00
Grant Limberg
981d09cc28
Merge pull request #2042 from zerotier:docker2 
docker tags change
 2023-07-06 10:13:35 -07:00
Grant Limberg
2fbd5dc828
docker tags change 2023-07-06 10:12:29 -07:00
Travis LaDuke
931b02dbb1 Update README.md 
issue #2009
 2023-07-05 13:59:23 -07:00
Grant Limberg
0962af5e72
Multi-arch controller container (#2037) 
create arm64 & amd64 images for central controller
 2023-06-29 19:45:44 -04:00
Grant Limberg
9b7d13476f
Merge pull request #2022 from zerotier:pgpool 
don't unborrow bad connections
 2023-06-08 08:52:23 -07:00
Grant Limberg
3efb731b40
don't unborrow bad connections 
pool will clean them up later
 2023-06-08 08:45:50 -07:00
Grant Limberg
ce989d0d67
Merge pull request #2019 from zerotier:ctl-reduce-hello 2023-06-01 11:21:21 -07:00
Grant Limberg
405f96c4b7
allow enabling of low bandwidth mode on controllers 2023-05-31 15:08:30 -07:00
Joseph Henry
5ad0212b93
Allow sending all surface addresses to peer in low-bandwidth mode 2023-05-31 15:02:17 -07:00
Grant Limberg
30799dd73f
Merge pull request #2017 from zerotier/outbound-bytes-fix 2023-05-31 13:25:52 -07:00
Grant Limberg
8ebe2c563a
Fix udp sent metric 
was only incrementing by 1 for each packet sent
 2023-05-31 13:25:30 -07:00
Grant Limberg
57588dec7a
Merge pull request #2016 from zerotier/ctl-oidc-fix 2023-05-31 10:37:33 -07:00
Grant Limberg
9a8b74d744
Fix oidc client lookup query 
join condition referenced the wrong table.  Worked fine unless there were multiple identical client IDs
 2023-05-31 09:34:31 -07:00
travis laduke
e11d70e408 cache getifaddrs - windows 2023-05-25 11:21:35 -07:00
travis laduke
60d2138f30 cache getifaddrs - bsd 2023-05-25 11:21:35 -07:00
travis laduke
259ee610a6 cache getifaddrs - linux 2023-05-25 11:21:35 -07:00
travis laduke
4192f6a6d9 cache getifaddrs - mac 2023-05-25 11:21:35 -07:00
travis laduke
54decda7a4 add constant for getifaddrs cache time 2023-05-25 11:21:35 -07:00
Grant Limberg
f42841a6ab
fix init order for EmbeddedNetworkController (#2014) 2023-05-25 11:09:08 -07:00
Joseph Henry
524363dcf7
Improve validation test (#2013) 2023-05-25 10:54:26 -07:00
Grant Limberg
17f6b3a10b
central controller metrics & request path updates (#2012) 
* internal db metrics

* use shared mutexes for read/write locks

* remove this lock. only used for a metric

* more metrics

* remove exploratory metrics

place controller request benchmarks behind ifdef
 2023-05-23 12:11:26 -07:00
Brenton Bostick
da71e2524c
fix typos (#2010) 2023-05-19 19:21:24 +02:00
Brenton Bostick
f3da2b4031
Capture setContent by-value instead of by-reference (#2006) 
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>
 2023-05-17 17:55:32 -07:00
travis laduke
e2dad367b4 Don't re-apply routes on BSD 
See issue #1986
 2023-05-17 14:41:59 -07:00
travis laduke
9b7ff43118 Enable RTTI in Windows build 
The new prometheus histogram stuff needs it.

Access violation - no RTTI data!INVALID packet 636ebd9ee8cac6c0 from cafe9efeb9(2605:9880:200:1200:30:571:e34:51/9993) (unexpected exception in tryDecode())
 2023-05-17 13:36:15 -07:00
Grant Limberg
adfbbc3fb0
Controller Metrics & Network Config Request Fix (#2003) 
* add new metrics for network config request queue size and sso expirations
* move sso expiration to its own thread in the controller
* fix potential undefined behavior when modifying a set
 2023-05-16 11:56:58 -07:00
Grant Limberg
f621261ff9
Update readme files for metrics (#2000) 2023-05-05 12:44:41 -07:00
Grant Limberg
00d55fc4b4
Metrics consolidation (#1997) 
* Rename zt_packet_incoming -> zt_packet

Also consolidate zt_peer_packets into a single metric with tx and rx labels.  Same for ztc_tcp_data and ztc_udp_data

* Further collapse tcp & udp into metric labels for zt_data

* Fix zt_data metric description

* zt_peer_packets description fix

* Consolidate incoming/outgoing network packets to a single metric

* zt_incoming_packet_error -> zt_packet_error

* Disable peer metrics for central controllers

Can change in the future if needed, but given the traffic our controllers serve, that's going to be a *lot* of data

* Disable peer metrics for controllers pt 2
 2023-05-04 11:12:55 -07:00
Grant Limberg
74dc41c7c7
Peer metrics (#1995) 
* Adding peer metrics

still need to be wired up for use

* per peer packet metrics

* Fix crash from bad instantiation of histogram

* separate alive & dead path counts

* Add peer metric update block

* add peer latency values in doPingAndKeepalive

* prevent deadlock

* peer latency histogram actually works now

* cleanup

* capture counts of packets to specific peers

---------

Co-authored-by: Joseph Henry <joseph.henry@zerotier.com>
 2023-05-04 07:58:02 -07:00
Grant Limberg
925599cab0
Network-metrics (#1994) 
* Add a couple quick functions for converting a uint64_t network ID/node ID into std::string

* Network metrics
 2023-05-03 13:43:45 -07:00
Brenton Bostick
a43048a1ad
fix type signatures (#1991) 2023-05-03 11:18:04 -07:00
Joseph Henry
d6c5a6cd59
More aggressive CLI spamming (#1993) 2023-05-03 10:49:27 -07:00
Grant Limberg
54f339f0c0
fix a couple of metrics (#1989) 2023-05-03 10:23:06 -07:00
Brenton Bostick
115b9147b9
fix memory leak (#1992) 2023-05-03 10:14:18 -07:00
Grant Limberg
6b5c9b1b8e
separate the bind & listen calls on the http backplane (#1988) 2023-05-02 16:46:06 -07:00
Grant Limberg
06b487119d
More packet metrics (#1982) 
* found path negotation sends that weren't accounted for

* Fix histogram so it will actually compile

* Found more places for packet metrics
 2023-05-02 11:16:55 -07:00
Grant Limberg
4ca3f27293
Don't force rebuild on Windows build GH Action (#1985) 
Switching `/t:ZeroTierOne:Rebuild` to just `/t:ZeroTierOne` allows the Windows build to use the rust cache.  `/t:ZeroTierOne:Rebuild` cleared the cache before building.
 2023-05-02 08:53:29 -07:00
Grant Limberg
785a121825
Fix rust dependency caching (#1983) 
* fun with rust caching

* kick

* comment out invalid yaml keys for now

* Caching should now work

* re-add/rename key directives

* bump

* bump

* bump
 2023-05-01 16:30:22 -07:00
Brenton Bostick
f73e51e94c
Brenton/curly braces (#1971) 
* fix formatting

* properly adjust various lines
breakup multiple statements onto multiple lines

* insert {} around if, for, etc.
 2023-05-01 11:48:16 -07:00
Joseph Henry
e6802690b8
Add short-term validation test workflow (#1974) 
Add short-term validation test workflow
 2023-05-01 09:07:03 -07:00
Grant Limberg
595e033776
Outgoing Packet Metrics (#1980) 
add tx/rx labels to packet counters and add metrics for outgoing packets
 2023-04-28 14:24:19 -07:00
Grant Limberg
e5fc89821f
use cpp-httplib for HTTP control plane (#1979) 
refactored the old control plane code to use [cpp-httplib](https://github.com/yhirose/cpp-httplib) instead of a hand rolled HTTP server.  Makes the control plane code much more legible.  Also no longer randomly stops responding.
 2023-04-28 11:03:28 -07:00
Grant Limberg
411e54023a
adding incoming zt packet type metrics (#1976) 2023-04-26 08:49:54 -07:00
Sean OMeara
8f05c85838
x86_64-unknown-linux-gnu on ubuntu runner (#1975) 2023-04-26 13:13:09 +02:00
Grant Limberg
e4cb74896b
Central startup update (#1973) 
* allow specifying authtoken in central startup

* set allowManagedFrom

* move redis_mem_notification to the correct place

* add node checkins metric

* wire up min/max connection pool size metrics
 2023-04-25 12:44:18 -07:00
Grant Limberg
8e6e4ede6d
Add prometheus metrics for Central controllers (#1969) 
* add header-only prometheus lib to ext

* rename folder

* Undo rename directory

* prometheus simpleapi included on mac & linux

* wip

* wire up some controller stats

* Get windows building with prometheus

* bsd build flags for prometheus

* Fix multiple network join from environment entrypoint.sh.release (#1961)

* _bond_m guards _bond, not _paths_m (#1965)

* Fix: warning: mutex '_aqm_m' is not held on every path through here [-Wthread-safety-analysis] (#1964)

* Serve prom metrics from /metrics endpoint

* Add prom metrics for Central controller specific things

* reorganize metric initialization

* testing out a labled gauge on Networks

* increment error counter on throw

* Consolidate metrics definitions

Put all metric definitions into node/Metrics.hpp.  Accessed as needed
from there.

* Revert "testing out a labled gauge on Networks"

This reverts commit 499ed6d95e.

* still blows up but adding to the record for completeness right now

* Fix runtime issues with metrics

* Add metrics files to visual studio project

* Missed an "extern"

* add copyright headers to new files

* Add metrics for sent/received bytes (total)

* put /metrics endpoint behind auth

* sendto returns int on Win32

---------

Co-authored-by: Leonardo Amaral <leleobhz@users.noreply.github.com>
Co-authored-by: Brenton Bostick <bostick@gmail.com>
 2023-04-21 12:12:43 -07:00
Grant Limberg
0b03ad9a21
Add note that binutils is required on FreeBSD (#1968) 2023-04-19 15:37:49 -07:00
dependabot[bot]
0e6a314d86
Bump h2 from 0.3.16 to 0.3.17 in /zeroidc (#1963) 
Bumps [h2](https://github.com/hyperium/h2) from 0.3.16 to 0.3.17.
- [Release notes](https://github.com/hyperium/h2/releases)
- [Changelog](https://github.com/hyperium/h2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hyperium/h2/compare/v0.3.16...v0.3.17)

---
updated-dependencies:
- dependency-name: h2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>
 2023-04-19 15:37:17 -07:00
Brenton Bostick
1b59712c48
Fix: warning: mutex '_aqm_m' is not held on every path through here [-Wthread-safety-analysis] (#1964) 2023-04-18 12:14:05 -07:00
Brenton Bostick
7c8d5b0afd
_bond_m guards _bond, not _paths_m (#1965) 2023-04-18 12:12:33 -07:00
Leonardo Amaral
7f63d896f9
Fix multiple network join from environment entrypoint.sh.release (#1961) 2023-04-12 16:47:26 +02:00
Sean OMeara
2115b18ae3
new drone bits 2023-03-31 16:29:18 +02:00
dependabot[bot]
4ac3e7b864
Bump openssl from 0.10.45 to 0.10.48 in /zeroidc (#1938) 
Bumps [openssl](https://github.com/sfackler/rust-openssl) from 0.10.45 to 0.10.48.
- [Release notes](https://github.com/sfackler/rust-openssl/releases)
- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.45...openssl-v0.10.48)

---
updated-dependencies:
- dependency-name: openssl
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-27 18:52:29 -04:00
Grant Limberg
03bd96d1d1
move begin/commit into try/catch block (#1932) 
Thread was exiting in some cases
 2023-03-24 13:03:15 -07:00
Travis LaDuke
4a85cf5e74
Change if_def again so ios can build (#1937) 
All apple's variables are "defined"
but sometimes they are defined as "0"
 2023-03-24 13:02:52 -07:00
Joseph Henry
a8fde9e530
Minor tweak to Synology Docker image script (#1936) 2023-03-24 11:58:34 -07:00
Travis LaDuke
1f9a15dd18
Release notes for 1.10.6 (#1931) 2023-03-23 12:13:53 -07:00
Adam Ierymenko
a872cc3418
1.10.6 merge to main (#1930) 
* add note about forceTcpRelay

* Create a sample systemd unit for tcp proxy

* set gitattributes for rust & cargo so hashes dont conflict on Windows

* Revert "set gitattributes for rust & cargo so hashes dont conflict on Windows"

This reverts commit 032dc5c108.

* Turn off autocrlf for rust source

Doesn't appear to play nice well when it comes to git and vendored cargo package hashes

* Fix #1883 (#1886)

Still unknown as to why, but the call to `nc->GetProperties()` can fail
when setting a friendly name on the Windows virtual ethernet adapter.
Ensure that `ncp` is not null before continuing and accessing the device
GUID.

* Don't vendor packages for zeroidc (#1885)

* Added docker environment way to join networks (#1871)

* add StringUtils

* fix headers
use recommended headers and remove unused headers

* move extern "C"
only JNI functions need to be exported

* cleanup

* fix ANDROID-50: RESULT_ERROR_BAD_PARAMETER typo

* fix typo in log message

* fix typos in JNI method signatures

* fix typo

* fix ANDROID-51: fieldName is uninitialized

* fix ANDROID-35: memory leak

* fix missing DeleteLocalRef in loops

* update to use unique error codes

* add GETENV macro

* add LOG_TAG defines

* ANDROID-48: add ZT_jnicache.cpp

* ANDROID-48: use ZT_jnicache.cpp and remove ZT_jnilookup.cpp and ZT_jniarray.cpp

* add Event.fromInt

* add PeerRole.fromInt

* add ResultCode.fromInt

* fix ANDROID-36: issues with ResultCode

* add VirtualNetworkConfigOperation.fromInt

* fix ANDROID-40: VirtualNetworkConfigOperation out-of-sync with ZT_VirtualNetworkConfigOperation enum

* add VirtualNetworkStatus.fromInt

* fix ANDROID-37: VirtualNetworkStatus out-of-sync with ZT_VirtualNetworkStatus enum

* add VirtualNetworkType.fromInt

* make NodeStatus a plain data class

* fix ANDROID-52: synchronization bug with nodeMap

* Node init work: separate Node construction and init

* add Node.toString

* make PeerPhysicalPath a plain data class

* remove unused PeerPhysicalPath.fixed

* add array functions

* make Peer a plain data class

* make Version a plain data class

* fix ANDROID-42: copy/paste error

* fix ANDROID-49: VirtualNetworkConfig.equals is wrong

* reimplement VirtualNetworkConfig.equals

* reimplement VirtualNetworkConfig.compareTo

* add VirtualNetworkConfig.hashCode

* make VirtualNetworkConfig a plain data class

* remove unused VirtualNetworkConfig.enabled

* reimplement VirtualNetworkDNS.equals

* add VirtualNetworkDNS.hashCode

* make VirtualNetworkDNS a plain data class

* reimplement VirtualNetworkRoute.equals

* reimplement VirtualNetworkRoute.compareTo

* reimplement VirtualNetworkRoute.toString

* add VirtualNetworkRoute.hashCode

* make VirtualNetworkRoute a plain data class

* add isSocketAddressEmpty

* add addressPort

* add fromSocketAddressObject

* invert logic in a couple of places and return early

* newInetAddress and newInetSocketAddress work
allow newInetSocketAddress to return NULL if given empty address

* fix ANDROID-38: stack corruption in onSendPacketRequested

* use GETENV macro

* JniRef work
JniRef does not use callbacks struct, so remove
fix NewGlobalRef / DeleteGlobalRef mismatch

* use PRId64 macros

* switch statement work

* comments and logging

* Modifier 'public' is redundant for interface members

* NodeException can be made a checked Exception

* 'NodeException' does not define a 'serialVersionUID' field

* 'finalize()' should not be overridden
this is fine to do because ZeroTierOneService calls close() when it is done

* error handling, error reporting, asserts, logging

* simplify loadLibrary

* rename Node.networks -> Node.networkConfigs

* Windows file permissions fix (#1887)

* Allow macOS interfaces to use multiple IP addresses (#1879)

Co-authored-by: Sean OMeara <someara@users.noreply.github.com>
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* Fix condition where full HELLOs might not be sent when necessary (#1877)

Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* 1.10.4 version bumps

* Add security policy to repo (#1889)

* [+] add e2k64 arch (#1890)

* temp fix for ANDROID-56: crash inside newNetworkConfig from too many args

* 1.10.4 release notes

* Windows 1.10.4 Advanced Installer bump

* Revert "temp fix for ANDROID-56: crash inside newNetworkConfig from too many args"

This reverts commit dd627cd7f4.

* actual fix for ANDROID-56: crash inside newNetworkConfig
cast all arguments to varargs functions as good style

* Fix addIp being called with applied ips (#1897)

This was getting called outside of the check for existing ips
Because of the added ifdef and a brace getting moved to the
wrong place.

```
if (! n.tap()->addIp(*ip)) {
	fprintf(stderr, "ERROR: unable to add ip address %s" ZT_EOL_S, ip->toString(ipbuf));
}
WinFWHelper::newICMPRule(*ip, n.config().nwid);

```

* 1.10.5 (#1905)

* 1.10.5 bump

* 1.10.5 for Windows

* 1.10.5

* Prevent path-learning loops (#1914)

* Prevent path-learning loops

* Only allow new overwrite if not bonded

* fix binding temporary ipv6 addresses on macos (#1910)

The check code wasn't running.

I don't know why !defined(TARGET_OS_IOS) would exclude code on
desktop macOS. I did a quick search and changed it to defined(TARGET_OS_MAC).
Not 100% sure what the most correct solution there is.

You can verify the old and new versions with

`ifconfig | grep temporary`

plus

`zerotier-cli info -j` -> listeningOn

* 1.10.6 (#1929)

* 1.10.5 bump

* 1.10.6

* 1.10.6 AIP for Windows.

---------

Co-authored-by: travis laduke <travisladuke@gmail.com>
Co-authored-by: Grant Limberg <grant.limberg@zerotier.com>
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>
Co-authored-by: Leonardo Amaral <leleobhz@users.noreply.github.com>
Co-authored-by: Brenton Bostick <bostick@gmail.com>
Co-authored-by: Sean OMeara <someara@users.noreply.github.com>
Co-authored-by: Joseph Henry <joseph-henry@users.noreply.github.com>
Co-authored-by: Roman Peshkichev <roman.peshkichev@gmail.com>
 2023-03-23 13:38:53 -04:00
Adam Ierymenko
646147c275
1.10.6 (#1929) 
* 1.10.5 bump

* 1.10.6

* 1.10.6 AIP for Windows.
 2023-03-23 13:38:22 -04:00
Travis LaDuke
314099a267
fix binding temporary ipv6 addresses on macos (#1910) 
The check code wasn't running.

I don't know why !defined(TARGET_OS_IOS) would exclude code on
desktop macOS. I did a quick search and changed it to defined(TARGET_OS_MAC).
Not 100% sure what the most correct solution there is.

You can verify the old and new versions with

`ifconfig | grep temporary`

plus

`zerotier-cli info -j` -> listeningOn
 2023-03-21 15:25:01 -04:00
Joseph Henry
ce9330e9bb
Prevent path-learning loops (#1914) 
* Prevent path-learning loops

* Only allow new overwrite if not bonded
 2023-03-21 13:18:21 -04:00
Adam Ierymenko
b2a981f353
1.10.5 (#1905) 
* 1.10.5 bump

* 1.10.5 for Windows

* 1.10.5
 2023-03-10 11:45:15 -05:00
Travis LaDuke
a372619fee
Fix addIp being called with applied ips (#1897) 
This was getting called outside of the check for existing ips
Because of the added ifdef and a brace getting moved to the
wrong place.

```
if (! n.tap()->addIp(*ip)) {
	fprintf(stderr, "ERROR: unable to add ip address %s" ZT_EOL_S, ip->toString(ipbuf));
}
WinFWHelper::newICMPRule(*ip, n.config().nwid);

```
 2023-03-10 10:57:54 -05:00
Brenton Bostick
12cdf39165 actual fix for ANDROID-56: crash inside newNetworkConfig 
cast all arguments to varargs functions as good style
 2023-03-09 06:51:29 -05:00
Brenton Bostick
19c5343a0a Revert "temp fix for ANDROID-56: crash inside newNetworkConfig from too many args" 
This reverts commit dd627cd7f4.
 2023-03-09 06:51:29 -05:00
Adam Ierymenko
4a4c8f84d5 Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2023-03-07 17:50:01 -05:00
Adam Ierymenko
f94208f493 Windows 1.10.4 Advanced Installer bump 2023-03-07 17:49:35 -05:00
Adam Ierymenko
f2cb9b36b2 Merge branch 'dev' 2023-03-07 16:51:02 -05:00
Adam Ierymenko
1c5897895b
1.10.4 merge into main (#1893) 
* add note about forceTcpRelay

* Create a sample systemd unit for tcp proxy

* set gitattributes for rust & cargo so hashes dont conflict on Windows

* Revert "set gitattributes for rust & cargo so hashes dont conflict on Windows"

This reverts commit 032dc5c108.

* Turn off autocrlf for rust source

Doesn't appear to play nice well when it comes to git and vendored cargo package hashes

* Fix #1883 (#1886)

Still unknown as to why, but the call to `nc->GetProperties()` can fail
when setting a friendly name on the Windows virtual ethernet adapter.
Ensure that `ncp` is not null before continuing and accessing the device
GUID.

* Don't vendor packages for zeroidc (#1885)

* Added docker environment way to join networks (#1871)

* add StringUtils

* fix headers
use recommended headers and remove unused headers

* move extern "C"
only JNI functions need to be exported

* cleanup

* fix ANDROID-50: RESULT_ERROR_BAD_PARAMETER typo

* fix typo in log message

* fix typos in JNI method signatures

* fix typo

* fix ANDROID-51: fieldName is uninitialized

* fix ANDROID-35: memory leak

* fix missing DeleteLocalRef in loops

* update to use unique error codes

* add GETENV macro

* add LOG_TAG defines

* ANDROID-48: add ZT_jnicache.cpp

* ANDROID-48: use ZT_jnicache.cpp and remove ZT_jnilookup.cpp and ZT_jniarray.cpp

* add Event.fromInt

* add PeerRole.fromInt

* add ResultCode.fromInt

* fix ANDROID-36: issues with ResultCode

* add VirtualNetworkConfigOperation.fromInt

* fix ANDROID-40: VirtualNetworkConfigOperation out-of-sync with ZT_VirtualNetworkConfigOperation enum

* add VirtualNetworkStatus.fromInt

* fix ANDROID-37: VirtualNetworkStatus out-of-sync with ZT_VirtualNetworkStatus enum

* add VirtualNetworkType.fromInt

* make NodeStatus a plain data class

* fix ANDROID-52: synchronization bug with nodeMap

* Node init work: separate Node construction and init

* add Node.toString

* make PeerPhysicalPath a plain data class

* remove unused PeerPhysicalPath.fixed

* add array functions

* make Peer a plain data class

* make Version a plain data class

* fix ANDROID-42: copy/paste error

* fix ANDROID-49: VirtualNetworkConfig.equals is wrong

* reimplement VirtualNetworkConfig.equals

* reimplement VirtualNetworkConfig.compareTo

* add VirtualNetworkConfig.hashCode

* make VirtualNetworkConfig a plain data class

* remove unused VirtualNetworkConfig.enabled

* reimplement VirtualNetworkDNS.equals

* add VirtualNetworkDNS.hashCode

* make VirtualNetworkDNS a plain data class

* reimplement VirtualNetworkRoute.equals

* reimplement VirtualNetworkRoute.compareTo

* reimplement VirtualNetworkRoute.toString

* add VirtualNetworkRoute.hashCode

* make VirtualNetworkRoute a plain data class

* add isSocketAddressEmpty

* add addressPort

* add fromSocketAddressObject

* invert logic in a couple of places and return early

* newInetAddress and newInetSocketAddress work
allow newInetSocketAddress to return NULL if given empty address

* fix ANDROID-38: stack corruption in onSendPacketRequested

* use GETENV macro

* JniRef work
JniRef does not use callbacks struct, so remove
fix NewGlobalRef / DeleteGlobalRef mismatch

* use PRId64 macros

* switch statement work

* comments and logging

* Modifier 'public' is redundant for interface members

* NodeException can be made a checked Exception

* 'NodeException' does not define a 'serialVersionUID' field

* 'finalize()' should not be overridden
this is fine to do because ZeroTierOneService calls close() when it is done

* error handling, error reporting, asserts, logging

* simplify loadLibrary

* rename Node.networks -> Node.networkConfigs

* Windows file permissions fix (#1887)

* Allow macOS interfaces to use multiple IP addresses (#1879)

Co-authored-by: Sean OMeara <someara@users.noreply.github.com>
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* Fix condition where full HELLOs might not be sent when necessary (#1877)

Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>

* 1.10.4 version bumps

* Add security policy to repo (#1889)

* [+] add e2k64 arch (#1890)

* temp fix for ANDROID-56: crash inside newNetworkConfig from too many args

* 1.10.4 release notes

---------

Co-authored-by: travis laduke <travisladuke@gmail.com>
Co-authored-by: Grant Limberg <grant.limberg@zerotier.com>
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>
Co-authored-by: Leonardo Amaral <leleobhz@users.noreply.github.com>
Co-authored-by: Brenton Bostick <bostick@gmail.com>
Co-authored-by: Sean OMeara <someara@users.noreply.github.com>
Co-authored-by: Joseph Henry <joseph-henry@users.noreply.github.com>
Co-authored-by: Roman Peshkichev <roman.peshkichev@gmail.com>
 2023-03-07 16:50:34 -05:00
Adam Ierymenko
64423f3a09 Merge branch 'dev' of github.com:/zerotier/ZeroTierOne into dev 2023-03-07 16:47:30 -05:00
Adam Ierymenko
9fb3f04385 1.10.4 release notes 2023-03-07 16:46:47 -05:00
Brenton Bostick
dd627cd7f4 temp fix for ANDROID-56: crash inside newNetworkConfig from too many args 2023-03-07 14:16:44 -06:00
Roman Peshkichev
eedf270127
[+] add e2k64 arch (#1890) 2023-03-07 08:25:08 +01:00
Grant Limberg
a1af94f4e9
Add security policy to repo (#1889) 2023-03-07 07:12:29 +01:00
Adam Ierymenko
9f5bf06f95 1.10.4 version bumps 2023-03-06 13:26:47 -05:00
Joseph Henry
40705caf7e
Fix condition where full HELLOs might not be sent when necessary (#1877) 
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>
 2023-03-06 13:24:34 -05:00
Travis LaDuke
9d5b9efc2f
Allow macOS interfaces to use multiple IP addresses (#1879) 
Co-authored-by: Sean OMeara <someara@users.noreply.github.com>
Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com>
 2023-03-06 13:21:58 -05:00
Grant Limberg
cc4251c5b7
Windows file permissions fix (#1887) 2023-03-04 09:43:00 +01:00
Brenton Bostick
8d74d34f2a rename Node.networks -> Node.networkConfigs 2023-03-02 07:19:49 -06:00
Brenton Bostick
7f996ea6d5 simplify loadLibrary 2023-03-02 07:19:49 -06:00
Brenton Bostick
0aa4a4ba7a error handling, error reporting, asserts, logging 2023-03-02 07:19:49 -06:00
Brenton Bostick
1ab36d891c 'finalize()' should not be overridden 
this is fine to do because ZeroTierOneService calls close() when it is done
 2023-03-02 07:19:49 -06:00
Brenton Bostick
5b5625a6f0 'NodeException' does not define a 'serialVersionUID' field 2023-03-02 07:19:49 -06:00
Brenton Bostick
33a9cd02ba NodeException can be made a checked Exception 2023-03-02 07:19:49 -06:00
Brenton Bostick
ca73651e12 Modifier 'public' is redundant for interface members 2023-03-02 07:19:49 -06:00
Brenton Bostick
fbd834716f comments and logging 2023-03-02 07:19:49 -06:00
Brenton Bostick
914b4fae7b switch statement work 2023-03-02 07:19:49 -06:00
Brenton Bostick
a1bf139188 use PRId64 macros 2023-03-02 07:19:49 -06:00
Brenton Bostick
a2f753986b JniRef work 
JniRef does not use callbacks struct, so remove
fix NewGlobalRef / DeleteGlobalRef mismatch
 2023-03-02 07:19:49 -06:00
Brenton Bostick
d28f44335a use GETENV macro 2023-03-02 07:19:49 -06:00
Brenton Bostick
0a925a6f21 fix ANDROID-38: stack corruption in onSendPacketRequested 2023-03-02 07:19:49 -06:00
Brenton Bostick
132bff25df newInetAddress and newInetSocketAddress work 
allow newInetSocketAddress to return NULL if given empty address
 2023-03-02 07:19:49 -06:00
Brenton Bostick
e1c16a8e68 invert logic in a couple of places and return early 2023-03-02 07:19:49 -06:00
Brenton Bostick
4ee73fa272 add fromSocketAddressObject 2023-03-02 07:19:49 -06:00
Brenton Bostick
30cfe65b39 add addressPort 2023-03-02 07:19:49 -06:00
Brenton Bostick
40d5f9b5d2 add isSocketAddressEmpty 2023-03-02 07:19:49 -06:00
Brenton Bostick
809022b273 make VirtualNetworkRoute a plain data class 2023-03-02 07:19:49 -06:00
Brenton Bostick
d0c0585553 add VirtualNetworkRoute.hashCode 2023-03-02 07:19:49 -06:00
Brenton Bostick
d60929514b reimplement VirtualNetworkRoute.toString 2023-03-02 07:19:49 -06:00
Brenton Bostick
920e1f56c2 reimplement VirtualNetworkRoute.compareTo 2023-03-02 07:19:49 -06:00
Brenton Bostick
86122e1646 reimplement VirtualNetworkRoute.equals 2023-03-02 07:19:49 -06:00
Brenton Bostick
f9a27d6778 make VirtualNetworkDNS a plain data class 2023-03-02 07:19:49 -06:00
Brenton Bostick
8b0be5c1fc add VirtualNetworkDNS.hashCode 2023-03-02 07:19:49 -06:00
Brenton Bostick
686561dc5b reimplement VirtualNetworkDNS.equals 2023-03-02 07:19:49 -06:00
Brenton Bostick
b8b8e58586 remove unused VirtualNetworkConfig.enabled 2023-03-02 07:19:49 -06:00
Brenton Bostick
54fd7c7e9a make VirtualNetworkConfig a plain data class 2023-03-02 07:19:49 -06:00
Brenton Bostick
e060ae3176 add VirtualNetworkConfig.hashCode 2023-03-02 07:19:49 -06:00
Brenton Bostick
7392a32cd8 reimplement VirtualNetworkConfig.compareTo 2023-03-02 07:19:49 -06:00
Brenton Bostick
8b724493cc reimplement VirtualNetworkConfig.equals 2023-03-02 07:19:49 -06:00
Brenton Bostick
9cb16accfd fix ANDROID-49: VirtualNetworkConfig.equals is wrong 2023-03-02 07:19:49 -06:00
Brenton Bostick
d5944ae69c fix ANDROID-42: copy/paste error 2023-03-02 07:19:49 -06:00
Brenton Bostick
6102c70855 make Version a plain data class 2023-03-02 07:19:49 -06:00
Brenton Bostick
6cc055dbba make Peer a plain data class 2023-03-02 07:19:49 -06:00
Brenton Bostick
f51ce077a3 add array functions 2023-03-02 07:19:49 -06:00
Brenton Bostick
2de4c95446 remove unused PeerPhysicalPath.fixed 2023-03-02 07:19:49 -06:00
Brenton Bostick
63f70ba465 make PeerPhysicalPath a plain data class 2023-03-02 07:19:49 -06:00
Brenton Bostick
7ef68a9d6a add Node.toString 2023-03-02 07:19:49 -06:00
Brenton Bostick
90bf300bd8 Node init work: separate Node construction and init 2023-03-02 07:19:49 -06:00
Brenton Bostick
f9528f1248 fix ANDROID-52: synchronization bug with nodeMap 2023-03-02 07:19:49 -06:00
Brenton Bostick
4861ec5a40 make NodeStatus a plain data class 2023-03-02 07:19:49 -06:00
Brenton Bostick
acf5b3579b add VirtualNetworkType.fromInt 2023-03-02 07:19:49 -06:00
Brenton Bostick
d1460ab65b fix ANDROID-37: VirtualNetworkStatus out-of-sync with ZT_VirtualNetworkStatus enum 2023-03-02 07:19:49 -06:00
Brenton Bostick
85bd773c55 add VirtualNetworkStatus.fromInt 2023-03-02 07:19:49 -06:00
Brenton Bostick
ed3918b508 fix ANDROID-40: VirtualNetworkConfigOperation out-of-sync with ZT_VirtualNetworkConfigOperation enum 2023-03-02 07:19:49 -06:00
Brenton Bostick
7c2766096c add VirtualNetworkConfigOperation.fromInt 2023-03-02 07:19:49 -06:00
Brenton Bostick
acd8b95114 fix ANDROID-36: issues with ResultCode 2023-03-02 07:19:49 -06:00
Brenton Bostick
34ff813e2a add ResultCode.fromInt 2023-03-02 07:19:49 -06:00
Brenton Bostick
056cef7292 add PeerRole.fromInt 2023-03-02 07:19:49 -06:00
Brenton Bostick
7c5f256d4a add Event.fromInt 2023-03-02 07:19:49 -06:00
Brenton Bostick
82749e4442 ANDROID-48: use ZT_jnicache.cpp and remove ZT_jnilookup.cpp and ZT_jniarray.cpp 2023-03-02 07:19:49 -06:00
Brenton Bostick
7890185e81 ANDROID-48: add ZT_jnicache.cpp 2023-03-02 07:19:49 -06:00
Brenton Bostick
71fc0dd097 add LOG_TAG defines 2023-03-02 07:19:49 -06:00
Brenton Bostick
8373a0fa60 add GETENV macro 2023-03-02 07:19:49 -06:00
Brenton Bostick
21264baaae update to use unique error codes 2023-03-02 07:19:49 -06:00
Brenton Bostick
703f9290c9 fix missing DeleteLocalRef in loops 2023-03-02 07:19:49 -06:00
Brenton Bostick
dd1b52c7d9 fix ANDROID-35: memory leak 2023-03-02 07:19:49 -06:00
Brenton Bostick
01003617cd fix ANDROID-51: fieldName is uninitialized 2023-03-02 07:19:49 -06:00
Brenton Bostick
bfe4bc2894 fix typo 2023-03-02 07:19:49 -06:00
Brenton Bostick
1c88037ea0 fix typos in JNI method signatures 2023-03-02 07:19:49 -06:00
Brenton Bostick
0027e6bdab fix typo in log message 2023-03-02 07:19:49 -06:00
Brenton Bostick
87edbb2d3a fix ANDROID-50: RESULT_ERROR_BAD_PARAMETER typo 2023-03-02 07:19:49 -06:00
Brenton Bostick
5be92a96df cleanup 2023-03-02 07:19:49 -06:00
Brenton Bostick
0733af5239 move extern "C" 
only JNI functions need to be exported
 2023-03-02 07:19:49 -06:00
Brenton Bostick
216ed8c8ea fix headers 
use recommended headers and remove unused headers
 2023-03-02 07:19:49 -06:00
Brenton Bostick
58e3b8c5ad add StringUtils 2023-03-02 07:19:49 -06:00
Leonardo Amaral
c6adfd9d67
Added docker environment way to join networks (#1871) 2023-03-02 11:18:11 +01:00
Grant Limberg
672c58be01
Don't vendor packages for zeroidc (#1885) 2023-03-02 09:11:37 +01:00
Grant Limberg
6cf3b65953
Fix #1883 (#1886) 
Still unknown as to why, but the call to `nc->GetProperties()` can fail
when setting a friendly name on the Windows virtual ethernet adapter.
Ensure that `ncp` is not null before continuing and accessing the device
GUID.
 2023-03-01 18:00:59 -08:00
Grant Limberg
936dda4773
Turn off autocrlf for rust source 
Doesn't appear to play nice well when it comes to git and vendored cargo package hashes
 2023-03-01 15:08:34 -08:00
Grant Limberg
047e327f01
Revert "set gitattributes for rust & cargo so hashes dont conflict on Windows" 
This reverts commit 032dc5c108.
 2023-03-01 14:27:19 -08:00
Grant Limberg
032dc5c108
set gitattributes for rust & cargo so hashes dont conflict on Windows 2023-03-01 14:16:51 -08:00
travis laduke
dc54e0e1c4 Create a sample systemd unit for tcp proxy 2023-02-23 11:52:21 -08:00
Grant Limberg
9124b0a7a3
Merge branch 'main' into dev 2023-02-22 17:10:34 -08:00
Grant Limberg
dea47f601d
more info on exception 2023-02-22 16:13:05 -08:00
travis laduke
67cf4c42d5 add note about forceTcpRelay 2023-02-21 09:15:18 -08:00
Adam Ierymenko
dc762196dc
1.10.3 (#1875) 
Version bumps and other release stuff to ship 1.10.3
 2023-02-15 14:04:42 -05:00
Adam Ierymenko
0a900dc275
Add date to release notes 
Add date
 2023-02-15 14:04:02 -05:00
Joseph Henry
6f58510431
Update release notes (#1874) 2023-02-15 14:03:13 -05:00
Monica Moniot
666fb7ea2d
eliminated duplicate paths (#1870) 2023-02-06 11:50:05 -08:00
dependabot[bot]
f0778860e5
Bump tokio from 1.24.1 to 1.24.2 in /zeroidc (#1869) 
* Bump tokio from 1.24.1 to 1.24.2 in /zeroidc

Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.24.1 to 1.24.2.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/commits)

---
updated-dependencies:
- dependency-name: tokio
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* vendor tokio update

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Grant Limberg <grant.limberg@zerotier.com>
 2023-02-06 10:52:52 -08:00
dependabot[bot]
6aea546d6f
Bump bumpalo from 3.10.0 to 3.12.0 in /zeroidc (#1857) 
* Bump bumpalo from 3.10.0 to 3.12.0 in /zeroidc

Bumps [bumpalo](https://github.com/fitzgen/bumpalo) from 3.10.0 to 3.12.0.
- [Release notes](https://github.com/fitzgen/bumpalo/releases)
- [Changelog](https://github.com/fitzgen/bumpalo/blob/main/CHANGELOG.md)
- [Commits](https://github.com/fitzgen/bumpalo/compare/3.10.0...3.12.0)

---
updated-dependencies:
- dependency-name: bumpalo
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* vendor bumpalo update to fix dependabot

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Grant Limberg <grant.limberg@zerotier.com>
 2023-01-30 09:03:01 -08:00
Joseph Henry
e0a3291235
Fix setMtu() on Linux. Add error checking (#1860) 
* Fix setMtu() on Linux. Add error checking

* Slightly tweak ioctl MTU error message
 2023-01-26 10:26:12 -08:00
Joseph Henry
b88d7091c8
Simplify dump command. Fix bond list command 2023-01-20 13:54:04 -08:00
zwf
15cfa3bf62
exclude static route with via ip in route helper (#1791) 
When adding Routes to zerotier's Managed Routes, the helper will
add a route rule to the device that does not have a via ip,
so that the address of the Destination segment cannot be routed
correctly within the container.
Here, based on the contents of the routes key in
`zerotier-cli -j listnetworks`,
by determining whether the via key has an ip address,
if it is not null, helper will no longer add route rules.
 2023-01-20 11:57:13 -08:00
Gleb Mazovetskiy
9c9d1650d1 Check for ARM Cryptography Extension support 
ARM Cryptography Extension is optional and not all ARM CPUs support it.
For example, the CPU in Raspberry Pi 4 does not support it.

Check for `__ARM_FEATURE_CRYPTO` before attempting to use the optional
extension.

`__ARM_FEATURE_CRYPTO` is defined by both clang and gcc when the target
has the cryptography extension.

Fixes #1854.
 2023-01-20 09:29:09 +01:00
Grant Limberg
0ae09577f6
Client & Central Controller updates to support additonal OIDC features (#1848) 
Client side:
* Fix compatibility with OneLogin
* Requested scopes vary by OIDC provider. Different providers have different

Controller side:
*Update Postgres queries to latest Central schema
* Added Central Controller support for the different providers
* Base OIDC provider details are still attached to an org. Client ID & group/email lists are now associated with individual networks.
 2023-01-19 15:39:15 -08:00
Brenton Bostick
a59f82093a
Fix Possible misuse of comma operator here (#1851) 
Xcode warns about "Possible misuse of comma operator here".
Comma is a sequencing operator in C++ and original code does work, but
is highly non-idiomatic.
 2023-01-17 12:38:10 -05:00
Brenton Bostick
be95b56c10
fix typos (#1846) 2023-01-13 10:14:57 -05:00
Sean OMeara
ea0f7dde95 removing pull_request builds from workflow 2023-01-13 14:15:02 +01:00
Grant Limberg
a59626c971
Bump zeroidc dependencies (#1847) 
openidconnect -> 2.5
base64 -> 0.21
url -> 2.3
bytes -> 1.3
 2023-01-12 13:24:58 -08:00
Sean OMeara
67a7534c21
cargo update tokio >= 1.24 (#1842) 2023-01-12 12:41:29 -08:00
Joseph Henry
39f3f5b2d9 User-configurable physical MTU for individual links 
This patch allows users to specify the physical layer MTU for individual links
when in multipath mode. For example:

{
  "settings":
  {
    "defaultBondingPolicy": "custom-balance-xor",
    "policies":
    {
      "custom-balance-xor":
      {
        "basePolicy": "balance-xor",
        "failoverInterval": 5000,
        "links": {
          "weird_5g_link": { "mtu": 1300 },
          "enp5s0": { "mtu": 1400  }
        }
      }
    }
  }
}
 2023-01-12 07:12:19 +01:00
Joseph Henry
eccc31a4b9 Add forced TCP relay mode 
This patch implements a "TUNNELED" status indicator and "forceTcpRelay" setting for custom relays via local.conf.

For example:

{
  "settings":
  {
    "tcpFallbackRelay": "6.79.53.215/443",
    "forceTcpRelay":true
  }
}
 2023-01-12 07:12:19 +01:00
Brenton Bostick
d31f238be0
fix typos (#1843) 2023-01-11 19:42:30 +01:00
Sean OMeara
27c26a77a2 running build workflow on pull_requests 2023-01-07 21:28:12 +01:00
Adam Ierymenko
ab503902c8
Merge pull request #1825 from zerotier/windows-allow-ping 
enable ICMPv4 in windows firewall
 2023-01-04 11:49:26 -05:00
Adam Ierymenko
ed53b62f1b
Merge pull request #1827 from zerotier/default-route-mac2 
Prevent shadowing VM routes as default route (macOS)
 2023-01-04 11:48:54 -05:00
Adam Ierymenko
ad5ba54cd4
Merge pull request #1820 from zerotier/dev-low-bandwidth 
Low Bandwidth Mode (for IoT)
 2023-01-04 11:48:15 -05:00
travis laduke
a6742b7f82 Prevent shadowing VM routes as default route (macOS) 
If you have a VM host like parallels, sometimes you get these link-local
default routes:

```
netstat -nrfinet | grep "default\|\/1"
0/1                10.2.0.12          UGScg        feth4823
default            192.168.82.1       UGScg             en1
0/1                192.168.82.1       UGScIg            en1
default            link#22            UCSIg       bridge101      !
128.0/1            10.2.0.12          UGSc         feth4823
128.0/1            192.168.82.1       UGScI             en1
```

(the link#22 one)

The _getRTEs function inclused these routes in the list it makes as like:

device: bridge101, target: 0.0.0.0/0

If it happens to be first in the list, bridge101 gets
selected as the default route.

Then Full Tunnel Mode doesn't work.

The other routes in the list are like:
device: en1 target: 192.168.1.0/24 via:  metric: 0 ifscope: 0
device: en1 target: 192.168.1.1/32 via:  metric: 0 ifscope: 0

We only need the device name from this, so either one will work.
 2022-12-23 16:18:00 -08:00
Joseph Henry
91bae4b1a8 Add missing default initialization of _lowBandwidthMode 2022-12-22 10:08:02 -08:00
travis laduke
4959d8079b enable ICMP in windows firewall 2022-12-21 15:38:46 -08:00
Sean OMeara
a558bd9312
cache cago on github actions (#1819) 2022-12-14 19:10:08 +01:00
Sean OMeara
3e41163bbe
fixing windows github builds (#1818) 2022-12-14 11:52:30 +01:00
Sean OMeara
10170b41c3 Revert "Improve default route on macOS (#1680)" 
This reverts commit 117d7194af.
 2022-12-13 18:32:07 +01:00
Sean OMeara
e0e91e8397 disabling windows builds 2022-12-13 17:20:52 +01:00
Sean OMeara
d2de0292cc
mac and windows github builds (#1817) 2022-12-13 16:49:08 +01:00
Sean OMeara
0210ba9c13 enabling mac and windows github builds 2022-12-13 16:16:17 +01:00
Travis LaDuke
117d7194af
Improve default route on macOS (#1680) 
re: issue #1088
and probably: https://discuss.zerotier.com/t/default-route-issue-osx-monterey-m1/6974

// current zerotier.
// allow default adds two sets of routes.
```
netstat -rnfinet | grep "/1\|default" | sort
0/1                10.2.0.2           UGScg        feth4823
0/1                192.168.82.1       UGScIg            en7
128.0/1            10.2.0.2           UGSc         feth4823
128.0/1            192.168.82.1       UGScI             en7
default            192.168.82.1       UGScg             en7
```

Then, something chaotic happens eventually, and networking stops working.

// after patch
```
netstat -rnfinet | grep "/1\|default" | sort
0/1                10.2.0.2           UGScg        feth4823
128.0/1            10.2.0.2           UGSc         feth4823
default            192.168.82.1       UGScg             en7
```

After the change, I can still:
- use default route
- route to other subnets

I tested on high sierra through monterey
and on freebsd13.1
 2022-12-13 11:52:21 +01:00
Sean OMeara
7587ef5136
basic builds on github (#1815) 
Initial Github Actions build
 2022-12-12 09:44:31 +01:00
Joseph Henry
087a797257
Merge pull request #1808 from zerotier/dev-tcp-proxy 
Dig tcp-proxy out of the git history
 2022-12-07 09:40:42 -08:00
Grant Limberg
a02f42188c
Merge pull request #1811 from zerotier/cleanup/typos 
Cleanup/typos
 2022-12-07 08:33:12 -08:00
Brenton Bostick
98e0bf22d3 fix actual typo in config key code 2022-12-07 10:23:11 -05:00
Brenton Bostick
1e2ff042b4 fix typos in docs, comments, and strings 2022-12-07 10:17:53 -05:00
travis laduke
b8eb9196e8 update tcp-relay README 2022-12-06 11:49:12 -08:00
travis laduke
db1df58955 resurrect tcp proxy 2022-12-06 11:49:12 -08:00
Brenton Bostick
2f5dc10399
Fix syntax error (#1806) 
Similar previous fix:
668ab8b85c
 2022-12-05 13:33:00 -08:00
Joseph Henry
4100615cd6 Merge branch 'dev' into dev-low-bandwidth 2022-12-05 13:26:57 -08:00
Joseph Henry
e27c3edaba Merge branch 'dev' into dev-low-bandwidth 2022-12-05 13:23:04 -08:00
Joseph Henry
3c9ea2b667
Add low-bandwidth mode 2022-12-05 13:21:05 -08:00
Grant Limberg
065f42af1d
Merge pull request #1807 from zerotier/cleanup/typos 
fix typos
 2022-12-05 08:34:53 -08:00
Grant Limberg
1d503f45ad
Merge pull request #1805 from zerotier/update/bad-file-descriptor 
Update/bad file descriptor
 2022-12-05 08:33:12 -08:00
Brenton Bostick
5b5f9a069a fix typos 2022-12-05 11:29:21 -05:00
Brenton Bostick
77c7f9133f Migrate from ndk-build to CMake 2022-12-05 10:34:12 -05:00
Brenton Bostick
475281935e Remove unused flags for arm64-v8a 
Through using ndk-build, -Wno-unused-command-line-argument is passed in
somewhere in the pipeline and hides this warning.

The warning can be turned on with:
APP_CPPFLAGS := -Wunused-command-line-argument ...

and then when building, you can see:
C/C++: clang++: warning: argument unused during compilation: '-mfloat-abi=softfp' [-Wunused-command-line-argument]
C/C++: clang++: warning: argument unused during compilation: '-mfpu=neon' [-Wunused-command-line-argument]
C/C++: clang++: warning: argument unused during compilation: '-maes' [-Wunused-command-line-argument]

These are unused because both floating-point and NEON are required in
all standard ARMv8 implementations. [1] [2]

[1] https://developer.arm.com/documentation/den0024/a/AArch64-Floating-point-and-NEON

[2] https://stackoverflow.com/a/29891469
 2022-12-05 10:34:12 -05:00
Brenton Bostick
cdf248b1e2 Fix build problem related to unified headers 
Since NDKr15 (released 2017), unified headers are used by default [1]

Remove -isystem option that was passing bad values to command-line.

The actual value being passed to command-line was:
```
-isystem DK/sysroot/usr/include/RIPLE
```

because of using $NDK and $TRIPLE instead of $(NDK) and $(TRIPLE)

But regardless, $NDK and $TRIPLE were never actually defined values and were just
place-holders mentioned in [1]

[1] https://android.googlesource.com/platform/ndk/+/ndk-release-r16/docs/UnifiedHeaders.md
 2022-12-05 10:34:12 -05:00
Joseph Henry
85c0322313
Fix TCP relay setting 2022-12-01 15:12:54 -08:00
Adam Ierymenko
ebc1ed4015 Hide warning about readdir_r for now. 2022-12-01 11:07:20 -05:00
Adam Ierymenko
a25da7f771
Merge pull request #1799 from zerotier/cleanup/suggest-braces 
Fix warning: suggest braces around initialization of subobject
 2022-12-01 11:03:26 -05:00
Adam Ierymenko
c78f103ca6
Merge pull request #1800 from zerotier/cleanup/printf-z 
Fix several warning: format specifies type 'XXX' but the argument has…
 2022-12-01 11:03:11 -05:00
Brenton Bostick
4d50ed0b9d Fix several warning: format specifies type 'XXX' but the argument has type 'YYY' 
Use %z for printing size_t and PRId64 etc. macros for printing
platform-specific widths, and remove now-redundant casts
 2022-12-01 08:42:06 -05:00
Brenton Bostick
9ac2cfe611 Fix warning: suggest braces around initialization of subobject 2022-12-01 08:35:31 -05:00
Sean OMeara
85da0b419c drone config 2022-11-30 11:01:02 +01:00
Brenton Bostick
3ddaa60de9
prevent: warning: unused variable 'gotViaProc' (#1797) 2022-11-29 17:55:33 +01:00
Grant Limberg
25641d956e
Merge pull request #1795 from zerotier/bugfix/typos 
Bugfix/typos
 2022-11-28 08:58:27 -08:00
Brenton Bostick
3b8c33d49a fix typos in code 2022-11-28 09:23:58 -05:00
Brenton Bostick
f74a594e98 fix typos in comments and strings 2022-11-28 09:23:45 -05:00
Sean OMeara
668ab8b85c
fixing Makefile for armv6k (#1790) 2022-11-19 22:59:55 +01:00
Joseph Henry
98b190c626
Minor adjustment to packaging README 2022-11-14 15:25:50 -08:00
Grant Limberg
9568a4f2b4 netinet6/in6_var.h not available in iOS 2022-11-10 11:35:34 -08:00
Grant Limberg
b41e0910b0
Fun times in ~~cleveland~~ NDK-land 2022-11-09 11:11:10 -08:00
Joseph Henry
6448189d20
Update snap upload target 2022-11-09 08:52:55 -08:00
Joseph Henry
1694d510ec
Update snap build target 2022-11-08 16:50:42 -08:00
Adam Ierymenko
af7ccff846 Merge branch 'dev' of github.com:/zerotier/ZeroTierOne into dev 2022-11-04 11:15:13 -04:00
Adam Ierymenko
381460fd97
Merge pull request #1736 from visuve/dev 
Fix service installation MAX_PATH bug on Windows
 2022-11-04 11:14:49 -04:00
Joseph Henry
b02a41751c
Fix unresponsiveness when moving flows in balance-aware (See #1764) 2022-11-02 08:46:11 -07:00
Adam Ierymenko
e0acccc3c9 release notes 2022-11-01 16:08:52 -04:00
Adam Ierymenko
bcf27d78e5 Merge branch 'dev' of http://10.95.0.64/zerotier/ZeroTierOne into dev 2022-11-01 15:56:44 -04:00
Adam Ierymenko
ad54d0ed52 1.10.2 bump in Advanced Installer 2022-11-01 15:56:36 -04:00
Joseph Henry
880a99adf8
Minor edits to comments 2022-10-25 14:17:23 -07:00
Joseph Henry
3b11915eab Merge remote-tracking branch 'origin/expose-surface-addresses' into dev 2022-10-25 13:55:21 -07:00
travis laduke
82c799b9d1 Expose surface addresses in info json 
Surface Addresses are the addresses that
the roots report back to you.

This is helpful for trouble shooting.

If you're behind NAT, the source port is different
than what zerotier is bound to.
If the list of surface address ports is larger than the list of
bound addresses, you are probably behind symmetric NAT.

Anways this can be added to later with a more simple
"easy" or "hard" nat computed message somewhere.
 2022-10-25 11:25:21 -07:00
Adam Ierymenko
99c0ca621b 1.10.2 bump 2022-10-13 09:01:14 -04:00
Joseph Henry
e1f60e3f83
Behavioral changes to multipath balance modes (See: #1745 and #1753) 2022-10-09 23:07:16 -07:00
Adam Ierymenko
5a6c229b27 Merge branch 'dev' of github.com:/zerotier/ZeroTierOne into dev 2022-10-06 16:54:00 -04:00
Adam Ierymenko
86a436e9bf Small string fix. 2022-10-06 16:53:35 -04:00
Grant Limberg
7516fd03a3
central controller docker image updates 2022-10-06 09:00:55 -07:00
Grant Limberg
9826c20d1a
set zeroidc.running = false on token exchange error 2022-10-06 09:00:51 -07:00
Sean OMeara
12392b5190
adding amzn2022 to rpm spec (#1761) 2022-10-02 09:58:23 +02:00
Grant Limberg
4e57abb159
Revert "modify sso queries for schema change" 
This reverts commit 8b67d06272.
 2022-09-28 13:26:41 -07:00
Grant Limberg
2b1ba60f24
Optimize member load query for Central controllers 2022-09-28 13:10:34 -07:00
Grant Limberg
638c868a07
Revert "query update for sso" 
This reverts commit 3c343eb775.
 2022-09-28 13:04:08 -07:00
Grant Limberg
b909330518
Revert "bump min db version" 
This reverts commit 802072ec17.
 2022-09-28 13:03:41 -07:00
Grant Limberg
802072ec17
bump min db version 2022-09-27 14:21:20 -07:00
Grant Limberg
3c343eb775
query update for sso 2022-09-27 13:41:52 -07:00
Grant Limberg
8b67d06272
modify sso queries for schema change 2022-09-21 14:29:47 -07:00
Joseph Henry
bc521504ca
Improved multipath link monitoring 2022-09-20 14:27:34 -07:00
Joseph Henry
0797adf223
Improve output of bond list command 2022-09-16 13:43:34 -07:00
Joseph Henry
718039561e Merge branch 'grapexy-dev-1734-policy-defaults' into dev 2022-09-15 16:06:00 -07:00
Joseph Henry
85698860ae Merge branch 'dev-1734-policy-defaults' of https://github.com/grapexy/ZeroTierOne into grapexy-dev-1734-policy-defaults 2022-09-15 16:05:21 -07:00
Joseph Henry
50e131a4ff
Partial fix for discrepancy between docs and implementation 2022-09-15 15:56:23 -07:00
grapexy
b733bb8ead Fix sanity checks overwriting custom policy parameters 2022-09-16 00:18:05 +04:00
Joseph Henry
e18d206248
Add warm spare feature for balance modes 2022-09-14 10:09:29 -07:00
Grant Limberg
2248b1f846
re-add ci failure notifications 2022-09-13 12:34:19 -07:00
Grant Limberg
58e19e86f4
update dockerfile.release 2022-09-13 12:23:51 -07:00
Sean OMeara
04d1862e3a using sid for push builds 2022-09-13 14:41:49 +02:00
Sean OMeara
7ecfc37854 using sid for push builds 2022-09-13 14:41:43 +02:00
Sean OMeara
21d7806064 untrying Amazon Linux 2022 2022-09-13 14:40:55 +02:00
Sean OMeara
c5b2d6cbc8 untrying Amazon Linux 2022 2022-09-13 14:40:36 +02:00
Sean OMeara
75c7e501ef trying Amazon Linux 2022 2022-09-13 14:13:53 +02:00
Sean OMeara
dba0931b58 trying Amazon Linux 2022 2022-09-13 14:13:35 +02:00
Sean OMeara
e0a7d6bfb9 tweaking 2022-09-12 18:02:21 +02:00
Adam Ierymenko
add854d31b
Merge pull request #1750 from zerotier/dev-dont-re-armor 
Prevent re-armoring of packets when in multipath broadcast mode
 2022-09-09 16:56:05 -04:00
Joseph Henry
66b70a8043
Prevent re-armoring of packets when in multipath broadcast mode 2022-09-07 15:03:02 -07:00
Joseph Henry
1d1843bf3b
Forget links if QoS verbs fail to arrive 2022-09-07 09:08:13 -07:00
Joseph Henry
0e23ba8f1a
Add logic short-circuit to avoid unnecessary bond rebuild logic when appropriate 2022-09-01 15:16:21 -07:00
Joseph Henry
b6074da498
Fix nonsensical equality comparison which may prevent certain links from being regarded as preferred in multipath scenarios 2022-08-29 16:03:48 -07:00
Anders Jenbo
7e92d478a1
Add missing <algorithm> include (#1709) 
This is required for building under VS2017
 2022-08-29 10:39:04 -07:00
Grant Limberg
a9ec057b91
Modify Dockerfile.release to support multi-arch builds 2022-08-23 12:59:52 -07:00
Grant Limberg
64a5e0d93f
sso error handling 2022-08-15 14:26:24 -07:00
visuve
378e4ea34e Fix service installation MAX_PATH bug on Windows 
- On newer Windows, a path might hold up to 32,767 characters
  - https://docs.microsoft.com/en-us/windows/win32/fileio/maximum-file-path-limitation
- The previous installation did not also check for ERROR_INSUFFICIENT_BUFFER which could lead to an ill formatted path
 2022-08-10 17:08:51 +03:00
Joseph Henry
ff670d044a
Fix integer format specifier compiler warnings 2022-08-09 21:19:16 -07:00
DQ
fac212fafa
Synology Docker: update entrypoint.sh (#1704) 
* update entrypoint.sh

- propagate TERM/QUIT/INT signals
- add some basic logging
- check for unbound variables
- update "route helper"
   - run as subshell, exit if zerotier-one is unavailable so pod can be restarted
   - only call `zerotier-cli` once, avoids race conditions
   - only add default routes if allowDefault is enabled for that network
   - add some more error handling
   - sleep after all networks are processed

* switch to polling ZT service at startup

Co-authored-by: Daniel Quinlan <dq@chaosengine.net>
 2022-07-15 11:03:20 -05:00
Adam Ierymenko
e83c7e6691 Merge branch 'dev' of github.com:/zerotier/ZeroTierOne into dev 2022-07-05 19:38:03 -04:00
Adam Ierymenko
e0c4877d76 Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2022-07-05 19:37:55 -04:00
Adam Ierymenko
457b5d2fe8 Windows build fixes, advanced installer upgrade 2022-07-05 19:37:33 -04:00
Grant Limberg
9cf8dacfbb
don't crash out of the controller heartbeat loop here 2022-06-30 11:40:04 -07:00
Grant Limberg
b5d7d71e1e
use connection pool instead of new connection for member status writes 
redis plus plus has an annoying feature where it will open a new
connection for each tx or pipeline by default, rather than just fetching
an existing connection from the pool.  Let's change that
 2022-06-30 09:59:47 -07:00
Grant Limberg
6fdc7be502
redis connection pool tuning 2022-06-29 09:39:51 -07:00
Grant Limberg
8fe858c5c6
remove old unused CI stuff 2022-06-28 12:32:47 -07:00
Grant Limberg
0d7197381a
exit here on error 2022-06-28 09:28:35 -07:00
Adam Ierymenko
651f45fe29 Merge branch 'dev' of http://10.95.0.64/zerotier/ZeroTierOne into dev 2022-06-27 17:13:57 -04:00
Adam Ierymenko
02270e0e3d Linux build fixes... may need to be reverted for new Drone CI but needed for old environment 2022-06-27 17:13:52 -04:00
Adam Ierymenko
cb692d73c8 1.10.1 version bumps 2022-06-27 17:05:47 -04:00
Grant Limberg
1300cf23c5
Use fixed copy of JWT library until upstream merges 2022-06-27 10:44:33 -07:00
Grant Limberg
3cb24410a8
yay case insensitive filesystems 2022-06-24 10:21:13 -07:00
Grant Limberg
be7ce4110e
Revert "Delete and re-add libpqxx-7.7.3 due to weird corruption." 
This reverts commit e96515433d.
 2022-06-24 10:12:36 -07:00
Grant Limberg
c07e4a8c01
Revert "Re-add..." 
This reverts commit b1faebae4a.
 2022-06-24 10:11:57 -07:00
Grant Limberg
ff8da9d246
Play with online notification timing again 2022-06-24 10:03:30 -07:00
Adam Ierymenko
b1faebae4a Re-add... 2022-06-23 13:24:33 -04:00
Adam Ierymenko
e96515433d Delete and re-add libpqxx-7.7.3 due to weird corruption. 2022-06-23 13:21:13 -04:00
Grant Limberg
5a8d2c3cb4
Set running flag to false if falling out of oidc run loop 2022-06-22 17:36:24 -07:00
Grant Limberg
183a9d7088
update controller image and some dependencies 2022-06-22 15:03:19 -07:00
Grant Limberg
c1384422c3
just sleep 1 second 2022-06-22 10:58:23 -07:00
Grant Limberg
ccc0ebd0f9
don't spam the logs quite as much on first startup 
sleep the thread 1 second every round until we're actually updating
members
 2022-06-22 10:42:51 -07:00
Grant Limberg
9d4336d296
redis connection tuning 2022-06-22 10:30:58 -07:00
Grant Limberg
17bc9d3085
redis thread now uses this_thread::yield() 2022-06-22 10:07:55 -07:00
Grant Limberg
436f481a34
fix log line 2022-06-22 10:01:07 -07:00
Grant Limberg
9e8215b213
adjust sleep between onlineNotification runs. Added timer to output 2022-06-22 09:43:09 -07:00
Grant Limberg
e958a83dd4
update central controller docker startup script 2022-06-22 09:25:15 -07:00
Grant Limberg
f44b122262
pg_isready can use SSL 2022-06-21 14:40:24 -07:00
Adam Ierymenko
26d1cf9186
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2022-06-20 16:35:24 -04:00
Adam Ierymenko
895ee77c38
Commented out code to generates some AES-GMAC-SIV test vectors that are now part of the Rust code base to make sure it works right. 2022-06-20 16:35:17 -04:00
Grant Limberg
caf8b15f6d
Merge pull request #1701 from tossp/sql2 
fix sql
 2022-06-19 18:09:28 -07:00
TossPig
bc7f18064f
fix sql 
bind message supplies 17 parameters, but prepared statement "" requires 16
 2022-06-20 05:59:13 +08:00
Grant Limberg
355d3f44fb
logging & redis standalone fix 2022-06-16 11:52:35 -07:00
Grant Limberg
9de863e68b
update controller db record 2022-06-16 10:50:07 -07:00
Grant Limberg
64b7f8e445
quiet down logs more 2022-06-15 16:58:11 -07:00
Grant Limberg
626f488cb4
quiet down the controller logs a smidge 2022-06-15 16:58:07 -07:00
Grant Limberg
10212e376a
more redis in the controller 2022-06-15 16:58:04 -07:00
Joseph Henry
81462cd530
Add snapcraft login step for future CI/CD 2022-06-15 11:06:16 -07:00
Joseph Henry
7d4e4ac646
Update snapcraft 2022-06-14 15:20:42 -07:00
Grant Limberg
0ed339f19d
make sure value here is true, not just that the env var is set 2022-06-13 15:44:35 -07:00
Grant Limberg
c6fc3560f2
Merge branch 'dev' into redisrection 2022-06-13 13:09:36 -07:00
Adam Ierymenko
b4cec0b4a8
1.10.0 2022-06-13 14:18:54 -04:00
Grant Limberg
d7030b6e9c
html & unicode -> svg for sso logo 2022-06-08 16:17:28 -07:00
Joseph Henry
7ed5bde426
Fix for ab-mode link failure, QoS metrics (WIP) 2022-06-08 10:01:54 -07:00
Adam Ierymenko
75652ce667
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2022-06-08 12:43:57 -04:00
Adam Ierymenko
91f801ee72 Merge branch 'dev' of http://10.95.0.64/zerotier/ZeroTierOne into dev 2022-06-08 12:43:13 -04:00
Adam Ierymenko
c6f567ae4a openssl11-devel does not exist on CentOS 7 2022-06-08 12:42:43 -04:00
Grant Limberg
e1ca3c995d
this should not be quoted 2022-06-08 09:26:37 -07:00
Adam Ierymenko
addc327f17
More blanket ignores. 2022-06-08 12:21:11 -04:00
Adam Ierymenko
f2c12d548d
More blanket gitignores messing up vendored deps. 2022-06-08 12:19:40 -04:00
Adam Ierymenko
ef36acb970
Fix vendored files. 2022-06-08 12:16:09 -04:00
Adam Ierymenko
d5ca4e5f52 RPM build fix (reverted CI changes which will need to be un-reverted or made conditional) and vendor Rust dependencies to make builds much faster in any CI system. 2022-06-08 07:32:16 -04:00
Adam Ierymenko
373ca30269
1.10.0 release notes. 2022-06-07 13:53:12 -04:00
Adam Ierymenko
0d9d3a90de
Revise README. 2022-06-07 13:10:34 -04:00
Adam Ierymenko
363481b0f1 1.10.0 installer for Windows 2022-06-07 12:52:50 -04:00
Adam Ierymenko
38058450ce Revise Windows build to VS2022. 2022-06-06 19:33:35 -04:00
Adam Ierymenko
e672dc8094
Set version to correct 1.10.0. 2022-06-06 16:18:50 -04:00
Adam Ierymenko
c6682f2a3f
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2022-06-03 16:12:40 -04:00
Adam Ierymenko
4508a6687e
Version bump. 2022-06-03 15:42:06 -04:00
Joseph Henry
a47c3cb16f
Exclude temporary IPv6 check from SDK builds 2022-06-01 14:24:28 -07:00
Joseph Henry
9b42ced27f
Tweak DSM7 docker build target 2022-05-31 12:48:52 -07:00
Joseph Henry
1a400d33fd
Fix link creation bug in active-backup mode 2022-05-18 10:04:53 -07:00
Joseph Henry
96ee7252c2
Update README.md 2022-05-16 13:08:01 -07:00
Grant Limberg
b0624d3fd1
Merge branch 'inja' into dev 2022-05-16 12:26:42 -07:00
Grant Limberg
c329fab966
add isError to sso template variables 2022-05-16 09:25:36 -07:00
Sean OMeara
127c19fecd betterized rpm spec and ci scripts 2022-05-14 13:29:42 +02:00
Grant Limberg
4c22793850
Embed default template in service 2022-05-13 16:18:34 -07:00
Grant Limberg
da74b9651c
Wire up inja for html template processing 2022-05-13 15:55:48 -07:00
Grant Limberg
ce23a8dd32
update bsd makefile 2022-05-13 11:51:01 -07:00
Grant Limberg
30d106766a
Windows project changes for inja 2022-05-13 11:50:46 -07:00
Grant Limberg
c4df88354b
updates for macOS for inja support 2022-05-13 09:51:37 -07:00
Grant Limberg
b65c1ed3a0
Add inja 
Requries update to C++17 standard
 2022-05-13 09:34:15 -07:00
Grant Limberg
b329fb68a9
Cleanup rust-analyzer warnings 2022-05-12 21:04:16 -07:00
Grant Limberg
da179d9930
Clean up error flow for sso 
error messages can now propagate to the user's browser
 2022-05-12 17:00:43 -07:00
Grant Limberg
e7fee4c6ce
code cleanup 2022-05-11 22:41:35 -07:00
Grant Limberg
4151749dc9
Handle sso token exchange errors in zerotier client 2022-05-11 19:59:58 -07:00
Grant Limberg
aee9521c91
Add error handling for over sso seat limits 2022-05-11 19:43:29 -07:00
Adam Ierymenko
7e46c83592
1.8.10 2022-05-10 13:45:12 -04:00
Sean OMeara
ba74abb753 pull latest sid builder 2022-05-10 18:31:09 +02:00
Grant Limberg
9ddc0327d4
enable redis member status again 2022-05-10 08:36:39 -07:00
Joseph Henry
c34325fee7
Fix attribute placement for debugging functions (#1587) 2022-05-06 17:25:15 -07:00
Joseph Henry
db8443ef7d
Remove attributes causing build failures on various platforms (#1587) 2022-05-06 15:19:59 -07:00
Joseph Henry
6c85f8c7a7
Safely handle disappearing bonded interfaces (See issue #1587) 2022-05-06 14:59:34 -07:00
David Baird
eea93d2607
Fix SEGV caused by format string on 32-bit platforms / armv7l, reported in #1587 (#1658) 
Looks great. Thanks for this!
 2022-05-06 09:11:47 -07:00
Joseph Henry
e9f8ecbf7e
Properly initialize active-backup path index as partial fix for #1587 2022-05-04 09:51:48 -07:00
Grant Limberg
48852e8cb4 add ZT_SSO_ENABLED=1 to preprocessor definition list in Visual Studio 
fixes sso not working
 2022-05-03 14:39:08 -07:00
Joseph Henry
55ec325961
Add localSocket to listpeers JSON output 2022-04-28 15:58:12 -07:00
Grant Limberg
59151fbf86
remove max count for xread 2022-04-28 13:10:07 -07:00
Grant Limberg
1c700b7b41
Fix redis cluster usage 2022-04-28 13:05:02 -07:00
Grant Limberg
ff18bacd94
fix XREAD commands for redis message queue 2022-04-28 11:16:45 -07:00
Joseph Henry
caf1de3bcf
Allow TCP fallback when multipath is enabled 2022-04-28 11:12:04 -07:00
Joseph Henry
a9ad2924ac
Re-add user-configurable TCP fallback 2022-04-28 11:05:54 -07:00
Adam Ierymenko
7ea2354540
Merge branch 'master' of github.com:zerotier/ZeroTierOne 2022-04-27 17:10:19 -04:00
Adam Ierymenko
760bba67e7
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2022-04-27 14:12:10 -04:00
Adam Ierymenko
1fe3a4402d 1.8.9 Windows installer stuff 2022-04-27 14:11:48 -04:00
Adam Ierymenko
166c7978ee ALMOST compiles for ARM64 Windows, only remaining barrier is ring in zeroidc. 2022-04-27 12:19:42 -04:00
Joseph Henry
4f80e79886
Add QNAP build scripts 2022-04-26 15:04:19 -07:00
Adam Ierymenko
b47a2c9ac5
Forgot to bump Debian version. 2022-04-26 17:38:57 -04:00
Joseph Henry
1a5274b86b
Add Asustor build scripts 2022-04-26 08:33:48 -07:00
Joseph Henry
66236e91a2
Style fix 2022-04-26 08:26:45 -07:00
Joseph Henry
36475aebc7 Merge branch 'erikh-fix-cargo-root' 2022-04-25 20:39:22 -07:00
Joseph Henry
acd1f24a3f
Add Western Digital apkg build scripts 2022-04-25 17:47:58 -07:00
Joseph Henry
a74532fa0b
Move Snap and Synology packaging to new pkg dir 2022-04-25 17:47:15 -07:00
Erik Hollensbe
59d4aef7c2
Fix cargo home directory (was previously hard-coded to /root) 
Signed-off-by: Erik Hollensbe <git@hollensbe.org>
 2022-04-25 15:52:39 -07:00
Adam Ierymenko
dfb291090d
release notes 2022-04-25 17:09:14 -04:00
Grant Limberg
dac32f863e
fix deadlock on sso network leave 2022-04-25 14:00:04 -07:00
Adam Ierymenko
f3b56d3d94
More simplification of Debian control 2022-04-25 15:21:29 -04:00
Adam Ierymenko
eb95a427fa
1.8.9 version bump 2022-04-25 13:24:24 -04:00
Joseph Henry
f16299b10b
Add credit line to release notes 2022-04-21 09:50:18 -07:00
Adam Ierymenko
76bce44280
Build fix. 2022-04-19 21:30:36 -04:00
Adam Ierymenko
ee0a194b25
Several more SSO/OIDC related fixes, and bump version to 1.8.9. 2022-04-19 21:29:11 -04:00
Adam Ierymenko
ef08346a74
Fix a possible excessive memory use issue in controller and clean up a bunch of COM handling and other code in the normal node. 2022-04-19 19:59:54 -04:00
Adam Ierymenko
fe0068da52
A bit more auth cleanup in the local node. 2022-04-19 16:34:46 -04:00
Adam Ierymenko
cd70fefc5e
Clean up some credential push stuff. 2022-04-19 16:06:53 -04:00
Adam Ierymenko
877f86a896
build fix 2022-04-19 12:44:18 -04:00
Adam Ierymenko
912036b260
Push credentials always if updated (client-side) and some controller-side cleanup that should be logically irrelevant but will prevent unnecessary DB lookups. 2022-04-19 12:41:38 -04:00
Adam Ierymenko
a4e8847664
Restore sending of rejections but move it exclusively to a thread, widen netconf window to 30 minutes. 2022-04-19 10:37:58 -04:00
Adam Ierymenko
c492bf7eea
Forgot to send error on v0 auth expiry. 2022-04-18 16:36:09 -04:00
Adam Ierymenko
cb086ff97f
Simplify SSO logic. SSO should just normally expire when it expires. No full deauth needed. Deauth is for really giving someone the boot. 2022-04-18 16:32:05 -04:00
Joseph Henry
7e4da53c0b
Check reference to failover path before use in active-backup scenario 2022-04-17 21:03:57 -07:00
Adam Ierymenko
fe376f6a1e
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2022-04-15 14:23:40 -04:00
Adam Ierymenko
55a99f34d0
Tighten certificate window and deprecate sending of revocations for ordinary SSO timeouts. Revocations should only be for deliberate deauth to kick people off networks. Cert window should now stay within refresh window for SSO so normal cert expiration should handle it just fine. 2022-04-15 14:23:26 -04:00
Joseph Henry
99df637aae
Improve relationship between QOS timers and bucket sizes 2022-04-15 09:55:00 -07:00
Adam Ierymenko
d0c68096df
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2022-04-15 12:46:48 -04:00
Grant Limberg
1c464c2da1
fix potential cstring leaks 2022-04-15 09:16:02 -07:00
Adam Ierymenko
5b15da98b4
Start of 1.8.9 release notes. 2022-04-15 11:58:21 -04:00
Adam Ierymenko
d5a95f9224
Add SSO enable def to macOS 2022-04-14 20:57:35 -04:00
Adam Ierymenko
a7dcfa18a2
Oops forgot last part of that fix for MAC errors. 2022-04-14 20:13:57 -04:00
Adam Ierymenko
4389b9feff
Likely fix for invalid MAC problem. 2022-04-14 20:10:20 -04:00
Adam Ierymenko
cf03996bf2
clangd stuff 2022-04-14 12:00:36 -04:00
Adam Ierymenko
e1a3bd3a92
ignore .nova 2022-04-14 11:50:47 -04:00
Adam Ierymenko
58119598ae
comment out some new deauth code 2022-04-13 23:10:11 -04:00
Adam Ierymenko
42a2afaef9
This may improve controller behavior with SSO and mixed SSO, needs testing! 2022-04-13 21:39:56 -04:00
Grant Limberg
c2cfb4d1dc
remove stray #endif 2022-04-13 17:47:56 -07:00
Adam Ierymenko
f0b0172434
Merge branch 'master' into dev 2022-04-13 19:55:22 -04:00
Adam Ierymenko
8217cadc08
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2022-04-13 19:55:08 -04:00
Grant Limberg
6ad047a8fc
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2022-04-13 13:54:03 -07:00
Grant Limberg
23ef742e08
Fix for #1626 
Port used for PortMapping was not properly randomized causing multiple clients on the same lan to request the same UPnP port, and not all routers handle this gracefully.

