Adam Ierymenko
b03c7b2f30
Refactor controller to use split-out DB for better performance and less ugly.
2016-11-04 15:18:31 -07:00
Grant Limberg
965399ba0c
fix a few warnings
2016-10-31 15:16:42 -07:00
Michał Zieliński
344a25c133
Run as nonroot user on Linux (with CAP_NET_ADMIN and CAP_NET_RAW added).
...
- ZT will only drop root privileges if zerotier-one user exists. It is created by
Debian postinst script - in other cases the user has to be created by administrator.
- Linux >=4.3 with ambient capabilities is required, otherwise ZT will silently
- "-U" option now also disables privileges dropping
2016-10-16 13:53:44 +02:00
Grant Limberg
e59ed3e68f
Fix size of neighbor solicitation struct
2016-10-07 10:03:07 -07:00
Grant Limberg
69c5976775
fix typo in assert size
2016-10-04 17:35:52 -07:00
Adam Ierymenko
6651b8310e
Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev
2016-09-30 13:47:40 -07:00
Adam Ierymenko
0843ed62fa
Network delete fix.
2016-09-30 13:47:30 -07:00
Grant Limberg
d817039f79
Add IPv6 Neighbor Discovery code. Not yet tested.
2016-09-30 13:18:17 -07:00
Adam Ierymenko
2fc3d12fb6
Minor tweaks to member code in controller, and fix Linux build.
2016-09-29 14:48:39 -07:00
Adam Ierymenko
24fce0be86
No, definitely have to back out GitHub issue #385 (non-bisected routes) since this breaks IPv6 on OSX and probably IPv4 too if you were to encounter a 6-only situation.
2016-09-14 22:23:56 -07:00
Adam Ierymenko
8d0b2b781e
Route management bug fixes.
2016-09-13 16:25:48 -07:00
Adam Ierymenko
5b6d27e659
Implement relay policy, and setting multicast limit to 0 now disables multicast on the network as would be expected.
2016-09-13 14:27:18 -07:00
Adam Ierymenko
ced8dfc639
Try a version of GitHub issue #385 (non-bifurcated default if not present) on Mac. This version adds the bifurcated routes always but also adds a device-specific non-bifurcated route. Will have to see if this still interferes with OSX route settings, since by definition device specific routes should not conflict with general routes.
2016-09-13 11:07:59 -07:00
Adam Ierymenko
34b146f28b
Back out of GitHub issue #385 for now and maybe for this release. Would be nice but it is non-critical and rules are the priority. Current implementation bangs heads with OSX route assignment on WiFi join, etc.
2016-09-12 14:56:18 -07:00
Adam Ierymenko
fb46a546db
Just always do route bifurcation on Linux for now... basically the old behavior.
2016-09-09 12:53:44 -07:00
Adam Ierymenko
d23ade879b
Do not bifurcate if not replacing an existing route. (Still need to tie up Linux and Windows.)
2016-09-08 15:42:46 -07:00
Adam Ierymenko
b08ca49580
More controller work -- it builds!
2016-08-16 14:05:17 -07:00
Adam Ierymenko
22e44c762b
More rules engine work: key/value pair matching for microsegmentation.
2016-07-28 10:58:10 -07:00
Adam Ierymenko
830250759c
Fix for running under MUSL libc (e.g. Alpine Linux)
2016-07-26 16:39:02 -07:00
Adam Ierymenko
13100b245c
Fix for running under MUSL libc (e.g. Alpine Linux)
2016-07-26 16:36:20 -07:00
Adam Ierymenko
ebe7e15475
sys/sysctl.h is required on OSX and probably other BSD
2016-07-21 19:21:51 -07:00
Adam Ierymenko
095aef5f30
Merge pull request #348 from the-maldridge/remove-sysctl
...
Remove explicit sys/sysctl.h includes
2016-07-21 15:16:22 -07:00
Adam Ierymenko
23391ff9da
More OSX IPv6 fixes.
2016-07-12 09:22:04 -07:00
Adam Ierymenko
3f2b21ce71
Do not shadow our own route twice on Mac if there is no default route. (Fix for issue found during IPv6 default route override testing.)
2016-07-12 08:55:57 -07:00
Adam Ierymenko
912ee199ed
Tiny fixes to LinuxEthernetTap
2016-07-07 16:10:36 -07:00
Michael Aldridge
1a89694980
Remove explicit sys/sysctl.h includes
...
Explicitly including sys/sysctl.h breaks the ability to build
against muslc.
2016-07-06 02:38:23 -05:00
Adam Ierymenko
32d9850263
More new CLI work.
2016-06-23 12:37:15 -07:00
Adam Ierymenko
e2ca239be0
Comment cleanup.
2016-06-21 14:38:15 -07:00
Adam Ierymenko
4f237687ce
Route management now works on Windows, including default route override! 1.1.6 very close!
2016-06-21 13:54:03 -07:00
Adam Ierymenko
82473c85e0
Default route override and route management in general now works in Linux.
2016-06-21 12:32:58 -07:00
Adam Ierymenko
51ced0cf41
GitHub issue #338
2016-06-21 09:41:55 -07:00
Adam Ierymenko
6c4a444f29
GitHub issue #339
2016-06-21 09:40:53 -07:00
Adam Ierymenko
b2d048aa0e
Make Dictionary templatable so it can be used where we want a higher capacity.
2016-06-21 07:32:58 -07:00
Adam Ierymenko
3ee15e65aa
Tying up default route and route mgmt loose ends. It now periodically updates shadow routes so hopefully your link will stay up as you move around.
2016-06-17 13:14:48 -07:00
Adam Ierymenko
1bf1c38b30
Default route population works on Mac!
2016-06-16 18:23:33 -07:00
Adam Ierymenko
37afa876a7
Linux bug fixes, small controller fix.
2016-06-17 00:21:58 +00:00
Adam Ierymenko
2113c21fdc
devicemap now works again in OSXEthernetTap
2016-06-16 14:09:09 -07:00
Adam Ierymenko
f41ea24e97
Build fixes.
2016-06-16 00:11:46 +00:00
Adam Ierymenko
3c655a4b84
Default route ready to test on Mac.
2016-06-15 15:46:57 -07:00
Adam Ierymenko
b90e66f7c7
ManagedRoute, which applies C++ RAII to injected routes. Move RoutingTable to attic.
2016-06-15 15:02:40 -07:00
Adam Ierymenko
4446dbde5e
Big refactor in service code to prep for plumbing through route management.
2016-06-14 10:09:26 -07:00
Adam Ierymenko
536feb632c
Support yet another old version of http-parser for CentOS/EPEL.
2016-06-08 15:09:09 -07:00
Adam Ierymenko
7e68791bee
Fix include for system json-parser.
2016-06-08 12:57:22 -07:00
Adam Ierymenko
4da9d4e53a
Fix build against Debian version of libhttp-parser -- its old but it will work.
2016-06-08 12:49:07 -07:00
Adam Ierymenko
0ca764968a
Remove warnings, more Debian stuff, remove obsolete ui/ stuff.
2016-06-08 11:21:01 -07:00
Adam Ierymenko
c278f05181
RoutingTable build fixes.
2016-04-06 17:29:38 -07:00
Adam Ierymenko
61a9c27af0
Consolidate routing table code.
2016-04-06 17:14:05 -07:00
Adam Ierymenko
e9b2613d5f
Put routing table code back in osdep/
2016-04-06 16:57:37 -07:00
Adam Ierymenko
24469a7f43
.
2016-04-06 16:47:11 -07:00
Adam Ierymenko
504738b183
Binder for Windows, and use Binder to get local interface addresses to advertise.
2016-04-05 15:53:19 -07:00
Adam Ierymenko
32cd2a02c9
OneService now binds all ports to specific local interfaces instead of wildcard and rebinds on changes. (default route)
2016-04-05 15:44:08 -07:00
Adam Ierymenko
4a109658ab
More refactoring and prep for explicit interface bindings (for default route support).
2016-04-05 11:59:46 -07:00
Adam Ierymenko
d8b89b0c86
Fix Cluster to send from a designated endpoint address instead of wildcard.
2016-04-05 10:47:13 -07:00
Adam Ierymenko
e0ad854d19
Beginning of local binding manager for default gateway support.
2016-04-04 18:46:41 -07:00
Adam Ierymenko
b6f6ed35fc
More Windows tweaks and a compile fix.
2016-03-02 19:06:29 -08:00
Adam Ierymenko
d3cb063d13
Tweaks to WindowsEthernetTap to attempt to address GitHub issue #308 and/or GitHub issue #277 -- we can't reproduce yet but I found one area where a spin was possible under certain failure conditions. Maybe.
2016-03-02 18:37:24 -08:00
Adam Ierymenko
7526ed705c
Check for /dev/tun as well as /dev/net/tun since some Linux devices put it there.
2016-01-21 16:01:24 -08:00
Joseph Henry
bcaf42e075
Transfer speed increate + stability fixes
2016-01-20 13:38:14 -08:00
Joseph Henry
1783867f96
Print path for user. Removed unused stub Phy methods
2016-01-17 15:13:32 -08:00
Joseph Henry
f52a82d9f2
Updated RX buffer code
2016-01-14 13:23:01 -08:00
Adam Ierymenko
7991a7c50a
Merge branch 'dev' into edge
2016-01-12 14:05:40 -08:00
Adam Ierymenko
4e4fd51117
boring doc stuff
2016-01-12 14:04:55 -08:00
Joseph Henry
3e65ecb93d
Stateless RPC rework
2016-01-11 10:12:59 -08:00
Adam Ierymenko
436c1fac1d
Selectively move over changes from "edge" to "dev" excluding netcon.
2015-12-21 16:15:39 -08:00
Adam Ierymenko
24cc0904fa
1.1.2 Windows build fixes, tweaks, etc.
2015-12-21 13:14:48 -08:00
Adam Ierymenko
e506fda3e4
Only set SO_NO_CHECK on IPv4 UDP sockets for now due to broken V6 stacks that drop zero checksum UDP packets.
2015-12-09 15:02:42 -08:00
Adam Ierymenko
ac8918992b
Merge dev.
2015-12-04 12:45:21 -08:00
Adam Ierymenko
c21882da9c
Put selftest back and turn off tracing in PortMapper.
2015-11-30 16:07:02 -08:00
Adam Ierymenko
f260250580
Simplify IP assignment logic in OSXEthernetTap, also fix for GitHub issue #249
2015-11-30 15:39:34 -08:00
Adam Ierymenko
d862d2868c
... and here.
2015-11-30 14:57:28 -08:00
Adam Ierymenko
1e213b4d4c
Need to close on premature abort too or resources are leaked.
2015-11-30 14:56:36 -08:00
Adam Ierymenko
3d66492828
Also add a timeout for the actual NAT-PMP port mapping step.
2015-11-30 14:17:58 -08:00
Adam Ierymenko
838fdf4d11
ifdef naming fix.
2015-11-30 13:32:30 -08:00
Adam Ierymenko
685c5e9ad1
Fix for uPnP
2015-11-30 13:25:34 -08:00
Adam Ierymenko
66a29a00ee
Merge miniupnpc/libnatpmp build into main build by just adding flags, defs, and objs.
2015-11-30 13:17:43 -08:00
Adam Ierymenko
6768521330
Ton of uPnP work and adding NAT-PMP support, still testing...
2015-11-30 13:10:22 -08:00
Adam Ierymenko
75637f68b3
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev
2015-11-24 14:11:31 -08:00
Adrian Frühwirth
038476c412
Fix for GitHub issue #253 .
...
Make 'ip' detection more robust (some distros don't ship the binary in /sbin or /usr/sbin).
Add error handling for cases where an ip add/remove fails.
2015-11-24 22:56:02 +01:00
Adam Ierymenko
7e28161638
Merge dev
2015-11-30 15:17:31 -08:00
Adam Ierymenko
a18336fa18
MERGE current "dev" into "netcon" -- should not affect netcon itself but will retest -- brings ZeroTier core up to 1.1.0
2015-11-23 10:46:52 -08:00
Grant Limberg
764dd1c3d9
ARP packets do need the source IP address in them, as well as the MAC address.
...
Packets wouldn't even show up in WireShark without the source IP in it.
2015-11-21 19:14:59 -08:00
Grant Limberg
ac09c3569a
ARP packet lengths are 28 bytes. This condition required the packet to be 29 or more bytes.
2015-11-21 19:14:06 -08:00
Adam Ierymenko
0f5fb48a0b
Turns out it wasn't hard to add miniupnpc to the VS2012 project and just have it build with the rest of the code.
2015-11-16 19:04:04 -08:00
Adam Ierymenko
0d9f33dc4f
Fix: (1) Windows stack overflow due to buffer too large in peer deserialize, (2) clean up some other stuff seen during debugging and reduce the sizes of some buffers due to Windows small stack size, (3) remove a redundant try/catch.
2015-11-13 12:14:28 -08:00
Adam Ierymenko
a13ba7102a
GitHub issue #242 -- crappy uPnP protocol demands infinite lease time or else
2015-11-10 17:45:05 -08:00
Adam Ierymenko
2cc50bdb10
Try bringing back TTL escalation -- may help with Docker (IP-MASQ) type NAT
2015-11-09 15:44:13 -08:00
Adam Ierymenko
7903f24a8f
Create periodic backup copies of controller.db in network controller from the main process itself to facilitate easier and safer backups of controller.db.
2015-11-03 15:52:10 -08:00
Joseph Henry
bb912cff30
More appropriate phyOnUnixClose handling
2015-11-02 12:50:32 -08:00
Joseph Henry
6338a4933b
Fixed another closure bug. Updated debug levels
2015-11-02 12:30:18 -08:00
Joseph Henry
96eb0ce492
Added state dump, fixed numerous RPC related bugs
2015-10-29 17:57:59 -07:00
Adam Ierymenko
40e0a34a5c
Add set buffer sizes code to Phy<>
2015-10-27 13:04:08 -07:00
Adam Ierymenko
7295fcfa86
Merge Phy<> from netcon.
2015-10-27 12:50:23 -07:00
Adam Ierymenko
7711eba297
More cluster wiring...
2015-10-22 16:02:01 -07:00
Joseph Henry
557c0c29b0
minor changes
2015-09-23 19:45:44 -04:00
Adam Ierymenko
69f006f641
.
2015-09-22 16:02:02 -07:00
Adam Ierymenko
ff7ac0487b
.
2015-09-22 15:16:38 -07:00
Adam Ierymenko
6ce64c2557
Phy<> loses socketpair, gains raw FD monitoring.
2015-09-22 15:11:32 -07:00
Joseph Henry
3ed5edb295
fixed fd-transfer logic bug, needs new write-queue logic
2015-09-22 17:43:20 -04:00
Joseph Henry
8ea83c9548
netif code hooked up
2015-09-15 14:15:59 -04:00
Adam Ierymenko
c1a53a2653
ARP cache and responder agent code for use in netcon and iOS.
2015-09-11 11:45:04 -07:00
Adam Ierymenko
cd3d77987c
.
2015-09-10 15:52:24 -07:00
Adam Ierymenko
9a723be263
Add socketpair support to Phy.
2015-09-10 13:18:57 -07:00
Adam Ierymenko
4838cbc350
Unix domain sockets in Phy<>
2015-09-02 14:32:01 -07:00
Adam Ierymenko
b75bdedaee
Manually set DeviceInstanceID since this registry key is missing on Windows Vista and Server 2008.
2015-08-13 15:52:54 -07:00
Adam Ierymenko
620562f7cf
Because Windows, because Windows. Now it upgrades correctly from 1.0.1, including automatic driver update from NDIS5 to NDIS6. Also a bit more robust on creating new ports, just in case.
2015-07-30 17:00:57 -07:00
Adam Ierymenko
922d9657b9
Save enumeration of statically assigned IPs so they will always be reassigned on device "power cycle."
2015-07-30 14:10:32 -07:00
Adam Ierymenko
1e3d5c4d87
Suppress icacls output on lockDownFile().
2015-07-30 12:05:56 -07:00
Adam Ierymenko
6f46f0e0e1
Because Windows.
2015-07-30 11:57:48 -07:00
Adam Ierymenko
8169b35482
Kill the devcon.exe dependency by dynamically loading cfgmgr32, newdev, and setupapi and using these functions directly.
2015-07-30 11:31:38 -07:00
Adam Ierymenko
14264c2d6f
Add miniupnpc builds for Windows, fix some Windows build warnings.
2015-07-28 16:50:18 -07:00
Adam Ierymenko
fe6d5b1402
UPNP/NAT-PMP support with libminiupnpc (if built with it) -- GitHub issue #64
2015-07-28 14:32:02 -07:00
Adam Ierymenko
40d5c79b62
Enable SO_NO_CHECK if available to skip UDP checksum on packet send for slight performance improvement. We do our own cryptographically secure authentication so UDP checksum is worthless.
2015-07-28 10:29:25 -07:00
Adam Ierymenko
7a15d8a7e3
Fix leaving of networks to actually call Network::destroy().
2015-07-24 14:50:44 -07:00
Adam Ierymenko
56285ec0d4
Another attempt at a fix for all the Windows driver coma issues.
2015-07-06 17:58:04 -07:00
Adam Ierymenko
494681a482
This might be a final fix for GitHub issue #173 and possibly others: ACTIVELY detect borked port status on Windows and if any "cable unplugged" or other wacky states are detected whack the adapter (close and reopen). Tested adding a whole bunch of windows networks, removing, adding more, etc. and it seems to work very well!
2015-06-12 16:02:04 +02:00
Adam Ierymenko
00aa115898
Allow double-close just in case in Phy<>
2015-06-09 16:30:44 +02:00
Adam Ierymenko
17ca5be4c1
Rework Phy<> to clean up _socks entries only in poll() to fix instability in proxy.
2015-06-09 16:27:11 +02:00
Adam Ierymenko
ab720a6f1e
Fix for poll() in Phy<> with no sockets open. Only affects tcp-proxy.
2015-06-05 13:48:33 -07:00
Adam Ierymenko
0f7dcb3ef2
Add some proxy debugging, and auto-resolve and periodically re-resolve TCP fallback tunnel hostname.
2015-05-21 15:22:41 -07:00
Adam Ierymenko
61021fc778
BackgroundResolver test.
2015-05-21 14:11:44 -07:00
Adam Ierymenko
2ad69237cf
Background resolver.
2015-05-21 13:44:33 -07:00
Adam Ierymenko
6fc090eb00
Don't actually "power cycle" the interface except on startup. Doing that after we're running could lose IP configuration.
2015-05-20 14:21:14 -07:00
Adam Ierymenko
dd70188643
Make tap driver even more defensive... seems to maybe fix the new network problem. Have to test a bit more.
2015-05-19 18:40:34 -07:00
Adam Ierymenko
c7eb5f0c81
Windows build warning removal, be more defensive in Windows tap driver code, and clean up service start/stop in installer.
2015-05-19 18:13:20 -07:00
Adam Ierymenko
0e87002d78
BSDEthernetTap build fixes.
2015-05-17 18:31:41 -07:00
Adam Ierymenko
ddaf3ef347
Bring BSDEthernetTap into the current century.
2015-05-17 18:28:04 -07:00
Adam Ierymenko
241f308334
Fix to tap reset code in Windows tap connector.
2015-05-08 16:49:08 -07:00
Adam Ierymenko
e744580b89
Fix a bunch of Windows tap issues. Turns out NDIS6 allowed us to ditch some NDIS5 cruft, but I did have to add one hack specific to that one instead. Seems reliable now.
2015-05-08 16:31:50 -07:00
Adam Ierymenko
a40192a40b
Scratch that wrapper... it was easy to make, but it turns out WebControl is IE4 (!!!?!). Also prefer NDIS5 to NDIS6 *if* NDIS5 is installed. We will no longer ship it, but this will make older installs use the same driver they are already using. Should ease upgrade.
2015-05-08 12:35:03 -07:00
Adam Ierymenko
720ac93ba9
Use NDIS6 driver preferentially if available.
2015-04-25 15:22:43 -07:00
Adam Ierymenko
ce09e363dc
Destroy tap devices on Windows 'leave'.
2015-04-24 16:31:19 -07:00
Adam Ierymenko
f5848972f9
Windows now builds and runs selftest correctly, and fixed a Windows (and possibly other platforms) issue in Phy<>.
2015-04-24 15:05:28 -07:00
Adam Ierymenko
86c87875a7
OSUtils::resolve()
2015-04-20 16:07:38 -07:00
Adam Ierymenko
60f05518aa
(1) now builds and works on Linux, (2) fix a threading problem causing carsh on shutdown, (3) cleanup in selftest, re-enable Phy and Http tests.
2015-04-20 15:12:31 -07:00
Adam Ierymenko
1f5700191f
zerotier-cli suspiciously working... that didn't hurt *too* badly.
2015-04-16 16:12:10 -07:00
Adam Ierymenko
13d5073e5b
CLI work and Makefile cleanup.
2015-04-16 15:07:58 -07:00
Adam Ierymenko
53cbe485f0
Some cleanup, and bite the bullet and go ahead and write a simple Http client. Need a cross-platform built-in one to do cli right.
2015-04-16 14:13:44 -07:00
Adam Ierymenko
f7b1437154
Putting the main binary back together...
2015-04-15 17:00:26 -07:00
Adam Ierymenko
508519b62a
Tap driver load fix.
2015-04-14 19:21:56 -07:00
Adam Ierymenko
aeb4b42ab3
Make tap itself handle remembering sticky device to nwid mappings.
2015-04-14 18:13:46 -07:00
Adam Ierymenko
67f1f1892f
Bunch of tap stuff, IP address assignment hookups, etc.
2015-04-14 17:57:51 -07:00
Adam Ierymenko
347e98dcd2
Just return files from listDirectory() since that is all we need, fix network request on network restore logic, and remember saved networks in service/One
2015-04-14 15:32:05 -07:00
Adam Ierymenko
29a2175b7a
Fix missed closedir()
2015-04-14 15:17:59 -07:00
Adam Ierymenko
daef54ba32
HTTP server is in, and works.
2015-04-10 19:08:49 -07:00
Adam Ierymenko
5572b7ffb6
Simplify Phy<> to get rid of more indirections.
2015-04-10 17:07:06 -07:00
Adam Ierymenko
9e651b39e4
Add some TRACE around pinging (for now), and refactor service/One to just run in the foreground as some platforms may not require threads at all.
2015-04-10 11:40:45 -07:00
Adam Ierymenko
08a11a6f32
Since which tap to use is chosen statically at compile time and the factories are gone, there is now no need for inheritance or virtual methods (indirect calls) here. Should improve performance slightly to get rid of them.
2015-04-10 10:19:45 -07:00
Adam Ierymenko
068d311ecc
TRACE compile fixes, other fixes, and it basically works! It says HELLO.
2015-04-09 20:54:00 -07:00
Adam Ierymenko
38200cc6a5
Add data store functions to service/One, and shelve old main.cpp since it will get rebuilt.
2015-04-09 19:58:04 -07:00
Adam Ierymenko
6615a70027
Service code builds now.
2015-04-09 18:22:04 -07:00