Commit Graph

454 Commits

Author SHA1 Message Date
Adam Ierymenko
a17c760181 Fix Mac installer 2019-06-27 14:36:31 -07:00
Adam Ierymenko
54d2fa65dd Version bump, cleanup 2019-06-27 14:31:10 -07:00
Adam Ierymenko
fd74e2a583 Windows build changes for 1.2.99 (1.4.0pre) 2019-06-20 15:20:42 -07:00
Adam Ierymenko
f66fac3982 Win32 build fix 2019-06-17 13:48:42 -07:00
Adam Ierymenko
e37eb0aa54 More cleanup of old stuff no longer used. 2019-03-21 16:42:52 -07:00
Grant Limberg
52c85aa605 now with more -fPIC 2019-03-08 10:29:19 -08:00
Grant Limberg
293d2064c4 librabbitmq built with same clang version as zt 2019-03-08 10:20:53 -08:00
Grant Limberg
fcb4221f97 rabbitMQ implementation 2019-03-05 15:11:50 -08:00
Grant Limberg
de1fc43cc5 added librabbitmq library for central controller 2019-03-04 16:27:39 -08:00
Adam Ierymenko
18d1772bb4 stuff for speed and stuff (testing) 2018-12-06 12:00:49 -08:00
Adam Ierymenko
5da7d6d1ae Merge docker update PR 2018-11-28 08:43:50 -08:00
Bruno Tavares
2d21c18ebd Update ZeroTier version on Docker
This commit changes the Dockerfile ot use the multi-stage build and help
to get an automated build on Docker.

The idea of the multi-stage build is to use the already stable Debian
distribution channel to provide up-to-date versions of ZeroTier.

The benefit is that it would be possible to automate the image build,
either on Docker Hub, Travis or taking advantage of the [docker-library/official-images] infrastructure.

This changes follows the best-practices suggested by
[docker-library/official-images], such as using a High Availability GPG
keyserver, providing a default CMD, allowing "bash" on `docker run` and
others.

Given that both the builder `debian:stretch` and `alpine:latest` are
official messages and have [manifests], this means that this Dockerfile
is also multi-platform. This means that this same Dockerfile will
pick-up the correct Debian package according to the architecture of the
running system during build.

With this changes we could try to promote the image to be parte of
[docker-library/official-images], and take advantage of automated
publishing of multi-architecture images. Others would be able to use
`docker run zerotier` and download the latest version appropriate to
their system.