Also fixes issue where the portmapper wasn't started at all if a secondary port wasn't specified, or if the tertiary port was manually specified.
 2022-04-13 13:53:42 -07:00
Joseph Henry
1294767b44 Fix ZT_SSO_SUPPORTED flag behavior. Allow disabling for embedded targets. 2022-04-13 10:05:49 -07:00
Erik Hollensbe
eca645fc52
Merge pull request #1625 from erikh/prettify-entrypoint-output 
prettify the entrypoint log output
 2022-04-13 00:17:07 -07:00
Erik Hollensbe
8598f34ebf
prettify the entrypoint log output 
Signed-off-by: Erik Hollensbe <git@hollensbe.org>
 2022-04-13 00:09:46 -07:00
Erik Hollensbe
cade483a00
Merge pull request #1624 from erikh/silence-entrypoint-errors 
silence catting files that don't exist in docker entrypoint
 2022-04-12 23:58:00 -07:00
Erik Hollensbe
df46248a0c
silence catting files that don't exist in docker entrypoint 
Signed-off-by: Erik Hollensbe <git@hollensbe.org>
 2022-04-12 23:56:16 -07:00
Joseph Henry
6cddb94509 Merge branch 'dev' of https://github.com/zerotier/zerotierone into dev 2022-04-12 17:46:13 -07:00
Joseph Henry
0e658828fb
Add Synology Docker target to Linux makefile 2022-04-12 17:45:54 -07:00
Sean McAvoy
de04240ca6
update alpine linux release to current supported (#1599) 2022-04-11 21:24:57 -07:00
fuowang
40681328ec
Add loongarch64 support (#1614) 
* add loongarch64 support
 2022-04-11 20:33:40 -07:00
Joseph Henry
4dbdfb6972
Fix missing symlink and high CPU usage of route watchdog on Synology 2022-04-11 15:22:13 -07:00
Adam Ierymenko
bd9c8d65ef
Release notes for 1.8.8 2022-04-11 12:46:12 -04:00
Adam Ierymenko
24ec634005
Possible fix for Ubuntu versioning issue on libstdc++6 2022-04-11 12:28:14 -04:00
Adam Ierymenko
ff0e6a53fc
Release notes for 1.8.8 2022-04-11 12:16:32 -04:00
Adam Ierymenko
ffb444dbeb 1.8.8 bump 2022-04-11 12:15:41 -04:00
Adam Ierymenko
d6f32516d8
Merge branch 'master' of github.com:zerotier/ZeroTierOne into dev 2022-04-11 11:11:13 -04:00
Joseph Henry
29566bfe7d
Add Synology target to Linux makefile 2022-04-10 22:50:53 -07:00
Erik Hollensbe
16d2b85c71
Merge pull request #1619 from altano/master 
Add `zerotier-cli info` output to Docker logs
 2022-04-08 22:09:32 -07:00
Alan Norbauer
193b357a0c Add zerotier-cli info output to Docker logs 
When I first bring up the container, I want to know I'm approving the join request for the right node. I can get the node's ZT address by manually executing `zerotier-cli info` in the node (e.g. with `docker-compose exec zerotier zerotier-cli info`) but just having it in the logs to start with is very convenient.
 2022-04-08 21:56:13 -07:00
Joseph Henry
8ee8870c27
Add Docker image and build script for DSM 7 2022-04-05 16:38:20 -07:00
Joseph Henry
3c59de7c00
Change directory structure for DSM packages 2022-04-05 15:27:35 -07:00
Joseph Henry
e87bf87046
Remove unnecessary packages from Synology Dockerfile 2022-04-05 14:20:51 -07:00
Joseph Henry
b4f7a9a4f4
Temporarily disable certain arch builds on Synology 2022-04-05 09:52:25 -07:00
Joseph Henry
a360416655
Move Synology home-dir to /var/packages/zerotier/var 2022-04-05 09:51:35 -07:00
Joseph Henry
26dbebbba7
Add Synology packaging 2022-04-05 08:54:16 -07:00
Joseph Henry
04b77773c4
Remove Synology-specific IP add block 2022-03-31 22:01:50 -07:00
Joseph Henry
6f4a69703b
Fix ZT_SSO_SUPPORTED flag behavior. Allow disabling for embedded targets. 2022-03-31 21:45:38 -07:00
Joseph Henry
d67f59f5b5
Fix ARMv6 arch moniker 2022-03-31 09:43:06 -07:00
Joseph Henry
00d9abb612 Merge branch 'dev' of https://github.com/zerotier/zerotierone into dev 2022-03-31 09:40:45 -07:00
Adam Ierymenko
c8920cff19
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2022-03-30 15:51:33 -04:00
Adam Ierymenko
7293ba7d71
Merge branch 'master' into dev 2022-03-30 15:51:18 -04:00
Adam Ierymenko
e73d7d9349
Merge branch 'master' of http://git.int.zerotier.com/zerotier/ZeroTierOne 2022-03-30 15:51:01 -04:00
Adam Ierymenko
0e3be9b837
1.8.7 2022-03-30 15:50:26 -04:00
Adam Ierymenko
c600590aa6 Windows 1.8.7 installer config. 2022-03-29 19:36:56 -04:00
Adam Ierymenko
1343f15a07
Merge branch 'master' of http://git.int.zerotier.com/zerotier/ZeroTierOne 2022-03-29 14:28:12 -04:00
Grant Limberg
5fcaed086d
another at->idt for exp 2022-03-29 11:09:50 -07:00
Grant Limberg
130689d82b
remove extraneous debug log line 2022-03-29 11:09:14 -07:00
Grant Limberg
1efceb86fc
get exp time out of correct token 2022-03-29 11:08:59 -07:00
Grant Limberg
1d92974447
auth0 compatibility 2022-03-29 11:07:44 -07:00
Grant Limberg
de56f571c7
enable rfc3339 timestamps in oidc library for auth0 2022-03-29 11:07:30 -07:00
Grant Limberg
3670b8cefd
another at->idt for exp 2022-03-29 10:33:27 -07:00
Grant Limberg
425f5201a2
remove extraneous debug log line 2022-03-29 10:03:34 -07:00
Grant Limberg
df3b29e6ff
get exp time out of correct token 2022-03-29 10:01:02 -07:00
Grant Limberg
96a49bf476
auth0 compatibility 2022-03-29 09:11:55 -07:00
Grant Limberg
2d975f275c
enable rfc3339 timestamps in oidc library for auth0 2022-03-29 09:11:25 -07:00
Erik Hollensbe
76e30cf165
Merge pull request #1596 from erikh/docker-image-fixes 
Fix dockerfile & entrypoint:
 2022-03-24 10:53:52 -07:00
Erik Hollensbe
da603208b4
Dockerfile: Reduce healthcheck interval to 1s (it's cheap) 
Signed-off-by: Erik Hollensbe <git@hollensbe.org>
 2022-03-23 18:17:21 -07:00
Erik Hollensbe
6dc7bdf72e
Fix ^C issue 
Signed-off-by: Erik Hollensbe <git@hollensbe.org>
 2022-03-23 18:09:04 -07:00
Erik Hollensbe
d52ebaa412
HEALTHCHECK operation 
Signed-off-by: Erik Hollensbe <git@hollensbe.org>
 2022-03-23 18:08:46 -07:00
Erik Hollensbe
c30a1f60ea
Join networks by touching a file 
Signed-off-by: Erik Hollensbe <git@hollensbe.org>
 2022-03-23 17:56:09 -07:00
Erik Hollensbe
2388c9f4e4
added additional informational messages to argument usage in zerotier docker image 
Signed-off-by: Erik Hollensbe <git@hollensbe.org>
 2022-03-23 17:40:28 -07:00
Erik Hollensbe
f41372680d
Fix dockerfile & entrypoint: 
- Resolve issue with join not being checked properly for success without
  using external tools
- Resolve issue where initial boot was not being checked properly
- Now output errors when zerotier fails to start

closes #1581

cc @altano for inspiration for this patch

Signed-off-by: Erik Hollensbe <git@hollensbe.org>
 2022-03-23 17:40:28 -07:00
Adam Ierymenko
7efb1cf7d3 Bundle Edge WebView dependency EXE and statically link MSVC DLLs 2022-03-22 17:43:43 -04:00
Joseph Henry
0547fd3593 Merge branch 'master' of https://github.com/zerotier/zerotierone into dev 2022-03-21 19:51:53 -07:00
Adam Ierymenko
2800534445
1.8.7 2022-03-21 17:34:52 -04:00
Adam Ierymenko
e464050a40
Merge branch 'master' of http://git.int.zerotier.com/zerotier/ZeroTierOne 2022-03-21 17:30:18 -04:00
Grant Limberg
73ec8cddd7
Show sso errors on the last step of the oidc process 2022-03-21 17:30:03 -04:00
Joseph Henry
1c171b5d99
Merge pull request #1589 from hcwhan/patch-1 
Dockerfile version bump to 1.8.6
 2022-03-15 09:52:55 -07:00
Joseph Henry
32f49b44b0
Modify snap to use pre-compiled static binaries 2022-03-15 09:44:46 -07:00
hcwhan
e2d4571ade
Dockerfile version bump to 1.8.6 2022-03-14 10:34:26 +08:00
Grant Limberg
3f19e7d73c
Show sso errors on the last step of the oidc process 2022-03-10 13:08:35 -08:00
Adam Ierymenko
93076dde56
Fix merged OneService. 2022-03-10 15:57:15 -05:00
Adam Ierymenko
3e78785dea
Merge OneService changes from master. 2022-03-10 15:50:01 -05:00
Adam Ierymenko
68c9398f71
Merge branch 'master' into dev 2022-03-10 15:48:47 -05:00
Adam Ierymenko
4b3a13797a Windows Advanced Installer stuff for 1.8.6 2022-03-10 15:45:33 -05:00
Adam Ierymenko
4a2c75a609
Release notes 2022-03-10 13:36:31 -05:00
Adam Ierymenko
34a64f30de
Bump the peer cache serialization version due to path changes, will cause peers to be re-learned. Technically the peer cache is optional anyway so it's not going to break anything and should guard against weird issues due to path learning changes on restart. 2022-03-09 09:13:26 -05:00
Adam Ierymenko
4bdf0317c3
Forgot to version bump RH. 2022-03-08 15:18:57 -05:00
Adam Ierymenko
8624972d01
More 1.8.6 bumps. 2022-03-08 09:17:14 -05:00
Adam Ierymenko
6bfaaaa557
1.8.6 bump and add AutoReqProv:no for GitHub issue #1575 2022-03-07 14:06:12 -05:00
Adam Ierymenko
b42c998095
Merge branch 'master' of github.com:zerotier/ZeroTierOne 2022-03-07 13:58:51 -05:00
Adam Ierymenko
56357c077b
Merge pull request #1110 from neheb/patch-1 
LinuxNetLink: Add cerrno header for (str)errno
 2022-03-07 13:53:14 -05:00
Adam Ierymenko
3def00370e
Merge pull request #1187 from rjsocha/win-service-description 
Add description for Windows service
 2022-03-07 13:52:41 -05:00
Adam Ierymenko
e1a3285273
Update ServiceInstaller.cpp 
Some very minor changes to this PR
 2022-03-07 13:52:05 -05:00
Joseph Henry
59b392af10
Merge pull request #1572 from zerotier/configurable-tcp-proxy 
make TCP fallback relay address configurable
 2022-03-07 09:17:43 -08:00
Grant Limberg
a8dde7b89b
update JNI to add new status code 2022-03-04 14:28:25 -08:00
Grant Limberg
ecde26c823
fix http return value from one service when nework list is empty 2022-03-04 12:35:11 -08:00
Adam Ierymenko
567969d33c
1.8.6 with a UI non-responsiveness fix. 2022-03-04 14:54:51 -05:00
Adam Ierymenko
544a4de1e0
Merge branch 'master' into dev 2022-03-03 18:35:05 -05:00
Adam Ierymenko
c341bf6d8c
Merge 2022-03-03 18:32:54 -05:00
Adam Ierymenko
297869163e
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2022-03-03 18:30:19 -05:00
Joseph Henry
3ead6b67cd
Dynamically scale bonded link monitor frequency according to aliveness 2022-03-02 14:58:31 -08:00
Grant Limberg
3cbea6c898
make TCP fallback relay address configurable 2022-03-02 11:44:04 -08:00
Adam Ierymenko
1f73ab4b05
Debian lowest common denominator dependency for libssl. 2022-03-02 14:11:39 -05:00
Joseph Henry
8148c658cf
Remove bonds for peers that have fully expired. Remove notion of bond health 2022-03-02 09:55:23 -08:00
Adam Ierymenko
15ddf28c6a
Makefile fix for Linux. 2022-02-28 19:08:13 -05:00
Adam Ierymenko
16b5274963
Fix to selinux fix. 2022-02-28 16:10:44 -05:00
Grant Limberg
f8e24f4629
Fix issue where restarting a controller causes a DB write for each network member 2022-02-28 12:26:32 -08:00
Joseph Henry
1cf8a1f493
More accurate accounting of bond layer overhead traffic 2022-02-25 15:04:48 -08:00
Joseph Henry
bc2c4cf80a Merge branch 'dev' of https://github.com/zerotier/zerotierone into dev 2022-02-25 11:39:21 -08:00
Joseph Henry
9933d83cf8
Merge pull request #1564 from zerotier/dev-whoami 
Proactively seek, and distribute external surface addresses

This patch introduces a new "self-awareness" behavior which proactively queries peers for external surface addresses and distributes them via PUSH_DIRECT_PATHS. This has the effect of making ZT more responsive to interface changes.

Current behavior:

Previously, this type of information was only mediated via RENDEZVOUS and was only triggered when the client detected that it no longer had a single alive path to a peer. While PUSH_DIRECT_PATHS would correctly (and often) send local addresses, this was not the case for external addresses collected from response HELLOs. This would lead to situations where only one physical address would be distributed to peers. Additionally, if a new physical interface were to be made available to the client, the client would correctly bind to it but never seek information about its external mapping from a peer, and thus the new physical interface would remain unavailable for other peers to learn about until all paths on the previous interface have expired which can take a couple of minutes. In traditional usage of ZT this is not usually a problem, but it becomes a problem in the following scenarios:

    Network interfaces go up and down while ZT is running (e.g. switching to LTE or WiFi from a wired connection)
    Network interfaces are added or removed in multipath setups

Proposed behavior:

I propose that normal full HELLOs are sent not only on the first interface in use, but all interfaces. This causes planets to respond with a HELLO containing the surface address for each interface. We then collect each address using SelfAwareness::whoami() and distribute them via the normal PUSH_DIRECT_PATHS mechanism.
 2022-02-25 11:30:45 -08:00
Joseph Henry
1918c29fd7
Change ECHO divisor from 20 to 6 2022-02-25 11:29:07 -08:00
Joseph Henry
84705aafc7
Merge pull request #1569 from zerotier/dev-echo-rate-gate 
Rate gate ECHO per Path instead of per Peer

In multipath scenarios user traffic is used to judge the aliveness of a path. If the user traffic is too infrequent to establish aliveness for a given time window (say 500 ms), the bonding layer will send extra ECHOs at a maximum rate of failoverInterval / 3 (or ~ 166 ms) per path. This patch relaxes the rate-limiting of ECHOs significantly in order to prevent a non-multipath node from dropping ECHOs causing multipath nodes to erroneously judge paths to that node to be dead.
Details

This patch decreases the rate limiting from 1000 ms per peer by a factor of 6 to ~166 ms and rate limits ECHOs per Path instead of per Peer. This allows rate limiting to scale with the number of established paths to a peer.

As a result, if all 64 path slots are used a total of 64 x 6 = 384 ECHOs per second will be allowed in the most aggressive case where failoverInterval is set to 500 ms.
 2022-02-25 11:23:42 -08:00
Joseph Henry
618202d426
Increase min failover to 500 ms and probe period to 1/3rd of failover 2022-02-25 10:52:39 -08:00
Adam Ierymenko
8b9a7d2c8f
1.8.5 release notes 2022-02-22 13:15:39 -05:00
Joseph Henry
d1335dca11
Change ECHO rate-limit divsor from 16 to 20 2022-02-21 16:22:33 -08:00
Joseph Henry
5e13b42abc
Rate gate ECHO per Path instead of per Peer 2022-02-21 14:37:39 -08:00
Adam Ierymenko
b4b5a70a03 Windows build update. 2022-02-21 13:53:55 -05:00
Joseph Henry
96aa1c30a6
Proactively seek, enumerate, and distribute external surface addresses 2022-02-17 15:39:17 -08:00
Joseph Henry
1b0c183913
Force non-leaf peers into local active-backup bond when multipath is enabled 2022-02-17 15:16:33 -08:00
Joseph Henry
5d4a9a4aa1 Merge branch 'dev' of https://github.com/zerotier/zerotierone into dev 2022-02-17 09:48:15 -08:00
Grant Limberg
31c12aebb5
more fun with linux ethernet taps 
older kernels: must set MTU before IFF_UP.
newer kernels: must set MTU *after* IFF_UP
 2022-02-17 09:26:53 -08:00
Joseph Henry
40269c2a97
Comment out debug traces 2022-02-16 20:39:18 -08:00
Adam Ierymenko
ed74ed6ed2
CentOS/RHEL 6 SELinux permissions. 2022-02-16 12:56:17 -05:00
Adam Ierymenko
26e684eb0e
Add OpenSSL requirements to Linux package manifests. 2022-02-15 14:39:23 -05:00
Adam Ierymenko
fc66f79988 1.8.5 Windows 2022-02-15 13:09:54 -05:00
Adam Ierymenko
3c85a7f074
Rev roots. 2022-02-15 09:13:58 -05:00
Adam Ierymenko
62d2a00e74
Merge pull request #1093 from keur/unit_after_network 
systemd: fix zerotier hanging on shutdown
 2022-02-11 18:03:18 -05:00
Adam Ierymenko
bb2b109707
Merge pull request #1559 from zerotier/oldlinux 
potential fix for 2.6.x kernels
 2022-02-11 17:59:53 -05:00
Joseph Henry
c5008031b9
Increase ifname size to accomodate Windows (issue #1560) 2022-02-11 10:08:56 -08:00
Joseph Henry
1d15d4e8d3
Add ZT_DEBUG to DEFS when specified 2022-02-09 14:32:10 -08:00
Joseph Henry
da898d5a19 Merge branch 'dev' of https://github.com/zerotier/zerotierone into dev 2022-02-08 15:47:43 -08:00
Joseph Henry
f9c84c8c52
Remove stray debug trace 2022-02-08 15:32:25 -08:00
Grant Limberg
5d63ed6739
fix function call 2022-02-07 17:14:43 -08:00
Grant Limberg
fdf4ebd43c
potential fix for 2.6.x kernels 
detect if the kernel is super old.  if so, do not execute the post IF_UP commands on the interface
 2022-02-07 17:10:54 -08:00
Grant Limberg
dc9fdb7da8
Merge branch 'notify' into dev 2022-02-07 13:59:22 -08:00
Grant Limberg
2652c71c9e
remove tag one more time 2022-02-07 11:54:50 -08:00
Grant Limberg
806d1fff42
Merge branch 'notify' into dev 2022-02-07 11:46:23 -08:00
Grant Limberg
c065e88e1e
notify tags are back 2022-02-07 11:39:47 -08:00
Grant Limberg
4641a44029
does order matter? 2022-02-07 11:36:52 -08:00
Grant Limberg
f544f75c36
notify all again 2022-02-07 11:32:19 -08:00
Grant Limberg
720168f0a0
only notify on failure for now 2022-02-07 11:27:03 -08:00
Grant Limberg
6dfecca91e
poke 2022-02-07 11:23:38 -08:00
Grant Limberg
10b38b5b0a
poke 2022-02-07 11:14:46 -08:00
Sean OMeara
dbc5d5c453
Update .drone.yml 
OCD made me do it
 2022-02-07 19:54:56 +01:00
Grant Limberg
a3e0ba16f5
poke 2022-02-07 10:43:56 -08:00
Grant Limberg
3c906102e1
update notify image 2022-02-07 10:26:29 -08:00
Joseph Henry
566ac113e4 Merge branch 'dev' of https://github.com/zerotier/zerotierone into dev 2022-02-07 10:10:24 -08:00
Grant Limberg
5abc8bd2af
specify tag 2022-02-07 10:09:01 -08:00
Joseph Henry
926b2e168e
Add external listening addr/port pairs to status output (ticket #1555) 2022-02-07 10:08:02 -08:00
Grant Limberg
e475e8151d
set pull: always on notify image 2022-02-07 09:56:31 -08:00
Grant Limberg
440f10e353
max retires 3 2022-02-04 13:48:48 -08:00
Grant Limberg
30256c7106
set max retries 2022-02-04 13:44:00 -08:00
Grant Limberg
21946f38d0
oops 2022-02-04 13:35:44 -08:00
Grant Limberg
549673664d
custom image 2022-02-04 13:34:28 -08:00
Sean OMeara
b45d0c5a36 tweaking 2022-02-04 22:08:56 +01:00
Sean OMeara
4df05c2890 running s390x on xeons 2022-02-04 22:08:14 +01:00
Sean OMeara
d886089091 running s390x on xeons 2022-02-04 22:05:29 +01:00
Grant Limberg
51158dde93
make it run on failure and succes 2022-02-04 12:58:12 -08:00
Grant Limberg
09fff7f1cb
lets try this 2022-02-04 12:50:19 -08:00
Sean OMeara
91f435f32f trying s390 on a gravaton 2022-02-04 21:42:00 +01:00
Sean OMeara
726ffddce2 adding platform routing for arm64 2022-02-04 21:28:07 +01:00
Adam Ierymenko
4ecf692f46
Remove -j1 2022-02-04 14:51:13 -05:00
Adam Ierymenko
2a461a9aac Merge dev 2022-02-04 13:32:06 -05:00
Grant Limberg
211b1fc23c
enable on x32 2022-02-03 12:52:35 -08:00
Grant Limberg
df6bbb0b0c
more fun with makefiles 2022-02-03 11:47:03 -08:00
Grant Limberg
cfae20e0df
LDFLAGS fix on non-supported platforms 2022-02-03 11:30:39 -08:00
Grant Limberg
3c0adde0c7
don't build on unsupported platforms 2022-02-03 11:26:10 -08:00
Grant Limberg
f511c9c938
fix compile errors on non-sso platforms 2022-02-03 10:07:25 -08:00
Sean OMeara
20f88b37ef adding drone config 2022-02-03 14:19:06 +01:00
Sean OMeara
269501eaa0 adding drone config 2022-02-03 14:18:36 +01:00
Adam Ierymenko
330e1de3d1 Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2022-02-01 16:04:06 -05:00
Adam Ierymenko
25e14e2164 Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2022-02-01 16:03:04 -05:00
Grant Limberg
aa97aabb4e
for now, only enable sso on certain platforms 
mac, windows, linux x86/x86_64/aarch64
 2022-02-01 11:07:37 -08:00
Travis LaDuke
59cd2766e3 Shorten issue template. Add docs site to it. 2022-01-31 13:52:38 -08:00
Grant Limberg
b7952d7f39
no longer need direct import of serde here either 2022-01-31 12:13:30 -08:00
Grant Limberg
c380a4e4bd
cleanup 2022-01-31 12:02:14 -08:00
Grant Limberg
9c487cbfb8
Remove jsonwebtoken package dependency 
Replaced with rust-jwt.  `jsonwebtoken` relies on the ring package which explodes on non-x86/x64 architectures
 2022-01-31 11:58:51 -08:00
Adam Ierymenko
6fc636535f
Merge branch 'dev-enlarge-netconf-limits' into dev 2022-01-31 10:52:34 -05:00
Joseph Henry
4190318c85
Fix typo in constant name 2022-01-28 10:41:21 -08:00
Joseph Henry
2f554fd6f8
Merge pull request #1552 from Shawn8410/master 
FIX: fix wrong flag usage of rateGateCredentialsReceived
 2022-01-28 10:12:16 -08:00
Shawn
ae93cccde6 FIX: fix wrong flag usage of rateGateCredentialsReceived 2022-01-27 11:59:21 +08:00
Joseph Henry
46e955e3a1
Split bond logs into two categories to reduce logging size 2022-01-26 15:14:02 -08:00
Joseph Henry
60057d7072
Fix SSL-related linker errors on Linux 2022-01-26 14:02:42 -08:00
Joseph Henry
2850f131e2
Fix code style 2022-01-25 18:03:36 -08:00
Adam Ierymenko
440568a516
Enlarge maximum routes and maximum assigned addresses. 2022-01-24 14:26:15 -08:00
Adam Ierymenko
e31088aaf9 Debian build tweaks, and deparallelize Rust for higher order build parallelization. 2022-01-21 17:27:07 -05:00
Grant Limberg
63b36e8569
. 2022-01-20 15:36:29 -08:00
Grant Limberg
726d359335
part 2 2022-01-20 15:35:18 -08:00
Grant Limberg
fc0858a4a3
fix the fix cargo build on mac 
--debug isn't a cargo option at all
 2022-01-20 15:32:58 -08:00
Grant Limberg
f80103778a
Merge branch 'dev' into central-controller 2022-01-20 15:15:59 -08:00
Grant Limberg
c09010c25a
handle nonce rotation in controller better 
Won't generate new nonces until there are no active ones.
 2022-01-20 15:14:29 -08:00
Grant Limberg
9cd1466e6b
Merge branch 'dev' into central-controller 2022-01-20 11:12:21 -08:00
Grant Limberg
801be64ed3
Merge branch 'zeroidc' into dev 2022-01-20 09:46:22 -08:00
Grant Limberg
d719137565
temp workaround for oidc auth dropping issue 
Add a method to "kick" the refresh thread and re-post the tokens in the case where the thread is somehow still running & controller pushes out an AUTH_REQUIRED.  This situation happens in a corner case still under investigation where the controller pushes out many copies of the network config repeatedly
 2022-01-20 09:44:56 -08:00
Adam Ierymenko
58aba96494
Mac Rust build fix. 2022-01-20 11:16:26 -05:00
Adam Ierymenko
f8d7796099
Merge branch 'zeroidc' into dev 2022-01-20 10:43:37 -05:00
Adam Ierymenko
241c41267b
Merge branch 'master' into dev 2022-01-20 08:23:12 -05:00
Adam Ierymenko
2ac1ff9be2
Merge pull request #1451 from channelbeta/update-pgp-url 
Update PGP keyserver URL
 2022-01-20 08:22:52 -05:00
Adam Ierymenko
cb31b3987f
Merge pull request #1539 from khng300/getdefaultgateway-rtm-fix 
ext/libnatpmp: Set sa_len properly in getdefaultgateway()
 2022-01-20 08:21:24 -05:00
Adam Ierymenko
c256398095
Merge pull request #1541 from khng300/fbsd-osdep-PortMapper 
Build osdep/PortMapper on FreeBSD
 2022-01-20 08:21:08 -05:00
Ka Ho Ng
7bb8703bf9 Build osdep/PortMapper on FreeBSD 
This enables NAT-PMP and UPnP supports on FreeBSD.
 2022-01-12 13:52:46 -05:00
Sean OMeara
0da00bf546
Merge pull request #1535 from zerotier/linux-route-metric 
Set a high metric on linux routes that have a via.
 2022-01-12 18:41:54 +01:00
Sean OMeara
4866490cdf
Merge pull request #1533 from zerotier/tl-linux-route-if 
Prevent adding routes to non-zerotier interfaces in rare cases.
 2022-01-12 18:41:45 +01:00
Grant Limberg
1547b1a581
Merge branch 'zeroidc' into central-controller 
# Conflicts:
#	node/NetworkConfig.cpp
#	node/NetworkConfig.hpp
 2022-01-11 12:09:57 -08:00
Ka Ho Ng
511c77aa99 ext/libnatpmp: Set sa_len properly in getdefaultgateway() 
In USE_SOCKET_ROUTE's implementation, sa_len of the sockaddrs need to be
set as well.

Sponsored by:	The FreeBSD Foundation
 2022-01-10 20:42:34 -05:00
Travis LaDuke
692a0e7ac2 Set a high metric on linux routes that have a via. 
See issue #750.

zerotier doesn't currently set a metric on routes. Linux
takes this to mean "0", the highest priority.

Every comment in the issue is about routing between zerotier
and lan and how they conflict.

This quick change could fix this problem for most people.

The subnet route for the zerotier network, the one with no
via, is still 0 in this patch. Just the "via" routes get
higher metrics.
If for some reason, you needed your via routes to have
higher priority, you could use a prefix work-around:

192.168.1.0/25 via 10.147.17.1
192.168.1.128/25 via 10.147.17.1
 2022-01-07 13:10:36 -08:00
Travis LaDuke
fa25b45198 Keep interface name on via routes on linux 
See issue #1498
 2022-01-07 11:58:42 -08:00
Grant Limberg
cdd25c389e
Merge branch 'dev' into zeroidc 2022-01-06 14:55:40 -08:00
Grant Limberg
133a6ff7b3
fix env var 2022-01-06 14:55:20 -08:00
Grant Limberg
96add0ba65
Merge branch 'dev' into zeroidc 2022-01-06 14:54:09 -08:00
Grant Limberg
f5096a1f26
add wait for docker in controller startup script 2022-01-06 14:51:56 -08:00
Grant Limberg
3d4d087f07
make some impl functions pub 2022-01-05 15:43:45 -08:00
Grant Limberg
953e62f103
Clean up some extraneous output in release mode 2022-01-05 11:55:47 -08:00
Grant Limberg
084727c54a
link zeroidc to selftest 2022-01-05 11:55:25 -08:00
Grant Limberg
8ea192fcab
update dependency specs 2022-01-05 08:44:01 -08:00
Grant Limberg
dceba1f2f1
Merge branch 'dev' into zeroidc 2022-01-05 08:35:15 -08:00
Grant Limberg
73878fbdc4
Merge pull request #1531 from StephenCWills/mingw32-disable-salsasse 
Disable Salsa20 SSE on MinGW 32-bit compiler
 2022-01-04 17:42:40 -08:00
staphen
87d17088cc
Disable Salsa20 SSE on MinGW 32-bit compiler 2022-01-04 20:39:08 -05:00
Grant Limberg
cc6c48fca8
Merge pull request #1525 from StephenCWills/lowercase-windows-headers 
Use lowercase when including Windows headers
 2022-01-04 17:11:51 -08:00
Grant Limberg
e556a2ee23
Merge pull request #1528 from StephenCWills/android-miniupnpc 
[Android] Fix include for miniupnpc
 2022-01-04 16:56:05 -08:00
Grant Limberg
50b866c5cf
clean up & pass along errors from ZeroIDC::new() method 2022-01-03 17:25:30 -08:00
staphen
f83eed9ef9
[Android] Fix include for miniupnpc 2022-01-03 12:15:21 -05:00
Grant Limberg
cb9313a454
Merge branch 'dev' into zeroidc 2022-01-03 08:37:10 -08:00
Grant Limberg
cf411efd1d
a little cleanup 2022-01-03 08:36:16 -08:00
staphen
1c956494a4
Use lowercase when including Windows headers 2021-12-29 16:29:08 -05:00
Adam Ierymenko
dbe3aa1efc
Merge branch 'master' into dev 2021-12-17 17:41:03 -05:00
Adam Ierymenko
4128d80974
1.8.5 version bump. 2021-12-17 17:40:00 -05:00
Grant Limberg
057356a725
Just some comments 2021-12-16 22:07:17 -08:00
Grant Limberg
a69e91c541
Fix hash verification on refresh 2021-12-16 19:49:15 -08:00
Grant Limberg
8fccf3136c
Enable validation of token hashes as part of the oidc process 2021-12-16 18:44:36 -08:00
Grant Limberg
2435ab70ab
remove some extra verbose logging 
... and baby you got a full flow goin on
 2021-12-16 12:37:22 -08:00
Grant Limberg
f489862500
update final page text a smidge 2021-12-16 12:20:31 -08:00
Grant Limberg
2642fa1ee2
Return HTML instead of blank page when auth is successful! 2021-12-16 12:06:16 -08:00
Grant Limberg
2293b0703f
Can get Central JSON bundle back to zerotier-one window 2021-12-16 11:37:58 -08:00
Grant Limberg
1375e3e2f5
allow debug & release builds of Rust 2021-12-15 15:53:48 -08:00
Grant Limberg
0ab5cce878
TIL: Its not as hard as I thought to make Rust deadlock 2021-12-15 14:37:06 -08:00
Grant Limberg
b567e91f68
fix 2021-12-15 14:36:50 -08:00
Grant Limberg
eee31605b1
Merge branch 'dev' into zeroidc 2021-12-15 14:17:26 -08:00
Grant Limberg
df9a7497b1
refactor out the separate AuthInfo struct 
consolidated everything into the single IDC struct.  Should help keep from rotating the pkce token as often & causing issues with the login window flapping
 2021-12-15 14:16:17 -08:00
Joseph Henry
c6adb6df12
Merge pull request #1513 from andrejbinder/dev 2021-12-15 13:25:12 -08:00
Andrej Binder
aeec7dae36 Prevent arithmetic error on interface change. 2021-12-15 22:22:02 +01:00
Adam Ierymenko
fa58909d44
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2021-12-15 12:32:41 -05:00
Adam Ierymenko
06ed114fb6
Release notes and GitHub issue #1512 2021-12-15 12:32:28 -05:00
Joseph Henry
bdef9d3bd7
Fix situation where too many ECHOs are sent to multipath peer 2021-12-14 21:20:58 -08:00
Joseph Henry
b154b7296c
Improve multipath logging output 2021-12-14 21:13:19 -08:00
Joseph Henry
8019f13479 Merge branch 'dev' of https://github.com/zerotier/zerotierone into dev 2021-12-14 15:31:29 -08:00
Joseph Henry
1c6fd4125d
Fix custom policy parsing bug mentioned in issue #1507 2021-12-14 11:49:43 -08:00
Travis LaDuke
1f99f1d5f4
Merge pull request #1488 from zerotier/macos-ipv6-config 
Convince macOS to do ipv6 dns lookups
 2021-12-14 08:54:45 -08:00
Sean OMeara
30c77cfee5
Merge pull request #1510 from zerotier/nolint 
removing commit linter
 2021-12-13 21:35:36 +01:00
Travis LaDuke
afdc91f21f Convince macOS to do ipv6 dns lookups 
Puts a value into System Config, similar to how DNS push works.

closes #1466

https://apple.stackexchange.com/questions/309430/ipv6-dns-resolution-on-macos-high-sierra
 2021-12-13 12:34:41 -08:00
Sean OMeara
3470c5314d removing commit linter 2021-12-13 21:25:17 +01:00
Adam Ierymenko
f0e824416b
Merge pull request #1509 from zerotier/dev-antiflap 
Proposed fix for "path amnesia"
 2021-12-13 15:17:40 -05:00
Joseph Henry
52ff67fb2c
Merge pull request #1504 from capruro/patch-1 
Version bump to 1.8.4
 2021-12-13 11:56:51 -08:00
Joseph Henry
e9375b50b0
Prevent path-amnesia 2021-12-13 11:54:23 -08:00
Joseph Henry
1f43a736b2
Fix active-backup path selection bug 2021-12-09 13:43:52 -08:00
Joseph Henry
05a0a20197
Fix multipath flow reallocation. Prevent allocation to dead paths 2021-12-08 14:32:58 -08:00
Grant Limberg
2ee595553a
Merge branch 'dev' into zeroidc 2021-12-08 12:35:36 -08:00
Grant Limberg
2d4fe9e6d0 Get oidc lib compiled into main binary on Windows 2021-12-08 12:14:15 -08:00
Grant Limberg
dc12bde068 add vs makefile project to build oidc rust library 2021-12-08 09:49:29 -08:00
Grant Limberg
b3fbbd3124
refresh tokens now working 
Still investigating the best way to do a couple things, but we have something working
 2021-12-07 16:29:50 -08:00
Joseph Henry
983336911c
Remove obsolete documentation 2021-12-07 09:14:54 -08:00
Grant Limberg
48b39ab005
removing comments 2021-12-03 17:46:37 -08:00
Grant Limberg
5095d73de3
moar better error handling 2021-12-03 16:32:27 -08:00
Grant Limberg
1192b1b422
refresh token run loop 
Need central-side work to complete
 2021-12-03 15:44:04 -08:00
Grant Limberg
43c528fdb6
Get expiry time out of access token & propagate 2021-12-03 11:32:29 -08:00
Grant Limberg
da4b9922d4
Merge branch 'dev' into zeroidc 2021-12-03 09:58:04 -08:00
Grant Limberg
7a8c89be9d
Post ID token to Central 2021-12-03 09:57:39 -08:00
capruro
3b37db1a36
Version bump to 1.8.4 2021-12-03 14:30:05 +01:00
Joseph Henry
5ae0f9d03f
Add a few more Snap targets to Linux makefile 2021-12-02 10:54:43 -08:00
Joseph Henry
1dd1bf8bac
Add Snap targets to Linux makefile 2021-12-02 10:07:41 -08:00
Grant Limberg
8966002685
Merge branch 'dev' into zeroidc 2021-12-01 16:59:06 -08:00
Grant Limberg
4ce810b421
On our way to processing tokens 2021-12-01 16:57:18 -08:00
Grant Limberg
730482e62f
encode network ID into sso state param 2021-12-01 15:02:21 -08:00
Adam Ierymenko
eac56a2e25
Build fix in ARM flags for Snap builds. 2021-12-01 17:27:55 -05:00
Adam Ierymenko
5c3a2357ef
VERSION 1.8.4 2021-12-01 17:01:57 -05:00
Grant Limberg
663a09b38d
oidc stuff coming across the wire properly and generating a working login URL 2021-12-01 13:01:32 -08:00
Grant Limberg
eaccce743f
moar plumbing progress 2021-12-01 12:07:05 -08:00
Grant Limberg
7cce23ae79
wip 2021-12-01 10:44:29 -08:00
Grant Limberg
73c186b111
add network_id extra param to auth flow 2021-12-01 09:27:30 -08:00
Adam Ierymenko
5ce0019ee5 ARM wrestling. 2021-12-01 10:40:01 -05:00
Grant Limberg
ca8d315924
Merge branch 'dev' into zeroidc 2021-11-30 18:42:45 -08:00
Grant Limberg
dfdac7adbd
iomanip 2021-11-30 17:31:46 -08:00
Grant Limberg
a33d7c64fe
more fixin 2021-11-30 17:27:13 -08:00
Adam Ierymenko
e37c9055b3 ARM flags 2021-11-30 19:54:17 -05:00
Grant Limberg
d15516f0ef
query fix & controller build fix 2021-11-30 16:18:34 -08:00
Grant Limberg
4a1d6f4cc8
get central controller docker builds working again 2021-11-30 15:22:31 -08:00
Grant Limberg
6393a4beec
progress 2021-11-30 14:22:25 -08:00
Adam Ierymenko
06125c48bc Another build speedup. 2021-11-30 15:35:18 -05:00
Adam Ierymenko
8cda04cc98 Use nproc to get the number of cores on Linux to speed up bounds. 2021-11-30 13:14:38 -05:00
Adam Ierymenko
f20b7e8cee
ARM32 flags update. 2021-11-30 12:35:22 -05:00
Adam Ierymenko
19dded141a
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2021-11-30 12:27:15 -05:00
Adam Ierymenko
d19cf1eaac Merge branch 'dev' of http://10.95.0.64/zerotier/ZeroTierOne into dev 2021-11-30 09:10:14 -05:00
Adam Ierymenko
d6b00bcd40 Fix Windows 32-bit installation. 2021-11-30 09:10:07 -05:00
Joseph Henry
1b1fe61fd0 Merge branch 'dev' of https://github.com/zerotier/zerotierone into dev 2021-11-29 19:44:51 -08:00
Joseph Henry
3bce783cbc
Add minor help tip to Snap instructions 2021-11-29 19:44:34 -08:00
Adam Ierymenko
5966f7d9d2
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2021-11-29 22:03:58 -05:00
Adam Ierymenko
aed0b4941f GUID bump for Windows 2021-11-29 22:03:40 -05:00
Grant Limberg
9ef75c0e13
Merge branch 'dev' into zeroidc 2021-11-29 14:12:10 -08:00
Grant Limberg
5f548705dd
lots more refactoring 2021-11-29 14:11:29 -08:00
Joseph Henry
39d3c8402e Merge branch 'dev' of https://github.com/zerotier/zerotierone into dev 2021-11-26 11:00:48 -08:00
Joseph Henry
5cb6265547
Re-word Snap package description 2021-11-26 10:59:42 -08:00
Adam Ierymenko
03dd537ea4 1.8.4 in Windows 2021-11-23 17:36:24 -05:00
Adam Ierymenko
4af8f1bf03
1.8.4 🦃 2021-11-23 16:39:20 -05:00
Adam Ierymenko
ae8df648d5
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2021-11-23 15:44:54 -05:00
Adam Ierymenko
5e24166318
Remove unused but shipped curl dependency in ext/ 2021-11-23 15:44:08 -05:00
Joseph Henry
4e10b4e017
Modify snap command aliases 2021-11-19 08:16:14 -08:00
Grant Limberg
87fdd644d4
cleanup some ifdef'd things 2021-11-18 13:36:09 -08:00
Grant Limberg
2e356613ec
Refactor NetworkState into object with accessor methods 2021-11-18 12:39:55 -08:00
Grant Limberg
91e9b736dd
make service objs dependent on zeroidc 2021-11-18 10:42:12 -08:00
Adam Ierymenko
7f4cc1a239
VERSION 1.8.3 2021-11-16 13:27:27 -05:00
Adam Ierymenko
3e3d46e72e Windows 1.8.3 2021-11-16 12:04:10 -05:00
Adam Ierymenko
460c2552a8
Merge branch 'master' of github.com:zerotier/ZeroTierOne 2021-11-16 11:24:08 -05:00
Adam Ierymenko
1a7fb83882
Release notes. 2021-11-16 11:23:57 -05:00
Adam Ierymenko
dfac6303bc
Version bump (all but Windows) and limit .pkg to MacOS 10.13 2021-11-15 19:55:58 -05:00
Adam Ierymenko
8b77a93d60
release notes 2021-11-15 19:51:56 -05:00
Adam Ierymenko
fabfb10b97
Remove managed routes in destructor (regression fix). 2021-11-15 19:48:07 -05:00
Adam Ierymenko
65549cb0da
Fix the FD leak fix, and release notes. 2021-11-15 18:27:14 -05:00
Adam Ierymenko
bee137c6d9
Set shell for ZeroTier service user account on Debian to /usr/sbin/nologin for GitHub issue #1492 2021-11-15 17:27:16 -05:00
Adam Ierymenko
a2a7122da9
release notes 2021-11-15 17:18:04 -05:00
Adam Ierymenko
0e798222a7
Fix FD leak on MacOS. 2021-11-15 17:17:05 -05:00
Adam Ierymenko
c890f1762a
This code is obsolete but remove vfork anyway. 2021-11-15 14:09:52 -05:00
Adam Ierymenko
ea4d7ae92f
Add spinlock removal to release notes. 2021-11-15 12:16:22 -05:00
Adam Ierymenko
1ef385b685
Spinlock removed, causes long standing issues on single core machines. 2021-11-12 16:44:54 -05:00
Grant Limberg
0875fb5fe0
have this make an rlib too for the future 2021-11-11 16:29:14 -08:00
Grant Limberg
b5186f7293
Merge branch 'dev' into zeroidc 
# Conflicts:
#	.gitignore
 2021-11-11 16:20:43 -08:00
Grant Limberg
fa21fdc1cc
rename stuff for clarity 
authenticationURL will still be used by the client for v1 and v2 of sso
 2021-11-11 16:19:26 -08:00
Joseph Henry
3f4cd7f5a2
Merge pull request #1489 from capruro/master 
removing source-type from snapcraft
 2021-11-11 13:53:43 -08:00
Adam Ierymenko
272fb2ca96
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2021-11-10 22:19:59 -05:00
Adam Ierymenko
a7116bc971
VERSION 1.8.2 2021-11-10 22:19:11 -05:00
Adam Ierymenko
502cbc2175
Merge branch 'master' of github.com:zerotier/ZeroTierOne 2021-11-10 22:18:48 -05:00
Adam Ierymenko
953d22de14
VERSION 1.8.2 2021-11-10 22:18:35 -05:00
Adam Ierymenko
cacfc294d9 Windows package version bump and PATH fix. 2021-11-10 20:04:36 -05:00
capruro
f8ca7002c2
removing source-type 
Unnecessary
 2021-11-10 23:15:41 +01:00
Joseph Henry
6c728313f5 Merge branch 'master' into dev 2021-11-10 13:09:56 -08:00
Joseph Henry
1a2dc67702
Merge pull request #1487 from capruro/master 
Adding snapcraft
 2021-11-10 13:07:07 -08:00
capruro
f7dbd050af snapcraft 2021-11-09 19:33:11 +01:00
Adam Ierymenko
c16b03c8b8
Set MAC address twice, once before and once after bringing interface up, since different kernels behave differently (Linux). 2021-11-09 13:28:15 -05:00
Adam Ierymenko
357e1aca54
Likely MAC fix for Linux. 2021-11-09 13:24:03 -05:00
Adam Ierymenko
c15890b4db
Version bump to 1.8.2. 2021-11-09 09:31:52 -05:00
Grant Limberg
f268237372
add FORCE tag to cargo step 2021-11-08 09:32:15 -08:00
Grant Limberg
4d021e16a5
update field lengths 2021-11-08 09:30:13 -08:00
Joseph Henry
62ce6e6a60 Disable faster x64 crypto mode for IA32 builds 2021-11-05 19:38:11 -07:00
Joseph Henry
c7109c646a
Add IA32 build flag 2021-11-05 16:52:16 -07:00
Grant Limberg
43433cdb5a integrate rust build of zeroidc to linux 2021-11-04 17:16:23 -07:00
Grant Limberg
8d39c9a861
plumbing full flow from controller -> client network 2021-11-04 15:40:08 -07:00
Grant Limberg
f8bf91426b
. 2021-11-02 16:30:09 -07:00
Grant Limberg
f7934972ea
gitignore 2021-11-02 15:56:40 -07:00
Grant Limberg
4cadfd736f
move ffi code into its own file 2021-11-02 15:55:26 -07:00
Grant Limberg
c46309ea8a
Merge pull request #1478 from zerotier/fix-linux-multicast 
Fix multicast flag on linux interfaces.
 2021-11-02 11:38:33 -07:00
Travis LaDuke
37f26beb50 Fix multicast flag on linux interfaces. 
When we re-ordered the way the interfaces come up, this flag
stopped getting set automatically.

see 9374e45449
and github issue #1477
 2021-11-02 11:28:13 -07:00
Grant Limberg
1c7a5439d5
expose AuthInfo struct to external code 
also get the auth URL
 2021-10-29 16:04:19 -07:00
Grant Limberg
ebc4c898ff
pass in csrf token & nonce (generated externally) 2021-10-29 15:43:39 -07:00
Grant Limberg
56cf874d99
slow progress 2021-10-29 15:31:23 -07:00
Grant Limberg
079ff50622
Merge branch 'dev' into zeroidc 2021-10-29 09:44:11 -07:00
Grant Limberg
31888f5ef8
provide issuer URL, client ID and local web port to constructor 
also construct the oidc client
 2021-10-29 09:43:14 -07:00
Grant Limberg
7a626abf15
remove BondController.cpp from android makefile 2021-10-28 12:37:36 -07:00
Adam Ierymenko
3c7bd65bc9
Merge branch 'master' of github.com:zerotier/ZeroTierOne 2021-10-28 14:46:58 -04:00
Adam Ierymenko
01bf3b8245
1.8.1 merge of changes in master 2021-10-28 14:46:38 -04:00
Adam Ierymenko
a6c1998c81
VERSION 1.8.1 -- see RELEASE-NOTES.md 2021-10-28 14:24:27 -04:00
Grant Limberg
0069b1bac3
we can start & stop a thread. so that's nice. 2021-10-28 09:29:33 -07:00
Adam Ierymenko
25c5cad1d1 Advanced Installer for Windows. 2021-10-28 08:52:31 -04:00
Grant Limberg
c689c0bd8c
integrate with mac build system and add skeleton 2021-10-27 17:09:01 -07:00
Grant Limberg
271dfc0d2b
initial rust oidc lib 2021-10-27 16:11:06 -07:00
Grant Limberg
0032df3bf1
Merge branch 'dev' into zeroidc 2021-10-27 15:02:46 -07:00
Grant Limberg
993e58773a
needed in 2 more spots 2021-10-27 14:58:17 -07:00
Grant Limberg
8f4c038e23
fix ifdef 
wasn't running IPv6 temporary address detection for binding
 2021-10-27 14:48:07 -07:00
Adam Ierymenko
81f2c57656
Properly launch the app on post-install restart. 2021-10-27 16:17:57 -04:00
Adam Ierymenko
594853e251
Remove deprecated vfork call on Mac, and make Mac route application more robust. 2021-10-26 22:15:06 -04:00
Adam Ierymenko
cce8411c22
Make debian parallelism sane. 2021-10-20 20:51:01 -07:00
Adam Ierymenko
786906b0f7
Version bump to 1.8.1 2021-10-20 19:33:32 -07:00
Adam Ierymenko
aed37a391d Windows installer updates for 1.8, install dependencies. 2021-10-20 21:33:20 -04:00
Joseph Henry
cc6de583be
Prevent balance-xor from de-allocating from bad paths 2021-10-20 10:48:07 -07:00
Joseph Henry
b277e04efa
Remove vestigial bonding parameters 2021-10-18 20:52:49 -07:00
Grant Limberg
95032cc74d
add sso version to network config object 2021-10-14 11:40:48 -07:00
Grant Limberg
3818351287
use pqxx::pipeline for online update thread 2021-10-06 09:39:30 -07:00
Grant Limberg
4d26b5a868
no reason for this to be a pointer 2021-10-05 17:02:50 -07:00
Grant Limberg
ac0dc7844f
rework commit thread & some connection pool borrowing issues 2021-10-05 09:25:24 -07:00
Grant Limberg
27e3597d5e
Merge branch 'dev' into central-controller 2021-10-01 11:30:23 -07:00
Joseph Henry
9e8de2a702
Compilation fix 2021-10-01 11:19:04 -07:00
Joseph Henry
165757176a
Potential fix fro deadlock bug 2021-10-01 11:11:20 -07:00
Grant Limberg
a411b83a65
remove strip calls from linux makefile 2021-10-01 09:05:35 -07:00
rjsocha
12900d914a
Merge branch 'zerotier:master' into win-service-description 2021-09-29 15:47:55 +02:00
Sean OMeara
190e9464ce adding commit message linter 2021-09-28 17:15:44 +02:00
Sean OMeara
57dd26baa9 adding commit linter 2021-09-28 17:06:50 +02:00
Adam Ierymenko
19f3a97a8d
More reverting of dumb PR 2021-09-23 19:02:38 -04:00
Adam Ierymenko
375e5ee7dd
Revert stupid spam PR AGAIN 2021-09-23 18:59:48 -04:00
Grant Limberg
05df378dce
clear variables between gets for dump 2021-09-22 16:13:54 -07:00
Adam Ierymenko
f1efea6800
Merge branch 'master' of github.com:zerotier/ZeroTierOne 2021-09-22 13:26:45 -04:00
Adam Ierymenko
eb1cafcd01 Windows installer. 2021-09-22 10:43:53 -04:00
Adam Ierymenko
81de6d2dfa Merge branch 'dev' of http://10.95.0.64/zerotier/ZeroTierOne into dev 2021-09-22 10:31:17 -04:00
Adam Ierymenko
9e38c31b64 Windows installer fun. 2021-09-22 10:31:07 -04:00
Adam Ierymenko
7d1f447458
Build fix. 2021-09-22 09:20:53 -04:00
Adam Ierymenko
1b66a1cd2f
Version bump. 2021-09-21 14:26:00 -04:00
Adam Ierymenko
eabe091038
Backport only the COM mitigation instead of everything from 1.8 2021-09-21 14:14:34 -04:00
Adam Ierymenko
b403f106fb
Revert "Use a faster method of fingerprinting identities." 
This reverts commit b72e5e8386.
 2021-09-21 09:57:08 -07:00
Adam Ierymenko
75a45eeb27
Revert "Backport guts of 1.8 to 1.6 tree so we can point release without waiting for UI quirks to be fixed." 
This reverts commit 48ce7632fa.
 2021-09-21 11:51:26 -04:00
Adam Ierymenko
452b1e806b
Revert "Version bump, backport one more fix." 
This reverts commit 9f9a870399.
 2021-09-21 11:51:10 -04:00
Adam Ierymenko
9f9a870399
Version bump, backport one more fix. 2021-09-21 11:31:25 -04:00
Adam Ierymenko
48ce7632fa
Backport guts of 1.8 to 1.6 tree so we can point release without waiting for UI quirks to be fixed. 2021-09-21 11:20:15 -04:00
Adam Ierymenko
30d5d5a892
Revert "Don't assume roots validated the identity, just in case they did not." 
This reverts commit 39b97f9163.
 2021-09-20 19:27:01 -07:00
Adam Ierymenko
9bc79f94df
Revert "Don't assume roots validated the identity, just in case they did not." 
This reverts commit 39b97f9163.
 2021-09-20 22:05:49 -04:00
Adam Ierymenko
a0239e17e9
Revert "Use a faster method of fingerprinting identities." 
This reverts commit b72e5e8386.
 2021-09-20 22:05:39 -04:00
Adam Ierymenko
c8a58b4b04
Use a faster method of fingerprinting identities. 2021-09-20 17:05:23 -07:00
Adam Ierymenko
b72e5e8386
Use a faster method of fingerprinting identities. 2021-09-20 20:02:39 -04:00
Adam Ierymenko
565885a4c0
Remove ancient controller support. 
# Conflicts:
#	RELEASE-NOTES.md
 2021-09-20 15:41:57 -07:00
Adam Ierymenko
134d33c218
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring. 2021-09-20 15:40:55 -07:00
Adam Ierymenko
9cfb807fcb
Don't assume roots validated the identity, just in case they did not. 2021-09-20 15:40:44 -07:00
Grant Limberg
46adc1f059
ifdef this out 2021-09-20 15:39:53 -07:00
Grant Limberg
9002555596
ensure count > 0 2021-09-20 15:39:44 -07:00
Grant Limberg
3b375b55c2
fix central docker launch without redis 2021-09-20 15:39:14 -07:00
Adam Ierymenko
3f49570f45
Remove ancient controller support. 2021-09-20 18:38:29 -04:00
Adam Ierymenko
7c3166e9be
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring. 2021-09-20 18:26:49 -04:00
Adam Ierymenko
39b97f9163
Don't assume roots validated the identity, just in case they did not. 2021-09-20 16:15:59 -04:00
channelbeta
af79be5002
Update PGP keyserver URL 2021-09-20 13:51:41 -03:00
Grant Limberg
a20a290836
ifdef this out 2021-09-15 15:27:29 -07:00
Adam Ierymenko
e822463916
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2021-09-15 13:31:22 -04:00
Adam Ierymenko
d2c3ea6901
Another route fix on BSD. 2021-09-15 13:31:18 -04:00
Grant Limberg
83265768c1
ensure count > 0 2021-09-15 09:45:10 -07:00
Grant Limberg
27ce787fbd
fix central docker launch without redis 2021-09-15 09:21:41 -07:00
Adam Ierymenko
9c6ec2c52e
Version bump. 2021-09-15 11:55:07 -04:00
Adam Ierymenko
3a4425fd4e
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2021-09-15 11:51:09 -04:00
Adam Ierymenko
6bb1598fa3
Another fix for routing and interface issues on MacOS 2021-09-15 11:50:54 -04:00
Sean OMeara
4eb6a4286e using json.hpp 3.10.2 2021-09-15 08:21:45 +02:00
Sean OMeara
a9942ca412 more RELEASE-NOTES 2021-09-15 08:12:25 +02:00
Joseph Henry
8d21ae9813 Merge branch 'dev' of https://github.com/zerotier/zerotierone into dev 2021-09-10 13:26:54 -07:00
Joseph Henry
ff8044f0c0
Improve multipath startup time 2021-09-10 13:26:29 -07:00
Adam Ierymenko
1b8917a57c
Fix for MacOS interface setup and config timing bugs. 2021-09-09 09:30:48 -04:00
Adam Ierymenko
a91c49fa52 Advanced installer changes and build fixes for Windows. 2021-09-08 17:51:42 -04:00
Joseph Henry
e607348c7e
Fix bad index bug (during switching) in balance-rr 2021-09-07 21:41:54 -07:00
Joseph Henry
b6ed919fbc
Call recordOutgoingPacket regardless of policy to generate sufficient entropy for bond layer 2021-09-07 13:44:02 -07:00
Joseph Henry
109252be4e
Remove debug trace 2021-09-06 20:13:13 -07:00
Joseph Henry
a4b98518e3
Nominate newly-learned paths to bond 2021-09-06 15:29:03 -07:00
Grant Limberg
c3a42bf590
remove heartbeat log 2021-09-02 16:46:42 -07:00
Grant Limberg
8b95afa96a
logging 2021-09-02 16:32:40 -07:00
Grant Limberg
6a49a766ca
logging 2021-09-02 16:22:59 -07:00
Adam Ierymenko
932584f8fc
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2021-09-02 17:56:18 -04:00
Adam Ierymenko
d7ba2957cd
Tear down routes before devices when leaving a network or shutting down. 2021-09-02 17:56:06 -04:00
Grant Limberg
16ff14bda7
identify controller in pool stats 2021-09-02 13:48:08 -07:00
Grant Limberg
57c1d96b71
math 2021-09-02 12:48:49 -07:00
Grant Limberg
40f376e2b9
print db pool stats periodically 2021-09-02 12:45:26 -07:00
Adam Ierymenko
1a1d7d9ada
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2021-09-02 15:23:38 -04:00
Adam Ierymenko
d1c88971ae
Possible Mac route borking fix. 2021-09-02 15:23:26 -04:00
Grant Limberg
dc61f78916
set psql application_name in startup script 2021-09-02 11:24:07 -07:00
Grant Limberg
a2ffe8c05e
dont generate nonce for deleted members 2021-09-02 11:24:04 -07:00
Joseph Henry
e1af003e4f
Consolidation of multipath logic. Better system separation 2021-09-01 21:37:49 -07:00
Adam Ierymenko
19391858d4
Version 1.7.2, almost 1.8.0 2021-09-01 22:01:41 -04:00
Adam Ierymenko
5005244d1b
Mac install fixes, remove obsolete stuff, and write local.conf via API for new UI integration. 2021-09-01 21:55:54 -04:00
Joseph Henry
15380cfc14
Merge pull request #1400 from rollcat/openbsd 
Use clang on OpenBSD
 2021-09-01 14:08:23 -07:00
Adam Ierymenko
11b352458e
Pick a new random secondary port if we are offline for more than path-timeout seconds (COMA problem workaround). 2021-08-31 16:47:00 -04:00
Joseph Henry
b6680b18e7
Merge pull request #1304 from skunkwerks/dev 
BSD: add debug fprintf for all external commands
 2021-08-30 10:11:53 -07:00
Adam Ierymenko
ec4c2aa12f
versions 2021-08-26 11:13:13 -04:00
Adam Ierymenko
0e8c43cfdd Merge branch 'dev' of http://10.95.0.64/zerotier/ZeroTierOne into dev 2021-08-23 11:58:06 -04:00
Adam Ierymenko
958420ee44 Fix Windows slowness on API query bug. 2021-08-23 11:58:02 -04:00
Adam Ierymenko
2d8a54f05d
Version bump -- still pre1.8 2021-08-23 11:57:12 -04:00
Grant Limberg
d0f4cfe6b4
print load status messages a little less often now that things go brrrrrrrrr 2021-08-20 10:34:00 -07:00
Grant Limberg
3ec23f92ec
helps to add part of the query 2021-08-20 10:30:37 -07:00
Grant Limberg
6baac1b4e0
more query optimizations 2021-08-20 10:27:45 -07:00
Grant Limberg
1d8b8d8e9c
optimize the controller build & ship workflow a bit 2021-08-20 09:22:44 -07:00
Grant Limberg
50b0b2e2e9
query optimization 2021-08-19 17:55:30 -07:00
Grant Limberg
20721491e8
kill some noisy logs 2021-08-19 13:03:56 -07:00
Grant Limberg
eec46a137e
optimize data loading from psql on startup 2021-08-19 12:44:02 -07:00
Grant Limberg
9eae444104
kill some verbose logs 2021-08-19 09:21:52 -07:00
Adam Ierymenko
576b4f03a5
Adjust deauth time window and send revocation when SSO members expire. 2021-08-18 12:17:40 -04:00
Adam Ierymenko
2d0f76bb9c
Make desktop UI project when making official release. 2021-08-13 21:40:22 -04:00
Adam Ierymenko
6492f4487b
Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2021-08-13 15:12:23 -04:00
Adam Ierymenko
126669b718
MTU fix 2021-08-13 15:12:07 -04:00
Adam Ierymenko
6fd45c1f9d Throw old WinUI in attic 2021-08-12 18:51:45 -04:00
Adam Ierymenko
4eb3b762d4
MacOS pkg update to reference DesktopUI project and add hostArchitecture flags to not require Rosetta even though the binaries are multiarch. 2021-08-11 15:05:51 -04:00
Adam Ierymenko
f24afca1ba
Put old school MacUI in the attic. 2021-08-11 13:19:49 -04:00
Adam Ierymenko
461810b06a
Move return so record gets created before URL. 2021-08-10 11:22:29 -04:00
Grant Limberg
20050662b2
Merge pull request #1430 from zerotier/mac-managed-route-issue-1104 
Don't use v6 source addresses for v4 routes
 2021-08-04 13:14:10 -07:00
Joseph Henry
2053415418
Fix erroneous listpeers last send and receive values 2021-08-04 12:16:26 -07:00
Grant Limberg
613d7b5ece
fix backwards logic 2021-08-04 09:16:04 -07:00
Travis LaDuke
db29c3ac13 Don't use v6 source addresses for v4 routes 
and vice versa.

For issue #1104

With some printf debugging, I was seeing:

here, src fe80::3c7a:2dff:fe0c:21ed, target 10.147.20.0, matchingPrefixBits 0, mostMatchingPrefixBits 0
here, src fd8b:d512:4fd6:255:3c99:932f:2fda:6eff, target 10.147.20.0, matchingPrefixBits 0, mostMatchingPrefixBits 0

and (matchingPrefixBits >= mostMatchingPrefixBits) would be true

Then on mac, somewhere downstream from there, the default route would
get messed up:

default via 92:29:f1:6f:2f:76 dev en0
 2021-08-03 16:21:18 -07:00
Adam Ierymenko
c101d71d7c
Tweak auth timeout notify. 2021-07-30 18:44:34 -04:00
Adam Ierymenko
63a44c9268
Fix feth max MTU sysctl. 2021-07-30 18:44:23 -04:00
Grant Limberg
5623a0b420 fix central controller build from linux 2021-07-27 10:18:48 -07:00
Adam Ierymenko
663e748b8d
Deauth expiring members right away. 2021-07-26 23:45:18 -04:00
Adam Ierymenko
0cf62d334d
Remove pointless check. 2021-07-26 13:38:35 -04:00
Adam Ierymenko
0872012cd9
small fix 2021-07-26 13:11:01 -04:00
Adam Ierymenko
c2d8fe46d5
About ready to test notify of SSO timeout... 2021-07-23 19:20:10 -04:00
Adam Ierymenko
0310bfa3e3
Include authentication URL in config 2021-07-23 19:17:42 -04:00
Adam Ierymenko
efe0e8aa7b
Notification of about-to-expire status... almost there. 2021-07-23 19:05:59 -04:00
Adam Ierymenko
5c7e51feaf
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2021-07-23 18:49:05 -04:00
Adam Ierymenko
34de579c91
Handling of soon-to-expire members 2021-07-23 18:49:00 -04:00
Joseph Henry
0ed9db05d2
Restore original ECHO rate limiting (changed for multipath) 2021-07-20 19:06:47 -07:00
Travis LaDuke
46387e2f2b Minor Readme updates 
People with support issues still commonly say "9993 is open. why doesn't
work?"
Trying to improve this across all of our docs.
 2021-07-16 15:17:54 -07:00
Travis LaDuke
8913f13b36 Add website links to top of readme 2021-07-16 14:46:53 -07:00
Travis LaDuke
e5007f1290 Delete outdated 2021-07-16 14:20:43 -07:00
Travis LaDuke
740c77a488 Add more help for local.conf 2021-07-16 14:20:30 -07:00
Grant Limberg
73ddea8864
use network ID, not controller ID for looking up network data 2021-07-06 14:15:01 -07:00
Grant Limberg
10215af96d
whoops 2021-07-06 13:18:08 -07:00
Grant Limberg
e67fee0264
debug logging 2021-07-06 13:08:21 -07:00
Grant Limberg
5ece4f734a
fix error message 2021-07-06 13:08:16 -07:00
Travis LaDuke
27409b615a Merge branch 'thoradia-bind' into dev 2021-06-29 11:44:35 -07:00
Travis LaDuke
8866fbd618 Merge branch 'bind' of https://github.com/thoradia/ZeroTierOne into thoradia-bind 2021-06-29 11:22:46 -07:00
Adam Ierymenko
8885149cd3
Revert "Revert "Revert a change to LinuxEthernetTap threading to eliminate out of order packet issues on some systems."" 
This reverts commit 89ddf2991b.
 2021-06-28 19:29:53 -04:00
Adam Ierymenko
89ddf2991b
Revert "Revert a change to LinuxEthernetTap threading to eliminate out of order packet issues on some systems." 
This reverts commit 0461b24db3.
 2021-06-28 17:59:28 -04:00
Adam Ierymenko
547b0de8a5
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2021-06-28 17:15:59 -04:00
Adam Ierymenko
0461b24db3
Revert a change to LinuxEthernetTap threading to eliminate out of order packet issues on some systems. 2021-06-28 17:15:34 -04:00
Sean OMeara
c698e9c122
Merge pull request #1420 from zerotier/someara/dev-json-hpp 
updating json.hpp to 3.9.1
 2021-06-24 23:30:58 +02:00
Sean OMeara
8f84a968de updating json.hpp to 3.9.1 2021-06-24 20:33:45 +02:00
Grant Limberg
f8ea7fdc2b
Fix for GitHub #859 
Wrong DB::get() method being called to look up the network member for deletes
 2021-06-24 10:32:21 -07:00
Travis LaDuke
7b0d11b187
Merge pull request #1408 from erikh/docker-release-fixes 
Small dockerfile release fixes
 2021-06-08 08:44:53 -07:00
Grant Limberg
8dd3639576
set ssoEnabled = true on network config if we get ERROR_NETWORK_AUTHENTICATION_REQUIRED 2021-06-05 14:00:03 -07:00
Grant Limberg
364ad87e2b
add ssoEnabled flag to network config 2021-06-05 13:44:45 -07:00
Grant Limberg
9380ef708a
debug strings & query fixes 2021-06-05 13:44:07 -07:00
Grant Limberg
fd174b3459
fix auth time lookup 2021-06-04 20:55:22 -07:00
Grant Limberg
21d27c314c
HMACSHA384 the nonce bytes, not the hex encoded nonce bytes 2021-06-04 20:06:04 -07:00
Grant Limberg
0b89a49201
typo 2021-06-04 16:56:28 -07:00
Grant Limberg
de718d9743
handle ZT_SSO_REDIRECT_URL env file in docker 2021-06-04 16:32:02 -07:00
Grant Limberg
e6b4fb5af7
add "ssoRedirectURL" to local.conf 
plumbed it through to the central controller code
 2021-06-04 16:29:03 -07:00
Grant Limberg
c227330d09
fix redirect_uri substitution 2021-06-04 15:58:38 -07:00
Adam Ierymenko
c769e282fb
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2021-06-04 18:52:23 -04:00
Adam Ierymenko
98722ed7ea
Increase URL buffer sizes 2021-06-04 18:52:10 -04:00
Grant Limberg
b16f40c0de
. 2021-06-04 15:18:18 -07:00
Grant Limberg
fd85f87ade
handle null in result set 2021-06-04 15:15:42 -07:00
Grant Limberg
add33f1ab3
cast to bigint in query 2021-06-04 14:48:41 -07:00
Grant Limberg
3bfc438ae8
null handling 2021-06-04 14:40:14 -07:00
Adam Ierymenko
1dfe909bab
Increase authentication URL sizes. 2021-06-04 16:46:56 -04:00
Grant Limberg
75d17ea3c8
Helps to commit when trying to write a change to the db 2021-06-04 13:20:03 -07:00
Grant Limberg
96d15337bb
default 0 2021-06-04 13:19:39 -07:00
Grant Limberg
74a678c1e1
chicken or egg problem. 
member must exist in the database before we can generate a nonce & SSO URL
 2021-06-04 12:49:26 -07:00
Grant Limberg
fed1846c6f
need tres commas 2021-06-04 12:19:52 -07:00
Grant Limberg
f27d193cf6
. 2021-06-04 11:56:12 -07:00
Grant Limberg
7941b63543
another typo 2021-06-04 11:43:42 -07:00
Grant Limberg
21965ac8e8
yet another query fix 2021-06-04 11:40:03 -07:00
Grant Limberg
7ca2ecb421
put expiry time back on nc object 2021-06-04 11:39:52 -07:00
Grant Limberg
1dcfc03cbc
another query fix 2021-06-04 11:22:30 -07:00
Grant Limberg
0702e581a1
remove some noisy log lines & fix a query error 2021-06-04 11:06:54 -07:00
Grant Limberg
c78792a705
moar temporary debug printfs 2021-06-04 11:00:51 -07:00
Grant Limberg
287c19e822
move this outside the auth block. If SSO is enabled, it should be checked whether authorized or not 2021-06-04 09:46:31 -07:00
Grant Limberg
bc901d613d
check for nulls 2021-06-04 09:20:39 -07:00
Grant Limberg
2192a8b0ec
do the ld.so dance in the docker container 2021-06-04 08:31:34 -07:00
Grant Limberg
6cb4c58d9a
linux docker build 2021-06-03 18:30:32 -07:00
Grant Limberg
4f521baafd
Big SSO update 
make things hopefully work
 2021-06-03 14:38:26 -07:00
Grant Limberg
81fda3f5b8
set a default and goes boom 🤦‍♂️ 2021-06-02 15:07:53 -07:00
Grant Limberg
91c4dfc7c0
database version 2021-06-02 14:49:12 -07:00
Erik Hollensbe
788296ea29 Expand links in a few spots since this'll be used in the docker image 
Signed-off-by: Erik Hollensbe <linux@hollensbe.org>
 2021-06-02 14:36:55 -07:00
Erik Hollensbe
60c1fcbc48 Docker usage README 
Signed-off-by: Erik Hollensbe <linux@hollensbe.org>
 2021-06-02 14:31:34 -07:00
Grant Limberg
fc6d90a04a
set the correct default 2021-06-02 14:27:58 -07:00
Grant Limberg
faf0c6bbfa
make sure to commit on online notification thread 2021-06-02 14:08:09 -07:00
Grant Limberg
79f1e81745
debug printf typo & line break 2021-06-02 13:51:47 -07:00
Grant Limberg
7427961fcf
bug fixes & debug code 2021-06-02 13:46:54 -07:00
Grant Limberg
d2f1d05a06
handle cases where authenticationURL and authenticationExpiryTime don't exist 2021-06-02 13:46:43 -07:00
Grant Limberg
19f4146aca
make DB::_memberChanged and _networkChanged virtual 2021-06-02 13:46:11 -07:00
Grant Limberg
47154fa623
transiton to libpqxx & connection pool for central controllers 2021-06-02 11:44:00 -07:00
Erik Hollensbe
5c508515c4 Fix issue requiring CAP_SYS_PTRACE 
Signed-off-by: Erik Hollensbe <linux@hollensbe.org>
 2021-06-01 12:30:01 -07:00
Erik Hollensbe
2824139510 Small dockerfile release fixes 
- Activate zerotier-one.port file (we'll do more with this later)
- Add a better process trap

Signed-off-by: Erik Hollensbe <linux@hollensbe.org>
 2021-06-01 09:27:05 -07:00
Grant Limberg
c2efdcabc5
fix 2021-05-28 15:01:42 -07:00
Grant Limberg
6f622e4551
no idea why these lines needed to be broken up 
docker gonna docker
 2021-05-28 15:00:54 -07:00
Grant Limberg
6d8c96b89f
formatting 2021-05-28 14:19:13 -07:00
Adam Ierymenko
bf4bb414dd
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2021-05-28 17:08:44 -04:00
Adam Ierymenko
dee3361c1d
Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2021-05-28 17:08:35 -04:00
Adam Ierymenko
c470c6255e
Postgres code for SSO (almost certainly needs work) 2021-05-28 17:08:24 -04:00
joseph-henry
6faca86bb4
Update bugs-and-issues.md 
Add troubleshooting tip
 2021-05-27 19:48:01 -07:00
Grant Limberg
4fed56443e
secondary ports are no longer based on the node ID and fully randomized instead 2021-05-27 15:41:11 -07:00
Grant Limberg
1859365f9d same IPv6 temp address detection code for macOS works on FreeBSD. 
update ifdefs & go
 2021-05-27 16:43:12 -04:00
Grant Limberg
ab87b8f881 Don't bind to temporary IPv6 addresses (linux) 2021-05-26 15:50:14 -07:00
Grant Limberg
b8b65da51c
Don't bind temporary IPv6 addresses (macOS) 2021-05-26 11:01:44 -07:00
Grant Limberg
198e6f765c Don't bind to temporary Ipv6 addresses (windows) 2021-05-26 09:15:24 -07:00
Adam Ierymenko
810e2a761f
Fix authentication URL... 2021-05-25 14:49:06 -04:00
Adam Ierymenko
6ce71c1bc3
Fix reporting of status. 2021-05-25 14:45:49 -04:00
Adam Ierymenko
6b3a7ec827
Fix a few things... 2021-05-25 14:40:40 -04:00
Adam Ierymenko
ed2360d9f7
Version bump. 2021-05-25 13:31:40 -04:00
Adam Ierymenko
1ce71f9dc0
Build fix. 2021-05-25 13:05:06 -04:00
Adam Ierymenko
18508b5a2e
Build fix. 2021-05-25 13:04:14 -04:00
Adam Ierymenko
621898f3c5
Forgot to set auth info in NetworkConfig. 2021-05-25 13:02:06 -04:00
Adam Ierymenko
2c1d7f3dcc
CLI printing of URL. 2021-05-25 12:58:33 -04:00
Adam Ierymenko
8bb5bc736d
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2021-05-24 22:58:36 -04:00
Adam Ierymenko
b270d527f4
Basic plumbing for authentication requirement and piping through of URL information. 2021-05-24 22:58:17 -04:00
Grant Limberg
1bd9e9078e
libhiredis++ multi-arch binary 2021-05-21 15:48:19 -07:00
Grant Limberg
a3361a7d97
libhiredis + arm64 for controller 2021-05-21 15:35:26 -07:00
Grant Limberg
ca1715118f
force mac native central controller builds to be x64 only for now 2021-05-21 15:29:35 -07:00
Joseph Henry
27ecb7c7b6 Merge branch 'xumng123-master' into dev 2021-05-18 00:26:17 -07:00
Joseph Henry
be7fca254f Merge branch 'master' of https://github.com/xumng123/ZeroTierOne into xumng123-master 
Remove unnecessary include
 2021-05-18 00:24:19 -07:00
Joseph Henry
b64ae8c8a5
Fix for bug #1403 2021-05-18 00:05:46 -07:00
Kamil Cholewinski
b984eb2808 Use clang on OpenBSD 2021-05-06 13:04:58 +02:00
joseph-henry
15905b2fe3
Merge pull request #1397 from zerotier/bugfix-bad-traces 
Fix erroneous cast of verb to double that causes invalid tracing output
 2021-05-04 10:33:10 -07:00
Joseph Henry
24615ed24b
Fix erroneous cast of verb to double that causes invalid tracing output 2021-05-04 08:59:52 -07:00
Joseph Henry
13481cea18
Fix (some) compile-time warnings on Windows 2021-05-03 21:12:45 -07:00
Joseph Henry
7faaa55436 Merge branch 'dev' of https://github.com/zerotier/ZeroTierOne into dev-multipath 2021-05-03 19:41:41 -07:00
Joseph Henry
11ddbc6f30
Fix (some) compile-time warnings on Linux 2021-05-03 19:35:28 -07:00
Joseph Henry
29e5880d8b
Match formatting of Bond-related sources to ZeroTier standard (no functional changes) 2021-05-03 17:59:31 -07:00
Joseph Henry
63fd2cbaeb
Add ZeroTier standard .clang-format -- Keeping tabs for 1.X line. Mostly based on LLVM format. 2021-05-03 13:00:30 -07:00
Grant Limberg
9c58308e6a
Merge pull request #1383 from erikh/docker-image-fixes 
Multiple image fixes:
 2021-04-28 13:26:37 -07:00
Grant Limberg
5fb814a04f
Merge pull request #1388 from emundo/fix/1387-dns-issue 
Fix macOS DNS issue
 2021-04-28 13:19:09 -07:00
Grant Limberg
c69d2df0a2
Merge pull request #1390 from jonathonf/linux-tap-link-ordering 
Set MAC address before bringing up Linux TAP link
 2021-04-28 13:17:38 -07:00
Adam Ierymenko
46a7136b0d
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2021-04-28 16:16:17 -04:00
Adam Ierymenko
d2974f2e60
Do not inherit open file descriptors on fork() in MacEthernetTapAgent 2021-04-28 16:16:02 -04:00
Adam Ierymenko
ed8fe8990b
Revert "Removed language from comments" 
This reverts commit 1bd1923964.
 2021-04-21 18:54:59 -04:00
Adam Ierymenko
50703534b1
Revert "Removed language from comments" 
This reverts commit 57a225cb39.
 2021-04-21 18:54:43 -04:00
Adam Ierymenko
4a7c156bf8
Revert "Removed language from comments" 
This reverts commit 0a18e66a83.
 2021-04-21 18:54:27 -04:00
Adam Ierymenko
54680a6edc
Revert "Update zttap300.inf" 
This reverts commit 3af693af34.
 2021-04-21 18:54:11 -04:00
Jonathon Fernyhough
bac57e355d
Set MAC address before bringing up Linux TAP link 
This corrects the flow for bringing up a TAP device under Linux by
setting the device MAC address prior to bringing up the device.

