ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-01-18 02:40:13 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

merge dev

Browse Source
This commit is contained in:
Adam Ierymenko 2018-08-09 11:31:37 -07:00
commit 553101e8b5
35 changed files with 279 additions and 744 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
RELEASE-NOTES.md
View File

@ -1,6 +1,13 @@
ZeroTier Release Notes
======
# 2018-07-27 -- Version 1.2.12
* Fixed a bug that caused exits to take a long time on Mac due to huge numbers of redundant attempts to delete managed routes.
* Fixed a socket limit problem on Windows that caused the ZeroTier service to run out of sockets, causing the UI and CLI to be unable to access the API.
* Fixed a threading bug in the ZeroTier Core, albeit one that never manifested on the regular ZeroTier One service/client.
* Fixed a bug that could cause the service to crash if an authorized local client accessed an invalid URL via the control API. (Not exploitable since you needed admin access anyway.)
# 2018-05-08 -- Version 1.2.10
* Fix bug loading `moons.d/` files for federated root operation.

6
attic/world/mkworld.cpp
View File

@ -81,7 +81,7 @@ int main(int argc,char **argv)
std::vector<World::Root> roots;
const uint64_t id = ZT_WORLD_ID_EARTH;
const uint64_t ts = 1452708876314ULL; // January 13th, 2016
const uint64_t ts = 1532555817048ULL; // July 25th, 2018
// Alice
roots.push_back(World::Root());
@ -92,8 +92,8 @@ int main(int argc,char **argv)
roots.back().stableEndpoints.push_back(InetAddress("2c0f:f850:154:197::33/9993")); // Johannesburg
roots.back().stableEndpoints.push_back(InetAddress("159.203.97.171/9993")); // New York
roots.back().stableEndpoints.push_back(InetAddress("2604:a880:800:a1::54:6001/9993")); // New York
roots.back().stableEndpoints.push_back(InetAddress("169.57.143.104/9993")); // Sao Paolo
roots.back().stableEndpoints.push_back(InetAddress("2607:f0d0:1d01:57::2/9993")); // Sao Paolo
roots.back().stableEndpoints.push_back(InetAddress("131.255.6.16/9993")); // Buenos Aires
roots.back().stableEndpoints.push_back(InetAddress("2803:eb80:0:e::2/9993")); // Buenos Aires
roots.back().stableEndpoints.push_back(InetAddress("107.170.197.14/9993")); // San Francisco
roots.back().stableEndpoints.push_back(InetAddress("2604:a880:1:20::200:e001/9993")); // San Francisco
roots.back().stableEndpoints.push_back(InetAddress("128.199.197.217/9993")); // Singapore

0
attic/world/earth-2016-01-13.bin → attic/world/old/earth-2016-01-13.bin
View File

BIN
attic/world/world.bin Normal file
View File

Binary file not shown.

3
attic/world/world.c Normal file
View File

@ -0,0 +1,3 @@
#define ZT_DEFAULT_WORLD_LENGTH 634
static const unsigned char ZT_DEFAULT_WORLD[ZT_DEFAULT_WORLD_LENGTH] = {0x01,0x00,0x00,0x00,0x00,0x08,0xea,0xc9,0x0a,0x00,0x00,0x01,0x64,0xd3,0x71,0xf0,0x58,0xb8,0xb3,0x88,0xa4,0x69,0x22,0x14,0x91,0xaa,0x9a,0xcd,0x66,0xcc,0x76,0x4c,0xde,0xfd,0x56,0x03,0x9f,0x10,0x67,0xae,0x15,0xe6,0x9c,0x6f,0xb4,0x2d,0x7b,0x55,0x33,0x0e,0x3f,0xda,0xac,0x52,0x9c,0x07,0x92,0xfd,0x73,0x40,0xa6,0xaa,0x21,0xab,0xa8,0xa4,0x89,0xfd,0xae,0xa4,0x4a,0x39,0xbf,0x2d,0x00,0x65,0x9a,0xc9,0xc8,0x18,0xeb,0xbf,0xfd,0xd5,0x32,0xf7,0x15,0x6e,0x02,0x6f,0xb9,0x01,0x0d,0xb5,0x7b,0x04,0xd8,0x3a,0xc5,0x17,0x39,0x04,0x36,0xfd,0x9d,0xc6,0x3d,0xa8,0xf3,0x8e,0x79,0xe7,0xc8,0x77,0x8d,0xcc,0x79,0xb8,0xab,0xc6,0x98,0x7c,0x9f,0x34,0x25,0x14,0xe1,0x2f,0xd7,0x97,0x11,0xec,0x34,0x4c,0x9f,0x0f,0xb4,0x85,0x0d,0x9b,0x11,0xd1,0xc2,0xce,0x00,0xc4,0x0a,0x13,0x4b,0xcb,0xc3,0xae,0x2e,0x16,0x00,0x4b,0xdc,0x90,0x5e,0x7e,0x9b,0x44,0x07,0x15,0x36,0x61,0x3c,0x64,0xaa,0xe9,0x46,0x78,0x3c,0xa7,0x18,0xc8,0xd8,0x02,0x9d,0x21,0x90,0x39,0xf3,0x00,0x01,0xf0,0x92,0x2a,0x98,0xe3,0xb3,0x4e,0xbc,0xbf,0xf3,0x33,0x26,0x9d,0xc2,0x65,0xd7,0xa0,0x20,0xaa,0xb6,0x9d,0x72,0xbe,0x4d,0x4a,0xcc,0x9c,0x8c,0x92,0x94,0x78,0x57,0x71,0x25,0x6c,0xd1,0xd9,0x42,0xa9,0x0d,0x1b,0xd1,0xd2,0xdc,0xa3,0xea,0x84,0xef,0x7d,0x85,0xaf,0xe6,0x61,0x1f,0xb4,0x3f,0xf0,0xb7,0x41,0x26,0xd9,0x0a,0x6e,0x00,0x0c,0x04,0xbc,0xa6,0x5e,0xb1,0x27,0x09,0x06,0x2a,0x03,0xb0,0xc0,0x00,0x02,0x00,0xd0,0x00,0x7d,0x00,0x01,0x00,0x00,0x00,0x00,0x27,0x09,0x04,0x9a,0x42,0xc5,0x21,0x27,0x09,0x06,0x2c,0x0f,0xf8,0x50,0x01,0x54,0x01,0x97,0x00,0x33,0xcc,0x08,0xf8,0xfa,0xcc,0x08,0x27,0x09,0x04,0x9f,0xcb,0x61,0xab,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x08,0x00,0x00,0xa1,0x00,0x54,0x60,0x01,0x00,0xfc,0xcc,0x08,0x27,0x09,0x04,0x83,0xff,0x06,0x10,0x27,0x09,0x06,0x28,0x03,0xeb,0x80,0x00,0x00,0x00,0x0e,0x00,0x02,0x60,0x01,0x00,0xfc,0xcc,0x08,0x27,0x09,0x04,0x6b,0xaa,0xc5,0x0e,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x00,0x01,0x00,0x20,0x02,0x00,0xe0,0x01,0x08,0xfe,0xcc,0x08,0x27,0x09,0x04,0x80,0xc7,0xc5,0xd9,0x27,0x09,0x06,0x24,0x00,0x61,0x80,0x00,0x00,0x00,0xd0,0x00,0xb7,0x40,0x01,0x08,0xfe,0xcc,0x08,0x27,0x09,0x88,0x41,0x40,0x8a,0x2e,0x00,0xbb,0x1d,0x31,0xf2,0xc3,0x23,0xe2,0x64,0xe9,0xe6,0x41,0x72,0xc1,0xa7,0x4f,0x77,0x89,0x95,0x55,0xed,0x10,0x75,0x1c,0xd5,0x6e,0x86,0x40,0x5c,0xde,0x11,0x8d,0x02,0xdf,0xfe,0x55,0x5d,0x46,0x2c,0xcf,0x6a,0x85,0xb5,0x63,0x1c,0x12,0x35,0x0c,0x8d,0x5d,0xc4,0x09,0xba,0x10,0xb9,0x02,0x5d,0x0f,0x44,0x5c,0xf4,0x49,0xd9,0x2b,0x1c,0x00,0x0c,0x04,0x2d,0x20,0xc6,0x82,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x64,0x00,0x81,0xc3,0x54,0x00,0x00,0xff,0xfe,0x18,0x1d,0x61,0x27,0x09,0x04,0x2e,0x65,0xa0,0xf9,0x27,0x09,0x06,0x2a,0x03,0xb0,0xc0,0x00,0x03,0x00,0xd0,0x00,0x6a,0x30,0x01,0x78,0x00,0xcd,0x08,0x27,0x09,0x04,0x6b,0xbf,0x2e,0xd2,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x68,0x00,0x83,0xa4,0x00,0x64,0xcd,0x08,0x80,0x01,0xcd,0x08,0x27,0x09,0x04,0x2d,0x20,0xf6,0xb3,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x58,0x00,0x8b,0xf8,0x54,0x00,0x00,0xff,0xfe,0x15,0xb3,0x9a,0x27,0x09,0x04,0x2d,0x20,0xf8,0x57,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x70,0x00,0x9b,0xc9,0x54,0x00,0x00,0xff,0xfe,0x15,0xc4,0xf5,0x27,0x09,0x04,0x9f,0xcb,0x02,0x9a,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x0c,0xad,0x00,0xd0,0x00,0x26,0x70,0x01,0xfe,0x15,0xc4,0xf5,0x27,0x09};

136
controller/DB.cpp
View File

@ -324,109 +324,6 @@ void DB::_memberChanged(nlohmann::json &old,nlohmann::json &memberConfig,bool pu
}
}
/*
if (old.is_object()) {
json &config = old["config"];
if (config.is_object()) {
memberId = OSUtils::jsonIntHex(config["id"],0ULL);
networkId = OSUtils::jsonIntHex(config["nwid"],0ULL);
if ((memberId)&&(networkId)) {
{
std::lock_guard<std::mutex> l(_networks_l);
auto nw2 = _networks.find(networkId);
if (nw2 != _networks.end())
nw = nw2->second;
}
if (nw) {
std::lock_guard<std::mutex> l(nw->lock);
if (OSUtils::jsonBool(config["activeBridge"],false))
nw->activeBridgeMembers.erase(memberId);
wasAuth = OSUtils::jsonBool(config["authorized"],false);
if (wasAuth)
nw->authorizedMembers.erase(memberId);
json &ips = config["ipAssignments"];
if (ips.is_array()) {
for(unsigned long i=0;i<ips.size();++i) {
json &ipj = ips[i];
if (ipj.is_string()) {
const std::string ips = ipj;
InetAddress ipa(ips.c_str());
ipa.setPort(0);
nw->allocatedIps.erase(ipa);
}
}
}
}
}
}
}
if (member.is_object()) {
json &config = member["config"];
if (config.is_object()) {
if (!nw) {
memberId = OSUtils::jsonIntHex(config["id"],0ULL);
networkId = OSUtils::jsonIntHex(config["nwid"],0ULL);
if ((!memberId)||(!networkId))
return;
std::lock_guard<std::mutex> l(_networks_l);
std::shared_ptr<_Network> &nw2 = _networks[networkId];
if (!nw2)
nw2.reset(new _Network);
nw = nw2;
}
{
std::lock_guard<std::mutex> l(nw->lock);
nw->members[memberId] = config;
if (OSUtils::jsonBool(config["activeBridge"],false))
nw->activeBridgeMembers.insert(memberId);
isAuth = OSUtils::jsonBool(config["authorized"],false);
if (isAuth)
nw->authorizedMembers.insert(memberId);
json &ips = config["ipAssignments"];
if (ips.is_array()) {
for(unsigned long i=0;i<ips.size();++i) {
json &ipj = ips[i];
if (ipj.is_string()) {
const std::string ips = ipj;
InetAddress ipa(ips.c_str());
ipa.setPort(0);
nw->allocatedIps.insert(ipa);
}
}
}
if (!isAuth) {
const int64_t ldt = (int64_t)OSUtils::jsonInt(config["lastDeauthorizedTime"],0ULL);
if (ldt > nw->mostRecentDeauthTime)
nw->mostRecentDeauthTime = ldt;
}
}
if (push)
_controller->onNetworkMemberUpdate(networkId,memberId);
}
} else if (memberId) {
if (nw) {
std::lock_guard<std::mutex> l(nw->lock);
nw->members.erase(memberId);
}
if (networkId) {
std::lock_guard<std::mutex> l(_networks_l);
auto er = _networkByMember.equal_range(memberId);
for(auto i=er.first;i!=er.second;++i) {
if (i->second == networkId) {
_networkByMember.erase(i);
break;
}
}
}
}
*/
if ((push)&&((wasAuth)&&(!isAuth)&&(networkId)&&(memberId)))
_controller->onNetworkMemberDeauthorize(networkId,memberId);
}
@ -460,39 +357,6 @@ void DB::_networkChanged(nlohmann::json &old,nlohmann::json &networkConfig,bool
_networks.erase(id);
}
}
/*
if (network.is_object()) {
json &config = network["config"];
if (networkConfig.is_object()) {
const std::string ids = config["id"];
const uint64_t id = Utils::hexStrToU64(ids.c_str());
if (id) {
std::shared_ptr<_Network> nw;
{
std::lock_guard<std::mutex> l(_networks_l);
std::shared_ptr<_Network> &nw2 = _networks[id];
if (!nw2)
nw2.reset(new _Network);
nw = nw2;
}
{
std::lock_guard<std::mutex> l2(nw->lock);
nw->config = config;
}
if (push)
_controller->onNetworkUpdate(id);
}
}
} else if (old.is_object()) {
const std::string ids = old["id"];
const uint64_t id = Utils::hexStrToU64(ids.c_str());
if (id) {
std::lock_guard<std::mutex> l(_networks_l);
_networks.erase(id);
}
}
*/
}
void DB::_fillSummaryInfo(const std::shared_ptr<_Network> &nw,NetworkSummaryInfo &info)

