diff --git a/.gitignore b/.gitignore index a9fbc0b32..5bae233f3 100755 --- a/.gitignore +++ b/.gitignore @@ -31,4 +31,4 @@ .qmake.stash *.autosave /ZeroTier One.dmg -/topology/topology.secret +/root-topology/*.secret diff --git a/topology/Makefile b/root-topology/Makefile similarity index 89% rename from topology/Makefile rename to root-topology/Makefile index a78cc9ab0..4c256a50e 100644 --- a/topology/Makefile +++ b/root-topology/Makefile @@ -11,4 +11,7 @@ official: all clean: rm -f *.o mktopology bin2c root_topology.out +realclean: clean + rm -f ZT_DEFAULT_ROOT_TOPOLOGY.c + FORCE: diff --git a/root-topology/README.md b/root-topology/README.md new file mode 100644 index 000000000..04efc765d --- /dev/null +++ b/root-topology/README.md @@ -0,0 +1,7 @@ +This folder contains the source files to compile the signed network root topology dictionary. Users outside ZeroTier won't find this useful except for testing, since the root topology must be signed by the root topology authority (public identity in root-topology-authority.public) to be considered valid. + +ZT_DEFAULT_ROOT_TOPOLOGY.c contains the current default value, and this URL is periodically checked for updates: + +http://download.zerotier.com/sys/topology + +Obviously nothing prevents OSS users from replacing this topology with their own, changing the hard coded topology signing identity and update URL in Defaults, and signing their own dictionary. But doing so would yield a network that would have a tough(ish) time talking to the main one. Since the main network is a free service, why bother? (Except for building testnets, which ZeroTier already does for internal testing.) diff --git a/topology/ZT_DEFAULT_ROOT_TOPOLOGY.c b/root-topology/ZT_DEFAULT_ROOT_TOPOLOGY.c similarity index 99% rename from topology/ZT_DEFAULT_ROOT_TOPOLOGY.c rename to root-topology/ZT_DEFAULT_ROOT_TOPOLOGY.c index 905a419c3..0d313120a 100644 --- a/topology/ZT_DEFAULT_ROOT_TOPOLOGY.c +++ b/root-topology/ZT_DEFAULT_ROOT_TOPOLOGY.c @@ -94,6 +94,6 @@ static unsigned char ZT_DEFAULT_ROOT_TOPOLOGY[] = { 0x34, 0x32, 0x38, 0x33, 0x37, 0x33, 0x35, 0x38, 0x32, 0x64, 0x61, 0x33, 0x64, 0x30, 0x61, 0x39, 0x61, 0x31, 0x34, 0x62, 0x33, 0x36, 0x65, 0x34, 0x35, 0x34, 0x36, 0x63, 0x33, 0x31, 0x37, 0x65, 0x38, 0x31, 0x31, 0x65, 0x36, 0x0a, 0x7e, 0x21, 0x73, 0x69, 0x67, 0x74, 0x73, 0x3d, 0x31, 0x34, - 0x37, 0x62, 0x32, 0x66, 0x37, 0x30, 0x34, 0x37, 0x34, 0x0a + 0x37, 0x62, 0x32, 0x66, 0x62, 0x65, 0x66, 0x38, 0x35, 0x0a }; #define ZT_DEFAULT_ROOT_TOPOLOGY_LEN 1530 diff --git a/topology/bin2c.c b/root-topology/bin2c.c similarity index 100% rename from topology/bin2c.c rename to root-topology/bin2c.c diff --git a/topology/mktopology.cpp b/root-topology/mktopology.cpp similarity index 76% rename from topology/mktopology.cpp rename to root-topology/mktopology.cpp index b1d536838..516fd71b4 100644 --- a/topology/mktopology.cpp +++ b/root-topology/mktopology.cpp @@ -1,9 +1,3 @@ -/* Makes topology dictionary out of source dictionary and signs with - * 'topology.secret', which must be present (or symlinked) from where - * this is run. */ - -/* Just type 'make' and then run (Only tested on Linux) */ - #include #include #include @@ -22,8 +16,8 @@ int main(int argc,char **argv) { std::string buf; - if (!Utils::readFile("topology.secret",buf)) { - std::cerr << "Cannot read topology.secret" << std::endl; + if (!Utils::readFile("root-topology-authority.secret",buf)) { + std::cerr << "Cannot read root-topology-authority.secret" << std::endl; return 1; } Identity topologyAuthority(buf); diff --git a/topology/topology.public b/root-topology/root-topology-authority.public similarity index 100% rename from topology/topology.public rename to root-topology/root-topology-authority.public diff --git a/topology/supernodes/36f63d6574 b/root-topology/supernodes/36f63d6574 similarity index 100% rename from topology/supernodes/36f63d6574 rename to root-topology/supernodes/36f63d6574 diff --git a/topology/supernodes/7e19876aba b/root-topology/supernodes/7e19876aba similarity index 100% rename from topology/supernodes/7e19876aba rename to root-topology/supernodes/7e19876aba diff --git a/topology/supernodes/8acf059fe3 b/root-topology/supernodes/8acf059fe3 similarity index 100% rename from topology/supernodes/8acf059fe3 rename to root-topology/supernodes/8acf059fe3 diff --git a/topology/supernodes/9d219039f3 b/root-topology/supernodes/9d219039f3 similarity index 100% rename from topology/supernodes/9d219039f3 rename to root-topology/supernodes/9d219039f3 diff --git a/topology/README.md b/topology/README.md deleted file mode 100644 index 69ec3fc73..000000000 --- a/topology/README.md +++ /dev/null @@ -1,9 +0,0 @@ -This folder contains the source files to compile the signed network topology dictionary. Users outside ZeroTier won't find this useful except for documentation purposes, since this dictionary must be signed by a valid topology signing key to be considered valid. These keys are hard-coded into the source and distributed with all versions of the app. - -A default value for this dictionary is included in node/Defaults.cpp, and the following URL is periodically checked for updates: - -http://download.zerotier.com/sys/topology - -Obviously nothing prevents OSS users from replacing this topology with their own, changing the hard coded topology signing identity and update URL in Defaults, and signing their own dictionary. But doing so would yield a network that would have a tough(ish) time talking to the main one. Since the main network is a free service, why bother? (Except for building testnets, which ZeroTier already does for internal testing.) - -Increasing decentralization via federation or trust network is possible in the future though, provided it can be done without sacrificing stability, security, performance, or ease of use.