Closes #1314
 2021-04-21 20:46:13 +01:00
Jonathon Fernyhough
b8b1f64959 Revert "Reorder Linux TAP link sequence" 
This reverts commit 9374e45449.
 2021-04-21 20:45:17 +01:00
Grant Limberg
cdcd6c4886
Merge pull request #1389 from jonathonf/linux-tap-link-ordering 
Reorder Linux TAP link sequence
 2021-04-21 09:27:26 -07:00
Robert.Schreib
4e8640b380
Handle case where no old DNS servers exist 2021-04-21 13:49:55 +02:00
Jonathon Fernyhough
9374e45449
Reorder Linux TAP link sequence 
This corrects the flow for bringing up a TAP device under Linux.

Closes #1314
 2021-04-21 12:30:51 +01:00
Robert.Schreib
31ffe4403c
Check if DNS servers need to be Applied on macOS 2021-04-21 12:02:31 +02:00
Adam Ierymenko
e8f7d5ef9e
VERSION 1.6.5 
This is a minor release that fixes some path stability issues and an issue with Windows interface enumeration.
 2021-04-20 18:49:10 -04:00
Adam Ierymenko
ee0e306685 Windows version bump. 2021-04-20 14:56:33 -04:00
Dave Cottlehuber
b37e9de24d BSD: add debug fprintfs for external commands 2021-04-15 06:37:01 +00:00
Adam Ierymenko
df0007d532
Update hard-coded default planet to latest. 2021-04-14 12:25:35 -04:00
Adam Ierymenko
b70c5b94bd
1.6.5 version bump 2021-04-13 16:59:47 -04:00
Erik Hollensbe
23f9baa9f2 Multiple image fixes: 
- Can now provide the following environment variables to populate
secrets (nice for kubernetes, other situations)
  - ZEROTIER_API_SECRET: authtoken.secret
  - ZEROTIER_IDENTITY_PUBLIC: identity.public
  - ZEROTIER_IDENTITY_SECRET: identity.secret
- Joining networks by providing them as a part of docker's "command"
array should now work properly

Signed-off-by: Erik Hollensbe <linux@hollensbe.org>
 2021-04-13 13:18:21 -07:00
xumng123
537ce83498 yes 2021-04-13 16:12:11 +00:00
Joseph Henry
1732f7371c
Minor bonding CLI fix 2021-04-07 15:15:35 -07:00
Adam Ierymenko
5262a2f753
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2021-03-16 13:50:12 -04:00
Adam Ierymenko
79e2fd4586 Automatically detect Ethernet tap friendly name in Windows shouldBind stuff. 2021-03-16 10:12:55 -04:00
Joseph Henry
353905394e
Fix interface blacklisting in shouldBindInterface 2021-03-09 12:34:01 -08:00
Joseph Henry
3870f7af27
Improve missing authtoken error message 2021-03-08 21:45:38 -08:00
Joseph Henry
b8e23e6fcc Merge branch 'master' into dev 2021-03-08 18:13:00 -08:00
joseph-henry
a7f652781f
Merge pull request #1364 from Pablohn26/master 
Show the port number which is not able to connect
 2021-03-08 18:12:12 -08:00
Pablo Hinojosa
d3fd0d3916 Show the port number which is not able to connect 2021-03-09 02:25:41 +01:00
joseph-henry
1beacf3000
Merge pull request #1347 from showipintbri/patch-1 
Patch 1 - Language suggestion
 2021-03-08 17:23:26 -08:00
joseph-henry
88a1170966
Merge pull request #1354 from contrun/fix-sprintf-overflow 
fix sprintf overflow
 2021-03-08 17:07:54 -08:00
Joseph Henry
315a5cfd58
Fix ZT_SANITIZE flag handling in Linux makefile 2021-03-08 15:11:55 -08:00
Sean OMeara
a5a94e3c49
Merge pull request #1355 from erikh/docker-release-tooling 
Initial docker release image tooling
 2021-02-27 14:28:26 +01:00
Erik Hollensbe
ef784611b7 Initial docker release image tooling 
Signed-off-by: Erik Hollensbe <github@hollensbe.org>
 2021-02-24 03:43:45 -08:00
YI
d526dca1bb fix sprintf overflow 2021-02-19 23:42:38 +08:00
Adam Ierymenko
e8390afad5
VERSION 1.6.4 
This version just fixes the "connection coma" bug some users have
experienced in 1.6.
 2021-02-17 11:35:28 -05:00
Adam Ierymenko
9fdf83be60
Version bumpity bumpity bump. 2021-02-15 19:37:46 -05:00
Adam Ierymenko
147945d20f
Lets try always supplying the AES keys to Packet dearmor() and see if that prevents the coma problem. 2021-02-13 00:01:49 -05:00
showipintbri
3af693af34
Update zttap300.inf 2021-02-03 22:31:16 -05:00
showipintbri
0a18e66a83
Removed language from comments 2021-02-03 22:30:34 -05:00
showipintbri
57a225cb39
Removed language from comments 2021-02-03 22:29:42 -05:00
showipintbri
1bd1923964
Removed language from comments 2021-02-03 22:26:41 -05:00
Adam Ierymenko
7c2066c258
VERSION 1.6.3 2021-02-03 22:06:34 -05:00
Adam Ierymenko
ac808d51d6
Crash fix 2021-02-03 18:56:07 -05:00
Adam Ierymenko
378bc73bf8
Clean up some peer path learning logic, use a cheaper data structure. 2021-02-03 14:30:03 -05:00
Adam Ierymenko
8430db4dc7 Windows 1.6.3 version bump. 2021-02-02 17:52:27 -05:00
Adam Ierymenko
0f049da84f
Dockerfile version bump to 1.6.3 2021-02-02 17:18:58 -05:00
Adam Ierymenko
a1b6cc44fc
Revert wireguard blacklist by default... turns out we have people who depend on that. may revisit. 2021-02-02 17:09:35 -05:00
Adam Ierymenko
201fd7c421
Revert "Revert "GitHub issue #1317"" 
This reverts commit 89efd09e20.
 2021-02-02 17:08:33 -05:00
Adam Ierymenko
89efd09e20
Revert "GitHub issue #1317" 
This reverts commit c14d1047d2.
 2021-02-02 17:08:07 -05:00
Adam Ierymenko
3eccb5a6f0
Merge branch 'master' into dev 2021-02-02 17:07:35 -05:00
Adam Ierymenko
191b802c50
docs 2021-02-02 17:07:28 -05:00
Adam Ierymenko
f4703905b9
docs 2021-02-02 17:05:30 -05:00
Adam Ierymenko
41a85b1de7
Merge pull request #1322 from capruro/patch-1 
Update Dockerfile to 1.6.2
 2021-02-02 17:05:19 -05:00
Adam Ierymenko
9021302578
Merge pull request #1330 from liweitianux/readme 
README: Minor format fixes
 2021-02-02 17:05:04 -05:00
Adam Ierymenko
e1aec2cb03
Merge pull request #1339 from dnadlinger/patch-1 
.github: Fix typo in bug report template
 2021-02-02 17:04:41 -05:00
Adam Ierymenko
3aa0390dba
Merge branch 'master' into dev 2021-02-02 17:04:03 -05:00
Adam Ierymenko
d3770eeccc
Merge branch 'master' of github.com:zerotier/ZeroTierOne 2021-02-02 17:03:48 -05:00
Adam Ierymenko
1d6b8393e3
Merge pull request #1341 from bradleydiggs/master 
blacklist wg# (WireGuard) interfaces by default
 2021-02-02 17:03:36 -05:00
Adam Ierymenko
c14d1047d2
GitHub issue #1317 2021-02-02 17:00:56 -05:00
Adam Ierymenko
343ccd911b
Version bumps to 1.6.3 2021-02-02 16:51:02 -05:00
Adam Ierymenko
697c8c9882
Delete old code. 2021-02-02 16:17:53 -05:00
Adam Ierymenko
72d48da210
Fix duplicate paths and reduce thrashing issues. 2021-02-02 16:11:13 -05:00
Adam Ierymenko
b2b3271a96
Possible fix for path issues in 1.6.2 2021-02-02 14:55:47 -05:00
Adam Ierymenko
717e9238fe
Merge branch 'master' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2021-02-02 14:46:15 -05:00
Adam Ierymenko
12c77459d0
Merge branch 'master' into dev 2021-02-02 14:45:58 -05:00
bradleydiggs
5b1c55023f
Merge pull request #1 from bradleydiggs/wireguard-blacklist-default 
blacklists wg# (WireGuard) interfaces by default
 2021-01-14 02:49:25 -06:00
bradleydiggs
a401b21f3d
blacklists wg# (WireGuard) interfaces by default 
On certain OSes (Linux & Apple) tun#, tap#, and of course zt# are blacklisted by default, this adds wg# to the list as WireGuard is a similar popular service with wg# being the default adapter name(s) by convention.
 2021-01-14 02:45:42 -06:00
David Nadlinger
3a6cc1d8b7
.github: Fix typo in bug report template 2021-01-13 18:07:58 +01:00
Aaron LI
4944d044ce README: Minor format fixes 2020-12-20 17:12:34 +08:00
Grant Limberg
b3228ab307
update issue templates 2020-12-16 14:50:26 -08:00
capruro
68b0e13991
Update to 1.6.2 2020-12-13 13:54:43 +01:00
Adam Ierymenko
70d81277e0
1.6.2-2 for Debian. 2020-12-01 16:05:16 -05:00
Adam Ierymenko
48814c1bfe
Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne 2020-12-01 16:02:53 -05:00
Adam Ierymenko
0587e432c0 ARM wrestling. 2020-12-01 13:02:19 -08:00
Adam Ierymenko
e4404164bd
VERSION 1.6.2 
See RELEASE-NOTES.md for details.
 2020-11-30 19:33:39 -05:00
Adam Ierymenko
9d0b492642
Version bump. 2020-11-30 16:06:07 -05:00
Adam Ierymenko
5391e95fce
Typo fix. 2020-11-30 15:52:56 -05:00
Adam Ierymenko
954f6a77e5
Another Linux fix. 2020-11-30 15:46:16 -05:00
Adam Ierymenko
e8c6b4ab16
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2020-11-30 15:46:02 -05:00
Adam Ierymenko
21993819a5
Possible fix for Linux deadlock. 2020-11-30 15:41:47 -05:00
Grant Limberg
904348b2ad
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2020-11-30 09:20:47 -08:00
Grant Limberg
e59cec4e3c
Merge branch 'master' into dev 2020-11-30 09:20:32 -08:00
Adam Ierymenko
c2eeb5d553
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2020-11-30 12:12:12 -05:00
Adam Ierymenko
dea4bd01f4
Merge branch 'master' of github.com:zerotier/ZeroTierOne 2020-11-30 12:11:24 -05:00
Grant Limberg
ec52af420e
Merge pull request #1306 from darkain/master 
Fixing regression in AES for ARM targets
 2020-11-30 08:59:38 -08:00
Rosen Penev
2aecb547d9
LinuxNetLink: Add cerrno header for (str)errno 
Fixes compilation under libcxx.
 2020-11-30 01:38:45 -08:00
Joseph Henry
3db328cc94 Fix minor semantic typo in error trace message 2020-11-29 16:57:30 -08:00
Vincent Milum Jr
a624dfd776
Fixing regression in AES for ARM targets 2020-11-27 08:22:55 +00:00
Adam Ierymenko
af705ac504
VERSIOM 1.6.1 
This is a minor point release to fix a number of issues. See
RELEASE-NOTES.md.
 2020-11-26 00:49:38 -05:00
Adam Ierymenko
af6d01e79b
Mac fix (probably) for old versions that require tap.kext. 2020-11-26 00:36:52 -05:00
Adam Ierymenko
1ef3b2d526 Windows build. 2020-11-25 21:36:31 -05:00
Adam Ierymenko
1afd097445 Microsoft signed 32-bit Windows x86 driver. 2020-11-25 23:45:28 -05:00
Adam Ierymenko
52fad6e18f Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2020-11-25 23:35:47 -05:00
Adam Ierymenko
3f921c01a6 Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2020-11-25 23:35:39 -05:00
Adam Ierymenko
eefe34354e Embeddable MSI for new MS-signed X64 Windows tap driver. 2020-11-25 23:35:32 -05:00
Grant Limberg
5188c7d41f com & com security already initialized by here 2020-11-25 20:06:43 -08:00
Grant Limberg
f2ba613fb5 line endings 2020-11-25 19:02:00 -08:00
Grant Limberg
6cfdd5b2c1
force eol=crlf for driver .inf files 2020-11-25 18:22:52 -08:00
Grant Limberg
f2cd7cd4eb
set deployment target for tap agent 2020-11-25 15:34:52 -08:00
Grant Limberg
0a8b692482 fix device binding & possible loopback issue on FreeBSD 2020-11-25 12:03:17 -08:00
Adam Ierymenko
1542163689
Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne 2020-11-25 14:28:48 -05:00
Adam Ierymenko
9d66d876f4
Likely fix for some alignment issues on ARM. 2020-11-25 14:28:41 -05:00
Grant Limberg
0456a71295 Windows feedback loop fix 2020-11-25 11:05:36 -08:00
Grant Limberg
70b1b4ecc7 Buffer<> has no .empty() method 2020-11-25 09:49:58 -08:00
Adam Ierymenko
bc4bd29488
Merge branch 'master' of github.com:zerotier/ZeroTierOne 2020-11-25 10:50:35 -05:00
Adam Ierymenko
f906eec42e Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2020-11-24 23:37:54 -05:00
Adam Ierymenko
73b5eadd3c Windows X64 Microsoft-Signed Driver for Windows 10 2020-11-24 23:37:37 -05:00
Adam Ierymenko
1f8905dfc9
Merge pull request #1191 from athoik/armv7ve 
Add support for armv7ve
 2020-11-24 19:25:53 -05:00
Adam Ierymenko
4465d36db5
Merge pull request #1194 from gutleib/master 
Add support for Elbrus-family CPU
 2020-11-24 19:25:10 -05:00
Adam Ierymenko
d64c5a92c6
Merge pull request #1233 from dosuperuser/improvement/optimizations 
Minor C++ optimizations
 2020-11-24 19:24:36 -05:00
Adam Ierymenko
0ba358a3d4
Merge pull request #1294 from darkain/master 
Add ZT_NO_UNALIGNED_ACCESS for ARMv6/7 on FreeBSD
 2020-11-24 19:23:19 -05:00
Grant Limberg
86ff1e7cd2
another comparison fix 2020-11-24 14:12:30 -08:00
Adam Ierymenko
13d7e2f2b9
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2020-11-24 17:02:17 -05:00
Adam Ierymenko
bad1e0d529 CentOS build fixes to build in Cent7. 2020-11-24 14:01:46 -08:00
Grant Limberg
6b21a4f494
fix dns equality check in Android 2020-11-24 13:51:00 -08:00
Adam Ierymenko
891815054c
Version bumps. 2020-11-24 16:27:19 -05:00
Adam Ierymenko
ce2fb18c02
Set MacOS version flag on assembly file. 2020-11-24 14:27:44 -05:00
Adam Ierymenko
2f359a43bf
1.6.1 notes 2020-11-23 20:17:09 -05:00
Grant Limberg
a1b72f0e1a
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2020-11-23 14:54:39 -08:00
Grant Limberg
de308f05e0
missing break in InetAddress::ipScope() 2020-11-23 14:54:13 -08:00
Joseph Henry
ecfac0601a Add new bond control commands to CLI 2020-11-23 09:59:28 -08:00
Vincent Milum Jr
93ffd75b02
Add ZT_NO_UNALIGNED_ACCESS for ARMv6/7 on FreeBSD 
Unaligned access caused SIGBUS errors on ARMv6 and ARMv7 targets under FreeBSD.

This was also the cause of the repeating TAP devices. Each time the SIGBUS happened, the service would auto-restart itself, create a new TAP device, and then crash again.

The particular place causing the SIGBUS was:
https://github.com/zerotier/ZeroTierOne/blob/master/node/Utils.hpp#L695
 2020-11-21 13:30:31 -08:00
Joseph Henry
8af4eff43e Merge branch 'dev' of https://github.com/zerotier/ZeroTierOne into dev 2020-11-20 20:34:54 -08:00
Adam Ierymenko
167645ba6d
Fix for musl libc. 2020-11-20 21:10:08 -05:00
Adam Ierymenko
baeab92737
VERSION 1.6.0 
See RELEASE-NOTES.md for details.
 2020-11-20 18:53:33 -05:00
Joseph Henry
24162fd490 Merge branch 'dev' of https://github.com/zerotier/ZeroTierOne into dev 2020-11-19 14:39:40 -08:00
Grant Limberg
95da2bcbcf move CoUninitialize to the proper place at the end of the tap thread 2020-11-19 14:13:16 -08:00
Grant Limberg
a9e4fb0ed9 Fix multiple networks on Windows 2020-11-19 14:10:34 -08:00
Adam Ierymenko
45b092532e Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2020-11-19 13:44:03 -05:00
Adam Ierymenko
3ec932e194 MacOS ARM64 universal binary build fixes. 2020-11-19 13:43:57 -05:00
Adam Ierymenko
565bef05af
Release notes and version bumps. 2020-11-19 13:24:30 -05:00
Adam Ierymenko
a0c78da1ad
Revert "Tune thread count based on hardware concurrency." 
This reverts commit 7b14aeb53e.
 2020-11-18 22:54:05 -05:00
Adam Ierymenko
7b14aeb53e
Tune thread count based on hardware concurrency. 2020-11-18 22:42:00 -05:00
Adam Ierymenko
f934a09baa
Build fix. 2020-11-18 22:32:57 -05:00
Adam Ierymenko
414c248cc5
Try another approach... 2020-11-18 22:26:06 -05:00
Adam Ierymenko
ca428233ba
Revert "Try another optimization in LinuxEthernetTap." 
This reverts commit a390629371.
 2020-11-18 22:24:18 -05:00
Adam Ierymenko
3712f9b318
Revert "Shutdown fix." 
This reverts commit 11545bdb5d.
 2020-11-18 22:24:09 -05:00
Adam Ierymenko
11545bdb5d
Shutdown fix. 2020-11-18 22:13:06 -05:00
Adam Ierymenko
a390629371
Try another optimization in LinuxEthernetTap. 2020-11-18 22:06:17 -05:00
Adam Ierymenko
e3e188109d Build fix. 2020-11-18 10:14:39 -08:00
Adam Ierymenko
7cbbc38b89
Reduce mutex use in LinuxEthernetTap. Try to squeeze a bit more powah out of it. 2020-11-18 12:50:34 -05:00
Joseph Henry
bd1861ef4d Merge branch 'dev' of https://github.com/zerotier/ZeroTierOne into dev 2020-11-17 17:24:16 -08:00
Adam Ierymenko
b152f9e1d3 Version 1.6.0 bump in version.h 2020-11-17 15:15:06 -08:00
Joseph Henry
24339092f7 Merge branch 'dev' of https://github.com/zerotier/ZeroTierOne into dev 2020-11-17 14:05:33 -08:00
Adam Ierymenko
4bd58d47cf Revert "Try factoring out a mutex to see if its faster." 
This reverts commit 982c32322b.
 2020-11-17 12:52:48 -08:00
Adam Ierymenko
982c32322b
Try factoring out a mutex to see if its faster. 2020-11-17 15:48:15 -05:00
Adam Ierymenko
2fcc344299
Some buffer tuning. 2020-11-17 15:34:42 -05:00
Adam Ierymenko
3acd901c88
Build fixes. 2020-11-17 12:13:08 -05:00
Adam Ierymenko
0795dbf5f1 Revert "Moar threadz" 
This reverts commit 101a3a7d74.
 2020-11-16 19:06:52 -08:00
Adam Ierymenko
101a3a7d74
Moar threadz 2020-11-16 21:49:51 -05:00
Adam Ierymenko
2da162bed7
Split Linux tap receive into two threads: one reader, one processor. 2020-11-16 21:40:25 -05:00
Adam Ierymenko
5282e06fd4
Tun/tap flags fix. 2020-11-16 19:08:09 -05:00
Adam Ierymenko
dc806dd718
Try pipelining tap reads on Linux for a little more speed. 2020-11-16 18:56:00 -05:00
Adam Ierymenko
31d8758ad9
Apple "fat binaries" are back! 2020-11-16 16:30:15 -05:00
Joseph Henry
ae70db0535 Merge branch 'dev' of https://github.com/zerotier/ZeroTierOne into dev 2020-11-16 12:04:03 -08:00
Adam Ierymenko
6b67cb0e2a Linux build fixes. 2020-11-16 11:11:52 -08:00
Adam Ierymenko
250f0ef9db
Remove dead code. 2020-11-16 13:51:27 -05:00
Joseph Henry
a690ffdb7c Merge branch 'dev' of https://github.com/zerotier/ZeroTierOne into dev 2020-11-15 19:00:02 -08:00
Adam Ierymenko
4aab9121d9 Linux build fixes, and new route code seems to work. 2020-11-13 22:25:12 -05:00
Adam Ierymenko
5ea7ef6b65
Rework Linux route setting to actually consult netlink interface. 2020-11-13 22:06:58 -05:00
Adam Ierymenko
a3875f9965
Add a route DB to LinuxNetLink to make route sync robust. 2020-11-13 21:55:31 -05:00
Adam Ierymenko
4e3a59f329 Build fix. 2020-11-13 21:21:28 -05:00
Adam Ierymenko
3730917dda
LinuxNetLink cleanup 2020-11-13 21:06:34 -05:00
Adam Ierymenko
57516cfbe6 revert queue... not quite what we need 2020-11-13 21:01:55 -05:00
Adam Ierymenko
bb62279a20
Queue up managed route syncs and do them periodically to avoid dependency problems. 2020-11-13 20:25:03 -05:00
Adam Ierymenko
e8be28734b Linux netlink and route setting... work in progress. 2020-11-13 19:07:54 -05:00
Adam Ierymenko
6c5a097711
Use LinuxNetLink for routes on Linux... still needs testing/debugging on an actual Linux machine. 2020-11-13 18:16:14 -05:00
Adam Ierymenko
16a878adb1
... route fix test 2020-11-13 16:18:00 -05:00
Adam Ierymenko
020d882e82
Route assignment fix. 2020-11-13 16:02:59 -05:00
Adam Ierymenko
44af828aa4
Tweak multicast settings to prevent failures due to TX queue overflow. 2020-11-12 22:21:43 -05:00
Adam Ierymenko
26a0cbcd73
Revert "Push credentials in multicast." 
This reverts commit 1316ee3127.
 2020-11-12 20:53:23 -05:00
Adam Ierymenko
1a106bca3b
Revert "Build fix, and move multicast pushCredentialsIfNeeded." 
This reverts commit cc42d6f4e0.
 2020-11-12 20:53:14 -05:00
Adam Ierymenko
cc42d6f4e0
Build fix, and move multicast pushCredentialsIfNeeded. 2020-11-12 20:40:10 -05:00
Adam Ierymenko
1316ee3127
Push credentials in multicast. 2020-11-12 20:33:31 -05:00
Adam Ierymenko
eadca9dd75
Build fix. 2020-11-11 15:29:01 -05:00
Adam Ierymenko
59dd71187e
Build fix. 2020-11-11 15:14:08 -05:00
Adam Ierymenko
36e167013a
More Linux tap shotgun debugging. 2020-11-11 15:12:16 -05:00
Adam Ierymenko
2d489a8679
Another possible workaround for what seems to be a Linux bug in some newer kernels. 2020-11-11 14:42:56 -05:00
Adam Ierymenko
d735a1d04c
Reorder some stuff in LinuxEthernetTap as possible workaround for MAC-set weirdness. 2020-11-11 12:49:56 -05:00
Adam Ierymenko
9480ff1f37
Fix some timestamp signedness mismatches. 2020-11-11 11:46:09 -05:00
Adam Ierymenko
d2f2abe525
Add force-exit timeout to get around some of the exit hang issues users have observed. Will punt full diagnosis to V2 which rewrites all these code paths anyway. 2020-11-10 16:30:55 -05:00
Adam Ierymenko
e9e20fdad8
Increase multicast announce frequency a little. 2020-11-10 16:16:52 -05:00
Adam Ierymenko
53ba413d32
Dont use AES in HELLO. 2020-11-09 20:52:49 -05:00
Adam Ierymenko
7280fcdec2
Only define FreeBSD hwcaps stuff if ARM crypto is enabled for compiled. 2020-11-09 19:54:32 -05:00
Adam Ierymenko
cbcd2be232
Merge pull request #1288 from darkain/dev 
FreeBSD ARMv6, ARMv7, and Aarch64 support
 2020-11-09 19:50:46 -05:00
Vince
83a2dcb65a FreeBSD ARMv6, ARMv7, and Aarch64 support 2020-11-07 14:16:03 -08:00
Adam Ierymenko
dd65680150 Windows build fixes, version bump in AIP. 2020-11-06 11:18:41 -08:00
Adam Ierymenko
90f18f7ee7
Fix for ZTO-33 (Jira), only assign routes if there is a viable source IP. 2020-11-06 11:01:45 -05:00
Adam Ierymenko
317263b31c
Remove unused variable on non-windows 2020-11-02 19:09:11 -05:00
Adam Ierymenko
52679d2784
Simplify and fix managed route logic. 2020-11-02 19:02:07 -05:00
Adam Ierymenko
763d1cc3dc
Some more changes for slow network leaving on Mac. 2020-11-02 14:00:35 -05:00
Adam Ierymenko
c9fe04d8ea
Version bump in prep for 1.6.0 beta 2 2020-10-30 17:42:15 -04:00
Adam Ierymenko
f2c490345c
Remove unnecessary includes that can cause compile problems. 2020-10-30 16:14:59 -04:00
Adam Ierymenko
fe5aad3cef
Some Mac feth tap changes to hopefully fix slow-leave problem. 2020-10-30 10:40:34 -04:00
Joseph Henry
927bc2e33d Merge branch 'dev' of https://github.com/zerotier/ZeroTierOne into dev 2020-10-22 14:04:41 -07:00
Joseph Henry
1331739ee4 Remove (some) debug tracing in Bond which may cause a segfault 2020-10-21 18:40:55 -07:00
Grant Limberg
3da8f5f053
freaking JNI 2020-10-21 16:08:19 -07:00
Grant Limberg
fbbcf292c6
forgot accessors 2020-10-21 15:06:50 -07:00
Grant Limberg
2851a9577c
JNI for dns configuration 2020-10-21 14:18:29 -07:00
Adam Ierymenko
ed9b09e980
Missing flag. 2020-10-20 18:52:36 -04:00
Adam Ierymenko
bcb3fc7fc0
Only use SSE/SSE2 for X64 for regular stuff. 2020-10-20 18:51:38 -04:00
Adam Ierymenko
70f37962cf
Backport AES fixes for compiler, arch, and splitting into separate files. 2020-10-20 18:50:28 -04:00
Joseph Henry
fd7f61bab7 Merge branch 'dev' of https://github.com/zerotier/ZeroTierOne into dev 2020-10-14 18:40:38 -07:00
Joseph Henry
5f8714a0cd Remove minor non-functional flow hashing stubs 2020-10-14 18:40:20 -07:00
Adam Ierymenko
8d83b9b7c5
Revert change to path quality to fix IPv6 issue in beta. We will rework this in 2.x. 2020-10-14 20:41:58 -04:00
Adam Ierymenko
2c75be0d64
Do not always enable SSE4 on X64 due to old Atom chips. Enable instead only for AES-NI code which is only run if AES-NI is present, which it is not on these old chips. 2020-10-13 16:08:30 -04:00
Grant Limberg
ee04118172
null check 2020-10-13 08:24:36 -07:00
Adam Ierymenko
fe1ce885a0
Version 1.6.0 (1.5.0 is a beta!) is a significant release that incorporates a number of back-ported fixes and features from the ZeroTier 2.0 tree. 
Major new features are:

 * **Multipath support** with modes modeled after the Linux kernel's bonding driver. This includes active-passive and active-active modes with fast failover and load balancing. See section 2.1.5 of the manual.
 * **DNS configuration** push from network controllers to end nodes, with locally configurable permissions for whether or not push is allowed.
 * **AES-GMAC-SIV** encryption mode, which is both somewhat more secure and significantly faster than the old Salsa20/12-Poly1305 mode on hardware that supports AES acceleration. This includes virtually all X86-64 chips and most ARM64. This mode is based on AES-SIV and has been audited by Trail of Bits to ensure that it is equivalent security-wise.

Known issues that are not yet fixed in this beta:

 * Some Mac users have reported periods of 100% CPU in kernel_task and connection instability after leaving networks that have been joined for a period of time, or needing to kill ZeroTier and restart it to finish leaving a network. This doesn't appear to affect all users and we haven't diagnosed the root cause yet.
 * The service sometimes hangs on shutdown requiring a kill -9. This also does not affect all systems or users.
 * AES hardware acceleration is not yet supported on 32-bit ARM, PowerPC (32 or 64), or MIPS (32 or 64) systems. Currently supported are X86-64 and ARM64/AARCH64 with crypto extensions.
 * Some users have reported multicast/broadcast outages on networks lasting up to 30 seconds. Still investigating.

We're trying to fix all these issues before the 1.6.0 release. Stay tuned.
 2020-10-08 18:10:13 -04:00
Adam Ierymenko
24769219b5 Merge branch 'dev' 2020-10-08 18:08:24 -04:00
Adam Ierymenko
da6fe18e17 Merge branch 'master' of github.com:zerotier/ZeroTierOne 2020-10-08 18:08:18 -04:00
Adam Ierymenko
a973a6e10e Leave feth devices over feth10000 alone. 2020-10-08 12:04:57 -04:00
Adam Ierymenko
5bc64c4c4e Windows build fixes and version bump in Advanced Installer. 2020-10-07 15:56:00 -07:00
Travis LaDuke
bd92990165
Update feature_request.md 2020-10-07 10:36:04 -07:00
Adam Ierymenko
e26a8be3df Be more consistent about versioning. 2020-10-07 11:55:47 -04:00
Adam Ierymenko
3ef1c8e3fa Use 1.5.0 for package version for centos. 2020-10-06 23:31:20 -04:00
Adam Ierymenko
0ab4b903f4 Cert and codesign tweaks, release notes. 2020-10-06 18:09:51 -04:00
Adam Ierymenko
b2ea5aa747 Version bump to 1.5.0 internally and 1.6.0-beta1 in packages. 2020-10-05 20:23:52 -04:00
Grant Limberg
c80843e496
Revert "remove redundant writes when changes come from Central" 
This reverts commit f9396f979f.
 2020-10-05 13:32:47 -07:00
Grant Limberg
f9396f979f
remove redundant writes when changes come from Central 
network & member changes tagged with `"fromCentral": true` will not be rewritten to the db
 2020-10-05 11:03:03 -07:00
Adam Ierymenko
610d4ff016 Remove old tap kext from normal pkg as it is too old to be notarized (signature too old, not sure if we can sign again as kexts are being deprecated). It is only used on very old MacOS versions that are rolling off support. 2020-10-02 18:42:40 -04:00
Adam Ierymenko
f16421225d Enable hardened executable mode on Mac, should be fine... 2020-10-02 18:36:24 -04:00
Adam Ierymenko
d82b3684ac Enable RV64 2020-09-30 21:17:04 -04:00
Adam Ierymenko
d7e5a92fe6 Increase debian build parallelism. 2020-09-30 17:39:15 -07:00
Adam Ierymenko
bb45f9ca3c Upgrade cpp-httplib 2020-09-30 15:21:58 -04:00
Adam Ierymenko
c7dcbba442 Add an AES benchmark to 1.6 (backport) 2020-09-29 18:34:58 -04:00
Adam Ierymenko
255dee7a5e MacOS build fixes. 2020-09-25 14:32:53 -04:00
Adam Ierymenko
c86418934c PATH_MAX is not defined on some Linux systems. 2020-09-23 22:06:22 -04:00
Adam Ierymenko
70efa5f606 Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2020-09-23 21:59:14 -04:00
Adam Ierymenko
69b2fcd5af Get rid of obsolete musl libc fix. 2020-09-23 21:58:51 -04:00
Adam Ierymenko
1f93099e1a Get rid of obsolete musl libc fix. 2020-09-23 21:58:28 -04:00
Joseph Henry
b3331c5ec2 Fix buffer overflow in windows tap driver 2020-09-23 15:31:20 -07:00
Grant Limberg
ff23d3051f
self hosted controller JSON format fix for DNS 2020-09-23 12:16:23 -07:00
Grant Limberg
7d8cfb1fee
more magic incantations to make crypto extensions work on Android/ARM64 2020-09-22 10:28:31 -07:00
Grant Limberg
8131680735
AES-NI enabled for Android ARM64 2020-09-22 08:04:16 -07:00
Grant Limberg
9e6dba9066
Enable AES-NI on Android X86-64 
Need to find the magic incantation to enable it on ARM64 still
 2020-09-21 18:05:25 -07:00
Grant Limberg
0f2887265c
AES-NI/NEON detection for iOS 
Requires 64-bit CPU
 2020-09-21 13:18:05 -07:00
Adam Ierymenko
1ff45020e2 Prefer IPv6 if all else is equal. 2020-09-18 16:27:41 -04:00
Grant Limberg
45c5abe05b add Allow DNS settings to win UI 2020-09-18 10:12:11 -07:00
Grant Limberg
e7dafb3ae6
allow DNS field for mac UI 2020-09-18 09:30:43 -07:00
Adam Ierymenko
04f6140da6 AES builds and works now on ARM64. 2020-09-16 22:47:13 +00:00
Grant Limberg
afcbc6dd9f
clean up some error output 2020-09-16 10:54:14 -07:00
Grant Limberg
4da9bed4fa
add 'dump' to cli help 2020-09-16 10:52:23 -07:00
Grant Limberg
221e4ecb12
Add "documentation" networks as IP_SCOPE_PRIVATE 
https://en.wikipedia.org/wiki/Reserved_IP_addresses
 2020-09-16 10:24:36 -07:00
Grant Limberg
1883a8c9ee
Set 198.18.0.0/15 to IP_SCOPE_PRIVATE 2020-09-16 10:15:42 -07:00
Grant Limberg
83d92858c1
Merge branch 'dump' into dev 2020-09-16 10:04:01 -07:00
Grant Limberg
cff3152985 windows create dump file on desktop 2020-09-16 10:03:03 -07:00
Grant Limberg
5090e95003
dump basics to stdout on other platforms 2020-09-15 16:50:55 -07:00
Grant Limberg
927aeb15f6
macos output dump to file if possible 
if not, write to stdout
 2020-09-15 16:50:00 -07:00
Grant Limberg
361ca1e8b4
add link to CoreServices framework 2020-09-15 16:49:19 -07:00
Adam Ierymenko
9adf656db5 Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2020-09-14 20:44:46 -04:00
Adam Ierymenko
7219ca0c0f AES works! Only with this or newer nodes. Uses salsa with older ones as usual. 2020-09-14 20:44:21 -04:00
Grant Limberg
3a75950ff4
Merge branch 'dump' into dev 2020-09-14 15:25:34 -07:00
Joseph Henry
fa86b8bae0
Change ZT_MULTIPATH_FLOW_EXPIRATION_INTERVAL from 30 seconds to 5 minutes 2020-09-14 15:22:06 -07:00
Joseph Henry
f3c9ab8a7e
Add minor trace output formatting changes. Change ZT_MULTIPATH_BOND_STATUS_INTERVAL from 30000 to 60000 2020-09-14 15:21:53 -07:00
Grant Limberg
ace03d7c7b zerotier-cli dump for Windows 2020-09-14 15:17:59 -07:00
Michael Adams
97801b3b56 Update issue templates 2020-09-14 13:10:41 -07:00
Michael Adams
74d9e1e558 Update issue templates 2020-09-14 12:59:36 -07:00
Michael Adams
c210e9e5cf Update issue templates 
Cleaned this up substantially
 2020-09-14 12:58:29 -07:00
Grant Limberg
df640dc39b
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2020-09-14 12:45:11 -07:00
Grant Limberg
d980bba49f fix windows compilation 2020-09-14 12:42:51 -07:00
Grant Limberg
059dfee0c3 fix windows compilation 2020-09-14 12:42:39 -07:00
Joseph Henry
55f442f1a9 Removed erroneous issue template 2020-09-12 13:09:51 -07:00
joseph-henry
2b9d9168e0 Update issue templates 2020-09-12 13:08:31 -07:00
Joseph Henry
94669a4709 Update Game issue template 2020-09-12 12:58:10 -07:00
joseph-henry
be560eb704
Game Connection Issue 
Game connection issues can be resolved on our forums: discuss.zerotier.com
 2020-09-12 12:23:49 -07:00
Grant Limberg
36d867c3fa
more config dump for macOS 2020-09-11 16:43:30 -07:00
Joseph Henry
cf47618ffb Change ZT_MULTIPATH_FLOW_EXPIRATION_INTERVAL from 30 seconds to 5 minutes 2020-09-11 16:09:46 -07:00
Grant Limberg
62f23e0cfd
step 1 of zerotier-cli dump 
dump status, networks, peers, bonds & version
 2020-09-11 15:31:56 -07:00
Joseph Henry
0e8b54f7a1 Add minor trace output formatting changes. Change ZT_MULTIPATH_BOND_STATUS_INTERVAL from 30000 to 60000 2020-09-11 14:47:18 -07:00
Adam Ierymenko
1c9407e016 Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2020-09-11 13:40:04 -04:00
Adam Ierymenko
cb8d773634 Disable unicast compression as it almost never helps and usually just wastes CPU. 2020-09-11 13:36:21 -04:00
Grant Limberg
bbb307aff7
DNS is now toggleable via zerotier-cli set <nwid> allowDNS=[0|1] 
Flag is disabled by default as it should be opt-in on each endpoint
 2020-09-10 15:59:18 -07:00
Grant Limberg
3db263284b
not sure how this got reverted 2020-09-10 13:18:25 -07:00
Grant Limberg
d8f041a484
Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2020-09-10 12:50:30 -07:00
Adam Ierymenko
120bcbc2c9 Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2020-09-10 15:44:47 -04:00
Grant Limberg
10ccaa2620
Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2020-09-10 12:43:58 -07:00
Adam Ierymenko
e6b5f8aabd AES work... but disabled in this commit. 2020-09-10 15:43:40 -04:00
Michael Adams
4798689bf3 Merge branch 'dev' of https://github.com/zerotier/ZeroTierOne into dev 2020-09-10 12:43:24 -07:00
Michael Adams
0545e70bd5 Added error messages to use admin/sudo/root 2020-09-10 12:42:11 -07:00
Grant Limberg
5032a8eeac
Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2020-09-10 11:57:51 -07:00
Adam Ierymenko
1ad555a071 More selective push of AES modifications and refactoring stuff. 2020-09-10 14:48:48 -04:00
Grant Limberg
7d0f6933d6
Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2020-09-10 11:38:25 -07:00
Adam Ierymenko
4cd3d0bb76 Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2020-09-10 14:37:16 -04:00
Adam Ierymenko
8374553b6a Linux build fix for AES flags. 2020-09-10 14:36:33 -04:00
Grant Limberg
eca4052884
Merge branch 'dev-redis' into dev 2020-09-10 11:10:10 -07:00
Michael Adams
2d7a96416c Update issue templates 
Include use of Discuss forum as an option for feature requests.
 2020-09-08 12:25:40 -07:00
thoradia
f2734dc3d8
add ports to addresses specified by the bind setting 2020-09-08 01:49:19 +02:00
Grant Limberg
a1f4397959 linux implementaiton of zerotier-cli dump 2020-08-30 14:19:56 -07:00
Grant Limberg
53d5c9890f
missed a rollback 
# Conflicts:
#	controller/PostgreSQL.cpp
 2020-08-26 15:52:01 -07:00
Grant Limberg
43c108f077
missed a rollback 2020-08-26 15:50:36 -07:00
Grant Limberg
33cc59914a
Merge branch 'dev-redis' into dev 2020-08-26 14:52:54 -07:00
Grant Limberg
45b6d11126
Put upserts from controller into single transaction 2020-08-26 14:52:23 -07:00
Adam Ierymenko
b7b01da742 Wire up dearmor() path. 2020-08-25 14:13:20 -07:00
Adam Ierymenko
93d6b41898 Disable AES in commit so as not to break other builds. 2020-08-25 08:08:54 -07:00
Adam Ierymenko
47e9fb3ddb Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2020-08-25 08:07:23 -07:00
Joseph Henry
b1ddba0438 Remove a few old comments 2020-08-24 18:56:49 -07:00
Grant Limberg
e7891bfcb0
Merge branch 'dev-redis' into dev 2020-08-21 16:29:13 -07:00
Grant Limberg
7f99c4a779
Sleep 10 seconds between writes to DB 2020-08-21 16:22:28 -07:00
Adam Ierymenko
2ac49d99dd AES integrated on send side. 2020-08-21 14:23:31 -07:00
Adam Ierymenko
3fd8efe642 AES builds now 2020-08-21 09:56:53 -07:00
Adam Ierymenko
06730c7d1d BSL date bump 2020-08-20 12:51:39 -07:00
Grant Limberg
81c9db7a15
fix libs for non-controller builds on macOS 2020-08-18 11:46:29 -07:00
Grant Limberg
8d0a3563e4
Merge branch 'dns' into dev 2020-08-12 13:56:21 -07:00
Grant Limberg
c0c215c83c
single dns config per network 2020-08-12 13:08:47 -07:00
Grant Limberg
058d888311
More debug logging cleanup 2020-08-12 10:00:09 -07:00
Grant Limberg
30b18d925f
clean up some debug logging 2020-08-12 09:16:18 -07:00
Grant Limberg
137d05e799
add setDNS stubs for linux/bsd 2020-08-12 09:14:10 -07:00
Grant Limberg
d9c4e644de Windows DNS 2020-08-11 18:55:42 -07:00
Joseph Henry
edd960566a Improve bond tracing, fix bond initialization bugs, remove vestigial debug code 2020-08-06 18:10:40 -07:00
Grant Limberg
6868e98904 Get stuff building on Windows 
Been a minute since any of this has been updated
 2020-08-05 16:04:02 -07:00
Grant Limberg
85a5b0b948
Remove dns config on shutdown 
Also add calls to MacDNSHelper to the kext tap
 2020-08-05 14:49:45 -07:00
Grant Limberg
b9a1719cb1
Let's make sure to clean up our memory 2020-08-05 14:42:19 -07:00
Grant Limberg
d6e3164ea1
remove initial attempt at dns config via scutil 2020-08-05 14:42:09 -07:00
Grant Limberg
302ac8fefe
DNS config support on macOS 2020-08-05 14:26:11 -07:00
Grant Limberg
d2708daa8e
debug output 2020-08-04 14:33:18 -07:00
Grant Limberg
88a3c685fb
latest 2020-08-04 13:52:57 -07:00
Grant Limberg
2e52a1eebf
forgot a couple queries in postgres. trying to pull dns of member not network in embedded network controller 
also some debug logging
 2020-08-04 09:45:45 -07:00
Grant Limberg
d098a99d09
fix memory init issue 
and another place where dns data needs to be copied
 2020-07-31 11:42:03 -07:00
Grant Limberg
6b197e067a
Merge branch 'dev' into dns 2020-07-30 13:15:43 -07:00
Joseph Henry
9f4985b11a Add basic bond health status reporting (listbonds) 2020-07-27 23:01:12 -07:00
Grant Limberg
5b700fa497
println for which notification stream the controller is listening to 2020-07-27 18:37:45 -07:00
Travis LaDuke
c92e030a4b Create a bash completion script. 
Just adding it to the repo, but it still needs to be dealt with during install.
Probably put it in $ZT_HOME and then symlink to the proper place for the distro?

searches $ZT_HOME/networks.d/ for network IDs
searches HISTORY for 16 digit numbers that look like network IDs.
 2020-07-23 13:40:48 -07:00
Grant Limberg
251b06d812
revert redis for member status 2020-07-23 09:38:50 -07:00
Joseph Henry
ff50762649 Merge multipath branch into dev branch 2020-07-23 00:40:17 -07:00
Joseph Henry
29ebda62ef Remove (some) debug functions and traces 2020-07-23 00:32:39 -07:00
Joseph Henry
a1b2ff772a Add new replacement condition in peer path redundancy logic to fix duplicate paths 2020-07-23 00:15:38 -07:00
Joseph Henry
dc784f6213 Comment out Bond and BondController debug traces 2020-07-21 10:22:10 -07:00
Grant Limberg
387039456d
Pass 1 at adding DNS to controller 2020-07-20 14:34:19 -07:00
Suad Halilovic
c1f4168d2f 2020/07/16, Minor optmizations 2020-07-16 18:38:04 +02:00
Suad Halilovic
ffebcd247f 2020/07/16, Minor optmizations 2020-07-16 18:31:56 +02:00
Joseph Henry
fd0c906b1b Merge branch 'multipath' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into multipath 2020-07-14 17:05:42 -07:00
Joseph Henry
decd5add2a Fix segfault on unique interface name list generation (for multipath) 2020-07-14 17:05:05 -07:00
Joseph Henry
8eb453e042 Revert to ancient path redundancy check logic 2020-07-06 15:18:17 -07:00
Grant Limberg
bd6c97aeb8
dont strip binary 2020-07-06 14:35:05 -07:00
Joseph Henry
29e7fa5c4b Revert to ancient path redundancy check logic 2020-07-06 14:07:31 -07:00
Joseph Henry
a23b6d09c0 Fix merge conflict for controller code (minor edit) 2020-06-29 10:27:22 -07:00
Grant Limberg
1bb1dfa87b
android changes 2020-06-18 09:32:00 -07:00
Joseph Henry
a33a494d60 Adjust terminology 2020-06-17 14:54:13 -07:00
Joseph Henry
5f0ee4fc78 Fix invalid defaultBondingPolicy conditions, Add ZT_MultipathFlowRebalanceStrategy, Add basic hysteresis mechanism to flow re-assignment 2020-06-16 12:30:21 -07:00
Grant Limberg
d0aacfddb7
one more spot 2020-06-04 14:12:20 -07:00
Grant Limberg
9b92ad7772
handle case of no networks and/or no members 2020-06-04 14:06:30 -07:00
Grant Limberg
17c7ae20cc
force add libredis++.a for mac 2020-06-04 13:46:16 -07:00
Joseph Henry
fa5c8ef434 Fix timers, fix flow count discrepancy after flow removal, fix balance-aware flow re-assignment when one or more links go down 2020-06-01 22:58:58 -07:00
Joseph Henry
1dca7b92cf Remove exit condition for bond creation during re-learning of previously-known paths 2020-05-31 17:30:41 -07:00
Joseph Henry
5e122b95e7 Fix segfault during balance-rr when link is brought down 2020-05-30 21:21:22 -07:00
Grant Limberg
135a547889
No longer update both pgsql & redis 2020-05-28 19:22:07 -07:00
Grant Limberg
06de25a680 bump online notification pause to 100ms 
also put all online notification redis commands into a single tx
 2020-05-27 22:25:07 -07:00
Grant Limberg
5692402d32 A little more cleanup 2020-05-27 21:02:30 -07:00
Grant Limberg
ad7ae5a372 list of all network-node pairs 2020-05-27 20:43:31 -07:00
Grant Limberg
9794e31a64 Temporary online notification thread hack 
Updates both Redis and Postgres
 2020-05-27 20:43:31 -07:00
Grant Limberg
2f0f0e4f53 redis init optimization 2020-05-27 20:43:31 -07:00
Grant Limberg
7bde004c7c Replace scan of Redis with iteration of _networks map 2020-05-27 20:41:47 -07:00
Joseph Henry
a8f830aa9c Add multipath documentation to service/ 2020-05-26 18:29:19 -07:00
Joseph Henry
7266550c22 Remove vestigial constructor, fix typos, clean up code 2020-05-26 17:57:37 -07:00
Joseph Henry
7ed960297b Merge changes from dev into multipath 2020-05-26 17:57:09 -07:00
Grant Limberg
39da360725
add online controller list in Redis 2020-05-22 14:16:04 -07:00
Grant Limberg
beedee4401
fix typo 2020-05-22 11:07:12 -07:00
Grant Limberg
fb0e8aebdb
keep list of active networks in redis 2020-05-22 10:07:39 -07:00
Grant Limberg
13929aee6f
reduce log chattiness 2020-05-21 09:49:55 -07:00
Grant Limberg
c2409ad6c9
fix connection to redis cluster in online notification thread 2020-05-21 09:49:41 -07:00
Grant Limberg
08cb72bdba
Temp object was being destroyed before connection was used 2020-05-21 09:33:03 -07:00
Grant Limberg
d24c8d858c
include climits for Linux 2020-05-20 16:54:18 -07:00
Grant Limberg
879ef58565
Finalize Redis integration 2020-05-20 16:28:28 -07:00
Grant Limberg
8b8399efbc
Error recovery for network & member stream watchers 2020-05-20 11:42:51 -07:00
Grant Limberg
0f17508cac
error recovery in redis online notification 
If a redis cluster member fails over to the slave, we'll get an error from not specifying the key for the insert.  Recover from that instead of crashing the controller
 2020-05-20 11:38:04 -07:00
Grant Limberg
7a138f963c
TIL: Creating a redis transaction without sending any commands throws an exception 
So let's not do that
 2020-05-19 17:47:06 -07:00
Grant Limberg
b637ced1ee
Track member status in Redis 2020-05-19 17:47:02 -07:00
Grant Limberg
ee91c81799
Initialize C arrays to NULL in NetworkConfig() constructor 2020-05-19 17:40:51 -07:00
Grant Limberg
8ac42b4600
controller status query fix 2020-05-19 17:40:11 -07:00
Grant Limberg
844725237d
Add new ZT_ result codes that were added 2020-05-18 10:31:17 -07:00
Joseph Henry
58d567c331 Formatting 2020-05-14 20:09:25 -07:00
Joseph Henry
4465952d11 Merge remote-tracking branch 'origin/dev' into multipath 2020-05-14 16:06:55 -07:00
Grant Limberg
f8ba1962e6
fix equals() methods 2020-05-14 15:08:37 -07:00
Grant Limberg
701960def5
Track member status in Redis 2020-05-13 17:23:27 -07:00
Grant Limberg
15c0c1db39
finish the RabbitMQ-ectomy 2020-05-13 09:46:41 -07:00
Grant Limberg
c9f942f79b
can now build centos8 docker container with Redis support 2020-05-12 15:17:57 -07:00
Grant Limberg
663df9118a fix centos8 build 2020-05-12 14:04:03 -07:00
Grant Limberg
5d47697ade helps to add the actual library 2020-05-12 13:04:16 -07:00
Grant Limberg
5babd01d40 centos8 binaries for libhiredis and libredis++ 2020-05-12 12:58:09 -07:00
Grant Limberg
aab96964b6
Put debug output behind ZT_TRACE 2020-05-12 12:48:58 -07:00
Grant Limberg
c6518afa7a
Make sure the streams clean up after themselves 2020-05-12 12:37:05 -07:00
Grant Limberg
563655a1a4
Redis now usable as a message queue 2020-05-12 11:56:19 -07:00
Joseph Henry
a50e8e9878 Add Bonds, Slaves, and Flows 2020-05-12 01:35:48 -07:00
Joseph Henry
de9cfbe9b0 Merge dev into multipath 2020-05-12 00:08:52 -07:00
Grant Limberg
d699116795
mac deps 2020-05-11 16:48:14 -07:00
Grant Limberg
8f3a0b17ad
redis++ binaries for mac 2020-05-11 15:24:13 -07:00
Grant Limberg
b5c661c5d5
add libhiredis.a for mac 2020-05-11 15:06:10 -07:00
Grant Limberg
154470b570
add original hiredis 2020-05-11 15:03:56 -07:00
Grant Limberg
73b1d57b13
rip out rabbitMQ 2020-05-11 12:29:06 -07:00
Grant Limberg
acb4ef0f12
add hiredis-vip to controller build 2020-05-11 11:48:05 -07:00
Gleb Panov
d2db307bee Add lines to enable Elbrus (https://en.wikipedia.org/wiki/Elbrus-8S) microprocessor architecture. No changes in code, only in build procedure (recognise relevant ARCH output. 2020-04-29 13:51:28 +03:00
Athanasios Oikonomou
182f16d2a4 Add support for armv7ve 
This commit adds support for ARM armv7ve arch.
The extended version of the ARMv7-A architecture with support for virtualization.
 2020-04-26 17:01:49 +02:00
Robert Socha
bfe5c758ba Add description for Windos service 2020-04-18 18:56:28 +02:00
Joseph Henry
32a78b5f61 Fix preprocessor typo in previous commit 2020-03-31 20:34:48 -07:00
Joseph Henry
54f9f2ad53 Add special case for Ubiquiti routers in platformDefaultHomePath() 2020-03-31 20:27:41 -07:00
Adam Ierymenko
f12c75e68b Merge branch 'master' of github.com:zerotier/ZeroTierOne 2020-03-25 13:40:13 -07:00
Travis LaDuke
b6b11dbf82 Document allowSecondaryPort 2020-03-25 10:26:14 -07:00
Grant Limberg
0d42108254
member ip inserts DO NOTHING on conflict 2020-03-04 09:45:45 -08:00
Grant Limberg
f6026f94a5
More fun with dupes 2020-03-03 23:52:53 -08:00
Grant Limberg
e702942041
Fix duplicate assigned IP check when adding assigned IPs to database 2020-03-03 13:34:24 -08:00
Grant Limberg
00ac35ad62
add --no-cache for docker central controller build 2020-02-24 11:06:08 -08:00
Grant Limberg
12a92fc4a1
Un-log & some production build image fixes 2020-02-24 11:02:05 -08:00
Grant Limberg
baa14a63c9
It's LOG! It's LOG! 
It's big, it's heavy, it's wood
 2020-02-24 10:20:47 -08:00
Grant Limberg
cce51cea5d
Merge branch 'pipeline' into dev 2020-02-03 13:48:46 -08:00
Grant Limberg
ba4324f992
Update jenkinsfile for new build process 2020-02-03 12:51:46 -08:00
Grant Limberg
81e982991b add kali rolling 2020-02-03 10:46:39 -08:00
Grant Limberg
f6f4fba90e Add docker configs for multi arch jenkins builds 2020-02-03 09:57:48 -08:00
root
23d5a972ba disable lintian because sid/bullseye are sitting there running /bin/sleep 3 endlessly on this step 2020-01-31 13:15:23 -08:00
root
d5467e130e disable lintian because sid/bullseye are sitting there running /bin/sleep 3 endlessly on this step 2020-01-31 13:13:02 -08:00
Grant Limberg
5faf0f8ab6
whoops 2020-01-23 09:46:15 -08:00
Grant Limberg
0f17cd4791
Update to jenkinsfile for multi-platform release builds 2020-01-23 09:41:17 -08:00
Grant Limberg
e0518ab176
testing armv5t instead of armv5 flag 2020-01-22 16:36:26 -08:00
Grant Limberg
28df0c2e38
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2019-12-17 10:56:53 -08:00
Grant Limberg
7696d45093 Fix handling of invalid conf file 
Fixes GitHub issue #1068
 2019-12-17 10:51:01 -08:00
Grant Limberg
2a7d4fcde5 update vs project settings 2019-12-17 10:49:21 -08:00
Kevin Kuehler
c9f07e855e systemd: fix zerotier hanging on shutdown 
On system shutdown, zerotier is stopped after the network and gets
itself into a connection timeout loop. It hits the TimeoutStopUSec= and
is forcibly killed by SIGKILL. Order zerotier after network.target so it
can shutdown gracefully while the network is still up.

From systemd.special(7):

at shutdown, a unit that is ordered after network.target will be stopped
before the network — to whatever level it might be set up then — is shut
down. It is hence useful when writing service files that require network
access on shutdown, which should order themselves after this target, but
not pull it in
 2019-11-27 16:29:39 -08:00
Grant Limberg
995fa4a76c
Merge branch 'refs/heads/master' into dev 2019-11-22 15:00:39 -08:00
Grant Limberg
d8597884f6
jenkins windows 2019-11-22 11:25:31 -08:00
Grant Limberg
a993ddc54d
Merge branch 'refs/heads/master' into dev 2019-11-21 15:12:37 -08:00
Grant Limberg
54e25084fe
re-enable CI on master 2019-11-21 14:51:33 -08:00
Grant Limberg
e58a0b3efb
build central controller docker images on macOS 2019-11-21 14:49:24 -08:00
Grant Limberg
381f15382c Convert central-controller docker build to use a builder subcontainer 2019-11-20 13:56:26 -08:00
Grant Limberg
91d679af15
Merge pull request #1087 from skunkwerks/dev 
drop -Werror from DEBUG builds
 2019-11-19 08:47:38 -08:00
Dave Cottlehuber
8396f16dd2 drop -Werror from DEBUG builds 
Appease compilers. Thanks @glimberg for the diff.
Closes #1086
 2019-11-19 16:45:06 +00:00
Travis LaDuke
bb84c9b65c
Merge pull request #1082 from laduke/controller-readme 
Add Managed Routes example to controller readme.
 2019-11-15 10:35:13 -08:00
Travis LaDuke
e744c95c5b Add Managed Routes example to controller readme. 2019-11-15 10:29:39 -08:00
Travis LaDuke
a725d1a29a
Merge pull request #1081 from 0xflotus/patch-1 
fixed small error
 2019-11-14 10:30:30 -08:00
0xflotus
38feda1594
fixed small error 2019-11-14 10:17:05 +01:00
Grant Limberg
dc19deb6c3
. 2019-11-13 12:46:52 -08:00
Grant Limberg
86abd31659
fix log line 2019-11-13 12:46:16 -08:00
Joseph Henry
b8e70d866a Compile fix for unterminated conditional directive 2019-11-12 09:46:39 -08:00
Joseph Henry
e1e27eb19d Bugfix for incorrect port binding of secondary and tertiary ports 2019-11-11 12:03:49 -08:00
Grant Limberg
088dab4f04
Let's not print this to the logs 2019-10-31 15:13:20 -07:00
Grant Limberg
cc79ec6179
use std::string instead of const char* in rmq struct 2019-10-31 15:08:59 -07:00
Grant Limberg
74478b24b0
add librabbitmq binaries for macos for testing central controller 2019-10-31 14:04:25 -07:00
Travis LaDuke
bad95d7c67 Update cli help to say <network ID> instead of <network> 
Closes #1054
 2019-10-15 13:15:45 -07:00
Adam Ierymenko
de127056c2
Add notarization to "make official". 2019-09-16 20:13:20 -07:00
Adam Ierymenko
0767ea5d69
* Update default root list to latest 
* ARM32 platform build and flag fixes
 * Add a clarification line to LICENSE.txt
 * Fix license message in CLI
 * Windows service now looks for service command line arguments
 * Fixed a bug that could cause excessive queued multicasts
 2019-09-05 11:02:16 -07:00
Adam Ierymenko
8454a14eac new Windows GUID for build #2 2019-09-04 14:25:57 -07:00
Adam Ierymenko
ecee310087
Update built-in root list. 2019-09-04 14:17:41 -07:00
Adam Ierymenko
bcdab95e4c Windows installer version bump, build fix. 2019-09-04 14:13:45 -07:00
Adam Ierymenko
a16377cea5
Add mitigations against borked ARM32 exception unrollers, possibly fix GitHub issue #1003 2019-09-04 12:48:28 -07:00
Adam Ierymenko
ef69f1bb27
ARM wrestling 2019-09-04 12:37:54 -07:00
Adam Ierymenko
27c8eb0d6d GitHub issue #1019 2019-09-04 12:21:51 -07:00
Adam Ierymenko
3c0f54257b
Debian typo fix 2019-09-04 08:19:33 -07:00
Adam Ierymenko
e6ead35884
docs 2019-08-30 17:48:22 -07:00
Adam Ierymenko
a6dff8ff2f
Add an extra catch as workaround for possible cause of ARM crash. 2019-08-30 17:47:13 -07:00
Adam Ierymenko
4281b6b448
Ignore MULTICAST_GATHER replies with the wrong count. 2019-08-30 17:45:10 -07:00
Adam Ierymenko
6897f602bf
1.4.6 version bump 2019-08-30 15:30:37 -07:00
Adam Ierymenko
075321fd0d debian build version bump 2019-08-30 15:16:05 -07:00
Adam Ierymenko
5e8e935189
world! 2019-08-30 11:57:18 -07:00
Adam Ierymenko
ebb5f1256f
ARM wrestling 2019-08-30 10:03:07 -07:00
Adam Ierymenko
7c6d0d3c0f
ARM wrestling 2019-08-30 09:50:37 -07:00
Adam Ierymenko
1b6b38e395
Add default addIps() implementation to EthernetTap base class to fix build on systems that do not need addIps(). 2019-08-28 07:43:18 -07:00
Grant Limberg
1cf953c046 working docker image for end users. 
GitHub Issue #1013
 2019-08-27 16:57:07 -07:00
Grant Limberg
e5bf4565da readme in central controller docker folder 2019-08-27 15:43:11 -07:00
Grant Limberg
ddc904a502 remove docker line from readme 2019-08-27 15:27:41 -07:00
Grant Limberg
5cda292d15 comment out docker docker target from makefile because broken 2019-08-27 15:16:05 -07:00
Grant Limberg
e51cf0d4d2 moved elsewhere for controller builds 2019-08-27 15:14:55 -07:00
Joseph Henry
d8de837c60 LinuxEthernetTap addIps virtual function fix for SYNOLOGY builds 2019-08-27 14:43:30 -07:00
Adam Ierymenko
ca89695270
Fix make central-controller-docker 2019-08-26 12:19:50 -07:00
Adam Ierymenko
91b16310ea
* Change license from GPL3 to BSL 1.1, see LICENSE.txt 
* Fix an issue with the "ipauth" rule and auto-generated unforgeable IPv6 addresses
 * Fix socket/bind errors setting IPs and routes on Linux
 2019-08-26 10:33:26 -07:00
Adam Ierymenko
609873e6d1 Windows version bump 2019-08-23 22:10:15 -07:00
Adam Ierymenko
4c616621c2 Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2019-08-23 21:38:15 -07:00
Adam Ierymenko
05470bf202 Fix RPM targets 2019-08-23 21:38:04 -07:00
Adam Ierymenko
633cf9ec04
Warning removal 2019-08-23 21:28:26 -07:00
Adam Ierymenko
f3c3a90393
Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2019-08-23 21:24:34 -07:00
Adam Ierymenko
25a48f2f44 Fix RedHat sub-version. 2019-08-23 21:24:05 -07:00
Adam Ierymenko
d214a5437f
Bump Mac pkg version 2019-08-23 15:24:52 -07:00
Adam Ierymenko
de0a5aa840
GitHub issue #994 2019-08-23 12:09:31 -07:00
Adam Ierymenko
6f9e3e3b78
Back out unnecessary hack 2019-08-23 11:14:17 -07:00
Adam Ierymenko
5c5e7fc7ff Merge branch 'dev' of https://github.com/zerotier/ZeroTierOne into dev 2019-08-23 11:13:13 -07:00
Adam Ierymenko
43e98930e9 distro cleanup 2019-08-23 11:12:25 -07:00
Adam Ierymenko
51ebefc3ab
Ifdef these to stop non-Windows IDEs from complaining. 2019-08-23 10:34:37 -07:00
Adam Ierymenko
86add4a6d3
Tolerate any libstdc++6 package "version" for Mint and other distros with weird versions on libstdc++6. 2019-08-23 10:31:12 -07:00
Adam Ierymenko
221a3f9a08 Merge branch 'dev' of http://10.187.0.8/zerotier/ZeroTierOne into dev 2019-08-23 10:20:04 -07:00
Adam Ierymenko
2f74bd5150 Add "make docker" for GitHub issue #1013 2019-08-23 10:19:59 -07:00
Adam Ierymenko
e8ae333443
Version bumps, license fixed, and GitHub issue #990 take two 2019-08-23 10:15:13 -07:00
Adam Ierymenko
52a166a71f
Relicense: GPLv3 -> ZeroTier BSL 1.1 2019-08-23 09:23:39 -07:00
Adam Ierymenko
509da3ac34
Merge pull request #1012 from wendelb/wendelb-patch-1 
Controller-Docs little cleanup
 2019-08-21 08:14:38 -07:00
Joseph Henry
afca5c2536 Partial implementation of ZT_MULTIPATH_BALANCE_RR_OPAQUE 2019-08-20 23:28:59 -07:00
Joseph Henry
5453cab22b Added flow-awareness check for policies, more work on ZT_MULTIPATH_ACTIVE_BACKUP 2019-08-20 18:50:38 -07:00
Joseph Henry
b0a91c0187 Partial implementation of ZT_MULTIPATH_ACTIVE_BACKUP 2019-08-20 16:19:20 -07:00
Joseph Henry
963113b86d Minor adjustment to how _allowTcpFallbackRelay is disabled when _multipathMode is set 2019-08-20 10:38:18 -07:00
Joseph Henry
0634214f2c Added notion of Flows 2019-08-19 21:52:33 -07:00
wendelb
fe18579061
Removed duplicate line creationTime 2019-08-17 22:50:13 +02:00
Joseph Henry
15e44f0ddd Merge remote-tracking branch 'origin/dev' into multipath 2019-08-14 11:25:40 -07:00
Joseph Henry
b0e86d11c9 Minor. Name change for trace functions 2019-08-14 11:24:03 -07:00
Adam Ierymenko
2ec53df7ab
Put a limit on the multicast TX queue to prevent memory use ridiculousness. 2019-08-14 10:52:21 -07:00
Adam Ierymenko
1c7b553331
GitHub issue #1000 2019-08-14 10:47:58 -07:00
Joseph Henry
5b7d60f5cd Whoops 2019-08-13 14:42:48 -07:00
Joseph Henry
640567a021 More informative link aggregation trace outputs 2019-08-13 14:34:47 -07:00
Joseph Henry
2593c6efee Adjusted multipath constants 2019-08-13 14:34:11 -07:00
Joseph Henry
36d368cb78 Check for (local multipath support only) during decision to decrease direct path push interval. This prevents the chicken-and-egg situation of not knowing if two peers can support multipath on both ends and thusly not sending eachother their direct paths quickly enough. 2019-08-13 13:26:41 -07:00
Adam Ierymenko
a0fb519696 Make sure libstdc++ is in RH spec file 2019-08-13 12:58:14 -07:00
Joseph Henry
2e9fa7a811 Merge remote-tracking branch 'origin/dev' into multipath 2019-08-13 12:42:19 -07:00
Joseph Henry
d8ce1f7914 Added ZT_DIRECT_PATH_PUSH_INTERVAL_MULTIPATH to decrease link aggregation time 2019-08-13 12:41:30 -07:00
Adam Ierymenko
83e6864b78
Version bump in Linux packages for new binaries. 2019-08-13 09:34:56 -07:00
Joseph Henry
3c7e25ed58 Added call to computeAggregateAllocation() in multipath mode=1 to give realtime allocation output 2019-08-12 17:04:27 -07:00
Adam Ierymenko
98af3c0dc1
* Fix high CPU use bug on some platforms 
* Fix issues with PostgreSQL controller DB (only affects Central)
 * Restore backward compatibility with MacOS versions prior to 10.13
 2019-08-12 13:25:12 -07:00
Joseph Henry
77ae929eb3 Merge master into multipath 2019-08-12 11:40:13 -07:00
Adam Ierymenko
5341c216a7
Comment ugly query 2019-08-08 19:20:01 -05:00
Adam Ierymenko
96a0c3d764
ugly query is ugly 2019-08-08 19:16:11 -05:00
Adam Ierymenko
783b49e383
more worky less not worky 2019-08-08 18:58:22 -05:00
Adam Ierymenko
d4dc983a01
fix bad column name 2019-08-08 18:31:41 -05:00
Adam Ierymenko
72ccd1020a
Another exception fix 2019-08-08 18:11:06 -05:00
Adam Ierymenko
6a9a577c59
rulesSource needs to be required in network or pgsql has issues 2019-08-08 17:56:27 -05:00
Adam Ierymenko
730305ecc7
One more sync fix. 2019-08-08 17:31:32 -05:00
Adam Ierymenko
f8f2432ece
Shutdown fix 2019-08-08 17:22:20 -05:00
Adam Ierymenko
55087521f6
Add periodic sync check when syncing LF<>another DB 2019-08-08 17:20:50 -05:00
Adam Ierymenko
760ae07d72
Sync bug fix 2019-08-08 16:30:52 -05:00
Adam Ierymenko
28d0070ce2
Fix race in multiple DB mirroring configurations. 2019-08-08 15:29:13 -05:00
Adam Ierymenko
ad2a7c2590 More windows build fixes 2019-08-08 15:15:12 -05:00
Adam Ierymenko
8b97755fc5 Windows fixes. 2019-08-08 14:08:35 -05:00
Adam Ierymenko
7bb0d9be1b
warning removal 2019-08-08 11:04:11 -05:00
Adam Ierymenko
6c44fcc290
more warning cleanup 2019-08-08 10:28:57 -05:00
Adam Ierymenko
c8e7031198
warning cleanup 2019-08-08 10:01:57 -05:00
Adam Ierymenko
fb3b2820b5
centos 7 docs 2019-08-08 09:50:05 -05:00
Adam Ierymenko
c83a4aef55
cleanup 2019-08-07 21:47:06 -05:00
Adam Ierymenko
af7a70bf02
cleanup 2019-08-07 21:11:48 -05:00
Adam Ierymenko
4d70640a15
Remove debug line 2019-08-07 19:06:02 -05:00
Adam Ierymenko
b11627a8bc
add SDK VirtualTap to new factory method 2019-08-07 18:45:04 -05:00
Adam Ierymenko
7436f85ad0
Require MacOS 10.10 2019-08-07 18:22:03 -05:00
Adam Ierymenko
237c379866
Choose which tap to use (feth or kext) on Mac based on Darwin version. 2019-08-07 18:20:17 -05:00
Adam Ierymenko
aca31c7055
Put kext back in Mac distro and use on versions older than High Sierra (which lack the feth device) 2019-08-07 18:14:12 -05:00
Adam Ierymenko
6073e7972f
Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2019-08-07 11:24:04 -05:00
Adam Ierymenko
f7e8d8f1dd
Fix LFDB path issue when using with Postgress in DBMirrorSet config 2019-08-07 11:23:48 -05:00
Grant Limberg
87016ae815 network update to upsert 2019-08-06 15:30:50 -07:00
Adam Ierymenko
3ed8e46782
Use devtoolset-8 on RHEL/CentOS 7 2019-08-06 16:46:41 -05:00
Adam Ierymenko
3db0197865
Add try/catch in LFDB and add introspection into multicast subscriptions in client network status API 2019-08-06 15:22:57 -05:00
Adam Ierymenko
6174c0c103
Fix deadlock bug. 2019-08-06 13:20:37 -05:00
Adam Ierymenko
8898cb342b
. 2019-08-06 13:12:45 -05:00
Adam Ierymenko
9cc76d1115
Remove debug line 2019-08-06 11:01:08 -05:00
Adam Ierymenko
5289d3327c
Build fixes 2019-08-06 11:00:35 -05:00
Adam Ierymenko
00fb9c475e
More work on DB mirroring. 2019-08-06 10:42:54 -05:00
Adam Ierymenko
3c776675b3
Cruftectomy, work in progress on mirrorring 2019-08-06 08:51:23 -05:00
Adam Ierymenko
37d508ab96
Refactoring in prep for mirroring 2019-08-06 07:51:50 -05:00
Adam Ierymenko
f4f8fef82e
LFDB fix 2019-08-05 15:30:03 -05:00
Adam Ierymenko
cd2e3c79f2
Windows AIP version bump 2019-08-04 20:27:09 -07:00
Adam Ierymenko
7722350178
Version bump to 1.4.2 for all but Windows AIP 2019-08-04 20:13:12 -07:00
Adam Ierymenko
a77b4ecddb Add optional function in DB change listener for member online events. 2019-08-04 19:55:52 -07:00
Adam Ierymenko
818b7e4a2e GitHub issue #993 (???) 2019-08-04 15:35:43 -07:00
Adam Ierymenko
00d63f6046 GitHub issue #993 (???) 2019-08-04 15:15:02 -07:00
Adam Ierymenko
639fc60257 GitHub issue #990 2019-08-04 15:08:33 -07:00
Grant Limberg
21467596bc Merge branch 'remove_network_status_table' into dev 2019-08-04 12:38:12 -07:00
Adam Ierymenko
75ebe5172f Fix for sharing of capabilities in 1.4 (problem introduced when push frequency was reduced) 2019-08-02 20:43:02 -07:00
Adam Ierymenko
4a9030b4a0 Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2019-08-02 13:59:10 -07:00
Adam Ierymenko
fdc708a624 GitHub issue #979 2019-08-02 13:59:03 -07:00
Adam Ierymenko
67beea1e3d Batch file to clean Windows build dir 2019-08-01 13:21:36 -07:00
Adam Ierymenko
34364ab8ee Bump version 2019-07-31 16:41:35 -07:00
Adam Ierymenko
bb99ef1351 Get rid of online status stuff in FileDB, not necessary at all. 2019-07-31 16:41:12 -07:00
Adam Ierymenko
b3891e5506 Version 1.4.0.1: bug fix for Mac multicast and IPv4 issues, no change for other platforms 2019-07-31 13:27:08 -07:00
Adam Ierymenko
632d6e04ad Mac multicast bug fix -- GitHub issue #986 2019-07-31 13:25:58 -07:00
Adam Ierymenko
db813db7e8 2019-07-29 -- Version 1.4.0 
Major Changes

 * Mac version no longer requires a kernel extension, instead making use of the [feth interfaces](https://apple.stackexc
 * Added support for concurrent multipath (multiple paths at once) with traffic weighting by link quality and faster rec
 * Added under-the-hood support for QoS (not yet exposed) that will eventually be configurable via our rules engine.