Related to #682

[docker-library/official-images]: https://github.com/docker-library/official-images
[manifests]: https://blog.docker.com/2017/09/docker-official-images-now-multi-platform/
2018-10-21 11:28:04 -03:00
Adam Ierymenko
2a143a7505
Merge pull request #858 from tommyang/fix/mac-uninstall-script
macOS uninstall script: remove symlinks from the actual location
2018-09-25 11:36:28 -07:00
Tommy Yang
88d879987d Remove symlinks from the actual location
Binary symlinks are in `/usr/local/bin` instead of `/usr/bin` since commit 0cf4ddd
2018-09-23 16:53:30 -07:00
Adam Ierymenko
04d7a1df96
Merge pull request #837 from skunkwerks/feature/update-ext-json
update external JSON dependency to address libc++ compatibility
2018-09-14 08:08:21 -07:00
Adam Ierymenko
b9fd50e348
Merge pull request #845 from asbjornenge/docker-updates
Using multi-stage build for Dockerfile
2018-09-14 08:07:36 -07:00
Adam Ierymenko
ef48d11266
Merge pull request #848 from darkain/master
Fix compile on FreeBSD targeting ARMv6 (Raspberry Pi)
2018-09-14 08:05:39 -07:00
Vincent Milum Jr
cffb992ae8
Adding ARM/NEON detection for non-Linux targets 2018-09-12 19:51:28 -07:00
Asbjørn Enge
701d64936d Using builder pattern to build in container while keeping final image small 2018-09-07 14:11:25 +02:00
Dave Cottlehuber
8b292d2dc7 ext: update nlohmann/json to v3.2.0
- include libc++7 compatibility for FreeBSD
- see https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=230629
2018-08-24 08:19:38 +00:00
Adam Ierymenko
553101e8b5 merge dev 2018-08-09 11:31:37 -07:00
Adam Ierymenko
dcffb042ff Windows Advanced Installer to 1.2.12 2018-07-27 13:35:20 -07:00
Adam Ierymenko
1fc14292fe Version bumps. 2018-07-25 12:09:31 -07:00
Adam Ierymenko
8199dbd0dc Merge branch 'dev' into edge 2018-05-30 11:19:12 -07:00
Adam Ierymenko
5809941ae9 Windows 1.2.10 2018-05-11 13:40:03 -07:00
Adam Ierymenko
9765ba334a 1.2.10 2018-05-08 13:07:20 -07:00
Adam Ierymenko
5f85e33510 GitHub issue #734 (warning removal) 2018-05-07 12:15:55 -07:00
Adam Ierymenko
381bbb0e5e Merge branch 'dev' into edge 2018-04-30 08:47:51 -07:00
Adam Ierymenko
0a52840fa3 1.2.8 Windows Advanced Installer update. 2018-04-27 13:52:33 -07:00
Adam Ierymenko
a7d0905b74 1.2.8 bump for all but Windows install files. 2018-04-27 13:06:00 -07:00
Adam Ierymenko
05bfafbce8 Merge branch 'master' into edge 2018-04-25 06:41:44 -07:00
Jonathon Fernyhough
e4e0be979e
Fix ed25519-amd64-asm PIC compatibility
The Hyperledger implementation (https://github.com/hyperledger/iroha-ed25519)
contains changes to the assembly code to allow PIC. This in turn fixes
compilation/linking of ZeroTier One when "full hardening" flags are used.
2018-04-21 16:18:00 +01:00
Adam Ierymenko
8900b30b6e Windows installer tweaks and version bumps. 2018-04-17 12:47:33 -07:00
Adam Ierymenko
ae4fb799e4 More versioning 2018-04-17 12:14:59 -07:00
Adam Ierymenko
2021f8cb5f Merge branch 'dev' into edge 2018-03-29 13:34:54 -07:00
Adam Ierymenko
6679a55693 certutil needs -f in case TrustedProvider store is not yet created 2018-03-27 19:15:14 -07:00
Adam Ierymenko
1101c1d919 Works on 32-bit too now. 2018-03-27 18:46:06 -07:00
Adam Ierymenko
fcb529b348 Take two on unattended driver installs. I think it works now.' 2018-03-27 17:53:28 -07:00
Adam Ierymenko
680b1ca208 Upgrade installer AIP versions and redo how we bundle the driver sub-installer to allow unattended driver installs (hopefully). 2018-03-27 14:19:45 -07:00
Adam Ierymenko
209f6d9d2d Merge branch 'dev' into edge 2018-03-19 11:18:54 -07:00
Adam Ierymenko
beb170e4fb Use X64 ASM ed25519 signatures on Linux/x64, which are about 10X faster. Will matter a lot for network controllers, not so much for other things. 2018-03-13 06:51:17 -07:00