1
controller/DB.hpp
View File

@ -82,6 +82,7 @@ public:
virtual ~DB();
virtual bool waitForReady() = 0;
virtual bool isReady() = 0;
inline bool hasNetwork(const uint64_t networkId) const
{

7
controller/EmbeddedNetworkController.cpp
View File

@ -551,7 +551,7 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpGET(
for(auto member=members.begin();member!=members.end();++member) {
mid = (*member)["id"];
char tmp[128];
OSUtils::ztsnprintf(tmp,sizeof(tmp),"%s\"%s\":%llu",(responseBody.length() > 1) ? ",\"" : "\"",mid.c_str(),(unsigned long long)OSUtils::jsonInt((*member)["revision"],0));
OSUtils::ztsnprintf(tmp,sizeof(tmp),"%s\"%s\":%llu",(responseBody.length() > 1) ? "," : "",mid.c_str(),(unsigned long long)OSUtils::jsonInt((*member)["revision"],0));
responseBody.append(tmp);
}
}
@ -596,10 +596,11 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpGET(
// Controller status
char tmp[4096];
OSUtils::ztsnprintf(tmp,sizeof(tmp),"{\n\t\"controller\": true,\n\t\"apiVersion\": %d,\n\t\"clock\": %llu\n}\n",ZT_NETCONF_CONTROLLER_API_VERSION,(unsigned long long)OSUtils::now());
const bool dbOk = _db->isReady();
OSUtils::ztsnprintf(tmp,sizeof(tmp),"{\n\t\"controller\": true,\n\t\"apiVersion\": %d,\n\t\"clock\": %llu,\n\t\"databaseReady\": %s\n}\n",ZT_NETCONF_CONTROLLER_API_VERSION,(unsigned long long)OSUtils::now(),dbOk ? "true" : "false");
responseBody = tmp;
responseContentType = "application/json";
return 200;
return dbOk ? 200 : 503;
}

48
controller/FileDB.cpp
View File

@ -63,14 +63,10 @@ FileDB::FileDB(EmbeddedNetworkController *const nc,const Identity &myId,const ch
}
}
FileDB::~FileDB()
{
}
FileDB::~FileDB() {}
bool FileDB::waitForReady()
{
return true;
}
bool FileDB::waitForReady() { return true; }
bool FileDB::isReady() { return true; }
void FileDB::save(nlohmann::json *orig,nlohmann::json &record)
{
@ -91,13 +87,15 @@ void FileDB::save(nlohmann::json *orig,nlohmann::json &record)
nlohmann::json old;
get(nwid,old);
OSUtils::ztsnprintf(p1,sizeof(p1),"%s" ZT_PATH_SEPARATOR_S "%.16llx.json.new",_networksPath.c_str(),nwid);
OSUtils::ztsnprintf(p2,sizeof(p2),"%s" ZT_PATH_SEPARATOR_S "%.16llx.json",_networksPath.c_str(),nwid);
if (!OSUtils::writeFile(p1,OSUtils::jsonDump(record,-1)))
fprintf(stderr,"WARNING: controller unable to write to path: %s" ZT_EOL_S,p1);
OSUtils::rename(p1,p2);
if ((!old.is_object())||(old != record)) {
OSUtils::ztsnprintf(p1,sizeof(p1),"%s" ZT_PATH_SEPARATOR_S "%.16llx.json.new",_networksPath.c_str(),nwid);
OSUtils::ztsnprintf(p2,sizeof(p2),"%s" ZT_PATH_SEPARATOR_S "%.16llx.json",_networksPath.c_str(),nwid);
if (!OSUtils::writeFile(p1,OSUtils::jsonDump(record,-1)))
fprintf(stderr,"WARNING: controller unable to write to path: %s" ZT_EOL_S,p1);
OSUtils::rename(p1,p2);
_networkChanged(old,record,true);
_networkChanged(old,record,true);
}
}
} else if (objtype == "member") {
const uint64_t id = OSUtils::jsonIntHex(record["id"],0ULL);
@ -106,17 +104,21 @@ void FileDB::save(nlohmann::json *orig,nlohmann::json &record)
nlohmann::json network,old;
get(nwid,network,id,old);
OSUtils::ztsnprintf(pb,sizeof(pb),"%s" ZT_PATH_SEPARATOR_S "%.16llx" ZT_PATH_SEPARATOR_S "member",_networksPath.c_str(),(unsigned long long)nwid);
OSUtils::ztsnprintf(p1,sizeof(p1),"%s" ZT_PATH_SEPARATOR_S "%.10llx.json.new",pb,(unsigned long long)id);
OSUtils::ztsnprintf(p2,sizeof(p2),"%s" ZT_PATH_SEPARATOR_S "%.10llx.json",pb,(unsigned long long)id);
if (!OSUtils::writeFile(p1,OSUtils::jsonDump(record,-1))) {
OSUtils::mkdir(pb);
if (!OSUtils::writeFile(p1,OSUtils::jsonDump(record,-1)))
fprintf(stderr,"WARNING: controller unable to write to path: %s" ZT_EOL_S,p1);
}
OSUtils::rename(p1,p2);
if ((!old.is_object())||(old != record)) {
OSUtils::ztsnprintf(pb,sizeof(pb),"%s" ZT_PATH_SEPARATOR_S "%.16llx" ZT_PATH_SEPARATOR_S "member",_networksPath.c_str(),(unsigned long long)nwid);
OSUtils::ztsnprintf(p1,sizeof(p1),"%s" ZT_PATH_SEPARATOR_S "%.10llx.json.new",pb,(unsigned long long)id);
if (!OSUtils::writeFile(p1,OSUtils::jsonDump(record,-1))) {
OSUtils::ztsnprintf(p2,sizeof(p2),"%s" ZT_PATH_SEPARATOR_S "%.16llx",_networksPath.c_str(),(unsigned long long)nwid);
OSUtils::mkdir(p2);
OSUtils::mkdir(pb);
if (!OSUtils::writeFile(p1,OSUtils::jsonDump(record,-1)))
fprintf(stderr,"WARNING: controller unable to write to path: %s" ZT_EOL_S,p1);
}
OSUtils::ztsnprintf(p2,sizeof(p2),"%s" ZT_PATH_SEPARATOR_S "%.10llx.json",pb,(unsigned long long)id);
OSUtils::rename(p1,p2);
_memberChanged(old,record,true);
_memberChanged(old,record,true);
}
}
} else if (objtype == "trace") {
const std::string id = record["id"];

1
controller/FileDB.hpp
View File

@ -31,6 +31,7 @@ public:
virtual ~FileDB();
virtual bool waitForReady();
virtual bool isReady();
virtual void save(nlohmann::json *orig,nlohmann::json &record);
virtual void eraseNetwork(const uint64_t networkId);
virtual void eraseMember(const uint64_t networkId,const uint64_t memberId);

11
controller/RethinkDB.cpp
View File

@ -263,9 +263,13 @@ RethinkDB::RethinkDB(EmbeddedNetworkController *const nc,const Identity &myId,co
std::unique_ptr<R::Connection> rdb;
while (_run == 1) {
try {
if (!rdb)
if (!rdb) {
_connected = 0;
rdb = R::connect(this->_host,this->_port,this->_auth);
}
if (rdb) {
_connected = 1;
R::Array batch;
R::Object tmpobj;
@ -434,6 +438,11 @@ bool RethinkDB::waitForReady()
return true;
}
bool RethinkDB::isReady()
{
return ((_ready)&&(_connected));
}
void RethinkDB::save(nlohmann::json *orig,nlohmann::json &record)
{
if (!record.is_object()) // sanity check

4
controller/RethinkDB.hpp
View File

@ -41,6 +41,7 @@ public:
virtual ~RethinkDB();
virtual bool waitForReady();
virtual bool isReady();
virtual void save(nlohmann::json *orig,nlohmann::json &record);
virtual void eraseNetwork(const uint64_t networkId);
virtual void eraseMember(const uint64_t networkId,const uint64_t memberId);
@ -72,8 +73,7 @@ protected:
std::thread _heartbeatThread;
mutable std::mutex _readyLock; // locked until ready
std::atomic<int> _ready;
std::atomic<int> _run;
std::atomic<int> _ready,_connected,_run;
mutable volatile bool _waitNoticePrinted;
};

6
debian/changelog vendored
View File

@ -1,3 +1,9 @@
zerotier-one (1.2.12) unstable; urgency=medium
* See https://github.com/zerotier/ZeroTierOne for release notes.
-- Adam Ierymenko <adam.ierymenko@zerotier.com> Tue, 25 Jul 2018 01:00:00 -0700
zerotier-one (1.2.10) unstable; urgency=medium
* See https://github.com/zerotier/ZeroTierOne for release notes.

4
debian/ufw-zerotier-one vendored Normal file
View File

@ -0,0 +1,4 @@
[zerotier-one]
title=ZeroTier One
description=A planetary Ethernet switch
ports=9993/udp

3
debian/zerotier-one.service vendored
View File

@ -1,6 +1,7 @@
[Unit]
Description=ZeroTier One
After=network.target
After=network-online.target
Wants=network-online.target
[Service]
ExecStart=/usr/sbin/zerotier-one

2
ext/installfiles/mac/ZeroTier One.pkgproj
View File

@ -664,7 +664,7 @@
<key>USE_HFS+_COMPRESSION</key>
<false/>
<key>VERSION</key>
<string>1.2.10</string>
<string>1.2.12</string>
</dict>
<key>PROJECT_COMMENTS</key>
<dict>

8
ext/installfiles/windows/ZeroTier One.aip
View File

@ -27,10 +27,10 @@
<ROW Property="CTRLS" Value="2"/>
<ROW Property="MSIFASTINSTALL" MultiBuildValue="DefaultBuild:2"/>
<ROW Property="Manufacturer" Value="ZeroTier, Inc."/>
<ROW Property="ProductCode" Value="1033:{A400C1B3-BF08-4CCE-A13A-60B98FA41CD2} " Type="16"/>
<ROW Property="ProductCode" Value="1033:{855E8629-580C-4BDF-8B59-B9290C7E7BA5} " Type="16"/>
<ROW Property="ProductLanguage" Value="1033"/>
<ROW Property="ProductName" Value="ZeroTier One"/>
<ROW Property="ProductVersion" Value="1.2.10" Type="32"/>
<ROW Property="ProductVersion" Value="1.2.12" Type="32"/>
<ROW Property="REBOOT" MultiBuildValue="DefaultBuild:ReallySuppress"/>
<ROW Property="RUNAPPLICATION" Value="1" Type="4"/>
<ROW Property="SecureCustomProperties" Value="OLDPRODUCTS;AI_NEWERPRODUCTFOUND;AI_SETUPEXEPATH;SETUPEXEDIR"/>
@ -64,7 +64,7 @@
<ROW Directory="x86_Dir" Directory_Parent="tapwindows_Dir" DefaultDir="x86"/>
</COMPONENT>
<COMPONENT cid="caphyon.advinst.msicomp.MsiCompsComponent">
<ROW Component="AI_CustomARPName" ComponentId="{58E98F1B-5626-4810-A5A2-AD71DCF3FC09}" Directory_="APPDIR" Attributes="4" KeyPath="DisplayName" Options="1"/>
<ROW Component="AI_CustomARPName" ComponentId="{92D9A995-E340-41B2-98F5-F2DB3F6E8AD8}" Directory_="APPDIR" Attributes="4" KeyPath="DisplayName" Options="1"/>
<ROW Component="AI_DisableModify" ComponentId="{020DCABD-5D56-49B9-AF48-F07F0B55E590}" Directory_="APPDIR" Attributes="4" KeyPath="NoModify" Options="1"/>
<ROW Component="AI_ExePath" ComponentId="{8E02B36C-7A19-429B-A93E-77A9261AC918}" Directory_="APPDIR" Attributes="4" KeyPath="AI_ExePath"/>
<ROW Component="Hardcodet.Wpf.TaskbarNotification.dll" ComponentId="{BEA825AF-2555-44AF-BE40-47FFC16DCBA6}" Directory_="APPDIR" Attributes="0" KeyPath="Hardcodet.Wpf.TaskbarNotification.dll"/>
@ -454,7 +454,7 @@
<ROW XmlAttribute="xsischemaLocation" XmlElement="swidsoftware_identification_tag" Name="xsi:schemaLocation" Flags="14" Order="3" Value="http://standards.iso.org/iso/19770/-2/2008/schema.xsd software_identification_tag.xsd"/>
</COMPONENT>
<COMPONENT cid="caphyon.advinst.msicomp.XmlElementComponent">
<ROW XmlElement="swidbuild" ParentElement="swidnumeric" Name="swid:build" Condition="1" Order="2" Flags="14" Text="10"/>
<ROW XmlElement="swidbuild" ParentElement="swidnumeric" Name="swid:build" Condition="1" Order="2" Flags="14" Text="12"/>
<ROW XmlElement="swidentitlement_required_indicator" ParentElement="swidsoftware_identification_tag" Name="swid:entitlement_required_indicator" Condition="1" Order="0" Flags="14" Text="false"/>
<ROW XmlElement="swidmajor" ParentElement="swidnumeric" Name="swid:major" Condition="1" Order="0" Flags="14" Text="1"/>
<ROW XmlElement="swidminor" ParentElement="swidnumeric" Name="swid:minor" Condition="1" Order="1" Flags="14" Text="2"/>

