Commit Graph

402 Commits

Author SHA1 Message Date
Adam Ierymenko
6bc5a84a2d Windows build fixes and installer work... 2014-01-20 16:16:01 -08:00
Adam Ierymenko
45c5b66e9e Self test now passes on Windows. 2014-01-18 14:53:59 -08:00
Adam Ierymenko
f303c24d3c Build fix. 2014-01-18 10:23:44 -08:00
Adam Ierymenko
a5896264fa Builds on Windows now. 2014-01-18 10:17:15 -08:00
Adam Ierymenko
4d1cca1150 Remove VC++ warnings in C25519, also add inline to short methods. 2014-01-18 09:44:35 -08:00
Adam Ierymenko
07f505971c Windows build fixes. 2014-01-17 17:09:59 -08:00
Adam Ierymenko
7eccc5ebf2 Windows HTTP client code (untested) 2014-01-17 16:18:21 -08:00
Adam Ierymenko
412f93122d Add our own getifmaddrs() since this convenience function is not in OSX 10.6. 2014-01-16 15:11:59 -08:00
Adam Ierymenko
4788d911ad Remove ZT1 GPL copyright from the top of code that is basically all Daniel Bernstein's 2014-01-14 08:27:59 -08:00
Adam Ierymenko
3482d836ae Mac install fixes, more internal use scripts. 2014-01-08 23:12:03 -08:00
Adam Ierymenko
60731e6d02 Update URLs for auto-update, check supernode version in one more place, delete pid before executing updater. 2014-01-07 16:37:36 -08:00
Adam Ierymenko
c1256fff5b Remove some legacy code from the core loop. 2014-01-07 15:06:02 -08:00
Adam Ierymenko
a19c19c58c Refactor SoftwareUpdate to make .nfo parse and signature check code easily reusable so it can be used from the Qt GUI code. 2014-01-05 16:24:12 -08:00
Adam Ierymenko
22b52858e0 Fix -h in zerotier-cli and move code to find auth token into LocalClient, also move auth token for mac into Mac-standard Library/Application Support location. 2014-01-03 14:03:29 -08:00
Adam Ierymenko
9f28eec95c VERSION 0.6.7: revert change for GitHub issue #20
This will have to be thought out more. The old version worked fine 99% of the
time so we'll revisit this.
2013-12-31 11:36:13 -08:00
Adam Ierymenko
cc2a1444ae TRACE output improvements and compile fix. 2013-12-31 11:18:40 -08:00
Adam Ierymenko
10df5dcf70 Fix several things:
(1) The changes to path learning in the two previous releases were poorly thought out,
and this version should remedy that by introducing PROBE. This is basically a kind of
ECHO request and is used to authenticate endpoints that are not learned via a valid
request/response pair. Thus we will still passively learn endpoints, but securely.