Minor Changes and Bug Fixes

 * Experimental DB driver for [LF](https://github.com/zerotier/lf) to store network controller data (LFDB.cpp / LFDB.hpp
 * Modified credential push and direct path push timings and algorithms to somewhat reduce "chattiness" of the protocol
 * Removed our beta/half-baked integration of Central with the Windows UI. We're going to do a whole new UI of some kind
 * Fixed stack overflow issues on Linux versions using musl libc.
 * Fixed some alignment problems reported on ARM and ARM64, but some reports we could not reproduce so please report any
 * Fixed numerous other small issues and bugs such as ARM alignment issues causing crashes on some devices.
 * Windows now sets the adapter name such that it is consistent in both the Windows UI and command line utilities.
 2019-07-29 16:11:06 -07:00
Adam Ierymenko
837c6270f2 More docs 2019-07-29 15:14:37 -07:00
Adam Ierymenko
8c3c07cb5d docs 2019-07-29 13:50:02 -07:00
Adam Ierymenko
5cc0dd7f55 Windows installer version bump 2019-07-29 12:36:10 -07:00
Adam Ierymenko
79c4d98b61 docs 2019-07-29 12:10:39 -07:00
Adam Ierymenko
678e11530e 1.4 bump 2019-07-29 12:07:44 -07:00
Adam Ierymenko
a8f2b39f15 Windows project fixes 2019-07-29 11:05:46 -07:00
Adam Ierymenko
add2ac0369
Merge pull request #963 from atopuzov/armv6l 
Fix compiling on Raspberry PI Zero W on Arch Linux
 2019-07-29 10:23:09 -07:00
Adam Ierymenko
1e475edd1c
Merge pull request #973 from unquietwiki/patch-1 
Update Dockerfile
 2019-07-29 10:22:36 -07:00
Adam Ierymenko
745483708a
Merge pull request #974 from squeakbat/master 
Don't relink zerotier-one every time.
 2019-07-29 10:21:35 -07:00
Adam Ierymenko
d9432f2f1e cleanup 2019-07-29 10:19:20 -07:00
Adam Ierymenko
eb7081d2a3 Fix for detecting changes in LF from other instances of the same controller. 2019-07-26 19:28:09 -07:00
Adam Ierymenko
d9befe3fb3 Debug code removal 2019-07-26 18:51:50 -07:00
Adam Ierymenko
0618452615 LF masking key should be a secret 2019-07-26 17:44:05 -07:00
Adam Ierymenko
f6b080b8a2 Abstract out change listener from controller itself to permit DBs to shadow changes from other DBs. 2019-07-26 17:39:00 -07:00
Adam Ierymenko
c8c33db1d1 . 2019-07-26 16:03:21 -07:00
Adam Ierymenko
196bac726c Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2019-07-23 16:06:40 -07:00
Adam Ierymenko
ac2688de58 More LFDB work 2019-07-23 16:06:35 -07:00
Joseph Henry
d2af12b6a0 Forgot to add ZT_DISABLE_COMPRESSION to linux makefile 2019-07-23 13:33:25 -07:00
Joseph Henry
6958ba9557 Added ZT_DISABLE_COMPRESSION build flag for SDK and low-end NAS builds 2019-07-23 12:39:07 -07:00
Adam Ierymenko
5f11daadf2 Build fix 2019-07-23 09:30:40 -07:00
Adam Ierymenko
99df3fe433 Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2019-07-23 09:29:12 -07:00
Adam Ierymenko
d4d350a285 Work in progress 2019-07-23 09:29:08 -07:00
Joseph Henry
8a0b75c83a Added LFDB.o to objects.mk 2019-07-22 15:24:16 -07:00
Joseph Henry
9cf74657e0 Commented out rtnetlink error debug trace 2019-07-22 14:12:21 -07:00
Adam Ierymenko
5edd04638d LFDB work in progress 2019-07-22 13:43:06 -07:00
Ellen Wang
eb2f851e65 Don't relink zerotier-one every time. 
Because zerotier-one depends on "one", which is a phony target,
making it relinks zerotier-one every time, which is probably
not the desired behavior.

In any case, zerotier-one, zerotier-cli, and zerotier-idtool are
real target, so they should have real dependencies and actions.
The "one" target now depends on these three files.

Behavior is mostly unchanged otherwise.
 2019-07-21 21:37:01 -07:00
Joseph Henry
a0f47b12b4 Removed Synology-specific home path, changes made elsewhere in SPK 2019-07-19 16:34:31 -07:00
Adam Ierymenko
1b2d9e202e Remove 44/8 as pseudoprivate since it is now partly global. 2019-07-19 13:33:14 -07:00
Michael Adams
daa8839005
Update Dockerfile 
Update Dockerfile to use Debian 10 + pull the main.sh directly from Github; works for Portainer use.
 2019-07-18 17:48:41 -07:00
Grant Limberg
80124bb753 Update release notes 2019-07-16 15:34:26 -07:00
Grant Limberg
861a319014 Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2019-07-16 15:20:05 -07:00
Grant Limberg
d43e810ecb Finally figured out how to update the network interface names on Windows so that they'll be visible in ipconfig, Get-NetAdapter etc. 2019-07-16 15:16:49 -07:00
Grant Limberg
7afcc17024 no usleep() on Windows 2019-07-16 13:09:10 -07:00
Grant Limberg
2ab2f68725 Add a central database schema version check to central controller startup 2019-07-16 12:15:38 -07:00
Adam Ierymenko
90872c906f Fix FileDB stuff and latency measurement. 2019-07-15 16:30:34 -05:00
Adam Ierymenko
bdc2ec1f5e Track online status in FileDB 2019-07-15 15:27:53 -05:00
Grant Limberg
692733fffb Don't write to ztc_network_status table anymore in central controller 2019-07-15 13:00:16 -07:00
Adam Ierymenko
d3728d5859 cleanup 2019-07-10 21:30:11 -04:00
Joseph Henry
389331ca29 Ticket #915, added allowSecondaryPort to optionally force ZT to use a single port 2019-07-09 10:31:03 -07:00
Adam Ierymenko
b2c4b7e99f Version bunmp 2019-07-09 10:36:25 -04:00
Adam Ierymenko
fee6aae442 Drop in faster C25519 agreement code. 2019-07-09 10:31:08 -04:00
Grant Limberg
409406d114 Whoops 2019-07-08 12:36:49 -07:00
Grant Limberg
203414910f Give up to a second for the interface to appear to assign IP addresses 2019-07-08 12:33:26 -07:00
Travis LaDuke
ac0082a67e
Update README.md 2019-07-02 11:56:19 -07:00
Aleksandar Topuzović
9ccbe85923
Fix compiling on Raspberry PI Zero W on Arch Linux 
* Should also fix it for Raspberry PI 1
* "gcc -dumpmachine | cut -d '-' -f 1" reports armv6l
 2019-07-01 14:56:02 +01:00
Adam Ierymenko
dffbd2113a Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2019-06-28 11:20:49 -07:00
Adam Ierymenko
7db073d993 Start 1.4.0 release notes. 2019-06-28 11:20:38 -07:00
Adam Ierymenko
3c02c2e4bd Windows installer bump 2019-06-28 08:48:06 -07:00
Adam Ierymenko
a17c760181 Fix Mac installer 2019-06-27 14:36:31 -07:00
Adam Ierymenko
54d2fa65dd Version bump, cleanup 2019-06-27 14:31:10 -07:00
Adam Ierymenko
a019c3dd5d Tighten up credential push just a bit for faster up-time with older nodes, should not have significant impact on bandwidth. Also some cleanup and push direct path timing fixes. 2019-06-25 13:42:20 -07:00
Adam Ierymenko
a3ef9b8a15 Cleanup 2019-06-25 10:06:50 -07:00
Adam Ierymenko
554e0b7c6d Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2019-06-20 15:20:46 -07:00
Adam Ierymenko
fd74e2a583 Windows build changes for 1.2.99 (1.4.0pre) 2019-06-20 15:20:42 -07:00
Grant Limberg
af5d3a7f0b dockerfile updates 2019-06-20 14:17:38 -07:00
Adam Ierymenko
bb0808c99c Remove current multithreaded receive path, which is not that efficient. We will do something better in the future. 2019-06-19 10:19:59 -07:00
Adam Ierymenko
f0295b154b Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2019-06-17 15:50:11 -07:00
Adam Ierymenko
b041de831a More stack->heap 2019-06-17 15:50:05 -07:00
Grant Limberg
21e844cd82 Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2019-06-17 15:32:27 -07:00
Grant Limberg
4e2439bd12 Don't call _phy->getIfName if localSocket is -1 2019-06-17 15:32:21 -07:00
Adam Ierymenko
c5a07c7f20 More stack->heap 2019-06-17 15:28:02 -07:00
Adam Ierymenko
e2900f4f3c Fix valgrind warning... not sure if it is an actual issue. 2019-06-17 15:23:52 -07:00
Adam Ierymenko
aa831dd843 More stack->heap... 2019-06-17 14:55:33 -07:00
Adam Ierymenko
2dc783214c Allocate outp on heap in Peer. 2019-06-17 14:38:27 -07:00
Adam Ierymenko
523df47a65 Check for null data ptr 2019-06-17 14:02:35 -07:00
Adam Ierymenko
f66fac3982 Win32 build fix 2019-06-17 13:48:42 -07:00
Adam Ierymenko
9c51ce9c40 Windows build fixes, fix double/float types to get rid of warnings. 2019-06-17 13:32:41 -07:00
Adam Ierymenko
9797540212 merge 2019-06-13 12:53:05 -07:00
Adam Ierymenko
ce2338c24a Fix null ptr on managed routes if no IPs are set. 2019-06-13 12:52:38 -07:00
Grant Limberg
3b188ba672 no message 2019-06-13 10:38:42 -07:00
Grant Limberg
eb84d61deb remove these from jenkins for now 2019-06-13 10:35:54 -07:00
Grant Limberg
47d29ddcaf Compiler warning cleanup 2019-06-13 10:28:09 -07:00
Grant Limberg
f411eb1651 Remove old RethinkDB.cpp/.hpp files from visual studio project 2019-06-13 10:15:45 -07:00
Joseph Henry
94bd2918fa Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2019-06-12 13:14:23 -07:00
Joseph Henry
c3bfcf560b Removed check for port number in multipath path replacement logic 2019-06-12 13:14:14 -07:00
Adam Ierymenko
5b2b088714 Cleanup, version bump. 2019-06-11 14:58:23 -07:00
Adam Ierymenko
0bdfad52e7 docs 2019-06-11 13:51:10 -07:00
Adam Ierymenko
cf046a4039 Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2019-06-11 11:01:20 -07:00
Adam Ierymenko
700cc92083 Indent fix 2019-06-11 11:01:12 -07:00
Joseph Henry
2eb9c0924a Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2019-06-11 10:54:14 -07:00
Joseph Henry
ebadc6f203 Added s390x arch flags to makefile and ZeroTierOne.h for ticket #950 2019-06-11 10:54:06 -07:00
Adam Ierymenko
87bce1a36b GitHub issue #886 2019-06-11 10:53:35 -07:00
Adam Ierymenko
848f822171 . 2019-06-06 10:04:11 -07:00
Joseph Henry
d4199ddb3e Commented out RingBuffer::dump() as an alternative solution to PR #952 2019-06-03 11:00:04 -07:00
Grant Limberg
e4abc91d35 Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2019-05-31 15:10:53 -07:00
Grant Limberg
37d321afc8 dont spin as much in the onlineNotificationThread 2019-05-31 15:10:45 -07:00
Joseph Henry
541e5c510e CLI improvements (peers, and get/set ip, ip4, ip6, etc) 2019-05-31 11:41:24 -07:00
Joseph Henry
90d324ae96 Fixed ZT_SDK build issue. Moved ZT_SDK preprocessor directives to more permanent homes 2019-05-17 10:15:40 -07:00
Adam Ierymenko
cacdb445c7 Bump protocol version to 10 2019-05-14 13:54:27 -07:00
Joseph Henry
4743ad0b16 Added convenience swtich for disabling JSON support in SDK build 2019-05-13 12:24:55 -07:00
Joseph Henry
2d5c6fa975 Disabled compression for outbound packets in SDK build 2019-05-13 12:24:22 -07:00
Joseph Henry
95ef13f7a1 Added divisor for ZT_PEER_ACTIVITY_TIMEOUT, gives quicker indication to status change in SDK 2019-05-13 12:24:01 -07:00
Joseph Henry
298e1d5a74 Added 90x90 AppIcon 2019-05-01 12:53:50 -07:00
Grant Limberg
87c75d033e pt 2 2019-04-22 11:36:14 -07:00
Grant Limberg
71ae678930 Make things compile with Android NDK again 2019-04-22 11:35:35 -07:00
Grant Limberg
6a027c9c0a amqp_consume_message now has a timeout 
RabbitMQ::consume() will return an empty string if the call to amqp_consume_message times out
 2019-04-18 14:57:06 -07:00
Grant Limberg
6014df2847 fix compile & sql errors 2019-04-04 15:11:01 -07:00
Grant Limberg
55a9e6e05e Queue up inserts in onlineNotificationThread() into a multiple insert statement 2019-04-04 12:40:49 -07:00
Adam Ierymenko
02f0eead1c More new Mac ethernet tap bugs. 2019-03-29 15:14:03 -07:00
Adam Ierymenko
d77846dcea Add bigness to buffers to prevent overflow on high traffic (Mac tap). 2019-03-29 12:45:02 -07:00
Adam Ierymenko
92c811deb7 Destroy feth devices before creating to delete old ones if they were left behind (MacEthernetTap). 2019-03-29 12:14:03 -07:00
Adam Ierymenko
92f199ab98 More bug fixing for AARCH64. 2019-03-28 22:40:28 +00:00
Adam Ierymenko
b65feeba85 One more AARCH64 fix. 2019-03-28 15:23:53 -07:00
Adam Ierymenko
6914425b03 cleanup 2019-03-28 13:58:19 -07:00
Adam Ierymenko
89f57124b2 Never mind, only unused on some builds so leave them there. 2019-03-27 09:30:45 -07:00
Adam Ierymenko
65823332d4 Comment out some unused functions. 2019-03-27 09:29:34 -07:00
Adam Ierymenko
ee8682ac75 Temporarily disable the symmetric NAT port prediction code since the current version adds protocol overhead and probably is not that effective. 2019-03-26 15:23:51 -07:00
Adam Ierymenko
e3e5137757 Fix more alignment hell in LinuxNetLink for AARCH64 and probably other pedantic architectures. 2019-03-25 22:53:06 +00:00
Adam Ierymenko
d81549a7b1 Various other fixes including removal of more mem*() issues and netlink fixes for AARCH64. 2019-03-25 22:19:52 +00:00
Adam Ierymenko
d5ac8512e3 ... 2019-03-25 12:58:43 -07:00
Adam Ierymenko
f23e354272 Nope, more... 2019-03-25 12:56:03 -07:00
Adam Ierymenko
6475e1faf6 I think this is the last one. 2019-03-25 12:53:31 -07:00
Adam Ierymenko
752fc0742e More mem*() stuff... sigh... 2019-03-25 12:52:19 -07:00
Adam Ierymenko
e1091611da More mem*() stuff... 2019-03-25 12:41:59 -07:00
Adam Ierymenko
678116b6d1 One more. 2019-03-25 12:36:54 -07:00
Adam Ierymenko
0a9e2227e8 ... and more 2019-03-25 12:00:54 -07:00
Adam Ierymenko
2600b1f144 Removal of more mem*() calls. 2019-03-25 11:59:14 -07:00
Adam Ierymenko
b56753ea9f Get rid of some mem* calls that are bad C++ form (but worked fine) and cause warnings. 2019-03-25 11:45:32 -07:00
Adam Ierymenko
97046b265c Kill ZT_FAST_MEMCPY in selftest. 2019-03-22 15:52:16 -07:00
Adam Ierymenko
2966eac64f Get rid of ZT_FAST_MEMCPY because this is not really needed. 2019-03-22 15:50:15 -07:00
Adam Ierymenko
d530356055 RingBuffer<> is now templated with size, buffer is now static. 2019-03-22 14:39:52 -07:00
Adam Ierymenko
af3ec000a0 Merge branch 'dev' into edge 2019-03-22 09:38:41 -07:00
Adam Ierymenko
8051127c3b Update credits. 2019-03-21 16:43:53 -07:00
Adam Ierymenko
e37eb0aa54 More cleanup of old stuff no longer used. 2019-03-21 16:42:52 -07:00
Adam Ierymenko
130fa35bb1 cleanup 2019-03-21 16:39:56 -07:00
Adam Ierymenko
39e1021f62 Replace certificate based gating of multicast like/gather with a simpler more efficient method, fix some minor issues with request based com/cert push, and clean up some other random stuff. 2019-03-21 16:18:49 -07:00
Adam Ierymenko
63ec19674c . 2019-03-19 16:43:43 -07:00
Travis LaDuke
af60e769b0 Allow mac users to make central-controller 
Made the smallest change I could figure out.
Had to remove -Werror because something in the postgres adapter woudn't
compile.

brew install postgresql rabbitmq-c
and seems to put the libs in the right place
 2019-03-18 17:01:05 -07:00
Adam Ierymenko
087c75d5ee More cleanup. 2019-03-14 16:40:22 -07:00
Adam Ierymenko
e03102dbcb Clean out some unnecessarily pedantic auth stuff in favor of a simpler way of gating multicast gathers. 2019-03-14 14:29:15 -07:00
Adam Ierymenko
9d7b7c72b2 Merge branch 'dev' into edge 2019-03-14 13:49:49 -07:00
Travis LaDuke
99c3f02343
Update controller readme 
Delete `/controller/network/<network ID>/active` docs

re: #921
 2019-03-12 13:02:49 -07:00
Grant Limberg
95bfc29c92 Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2019-03-11 12:26:57 -07:00
Grant Limberg
e3cc7c9a80 fix non-central controller builds 2019-03-11 11:16:44 -07:00
Grant Limberg
d4c0349de9 Revert "#ifdef'd out multipath/QoS statistics buffers allocations for ZT_PROTOCOL_VERSION<10" 
This reverts commit 270debb3fc.
 2019-03-11 09:44:40 -07:00
Adam Ierymenko
d7a6357393 Merge branch 'dev' into edge 2019-03-08 13:16:02 -08:00
Adam Ierymenko
6fbf21b4f0 Use a smaller MTU, which should not impact throughput since 2800+overhead/2 still fits in two of these. 2019-03-08 13:15:47 -08:00
Grant Limberg
993d850f69 more logs 2019-03-08 10:50:33 -08:00
Grant Limberg
cda07b20a2 add mutex to channel numbering 2019-03-08 10:29:36 -08:00
Grant Limberg
52c85aa605 now with more -fPIC 2019-03-08 10:29:19 -08:00
Grant Limberg
e5155df6d5 Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2019-03-08 10:21:19 -08:00
Grant Limberg
293d2064c4 librabbitmq built with same clang version as zt 2019-03-08 10:20:53 -08:00
Grant Limberg
171cc3e01a reorder a couple of things 2019-03-08 10:20:19 -08:00
Grant Limberg
8141043560 finish up rabbitmq integration 2019-03-06 16:16:49 -08:00
Grant Limberg
9a3cc93d74 update dockerfile to generate rabbitmq config settings when necessary 2019-03-05 15:47:04 -08:00
Grant Limberg
fcb4221f97 rabbitMQ implementation 2019-03-05 15:11:50 -08:00
Grant Limberg
1f13374a4f added struct for rabbitmq config 2019-03-04 17:01:16 -08:00
Grant Limberg
801401a6e7 Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2019-03-04 16:31:36 -08:00
Grant Limberg
de1fc43cc5 added librabbitmq library for central controller 2019-03-04 16:27:39 -08:00
Joseph Henry
270debb3fc #ifdef'd out multipath/QoS statistics buffers allocations for ZT_PROTOCOL_VERSION<10 2019-03-01 13:28:00 -08:00
Grant Limberg
59a0a25f35 Merge branch 'controller-live' into dev 2019-03-01 11:13:49 -08:00
Grant Limberg
a788486803 Remove /controller/network/<network ID>/active from controller documentation as that path no longer exists. 
GitHub Issue #921
 2019-02-25 12:13:55 -08:00
Grant Limberg
3d21f0a91f update docker registry used 2019-02-08 10:40:57 -08:00
Grant Limberg
f726044e29 no message 2019-02-05 11:48:03 -08:00
Grant Limberg
a4b1917361 Fixed a bug where UI elements were attempting to be updated in a background thread. 
Also code cleanup & removed confusing startup UI
 2019-02-05 11:47:37 -08:00
Adam Ierymenko
a3b2aeb001 Take netmask bits from most specific route. 2019-02-01 14:06:34 -08:00
Adam Ierymenko
5b1ef2fb03 Take netmask bits from most specific route. 2019-02-01 14:05:29 -08:00
Joseph Henry
d0f78f1e03 Bugfix for heap-use-after-free in concurrent packet processing code (manifests only after terminate() is called) 2019-02-01 11:50:52 -08:00
Joseph Henry
541e91ed8e Fixed potential memory leak in RingBuffer 2019-02-01 11:44:43 -08:00
Adam Ierymenko
321cada1d7 Wrong criteria was wrong. Now with less wrong. 2019-02-01 11:38:19 -08:00
Adam Ierymenko
34c1023ba7 Wrong criteria was wrong. Now with less wrong. 2019-02-01 11:37:30 -08:00
Joseph Henry
82a21d4b71 Bugfix for heap-use-after-free in concurrent packet processing code (manifests only after terminate() is called) 2019-01-30 22:29:51 -08:00
Joseph Henry
23996c7e6b Fixed potential memory leak in RingBuffer 2019-01-27 14:43:29 -08:00
Joseph Henry
d7091a0bac Fixed sign-comparison compile warnings in QoS code 2019-01-25 13:24:31 -08:00
Grant Limberg
7414418e2e insert/update host_port on controller start 2019-01-21 11:29:13 -08:00
Grant Limberg
2294770e56 Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2019-01-21 11:18:25 -08:00
Grant Limberg
d98bdb5643 WIP: Pass listen port down to Postgres 2019-01-21 11:18:20 -08:00
Joseph Henry
21f4f16e63 Disable HTTP control plane for libzt builds, introduction of getRoutes() for SDK API 2019-01-14 11:34:46 -08:00
Joseph Henry
0e597191b8 Updated licenses for 2019 2019-01-14 10:25:53 -08:00
Travis LaDuke
001ba1a4a7
Update link to knowledge base. 2019-01-09 10:19:02 -08:00
Grant Limberg
b59c4a2106 Print error & exit on local.conf parsing error 2019-01-07 11:19:50 -08:00
Grant Limberg
c35933cd1e Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2018-12-10 12:27:00 -08:00
Grant Limberg
0da2efa633 add application_name to pgbouncer connectio string 2018-12-10 12:26:20 -08:00
Grant Limberg
e23d95bf03 sleep 60 seconds between deployments 2018-12-07 15:17:12 -08:00
Grant Limberg
f6e9f0e2a2 cleanup 2018-12-07 01:58:23 -08:00
Grant Limberg
4a89729529 add INCOMING_PACKET_CONCURRENCY environment variable to be able to specify max threads for receive in controller 2018-12-07 00:59:08 -08:00
Grant Limberg
56a58f2b11 more logging of exits from the central controller 2018-12-06 13:26:53 -08:00
Grant Limberg
e959908c51 log message 2018-12-06 13:19:36 -08:00
Grant Limberg
6e3144370a exit controller if onlinenotification thread exits while _run == 1 2018-12-06 13:10:59 -08:00
Grant Limberg
20f02bb772 Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2018-12-06 13:08:39 -08:00
Grant Limberg
1c86f25fab update # of threads for Postgres 2018-12-06 13:08:31 -08:00
Adam Ierymenko
e6f9ab929d More speed stuff. 2018-12-06 12:47:58 -08:00
Adam Ierymenko
18d1772bb4 stuff for speed and stuff (testing) 2018-12-06 12:00:49 -08:00
Adam Ierymenko
5535cad773 Revert mutex change. 2018-12-04 16:15:46 -08:00
Adam Ierymenko
ec84934d48 Disable spinlock to check CPU usage implications on multithreaded controllers. 2018-12-04 15:59:39 -08:00
Grant Limberg
328d08781a finish pgbouncer integration 2018-12-03 16:12:15 -08:00
Grant Limberg
c8d5215870 add handling for PGBOUNCER_CONNSTR environment variable. 
alows Central controllers to connect to PGBouncer on some threads.  LISTEN threads still require a direct connection to the DB
 2018-12-03 15:19:15 -08:00
Grant Limberg
62ccb48a0b allow alternative ports for central controllers 2018-12-03 15:06:26 -08:00
Grant Limberg
82409eb345 add script to cycle central controllers 2018-12-03 15:04:46 -08:00
Grant Limberg
b75f212d70 Replace RethinkDB section in controller/README with PostgreSQL 2018-11-30 10:41:54 -08:00
Grant Limberg
ccb856749f back to plain old libpq in dev 2018-11-30 10:40:57 -08:00
Adam Ierymenko
9d2bc9bf4e Merge branch 'master' into dev 2018-11-28 08:44:45 -08:00
Adam Ierymenko
52c4385c16 Merge branch 'master' of http://git.int.zerotier.com/zerotier/ZeroTierOne 2018-11-28 08:44:12 -08:00
Adam Ierymenko
5da7d6d1ae Merge docker update PR 2018-11-28 08:43:50 -08:00
Adam Ierymenko
65e0a74718
Merge pull request #869 from bltavares/patch-2 
Update ZeroTier version on Docker
 2018-11-28 08:41:42 -08:00
Grant Limberg
01d5d7d78b Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2018-11-13 16:20:01 -08:00
Grant Limberg
e3381a4c1f fix member init query 2018-11-13 16:19:55 -08:00
Adam Ierymenko
03e35b25b8 Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2018-11-13 16:02:31 -08:00
Adam Ierymenko
e2b0fb26b1 self-test build fix. 2018-11-13 16:02:26 -08:00
Grant Limberg
01c18cc442 update makefile for libpqxx controller 2018-11-13 16:01:43 -08:00
Grant Limberg
01e6df4d46 Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2018-11-13 16:00:17 -08:00
Grant Limberg
882b03436d WIP: libpxx instead of libpq 2018-11-13 16:00:13 -08:00
Adam Ierymenko
690bd933d5 Support shutdown with postLimit in BlockingQueue 2018-11-13 13:52:45 -08:00
Adam Ierymenko
6684559cd9 More Mac tap improvements and threading efficiency improvements. 2018-11-13 13:51:25 -08:00
Adam Ierymenko
4ed7d20a48 Another stability fix... turns out vfork is problematic here. 2018-11-13 12:46:36 -08:00
Adam Ierymenko
350116c513 Stability improvements for Mac virtual Ethernet tap driver. 2018-11-13 12:42:03 -08:00
Adam Ierymenko
7bde2c089d Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2018-11-13 12:08:02 -08:00
Adam Ierymenko
90631adb9b Improve multithreading support for OneService (faster, dynamic adjustment of thread count based on HW concurrency). 2018-11-13 12:07:58 -08:00
Adam Ierymenko
f6450cd7e1 Cleanup and a minor performance improvement. 2018-11-13 10:19:51 -08:00
Adam Ierymenko
3b6b1d1674 Make incoming packet processor thread pool dynamic based on core count. 2018-11-13 09:35:20 -08:00
Grant Limberg
33d7b22abe Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2018-11-11 23:06:31 -08:00
Grant Limberg
2f9712e6a7 utility script to update public controllers 2018-11-11 23:06:24 -08:00
Adam Ierymenko
b937aeb857 cleanup 2018-11-11 23:03:51 -08:00
Grant Limberg
f3d8846df3 Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2018-11-11 22:55:57 -08:00
Grant Limberg
2729db9555 exceptions 2018-11-11 22:55:53 -08:00
Adam Ierymenko
1cec4b1c4c Raise thread count to 8 2018-11-11 22:55:38 -08:00
Adam Ierymenko
7048c77ebc Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2018-11-11 22:35:26 -08:00
Adam Ierymenko
c9c17eaddd Retire RethinkDB, simple receive path multithreading. 2018-11-11 22:35:15 -08:00
Grant Limberg
f1b82b734a Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2018-11-11 21:09:35 -08:00
Grant Limberg
4c0e7aa8b0 more error checking 2018-11-11 21:08:51 -08:00
Adam Ierymenko
296e4616cc Migrate Windows to use Visual Studio 2017 Community instead of 2015. 2018-11-11 20:31:31 -08:00
Adam Ierymenko
15649334a6 Do not use new "feth" devices for ZT traffic. 2018-11-11 19:22:07 -08:00
Adam Ierymenko
b3c2c0866f Times should be int64_t, not uint64_t 2018-11-11 17:38:17 -08:00
Joseph Henry
c6ae81fac7 Added preprocessor check for __APPLE__ as an attempted fix for ticket #600 2018-11-11 14:23:24 -08:00
Joseph Henry
79086f0858 Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2018-10-26 12:00:01 -07:00
Joseph Henry
c148a23df4 Added preprocessor check for ZT_NO_CAPABILITIES around header includes 2018-10-26 11:59:55 -07:00
Adam Ierymenko
c56831767e Fix Mac tap agent abort on EINTR. 2018-10-25 20:44:32 -07:00
Adam Ierymenko
72a724f075 Clean up some stuff after new feth tap implementation, and comment agent file. 2018-10-25 13:10:24 -07:00
Adam Ierymenko
96e1df5854 Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2018-10-25 12:43:35 -07:00
Adam Ierymenko
2e44b90f63 OSX no longer requires the kext due to feth black magic! The MacEthernetTapAgent must be installed in /Library/Application Support/ZeroTier/One for ZT to work now. Eventually this can let us do an app bundle, get rid of the pkg, and have ZT itself run with normal or reduced privileges. Also fixes GitHub issue #870 (at least for me) and may be faster than the old kext. 2018-10-25 12:43:30 -07:00
Grant Limberg
5a0adba798 Setup docker container to use jemalloc 2018-10-24 13:36:21 -07:00
Grant Limberg
761cc5c923 remove another noisy log line 2018-10-24 13:36:07 -07:00
Grant Limberg
f901b9dd6b Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2018-10-24 12:08:48 -07:00
Grant Limberg
d87fcca176 Fully operational pgsql controller 2018-10-24 12:06:17 -07:00
Grant Limberg
7c72653385 because Windows.... 2018-10-23 13:21:25 -07:00
Joseph Henry
7dbccf08ae Removed unnecessary block before get request. Possible bug fix for Synology NAS ticket #27 2018-10-23 10:58:25 -07:00
Bruno Tavares
2d21c18ebd Update ZeroTier version on Docker 
This commit changes the Dockerfile ot use the multi-stage build and help
to get an automated build on Docker.

The idea of the multi-stage build is to use the already stable Debian
distribution channel to provide up-to-date versions of ZeroTier.

The benefit is that it would be possible to automate the image build,
either on Docker Hub, Travis or taking advantage of the [docker-library/official-images] infrastructure.

This changes follows the best-practices suggested by
[docker-library/official-images], such as using a High Availability GPG
keyserver, providing a default CMD, allowing "bash" on `docker run` and
others.

Given that both the builder `debian:stretch` and `alpine:latest` are
official messages and have [manifests], this means that this Dockerfile
is also multi-platform. This means that this same Dockerfile will
pick-up the correct Debian package according to the architecture of the
running system during build.

With this changes we could try to promote the image to be parte of
[docker-library/official-images], and take advantage of automated
publishing of multi-architecture images. Others would be able to use
`docker run zerotier` and download the latest version appropriate to
their system.

Related to #682

[docker-library/official-images]: https://github.com/docker-library/official-images
[manifests]: https://blog.docker.com/2017/09/docker-official-images-now-multi-platform/
 2018-10-21 11:28:04 -03:00
Adam Ierymenko
15d0aad3c0 Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2018-10-19 10:06:06 -05:00
Adam Ierymenko
f0fc9b1766 Merge branch 'master' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2018-10-19 10:05:51 -05:00
Joseph Henry
7c0331997a Ticket #739 - Fixed what appears to be a copy-paste error for machine type detection in linux makefile, added line for armv7hl 2018-10-03 15:40:16 -07:00
Joseph Henry
04de2302a7 More insightful errors for get command 2018-10-03 14:24:21 -07:00
Grant Limberg
1da1409db2 get rid of a noisy log line 2018-09-28 10:58:26 -07:00
Grant Limberg
c1ea1329c1 Merge branch 'dev' into libpq 2018-09-28 10:56:40 -07:00
Grant Limberg
417aa9547b Working controller & docker container for GKE 2018-09-28 10:55:39 -07:00
Adam Ierymenko
60d5a3c631
Merge pull request #853 from darkain/dev 
Fix IPv6 address string representation
 2018-09-25 15:32:39 -07:00
Adam Ierymenko
7a42416a78
Merge pull request #822 from dschulz/controller-patch1-dschulz 
Add functionality to erase members from networks using file backend i…
 2018-09-25 11:38:25 -07:00
Adam Ierymenko
2a143a7505
Merge pull request #858 from tommyang/fix/mac-uninstall-script 
macOS uninstall script: remove symlinks from the actual location
 2018-09-25 11:36:28 -07:00
Grant Limberg
0510f85a8f Merge branch 'dev' into libpq 2018-09-25 10:19:59 -07:00
Grant Limberg
5b222d0a09 cleanup connections after errors 2018-09-25 10:17:15 -07:00
Travis LaDuke
133b64679c
Update README.md 2018-09-24 15:02:11 -07:00
Travis LaDuke
79b88a22c3
Update README.md 
Document that allowManagementFrom is an array
 2018-09-24 14:58:44 -07:00
Tommy Yang
88d879987d Remove symlinks from the actual location 
Binary symlinks are in `/usr/local/bin` instead of `/usr/bin` since commit 0cf4ddd
 2018-09-23 16:53:30 -07:00
Joseph Henry
27c37a18f3 Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2018-09-17 14:42:33 -07:00
Joseph Henry
b8268d894b Changed home path for Synology 2018-09-17 11:44:56 -07:00
Vincent Milum Jr
79b47b055a
Only null terminate the first character 2018-09-15 12:13:06 -07:00
Vincent Milum Jr
8e260bae11
Correcting conversion to/from IP address / string 
1) Use existing standard libraries to convert to/from IPv4/IPv6 strings and binary representation.
2) Move null terminator assignment InetAddress::toIpString to top of function, this way if ANY errors occurs that don't write content to the buffer, we're not passing a potentially dangerous buffer around.
 2018-09-14 22:42:58 -07:00
Adam Ierymenko
af61ee6f3a
Merge pull request #836 from skunkwerks/feature/add-freebsd-debugs 
add support for debug flags in FreeBSD
 2018-09-14 08:08:59 -07:00
Adam Ierymenko
04d7a1df96
Merge pull request #837 from skunkwerks/feature/update-ext-json 
update external JSON dependency to address libc++ compatibility
 2018-09-14 08:08:21 -07:00
Adam Ierymenko
b9fd50e348
Merge pull request #845 from asbjornenge/docker-updates 
Using multi-stage build for Dockerfile
 2018-09-14 08:07:36 -07:00
Adam Ierymenko
ef48d11266
Merge pull request #848 from darkain/master 
Fix compile on FreeBSD targeting ARMv6 (Raspberry Pi)
 2018-09-14 08:05:39 -07:00
Adam Ierymenko
a47559d9e3 dev should have odd minor version 2018-09-14 08:05:07 -07:00
Vincent Milum Jr
cffb992ae8
Adding ARM/NEON detection for non-Linux targets 2018-09-12 19:51:28 -07:00
Vincent Milum Jr
39e720e811
Adding proper EABI target for ARM32/Salsa 2018-09-12 19:49:14 -07:00
Joseph Henry
258b1c8b55 Merge branch 'edge' into multipath 2018-09-12 13:57:57 -07:00
Joseph Henry
7b87e9c0cb Added ability for OneService to monitor local.conf for changes and automatically reload 2018-09-11 16:55:46 -07:00
Joseph Henry
3dd9b1aa9b Added ability to specify zt home directory via ZEROTIER_HOME - Addresses ticket #829 2018-09-10 16:25:39 -07:00
Joseph Henry
0fddebc791 Added ability to manually set secondary and tertiary ports in local.conf 2018-09-10 13:06:05 -07:00
Asbjørn Enge
701d64936d Using builder pattern to build in container while keeping final image small 2018-09-07 14:11:25 +02:00
Grant Limberg
0ec6215493 Send member/network change notifications via Postgres 2018-09-06 15:14:16 -07:00
Grant Limberg
de45bdb448 quieting things down a little bit 2018-09-05 17:03:49 -07:00
Grant Limberg
7b608c6ca3 Fix testing for true/false. Dont attempt to update member status on networks that we know dont exist 2018-09-05 16:54:23 -07:00
Grant Limberg
6ff78c9c26 fix crashes 2018-09-05 16:08:06 -07:00
Grant Limberg
d701f4e331 Added some exception hadling. Dont want to live *too* dangerously here 2018-09-05 11:49:07 -07:00
Grant Limberg
92abc92463 Theoretically we have PostgreSQL support now 2018-09-05 11:30:17 -07:00
Grant Limberg
a4be9ceb5a dont insert/update creation time. Let the database handle it with the default value 2018-09-04 16:08:26 -07:00
Grant Limberg
e21b6e1daf commit thread WIP 2018-09-04 16:05:34 -07:00
Grant Limberg
2e3b03fff9 members initialized 2018-09-04 14:51:35 -07:00
Grant Limberg
cd657da431 Online Update/Notify thread 2018-09-04 14:00:02 -07:00
Grant Limberg
17af09a5cc Postgres Integration has begun 2018-08-31 14:58:15 -07:00
Travis LaDuke
ceff48b07c
Update bug_report.md 2018-08-29 10:15:10 -07:00
Travis LaDuke
199566965e Update issue templates 2018-08-29 09:39:18 -07:00
Travis LaDuke
46e46e9b7b Update issue templates 2018-08-29 09:37:39 -07:00
Dave Cottlehuber
8b292d2dc7 ext: update nlohmann/json to v3.2.0 
- include libc++7 compatibility for FreeBSD
- see https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=230629
 2018-08-24 08:19:38 +00:00
Dave Cottlehuber
88abd6ffc6 add support for debug flags in FreeBSD 2018-08-24 08:18:25 +00:00
Joseph Henry
76b4ec12a0 Vault-related amendments 2018-08-09 14:32:26 -07:00
Joseph Henry
0e4cfd897b Multipath-related amendments from merge into edge 2018-08-09 13:40:49 -07:00
Adam Ierymenko
515d7962b0 Build fixes. 2018-08-09 11:39:42 -07:00
Adam Ierymenko
553101e8b5 merge dev 2018-08-09 11:31:37 -07:00
Joseph Henry
1e66854b59 Temporarily added SO_REUSEADDR to netlink binding code 2018-08-07 12:57:40 -07:00
Joseph Henry
12f2df5586 uncommented status fields 2018-08-07 12:39:06 -07:00
Joseph Henry
20a25a6a45 Added debug traces 2018-08-06 14:31:12 -07:00
Joseph Henry
08d9dc5c68 Updated protocol version and versioning blurb 2018-08-06 10:29:37 -07:00
Joseph Henry
3cd0ab1b3b Remove direct include of bits/sockaddr.h 2018-08-03 16:20:08 -07:00
Diego Schulz
fc6dba0797
Add functionality to erase members from networks using file backend in controller microservice 
Signed-off-by: Diego Schulz <dschulz@gmail.com>
 2018-08-02 17:13:55 -04:00
Joseph Henry
e01c0adff2 Added ifdef checks to omit some ManagedRoute code in SDK builds 2018-08-01 17:17:04 -07:00
Adam Ierymenko
e75a093a8c 2018-07-27 -- Version 1.2.12 
* Fixed a bug that caused exits to take a long time on Mac due to huge numbers of redundant attempts to delete managed routes.
 * Fixed a socket limit problem on Windows that caused the ZeroTier service to run out of sockets, causing the UI and CLI to be unable to access the API.
 * Fixed a threading bug in the ZeroTier Core, albeit one that never manifested on the regular ZeroTier One service/client.
 * Fixed a bug that could cause the service to crash if an authorized local client accessed an invalid URL via the control API. (Not exploitable since you needed admin access anyway.)
 2018-07-27 14:14:09 -07:00
Adam Ierymenko
dcffb042ff Windows Advanced Installer to 1.2.12 2018-07-27 13:35:20 -07:00
Adam Ierymenko
d724af6a99 Replace Sao Paolo root with Buenos Aires in default planet def (will push to network too) 2018-07-25 15:03:01 -07:00
Adam Ierymenko
b30f423fc9 . 2018-07-25 12:11:59 -07:00
Adam Ierymenko
1fc14292fe Version bumps. 2018-07-25 12:09:31 -07:00
Adam Ierymenko
fa7e7fc6f9 Revert fix for GitHub issue #600 because it causes route objects to build up forever (at least on Mac). Bleh. #600 is a rare issue and will need some other fix after reliable duplication. 2018-07-20 15:53:19 -07:00
Adam Ierymenko
5b114791e5 Fix a bug that caused a crash on empty HTTP requests (localhost only) and add a lightweight lock to the RX queue to prevent possible threads stepping on each other in parallel receive paths. 2018-07-20 14:01:58 -07:00
Adam Ierymenko
9bc11a369c Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2018-07-20 07:41:52 -07:00
Adam Ierymenko
ac40f2191c . 2018-07-20 07:41:47 -07:00
Joseph Henry
62a93c58fd Added ifdefs surrounding usage of getifaddrs() on Android 2018-07-19 17:50:10 -07:00
Joseph Henry
65b0030342 Added basic QoS rule handling 2018-07-11 16:55:13 -07:00
Joseph Henry
f302fac423 Minor tweak to linux makefile 2018-07-11 16:32:49 -07:00
Adam Ierymenko
f94aea8119 Return error 503 if RethinkDB is down when built as RethinkDB-based controller. 2018-07-11 10:42:31 -07:00
Joseph Henry
28cb40529d Rough draft of fq-codel implementation 2018-07-10 16:50:12 -07:00
Adam Ierymenko
37ae3b2b80 Remote debug printf. 2018-07-03 12:52:35 -07:00
Adam Ierymenko
73e4286fbf Fix two controller bugs: filesystem bug and another possible infinite recursion bug. 2018-07-03 12:51:41 -07:00
Grant Limberg
4e6151ebd9 Added "Create and Join Network" menu item to windows system tray UI 2018-06-28 15:24:45 -07:00
Grant Limberg
fc225401a5 use easy mode for network creation 2018-06-28 15:05:24 -07:00
Joseph Henry
d74817f79f Added blurb about allowTcpFallbackRelay to README 2018-06-22 16:46:50 -07:00
Joseph Henry
bdcdccfcc3 Improved path selection, more efficient traffic allocation, lower QoS/ACK overhead 2018-06-22 16:30:20 -07:00
Grant Limberg
352ec3430f Add a define to set FD_SETSIZE=1024 on Windows 
Default on Windows is extremely low at 64 and is the likely culprit behind the UI and CLI not being able to talk to the background service
 2018-06-21 12:11:10 -07:00
Grant Limberg
978d2fcb56 Optimize C25519 and Poly1305 on Windows even in debug. 2018-06-21 12:08:15 -07:00
Joseph Henry
52264d5e28 Fixed aggregateLinkLatency(). Also changed unit for throughput from byte to bit 2018-06-14 16:48:35 -07:00
Joseph Henry
17fbb020e7 Added multipath field to zerotier-cli status output. Adjusted how path estimates are computed and cached 2018-06-14 16:34:45 -07:00
Joseph Henry
f8005b88ad Minor cleanup. More efficient push() operation for RingBuffer 2018-06-13 14:50:37 -07:00
Joseph Henry
0faa655b83 Reduced how often relative path qualities and aggregate link allocations are computed 2018-06-12 16:30:46 -07:00
Joseph Henry
6fddf31db3 Improved rate limit logic for QoS/ACK packets. Also reduced how often processBackgroundPathMeasurements() is called 2018-06-12 15:24:12 -07:00
Adam Ierymenko
01257a461e Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2018-06-12 09:39:15 -07:00
Adam Ierymenko
817b9d012e Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2018-06-12 09:38:52 -07:00
Adam Ierymenko
04b3525e0f
Merge pull request #755 from skunkwerks/fix/c++-17-deprecation 
fix clang C++17 deprecation when building with ZT_DEBUG=1
 2018-06-12 09:38:26 -07:00
Adam Ierymenko
d55c732e19
Merge pull request #764 from Elfe/master 
fix MAC address rule parsing as even/uneven switches at every colon
 2018-06-12 09:37:28 -07:00
Adam Ierymenko
d223427e22
Merge pull request #773 from alexforencich/master 
Add UFW firewall application preset
 2018-06-12 09:37:01 -07:00
Adam Ierymenko
64856adc3c
Merge pull request #776 from Wykks/patch-1 
Improve debian service requirements
 2018-06-12 09:36:46 -07:00
Grant Limberg
7c53adbcfe quieting things down unless ZT_TRACE is defined 2018-06-11 10:47:58 -07:00
Grant Limberg
dce9cb27c1 helps to have an ==0 on a strcmp 2018-06-11 09:53:11 -07:00
Grant Limberg
4199c56e99 cant compare character arrays with == 2018-06-11 09:53:00 -07:00
Joseph Henry
9681fedbb4 Spellcheck sweep across codebase 2018-06-07 17:25:27 -07:00
Joseph Henry
b6d97af451 Added rate gates for QOS and ACK packets 2018-06-07 15:26:18 -07:00
Joseph Henry
a9ca26c698 Added TX queue cap for issue #769 2018-06-07 12:58:07 -07:00
Grant Limberg
9463d4abe4 Fix for issue #778 
Double quote before member name in `/controller/network/network_id/member` API
 2018-06-05 12:55:39 -07:00
Grant Limberg
b9975845ff Merge branch 'rtnetlink' into edge 2018-06-04 12:24:58 -07:00
Grant Limberg
b22405b64b rtnetlink integrated. no more callouts to iproute2 2018-06-04 12:24:12 -07:00
Grant Limberg
62210e57f1 helps to have an ==0 on a strcmp 2018-06-04 11:24:24 -07:00
Grant Limberg
4dd093efc9 cant compare character arrays with == 2018-06-04 11:07:12 -07:00
Joseph Henry
91a22a686a Added auto-escalation to multipath if both peers support it. Improved QoS/ACK tracking. Related bug fixes 2018-06-01 18:03:59 -07:00
Guillaume de Jabrun
a307dff3b7
Improve debian service requirements 2018-05-31 23:55:36 +02:00
Alex Forencich
20f0bed2f6 Add UFW firewall application preset 2018-05-30 19:10:51 -07:00
Joseph Henry
46a7a2be2e Added VERB_ACK and VERB_QOS_MEASUREMENT, refined notion of path quality 2018-05-30 17:45:29 -07:00
Adam Ierymenko
8199dbd0dc Merge branch 'dev' into edge 2018-05-30 11:19:12 -07:00
Karsten Elfenbein
dfe426e4e0 fix MAC address rule parsing as even/uneven switches at every colon 2018-05-26 21:00:09 +02:00
Grant Limberg
3ace61ef85 comment out addInterface/removeInterface code for now 
We already have ioctl based code to do this
 2018-05-25 15:37:00 -07:00
Grant Limberg
442595d6fc also store binary representation of mac address in the interface lookup table for later use 2018-05-25 14:25:44 -07:00
Grant Limberg
be469f4dd0 add/remove routes via rtnetlink 2018-05-25 14:18:06 -07:00
Grant Limberg
7da4b0af15 better data localization in LinuxNetLink now that I know what Im doing 2018-05-24 16:15:03 -07:00
Grant Limberg
2fff651378 whoops. committed a binary 2018-05-24 16:14:32 -07:00
Grant Limberg
c24d16e62e ManagedRoute uses ioctl to add/remove routes on Linux 
Added LinuxNetLink to talk to the rtnetlink socket for adding interfaces, addresses routes.  Not yet complete.  Can currently monitor changes on the system.
 2018-05-24 15:22:11 -07:00
Dave Cottlehuber
c36c92e077 node: remove deprecated register hint for C++17 compatibility 
when building with `ZT_DEBUG=1` this hint produces a warning:

> node/Packet.cpp:335:43: error: 'register' storage class specifier is deprecated and incompatible with C++17 [-Werror,-Wdeprecated-register]
See http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2015/n4340
 2018-05-18 09:09:27 +00:00
Adam Ierymenko
c0efba79c7 Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2018-05-11 13:40:22 -07:00
Adam Ierymenko
5809941ae9 Windows 1.2.10 2018-05-11 13:40:03 -07:00
Joseph Henry
535ba8a207 Consolidated powerpc64le machine types, added 32-bit powerpc machine type and a flag to disable use of Linux capabilities 2018-05-09 13:51:32 -07:00
Joseph Henry
43331d3fe8 Merge branch 'master' into dev 2018-05-09 10:31:19 -07:00
Adam Ierymenko
9765ba334a 1.2.10 2018-05-08 13:07:20 -07:00
Adam Ierymenko
0cd01b6ff8 Fix silly bug where moons and networks were being loaded by the address of an array rather than the proper value. 2018-05-07 12:51:39 -07:00
Adam Ierymenko
5f85e33510 GitHub issue #734 (warning removal) 2018-05-07 12:15:55 -07:00
Joseph Henry
22301a4599 Added override directive to CFLAGS for Synology builds in make-linux.mk 2018-05-04 14:31:34 -07:00
Joseph Henry
c8a907fd71 Added override directive to CXXFLAGS for Synology builds in make-linux.mk 2018-05-04 13:03:52 -07:00
Joseph Henry
d01b1ffde5 Added -fPIC for Synology builds 2018-05-04 12:09:04 -07:00
Adam Ierymenko
f4e993c814 Debian clean fix and CentOS 6 upgrade fix. 2018-05-03 12:51:49 -07:00
Joseph Henry
91c8e82c42 Adjusted locking order of _paths_m for path pruning. Other minor multipath changes 2018-05-02 15:24:14 -07:00
Adam Ierymenko
776ff46db7 User useradd not adduser on Debian. 2018-05-02 14:12:10 -07:00
Adam Ierymenko
9001ab5858 Do not add zerotier-one user if it does not exist (Debian) 2018-05-02 14:08:42 -07:00
Joseph Henry
1debe2292d Cleanup. Misc type conversion and signedness fixes 2018-05-02 11:22:07 -07:00
Joseph Henry
6a2ba4baca Introduced basic multipath support 2018-05-01 16:32:15 -07:00
Joseph Henry
836d897aec Re-ordered local.conf and node init logic, also split software update config into separate method to fix bad node pointer reference 2018-05-01 13:39:06 -07:00
Adam Ierymenko
740b0fbbf6 Merge branch 'dev' into edge 2018-04-30 13:08:24 -07:00
Adam Ierymenko
92e716d93d Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2018-04-30 13:08:16 -07:00
Adam Ierymenko
c7115a0671 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into edge 2018-04-30 13:07:52 -07:00
Adam Ierymenko
020bbed935 ARM32 fix. 2018-04-30 13:07:32 -07:00
Grant Limberg
0c60963a94 app icon with no alpha channel 2018-04-30 12:08:09 -07:00
Travis LaDuke
d704f5f2d2 Remove alpha channel from app store icon 2018-04-30 12:06:41 -07:00
Adam Ierymenko
381bbb0e5e Merge branch 'dev' into edge 2018-04-30 08:47:51 -07:00
Adam Ierymenko
0ebd19c14a Merge branch 'dev' of /media/psf/Code/ZeroTier/ZeroTierOne into dev 2018-04-27 20:49:46 -07:00
Adam Ierymenko
d4160afac8 Another squeeze fix to see if we can make this work. 2018-04-27 19:51:27 -07:00
Adam Ierymenko
fffb037873 Fix for packaging on old Debian squeeze. 2018-04-27 18:53:55 -07:00
Adam Ierymenko
1df5d0453d Remove separate dh-systemd dependency since this is obsolete on newer Debian anyway. 2018-04-27 18:50:40 -07:00
Travis LaDuke
19d453cb90 Add some more icon sizes 
20x20, 60x60, 1024x1024 pngs
getting ready for an iOS release
 2018-04-27 16:48:34 -07:00
Travis LaDuke
6e7437a0d0 Add some more icon sizes 
20x20, 60x60, 1024x1024 pngs
getting ready for an iOS release
 2018-04-27 16:40:36 -07:00
Adam Ierymenko
caf849fcba Typo. 2018-04-27 16:22:36 -07:00
Adam Ierymenko
7533d244a9 Debian build fix. 2018-04-27 16:21:22 -07:00
Adam Ierymenko
0a52840fa3 1.2.8 Windows Advanced Installer update. 2018-04-27 13:52:33 -07:00
Adam Ierymenko
a7d0905b74 1.2.8 bump for all but Windows install files. 2018-04-27 13:06:00 -07:00
Adam Ierymenko
05bfafbce8 Merge branch 'master' into edge 2018-04-25 06:41:44 -07:00
Adam Ierymenko
d32a26f780
Merge pull request #428 from danielskowronski/netbsd-support 
NetBSD support (we still consider this unsupported, but it might work -- thanks!)
 2018-04-25 06:39:37 -07:00
Adam Ierymenko
42ec780a6f
Merge branch 'dev' into netbsd-support 2018-04-25 06:39:02 -07:00
Adam Ierymenko
4608880fb0 Re-enable faster ed25519 signatures on x64 thanks to PR from @jonathonf 2018-04-25 06:34:34 -07:00
Adam Ierymenko
7492e2789f
Merge pull request #722 from jonathonf/dev 
Fix ed25519-amd64-asm PIC compatibility
 2018-04-25 06:08:12 -07:00
Adam Ierymenko
9564a8eaf6 Delete junk. 2018-04-23 14:56:22 -07:00
Adam Ierymenko
f12c0e79c9 GitHub issue #723 2018-04-23 14:11:26 -07:00
Jonathon Fernyhough
e4e0be979e
Fix ed25519-amd64-asm PIC compatibility 
The Hyperledger implementation (https://github.com/hyperledger/iroha-ed25519)
contains changes to the assembly code to allow PIC. This in turn fixes
compilation/linking of ZeroTier One when "full hardening" flags are used.
 2018-04-21 16:18:00 +01:00
Adam Ierymenko
86637cda9f Disable ASM ed25519 by default (it only helps significantly on controllers) so fPIE will work -- GitHub issue #717 2018-04-20 11:35:50 -07:00
Adam Ierymenko
94f41e2332 Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2018-04-18 08:08:06 -07:00
Adam Ierymenko
3d2a50f811
Merge pull request #654 from atopuzov/armv7l 
Add support for armv7l
 2018-04-18 08:06:53 -07:00
Adam Ierymenko
c2ffbb8627
Merge pull request #673 from neutronscott/dev 
check physical blacklist for interface binding as well
 2018-04-18 08:05:51 -07:00
Adam Ierymenko
54218f6c3c
Merge pull request #690 from Pablohn26/master 
Warn about invalid network id instead of help
 2018-04-18 08:05:28 -07:00
Adam Ierymenko
6fdbdf9272
Merge pull request #712 from elmar/master 
fix typo in documentation
 2018-04-18 08:04:19 -07:00
Adam Ierymenko
3de7691af3 Merge branch 'master' of github.com:zerotier/ZeroTierOne 
* Features and Core Improvements
    * Path selection has been overhauled to improve path stability, simplify code, and prepare for multi-path and trunking in the next major release.
    * This version introduces remote tracing for remote diagnostics. Network controllers can set a node (usually the controller itself) to receive remote tracing events from all members of the network or from select members. Events are only sent if they pertain to a given network for security reasons.
    * Multicast replication can now be done by designated multicast replicators on a network (flagged as such at the controller) rather than by the sender. Most users won't want this, but it's useful for specialized use cases on hub-and-spoke networks and for low-power devices.
    * Cryptographic performance improvements on several platforms.
    * Multithreaded performance improvements throughout the code base, including the use of an inline lightweight spinlock for low-contention resources.
 * Bugs fixed
    * Disappearing routes on Mac (GitHub issue #600)
    * Route flapping and path instability in some dual-stack V4/V6 networks
    * Blacklist (in local.conf) doesn't work reliably (GitHub issue #656)
    * Connection instabilities due to unsigned integer overflows in timing comparisons (use int64_t instead of uint64_t)
    * Binaries don't run on some older or lower-end 32-bit ARM chips (build problem)
    * ARM NEON crypto code crashes (build problem)
    * Fixed some lock ordering issues revealed by "valgrind" tool
    * The "zerotier-idtool" command could not be accessed from "zerotier-one" via command line switch
    * Leaking sockets on some platforms when uPnP/NAT-PMP is enabled
    * Fixed two very rare multithreading issues that were only observed on certain systems
 * Platform-Specific Changes
    * MacOS
        * Installer now loads the kernel extension right away so that High Sierra users will see the prompt to authorize it. This is done in the "Security & Privacy" preference pane and must be done driectly on the console (not via remote desktop). On High Sierra and newer kexts must be authorized at the console via security settings system preferences pane.
    * Windows
        * The Windows installer should now install the driver without requiring a special prompt in most cases. This should make it easier for our packages to be accepted into and updated in the Chocolatey repository and should make it easier to perform remote installs across groups of machines using IT management and provisioning tools.
        * The Windows official packages are now signed with an EV certificate (with hardware key).
        * The Windows UI can now log into ZeroTier Central and join networks via the Central API.
        * The `zerotier-idtool` command should now work on Windows without ugly hacks.
        * Upgraded the installer version.
        * Made a few changes to hopefully fix sporadic "will not uninstall" problems, though we cannot duplicate these issues ourselves.
    * Linux
        * Device names are now generated deterministically based on network IDs for all newly joined networks.
    * Android
        * Multicast now works on Android in most cases! Android apps can send and receive multicast and subscribe to multicast group IPs. Note that in some cases the app must bind to the specific correct interface for this to work.
        * IPv6 can be disabled in UI for cases where it causes problems.
 2018-04-17 13:32:39 -07:00
Adam Ierymenko
bbed93bcf4 * Features and Core Improvements 
* Path selection has been overhauled to improve path stability, simplify code, and prepare for multi-path and trunking in the next major release.
    * This version introduces remote tracing for remote diagnostics. Network controllers can set a node (usually the controller itself) to receive remote tracing events from all members of the network or from select members. Events are only sent if they pertain to a given network for security reasons.
    * Multicast replication can now be done by designated multicast replicators on a network (flagged as such at the controller) rather than by the sender. Most users won't want this, but it's useful for specialized use cases on hub-and-spoke networks and for low-power devices.
    * Cryptographic performance improvements on several platforms.
    * Multithreaded performance improvements throughout the code base, including the use of an inline lightweight spinlock for low-contention resources.
 * Bugs fixed
    * Disappearing routes on Mac (GitHub issue #600)
    * Route flapping and path instability in some dual-stack V4/V6 networks
    * Blacklist (in local.conf) doesn't work reliably (GitHub issue #656)
    * Connection instabilities due to unsigned integer overflows in timing comparisons (use int64_t instead of uint64_t)
    * Binaries don't run on some older or lower-end 32-bit ARM chips (build problem)
    * ARM NEON crypto code crashes (build problem)
    * Fixed some lock ordering issues revealed by "valgrind" tool
    * The "zerotier-idtool" command could not be accessed from "zerotier-one" via command line switch
    * Leaking sockets on some platforms when uPnP/NAT-PMP is enabled
    * Fixed two very rare multithreading issues that were only observed on certain systems
 * Platform-Specific Changes
    * MacOS
        * Installer now loads the kernel extension right away so that High Sierra users will see the prompt to authorize it. This is done in the "Security & Privacy" preference pane and must be done driectly on the console (not via remote desktop). On High Sierra and newer kexts must be authorized at the console via security settings system preferences pane.
    * Windows
        * The Windows installer should now install the driver without requiring a special prompt in most cases. This should make it easier for our packages to be accepted into and updated in the Chocolatey repository and should make it easier to perform remote installs across groups of machines using IT management and provisioning tools.
        * The Windows official packages are now signed with an EV certificate (with hardware key).
        * The Windows UI can now log into ZeroTier Central and join networks via the Central API.
        * The `zerotier-idtool` command should now work on Windows without ugly hacks.
        * Upgraded the installer version.
        * Made a few changes to hopefully fix sporadic "will not uninstall" problems, though we cannot duplicate these issues ourselves.
    * Linux
        * Device names are now generated deterministically based on network IDs for all newly joined networks.
    * Android
        * Multicast now works on Android in most cases! Android apps can send and receive multicast and subscribe to multicast group IPs. Note that in some cases the app must bind to the specific correct interface for this to work.
        * IPv6 can be disabled in UI for cases where it causes problems.
 2018-04-17 13:30:37 -07:00
Adam Ierymenko
8900b30b6e Windows installer tweaks and version bumps. 2018-04-17 12:47:33 -07:00
Adam Ierymenko
ae4fb799e4 More versioning 2018-04-17 12:14:59 -07:00
Adam Ierymenko
3f1d1fb3c3 'versioning' 2018-04-17 12:12:49 -07:00
Adam Ierymenko
f0a23ae0ea docs 2018-04-17 10:48:00 -07:00
Elmar S. Heeb
c14f9cc247 fix typo in documentation 2018-04-14 10:52:30 +02:00
Adam Ierymenko
e276b6463e Release notes, and shorten Linux canonical network ID derived device names a bit. 2018-04-12 10:33:06 -04:00
Adam Ierymenko
9da7967197 Merge branch 'dev' into edge 2018-04-12 09:08:48 -04:00
Adam Ierymenko
74f2b78c04 Refactor some potentially unsafe SharedPtr<> code. 2018-04-06 08:10:34 -07:00
Adam Ierymenko
2021f8cb5f Merge branch 'dev' into edge 2018-03-29 13:34:54 -07:00
Adam Ierymenko
40a9ebd078 GitHub issue #675 2018-03-29 10:44:57 -07:00
Adam Ierymenko
8c1b73b29c GitHub issue #701 2018-03-29 10:25:29 -07:00
Adam Ierymenko
6679a55693 certutil needs -f in case TrustedProvider store is not yet created 2018-03-27 19:15:14 -07:00
Adam Ierymenko
1101c1d919 Works on 32-bit too now. 2018-03-27 18:46:06 -07:00
Adam Ierymenko
fcb529b348 Take two on unattended driver installs. I think it works now.' 2018-03-27 17:53:28 -07:00
Adam Ierymenko
680b1ca208 Upgrade installer AIP versions and redo how we bundle the driver sub-installer to allow unattended driver installs (hopefully). 2018-03-27 14:19:45 -07:00
Adam Ierymenko
af74fe1711 Merge branch 'dev' into edge 2018-03-21 15:32:04 -07:00
Adam Ierymenko
494cf4049e Add specification of anchor and multicast hub address (optional) to new multicast and IPv4 enabled ad-hoc network ID format. 2018-03-21 15:31:48 -07:00
Adam Ierymenko
c908b9f67a Add anchor and multicast hub address field to new multicast enabled ad-hoc address format. 2018-03-21 15:27:26 -07:00
Adam Ierymenko
209f6d9d2d Merge branch 'dev' into edge 2018-03-19 11:18:54 -07:00
Adam Ierymenko
916077012e Make sure fopen is in binary mode on Windows. 2018-03-16 11:27:11 -07:00
Adam Ierymenko
beb170e4fb Use X64 ASM ed25519 signatures on Linux/x64, which are about 10X faster. Will matter a lot for network controllers, not so much for other things. 2018-03-13 06:51:17 -07:00
Adam Ierymenko
a59912f3af SHA512 using libcrypto (not enabled by default) 2018-03-12 16:56:47 -07:00
Adam Ierymenko
610e594a50 Speed tweaks for signatures, etc. 2018-03-12 16:16:20 -07:00
Joseph Henry
b4e2547052 Minor tweak to QNAP path getter 2018-03-12 11:23:10 -07:00
Pablo Hinojosa
a9778549f2
Warn about invalid network id instead of help 2018-03-11 03:39:13 +01:00
Adam Ierymenko
b601041b5b Merge branch 'edge' of http://10.6.6.2/zerotier/ZeroTierOne into edge 2018-03-09 07:51:43 -08:00
Adam Ierymenko
0945d6ec0d Merge branch 'dev' into edge 2018-03-09 07:50:38 -08:00
Adam Ierymenko
78d9cee416 Other fixes to IPv4 ad-hoc networks. 2018-03-09 00:10:01 -08:00
Adam Ierymenko
bbdb2aa672 Some work on IPv4 enabled ad-hoc networks. 2018-03-08 23:53:57 -08:00
Adam Ierymenko
574b24c082 docs 2018-03-08 22:41:42 -08:00
Adam Ierymenko
874a187c7f cleanup 2018-03-08 22:39:51 -08:00
Adam Ierymenko
e8fb443313 Forgot one other use in RethinkDb driver. 2018-03-08 22:34:51 -08:00
Adam Ierymenko
57b96af2c4 Fix for FileDB _networkChanged / _memberChanged problem. 2018-03-08 22:33:08 -08:00
Grant Limberg
e61d4ab67a Merge branch 'dev' into edge 2018-02-23 13:58:24 -08:00
Grant Limberg
2ee358dbfc TAP driver requires input and output buffers for calls passed into DeviceIoControl 
Otherwise the driver returns STATUS_INVALID_PARAMETER and the call fails.  This should fix some Multicast issues on Windows
 2018-02-23 13:42:02 -08:00
Joseph Henry
e3bb67d188 Added debug output convenience macros 2018-02-16 16:55:31 -08:00
Grant Limberg
2d289a3308 Just a little cleanup 2018-02-16 15:20:07 -08:00
Grant Limberg
bdb2cc7c85 Linux: link system libcurl when compiling with ZT_VAULT_SUPPORT=1 
Requires libcurl and development headers to be installed
 2018-02-16 15:08:04 -08:00
Grant Limberg
7793060723 Add HashiCorp Vault storage of ZeroTier's public & secret identity 
Adds a "vault" section to local.conf.  Example local.conf:

{
  "config": {
    "vault": {
      "vaultURL": "https://some.vault.host:8200",
      "vaultToken": "my-super-secret-vault-token",
      "vaultPath": "secure/place/to/put/identity"
    }
}

Additionally, the following environment variables can be set.  Environment variables override local.conf:

VAULT_ADDR
VAULT_TOKEN
VAULT_PATH

Identities will be placed in the keys "public" and "secret" under the user specified path.  If no path is specified, they will be placed in the token specific cubbyhole.

If identity.public and identity.secret exist on disk and vault is configured, they will be automatically added to Vault and removed from disk.