2
ext/installfiles/windows/chocolatey/zerotier-one/zerotier-one.nuspec
View File

@ -26,7 +26,7 @@ This is a nuspec. It mostly adheres to https://docs.nuget.org/create/Nuspec-Refe
<!-- version should MATCH as closely as possible with the underlying software -->
<!-- Is the version a prerelease of a version? https://docs.nuget.org/create/versioning#creating-prerelease-packages -->
<!-- Note that unstable versions like 0.0.1 can be considered a released version, but it's possible that one can release a 0.0.1-beta before you release a 0.0.1 version. If the version number is final, that is considered a released version and not a prerelease. -->
<version>1.2.10</version>
<version>1.2.12</version>
<!-- <packageSourceUrl>Where is this Chocolatey package located (think GitHub)? packageSourceUrl is highly recommended for the community feed</packageSourceUrl>-->
<!-- owners is a poor name for maintainers of the package. It sticks around by this name for compatibility reasons. It basically means you. -->
<!--<owners>ZeroTier, Inc.</owners>-->

8
node/Constants.hpp
View File

@ -193,6 +193,14 @@
*/
#define ZT_RX_QUEUE_SIZE 64
/**
* Size of TX queue
*
* This is about 2mb, and can be decreased for small devices. A queue smaller
* than about 4 is probably going to cause a lot of lost packets.
*/
#define ZT_TX_QUEUE_SIZE 64
/**
* Length of secret key in bytes -- 256-bit -- do not change
*/

2
node/Packet.cpp
View File

@ -332,7 +332,7 @@ static const int LZ4_minLength = (MFLIMIT+1);
#define LZ4_STATIC_ASSERT(c) { enum { LZ4_static_assert = 1/(int)(!!(c)) }; } /* use only *after* variable declarations */
static inline unsigned LZ4_NbCommonBytes (register reg_t val)
static inline unsigned LZ4_NbCommonBytes (reg_t val)
{
if (LZ4_isLittleEndian()) {
if (sizeof(val)==8) {

8
node/Switch.cpp
View File

@ -121,6 +121,7 @@ void Switch::onRemotePacket(void *tPtr,const int64_t localSocket,const InetAddre
// seeing a Packet::Fragment?
RXQueueEntry *const rq = _findRXQueueEntry(fragmentPacketId);
Mutex::Lock rql(rq->lock);
if (rq->packetId != fragmentPacketId) {
// No packet found, so we received a fragment without its head.
@ -203,6 +204,7 @@ void Switch::onRemotePacket(void *tPtr,const int64_t localSocket,const InetAddre
);
RXQueueEntry *const rq = _findRXQueueEntry(packetId);
Mutex::Lock rql(rq->lock);
if (rq->packetId != packetId) {
// If we have no other fragments yet, create an entry and save the head
@ -237,6 +239,7 @@ void Switch::onRemotePacket(void *tPtr,const int64_t localSocket,const InetAddre
IncomingPacket packet(data,len,path,now);
if (!packet.tryDecode(RR,tPtr)) {
RXQueueEntry *const rq = _nextRXQueueEntry();
Mutex::Lock rql(rq->lock);
rq->timestamp = now;
rq->packetId = packet.packetId();
rq->frag0 = packet;
@ -762,6 +765,9 @@ void Switch::send(void *tPtr,Packet &packet,bool encrypt)
if (!_trySend(tPtr,packet,encrypt)) {
{
Mutex::Lock _l(_txQueue_m);
if (_txQueue.size() >= ZT_TX_QUEUE_SIZE) {
_txQueue.pop_front();
}
_txQueue.push_back(TXQueueEntry(dest,RR->node->now(),packet,encrypt));
}
if (!RR->topology->getPeer(tPtr,dest))
@ -801,6 +807,7 @@ void Switch::doAnythingWaitingForPeer(void *tPtr,const SharedPtr<Peer> &peer)
const int64_t now = RR->node->now();
for(unsigned int ptr=0;ptr<ZT_RX_QUEUE_SIZE;++ptr) {
RXQueueEntry *const rq = &(_rxQueue[ptr]);
Mutex::Lock rql(rq->lock);
if ((rq->timestamp)&&(rq->complete)) {
if ((rq->frag0.tryDecode(RR,tPtr))||((now - rq->timestamp) > ZT_RECEIVE_QUEUE_TIMEOUT))
rq->timestamp = 0;
@ -852,6 +859,7 @@ unsigned long Switch::doTimerTasks(void *tPtr,int64_t now)
for(unsigned int ptr=0;ptr<ZT_RX_QUEUE_SIZE;++ptr) {
RXQueueEntry *const rq = &(_rxQueue[ptr]);
Mutex::Lock rql(rq->lock);
if ((rq->timestamp)&&(rq->complete)) {
if ((rq->frag0.tryDecode(RR,tPtr))||((now - rq->timestamp) > ZT_RECEIVE_QUEUE_TIMEOUT)) {
rq->timestamp = 0;

1
node/Switch.hpp
View File

@ -223,6 +223,7 @@ private:
unsigned int totalFragments; // 0 if only frag0 received, waiting for frags
uint32_t haveFragments; // bit mask, LSB to MSB
volatile bool complete; // if true, packet is complete
Mutex lock;
};
RXQueueEntry _rxQueue[ZT_RX_QUEUE_SIZE];
AtomicCounter _rxQueuePtr;

