ZeroTierOne/make-mac.mk

206 lines
9.1 KiB
Makefile
Raw Normal View History

CC=clang
CXX=clang++
TOPDIR=$(shell pwd)
INCLUDES=-I$(shell pwd)/rustybits/target -isystem $(TOPDIR)/ext -I$(TOPDIR)/ext/prometheus-cpp-lite-1.0/core/include -I$(TOPDIR)/ext-prometheus-cpp-lite-1.0/3rdparty/http-client-lite/include -I$(TOPDIR)/ext/prometheus-cpp-lite-1.0/simpleapi/include
DEFS=
LIBS=
ARCH_FLAGS=-arch x86_64 -arch arm64
2020-11-16 21:30:15 +00:00
CODESIGN=echo
PRODUCTSIGN=echo
CODESIGN_APP_CERT=
CODESIGN_INSTALLER_CERT=
2019-09-17 03:13:20 +00:00
NOTARIZE=echo
2024-04-18 01:20:06 +00:00
NOTARIZE_APPLE_ID=null
NOTARIZE_TEAM_ID=null
ZT_BUILD_PLATFORM=3
ZT_BUILD_ARCHITECTURE=2
ZT_VERSION_MAJOR=$(shell cat version.h | grep -F VERSION_MAJOR | cut -d ' ' -f 3)
ZT_VERSION_MINOR=$(shell cat version.h | grep -F VERSION_MINOR | cut -d ' ' -f 3)
ZT_VERSION_REV=$(shell cat version.h | grep -F VERSION_REVISION | cut -d ' ' -f 3)
ZT_VERSION_BUILD=$(shell cat version.h | grep -F VERSION_BUILD | cut -d ' ' -f 3)
# for central controller builds
TIMESTAMP=$(shell date +"%Y%m%d%H%M")
DEFS+=-DZT_BUILD_PLATFORM=$(ZT_BUILD_PLATFORM) -DZT_BUILD_ARCHITECTURE=$(ZT_BUILD_ARCHITECTURE)
include objects.mk
2020-08-05 21:26:11 +00:00
ONE_OBJS+=osdep/MacEthernetTap.o osdep/MacKextEthernetTap.o osdep/MacDNSHelper.o ext/http-parser/http_parser.o
LIBS+=-framework CoreServices -framework SystemConfiguration -framework CoreFoundation -framework Security
# Official releases are signed with our Apple cert and apply software updates by default
ifeq ($(ZT_OFFICIAL_RELEASE),1)
2017-01-12 21:51:06 +00:00
DEFS+=-DZT_SOFTWARE_UPDATE_DEFAULT="\"apply\""
ZT_USE_MINIUPNPC=1
CODESIGN=codesign
PRODUCTSIGN=productsign
CODESIGN_APP_CERT="Developer ID Application: ZeroTier, Inc (8ZD9JUCZ4V)"
CODESIGN_INSTALLER_CERT="Developer ID Installer: ZeroTier, Inc (8ZD9JUCZ4V)"
2024-04-18 01:20:06 +00:00
NOTARIZE=xcrun notarytool
NOTARIZE_APPLE_ID="adam.ierymenko@gmail.com"
NOTARIZE_TEAM_ID="8ZD9JUCZ4V"
else
2017-01-12 22:35:52 +00:00
DEFS+=-DZT_SOFTWARE_UPDATE_DEFAULT="\"download\""
endif
# Use fast ASM Salsa20/12 for x64 processors
DEFS+=-DZT_USE_X64_ASM_SALSA2012
CORE_OBJS+=ext/x64-salsa2012-asm/salsa2012.o
2022-05-13 16:51:37 +00:00
CXXFLAGS=$(CFLAGS) -std=c++17 -stdlib=libc++
# Build miniupnpc and nat-pmp as included libraries -- extra defs are required for these sources
2022-04-15 00:57:35 +00:00
DEFS+=-DMACOSX -DZT_SSO_SUPPORTED -DZT_USE_MINIUPNPC -DMINIUPNP_STATICLIB -D_DARWIN_C_SOURCE -DMINIUPNPC_SET_SOCKET_TIMEOUT -DMINIUPNPC_GET_SRC_ADDR -D_BSD_SOURCE -D_DEFAULT_SOURCE -DOS_STRING=\"Darwin/15.0.0\" -DMINIUPNPC_VERSION_STRING=\"2.0\" -DUPNP_VERSION_STRING=\"UPnP/1.1\" -DENABLE_STRNATPMPERR
ONE_OBJS+=ext/libnatpmp/natpmp.o ext/libnatpmp/getgateway.o ext/miniupnpc/connecthostport.o ext/miniupnpc/igd_desc_parse.o ext/miniupnpc/minisoap.o ext/miniupnpc/minissdpc.o ext/miniupnpc/miniupnpc.o ext/miniupnpc/miniwget.o ext/miniupnpc/minixml.o ext/miniupnpc/portlistingparse.o ext/miniupnpc/receivedata.o ext/miniupnpc/upnpcommands.o ext/miniupnpc/upnpdev.o ext/miniupnpc/upnperrors.o ext/miniupnpc/upnpreplyparse.o osdep/PortMapper.o
ifeq ($(ZT_CONTROLLER),1)
MACOS_VERSION_MIN=10.15
override CXXFLAGS=$(CFLAGS) -std=c++17 -stdlib=libc++
LIBS+=-L/usr/local/opt/libpqxx/lib -L/usr/local/opt/libpq/lib -L/usr/local/opt/openssl/lib/ -lpqxx -lpq -lssl -lcrypto -lgssapi_krb5 ext/redis-plus-plus-1.1.1/install/macos/lib/libredis++.a ext/hiredis-0.14.1/lib/macos/libhiredis.a