TODO:
 *  Decide behavior for if Vault cannot be reached.
 *  Add libcurl as a dependency in Linux & Mac builds
 *  Add libcurl as a requirement for linux packages
 2018-02-16 14:30:27 -08:00
Grant Limberg
84302ae9c7 Add CURL libs to VC project 2018-02-16 14:21:38 -08:00
Grant Limberg
cd801b96fa libcurl binaries for Windows 2018-02-16 10:31:37 -08:00
Grant Limberg
5ff0653f9e Hooks into StateGet and StatePut for grabbing identity.secret from Vault 2018-02-16 10:18:10 -08:00
Grant Limberg
9574d635c1 Add Vault configuration option parsing to local.conf 
{
   "settings": {
       ...
      "valut": {
         "vaultURL": "...",
         "vaultKey": "...",
         "vaultPath": "..."
      }
   }
}
 2018-02-16 10:18:10 -08:00
Grant Limberg
1bec8ddce4 Better error messages when the ZeroTier service can't be contacted 
Fixes #681
 2018-02-13 16:41:21 -08:00
Grant Limberg
f9b07c63db Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2018-02-12 09:30:12 -08:00
Grant Limberg
8828fc7520 some JNI error checking 2018-02-12 09:29:44 -08:00
Adam Ierymenko
978d8fcd4a Merge branch 'dev' of http://10.187.63.16/zerotier/ZeroTierOne into dev 2018-02-09 06:35:09 +00:00
Adam Ierymenko
51aadcf901 A few fixes dicatated by valgrind. 2018-02-09 06:35:01 +00:00
Joseph Henry
db952a050a Added platform checks for Windows in OneService 2018-02-08 14:15:32 -08:00
Grant Limberg
f049740ae5 silence LOGV and LOGD in release builds for android 2018-02-07 15:53:23 -08:00
neutronscott
73ca9b6373
check physical blacklist for interface binding as well 2018-02-03 14:53:46 -05:00
Adam Ierymenko
c6949aad2d Linux build fix on some versions. 2018-02-02 17:11:23 -08:00
Travis LaDuke
e57d0fdccc
Update README.md 
this ip changes sometimes
 2018-02-02 10:30:49 -08:00
Adam Ierymenko
82f383be43 A few other make changes. 2018-02-01 15:58:58 -08:00
Adam Ierymenko
26aaf253ac Allow us to build a semi-dynamic official binary that works back to CentOS 6, at least on x64, and is very fast since we can build it with newer clang or icc. 2018-02-01 15:52:41 -08:00
Adam Ierymenko
51715376bf Use Intel icc if available on Linux. 2018-02-01 13:05:17 -08:00
Adam Ierymenko
ff95b0278c Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2018-02-01 12:46:40 -08:00
Adam Ierymenko
fe1fa20c6c Fix build on Intel C/C++ Compiler for Linux. 2018-02-01 12:46:35 -08:00
Joseph Henry
a867fe404b Omit pragma comment for ZT_SDK builds on Windows 2018-01-31 17:08:42 -08:00
Adam Ierymenko
d6e8a5f3ca Fix Windows compile error. 2018-01-30 16:07:41 -08:00
Grant Limberg
4878d8ec15 Add CAP_NET_BIND_SERVICE to capabilities 2018-01-30 10:47:31 -08:00
Adam Ierymenko
f7019d9e80 Tie up the rest of hub and spoke designated replicator multicast mode. 2018-01-26 22:14:10 -05:00
Adam Ierymenko
6d8e1e8783 More cleanup of old stuff. 2018-01-26 21:34:56 -05:00
Adam Ierymenko
939ab43ceb Do not send to origin in second buffered multicast path. 2018-01-26 21:22:51 -05:00
Adam Ierymenko
d3d58ba8a7 Add support for designated multicast replicators to Multicaster::send(). 2018-01-26 21:19:51 -05:00
Adam Ierymenko
f03fd57997 Clean up some multicast code. 2018-01-26 20:38:44 -05:00
Adam Ierymenko
e74cd4b4ef A little more cleanup. 2018-01-26 20:06:11 -05:00
Adam Ierymenko
f3dfd63634 Clean up some old stuff. 2018-01-26 20:00:37 -05:00
Adam Ierymenko
5f5302e595 More useful to allow arrays of IPs to bind to. 2018-01-25 17:27:08 -05:00
Adam Ierymenko
125ec622ca Add bindToWildcard local.conf option. 2018-01-25 14:59:11 -05:00
Adam Ierymenko
384e5b66de More work on GitHub issue #666 2018-01-25 14:16:07 -05:00
Adam Ierymenko
7e7723e98f A small memory use reduction. 2018-01-25 09:57:02 -05:00
Adam Ierymenko
4419734a7d Implement continuous contacting of designated anchors and multicast replicators - GitHub issue #666 2018-01-25 07:11:59 -05:00
Adam Ierymenko
f821db29f3 . 2018-01-24 17:12:53 -05:00
Adam Ierymenko
6c64f1816d cleanup 2018-01-24 16:16:00 -05:00
Adam Ierymenko
34e2ad0dfc Stub out NetworkConfig for GitHub issue #666 2018-01-24 14:43:04 -05:00
Adam Ierymenko
055b99c3cb cleanup 2018-01-12 15:44:27 -08:00
Adam Ierymenko
531842dc6b Update miniupnpc to latest version (included library) 2018-01-12 15:30:40 -08:00
Adam Ierymenko
d7f3c33d72 Add zerotier-idtool to Windows. 2018-01-12 15:03:45 -08:00
Adam Ierymenko
4e689998f9 Sanity checks on array sizes and fix a bug in IPv4 auto-assign. 2018-01-12 10:38:19 -08:00
Adam Ierymenko
cd2a4b709c Reduce maximum batcn size for status updates but increase the number of whole record commit threads. 2018-01-12 09:18:27 -08:00
Adam Ierymenko
d96aeac335 docs 2018-01-11 16:44:24 -08:00
Adam Ierymenko
c594351bcc Remove old code. 2018-01-11 14:32:55 -08:00
Adam Ierymenko
5f976d7430 Reenable faster lock. 2018-01-11 14:31:19 -08:00
Adam Ierymenko
f87326fc21 Fixes for lock ordering -- GitHub issue #573 2018-01-11 14:29:57 -08:00
Adam Ierymenko
0574a70fac docs 2018-01-11 09:49:13 -08:00
Adam Ierymenko
4e79804cd3 cleanup 2018-01-10 16:56:39 -08:00
Adam Ierymenko
86d5264167 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2018-01-10 16:55:15 -08:00
Adam Ierymenko
5bc4399a58 cleanup 2018-01-10 16:55:07 -08:00
Grant Limberg
406bcf7d3f Fix compilation on Windows 
DEBUG macro from miniupnpc interferring with enum Trace::DEBUG;
 2018-01-10 15:24:54 -08:00
Adam Ierymenko
f17cc1c6d8 cleanup 2018-01-10 15:03:39 -08:00
Joseph Henry
57077e4607 Added (get) command blurb in cli help 2018-01-10 14:40:31 -08:00
Adam Ierymenko
6304c85d3f Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2018-01-10 14:31:31 -08:00
Adam Ierymenko
a1992d76f2 Doc updates and other fixes. 2018-01-10 14:31:28 -08:00
Joseph Henry
98b07f7f3c Added (get) command to cli to single out JSON fields 2018-01-10 14:05:28 -08:00
Joseph Henry
6e1823ac81 Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2018-01-10 12:43:18 -08:00
Joseph Henry
640cc22749 Added allowTcpFallbackRelay to local.conf, fixed logic in Binder's route enumeration 2018-01-10 12:41:52 -08:00
Adam Ierymenko
9bab49d2f9 Move DB stuff into Db. 2018-01-09 12:39:25 -08:00
Adam Ierymenko
2751a6d56d cleanup 2018-01-09 12:31:00 -08:00
Adam Ierymenko
07cb62a503 cleanup 2018-01-09 11:41:26 -08:00
Adam Ierymenko
8a3b698407 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2018-01-09 11:23:44 -08:00
Adam Ierymenko
0c71d658fb cleanup 2018-01-09 11:23:39 -08:00
Joseph Henry
7e2d614975 Attempted fix for ticket #656 (failes to acknowledge physical blacklists) 2018-01-09 10:16:49 -08:00
Joseph Henry
09e4ab9aa1 Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2018-01-09 10:00:01 -08:00
Joseph Henry
2e1bc6e500 Cleaned up old code for attempted fix for ticket #600 2018-01-09 09:59:55 -08:00
Adam Ierymenko
1aea096b63 GitHub issue #492 2018-01-09 09:05:22 -08:00
Adam Ierymenko
30694f0b20 Allow trusted paths over global IPs for legacy config format too. 2018-01-09 08:59:26 -08:00
Adam Ierymenko
01b4cb64ee cleanup 2018-01-09 08:35:02 -08:00
Adam Ierymenko
6fbd15f8b2 cleanup 2018-01-08 15:56:53 -08:00
Adam Ierymenko
65c07afe05 Copyright updates for 2018. 2018-01-08 14:33:28 -08:00
Adam Ierymenko
e338c5f91d cleanup 2018-01-08 14:27:55 -08:00
Adam Ierymenko
0b0b5da240 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2018-01-08 13:06:30 -08:00
Adam Ierymenko
9c7ee5a21e Tear out old "link quality" stuff since it is not currently used and will be done differently. 2018-01-08 13:06:24 -08:00
Joseph Henry
f7b3ffe8a0 Commented out block which ignores added routes if there already exists an IP in the route's range. Attempted fix for #600 2018-01-05 17:10:59 -08:00
Grant Limberg
381857ea49 macOS: add libcurl to libraries when ZT_VAULT_SUPPORT=1 is specified on the make command line 2018-01-03 11:56:20 -08:00
Aleksandar Topuzovic
50aef368f6
Add support for armv7l 
* GCC running on Raspberry Pi 3 on Arch linux ARM reports arch as
  armv7l-unknown-linux-gnueabihf
 2018-01-02 11:32:17 +01:00
Joseph Henry
a9c4ce38f0 eh 2017-12-18 15:07:58 -08:00
Joseph Henry
bbc39d7648 Restore managed ZT routes that are deleted or otherwise mangled locally (Attempted fix for ticket #600) 2017-12-18 15:05:19 -08:00
Adam Ierymenko
d3e8e9629b More optimization work. 2017-12-15 14:24:17 -08:00
Adam Ierymenko
1f0b3a32d5 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-12-15 11:03:27 -08:00
Adam Ierymenko
0608704626 Some micro-optimizations, including a memcpy that is faster than Linux for most distro/compiler versions. 2017-12-15 11:03:20 -08:00
Adam Ierymenko
cb8e7b4d5e Make UDP read loop eventually move on. 2017-12-15 10:15:13 -08:00
Joseph Henry
346fa4d7f4 Added ZT_SANITIZE option to makefiles. This your new memory debugging best friend 2017-12-14 13:27:49 -08:00
Adam Ierymenko
7a22f01dd8 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-12-14 08:53:32 -08:00
Adam Ierymenko
4704d115c4 Some controller fixes. 2017-12-14 08:53:24 -08:00
Joseph Henry
12c621c230 Removed build flag in CMake script 2017-12-13 14:57:20 -08:00
Joseph Henry
cba65d897a Added CMake build script for libzerotiercore.a 2017-12-13 14:55:17 -08:00
Adam Ierymenko
e4a10cc510 Member commit bug fix. 2017-12-08 19:00:38 -05:00
Adam Ierymenko
249c27afd5 Fix old bug invoking idtool personality with -i 2017-12-08 11:17:07 -08:00
Adam Ierymenko
38cc89b2ca Add time to rethinkdb message output in controller. 2017-12-08 12:39:20 -05:00
Adam Ierymenko
aeb1794be1 Comment out storage of secret ID in RethinkDb. 2017-12-07 16:04:41 -08:00
Adam Ierymenko
dae728124e Fix to network path in conventional filesystem controller DB. 2017-12-07 14:42:33 -08:00
Adam Ierymenko
cf30b1fcdf GitHub issue #589 2017-12-07 17:13:24 -05:00
Adam Ierymenko
19bfef36f1 Build fix. 2017-12-07 16:45:43 -05:00
Adam Ierymenko
8d9464c414 docs, and make RethinkDB controller DB driver upsert into the Controller DB and also update the hostname field. 2017-12-07 13:39:25 -08:00
Adam Ierymenko
ada611d597 Go ahead and load kext so MacOS High Sierra users will see kext auth dialog right away. 2017-12-07 08:56:15 -08:00
Adam Ierymenko
f13886d343 Warning removal. 2017-12-05 17:53:28 -05:00
Adam Ierymenko
520b0601db Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-12-05 14:51:06 -08:00
Adam Ierymenko
926ecf9640 docs 2017-12-05 14:50:59 -08:00
Adam Ierymenko
c57198decd Add remoteTraceLevel to controller. 2017-12-05 17:49:20 -05:00
Adam Ierymenko
431716e249 Disable trace by default, stderr message improvements in RethinkDB driver. 2017-12-05 17:16:45 -05:00
Adam Ierymenko
694709f392 Add timestamp to network status. 2017-12-04 19:21:56 -05:00
Adam Ierymenko
16613ab5fb Clean up remote tracing code, add per-network remote trace settings, add remote trace level, and make local trace output readable again. 2017-12-04 14:40:10 -08:00
Adam Ierymenko
c26bf45e28 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-11-29 04:47:16 -08:00
Adam Ierymenko
23e5c7b38d Fix self-test compile. 2017-11-29 04:47:10 -08:00
Joseph Henry
382dd82eb6 Fix for local.conf virtual path blacklist (ticket #594) 2017-11-27 15:31:25 -08:00
Joseph Henry
f18d5b2efe Attempted fix for github issue #597, leaking sockets. Added call to closenatpmp() after failure to init 2017-11-27 14:23:55 -08:00
Adam Ierymenko
0fb22df633 Get ephemeral status fields out of the configs. They do not belong there and it just complicates things. 2017-11-09 17:01:16 -05:00
Adam Ierymenko
750e36993f GitHub issue #617 2017-11-09 11:35:46 -05:00
Adam Ierymenko
f7f658605d Move more ephemeral stuff to a tiny MemberLastRequest table instead of the main Member table. 2017-11-08 20:19:46 -05:00
Adam Ierymenko
192e5dbff8 Another fix for uptime logging. 2017-11-08 20:02:10 -05:00
Adam Ierymenko
ef224c3547 RethinkDB build fix. 2017-11-08 19:52:36 -05:00
Adam Ierymenko
c12b68a6b2 More Central work. 2017-11-08 11:32:01 -08:00
Adam Ierymenko
4166d8ca35 Fix a deadlock and some more work on RethinkDB (for central) integration. 2017-11-08 11:06:14 -08:00
Adam Ierymenko
53e7e950f1 Windows build fixes. 2017-11-07 16:39:12 -08:00
Adam Ierymenko
0612879dec Fix const. 2017-11-07 16:23:56 -08:00
Adam Ierymenko
3b21f946e4 Remove manual define of include rethinkdb driver symbol. 2017-11-07 16:18:48 -08:00
Adam Ierymenko
9f85371073 cleanup 2017-11-07 15:23:16 -08:00
Adam Ierymenko
cb550ab4fe Merge branch 'dev' into edge 2017-11-07 14:59:18 -08:00
Adam Ierymenko
b8cbf08617 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-11-07 14:59:03 -08:00
Adam Ierymenko
1613f42d00 Re-integrate in-filesystem DB into new controller DB structure. 2017-11-07 14:44:46 -08:00
Joseph Henry
e5d1243dd2 Minor changes to SDK-related portions of OneService 2017-11-06 13:43:56 -08:00
Adam Ierymenko
7fc9094d8e More fixes to RethinkDB. 2017-11-03 22:40:26 -04:00
Adam Ierymenko
92c7070aa8 RethinkDB fixes. 2017-11-03 20:55:16 -04:00
Adam Ierymenko
b68bca35db Linux build fixes, linux build rule for RethinkDB mode controller, also force disable shitty allocators in libstdc++. 2017-11-03 16:59:36 -04:00
Adam Ierymenko
d97adc8789 Preparing for test. 2017-11-03 12:32:56 -07:00
Adam Ierymenko
f5014d7d71 RethinkDB direct connectivity integration. 2017-11-03 11:39:27 -07:00
Adam Ierymenko
4e88c80a22 RethinkDB native connector work, minor fixes. 2017-11-02 07:05:11 -07:00
Adam Ierymenko
a6203ed038 icon 2017-10-29 12:01:15 -07:00
Adam Ierymenko
1db547d607 Windows build fixes, AIP file update. 2017-10-25 16:25:57 -07:00
Adam Ierymenko
2cc4dc5a6f Clean peers.d periodically and delete peers older than 30 days. 2017-10-25 16:08:14 -07:00
Adam Ierymenko
fac7dc9c91 Stop duplciate IPv6 addresses due to privacy mode IPs. 2017-10-25 16:01:36 -07:00
Adam Ierymenko
508fa6a7fe A few fixes for cluster mode. 2017-10-25 15:44:10 -07:00
Adam Ierymenko
71bdaa9508 Now with more worky. 2017-10-25 13:27:28 -07:00
Adam Ierymenko
459f1e7bfb Refactor path stability stuff and add basic multipath support. 2017-10-25 12:42:14 -07:00
Adam Ierymenko
0d8b8d8426 Remove some unused constants. 2017-10-24 15:04:19 -07:00
Adam Ierymenko
2d0dc62a53 docs 2017-10-24 14:57:02 -07:00
Adam Ierymenko
0d8e134f9f Warning removal. 2017-10-24 14:54:15 -07:00
Adam Ierymenko
c7d370c17f Delete something that turns out not to be useful. This will be handled differently. 2017-10-24 14:49:38 -07:00
Adam Ierymenko
395d8b3139 Full and clearer implementation of GitHub issue #588 2017-10-24 13:33:53 -07:00
Adam Ierymenko
b92ef67e56 Merge pull request #550 from surgicalcoder/patch-2 
Peer's role misses a PLANET role
 2017-10-24 12:22:38 -07:00
Adam Ierymenko
5a8aa66641 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-10-24 12:22:02 -07:00
Adam Ierymenko
e87ef18826 cleanup 2017-10-24 12:21:56 -07:00
Adam Ierymenko
7b78d4f11f Merge pull request #605 from oneguynick/patch-1 
Update make-linux.mk to include support for Armv7l
 2017-10-24 12:21:32 -07:00
Nicholas Schmidt
65ac61b2ea Update make-linux.mk to include support for Armv7l 
When running ArchlinuxARM with 64bit support on Raspberry Pi3, the default build fails due to the architecture look-up at the beginning of the build process. A simple addition of the Armv7l section above allows the build to continue and successfully run.
 2017-10-19 09:21:24 -04:00
Grant Limberg
629a3a2a24 call setFriendlyName() after tap adapter is initialized 2017-10-16 12:16:05 -07:00
Joseph Henry
ee4783e3fb ifdef omit of deletePersistentTapDevice() in OneService for libzt builds on Windows 2017-10-10 15:01:15 -07:00
Joseph Henry
f2c69ede96 Conditionally omit reference to CancelSynchronousIo in Thread.hp when MINGW32/64 is detected for libzt build - Symbol not supported 2017-10-10 12:21:52 -07:00
Grant Limberg
ceeb35eaac If lastSend/lastReceive is < 0, just put 0. 2017-10-05 13:19:25 -07:00
Grant Limberg
099bedd2e9 A few more uint64_t -> int64_t changes for timestamps 2017-10-04 12:01:17 -07:00
Grant Limberg
4177a11522 remove some leftover debug code 2017-10-04 09:18:13 -07:00
Grant Limberg
3d4a1b575e Update Android NDK with uint64_t -> int64_t changes 2017-10-03 11:25:26 -07:00
Grant Limberg
b1d60df44c timestamps changed from uint64_t to int64_t 
There were cases in the code where time calculations and comparisons were overflowing and causing connection instability.  This will keep time calculations within expected ranges.
 2017-10-02 15:52:57 -07:00
Grant Limberg
7cf70d111a Return an explicit NULL shared pointer at the end of Topology::getPeer() 2017-09-28 10:40:27 -07:00
Grant Limberg
e564c56dce Set size of buffer after setting data with unsafeData() call 2017-09-28 10:39:43 -07:00
Grant Limberg
239c2540d6 Mutex::lock and ::unlock just called themselves 2017-09-27 15:05:13 -07:00
Grant Limberg
c53d140145 Replace '_' with '__' in network names on toolbar menu in Windows 
Otherwise WPF gobbles up the underscores
 2017-09-27 13:24:29 -07:00
Grant Limberg
12a6a2f2d2 remove reference to invalid file 2017-09-27 13:07:24 -07:00
Grant Limberg
9c903567bb Hashtable needs to include Constants.hpp for ZT_EXCEPTION_OUT_OF_MEMORY 2017-09-25 13:42:19 -07:00
Grant Limberg
6782dee64a Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2017-09-25 10:10:17 -07:00
Adam Ierymenko
302c15140e Fix API problem with path configuration.. 2017-09-25 08:53:55 -07:00
Grant Limberg
c666f92e35 new startup process UI for Windows 2017-09-22 15:33:09 -07:00
Grant Limberg
eb42ef68ee Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev 2017-09-22 10:22:22 -07:00
Adam Ierymenko
52916eebcf Keep attemting to upgrade direct path if path is not private to facilitate better use of LANs and backplane networks. 2017-09-14 20:56:50 -07:00
Adam Ierymenko
f8014413a3 Add UDP MTU configurability. 2017-09-01 16:25:34 -07:00
Adam Ierymenko
2d858b05ac Another fix for ye old tyme clients. 2017-09-01 12:03:31 -07:00
Adam Ierymenko
b1fb020aea Raise chunk size to max packet size for network configs. Chunking breaks really ancient clients, so this helps them live a little longer. No real downside for new clients. 2017-09-01 10:43:44 -07:00
Adam Ierymenko
02ed84774c Non-x86 build fix. 2017-08-31 20:47:44 -04:00
Adam Ierymenko
283e8d5bc0 Start threads in Central harnessed mode. 2017-08-31 18:01:21 -04:00
Joseph Henry
f39e2e2a53 Fixed typo of mysterious origin 2017-08-31 11:37:29 -07:00
Adam Ierymenko
5bf5d5e9cb Minor controller stuff. 2017-08-30 17:22:25 -07:00
Adam Ierymenko
e51e212b95 Add some defines of use to low level developers. 2017-08-25 16:04:04 -07:00
Adam Ierymenko
6418d02572 Fix HTTP DELETE stupid bug. 2017-08-24 15:33:24 -07:00
Adam Ierymenko
49fa30d495 Ticket lock for x64/gcc/clang platforms. 2017-08-23 18:52:32 -07:00
Adam Ierymenko
dd8b03a5c5 Threading issue fix? 2017-08-23 18:28:40 -07:00
Adam Ierymenko
4d5983114c Fix another deadlock. 2017-08-23 17:14:06 -07:00
Adam Ierymenko
0a9c3b5571 Fix possible deadlock. 2017-08-23 16:59:31 -07:00
Adam Ierymenko
180049a277 Fix pointer bug. 2017-08-23 16:55:22 -07:00
Adam Ierymenko
6ee201865b Clean up WHOIS code. 2017-08-23 16:42:17 -07:00
Adam Ierymenko
b1d94c9f93 Performance improvement to RX queue ring buffer. 2017-08-23 15:19:26 -07:00
Adam Ierymenko
a156a4dbe2 Symmetric NAT cleanup. 2017-08-23 15:12:00 -07:00
Adam Ierymenko
2cebe7a5e0 Fix name difference. 2017-08-23 14:09:29 -07:00
Adam Ierymenko
9cfc109527 Tighten a few timings. 2017-08-23 14:00:08 -07:00
Adam Ierymenko
64758c46b6 Implement peer serialization and deserialization. 2017-08-23 13:40:51 -07:00
Adam Ierymenko
4352202349 Reduce TCP relay latency -- see GitHub issue #564 2017-08-18 14:54:10 -07:00
Adam Ierymenko
ba07a60c44 Fix PPC PR. 2017-08-18 14:40:10 -07:00
Adam Ierymenko
72bfe0953a Merge pull request #560 from andyfangdz/patch-1 
Add `ppc64le` arch
 2017-08-18 14:38:41 -07:00
Adam Ierymenko
bab5647522 Add make rule for official-static. 2017-08-18 14:00:35 -07:00
Adam Ierymenko
fcaf1d89c2 Get rid of some noisy remote traces that should not be needed. 2017-08-18 13:59:22 -07:00
Adam Ierymenko
106dff0d53 Make remote trace target null by default, which is probably what we want. 2017-08-18 13:52:10 -07:00
Adam Ierymenko
174ba8884e Delete support in harnessed mode. 2017-08-17 13:10:10 -07:00
Adam Ierymenko
1ce0dcf0ea Another Central harnessed mode fix. 2017-08-16 14:41:42 -07:00
Adam Ierymenko
1387e15c1b Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-08-16 14:14:56 -07:00
Adam Ierymenko
50e7ea088b More work on controller for new Central harnessed mode, remove old http mode. 2017-08-16 14:14:49 -07:00
Joseph Henry
59b7cbb591 Rename SocketTap to VirtualTap to prevent confusion on role 2017-08-15 16:22:28 -07:00
Adam Ierymenko
23fe8975e7 . 2017-08-14 11:44:07 -07:00
Adam Ierymenko
a4bc40542b GCC/G++ build fixes, GitHub issue #563 2017-08-14 11:43:39 -07:00
Joseph Henry
ee1dc16e8f Added getRoutes() for libzt 2017-08-10 00:59:15 -07:00
Adam Ierymenko
1c04cc0485 . 2017-08-09 17:42:35 -07:00
Adam Ierymenko
2c682b4d1c Small controller revisions, first run of controller API model JavaScript. 2017-08-09 14:37:19 -07:00
Grant Limberg
6842490c1f Add menu option to open ZeroTier Central in the system default browser 2017-08-09 14:19:37 -07:00
Adam Ierymenko
ff5e22031a Small fix: should expire packets to prevent repeated WHOISes. 2017-08-08 13:24:37 -07:00
Adam Ierymenko
e3cf756785 Make rxQueue lock-free using an atomic counter ring buffer. 2017-08-08 13:21:10 -07:00
Adam Ierymenko
7e6598e9ca Possible deadlock fix. 2017-08-07 14:13:08 -07:00
Dezhi “Andy” Fang
48d2017629 Add ppc64le arch 
I've only tested locally, on a power8 box running Ubuntu 16.10, but everything (and earth) checks out.

Let me know if more testing infrastructure is needed.
 2017-08-06 02:06:00 -07:00
Adam Ierymenko
e4823381c6 . 2017-07-19 15:16:15 -07:00
Adam Ierymenko
66feaeb519 . 2017-07-19 15:06:23 -07:00
Adam Ierymenko
8c6b833fb3 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-07-19 14:13:23 -07:00
Adam Ierymenko
b62296a40b Bug fixes in new harness mode. 2017-07-19 14:13:17 -07:00
Grant Limberg
fc7728212f Fix ifndef on Windows 2017-07-18 15:59:11 -07:00
Adam Ierymenko
31785f7f6e Automatic periodic status dump from controller. 2017-07-18 15:36:33 -07:00
Adam Ierymenko
ae65eb5105 Cleanup and replace trace field names with sane ones because usability > a few bytes. 2017-07-18 14:28:38 -07:00
Adam Ierymenko
727ccb1125 Cleanup and stdin/stdout harness mode for controller. 2017-07-18 13:57:37 -07:00
Adam Ierymenko
77ce238457 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-07-17 17:02:57 -07:00
Adam Ierymenko
1685659e37 Remote tracing works. 2017-07-17 17:02:50 -07:00
Grant Limberg
0f03d4ef51 Update Jenkinsfile for new NDK in Jenkins 2017-07-17 16:55:00 -07:00
Grant Limberg
bcf697cc2b Wire up PortMapper in Android 
Enables UPnP port mapping for Android client on networks with UPnP routers
 2017-07-17 16:16:25 -07:00
Adam Ierymenko
5e2ea4a81a Cleanup. 2017-07-17 14:24:57 -07:00
Adam Ierymenko
b9e1d53d7a Minor cleanup. 2017-07-17 14:21:09 -07:00
Adam Ierymenko
ab0806a036 Cleanup. 2017-07-17 13:48:39 -07:00
Adam Ierymenko
3a1ec07db0 Remove some exception copypasta. 2017-07-17 10:43:28 -07:00
Adam Ierymenko
d939d8d21d A bit more remote tracing stuff. 2017-07-14 14:57:40 -07:00
Adam Ierymenko
d9552fb120 Add remoteTraceTarget to network and member configs in controller. 2017-07-14 14:33:36 -07:00
Adam Ierymenko
4ecc0c59ca Plumbing through of remote trace into controller code. 2017-07-14 13:03:16 -07:00
Adam Ierymenko
0655a1fcbe Move old cluster code into attic. 2017-07-13 16:42:43 -07:00
Adam Ierymenko
c8d0cf2c40 Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2017-07-13 16:31:30 -07:00
Adam Ierymenko
c692f2e740 Fix for new identity generation bug. 2017-07-13 16:31:16 -07:00
Alex
a83c7c0d07 remove debugging flag 2017-07-13 15:13:20 -07:00
Adam Ierymenko
ba6fd16823 More tracing stuff. 2017-07-13 15:08:57 -07:00
Adam Ierymenko
54893c35c1 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-07-13 10:51:19 -07:00
Adam Ierymenko
495c5ce81d Bunch of remote tracing work. 2017-07-13 10:51:05 -07:00
Grant Limberg
4cc773ec1b fix Windows build 2017-07-12 13:52:45 -07:00
Grant Limberg
69ae35494e put the correct file extensions on data written to disk in JNI 2017-07-12 13:36:22 -07:00
Grant Limberg
512c3af4ea fix packet sending functions 2017-07-12 13:12:45 -07:00
Grant Limberg
d8f1c3dff7 Update JNI code to reflect new ZeroTier API 2017-07-12 11:34:53 -07:00
Grant Limberg
0a11dd2d24 Fix NeighborDiscovery code now that ZT_SOCKADDR_NULL doesn’t exist 2017-07-11 15:45:36 -07:00
Monty A
78ee7f6573 Peer's role misses a PLANET role 
Peer's role misses a PLANET role in documentation vs what's returned from API.
 2017-07-09 15:39:49 +01:00
Adam Ierymenko
dab0fb9e05 Remote trace: plumbing, replace old TRACE with calls to Trace object. 2017-07-07 16:58:05 -07:00
Adam Ierymenko
e14d5d49a1 Merge branch 'master' into dev 2017-07-07 09:36:54 -07:00
Adam Ierymenko
782b2b1514 Merge pull request #537 from laduke/patch-1 
Update README.md
 2017-07-07 09:32:37 -07:00
Adam Ierymenko
a9582417e2 Merge pull request #547 from surgicalcoder/patch-1 
Clarification on how to use JSON API with secret
 2017-07-07 09:32:23 -07:00
Adam Ierymenko
69922b6c39 BSD build fix. 2017-07-07 09:29:24 -07:00
Adam Ierymenko
6fc70f7c16 More cleanup, Linux build fixes. 2017-07-07 06:50:40 -07:00
Monty A
a274e774ee Clarification on how to use JSON API with secret 
Makes it clear on how to use the authtoken.secret file when making requests.
 2017-07-07 10:11:21 +01:00
Adam Ierymenko
f23a43fb81 More cleanup. 2017-07-06 17:32:41 -07:00
Adam Ierymenko
88997a0314 Windows build fixes. 2017-07-06 16:29:11 -07:00
Adam Ierymenko
d2415dee00 Cleanup. 2017-07-06 16:11:11 -07:00
Adam Ierymenko
53728b79b4 . 2017-07-06 12:35:23 -07:00
Adam Ierymenko
dff8c02cfe Pull out and deprecate old cluster code. New cluster code will not be merged yet. 2017-07-06 12:33:00 -07:00
Adam Ierymenko
640ad577d1 . 2017-07-06 11:56:46 -07:00
Adam Ierymenko
cd63ecd3f3 . 2017-07-06 11:45:48 -07:00
Adam Ierymenko
f18158a52d . 2017-07-06 11:45:22 -07:00
Adam Ierymenko
84748aab51 Merge branch 'dev' into edge 2017-07-06 10:26:04 -07:00
Adam Ierymenko
3fadc64ee0 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-07-06 10:25:58 -07:00
Adam Ierymenko
47594f7c99 Merge branch 'edge' of http://10.6.6.2/zerotier/ZeroTierOne into edge 2017-07-06 10:25:44 -07:00
Adam Ierymenko
2f20258807 . 2017-07-06 10:25:36 -07:00
Grant Limberg
47122a3804 Merge branch 'dev' into edge 2017-07-03 13:29:54 -07:00
Grant Limberg
1730f8f5b7 also cluster.hpp 2017-07-03 13:04:11 -07:00
Grant Limberg
d258a75cd3 remove Cluster.cpp from build list as it's been removed 2017-07-03 13:03:43 -07:00
Adam Ierymenko
baa10c2995 . 2017-06-30 17:32:07 -07:00
Grant Limberg
207d6572e0 fix for changelist posting to mattermost 2017-06-30 14:24:40 -07:00
Grant Limberg
10264cec2f slackSend -> mattermostSend 2017-06-30 13:43:39 -07:00
Adam Ierymenko
0ea1749c59 Merge pull request #540 from skunkwerks/master 
build: all BSDs expect gmake here
 2017-06-30 09:55:43 -07:00
Dave Cottlehuber
dd83c680e5 build: all BSDs expect gmake here 2017-06-30 13:11:05 +00:00
Adam Ierymenko
1a40f35fd4 Merge branch 'dev' into edge 2017-06-27 11:32:14 -07:00
Adam Ierymenko
8a99113c88 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-06-27 11:32:07 -07:00
Adam Ierymenko
ada2ea3a6b Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into edge 2017-06-27 11:31:39 -07:00
Adam Ierymenko
355cce3938 Rename Utils::snprintf due to it being a #define on one platform. 2017-06-27 11:31:29 -07:00
Travis LaDuke
9b2e08dd09 Update README.md 
We've had multiple questions in the community chat regarding posting new
network and getting the curl syntax correct.
 2017-06-26 11:53:35 -07:00
Joseph Henry
04cee3b8d3 Merge branch 'dev' of https://github.com/zerotier/ZeroTierOne into dev 2017-06-26 02:13:40 -07:00
Joseph Henry
c61440efea Detect platformDefaultHomePath on QNAP systems 2017-06-25 20:20:30 -07:00
Adam Ierymenko
02d18af57d Remove Cluster.hpp 2017-06-23 16:10:26 -07:00
Adam Ierymenko
2225bb093a Merge branch 'edge' into dev 2017-06-23 16:06:38 -07:00
Adam Ierymenko
75a6a7baca Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-06-23 16:05:58 -07:00
Alex
6b130e8311 fix for windows compilation (related to SDK implementation) 2017-06-21 14:58:39 -07:00
Alex
1b18923824 except wondows/lib 2017-06-13 14:25:53 -07:00
Alex
fc2ce439e2 remove unneeded files 2017-06-13 14:23:11 -07:00
Alex
5b3d9f9184 added Windows SDK in form of dlls 2017-06-13 13:28:23 -07:00
Adam Ierymenko
dd68c207f4 Stuff old Cluster code in attic. 2017-06-08 08:51:49 -07:00
Adam Ierymenko
9a3c34b5b3 Build fix, use -Os on Linux too. 2017-06-07 17:19:33 -07:00
Adam Ierymenko
951d911531 Last bit of new cluster code, ready to test. 2017-06-06 16:11:19 -07:00
Adam Ierymenko
4f2179b0df . 2017-06-05 13:42:43 -07:00
Adam Ierymenko
9b287392a4 . 2017-06-05 12:15:28 -07:00
Adam Ierymenko
aa06470cb6 More cleanup for cluster refactor. 2017-06-01 20:32:43 -07:00
Adam Ierymenko
d7b4f24a7a . 2017-06-01 17:21:57 -07:00
Adam Ierymenko
e8d11eb5c5 . 2017-06-01 17:21:04 -07:00
Adam Ierymenko
7f4da08ff7 . 2017-06-01 12:57:44 -07:00
Adam Ierymenko
1f9414a30f . 2017-06-01 12:38:04 -07:00
Adam Ierymenko
6015b529a0 More clustering work. 2017-06-01 12:33:05 -07:00
Adam Ierymenko
76452b4e28 Data structure fixup. 2017-06-01 07:39:31 -07:00
Adam Ierymenko
64b7d9ef82 New clustering work. 2017-06-01 07:15:46 -07:00
Joseph Henry
7bc9666aac fix for SDK's route/tap association in getTap() 2017-05-31 13:07:03 -07:00
Adam Ierymenko
2a4a50b1da Add some also-ZeroTier-written ext/ code for use in new clustering, delete some old code, and change Mac to use -Os which is just as fast as -Ofast and may be faster due to cache effects. 2017-05-31 08:36:09 -07:00
Adam Ierymenko
2ec88e8008 Remove old circuit test code. Rules engine will let us do this much better and more simply. 2017-05-30 10:19:45 -07:00
Joseph Henry
36049a940c added campaign tags to README.md 2017-05-25 17:09:21 -07:00
Grant Limberg
952834f7f3 Let Android Studio determine debug/release build 2017-05-23 14:56:29 -07:00
Adam Ierymenko
f9a9c2d009 Config object was never even being initialized on leave. Never noticed since desktop and server clients did not use. 2017-05-23 14:45:16 -07:00
Adam Ierymenko
fb71a6e2b4 skipRootCheck should also prevent dropping of privs on Linux 2017-05-19 16:16:10 -07:00
Adam Ierymenko
5e6a2a17b0 Cluster build fix. 2017-05-19 15:32:52 -07:00
Adam Ierymenko
92289c1981 Move to canonical device naming on Linux. 2017-05-19 15:18:47 -07:00
Adam Ierymenko
99e2098a48 Add a way to specify a different interface prefix (for internal use mostly). 2017-05-19 14:00:08 -07:00
Adam Ierymenko
5fc1c1de28 . 2017-05-19 13:24:40 -07:00
Grant Limberg
2fac693243 I guess there's a bug in Clipboard.SetText(). Clipboard.SetDataObject() works, though. 2017-05-12 16:42:54 -07:00
Grant Limberg
e9b956ed71 Swallow a possible ArgumentNullException when copying text to the system clipboard 2017-05-12 16:05:29 -07:00
Adam Ierymenko
236a952458 typo 2017-05-11 14:26:46 -07:00
Adam Ierymenko
426b7c2c76 Stupid bug is stupid. 2017-05-11 14:13:38 -07:00
Adam Ierymenko
22780a8504 Merge branch 'dev' of http://10.187.63.16/zerotier/ZeroTierOne into dev 2017-05-10 13:48:55 -07:00
Adam Ierymenko
a437fd420c version 2017-05-10 13:48:47 -07:00
Adam Ierymenko
2d74c60d47 Add branch hints to bounds checking in Buffer. 2017-05-09 21:54:23 -07:00
Adam Ierymenko
ceee56af51 Fix for small stacks. 2017-05-09 21:36:25 -07:00
Adam Ierymenko
d297d8fe2e Musl fix 2017-05-09 21:21:56 -07:00
Adam Ierymenko
f479b76772 define likely/unlikely 2017-05-09 20:22:08 -07:00
Grant Limberg
73f7088b45 Run Join/Leave commands asynchronously so the UI doesn't lock up on thoise commands 2017-05-08 16:17:33 -07:00
Adam Ierymenko
b3dd5c0e3a Build fix. 2017-05-08 14:51:12 -07:00
Adam Ierymenko
ee7ee22555 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-05-08 14:46:54 -07:00
Adam Ierymenko
cf49e511a5 More makefile changes. 2017-05-08 14:46:45 -07:00
Adam Ierymenko
505b9c7f56 Makefile reorg to allow core to be built as a library. 2017-05-08 14:36:55 -07:00
Grant Limberg
8c30b2b9f5 Fixed falling out of the network monitor thread if the ZeroTier service isn't running on Windows 2017-05-08 13:27:54 -07:00
Adam Ierymenko
b9c1407013 Adjust PUSH_DIRECT_PATH circuit breaker, and comment out traces to reduce noise. 2017-05-08 09:36:37 -07:00
Adam Ierymenko
d905607353 Small optimizations. 2017-05-08 08:35:55 -07:00
Adam Ierymenko
e5e90b1f71 Wire MTU through to service. 2017-05-04 20:10:49 -07:00
Adam Ierymenko
d5ed025871 Support MTU reconfigure for Windows. 2017-05-04 19:50:02 -07:00
Adam Ierymenko
b55422a528 MTU integration in taps. 2017-05-04 19:31:50 -07:00
Adam Ierymenko
909a14fb48 MTU support in controller. 2017-05-04 17:22:24 -07:00
Adam Ierymenko
107e3e4106 First pass of configurable MTU and max MTU increase. 2017-05-04 17:12:02 -07:00
Adam Ierymenko
6ef247fb93 More ARM stuff. 2017-05-04 16:00:53 -07:00
Adam Ierymenko
b8e46b835b Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-05-04 15:54:15 -07:00
Adam Ierymenko
0900fee5d9 Linux build stuff for ARM. 2017-05-04 15:54:08 -07:00
Joseph Henry
1f26cb98de updated OneService convenience functions for SDK 2017-05-04 15:26:44 -07:00
Joseph Henry
ceeb8ee0bc added isEqualPrefix to InetAddress 2017-05-04 15:25:48 -07:00
Adam Ierymenko
54c47a1e03 Add some historic code just for the heck of it. 2017-05-04 10:42:22 -07:00
Adam Ierymenko
6bb855873d GitHub issue #494 -- shut down and restart UI on Mac pkg install/upgrade. 2017-05-03 15:03:26 -07:00
Adam Ierymenko
39db45e144 Fix crash on exit (sometimes) in controller. 2017-05-03 09:48:08 -07:00
Adam Ierymenko
41c187ba12 Another very small crypto optimization. 2017-05-03 07:43:23 -07:00
Adam Ierymenko
d7c99728bc Echo back ping payload. 2017-05-02 17:28:18 -07:00
Adam Ierymenko
8e19188f49 Do the sometimes rather big "pong" in a background worker thread. 2017-05-02 16:58:51 -07:00
Adam Ierymenko
625e3e8e25 Tiny optimization to prealloc string space. 2017-05-02 13:53:47 -07:00
Adam Ierymenko
fde99e2fcf Fix for post size limit in Http library. 2017-05-02 12:08:53 -07:00
Adam Ierymenko
132643cd4a Fix small issue preventing pongs if there are never seen members. 2017-05-02 10:34:33 -07:00
Adam Ierymenko
faf7b81c01 Send last requets time in status, and do not set physicalAddr unless we know one. 2017-05-01 15:48:52 -07:00
Adam Ierymenko
bcc6799902 Send member uptime in pong posts. 2017-05-01 15:23:21 -07:00
Adam Ierymenko
718e1d6c08 Finish removing constantly changing stuff from controller. 2017-05-01 13:21:26 -07:00
Adam Ierymenko
a9ce773584 Remove lastModified field in config which literally nothing uses anywhere, and prevent some unnecessary writes. 2017-04-28 19:58:21 -07:00
Adam Ierymenko
d69bc4fb5e Main license file. 2017-04-27 20:54:42 -07:00
Adam Ierymenko
1b68d6dbdc License header update. 2017-04-27 20:47:25 -07:00
Adam Ierymenko
62578a2162 Reduce memory use and a bit of cleanup. 2017-04-27 19:36:03 -07:00
Adam Ierymenko
9e80db0fd1 Cleanup, fix a valgrind error, stack use reduction. 2017-04-27 00:59:36 -07:00
Adam Ierymenko
e8ab6adf89 Deadlock fix. 2017-04-26 12:17:43 -07:00
Adam Ierymenko
7c184cf991 Another performance improvement to controller. 2017-04-26 10:35:59 -07:00
Adam Ierymenko
72def658d0 Add a dummy Ethernet tap and a build option to enable it. 2017-04-26 08:42:49 -07:00
Adam Ierymenko
e7cd888c7d dev is now 1.2.5 2017-04-26 06:50:12 -07:00
Adam Ierymenko
1205578935 Big cleanup of controller code, should help performance. 2017-04-26 06:48:08 -07:00
Adam Ierymenko
4e77365e8d Remove a little cruft. 2017-04-25 16:17:54 -07:00
Adam Ierymenko
4f2a779769 JSONDB performance improvements, threading fix. 2017-04-24 20:51:02 -07:00
Adam Ierymenko
cafbe44dde Controller optimizations -- make locking more fine-grained, use true hardware concurrency, etc. 2017-04-24 19:16:36 -07:00
Adam Ierymenko
6234bfd8bf 4-core Debian build. 2017-04-24 18:40:34 -07:00
Adam Ierymenko
77796caba6 Static ARM32 build fixes. 2017-04-24 18:12:58 -07:00
Adam Ierymenko
97f1d7ae2e . 2017-04-24 16:56:18 -07:00
Adam Ierymenko
487e89d4d0 Add i486 and i586 to Linux makefile for detection of ia32. 2017-04-24 15:19:03 -07:00
Adam Ierymenko
fe5257df81 VERSION 1.2.4: Bug fixes and performance improvements 
* Managed routes are now only bifurcated for the default route. This is a change in behavior, though few people will probably notice. Bifurcating all managed routes was causing more trouble than it was worth for most users.
 * Up to 2X crypto speedup on x86-64 (except Windows, which will take some porting) and 32-bit ARM platforms due to integration of fast assembly language implementations of Salsa20/12 from the [supercop](http://bench.cr.yp.to/supercop.html) code base. These were written by Daniel J. Bernstein and are in the public domain. My Macbook Pro (Core i5 2.8ghz) now does almost 1.5GiB/sec Salsa20/12 per core and a Raspberry Pi got a 2X boost. 64-bit ARM support and Windows support will take some work but should not be too hard.
 * Refactored code that manages credentials to greatly reduce memory use in most cases. This may also result in a small performance improvement.
 * Reworked and simplified path selection and priority logic to fix path instability and dead path persistence edge cases. There have been some sporadic reports of persistent path instabilities and dead paths hanging around that take minutes to resolve. These have proven difficult to reproduce in house, but hopefully this will fix them. In any case it seems to speed up path establishment in our tests and it makes the code simpler and more readable.
 * Eliminated some unused cruft from the code around path management and in the peer class.
 * Fixed an issue causing build problems on some MIPS architecture systems.
 * Fixed Windows forgetting routes on sleep/wake or in some other circumstances. (GitHub issue #465)
 2017-04-24 11:41:23 -07:00
Adam Ierymenko
9161424c97 Version bumps. 2017-04-24 11:41:01 -07:00
Adam Ierymenko
cdda0dd043 Windows version bump. 2017-04-24 11:37:54 -07:00
Adam Ierymenko
f4feccc626 Do not serve controller requests until init is done. 2017-04-24 09:09:04 -07:00
Adam Ierymenko
44cb2f4efd ++version 2017-04-21 15:32:00 -07:00
Adam Ierymenko
cacb8fae0d GitHub issue #463 -- fix MacOS uninstall script. 2017-04-21 13:55:44 -07:00
Adam Ierymenko
fa99a5cf12 docs 2017-04-21 13:27:34 -07:00
Adam Ierymenko
e700165eba GitHub issue #465 - Windows route amnesia 2017-04-21 13:26:02 -07:00
Adam Ierymenko
8542ee59db Windows crash fix. 2017-04-21 12:42:51 -07:00
Adam Ierymenko
76108671f6 BSD makefile fix for OpenBSD. 2017-04-21 08:42:45 -07:00
Adam Ierymenko
8b0ce1cc00 More BSD make fixes. 2017-04-21 08:09:18 -07:00
Adam Ierymenko
0e88c73f68 Mirror over some arch rules from Linux to BSD make, and enable fast crypto there. 2017-04-21 08:04:33 -07:00
Adam Ierymenko
ba0d73d102 Windows build fixes. 2017-04-20 10:21:40 -07:00
Adam Ierymenko
d3ecd1d670 docs 2017-04-20 10:21:08 -07:00
Adam Ierymenko
f9ae5938d0 Makefile fix, only bifurcate routes for default, and release notes. 2017-04-20 10:08:46 -07:00
Adam Ierymenko
a8ced184dc Some code cleanup and make sure any type punning is guarded with ZT_NO_TYPE_PUNNING. 2017-04-20 09:33:35 -07:00
Adam Ierymenko
e7a2c6ecef Integrate ARM/NEON crypto. 2017-04-19 17:11:56 -07:00
Adam Ierymenko
a376bcc654 ARM NEON Salsa20/12 in build and selftest. Almost 2X speedup on a Raspberry Pi. 2017-04-19 23:49:26 +00:00
Adam Ierymenko
8e1ac9fb0c ARM NEON Salsa20/12. 2017-04-19 15:58:20 -07:00
Adam Ierymenko
bc61357a44 HTTP backend support for JSONDB 2017-04-18 17:37:44 -07:00
Adam Ierymenko
f6d92eb737 JSONDB fix. 2017-04-18 13:48:19 -07:00
Adam Ierymenko
48cadcd2fc More build fixes. 2017-04-18 12:48:56 -07:00
Adam Ierymenko
bd63a840c7 Mac build fix. 2017-04-18 12:44:27 -07:00
Adam Ierymenko
aaf597f020 Cleanup, Windows fixes, Self test fix 2017-04-18 12:22:44 -07:00
Adam Ierymenko
72bd3064a2 Windows build fixes, self test cleanup. 2017-04-18 11:00:29 -07:00
Adam Ierymenko
a1c316b940 Makefile cruft. 2017-04-18 09:19:39 -07:00
Adam Ierymenko
02f84b225c Add MIPS architectures to Linux Makefile and add an error if architecture cannot be determined. 2017-04-18 09:14:33 -07:00
Adam Ierymenko
6551c20005 Enable x64 ASM Salsa20/12 on Linux. 2017-04-18 08:57:32 -07:00
Adam Ierymenko
a1e94154be Just incorporate the X64 ASM version of Salsa20/12 for X64 platforms. This gives us (for example) 1.5gb/sec encryption on a Core i5 2.8ghz. 2017-04-18 08:45:37 -07:00
Adam Ierymenko
4938e82795 Delete junk. 2017-04-17 18:01:51 -07:00
Adam Ierymenko
7a94f63058 Back out NaCl since the old one with xmm6 salsa2012 does not support multi-block use and the new one is slower. 2017-04-17 17:54:12 -07:00
Adam Ierymenko
db0edf154c Use right deployment target in OSX bin. 2017-04-17 16:54:41 -07:00
Adam Ierymenko
a1cd94a61d Actually include .a 2017-04-17 16:43:36 -07:00
Adam Ierymenko
df48738ac9 Enable use of NaCl for faster X64 Salsa20 implementations. Also include binary for OSX for easy build. Blazingly fast. 2017-04-17 16:43:03 -07:00
Adam Ierymenko
d8f5cfdee4 Windows profile build target (CPU profiling), and a little bit of optimization revealed by such. 2017-04-17 15:45:49 -07:00
Adam Ierymenko
95e5345cc3 Cluster build fix. 2017-04-17 10:12:13 -07:00
Adam Ierymenko
ba5d0cc2f9 Silence some TRACE noise. 2017-04-17 09:31:07 -07:00
Adam Ierymenko
1d8ded3293 Tiny largely non-consequential credential fix. 2017-04-17 09:30:28 -07:00
Adam Ierymenko
2487a8bede Fix for 100% cpu issue. 2017-04-17 09:14:21 -07:00
Adam Ierymenko
f1c0563c40 Fix for cluster handoff. 2017-04-14 18:02:04 -07:00
Adam Ierymenko
139c4b5633 Significant simplification to path logic. 2017-04-14 17:53:32 -07:00
Adam Ierymenko
645bf4a764 Resurrect zerotier-containerized. 2017-04-14 13:30:12 -07:00
Adam Ierymenko
88a4a3b1ba Pass tptr on leave. 2017-04-11 08:47:02 -07:00
Adam Ierymenko
6fabaae736 Add simple root server watcher (for our own new dashboard, but also for user use). 2017-04-04 16:47:14 -07:00
Adam Ierymenko
1b2cfd63e5 add libstdc++ dependency 2017-04-04 14:10:38 -07:00
Adam Ierymenko
ff2b219abd root-watcher code 2017-04-04 12:39:14 -07:00
Adam Ierymenko
33c3af752b Need to just have a make option for soft float ARM. 2017-04-04 11:26:50 -07:00
Adam Ierymenko
f73a1d2d56 Linux ARM flags. 2017-04-04 09:41:34 -07:00
Adam Ierymenko
470ad39d0d More Linux ARM stuff. 2017-04-04 09:15:38 -07:00
Adam Ierymenko
5ad120208f Small fix, should filter by temporal validity. 2017-04-04 08:46:12 -07:00
Adam Ierymenko
b48a70db2e Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-04-04 08:39:22 -07:00
Adam Ierymenko
cd050b3423 Performance improvement in controller. 2017-04-04 08:39:19 -07:00
Adam Ierymenko
eddbc7e757 Logic simplification, cleanup, and memory use improvements in Membership. Also fix an issue that may cause network instability in some cases. 2017-04-04 08:07:38 -07:00
Adam Ierymenko
8a62ba07e5 Membership cleanup work in progress. 2017-04-04 06:47:01 -07:00
Adam Ierymenko
b3298a8f57 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2017-03-30 09:54:10 -07:00
Adam Ierymenko
e5284771e4 Add ping/pong to API so controller supervisor in Central can do a full-path check of controller uptime, etc. 2017-03-30 09:54:04 -07:00
Grant Limberg
5f611dad51 added orbit/deorbit methods to java Node implementation 2017-03-29 13:29:02 -07:00
Grant Limberg
1c5fdb8a0a fix path checker initialization 2017-03-29 13:28:06 -07:00
Grant Limberg
de4b9e9a16 Added path checking interface for Java 2017-03-29 12:52:52 -07:00
Adam Ierymenko
57b5a33fbb Fix bug preventing default from being set to null if already set to an integer. 2017-03-29 12:32:59 -07:00
Adam Ierymenko
3f4f7145a3 Another rule compiler fix. 2017-03-28 22:25:24 -07:00
Adam Ierymenko
b959148447 Small rule compiler fix with tag defaults. 2017-03-28 21:50:44 -07:00
Grant Limberg
855361b5b8 fix native end of JNI code for new thread data ptr 2017-03-28 17:49:00 -07:00
Adam Ierymenko
91c9f4cb20 Fix TRACE and CLUSTER builds. 2017-03-27 17:33:25 -07:00
Adam Ierymenko
e4896b257f Add thread PTR that gets passed through the entire ZT core call stack and then passed to handler functions resulting from a call. 2017-03-27 17:03:17 -07:00
Adam Ierymenko
592cac5815 Remove from a few other places. 2017-03-27 12:09:37 -07:00
Adam Ierymenko
4244cca48c Delete comically named SSL gateway code, which is going elsewhere. 2017-03-27 12:08:38 -07:00
Grant Limberg
179ab5220a Set macOS deployment target to 10.10 for UI applet 
Must use CLI for older versions of macOS
 2017-03-27 11:36:11 -07:00
Grant Limberg
d6bb1b72c3 Fix some text colors to work on old OS X versions 2017-03-27 11:15:36 -07:00
Grant Limberg
3d9a5a4f91 Popovers now appear to work 2017-03-27 10:55:47 -07:00
Joseph Henry
683ba79ff0 Added ButtFlare stub code 2017-03-24 17:00:14 -07:00
Grant Limberg
0c69fc719f Windows UI will attempt to re-copy the auth token if a 401 error is received 2017-03-22 10:48:42 -07:00
Grant Limberg
03b48a4ad4 add lock around [ServiceCom key] and remove some debug code 2017-03-22 10:22:15 -07:00
Grant Limberg
aa71292265 A couple more places we should check HTTP status 2017-03-22 10:18:12 -07:00
Grant Limberg
d72eee6cf7 If we get a 401 error from the ZeroTier service in the macOS UI, try re-copying the auth token 2017-03-22 09:58:13 -07:00
Adam Ierymenko
6bb19e7947 build fix 2017-03-21 09:08:32 -07:00
Adam Ierymenko
3d2518f799 crazy formatting fix 2017-03-21 08:21:11 -07:00
Adam Ierymenko
5268909075 Add a facility for full flow-through uptime test of controller by Central. 2017-03-21 06:31:15 -07:00
Adam Ierymenko
c62141fd98 Make controller do a simple write-through cache without revalidating. Means you must restart if files change on disk, but will decrease I/O considerably. 2017-03-21 06:15:49 -07:00
Adam Ierymenko
ae303ee902 dev is now 1.2.3 2017-03-20 16:17:11 -07:00
Daniel Skowroński
18c9dc8a06 fix RTF_MULTICAST and g++ -w 2016-12-27 13:07:05 +01:00
Daniel Skowroński
ba07d1f91d cleanup 2016-12-27 11:57:05 +01:00
Daniel Skowroński
9a2310395d mimic BSDEthernetTap but with creating/destroying char tap device 2016-12-27 11:42:43 +01:00
Daniel Skowroński
218ace51a7 use /dev/tap{0..3}; it is fully working now 2016-12-26 02:52:07 +01:00
Daniel Skowroński
f09eedbd7a make it compilable 2016-12-25 22:54:27 +01:00
Daniel Skowroński
546e8a3b44 initial netbsd support in makefile/flags 2016-12-25 20:59:12 +01:00
1808 changed files with 417223 additions and 48014 deletions
Show stats Expand all files Collapse all files

75
.clang-format Normal file
View file

@ -0,0 +1,75 @@
---
BasedOnStyle: LLVM
BreakBeforeBraces: Stroustrup
IndentWidth: 4
TabWidth: 4
AlignAfterOpenBracket: AlwaysBreak
AlignConsecutiveMacros: 'true'
AlignConsecutiveAssignments: 'false'
AlignConsecutiveDeclarations: 'false'
AlignEscapedNewlines: Right
AlignOperands: 'true'
AlignTrailingComments: 'true'
AllowAllArgumentsOnNextLine: 'false'
AllowAllConstructorInitializersOnNextLine: 'false'
AllowAllParametersOfDeclarationOnNextLine: 'false'
AllowShortBlocksOnASingleLine: 'true'
AllowShortCaseLabelsOnASingleLine: 'false'
AllowShortFunctionsOnASingleLine: None
AllowShortIfStatementsOnASingleLine: Never
AlwaysBreakAfterReturnType: None
BinPackArguments: 'false'
BinPackParameters: 'false'
BreakBeforeBinaryOperators: NonAssignment
BreakBeforeTernaryOperators: 'true'
BreakConstructorInitializers: BeforeComma
BreakInheritanceList: BeforeComma
CompactNamespaces: 'false'
ConstructorInitializerAllOnOneLineOrOnePerLine: 'true'
ConstructorInitializerIndentWidth: '4'
ContinuationIndentWidth: '4'
Cpp11BracedListStyle: 'false'
FixNamespaceComments: 'true'
IncludeBlocks: Regroup
IndentCaseLabels: 'true'
IndentPPDirectives: None
IndentWrappedFunctionNames: 'false'
KeepEmptyLinesAtTheStartOfBlocks: 'false'
MaxEmptyLinesToKeep: '1'
NamespaceIndentation: None
PointerAlignment: Left
ReflowComments: 'true'
SortIncludes: 'true'
SortUsingDeclarations: 'true'
SpaceAfterCStyleCast: 'false'
SpaceAfterLogicalNot: 'true'
SpaceAfterTemplateKeyword: 'true'
SpaceBeforeAssignmentOperators: 'true'
SpaceBeforeCpp11BracedList: 'true'
SpaceBeforeCtorInitializerColon: 'true'
SpaceBeforeInheritanceColon: 'true'
SpaceBeforeParens: ControlStatements
SpaceBeforeRangeBasedForLoopColon: 'true'
SpaceInEmptyParentheses: 'false'
SpacesBeforeTrailingComments: '3'
SpacesInAngles: 'false'
SpacesInCStyleCastParentheses: 'false'
SpacesInContainerLiterals: 'true'
SpacesInParentheses: 'false'
SpacesInSquareBrackets: 'false'
UseTab: 'Always'
---
Language: Cpp
Standard: Cpp03
ColumnLimit: '240'
---
Language: ObjC
ColumnLimit: '240'
---
Language: Java
ColumnLimit: '240'
---
Language: CSharp
ColumnLimit: '240'
...

6
.clangd Normal file
View file

@ -0,0 +1,6 @@
CompileFlags:
Add:
- "-std=c++17"
- "-I../ext"
- "-I../ext/prometheus-cpp-lite-1.0/core/include"
- "-I../ext/prometheus-cpp-lite-1.0/simpleapi/include"

2
.dockerignore Normal file
View file

@ -0,0 +1,2 @@
.git/
workspace/

256
.drone.jsonnet Normal file
View file

@ -0,0 +1,256 @@
//
// tweakables
//
local registry = "084037375216.dkr.ecr.us-east-2.amazonaws.com";
local build_channel = "zerotier-builds";
local release_channel = "zerotier-releases";
local targets = [
{ "os": "linux", distro: "redhat", "name": "el9", "isas": [ "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "tag", "custom" ] },
{ "os": "linux", distro: "redhat", "name": "el8", "isas": [ "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "tag" ] },
{ "os": "linux", distro: "redhat", "name": "el7", "isas": [ "386", "amd64", "ppc64le"], "events": [ "tag" ] },
{ "os": "linux", distro: "amazon", "name": "amzn2", "isas": [ "amd64", "arm64" ], "events": [ "tag" ] },
{ "os": "linux", distro: "amazon", "name": "amzn2022", "isas": [ "amd64", "arm64" ], "events": [ "tag" ] },
{ "os": "linux", distro: "fedora", "name": "fc38", "isas": [ "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "tag" ] },
{ "os": "linux", distro: "fedora", "name": "fc37", "isas": [ "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "tag" ] },
{ "os": "linux", distro: "fedora", "name": "fc36", "isas": [ "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "tag" ] },
{ "os": "linux", distro: "ubuntu", "name": "jammy", "isas": [ "armv7", "amd64", "arm64", "ppc64le", "s390x", "riscv64" ], "events": [ "tag" ] },
{ "os": "linux", distro: "ubuntu", "name": "focal", "isas": [ "armv7", "amd64", "arm64", "ppc64le", "s390x", "riscv64" ], "events": [ "tag" ] },
{ "os": "linux", distro: "ubuntu", "name": "bionic", "isas": [ "386", "armv7", "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "tag" ] },
{ "os": "linux", distro: "ubuntu", "name": "xenial", "isas": [ "386", "armv7", "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "tag" ] },
{ "os": "linux", distro: "ubuntu", "name": "trusty", "isas": [ "386", "armv7", "amd64", "arm64" ], "events": [ "tag" ] },
{ "os": "linux", distro: "debian", "name": "bookworm", "isas": [ "386", "armv7", "amd64", "arm64", "mips64le", "ppc64le", "s390x" ], "events": [ "tag"] },
{ "os": "linux", distro: "debian", "name": "bullseye", "isas": [ "386", "armv7", "amd64", "arm64", "mips64le", "ppc64le", "s390x" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "debian", "name": "buster", "isas": [ "386", "armv7", "amd64", "arm64" ], "events": [ "tag" ] },
{ "os": "linux", distro: "debian", "name": "stretch", "isas": [ "386", "armv7", "amd64", "arm64" ], "events": [ "tag" ] },
{ "os": "linux", distro: "debian", "name": "jessie", "isas": [ "386", "armv7", "amd64" ], "events": [ "tag" ] },
// { "os": "windows", distro: "windows", "name": "windows", "isas": [ "amd64" ], "events": [ "push", "tag", "custom" ] },
// { "os": "darwin", distro: "darwin", "name": "darwin", "isas": [ "amd64" ], "events": [ "push", "tag", "custom" ] },
];
local less_targets = [
{ "os": "linux", distro: "redhat", "name": "el9", "isas": [ "amd64", "arm64" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "redhat", "name": "el8", "isas": [ "amd64", "arm64" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "ubuntu", "name": "jammy", "isas": [ "armv7", "amd64", "arm64" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "ubuntu", "name": "focal", "isas": [ "armv7", "amd64", "arm64" ], "events": [ "push", "tag", "custom" ] },
];
local native_targets = [
{ "os": "linux", distro: "debian", "name": "bullseye", "isas": [ "386", "armv7", "amd64", "arm64" ], "events": [ "push", "tag", "custom" ] },
];
local master_targets = [
//
// copypasta from here
//
{ "os": "linux", distro: "redhat", "name": "el9", "isas": [ "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "redhat", "name": "el8", "isas": [ "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "redhat", "name": "el7", "isas": [ "386", "amd64", "ppc64le"], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "amazon", "name": "amzn2", "isas": [ "amd64", "arm64" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "amazon", "name": "amzn2022", "isas": [ "amd64", "arm64" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "fedora", "name": "fc38", "isas": [ "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "fedora", "name": "fc37", "isas": [ "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "fedora", "name": "fc36", "isas": [ "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "ubuntu", "name": "jammy", "isas": [ "armv7", "amd64", "arm64", "ppc64le", "s390x", "riscv64" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "ubuntu", "name": "focal", "isas": [ "armv7", "amd64", "arm64", "ppc64le", "s390x", "riscv64" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "ubuntu", "name": "bionic", "isas": [ "386", "armv7", "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "ubuntu", "name": "xenial", "isas": [ "386", "armv7", "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "ubuntu", "name": "trusty", "isas": [ "386", "armv7", "amd64", "arm64" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "debian", "name": "sid", "isas": [ "386", "armv7", "amd64", "arm64", "mips64le", "ppc64le", "s390x", "riscv64" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "debian", "name": "bookworm", "isas": [ "386", "armv7", "amd64", "arm64", "mips64le", "ppc64le", "s390x" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "debian", "name": "bullseye", "isas": [ "386", "armv7", "amd64", "arm64", "mips64le", "ppc64le", "s390x" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "debian", "name": "buster", "isas": [ "386", "armv7", "amd64", "arm64" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "debian", "name": "stretch", "isas": [ "386", "armv7", "amd64", "arm64" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", distro: "debian", "name": "jessie", "isas": [ "386", "armv7", "amd64" ], "events": [ "push", "tag", "custom" ] },
{ "os": "windows", distro: "windows", "name": "win2k22", "isas": [ "amd64" ], "events": [ "push", "tag", "custom" ] }
];
//
// functions
//
local pipeline_type(os) = if os == "darwin" then "exec" else "docker";
local builder_image(os) = if os == "linux" then registry + "/honda-builder" else registry + "/windows-builder";
local tester_image(os) = if os == "linux" then registry + "/honda-builder" else registry + "/windows-tester";
local build_step_volumes(os) = if os == "linux" then [ { name: "zerotier-builds", path: "/zerotier-builds" } ] else [];
local release_step_volumes(os) = if os == "linux" then [ { name: "zerotier-releases", path: "/zerotier-releases" } ] else [];
local host_volumes(os) = if os == "linux" then [
{ name: "zerotier-builds", host: { path: "/zerotier-builds" } },
{ name: "zerotier-releases", host: { path: "/zerotier-releases" } },
] else [];
local index_image(distro) =
if distro == "debian" || distro == "ubuntu" then
registry + "/apt-builder"
else if distro == "redhat" || distro == "fedora" || distro == "amazon" then
registry + "/dnf-builder"
else if distro == "windows" then
registry + "/msi-builder"
;
local copy_commands(os, distro, name, isa, version) =
if os == "linux" then [
std.join(" ", [ "./ci/scripts/publish.sh", name, distro, isa, version, "${DRONE_BUILD_EVENT}" ])
]
else if os == "windows" then [
"C:\\scripts\\fix-ec2-metadata.ps1",
"Get-ChildItem windows",
// "aws s3 cp windows\\bytey-SetupFiles\\bytey.msi s3://zerotier-builds/windows/" + version + "/bytey.msi",
] else if os == "darwin" then [
"echo hello"
]
;
local index_commands(os, channel, distro, name, isas) =
if os == "linux" then
[ "/usr/local/bin/index " + channel + " " + distro + " " + name + " " + std.join(" ", isas) ]
else if os == "windows" then
[ "Get-ChildItem -Recurse windows" ]
;
local build_commands(os, distro, name, isa, version) =
if os == "linux" then
[ std.join(" ", [ "./ci/scripts/build.sh", name, distro, isa, version, "${DRONE_BUILD_EVENT}" ]) ]
else
if os == "windows" then
[ "windows/build.ps1", "windows/package.ps1" ]
else
if os == "darwin" then
[ "whoami" ]
;
local test_commands(os, distro, name, isa, version) =
if os == "linux" then
[ std.join(" ", [ "./ci/scripts/test.sh", name, distro, isa, version, "${DRONE_BUILD_EVENT}" ]) ]
else
if os == "windows" then
[ "windows/testpackage.ps1 " + version ]
;
//
// render
//
local Build(os, distro, name, isa, events) = {
"kind": "pipeline",
"type": pipeline_type(os),
"name": std.join(" ", [ name, isa, "build" ]),
"pull": "always",
"clone": { "depth": 1, [ if os == "darwin" then "disable" ]: true },
"steps": [
{
"name": "build",
"image": builder_image(os),
"commands": build_commands(os, distro, name, isa, "100.0.0+${DRONE_COMMIT_SHA:0:8}"),
"when": { "event": [ "push" ]},
},
{
"name": "release",
"image": builder_image(os),
"commands": build_commands(os, distro, name, isa, "${DRONE_TAG}"),
"when": { "event": [ "tag" ]},
},
{
"name": "copy build",
"image": builder_image(os),
"commands": copy_commands(os, distro, name, isa, "100.0.0+${DRONE_COMMIT_SHA:0:8}"),
"volumes": build_step_volumes(os),
"when": { "event": [ "push" ]},
},
{
"name": "copy relase",
"image": builder_image(os),
"commands": copy_commands(os, distro, name, isa, "${DRONE_TAG}"),
"volumes": release_step_volumes(os),
"when": { "event": [ "tag" ]},
},
],
"volumes": host_volumes(os),
"platform": { "os": os, [ if isa == "arm64" || isa == "armv7" then "arch" ]: "arm64" },
"trigger": { "event": events }
};
local Test(os, distro, name, isa, events) = {
"kind": "pipeline",
"type": pipeline_type(os),
"name": std.join(" ", [ name, isa, "test"]),
"pull": "always",
"clone": { "depth": 1 },
"steps": [
{
"name": "test build",
"image": tester_image(os),
"volumes": build_step_volumes(os),
"commands": test_commands(os, distro, name, isa, "100.0.0+${DRONE_COMMIT_SHA:0:8}"),
"when": { "event": [ "push" ]},
},
{
"name": "test release",
"image": tester_image(os),
"volumes": release_step_volumes(os),
"commands": test_commands(os, distro, name, isa, "${DRONE_TAG}"),
"when": { "event": [ "tag" ]},
},
],
"volumes": host_volumes(os),
"platform": { "os": os, [ if isa == "arm64" || isa == "armv7" then "arch" ]: "arm64" },
"depends_on": [ std.join(" ", [ name, "index" ]) ],
"trigger": { "event": events }
};
local Index(p) = {
"kind": "pipeline",
"type": pipeline_type(p.os),
"name": std.join(" ", [ p.name, "index" ]),
"pull": "always",
"clone": { "depth": 1 },
"steps": [
{
"name": "index build",
"image": index_image(p.distro),
"commands": index_commands(p.os, "zerotier-builds", p.distro, p.name, p.isas),
"volumes": build_step_volumes(p.os),
"environment":{ "GPG_PRIVATE_KEY": { from_secret: "gpg-private-key" }},
"when": { "event": [ "push" ]},
},
{
"name": "index release",
"image": index_image(p.distro),
"commands": index_commands(p.os, "zerotier-releases", p.distro, p.name, p.isas),
"volumes": release_step_volumes(p.os),
"environment":{ "GPG_PRIVATE_KEY": { from_secret: "gpg-private-key" }},
"when": { "event": [ "tag" ]},
},
],
"volumes": host_volumes(p.os),
"platform": { "os": p.os },
depends_on: std.flattenArrays([ [ std.join(" ", [ p.name, isa, "build" ]) ] for isa in p.isas ]),
"trigger": { "event": p.events }
};
//
// print
//
std.flattenArrays([
[
Build(p.os, p.distro, p.name, isa, p.events)
for isa in p.isas
] +
[
Index(p)
]
for p in native_targets
]) +
std.flattenArrays([
[
Test(p.os, p.distro, p.name, isa, p.events)
for isa in p.isas
]
for p in native_targets
])

465
.drone.yml Normal file
View file

@ -0,0 +1,465 @@
---
clone:
depth: 1
kind: pipeline
name: bullseye 386 build
platform:
os: linux
pull: always
steps:
- commands:
- ./ci/scripts/build.sh bullseye debian 386 100.0.0+${DRONE_COMMIT_SHA:0:8} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: build
when:
event:
- push
- commands:
- ./ci/scripts/build.sh bullseye debian 386 ${DRONE_TAG} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: release
when:
event:
- tag
- commands:
- ./ci/scripts/publish.sh bullseye debian 386 100.0.0+${DRONE_COMMIT_SHA:0:8} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: copy build
volumes:
- name: zerotier-builds
path: /zerotier-builds
when:
event:
- push
- commands:
- ./ci/scripts/publish.sh bullseye debian 386 ${DRONE_TAG} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: copy relase
volumes:
- name: zerotier-releases
path: /zerotier-releases
when:
event:
- tag
trigger:
event:
- push
- tag
- custom
type: docker
volumes:
- host:
path: /zerotier-builds
name: zerotier-builds
- host:
path: /zerotier-releases
name: zerotier-releases
---
clone:
depth: 1
kind: pipeline
name: bullseye armv7 build
platform:
arch: arm64
os: linux
pull: always
steps:
- commands:
- ./ci/scripts/build.sh bullseye debian armv7 100.0.0+${DRONE_COMMIT_SHA:0:8} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: build
when:
event:
- push
- commands:
- ./ci/scripts/build.sh bullseye debian armv7 ${DRONE_TAG} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: release
when:
event:
- tag
- commands:
- ./ci/scripts/publish.sh bullseye debian armv7 100.0.0+${DRONE_COMMIT_SHA:0:8}
${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: copy build
volumes:
- name: zerotier-builds
path: /zerotier-builds
when:
event:
- push
- commands:
- ./ci/scripts/publish.sh bullseye debian armv7 ${DRONE_TAG} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: copy relase
volumes:
- name: zerotier-releases
path: /zerotier-releases
when:
event:
- tag
trigger:
event:
- push
- tag
- custom
type: docker
volumes:
- host:
path: /zerotier-builds
name: zerotier-builds
- host:
path: /zerotier-releases
name: zerotier-releases
---
clone:
depth: 1
kind: pipeline
name: bullseye amd64 build
platform:
os: linux
pull: always
steps:
- commands:
- ./ci/scripts/build.sh bullseye debian amd64 100.0.0+${DRONE_COMMIT_SHA:0:8} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: build
when:
event:
- push
- commands:
- ./ci/scripts/build.sh bullseye debian amd64 ${DRONE_TAG} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: release
when:
event:
- tag
- commands:
- ./ci/scripts/publish.sh bullseye debian amd64 100.0.0+${DRONE_COMMIT_SHA:0:8}
${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: copy build
volumes:
- name: zerotier-builds
path: /zerotier-builds
when:
event:
- push
- commands:
- ./ci/scripts/publish.sh bullseye debian amd64 ${DRONE_TAG} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: copy relase
volumes:
- name: zerotier-releases
path: /zerotier-releases
when:
event:
- tag
trigger:
event:
- push
- tag
- custom
type: docker
volumes:
- host:
path: /zerotier-builds
name: zerotier-builds
- host:
path: /zerotier-releases
name: zerotier-releases
---
clone:
depth: 1
kind: pipeline
name: bullseye arm64 build
platform:
arch: arm64
os: linux
pull: always
steps:
- commands:
- ./ci/scripts/build.sh bullseye debian arm64 100.0.0+${DRONE_COMMIT_SHA:0:8} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: build
when:
event:
- push
- commands:
- ./ci/scripts/build.sh bullseye debian arm64 ${DRONE_TAG} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: release
when:
event:
- tag
- commands:
- ./ci/scripts/publish.sh bullseye debian arm64 100.0.0+${DRONE_COMMIT_SHA:0:8}
${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: copy build
volumes:
- name: zerotier-builds
path: /zerotier-builds
when:
event:
- push
- commands:
- ./ci/scripts/publish.sh bullseye debian arm64 ${DRONE_TAG} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: copy relase
volumes:
- name: zerotier-releases
path: /zerotier-releases
when:
event:
- tag
trigger:
event:
- push
- tag
- custom
type: docker
volumes:
- host:
path: /zerotier-builds
name: zerotier-builds
- host:
path: /zerotier-releases
name: zerotier-releases
---
clone:
depth: 1
depends_on:
- bullseye 386 build
- bullseye armv7 build
- bullseye amd64 build
- bullseye arm64 build
kind: pipeline
name: bullseye index
platform:
os: linux
pull: always
steps:
- commands:
- /usr/local/bin/index zerotier-builds debian bullseye 386 armv7 amd64 arm64
environment:
GPG_PRIVATE_KEY:
from_secret: gpg-private-key
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/apt-builder
name: index build
volumes:
- name: zerotier-builds
path: /zerotier-builds
when:
event:
- push
- commands:
- /usr/local/bin/index zerotier-releases debian bullseye 386 armv7 amd64 arm64
environment:
GPG_PRIVATE_KEY:
from_secret: gpg-private-key
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/apt-builder
name: index release
volumes:
- name: zerotier-releases
path: /zerotier-releases
when:
event:
- tag
trigger:
event:
- push
- tag
- custom
type: docker
volumes:
- host:
path: /zerotier-builds
name: zerotier-builds
- host:
path: /zerotier-releases
name: zerotier-releases
---
clone:
depth: 1
depends_on:
- bullseye index
kind: pipeline
name: bullseye 386 test
platform:
os: linux
pull: always
steps:
- commands:
- ./ci/scripts/test.sh bullseye debian 386 100.0.0+${DRONE_COMMIT_SHA:0:8} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: test build
volumes:
- name: zerotier-builds
path: /zerotier-builds
when:
event:
- push
- commands:
- ./ci/scripts/test.sh bullseye debian 386 ${DRONE_TAG} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: test release
volumes:
- name: zerotier-releases
path: /zerotier-releases
when:
event:
- tag
trigger:
event:
- push
- tag
- custom
type: docker
volumes:
- host:
path: /zerotier-builds
name: zerotier-builds
- host:
path: /zerotier-releases
name: zerotier-releases
---
clone:
depth: 1
depends_on:
- bullseye index
kind: pipeline
name: bullseye armv7 test
platform:
arch: arm64
os: linux
pull: always
steps:
- commands:
- ./ci/scripts/test.sh bullseye debian armv7 100.0.0+${DRONE_COMMIT_SHA:0:8} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: test build
volumes:
- name: zerotier-builds
path: /zerotier-builds
when:
event:
- push
- commands:
- ./ci/scripts/test.sh bullseye debian armv7 ${DRONE_TAG} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: test release
volumes:
- name: zerotier-releases
path: /zerotier-releases
when:
event:
- tag
trigger:
event:
- push
- tag
- custom
type: docker
volumes:
- host:
path: /zerotier-builds
name: zerotier-builds
- host:
path: /zerotier-releases
name: zerotier-releases
---
clone:
depth: 1
depends_on:
- bullseye index
kind: pipeline
name: bullseye amd64 test
platform:
os: linux
pull: always
steps:
- commands:
- ./ci/scripts/test.sh bullseye debian amd64 100.0.0+${DRONE_COMMIT_SHA:0:8} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: test build
volumes:
- name: zerotier-builds
path: /zerotier-builds
when:
event:
- push
- commands:
- ./ci/scripts/test.sh bullseye debian amd64 ${DRONE_TAG} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: test release
volumes:
- name: zerotier-releases
path: /zerotier-releases
when:
event:
- tag
trigger:
event:
- push
- tag
- custom
type: docker
volumes:
- host:
path: /zerotier-builds
name: zerotier-builds
- host:
path: /zerotier-releases
name: zerotier-releases
---
clone:
depth: 1
depends_on:
- bullseye index
kind: pipeline
name: bullseye arm64 test
platform:
arch: arm64
os: linux
pull: always
steps:
- commands:
- ./ci/scripts/test.sh bullseye debian arm64 100.0.0+${DRONE_COMMIT_SHA:0:8} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: test build
volumes:
- name: zerotier-builds
path: /zerotier-builds
when:
event:
- push
- commands:
- ./ci/scripts/test.sh bullseye debian arm64 ${DRONE_TAG} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: test release
volumes:
- name: zerotier-releases
path: /zerotier-releases
when:
event:
- tag
trigger:
event:
- push
- tag
- custom
type: docker
volumes:
- host:
path: /zerotier-builds
name: zerotier-builds
- host:
path: /zerotier-releases
name: zerotier-releases
---
kind: signature
hmac: 887a3ef78d3fe8f0149911e1e4876401dd7dd313b36eb893e791fa42f45d7768
...

4
.gitattributes vendored Normal file
View file

@ -0,0 +1,4 @@
ext/bin/tap-windows-ndis6/x64/zttap300.inf eol=crlf
ext/bin/tap-windows-ndis6/x64.old/zttap300.inf eol=crlf
ext/bin/tap-windows-ndis6/x86/zttap300.inf eol=crlf
windows/TapDriver6/zttap300.inf eol=crlf

31
.github/ISSUE_TEMPLATE/bugs-and-issues.md vendored Normal file
View file

@ -0,0 +1,31 @@
---
name: Bugs and Issues
about: Create a report to help us improve
title: ''
labels: NEEDS TRIAGE
assignees: ''
---
# Before filing a Bug Report
_Using these will ensure you get quicker support, and make this space available for code-related issues. Thank you!_
- [Docs Site](https://docs.zerotier.com/zerotier/troubleshooting) => Troubleshooting, quickstarts, and more advanced topics.
- [Discuss Forum](https://discuss.zerotier.com/) => Our discussion forum for users and support to mutually resolve issues & suggest ideas.
- [Reddit](https://www.reddit.com/r/zerotier/) => Our subreddit, which we monitor regularly and is fairly active.
- [Knowledge Base](https://zerotier.atlassian.net/wiki/spaces/SD/overview) => Older wiki.
If you are having a connection issue, it's much easier to diagnose through the discussion forum or the ticket system.
# If you still want to file a Bug Report
## Please let us know
- What you expect to be happening.
- What is actually happening?
- Any steps to reproduce the error.
- Any relevant console output or screenshots.
- What operating system and ZeroTier version. Please try the latest ZeroTier release.

13
.github/ISSUE_TEMPLATE/feature_request.md vendored Normal file
View file

@ -0,0 +1,13 @@
---
name: Feature request
about: Suggest an idea for this project
title: "[Feature Request] "
labels: suggestion
assignees: ''
---
If there is something you'd like to have added to ZeroTier, to go to https://discuss.zerotier.com/c/feature-requests/ instead. Issues there can be voted on and discussed in-depth.
Thank you!

15
.github/ISSUE_TEMPLATE/game-connection-issue.md vendored Normal file
View file

@ -0,0 +1,15 @@
---
name: Game Connection Issue
about: Game issues are better served by forum posts
title: Please go to our Discuss or Reddit for game-related issues. Thanks!
labels: wontfix
assignees: ''
---
Are you having trouble connecting to a game on your virtual network after installing ZeroTier?
- [ ] Yes
- [ ] No
If you answered yes, then it is very likely that your question would be better answered on our [Community Forums](https://discuss.zerotier.com) or [Reddit](https://www.reddit.com/r/zerotier/) community; we monitor both regularly. We also have extensive documentation on our [Knowledge Base](https://zerotier.atlassian.net/wiki/spaces/SD/overview). Thank you!