6
node/Topology.cpp
View File

@ -36,7 +36,7 @@
namespace ZeroTier {
/*
* 2016-01-13 ZeroTier planet definition for the third planet of Sol:
* 2018-07-26 ZeroTier planet definition for the third planet of Sol:
*
* There are two roots, each of which is a cluster spread across multiple
* continents and providers. They are named Alice and Bob after the
@ -47,7 +47,7 @@ namespace ZeroTier {
* root-alice-ams-01: Amsterdam, Netherlands
* root-alice-joh-01: Johannesburg, South Africa
* root-alice-nyc-01: New York, New York, USA
* root-alice-sao-01: Sao Paolo, Brazil
* root-alice-arg-01: Buenos Aires, Argentina
* root-alice-sfo-01: San Francisco, California, USA
* root-alice-sgp-01: Singapore
*
@ -61,7 +61,7 @@ namespace ZeroTier {
* root-bob-tor-01: Toronto, Canada
*/
#define ZT_DEFAULT_WORLD_LENGTH 634
static const unsigned char ZT_DEFAULT_WORLD[ZT_DEFAULT_WORLD_LENGTH] = {0x01,0x00,0x00,0x00,0x00,0x08,0xea,0xc9,0x0a,0x00,0x00,0x01,0x52,0x3c,0x32,0x50,0x1a,0xb8,0xb3,0x88,0xa4,0x69,0x22,0x14,0x91,0xaa,0x9a,0xcd,0x66,0xcc,0x76,0x4c,0xde,0xfd,0x56,0x03,0x9f,0x10,0x67,0xae,0x15,0xe6,0x9c,0x6f,0xb4,0x2d,0x7b,0x55,0x33,0x0e,0x3f,0xda,0xac,0x52,0x9c,0x07,0x92,0xfd,0x73,0x40,0xa6,0xaa,0x21,0xab,0xa8,0xa4,0x89,0xfd,0xae,0xa4,0x4a,0x39,0xbf,0x2d,0x00,0x65,0x9a,0xc9,0xc8,0x18,0xeb,0x4a,0xf7,0x86,0xa8,0x40,0xd6,0x52,0xea,0xae,0x9e,0x7a,0xbf,0x4c,0x97,0x66,0xab,0x2d,0x6f,0xaf,0xc9,0x2b,0x3a,0xff,0xed,0xd6,0x30,0x3e,0xc4,0x6a,0x65,0xf2,0xbd,0x83,0x52,0xf5,0x40,0xe9,0xcc,0x0d,0x6e,0x89,0x3f,0x9a,0xa0,0xb8,0xdf,0x42,0xd2,0x2f,0x84,0xe6,0x03,0x26,0x0f,0xa8,0xe3,0xcc,0x05,0x05,0x03,0xef,0x12,0x80,0x0d,0xce,0x3e,0xb6,0x58,0x3b,0x1f,0xa8,0xad,0xc7,0x25,0xf9,0x43,0x71,0xa7,0x5c,0x9a,0xc7,0xe1,0xa3,0xb8,0x88,0xd0,0x71,0x6c,0x94,0x99,0x73,0x41,0x0b,0x1b,0x48,0x84,0x02,0x9d,0x21,0x90,0x39,0xf3,0x00,0x01,0xf0,0x92,0x2a,0x98,0xe3,0xb3,0x4e,0xbc,0xbf,0xf3,0x33,0x26,0x9d,0xc2,0x65,0xd7,0xa0,0x20,0xaa,0xb6,0x9d,0x72,0xbe,0x4d,0x4a,0xcc,0x9c,0x8c,0x92,0x94,0x78,0x57,0x71,0x25,0x6c,0xd1,0xd9,0x42,0xa9,0x0d,0x1b,0xd1,0xd2,0xdc,0xa3,0xea,0x84,0xef,0x7d,0x85,0xaf,0xe6,0x61,0x1f,0xb4,0x3f,0xf0,0xb7,0x41,0x26,0xd9,0x0a,0x6e,0x00,0x0c,0x04,0xbc,0xa6,0x5e,0xb1,0x27,0x09,0x06,0x2a,0x03,0xb0,0xc0,0x00,0x02,0x00,0xd0,0x00,0x00,0x00,0x00,0x00,0x7d,0x00,0x01,0x27,0x09,0x04,0x9a,0x42,0xc5,0x21,0x27,0x09,0x06,0x2c,0x0f,0xf8,0x50,0x01,0x54,0x01,0x97,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x33,0x27,0x09,0x04,0x9f,0xcb,0x61,0xab,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x08,0x00,0x00,0xa1,0x00,0x00,0x00,0x00,0x00,0x54,0x60,0x01,0x27,0x09,0x04,0xa9,0x39,0x8f,0x68,0x27,0x09,0x06,0x26,0x07,0xf0,0xd0,0x1d,0x01,0x00,0x57,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x02,0x27,0x09,0x04,0x6b,0xaa,0xc5,0x0e,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x00,0x01,0x00,0x20,0x00,0x00,0x00,0x00,0x02,0x00,0xe0,0x01,0x27,0x09,0x04,0x80,0xc7,0xc5,0xd9,0x27,0x09,0x06,0x24,0x00,0x61,0x80,0x00,0x00,0x00,0xd0,0x00,0x00,0x00,0x00,0x00,0xb7,0x40,0x01,0x27,0x09,0x88,0x41,0x40,0x8a,0x2e,0x00,0xbb,0x1d,0x31,0xf2,0xc3,0x23,0xe2,0x64,0xe9,0xe6,0x41,0x72,0xc1,0xa7,0x4f,0x77,0x89,0x95,0x55,0xed,0x10,0x75,0x1c,0xd5,0x6e,0x86,0x40,0x5c,0xde,0x11,0x8d,0x02,0xdf,0xfe,0x55,0x5d,0x46,0x2c,0xcf,0x6a,0x85,0xb5,0x63,0x1c,0x12,0x35,0x0c,0x8d,0x5d,0xc4,0x09,0xba,0x10,0xb9,0x02,0x5d,0x0f,0x44,0x5c,0xf4,0x49,0xd9,0x2b,0x1c,0x00,0x0c,0x04,0x2d,0x20,0xc6,0x82,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x64,0x00,0x81,0xc3,0x54,0x00,0x00,0xff,0xfe,0x18,0x1d,0x61,0x27,0x09,0x04,0x2e,0x65,0xa0,0xf9,0x27,0x09,0x06,0x2a,0x03,0xb0,0xc0,0x00,0x03,0x00,0xd0,0x00,0x00,0x00,0x00,0x00,0x6a,0x30,0x01,0x27,0x09,0x04,0x6b,0xbf,0x2e,0xd2,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x68,0x00,0x83,0xa4,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x64,0x27,0x09,0x04,0x2d,0x20,0xf6,0xb3,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x58,0x00,0x8b,0xf8,0x54,0x00,0x00,0xff,0xfe,0x15,0xb3,0x9a,0x27,0x09,0x04,0x2d,0x20,0xf8,0x57,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x70,0x00,0x9b,0xc9,0x54,0x00,0x00,0xff,0xfe,0x15,0xc4,0xf5,0x27,0x09,0x04,0x9f,0xcb,0x02,0x9a,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x0c,0xad,0x00,0xd0,0x00,0x00,0x00,0x00,0x00,0x26,0x70,0x01,0x27,0x09};
static const unsigned char ZT_DEFAULT_WORLD[ZT_DEFAULT_WORLD_LENGTH] = {0x01,0x00,0x00,0x00,0x00,0x08,0xea,0xc9,0x0a,0x00,0x00,0x01,0x64,0xd3,0x71,0xf0,0x58,0xb8,0xb3,0x88,0xa4,0x69,0x22,0x14,0x91,0xaa,0x9a,0xcd,0x66,0xcc,0x76,0x4c,0xde,0xfd,0x56,0x03,0x9f,0x10,0x67,0xae,0x15,0xe6,0x9c,0x6f,0xb4,0x2d,0x7b,0x55,0x33,0x0e,0x3f,0xda,0xac,0x52,0x9c,0x07,0x92,0xfd,0x73,0x40,0xa6,0xaa,0x21,0xab,0xa8,0xa4,0x89,0xfd,0xae,0xa4,0x4a,0x39,0xbf,0x2d,0x00,0x65,0x9a,0xc9,0xc8,0x18,0xeb,0xbf,0xfd,0xd5,0x32,0xf7,0x15,0x6e,0x02,0x6f,0xb9,0x01,0x0d,0xb5,0x7b,0x04,0xd8,0x3a,0xc5,0x17,0x39,0x04,0x36,0xfd,0x9d,0xc6,0x3d,0xa8,0xf3,0x8e,0x79,0xe7,0xc8,0x77,0x8d,0xcc,0x79,0xb8,0xab,0xc6,0x98,0x7c,0x9f,0x34,0x25,0x14,0xe1,0x2f,0xd7,0x97,0x11,0xec,0x34,0x4c,0x9f,0x0f,0xb4,0x85,0x0d,0x9b,0x11,0xd1,0xc2,0xce,0x00,0xc4,0x0a,0x13,0x4b,0xcb,0xc3,0xae,0x2e,0x16,0x00,0x4b,0xdc,0x90,0x5e,0x7e,0x9b,0x44,0x07,0x15,0x36,0x61,0x3c,0x64,0xaa,0xe9,0x46,0x78,0x3c,0xa7,0x18,0xc8,0xd8,0x02,0x9d,0x21,0x90,0x39,0xf3,0x00,0x01,0xf0,0x92,0x2a,0x98,0xe3,0xb3,0x4e,0xbc,0xbf,0xf3,0x33,0x26,0x9d,0xc2,0x65,0xd7,0xa0,0x20,0xaa,0xb6,0x9d,0x72,0xbe,0x4d,0x4a,0xcc,0x9c,0x8c,0x92,0x94,0x78,0x57,0x71,0x25,0x6c,0xd1,0xd9,0x42,0xa9,0x0d,0x1b,0xd1,0xd2,0xdc,0xa3,0xea,0x84,0xef,0x7d,0x85,0xaf,0xe6,0x61,0x1f,0xb4,0x3f,0xf0,0xb7,0x41,0x26,0xd9,0x0a,0x6e,0x00,0x0c,0x04,0xbc,0xa6,0x5e,0xb1,0x27,0x09,0x06,0x2a,0x03,0xb0,0xc0,0x00,0x02,0x00,0xd0,0x00,0x7d,0x00,0x01,0x00,0x00,0x00,0x00,0x27,0x09,0x04,0x9a,0x42,0xc5,0x21,0x27,0x09,0x06,0x2c,0x0f,0xf8,0x50,0x01,0x54,0x01,0x97,0x00,0x33,0xcc,0x08,0xf8,0xfa,0xcc,0x08,0x27,0x09,0x04,0x9f,0xcb,0x61,0xab,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x08,0x00,0x00,0xa1,0x00,0x54,0x60,0x01,0x00,0xfc,0xcc,0x08,0x27,0x09,0x04,0x83,0xff,0x06,0x10,0x27,0x09,0x06,0x28,0x03,0xeb,0x80,0x00,0x00,0x00,0x0e,0x00,0x02,0x60,0x01,0x00,0xfc,0xcc,0x08,0x27,0x09,0x04,0x6b,0xaa,0xc5,0x0e,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x00,0x01,0x00,0x20,0x02,0x00,0xe0,0x01,0x08,0xfe,0xcc,0x08,0x27,0x09,0x04,0x80,0xc7,0xc5,0xd9,0x27,0x09,0x06,0x24,0x00,0x61,0x80,0x00,0x00,0x00,0xd0,0x00,0xb7,0x40,0x01,0x08,0xfe,0xcc,0x08,0x27,0x09,0x88,0x41,0x40,0x8a,0x2e,0x00,0xbb,0x1d,0x31,0xf2,0xc3,0x23,0xe2,0x64,0xe9,0xe6,0x41,0x72,0xc1,0xa7,0x4f,0x77,0x89,0x95,0x55,0xed,0x10,0x75,0x1c,0xd5,0x6e,0x86,0x40,0x5c,0xde,0x11,0x8d,0x02,0xdf,0xfe,0x55,0x5d,0x46,0x2c,0xcf,0x6a,0x85,0xb5,0x63,0x1c,0x12,0x35,0x0c,0x8d,0x5d,0xc4,0x09,0xba,0x10,0xb9,0x02,0x5d,0x0f,0x44,0x5c,0xf4,0x49,0xd9,0x2b,0x1c,0x00,0x0c,0x04,0x2d,0x20,0xc6,0x82,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x64,0x00,0x81,0xc3,0x54,0x00,0x00,0xff,0xfe,0x18,0x1d,0x61,0x27,0x09,0x04,0x2e,0x65,0xa0,0xf9,0x27,0x09,0x06,0x2a,0x03,0xb0,0xc0,0x00,0x03,0x00,0xd0,0x00,0x6a,0x30,0x01,0x78,0x00,0xcd,0x08,0x27,0x09,0x04,0x6b,0xbf,0x2e,0xd2,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x68,0x00,0x83,0xa4,0x00,0x64,0xcd,0x08,0x80,0x01,0xcd,0x08,0x27,0x09,0x04,0x2d,0x20,0xf6,0xb3,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x58,0x00,0x8b,0xf8,0x54,0x00,0x00,0xff,0xfe,0x15,0xb3,0x9a,0x27,0x09,0x04,0x2d,0x20,0xf8,0x57,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x70,0x00,0x9b,0xc9,0x54,0x00,0x00,0xff,0xfe,0x15,0xc4,0xf5,0x27,0x09,0x04,0x9f,0xcb,0x02,0x9a,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x0c,0xad,0x00,0xd0,0x00,0x26,0x70,0x01,0xfe,0x15,0xc4,0xf5,0x27,0x09};
Topology::Topology(const RuntimeEnvironment *renv,void *tPtr) :
RR(renv),

3
osdep/Binder.hpp
View File

@ -293,7 +293,7 @@ public:
#else
const bool gotViaProc = false;
#endif
#if !defined(ZT_SDK) || !defined(__ANDROID__) // getifaddrs() freeifaddrs() not available on Android
if (!gotViaProc) {
struct ifaddrs *ifatbl = (struct ifaddrs *)0;
struct ifaddrs *ifa;
@ -325,6 +325,7 @@ public:
interfacesEnumerated = false;
}
}
#endif
#endif
} else {