DEFS+=-DZT_CONTROLLER_USE_LIBPQ -DZT_CONTROLLER_USE_REDIS -DZT_CONTROLLER
INCLUDES+=-I/usr/local/opt/libpq/include -I/usr/local/opt/libpqxx/include -Iext/hiredis-0.14.1/include/ -Iext/redis-plus-plus-1.1.1/install/macos/include/sw/
else
MACOS_VERSION_MIN=10.13
endif
# Build with address sanitization library for advanced debugging (clang)
ifeq ($(ZT_SANITIZE),1)
DEFS+=-fsanitize=address -DASAN_OPTIONS=symbolize=1
endif
ifeq ($(ZT_DEBUG_TRACE),1)
DEFS+=-DZT_DEBUG_TRACE
endif
# Debug mode -- dump trace output, build binary with -g
ifeq ($(ZT_DEBUG),1)
2017-05-08 21:46:45 +00:00
ZT_TRACE=1
ARCH_FLAGS=
2020-08-21 16:56:53 +00:00
CFLAGS+=-Wall -g $(INCLUDES) $(DEFS) $(ARCH_FLAGS)
STRIP=echo
2022-01-20 23:35:18 +00:00
EXTRA_CARGO_FLAGS=
RUST_VARIANT=debug
# The following line enables optimization for the crypto code, since
# C25519 in particular is almost UNUSABLE in heavy testing without it.
2017-05-08 21:46:45 +00:00
node/Salsa20.o node/SHA512.o node/C25519.o node/Poly1305.o: CFLAGS = -Wall -O2 -g $(INCLUDES) $(DEFS)
else
2018-01-08 23:56:53 +00:00
CFLAGS?=-Ofast -fstack-protector-strong
CFLAGS+=$(ARCH_FLAGS) -Wall -flto -fPIE -mmacosx-version-min=$(MACOS_VERSION_MIN) -DNDEBUG -Wno-unused-private-field $(INCLUDES) $(DEFS)
STRIP=strip
2022-01-20 23:35:18 +00:00
EXTRA_CARGO_FLAGS=--release
RUST_VARIANT=release
endif
2017-05-08 21:46:45 +00:00
ifeq ($(ZT_TRACE),1)
DEFS+=-DZT_TRACE
endif
2022-02-09 22:32:10 +00:00
ifeq ($(ZT_DEBUG),1)
DEFS+=-DZT_DEBUG
endif
ifeq ($(ZT_VAULT_SUPPORT),1)
DEFS+=-DZT_VAULT_SUPPORT=1
LIBS+=-lcurl
endif
2021-08-11 17:19:49 +00:00
all: one
ext/x64-salsa2012-asm/salsa2012.o:
as -arch x86_64 -mmacosx-version-min=$(MACOS_VERSION_MIN) -o ext/x64-salsa2012-asm/salsa2012.o ext/x64-salsa2012-asm/salsa2012.s
mac-agent: FORCE
$(CC) -Ofast $(ARCH_FLAGS) -mmacosx-version-min=$(MACOS_VERSION_MIN) -o MacEthernetTapAgent osdep/MacEthernetTapAgent.c
$(CODESIGN) -f --options=runtime -s $(CODESIGN_APP_CERT) MacEthernetTapAgent
2020-08-05 21:26:11 +00:00
osdep/MacDNSHelper.o: osdep/MacDNSHelper.mm
$(CXX) $(CXXFLAGS) -c osdep/MacDNSHelper.mm -o osdep/MacDNSHelper.o
one: zeroidc $(CORE_OBJS) $(ONE_OBJS) one.o mac-agent
2023-08-03 21:47:50 +00:00
$(CXX) $(CXXFLAGS) -o zerotier-one $(CORE_OBJS) $(ONE_OBJS) one.o $(LIBS) rustybits/target/libzeroidc.a
2020-07-06 21:35:05 +00:00
# $(STRIP) zerotier-one
ln -sf zerotier-one zerotier-idtool
ln -sf zerotier-one zerotier-cli
$(CODESIGN) -f --options=runtime -s $(CODESIGN_APP_CERT) zerotier-one
zerotier-one: one
2023-08-03 21:47:50 +00:00
zeroidc: rustybits/target/libzeroidc.a
2023-08-03 21:47:50 +00:00
rustybits/target/libzeroidc.a: FORCE
cd rustybits && MACOSX_DEPLOYMENT_TARGET=$(MACOS_VERSION_MIN) cargo build -p zeroidc --target=x86_64-apple-darwin $(EXTRA_CARGO_FLAGS)
cd rustybits && MACOSX_DEPLOYMENT_TARGET=$(MACOS_VERSION_MIN) cargo build -p zeroidc --target=aarch64-apple-darwin $(EXTRA_CARGO_FLAGS)
cd rustybits && lipo -create target/x86_64-apple-darwin/$(RUST_VARIANT)/libzeroidc.a target/aarch64-apple-darwin/$(RUST_VARIANT)/libzeroidc.a -output target/libzeroidc.a
central-controller:
make ARCH_FLAGS="-arch x86_64" ZT_CONTROLLER=1 one
zerotier-idtool: one
zerotier-cli: one
2021-11-18 18:32:25 +00:00
$(ONE_OBJS): zeroidc
libzerotiercore.a: $(CORE_OBJS)
