Commit Graph

2807 Commits

Author SHA1 Message Date
Adam Ierymenko
1e213b4d4c Need to close on premature abort too or resources are leaked. 2015-11-30 14:56:36 -08:00
Adam Ierymenko
3d66492828 Also add a timeout for the actual NAT-PMP port mapping step. 2015-11-30 14:17:58 -08:00
Adam Ierymenko
838fdf4d11 ifdef naming fix. 2015-11-30 13:32:30 -08:00
Adam Ierymenko
685c5e9ad1 Fix for uPnP 2015-11-30 13:25:34 -08:00
Adam Ierymenko
66a29a00ee Merge miniupnpc/libnatpmp build into main build by just adding flags, defs, and objs. 2015-11-30 13:17:43 -08:00
Adam Ierymenko
6768521330 Ton of uPnP work and adding NAT-PMP support, still testing... 2015-11-30 13:10:22 -08:00
Adam Ierymenko
6c0de526e8 Merge pull request #261 from janjaapbos/synology
Fix for cross compiling
2015-11-30 11:07:20 -08:00
Adam Ierymenko
4c812e3796 Merge pull request #259 from janjaapbos/jb-dev
Increase maximum number of paths per IP scope to 4
2015-11-30 10:53:22 -08:00
Janjaap Bos
e6808c69f8 Increase maximum number of paths per IP scope to 4
Otherwise, local discovered routes are ignored.
Don't know what the best value would be. Taking 4 for now.
2015-11-30 19:48:38 +01:00
Adam Ierymenko
75637f68b3 Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2015-11-24 14:11:31 -08:00
Adam Ierymenko
56cb2f43fa Merge pull request #254 from bonki/fix_iproute2_ip_handling
Fix for GitHub issue #253.
2015-11-24 14:11:14 -08:00
Adrian Frühwirth
038476c412 Fix for GitHub issue #253.
Make 'ip' detection more robust (some distros don't ship the binary in /sbin or /usr/sbin).
Add error handling for cases where an ip add/remove fails.
2015-11-24 22:56:02 +01:00
Joseph Henry
201109a7a0 (fixed) make-linux.mk conflicts, updated clean logic 2015-11-23 16:02:39 -08:00
Adam Ierymenko
7e28161638 Merge dev 2015-11-30 15:17:31 -08:00
Adam Ierymenko
ef4472e185 Intercept now checks ZT_NC_NWID environment variable for 16-digit network ID and does not initialize if not present. 2015-11-23 13:59:38 -08:00
Adam Ierymenko
4acb3d81f3 Rename Common to common.inc.c to indicate that this is an included C file not a primary build C file. 2015-11-23 13:25:46 -08:00
Adam Ierymenko
bee44ae731 Merge Sendfd into Common.c 2015-11-23 13:24:28 -08:00
Adam Ierymenko
95106e2e30 Mare make-self-contained code cleanup. 2015-11-23 13:18:46 -08:00
Adam Ierymenko
2a6ea38718 More code cleanup, just moving some stuff into NetconEthernetTap that is not used elsewhere. 2015-11-23 13:02:50 -08:00
Adam Ierymenko
d8d4cfbf01 Eliminate a few warnings and some small code reorg. 2015-11-23 12:43:42 -08:00
Adam Ierymenko
34404eb300 Ignore more DLL patterns. 2015-11-23 12:34:46 -08:00
Adam Ierymenko
7a84805824 Uncommit binary... :P 2015-11-23 12:34:23 -08:00
Adam Ierymenko