150
osdep/ManagedRoute.cpp
View File

@ -46,18 +46,13 @@
#include <sys/wait.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#ifndef ZT_SDK
#include <net/route.h>
#ifdef __LINUX__
#include <sys/ioctl.h>
#include <asm/types.h>
#include <linux/rtnetlink.h>
#include <sys/socket.h>
#include "../osdep/LinuxNetLink.hpp"
#endif
#include <net/if.h>
#ifdef __BSD__
#include <net/if_dl.h>
#include <sys/sysctl.h>
#include <net/if.h>
#endif
#include <ifaddrs.h>
#endif
@ -116,6 +111,7 @@ struct _RTE
#ifdef __BSD__ // ------------------------------------------------------------
#define ZT_ROUTING_SUPPORT_FOUND 1
#ifndef ZT_SDK
static std::vector<_RTE> _getRTEs(const InetAddress &target,bool contains)
{
std::vector<_RTE> rtes;
@ -250,9 +246,11 @@ static std::vector<_RTE> _getRTEs(const InetAddress &target,bool contains)
return rtes;
}
#endif
static void _routeCmd(const char *op,const InetAddress &target,const InetAddress &via,const char *ifscope,const char *localInterface)
{
//char f1[1024],f2[1024]; printf("%s %s %s %s %s\n",op,target.toString(f1),via.toString(f2),ifscope,localInterface);
long p = (long)fork();
if (p > 0) {
int exitcode = -1;
@ -284,127 +282,27 @@ static void _routeCmd(const char *op,const InetAddress &target,const InetAddress
#ifdef __LINUX__ // ----------------------------------------------------------
#define ZT_ROUTING_SUPPORT_FOUND 1
static void _routeCmd(const char *op, const InetAddress &target, const InetAddress &via, const InetAddress &src, const char *localInterface)
static void _routeCmd(const char *op,const InetAddress &target,const InetAddress &via,const char *localInterface)
{
char targetStr[64] = {0};
char viaStr[64] = {0};
InetAddress nmsk = target.netmask();
char nmskStr[64] = {0};
fprintf(stderr, "Received Route Cmd: %s target: %s via: %s netmask: %s localInterface: %s\n", op, target.toString(targetStr), via.toString(viaStr), nmsk.toString(nmskStr), localInterface);
if ((strcmp(op, "add") == 0 || strcmp(op, "replace") == 0)) {
LinuxNetLink::getInstance().addRoute(target, via, src, localInterface);
} else if ((strcmp(op, "remove") == 0 || strcmp(op, "del") == 0)) {
LinuxNetLink::getInstance().delRoute(target, via, src, localInterface);
}
return;
int fd = socket(PF_INET, SOCK_DGRAM, IPPROTO_IP);;
struct rtentry route = {0};
if (target.ss_family == AF_INET) {
struct sockaddr_in *target_in = (struct sockaddr_in*)&target;
struct sockaddr_in *via_in = (struct sockaddr_in*)&via;
InetAddress netmask = target.netmask();
struct sockaddr_in *netmask_in = (struct sockaddr_in*)&netmask;
struct sockaddr_in *addr = NULL;
// set target
addr = (struct sockaddr_in *)&route.rt_dst;
addr->sin_family = AF_INET;
addr->sin_addr = target_in->sin_addr;
// set netmask
addr = (struct sockaddr_in *)&route.rt_genmask;
addr->sin_family = AF_INET;
addr->sin_addr = netmask_in->sin_addr;
route.rt_dev = const_cast<char*>(localInterface);
long p = (long)fork();
if (p > 0) {
int exitcode = -1;
::waitpid(p,&exitcode,0);
} else if (p == 0) {
::close(STDOUT_FILENO);
::close(STDERR_FILENO);
char ipbuf[64],ipbuf2[64];
if (via) {
// set the gateway
addr = (struct sockaddr_in *)&route.rt_gateway;
addr->sin_family = AF_INET;
addr->sin_addr = via_in->sin_addr;
route.rt_flags = RTF_UP | RTF_GATEWAY;
::execl(ZT_LINUX_IP_COMMAND,ZT_LINUX_IP_COMMAND,(target.ss_family == AF_INET6) ? "-6" : "-4","route",op,target.toString(ipbuf),"via",via.toIpString(ipbuf2),(const char *)0);
::execl(ZT_LINUX_IP_COMMAND_2,ZT_LINUX_IP_COMMAND_2,(target.ss_family == AF_INET6) ? "-6" : "-4","route",op,target.toString(ipbuf),"via",via.toIpString(ipbuf2),(const char *)0);
} else if ((localInterface)&&(localInterface[0])) {
route.rt_flags = RTF_UP;//| RTF_HOST;
::execl(ZT_LINUX_IP_COMMAND,ZT_LINUX_IP_COMMAND,(target.ss_family == AF_INET6) ? "-6" : "-4","route",op,target.toString(ipbuf),"dev",localInterface,(const char *)0);
::execl(ZT_LINUX_IP_COMMAND_2,ZT_LINUX_IP_COMMAND_2,(target.ss_family == AF_INET6) ? "-6" : "-4","route",op,target.toString(ipbuf),"dev",localInterface,(const char *)0);
}
::_exit(-1);
}
else if (target.ss_family == AF_INET6)
{
struct sockaddr_in6 *addr = NULL;
// set target
addr = (struct sockaddr_in6 *)&route.rt_dst;
addr->sin6_family = AF_INET6;
memcpy(&addr->sin6_addr, &((struct sockaddr_in6*)&target)->sin6_addr, sizeof(struct in6_addr));
//set netmask
addr = (struct sockaddr_in6 *)&route.rt_genmask;
addr->sin6_family = AF_INET6;
InetAddress netmask = target.netmask();
memcpy(&addr->sin6_addr, &((struct sockaddr_in6*)&netmask)->sin6_addr, sizeof(struct in6_addr));
if (via) {
// set the gateway
addr = (struct sockaddr_in6*)&route.rt_gateway;
addr->sin6_family = AF_INET;
memcpy(&addr->sin6_addr, &((struct sockaddr_in6*)&via)->sin6_addr, sizeof(struct in6_addr));
route.rt_flags = RTF_UP | RTF_GATEWAY;
} else if ((localInterface)&&(localInterface[0])) {
route.rt_dev = const_cast<char*>(localInterface);
route.rt_flags = RTF_UP;
}
}
unsigned long ctl = -1;
if (strcmp(op, "add") == 0 || strcmp(op, "replace") == 0) {
ctl = SIOCADDRT;
} else if (strcmp(op, "remove") == 0 || strcmp(op, "del") == 0) {
ctl = SIOCDELRT;
} else {
close(fd);
return;
}
if ( ioctl(fd, ctl, &route)) {
fprintf(stderr, "Error adding route: %s\n", strerror(errno));
close(fd);
::exit(1);
}
close(fd);
}
// static void _routeCmd(const char *op,const InetAddress &target,const InetAddress &via,const char *localInterface)
// {
// // long p = (long)fork();
// // if (p > 0) {
// // int exitcode = -1;
// // ::waitpid(p,&exitcode,0);
// // } else if (p == 0) {
// // ::close(STDOUT_FILENO);
// // ::close(STDERR_FILENO);
// char ipbuf[64],ipbuf2[64];
// if (via) {
// ::execl(ZT_LINUX_IP_COMMAND,ZT_LINUX_IP_COMMAND,(target.ss_family == AF_INET6) ? "-6" : "-4","route",op,target.toString(ipbuf),"via",via.toIpString(ipbuf2),(const char *)0);
// ::execl(ZT_LINUX_IP_COMMAND_2,ZT_LINUX_IP_COMMAND_2,(target.ss_family == AF_INET6) ? "-6" : "-4","route",op,target.toString(ipbuf),"via",via.toIpString(ipbuf2),(const char *)0);
// } else if ((localInterface)&&(localInterface[0])) {
// ::execl(ZT_LINUX_IP_COMMAND,ZT_LINUX_IP_COMMAND,(target.ss_family == AF_INET6) ? "-6" : "-4","route",op,target.toString(ipbuf),"dev",localInterface,(const char *)0);
// ::execl(ZT_LINUX_IP_COMMAND_2,ZT_LINUX_IP_COMMAND_2,(target.ss_family == AF_INET6) ? "-6" : "-4","route",op,target.toString(ipbuf),"dev",localInterface,(const char *)0);
// }
// // ::_exit(-1);
// // }
// }
#endif // __LINUX__ ----------------------------------------------------------
#ifdef __WINDOWS__ // --------------------------------------------------------
@ -515,6 +413,7 @@ static bool _winHasRoute(const NET_LUID &interfaceLuid, const NET_IFINDEX &inter
* Linux default route override implies asymmetric routes, which then
* trigger Linux's "martian packet" filter. */
#ifndef ZT_SDK
bool ManagedRoute::sync()
{
#ifdef __WINDOWS__
@ -601,11 +500,11 @@ bool ManagedRoute::sync()
if (!_applied.count(leftt)) {
_applied[leftt] = false; // boolean unused
_routeCmd("replace",leftt,_via,_src,_device);
_routeCmd("replace",leftt,_via,(_via) ? (const char *)0 : _device);
}
if ((rightt)&&(!_applied.count(rightt))) {
_applied[rightt] = false; // boolean unused
_routeCmd("replace",rightt,_via,_src,_device);
_routeCmd("replace",rightt,_via,(_via) ? (const char *)0 : _device);
}
#endif // __LINUX__ ----------------------------------------------------------
@ -625,6 +524,7 @@ bool ManagedRoute::sync()
return true;
}
#endif
void ManagedRoute::remove()
{
@ -652,7 +552,7 @@ void ManagedRoute::remove()
#endif // __BSD__ ------------------------------------------------------------
#ifdef __LINUX__ // ----------------------------------------------------------
_routeCmd("del",r->first,_via,_src,_device);
_routeCmd("del",r->first,_via,(_via) ? (const char *)0 : _device);
#endif // __LINUX__ ----------------------------------------------------------
#ifdef __WINDOWS__ // --------------------------------------------------------
@ -668,4 +568,4 @@ void ManagedRoute::remove()
_applied.clear();
}
} // namespace ZeroTier
} // namespace ZeroTier

6
rule-compiler/rule-compiler.js
View File

@ -229,12 +229,16 @@ function _cleanMac(m)
{
m = m.toLowerCase();
var m2 = '';
let charcount = 0;
for(let i=0;((i<m.length)&&(m2.length<17));++i) {
let c = m.charAt(i);
if ("0123456789abcdef".indexOf(c) >= 0) {
m2 += c;
if ((m2.length > 0)&&(m2.length !== 17)&&((m2.length & 1) === 0))
charcount++;
if ((m2.length > 0)&&(m2.length !== 17)&&(charcount >= 2) ) {
m2 += ':';
charcount=0;
}
}
}
return m2;