Grant Limberg
cd801b96fa libcurl binaries for Windows 2018-02-16 10:31:37 -08:00
Adam Ierymenko
26aaf253ac Allow us to build a semi-dynamic official binary that works back to CentOS 6, at least on x64, and is very fast since we can build it with newer clang or icc. 2018-02-01 15:52:41 -08:00
Adam Ierymenko
fe1fa20c6c Fix build on Intel C/C++ Compiler for Linux. 2018-02-01 12:46:35 -08:00
Adam Ierymenko
055b99c3cb cleanup 2018-01-12 15:44:27 -08:00
Adam Ierymenko
531842dc6b Update miniupnpc to latest version (included library) 2018-01-12 15:30:40 -08:00
Adam Ierymenko
d7f3c33d72 Add zerotier-idtool to Windows. 2018-01-12 15:03:45 -08:00
Adam Ierymenko
ada611d597 Go ahead and load kext so MacOS High Sierra users will see kext auth dialog right away. 2017-12-07 08:56:15 -08:00
Adam Ierymenko
7fc9094d8e More fixes to RethinkDB. 2017-11-03 22:40:26 -04:00
Adam Ierymenko
4e88c80a22 RethinkDB native connector work, minor fixes. 2017-11-02 07:05:11 -07:00
Adam Ierymenko
1db547d607 Windows build fixes, AIP file update. 2017-10-25 16:25:57 -07:00
Grant Limberg
bcf697cc2b Wire up PortMapper in Android
Enables UPnP port mapping for Android client on networks with UPnP routers
2017-07-17 16:16:25 -07:00
Adam Ierymenko
88997a0314 Windows build fixes. 2017-07-06 16:29:11 -07:00
Adam Ierymenko
64b7d9ef82 New clustering work. 2017-06-01 07:15:46 -07:00
Adam Ierymenko
2a4a50b1da Add some also-ZeroTier-written ext/ code for use in new clustering, delete some old code, and change Mac to use -Os which is just as fast as -Ofast and may be faster due to cache effects. 2017-05-31 08:36:09 -07:00
Adam Ierymenko
a437fd420c version 2017-05-10 13:48:47 -07:00
Adam Ierymenko
6bb855873d GitHub issue #494 -- shut down and restart UI on Mac pkg install/upgrade. 2017-05-03 15:03:26 -07:00
Adam Ierymenko
9e80db0fd1 Cleanup, fix a valgrind error, stack use reduction. 2017-04-27 00:59:36 -07:00
Adam Ierymenko
9161424c97 Version bumps. 2017-04-24 11:41:01 -07:00
Adam Ierymenko
cdda0dd043 Windows version bump. 2017-04-24 11:37:54 -07:00
Adam Ierymenko
cacb8fae0d GitHub issue #463 -- fix MacOS uninstall script. 2017-04-21 13:55:44 -07:00
Adam Ierymenko
e7a2c6ecef Integrate ARM/NEON crypto. 2017-04-19 17:11:56 -07:00
Adam Ierymenko
a376bcc654 ARM NEON Salsa20/12 in build and selftest. Almost 2X speedup on a Raspberry Pi. 2017-04-19 23:49:26 +00:00
Adam Ierymenko
8e1ac9fb0c ARM NEON Salsa20/12. 2017-04-19 15:58:20 -07:00
Adam Ierymenko
aaf597f020 Cleanup, Windows fixes, Self test fix 2017-04-18 12:22:44 -07:00
Adam Ierymenko
a1e94154be Just incorporate the X64 ASM version of Salsa20/12 for X64 platforms. This gives us (for example) 1.5gb/sec encryption on a Core i5 2.8ghz. 2017-04-18 08:45:37 -07:00
Adam Ierymenko
7a94f63058 Back out NaCl since the old one with xmm6 salsa2012 does not support multi-block use and the new one is slower. 2017-04-17 17:54:12 -07:00
Adam Ierymenko
db0edf154c Use right deployment target in OSX bin. 2017-04-17 16:54:41 -07:00
Adam Ierymenko
a1cd94a61d Actually include .a 2017-04-17 16:43:36 -07:00
Adam Ierymenko
df48738ac9 Enable use of NaCl for faster X64 Salsa20 implementations. Also include binary for OSX for easy build. Blazingly fast. 2017-04-17 16:43:03 -07:00
Adam Ierymenko
645bf4a764 Resurrect zerotier-containerized. 2017-04-14 13:30:12 -07:00
Adam Ierymenko
c5c8facc2d Windows installer version bump and a build fix. 2017-03-17 20:20:47 -07:00
Adam Ierymenko
ec8e1178e5 Version bumps, and fix Debian so default is to build normally and .static files are used in our builds. 2017-03-17 19:16:34 -07:00
Adam Ierymenko
