Commit Graph

134 Commits

Author SHA1 Message Date
Adam Ierymenko
f753519729
A bit more optimization 2019-08-15 14:07:52 -07:00
Adam Ierymenko
f83ae0e39e
Add self-test for AES and AES-GCM using public test vectors. 2019-08-15 13:47:43 -07:00
Adam Ierymenko
237c379866
Choose which tap to use (feth or kext) on Mac based on Darwin version. 2019-08-07 18:20:17 -05:00
Adam Ierymenko
af3ec000a0 Merge branch 'dev' into edge 2019-03-22 09:38:41 -07:00
Adam Ierymenko
63ec19674c . 2019-03-19 16:43:43 -07:00
Travis LaDuke
af60e769b0 Allow mac users to make central-controller
Made the smallest change I could figure out.
Had to remove -Werror because something in the postgres adapter woudn't
compile.

brew install postgresql rabbitmq-c
and seems to put the libs in the right place
2019-03-18 17:01:05 -07:00
Adam Ierymenko
c56831767e Fix Mac tap agent abort on EINTR. 2018-10-25 20:44:32 -07:00
Adam Ierymenko
2e44b90f63 OSX no longer requires the kext due to feth black magic! The MacEthernetTapAgent must be installed in /Library/Application Support/ZeroTier/One for ZT to work now. Eventually this can let us do an app bundle, get rid of the pkg, and have ZT itself run with normal or reduced privileges. Also fixes GitHub issue #870 (at least for me) and may be faster than the old kext. 2018-10-25 12:43:30 -07:00
Joseph Henry
46a7a2be2e Added VERB_ACK and VERB_QOS_MEASUREMENT, refined notion of path quality 2018-05-30 17:45:29 -07:00
Grant Limberg
381857ea49 macOS: add libcurl to libraries when ZT_VAULT_SUPPORT=1 is specified on the make command line 2018-01-03 11:56:20 -08:00
Adam Ierymenko
6fbd15f8b2 cleanup 2018-01-08 15:56:53 -08:00
Joseph Henry
346fa4d7f4 Added ZT_SANITIZE option to makefiles. This your new memory debugging best friend 2017-12-14 13:27:49 -08:00
Adam Ierymenko
ada611d597 Go ahead and load kext so MacOS High Sierra users will see kext auth dialog right away. 2017-12-07 08:56:15 -08:00
Adam Ierymenko
640ad577d1 . 2017-07-06 11:56:46 -07:00
Adam Ierymenko
2a4a50b1da Add some also-ZeroTier-written ext/ code for use in new clustering, delete some old code, and change Mac to use -Os which is just as fast as -Ofast and may be faster due to cache effects. 2017-05-31 08:36:09 -07:00
Adam Ierymenko
cf49e511a5 More makefile changes. 2017-05-08 14:46:45 -07:00
Adam Ierymenko
505b9c7f56 Makefile reorg to allow core to be built as a library. 2017-05-08 14:36:55 -07:00
Adam Ierymenko
f9ae5938d0 Makefile fix, only bifurcate routes for default, and release notes. 2017-04-20 10:08:46 -07:00
Adam Ierymenko
a1e94154be Just incorporate the X64 ASM version of Salsa20/12 for X64 platforms. This gives us (for example) 1.5gb/sec encryption on a Core i5 2.8ghz. 2017-04-18 08:45:37 -07:00
Adam Ierymenko
7a94f63058 Back out NaCl since the old one with xmm6 salsa2012 does not support multi-block use and the new one is slower. 2017-04-17 17:54:12 -07:00
Adam Ierymenko
df48738ac9 Enable use of NaCl for faster X64 Salsa20 implementations. Also include binary for OSX for easy build. Blazingly fast. 2017-04-17 16:43:03 -07:00
Adam Ierymenko
592cac5815 Remove from a few other places. 2017-03-27 12:09:37 -07:00
Joseph Henry
683ba79ff0 Added ButtFlare stub code 2017-03-24 17:00:14 -07:00
Adam Ierymenko
712e8e828b use .exe naming convention 2017-03-07 11:58:17 -08:00
Adam Ierymenko
0995c1dcaa Encapsulate LZ4 in Packet.cpp to eliminate dependency. 2017-01-19 15:16:04 -08:00
Adam Ierymenko
0fb3d1d582 Add a build version for software update use so we can do very minor updates within a version. 2017-01-18 09:16:23 -08:00
Adam Ierymenko
0e4d3244b2 "make official" for Mac now builds update image as well as pkg (update image is just PKG + SFX script) 2017-01-13 13:09:42 -08:00
Adam Ierymenko
84bfec8329 . 2017-01-12 14:35:52 -08:00
Adam Ierymenko
e1727d6297 Fix to software update repeat downloads. 2017-01-12 14:34:52 -08:00
Adam Ierymenko
ab25c96821 Build fixes. 2017-01-12 13:51:06 -08:00
Adam Ierymenko
c6b0b07605 More software update work, and settings in local.conf. 2017-01-12 13:18:11 -08:00
Adam Ierymenko
565842b5ec Software updater work. 2017-01-11 14:37:31 -08:00
Adam Ierymenko
6fb49f68fc Comment out and disable old auto-update code. 2017-01-10 12:20:29 -08:00
Adam Ierymenko
24017659df Update installer, etc., for Mac. 2016-12-23 15:25:04 -08:00
Adam Ierymenko
c175a5fcd7 Change org names, add makefile rule for Mac to build new UI. 2016-12-23 15:11:44 -08:00
Adam Ierymenko
8e3463d47a Add length limit to TEE and REDIRECT, and completely factor out old C json-parser to eliminate a dependency. 2016-08-24 13:37:57 -07:00
Adam Ierymenko
a13f4d8353 We now always build the controller in ZeroTier One, at least for desktop and server targets. Also means that ZeroTier One now requires C++11. (Still keeping C++11 out of the core in node/ though.) 2016-08-17 10:42:32 -07:00
Adam Ierymenko
402d99ea8d C++11 mode build fix. 2016-08-16 14:07:11 -07:00
Adam Ierymenko
b08ca49580 More controller work -- it builds! 2016-08-16 14:05:17 -07:00
Adam Ierymenko
c03ca3c278 VERSION 1.1.6: route management, default route override, new IPv6 mode for Docker, and more!
Version 1.1.6 contains several significant improvements for use in complex network
environments along with some minor bug fixes and improvements to path stability and
dead path detection.