458
service/OneService.cpp
View File

@ -81,12 +81,6 @@
#include "../ext/http-parser/http_parser.h"
#endif
#if ZT_VAULT_SUPPORT
extern "C" {
#include <curl/curl.h>
}
#endif
#include "../ext/json/json.hpp"
using json = nlohmann::json;
@ -161,7 +155,6 @@ namespace ZeroTier { typedef BSDEthernetTap EthernetTap; }
// How often to check for local interface addresses
#define ZT_LOCAL_INTERFACE_CHECK_INTERVAL 60000
#define ZT_MULTIPATH_LOCAL_INTERFACE_CHECK_INTERVAL 5000
// Maximum write buffer size for outgoing TCP connections (sanity limit)
#define ZT_TCP_MAX_WRITEQ_SIZE 33554432
@ -169,14 +162,6 @@ namespace ZeroTier { typedef BSDEthernetTap EthernetTap; }
// TCP activity timeout
#define ZT_TCP_ACTIVITY_TIMEOUT 60000
#if ZT_VAULT_SUPPORT
size_t curlResponseWrite(void *ptr, size_t size, size_t nmemb, std::string *data)
{
data->append((char*)ptr, size * nmemb);
return size * nmemb;
}
#endif
namespace ZeroTier {
namespace {
@ -298,39 +283,6 @@ static void _peerToJson(nlohmann::json &pj,const ZT_Peer *peer)
pj["paths"] = pa;
}
static void _peerAggregateLinkToJson(nlohmann::json &pj,const ZT_Peer *peer)
{
char tmp[256];
OSUtils::ztsnprintf(tmp,sizeof(tmp),"%.10llx",peer->address);
pj["aggregateLinkLatency"] = peer->latency;
nlohmann::json pa = nlohmann::json::array();
for(unsigned int i=0;i<peer->pathCount;++i) {
//int64_t lastSend = peer->paths[i].lastSend;
//int64_t lastReceive = peer->paths[i].lastReceive;
nlohmann::json j;
j["address"] = reinterpret_cast<const InetAddress *>(&(peer->paths[i].address))->toString(tmp);
//j["lastSend"] = (lastSend < 0) ? 0 : lastSend;
//j["lastReceive"] = (lastReceive < 0) ? 0 : lastReceive;
//j["trustedPathId"] = peer->paths[i].trustedPathId;
//j["active"] = (bool)(peer->paths[i].expired == 0);
//j["expired"] = (bool)(peer->paths[i].expired != 0);
//j["preferred"] = (bool)(peer->paths[i].preferred != 0);
j["latency"] = peer->paths[i].latency;
//j["packetDelayVariance"] = peer->paths[i].packetDelayVariance;
//j["throughputDisturbCoeff"] = peer->paths[i].throughputDisturbCoeff;
//j["packetErrorRatio"] = peer->paths[i].packetErrorRatio;
//j["packetLossRatio"] = peer->paths[i].packetLossRatio;
j["stability"] = peer->paths[i].stability;
j["throughput"] = peer->paths[i].throughput;
//j["maxThroughput"] = peer->paths[i].maxThroughput;
j["allocation"] = peer->paths[i].allocation;
j["ifname"] = peer->paths[i].ifname;
pa.push_back(j);
}
pj["paths"] = pa;
}
static void _moonToJson(nlohmann::json &mj,const World &world)
{
char tmp[4096];
@ -451,11 +403,10 @@ public:
PhySocket *_localControlSocket6;
bool _updateAutoApply;
bool _allowTcpFallbackRelay;
unsigned int _multipathMode;
unsigned int _primaryPort;
volatile unsigned int _udpPortPickerCounter;
// Local configuration and memoized information from it
// Local configuration and memo-ized information from it
json _localConfig;
Hashtable< uint64_t,std::vector<InetAddress> > _v4Hints;
Hashtable< uint64_t,std::vector<InetAddress> > _v6Hints;
@ -471,7 +422,7 @@ public:
* To attempt to handle NAT/gateway craziness we use three local UDP ports:
*
* [0] is the normal/default port, usually 9993
* [1] is a port derived from our ZeroTier address
* [1] is a port dervied from our ZeroTier address
* [2] is a port computed from the normal/default for use with uPnP/NAT-PMP mappings
*
* [2] exists because on some gateways trying to do regular NAT-t interferes
@ -530,14 +481,6 @@ public:
PortMapper *_portMapper;
#endif
// HashiCorp Vault Settings
#if ZT_VAULT_SUPPORT
bool _vaultEnabled;
std::string _vaultURL;
std::string _vaultToken;
std::string _vaultPath; // defaults to cubbyhole/zerotier/identity.secret for per-access key storage
#endif
// Set to false to force service to stop
volatile bool _run;
Mutex _run_m;
@ -569,22 +512,12 @@ public:
,_portMappingEnabled(true)
#ifdef ZT_USE_MINIUPNPC
,_portMapper((PortMapper *)0)
#endif
#ifdef ZT_VAULT_SUPPORT
,_vaultEnabled(false)
,_vaultURL()
,_vaultToken()
,_vaultPath("cubbyhole/zerotier")
#endif
,_run(true)
{
_ports[0] = 0;
_ports[1] = 0;
_ports[2] = 0;
#if ZT_VAULT_SUPPORT
curl_global_init(CURL_GLOBAL_DEFAULT);
#endif
}
virtual ~OneServiceImpl()
@ -592,10 +525,6 @@ public:
_binder.closeAll(_phy);
_phy.close(_localControlSocket4);
_phy.close(_localControlSocket6);
#if ZT_VAULT_SUPPORT
curl_global_cleanup();
#endif
#ifdef ZT_USE_MINIUPNPC
delete _portMapper;
#endif
@ -625,10 +554,25 @@ public:
_authToken = _trimString(_authToken);
}
{
struct ZT_Node_Callbacks cb;
cb.version = 0;
cb.stateGetFunction = SnodeStateGetFunction;
cb.statePutFunction = SnodeStatePutFunction;
cb.wirePacketSendFunction = SnodeWirePacketSendFunction;
cb.virtualNetworkFrameFunction = SnodeVirtualNetworkFrameFunction;
cb.virtualNetworkConfigFunction = SnodeVirtualNetworkConfigFunction;
cb.eventCallback = SnodeEventCallback;
cb.pathCheckFunction = SnodePathCheckFunction;
cb.pathLookupFunction = SnodePathLookupFunction;
_node = new Node(this,(void *)0,&cb,OSUtils::now());
}
// Read local configuration
std::map<InetAddress,ZT_PhysicalPathConfiguration> ppc;
std::vector<InetAddress> explicitBind;
{
std::map<InetAddress,ZT_PhysicalPathConfiguration> ppc;
// LEGACY: support old "trustedpaths" flat file
FILE *trustpaths = fopen((_homePath + ZT_PATH_SEPARATOR_S "trustedpaths").c_str(),"r");
if (trustpaths) {
@ -707,35 +651,17 @@ public:
}
}
}
// Set trusted paths if there are any
if (ppc.size() > 0) {
for(std::map<InetAddress,ZT_PhysicalPathConfiguration>::iterator i(ppc.begin());i!=ppc.end();++i)
_node->setPhysicalPathConfiguration(reinterpret_cast<const struct sockaddr_storage *>(&(i->first)),&(i->second));
}
}
// Apply other runtime configuration from local.conf
applyLocalConfig();
{
struct ZT_Node_Callbacks cb;
cb.version = 0;
cb.stateGetFunction = SnodeStateGetFunction;
cb.statePutFunction = SnodeStatePutFunction;
cb.wirePacketSendFunction = SnodeWirePacketSendFunction;
cb.virtualNetworkFrameFunction = SnodeVirtualNetworkFrameFunction;
cb.virtualNetworkConfigFunction = SnodeVirtualNetworkConfigFunction;
cb.eventCallback = SnodeEventCallback;
cb.pathCheckFunction = SnodePathCheckFunction;
cb.pathLookupFunction = SnodePathLookupFunction;
_node = new Node(this, (void *)0, &cb, OSUtils::now());
}
// Apply software update specific configuration from local.conf
applySoftwareUpdateLocalConfig();
// Set trusted paths if there are any
if (ppc.size() > 0) {
for(std::map<InetAddress,ZT_PhysicalPathConfiguration>::iterator i(ppc.begin());i!=ppc.end();++i)
_node->setPhysicalPathConfiguration(reinterpret_cast<const struct sockaddr_storage *>(&(i->first)),&(i->second));
}
ppc.clear();
// Make sure we can use the primary port, and hunt for one if configured to do so
const int portTrials = (_primaryPort == 0) ? 256 : 1; // if port is 0, pick random
for(int k=0;k<portTrials;++k) {
@ -853,7 +779,6 @@ public:
_lastRestart = clockShouldBe;
int64_t lastTapMulticastGroupCheck = 0;
int64_t lastBindRefresh = 0;
int64_t lastMultipathModeUpdate = 0;
int64_t lastUpdateCheck = clockShouldBe;
int64_t lastCleanedPeersDb = 0;
int64_t lastLocalInterfaceAddressCheck = (clockShouldBe - ZT_LOCAL_INTERFACE_CHECK_INTERVAL) + 15000; // do this in 15s to give portmapper time to configure and other things time to settle
@ -885,10 +810,8 @@ public:
_updater->apply();
}
// Refresh bindings
// Do this more frequently when multipath bonding is enabled
int interfaceRefreshPeriod = _multipathMode ? ZT_MULTIPATH_BINDER_REFRESH_PERIOD : ZT_BINDER_REFRESH_PERIOD;
if (((now - lastBindRefresh) >= interfaceRefreshPeriod)||(restarted)) {
// Refresh bindings in case device's interfaces have changed, and also sync routes to update any shadow routes (e.g. shadow default)
if (((now - lastBindRefresh) >= ZT_BINDER_REFRESH_PERIOD)||(restarted)) {
lastBindRefresh = now;
unsigned int p[3];
unsigned int pc = 0;
@ -905,11 +828,6 @@ public:
}
}
}
// Update multipath mode (if needed)
if (((now - lastMultipathModeUpdate) >= interfaceRefreshPeriod)||(restarted)) {
lastMultipathModeUpdate = now;
_node->setMultipathMode(_multipathMode);
}
// Run background task processor in core if it's time to do so
int64_t dl = _nextBackgroundTaskDeadline;
@ -945,8 +863,7 @@ public:
}
// Sync information about physical network interfaces
int interfaceAddressCheckInterval = _multipathMode ? ZT_MULTIPATH_LOCAL_INTERFACE_CHECK_INTERVAL : ZT_LOCAL_INTERFACE_CHECK_INTERVAL;
if ((now - lastLocalInterfaceAddressCheck) >= interfaceAddressCheckInterval) {
if ((now - lastLocalInterfaceAddressCheck) >= ZT_LOCAL_INTERFACE_CHECK_INTERVAL) {
lastLocalInterfaceAddressCheck = now;
_node->clearLocalInterfaceAddresses();
@ -1146,6 +1063,8 @@ public:
else urlArgs[a->substr(0,eqpos)] = a->substr(eqpos + 1);
}
}
} else {
return 404;
}
bool isAuth = false;
@ -1163,7 +1082,16 @@ public:
#ifdef __SYNOLOGY__
// Authenticate via Synology's built-in cgi script
if (!isAuth) {
// Parse out url args
/*
fprintf(stderr, "path = %s\n", path.c_str());
fprintf(stderr, "headers.size=%d\n", headers.size());
std::map<std::string, std::string>::const_iterator it(headers.begin());
while(it != headers.end()) {
fprintf(stderr,"header[%s] = %s\n", (it->first).c_str(), (it->second).c_str());
it++;
}
*/
// parse out url args
int synotoken_pos = path.find("SynoToken");
int argpos = path.find("?");
if(synotoken_pos != std::string::npos && argpos != std::string::npos) {
@ -1176,7 +1104,10 @@ public:
setenv("HTTP_COOKIE", cookie_val.c_str(), true);
setenv("HTTP_X_SYNO_TOKEN", synotoken_val.c_str(), true);
setenv("REMOTE_ADDR", ah2->second.c_str(),true);
// Check Synology web auth
//fprintf(stderr, "HTTP_COOKIE: %s\n",std::getenv ("HTTP_COOKIE"));
//fprintf(stderr, "HTTP_X_SYNO_TOKEN: %s\n",std::getenv ("HTTP_X_SYNO_TOKEN"));
//fprintf(stderr, "REMOTE_ADDR: %s\n",std::getenv ("REMOTE_ADDR"));
// check synology web auth
char user[256], buf[1024];
FILE *fp = NULL;
bzero(user, 256);
@ -1222,23 +1153,6 @@ public:
json &settings = res["config"]["settings"];
settings["primaryPort"] = OSUtils::jsonInt(settings["primaryPort"],(uint64_t)_primaryPort) & 0xffff;
settings["allowTcpFallbackRelay"] = OSUtils::jsonBool(settings["allowTcpFallbackRelay"],_allowTcpFallbackRelay);
if (_multipathMode) {
json &multipathConfig = res["multipath"];
ZT_PeerList *pl = _node->peers();
char peerAddrStr[256];
if (pl) {
for(unsigned long i=0;i<pl->peerCount;++i) {
if (pl->peers[i].hadAggregateLink) {
nlohmann::json pj;
_peerAggregateLinkToJson(pj,&(pl->peers[i]));
OSUtils::ztsnprintf(peerAddrStr,sizeof(peerAddrStr),"%.10llx",pl->peers[i].address);
multipathConfig[peerAddrStr] = (pj);
}
}
}
}
#ifdef ZT_USE_MINIUPNPC
settings["portMappingEnabled"] = OSUtils::jsonBool(settings["portMappingEnabled"],true);
#else
@ -1567,13 +1481,24 @@ public:
_primaryPort = (unsigned int)OSUtils::jsonInt(settings["primaryPort"],(uint64_t)_primaryPort) & 0xffff;
_allowTcpFallbackRelay = OSUtils::jsonBool(settings["allowTcpFallbackRelay"],true);
_multipathMode = (unsigned int)OSUtils::jsonInt(settings["multipathMode"],0);
if (_multipathMode != 0 && _allowTcpFallbackRelay) {
