Commit Graph

4929 Commits

Author SHA1 Message Date
Grant Limberg
2851a9577c
JNI for dns configuration 2020-10-21 14:18:29 -07:00
Adam Ierymenko
ed9b09e980
Missing flag. 2020-10-20 18:52:36 -04:00
Adam Ierymenko
bcb3fc7fc0
Only use SSE/SSE2 for X64 for regular stuff. 2020-10-20 18:51:38 -04:00
Adam Ierymenko
70f37962cf
Backport AES fixes for compiler, arch, and splitting into separate files. 2020-10-20 18:50:28 -04:00
Adam Ierymenko
8d83b9b7c5
Revert change to path quality to fix IPv6 issue in beta. We will rework this in 2.x. 2020-10-14 20:41:58 -04:00
Adam Ierymenko
2c75be0d64
Do not always enable SSE4 on X64 due to old Atom chips. Enable instead only for AES-NI code which is only run if AES-NI is present, which it is not on these old chips. 2020-10-13 16:08:30 -04:00
Grant Limberg
ee04118172
null check 2020-10-13 08:24:36 -07:00
Adam Ierymenko
fe1ce885a0
Version 1.6.0 (1.5.0 is a beta!) is a significant release that incorporates a number of back-ported fixes and features from the ZeroTier 2.0 tree.
Major new features are:

 * **Multipath support** with modes modeled after the Linux kernel's bonding driver. This includes active-passive and active-active modes with fast failover and load balancing. See section 2.1.5 of the manual.
 * **DNS configuration** push from network controllers to end nodes, with locally configurable permissions for whether or not push is allowed.
 * **AES-GMAC-SIV** encryption mode, which is both somewhat more secure and significantly faster than the old Salsa20/12-Poly1305 mode on hardware that supports AES acceleration. This includes virtually all X86-64 chips and most ARM64. This mode is based on AES-SIV and has been audited by Trail of Bits to ensure that it is equivalent security-wise.

Known issues that are not yet fixed in this beta:

 * Some Mac users have reported periods of 100% CPU in kernel_task and connection instability after leaving networks that have been joined for a period of time, or needing to kill ZeroTier and restart it to finish leaving a network. This doesn't appear to affect all users and we haven't diagnosed the root cause yet.
 * The service sometimes hangs on shutdown requiring a kill -9. This also does not affect all systems or users.
 * AES hardware acceleration is not yet supported on 32-bit ARM, PowerPC (32 or 64), or MIPS (32 or 64) systems. Currently supported are X86-64 and ARM64/AARCH64 with crypto extensions.
 * Some users have reported multicast/broadcast outages on networks lasting up to 30 seconds. Still investigating.