1d4563ac31 A few very tiny bits of dead code removal, etc. 2015-11-23 12:32:20 -08:00
Adam Ierymenko
a18336fa18 MERGE current "dev" into "netcon" -- should not affect netcon itself but will retest -- brings ZeroTier core up to 1.1.0 2015-11-23 10:46:52 -08:00
Adam Ierymenko
1e4a40e772 Reformat table. 2015-11-23 10:11:46 -08:00
Joseph Henry
6e5feaba3a Updated test files 2015-11-23 07:08:07 -08:00
Joseph Henry
71b38a48ac Replaced README 2015-11-23 06:22:09 -08:00
Joseph Henry
6a3f230555 Unit test info added to README 2015-11-23 06:20:01 -08:00
Joseph Henry
a952ff2c61 Removed odd file 2015-11-23 06:11:19 -08:00
Joseph Henry
05e51f40b4 README formatting update. Removed odd files 2015-11-23 06:07:48 -08:00
Joseph Henry
b83aefcf8f Updated README, fixed node.js test bug 2015-11-23 05:59:05 -08:00
Joseph Henry
8b9b593256 Removed old READMEs and OS files 2015-11-23 05:21:20 -08:00
Joseph Henry
275a76ff5c Test update 2015-11-23 05:15:19 -08:00
Joseph Henry
3d163f7044 Patch for Node.js -- accept() bug 2015-11-23 01:14:17 -08:00
Grant Limberg
764dd1c3d9 ARP packets do need the source IP address in them, as well as the MAC address.
Packets wouldn't even show up in WireShark without the source IP in it.
2015-11-21 19:14:59 -08:00
Grant Limberg
ac09c3569a ARP packet lengths are 28 bytes. This condition required the packet to be 29 or more bytes. 2015-11-21 19:14:06 -08:00
Adam Ierymenko
ce5b7f0305 The World as of 2015-11-20 2015-11-20 12:49:23 -08:00
Adam Ierymenko
1fde17bacb Update World to reflect Alice and Bob in their final glory. Will hot-push this soon. 2015-11-20 11:46:10 -08:00
Joseph Henry
d472c59b8d Additional test files 2015-11-20 02:41:27 -08:00
Joseph Henry
126fc46dc4 Updated makefile, removed old results directory 2015-11-20 01:22:15 -08:00
Joseph Henry
d2e624f301 Updated makefile, removed old results directory 2015-11-20 01:19:16 -08:00
Joseph Henry
7173b0124b Removed old test directory 2015-11-20 01:13:04 -08:00
Joseph Henry
1f27022fa7 Test/Code Refactor in preparation for merge 2015-11-20 01:08:38 -08:00
Joseph Henry
9a25a627bb WIP: Unit tests -- more generalization 2015-11-19 17:34:56 -08:00
Adam Ierymenko
375aae44e4 . 2015-11-19 16:36:15 -08:00
Joseph Henry
31bc5e1559 WIP: Unit tests 2015-11-19 16:21:59 -08:00
Joseph Henry
b1100b3d13 WIP: Automated tests 2015-11-19 16:14:27 -08:00
Grant Limberg
399b2e9e26 forgot to submit this. Add DeferredPackets.cpp to the android makefile 2015-11-17 19:16:10 -08:00
Adam Ierymenko
6f16f44438 VERSION 1.1.0: Win/Mac UI improvements, improved NAT-t, CIRCUIT_TEST, and more!
ZeroTier 1.1.0 introduces a number of fixes and improvements in several areas.
We incremented the secondary version to indicate the significance of this release.