ROUTE MANAGEMENT AND FULL TUNNEL SUPPORT

1.1.6 is the first version of ZeroTier One to permit "full tunnel" (default route
override) operation on Linux, Mac, and Windows. This allows all Internet traffic
to be tunneled through ZeroTier while allowing ZeroTier peer-to-peer traffic to
continue to use the physical interface. 1.1.6 also brings route management support
and permissions settings for local networks to control whether networks are allowed
to modify the routing table or override default routing.

This is currently considered a beta/experimental feature and must be enabled via
the command line interface.

Route management and default route override requires support at the network controller.
When my.zerotier.com is updated and ready, we will post more information and testing
instructions at: https://www.zerotier.com/community

HIGHLY SCALABLE CONTAINER NETWORKING

1.1.6 also brings a new multicast-free (NDP emulated) IPv6 private addressing scheme
called "6plane." 6plane provides each host with a private IPv6 /80 and routes *all*
IPv6 traffic for this subnet to the host via transparent NDP emulation. This /80 can
then be assigned to Docker or other container/VM managers to assign a network-wide
IPv6 /128 to every container. Since NDP is emulated and multicast isn't needed, this
system can scale to millions of containers or more on a single backplane network with
a high degree of efficiency and reliability.

6plane also requires controller support. Look for it at my.zerotier.com once we have
upgraded our core infrastructure and web UIs.

(All hosts must be running 1.1.6 for 6plane to work properly. Other IPv6 addresses
or addressing modes are not affected and normal IPv6 NDP will continue to work
alongside 6plane in the same network.)

OTHER CHANGES

 * Upgraded bundled miniupnpc, libnatpmp, and http-parser.
 * New Debian and RPM packaging that is closer to compliance with distribution
   guidelines, and a new Dockerized Linux package build system in linux-build-farm/
   that can build every package on actual images of the correct distribution.
 * Improvements to dead path detection.
 * IPv6 now uses keepalive because a significant number of stateful IPv6 edge
   routers have very short timeouts (30 seconds or less!).
 * Significant performance improvements to network controllers under high load.
 * Enable -fstack-protector-strong for better stack canary (security) support
   in binaries. Note that this may require newer gcc/g++ or clang.

COMING SOON

The next version of ZeroTier One should have a new Mac UI. It's a system tray app
that looks and behaves a lot like the Mac WiFi pulldown menu. We'll also be adding
GUI support for default route and route management options and other new features.

Shortly after that we plan on adding full OpenFlow-like SDN rules engine support
to the ZeroTier core, making our planetary Ethernet switch a fully manageable smart
switch and enabling sophisticated security and flow rule management.
2016-06-29 15:53:46 -07:00
Adam Ierymenko
0ad6b4105a Outline of new CLI with ability to control controllers/central as well as service. 2016-06-22 17:54:07 -07:00
Adam Ierymenko
bc3d7d11fe Remove netcon from dev branch. This is moving to its own new ZeroTierSDK repo for future release under the SDK name. 2016-06-16 14:50:08 -07:00
Adam Ierymenko
3c655a4b84 Default route ready to test on Mac. 2016-06-15 15:46:57 -07:00
Adam Ierymenko
8c7433a525 . 2016-06-08 17:45:25 -07:00
Adam Ierymenko
4342b71d7a Upgrade miniupnpc to 2.0 2016-06-02 17:04:15 -07:00
Adam Ierymenko
5bce3e37ee clean doc node_modules on clean 2016-06-02 13:58:34 -07:00
Adam Ierymenko
fd81a7fe63 On Linux auto-detect presence of http-parser and lz4 and link against system libs instead of ext/ builtins (for RPM and DEB packaging effort) 2016-06-01 21:55:48 -07:00
Adam Ierymenko
ff931e53b5 more makefile stuff 2016-03-03 14:31:43 -08:00
Joseph Henry
95d28494f6 Mac OSX Port - Lightly tested 2016-01-25 12:55:29 -08:00
Adam Ierymenko
425d311ce8 Merge of netcon with edge and unification of make processes. 2015-12-04 13:19:31 -08:00