ar rcs libzerotiercore.a $(CORE_OBJS)
ranlib libzerotiercore.a
core: libzerotiercore.a
#cli: FORCE
# $(CXX) $(CXXFLAGS) -o zerotier cli/zerotier.cpp osdep/OSUtils.cpp node/InetAddress.cpp node/Utils.cpp node/Salsa20.cpp node/Identity.cpp node/SHA512.cpp node/C25519.cpp -lcurl
# $(STRIP) zerotier
selftest: $(CORE_OBJS) $(ONE_OBJS) selftest.o
2023-08-04 21:04:20 +00:00
$(CXX) $(CXXFLAGS) -o zerotier-selftest selftest.o $(CORE_OBJS) $(ONE_OBJS) $(LIBS) rustybits/target/libzeroidc.a
$(STRIP) zerotier-selftest
zerotier-selftest: selftest
2022-04-14 16:00:36 +00:00
# Make compile_commands.json for clangd editor extensions. Probably works on Linux too.
compile_commands: FORCE
compiledb make ZT_DEBUG=1
# Requires Packages: http://s.sudre.free.fr/Software/Packages/about.html
mac-dist-pkg: FORCE
2015-06-02 18:59:05 +00:00
packagesbuild "ext/installfiles/mac/ZeroTier One.pkgproj"
rm -f "ZeroTier One Signed.pkg"
$(PRODUCTSIGN) --sign $(CODESIGN_INSTALLER_CERT) "ZeroTier One.pkg" "ZeroTier One Signed.pkg"
if [ -f "ZeroTier One Signed.pkg" ]; then mv -f "ZeroTier One Signed.pkg" "ZeroTier One.pkg"; fi
rm -f zt1_update_$(ZT_BUILD_PLATFORM)_$(ZT_BUILD_ARCHITECTURE)_*
2017-03-07 19:58:17 +00:00
cat ext/installfiles/mac-update/updater.tmpl.sh "ZeroTier One.pkg" >zt1_update_$(ZT_BUILD_PLATFORM)_$(ZT_BUILD_ARCHITECTURE)_$(ZT_VERSION_MAJOR).$(ZT_VERSION_MINOR).$(ZT_VERSION_REV)_$(ZT_VERSION_BUILD).exe
2024-04-18 01:20:06 +00:00
$(NOTARIZE) submit --apple-id "adam.ierymenko@gmail.com" --team-id "8ZD9JUCZ4V" --wait "ZeroTier One.pkg"
2019-09-17 03:13:20 +00:00
echo '*** When Apple notifies that the app is notarized, run: xcrun stapler staple "ZeroTier One.pkg"'
2013-12-17 06:30:37 +00:00
# For ZeroTier, Inc. to build official signed packages
official: FORCE
cd ../DesktopUI ; make ZT_OFFICIAL_RELEASE=1
make clean
make ZT_OFFICIAL_RELEASE=1 -j 8 one
VERSION 1.1.6: route management, default route override, new IPv6 mode for Docker, and more! Version 1.1.6 contains several significant improvements for use in complex network environments along with some minor bug fixes and improvements to path stability and dead path detection. ROUTE MANAGEMENT AND FULL TUNNEL SUPPORT 1.1.6 is the first version of ZeroTier One to permit "full tunnel" (default route override) operation on Linux, Mac, and Windows. This allows all Internet traffic to be tunneled through ZeroTier while allowing ZeroTier peer-to-peer traffic to continue to use the physical interface. 1.1.6 also brings route management support and permissions settings for local networks to control whether networks are allowed to modify the routing table or override default routing. This is currently considered a beta/experimental feature and must be enabled via the command line interface. Route management and default route override requires support at the network controller. When my.zerotier.com is updated and ready, we will post more information and testing instructions at: https://www.zerotier.com/community HIGHLY SCALABLE CONTAINER NETWORKING 1.1.6 also brings a new multicast-free (NDP emulated) IPv6 private addressing scheme called "6plane." 6plane provides each host with a private IPv6 /80 and routes *all* IPv6 traffic for this subnet to the host via transparent NDP emulation. This /80 can then be assigned to Docker or other container/VM managers to assign a network-wide IPv6 /128 to every container. Since NDP is emulated and multicast isn't needed, this system can scale to millions of containers or more on a single backplane network with a high degree of efficiency and reliability. 