We're trying to fix all these issues before the 1.6.0 release. Stay tuned.
2020-10-08 18:10:13 -04:00
Adam Ierymenko
24769219b5 Merge branch 'dev' 2020-10-08 18:08:24 -04:00
Adam Ierymenko
da6fe18e17 Merge branch 'master' of github.com:zerotier/ZeroTierOne 2020-10-08 18:08:18 -04:00
Adam Ierymenko
a973a6e10e Leave feth devices over feth10000 alone. 2020-10-08 12:04:57 -04:00
Adam Ierymenko
5bc64c4c4e Windows build fixes and version bump in Advanced Installer. 2020-10-07 15:56:00 -07:00
Travis LaDuke
bd92990165
Update feature_request.md 2020-10-07 10:36:04 -07:00
Adam Ierymenko
e26a8be3df Be more consistent about versioning. 2020-10-07 11:55:47 -04:00
Adam Ierymenko
3ef1c8e3fa Use 1.5.0 for package version for centos. 2020-10-06 23:31:20 -04:00
Adam Ierymenko
0ab4b903f4 Cert and codesign tweaks, release notes. 2020-10-06 18:09:51 -04:00
Adam Ierymenko
b2ea5aa747 Version bump to 1.5.0 internally and 1.6.0-beta1 in packages. 2020-10-05 20:23:52 -04:00
Grant Limberg
c80843e496
Revert "remove redundant writes when changes come from Central"
This reverts commit f9396f979f.
2020-10-05 13:32:47 -07:00
Grant Limberg
f9396f979f
remove redundant writes when changes come from Central
network & member changes tagged with `"fromCentral": true` will not be rewritten to the db
2020-10-05 11:03:03 -07:00
Adam Ierymenko
610d4ff016 Remove old tap kext from normal pkg as it is too old to be notarized (signature too old, not sure if we can sign again as kexts are being deprecated). It is only used on very old MacOS versions that are rolling off support. 2020-10-02 18:42:40 -04:00
Adam Ierymenko
f16421225d Enable hardened executable mode on Mac, should be fine... 2020-10-02 18:36:24 -04:00
Adam Ierymenko
d82b3684ac Enable RV64 2020-09-30 21:17:04 -04:00
Adam Ierymenko
d7e5a92fe6 Increase debian build parallelism. 2020-09-30 17:39:15 -07:00
Adam Ierymenko
bb45f9ca3c Upgrade cpp-httplib 2020-09-30 15:21:58 -04:00
Adam Ierymenko
c7dcbba442 Add an AES benchmark to 1.6 (backport) 2020-09-29 18:34:58 -04:00
Adam Ierymenko
255dee7a5e MacOS build fixes. 2020-09-25 14:32:53 -04:00
Adam Ierymenko
c86418934c PATH_MAX is not defined on some Linux systems. 2020-09-23 22:06:22 -04:00
Adam Ierymenko
70efa5f606 Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2020-09-23 21:59:14 -04:00
Adam Ierymenko
69b2fcd5af Get rid of obsolete musl libc fix. 2020-09-23 21:58:51 -04:00
Adam Ierymenko
1f93099e1a Get rid of obsolete musl libc fix. 2020-09-23 21:58:28 -04:00
Joseph Henry
b3331c5ec2 Fix buffer overflow in windows tap driver 2020-09-23 15:31:20 -07:00
Grant Limberg
ff23d3051f
self hosted controller JSON format fix for DNS 2020-09-23 12:16:23 -07:00
Grant Limberg
7d8cfb1fee
more magic incantations to make crypto extensions work on Android/ARM64 2020-09-22 10:28:31 -07:00
Grant Limberg
8131680735
AES-NI enabled for Android ARM64 2020-09-22 08:04:16 -07:00
Grant Limberg
9e6dba9066
Enable AES-NI on Android X86-64
Need to find the magic incantation to enable it on ARM64 still
2020-09-21 18:05:25 -07:00
Grant Limberg
0f2887265c
AES-NI/NEON detection for iOS
Requires 64-bit CPU
2020-09-21 13:18:05 -07:00
Adam Ierymenko
1ff45020e2 Prefer IPv6 if all else is equal. 2020-09-18 16:27:41 -04:00
Grant Limberg
45c5abe05b add Allow DNS settings to win UI 2020-09-18 10:12:11 -07:00
Grant Limberg
e7dafb3ae6
allow DNS field for mac UI 2020-09-18 09:30:43 -07:00
Adam Ierymenko
04f6140da6 AES builds and works now on ARM64. 2020-09-16 22:47:13 +00:00
Grant Limberg
afcbc6dd9f
clean up some error output 2020-09-16 10:54:14 -07:00
Grant Limberg
4da9bed4fa
add 'dump' to cli help 2020-09-16 10:52:23 -07:00
Grant Limberg
221e4ecb12
Add "documentation" networks as IP_SCOPE_PRIVATE
https://en.wikipedia.org/wiki/Reserved_IP_addresses
2020-09-16 10:24:36 -07:00
Grant Limberg
1883a8c9ee
Set 198.18.0.0/15 to IP_SCOPE_PRIVATE 2020-09-16 10:15:42 -07:00
Grant Limberg
83d92858c1
Merge branch 'dump' into dev 2020-09-16 10:04:01 -07:00
Grant Limberg
cff3152985 windows create dump file on desktop 2020-09-16 10:03:03 -07:00
Grant Limberg
5090e95003
dump basics to stdout on other platforms 2020-09-15 16:50:55 -07:00
Grant Limberg
927aeb15f6
macos output dump to file if possible
if not, write to stdout
2020-09-15 16:50:00 -07:00
Grant Limberg
361ca1e8b4
add link to CoreServices framework 2020-09-15 16:49:19 -07:00
Adam Ierymenko
9adf656db5 Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev 2020-09-14 20:44:46 -04:00