ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-01-29 15:43:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Version bump, backport one more fix.

Browse Source
This commit is contained in:
Adam Ierymenko 2021-09-21 11:31:25 -04:00
parent 48ce7632fa
commit 9f9a870399
No known key found for this signature in database
GPG Key ID: C8877CF2D7A5D7F3
4 changed files with 53 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
RELEASE-NOTES.md
View File

@ -1,6 +1,10 @@
ZeroTier Release Notes
======
# 2021-09-21 -- Version 1.6.6
* Point release to back-port additional endpoint-side mitigations against vulnerability announced by Pulse Security.
# 2021-04-13 -- Version 1.6.5
* Fix a bug in potential network path filtering that could in some circumstances lead to "software laser" effects.

9
ext/installfiles/mac/ZeroTier One.pkgproj
View File

@ -689,7 +689,7 @@
<key>USE_HFS+_COMPRESSION</key>
<false/>
<key>VERSION</key>
<string>1.6.5</string>
<string>1.6.6</string>
</dict>
<key>TYPE</key>
<integer>0</integer>
@ -865,6 +865,13 @@
</dict>
<key>PROJECT_SETTINGS</key>
<dict>
<key>ADVANCED_OPTIONS</key>
<dict>
<key>installer-script.options:hostArchitectures</key>
<array>
<string>x86_64,arm64</string>
</array>
</dict>
<key>BUILD_FORMAT</key>
<integer>0</integer>
<key>BUILD_PATH</key>

50
osdep/ManagedRoute.cpp
View File

@ -250,14 +250,26 @@ static void _routeCmd(const char *op,const InetAddress &target,const InetAddress
char iptmp[64];
if (via) {
if ((ifscope)&&(ifscope[0])) {
#ifdef ZT_TRACE
fprintf(stderr, "DEBUG: route %s -ifscope %s %s %s" ZT_EOL_S, ifscope,((target.ss_family == AF_INET6) ? "-inet6" : "-inet"),target.toString(ttmp),via.toIpString(iptmp));
#endif
::execl(ZT_BSD_ROUTE_CMD,ZT_BSD_ROUTE_CMD,op,"-ifscope",ifscope,((target.ss_family == AF_INET6) ? "-inet6" : "-inet"),target.toString(ttmp),via.toIpString(iptmp),(const char *)0);
} else {
#ifdef ZT_TRACE
fprintf(stderr, "DEBUG: route %s %s %s %s" ZT_EOL_S, op,((target.ss_family == AF_INET6) ? "-inet6" : "-inet"),target.toString(ttmp),via.toIpString(iptmp));
#endif
::execl(ZT_BSD_ROUTE_CMD,ZT_BSD_ROUTE_CMD,op,((target.ss_family == AF_INET6) ? "-inet6" : "-inet"),target.toString(ttmp),via.toIpString(iptmp),(const char *)0);
}
} else if ((localInterface)&&(localInterface[0])) {
if ((ifscope)&&(ifscope[0])) {
#ifdef ZT_TRACE
fprintf(stderr, "DEBUG: route %s -ifscope %s %s %s -interface %s" ZT_EOL_S, op, ifscope,((target.ss_family == AF_INET6) ? "-inet6" : "-inet"),target.toString(ttmp),localInterface);
#endif
::execl(ZT_BSD_ROUTE_CMD,ZT_BSD_ROUTE_CMD,op,"-ifscope",ifscope,((target.ss_family == AF_INET6) ? "-inet6" : "-inet"),target.toString(ttmp),"-interface",localInterface,(const char *)0);
} else {
#ifdef ZT_TRACE
fprintf(stderr, "DEBUG: route %s %s %s -interface %s" ZT_EOL_S, op,((target.ss_family == AF_INET6) ? "-inet6" : "-inet"),target.toString(ttmp),localInterface);
#endif
::execl(ZT_BSD_ROUTE_CMD,ZT_BSD_ROUTE_CMD,op,((target.ss_family == AF_INET6) ? "-inet6" : "-inet"),target.toString(ttmp),"-interface",localInterface,(const char *)0);
}
}
@ -393,9 +405,7 @@ ManagedRoute::ManagedRoute(const InetAddress &target,const InetAddress &via,cons
}
ManagedRoute::~ManagedRoute()
{
this->remove();
}
{}
/* Linux NOTE: for default route override, some Linux distributions will
* require a change to the rp_filter parameter. A value of '1' will prevent
@ -427,6 +437,24 @@ bool ManagedRoute::sync()
#ifdef __BSD__ // ------------------------------------------------------------
if (_device[0]) {
bool haveDevice = false;
struct ifaddrs *ifa = (struct ifaddrs *)0;
if (!getifaddrs(&ifa)) {
struct ifaddrs *p = ifa;
while (p) {
if ((p->ifa_name)&&(!strcmp(_device, p->ifa_name))) {
haveDevice = true;
break;
}
p = p->ifa_next;
}
freeifaddrs(ifa);
}
if (!haveDevice)
return false;
}
// Find lowest metric system route that this route should override (if any)
InetAddress newSystemVia;
char newSystemDevice[128];
@ -471,23 +499,25 @@ bool ManagedRoute::sync()
if (_systemVia) {
_routeCmd("add",leftt,_systemVia,_systemDevice,(const char *)0);
_routeCmd("change",leftt,_systemVia,_systemDevice,(const char *)0);
//_routeCmd("change",leftt,_systemVia,_systemDevice,(const char *)0);
if (rightt) {
_routeCmd("add",rightt,_systemVia,_systemDevice,(const char *)0);
_routeCmd("change",rightt,_systemVia,_systemDevice,(const char *)0);
//_routeCmd("change",rightt,_systemVia,_systemDevice,(const char *)0);
}
}
}
if (!_applied.count(leftt)) {
_applied[leftt] = false; // not ifscoped
_applied[leftt] = !_via;
_routeCmd("delete",leftt,_via,(const char *)0,(_via) ? (const char *)0 : _device);
_routeCmd("add",leftt,_via,(const char *)0,(_via) ? (const char *)0 : _device);
_routeCmd("change",leftt,_via,(const char *)0,(_via) ? (const char *)0 : _device);
//_routeCmd("change",leftt,_via,(const char *)0,(_via) ? (const char *)0 : _device);
}
if ((rightt)&&(!_applied.count(rightt))) {
_applied[rightt] = false; // not ifscoped
_applied[rightt] = !_via;
_routeCmd("delete",rightt,_via,(const char *)0,(_via) ? (const char *)0 : _device);
_routeCmd("add",rightt,_via,(const char *)0,(_via) ? (const char *)0 : _device);
_routeCmd("change",rightt,_via,(const char *)0,(_via) ? (const char *)0 : _device);
//_routeCmd("change",rightt,_via,(const char *)0,(_via) ? (const char *)0 : _device);
}
#endif // __BSD__ ------------------------------------------------------------
@ -566,4 +596,4 @@ void ManagedRoute::remove()
_applied.clear();
}
} // namespace ZeroTier
} // namespace ZeroTier

2
version.h
View File

@ -27,7 +27,7 @@
/**
* Revision
*/
#define ZEROTIER_ONE_VERSION_REVISION 5
#define ZEROTIER_ONE_VERSION_REVISION 6
/**
* Build version