fprintf(stderr,"WARNING: multipathMode cannot be used with allowTcpFallbackRelay. Disabling allowTcpFallbackRelay");
_allowTcpFallbackRelay = false;
}
_portMappingEnabled = OSUtils::jsonBool(settings["portMappingEnabled"],true);
#ifndef ZT_SDK
const std::string up(OSUtils::jsonString(settings["softwareUpdate"],ZT_SOFTWARE_UPDATE_DEFAULT));
const bool udist = OSUtils::jsonBool(settings["softwareUpdateDist"],false);
if (((up == "apply")||(up == "download"))||(udist)) {
if (!_updater)
_updater = new SoftwareUpdater(*_node,_homePath);
_updateAutoApply = (up == "apply");
_updater->setUpdateDistribution(udist);
_updater->setChannel(OSUtils::jsonString(settings["softwareUpdateChannel"],ZT_SOFTWARE_UPDATE_DEFAULT_CHANNEL));
} else {
delete _updater;
_updater = (SoftwareUpdater *)0;
_updateAutoApply = false;
}
#endif
json &ignoreIfs = settings["interfacePrefixBlacklist"];
if (ignoreIfs.is_array()) {
for(unsigned long i=0;i<ignoreIfs.size();++i) {
@ -1591,70 +1516,8 @@ public:
_allowManagementFrom.push_back(nw);
}
}
#if ZT_VAULT_SUPPORT
json &vault = settings["vault"];
if (vault.is_object()) {
const std::string url(OSUtils::jsonString(vault["vaultURL"], "").c_str());
if (!url.empty()) {
_vaultURL = url;
}
const std::string token(OSUtils::jsonString(vault["vaultToken"], "").c_str());
if (!token.empty()) {
_vaultToken = token;
}
const std::string path(OSUtils::jsonString(vault["vaultPath"], "").c_str());
if (!path.empty()) {
_vaultPath = path;
}
}
// also check environment variables for values. Environment variables
// will override local.conf variables
const std::string envURL(getenv("VAULT_ADDR"));
if (!envURL.empty()) {
_vaultURL = envURL;
}
const std::string envToken(getenv("VAULT_TOKEN"));
if (!envToken.empty()) {
_vaultToken = envToken;
}
const std::string envPath(getenv("VAULT_PATH"));
if (!envPath.empty()) {
_vaultPath = envPath;
}
if (!_vaultURL.empty() && !_vaultToken.empty()) {
_vaultEnabled = true;
}
#endif
}
void applySoftwareUpdateLocalConfig()
{
#ifndef ZT_SDK
json lc(_localConfig);
json &settings = lc["settings"];
const std::string up(OSUtils::jsonString(settings["softwareUpdate"],ZT_SOFTWARE_UPDATE_DEFAULT));
const bool udist = OSUtils::jsonBool(settings["softwareUpdateDist"],false);
if (((up == "apply")||(up == "download"))||(udist)) {
if (!_updater)
_updater = new SoftwareUpdater(*_node,_homePath);
_updateAutoApply = (up == "apply");
_updater->setUpdateDistribution(udist);
_updater->setChannel(OSUtils::jsonString(settings["softwareUpdateChannel"],ZT_SOFTWARE_UPDATE_DEFAULT_CHANNEL));
} else {
delete _updater;
_updater = (SoftwareUpdater *)0;
_updateAutoApply = false;
}
#endif
}
// Checks if a managed IP or route target is allowed
bool checkIfManagedIsAllowed(const NetworkState &n,const InetAddress &target)
{
@ -1747,12 +1610,10 @@ public:
// Nuke applied routes that are no longer in n.config.routes[] and/or are not allowed
for(std::list< SharedPtr<ManagedRoute> >::iterator mr(n.managedRoutes.begin());mr!=n.managedRoutes.end();) {
bool haveRoute = false;
if ( (checkIfManagedIsAllowed(n,(*mr)->target())) && (((*mr)->via().ss_family != (*mr)->target().ss_family)||(!matchIpOnly(myIps,(*mr)->via()))) ) {
for(unsigned int i=0;i<n.config.routeCount;++i) {
const InetAddress *const target = reinterpret_cast<const InetAddress *>(&(n.config.routes[i].target));
const InetAddress *const via = reinterpret_cast<const InetAddress *>(&(n.config.routes[i].via));
if ( ((*mr)->target() == *target) && ( ((via->ss_family == target->ss_family)&&((*mr)->via().ipsEqual(*via))) || (strcmp(tapdev,(*mr)->device())==0) ) ) {
haveRoute = true;
break;
@ -1770,17 +1631,6 @@ public:
for(unsigned int i=0;i<n.config.routeCount;++i) {
const InetAddress *const target = reinterpret_cast<const InetAddress *>(&(n.config.routes[i].target));
const InetAddress *const via = reinterpret_cast<const InetAddress *>(&(n.config.routes[i].via));
InetAddress *src = NULL;
for (unsigned int j=0; j<n.config.assignedAddressCount; ++j) {
const InetAddress *const tmp = reinterpret_cast<const InetAddress *>(&(n.config.assignedAddresses[j]));
if (target->isV4() && tmp->isV4()) {
src = reinterpret_cast<InetAddress *>(&(n.config.assignedAddresses[j]));
break;
} else if (target->isV6() && tmp->isV6()) {
src = reinterpret_cast<InetAddress *>(&(n.config.assignedAddresses[j]));
break;
}
}
if ( (!checkIfManagedIsAllowed(n,*target)) || ((via->ss_family == target->ss_family)&&(matchIpOnly(myIps,*via))) )
continue;
@ -1788,18 +1638,15 @@ public:
bool haveRoute = false;
// Ignore routes implied by local managed IPs since adding the IP adds the route
// Commented out to fix ticket #600 (disappearing routes on macOS). Remove this block when we're sure there's no side effects
/*
for(std::vector<InetAddress>::iterator ip(n.managedIps.begin());ip!=n.managedIps.end();++ip) {
if ((target->netmaskBits() == ip->netmaskBits())&&(target->containsAddress(*ip))) {
haveRoute = true;
break;
}
}
*/
if (haveRoute)
continue;
#ifndef ZT_SDK
// If we've already applied this route, just sync it and continue
for(std::list< SharedPtr<ManagedRoute> >::iterator mr(n.managedRoutes.begin());mr!=n.managedRoutes.end();++mr) {
if ( ((*mr)->target() == *target) && ( ((via->ss_family == target->ss_family)&&((*mr)->via().ipsEqual(*via))) || (tapdev == (*mr)->device()) ) ) {
@ -1812,9 +1659,10 @@ public:
continue;
// Add and apply new routes
n.managedRoutes.push_back(SharedPtr<ManagedRoute>(new ManagedRoute(*target,*via,*src,tapdev)));
n.managedRoutes.push_back(SharedPtr<ManagedRoute>(new ManagedRoute(*target,*via,tapdev)));
if (!n.managedRoutes.back()->sync())
n.managedRoutes.pop_back();
#endif
}
}
}
@ -2074,7 +1922,7 @@ public:
inline void phyOnUnixAccept(PhySocket *sockL,PhySocket *sockN,void **uptrL,void **uptrN) {}
inline void phyOnUnixClose(PhySocket *sock,void **uptr) {}
inline void phyOnUnixData(PhySocket *sock,void **uptr,void *data,unsigned long len) {}
inline void phyOnUnixWritable(PhySocket *sock,void **uptr) {}
inline void phyOnUnixWritable(PhySocket *sock,void **uptr,bool lwip_invoked) {}
inline int nodeVirtualNetworkConfigFunction(uint64_t nwid,void **nuptr,enum ZT_VirtualNetworkConfigOperation op,const ZT_VirtualNetworkConfig *nwc)
{
@ -2234,89 +2082,8 @@ public:
}
}
#if ZT_VAULT_SUPPORT
inline bool nodeVaultPutIdentity(enum ZT_StateObjectType type, const void *data, int len)
{
bool retval = false;
if (type != ZT_STATE_OBJECT_IDENTITY_PUBLIC && type != ZT_STATE_OBJECT_IDENTITY_SECRET) {
return retval;
}
CURL *curl = curl_easy_init();
if (curl) {
char token[512] = { 0 };
snprintf(token, sizeof(token), "X-Vault-Token: %s", _vaultToken.c_str());
struct curl_slist *chunk = NULL;
chunk = curl_slist_append(chunk, token);
char content_type[512] = { 0 };
snprintf(content_type, sizeof(content_type), "Content-Type: application/json");
chunk = curl_slist_append(chunk, content_type);
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, chunk);
char url[2048] = { 0 };
snprintf(url, sizeof(url), "%s/v1/%s", _vaultURL.c_str(), _vaultPath.c_str());
curl_easy_setopt(curl, CURLOPT_URL, url);
json d = json::object();
if (type == ZT_STATE_OBJECT_IDENTITY_PUBLIC) {
std::string key((const char*)data, len);
d["public"] = key;
}
else if (type == ZT_STATE_OBJECT_IDENTITY_SECRET) {
std::string key((const char*)data, len);
d["secret"] = key;
}
if (!d.empty()) {
std::string post = d.dump();
if (!post.empty()) {
curl_easy_setopt(curl, CURLOPT_POSTFIELDS, post.c_str());
curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, post.length());
#ifndef NDEBUG
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
#endif
CURLcode res = curl_easy_perform(curl);
if (res == CURLE_OK) {
long response_code = 0;
curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response_code);
if (response_code == 200 || response_code == 204) {
retval = true;
}
}
}
}
curl_easy_cleanup(curl);
curl = NULL;
curl_slist_free_all(chunk);
chunk = NULL;
}
return retval;
}
#endif
inline void nodeStatePutFunction(enum ZT_StateObjectType type,const uint64_t id[2],const void *data,int len)
{
#if ZT_VAULT_SUPPORT
if (_vaultEnabled && (type == ZT_STATE_OBJECT_IDENTITY_SECRET || type == ZT_STATE_OBJECT_IDENTITY_PUBLIC)) {
if (nodeVaultPutIdentity(type, data, len)) {
// value successfully written to Vault
return;
}
// else fallback to disk
}
#endif
char p[1024];
FILE *f;
bool secure = false;
@ -2383,96 +2150,8 @@ public:
}
}
#if ZT_VAULT_SUPPORT
inline int nodeVaultGetIdentity(enum ZT_StateObjectType type, void *data, unsigned int maxlen)
{
if (type != ZT_STATE_OBJECT_IDENTITY_SECRET && type != ZT_STATE_OBJECT_IDENTITY_PUBLIC) {
return -1;
}
int ret = -1;
CURL *curl = curl_easy_init();
if (curl) {
char token[512] = { 0 };
snprintf(token, sizeof(token), "X-Vault-Token: %s", _vaultToken.c_str());
struct curl_slist *chunk = NULL;
chunk = curl_slist_append(chunk, token);
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, chunk);
char url[2048] = { 0 };
snprintf(url, sizeof(url), "%s/v1/%s", _vaultURL.c_str(), _vaultPath.c_str());
curl_easy_setopt(curl, CURLOPT_URL, url);
std::string response;
std::string res_headers;
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, &curlResponseWrite);
curl_easy_setopt(curl, CURLOPT_WRITEDATA, &response);
curl_easy_setopt(curl, CURLOPT_HEADERDATA, &res_headers);
#ifndef NDEBUG
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
#endif
CURLcode res = curl_easy_perform(curl);
if (res == CURLE_OK) {
long response_code = 0;
curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response_code);
if (response_code == 200) {
try {
json payload = json::parse(response);
if (!payload["data"].is_null()) {
json &d = payload["data"];
if (type == ZT_STATE_OBJECT_IDENTITY_SECRET) {
std::string secret = OSUtils::jsonString(d["secret"],"");
if (!secret.empty()) {
ret = (int)secret.length();
memcpy(data, secret.c_str(), ret);
}
}
else if (type == ZT_STATE_OBJECT_IDENTITY_PUBLIC) {
std::string pub = OSUtils::jsonString(d["public"],"");
if (!pub.empty()) {
ret = (int)pub.length();
memcpy(data, pub.c_str(), ret);
}
}
}
}
catch (...) {
ret = -1;
}
}
}
curl_easy_cleanup(curl);
curl = NULL;
curl_slist_free_all(chunk);
chunk = NULL;
}
return ret;
}
#endif
inline int nodeStateGetFunction(enum ZT_StateObjectType type,const uint64_t id[2],void *data,unsigned int maxlen)
{
#if ZT_VAULT_SUPPORT
if (_vaultEnabled && (type == ZT_STATE_OBJECT_IDENTITY_SECRET || type == ZT_STATE_OBJECT_IDENTITY_PUBLIC) ) {
int retval = nodeVaultGetIdentity(type, data, maxlen);
if (retval >= 0)
return retval;
// else continue file based lookup
}
#endif
char p[4096];
switch(type) {
case ZT_STATE_OBJECT_IDENTITY_PUBLIC:
@ -2500,17 +2179,6 @@ public:
if (f) {
int n = (int)fread(data,1,maxlen,f);
fclose(f);
#if ZT_VAULT_SUPPORT
if (_vaultEnabled && (type == ZT_STATE_OBJECT_IDENTITY_SECRET || type == ZT_STATE_OBJECT_IDENTITY_PUBLIC)) {
// If we've gotten here while Vault is enabled, Vault does not know the key and it's been
// read from disk instead.
//
// We should put the value in Vault and remove the local file.
if (nodeVaultPutIdentity(type, data, n)) {
unlink(p);
}
}
#endif
if (n >= 0)
return n;
}