Version numbering has been a bit ad-hoc in the past. In future versions we will
adopt the following scheme: odd-numbered revision numbers like 1.1.1 will indicate
development versions, while even numbered ones like 1.1.2 will indicate tagged
releases. The public git repo branching has also been revised: master will always
be the latest tagged release, dev will be usually-working development, and edge
will host maybe-broken "bleeding edge" development. Pull requests on GitHub should
generally be made against dev, not master or edge. Other branches that may appear
from time to time may be feature or experimental branches. Only master is confirmed
good, with dev usually being okay but not guaranteed to be such. (To the extent
that any software is ever guaranteed to be anything.)

Change summary:

User-facing changes and improvements:

 - Windows now has a new .NET-based native UI, which replaces the old WebControl
   wrapper around the React UI. This just didn't work well on older Windows systems,
   and we did not want to bundle 40+ megabytes of web browser with our app just for
   its very simple UI.
 - The web UI (still used for Mac and usable in Linux as well) is updated with
   improved look and simplifications.
 - Both UIs no longer have the "Peers" tab, since several users reported that non-
   technical users found this confusing and even alarming (does this mean people
   can access my system?). This information is visibile with "listpeers" from the
   command line (zerotier-cli).

New features:

 - Virtual networks that use our RFC4193-based IPv6 numbering scheme now emulate
   IPv6 NDP for queries that target these addresses within the same network. This
   allows for faster multicast-free connection init and improved security since
   the address is now hard-wired to the device ID (which is a crypto token). This
   does not affect IPv6 NDP for other IPv6 addresses or link-local, which will
   continue to work normally. This also opens the potential for a reduced footprint
   multicast-free build for embedded applications.
 - This version includes beta support for a feature called CIRCUIT_TEST. Network
   controllers for networks you have joined can now send a special message called
   CIRCUIT_TEST which allows for ZeroTier-layer link testing and remote diagnosis
   of link issues. Any operator of a network controller can do this; more
   documentation will be forthcoming. The only information that may be gathered
   in this way is IP addressing info and very basic system info (OS, 32/64 bit,
   ZeroTier version). No personal information, hard drive data, location, or other
   private info is available. This can only be ordered by a controller of a network
   you have joined and is secured using cryptographic signatures.
 - This version includes an alpha version of clustering a.k.a. multi-homing! This
   powerful feature allows for a single ZeroTier device to be run from multiple
   endpoints, with connecting peers being handed off to endpoints that are closer
   via GeoIP lookup and/or are more lightly loaded. Currently this is only suitable
   for use in our soon-to-be-upgraded root server infrastructure (details will be
   blogged soon), but in the future it will be capable of hosting multi-homed
   devices on user networks. This will allow things like (for example) a geo-
   clustered Cassandra server that appears behind a single IP on a virtual LAN.
   This feature must be enabled with the ZT_ENABLE_CLUSTER=1 build option.

Bug fixes and other improvements (including performance!):

 - A faster version of the Poly1305 cryptographic MAC function was substituted
   for sometimes greatly improved performance.
 - C++ STL std::map was replaced throughout the entire core with a hand-rolled
   Hashtable implementation for improved performance and in some cases a reduced
   memory footprint. Some maps are still used in peripheral code that is not
   performance critical or where ordered keys are needed.
 - The zerotier-cli and zerotier-idtool symbolic links are now created in
   /usr/local/bin on OSX to comply with El Capitan file security restrictions.
 - The OSX tap device driver has been updated. This update may fix issues that
   some users have reported with bridging on OSX. This new tap device driver
   drops 32-bit support, but if you have a 32-bit system you can manually install
   the old driver from ext/bin/tap-mac.
 - Mac users could experience a problem with the UI if they installed ZeroTier,
   then uninstalled it, then installed again. This is now fixed.
 - UPnP port mappings should work better on some routers, and a different local
   port is now used for UPnP mapped traffic vs. NAT-t'd traffic to get around
   a bug in several popular mid-tier routers where using UPnP mapping alongside
   traditional NAT traversal made a port unreachable.
 - Debian package now builds with the right arch label on armv7l systems (Pi 2)
 - The old "root topology" has been replaced with a similar but better thought
   out concept called a World. The World defines the root servers and possibly
   in the future other things, and can be updated in-band from trusted peers
   allowing for software-upgrade-free network upgrades to keep up with growing
   demand. See node/World.hpp for details.
 - A fix was made to "self-awareness," which keeps track of your external IP
   info and adapts to changes, to eliminate a problem that could cause "link
   thrashing" behind some symmetric NATs.
 - Escalating UDP TTLs was re-introduced to better transit some port-restricted
   cone NATs such as Linux IP MASQ (used for Docker).
 - An otherwise harmless crash-on-exit bug in the network controller was fixed.
 - All new direct links are now confirmed in both directions. This adds a very
   small amount of initial HELLO/OK traffic but fixes some edge cases where an
   incomplete or unidirectional path might be used.
 - [SECURITY] Better rate limiting was put in place for VERB_PUSH_DIRECT_PATHS
   to prevent potential abuse for amplification attacks.
 - [SECURITY] Build flags were tweaked on OSX to ensure that all code including
   dependency libraries are built with full stack canary protection and ASLR
   support.

Visit https://www.zerotier.com/blog or follow @ZeroTier on Twitter for updates
and announcements!
2015-11-17 12:18:45 -08:00
Adam Ierymenko
1c0c3e62dc Just add a launch prerequisite for .NET 4.5 -- it's usually there, and if not it can be easily installed. This is mostly an issue on old Windows Server systems, and in that case the admin will likely want to decide how to proceed. 2015-11-17 11:13:44 -08:00