126
.github/workflows/build.yml vendored Normal file
View file

@ -0,0 +1,126 @@
on:
pull_request:
push:
workflow_dispatch:
jobs:
build_ubuntu:
runs-on: ubuntu-latest
steps:
- name: gitconfig
run: |
git config --global core.autocrlf input
# git config --global core.eol lf
- name: checkout
uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
targets: x86_64-unknown-linux-gnu
components: rustfmt, clippy
- name: Set up cargo cache
uses: Swatinem/rust-cache@v2
continue-on-error: false
with:
key: ${{ runner.os }}-cargo-${{ hashFiles('rustybits//Cargo.lock') }}
shared-key: ${{ runner.os }}-cargo-
workspaces: |
rustybits/
- name: make
run: make
- name: selftest
run: |
make selftest
./zerotier-selftest
- name: 'Tar files' # keeps permissions (execute)
run: tar -cvf zerotier-one.tar zerotier-one
- name: Archive production artifacts
uses: actions/upload-artifact@v4
with:
name: zerotier-one-ubuntu-x64
path: zerotier-one.tar
retention-days: 7
build_macos:
runs-on: macos-latest
steps:
- name: gitconfig
run: |
git config --global core.autocrlf input
# git config --global core.eol lf
- name: checkout
uses: actions/checkout@v4
- name: Install Rust aarch64
uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
target: aarch64-apple-darwin
components: rustfmt, clippy
- name: Install Rust x86_64
uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
target: x86_64-apple-darwin
components: rustfmt, clippy
- name: Set up cargo cache
uses: Swatinem/rust-cache@v2
continue-on-error: false
with:
key: ${{ runner.os }}-cargo-${{ hashFiles('rustybits//Cargo.lock') }}
shared-key: ${{ runner.os }}-cargo-
workspaces: |
rustybits/
- name: make
run: make
- name: selftest
run: |
make selftest
./zerotier-selftest
- name: 'Tar files' # keeps permissions (execute)
run: tar -cvf zerotier-one.tar zerotier-one
- name: Archive production artifacts
uses: actions/upload-artifact@v4
with:
name: zerotier-one-mac
path: zerotier-one.tar
retention-days: 7
build_windows:
runs-on: windows-latest
steps:
- name: gitconfig
run: |
git config --global core.autocrlf true
# git config --global core.eol lf
- name: checkout
uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
target: aarch64-apple-darwin
components: rustfmt, clippy
- name: Set up cargo cache
uses: Swatinem/rust-cache@v2
continue-on-error: false
with:
key: ${{ runner.os }}-cargo-${{ hashFiles('rustybits//Cargo.lock') }}
shared-key: ${{ runner.os }}-cargo-
workspaces: |
rustybits/
- name: setup msbuild
uses: microsoft/setup-msbuild@v2
- name: msbuild
run: |
msbuild windows\ZeroTierOne.sln /m /p:Configuration=Release /property:Platform=x64 /t:ZeroTierOne
- name: Archive production artifacts
uses: actions/upload-artifact@v4
with:
name: zerotier-one-windows
path: windows/Build
retention-days: 7

497
.github/workflows/validate-linux.sh vendored Executable file
View file

@ -0,0 +1,497 @@
#!/bin/bash
# This test script joins Earth and pokes some stuff
TEST_NETWORK=8056c2e21c000001
RUN_LENGTH=30
TEST_FINISHED=false
ZTO_VER=$(git describe --tags $(git rev-list --tags --max-count=1))
ZTO_COMMIT=$(git rev-parse HEAD)
ZTO_COMMIT_SHORT=$(git rev-parse --short HEAD)
TEST_DIR_PREFIX="$ZTO_VER-$ZTO_COMMIT_SHORT-test-results"
TEST_OK=0
TEST_FAIL=1
echo "Performing test on: $ZTO_VER-$ZTO_COMMIT_SHORT"
TEST_FILEPATH_PREFIX="$TEST_DIR_PREFIX/$ZTO_COMMIT_SHORT"
mkdir $TEST_DIR_PREFIX
# How long we will wait for ZT to come online before considering it a failure
MAX_WAIT_SECS=30
ZT_PORT_NODE_1=9996
ZT_PORT_NODE_2=9997
################################################################################
# Multi-node connectivity and performance test #
################################################################################
test() {
echo -e "\nPerforming pre-flight checks"
check_exit_on_invalid_identity
echo -e "\nRunning test for $RUN_LENGTH seconds"
export NS1="ip netns exec ns1"
export NS2="ip netns exec ns2"
export ZT1="$NS1 ./zerotier-cli -p9996 -D$(pwd)/node1"
# Specify custom port on one node to ensure that feature works
export ZT2="$NS2 ./zerotier-cli -p9997 -D$(pwd)/node2"
echo -e "\nSetting up network namespaces..."
echo "Setting up ns1"
ip netns add ns1
$NS1 ip link set dev lo up
ip link add veth0 type veth peer name veth1
ip link set veth1 netns ns1
ip addr add 192.168.0.1/24 dev veth0
ip link set dev veth0 up
$NS1 ip addr add 192.168.0.2/24 dev veth1
$NS1 ip link set dev veth1 up
# Add default route
$NS1 ip route add default via 192.168.0.1
iptables -t nat -A POSTROUTING -s 192.168.0.0/255.255.255.0 \
-o eth0 -j MASQUERADE
iptables -A FORWARD -i eth0 -o veth0 -j ACCEPT
iptables -A FORWARD -o eth0 -i veth0 -j ACCEPT
echo "Setting up ns2"
ip netns add ns2
$NS2 ip link set dev lo up
ip link add veth2 type veth peer name veth3
ip link set veth3 netns ns2
ip addr add 192.168.1.1/24 dev veth2
ip link set dev veth2 up
$NS2 ip addr add 192.168.1.2/24 dev veth3
$NS2 ip link set dev veth3 up
$NS2 ip route add default via 192.168.1.1
iptables -t nat -A POSTROUTING -s 192.168.1.0/255.255.255.0 \
-o eth0 -j MASQUERADE
iptables -A FORWARD -i eth0 -o veth2 -j ACCEPT
iptables -A FORWARD -o eth0 -i veth2 -j ACCEPT
# Allow forwarding
sysctl -w net.ipv4.ip_forward=1
################################################################################
# Memory Leak Check #
################################################################################
export FILENAME_MEMORY_LOG="$TEST_FILEPATH_PREFIX-memory.log"
echo -e "\nStarting a ZeroTier instance in each namespace..."
export time_test_start=$(date +%s)
# Spam the CLI as ZeroTier is starting
spam_cli 100
echo "Starting memory leak check"
$NS1 sudo valgrind --demangle=yes --exit-on-first-error=yes \
--error-exitcode=1 \
--xml=yes \
--xml-file=$FILENAME_MEMORY_LOG \
--leak-check=full \
./zerotier-one node1 -p$ZT_PORT_NODE_1 -U >>node_1.log 2>&1 &
# Second instance, not run in memory profiler
# Don't set up internet access until _after_ zerotier is running
# This has been a source of stuckness in the past.
$NS2 ip addr del 192.168.1.2/24 dev veth3
$NS2 sudo ./zerotier-one node2 -U -p$ZT_PORT_NODE_2 >>node_2.log 2>&1 &
sleep 10; # New HTTP control plane is a bit sluggish, so we delay here
check_bind_to_correct_ports $ZT_PORT_NODE_1
check_bind_to_correct_ports $ZT_PORT_NODE_2
$NS2 ip addr add 192.168.1.2/24 dev veth3
$NS2 ip route add default via 192.168.1.1
echo -e "\nPing from host to namespaces"
ping -c 3 192.168.0.1
ping -c 3 192.168.1.1
echo -e "\nPing from namespace to host"
$NS1 ping -c 3 192.168.0.1
$NS1 ping -c 3 192.168.0.1
$NS2 ping -c 3 192.168.0.2
$NS2 ping -c 3 192.168.0.2
echo -e "\nPing from ns1 to ns2"
$NS1 ping -c 3 192.168.0.1
echo -e "\nPing from ns2 to ns1"
$NS2 ping -c 3 192.168.0.1
################################################################################
# Online Check #
################################################################################
echo "Waiting for ZeroTier to come online before attempting test..."
node1_online=false
node2_online=false
both_instances_online=false
time_zt_node1_start=$(date +%s)
time_zt_node2_start=$(date +%s)
for ((s = 0; s <= $MAX_WAIT_SECS; s++)); do
node1_online="$($ZT1 -j info | jq '.online' 2>/dev/null)"
node2_online="$($ZT2 -j info | jq '.online' 2>/dev/null)"
echo "Checking for online status: try #$s, node1:$node1_online, node2:$node2_online"
if [[ "$node2_online" == "true" && "$node1_online" == "true" ]]; then
export both_instances_online=true
export time_to_both_nodes_online=$(date +%s)
break
fi
sleep 1
done
echo -e "\n\nContents of ZeroTier home paths:"
ls -lga node1
tree node1
ls -lga node2
tree node2
echo -e "\n\nRunning ZeroTier processes:"
echo -e "\nNode 1:\n"
$NS1 ps aux | grep zerotier-one
echo -e "\nNode 2:\n"
$NS2 ps aux | grep zerotier-one
echo -e "\n\nStatus of each instance:"
echo -e "\n\nNode 1:\n"
$ZT1 status
echo -e "\n\nNode 2:\n"
$ZT2 status
if [[ "$both_instances_online" != "true" ]]; then
exit_test_and_generate_report $TEST_FAIL "one or more nodes failed to come online"
fi
echo -e "\nJoining networks"
$ZT1 join $TEST_NETWORK
$ZT2 join $TEST_NETWORK
sleep 10
node1_ip4=$($ZT1 get $TEST_NETWORK ip4)
node2_ip4=$($ZT2 get $TEST_NETWORK ip4)
echo "node1_ip4=$node1_ip4"
echo "node2_ip4=$node2_ip4"
echo -e "\nPinging each node"
PING12_FILENAME="$TEST_FILEPATH_PREFIX-ping-1-to-2.txt"
PING21_FILENAME="$TEST_FILEPATH_PREFIX-ping-2-to-1.txt"
$NS1 ping -c 16 $node2_ip4 >$PING12_FILENAME
$NS2 ping -c 16 $node1_ip4 >$PING21_FILENAME
ping_loss_percent_1_to_2=$(cat $PING12_FILENAME |
grep "packet loss" | awk '{print $6}' | sed 's/%//')
ping_loss_percent_2_to_1=$(cat $PING21_FILENAME |
grep "packet loss" | awk '{print $6}' | sed 's/%//')
# Normalize loss value
export ping_loss_percent_1_to_2=$(echo "scale=2; $ping_loss_percent_1_to_2/100.0" | bc)
export ping_loss_percent_2_to_1=$(echo "scale=2; $ping_loss_percent_2_to_1/100.0" | bc)
################################################################################
# CLI Check #
################################################################################
echo "Testing basic CLI functionality..."
spam_cli 10
$ZT1 join $TEST_NETWORK
$ZT1 -h
$ZT1 -v
$ZT1 status
$ZT1 info
$ZT1 listnetworks
$ZT1 peers
$ZT1 listpeers
$ZT1 -j status
$ZT1 -j info
$ZT1 -j listnetworks
$ZT1 -j peers
$ZT1 -j listpeers
$ZT1 dump
$ZT1 get $TEST_NETWORK allowDNS
$ZT1 get $TEST_NETWORK allowDefault
$ZT1 get $TEST_NETWORK allowGlobal
$ZT1 get $TEST_NETWORK allowManaged
$ZT1 get $TEST_NETWORK bridge
$ZT1 get $TEST_NETWORK broadcastEnabled
$ZT1 get $TEST_NETWORK dhcp
$ZT1 get $TEST_NETWORK id
$ZT1 get $TEST_NETWORK mac
$ZT1 get $TEST_NETWORK mtu
$ZT1 get $TEST_NETWORK name
$ZT1 get $TEST_NETWORK netconfRevision
$ZT1 get $TEST_NETWORK nwid
$ZT1 get $TEST_NETWORK portDeviceName
$ZT1 get $TEST_NETWORK portError
$ZT1 get $TEST_NETWORK status
$ZT1 get $TEST_NETWORK type
# Test an invalid command
$ZT1 get $TEST_NETWORK derpderp
# TODO: Validate JSON
# Performance Test
export FILENAME_PERF_JSON="$TEST_FILEPATH_PREFIX-iperf.json"
echo -e "\nBeginning performance test:"
echo -e "\nStarting server:"
echo "$NS1 iperf3 -s &"
sleep 1
echo -e "\nStarting client:"
sleep 1
echo "$NS2 iperf3 --json -c $node1_ip4 > $FILENAME_PERF_JSON"
cat $FILENAME_PERF_JSON
# Let ZeroTier idle long enough for various timers
echo -e "\nIdling ZeroTier for $RUN_LENGTH seconds..."
sleep $RUN_LENGTH
echo -e "\nLeaving networks"
$ZT1 leave $TEST_NETWORK
$ZT2 leave $TEST_NETWORK
sleep 5
exit_test_and_generate_report $TEST_OK "completed test"
}
################################################################################
# Generate report #
################################################################################
exit_test_and_generate_report() {
echo -e "\nStopping memory check..."
sudo pkill -15 -f valgrind
sleep 10
time_test_end=$(date +%s)
echo "Exiting test with reason: $2 ($1)"
# Collect ZeroTier dump files
echo -e "\nCollecting ZeroTier dump files"
node1_id=$($ZT1 -j status | jq -r .address)
node2_id=$($ZT2 -j status | jq -r .address)
$ZT1 dump
mv zerotier_dump.txt "$TEST_FILEPATH_PREFIX-node-dump-$node1_id.txt"
$ZT2 dump
mv zerotier_dump.txt "$TEST_FILEPATH_PREFIX-node-dump-$node2_id.txt"
# Copy ZeroTier stdout/stderr logs
cp node_1.log "$TEST_FILEPATH_PREFIX-node-log-$node1_id.txt"
cp node_2.log "$TEST_FILEPATH_PREFIX-node-log-$node2_id.txt"
# Generate report
cat $FILENAME_MEMORY_LOG
DEFINITELY_LOST=$(xmlstarlet sel -t -v '/valgrindoutput/error/xwhat' \
$FILENAME_MEMORY_LOG | grep "definitely" | awk '{print $1;}')
POSSIBLY_LOST=$(xmlstarlet sel -t -v '/valgrindoutput/error/xwhat' \
$FILENAME_MEMORY_LOG | grep "possibly" | awk '{print $1;}')
# Generate coverage report artifact and summary
FILENAME_COVERAGE_JSON="$TEST_FILEPATH_PREFIX-coverage.json"
FILENAME_COVERAGE_HTML="$TEST_FILEPATH_PREFIX-coverage.html"
echo -e "\nGenerating coverage test report..."
gcovr -r . --exclude ext --json-summary $FILENAME_COVERAGE_JSON \
--html >$FILENAME_COVERAGE_HTML
cat $FILENAME_COVERAGE_JSON
COVERAGE_LINE_COVERED=$(cat $FILENAME_COVERAGE_JSON | jq .line_covered)
COVERAGE_LINE_TOTAL=$(cat $FILENAME_COVERAGE_JSON | jq .line_total)
COVERAGE_LINE_PERCENT=$(cat $FILENAME_COVERAGE_JSON | jq .line_percent)
COVERAGE_LINE_COVERED="${COVERAGE_LINE_COVERED:-0}"
COVERAGE_LINE_TOTAL="${COVERAGE_LINE_TOTAL:-0}"
COVERAGE_LINE_PERCENT="${COVERAGE_LINE_PERCENT:-0}"
# Default values
DEFINITELY_LOST="${DEFINITELY_LOST:-0}"
POSSIBLY_LOST="${POSSIBLY_LOST:-0}"
ping_loss_percent_1_to_2="${ping_loss_percent_1_to_2:-100.0}"
ping_loss_percent_2_to_1="${ping_loss_percent_2_to_1:-100.0}"
time_to_both_nodes_online="${time_to_both_nodes_online:--1}"
# Summarize and emit json for trend reporting
FILENAME_SUMMARY="$TEST_FILEPATH_PREFIX-summary.json"
time_length_test=$((time_test_end - time_test_start))
if [[ $time_to_both_nodes_online != -1 ]];
then
time_to_both_nodes_online=$((time_to_both_nodes_online - time_test_start))
fi
#time_length_zt_join=$((time_zt_join_end-time_zt_join_start))
#time_length_zt_leave=$((time_zt_leave_end-time_zt_leave_start))
#time_length_zt_can_still_ping=$((time_zt_can_still_ping-time_zt_leave_start))
summary=$(
cat <<EOF
{
"version":"$ZTO_VER",
"commit":"$ZTO_COMMIT",
"arch_m":"$(uname -m)",
"arch_a":"$(uname -a)",
"binary_size":"$(stat -c %s zerotier-one)",
"time_length_test":$time_length_test,
"time_to_both_nodes_online":$time_to_both_nodes_online,
"num_possible_bytes_lost": $POSSIBLY_LOST,
"num_definite_bytes_lost": $DEFINITELY_LOST,
"num_bad_formattings": $POSSIBLY_LOST,
"coverage_lines_covered": $COVERAGE_LINE_COVERED,
"coverage_lines_total": $COVERAGE_LINE_TOTAL,
"coverage_lines_percent": $COVERAGE_LINE_PERCENT,
"ping_loss_percent_1_to_2": $ping_loss_percent_1_to_2,
"ping_loss_percent_2_to_1": $ping_loss_percent_2_to_1,
"test_exit_code": $1,
"test_exit_reason":"$2"
}
EOF
)
echo $summary >$FILENAME_SUMMARY
cat $FILENAME_SUMMARY
exit 0
}
################################################################################
# CLI Check #
################################################################################
spam_cli() {
echo "Spamming CLI..."
# Rapidly spam the CLI with joins/leaves
MAX_TRIES="${1:-10}"
for ((s = 0; s <= MAX_TRIES; s++)); do
$ZT1 status
$ZT2 status
sleep 0.1
done
SPAM_TRIES=128
for ((s = 0; s <= SPAM_TRIES; s++)); do
$ZT1 join $TEST_NETWORK
done
for ((s = 0; s <= SPAM_TRIES; s++)); do
$ZT1 leave $TEST_NETWORK
done
for ((s = 0; s <= SPAM_TRIES; s++)); do
$ZT1 leave $TEST_NETWORK
$ZT1 join $TEST_NETWORK
done
}
################################################################################
# Check for proper exit on load of invalid identity #
################################################################################
check_exit_on_invalid_identity() {
echo "Checking ZeroTier exits on invalid identity..."
mkdir -p $(pwd)/exit_test
ZT1="sudo ./zerotier-one -p9999 $(pwd)/exit_test"
echo "asdfasdfasdfasdf" > $(pwd)/exit_test/identity.secret
echo "asdfasdfasdfasdf" > $(pwd)/exit_test/authtoken.secret
echo "Launch ZeroTier with an invalid identity"
$ZT1 &
my_pid=$!
echo "Waiting 5 seconds"
sleep 5
# check if process is running
kill -0 $my_pid
if [ $? -eq 0 ]; then
exit_test_and_generate_report $TEST_FAIL "Exit test FAILED: Process still running after being fed an invalid identity"
fi
}
################################################################################
# Check that we're binding to the primary port for TCP/TCP6/UDP #
################################################################################
check_bind_to_correct_ports() {
PORT_NUMBER=$1
echo "Checking bound ports:"
sudo netstat -anp | grep "$PORT_NUMBER" | grep "zerotier"
if [[ $(sudo netstat -anp | grep "$PORT_NUMBER" | grep "zerotier" | grep "tcp") ]];
then
:
else
exit_test_and_generate_report $TEST_FAIL "ZeroTier did not bind to tcp/$1"
fi
if [[ $(sudo netstat -anp | grep "$PORT_NUMBER" | grep "zerotier" | grep "tcp6") ]];
then
:
else
exit_test_and_generate_report $TEST_FAIL "ZeroTier did not bind to tcp6/$1"
fi
if [[ $(sudo netstat -anp | grep "$PORT_NUMBER" | grep "zerotier" | grep "udp") ]];
then
:
else
exit_test_and_generate_report $TEST_FAIL "ZeroTier did not bind to udp/$1"
fi
}
test "$@"

24
.github/workflows/validate-report.sh vendored Executable file
View file

@ -0,0 +1,24 @@
#!/bin/bash
################################################################################
# Set exit code depending on tool reports #
################################################################################
DEFINITELY_LOST=$(cat *test-results/*summary.json | jq .num_definite_bytes_lost)
EXIT_CODE=$(cat *test-results/*summary.json | jq .exit_code)
EXIT_REASON=$(cat *test-results/*summary.json | jq .exit_reason)
cat *test-results/*summary.json
echo -e "\nBytes of memory definitely lost: $DEFINITELY_LOST"
if [[ "$DEFINITELY_LOST" -gt 0 ]]; then
exit 1
fi
# Catch-all for other non-zero exit codes
if [[ "$EXIT_CODE" -gt 0 ]]; then
echo "Test failed: $EXIT_REASON"
exit 1
fi

57
.github/workflows/validate.yml vendored Normal file
View file

@ -0,0 +1,57 @@
on:
pull_request:
push:
workflow_dispatch:
jobs:
build_ubuntu:
runs-on: ubuntu-latest
steps:
- name: gitconfig
run: |
git config --global core.autocrlf input
- name: checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Install Rust
uses: actions-rs/toolchain@v1
with:
toolchain: stable
target: x86_64-unknown-linux-gnu
override: true
components: rustfmt, clippy
- name: Set up cargo cache
uses: Swatinem/rust-cache@v2
continue-on-error: false
with:
key: ${{ runner.os }}-cargo-${{ hashFiles('zeroidc//Cargo.lock') }}
shared-key: ${{ runner.os }}-cargo-
workspaces: |
zeroidc/
- name: validate-1m-linux
env:
CC: 'gcc'
CXX: 'g++'
BRANCH: ${{ github.ref_name }}
run: |
sudo apt install -y valgrind xmlstarlet gcovr iperf3 tree
make one ZT_COVERAGE=1 ZT_TRACE=1
sudo chmod +x ./.github/workflows/validate-linux.sh
sudo ./.github/workflows/validate-linux.sh
- name: Archive test results
uses: actions/upload-artifact@v4
with:
name: ${{github.sha}}-test-results
path: "*test-results*"
- name: final-report
run: |
sudo chmod +x ./.github/workflows/validate-report.sh
sudo ./.github/workflows/validate-report.sh

42
.gitignore vendored
View file

@ -1,16 +1,22 @@
<<<<<<< HEAD
# Main binaries created in *nix builds # Main binaries created in *nix builds
/zerotier-one /zerotier-one
/zerotier-idtool /zerotier-idtool
/zerotier-cli /zerotier-cli
/zerotier-selftest /zerotier-selftest
/zerotier /zerotier
/nltest
# IDE stuff
/.idea
/.nova
/compile_commands.json
# OS-created garbage files from various platforms # OS-created garbage files from various platforms
.DS_Store .DS_Store
.Apple* .Apple*
Thumbs.db Thumbs.db
@eaDir @eaDir
._*
# Windows build droppings # Windows build droppings
/windows/ZeroTierOne.sdf /windows/ZeroTierOne.sdf
@ -27,11 +33,10 @@ Thumbs.db
/windows/Release /windows/Release
/windows/WebUIWrapper/bin /windows/WebUIWrapper/bin
/windows/WebUIWrapper/obj /windows/WebUIWrapper/obj
/windows/lib
/ext/installfiles/windows/ZeroTier One-SetupFiles /ext/installfiles/windows/ZeroTier One-SetupFiles
/ext/installfiles/windows/Prerequisites
/ext/installfiles/windows/*-cache /ext/installfiles/windows/*-cache
/ZeroTier One.msi /ZeroTier One.msi
/windows/.vs
*.vcxproj.backup *.vcxproj.backup
/windows/TapDriver6/Win7Debug /windows/TapDriver6/Win7Debug
/windows/TapDriver6/win7Release /windows/TapDriver6/win7Release
@ -40,6 +45,7 @@ Thumbs.db
enc_temp_folder enc_temp_folder
/windows/copyutil/bin /windows/copyutil/bin
/windows/copyutil/obj /windows/copyutil/obj
.vs/
# *nix/Mac build droppings # *nix/Mac build droppings
/build-* /build-*
@ -49,18 +55,18 @@ enc_temp_folder
/world/mkworld /world/mkworld
/world/*.c25519 /world/*.c25519
zt1-src.tar.gz zt1-src.tar.gz
/MacEthernetTapAgent
# Miscellaneous temporaries, build files, etc. # Miscellaneous temporaries, build files, etc.
*.log *.log
*.opensdf *.opensdf
*.user *.user
*.cache *.cache
*.obj
*.tlog *.tlog
*.pid *.pid
*.pkg *.pkg
*.o *.o
*.a /*.a
*.dylib *.dylib
*.so *.so
*.so.* *.so.*
@ -78,6 +84,7 @@ debian/zerotier-one
debian/zerotier-one*.debhelper debian/zerotier-one*.debhelper
debian/*.log debian/*.log
debian/zerotier-one.substvars debian/zerotier-one.substvars
root-watcher/config.json
# Java/Android/JNI build droppings # Java/Android/JNI build droppings
java/obj/ java/obj/
@ -99,7 +106,6 @@ windows/ZeroTierOne/Debug/
*.swp *.swp
*~.nib *~.nib
DerivedData/ DerivedData/
build/
*.pbxuser *.pbxuser
*.mode1v3 *.mode1v3
*.mode2v3 *.mode2v3
@ -110,3 +116,27 @@ build/
!default.perspectivev3 !default.perspectivev3
*.xccheckout *.xccheckout
xcuserdata/ xcuserdata/
.vscode
__pycache__
*~
attic/world/*.c25519
attic/world/mkworld
workspace/
workspace2/
zeroidc/target/
tcp-proxy/target
#snapcraft specifics
/parts/
/stage/
/prime/
*.snap
.snapcraft
__pycache__
*.pyc
*_source.tar.bz2
snap/.snapcraft
tcp-proxy/tcp-proxy
rustybits/target

14
.kick Normal file
View file

@ -0,0 +1,14 @@
kick
kick
kick
kick
kick
kick
kick
kick
kick
kick
kick
kick
kick
kick

18
AUTHORS.md
View file

@ -1,7 +1,10 @@
# Authors and Third Party Code Licensing Information
## Primary Authors ## Primary Authors
* ZeroTier Core and ZeroTier One virtual networking service<br> * ZeroTier Core and ZeroTier One virtual networking service<br>
Adam Ierymenko / adam.ierymenko@zerotier.com Adam Ierymenko / adam.ierymenko@zerotier.com
Joseph Henry / joseph.henry@zerotier.com (QoS and multipath)
* Java JNI Interface to enable Android application development, and Android app itself (code for that is elsewhere)<br> * Java JNI Interface to enable Android application development, and Android app itself (code for that is elsewhere)<br>
Grant Limberg / glimberg@gmail.com Grant Limberg / glimberg@gmail.com
@ -25,7 +28,7 @@
## Third-Party Code ## Third-Party Code
ZeroTier includes the following third party code, either in ext/ or incorporated into the ZeroTier core. ZeroTier includes the following third party code, either in ext/ or incorporated into the ZeroTier core. This third party code remains licensed under its original license and is not subject to ZeroTier's BSL license.
* LZ4 compression algorithm by Yann Collet * LZ4 compression algorithm by Yann Collet
@ -45,13 +48,6 @@ ZeroTier includes the following third party code, either in ext/ or incorporated
* Home page: https://github.com/nlohmann/json * Home page: https://github.com/nlohmann/json
* License grant: MIT * License grant: MIT
* TunTapOSX by Mattias Nissler
* Files: ext/tap-mac/tuntap/*
* Home page: http://tuntaposx.sourceforge.net/
* License grant: BSD attribution no-endorsement
* ZeroTier Modifications: change interface name to zt#, increase max MTU, increase max devices
* tap-windows6 by the OpenVPN project * tap-windows6 by the OpenVPN project
* Files: windows/TapDriver6/* * Files: windows/TapDriver6/*
@ -71,3 +67,9 @@ ZeroTier includes the following third party code, either in ext/ or incorporated
* Files: ext/libnatpmp/* ext/miniupnpc/* * Files: ext/libnatpmp/* ext/miniupnpc/*
* Home page: http://miniupnp.free.fr/ * Home page: http://miniupnp.free.fr/
* License grant: BSD attribution no-endorsement * License grant: BSD attribution no-endorsement
* cpp-httplib by yhirose
* Files: ext/cpp-httplib/*
* Home page: https://github.com/yhirose/cpp-httplib
* License grant: MIT

12
CMakeLists.txt Normal file
View file

@ -0,0 +1,12 @@
# CMake build script for libzerotiercore.a
cmake_minimum_required (VERSION 2.8)
project (zerotiercore)
set (PROJ_DIR ${PROJECT_SOURCE_DIR})
set (ZT_DEFS -std=c++11)
file(GLOB core_src_glob ${PROJ_DIR}/node/*.cpp)
add_library(zerotiercore STATIC ${core_src_glob})
target_compile_options(zerotiercore PRIVATE ${ZT_DEFS})

11
COPYING
View file

@ -1,13 +1,8 @@
ZeroTier One, an endpoint server for the ZeroTier virtual network layer. ZeroTier One, an endpoint server for the ZeroTier virtual network layer.
Copyright © 20112016 ZeroTier, Inc. Copyright © 20112019 ZeroTier, Inc.
ZeroTier One is free software: you can redistribute it and/or modify ZeroTier is released under the terms of the BSL version 1.1. See the
it under the terms of the GNU General Public License as published by file LICENSE.txt for details.
the Free Software Foundation; either version 3 of the License, or (at
your option) any later version.
See the file LICENSE.GPL-3 for the text of the GNU GPL version 3.
If that file is not present, see <http://www.gnu.org/licenses/>.
.. ..
Local variables: Local variables:

28
Dockerfile.ci Normal file
View file

@ -0,0 +1,28 @@
# vim: ft=dockerfile
FROM ubuntu:21.04 as stage
RUN apt-get update -qq && apt-get -qq install make clang
COPY . .
RUN /usr/bin/make
RUN echo $PWD
RUN cp zerotier-one /usr/sbin
FROM ubuntu:21.04
COPY --from=stage /zerotier-one /usr/sbin
RUN ln -sf /usr/sbin/zerotier-one /usr/sbin/zerotier-idtool
RUN ln -sf /usr/sbin/zerotier-one /usr/sbin/zerotier-cli
RUN echo "${VERSION}" > /etc/zerotier-version
RUN rm -rf /var/lib/zerotier-one
RUN apt-get -qq update
RUN apt-get -qq install iproute2 net-tools fping 2ping iputils-ping iputils-arping
COPY entrypoint.sh.release /entrypoint.sh
RUN chmod 755 /entrypoint.sh
CMD []
ENTRYPOINT ["/entrypoint.sh"]

23
Dockerfile.release Normal file
View file

@ -0,0 +1,23 @@
# vim: ft=dockerfile
FROM debian:bookworm
ARG VERSION
RUN apt-get update -qq && apt-get install curl gpg -y
RUN mkdir -p /usr/share/zerotier && \
curl -o /usr/share/zerotier/tmp.asc "https://download.zerotier.com/contact%40zerotier.com.gpg" && \
gpg --no-default-keyring --keyring /usr/share/zerotier/zerotier.gpg --import /usr/share/zerotier/tmp.asc && \
rm -f /usr/share/zerotier/tmp.asc && \
echo "deb [signed-by=/usr/share/zerotier/zerotier.gpg] http://download.zerotier.com/debian/bookworm bookworm main" > /etc/apt/sources.list.d/zerotier.list
RUN apt-get update -qq && apt-get install zerotier-one=${VERSION} curl iproute2 net-tools iputils-ping openssl libssl3 -y
RUN rm -rf /var/lib/zerotier-one
COPY entrypoint.sh.release /entrypoint.sh
RUN chmod 755 /entrypoint.sh
HEALTHCHECK --interval=1s CMD bash /healthcheck.sh
CMD []
ENTRYPOINT ["/entrypoint.sh"]

82
Jenkinsfile vendored
View file

@ -1,82 +0,0 @@
#!/usr/bin/env groovy
node('master') {
def changelog = getChangeLog currentBuild
slackSend "Building ${env.JOB_NAME} #${env.BUILD_NUMBER} \n Change Log: \n ${changelog}"
}
parallel 'centos7': {
node('centos7') {
try {
checkout scm
stage('Build Centos 7') {
sh 'make -f make-linux.mk'
}
}
catch (err) {
currentBuild.result = "FAILURE"
slackSend color: '#ff0000', message: "${env.JOB_NAME} broken on Centos 7 (<${env.BUILD_URL}|Open>)"
throw err
}
}
}, 'android-ndk': {
node('android-ndk') {
try {
checkout scm
stage('Build Android NDK') {
sh "/android/android-ndk-r13b/ndk-build -C $WORKSPACE/java ZT1=${WORKSPACE}"
}
}
catch (err) {
currentBuild.result = "FAILURE"
slackSend color: '#ff0000', message: "${env.JOB_NAME} broken on Android NDK (<${env.BUILD_URL}|Open>)"
throw err
}
}
}, 'macOS': {
node('macOS') {
try {
checkout scm
stage('Build macOS') {
sh 'make -f make-mac.mk'
}
stage('Build macOS UI') {
sh 'cd macui && xcodebuild -target "ZeroTier One" -configuration Debug'
}
}
catch (err) {
currentBuild.result = "FAILURE"
slackSend color: '#ff0000', message: "${env.JOB_NAME} broken on macOS (<${env.BUILD_URL}|Open>)"
throw err
}
}
}, 'windows': {
node('windows') {
try {
checkout scm
stage('Build Windows') {
bat '''CALL "C:\\Program Files (x86)\\Microsoft Visual Studio 14.0\\VC\\vcvarsall.bat" amd64
git clean -dfx
msbuild windows\\ZeroTierOne.sln
'''
}
}
catch (err) {
currentBuild.result = "FAILURE"
slackSend color: '#ff0000', message: "${env.JOB_NAME} broken on Windows (<${env.BUILD_URL}|Open>)"
throw err
}
}
}
slackSend color: "#00ff00", message: "${env.JOB_NAME} #${env.BUILD_NUMBER} Complete (<${env.BUILD_URL}|Show More...>)"

339
LICENSE.GPL-2
View file

@ -1,339 +0,0 @@
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Lesser General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
<signature of Ty Coon>, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License.

149
LICENSE.txt Normal file
View file

@ -0,0 +1,149 @@
-----------------------------------------------------------------------------
Business Source License 1.1
License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
"Business Source License" is a trademark of MariaDB Corporation Ab.
-----------------------------------------------------------------------------
Parameters
Licensor: ZeroTier, Inc.
Licensed Work: ZeroTier Network Virtualization Engine 1.4.4
The Licensed Work is (c)2019 ZeroTier, Inc.
Additional Use Grant: You may make use of the Licensed Work, provided you
do not use it in any of the following ways:
* Sell hosted ZeroTier services as a "SaaS" Product
(1) Operate or sell access to ZeroTier root servers,
network controllers, or authorization key or certificate
generation components of the Licensed Work as a
for-profit service, regardless of whether the use of
these components is sold alone or is bundled with other
services. Note that this does not apply to the use of
ZeroTier behind the scenes to operate a service not
related to ZeroTier network administration.
* Create Non-Open-Source Commercial Derivative Works
(2) Link or directly include the Licensed Work in a
commercial or for-profit application or other product
not distributed under an Open Source Initiative (OSI)
compliant license. See: https://opensource.org/licenses
(3) Remove the name, logo, copyright, or other branding
material from the Licensed Work to create a "rebranded"
or "white labeled" version to distribute as part of
any commercial or for-profit product or service.
* Certain Government Uses
(4) Use or deploy the Licensed Work in a government
setting in support of any active government function
or operation with the exception of the following:
physical or mental health care, family and social
services, social welfare, senior care, child care, and
the care of persons with disabilities.
Change Date: 2026-01-01
Change License: Apache License version 2.0 as published by the Apache
Software Foundation
https://www.apache.org/licenses/
Alternative Licensing
If you would like to use the Licensed Work in any way that conflicts with
the stipulations of the Additional Use Grant, contact ZeroTier, Inc. to
obtain an alternative commercial license.
Visit us on the web at: https://www.zerotier.com/
Notice
The Business Source License (this document, or the "License") is not an Open
Source license. However, the Licensed Work will eventually be made available
under an Open Source License, as stated in this License.
For more information on the use of the Business Source License for ZeroTier
products, please visit our pricing page which contains license details and
and license FAQ: https://zerotier.com/pricing
For more information on the use of the Business Source License generally,
please visit the Adopting and Developing Business Source License FAQ at
https://mariadb.com/bsl-faq-adopting.
-----------------------------------------------------------------------------
Business Source License 1.1
Terms
The Licensor hereby grants you the right to copy, modify, create derivative
works, redistribute, and make non-production use of the Licensed Work. The
Licensor may make an Additional Use Grant, above, permitting limited
production use.
Effective on the Change Date, or the fourth anniversary of the first publicly
available distribution of a specific version of the Licensed Work under this
License, whichever comes first, the Licensor hereby grants you rights under
the terms of the Change License, and the rights granted in the paragraph
above terminate.
If your use of the Licensed Work does not comply with the requirements
currently in effect as described in this License, you must purchase a
commercial license from the Licensor, its affiliated entities, or authorized
resellers, or you must refrain from using the Licensed Work.
All copies of the original and modified Licensed Work, and derivative works
of the Licensed Work, are subject to this License. This License applies
separately for each version of the Licensed Work and the Change Date may vary
for each version of the Licensed Work released by Licensor.
You must conspicuously display this License on each original or modified copy
of the Licensed Work. If you receive the Licensed Work in original or
modified form from a third party, the terms and conditions set forth in this
License apply to your use of that work.
Any use of the Licensed Work in violation of this License will automatically
terminate your rights under this License for the current and all other
versions of the Licensed Work.
This License does not grant you any right in any trademark or logo of
Licensor or its affiliates (provided that you may use a trademark or logo of
Licensor as expressly required by this License).
TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
AN "AS IS" BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
TITLE.
-----------------------------------------------------------------------------
MariaDB hereby grants you permission to use this Licenses text to license
your works, and to refer to it using the trademark "Business Source License",
as long as you comply with the Covenants of Licensor below.
Covenants of Licensor
In consideration of the right to use this Licenses text and the "Business
Source License" name and trademark, Licensor covenants to MariaDB, and to all
other recipients of the licensed work to be provided by Licensor:
1. To specify as the Change License the GPL Version 2.0 or any later version,
or a license that is compatible with GPL Version 2.0 or a later version,
where "compatible" means that software provided under the Change License can
be included in a program with software provided under GPL Version 2.0 or a
later version. Licensor may specify additional Change Licenses without
limitation.
2. To either: (a) specify an additional grant of rights to use that does not
impose any additional restriction on the right granted in this License, as
the Additional Use Grant; or (b) insert the text "None".
3. To specify a Change Date.
4. Not to modify this License in any other way.

13
Makefile
View file

@ -17,8 +17,17 @@ ifeq ($(OSTYPE),FreeBSD)
include make-bsd.mk include make-bsd.mk
endif endif
ifeq ($(OSTYPE),OpenBSD) ifeq ($(OSTYPE),OpenBSD)
CC=egcc CC=clang
CXX=eg++ CXX=clang++
ZT_BUILD_PLATFORM=9 ZT_BUILD_PLATFORM=9
include make-bsd.mk include make-bsd.mk
endif endif
ifeq ($(OSTYPE),NetBSD)
include make-netbsd.mk
endif
drone:
@echo "rendering .drone.yaml from .drone.jsonnet"
drone jsonnet --format --stream
drone sign zerotier/ZeroTierOne --save

33
OFFICIAL-RELEASE-STEPS.md
View file

@ -13,9 +13,8 @@ The version must be incremented in all of the following files:
/zerotier-one.spec /zerotier-one.spec
/debian/changelog /debian/changelog
/ext/installfiles/mac/ZeroTier One.pkgproj /ext/installfiles/mac/ZeroTier One.pkgproj
/ext/installfiles/windows/chocolatey/zerotier-one.nuspec
/ext/installfiles/windows/ZeroTier One.aip /ext/installfiles/windows/ZeroTier One.aip
/windows/WinUI/AboutView.xaml ../DesktopUI/mac-app-template/ZeroTier.app/Contents/Info.plist
The final .AIP file can only be edited on Windows with [Advanced Installer Enterprise](http://www.advancedinstaller.com/). In addition to incrementing the version be sure that a new product code is generated. (The "upgrade code" GUID on the other hand must never change.) The final .AIP file can only be edited on Windows with [Advanced Installer Enterprise](http://www.advancedinstaller.com/). In addition to incrementing the version be sure that a new product code is generated. (The "upgrade code" GUID on the other hand must never change.)
@ -29,36 +28,6 @@ Mac's easy. Just type:
You will need [Packages](http://s.sudre.free.fr/Software/Packages/about.html) and our release signing key in the keychain. You will need [Packages](http://s.sudre.free.fr/Software/Packages/about.html) and our release signing key in the keychain.
## Linux
Mount the GPG key for *contact@zerotier.com* and then on an x86_64 box with a recent version of Docker and an Internet connection run:
make distclean
cd linux-build-farm
./build.sh
This will build i386 and x86_64 packages. Now ssh into our build Raspberry Pi and type `make debian` there to build the Raspbian armhf package. Copy it to `debian-jessie/` inside `linux-build-farm` so that it will be included in the repositories we generate. Now generate the YUM and APT repos:
rm -rf ~/.aptly*
rm -rf /tmp/zt-rpm-repo
./make-apt-repos.sh
./make-rpm-repos.sh
This will require the passphrase for *contact@zerotier.com*.
The contents of ~/.aptly/public must be published as `debian/` on `download.zerotier.com`. The contents of /tmp/zt-rpm-repo are published as `redhat/` on same.
## Windows ## Windows
First load the Visual Studio solution and rebuild the UI and ZeroTier One in both x64 and i386 `Release` mode. Then load [Advanced Installer Enterprise](http://www.advancedinstaller.com/), check that the version is correct, and build. The build will fail if any build artifacts are missing, and Windows must have our product singing key (from DigiCert) available to sign the resulting MSI file. The MSI must then be tested on at least a few different CLEAN Windows VMs to ensure that the installer is valid and properly signed. First load the Visual Studio solution and rebuild the UI and ZeroTier One in both x64 and i386 `Release` mode. Then load [Advanced Installer Enterprise](http://www.advancedinstaller.com/), check that the version is correct, and build. The build will fail if any build artifacts are missing, and Windows must have our product singing key (from DigiCert) available to sign the resulting MSI file. The MSI must then be tested on at least a few different CLEAN Windows VMs to ensure that the installer is valid and properly signed.
*After the MSI is published to download.zerotier.com in the proper RELEASE/#.#.#/dist subfolder for its version* the Chocolatey package must be rebuilt and published. Open a command prompt, change to `ext/installfiles/windows/chocolatey`, and type `choco pack`. Then use `choco push` to push it to Chocolatey (API key required).
choco pack
choco push zerotier-one.#.#.#.nupkg -s https://chocolatey.org/
Note that this does not cover rebuilding the drivers or their containing MSI projects, as this is typically not necessary and they are shipped in binary form in the repository for convenience.
## iOS, Android
... no docs here yet since this is done entirely out of band with regular installs.

73
README.docker.md Normal file
View file

@ -0,0 +1,73 @@
# ZeroTier One in a container!
**NOTE:** _Most of this information pertains to the docker image only. For more information about ZeroTier, check out the repository_: [here](https://github.com/zerotier/ZeroTierOne) or the [commercial website](https://www.zerotier.com).
[ZeroTier](https://www.zerotier.com) is a smart programmable Ethernet switch for planet Earth. It allows all networked devices, VMs, containers, and applications to communicate as if they all reside in the same physical data center or cloud region.
This is accomplished by combining a cryptographically addressed and secure peer to peer network (termed VL1) with an Ethernet emulation layer somewhat similar to VXLAN (termed VL2). Our VL2 Ethernet virtualization layer includes advanced enterprise SDN features like fine grained access control rules for network micro-segmentation and security monitoring.
All ZeroTier traffic is encrypted end-to-end using secret keys that only you control. Most traffic flows peer to peer, though we offer free (but slow) relaying for users who cannot establish peer to peer connections.
The goals and design principles of ZeroTier are inspired by among other things the original [Google BeyondCorp](https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/43231.pdf) paper and the [Jericho Forum](https://en.wikipedia.org/wiki/Jericho_Forum) with its notion of "deperimeterization."
Visit [ZeroTier's site](https://www.zerotier.com/) for more information and [pre-built binary packages](https://www.zerotier.com/download/). Apps for Android and iOS are available for free in the Google Play and Apple app stores.
ZeroTier is licensed under the [BSL version 1.1](https://mariadb.com/bsl11/). See [LICENSE.txt](https://github.com/zerotier/ZeroTierOne/blob/master/LICENSE.txt) and the [ZeroTier pricing page](https://www.zerotier.com/pricing) for details. ZeroTier is free to use internally in businesses and academic institutions and for non-commercial purposes. Certain types of commercial use such as building closed-source apps and devices based on ZeroTier or offering ZeroTier network controllers and network management as a SaaS service require a commercial license.
A small amount of third party code is also included in ZeroTier and is not subject to our BSL license. See [AUTHORS.md](https://github.com/zerotier/ZeroTierOne/blob/master/AUTHORS.md) for a list of third party code, where it is included, and the licenses that apply to it. All of the third party code in ZeroTier is liberally licensed (MIT, BSD, Apache, public domain, etc.).
## Building the docker image
Due to the network being a substrate for most applications and not an application unto itself, it makes sense that many people would want to build their own image based on our formula.
The image is based on `debian:buster`.
The `Dockerfile.release` file contains build instructions for building the described image in the rest of the README. The build is multi-arch and multi-release capable.
These build arguments power the build:
- `PACKAGE_BASEURL`: The base URL of the package repository to fetch from. (default: `https://download.zerotier.com/debian/buster/pool/main/z/zerotier-one/`)
- `ARCH`: The architecture of the package, in debian format. Must match your image arch. (default: `amd64`)
- `VERSION`: **REQUIRED** the version of ZeroTier to fetch.
You can build this image like so:
```
docker build -f Dockerfile.release -t mybuild --build-arg VERSION=1.6.5 .
```
## Using the docker image
The `entrypoint.sh` in the docker image is a little different; zerotier will be spawned in the background and the "main process" is actually just a sleeping shell script. This allows `zerotier-one` to gracefully terminate in some situations largely unique to docker.
The `zerotier/zerotier` image requires the `CAP_NET_ADMIN` capability and the `/dev/net/tun` device must be forwarded to it.
To join a network, simply supply it on the command-line; you can supply multiple networks.
```
docker run --name myzerotier --rm --cap-add NET_ADMIN --device /dev/net/tun zerotier/zerotier:latest abcdefdeadbeef00
```
Once joining all the networks you have provided, it will sleep until terminated. Note that in ZeroTier, joining a network does not necessarily mean you have an IP or can do anything, really. You will want to probe the control socket:
```
docker exec myzerotier zerotier-cli listnetworks
```
To ensure you have a network available before trying to listen on it. Without pre-configuring the identity, this usually means going to the central admin panel and clicking the checkmark against your zerotier identity.
### Environment Variables
You can control a few settings including the identity used and the authtoken used to interact with the control socket (which you can forward and access through `localhost:9993`).
- `ZEROTIER_JOIN_NETWORKS`: additional way to set networks to join.
- `ZEROTIER_API_SECRET`: replaces the `authtoken.secret` before booting and allows you to manage the control socket's authentication key.
- `ZEROTIER_IDENTITY_PUBLIC`: the `identity.public` file for zerotier-one. Use `zerotier-idtool` to generate one of these for you.
- `ZEROTIER_IDENTITY_SECRET`: the `identity.secret` file for zerotier-one. Use `zerotier-idtool` to generate one of these for you.
- `ZEROTIER_LOCAL_CONF`: Sets the the `local.conf` file content for zerotier-one
### Tips
- Forwarding port `<dockerip>:9993` to somewhere outside is probably a good idea for highly trafficked services.
- Forwarding `localhost:9993` to a control network where you can drive it remotely might be a good idea, just be sure to set your authtoken properly through environment variables.
- Pre-generating your identities could be much simpler to do via our [terraform plugin](https://github.com/zerotier/terraform-provider-zerotier)

186
README.md
View file

@ -1,32 +1,34 @@
ZeroTier - A Planetary Ethernet Switch ZeroTier - Global Area Networking
====== ======
ZeroTier is an enterprise Ethernet switch for planet Earth. *This document is written for a software developer audience. For information on using ZeroTier, see the: [Website](https://www.zerotier.com), [Documentation Site](https://docs.zerotier.com), and [Discussion Forum](https://discuss.zerotier.com).*
It erases the LAN/WAN distinction and makes VPNs, tunnels, proxies, and other kludges arising from the inflexible nature of physical networks obsolete. Everything is encrypted end-to-end and traffic takes the most direct (peer to peer) path available. ZeroTier is a smart programmable Ethernet switch for planet Earth. It allows all networked devices, VMs, containers, and applications to communicate as if they all reside in the same physical data center or cloud region.
Visit [ZeroTier's site](https://www.zerotier.com/) for more information and [pre-built binary packages](https://www.zerotier.com/download.shtml). Apps for Android and iOS are available for free in the Google Play and Apple app stores. This is accomplished by combining a cryptographically addressed and secure peer to peer network (termed VL1) with an Ethernet emulation layer somewhat similar to VXLAN (termed VL2). Our VL2 Ethernet virtualization layer includes advanced enterprise SDN features like fine grained access control rules for network micro-segmentation and security monitoring.
All ZeroTier traffic is encrypted end-to-end using secret keys that only you control. Most traffic flows peer to peer, though we offer free (but slow) relaying for users who cannot establish peer to peer connections.
The goals and design principles of ZeroTier are inspired by among other things the original [Google BeyondCorp](https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/43231.pdf) paper and the [Jericho Forum](https://en.wikipedia.org/wiki/Jericho_Forum) with its notion of "deperimeterization."
Visit [ZeroTier's site](https://www.zerotier.com/) for more information and [pre-built binary packages](https://www.zerotier.com/download/). Apps for Android and iOS are available for free in the Google Play and Apple app stores.
ZeroTier is licensed under the [BSL version 1.1](https://mariadb.com/bsl11/). See [LICENSE.txt](LICENSE.txt) and the [ZeroTier pricing page](https://www.zerotier.com/pricing) for details. ZeroTier is free to use internally in businesses and academic institutions and for non-commercial purposes. Certain types of commercial use such as building closed-source apps and devices based on ZeroTier or offering ZeroTier network controllers and network management as a SaaS service require a commercial license.
A small amount of third party code is also included in ZeroTier and is not subject to our BSL license. See [AUTHORS.md](AUTHORS.md) for a list of third party code, where it is included, and the licenses that apply to it. All of the third party code in ZeroTier is liberally licensed (MIT, BSD, Apache, public domain, etc.).
### Getting Started ### Getting Started
ZeroTier's basic operation is easy to understand. Devices have 10-digit *ZeroTier addresses* like `89e92ceee5` and networks have 16-digit network IDs like `8056c2e21c000001`. All it takes for a device to join a network is its 16-digit ID, and all it takes for a network to authorize a device is its 10-digit address. Everything else is automatic. Everything in the ZeroTier world is controlled by two types of identifier: 40-bit/10-digit *ZeroTier addresses* and 64-bit/16-digit *network IDs*. These identifiers are easily distinguished by their length. A ZeroTier address identifies a node or "device" (laptop, phone, server, VM, app, etc.) while a network ID identifies a virtual Ethernet network that can be joined by devices.
A "device" in our terminology is any "unit of compute" capable of talking to a network: desktops, laptops, phones, servers, VMs/VPSes, containers, and even user-space applications via our [SDK](https://github.com/zerotier/ZeroTierSDK). ZeroTier addresses can be thought of as port numbers on an enormous planet-wide enterprise Ethernet smart switch supporting VLANs. Network IDs are VLAN IDs to which these ports may be assigned. A single port can be assigned to more than one VLAN.
For testing purposes we provide a public virtual network called *Earth* with network ID `8056c2e21c000001`. You can join it with: A ZeroTier address looks like `8056c2e21c` and a network ID looks like `8056c2e21c000001`. Network IDs are composed of the ZeroTier address of that network's primary controller and an arbitrary 24-bit ID that identifies the network on this controller. Network controllers are roughly analogous to SDN controllers in SDN protocols like [OpenFlow](https://en.wikipedia.org/wiki/OpenFlow), though as with the analogy between VXLAN and VL2 this should not be read to imply that the protocols or design are the same. You can use our convenient and inexpensive SaaS hosted controllers at [my.zerotier.com](https://my.zerotier.com/) or [run your own controller](controller/) if you don't mind messing around with JSON configuration files or writing scripts to do so.
sudo zerotier-cli join 8056c2e21c000001
Now wait about 30 seconds and check your system with `ip addr list` or `ifconfig`. You'll see a new interface whose name starts with *zt* and it should quickly get an IPv4 and an IPv6 address. Once you see it get an IP, try pinging `earth.zerotier.net` at `29.209.112.93`. If you've joined Earth from more than one system, try pinging your other machine. If you don't want to belong to a giant Ethernet party line anymore, just type:
sudo zerotier-cli leave 8056c2e21c000001
The *zt* interface will disappear. You're no longer on the network.
To create networks of your own, you'll need a network controller. ZeroTier One (for desktops and servers) includes controller functionality in its default build that can be configured via its JSON API (see [README.md in controller/](controller/)). ZeroTier provides a hosted solution with a nice web UI and SaaS add-ons at [my.zerotier.com](https://my.zerotier.com/). Basic controller functionality is free for up to 100 devices.
### Project Layout ### Project Layout
The base path contains the ZeroTier One service main entry point (`one.cpp`), self test code, makefiles, etc.
- `artwork/`: icons, logos, etc. - `artwork/`: icons, logos, etc.
- `attic/`: old stuff and experimental code that we want to keep around for reference. - `attic/`: old stuff and experimental code that we want to keep around for reference.
- `controller/`: the reference network controller implementation, which is built and included by default on desktop and server build targets. - `controller/`: the reference network controller implementation, which is built and included by default on desktop and server build targets.
@ -35,91 +37,161 @@ To create networks of your own, you'll need a network controller. ZeroTier One (
- `ext/`: third party libraries, binaries that we ship for convenience on some platforms (Mac and Windows), and installation support files. - `ext/`: third party libraries, binaries that we ship for convenience on some platforms (Mac and Windows), and installation support files.
- `include/`: include files for the ZeroTier core. - `include/`: include files for the ZeroTier core.
- `java/`: a JNI wrapper used with our Android mobile app. (The whole Android app is not open source but may be made so in the future.) - `java/`: a JNI wrapper used with our Android mobile app. (The whole Android app is not open source but may be made so in the future.)
- `macui/`: a Macintosh menu-bar app for controlling ZeroTier One, written in Objective C.
- `node/`: the ZeroTier virtual Ethernet switch core, which is designed to be entirely separate from the rest of the code and able to be built as a stand-alone OS-independent library. Note to developers: do not use C++11 features in here, since we want this to build on old embedded platforms that lack C++11 support. C++11 can be used elsewhere. - `node/`: the ZeroTier virtual Ethernet switch core, which is designed to be entirely separate from the rest of the code and able to be built as a stand-alone OS-independent library. Note to developers: do not use C++11 features in here, since we want this to build on old embedded platforms that lack C++11 support. C++11 can be used elsewhere.
- `osdep/`: code to support and integrate with OSes, including platform-specific stuff only built for certain targets. - `osdep/`: code to support and integrate with OSes, including platform-specific stuff only built for certain targets.
- `rule-compiler/`: JavaScript rules language compiler for defining network-level rules.
- `service/`: the ZeroTier One service, which wraps the ZeroTier core and provides VPN-like connectivity to virtual networks for desktops, laptops, servers, VMs, and containers. - `service/`: the ZeroTier One service, which wraps the ZeroTier core and provides VPN-like connectivity to virtual networks for desktops, laptops, servers, VMs, and containers.
- `tcp-proxy/`: TCP proxy code run by ZeroTier, Inc. to provide TCP fallback (this will die soon!). - `windows/`: Visual Studio solution files, Windows service code, and the Windows task bar app UI.
- `windows/`: Visual Studio solution files, Windows service code for ZeroTier One, and the Windows task bar app UI. - `zeroidc/`: OIDC implementation used by ZeroTier service to log into SSO-enabled networks. (This part is written in Rust, and more Rust will be appearing in this repository in the future.)
The base path contains the ZeroTier One service main entry point (`one.cpp`), self test code, makefiles, etc. ### Contributing
Please do pull requests off of the `dev` branch.
Releases are done by merging `dev` into `main` and then tagging and doing builds.
### Build and Platform Notes ### Build and Platform Notes
To build on Mac and Linux just type `make`. On FreeBSD and OpenBSD `gmake` (GNU make) is required and can be installed from packages or ports. For Windows there is a Visual Studio solution in `windows/'. To build on Mac and Linux just type `make`. On FreeBSD and OpenBSD `gmake` (GNU make) is required and can be installed from packages or ports. For Windows there is a Visual Studio solution in `windows/`.
- **Mac** - **Mac**
- Xcode command line tools for OSX 10.7 or newer are required. - Xcode command line tools for macOS 10.13 or newer are required.
- Tap device driver kext source is in `ext/tap-mac` and a signed pre-built binary can be found in `ext/bin/tap-mac`. You should not need to build it yourself. It's a fork of [tuntaposx](http://tuntaposx.sourceforge.net) with device names changed to `zt#`, support for a larger MTU, and tun functionality removed. - Rust for x86_64 and ARM64 targets *if SSO is enabled in the build*.
- **Linux** - **Linux**
- The minimum compiler versions required are GCC/G++ 4.9.3 or CLANG/CLANG++ 3.4.2. - The minimum compiler versions required are GCC/G++ 8.x or CLANG/CLANG++ 5.x.
- Linux makefiles automatically detect and prefer clang/clang++ if present as it produces smaller and slightly faster binaries in most cases. You can override by supplying CC and CXX variables on the make command line. - Linux makefiles automatically detect and prefer clang/clang++ if present as it produces smaller and slightly faster binaries in most cases. You can override by supplying CC and CXX variables on the make command line.
- CentOS 7 ships with a version of GCC/G++ that is too old, but a new enough version of CLANG can be found in the *epel* repositories. Type `yum install epel-release` and then `yum install clang` to build there. - Rust for x86_64 and ARM64 targets *if SSO is enabled in the build*.
- **Windows** - **Windows**
- Windows 7 or newer (and equivalent server versions) are supported. This *may* work on Vista but you're on your own there. Windows XP is not supported since it lacks many important network API functions. - Visual Studio 2022 on Windows 10 or newer.
- We build with Visual Studio 2015. Older versions may not work with the solution file and project files we ship and may not have new enough C++11 support. - Rust for x86_64 and ARM64 targets *if SSO is enabled in the build*.
- Pre-built signed Windows drivers are included in `ext/bin/tap-windows-ndis6`. The MSI files found there will install them on 32-bit and 64-bit systems. (These are included in our multi-architecture installer as chained MSIs.)
- Windows builds are more painful in general than other platforms and are for the adventurous.
- **FreeBSD** - **FreeBSD**
- Tested most recently on FreeBSD-11. Older versions may work but we're not sure. - GNU make is required. Type `gmake` to build.
- GCC/G++ 4.9 and gmake are required. These can be installed from packages or ports. Type `gmake` to build. - `binutils` is required. Type `pkg install binutils` to install.
- Rust for x86_64 and ARM64 targets *if SSO is enabled in the build*.
- **OpenBSD** - **OpenBSD**
- There is a limit of four network memberships on OpenBSD as there are only four tap devices (`/dev/tap0` through `/dev/tap3`). We're not sure if this can be increased. - There is a limit of four network memberships on OpenBSD as there are only four tap devices (`/dev/tap0` through `/dev/tap3`).
- OpenBSD lacks `getifmaddrs` (or any equivalent method) to get interface multicast memberships. As a result multicast will only work on OpenBSD for ARP and NDP (IP/MAC lookup) and not for other purposes. - GNU make is required. Type `gmake` to build.
- Only tested on OpenBSD 6.0. Older versions may not work. - Rust for x86_64 and ARM64 targets *if SSO is enabled in the build*.
- GCC/G++ 4.9 and gmake are required and can be installed using `pkg_add` or from ports. They get installed in `/usr/local/bin` as `egcc` and `eg++` and our makefile is pre-configured to use them on OpenBSD.
Typing `make selftest` will build a *zerotier-selftest* binary which unit tests various internals and reports on a few aspects of the build environment. It's a good idea to try this on novel platforms or architectures. Typing `make selftest` will build a *zerotier-selftest* binary which unit tests various internals and reports on a few aspects of the build environment. It's a good idea to try this on novel platforms or architectures.
### Running ### Running
Running *zerotier-one* with -h will show help. Running *zerotier-one* with `-h` option will show help.
On Linux and BSD you can start the service with: On Linux and BSD, if you built from source, you can start the service with:
sudo ./zerotier-one -d sudo ./zerotier-one -d
On most distributions, macOS, and Windows, the installer will start the service and set it up to start on boot.
A home folder for your system will automatically be created. A home folder for your system will automatically be created.
The service is controlled via the JSON API, which by default is available at 127.0.0.1 port 9993. We include a *zerotier-cli* command line utility to make API calls for standard things like joining and leaving networks. The *authtoken.secret* file in the home folder contains the secret token for accessing this API. See README.md in [service/](service/) for API documentation. The service is controlled via the JSON API, which by default is available at `127.0.0.1:9993`. It also listens on `0.0.0.0:9993` which is only usable if `allowManagementFrom` is properly configured in `local.conf`. We include a *zerotier-cli* command line utility to make API calls for standard things like joining and leaving networks. The *authtoken.secret* file in the home folder contains the secret token for accessing this API. See [service/README.md](service/README.md) for API documentation.
Here's where home folders live (by default) on each OS: Here's where home folders live (by default) on each OS:
* **Linux**: `/var/lib/zerotier-one` * **Linux**: `/var/lib/zerotier-one`
* **FreeBSD** / **OpenBSD**: `/var/db/zerotier-one` * **FreeBSD** / **OpenBSD**: `/var/db/zerotier-one`
* **Mac**: `/Library/Application Support/ZeroTier/One` * **Mac**: `/Library/Application Support/ZeroTier/One`
* **Windows**: `\ProgramData\ZeroTier\One` (That's for Windows 7. The base 'shared app data' folder might be different on different Windows versions.) * **Windows**: `\ProgramData\ZeroTier\One` (That's the default. The base 'shared app data' folder might be different if Windows is installed with a non-standard drive letter assignment or layout.)
Running ZeroTier One on a Mac is the same, but OSX requires a kernel extension. We ship a signed binary build of the ZeroTier tap device driver, which can be installed on Mac with: ### Basic Troubleshooting
sudo make install-mac-tap
This will create the home folder for Mac, place *tap.kext* there, and set its modes correctly to enable ZeroTier One to manage it with *kextload* and *kextunload*.
### Troubleshooting
For most users, it just works. For most users, it just works.
If you are running a local system firewall, we recommend adding a rule permitting UDP port 9993 inbound and outbound. If you installed binaries for Windows this should be done automatically. Other platforms might require manual editing of local firewall rules depending on your configuration. If you are running a local system firewall, we recommend adding a rules permitting zerotier. If you installed binaries for Windows this should be done automatically. Other platforms might require manual editing of local firewall rules depending on your configuration.
The Mac firewall can be found under "Security" in System Preferences. Linux has a variety of firewall configuration systems and tools. If you're using Ubuntu's *ufw*, you can do this: See the [documentation site](https://docs.zerotier.com/zerotier/troubleshooting) for more information.
sudo ufw allow 9993/udp The Mac firewall can be found under "Security" in System Preferences. Linux has a variety of firewall configuration systems and tools.
On CentOS check `/etc/sysconfig/iptables` for IPTables rules. For other distributions consult your distribution's documentation. You'll also have to check the UIs or documentation for commercial third party firewall applications like Little Snitch (Mac), McAfee Firewall Enterprise (Windows), etc. if you are running any of those. Some corporate environments might have centrally managed firewall software, so you might also have to contact IT. On CentOS check `/etc/sysconfig/iptables` for IPTables rules. For other distributions consult your distribution's documentation. You'll also have to check the UIs or documentation for commercial third party firewall applications like Little Snitch (Mac), McAfee Firewall Enterprise (Windows), etc. if you are running any of those. Some corporate environments might have centrally managed firewall software, so you might also have to contact IT.
ZeroTier One peers will automatically locate each other and communicate directly over a local wired LAN *if UDP port 9993 inbound is open*. If that port is filtered, they won't be able to see each others' LAN announcement packets. If you're experiencing poor performance between devices on the same physical network, check their firewall settings. Without LAN auto-location peers must attempt "loopback" NAT traversal, which sometimes fails and in any case requires that every packet traverse your external router twice. ZeroTier One peers will automatically locate each other and communicate directly over a local wired LAN *if UDP port 9993 inbound is open*. If that port is filtered, they won't be able to see each others' LAN announcement packets. If you're experiencing poor performance between devices on the same physical network, check their firewall settings. Without LAN auto-location peers must attempt "loopback" NAT traversal, which sometimes fails and in any case requires that every packet traverse your external router twice.
Users behind certain types of firewalls and "symmetric" NAT devices may not able able to connect to external peers directly at all. ZeroTier has limited support for port prediction and will *attempt* to traverse symmetric NATs, but this doesn't always work. If P2P connectivity fails you'll be bouncing UDP packets off our relay servers resulting in slower performance. Some NAT router(s) have a configurable NAT mode, and setting this to "full cone" will eliminate this problem. If you do this you may also see a magical improvement for things like VoIP phones, Skype, BitTorrent, WebRTC, certain games, etc., since all of these use NAT traversal techniques similar to ours. Users behind certain types of firewalls and "symmetric" NAT devices may not be able to connect to external peers directly at all. ZeroTier has limited support for port prediction and will *attempt* to traverse symmetric NATs, but this doesn't always work. If P2P connectivity fails you'll be bouncing UDP packets off our relay servers resulting in slower performance. Some NAT router(s) have a configurable NAT mode, and setting this to "full cone" will eliminate this problem. If you do this you may also see a magical improvement for things like VoIP phones, Skype, BitTorrent, WebRTC, certain games, etc., since all of these use NAT traversal techniques similar to ours.
If you're interested, there's a [technical deep dive about NAT traversal on our blog](https://www.zerotier.com/blog/?p=226). A troubleshooting tool to help you diagnose NAT issues is planned for the future as are uPnP/IGD/NAT-PMP and IPv6 transport.
If a firewall between you and the Internet blocks ZeroTier's UDP traffic, you will fall back to last-resort TCP tunneling to rootservers over port 443 (https impersonation). This will work almost anywhere but is *very slow* compared to UDP or direct peer to peer connectivity. If a firewall between you and the Internet blocks ZeroTier's UDP traffic, you will fall back to last-resort TCP tunneling to rootservers over port 443 (https impersonation). This will work almost anywhere but is *very slow* compared to UDP or direct peer to peer connectivity.
### Contributing Additional help can be found in our [knowledge base](https://zerotier.atlassian.net/wiki/spaces/SD/overview).
Please make pull requests against the `dev` branch. The `master` branch is release, and `edge` is for unstable and work in progress changes and is not likely to work. ### Prometheus Metrics
### License Prometheus Metrics are available at the `/metrics` API endpoint. This endpoint is protected by an API key stored in `metricstoken.secret` to prevent unwanted information leakage. Information that could be gleaned from the metrics include joined networks and peers your instance is talking to.
The ZeroTier source code is open source and is licensed under the GNU GPL v3 (not LGPL). If you'd like to embed it in a closed-source commercial product or appliance, please e-mail [contact@zerotier.com](mailto:contact@zerotier.com) to discuss commercial licensing. Otherwise it can be used for free. Access control is via the ZeroTier control interface itself and `metricstoken.secret`. This can be sent as a bearer auth token, via the `X-ZT1-Auth` HTTP header field, or appended to the URL as `?auth=<token>`. You can see the current metrics via `cURL` with the following command:
// Linux
curl -H "X-ZT1-Auth: $(sudo cat /var/lib/zerotier-one/metricstoken.secret)" http://localhost:9993/metrics
// macOS
curl -H "X-ZT1-Auth: $(sudo cat /Library/Application\ Support/ZeroTier/One/metricstoken.secret)" http://localhost:9993/metrics
// Windows PowerShell (Admin)
Invoke-RestMethod -Headers @{'X-ZT1-Auth' = "$(Get-Content C:\ProgramData\ZeroTier\One\metricstoken.secret)"; } -Uri http://localhost:9993/metrics
To configure a scrape job in Prometheus on the machine ZeroTier is running on, add this to your Prometheus `scrape_config`:
- job_name: zerotier-one
honor_labels: true
scrape_interval: 15s
metrics_path: /metrics
static_configs:
- targets:
- 127.0.0.1:9993
labels:
group: zerotier-one
node_id: $YOUR_10_CHARACTER_NODE_ID
authorization:
credentials: $YOUR_METRICS_TOKEN_SECRET
If neither of these methods are desirable, it is probably possible to distribute metrics via [Prometheus Proxy](https://github.com/pambrose/prometheus-proxy) or some other tool. Note: We have not tested this internally, but will probably work with the correct configuration.
Metrics are also available on disk in ZeroTier's working directory:
// Linux
/var/lib/zerotier-one/metrics.prom
// macOS
/Library/Application\ Support/ZeroTier/One/metrics.prom
//Windows
C:\ProgramData\ZeroTier\One\metrics.prom
#### Available Metrics
| Metric Name | Labels | Metric Type | Description |
| --- | --- | --- | --- |
| zt_packet | packet_type, direction | Counter | ZeroTier packet type counts |
| zt_packet_error | error_type, direction | Counter | ZeroTier packet errors|
| zt_data | protocol, direction | Counter | number of bytes ZeroTier has transmitted or received |
| zt_num_networks | | Gauge | number of networks this instance is joined to |
| zt_network_multicast_groups_subscribed | network_id | Gauge | number of multicast groups networks are subscribed to |
| zt_network_packets | network_id, direction | Counter | number of incoming/outgoing packets per network |
| zt_peer_latency | node_id | Histogram | peer latency (ms) |
| zt_peer_path_count | node_id, status | Gauge | number of paths to peer |
| zt_peer_packets | node_id, direction | Counter | number of packets to/from a peer |
| zt_peer_packet_errors | node_id | Counter | number of incoming packet errors from a peer |
If there are other metrics you'd like to see tracked, ask us in an Issue or send us a Pull Request!
### HTTP / App server
There is a static http file server suitable for hosting Single Page Apps at http://localhost:9993/app/<app-path>
Use `zerotier-cli info -j` to find your zerotier-one service's homeDir
``` sh
cd $ZT_HOME
sudo mkdir -p app/app1
sudo mkdir -p app/appB
echo '<html><meta charset=utf-8><title>appA</title><body><h1>hello world A' | sudo tee app/appA/index.html
echo '<html><meta charset=utf-8><title>app2</title><body><h1>hello world 2' | sudo tee app/app2/index.html
curl -sL http://localhost:9993/app/appA http://localhost:9993/app/app2
```
Then visit [http://localhost:9993/app/app1/](http://localhost:9993/app/app1/) and [http://localhost:9993/app/appB/](http://localhost:9993/app/appB/)
Requests to paths don't exist return the app root index.html, as is customary for SPAs.
If you want, you can write some javascript that talks to the service or controller [api](https://docs.zerotier.com/service/v1).