3
service/README.md
View File

@ -32,7 +32,8 @@ Settings available in `local.conf` (this is not valid JSON, and JSON does not al
"softwareUpdateDist": true|false, /* If true, distribute software updates (only really useful to ZeroTier, Inc. itself, default is false) */
"interfacePrefixBlacklist": [ "XXX",... ], /* Array of interface name prefixes (e.g. eth for eth#) to blacklist for ZT traffic */
"allowManagementFrom": "NETWORK/bits"|null, /* If non-NULL, allow JSON/HTTP management from this IP network. Default is 127.0.0.1 only. */
"bind": [ "ip",... ] /* If present and non-null, bind to these IPs instead of to each interface (wildcard IP allowed) */
"bind": [ "ip",... ], /* If present and non-null, bind to these IPs instead of to each interface (wildcard IP allowed) */
"allowTcpFallbackRelay": true|false /* Allow or disallow establishment of TCP relay connections (true by default) */
}
}
```

2
version.h
View File

@ -40,7 +40,7 @@
/**
* Revision
*/
#define ZEROTIER_ONE_VERSION_REVISION 10
#define ZEROTIER_ONE_VERSION_REVISION 12
/**
* Build version

4
windows/WinUI/AboutView.xaml
View File

@ -19,9 +19,9 @@
<Run Text="ZeroTier One"/>
</Paragraph>
<Paragraph TextAlignment="Center">
<Run FontSize="14" Text="Version 1.2.10"/>
<Run FontSize="14" Text="Version 1.2.12"/>
<LineBreak/>
<Run FontSize="14" Text="(c) 2011-2017 ZeroTier, Inc."/>
<Run FontSize="14" Text="(c) 2011-2018 ZeroTier, Inc."/>
<LineBreak/>
<Run FontSize="14" Text="www.zerotier.com"/>
</Paragraph>

2
windows/WinUI/CentralAPI.cs
View File

@ -207,7 +207,7 @@ namespace WinUI
public async Task<CentralNetwork> CreateNewNetwork()
{
string networkURL = Central.ServerURL + "/api/network/";
string networkURL = Central.ServerURL + "/api/network?easy=1";
CentralNetwork network = new CentralNetwork();
network.Config = new CentralNetwork.CentralNetworkConfig();
network.Config.Name = NetworkNameGenerator.GenerateName();

5
windows/WinUI/ToolbarItem.xaml
View File

@ -43,7 +43,10 @@
<Separator/>
<MenuItem Header="ZeroTier Central"
Click="ToolbarItem_CentralClicked"/>
<MenuItem Header="Create and Join Network"
Click="ToolbarItem_NewNetwork"
x:Name="newNetworkItem"/>
<Separator/>
<MenuItem Header="About..."
Click="ToolbarItem_AboutClicked"/>
<MenuItem Header="Preferences..."

42
windows/WinUI/ToolbarItem.xaml.cs
View File

@ -120,17 +120,21 @@ namespace WinUI
if (shouldShowOnboardProcess)
{
// TODO: Show onboarding process window (on main thread
Dispatcher.BeginInvoke(DispatcherPriority.Normal, new Action(() =>
{
PageSwitcher ps = new PageSwitcher();
ps.Show();
}));
showOnboardProcess();
shouldShowOnboardProcess = false;
}
}
}
private void showOnboardProcess()
{
Dispatcher.BeginInvoke(DispatcherPriority.Normal, new Action(() =>
{
PageSwitcher ps = new PageSwitcher();
ps.Show();
}));
}
private void updateStatus(ZeroTierStatus status)
{
if (status != null)
@ -142,6 +146,15 @@ namespace WinUI
nodeId = status.Address;
}));
}
if (CentralAPI.Instance.HasAccessToken())
{
newNetworkItem.IsEnabled = true;
}
else
{
newNetworkItem.IsEnabled = false;
}
}
private void ToolbarItem_NodeIDClicked(object sender, System.Windows.RoutedEventArgs e)
@ -331,6 +344,25 @@ namespace WinUI
}
}
private async void ToolbarItem_NewNetwork(object sender, System.Windows.RoutedEventArgs e)
{
if (CentralAPI.Instance.HasAccessToken())
{
CentralAPI api = CentralAPI.Instance;
CentralNetwork newNetwork = await api.CreateNewNetwork();
APIHandler handler = APIHandler.Instance;
handler.JoinNetwork(this.Dispatcher, newNetwork.Id);
string nodeId = APIHandler.Instance.NodeAddress();
bool authorized = await CentralAPI.Instance.AuthorizeNode(nodeId, newNetwork.Id);
}
else
{
showOnboardProcess();
}
}
private void setWindowPosition(Window w)
{
double width = w.ActualWidth;

62
windows/ZeroTierOne/ZeroTierOne.vcxproj
View File

@ -48,7 +48,12 @@
<ClCompile Include="..\..\ext\miniupnpc\upnpdev.c" />
<ClCompile Include="..\..\ext\miniupnpc\upnperrors.c" />
<ClCompile Include="..\..\ext\miniupnpc\upnpreplyparse.c" />
<ClCompile Include="..\..\node\C25519.cpp" />
<ClCompile Include="..\..\node\C25519.cpp">
<Optimization Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">MaxSpeed</Optimization>
<Optimization Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">MaxSpeed</Optimization>
<BasicRuntimeChecks Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Default</BasicRuntimeChecks>
<BasicRuntimeChecks Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Default</BasicRuntimeChecks>
</ClCompile>
<ClCompile Include="..\..\node\Capability.cpp" />
<ClCompile Include="..\..\node\CertificateOfMembership.cpp" />
<ClCompile Include="..\..\node\CertificateOfOwnership.cpp" />
@ -64,7 +69,12 @@
<ClCompile Include="..\..\node\Packet.cpp" />
<ClCompile Include="..\..\node\Path.cpp" />
<ClCompile Include="..\..\node\Peer.cpp" />
<ClCompile Include="..\..\node\Poly1305.cpp" />
<ClCompile Include="..\..\node\Poly1305.cpp">
<Optimization Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">MaxSpeed</Optimization>
<Optimization Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">MaxSpeed</Optimization>
<BasicRuntimeChecks Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Default</BasicRuntimeChecks>
<BasicRuntimeChecks Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Default</BasicRuntimeChecks>
</ClCompile>
<ClCompile Include="..\..\node\Revocation.cpp" />
<ClCompile Include="..\..\node\Salsa20.cpp" />
<ClCompile Include="..\..\node\SelfAwareness.cpp" />
@ -284,15 +294,15 @@
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<SDLCheck>true</SDLCheck>
<AdditionalIncludeDirectories>$(ProjectDir)..\..\ext\curl-7.58.0\$(PlatformTarget)\include\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>ZT_EXPORT;CURL_STATICLIB;ZT_VAULT_SUPPORT=1;NOMINMAX;STATICLIB;WIN32;ZT_TRACE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="disable";%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
</AdditionalIncludeDirectories>
<PreprocessorDefinitions>ZT_EXPORT;FD_SETSIZE=1024;NOMINMAX;STATICLIB;WIN32;ZT_TRACE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="disable";%(PreprocessorDefinitions)</PreprocessorDefinitions>
<DisableSpecificWarnings>4996</DisableSpecificWarnings>
</ClCompile>
<Link>
<GenerateDebugInformation>true</GenerateDebugInformation>
<AdditionalDependencies>wsock32.lib;ws2_32.lib;Iphlpapi.lib;Rpcrt4.lib;libcurl_a_debug.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalDependencies>wsock32.lib;ws2_32.lib;Iphlpapi.lib;Rpcrt4.lib;%(AdditionalDependencies)</AdditionalDependencies>
<ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers>
<AdditionalLibraryDirectories>$(ProjectDir)..\..\ext\curl-7.58.0\$(PlatformTarget)\lib\;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Profile|Win32'">
@ -300,15 +310,15 @@
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<SDLCheck>true</SDLCheck>
<AdditionalIncludeDirectories>$(ProjectDir)..\..\ext\curl-7.58.0\$(PlatformTarget)\include\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>ZT_EXPORT;CURL_STATICLIB;ZT_VAULT_SUPPORT=1;NOMINMAX;STATICLIB;WIN32;ZT_TRACE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="disable";%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
</AdditionalIncludeDirectories>
<PreprocessorDefinitions>ZT_EXPORT;FD_SETSIZE=1024;NOMINMAX;STATICLIB;WIN32;ZT_TRACE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="disable";%(PreprocessorDefinitions)</PreprocessorDefinitions>
<DisableSpecificWarnings>4996</DisableSpecificWarnings>
</ClCompile>
<Link>
<GenerateDebugInformation>true</GenerateDebugInformation>
<AdditionalDependencies>wsock32.lib;ws2_32.lib;Iphlpapi.lib;Rpcrt4.lib;libcurl_a.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalDependencies>wsock32.lib;ws2_32.lib;Iphlpapi.lib;Rpcrt4.lib;%(AdditionalDependencies)</AdditionalDependencies>
<ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers>
<AdditionalLibraryDirectories>$(ProjectDir)..\..\ext\curl-7.58.0\$(PlatformTarget)\lib\;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
@ -316,17 +326,17 @@
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<SDLCheck>true</SDLCheck>
<AdditionalIncludeDirectories>$(ProjectDir)..\..\ext\curl-7.58.0\$(PlatformTarget)\include\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>ZT_EXPORT;CURL_STATICLIB;ZT_VAULT_SUPPORT=1;NOMINMAX;STATICLIB;WIN32;ZT_TRACE;ZT_RULES_ENGINE_DEBUGGING;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="disable";%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
</AdditionalIncludeDirectories>
<PreprocessorDefinitions>ZT_EXPORT;FD_SETSIZE=1024;NOMINMAX;STATICLIB;WIN32;ZT_TRACE;ZT_RULES_ENGINE_DEBUGGING;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="disable";%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MultiProcessorCompilation>false</MultiProcessorCompilation>
<DisableSpecificWarnings>4996</DisableSpecificWarnings>
</ClCompile>
<Link>
<GenerateDebugInformation>true</GenerateDebugInformation>
<AdditionalDependencies>wsock32.lib;ws2_32.lib;Iphlpapi.lib;Rpcrt4.lib;libcurl_a_debug.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalDependencies>wsock32.lib;ws2_32.lib;Iphlpapi.lib;Rpcrt4.lib;%(AdditionalDependencies)</AdditionalDependencies>
<ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers>
<AdditionalOptions>"notelemetry.obj" %(AdditionalOptions)</AdditionalOptions>
<AdditionalLibraryDirectories>$(ProjectDir)..\..\ext\curl-7.58.0\$(PlatformTarget)\lib\;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Profile|x64'">
@ -334,17 +344,17 @@
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<SDLCheck>true</SDLCheck>
<AdditionalIncludeDirectories>$(ProjectDir)..\..\ext\curl-7.58.0\$(PlatformTarget)\include\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>ZT_EXPORT;CURL_STATICLIB;ZT_VAULT_SUPPORT=1;NOMINMAX;STATICLIB;WIN32;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="disable";%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
</AdditionalIncludeDirectories>
<PreprocessorDefinitions>ZT_EXPORT;FD_SETSIZE=1024;NOMINMAX;STATICLIB;WIN32;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="disable";%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MultiProcessorCompilation>false</MultiProcessorCompilation>
<DisableSpecificWarnings>4996</DisableSpecificWarnings>
</ClCompile>
<Link>
<GenerateDebugInformation>true</GenerateDebugInformation>
<AdditionalDependencies>wsock32.lib;ws2_32.lib;Iphlpapi.lib;Rpcrt4.lib;libcurl_a.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalDependencies>wsock32.lib;ws2_32.lib;Iphlpapi.lib;Rpcrt4.lib;%(AdditionalDependencies)</AdditionalDependencies>
<ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers>
<AdditionalOptions>"notelemetry.obj" %(AdditionalOptions)</AdditionalOptions>
<AdditionalLibraryDirectories>$(ProjectDir)..\..\ext\curl-7.58.0\$(PlatformTarget)\lib\;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
@ -354,8 +364,9 @@
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<SDLCheck>true</SDLCheck>
<AdditionalIncludeDirectories>$(ProjectDir)..\..\ext\curl-7.58.0\$(PlatformTarget)\include\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>ZT_EXPORT;CURL_STATICLIB;ZT_VAULT_SUPPORT=1;STATICLIB;ZT_SALSA20_SSE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;WIN32;NOMINMAX;ZT_SOFTWARE_UPDATE_DEFAULT="apply";ZT_BUILD_PLATFORM=2;ZT_BUILD_ARCHITECTURE=1;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
</AdditionalIncludeDirectories>
<PreprocessorDefinitions>ZT_EXPORT;FD_SETSIZE=1024;STATICLIB;ZT_SALSA20_SSE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;WIN32;NOMINMAX;ZT_SOFTWARE_UPDATE_DEFAULT="apply";ZT_BUILD_PLATFORM=2;ZT_BUILD_ARCHITECTURE=1;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreaded</RuntimeLibrary>
<EnableEnhancedInstructionSet>StreamingSIMDExtensions2</EnableEnhancedInstructionSet>
<StringPooling>true</StringPooling>
@ -369,9 +380,8 @@
<GenerateDebugInformation>true</GenerateDebugInformation>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
<AdditionalDependencies>wsock32.lib;ws2_32.lib;Iphlpapi.lib;Rpcrt4.lib;libcurl_a.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalDependencies>wsock32.lib;ws2_32.lib;Iphlpapi.lib;Rpcrt4.lib;%(AdditionalDependencies)</AdditionalDependencies>
<ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers>
<AdditionalLibraryDirectories>$(ProjectDir)..\..\ext\curl-7.58.0\$(PlatformTarget)\lib\;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
@ -381,8 +391,9 @@
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<SDLCheck>true</SDLCheck>
<AdditionalIncludeDirectories>$(ProjectDir)..\..\ext\curl-7.58.0\$(PlatformTarget)\include\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>ZT_EXPORT;CURL_STATICLIB;ZT_VAULT_SUPPORT=1;STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="apply";ZT_SALSA20_SSE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;WIN32;NOMINMAX;ZT_BUILD_PLATFORM=2;ZT_BUILD_ARCHITECTURE=2;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
</AdditionalIncludeDirectories>
<PreprocessorDefinitions>ZT_EXPORT;FD_SETSIZE=1024;STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="apply";ZT_SALSA20_SSE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;WIN32;NOMINMAX;ZT_BUILD_PLATFORM=2;ZT_BUILD_ARCHITECTURE=2;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreaded</RuntimeLibrary>
<EnableEnhancedInstructionSet>NotSet</EnableEnhancedInstructionSet>
<StringPooling>true</StringPooling>
@ -398,9 +409,8 @@
<GenerateDebugInformation>true</GenerateDebugInformation>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
<AdditionalDependencies>wsock32.lib;ws2_32.lib;Iphlpapi.lib;Rpcrt4.lib;libcurl_a.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalDependencies>wsock32.lib;ws2_32.lib;Iphlpapi.lib;Rpcrt4.lib;%(AdditionalDependencies)</AdditionalDependencies>
<ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers>
<AdditionalLibraryDirectories>$(ProjectDir)..\..\ext\curl-7.58.0\$(PlatformTarget)\lib\;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />

12
zerotier-one.spec
View File

@ -1,5 +1,5 @@
Name: zerotier-one
Version: 1.2.10
Version: 1.2.12
Release: 1%{?dist}
Summary: ZeroTier One network virtualization service
@ -33,13 +33,13 @@ Requires(pre): /usr/sbin/useradd, /usr/bin/getent
%description
ZeroTier is a software defined networking layer for Earth.
It can be used for on-premise network virtualization, as a peer to peer VPN
for mobile teams, for hybrid or multi-data-center cloud deployments, or just
It can be used for on-premise network virtualization, as a peer to peer VPN
for mobile teams, for hybrid or multi-data-center cloud deployments, or just
about anywhere else secure software defined virtual networking is useful.
ZeroTier One is our OS-level client service. It allows Mac, Linux, Windows,
FreeBSD, and soon other types of clients to join ZeroTier virtual networks
like conventional VPNs or VLANs. It can run on native systems, VMs, or
ZeroTier One is our OS-level client service. It allows Mac, Linux, Windows,
FreeBSD, and soon other types of clients to join ZeroTier virtual networks
like conventional VPNs or VLANs. It can run on native systems, VMs, or
containers (Docker, OpenVZ, etc.).
%prep