e86b1146a6 Windows version bump. 2017-03-14 21:35:41 -07:00
Adam Ierymenko
d44fb3a2f6 bump bump bump that version 2017-03-14 21:23:47 -07:00
Adam Ierymenko
533baf921f Software update cleanup, and a fix for updates on Windows. 2017-03-14 14:40:17 -07:00
Adam Ierymenko
d377ef01af Windows build process updates, and repackage everything using new EV certificate and SHA256. 2017-03-07 18:25:06 -08:00
Adam Ierymenko
a97918f812 Windows build fixes. 2017-03-07 13:57:31 -08:00
Adam Ierymenko
b88f573733 tap-windows-ndis5 is definitely dead 2017-01-27 07:29:42 -08:00
Adam Ierymenko
f1ed57c62d Update nlohmann/json (header only lib). 2017-01-20 10:09:47 -08:00
Adam Ierymenko
56e5b34934 Bump bundled miniupnpc to 20161216 2017-01-19 15:52:39 -08:00
Adam Ierymenko
0995c1dcaa Encapsulate LZ4 in Packet.cpp to eliminate dependency. 2017-01-19 15:16:04 -08:00
Adam Ierymenko
7612bf3302 Fix LZ4 warning. 2017-01-19 14:54:39 -08:00
Adam Ierymenko
ba158d8dc6 Include LZ4 README and LICENSE. 2017-01-19 14:48:40 -08:00
Adam Ierymenko
a90f2249e8 Upgrade LZ4. 2017-01-19 14:48:01 -08:00
Adam Ierymenko
d150f9b2bd Windows update build in Advanced Installer, and warning removal. 2017-01-13 15:19:59 -08:00
Adam Ierymenko
0e4d3244b2 "make official" for Mac now builds update image as well as pkg (update image is just PKG + SFX script) 2017-01-13 13:09:42 -08:00
Adam Ierymenko
87e3b5f076 Mac updater SFX code. 2017-01-13 12:42:49 -08:00
Adam Ierymenko
9a2b766aad Windows installer updates. 2016-12-23 15:57:21 -08:00
Adam Ierymenko
24017659df Update installer, etc., for Mac. 2016-12-23 15:25:04 -08:00
Adam Ierymenko
5ec8465374 Remove dead Mac stuff. 2016-12-23 14:38:36 -08:00
Adam Ierymenko
9892f7bb47 Upgrade nlohmann::json 2016-11-22 11:06:58 -08:00
Adam Ierymenko
8e3463d47a Add length limit to TEE and REDIRECT, and completely factor out old C json-parser to eliminate a dependency. 2016-08-24 13:37:57 -07:00
Adam Ierymenko
b08ca49580 More controller work -- it builds! 2016-08-16 14:05:17 -07:00
Adam Ierymenko
c30f74987f Starting refactor of controller... 2016-08-12 11:30:27 -07:00
Adam Ierymenko
dd21c8a577 Rev nlohmann/json 2016-08-10 17:27:46 -07:00
Adam Ierymenko
6f15c4a561 1.1.14 Windows version stuff 2016-07-21 20:45:05 -07:00
Adam Ierymenko
ebe7e15475 sys/sysctl.h is required on OSX and probably other BSD 2016-07-21 19:21:51 -07:00
Adam Ierymenko
dced40361b Bump version in most places to 1.1.14 2016-07-21 19:15:03 -07:00
Adam Ierymenko
faf864b8a2 Merge branch 'master' into dev 2016-07-21 19:07:50 -07:00
Adam Ierymenko
095aef5f30 Merge pull request #348 from the-maldridge/remove-sysctl
Remove explicit sys/sysctl.h includes
2016-07-21 15:16:22 -07:00
Adam Ierymenko
a5400e0162 Windows installer now installs a batch file and Path variable settings to make zerotier-cli work in the Windows CLI (1.1.12 MSI updated on web for this too) and a Chocolatey packaging job for ZeroTier One. 2016-07-14 17:09:40 -07:00
Adam Ierymenko
1a285e5342 Version bump again. Slack has updated their client twice in one day so its okay. 2016-07-12 15:03:06 -07:00
Adam Ierymenko
34e7c8652a Version bumps. 2016-07-12 12:30:35 -07:00
Adam Ierymenko
aff62e9e10 Version bump in Mac pkg. 2016-07-08 14:28:34 -07:00
Michael Aldridge
1a89694980 Remove explicit sys/sysctl.h includes
Explicitly including sys/sysctl.h breaks the ability to build
against muslc.
2016-07-06 02:38:23 -05:00
Adam Ierymenko
c03ca3c278 VERSION 1.1.6: route management, default route override, new IPv6 mode for Docker, and more!
Version 1.1.6 contains several significant improvements for use in complex network
environments along with some minor bug fixes and improvements to path stability and
dead path detection.

ROUTE MANAGEMENT AND FULL TUNNEL SUPPORT

1.1.6 is the first version of ZeroTier One to permit "full tunnel" (default route
override) operation on Linux, Mac, and Windows. This allows all Internet traffic
to be tunneled through ZeroTier while allowing ZeroTier peer-to-peer traffic to
continue to use the physical interface. 1.1.6 also brings route management support
and permissions settings for local networks to control whether networks are allowed
to modify the routing table or override default routing.

This is currently considered a beta/experimental feature and must be enabled via
the command line interface.

Route management and default route override requires support at the network controller.
When my.zerotier.com is updated and ready, we will post more information and testing
instructions at: https://www.zerotier.com/community

HIGHLY SCALABLE CONTAINER NETWORKING

1.1.6 also brings a new multicast-free (NDP emulated) IPv6 private addressing scheme
called "6plane." 6plane provides each host with a private IPv6 /80 and routes *all*
IPv6 traffic for this subnet to the host via transparent NDP emulation. This /80 can
then be assigned to Docker or other container/VM managers to assign a network-wide
IPv6 /128 to every container. Since NDP is emulated and multicast isn't needed, this
system can scale to millions of containers or more on a single backplane network with
a high degree of efficiency and reliability.

6plane also requires controller support. Look for it at my.zerotier.com once we have
upgraded our core infrastructure and web UIs.

(All hosts must be running 1.1.6 for 6plane to work properly. Other IPv6 addresses
or addressing modes are not affected and normal IPv6 NDP will continue to work
alongside 6plane in the same network.)

OTHER CHANGES

 * Upgraded bundled miniupnpc, libnatpmp, and http-parser.
 * New Debian and RPM packaging that is closer to compliance with distribution
   guidelines, and a new Dockerized Linux package build system in linux-build-farm/
   that can build every package on actual images of the correct distribution.
 * Improvements to dead path detection.
 * IPv6 now uses keepalive because a significant number of stateful IPv6 edge
   routers have very short timeouts (30 seconds or less!).
 * Significant performance improvements to network controllers under high load.
 * Enable -fstack-protector-strong for better stack canary (security) support
   in binaries. Note that this may require newer gcc/g++ or clang.

COMING SOON

The next version of ZeroTier One should have a new Mac UI. It's a system tray app
that looks and behaves a lot like the Mac WiFi pulldown menu. We'll also be adding
GUI support for default route and route management options and other new features.

