2017-01-12 21:18:11 +00:00
|
|
|
CC=clang
|
|
|
|
CXX=clang++
|
2021-11-04 22:40:08 +00:00
|
|
|
TOPDIR=$(shell PWD)
|
|
|
|
|
|
|
|
INCLUDES=-I$(shell PWD)/zeroidc/target
|
2015-10-27 16:41:12 +00:00
|
|
|
DEFS=
|
2013-12-13 21:49:46 +00:00
|
|
|
LIBS=
|
2020-11-24 19:27:44 +00:00
|
|
|
ARCH_FLAGS=-arch x86_64 -arch arm64
|
2020-11-16 21:30:15 +00:00
|
|
|
|
2014-01-07 21:06:34 +00:00
|
|
|
CODESIGN=echo
|
2015-06-03 02:17:39 +00:00
|
|
|
PRODUCTSIGN=echo
|
|
|
|
CODESIGN_APP_CERT=
|
|
|
|
CODESIGN_INSTALLER_CERT=
|
2019-09-17 03:13:20 +00:00
|
|
|
NOTARIZE=echo
|
|
|
|
NOTARIZE_USER_ID=null
|
2014-01-07 21:06:34 +00:00
|
|
|
|
2017-01-13 21:09:42 +00:00
|
|
|
ZT_BUILD_PLATFORM=3
|
|
|
|
ZT_BUILD_ARCHITECTURE=2
|
|
|
|
ZT_VERSION_MAJOR=$(shell cat version.h | grep -F VERSION_MAJOR | cut -d ' ' -f 3)
|
|
|
|
ZT_VERSION_MINOR=$(shell cat version.h | grep -F VERSION_MINOR | cut -d ' ' -f 3)
|
|
|
|
ZT_VERSION_REV=$(shell cat version.h | grep -F VERSION_REVISION | cut -d ' ' -f 3)
|
2017-01-18 17:16:23 +00:00
|
|
|
ZT_VERSION_BUILD=$(shell cat version.h | grep -F VERSION_BUILD | cut -d ' ' -f 3)
|
2017-01-13 21:09:42 +00:00
|
|
|
|
2019-11-21 22:49:24 +00:00
|
|
|
# for central controller builds
|
|
|
|
TIMESTAMP=$(shell date +"%Y%m%d%H%M")
|
|
|
|
|
2017-01-13 21:09:42 +00:00
|
|
|
DEFS+=-DZT_BUILD_PLATFORM=$(ZT_BUILD_PLATFORM) -DZT_BUILD_ARCHITECTURE=$(ZT_BUILD_ARCHITECTURE)
|
2015-11-17 02:28:55 +00:00
|
|
|
|
2017-01-12 21:18:11 +00:00
|
|
|
include objects.mk
|
2020-08-05 21:26:11 +00:00
|
|
|
ONE_OBJS+=osdep/MacEthernetTap.o osdep/MacKextEthernetTap.o osdep/MacDNSHelper.o ext/http-parser/http_parser.o
|
2021-11-04 22:40:08 +00:00
|
|
|
LIBS+=-framework CoreServices -framework SystemConfiguration -framework CoreFoundation -framework Security
|
2020-08-18 18:46:29 +00:00
|
|
|
|
2017-01-12 21:18:11 +00:00
|
|
|
# Official releases are signed with our Apple cert and apply software updates by default
|
2014-01-07 21:06:34 +00:00
|
|
|
ifeq ($(ZT_OFFICIAL_RELEASE),1)
|
2017-01-12 21:51:06 +00:00
|
|
|
DEFS+=-DZT_SOFTWARE_UPDATE_DEFAULT="\"apply\""
|
2015-07-28 21:32:02 +00:00
|
|
|
ZT_USE_MINIUPNPC=1
|
2014-01-07 21:06:34 +00:00
|
|
|
CODESIGN=codesign
|
2015-06-03 02:17:39 +00:00
|
|
|
PRODUCTSIGN=productsign
|
2020-10-06 22:09:51 +00:00
|
|
|
CODESIGN_APP_CERT="Developer ID Application: ZeroTier, Inc (8ZD9JUCZ4V)"