6plane also requires controller support. Look for it at my.zerotier.com once we have upgraded our core infrastructure and web UIs. (All hosts must be running 1.1.6 for 6plane to work properly. Other IPv6 addresses or addressing modes are not affected and normal IPv6 NDP will continue to work alongside 6plane in the same network.) OTHER CHANGES * Upgraded bundled miniupnpc, libnatpmp, and http-parser. * New Debian and RPM packaging that is closer to compliance with distribution guidelines, and a new Dockerized Linux package build system in linux-build-farm/ that can build every package on actual images of the correct distribution. * Improvements to dead path detection. * IPv6 now uses keepalive because a significant number of stateful IPv6 edge routers have very short timeouts (30 seconds or less!). * Significant performance improvements to network controllers under high load. * Enable -fstack-protector-strong for better stack canary (security) support in binaries. Note that this may require newer gcc/g++ or clang. COMING SOON The next version of ZeroTier One should have a new Mac UI. It's a system tray app that looks and behaves a lot like the Mac WiFi pulldown menu. We'll also be adding GUI support for default route and route management options and other new features. Shortly after that we plan on adding full OpenFlow-like SDN rules engine support to the ZeroTier core, making our planetary Ethernet switch a fully manageable smart switch and enabling sophisticated security and flow rule management.
2016-06-29 22:53:46 +00:00
make ZT_OFFICIAL_RELEASE=1 mac-dist-pkg
_buildx:
@echo "docker buildx create"
# docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
docker run --privileged --rm tonistiigi/binfmt --install all
@echo docker buildx create --name multiarch --driver docker-container --use
@echo docker buildx inspect --bootstrap
2023-08-04 20:08:18 +00:00
controller-builder: _buildx FORCE
docker buildx build --platform linux/arm64,linux/amd64 --no-cache -t registry.zerotier.com/zerotier/ctlbuild:latest -f ext/central-controller-docker/Dockerfile.builder . --push
controller-run: _buildx FORCE
docker buildx build --platform linux/arm64,linux/amd64 --no-cache -t registry.zerotier.com/zerotier-central/ctlrun:latest -f ext/central-controller-docker/Dockerfile.run_base . --push
central-controller-docker: _buildx FORCE
2023-07-20 23:22:03 +00:00
docker buildx build --platform linux/arm64,linux/amd64 --no-cache -t registry.zerotier.com/zerotier-central/ztcentral-controller:${TIMESTAMP} -f ext/central-controller-docker/Dockerfile --build-arg git_branch=$(shell git name-rev --name-only HEAD) . --push
@echo Image: registry.zerotier.com/zerotier-central/ztcentral-controller:${TIMESTAMP}
clean:
2023-08-03 21:47:50 +00:00
rm -rf MacEthernetTapAgent *.dSYM build-* *.a *.pkg *.dmg *.o node/*.o controller/*.o service/*.o osdep/*.o ext/http-parser/*.o $(CORE_OBJS) $(ONE_OBJS) zerotier-one zerotier-idtool zerotier-selftest zerotier-cli zerotier doc/node_modules zt1_update_$(ZT_BUILD_PLATFORM)_$(ZT_BUILD_ARCHITECTURE)_* rustybits/target/
2016-06-09 00:45:25 +00:00
distclean: clean
realclean: clean
FORCE: