Commit Graph

823 Commits

Author SHA1 Message Date
Adam Ierymenko
0ba0c6d04d New netconf... 2014-05-06 00:05:11 +00:00
Adam Ierymenko
93f24ea86a Some work on new netconf service... 2014-05-05 22:11:21 +00:00
Adam Ierymenko
f8eae84e15 Retire old netconf mess. 2014-05-05 15:05:11 +00:00
Adam Ierymenko
7831c4bfef Cleanup, dead code removal, some pretty insignificant security stuff that's based on recommendations. 2014-04-18 00:14:12 -07:00
Adam Ierymenko
5f45977e3e Update GitHub README 2014-04-16 11:40:48 -07:00
Adam Ierymenko
d187ec82d4 Adding supernode yig.zerotier.com (Sydney, Australia) and removing mi-go.zerotier.com (Singapore) due to real-world usage data. 2014-04-15 14:37:19 -07:00
Adam Ierymenko
42c3474223 VERSION 0.8.2
This version fixes a few more issues with TCP tunneling including GitHub issue #63.
It also adds automatic announcement and location of peers on physical LANs (GitHub
issue #56) which should greatly improve performance if you happen to be on the same
LAN or WiFi network as another peer. It can take 60 seconds or so for this to occur,
but it should.
2014-04-10 22:46:17 -07:00
Adam Ierymenko
aee742e767 More toward GitHub issue #56 2014-04-10 16:30:15 -07:00
Adam Ierymenko
c9294c1a78 Prevent recursive transit of ZeroTier packets, toward GitHub issue #56 2014-04-10 14:22:25 -07:00
Adam Ierymenko
b117ff5435 Probable fix for GitHub issue #63 - do not unite() if either path is TCP, since doing so can result in asymmetric failed NAT-t over UDP if one side has a firewall that permits outgoing UDP but not incoming. 2014-04-10 11:17:54 -07:00
Adam Ierymenko
119ef5ecbf More logic cleanup and some documentation / comment improvements. 2014-04-10 10:00:20 -07:00
Adam Ierymenko
8fb442d81a Yet more cleanup to TCP logic, this time adding a master switch and adding UDP preference in send(). 2014-04-09 17:08:35 -07:00
Adam Ierymenko
73153b89b4 Some cleanup, and use best (not first) UDP addresses for NAT-t VERB_RENDEZVOUS computation. 2014-04-09 16:00:25 -07:00
Adam Ierymenko
d9836adbf6 .... aaaaaand... GitHub issue #61 was caused by the fact that we were no longer deleting taps on Windows! 2014-04-09 15:34:03 -07:00
Adam Ierymenko
420edf23ad Was not closing _shutdownSignalPipe in UnixEthernetTap either... 2014-04-09 15:32:37 -07:00
Adam Ierymenko
6c5f6feb5e Set close-on-exec in attempt to head off GitHub issue #61 2014-04-09 15:22:08 -07:00
Adam Ierymenko
a1c1c82b0d VERSION 0.8.1
This, quick on the heels of 0.8.0, fixes the fact that TCP tunneling was
broken. :)

There was a bug that only manifested in some cases, and not on my testnet.
I took the opportunity to clean up some of that logic generally. I need a
better testnet, but that will have to wait until we exit beta and hopefully
I can earn a little bit of money off this. A better testnet will require
a big beefy virtualization box or two to run hundreds to thousands of KVMs.

Also fixed a tiny cosmetic issue on Windows. Other than that no changes.
2014-04-09 13:03:33 -07:00
Adam Ierymenko
83a0d988ec Text point size readjustment not needed on child windows in Windows? 2014-04-09 12:19:46 -07:00
Adam Ierymenko
a8c12369fd More tweaks to TCP logic for GitHub issue #60 2014-04-09 12:10:05 -07:00
Adam Ierymenko
28a6d328a5 Some adjustments to TCP logic for GitHub issue #60 2014-04-09 11:55:24 -07:00
Adam Ierymenko
dd404b8ba3 VERSION 0.8.0
This version introduces a major new feature requested by several users,
both via the user survey and otherwise: TCP tunneling.

If you are not able to communicate over UDP/9993, ZeroTier One will switch to
TCP connections to ZeroTier's supernodes. This is always slower than UDP, but
will allow you to communicate behind all but the most extremely restrictive
firewalls. This TCP traffic travels over port 443 and looks like HTTPS (SSL)
traffic (though it isn't), since that port is almost always open.

This also fixes several minor bugs and attempts to improve the robustness of
Windows tap driver management. Several users have reported spurious issues
with the Windows tap device, though I was unable to reproduce any of these with
clean VMs. (Tried Windows 7 and 8.1, both x86 and x64. No luck.) But I tried
to beef up the tap code anyway in the hopes of catching it. It now tries a lot
harder to make sure the tap is up and running.

There was some significant under the hood refactoring in support of TCP, so
this was a non-trivial change.

I bumped the version to 0.8 to indicate that more and more features are being
crossed off the list as we approach 1.0 and exit from beta. After this, the next
major feature will be LAN announcement to find direct paths to peers on the
same physical LAN. But assuming that 0.8.0 goes smoothly, I am going to divert
attention to the web site. A new design is coming that is much cleaner, sharper,
and easier to use.

Thank you all for all your excellent feedback! We're well on the way to a killer
product that makes conventional VPNs and other kludges obsolete.
2014-04-08 22:38:51 -07:00
Adam Ierymenko
1c636afe3f Fix typo. 2014-04-08 16:43:36 -07:00
Adam Ierymenko
48a1799f49 More Windows tap cleanup... seems solid. We'll see. 2014-04-08 16:10:48 -07:00
Adam Ierymenko
bf24de43fe Windows tap: be REAL REAL REAL PARANOID. Wake up sheeple. 2014-04-08 15:47:33 -07:00
Adam Ierymenko
76d9ea911d Another Qt build fix... need the right tap driver in build just to make symbols work even though UI doesn't use that code. 2014-04-08 14:16:45 -07:00
Adam Ierymenko
ff773def26 Remove EthernetTap.cpp from UI build project. 2014-04-08 13:59:31 -07:00
Adam Ierymenko
5abfb11813 Some installer stuff, complete refactoring of Windows side of newly split tap driver. Seems to work. Now to see if the cleanup we did here gets rid of the zombie tap device issue on Windows. 2014-04-08 12:00:21 -07:00
Adam Ierymenko
0b8d6c7f4a Builds and runs on Unix with EthernetTap changes, now for Windows... and for what we did this for: a refactor of the Windows tap connector. 2014-04-07 15:39:33 -07:00
Adam Ierymenko
6c60305a96 Split EthernetTap into subclasses, work in progress... 2014-04-07 14:47:39 -07:00
Adam Ierymenko
19c4d82512 Intaller upgrade and stuff, fix to Windows service for new Node API changes. 2014-04-04 16:59:02 -07:00
Adam Ierymenko
e11149bcae Fix network widget spacer issue on Windows. 2014-04-04 12:25:48 -07:00
Adam Ierymenko
fe85426df6 A few more tweaks to TCP failover... seems to be switching back and forth pretty well now! 2014-04-03 17:12:34 -07:00
Adam Ierymenko
158002d2d1 Tweak some timings and stuff. 2014-04-03 16:19:41 -07:00
Adam Ierymenko
c96d3ebf8c Such ping logic. So edge case. 2014-04-03 14:36:52 -07:00
Adam Ierymenko
b1088a6bd7 Make Unix domain sockets mode 0777 so that properly authorized non-privileged users can access them (if they have auth token). 2014-04-02 17:21:26 -07:00
Adam Ierymenko
f0223490be Make GUI work with new control client API, make control client look for user authtoken.secret if system unreadable. 2014-04-02 17:12:04 -07:00
Adam Ierymenko
81e5690410 More tweaks to TCP failover logic. Such edge case. 2014-04-02 17:32:47 -04:00
Adam Ierymenko
700a450806 More tweaks to algorithm for determining when to fail over to TCP, and stop supernodes from resynchronizing unless explicitly ordered. 2014-04-01 18:39:10 -07:00
Adam Ierymenko
0e1fc06a6f The remove paths on send fail thing in Peer.cpp was not well thought out, and there is no point in mallocing the TCP write buffer. 2014-04-01 15:55:05 -07:00
Adam Ierymenko
c3b41c289d Resynchronize on startup. 2014-04-01 14:12:54 -07:00
Adam Ierymenko
6ab95e0391 Get : out of Path.toString() since this will conflict with : in IPv6 IPs. 2014-04-01 08:52:52 -07:00
Adam Ierymenko
67b3fa9311 Clean up main.o in Linux make clean. 2014-03-31 22:38:46 -07:00
Adam Ierymenko
316e8d1939 Build fix. 2014-03-31 22:30:08 -07:00
Adam Ierymenko
f13493edb2 Oops... turns out we need to differentiate incoming from outgoing TCP and indeed learn incoming TCP paths. Otherwise the recipient of a TCP connection does not know to reply via TCP! Heh. 2014-03-31 22:23:55 -07:00
Adam Ierymenko
595b386afc Increase maximum packet fragments to make room for huge multicasts with certificates of membership tagged onto them. This likely will not actually increase the number of fragments in practice much, since these are then subsequently compressed. But the buffer needs to be allocated with room for them, otherwise these packets get dropped with a range_error exception internally. 2014-03-31 14:53:33 -07:00
Adam Ierymenko
8e587ae481 Clean dead paths from peers. 2014-03-31 11:41:14 -07:00
Adam Ierymenko
acb056e3b1 Small readability fix. 2014-03-28 21:04:15 -07:00
Adam Ierymenko
5ef2c6fd6f Add TCP/443 to all supernodes in Defaults. 2014-03-28 15:51:19 -07:00
Adam Ierymenko
1a0572d7e7 Remove UDP-breaking debug code. 2014-03-28 13:58:18 -07:00
Adam Ierymenko
7957ab6b1d Windows uses exceptfds to report failed async connect() in select(). TCP now done on Windows (I think). 2014-03-28 13:37:21 -07:00