Shortly after that we plan on adding full OpenFlow-like SDN rules engine support
to the ZeroTier core, making our planetary Ethernet switch a fully manageable smart
switch and enabling sophisticated security and flow rule management.
2016-06-29 15:53:46 -07:00
Adam Ierymenko
c862f199e3 Windows: ship it! 2016-06-29 13:22:04 -07:00
Adam Ierymenko
df00d3b046 Going to have to continue to use the old MAC web-container-based UI on Macs prior to 10.10 even when the new UI comes out, and the new UI is not ready yet anyway, so resurrect this. 2016-06-29 12:00:16 -07:00
Adam Ierymenko
928c625e2c docs 2016-06-29 09:45:02 -07:00
Adam Ierymenko
af0a205594 Build and spec file updates for CentOS6 2016-06-25 14:04:08 -07:00
Adam Ierymenko
0ad6b4105a Outline of new CLI with ability to control controllers/central as well as service. 2016-06-22 17:54:07 -07:00
Adam Ierymenko
bc3d7d11fe Remove netcon from dev branch. This is moving to its own new ZeroTierSDK repo for future release under the SDK name. 2016-06-16 14:50:08 -07:00
Adam Ierymenko
cafa41ba4d RedHat stuff and cleanup. 2016-06-08 14:46:42 -07:00
Adam Ierymenko
abd7071eaa systemd stuff for debian 2016-06-08 13:19:08 -07:00
Adam Ierymenko
4da9d4e53a Fix build against Debian version of libhttp-parser -- its old but it will work. 2016-06-08 12:49:07 -07:00
Adam Ierymenko
4342b71d7a Upgrade miniupnpc to 2.0 2016-06-02 17:04:15 -07:00
Adam Ierymenko
506c74270c Stash old Linux binary installer stuff in attic. This is going away. 2016-06-02 15:20:43 -07:00
Adam Ierymenko
65b7893a8a add full docs to ext/json-parser (no upgrade available) 2016-06-01 18:51:22 -07:00
Adam Ierymenko
597dee40fd upgrade ext/http-parser 2016-06-01 18:49:36 -07:00
Adam Ierymenko
25c3d3a452 cleanup 2016-05-11 13:24:55 -07:00
Adam Ierymenko
a27d8b2910 Windows cleanup. 2016-03-02 19:20:04 -08:00
Adam Ierymenko
b6f6ed35fc More Windows tweaks and a compile fix. 2016-03-02 19:06:29 -08:00
Adam Ierymenko
0aae86be2e Merge branch 'dev' of https://github.com/krisek/ZeroTierOne into dev 2016-03-01 12:29:29 -08:00
Adam Ierymenko
d9fa07399e Fix GitHub issue #311 2016-03-01 09:49:33 -08:00
Kristof Imre Szabo
6d1dc47368 Typo fix. 2016-02-28 17:06:46 +01:00
Kristof Imre Szabo
f8d05eb625 Spec description rephrased. 2016-02-28 17:05:43 +01:00
Kristof Imre Szabo
45c233c0e7 Formatting change 2016-02-28 00:04:18 +01:00
Kristof Imre Szabo
b836228465 Formatting change 2016-02-28 00:02:48 +01:00
Kristof Imre Szabo
8118630861 Formatting change 2016-02-28 00:00:55 +01:00
Kristof Imre Szabo
bf3e31ece7 Initial commit of the standard zerotier RPM specification 2016-02-27 23:55:14 +01:00
Adam Ierymenko
f217ce7ff7 Upgrade http-parser. 2016-02-25 18:13:42 -08:00
Adam Ierymenko
039790cf26 Upgrade LZ4 to hopefully fix wacky sporadic crash when built with g++ 5.3.1 on Debian/testing. 2016-02-25 15:39:15 -08:00
Adam Ierymenko
e5f82f5457 cleanup 2016-02-25 10:08:30 -08:00
Adam Ierymenko
a5e4e3fcac Remove ui/ on Linux uninstall. 2016-02-24 17:24:36 -08:00
Adam Ierymenko
3fe60615df Make installers silent when run inside packages. 2016-02-24 15:23:49 -08:00
Joseph Henry
c3e2cb9b8e Modified PCB/state management logic 2016-01-13 12:19:48 -08:00
Joseph Henry
3e65ecb93d Stateless RPC rework 2016-01-11 10:12:59 -08:00
Adam Ierymenko
61becbb7e5 . 2015-12-21 16:56:11 -08:00
Adam Ierymenko
24cc0904fa 1.1.2 Windows build fixes, tweaks, etc. 2015-12-21 13:14:48 -08:00
Adam Ierymenko
823c9979c0 Erase more debug junk. 2015-12-17 11:45:55 -08:00
Adam Ierymenko
ac8918992b Merge dev. 2015-12-04 12:45:21 -08:00
Adam Ierymenko
a4cfe4cd16 Fix Linux init script to properly specify runlevels. 2015-12-01 10:19:10 -08:00
Adam Ierymenko
be44b15eac Fix for GitHub issue #252 2015-11-30 16:15:23 -08:00
Adam Ierymenko
d73edfea56 GitHub issue #257 2015-11-30 16:12:03 -08:00
Adam Ierymenko
6768521330 Ton of uPnP work and adding NAT-PMP support, still testing... 2015-11-30 13:10:22 -08:00
Adam Ierymenko
7e28161638 Merge dev 2015-11-30 15:17:31 -08:00
Adam Ierymenko
d8d4cfbf01 Eliminate a few warnings and some small code reorg. 2015-11-23 12:43:42 -08:00
Adam Ierymenko
a18336fa18 MERGE current "dev" into "netcon" -- should not affect netcon itself but will retest -- brings ZeroTier core up to 1.1.0 2015-11-23 10:46:52 -08:00
Adam Ierymenko
6f16f44438 VERSION 1.1.0: Win/Mac UI improvements, improved NAT-t, CIRCUIT_TEST, and more!
ZeroTier 1.1.0 introduces a number of fixes and improvements in several areas.
We incremented the secondary version to indicate the significance of this release.

Version numbering has been a bit ad-hoc in the past. In future versions we will
adopt the following scheme: odd-numbered revision numbers like 1.1.1 will indicate
development versions, while even numbered ones like 1.1.2 will indicate tagged
releases. The public git repo branching has also been revised: master will always
be the latest tagged release, dev will be usually-working development, and edge
will host maybe-broken "bleeding edge" development. Pull requests on GitHub should
generally be made against dev, not master or edge. Other branches that may appear
from time to time may be feature or experimental branches. Only master is confirmed
good, with dev usually being okay but not guaranteed to be such. (To the extent
that any software is ever guaranteed to be anything.)

Change summary:

User-facing changes and improvements:

 - Windows now has a new .NET-based native UI, which replaces the old WebControl
   wrapper around the React UI. This just didn't work well on older Windows systems,
   and we did not want to bundle 40+ megabytes of web browser with our app just for
   its very simple UI.
 - The web UI (still used for Mac and usable in Linux as well) is updated with
   improved look and simplifications.
 - Both UIs no longer have the "Peers" tab, since several users reported that non-
   technical users found this confusing and even alarming (does this mean people
   can access my system?). This information is visibile with "listpeers" from the
   command line (zerotier-cli).