|
2016-12-23 23:11:44 +00:00
|
|
|
CODESIGN_INSTALLER_CERT="Developer ID Installer: ZeroTier, Inc (8ZD9JUCZ4V)"
|
2019-09-17 03:13:20 +00:00
|
|
|
NOTARIZE=xcrun altool
|
|
|
|
NOTARIZE_USER_ID="adam.ierymenko@gmail.com"
|
2017-01-12 21:18:11 +00:00
|
|
|
else
|
2017-01-12 22:35:52 +00:00
|
|
|
DEFS+=-DZT_SOFTWARE_UPDATE_DEFAULT="\"download\""
|
2014-01-07 21:06:34 +00:00
|
|
|
endif
|
2014-10-24 15:48:44 +00:00
|
|
|
|
2017-04-18 15:45:37 +00:00
|
|
|
# Use fast ASM Salsa20/12 for x64 processors
|
|
|
|
DEFS+=-DZT_USE_X64_ASM_SALSA2012
|
2017-05-08 21:36:55 +00:00
|
|
|
CORE_OBJS+=ext/x64-salsa2012-asm/salsa2012.o
|
2021-08-19 19:44:02 +00:00
|
|
|
CXXFLAGS=$(CFLAGS) -std=c++11 -stdlib=libc++
|
2017-04-18 15:45:37 +00:00
|
|
|
|
2017-01-12 21:18:11 +00:00
|
|
|
# Build miniupnpc and nat-pmp as included libraries -- extra defs are required for these sources
|
|
|
|
DEFS+=-DMACOSX -DZT_USE_MINIUPNPC -DMINIUPNP_STATICLIB -D_DARWIN_C_SOURCE -DMINIUPNPC_SET_SOCKET_TIMEOUT -DMINIUPNPC_GET_SRC_ADDR -D_BSD_SOURCE -D_DEFAULT_SOURCE -DOS_STRING=\"Darwin/15.0.0\" -DMINIUPNPC_VERSION_STRING=\"2.0\" -DUPNP_VERSION_STRING=\"UPnP/1.1\" -DENABLE_STRNATPMPERR
|
2017-05-08 21:36:55 +00:00
|
|
|
ONE_OBJS+=ext/libnatpmp/natpmp.o ext/libnatpmp/getgateway.o ext/miniupnpc/connecthostport.o ext/miniupnpc/igd_desc_parse.o ext/miniupnpc/minisoap.o ext/miniupnpc/minissdpc.o ext/miniupnpc/miniupnpc.o ext/miniupnpc/miniwget.o ext/miniupnpc/minixml.o ext/miniupnpc/portlistingparse.o ext/miniupnpc/receivedata.o ext/miniupnpc/upnpcommands.o ext/miniupnpc/upnpdev.o ext/miniupnpc/upnperrors.o ext/miniupnpc/upnpreplyparse.o osdep/PortMapper.o
|
2021-08-19 19:44:02 +00:00
|
|
|
ifeq ($(ZT_CONTROLLER),1)
|
|
|
|
MACOS_VERSION_MIN=10.15
|
|
|
|
override CXXFLAGS=$(CFLAGS) -std=c++17 -stdlib=libc++
|
|
|
|
LIBS+=-L/usr/local/opt/libpqxx/lib -L/usr/local/opt/libpq/lib -L/usr/local/opt/openssl/lib/ -lpqxx -lpq -lssl -lcrypto -lgssapi_krb5 ext/redis-plus-plus-1.1.1/install/macos/lib/libredis++.a ext/hiredis-0.14.1/lib/macos/libhiredis.a
|
|
|
|
DEFS+=-DZT_CONTROLLER_USE_LIBPQ -DZT_CONTROLLER_USE_REDIS -DZT_CONTROLLER
|
|
|
|
INCLUDES+=-I/usr/local/opt/libpq/include -I/usr/local/opt/libpqxx/include -Iext/hiredis-0.14.1/include/ -Iext/redis-plus-plus-1.1.1/install/macos/include/sw/
|
|
|
|
else
|
|
|
|
MACOS_VERSION_MIN=10.13
|
|
|
|
endif
|
2015-05-21 02:38:49 +00:00
|
|
|
|
2017-12-14 21:27:49 +00:00
|
|
|
# Build with address sanitization library for advanced debugging (clang)
|
|
|
|
ifeq ($(ZT_SANITIZE),1)
|
2018-05-31 00:45:29 +00:00
|
|
|
DEFS+=-fsanitize=address -DASAN_OPTIONS=symbolize=1
|
|
|
|
endif
|
|
|
|
ifeq ($(ZT_DEBUG_TRACE),1)
|
|
|
|
DEFS+=-DZT_DEBUG_TRACE
|
2017-12-14 21:27:49 +00:00
|
|
|
endif
|
2015-05-20 23:35:33 +00:00
|
|
|
# Debug mode -- dump trace output, build binary with -g
|
2014-08-19 17:09:21 +00:00
|
|
|
ifeq ($(ZT_DEBUG),1)
|
2017-05-08 21:46:45 +00:00
|
|
|
ZT_TRACE=1
|
2020-11-19 18:43:57 +00:00
|
|
|
ARCH_FLAGS=
|
2020-08-21 16:56:53 +00:00
|
|
|
CFLAGS+=-Wall -g $(INCLUDES) $(DEFS) $(ARCH_FLAGS)
|
2014-08-19 17:09:21 +00:00
|
|
|
STRIP=echo
|
2021-12-15 23:53:48 +00:00
|
|
|
RUSTFLAGS=
|
|
|
|
RUST_VARIANT=debug
|
2014-10-12 18:42:49 +00:00
|
|
|
# The following line enables optimization for the crypto code, since
|
|
|
|
# C25519 in particular is almost UNUSABLE in heavy testing without it.
|
2017-05-08 21:46:45 +00:00
|
|
|
node/Salsa20.o node/SHA512.o node/C25519.o node/Poly1305.o: CFLAGS = -Wall -O2 -g $(INCLUDES) $(DEFS)
|
2014-08-19 17:09:21 +00:00
|
|
|
else
|
2018-01-08 23:56:53 +00:00
|
|
|
CFLAGS?=-Ofast -fstack-protector-strong
|
2021-08-19 19:44:02 +00:00
|
|
|
CFLAGS+=$(ARCH_FLAGS) -Wall -flto -fPIE -mmacosx-version-min=$(MACOS_VERSION_MIN) -DNDEBUG -Wno-unused-private-field $(INCLUDES) $(DEFS)
|
2014-08-19 17:09:21 +00:00
|
|
|
STRIP=strip
|
2021-12-15 23:53:48 +00:00
|
|
|
RUSTFLAGS=--release
|
|
|
|
RUST_VARIANT=release
|
2014-08-19 17:09:21 +00:00
|
|
|
endif
|
2013-07-04 20:56:19 +00:00
|
|
|
|
2017-05-08 21:46:45 +00:00
|
|
|
ifeq ($(ZT_TRACE),1)
|
|
|
|
DEFS+=-DZT_TRACE
|
|
|
|
endif
|
|
|
|
|
2018-01-03 19:55:45 +00:00
|
|
|
ifeq ($(ZT_VAULT_SUPPORT),1)
|
|
|
|
DEFS+=-DZT_VAULT_SUPPORT=1
|
|
|
|
LIBS+=-lcurl
|
|
|
|
endif
|
|
|
|
|
2021-08-11 17:19:49 +00:00
|
|
|
all: one
|
2017-04-20 17:08:46 +00:00
|
|
|
|
2017-04-18 15:45:37 +00:00
|
|
|
ext/x64-salsa2012-asm/salsa2012.o:
|
2021-08-19 19:44:02 +00:00
|
|
|
as -arch x86_64 -mmacosx-version-min=$(MACOS_VERSION_MIN) -o ext/x64-salsa2012-asm/salsa2012.o ext/x64-salsa2012-asm/salsa2012.s
|
2017-04-18 15:45:37 +00:00
|
|
|
|
2018-10-25 19:43:30 +00:00
|
|
|
mac-agent: FORCE
|
2021-08-19 19:44:02 +00:00
|
|
|
$(CC) -Ofast $(ARCH_FLAGS) -mmacosx-version-min=$(MACOS_VERSION_MIN) -o MacEthernetTapAgent osdep/MacEthernetTapAgent.c
|
2020-10-02 22:36:24 +00:00
|
|
|
$(CODESIGN) -f --options=runtime -s $(CODESIGN_APP_CERT) MacEthernetTapAgent
|
2018-10-25 19:43:30 +00:00
|
|
|
|
2020-08-05 21:26:11 +00:00
|
|
|
osdep/MacDNSHelper.o: osdep/MacDNSHelper.mm
|
|
|
|
$(CXX) $(CXXFLAGS) -c osdep/MacDNSHelper.mm -o osdep/MacDNSHelper.o
|
|
|
|
|
2021-11-04 22:40:08 +00:00
|
|
|
one: zeroidc $(CORE_OBJS) $(ONE_OBJS) one.o mac-agent
|
2021-10-28 00:09:01 +00:00
|
|
|
$(CXX) $(CXXFLAGS) -o zerotier-one $(CORE_OBJS) $(ONE_OBJS) one.o $(LIBS) zeroidc/target/libzeroidc.a
|
2020-07-06 21:35:05 +00:00
|
|
|
# $(STRIP) zerotier-one
|
2013-12-04 22:44:28 +00:00
|
|
|
ln -sf zerotier-one zerotier-idtool
|
2015-04-16 21:55:36 +00:00
|
|
|
ln -sf zerotier-one zerotier-cli
|
2020-10-06 22:09:51 +00:00
|
|
|
$(CODESIGN) -f --options=runtime -s $(CODESIGN_APP_CERT) zerotier-one
|
2013-07-04 20:56:19 +00:00
|
|
|
|
2017-05-08 21:36:55 +00:00
|
|
|
zerotier-one: one
|
|
|
|
|
2021-10-28 00:09:01 +00:00
|
|
|
zeroidc: zeroidc/target/libzeroidc.a
|
|
|
|
|
2021-11-08 17:32:15 +00:00
|
|
|
zeroidc/target/libzeroidc.a: FORCE
|
2021-12-15 23:53:48 +00:00
|
|
|
cd zeroidc && MACOSX_DEPLOYMENT_TARGET=$(MACOS_VERSION_MIN) cargo build --target=x86_64-apple-darwin $(RUSTFLAGS)
|
|
|
|
cd zeroidc && MACOSX_DEPLOYMENT_TARGET=$(MACOS_VERSION_MIN) cargo build --target=aarch64-apple-darwin $(RUSTFLAGS)
|
|
|
|
cd zeroidc && lipo -create target/x86_64-apple-darwin/$(RUST_VARIANT)/libzeroidc.a target/aarch64-apple-darwin/$(RUST_VARIANT)/libzeroidc.a -output target/libzeroidc.a
|
2021-10-28 00:09:01 +00:00
|
|
|
|
2019-03-19 00:01:05 +00:00
|
|
|
central-controller:
|
2021-05-21 22:29:35 +00:00
|
|
|
make ARCH_FLAGS="-arch x86_64" ZT_CONTROLLER=1 one
|
2019-03-19 00:01:05 +00:00
|
|
|
|
2017-05-08 21:36:55 +00:00
|
|
|
zerotier-idtool: one
|
|
|
|
|
|
|
|
zerotier-cli: one
|
|
|
|
|
2021-11-18 18:32:25 +00:00
|
|
|
$(ONE_OBJS): zeroidc
|
2021-11-04 22:40:08 +00:00
|
|
|
|
2017-05-08 21:36:55 +00:00
|
|
|
libzerotiercore.a: $(CORE_OBJS)
|
|
|
|
ar rcs libzerotiercore.a $(CORE_OBJS)
|
|
|
|
ranlib libzerotiercore.a
|
|
|
|
|
|
|
|
core: libzerotiercore.a
|
|
|
|
|
2017-01-13 21:09:42 +00:00
|
|
|
#cli: FORCE
|
|
|
|
# $(CXX) $(CXXFLAGS) -o zerotier cli/zerotier.cpp osdep/OSUtils.cpp node/InetAddress.cpp node/Utils.cpp node/Salsa20.cpp node/Identity.cpp node/SHA512.cpp node/C25519.cpp -lcurl
|
|
|
|
# $(STRIP) zerotier
|
2016-06-23 00:54:07 +00:00
|
|
|
|
2017-05-08 21:36:55 +00:00
|
|
|
selftest: $(CORE_OBJS) $(ONE_OBJS) selftest.o
|
|
|
|
$(CXX) $(CXXFLAGS) -o zerotier-selftest selftest.o $(CORE_OBJS) $(ONE_OBJS) $(LIBS)
|
2013-07-04 20:56:19 +00:00
|
|
|
$(STRIP) zerotier-selftest
|
|
|
|
|
2017-05-08 21:36:55 +00:00
|
|
|
zerotier-selftest: selftest
|
|
|
|
|
2015-05-20 23:35:33 +00:00
|
|
|
# Requires Packages: http://s.sudre.free.fr/Software/Packages/about.html
|
|
|
|
mac-dist-pkg: FORCE
|
2015-06-02 18:59:05 +00:00
|
|
|
packagesbuild "ext/installfiles/mac/ZeroTier One.pkgproj"
|
2015-06-03 02:17:39 +00:00
|
|
|
rm -f "ZeroTier One Signed.pkg"
|
|
|
|
$(PRODUCTSIGN) --sign $(CODESIGN_INSTALLER_CERT) "ZeroTier One.pkg" "ZeroTier One Signed.pkg"
|
|
|
|
if [ -f "ZeroTier One Signed.pkg" ]; then mv -f "ZeroTier One Signed.pkg" "ZeroTier One.pkg"; fi
|
2017-01-13 21:09:42 +00:00
|
|
|
rm -f zt1_update_$(ZT_BUILD_PLATFORM)_$(ZT_BUILD_ARCHITECTURE)_*
|
2017-03-07 19:58:17 +00:00
|
|
|
cat ext/installfiles/mac-update/updater.tmpl.sh "ZeroTier One.pkg" >zt1_update_$(ZT_BUILD_PLATFORM)_$(ZT_BUILD_ARCHITECTURE)_$(ZT_VERSION_MAJOR).$(ZT_VERSION_MINOR).$(ZT_VERSION_REV)_$(ZT_VERSION_BUILD).exe
|
2020-10-02 22:36:24 +00:00
|
|
|
$(NOTARIZE) -t osx -f "ZeroTier One.pkg" --primary-bundle-id com.zerotier.pkg.ZeroTierOne --output-format xml --notarize-app -u $(NOTARIZE_USER_ID)
|
2019-09-17 03:13:20 +00:00
|
|
|
echo '*** When Apple notifies that the app is notarized, run: xcrun stapler staple "ZeroTier One.pkg"'
|
2013-12-17 06:30:37 +00:00
|
|
|
|
2016-06-23 00:54:07 +00:00
|
|
|
# For ZeroTier, Inc. to build official signed packages
|
2015-05-20 23:35:33 +00:00
|
|
|
official: FORCE
|
2021-08-14 01:40:22 +00:00
|
|
|
cd ../DesktopUI ; make ZT_OFFICIAL_RELEASE=1
|
2016-06-23 00:54:07 +00:00
|
|
|
make clean
|
2017-12-07 16:56:15 +00:00
|
|
|
make ZT_OFFICIAL_RELEASE=1 -j 8 one
|
VERSION 1.1.6: route management, default route override, new IPv6 mode for Docker, and more!
Version 1.1.6 contains several significant improvements for use in complex network
environments along with some minor bug fixes and improvements to path stability and
dead path detection.
ROUTE MANAGEMENT AND FULL TUNNEL SUPPORT
1.1.6 is the first version of ZeroTier One to permit "full tunnel" (default route
override) operation on Linux, Mac, and Windows. This allows all Internet traffic
to be tunneled through ZeroTier while allowing ZeroTier peer-to-peer traffic to
continue to use the physical interface. 1.1.6 also brings route management support
and permissions settings for local networks to control whether networks are allowed
to modify the routing table or override default routing.
This is currently considered a beta/experimental feature and must be enabled via
the command line interface.
Route management and default route override requires support at the network controller.
When my.zerotier.com is updated and ready, we will post more information and testing
instructions at: https://www.zerotier.com/community
HIGHLY SCALABLE CONTAINER NETWORKING
1.1.6 also brings a new multicast-free (NDP emulated) IPv6 private addressing scheme
called "6plane." 6plane provides each host with a private IPv6 /80 and routes *all*
IPv6 traffic for this subnet to the host via transparent NDP emulation. This /80 can
then be assigned to Docker or other container/VM managers to assign a network-wide
IPv6 /128 to every container. Since NDP is emulated and multicast isn't needed, this
system can scale to millions of containers or more on a single backplane network with
a high degree of efficiency and reliability.
6plane also requires controller support. Look for it at my.zerotier.com once we have
upgraded our core infrastructure and web UIs.
(All hosts must be running 1.1.6 for 6plane to work properly. Other IPv6 addresses
or addressing modes are not affected and normal IPv6 NDP will continue to work
alongside 6plane in the same network.)
OTHER CHANGES
* Upgraded bundled miniupnpc, libnatpmp, and http-parser.
* New Debian and RPM packaging that is closer to compliance with distribution
guidelines, and a new Dockerized Linux package build system in linux-build-farm/
that can build every package on actual images of the correct distribution.
* Improvements to dead path detection.
* IPv6 now uses keepalive because a significant number of stateful IPv6 edge
routers have very short timeouts (30 seconds or less!).
* Significant performance improvements to network controllers under high load.
* Enable -fstack-protector-strong for better stack canary (security) support
in binaries. Note that this may require newer gcc/g++ or clang.
COMING SOON
The next version of ZeroTier One should have a new Mac UI. It's a system tray app
that looks and behaves a lot like the Mac WiFi pulldown menu. We'll also be adding
GUI support for default route and route management options and other new features.
Shortly after that we plan on adding full OpenFlow-like SDN rules engine support
to the ZeroTier core, making our planetary Ethernet switch a fully manageable smart
switch and enabling sophisticated security and flow rule management.
2016-06-29 22:53:46 +00:00
|
|
|
make ZT_OFFICIAL_RELEASE=1 mac-dist-pkg
|
2015-05-20 23:35:33 +00:00
|
|
|
|
2019-11-21 22:49:24 +00:00
|
|
|
central-controller-docker: FORCE
|
2020-05-12 22:17:57 +00:00
|
|
|
docker build --no-cache -t registry.zerotier.com/zerotier-central/ztcentral-controller:${TIMESTAMP} -f ext/central-controller-docker/Dockerfile --build-arg git_branch=$(shell git name-rev --name-only HEAD) .
|
2019-11-21 22:49:24 +00:00
|
|
|
|
2013-07-04 20:56:19 +00:00
|
|
|
clean:
|
2021-10-28 00:09:01 +00:00
|
|
|
rm -rf MacEthernetTapAgent *.dSYM build-* *.a *.pkg *.dmg *.o node/*.o controller/*.o service/*.o osdep/*.o ext/http-parser/*.o $(CORE_OBJS) $(ONE_OBJS) zerotier-one zerotier-idtool zerotier-selftest zerotier-cli zerotier doc/node_modules zt1_update_$(ZT_BUILD_PLATFORM)_$(ZT_BUILD_ARCHITECTURE)_* zeroidc/target/
|
2013-07-04 20:56:19 +00:00
|
|
|
|
2016-06-09 00:45:25 +00:00
|
|
|
distclean: clean
|
|
|
|
|
2017-01-13 21:09:42 +00:00
|
|
|
realclean: clean
|
|
|
|
|
2013-07-04 20:56:19 +00:00
|
|
|
FORCE:
|