388
RELEASE-NOTES.md
View file

@ -1,16 +1,390 @@
ZeroTier Release Notes ZeroTier Release Notes
====== ======
# 2017-03-17 -- Version 1.2.2 # 2024-10-23 -- Version 1.14.2
Version 1.2.2 fixes a few bugs discovered after the 1.2.0 release. These are: * Fix for missing entitlement on macOS Sequoia.
* Fix for a problem correctly parsing local.conf to enable low bandwidth mode.
* Increment versions of some dependent libraries.
* Other fixes.
# 2024-09-12 -- Version 1.14.1
* Multithreaded packet I/O support! Currently this is just for Linux and must
be enabled in local.conf. It will likely make the largest difference on small
multi-core devices where CPU is a bottleneck and high throughput is desired.
It may be enabled by default in the future but we want it to be thoroughly
tested. It's a little harder than it seems at first glance due to the need
to keep packets in sequence and balance load.
* Several multipath bug fixes.
* Updated the versions on a number of libraries related to OIDC support and HTTP.
* MacOS .app now shows the correct version in its Info.plist manifest.
* Sanitize MAC addresses in JSON format rules parser.
* Some basic information about the platform (OS, CPU architecture) is now reported
to network controllers when networks are joined so it can be displayed to
network admins and in the future used in policy checking and inventory operations.
# 2024-05-02 -- Version 1.14.0
* Linux I/O performance improvements under heavy load
* Improvements to multipath
* Fix for port rebinding "coma" bug after periods offline (some laptop users)
* Fixed a rules engine quirk/ambiguity (GitHub Issue #2200)
* Controller API enhancements: node names and other node meta-data
* Other bug fixes
# 2023-09-12 -- Version 1.12.2
* More improvements to macOS full tunnel mode.
* Faster recovery after changes to physical network settings.
# 2023-08-25 -- Version 1.12.1
* Minor release to fix a port binding issue in Linux.
* Update Debian dependencies.
* No changes for other platforms.
# 2023-08-23 -- Version 1.12.0
* Experimental Windows ARM64 support
* Fix numerous sleep/wake issues on macOS and other platforms
* Faster recovery after changes to physical network settings
* Prometheus compatible metrics support!
* Fix full tunnel mode on recent macOS versions
* Numerous macOS DNS fixes
* 10-30% speed improvement on Linux
# 2023-03-23 -- Version 1.10.6
* Prevent binding temporary ipv6 addresses on macos (#1910)
* Prevent path-learning loops (#1914)
* Prevent infinite loop of UAC prompts in tray app
# 2023-03-10 -- Version 1.10.5
* Fix for high CPU usage bug on Windows
# 2023-03-07 -- Version 1.10.4
* SECURITY FIX (Windows): this version fixes a file permission problem on
Windows that could allow non-privileged users on a Windows system to read
privileged files in the ZeroTier service's working directory. This could
allow an unprivileged local Windows user to administrate the local ZeroTier
instance without appropriate local permissions. This issue is not remotely
exploitable unless a remote user can read arbitrary local files, and does
not impact other operating systems.
* Fix a bug in the handling of multiple IP address assignments to virtual
interfaces on macOS.
# 2023-02-15 -- Version 1.10.3
* Fix for duplicate paths in client. Could cause connectivity issues. Affects all platforms.
* Fix for Ethernet Tap MTU setting, would not properly apply on Linux.
* Fix default route bugs (macOS.)
* Enable Ping automatically for ZeroTier Adapters (Windows.)
* SSO updates and minor bugfixes.
* Add low-bandwidth mode.
* Add forceTcpRelay mode (optionally enabled.)
* Fix bug that prevented setting of custom TCP relay address.
* Build script improvements and bug fixes.
# 2022-11-01 -- Version 1.10.2
* Fix another SSO "stuck client" issue in zeroidc.
* Expose root-reported external IP/port information via the local JSON API for better diagnostics.
* Multipath: CLI output improvement for inspecting bonds
* Multipath: balance-aware mode
* Multipath: Custom policies
* Multipath: Link quality measurement improvements
Note that releases are coming few and far between because most of our dev effort is going into version 2.
# 2022-06-27 -- Version 1.10.1
* Fix an issue that could cause SSO clients to get "stuck" on stale auth URLs.
* A few other SSO related bug fixes.
# 2022-06-07 -- Version 1.10.0
* Fix formatting problem in `zerotier-cli` when using SSO networks.
* Fix a few other minor bugs in SSO signin to prepare for general availability.
* Remove requirement for webview in desktop UI and instead just make everything available via the tray pulldown/menu. Use [libui-ng](https://github.com/libui-ng/libui-ng) for minor prompt dialogs. Saves space and eliminates installation headaches on Windows.
* Fix SSO "spam" bug in desktop UI.
* Use system default browser for SSO login so all your plugins, MFA devices, password managers, etc. will work as you have them configured.
* Minor fix for bonding/multipath.
# 2022-05-10 -- Version 1.8.10
* Fixed a bug preventing SSO sign-on on Windows.
# 2022-04-25 -- Version 1.8.9
* Fixed a long-standing and strange bug that was causing sporadic "phantom" packet authentication failures. Not a security problem but could be behind sporadic reports of link failures under some conditions.
* Fixed a memory leak in SSO/OIDC support.
* Fixed SSO/OIDC display error on CLI.
* Fixed a bug causing nodes to sometimes fail to push certs to each other (primarily affects SSO/OIDC use cases).
* Fixed a deadlock bug on leaving SSO/OIDC managed networks.
* Added some new Linux distributions to the build subsystem.
# 2022-04-11 -- Version 1.8.8
* Fix a local privilege escalation bug in the Windows installer.
* Dependency fix for some Ubuntu versions.
* No changes for other platforms. Windows upgrade recommended, everyone else optional.
# 2022-03-30 -- Version 1.8.7
* Fix for dependency installations in Windows MSI package.
* Fix for desktop UI setup when run by a non-super-user.
* Bug fix in local OIDC / SSO support for auth0 and other providers.
* Other minor fixes for e.g. old Linux distributions.
# 2022-03-04 -- Version 1.8.6
* Fixed an issue that could cause the UI to be non-responsive if not joined to any networks.
* Fix dependency issues in Debian and RedHat packages for some distributions (Fedora, Mint).
* Bumped the peer cache serialization version to prevent "coma" issues on upgrade due to changes in path logic behaving badly with old values.
# 2022-02-22 -- Version 1.8.5
* Plumbing under the hood for endpoint device SSO support.
* Fix in LinuxEthernetTap to tap device support on very old (2.6) Linux kernels.
* Fix an issue that could cause self-hosted roots ("moons") to fail to assist peers in making direct links. (GitHub issue #1512)
* Merge a series of changes by Joseph Henry (of ZeroTier) that should fix some edge cases where ZeroTier would "forget" valid paths.
* Minor multipath improvements for automatic path negotiation.
# 2021-11-30 -- Version 1.8.4
* Fixed an ugly font problem on some older macOS versions.
* Fixed a bug that could cause the desktop tray app control panel to stop opening after a while on Windows.
* Fixed a possible double "release" in macOS tray app code that crashed on older macOS versions.
* Fixed installation on 32-bit Windows 10.
* Fixed a build flags issue that could cause ZeroTier to crash on older ARM32 CPUs.
# 2021-11-15 -- Version 1.8.3
* Remove problematic spinlock, which was only used on x86_64 anyway. Just use pthread always.
* Fix fd leak on MacOS that caused non-responsiveness after some time.
* Fix Debian install scripts to set /usr/sbin/nologin as shell on service user.
* Fix regression that could prevent managed routes from being deleted.
* DesktopUI: Remove NSDate:now() call, now works on MacOS 10.13 or newer!
# 2021-11-08 -- Version 1.8.2
* Fix multicast on linux.
* Fix a bug that could cause the tap adapter to have the wrong MAC on Linux.
* Update build flags to possibly support MacOS older than 10.14, but more work needs to be done. It may not work yet.
* Fix path variable setting on Windows.
# 2021-10-28 -- Version 1.8.1
* Fix numerous UI issues from 1.8.0 (never fully released).
* Remove support for REALLY ancient 1.1.6 or earlier network controllers.
* MacOS IPv6 no longer binds to temporary addresses as these can cause interruptions if they expire.
* Added additional hardening against address impersonation on networks (also in 1.6.6).
* Fix an issue that could cause clobbering of MacOS IP route settings on restart.
* NOTE: Windows 7 is no longer supported! Windows 7 users will have to use version 1.6.5 or earlier.
# 2021-09-15 -- Version 1.8.0 (preview release only)
* A *completely* rewritten desktop UI for Mac and Windows!
* Implement a workaround for one potential source of a "coma" bug, which can occur if buggy NATs/routers stop allowing the service to communicate on a given port. ZeroTier now reassigns a new secondary port if it's offline for a while unless a secondary port is manually specified in local.conf. Working around crummy buggy routers is an ongoing effort.
* Fix for MacOS MTU capping issue on feth devices
* Fix for mistakenly using v6 source addresses for v4 routes on some platforms
* Stop binding to temporary IPv6 addresses
* Set MAC address before bringing up Linux TAP link
* Check if DNS servers need to be applied on macOS
* Upgrade json.hpp dependency to version 3.10.2
# 2021-09-21 -- Version 1.6.6
* Backport COM hash check mitigation against network member impersonation.
# 2021-04-13 -- Version 1.6.5
* Fix a bug in potential network path filtering that could in some circumstances lead to "software laser" effects.
* Fix a printf overflow in zerotier-cli (not exploitable or a security risk)
* Windows now looks up the name of ZeroTier devices instead of relying on them having "ZeroTier" in them.
# 2021-02-15 -- Version 1.6.4
* The groundhog saw his shadow, which meant that the "connection coma" bug still wasn't gone. We think we found it this time.
# 2021-02-02 -- Version 1.6.3
* Likely fix for GitHub issue #1334, an issue that could cause ZeroTier to
go into a "coma" on some networks.
* Also groundhog day
# 2020-11-30 -- Version 1.6.2
* Fix an ARM hardware AES crypto issue (not an exploitable vulnerability).
* Fix a Linux network leave hang due to a mutex deadlock.
# 2020-11-24 -- Version 1.6.1
This release fixes some minor bugs and other issues in 1.6.0.
* Fixed a bug that caused IP addresses in the 203.0.0.0/8 block to be miscategorized as not being in global scope.
* Changed Linux builds to (hopefully) fix LXC and SELinux issues.
* Fixed unaligned memory access that caused crash on FreeBSD systems on the ARM architecture.
* Merged CLI options for controlling bonded devices into the beta multipath code.
* Updated Windows driver with Microsoft cross-signing to fix issues on some Windows systems.
# 2020-11-19 -- Version 1.6.0
Version 1.6.0 is a major release that incorporates back-ported features from the 2.0 branch, which is still under development. It also fixes a number of issues.
New features and improvements (including those listed under 1.5.0):
* **Apple Silicon** (MacOS ARM64) native support via universal binary. ZeroTier now requires the very latest Xcode to build.
* **Linux performance improvements** for up to 25% faster tun/tap I/O performance on multi-core systems.
* **Multipath support** with modes modeled after the Linux kernel's bonding driver. This includes active-passive and active-active modes with fast failover and load balancing. See section 2.1.5 of the manual.
* **DNS configuration** push from network controllers to end nodes, with locally configurable permissions for whether or not push is allowed.
* **AES-GMAC-SIV** encryption mode, which is both somewhat more secure and significantly faster than the old Salsa20/12-Poly1305 mode on hardware that supports AES acceleration. This includes virtually all X86-64 chips and most ARM64. This mode is based on AES-SIV and has been audited by Trail of Bits to ensure that it is equivalent security-wise.
Bug fixes:
* **Managed route assignment fixes** to eliminate missing routes on Linux and what we believe to be the source of sporadic high CPU usage on MacOS.
* **Hang on shutdown** issues should be fixed.
* **Sporadic multicast outages** should be fixed.
Known remaining issues:
* AES hardware acceleration is not yet supported on 32-bit ARM, PowerPC (32 or 64), or MIPS (32 or 64) systems. Currently supported are X86-64 and ARM64/AARCH64 with crypto extensions.
# 2020-10-05 -- Version 1.5.0 (actually 1.6.0-beta1)
Version 1.6.0 (1.5.0 is a beta!) is a significant release that incorporates a number of back-ported fixes and features from the ZeroTier 2.0 tree.
Major new features are:
* **Multipath support** with modes modeled after the Linux kernel's bonding driver. This includes active-passive and active-active modes with fast failover and load balancing. See section 2.1.5 of the manual.
* **DNS configuration** push from network controllers to end nodes, with locally configurable permissions for whether or not push is allowed.
* **AES-GMAC-SIV** encryption mode, which is both somewhat more secure and significantly faster than the old Salsa20/12-Poly1305 mode on hardware that supports AES acceleration. This includes virtually all X86-64 chips and most ARM64. This mode is based on AES-SIV and has been audited by Trail of Bits to ensure that it is equivalent security-wise.
Known issues that are not yet fixed in this beta:
* Some Mac users have reported periods of 100% CPU in kernel_task and connection instability after leaving networks that have been joined for a period of time, or needing to kill ZeroTier and restart it to finish leaving a network. This doesn't appear to affect all users and we haven't diagnosed the root cause yet.
* The service sometimes hangs on shutdown requiring a kill -9. This also does not affect all systems or users.
* AES hardware acceleration is not yet supported on 32-bit ARM, PowerPC (32 or 64), or MIPS (32 or 64) systems. Currently supported are X86-64 and ARM64/AARCH64 with crypto extensions.
* Some users have reported multicast/broadcast outages on networks lasting up to 30 seconds. Still investigating.
We're trying to fix all these issues before the 1.6.0 release. Stay tuned.
# 2019-08-30 -- Version 1.4.6
* Update default root list to latest
* ARM32 platform build and flag fixes
* Add a clarification line to LICENSE.txt
* Fix license message in CLI
* Windows service now looks for service command line arguments
* Fixed a bug that could cause excessive queued multicasts
# 2019-08-23 -- Version 1.4.4
* Change license from GPL3 to BSL 1.1, see LICENSE.txt
* Fix an issue with the "ipauth" rule and auto-generated unforgeable IPv6 addresses
* Fix socket/bind errors setting IPs and routes on Linux
# 2019-08-12 -- Version 1.4.2
* Fix high CPU use bug on some platforms
* Fix issues with PostgreSQL controller DB (only affects Central)
* Restore backward compatibility with MacOS versions prior to 10.13
# 2019-07-29 -- Version 1.4.0
### Major Changes
* Mac version no longer requires a kernel extension, instead making use of the [feth interfaces](https://apple.stackexchange.com/questions/337715/fake-ethernet-interfaces-feth-if-fake-anyone-ever-seen-this).
* Added support for concurrent multipath (multiple paths at once) with traffic weighting by link quality and faster recovery from lost links.
* Added under-the-hood support for QoS (not yet exposed) that will eventually be configurable via our rules engine.
### Minor Changes and Bug Fixes
* Experimental controller DB driver for [LF](https://github.com/zerotier/lf) to store network controller data (LFDB.cpp / LFDB.hpp).
* Modified credential push and direct path push timings and algorithms to somewhat reduce "chattiness" of the protocol when idle. More radical background overhead reductions will have to wait for the 2.x line.
* Removed our beta/half-baked integration of Central with the Windows UI. We're going to do a whole new UI of some kind in the future at least for Windows and Mac.
* Fixed stack overflow issues on Linux versions using musl libc.
* Fixed some alignment problems reported on ARM and ARM64, but some reports we could not reproduce so please report any issues with exact chip, OS/distro, and ZeroTier version in use.
* Fixed numerous other small issues and bugs such as ARM alignment issues causing crashes on some devices.
* Windows now sets the adapter name such that it is consistent in both the Windows UI and command line utilities.
# 2018-07-27 -- Version 1.2.12
* Fixed a bug that caused exits to take a long time on Mac due to huge numbers of redundant attempts to delete managed routes.
* Fixed a socket limit problem on Windows that caused the ZeroTier service to run out of sockets, causing the UI and CLI to be unable to access the API.
* Fixed a threading bug in the ZeroTier Core, albeit one that never manifested on the regular ZeroTier One service/client.
* Fixed a bug that could cause the service to crash if an authorized local client accessed an invalid URL via the control API. (Not exploitable since you needed admin access anyway.)
# 2018-05-08 -- Version 1.2.10
* Fix bug loading `moons.d/` files for federated root operation.
* Fix compile problem with ZT_DEBUG on some versions of `clang`
* Fix slow network startup bug related to loading of `networks.d/` cache files
# 2018-04-27 -- Version 1.2.8
* Linux version once again builds with PIE (position independent executable) flags
* Fixed bug in zerotier-idtool file sign and verify
* Fixed minor OSX app typo
* Merged alpha NetBSD support (mostly untested, so YMMV)
* Merged several minor typo and one-liner bug fixes
# 2018-04-17 -- Version 1.2.6
* Features and Core Improvements
* Path selection has been overhauled to improve path stability, simplify code, and prepare for multi-path and trunking in the next major release.
* This version introduces remote tracing for remote diagnostics. Network controllers can set a node (usually the controller itself) to receive remote tracing events from all members of the network or from select members. Events are only sent if they pertain to a given network for security reasons.
* Multicast replication can now be done by designated multicast replicators on a network (flagged as such at the controller) rather than by the sender. Most users won't want this, but it's useful for specialized use cases on hub-and-spoke networks and for low-power devices.
* Cryptographic performance improvements on several platforms.
* Multithreaded performance improvements throughout the code base, including the use of an inline lightweight spinlock for low-contention resources.
* Bugs fixed
* Disappearing routes on Mac (GitHub issue #600)
* Route flapping and path instability in some dual-stack V4/V6 networks
* Blacklist (in local.conf) doesn't work reliably (GitHub issue #656)
* Connection instabilities due to unsigned integer overflows in timing comparisons (use int64_t instead of uint64_t)
* Binaries don't run on some older or lower-end 32-bit ARM chips (build problem)
* ARM NEON crypto code crashes (build problem)
* Fixed some lock ordering issues revealed by "valgrind" tool
* The "zerotier-idtool" command could not be accessed from "zerotier-one" via command line switch
* Leaking sockets on some platforms when uPnP/NAT-PMP is enabled
* Fixed two very rare multithreading issues that were only observed on certain systems
* Platform-Specific Changes
* MacOS
* Installer now loads the kernel extension right away so that High Sierra users will see the prompt to authorize it. This is done in the "Security & Privacy" preference pane and must be done directly on the console (not via remote desktop). On High Sierra and newer kexts must be authorized at the console via security settings system preferences pane.
* Windows
* The Windows installer should now install the driver without requiring a special prompt in most cases. This should make it easier for our packages to be accepted into and updated in the Chocolatey repository and should make it easier to perform remote installs across groups of machines using IT management and provisioning tools.
* The Windows official packages are now signed with an EV certificate (with hardware key).
* The Windows UI can now log into ZeroTier Central and join networks via the Central API.
* The `zerotier-idtool` command should now work on Windows without ugly hacks.
* Upgraded the installer version.
* Made a few changes to hopefully fix sporadic "will not uninstall" problems, though we cannot duplicate these issues ourselves.
* Linux
* Device names are now generated deterministically based on network IDs for all newly joined networks.
* Android
* Multicast now works on Android in most cases! Android apps can send and receive multicast and subscribe to multicast group IPs. Note that in some cases the app must bind to the specific correct interface for this to work.
* IPv6 can be disabled in UI for cases where it causes problems.
# 2017-04-20 -- Version 1.2.4
* Managed routes are now only bifurcated for the default route. This is a change in behavior, though few people will probably notice. Bifurcating all managed routes was causing more trouble than it was worth for most users.
* Up to 2X crypto speedup on x86-64 (except Windows, which will take some porting) and 32-bit ARM platforms due to integration of fast assembly language implementations of Salsa20/12 from the [supercop](http://bench.cr.yp.to/supercop.html) code base. These were written by Daniel J. Bernstein and are in the public domain. My MacBook Pro (Core i5 2.8ghz) now does almost 1.5GiB/sec Salsa20/12 per core and a Raspberry Pi got a 2X boost. 64-bit ARM support and Windows support will take some work but should not be too hard.
* Refactored code that manages credentials to greatly reduce memory use in most cases. This may also result in a small performance improvement.
* Reworked and simplified path selection and priority logic to fix path instability and dead path persistence edge cases. There have been some sporadic reports of persistent path instabilities and dead paths hanging around that take minutes to resolve. These have proven difficult to reproduce in house, but hopefully this will fix them. In any case it seems to speed up path establishment in our tests and it makes the code simpler and more readable.
* Eliminated some unused cruft from the code around path management and in the peer class.
* Fixed an issue causing build problems on some MIPS architecture systems.
* Fixed Windows forgetting routes on sleep/wake or in some other circumstances. (GitHub issue #465)
# 2017-03-17 -- Version 1.2.2
* A bug causing unreliable multicast propagation (GitHub issue #461). * A bug causing unreliable multicast propagation (GitHub issue #461).
* A crash in ARM binaries due to a build chain and flags problem. * A crash in ARM binaries due to a build chain and flags problem.
* A bug in the network controller preventing members from being listed (GitHub issue #460). * A bug in the network controller preventing members from being listed (GitHub issue #460).
------
# 2017-03-14 -- Version 1.2.0 # 2017-03-14 -- Version 1.2.0
Version 1.2.0 is a major milestone release representing almost nine months of work. It includes our rules engine for distributed network packet filtering and security monitoring, federated roots, and many other architectural and UI improvements and bug fixes. Version 1.2.0 is a major milestone release representing almost nine months of work. It includes our rules engine for distributed network packet filtering and security monitoring, federated roots, and many other architectural and UI improvements and bug fixes.
@ -23,7 +397,7 @@ The largest new feature in 1.2.0, and the product of many months of work, is our
Rules allow you to filter packets on your network and vector traffic to security observers. Security observation can be performed in-band using REDIRECT or out of band using TEE. Rules allow you to filter packets on your network and vector traffic to security observers. Security observation can be performed in-band using REDIRECT or out of band using TEE.
Tags and capabilites provide advanced methods for implementing fine grained permission structures and micro-segmentation schemes without bloating the size and complexity of your rules table. Tags and capabilities provide advanced methods for implementing fine grained permission structures and micro-segmentation schemes without bloating the size and complexity of your rules table.
See the [rules engine announcement blog post](https://www.zerotier.com/blog/?p=927) for an in-depth discussion of theory and implementation. The [manual](https://www.zerotier.com/manual.shtml) contains detailed information on rule, tag, and capability use, and the `rule-compiler/` subfolder of the ZeroTier source tree contains a JavaScript function to compile rules in our human-readable rule definition language into rules suitable for import into a network controller. (ZeroTier Central uses this same script to compile rules on [my.zerotier.com](https://my.zerotier.com/).) See the [rules engine announcement blog post](https://www.zerotier.com/blog/?p=927) for an in-depth discussion of theory and implementation. The [manual](https://www.zerotier.com/manual.shtml) contains detailed information on rule, tag, and capability use, and the `rule-compiler/` subfolder of the ZeroTier source tree contains a JavaScript function to compile rules in our human-readable rule definition language into rules suitable for import into a network controller. (ZeroTier Central uses this same script to compile rules on [my.zerotier.com](https://my.zerotier.com/).)
@ -106,7 +480,7 @@ A special kind of public network called an ad-hoc network may be accessed by joi
| Start of port range (hex) | Start of port range (hex)
Reserved ZeroTier address prefix indicating a controller-less network Reserved ZeroTier address prefix indicating a controller-less network
Ad-hoc networks are public (no access control) networks that have no network controller. Instead their configuration and other credentials are generated locally. Ad-hoc networks permit only IPv6 UDP and TCP unicast traffic (no multicast or broadcast) using 6plane format NDP-emulated IPv6 addresses. In addition an ad-hoc network ID encodes an IP port range. UDP packets and TCP SYN (connection open) packets are only allowed to desintation ports within the encoded range. Ad-hoc networks are public (no access control) networks that have no network controller. Instead their configuration and other credentials are generated locally. Ad-hoc networks permit only IPv6 UDP and TCP unicast traffic (no multicast or broadcast) using 6plane format NDP-emulated IPv6 addresses. In addition an ad-hoc network ID encodes an IP port range. UDP packets and TCP SYN (connection open) packets are only allowed to destination ports within the encoded range.
For example `ff00160016000000` is an ad-hoc network allowing only SSH, while `ff0000ffff000000` is an ad-hoc network allowing any UDP or TCP port. For example `ff00160016000000` is an ad-hoc network allowing only SSH, while `ff0000ffff000000` is an ad-hoc network allowing any UDP or TCP port.
@ -121,7 +495,7 @@ If you have data in an old SQLite3 controller we've included a NodeJS script in
## Major Bug Fixes in 1.2.0 ## Major Bug Fixes in 1.2.0
* **The Windows HyperV 100% CPU bug is FINALLY DEAD**: This long-running problem turns out to have been an issue with Windows itself, but one we were triggering by placing invalid data into the Windows registry. Microsoft is aware of the issue but we've also fixed the triggering problem on our side. ZeroTier should now co-exist quite well with HyperV and should now be able to be bridged with a HyperV virtual switch. * **The Windows HyperV 100% CPU bug is FINALLY DEAD**: This long-running problem turns out to have been an issue with Windows itself, but one we were triggering by placing invalid data into the Windows registry. Microsoft is aware of the issue but we've also fixed the triggering problem on our side. ZeroTier should now co-exist quite well with HyperV and should now be able to be bridged with a HyperV virtual switch.
* **Segmenation faults on musl-libc based Linux systems**: Alpine Linux and some embedded Linux systems that use musl libc (a minimal libc) experienced segmentation faults. These were due to a smaller default stack size. A work-around that sets the stack size for new threads has been added. * **Segmentation faults on musl-libc based Linux systems**: Alpine Linux and some embedded Linux systems that use musl libc (a minimal libc) experienced segmentation faults. These were due to a smaller default stack size. A work-around that sets the stack size for new threads has been added.
* **Windows firewall blocks local JSON API**: On some Windows systems the firewall likes to block 127.0.0.1:9993 for mysterious reasons. This is now fixed in the installer via the addition of another firewall exemption rule. * **Windows firewall blocks local JSON API**: On some Windows systems the firewall likes to block 127.0.0.1:9993 for mysterious reasons. This is now fixed in the installer via the addition of another firewall exemption rule.
* **UI crash on embedded Windows due to missing fonts**: The MSI installer now ships fonts and will install them if they are not present, so this should be fixed. * **UI crash on embedded Windows due to missing fonts**: The MSI installer now ships fonts and will install them if they are not present, so this should be fixed.

93
SECURITY.md Normal file
View file

@ -0,0 +1,93 @@
# Security
ZeroTier takes the security of our software products and services seriously, which
includes all source code repositories managed through our GitHub organization.
## Supported Versions
The following versions of ZeroTier One receive security updates
| Version | Supported |
| -------- | ------------------ |
| 1.14.x | :white_check_mark: |
| 1.12.x | :white_check_mark: |
| < 1.12.0 | :x: |
## Reporting a Vulnerability
**Please do not report security issues through public GitHub issues**
Instead, please report vulnerabilities via email to security@zerotier.com. If possible,
please encrypt with our PGP key (see below).
Please include the following information, or as much as you can provide to help us
understand the nature and scope of the issue:
* Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
* Full paths of source file(s) related to the manifestation of the issue
* The location of the affected source code (tag/branch/commit or direct URL)
* Any special configuration required to reproduce the issue
* Step-by-step instructions to reproduce the issue
* Proof-of-concept or exploit code (if possible)
* Impact of the issue, including how an attacker might exploit the issue
## Preferred Languages
We prefer all communications to be in English.
## security@zerotier.com PGP key
```
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGQGOVIBEACalXTnNqaiSOVLFEiqHpDMg8N/OI5D5850Xy1ZEvx3B3rz7cbn
k30ozHtJKbh+vqpyItE7DjyQAuF19gP5Q64Yh0Y+MmLHq60q/GwOwAYz7cI+UzA3
5x8YqcmTp32LAM1xJn+iMlMLBuAmJl4kULKmOXPlpqPiyTFs5saizvm7fgRmfgJJ
HpsnIrTkaDFJhAR+jvMJohVYwmhuydeI0DsHu7KGpG1ddcHDrUjOPNqXnnAPSPwx
llw4yfKlQb8GYErsv/G5QVyzd5+SxEuiI4MARRnrk8LlMQ33CR6pzIQ/Bk5AAmye
mHqfEAknkiOf++urYhRs9BL3Kz3MdV0cg92zr9EFOg0u56jxf5OnAiTOhGUUA0hn
dS7peVGl46R9Oy2JYIazNDGi+4NIsYDFXsnsss9xOQVygPyeQd71zFHfix0jct9w
j3o/kj7Egsnm9nc13354bYT6bbalqXiRWwGH1eAFpjueNWiVFwZS6NZUP3WeNDiY
BlPo1LodvolbXiJcTILTCyEkERJPCK2zoE2nTdVfvTLWsuehw1M6Yd2/q74TVYy/
RY+KjHkrChEBQ9PqXsXRHj6opKbT8JLfZkvU5k+3IiqqxOpB+QXFI/whj493CxWW
so7QAmzOCyJq8GDVPxzkwUac22YIkXdiOmb8i/HWq+kLY/HjQE259Gx6KwARAQAB
tClaZXJvVGllciBTZWN1cml0eSA8c2VjdXJpdHlAemVyb3RpZXIuY29tPokCTAQT
AQoANhYhBH1HQGb+4jzl6mnFqf09m6uqADkABQJkBjlSAhsDBAsJCAcEFQoJCAUW
AgMBAAIeAQIXgAAKCRD9PZurqgA5ACqPD/sFt6SG6Tu0HwTY2ofJtYsa2GBLL0pf
dYlX4cWSs1PVB5+m5Oj18y+GB2umA9GnsVtmvaSfp3XEngt2zNWX27uUsVfL35b2
/5TVVe8RjzOedqMN+lQWMvO+f/C1zmWYXjjpC+iGjgMMaRRrofkkn+7uL4N9y6gY
rcXtpACT1rYFC+i1AKnZfUO8Vr5ji7odq0f7bDkN/N38rB0kRRwEmO8wqdpQK6gK
nxf9vgJl5ggimDk5Xtz1sfd3y28bf5N4hdOCkXUbd10nUFY3wDNTM4VxozxTGJeG
imdcc19Wuw/1fGUZ5SIjgPanCdPLGYwSTr+M6Fuern9uTtlC1GOby3BUtmVGP6EU
1pSAJSRpmoBPHKKOYtSMwV8PCboXru9P1ab8y8STKM3SKyghUJrl17gdc0LaksZa
E54pJudGPIQMFRqZjMdV6jgMuaLTozjZ4mW8EThf4mkX4xDkO8l7cOn0225ZYJZC
lZKpdnwzk9owkJA80u4KBNJxTtB4ZAPzjBsD5hFzCZQTLNQp/psU3EjZsau28eXT
E/C1QjEQHgy4ohkgQlCm1H1+clKssCWcdmsVGXuS1u8gh4K6X9b0Z6LeCGRaQvH2
+DB8oTAdqp9nUZv9rP4pbo+sR4fF67CFLriVuxjedAiFkbM4uHMFcL4tc/X9+DRo
YN5X7oEkZvO507kCDQRkBjlSARAAz58UMF7K1qKyQjzKTcutaYZ5SaIGky9lCLZn
/2vjpFCoBogkxS/6IKQcwZk8b4S9QstaaQZDFEkxqNeKC0GiFTAMAb6SmYcK495h
EZnHl0NA5Nc2dBlZk5E/ENzTCz2bXaxCcVESc2z+xCzu07brbhGrqvliKiwOUzt9
JzqEsar6I95OutBcZvkFCs44/Uf9bS1qf1w4klE8w3vdMtGH23umrET4tFZ+sh6o
ZFtQx0u2eKjsRdn/RMtsxLNaJlcE1DdIAqBpQrcmuwMC8v5wUGfCGZjhClzmyQlq
akUkayir7UtbHbFT/mgO+YI77YGXWk5QrwPscqqT2l8KB/YMujNDmaWa/0KV1lIY
zr5s4dzVeiwqFLR9ANFIhzFwzf3JLi6XSx123Qix0TxZoYPZCHl7yoi9qi6qybz5
0Od2LSz3jbApeKYymZ+zjE+YV5y9DI6Wzy1j2M1FogNvTO9fMk+6dLt4HhTdSNvH
cKya462YCcy+tnZTkhmh+FTebbJlV6D4wG7skE5KCdBhjm53xLwp6XW9L6n2CrkL
W1IDBcCz0oPd1sMkXbO3wnxdXprV2XurCfsg/R2nszSNzvdJ8/xj3cr9hpoJ714R
qqyoEDRZ1Ss9kGL166o5MpN5qb/EewdkqGgWP7YFXbhsdHQiW7Z7dAqzjoaybD4O
nakkwyUAEQEAAYkCNgQYAQoAIBYhBH1HQGb+4jzl6mnFqf09m6uqADkABQJkBjlS
AhsMAAoJEP09m6uqADkAax0P/Rh8EZYRqW6dPYTl1YQusAK10rAcRNq3ekjofXGk
oXK1S7HWGoFgl5++5nfSfNgFJ5VLcgIM56wtIf49zFjWe5oC6fw8k+ghh4d2chMP
hdDILx6e0c30Iq1+EvovGR9hWa0wJ4cKTdzlwhY9ZC09q0ia+bl2mwpie1JQDR0c
zXCjt+PldLeeK9z1/XT0Q7KowYC+U18oR+KFm+EaRV4QT85JVequnIeGkmaHJrHB
lH4T5A5ib7y8edon1c0Zx3GsaxJUojkEJ0SX7ffVDu6ztUZfkHfCVpMW4VzUeGA/
m+CtFO9ciLRGZEkRa+zhIGoBvwEXU0GiwiF4nZ0F2C8UioeW0YIEV9zl3nXJctYE
ZKc2whSENQRTGgaYHVoVZhznt71LKWgFLshwBo81UCXVkzwAjMW1ActDnmPw5M7q
xR5Qp5G49Z1GmfSozazha0HVFPKNV5i3RlTzs4yLUnZyH0yC9IvtOefMHcLjG96L
N5miEV97gvJJjrn8rhRvpUwAWgmT/9IuYjBNQTtNN40arto5HxezR76WCjdKYxdL
p3dM1iiBDShHNm7LdyZlLFhTOMU0tNBxJJ7B09ar5gakeZjD+2aB1ODX9VuFtozL
onBjI2gIkry0UIkuznHfFw05lZAZAiqHEVgVi/WTk4C/bklDZNgE0lx+IWzEz2iS
L455
=lheL
-----END PGP PUBLIC KEY BLOCK-----
```

BIN
artwork/AppIcon_1024x1024.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 47 KiB

BIN
artwork/AppIcon_20x20.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 621 B

BIN
artwork/AppIcon_60x60.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 1.6 KiB

BIN
artwork/AppIcon_90x90.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 4.6 KiB

BIN
artwork/ZeroTierIcon32x32.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 7 KiB

650
attic/OSXEthernetTap.cpp.pcap-with-bridge-test
View file

@ -1,650 +0,0 @@
/*
* ZeroTier One - Network Virtualization Everywhere
* Copyright (C) 2011-2015 ZeroTier, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* --
*
* ZeroTier may be used and distributed under the terms of the GPLv3, which
* are available at: http://www.gnu.org/licenses/gpl-3.0.html
*
* If you would like to embed ZeroTier into a commercial application or
* redistribute it in a modified binary form, please contact ZeroTier Networks
* LLC. Start here: http://www.zerotier.com/
*/
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <unistd.h>
#include <signal.h>
#include <fcntl.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/ioctl.h>
#include <sys/wait.h>
#include <sys/select.h>
#include <sys/cdefs.h>
#include <sys/uio.h>
#include <sys/param.h>
#include <sys/ioctl.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <net/route.h>
#include <net/if.h>
#include <net/if_arp.h>
#include <net/if_dl.h>
#include <net/if_media.h>
#include <netinet6/in6_var.h>
#include <netinet/in_var.h>
#include <netinet/icmp6.h>
#include <pcap/pcap.h>
// OSX compile fix... in6_var defines this in a struct which namespaces it for C++ ... why?!?
struct prf_ra {
u_char onlink : 1;
u_char autonomous : 1;
u_char reserved : 6;
} prf_ra;
#include <netinet6/nd6.h>
#include <ifaddrs.h>
// These are KERNEL_PRIVATE... why?
#ifndef SIOCAUTOCONF_START
#define SIOCAUTOCONF_START _IOWR('i', 132, struct in6_ifreq) /* accept rtadvd on this interface */
#endif
#ifndef SIOCAUTOCONF_STOP
#define SIOCAUTOCONF_STOP _IOWR('i', 133, struct in6_ifreq) /* stop accepting rtadv for this interface */
#endif
#ifndef ETH_ALEN
#define ETH_ALEN 6
#endif
// --------------------------------------------------------------------------
// --------------------------------------------------------------------------
// This source is from:
// http://www.opensource.apple.com/source/Libinfo/Libinfo-406.17/gen.subproj/getifmaddrs.c?txt
// It's here because OSX 10.6 does not have this convenience function.
#define SALIGN (sizeof(uint32_t) - 1)
#define SA_RLEN(sa) ((sa)->sa_len ? (((sa)->sa_len + SALIGN) & ~SALIGN) : \
(SALIGN + 1))
#define MAX_SYSCTL_TRY 5
#define RTA_MASKS (RTA_GATEWAY | RTA_IFP | RTA_IFA)
/* FreeBSD uses NET_RT_IFMALIST and RTM_NEWMADDR from <sys/socket.h> */
/* We can use NET_RT_IFLIST2 and RTM_NEWMADDR2 on Darwin */
//#define DARWIN_COMPAT
//#ifdef DARWIN_COMPAT
#define GIM_SYSCTL_MIB NET_RT_IFLIST2
#define GIM_RTM_ADDR RTM_NEWMADDR2
//#else
//#define GIM_SYSCTL_MIB NET_RT_IFMALIST
//#define GIM_RTM_ADDR RTM_NEWMADDR
//#endif
// Not in 10.6 includes so use our own
struct _intl_ifmaddrs {
struct _intl_ifmaddrs *ifma_next;
struct sockaddr *ifma_name;
struct sockaddr *ifma_addr;
struct sockaddr *ifma_lladdr;
};
static inline int _intl_getifmaddrs(struct _intl_ifmaddrs **pif)
{
int icnt = 1;
int dcnt = 0;
int ntry = 0;
size_t len;
size_t needed;
int mib[6];
int i;
char *buf;
char *data;
char *next;
char *p;
struct ifma_msghdr2 *ifmam;
struct _intl_ifmaddrs *ifa, *ift;
struct rt_msghdr *rtm;
struct sockaddr *sa;
mib[0] = CTL_NET;
mib[1] = PF_ROUTE;
mib[2] = 0; /* protocol */
mib[3] = 0; /* wildcard address family */
mib[4] = GIM_SYSCTL_MIB;
mib[5] = 0; /* no flags */
do {
if (sysctl(mib, 6, NULL, &needed, NULL, 0) < 0)
return (-1);
if ((buf = (char *)malloc(needed)) == NULL)
return (-1);
if (sysctl(mib, 6, buf, &needed, NULL, 0) < 0) {
if (errno != ENOMEM || ++ntry >= MAX_SYSCTL_TRY) {
free(buf);
return (-1);
}
free(buf);
buf = NULL;
}
} while (buf == NULL);
for (next = buf; next < buf + needed; next += rtm->rtm_msglen) {
rtm = (struct rt_msghdr *)(void *)next;
if (rtm->rtm_version != RTM_VERSION)
continue;
switch (rtm->rtm_type) {
case GIM_RTM_ADDR:
ifmam = (struct ifma_msghdr2 *)(void *)rtm;
if ((ifmam->ifmam_addrs & RTA_IFA) == 0)
break;
icnt++;
p = (char *)(ifmam + 1);
for (i = 0; i < RTAX_MAX; i++) {
if ((RTA_MASKS & ifmam->ifmam_addrs &
(1 << i)) == 0)
continue;
sa = (struct sockaddr *)(void *)p;
len = SA_RLEN(sa);
dcnt += len;
p += len;
}
break;
}
}
data = (char *)malloc(sizeof(struct _intl_ifmaddrs) * icnt + dcnt);
if (data == NULL) {
free(buf);
return (-1);
}
ifa = (struct _intl_ifmaddrs *)(void *)data;
data += sizeof(struct _intl_ifmaddrs) * icnt;
memset(ifa, 0, sizeof(struct _intl_ifmaddrs) * icnt);
ift = ifa;
for (next = buf; next < buf + needed; next += rtm->rtm_msglen) {
rtm = (struct rt_msghdr *)(void *)next;
if (rtm->rtm_version != RTM_VERSION)
continue;
switch (rtm->rtm_type) {
case GIM_RTM_ADDR:
ifmam = (struct ifma_msghdr2 *)(void *)rtm;
if ((ifmam->ifmam_addrs & RTA_IFA) == 0)
break;
p = (char *)(ifmam + 1);
for (i = 0; i < RTAX_MAX; i++) {
if ((RTA_MASKS & ifmam->ifmam_addrs &
(1 << i)) == 0)
continue;
sa = (struct sockaddr *)(void *)p;
len = SA_RLEN(sa);
switch (i) {
case RTAX_GATEWAY:
ift->ifma_lladdr =
(struct sockaddr *)(void *)data;
memcpy(data, p, len);
data += len;
break;
case RTAX_IFP:
ift->ifma_name =
(struct sockaddr *)(void *)data;
memcpy(data, p, len);
data += len;
break;
case RTAX_IFA:
ift->ifma_addr =
(struct sockaddr *)(void *)data;
memcpy(data, p, len);
data += len;
break;
default:
data += len;
break;
}
p += len;
}
ift->ifma_next = ift + 1;
ift = ift->ifma_next;
break;
}
}
free(buf);
if (ift > ifa) {
ift--;
ift->ifma_next = NULL;
*pif = ifa;
} else {
*pif = NULL;
free(ifa);
}
return (0);
}
static inline void _intl_freeifmaddrs(struct _intl_ifmaddrs *ifmp)
{
free(ifmp);
}
// --------------------------------------------------------------------------
// --------------------------------------------------------------------------
#include <string>
#include <map>
#include <set>
#include <algorithm>
#include "../node/Constants.hpp"
#include "../node/Utils.hpp"
#include "../node/Mutex.hpp"
#include "../node/Dictionary.hpp"
#include "OSUtils.hpp"
#include "OSXEthernetTap.hpp"
// ff:ff:ff:ff:ff:ff with no ADI
static const ZeroTier::MulticastGroup _blindWildcardMulticastGroup(ZeroTier::MAC(0xff),0);
static inline bool _setIpv6Stuff(const char *ifname,bool performNUD,bool acceptRouterAdverts)
{
struct in6_ndireq nd;
struct in6_ifreq ifr;
int s = socket(AF_INET6,SOCK_DGRAM,0);
if (s <= 0)
return false;
memset(&nd,0,sizeof(nd));
strncpy(nd.ifname,ifname,sizeof(nd.ifname));
if (ioctl(s,SIOCGIFINFO_IN6,&nd)) {
close(s);
return false;
}
unsigned long oldFlags = (unsigned long)nd.ndi.flags;
if (performNUD)
nd.ndi.flags |= ND6_IFF_PERFORMNUD;
else nd.ndi.flags &= ~ND6_IFF_PERFORMNUD;
if (oldFlags != (unsigned long)nd.ndi.flags) {
if (ioctl(s,SIOCSIFINFO_FLAGS,&nd)) {
close(s);
return false;
}
}
memset(&ifr,0,sizeof(ifr));
strncpy(ifr.ifr_name,ifname,sizeof(ifr.ifr_name));
if (ioctl(s,acceptRouterAdverts ? SIOCAUTOCONF_START : SIOCAUTOCONF_STOP,&ifr)) {
close(s);
return false;
}
close(s);
return true;
}
namespace ZeroTier {
static std::set<std::string> globalDeviceNames;
static Mutex globalTapCreateLock;
OSXEthernetTap::OSXEthernetTap(
const char *homePath,
const MAC &mac,
unsigned int mtu,
unsigned int metric,
uint64_t nwid,
const char *friendlyName,
void (*handler)(void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *data,unsigned int len),
void *arg) :
_handler(handler),
_arg(arg),
_pcap((void *)0),
_nwid(nwid),
_mac(mac),
_homePath(homePath),
_mtu(mtu),
_metric(metric),
_enabled(true)
{
char errbuf[PCAP_ERRBUF_SIZE];
char devname[64],ethaddr[64],mtustr[32],metstr[32],nwids[32];
Utils::snprintf(nwids,sizeof(nwids),"%.16llx",nwid);
if (mtu > 2800)
throw std::runtime_error("max tap MTU is 2800");
Mutex::Lock _gl(globalTapCreateLock);
std::string desiredDevice;
Dictionary devmap;
{
std::string devmapbuf;
if (OSUtils::readFile((_homePath + ZT_PATH_SEPARATOR_S + "devicemap").c_str(),devmapbuf)) {
devmap.fromString(devmapbuf);
desiredDevice = devmap.get(nwids,"");
}
}
if ((desiredDevice.length() >= 9)&&(desiredDevice.substr(0,6) == "bridge")) {
// length() >= 9 matches bridge### or bridge####
_dev = desiredDevice;
} else {
if (globalDeviceNames.size() >= (10000 - 128)) // sanity check... this would be nuts
throw std::runtime_error("too many devices!");
unsigned int pseudoBridgeNo = (unsigned int)((nwid ^ (nwid >> 32)) % (10000 - 128)) + 128; // range: bridge128 to bridge9999
sprintf(devname,"bridge%u",pseudoBridgeNo);
while (globalDeviceNames.count(std::string(devname)) > 0) {
++pseudoBridgeNo;
if (pseudoBridgeNo > 9999)
pseudoBridgeNo = 64;
sprintf(devname,"bridge%u",pseudoBridgeNo);
}
_dev = devname;
}
// Configure MAC address and MTU, bring interface up
long cpid = (long)vfork();
if (cpid == 0) {
::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"create",(const char *)0);
::_exit(-1);
} else if (cpid > 0) {
int exitcode = -1;
::waitpid(cpid,&exitcode,0);
if (exitcode != 0)
throw std::runtime_error("ifconfig failure setting link-layer address and activating tap interface");
} else throw std::runtime_error("unable to fork()");
Utils::snprintf(ethaddr,sizeof(ethaddr),"%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",(int)mac[0],(int)mac[1],(int)mac[2],(int)mac[3],(int)mac[4],(int)mac[5]);
Utils::snprintf(mtustr,sizeof(mtustr),"%u",_mtu);
Utils::snprintf(metstr,sizeof(metstr),"%u",_metric);
cpid = (long)vfork();
if (cpid == 0) {
::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"lladdr",ethaddr,"mtu",mtustr,"metric",metstr,"up",(const char *)0);
::_exit(-1);
} else if (cpid > 0) {
int exitcode = -1;
::waitpid(cpid,&exitcode,0);
if (exitcode != 0)
throw std::runtime_error("ifconfig failure setting link-layer address and activating tap interface");
} else throw std::runtime_error("unable to fork()");
_setIpv6Stuff(_dev.c_str(),true,false);
_pcap = (void *)pcap_create(_dev.c_str(),errbuf);
if (!_pcap) {
cpid = (long)vfork();
if (cpid == 0) {
::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"destroy",(const char *)0);
::_exit(-1);
} else if (cpid > 0) {
int exitcode = -1;
::waitpid(cpid,&exitcode,0);
}
throw std::runtime_error((std::string("pcap_create() on new bridge device failed: ") + errbuf).c_str());
}
pcap_set_promisc(reinterpret_cast<pcap_t *>(_pcap),1);
pcap_set_timeout(reinterpret_cast<pcap_t *>(_pcap),120000);
pcap_set_immediate_mode(reinterpret_cast<pcap_t *>(_pcap),1);
if (pcap_set_buffer_size(reinterpret_cast<pcap_t *>(_pcap),1024 * 1024 * 16) != 0) // 16MB
fprintf(stderr,"WARNING: pcap_set_buffer_size() failed!\n");
if (pcap_set_snaplen(reinterpret_cast<pcap_t *>(_pcap),4096) != 0)
fprintf(stderr,"WARNING: pcap_set_snaplen() failed!\n");
if (pcap_activate(reinterpret_cast<pcap_t *>(_pcap)) != 0) {
pcap_close(reinterpret_cast<pcap_t *>(_pcap));
cpid = (long)vfork();
if (cpid == 0) {
::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"destroy",(const char *)0);
::_exit(-1);
} else if (cpid > 0) {
int exitcode = -1;
::waitpid(cpid,&exitcode,0);
}
throw std::runtime_error("pcap_activate() on new bridge device failed.");
}
globalDeviceNames.insert(_dev);
devmap[nwids] = _dev;
OSUtils::writeFile((_homePath + ZT_PATH_SEPARATOR_S + "devicemap").c_str(),devmap.toString());
_thread = Thread::start(this);
}
OSXEthernetTap::~OSXEthernetTap()
{
_enabled = false;
Mutex::Lock _gl(globalTapCreateLock);
globalDeviceNames.erase(_dev);
long cpid = (long)vfork();
if (cpid == 0) {
::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"destroy",(const char *)0);
::_exit(-1);
} else if (cpid > 0) {
int exitcode = -1;
::waitpid(cpid,&exitcode,0);
if (exitcode == 0) {
// Destroying the interface nukes pcap and terminates the thread.
Thread::join(_thread);
}
}
pcap_close(reinterpret_cast<pcap_t *>(_pcap));
}
static bool ___removeIp(const std::string &_dev,const InetAddress &ip)
{
long cpid = (long)vfork();
if (cpid == 0) {
execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"inet",ip.toIpString().c_str(),"-alias",(const char *)0);
_exit(-1);
} else if (cpid > 0) {
int exitcode = -1;
waitpid(cpid,&exitcode,0);
return (exitcode == 0);
}
return false; // never reached, make compiler shut up about return value
}
bool OSXEthernetTap::addIp(const InetAddress &ip)
{
if (!ip)
return false;
std::vector<InetAddress> allIps(ips());
if (std::binary_search(allIps.begin(),allIps.end(),ip))
return true;
// Remove and reconfigure if address is the same but netmask is different
for(std::vector<InetAddress>::iterator i(allIps.begin());i!=allIps.end();++i) {
if ((i->ipsEqual(ip))&&(i->netmaskBits() != ip.netmaskBits())) {
if (___removeIp(_dev,*i))
break;
}
}
long cpid = (long)vfork();
if (cpid == 0) {
::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),ip.isV4() ? "inet" : "inet6",ip.toString().c_str(),"alias",(const char *)0);
::_exit(-1);
} else if (cpid > 0) {
int exitcode = -1;
::waitpid(cpid,&exitcode,0);
return (exitcode == 0);
} // else return false...
return false;
}
bool OSXEthernetTap::removeIp(const InetAddress &ip)
{
if (!ip)
return true;
std::vector<InetAddress> allIps(ips());
if (!std::binary_search(allIps.begin(),allIps.end(),ip)) {
if (___removeIp(_dev,ip))
return true;
}
return false;
}
std::vector<InetAddress> OSXEthernetTap::ips() const
{
struct ifaddrs *ifa = (struct ifaddrs *)0;
if (getifaddrs(&ifa))
return std::vector<InetAddress>();
std::vector<InetAddress> r;
struct ifaddrs *p = ifa;
while (p) {
if ((!strcmp(p->ifa_name,_dev.c_str()))&&(p->ifa_addr)&&(p->ifa_netmask)&&(p->ifa_addr->sa_family == p->ifa_netmask->sa_family)) {
switch(p->ifa_addr->sa_family) {
case AF_INET: {
struct sockaddr_in *sin = (struct sockaddr_in *)p->ifa_addr;
struct sockaddr_in *nm = (struct sockaddr_in *)p->ifa_netmask;
r.push_back(InetAddress(&(sin->sin_addr.s_addr),4,Utils::countBits((uint32_t)nm->sin_addr.s_addr)));
} break;
case AF_INET6: {
struct sockaddr_in6 *sin = (struct sockaddr_in6 *)p->ifa_addr;
struct sockaddr_in6 *nm = (struct sockaddr_in6 *)p->ifa_netmask;
uint32_t b[4];
memcpy(b,nm->sin6_addr.s6_addr,sizeof(b));
r.push_back(InetAddress(sin->sin6_addr.s6_addr,16,Utils::countBits(b[0]) + Utils::countBits(b[1]) + Utils::countBits(b[2]) + Utils::countBits(b[3])));
} break;
}
}
p = p->ifa_next;
}
if (ifa)
freeifaddrs(ifa);
std::sort(r.begin(),r.end());
std::unique(r.begin(),r.end());
return r;
}
void OSXEthernetTap::put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len)
{
char putBuf[4096];
if ((len <= _mtu)&&(_enabled)) {
to.copyTo(putBuf,6);
from.copyTo(putBuf + 6,6);
*((uint16_t *)(putBuf + 12)) = htons((uint16_t)etherType);
memcpy(putBuf + 14,data,len);
len += 14;
int r = pcap_inject(reinterpret_cast<pcap_t *>(_pcap),putBuf,len);
if (r <= 0) {
printf("%s: pcap_inject() failed\n",_dev.c_str());
return;
}
printf("%s: inject %s -> %s etherType==%u len=%u r==%d\n",_dev.c_str(),from.toString().c_str(),to.toString().c_str(),etherType,len,r);
}
}
std::string OSXEthernetTap::deviceName() const
{
return _dev;
}
void OSXEthernetTap::setFriendlyName(const char *friendlyName)
{
}
void OSXEthernetTap::scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed)
{
std::vector<MulticastGroup> newGroups;
struct _intl_ifmaddrs *ifmap = (struct _intl_ifmaddrs *)0;
if (!_intl_getifmaddrs(&ifmap)) {
struct _intl_ifmaddrs *p = ifmap;
while (p) {
if (p->ifma_addr->sa_family == AF_LINK) {
struct sockaddr_dl *in = (struct sockaddr_dl *)p->ifma_name;
struct sockaddr_dl *la = (struct sockaddr_dl *)p->ifma_addr;
if ((la->sdl_alen == 6)&&(in->sdl_nlen <= _dev.length())&&(!memcmp(_dev.data(),in->sdl_data,in->sdl_nlen)))
newGroups.push_back(MulticastGroup(MAC(la->sdl_data + la->sdl_nlen,6),0));
}
p = p->ifma_next;
}
_intl_freeifmaddrs(ifmap);
}
std::vector<InetAddress> allIps(ips());
for(std::vector<InetAddress>::iterator ip(allIps.begin());ip!=allIps.end();++ip)
newGroups.push_back(MulticastGroup::deriveMulticastGroupForAddressResolution(*ip));
std::sort(newGroups.begin(),newGroups.end());
std::unique(newGroups.begin(),newGroups.end());
for(std::vector<MulticastGroup>::iterator m(newGroups.begin());m!=newGroups.end();++m) {
if (!std::binary_search(_multicastGroups.begin(),_multicastGroups.end(),*m))
added.push_back(*m);
}
for(std::vector<MulticastGroup>::iterator m(_multicastGroups.begin());m!=_multicastGroups.end();++m) {
if (!std::binary_search(newGroups.begin(),newGroups.end(),*m))
removed.push_back(*m);
}
_multicastGroups.swap(newGroups);
}
static void _pcapHandler(u_char *ptr,const struct pcap_pkthdr *hdr,const u_char *data)
{
OSXEthernetTap *tap = reinterpret_cast<OSXEthernetTap *>(ptr);
if (hdr->caplen > 14) {
MAC to(data,6);
MAC from(data + 6,6);
if (from == tap->_mac) {
unsigned int etherType = ntohs(((const uint16_t *)data)[6]);
printf("%s: %s -> %s etherType==%u len==%u\n",tap->_dev.c_str(),from.toString().c_str(),to.toString().c_str(),etherType,(unsigned int)hdr->caplen);
// TODO: VLAN support
tap->_handler(tap->_arg,tap->_nwid,from,to,etherType,0,(const void *)(data + 14),hdr->len - 14);
}
}
}
void OSXEthernetTap::threadMain()
throw()
{
pcap_loop(reinterpret_cast<pcap_t *>(_pcap),-1,&_pcapHandler,reinterpret_cast<u_char *>(this));
}
} // namespace ZeroTier

831
attic/OSXEthernetTap.cpp.utun-work-in-progress
View file

@ -1,831 +0,0 @@
/*
* ZeroTier One - Network Virtualization Everywhere
* Copyright (C) 2011-2015 ZeroTier, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* --
*
* ZeroTier may be used and distributed under the terms of the GPLv3, which
* are available at: http://www.gnu.org/licenses/gpl-3.0.html
*
* If you would like to embed ZeroTier into a commercial application or
* redistribute it in a modified binary form, please contact ZeroTier Networks
* LLC. Start here: http://www.zerotier.com/
*/
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <unistd.h>
#include <signal.h>
#include <fcntl.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/ioctl.h>
#include <sys/wait.h>
#include <sys/select.h>
#include <sys/cdefs.h>
#include <sys/uio.h>
#include <sys/param.h>
#include <sys/ioctl.h>
#include <sys/socket.h>
#include <sys/sys_domain.h>
#include <sys/kern_control.h>
#include <net/if_utun.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <net/route.h>
#include <net/if.h>
#include <net/if_arp.h>
#include <net/if_dl.h>
#include <net/if_media.h>
#include <netinet6/in6_var.h>
#include <netinet/in_var.h>
#include <netinet/icmp6.h>
// OSX compile fix... in6_var defines this in a struct which namespaces it for C++ ... why?!?
struct prf_ra {
u_char onlink : 1;
u_char autonomous : 1;
u_char reserved : 6;
} prf_ra;
#include <netinet6/nd6.h>
#include <ifaddrs.h>
// These are KERNEL_PRIVATE... why?
#ifndef SIOCAUTOCONF_START
#define SIOCAUTOCONF_START _IOWR('i', 132, struct in6_ifreq) /* accept rtadvd on this interface */
#endif
#ifndef SIOCAUTOCONF_STOP
#define SIOCAUTOCONF_STOP _IOWR('i', 133, struct in6_ifreq) /* stop accepting rtadv for this interface */
#endif
// --------------------------------------------------------------------------
// --------------------------------------------------------------------------
// This source is from:
// http://www.opensource.apple.com/source/Libinfo/Libinfo-406.17/gen.subproj/getifmaddrs.c?txt
// It's here because OSX 10.6 does not have this convenience function.
#define SALIGN (sizeof(uint32_t) - 1)
#define SA_RLEN(sa) ((sa)->sa_len ? (((sa)->sa_len + SALIGN) & ~SALIGN) : \
(SALIGN + 1))
#define MAX_SYSCTL_TRY 5
#define RTA_MASKS (RTA_GATEWAY | RTA_IFP | RTA_IFA)
/* FreeBSD uses NET_RT_IFMALIST and RTM_NEWMADDR from <sys/socket.h> */
/* We can use NET_RT_IFLIST2 and RTM_NEWMADDR2 on Darwin */
//#define DARWIN_COMPAT
//#ifdef DARWIN_COMPAT
#define GIM_SYSCTL_MIB NET_RT_IFLIST2
#define GIM_RTM_ADDR RTM_NEWMADDR2
//#else
//#define GIM_SYSCTL_MIB NET_RT_IFMALIST
//#define GIM_RTM_ADDR RTM_NEWMADDR
//#endif
// Not in 10.6 includes so use our own
struct _intl_ifmaddrs {
struct _intl_ifmaddrs *ifma_next;
struct sockaddr *ifma_name;
struct sockaddr *ifma_addr;
struct sockaddr *ifma_lladdr;
};
static inline int _intl_getifmaddrs(struct _intl_ifmaddrs **pif)
{
int icnt = 1;
int dcnt = 0;
int ntry = 0;
size_t len;
size_t needed;
int mib[6];
int i;
char *buf;
char *data;
char *next;
char *p;
struct ifma_msghdr2 *ifmam;
struct _intl_ifmaddrs *ifa, *ift;
struct rt_msghdr *rtm;
struct sockaddr *sa;
mib[0] = CTL_NET;
mib[1] = PF_ROUTE;
mib[2] = 0; /* protocol */
mib[3] = 0; /* wildcard address family */
mib[4] = GIM_SYSCTL_MIB;
mib[5] = 0; /* no flags */
do {
if (sysctl(mib, 6, NULL, &needed, NULL, 0) < 0)
return (-1);
if ((buf = (char *)malloc(needed)) == NULL)
return (-1);
if (sysctl(mib, 6, buf, &needed, NULL, 0) < 0) {
if (errno != ENOMEM || ++ntry >= MAX_SYSCTL_TRY) {
free(buf);
return (-1);
}
free(buf);
buf = NULL;
}
} while (buf == NULL);
for (next = buf; next < buf + needed; next += rtm->rtm_msglen) {
rtm = (struct rt_msghdr *)(void *)next;
if (rtm->rtm_version != RTM_VERSION)
continue;
switch (rtm->rtm_type) {
case GIM_RTM_ADDR:
ifmam = (struct ifma_msghdr2 *)(void *)rtm;
if ((ifmam->ifmam_addrs & RTA_IFA) == 0)
break;
icnt++;
p = (char *)(ifmam + 1);
for (i = 0; i < RTAX_MAX; i++) {
if ((RTA_MASKS & ifmam->ifmam_addrs &
(1 << i)) == 0)
continue;
sa = (struct sockaddr *)(void *)p;
len = SA_RLEN(sa);
dcnt += len;
p += len;
}
break;
}
}
data = (char *)malloc(sizeof(struct _intl_ifmaddrs) * icnt + dcnt);
if (data == NULL) {
free(buf);
return (-1);
}
ifa = (struct _intl_ifmaddrs *)(void *)data;
data += sizeof(struct _intl_ifmaddrs) * icnt;
memset(ifa, 0, sizeof(struct _intl_ifmaddrs) * icnt);
ift = ifa;
for (next = buf; next < buf + needed; next += rtm->rtm_msglen) {
rtm = (struct rt_msghdr *)(void *)next;
if (rtm->rtm_version != RTM_VERSION)
continue;
switch (rtm->rtm_type) {
case GIM_RTM_ADDR:
ifmam = (struct ifma_msghdr2 *)(void *)rtm;
if ((ifmam->ifmam_addrs & RTA_IFA) == 0)
break;
p = (char *)(ifmam + 1);
for (i = 0; i < RTAX_MAX; i++) {
if ((RTA_MASKS & ifmam->ifmam_addrs &
(1 << i)) == 0)
continue;
sa = (struct sockaddr *)(void *)p;
len = SA_RLEN(sa);
switch (i) {
case RTAX_GATEWAY:
ift->ifma_lladdr =
(struct sockaddr *)(void *)data;
memcpy(data, p, len);
data += len;
break;
case RTAX_IFP:
ift->ifma_name =
(struct sockaddr *)(void *)data;
memcpy(data, p, len);
data += len;
break;
case RTAX_IFA:
ift->ifma_addr =
(struct sockaddr *)(void *)data;
memcpy(data, p, len);
data += len;
break;
default:
data += len;
break;
}
p += len;
}
ift->ifma_next = ift + 1;
ift = ift->ifma_next;
break;
}
}
free(buf);
if (ift > ifa) {
ift--;
ift->ifma_next = NULL;
*pif = ifa;
} else {
*pif = NULL;
free(ifa);
}
return (0);
}
static inline void _intl_freeifmaddrs(struct _intl_ifmaddrs *ifmp)
{
free(ifmp);
}
// --------------------------------------------------------------------------
// --------------------------------------------------------------------------
#include <string>
#include <map>
#include <set>
#include <algorithm>
#include "../node/Constants.hpp"
#include "../node/Utils.hpp"
#include "../node/Mutex.hpp"
#include "../node/Dictionary.hpp"
#include "Arp.hpp"
#include "OSUtils.hpp"
#include "OSXEthernetTap.hpp"
// ff:ff:ff:ff:ff:ff with no ADI
static const ZeroTier::MulticastGroup _blindWildcardMulticastGroup(ZeroTier::MAC(0xff),0);
static inline bool _setIpv6Stuff(const char *ifname,bool performNUD,bool acceptRouterAdverts)
{
struct in6_ndireq nd;
struct in6_ifreq ifr;
int s = socket(AF_INET6,SOCK_DGRAM,0);
if (s <= 0)
return false;
memset(&nd,0,sizeof(nd));
strncpy(nd.ifname,ifname,sizeof(nd.ifname));
if (ioctl(s,SIOCGIFINFO_IN6,&nd)) {
close(s);
return false;
}
unsigned long oldFlags = (unsigned long)nd.ndi.flags;
if (performNUD)
nd.ndi.flags |= ND6_IFF_PERFORMNUD;
else nd.ndi.flags &= ~ND6_IFF_PERFORMNUD;
if (oldFlags != (unsigned long)nd.ndi.flags) {
if (ioctl(s,SIOCSIFINFO_FLAGS,&nd)) {
close(s);
return false;
}
}
memset(&ifr,0,sizeof(ifr));
strncpy(ifr.ifr_name,ifname,sizeof(ifr.ifr_name));
if (ioctl(s,acceptRouterAdverts ? SIOCAUTOCONF_START : SIOCAUTOCONF_STOP,&ifr)) {
close(s);
return false;
}
close(s);
return true;
}
// Create an OSX-native utun device (utun# where # is desiredNumber)
// Adapted from public domain utun example code by Jonathan Levin
static int _make_utun(int desiredNumber)
{
struct sockaddr_ctl sc;
struct ctl_info ctlInfo;
struct ifreq ifr;
memset(&ctlInfo, 0, sizeof(ctlInfo));
if (strlcpy(ctlInfo.ctl_name, UTUN_CONTROL_NAME, sizeof(ctlInfo.ctl_name)) >= sizeof(ctlInfo.ctl_name)) {
return -1;
}
int fd = socket(PF_SYSTEM, SOCK_DGRAM, SYSPROTO_CONTROL);
if (fd == -1)
return -1;
if (ioctl(fd, CTLIOCGINFO, &ctlInfo) == -1) {
close(fd);
return -1;
}
sc.sc_id = ctlInfo.ctl_id;
sc.sc_len = sizeof(sc);
sc.sc_family = AF_SYSTEM;
sc.ss_sysaddr = AF_SYS_CONTROL;
sc.sc_unit = desiredNumber + 1;
if (connect(fd, (struct sockaddr *)&sc, sizeof(sc)) == -1) {
close(fd);
return -1;
}
memset(&ifr,0,sizeof(ifr));
sprintf(ifr.ifr_name,"utun%d",desiredNumber);
if (ioctl(fd,SIOCGIFFLAGS,(void *)&ifr) < 0) {
printf("SIOCGIFFLAGS failed\n");
}
ifr.ifr_flags &= ~IFF_POINTOPOINT;
if (ioctl(fd,SIOCSIFFLAGS,(void *)&ifr) < 0) {
printf("clear IFF_POINTOPOINT failed\n");
}
return fd;
}
namespace ZeroTier {
static long globalTapsRunning = 0;
static Mutex globalTapCreateLock;
OSXEthernetTap::OSXEthernetTap(
const char *homePath,
const MAC &mac,
unsigned int mtu,
unsigned int metric,
uint64_t nwid,
const char *friendlyName,
void (*handler)(void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *data,unsigned int len),
void *arg) :
_handler(handler),
_arg(arg),
_arp((Arp *)0),
_nwid(nwid),
_homePath(homePath),
_mtu(mtu),
_metric(metric),
_fd(0),
_utun(false),
_enabled(true)
{
char devpath[64],ethaddr[64],mtustr[32],metstr[32],nwids[32];
struct stat stattmp;
Utils::snprintf(nwids,sizeof(nwids),"%.16llx",nwid);
if (mtu > 2800)
throw std::runtime_error("max tap MTU is 2800");
Mutex::Lock _gl(globalTapCreateLock);
// Read remembered previous device name, if any -- we'll try to reuse
Dictionary devmap;
std::string desiredDevice;
{
std::string devmapbuf;
if (OSUtils::readFile((_homePath + ZT_PATH_SEPARATOR_S + "devicemap").c_str(),devmapbuf)) {
devmap.fromString(devmapbuf);
desiredDevice = devmap.get(nwids,"");
}
}
if (::stat((_homePath + ZT_PATH_SEPARATOR_S + "tap.kext").c_str(),&stattmp) == 0) {
// Try to init kext if it's there, otherwise revert to utun mode
if (::stat("/dev/zt0",&stattmp)) {
long kextpid = (long)vfork();
if (kextpid == 0) {
::chdir(homePath);
OSUtils::redirectUnixOutputs("/dev/null",(const char *)0);
::execl("/sbin/kextload","/sbin/kextload","-q","-repository",homePath,"tap.kext",(const char *)0);
::_exit(-1);
} else if (kextpid > 0) {
int exitcode = -1;
::waitpid(kextpid,&exitcode,0);
}
::usleep(500); // give tap device driver time to start up and try again
if (::stat("/dev/zt0",&stattmp))
_utun = true;
}
if (!_utun) {
// See if we can re-use the last device we had.
bool recalledDevice = false;
if (desiredDevice.length() > 2) {
Utils::snprintf(devpath,sizeof(devpath),"/dev/%s",desiredDevice.c_str());
if (stat(devpath,&stattmp) == 0) {
_fd = ::open(devpath,O_RDWR);
if (_fd > 0) {
_dev = desiredDevice;
recalledDevice = true;
}
}
}
// Open the first unused tap device if we didn't recall a previous one.
if (!recalledDevice) {
for(int i=0;i<64;++i) {
Utils::snprintf(devpath,sizeof(devpath),"/dev/zt%d",i);
if (stat(devpath,&stattmp)) {
_utun = true;
break;
}
_fd = ::open(devpath,O_RDWR);
if (_fd > 0) {
char foo[16];
Utils::snprintf(foo,sizeof(foo),"zt%d",i);
_dev = foo;
break;
}
}
}
if (_fd <= 0)
_utun = true;
}
} else {
_utun = true;
}
if (_utun) {
// Use OSX built-in utun device if kext is not available or doesn't work
int utunNo = 0;
if ((desiredDevice.length() > 4)&&(desiredDevice.substr(0,4) == "utun")) {
utunNo = Utils::strToInt(desiredDevice.substr(4).c_str());
if (utunNo >= 0)
_fd = _make_utun(utunNo);
}
if (_fd <= 0) {
// Start at utun8 to leave lower utuns unused since other stuff might
// want them -- OpenVPN, cjdns, etc. I'm not sure if those are smart
// enough to scan upward like this.
for(utunNo=8;utunNo<=256;++utunNo) {
if ((_fd = _make_utun(utunNo)) > 0)
break;
}
}
if (_fd <= 0)
throw std::runtime_error("unable to find/load ZeroTier tap driver OR use built-in utun driver in OSX; permission or system problem or too many open devices?");
Utils::snprintf(devpath,sizeof(devpath),"utun%d",utunNo);
_dev = devpath;
// Configure address and bring it up
Utils::snprintf(mtustr,sizeof(mtustr),"%u",_mtu);
Utils::snprintf(metstr,sizeof(metstr),"%u",_metric);
long cpid = (long)vfork();
if (cpid == 0) {
::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"mtu",mtustr,"metric",metstr,"up",(const char *)0);
::_exit(-1);
} else if (cpid > 0) {
int exitcode = -1;
::waitpid(cpid,&exitcode,0);
if (exitcode) {
::close(_fd);
throw std::runtime_error("ifconfig failure activating utun interface");
}
}
} else {
// Use our ZeroTier OSX tun/tap driver for zt# Ethernet tap device
if (fcntl(_fd,F_SETFL,fcntl(_fd,F_GETFL) & ~O_NONBLOCK) == -1) {
::close(_fd);
throw std::runtime_error("unable to set flags on file descriptor for TAP device");
}
// Configure MAC address and MTU, bring interface up
Utils::snprintf(ethaddr,sizeof(ethaddr),"%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",(int)mac[0],(int)mac[1],(int)mac[2],(int)mac[3],(int)mac[4],(int)mac[5]);
Utils::snprintf(mtustr,sizeof(mtustr),"%u",_mtu);
Utils::snprintf(metstr,sizeof(metstr),"%u",_metric);
long cpid = (long)vfork();
if (cpid == 0) {
::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"lladdr",ethaddr,"mtu",mtustr,"metric",metstr,"up",(const char *)0);
::_exit(-1);
} else if (cpid > 0) {
int exitcode = -1;
::waitpid(cpid,&exitcode,0);
if (exitcode) {
::close(_fd);
throw std::runtime_error("ifconfig failure setting link-layer address and activating tap interface");
}
}
_setIpv6Stuff(_dev.c_str(),true,false);
}
// Set close-on-exec so that devices cannot persist if we fork/exec for update
fcntl(_fd,F_SETFD,fcntl(_fd,F_GETFD) | FD_CLOEXEC);
::pipe(_shutdownSignalPipe);
++globalTapsRunning;
devmap[nwids] = _dev;
OSUtils::writeFile((_homePath + ZT_PATH_SEPARATOR_S + "devicemap").c_str(),devmap.toString());
_thread = Thread::start(this);
}
OSXEthernetTap::~OSXEthernetTap()
{
Mutex::Lock _gl(globalTapCreateLock);
::write(_shutdownSignalPipe[1],(const void *)this,1); // writing a byte causes thread to exit
Thread::join(_thread);
::close(_fd);
::close(_shutdownSignalPipe[0]);
::close(_shutdownSignalPipe[1]);
if (_utun) {
delete _arp;
} else {
if (--globalTapsRunning <= 0) {
globalTapsRunning = 0; // sanity check -- should not be possible
char tmp[16384];
sprintf(tmp,"%s/%s",_homePath.c_str(),"tap.kext");
long kextpid = (long)vfork();
if (kextpid == 0) {
OSUtils::redirectUnixOutputs("/dev/null",(const char *)0);
::execl("/sbin/kextunload","/sbin/kextunload",tmp,(const char *)0);
::_exit(-1);
} else if (kextpid > 0) {
int exitcode = -1;
::waitpid(kextpid,&exitcode,0);
}
}
}
}
void OSXEthernetTap::setEnabled(bool en)
{
_enabled = en;
// TODO: interface status change
}
bool OSXEthernetTap::enabled() const
{
return _enabled;
}
static bool ___removeIp(const std::string &_dev,const InetAddress &ip)
{
long cpid = (long)vfork();
if (cpid == 0) {
execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"inet",ip.toIpString().c_str(),"-alias",(const char *)0);
_exit(-1);
} else if (cpid > 0) {
int exitcode = -1;
waitpid(cpid,&exitcode,0);
return (exitcode == 0);
}
return false; // never reached, make compiler shut up about return value
}
bool OSXEthernetTap::addIp(const InetAddress &ip)
{
if (!ip)
return false;
std::vector<InetAddress> allIps(ips());
if (std::binary_search(allIps.begin(),allIps.end(),ip))
return true;
// Remove and reconfigure if address is the same but netmask is different
for(std::vector<InetAddress>::iterator i(allIps.begin());i!=allIps.end();++i) {
if ((i->ipsEqual(ip))&&(i->netmaskBits() != ip.netmaskBits())) {
if (___removeIp(_dev,*i))
break;
}
}
if (_utun) {
long cpid = (long)vfork();
if (cpid == 0) {
if (ip.ss_family == AF_INET6) {
::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"inet6",ip.toString().c_str(),"alias",(const char *)0);
} else {
::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),ip.toString().c_str(),ip.toIpString().c_str(),"alias",(const char *)0);
}
::_exit(-1);
} else if (cpid > 0) {
int exitcode = -1;
::waitpid(cpid,&exitcode,0);
if (exitcode == 0) {
if (ip.ss_family == AF_INET) {
// Add route to network over tun for IPv4 -- otherwise it behaves
// as a simple point to point tunnel instead of a true route.
cpid = (long)vfork();
if (cpid == 0) {
::close(STDERR_FILENO);
::close(STDOUT_FILENO);
::execl("/sbin/route","/sbin/route","add",ip.network().toString().c_str(),ip.toIpString().c_str(),(const char *)0);
::exit(-1);
} else if (cpid > 0) {
int exitcode = -1;
::waitpid(cpid,&exitcode,0);
return (exitcode == 0);
}
} else return true;
}
}
} else {
long cpid = (long)vfork();
if (cpid == 0) {
::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),ip.isV4() ? "inet" : "inet6",ip.toString().c_str(),"alias",(const char *)0);
::_exit(-1);
} else if (cpid > 0) {
int exitcode = -1;
::waitpid(cpid,&exitcode,0);
return (exitcode == 0);
}
}
return false;
}
bool OSXEthernetTap::removeIp(const InetAddress &ip)
{
if (!ip)
return true;
std::vector<InetAddress> allIps(ips());
if (!std::binary_search(allIps.begin(),allIps.end(),ip)) {
if (___removeIp(_dev,ip))
return true;
}
return false;
}
std::vector<InetAddress> OSXEthernetTap::ips() const
{
struct ifaddrs *ifa = (struct ifaddrs *)0;
if (getifaddrs(&ifa))
return std::vector<InetAddress>();
std::vector<InetAddress> r;
struct ifaddrs *p = ifa;
while (p) {
if ((!strcmp(p->ifa_name,_dev.c_str()))&&(p->ifa_addr)&&(p->ifa_netmask)&&(p->ifa_addr->sa_family == p->ifa_netmask->sa_family)) {
switch(p->ifa_addr->sa_family) {
case AF_INET: {
struct sockaddr_in *sin = (struct sockaddr_in *)p->ifa_addr;
struct sockaddr_in *nm = (struct sockaddr_in *)p->ifa_netmask;
r.push_back(InetAddress(&(sin->sin_addr.s_addr),4,Utils::countBits((uint32_t)nm->sin_addr.s_addr)));
} break;
case AF_INET6: {
struct sockaddr_in6 *sin = (struct sockaddr_in6 *)p->ifa_addr;
struct sockaddr_in6 *nm = (struct sockaddr_in6 *)p->ifa_netmask;
uint32_t b[4];
memcpy(b,nm->sin6_addr.s6_addr,sizeof(b));
r.push_back(InetAddress(sin->sin6_addr.s6_addr,16,Utils::countBits(b[0]) + Utils::countBits(b[1]) + Utils::countBits(b[2]) + Utils::countBits(b[3])));
} break;
}
}
p = p->ifa_next;
}
if (ifa)
freeifaddrs(ifa);
std::sort(r.begin(),r.end());
std::unique(r.begin(),r.end());
return r;
}
void OSXEthernetTap::put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len)
{
char putBuf[4096];
if ((_fd > 0)&&(len <= _mtu)&&(_enabled)) {
to.copyTo(putBuf,6);
from.copyTo(putBuf + 6,6);
*((uint16_t *)(putBuf + 12)) = htons((uint16_t)etherType);
memcpy(putBuf + 14,data,len);
len += 14;
::write(_fd,putBuf,len);
}
}
std::string OSXEthernetTap::deviceName() const
{
return _dev;
}
void OSXEthernetTap::setFriendlyName(const char *friendlyName)
{
}
void OSXEthernetTap::scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed)
{
std::vector<MulticastGroup> newGroups;
struct _intl_ifmaddrs *ifmap = (struct _intl_ifmaddrs *)0;
if (!_intl_getifmaddrs(&ifmap)) {
struct _intl_ifmaddrs *p = ifmap;
while (p) {
if (p->ifma_addr->sa_family == AF_LINK) {
struct sockaddr_dl *in = (struct sockaddr_dl *)p->ifma_name;
struct sockaddr_dl *la = (struct sockaddr_dl *)p->ifma_addr;
if ((la->sdl_alen == 6)&&(in->sdl_nlen <= _dev.length())&&(!memcmp(_dev.data(),in->sdl_data,in->sdl_nlen)))
newGroups.push_back(MulticastGroup(MAC(la->sdl_data + la->sdl_nlen,6),0));
}
p = p->ifma_next;
}
_intl_freeifmaddrs(ifmap);
}
std::vector<InetAddress> allIps(ips());
for(std::vector<InetAddress>::iterator ip(allIps.begin());ip!=allIps.end();++ip)
newGroups.push_back(MulticastGroup::deriveMulticastGroupForAddressResolution(*ip));
std::sort(newGroups.begin(),newGroups.end());
std::unique(newGroups.begin(),newGroups.end());
for(std::vector<MulticastGroup>::iterator m(newGroups.begin());m!=newGroups.end();++m) {
if (!std::binary_search(_multicastGroups.begin(),_multicastGroups.end(),*m))
added.push_back(*m);
}
for(std::vector<MulticastGroup>::iterator m(_multicastGroups.begin());m!=_multicastGroups.end();++m) {
if (!std::binary_search(newGroups.begin(),newGroups.end(),*m))
removed.push_back(*m);
}
_multicastGroups.swap(newGroups);
}
void OSXEthernetTap::threadMain()
throw()
{
fd_set readfds,nullfds;
MAC to,from;
int n,nfds,r;
char getBuf[8194];
Thread::sleep(500);
FD_ZERO(&readfds);
FD_ZERO(&nullfds);
nfds = (int)std::max(_shutdownSignalPipe[0],_fd) + 1;
r = 0;
for(;;) {
FD_SET(_shutdownSignalPipe[0],&readfds);
FD_SET(_fd,&readfds);
select(nfds,&readfds,&nullfds,&nullfds,(struct timeval *)0);
if (FD_ISSET(_shutdownSignalPipe[0],&readfds)) // writes to shutdown pipe terminate thread
break;
if (FD_ISSET(_fd,&readfds)) {
n = (int)::read(_fd,getBuf + r,sizeof(getBuf) - r);
if (n < 0) {
if ((errno != EINTR)&&(errno != ETIMEDOUT))
break;
} else {
// Some tap drivers like to send the ethernet frame and the
// payload in two chunks, so handle that by accumulating
// data until we have at least a frame.
r += n;
if (r > 14) {
if (r > ((int)_mtu + 14)) // sanity check for weird TAP behavior on some platforms
r = _mtu + 14;
if (_enabled) {
to.setTo(getBuf,6);
from.setTo(getBuf + 6,6);
unsigned int etherType = ntohs(((const uint16_t *)getBuf)[6]);
// TODO: VLAN support
_handler(_arg,_nwid,from,to,etherType,0,(const void *)(getBuf + 14),r - 14);
}
r = 0;
}
}
}
}
}
} // namespace ZeroTier

96
attic/OSXEthernetTap.hpp.pcap-with-bridge-test
View file

@ -1,96 +0,0 @@
/*
* ZeroTier One - Network Virtualization Everywhere
* Copyright (C) 2011-2015 ZeroTier, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* --
*
* ZeroTier may be used and distributed under the terms of the GPLv3, which
* are available at: http://www.gnu.org/licenses/gpl-3.0.html
*
* If you would like to embed ZeroTier into a commercial application or
* redistribute it in a modified binary form, please contact ZeroTier Networks
* LLC. Start here: http://www.zerotier.com/
*/
#ifndef ZT_OSXETHERNETTAP_HPP
#define ZT_OSXETHERNETTAP_HPP
#include <stdio.h>
#include <stdlib.h>
#include <stdexcept>
#include <string>
#include <vector>
#include "../node/Constants.hpp"
#include "../node/MAC.hpp"
#include "../node/InetAddress.hpp"
#include "../node/MulticastGroup.hpp"
#include "Thread.hpp"
namespace ZeroTier {
/**
* OSX Ethernet tap using ZeroTier kernel extension zt# devices
*/
class OSXEthernetTap
{
public:
OSXEthernetTap(
const char *homePath,
const MAC &mac,
unsigned int mtu,
unsigned int metric,
uint64_t nwid,
const char *friendlyName,
void (*handler)(void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
void *arg);
~OSXEthernetTap();
inline void setEnabled(bool en) { _enabled = en; }
inline bool enabled() const { return _enabled; }
bool addIp(const InetAddress &ip);
bool removeIp(const InetAddress &ip);
std::vector<InetAddress> ips() const;
void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
std::string deviceName() const;
void setFriendlyName(const char *friendlyName);
void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
void threadMain()
throw();
// Private members of OSXEthernetTap have public visibility to be accessable
// from an internal bounce function; don't modify directly.
void (*_handler)(void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int);
void *_arg;
void *_pcap; // pcap_t *
uint64_t _nwid;
MAC _mac;
Thread _thread;
std::string _homePath;
std::string _dev;
std::vector<MulticastGroup> _multicastGroups;
unsigned int _mtu;
unsigned int _metric;
volatile bool _enabled;
};
} // namespace ZeroTier
#endif

101
attic/OSXEthernetTap.hpp.utun-work-in-progress
View file

@ -1,101 +0,0 @@
/*
* ZeroTier One - Network Virtualization Everywhere
* Copyright (C) 2011-2015 ZeroTier, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* --
*
* ZeroTier may be used and distributed under the terms of the GPLv3, which
* are available at: http://www.gnu.org/licenses/gpl-3.0.html
*
* If you would like to embed ZeroTier into a commercial application or
* redistribute it in a modified binary form, please contact ZeroTier Networks
* LLC. Start here: http://www.zerotier.com/
*/
#ifndef ZT_OSXETHERNETTAP_HPP
#define ZT_OSXETHERNETTAP_HPP
#include <stdio.h>
#include <stdlib.h>
#include <stdexcept>
#include <string>
#include <vector>
#include "../node/Constants.hpp"
#include "../node/MAC.hpp"
#include "../node/InetAddress.hpp"
#include "../node/MulticastGroup.hpp"
#include "Thread.hpp"
namespace ZeroTier {
class Arp;
/**
* OSX Ethernet tap supporting either ZeroTier tun/tap kext or OSX-native utun
*/
class OSXEthernetTap
{
public:
OSXEthernetTap(
const char *homePath,
const MAC &mac,
unsigned int mtu,
unsigned int metric,
uint64_t nwid,
const char *friendlyName,
void (*handler)(void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
void *arg);
~OSXEthernetTap();
void setEnabled(bool en);
bool enabled() const;
bool addIp(const InetAddress &ip);
bool removeIp(const InetAddress &ip);
std::vector<InetAddress> ips() const;
void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
std::string deviceName() const;
void setFriendlyName(const char *friendlyName);
void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
inline bool isNativeUtun() const { return _utun; }
void threadMain()
throw();
private:
void (*_handler)(void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int);
void *_arg;
Arp *_arp; // created and used if utun is enabled
uint64_t _nwid;
Thread _thread;
std::string _homePath;
std::string _dev;
std::vector<MulticastGroup> _multicastGroups;
unsigned int _mtu;
unsigned int _metric;
int _fd;
int _shutdownSignalPipe[2];
bool _utun;
volatile bool _enabled;
};
} // namespace ZeroTier
#endif

4
attic/README.md
View file

@ -1,4 +0,0 @@
Retired Code and Miscellaneous Junk
======
This directory is for old code that isn't used but we don't want to lose track of, and for anything else random like debug scripts.