New features:

 - Virtual networks that use our RFC4193-based IPv6 numbering scheme now emulate
   IPv6 NDP for queries that target these addresses within the same network. This
   allows for faster multicast-free connection init and improved security since
   the address is now hard-wired to the device ID (which is a crypto token). This
   does not affect IPv6 NDP for other IPv6 addresses or link-local, which will
   continue to work normally. This also opens the potential for a reduced footprint
   multicast-free build for embedded applications.
 - This version includes beta support for a feature called CIRCUIT_TEST. Network
   controllers for networks you have joined can now send a special message called
   CIRCUIT_TEST which allows for ZeroTier-layer link testing and remote diagnosis
   of link issues. Any operator of a network controller can do this; more
   documentation will be forthcoming. The only information that may be gathered
   in this way is IP addressing info and very basic system info (OS, 32/64 bit,
   ZeroTier version). No personal information, hard drive data, location, or other
   private info is available. This can only be ordered by a controller of a network
   you have joined and is secured using cryptographic signatures.
 - This version includes an alpha version of clustering a.k.a. multi-homing! This
   powerful feature allows for a single ZeroTier device to be run from multiple
   endpoints, with connecting peers being handed off to endpoints that are closer
   via GeoIP lookup and/or are more lightly loaded. Currently this is only suitable
   for use in our soon-to-be-upgraded root server infrastructure (details will be
   blogged soon), but in the future it will be capable of hosting multi-homed
   devices on user networks. This will allow things like (for example) a geo-
   clustered Cassandra server that appears behind a single IP on a virtual LAN.
   This feature must be enabled with the ZT_ENABLE_CLUSTER=1 build option.

Bug fixes and other improvements (including performance!):

 - A faster version of the Poly1305 cryptographic MAC function was substituted
   for sometimes greatly improved performance.
 - C++ STL std::map was replaced throughout the entire core with a hand-rolled
   Hashtable implementation for improved performance and in some cases a reduced
   memory footprint. Some maps are still used in peripheral code that is not
   performance critical or where ordered keys are needed.
 - The zerotier-cli and zerotier-idtool symbolic links are now created in
   /usr/local/bin on OSX to comply with El Capitan file security restrictions.
 - The OSX tap device driver has been updated. This update may fix issues that
   some users have reported with bridging on OSX. This new tap device driver
   drops 32-bit support, but if you have a 32-bit system you can manually install
   the old driver from ext/bin/tap-mac.
 - Mac users could experience a problem with the UI if they installed ZeroTier,
   then uninstalled it, then installed again. This is now fixed.
 - UPnP port mappings should work better on some routers, and a different local
   port is now used for UPnP mapped traffic vs. NAT-t'd traffic to get around
   a bug in several popular mid-tier routers where using UPnP mapping alongside
   traditional NAT traversal made a port unreachable.
 - Debian package now builds with the right arch label on armv7l systems (Pi 2)
 - The old "root topology" has been replaced with a similar but better thought
   out concept called a World. The World defines the root servers and possibly
   in the future other things, and can be updated in-band from trusted peers
   allowing for software-upgrade-free network upgrades to keep up with growing
   demand. See node/World.hpp for details.
 - A fix was made to "self-awareness," which keeps track of your external IP
   info and adapts to changes, to eliminate a problem that could cause "link
   thrashing" behind some symmetric NATs.
 - Escalating UDP TTLs was re-introduced to better transit some port-restricted
   cone NATs such as Linux IP MASQ (used for Docker).
 - An otherwise harmless crash-on-exit bug in the network controller was fixed.
 - All new direct links are now confirmed in both directions. This adds a very
   small amount of initial HELLO/OK traffic but fixes some edge cases where an
   incomplete or unidirectional path might be used.
 - [SECURITY] Better rate limiting was put in place for VERB_PUSH_DIRECT_PATHS
   to prevent potential abuse for amplification attacks.
 - [SECURITY] Build flags were tweaked on OSX to ensure that all code including
   dependency libraries are built with full stack canary protection and ASLR
   support.

Visit https://www.zerotier.com/blog or follow @ZeroTier on Twitter for updates
and announcements!
2015-11-17 12:18:45 -08:00