459
attic/WinUI/APIHandler.cs Normal file
View file

@ -0,0 +1,459 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Net;
using System.IO;
using System.Windows;
using Newtonsoft.Json;
using System.Diagnostics;
using System.Windows.Threading;
namespace WinUI
{
public class APIHandler
{
private string authtoken;
private string url = null;
private static volatile APIHandler instance;
private static object syncRoot = new Object();
public delegate void NetworkListCallback(List<ZeroTierNetwork> networks);
public delegate void StatusCallback(ZeroTierStatus status);
private string ZeroTierAddress = "";
public static APIHandler Instance
{
get
{
if (instance == null)
{
lock (syncRoot)
{
if (instance == null)
{
if (!initHandler())
{
return null;
}
}
}
}
return instance;
}
}
private static bool initHandler(bool resetToken = false)
{
String localZtDir = Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData) + "\\ZeroTier\\One";
String globalZtDir = Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData) + "\\ZeroTier\\One";
String authToken = "";
Int32 port = 9993;
if (resetToken)
{
instance = null;
if (File.Exists(localZtDir + "\\authtoken.secret"))
{
File.Delete(localZtDir + "\\authtoken.secret");
}
if (File.Exists(localZtDir + "\\zerotier-one.port"))
{
File.Delete(localZtDir + "\\zerotier-one.port");
}
}
if (!File.Exists(localZtDir + "\\authtoken.secret") || !File.Exists(localZtDir + "\\zerotier-one.port"))
{
// launch external process to copy file into place
String curPath = System.Reflection.Assembly.GetEntryAssembly().Location;
int index = curPath.LastIndexOf("\\");
curPath = curPath.Substring(0, index);
ProcessStartInfo startInfo = new ProcessStartInfo(curPath + "\\copyutil.exe", "\"" + globalZtDir + "\"" + " " + "\"" + localZtDir + "\"");
startInfo.Verb = "runas";
var process = Process.Start(startInfo);
process.WaitForExit();
}
authToken = readAuthToken(localZtDir + "\\authtoken.secret");
if ((authToken == null) || (authToken.Length <= 0))
{
MessageBox.Show("Unable to read ZeroTier One authtoken", "ZeroTier One");
return false;
}
port = readPort(localZtDir + "\\zerotier-one.port");
instance = new APIHandler(port, authToken);
return true;
}
private static String readAuthToken(String path)
{
String authToken = "";
if (File.Exists(path))
{
try
{
byte[] tmp = File.ReadAllBytes(path);
authToken = System.Text.Encoding.UTF8.GetString(tmp).Trim();
}
catch
{
MessageBox.Show("Unable to read ZeroTier One Auth Token from:\r\n" + path, "ZeroTier One");
}
}
return authToken;
}
private static Int32 readPort(String path)
{
Int32 port = 9993;
try
{
byte[] tmp = File.ReadAllBytes(path);
port = Int32.Parse(System.Text.Encoding.ASCII.GetString(tmp).Trim());
if ((port <= 0) || (port > 65535))
port = 9993;
}
catch
{
}
return port;
}
private APIHandler()
{
url = "http://127.0.0.1:9993";
}
public APIHandler(int port, string authtoken)
{
url = "http://127.0.0.1:" + port;
this.authtoken = authtoken;
}
public void GetStatus(StatusCallback cb)
{
var request = WebRequest.Create(url + "/status" + "?auth=" + authtoken) as HttpWebRequest;
if (request != null)
{
request.Method = "GET";
request.ContentType = "application/json";
}
try
{
var httpResponse = (HttpWebResponse)request.GetResponse();
if (httpResponse.StatusCode == HttpStatusCode.OK)
{
using (var streamReader = new StreamReader(httpResponse.GetResponseStream()))
{
var responseText = streamReader.ReadToEnd();
ZeroTierStatus status = null;
try
{
status = JsonConvert.DeserializeObject<ZeroTierStatus>(responseText);
if (ZeroTierAddress != status.Address)
{
ZeroTierAddress = status.Address;
}
}
catch (JsonReaderException e)
{
Console.WriteLine(e.ToString());
}
cb(status);
}
}
else if (httpResponse.StatusCode == HttpStatusCode.Unauthorized)
{
APIHandler.initHandler(true);
}
}
catch (System.Net.Sockets.SocketException)
{
cb(null);
}
catch (System.Net.WebException e)
{
HttpWebResponse res = (HttpWebResponse)e.Response;
if (res != null && res.StatusCode == HttpStatusCode.Unauthorized)
{
APIHandler.initHandler(true);
}
else
{
cb(null);
}
}
}
public void GetNetworks(NetworkListCallback cb)
{
var request = WebRequest.Create(url + "/network" + "?auth=" + authtoken) as HttpWebRequest;
if (request == null)
{
cb(null);
}
request.Method = "GET";
request.ContentType = "application/json";
request.Timeout = 10000;
try
{
var httpResponse = (HttpWebResponse)request.GetResponse();
if (httpResponse.StatusCode == HttpStatusCode.OK)
{
using (var streamReader = new StreamReader(httpResponse.GetResponseStream()))
{
var responseText = streamReader.ReadToEnd();
List<ZeroTierNetwork> networkList = null;
try
{
networkList = JsonConvert.DeserializeObject<List<ZeroTierNetwork>>(responseText);
foreach (ZeroTierNetwork n in networkList)
{
// all networks received via JSON are connected by definition
n.IsConnected = true;
}
}
catch (JsonReaderException e)
{
Console.WriteLine(e.ToString());
}
cb(networkList);
}
}
else if (httpResponse.StatusCode == HttpStatusCode.Unauthorized)
{
APIHandler.initHandler(true);
}
}
catch (System.Net.Sockets.SocketException)
{
cb(null);
}
catch (System.Net.WebException e)
{
HttpWebResponse res = (HttpWebResponse)e.Response;
if (res != null && res.StatusCode == HttpStatusCode.Unauthorized)
{
APIHandler.initHandler(true);
}
else
{
cb(null);
}
}
}
public void JoinNetwork(Dispatcher d, string nwid, bool allowManaged = true, bool allowGlobal = false, bool allowDefault = false, bool allowDNS = false)
{
Task.Factory.StartNew(() =>
{
var request = WebRequest.Create(url + "/network/" + nwid + "?auth=" + authtoken) as HttpWebRequest;
if (request == null)
{
return;
}
request.Method = "POST";
request.ContentType = "applicaiton/json";
request.Timeout = 30000;
try
{
using (var streamWriter = new StreamWriter(((HttpWebRequest)request).GetRequestStream()))
{
string json = "{\"allowManaged\":" + (allowManaged ? "true" : "false") + "," +
"\"allowGlobal\":" + (allowGlobal ? "true" : "false") + "," +
"\"allowDefault\":" + (allowDefault ? "true" : "false") + "," +
"\"allowDNS\":" + (allowDNS ? "true" : "false") + "}";
streamWriter.Write(json);
streamWriter.Flush();
streamWriter.Close();
}
}
catch (System.Net.WebException)
{
d.BeginInvoke(DispatcherPriority.Normal, new Action(() =>
{
MessageBox.Show("Error Joining Network: Cannot connect to ZeroTier service.");
}));
return;
}
try
{
var httpResponse = (HttpWebResponse)request.GetResponse();
if (httpResponse.StatusCode == HttpStatusCode.Unauthorized)
{
APIHandler.initHandler(true);
}
else if (httpResponse.StatusCode != HttpStatusCode.OK)
{
Console.WriteLine("Error sending join network message");
}
}
catch (System.Net.Sockets.SocketException)
{
d.BeginInvoke(DispatcherPriority.Normal, new Action(() =>
{
MessageBox.Show("Error Joining Network: Cannot connect to ZeroTier service.");
}));
}
catch (System.Net.WebException e)
{
HttpWebResponse res = (HttpWebResponse)e.Response;
if (res != null && res.StatusCode == HttpStatusCode.Unauthorized)
{
APIHandler.initHandler(true);
}
d.BeginInvoke(DispatcherPriority.Normal, new Action(() =>
{
MessageBox.Show("Error Joining Network: Cannot connect to ZeroTier service.");
}));
}
});
}
public void LeaveNetwork(Dispatcher d, string nwid)
{
Task.Factory.StartNew(() =>
{
var request = WebRequest.Create(url + "/network/" + nwid + "?auth=" + authtoken) as HttpWebRequest;
if (request == null)
{
return;
}
request.Method = "DELETE";
request.Timeout = 30000;
try
{
var httpResponse = (HttpWebResponse)request.GetResponse();
if (httpResponse.StatusCode == HttpStatusCode.Unauthorized)
{
APIHandler.initHandler(true);
}
else if (httpResponse.StatusCode != HttpStatusCode.OK)
{
Console.WriteLine("Error sending leave network message");
}
}
catch (System.Net.Sockets.SocketException)
{
d.BeginInvoke(DispatcherPriority.Normal, new Action(() =>
{
MessageBox.Show("Error Leaving Network: Cannot connect to ZeroTier service.");
}));
}
catch (System.Net.WebException e)
{
HttpWebResponse res = (HttpWebResponse)e.Response;
if (res != null && res.StatusCode == HttpStatusCode.Unauthorized)
{
APIHandler.initHandler(true);
}
d.BeginInvoke(DispatcherPriority.Normal, new Action(() =>
{
MessageBox.Show("Error Leaving Network: Cannot connect to ZeroTier service.");
}));
}
catch
{
Console.WriteLine("Error leaving network: Unknown error");
}
});
}
public delegate void PeersCallback(List<ZeroTierPeer> peers);
public void GetPeers(PeersCallback cb)
{
var request = WebRequest.Create(url + "/peer" + "?auth=" + authtoken) as HttpWebRequest;
if (request == null)
{
cb(null);
}
request.Method = "GET";
request.ContentType = "application/json";
try
{
var httpResponse = (HttpWebResponse)request.GetResponse();
if (httpResponse.StatusCode == HttpStatusCode.OK)
{
using (var streamReader = new StreamReader(httpResponse.GetResponseStream()))
{
var responseText = streamReader.ReadToEnd();
//Console.WriteLine(responseText);
List<ZeroTierPeer> peerList = null;
try
{
peerList = JsonConvert.DeserializeObject<List<ZeroTierPeer>>(responseText);
}
catch (JsonReaderException e)
{
Console.WriteLine(e.ToString());
}
cb(peerList);
}
}
else if (httpResponse.StatusCode == HttpStatusCode.Unauthorized)
{
APIHandler.initHandler(true);
}
}
catch (System.Net.Sockets.SocketException)
{
cb(null);
}
catch (System.Net.WebException e)
{
HttpWebResponse res = (HttpWebResponse)e.Response;
if (res != null && res.StatusCode == HttpStatusCode.Unauthorized)
{
APIHandler.initHandler(true);
}
else
{
cb(null);
}
}
}
public string NodeAddress()
{
return ZeroTierAddress;
}
}
}

4
windows/WinUI/AboutView.xaml → attic/WinUI/AboutView.xaml
View file

@ -19,9 +19,9 @@
<Run Text="ZeroTier One"/> <Run Text="ZeroTier One"/>
</Paragraph> </Paragraph>
<Paragraph TextAlignment="Center"> <Paragraph TextAlignment="Center">
<Run FontSize="14" Text="Version 1.2.2"/> <Run FontSize="14" Text="Version 1.6.6"/>
<LineBreak/> <LineBreak/>
<Run FontSize="14" Text="(c) 2011-2017 ZeroTier, Inc."/> <Run FontSize="14" Text="(c) 2011-2021 ZeroTier, Inc."/>
<LineBreak/> <LineBreak/>
<Run FontSize="14" Text="www.zerotier.com"/> <Run FontSize="14" Text="www.zerotier.com"/>
</Paragraph> </Paragraph>

0
windows/WinUI/AboutView.xaml.cs → attic/WinUI/AboutView.xaml.cs
View file

0
windows/WinUI/App.config → attic/WinUI/App.config
View file

0
windows/WinUI/App.xaml → attic/WinUI/App.xaml
View file

0
windows/WinUI/App.xaml.cs → attic/WinUI/App.xaml.cs
View file

256
attic/WinUI/CentralAPI.cs Normal file
View file

@ -0,0 +1,256 @@
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Text;
using System.Threading.Tasks;
using Newtonsoft.Json;
namespace WinUI
{
class CentralAPI
{
private static volatile CentralAPI instance;
private static object syncRoot = new Object();
private CookieContainer cookieContainer;
private HttpClientHandler clientHandler;
private HttpClient client;
private CentralServer server;
public CentralServer Central
{
get
{
return this.server;
}
set
{
this.server = value;
WriteCentralConfig();
UpdateRequestHeaders();
}
}
public static CentralAPI Instance
{
get
{
if (instance == null)
{
lock (syncRoot)
{
if (instance == null)
{
instance = new CentralAPI();
}
}
}
return instance;
}
}
private CentralAPI()
{
#if DEBUG
ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
#endif
cookieContainer = new CookieContainer();
clientHandler = new HttpClientHandler
{
AllowAutoRedirect = true,
UseCookies = true,
CookieContainer = cookieContainer
};
client = new HttpClient(clientHandler);
string centralConfigPath = CentralConfigFile();
if (File.Exists(centralConfigPath))
{
byte[] tmp = File.ReadAllBytes(centralConfigPath);
string json = Encoding.UTF8.GetString(tmp).Trim();
CentralServer ctmp = JsonConvert.DeserializeObject<CentralServer>(json);
if (ctmp != null)
{
Central = ctmp;
}
else
{
Central = new CentralServer();
}
}
else
{
Central = new CentralServer();
}
}
public bool HasAccessToken()
{
if (Central == null)
return false;
return !string.IsNullOrEmpty(Central.APIKey);
}
private string ZeroTierDir()
{
return Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData) + "\\ZeroTier\\One";
}
private string CentralConfigFile()
{
return ZeroTierDir() + "\\central.conf";
}
public void WriteCentralConfig()
{
string json = JsonConvert.SerializeObject(Central);
byte[] tmp = Encoding.UTF8.GetBytes(json);
if (tmp != null)
{
File.WriteAllBytes(CentralConfigFile(), tmp);
}
}
private void UpdateRequestHeaders()
{
if (client.DefaultRequestHeaders.Contains("Authorization"))
{
client.DefaultRequestHeaders.Remove("Authorization");
}
if (!string.IsNullOrEmpty(Central.APIKey))
{
client.DefaultRequestHeaders.Add("Authorization", "bearer " + Central.APIKey);
}
}
public async Task<bool> Login(string email, string password, bool isNewUser)
{
string postURL = Central.ServerURL + "/api/_auth/local";
CentralLogin login = new CentralLogin(email, password, isNewUser);
var content = new StringContent(JsonConvert.SerializeObject(login), Encoding.UTF8, "application/json");
HttpResponseMessage response = await client.PostAsync(postURL, content);
if (!response.IsSuccessStatusCode)
{
return false;
}
string resContent = await response.Content.ReadAsStringAsync();
CentralUser user = JsonConvert.DeserializeObject<CentralUser>(resContent);
if (user.Tokens.Count == 0)
{
// create token
user = await CreateAuthToken(user);
}
Central.APIKey = user.Tokens[0];
UpdateRequestHeaders();
WriteCentralConfig();
return true;
}
public async Task<CentralUser> CreateAuthToken(CentralUser user)
{
string randomTokenURL = Central.ServerURL + "/api/randomToken";
HttpResponseMessage response = await client.GetAsync(randomTokenURL);
if (!response.IsSuccessStatusCode)
{
// TODO: throw an error
return null;
}
string resContent = await response.Content.ReadAsStringAsync();
CentralToken t = JsonConvert.DeserializeObject<CentralToken>(resContent);
user.Tokens.Add(t.Token);
string tokenObj = "{ \"tokens\": " + JsonConvert.SerializeObject(user.Tokens) + " } ";
string postURL = Central.ServerURL + "/api/user/" + user.Id;
var postContent = new StringContent(tokenObj, Encoding.UTF8, "application/json");
response = await client.PostAsync(postURL, postContent);
if (!response.IsSuccessStatusCode)
{
// TODO: thrown an error
return null;
}
resContent = await response.Content.ReadAsStringAsync();
user = JsonConvert.DeserializeObject<CentralUser>(resContent);
return user;
}
public async Task<List<CentralNetwork>> GetNetworkList()
{
string networkURL = Central.ServerURL + "/api/network";
HttpResponseMessage response = await client.GetAsync(networkURL);
if (!response.IsSuccessStatusCode)
{
// TODO: Throw Error
return new List<CentralNetwork>();
}
string resContent = await response.Content.ReadAsStringAsync();
List<CentralNetwork> networkList = JsonConvert.DeserializeObject<List<CentralNetwork>>(resContent);
return networkList;
}
public async Task<CentralNetwork> CreateNewNetwork()
{
string networkURL = Central.ServerURL + "/api/network?easy=1";
CentralNetwork network = new CentralNetwork();
network.Config = new CentralNetwork.CentralNetworkConfig();
network.Config.Name = NetworkNameGenerator.GenerateName();
string jsonNetwork = JsonConvert.SerializeObject(network);
var postContent = new StringContent(jsonNetwork, Encoding.UTF8, "application/json");
HttpResponseMessage response = await client.PostAsync(networkURL, postContent);
if (!response.IsSuccessStatusCode)
{
return null;
}
string resContent = await response.Content.ReadAsStringAsync();
CentralNetwork newNetwork = JsonConvert.DeserializeObject<CentralNetwork>(resContent);
return newNetwork;
}
public async Task<bool> AuthorizeNode(string nodeAddress, string networkId)
{
string json = "{ \"config\": { \"authorized\": true } }";
string postURL = Central.ServerURL + "/api/network/" + networkId + "/member/" + nodeAddress;
var postContent = new StringContent(json, Encoding.UTF8, "application/json");
HttpResponseMessage response = await client.PostAsync(postURL, postContent);
if (response.IsSuccessStatusCode)
{
return true;
}
return false;
}
}
}

30
attic/WinUI/CentralLogin.cs Normal file
View file

@ -0,0 +1,30 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using Newtonsoft.Json;
namespace WinUI
{
class CentralLogin
{
public CentralLogin(string email, string password, bool isNew)
{
Login = email;
Password = password;
IsNew = isNew;
}
[JsonProperty("login")]
public string Login { get; set; }
[JsonProperty("password")]
public string Password { get; set; }
[JsonProperty("register")]
public bool IsNew { get; set; }
}
}

48
attic/WinUI/CentralNetwork.cs Normal file
View file

@ -0,0 +1,48 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using Newtonsoft.Json;
namespace WinUI
{
class CentralNetwork
{
[JsonProperty("id")]
public string Id { get; set; }
[JsonProperty("type")]
public string Type { get; set; }
[JsonProperty("clock")]
public UInt64 Clock { get; set; }
[JsonProperty("rulesSource")]
public string RulesSource { get; set; }
[JsonProperty("description")]
public string Description { get; set; }
[JsonProperty("ownerId")]
public string OwnerID { get; set; }
[JsonProperty("onlineMemberCount")]
public int OnlineMemberCount { get; set; }
[JsonProperty("config")]
public CentralNetworkConfig Config { get; set; }
public class CentralNetworkConfig
{
[JsonProperty("id")]
public string Id { get; set; }
[JsonProperty("nwid")]
public string NetworkID { get; set; }
[JsonProperty("name")]
public string Name { get; set; }
}
}
}

23
attic/WinUI/CentralServer.cs Normal file
View file

@ -0,0 +1,23 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using Newtonsoft.Json;
namespace WinUI
{
class CentralServer
{
public CentralServer()
{
ServerURL = "https://my.zerotier.com";
}
[JsonProperty("server_url")]
public string ServerURL { get; set; }
[JsonProperty("api_key")]
public string APIKey { get; set; }
}
}

21
attic/WinUI/CentralToken.cs Normal file
View file

@ -0,0 +1,21 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using Newtonsoft.Json;
namespace WinUI
{
class CentralToken
{
[JsonProperty("token")]
public string Token { get; set; }
[JsonProperty("clock")]
public UInt64 Clock { get; set; }
[JsonProperty("raw")]
public string Raw { get; set; }
}
}

51
attic/WinUI/CentralUser.cs Normal file
View file

@ -0,0 +1,51 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using Newtonsoft.Json;
namespace WinUI
{
class CentralUser
{
public class CentralGlobalPermissions
{
[JsonProperty("a")]
public bool Administrator { get; set; }
[JsonProperty("d")]
public bool Delete { get; set; }
[JsonProperty("m")]
public bool Modify { get; set; }
[JsonProperty("r")]
public bool Read { get; set; }
}
[JsonProperty("id")]
public string Id { get; set; }
[JsonProperty("type")]
public string Type { get; set; }
[JsonProperty("clock")]
public UInt64 Clock { get; set; }
[JsonProperty("globalPermissions")]
public CentralGlobalPermissions GlobalPermissions { get; set; }
[JsonProperty("displayName")]
public string DisplayName { get; set; }
[JsonProperty("email")]
public string Email { get; set; }
[JsonProperty("smsNumber")]
public string SmsNumber { get; set; }
[JsonProperty("tokens")]
public List<string> Tokens { get; set; }
}
}

0
windows/WinUI/Fonts/segoeui.ttf → attic/WinUI/Fonts/segoeui.ttf
View file

0
windows/WinUI/Fonts/segoeuib.ttf → attic/WinUI/Fonts/segoeuib.ttf
View file

0
windows/WinUI/Fonts/segoeuii.ttf → attic/WinUI/Fonts/segoeuii.ttf
View file

0
windows/WinUI/Fonts/segoeuiz.ttf → attic/WinUI/Fonts/segoeuiz.ttf
View file

13
attic/WinUI/ISwitchable.cs Normal file
View file

@ -0,0 +1,13 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace WinUI
{
interface ISwitchable
{
void UtilizeState(object state);
}
}

3
windows/WinUI/JoinNetworkView.xaml → attic/WinUI/JoinNetworkView.xaml
View file

@ -10,7 +10,8 @@
<TextBox x:Name="joinNetworkBox" HorizontalAlignment="Left" Height="23" Margin="10,10,0,0" TextWrapping="Wrap" VerticalAlignment="Top" Width="291" PreviewTextInput="joinNetworkBox_OnTextEntered" PreviewKeyDown="joinNetworkBox_OnKeyDown"/> <TextBox x:Name="joinNetworkBox" HorizontalAlignment="Left" Height="23" Margin="10,10,0,0" TextWrapping="Wrap" VerticalAlignment="Top" Width="291" PreviewTextInput="joinNetworkBox_OnTextEntered" PreviewKeyDown="joinNetworkBox_OnKeyDown"/>
<CheckBox x:Name="allowManagedCheckbox" Content="Allow Managed" HorizontalAlignment="Left" Margin="10,38,0,0" VerticalAlignment="Top" IsChecked="True"/> <CheckBox x:Name="allowManagedCheckbox" Content="Allow Managed" HorizontalAlignment="Left" Margin="10,38,0,0" VerticalAlignment="Top" IsChecked="True"/>
<CheckBox x:Name="allowGlobalCheckbox" Content="Allow Global" HorizontalAlignment="Left" Margin="118,38,0,0" VerticalAlignment="Top"/> <CheckBox x:Name="allowGlobalCheckbox" Content="Allow Global" HorizontalAlignment="Left" Margin="118,38,0,0" VerticalAlignment="Top"/>
<CheckBox x:Name="allowDefaultCheckbox" Content="Allow Default" HorizontalAlignment="Left" Margin="210,38,-6,0" VerticalAlignment="Top"/> <CheckBox x:Name="allowDefaultCheckbox" Content="Allow Default" HorizontalAlignment="Left" Margin="10,58,0,0" VerticalAlignment="Top"/>
<CheckBox x:Name="allowDNSCheckbox" Content="Allow DNS" HorizontalAlignment="Left" VerticalAlignment="Top" Margin="118,58,0,0"/>
<Button x:Name="joinButton" Content="Join" HorizontalAlignment="Left" Margin="226,58,0,10" Background="#FFFFB354" VerticalAlignment="Top" Width="75" Click="joinButton_Click" IsEnabled="False"/> <Button x:Name="joinButton" Content="Join" HorizontalAlignment="Left" Margin="226,58,0,10" Background="#FFFFB354" VerticalAlignment="Top" Width="75" Click="joinButton_Click" IsEnabled="False"/>
</Grid> </Grid>
</Window> </Window>

3
windows/WinUI/JoinNetworkView.xaml.cs → attic/WinUI/JoinNetworkView.xaml.cs
View file

@ -117,8 +117,9 @@ namespace WinUI
bool allowDefault = allowDefaultCheckbox.IsChecked.Value; bool allowDefault = allowDefaultCheckbox.IsChecked.Value;
bool allowGlobal = allowGlobalCheckbox.IsChecked.Value; bool allowGlobal = allowGlobalCheckbox.IsChecked.Value;
bool allowManaged = allowManagedCheckbox.IsChecked.Value; bool allowManaged = allowManagedCheckbox.IsChecked.Value;
bool allowDNS = allowDNSCheckbox.IsChecked.Value;
APIHandler.Instance.JoinNetwork(joinNetworkBox.Text, allowManaged, allowGlobal, allowDefault); APIHandler.Instance.JoinNetwork(this.Dispatcher, joinNetworkBox.Text, allowManaged, allowGlobal, allowDefault, allowDNS);
Close(); Close();
} }

0
windows/WinUI/MainWindow.xaml.cs → attic/WinUI/MainWindow.xaml.cs
View file

9
windows/WinUI/NetworkInfoView.xaml → attic/WinUI/NetworkInfoView.xaml
View file

@ -29,6 +29,7 @@
<RowDefinition Height="auto"/> <RowDefinition Height="auto"/>
<RowDefinition Height="auto"/> <RowDefinition Height="auto"/>
<RowDefinition Height="auto"/> <RowDefinition Height="auto"/>
<RowDefinition Height="auto"/>
</Grid.RowDefinitions> </Grid.RowDefinitions>
<Grid Grid.Column="0" Grid.Row="0" Grid.ColumnSpan="3"> <Grid Grid.Column="0" Grid.Row="0" Grid.ColumnSpan="3">
@ -54,8 +55,9 @@
<TextBlock TextWrapping="Wrap" Text="Allow Global IP" HorizontalAlignment="Right" Grid.Column="0" Grid.Row="10" Foreground="#FF000000"/> <TextBlock TextWrapping="Wrap" Text="Allow Global IP" HorizontalAlignment="Right" Grid.Column="0" Grid.Row="10" Foreground="#FF000000"/>
<TextBlock TextWrapping="Wrap" Text="Allow Managed IP" HorizontalAlignment="Right" Grid.Column="0" Grid.Row="11" Foreground="#FF000000"/> <TextBlock TextWrapping="Wrap" Text="Allow Managed IP" HorizontalAlignment="Right" Grid.Column="0" Grid.Row="11" Foreground="#FF000000"/>
<TextBlock TextWrapping="Wrap" Text="Allow Default Route" HorizontalAlignment="Right" Grid.Column="0" Grid.Row="12" Foreground="#FF000000"/> <TextBlock TextWrapping="Wrap" Text="Allow Default Route" HorizontalAlignment="Right" Grid.Column="0" Grid.Row="12" Foreground="#FF000000"/>
<TextBlock TextWrapping="Wrap" Text="Allow DNS" HorizontalAlignment="Right" Grid.Column="0" Grid.Row="13" Foreground="#FF000000"/>
<Rectangle Grid.Column="2" Grid.Row="2" Grid.RowSpan="11" Fill="#FFEEEEEE"/> <Rectangle Grid.Column="2" Grid.Row="2" Grid.RowSpan="12" Fill="#FFEEEEEE"/>
<TextBlock x:Name="networkStatus" FontFamily="Lucida Console" TextWrapping="Wrap" HorizontalAlignment="Right" Text="OK" TextAlignment="Right" Grid.Column="2" Grid.Row="2" Foreground="#FF000000"/> <TextBlock x:Name="networkStatus" FontFamily="Lucida Console" TextWrapping="Wrap" HorizontalAlignment="Right" Text="OK" TextAlignment="Right" Grid.Column="2" Grid.Row="2" Foreground="#FF000000"/>
<TextBlock x:Name="networkType" FontFamily="Lucida Console" TextWrapping="Wrap" Text="PUBLIC" HorizontalAlignment="Right" Grid.Column="2" Grid.Row="3" Foreground="#FF000000"/> <TextBlock x:Name="networkType" FontFamily="Lucida Console" TextWrapping="Wrap" Text="PUBLIC" HorizontalAlignment="Right" Grid.Column="2" Grid.Row="3" Foreground="#FF000000"/>
@ -68,10 +70,11 @@
<CheckBox x:Name="allowGlobal" HorizontalAlignment="Right" Grid.Column="2" Grid.Row="10" /> <CheckBox x:Name="allowGlobal" HorizontalAlignment="Right" Grid.Column="2" Grid.Row="10" />
<CheckBox x:Name="allowManaged" HorizontalAlignment="Right" Grid.Column="2" Grid.Row="11" /> <CheckBox x:Name="allowManaged" HorizontalAlignment="Right" Grid.Column="2" Grid.Row="11" />
<CheckBox x:Name="allowDefault" HorizontalAlignment="Right" Grid.Column="2" Grid.Row="12" /> <CheckBox x:Name="allowDefault" HorizontalAlignment="Right" Grid.Column="2" Grid.Row="12" />
<CheckBox x:Name="allowDNS" HorizontalAlignment="Right" Grid.Column="2" Grid.Row="13"/>
<Separator Grid.Column="0" Grid.Row="13" Grid.ColumnSpan="3"/> <Separator Grid.Column="0" Grid.Row="14" Grid.ColumnSpan="3"/>
<Grid Grid.Column="0" Grid.Row="14" Grid.ColumnSpan="3" Background="GhostWhite"> <Grid Grid.Column="0" Grid.Row="15" Grid.ColumnSpan="3" Background="GhostWhite">
<Grid.ColumnDefinitions> <Grid.ColumnDefinitions>
<ColumnDefinition Width="auto"/> <ColumnDefinition Width="auto"/>
<ColumnDefinition Width="*"/> <ColumnDefinition Width="*"/>

35
windows/WinUI/NetworkInfoView.xaml.cs → attic/WinUI/NetworkInfoView.xaml.cs
View file

@ -36,6 +36,8 @@ namespace WinUI
allowGlobal.Unchecked += AllowGlobal_CheckStateChanged; allowGlobal.Unchecked += AllowGlobal_CheckStateChanged;
allowManaged.Checked += AllowManaged_CheckStateChanged; allowManaged.Checked += AllowManaged_CheckStateChanged;
allowManaged.Unchecked += AllowManaged_CheckStateChanged; allowManaged.Unchecked += AllowManaged_CheckStateChanged;
allowDNS.Checked += AllowDNS_CheckStateChanged;
allowDNS.Unchecked += AllowDNS_CheckStateChanged;
} }
private void UpdateNetworkData() private void UpdateNetworkData()
@ -79,6 +81,7 @@ namespace WinUI
this.allowDefault.IsChecked = network.AllowDefault; this.allowDefault.IsChecked = network.AllowDefault;
this.allowGlobal.IsChecked = network.AllowGlobal; this.allowGlobal.IsChecked = network.AllowGlobal;
this.allowManaged.IsChecked = network.AllowManaged; this.allowManaged.IsChecked = network.AllowManaged;
this.allowDNS.IsChecked = network.AllowDNS;
this.connectedCheckBox.Checked -= connectedCheckBox_Checked; this.connectedCheckBox.Checked -= connectedCheckBox_Checked;
this.connectedCheckBox.Unchecked -= connectedCheckbox_Unchecked; this.connectedCheckBox.Unchecked -= connectedCheckbox_Unchecked;
@ -106,35 +109,48 @@ namespace WinUI
private void deleteButton_Click(object sender, RoutedEventArgs e) private void deleteButton_Click(object sender, RoutedEventArgs e)
{ {
APIHandler.Instance.LeaveNetwork(network.NetworkId); APIHandler.Instance.LeaveNetwork(this.Dispatcher, network.NetworkId);
NetworkMonitor.Instance.RemoveNetwork(network.NetworkId); NetworkMonitor.Instance.RemoveNetwork(network.NetworkId);
} }
private void AllowManaged_CheckStateChanged(object sender, RoutedEventArgs e) private void AllowManaged_CheckStateChanged(object sender, RoutedEventArgs e)
{ {
CheckBox cb = sender as CheckBox; CheckBox cb = sender as CheckBox;
APIHandler.Instance.JoinNetwork(network.NetworkId, APIHandler.Instance.JoinNetwork(this.Dispatcher, network.NetworkId,
allowManaged.IsChecked ?? false, allowManaged.IsChecked ?? false,
allowGlobal.IsChecked ?? false, allowGlobal.IsChecked ?? false,
allowDefault.IsChecked ?? false); allowDefault.IsChecked ?? false,
allowDNS.IsChecked ?? false);
} }
private void AllowGlobal_CheckStateChanged(object sender, RoutedEventArgs e) private void AllowGlobal_CheckStateChanged(object sender, RoutedEventArgs e)
{ {
CheckBox cb = sender as CheckBox; CheckBox cb = sender as CheckBox;
APIHandler.Instance.JoinNetwork(network.NetworkId, APIHandler.Instance.JoinNetwork(this.Dispatcher, network.NetworkId,
allowManaged.IsChecked ?? false, allowManaged.IsChecked ?? false,
allowGlobal.IsChecked ?? false, allowGlobal.IsChecked ?? false,
allowDefault.IsChecked ?? false); allowDefault.IsChecked ?? false,
allowDNS.IsChecked ?? false);
} }
private void AllowDefault_CheckStateChanged(object sender, RoutedEventArgs e) private void AllowDefault_CheckStateChanged(object sender, RoutedEventArgs e)
{ {
CheckBox cb = sender as CheckBox; CheckBox cb = sender as CheckBox;
APIHandler.Instance.JoinNetwork(network.NetworkId, APIHandler.Instance.JoinNetwork(this.Dispatcher, network.NetworkId,
allowManaged.IsChecked ?? false, allowManaged.IsChecked ?? false,
allowGlobal.IsChecked ?? false, allowGlobal.IsChecked ?? false,
allowDefault.IsChecked ?? false); allowDefault.IsChecked ?? false,
allowDNS.IsChecked ?? false);
}
private void AllowDNS_CheckStateChanged(object sender, RoutedEventArgs e)
{
CheckBox cb = sender as CheckBox;
APIHandler.Instance.JoinNetwork(this.Dispatcher, network.NetworkId,
allowManaged.IsChecked ?? false,
allowGlobal.IsChecked ?? false,
allowDefault.IsChecked ?? false,
allowDNS.IsChecked ?? false);
} }
private void connectedCheckBox_Checked(object sender, RoutedEventArgs e) private void connectedCheckBox_Checked(object sender, RoutedEventArgs e)
@ -154,12 +170,13 @@ namespace WinUI
bool global = allowGlobal.IsChecked.Value; bool global = allowGlobal.IsChecked.Value;
bool managed = allowManaged.IsChecked.Value; bool managed = allowManaged.IsChecked.Value;
bool defRoute = allowDefault.IsChecked.Value; bool defRoute = allowDefault.IsChecked.Value;
bool dns = allowDNS.IsChecked.Value;
APIHandler.Instance.JoinNetwork(networkId.Text, managed, global, defRoute); APIHandler.Instance.JoinNetwork(this.Dispatcher, networkId.Text, managed, global, defRoute, dns);
} }
else else
{ {
APIHandler.Instance.LeaveNetwork(networkId.Text); APIHandler.Instance.LeaveNetwork(this.Dispatcher, networkId.Text);
} }
} }
} }

0
windows/WinUI/NetworkListView.xaml → attic/WinUI/NetworkListView.xaml
View file

0
windows/WinUI/NetworkListView.xaml.cs → attic/WinUI/NetworkListView.xaml.cs
View file

5
windows/WinUI/NetworkMonitor.cs → attic/WinUI/NetworkMonitor.cs
View file

@ -152,10 +152,11 @@ namespace WinUI
Thread.Sleep(2000); Thread.Sleep(2000);
} }
} }
catch catch (Exception e)
{ {
Console.WriteLine("Monitor Thread Ended"); Console.WriteLine("Monitor Thread Exception: " + "\n" + e.StackTrace);
} }
Console.WriteLine("Monitor Thread Ended");
} }
public void SubscribeStatusUpdates(StatusCallback cb) public void SubscribeStatusUpdates(StatusCallback cb)

201
attic/WinUI/NetworkNameGenerator.cs Normal file
View file

@ -0,0 +1,201 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace WinUI
{
class NetworkNameGenerator
{
public static string GenerateName()
{
Random r = new Random(DateTime.Now.Millisecond);
int firstIndex = r.Next(0, FIRST.Length);
int secondIndex = r.Next(0, SECOND.Length);
return FIRST[firstIndex] + "_" + SECOND[secondIndex];
}
private static string[] FIRST =
{
"admiring",
"adoring",
"agitated",
"amazing",
"angry",
"awesome",
"berserk",
"big",
"clever",
"compassionate",
"cranky",
"crazy",
"desperate",
"determined",
"distracted",
"dreamy",
"ecstatic",
"elated",
"elegant",
"fervent",
"focused",
"furious",
"gigantic",
"gloomy",
"goofy",
"grave",
"happy",
"high",
"hopeful",
"hungry",
"insane",
"jolly",
"jovial",
"lonely",
"loving",
"modest",
"nostalgic",
"pedantic",
"pensive",
"prickly",
"reverent",
"romantic",
"sad",
"serene",
"sharp",
"silly",
"sleepy",
"stoic",
"stupefied",
"suspicious",
"tender",
"thirsty",
"tiny",
"trusting"
};
private static string[] SECOND =
{
// constructed telephone-like devices in 1854
"meucci",
// prototype make-or-break telephones in 1860
"reis",
// Alexander Graham Bell
"bell",
// designed telephone using water microphone in 1876
"gray",
// Tivadar Puskás invented the telephone switchboard exchange in 1876.
"puskas",
// Thomas Edison, invented the carbon microphone which produced a strong telephone signal.
"edison",
// 1950s, Paul Baran developed the concept Distributed Adaptive Message Block Switching
"baran",
// Donald Davies coined the phrase 'packet switching network'
"davies",
// Robert Licklider helped get ARPANET funded
"licklider",
// Robert Taylor, ARPANET pioneer
"taylor",
// Lawrence Roberts, ARPANET
"roberts",
// Vint Cerf, TCP
"cerf",
// Bob Kahn, TCP
"kahn",
// David P Reed, UDP
"reed",
// Community Memory was created by Efrem Lipkin, Mark Szpakowski, and Lee Felsenstein, acting as The Community Memory Project within the Resource One computer center at Project One in San Francisco.
"lipkin",
"szpakowski",
"felsenstein",
// The first public dial-up BBS was developed by Ward Christensen and Randy Suess.
"christensen",
"suess",
// Joybubbles (May 25, 1949 August 8, 2007), born Josef Carl Engressia, Jr. in Richmond, Virginia, USA, was an early phone phreak.
"engressia",
"joybubbles",
// John Thomas Draper (born 1943), also known as Captain Crunch, Crunch or Crunchman (after Cap'n Crunch breakfast cereal mascot), is an American computer programmer and former phone phreak
"draper",
// Dennis C. Hayes, founder of Hayes Microcomputer Products
// "The Modem of Dennis Hayes and Dale Heatherington."
"hayes",
"heatherington",
// "Ethernet was developed at Xerox PARC between 1973 and 1974.[7][8] It was inspired by ALOHAnet, which Robert Metcalfe had studied as part of his PhD dissertation."
"metcalfe",
// William Bradford Shockley Jr. (February 13, 1910 August 12, 1989) was an American physicist and inventor. Shockley was the manager of a research group that included John Bardeen and Walter Brattain. The three scientists invented the point contact transistor in 1947
"shockley",
"bardeen",
"brattain",
// "Randall Erck invented the modern modem as we know it today. There were devices similar to modems used by the military, but they were designed more for the purpose of sending encripted nuclear launch codes to various bases around the world."
"erck",
// Leonard Kleinrock, packet switching network pioneer
"kleinrock",
// Tim Berners-Lee, WWW
"berners_lee",
// Steve Wozniak, early phone phreak
"wozniak",
// James Fields Smathers of Kansas City invented what is considered the first practical power-operated typewriter in 1914.
"smathers",
// The teleprinter evolved through a series of inventions by a number of engineers, including Royal Earl House, David Edward Hughes, Emile Baudot, Donald Murray, Charles L. Krum, Edward Kleinschmidt and Frederick G. Creed.
"house",
"hughes",
"baudot",
"murray",
"krum",
"kleinschmidt",
"creed",
// Ron Rosenbaum, author of "Secrets of the Little Blue Box" which mainstreamed phone phreaking
"rosenbaum",
// Bram Cohen. Bram Cohen (born October 12, 1975) is an American computer programmer, best known as the author of the peer-to-peer (P2P) BitTorrent protocol,
"cohen",
// Jarkko Oikarinen (born 16 August 1967, in Kuusamo, Finland) is the inventor of the first Internet chat network, called Internet Relay Chat (IRC), where he is known as WiZ.
"oikarinen",
// "What you probably didn't know is that the author of Trumpet Winsock — Peter Tattam from Tasmania, Australia — didn't see much money for his efforts."
"tattam",
// Satoshi Nakamoto
"nakamoto",
// Philo Farnsworth, inventor of the first practical TV tube
"farnsworth",
// Scottish inventor John Logie Baird employed the Nipkow disk in his prototype video systems. On 25 March 1925, Baird gave the first public demonstration of televised silhouette images in motion, at Selfridge's Department Store in London.
"baird",
// Beginning in 1836, the American artist Samuel F. B. Morse, the American physicist Joseph Henry, and Alfred Vail developed an electrical telegraph system.
"morse",
"henry",
"vail"
};
}
}

0
windows/WinUI/NetworkRoute.cs → attic/WinUI/NetworkRoute.cs
View file

0
windows/WinUI/NetworksPage.xaml → attic/WinUI/NetworksPage.xaml
View file

0
windows/WinUI/NetworksPage.xaml.cs → attic/WinUI/NetworksPage.xaml.cs
View file

0
windows/WinUI/PeersPage.xaml → attic/WinUI/PeersPage.xaml
View file

0
windows/WinUI/PeersPage.xaml.cs → attic/WinUI/PeersPage.xaml.cs
View file

30
attic/WinUI/PreferencesView.xaml Normal file
View file

@ -0,0 +1,30 @@
<Window x:Class="WinUI.PreferencesView"
xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"
xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"
xmlns:d="http://schemas.microsoft.com/expression/blend/2008"
xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006"
xmlns:local="clr-namespace:WinUI"
mc:Ignorable="d"
Title="PreferencesView" SizeToContent="WidthAndHeight" Height="Auto" Width="Auto" Icon="ZeroTierIcon.ico">
<Grid>
<Grid.ColumnDefinitions>
<ColumnDefinition Width="Auto"/>
<ColumnDefinition Width="Auto"/>
</Grid.ColumnDefinitions>
<Grid.RowDefinitions>
<RowDefinition Height="Auto"/>
<RowDefinition Height="Auto"/>
<RowDefinition Height="Auto"/>
<RowDefinition Height="Auto"/>
</Grid.RowDefinitions>
<CheckBox x:Name="startupCheckbox" Content="Launch ZeroTier On Startup" HorizontalAlignment="Left" Margin="10" VerticalAlignment="Top" Grid.Column="0" Grid.ColumnSpan="2" Grid.Row="0"/>
<TextBlock Text="Central Instance:" Grid.Row="1" Grid.Column="0" Margin="10"/>
<TextBox x:Name="CentralInstanceTextBox" Grid.Row="1" Grid.Column="1" MinWidth="200" Margin="10"/>
<TextBlock Text="API Key:" Grid.Row="2" Grid.Column="0" Margin="10"/>
<TextBox x:Name="APIKeyTextBox" Grid.Row="2" Grid.Column="1" MinWidth="200" Margin="10"/>
<Button x:Name="OKButton" Grid.Row="3" Grid.Column="1" Background="#FFFFB354" Content="OK" Margin="10" Width="90" HorizontalAlignment="Right" Click="OKButton_Clicked"/>
</Grid>
</Window>

74
attic/WinUI/PreferencesView.xaml.cs Normal file
View file

@ -0,0 +1,74 @@
using Microsoft.Win32;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows;
using System.Windows.Controls;
using System.Windows.Data;
using System.Windows.Documents;
using System.Windows.Input;
using System.Windows.Media;
using System.Windows.Media.Imaging;
using System.Windows.Shapes;
namespace WinUI
{
/// <summary>
/// Interaction logic for PreferencesView.xaml
/// </summary>
public partial class PreferencesView : Window
{
public static string AppName = "ZeroTier One";
private RegistryKey rk = Registry.CurrentUser.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", true);
private string AppLocation = System.Reflection.Assembly.GetExecutingAssembly().Location;
public PreferencesView()
{
InitializeComponent();
string keyValue = rk.GetValue(AppName) as string;
if (keyValue != null && keyValue.Equals(AppLocation))
{
startupCheckbox.IsChecked = true;
}
CentralAPI api = CentralAPI.Instance;
CentralInstanceTextBox.Text = api.Central.ServerURL;
APIKeyTextBox.Text = api.Central.APIKey;
}
private void OKButton_Clicked(object sender, RoutedEventArgs e)
{
CentralAPI api = CentralAPI.Instance;
if (api.Central.ServerURL != CentralInstanceTextBox.Text ||
api.Central.APIKey != APIKeyTextBox.Text)
{
CentralServer newServer = new CentralServer();
newServer.ServerURL = CentralInstanceTextBox.Text;
newServer.APIKey = APIKeyTextBox.Text;
api.Central = newServer;
}
if (startupCheckbox.IsChecked.HasValue && (bool)startupCheckbox.IsChecked)
{
rk.SetValue(AppName, AppLocation);
}
else
{
string keyValue = rk.GetValue(AppName) as string;
if (keyValue != null && keyValue.Equals(AppLocation))
{
rk.DeleteValue(AppName);
}
}
Close();
}
}
}

0
windows/WinUI/Properties/AssemblyInfo.cs → attic/WinUI/Properties/AssemblyInfo.cs
View file

0
windows/WinUI/Properties/Resources.Designer.cs → attic/WinUI/Properties/Resources.Designer.cs generated
View file

0
windows/WinUI/Properties/Resources.resx → attic/WinUI/Properties/Resources.resx
View file

0
windows/WinUI/Properties/Settings.Designer.cs → attic/WinUI/Properties/Settings.Designer.cs generated
View file

0
windows/WinUI/Properties/Settings.settings → attic/WinUI/Properties/Settings.settings
View file

0
windows/WinUI/Resources/ZeroTierIcon.ico → attic/WinUI/Resources/ZeroTierIcon.ico
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 44 KiB

After

Width:  |  Height:  |  Size: 44 KiB

0
windows/WinUI/Simple Styles.xaml → attic/WinUI/Simple Styles.xaml
View file

1
windows/WinUI/Themes/Generic.xaml → attic/WinUI/Themes/Generic.xaml
View file

@ -3,5 +3,4 @@
xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"
xmlns:local="clr-namespace:WinUI"> xmlns:local="clr-namespace:WinUI">
</ResourceDictionary> </ResourceDictionary>

6
windows/WinUI/ToolbarItem.xaml → attic/WinUI/ToolbarItem.xaml
View file

@ -40,6 +40,12 @@
</CollectionContainer> </CollectionContainer>
<Separator/>
<MenuItem Header="ZeroTier Central"
Click="ToolbarItem_CentralClicked"/>
<MenuItem Header="Create and Join Network"
Click="ToolbarItem_NewNetwork"
x:Name="newNetworkItem"/>
<Separator/> <Separator/>
<MenuItem Header="About..." <MenuItem Header="About..."
Click="ToolbarItem_AboutClicked"/> Click="ToolbarItem_AboutClicked"/>

55
windows/WinUI/ToolbarItem.xaml.cs → attic/WinUI/ToolbarItem.xaml.cs
View file

@ -3,6 +3,7 @@ using System.Collections.Generic;
using System.Collections.ObjectModel; using System.Collections.ObjectModel;
using System.ComponentModel; using System.ComponentModel;
using System.Linq; using System.Linq;
using System.Net.Http;
using System.Runtime.CompilerServices; using System.Runtime.CompilerServices;
using System.Text; using System.Text;
using System.Threading.Tasks; using System.Threading.Tasks;
@ -44,6 +45,7 @@ namespace WinUI
private ObservableCollection<MenuItem> _networkCollection = new ObservableCollection<MenuItem>(); private ObservableCollection<MenuItem> _networkCollection = new ObservableCollection<MenuItem>();
public ObservableCollection<MenuItem> NetworkCollection public ObservableCollection<MenuItem> NetworkCollection
{ {
get { return _networkCollection; } get { return _networkCollection; }
@ -79,13 +81,13 @@ namespace WinUI
{ {
if (networks != null) if (networks != null)
{ {
this.Dispatcher.BeginInvoke(DispatcherPriority.Normal, new Action(() => Dispatcher.BeginInvoke(DispatcherPriority.Normal, new Action(() =>
{ {
NetworkCollection.Clear(); NetworkCollection.Clear();
foreach (ZeroTierNetwork n in networks) foreach (ZeroTierNetwork n in networks)
{ {
MenuItem item = new MenuItem(); MenuItem item = new MenuItem();
item.Header = n.Title; item.Header = n.Title.Replace("_", "__");
item.DataContext = n; item.DataContext = n;
item.IsChecked = n.IsConnected; item.IsChecked = n.IsConnected;
item.Click += ToolbarItem_NetworkClicked; item.Click += ToolbarItem_NetworkClicked;
@ -105,13 +107,34 @@ namespace WinUI
nodeIdMenuItem.Header = "Node ID: " + status.Address; nodeIdMenuItem.Header = "Node ID: " + status.Address;
nodeIdMenuItem.IsEnabled = true; nodeIdMenuItem.IsEnabled = true;
nodeId = status.Address; nodeId = status.Address;
if (CentralAPI.Instance.HasAccessToken())
{
newNetworkItem.IsEnabled = true;
}
else
{
newNetworkItem.IsEnabled = false;
}
})); }));
} }
} }
private void ToolbarItem_NodeIDClicked(object sender, System.Windows.RoutedEventArgs e) private void ToolbarItem_NodeIDClicked(object sender, System.Windows.RoutedEventArgs e)
{ {
Clipboard.SetText(nodeId); try
{
Clipboard.SetDataObject(nodeId);
}
catch (ArgumentNullException)
{
// tried to copy a null nodeId
Console.WriteLine("ArgumentNullException");
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
} }
private void ToolbarItem_ShowNetworksClicked(object sender, System.Windows.RoutedEventArgs e) private void ToolbarItem_ShowNetworksClicked(object sender, System.Windows.RoutedEventArgs e)
@ -182,6 +205,11 @@ namespace WinUI
joinNetView = null; joinNetView = null;
} }
private void ToolbarItem_CentralClicked(object sender, System.EventArgs e)
{
Process.Start("https://my.zerotier.com");
}
private void ToolbarItem_AboutClicked(object sender, System.EventArgs e) private void ToolbarItem_AboutClicked(object sender, System.EventArgs e)
{ {
if (aboutView == null) if (aboutView == null)
@ -255,7 +283,7 @@ namespace WinUI
private void ToolbarItem_QuitClicked(object sender, System.EventArgs e) private void ToolbarItem_QuitClicked(object sender, System.EventArgs e)
{ {
NetworkMonitor.Instance.StopMonitor(); NetworkMonitor.Instance.StopMonitor();
this.Close(); Close();
Application.Current.Shutdown(); Application.Current.Shutdown();
} }
@ -269,16 +297,31 @@ namespace WinUI
ZeroTierNetwork network = item.DataContext as ZeroTierNetwork; ZeroTierNetwork network = item.DataContext as ZeroTierNetwork;
if (item.IsChecked) if (item.IsChecked)
{ {
APIHandler.Instance.LeaveNetwork(network.NetworkId); APIHandler.Instance.LeaveNetwork(Dispatcher, network.NetworkId);
} }
else else
{ {
APIHandler.Instance.JoinNetwork(network.NetworkId, network.AllowManaged, network.AllowGlobal, network.AllowDefault); APIHandler.Instance.JoinNetwork(Dispatcher, network.NetworkId, network.AllowManaged, network.AllowGlobal, network.AllowDefault);
} }
} }
} }
} }
private async void ToolbarItem_NewNetwork(object sender, System.Windows.RoutedEventArgs e)
{
if (CentralAPI.Instance.HasAccessToken())
{
CentralAPI api = CentralAPI.Instance;
CentralNetwork newNetwork = await api.CreateNewNetwork();
APIHandler handler = APIHandler.Instance;
handler.JoinNetwork(this.Dispatcher, newNetwork.Id);
string nodeId = APIHandler.Instance.NodeAddress();
bool authorized = await CentralAPI.Instance.AuthorizeNode(nodeId, newNetwork.Id);
}
}
private void setWindowPosition(Window w) private void setWindowPosition(Window w)
{ {
double width = w.ActualWidth; double width = w.ActualWidth;

10
windows/WinUI/WinUI.csproj → attic/WinUI/WinUI.csproj
View file

@ -80,6 +80,7 @@
<Reference Include="System.Data" /> <Reference Include="System.Data" />
<Reference Include="System.Deployment" /> <Reference Include="System.Deployment" />
<Reference Include="System.Drawing" /> <Reference Include="System.Drawing" />
<Reference Include="System.Net.Http" />
<Reference Include="System.Printing" /> <Reference Include="System.Printing" />
<Reference Include="System.Windows.Forms" /> <Reference Include="System.Windows.Forms" />
<Reference Include="System.Xml" /> <Reference Include="System.Xml" />
@ -104,10 +105,18 @@
<Compile Include="AboutView.xaml.cs"> <Compile Include="AboutView.xaml.cs">
<DependentUpon>AboutView.xaml</DependentUpon> <DependentUpon>AboutView.xaml</DependentUpon>
</Compile> </Compile>
<Compile Include="CentralAPI.cs" />
<Compile Include="CentralLogin.cs" />
<Compile Include="CentralNetwork.cs" />
<Compile Include="CentralServer.cs" />
<Compile Include="CentralToken.cs" />
<Compile Include="CentralUser.cs" />
<Compile Include="ISwitchable.cs" />
<Compile Include="JoinNetworkView.xaml.cs"> <Compile Include="JoinNetworkView.xaml.cs">
<DependentUpon>JoinNetworkView.xaml</DependentUpon> <DependentUpon>JoinNetworkView.xaml</DependentUpon>
</Compile> </Compile>
<Compile Include="NetworkMonitor.cs" /> <Compile Include="NetworkMonitor.cs" />
<Compile Include="NetworkNameGenerator.cs" />
<Compile Include="NetworkRoute.cs" /> <Compile Include="NetworkRoute.cs" />
<Compile Include="NetworksPage.xaml.cs"> <Compile Include="NetworksPage.xaml.cs">
<DependentUpon>NetworksPage.xaml</DependentUpon> <DependentUpon>NetworksPage.xaml</DependentUpon>
@ -251,7 +260,6 @@
<None Include="Resources\ZeroTierIcon.ico" /> <None Include="Resources\ZeroTierIcon.ico" />
</ItemGroup> </ItemGroup>
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" /> <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
<Import Project="$(MSBuildExtensionsPath)\Microsoft\Expression\Blend\.NETFramework\v4.5\Microsoft.Expression.Blend.WPF.targets" />
<PropertyGroup> <PropertyGroup>
<PostBuildEvent>copy "$(SolutionDir)\copyutil\bin\$(ConfigurationName)\copyutil.exe" "$(ProjectDir)\$(OutDir)\copyutil.exe"</PostBuildEvent> <PostBuildEvent>copy "$(SolutionDir)\copyutil\bin\$(ConfigurationName)\copyutil.exe" "$(ProjectDir)\$(OutDir)\copyutil.exe"</PostBuildEvent>
</PropertyGroup> </PropertyGroup>

0
windows/WinUI/ZeroTierIcon.ico → attic/WinUI/ZeroTierIcon.ico
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 361 KiB

After

Width:  |  Height:  |  Size: 361 KiB

22
windows/WinUI/ZeroTierNetwork.cs → attic/WinUI/ZeroTierNetwork.cs
View file

@ -30,6 +30,7 @@ namespace WinUI
private bool allowManaged; private bool allowManaged;
private bool allowGlobal; private bool allowGlobal;
private bool allowDefault; private bool allowDefault;
private bool allowDNS;
private bool isConnected; private bool isConnected;
protected ZeroTierNetwork(SerializationInfo info, StreamingContext ctx) protected ZeroTierNetwork(SerializationInfo info, StreamingContext ctx)
@ -53,6 +54,7 @@ namespace WinUI
AllowManaged = info.GetBoolean("allowManaged"); AllowManaged = info.GetBoolean("allowManaged");
AllowGlobal = info.GetBoolean("allowGlobal"); AllowGlobal = info.GetBoolean("allowGlobal");
AllowDefault = info.GetBoolean("allowDefault"); AllowDefault = info.GetBoolean("allowDefault");
AllowDNS = info.GetBoolean("allowDNS");
} }
catch { } catch { }
IsConnected = false; IsConnected = false;
@ -79,6 +81,7 @@ namespace WinUI
info.AddValue("allowManaged", AllowManaged); info.AddValue("allowManaged", AllowManaged);
info.AddValue("allowGlobal", AllowGlobal); info.AddValue("allowGlobal", AllowGlobal);
info.AddValue("allowDefault", AllowDefault); info.AddValue("allowDefault", AllowDefault);
info.AddValue("allowDNS", AllowDNS);
} }
public void UpdateNetwork(ZeroTierNetwork network) public void UpdateNetwork(ZeroTierNetwork network)
@ -165,6 +168,11 @@ namespace WinUI
AllowDefault = network.AllowDefault; AllowDefault = network.AllowDefault;
} }
if (AllowDNS != network.AllowDNS)
{
AllowDNS = network.AllowDNS;
}
if (IsConnected != network.IsConnected) if (IsConnected != network.IsConnected)
{ {
IsConnected = network.IsConnected; IsConnected = network.IsConnected;
@ -414,6 +422,20 @@ namespace WinUI
} }
} }
[JsonProperty("allowDNS")]
public bool AllowDNS
{
get
{
return allowDNS;
}
set
{
allowDNS = value;
NotifyPropertyChanged();
}
}
public bool IsConnected public bool IsConnected
{ {
get get

0
windows/WinUI/ZeroTierPeer.cs → attic/WinUI/ZeroTierPeer.cs
View file

0
windows/WinUI/ZeroTierPeerPhysicalPath.cs → attic/WinUI/ZeroTierPeerPhysicalPath.cs
View file

0
windows/WinUI/ZeroTierStatus.cs → attic/WinUI/ZeroTierStatus.cs
View file

0
windows/WinUI/app.manifest → attic/WinUI/app.manifest
View file

0
windows/WinUI/packages.config → attic/WinUI/packages.config
View file

BIN
attic/big-http-test/2015-11-10_01_50000.out.xz
View file

Binary file not shown.

BIN
attic/big-http-test/2015-11-10_02_50000.out.xz
View file

Binary file not shown.

BIN
attic/big-http-test/2015-11-10_03_12500_ec2-east-only.out.xz
View file

Binary file not shown.

24
attic/big-http-test/Dockerfile
View file

@ -1,24 +0,0 @@
FROM centos:latest
MAINTAINER https://www.zerotier.com/
EXPOSE 9993/udp
ADD nodesource-el.repo /etc/yum.repos.d/nodesource-el.repo
RUN yum -y update && yum install -y nodejs && yum clean all
RUN mkdir -p /var/lib/zerotier-one
RUN mkdir -p /var/lib/zerotier-one/networks.d
RUN touch /var/lib/zerotier-one/networks.d/ffffffffffffffff.conf
ADD package.json /
RUN npm install
ADD zerotier-one /
RUN chmod a+x /zerotier-one
ADD agent.js /
ADD docker-main.sh /
RUN chmod a+x /docker-main.sh
CMD ["./docker-main.sh"]

12
attic/big-http-test/README.md
View file

@ -1,12 +0,0 @@
HTTP one-to-all test
======
*This is really internal use code. You're free to test it out but expect to do some editing/tweaking to make it work. We used this to run some massive scale tests of our new geo-cluster-based root server infrastructure prior to taking it live.*
Before using this code you will want to edit agent.js to change SERVER_HOST to the IP address of where you will run server.js. This should typically be an open Internet IP, since this makes reporting not dependent upon the thing being tested. Also note that this thing does no security of any kind. It's designed for one-off tests run over a short period of time, not to be anything that runs permanently. You will also want to edit the Dockerfile if you want to build containers and change the network ID to the network you want to run tests over.
This code can be deployed across a large number of VMs or containers to test and benchmark HTTP traffic within a virtual network at scale. The agent acts as a server and can query other agents, while the server collects agent data and tells agents about each other. It's designed to use RFC4193-based ZeroTier IPv6 addresses within the cluster, which allows the easy provisioning of a large cluster without IP conflicts.
The Dockerfile builds an image that launches the agent. The image must be "docker run" with "--device=/dev/net/tun --privileged" to permit it to open a tun/tap device within the container. (Unfortunately CAP_NET_ADMIN may not work due to a bug in Docker and/or Linux.) You can run a bunch with a command like:
for ((n=0;n<10;n++)); do docker run --device=/dev/net/tun --privileged -d zerotier/http-test; done

196
attic/big-http-test/agent.js
View file

@ -1,196 +0,0 @@
// ZeroTier distributed HTTP test agent
// ---------------------------------------------------------------------------
// Customizable parameters:
// Time between startup and first test attempt
var TEST_STARTUP_LAG = 10000;
// Maximum interval between test attempts (actual timing is random % this)
var TEST_INTERVAL_MAX = (60000 * 10);
// Test timeout in ms
var TEST_TIMEOUT = 30000;
// Where should I get other agents' IDs and POST results?
var SERVER_HOST = '52.26.196.147';
var SERVER_PORT = 18080;
// Which port do agents use to serve up test data to each other?
var AGENT_PORT = 18888;
// Payload size in bytes
var PAYLOAD_SIZE = 5000;
// ---------------------------------------------------------------------------
var ipaddr = require('ipaddr.js');
var os = require('os');
var http = require('http');
var async = require('async');
var express = require('express');
var app = express();
// Find our ZeroTier-assigned RFC4193 IPv6 address
var thisAgentId = null;
var interfaces = os.networkInterfaces();
if (!interfaces) {
console.error('FATAL: os.networkInterfaces() failed.');
process.exit(1);
}
for(var ifname in interfaces) {
var ifaddrs = interfaces[ifname];
if (Array.isArray(ifaddrs)) {
for(var i=0;i<ifaddrs.length;++i) {
if (ifaddrs[i].family == 'IPv6') {
try {
var ipbytes = ipaddr.parse(ifaddrs[i].address).toByteArray();
if ((ipbytes.length === 16)&&(ipbytes[0] == 0xfd)&&(ipbytes[9] == 0x99)&&(ipbytes[10] == 0x93)) {
thisAgentId = '';
for(var j=0;j<16;++j) {
var tmp = ipbytes[j].toString(16);
if (tmp.length === 1)
thisAgentId += '0';
thisAgentId += tmp;
}
}
} catch (e) {
console.error(e);
}
}
}
}
}
if (thisAgentId === null) {
console.error('FATAL: no ZeroTier-assigned RFC4193 IPv6 addresses found on any local interface!');
process.exit(1);
}
//console.log(thisAgentId);
// Create a random (and therefore not very compressable) payload
var payload = new Buffer(PAYLOAD_SIZE);
for(var xx=0;xx<PAYLOAD_SIZE;++xx) {
payload.writeUInt8(Math.round(Math.random() * 255.0),xx);
}
function agentIdToIp(agentId)
{
var ip = '';
ip += agentId.substr(0,4);
ip += ':';
ip += agentId.substr(4,4);
ip += ':';
ip += agentId.substr(8,4);
ip += ':';
ip += agentId.substr(12,4);
ip += ':';
ip += agentId.substr(16,4);
ip += ':';
ip += agentId.substr(20,4);
ip += ':';
ip += agentId.substr(24,4);
ip += ':';
ip += agentId.substr(28,4);
return ip;
};
var lastTestResult = null;
var allOtherAgents = {};
function doTest()
{
var submit = http.request({
host: SERVER_HOST,
port: SERVER_PORT,
path: '/'+thisAgentId,
method: 'POST'
},function(res) {
var body = '';
res.on('data',function(chunk) { body += chunk.toString(); });
res.on('end',function() {
if (body) {
try {
var peers = JSON.parse(body);
if (Array.isArray(peers)) {
for(var xx=0;xx<peers.length;++xx)
allOtherAgents[peers[xx]] = true;
}
} catch (e) {}
}
var agents = Object.keys(allOtherAgents);
if (agents.length > 1) {
var target = agents[Math.floor(Math.random() * agents.length)];
while (target === thisAgentId)
target = agents[Math.floor(Math.random() * agents.length)];
var testRequest = null;
var timeoutId = null;
timeoutId = setTimeout(function() {
if (testRequest !== null)
testRequest.abort();
timeoutId = null;
},TEST_TIMEOUT);
var startTime = Date.now();
testRequest = http.get({
host: agentIdToIp(target),
port: AGENT_PORT,
path: '/'
},function(res) {
var bytes = 0;
res.on('data',function(chunk) { bytes += chunk.length; });
res.on('end',function() {
lastTestResult = {
source: thisAgentId,
target: target,
time: (Date.now() - startTime),
bytes: bytes,
timedOut: (timeoutId === null),
error: null
};
if (timeoutId !== null)
clearTimeout(timeoutId);
return setTimeout(doTest,Math.round(Math.random() * TEST_INTERVAL_MAX) + 1);
});
}).on('error',function(e) {
lastTestResult = {
source: thisAgentId,
target: target,
time: (Date.now() - startTime),
bytes: 0,
timedOut: (timeoutId === null),
error: e.toString()
};
if (timeoutId !== null)
clearTimeout(timeoutId);
return setTimeout(doTest,Math.round(Math.random() * TEST_INTERVAL_MAX) + 1);
});
} else {
return setTimeout(doTest,1000);
}
});
}).on('error',function(e) {
console.log('POST failed: '+e.toString());
return setTimeout(doTest,1000);
});
if (lastTestResult !== null) {
submit.write(JSON.stringify(lastTestResult));
lastTestResult = null;
}
submit.end();
};
// Agents just serve up a test payload
app.get('/',function(req,res) { return res.status(200).send(payload); });
var expressServer = app.listen(AGENT_PORT,function () {
// Start timeout-based loop
setTimeout(doTest(),TEST_STARTUP_LAG);
});

9
attic/big-http-test/big-test-kill.sh
View file

@ -1,9 +0,0 @@
#!/bin/bash
# Kills all running Docker containers on all big-test-hosts
export PATH=/bin:/usr/bin:/usr/local/bin:/usr/sbin:/sbin
pssh -h big-test-hosts -x '-t -t' -i -OUserKnownHostsFile=/dev/null -OStrictHostKeyChecking=no -t 0 -p 256 "sudo docker ps -aq | xargs -r sudo docker rm -f"
exit 0

13
attic/big-http-test/big-test-start.sh
View file

@ -1,13 +0,0 @@
#!/bin/bash
# More than 500 container seems to result in a lot of sporadic failures, probably due to Linux kernel scaling issues with virtual network ports
# 250 with a 16GB RAM VM like Amazon m4.xlarge seems good
NUM_CONTAINERS=250
CONTAINER_IMAGE=zerotier/http-test
SCALE_UP_DELAY=10
export PATH=/bin:/usr/bin:/usr/local/bin:/usr/sbin:/sbin
pssh -h big-test-hosts -x '-t -t' -i -OUserKnownHostsFile=/dev/null -OStrictHostKeyChecking=no -t 0 -p 256 "sudo sysctl -w net.netfilter.nf_conntrack_max=262144 ; for ((n=0;n<$NUM_CONTAINERS;n++)); do sudo docker run --device=/dev/net/tun --privileged -d $CONTAINER_IMAGE; sleep $SCALE_UP_DELAY; done"
exit 0

65
attic/big-http-test/crunch-results.js
View file

@ -1,65 +0,0 @@
//
// Pipe the output of server.js into this to convert raw test results into bracketed statistics
// suitable for graphing.
//
// Time duration per statistical bracket
var BRACKET_SIZE = 10000;
// Number of bytes expected from each test
var EXPECTED_BYTES = 5000;
var readline = require('readline');
var rl = readline.createInterface({
input: process.stdin,
output: process.stdout,
terminal: false
});
var count = 0.0;
var overallCount = 0.0;
var totalFailures = 0.0;
var totalOverallFailures = 0.0;
var totalMs = 0;
var totalData = 0;
var devices = {};
var lastBracketTs = 0;
rl.on('line',function(line) {
line = line.trim();
var ls = line.split(',');
if (ls.length == 7) {
var ts = parseInt(ls[0]);
var fromId = ls[1];
var toId = ls[2];
var ms = parseFloat(ls[3]);
var bytes = parseInt(ls[4]);
var timedOut = (ls[5] == 'true') ? true : false;
var errMsg = ls[6];
count += 1.0;
overallCount += 1.0;
if ((bytes !== EXPECTED_BYTES)||(timedOut)) {
totalFailures += 1.0;
totalOverallFailures += 1.0;
}
totalMs += ms;
totalData += bytes;
devices[fromId] = true;
devices[toId] = true;
if (lastBracketTs === 0)
lastBracketTs = ts;
if (((ts - lastBracketTs) >= BRACKET_SIZE)&&(count > 0.0)) {
console.log(count.toString()+','+overallCount.toString()+','+(totalMs / count)+','+(totalFailures / count)+','+(totalOverallFailures / overallCount)+','+totalData+','+Object.keys(devices).length);
count = 0.0;
totalFailures = 0.0;
totalMs = 0;
totalData = 0;
lastBracketTs = ts;
}
} // else ignore junk
});

16
attic/big-http-test/docker-main.sh
View file

@ -1,16 +0,0 @@
#!/bin/bash
export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin
/zerotier-one -d >>zerotier-one.out 2>&1
# Wait for ZeroTier to start and join the network
while [ ! -d "/proc/sys/net/ipv6/conf/zt0" ]; do
sleep 0.25
done
# Wait just a bit longer for stuff to settle
sleep 5
exec node --harmony /agent.js >>agent.out 2>&1
#exec node --harmony /agent.js

Some files were not shown because too many files have changed in this diff Show more