(2) Turns out there was a security oversight in _doHELLO() that could have permitted...
well... I'm not sure it was exploitable to do anything particularly interesting since
a bad identity would be discarded anyway, but fix it just the same.
2013-12-31 11:03:45 -08:00
Adam Ierymenko
8055635e85 VERSION 0.6.5: minor bug fix in peer connection tracking 2013-12-31 01:22:32 -08:00
Adam Ierymenko
83fc684b20 Add a netconf-service version field to netconf. 2013-12-30 16:31:59 -08:00
Adam Ierymenko
f9d31605b8 Ethernet tap cleanup. 2013-12-29 11:10:23 -08:00
Adam Ierymenko
a6dc4caecf Unload the mac kext on exit. 2013-12-27 21:56:02 -08:00
Adam Ierymenko
df84bcf3bf Some logging improvements in software updater. 2013-12-27 07:13:49 -08:00
Adam Ierymenko
c8166b2db1 Bump version to 0.6.4 for testing, integrate software updater auto-check into PacketDecoder decode path and main loop. 2013-12-26 20:57:17 -08:00
Adam Ierymenko
92969b4426 Fix for GitHub issue #20 (untested) 2013-12-24 10:39:29 -08:00
Adam Ierymenko
026442f28f docs 2013-12-22 10:56:03 -08:00
Adam Ierymenko
9ffda4f955 Update Qt build to enable building against local static libraries, rename Network to NetworkWidget to avoid filesystem or object naming collision with Network.o in node/. 2013-12-12 15:47:00 -08:00
Adam Ierymenko
f7e3c10eca Cleanup in Utils, fix for HttpClient on Linux. 2013-12-12 11:33:41 -08:00
Adam Ierymenko
ec4ffc0c2c Software update fetcher seems to work, going back to updater/installer itself. 2013-12-11 13:14:10 -08:00
Adam Ierymenko
a22a3ed7e8 Software update work... 2013-12-11 13:00:18 -08:00
Adam Ierymenko
d3bcc58074 Fix update URL stuff, fix main build, add update dummy for testing updates on OSX and Linux and such. 2013-12-10 16:13:07 -08:00
Adam Ierymenko
bf0da9f2f7 Rest of software updater, ready to test... 2013-12-10 15:30:53 -08:00
Adam Ierymenko
612c17240a Dead code removal, fix for cleanup GitHub issue #28 2013-12-06 16:49:20 -08:00
Adam Ierymenko
518410b7e0 HTTP client works! 2013-12-06 16:00:12 -08:00
Adam Ierymenko
0a0ed893c3 HTTP client work... 2013-12-06 13:15:30 -08:00
Adam Ierymenko
f5d397e8c8 Pull in-band file transfer stuff. Toyed around with that idea, but it seems that updates for some platforms are big enough and there are enough reliability concerns that just using TCP/HTTP is safer and easier. 2013-12-04 10:45:15 -08:00
Adam Ierymenko
b699bdefbd Add shutdownIfUnreadable file feature: shut down if shutdownIfUnreadable in home folder is in fact existent but unreadable (e.g. broken link). This enables nifty shutdown on .app trashing feature for OSX. 2013-11-21 16:34:27 -05:00
Adam Ierymenko
4296db2358 Add configuration age to listnetworks results and GUI. 2013-11-21 15:11:22 -05:00
Adam Ierymenko
c979a695c5 UI work, add name to listnetworks output in control bus interface. 2013-11-20 16:16:30 -05:00
Adam Ierymenko
902c8c38d2 UI basically works, almost ready for testing and packaging... 2013-11-20 14:10:33 -05:00
Adam Ierymenko
34302edcc5 Installer build script for *nix systems. 2013-11-08 11:42:11 -05:00
Adam Ierymenko
bbe5a6f5d1 Add signupdate command to idtool. 2013-11-06 11:39:07 -05:00
Adam Ierymenko
9455b1cc81 Comments, change .nfo to .sig for uploads, clean some unused code from Utils. 2013-11-06 10:38:19 -05:00
Adam Ierymenko
9fdec3acfc More updater work... coming along. 2013-11-05 17:08:29 -05:00
Adam Ierymenko
6c63bfce69 File transfer work, add identities for validation of updates. 2013-11-04 17:31:00 -05:00
Adam Ierymenko
ac4e657aaa Updater work in progress... 2013-11-01 20:39:31 -04:00
Adam Ierymenko
ae138566a9 Updater code, work in progress... 2013-11-01 12:38:38 -04:00
Adam Ierymenko
e4044eeb70 Finish stubbing out FILE_ stuff. 2013-10-28 17:25:12 -04:00
Adam Ierymenko
d5fdfaea56 Fix signed/unsigned compare warning. 2013-10-28 16:54:35 -04:00
Adam Ierymenko
5750cf6b72 New cthulhu.zerotier.com supernode IP address. 2013-10-28 16:24:55 -04:00
Adam Ierymenko
7015017686 Make Makefile for Mac use clang options instead of old GCC options, and fix a nasty but obvious bug I introduced into Utils::getSecureRandom. 2013-10-28 15:53:40 -04:00
Adam Ierymenko
60ac1b77c5 Fix for GitHub issue #25 2013-10-28 13:22:23 -04:00
Adam Ierymenko
17778a36ba Clean up secure random, add packet definitions for update distribution facility. 2013-10-27 07:26:50 -04:00
Adam Ierymenko
942cc0ca21 Certificate of membership works now... had to fix multicast propagation so COM is pushed with multicast, which makes tremendous sense in retrospect. 2013-10-25 14:51:55 -04:00
Adam Ierymenko
010616e3ae Add some more TRACE output for certs. 2013-10-25 13:43:04 -04:00
Adam Ierymenko
1505e8dd50 Fix netconf init and identity transfer. 2013-10-25 13:04:58 -04:00
Adam Ierymenko
5901972958 More tying up of certificate of membership stuff in the client. 2013-10-24 16:57:26 -04:00
Adam Ierymenko
bbcd76ecd0 Netconf updates -- actually issue COM, and log attempts to access networks in NetworkActivity using the new authenticated flag in the new DB schema. 2013-10-24 16:19:53 -04:00
Adam Ierymenko
3de76fcab1 Make network autoconf a little more frequent to tighten up expiration times. 2013-10-21 16:11:29 -04:00
Adam Ierymenko
719dd2870d Self-test for certificate of membership. 2013-10-21 15:47:33 -04:00
Adam Ierymenko
2f00ae4fd7 Version 0.6.1: minor bug fix, DBM removal
This version removes the peer DBM present in earlier releases. It is not necessary for
regular clients and has been a source of problems.

There is a long-term identity cache that can be enabled by making a directory called
"iddb.d" in the home folder and restarting ZT1. This is probably something only our
supernodes would need, since regular nodes can easily WHOIS peers they've forgotten
about.

On shutdown, the peer database is dumped to disk. It's then restored on startup.
Peers that have not been used in a while are cleaned out, so this keeps this data
set small.

A DBM may re-appear later if it's needed, but for now it was YAGNI.
2013-10-21 14:22:02 -04:00
Adam Ierymenko
5e71e07f59 Add persistent identity caching for use on supernodes. Activate by just making an iddb.d directory in the ZeroTier home folder. Also clean up some obsolete cruft from makefiles. 2013-10-21 14:12:00 -04:00
Adam Ierymenko
40e4f39181 Peers are now dumped on shutdown in a persistence cache and reloaded on startup, which is good enough for clients right now. Supernodes will get something else for long-term authoritative identity caching. 2013-10-21 11:15:47 -04:00
Adam Ierymenko
6e217dfcb0 Get rid of DBM, which technically is a case of YAGNI. Supernodes will need a way to save identities, but that can be a different feature. Regular clients do not really need a permanent cache (yet). When/if we do need one we can do it then. Until then it only caused problems. 2013-10-21 10:29:44 -04:00
Adam Ierymenko
70655cc3f7 Docs and auto-update of Earth network ID. 2013-10-20 16:00:41 -04:00
Adam Ierymenko
c89cdcc3fd Blech... moving on! 2013-10-20 15:54:32 -04:00
Adam Ierymenko
1ed8a22d19 And then it turns out to be too slow on a slower 32-bit machine... we do want to do tablets eventually. 2013-10-20 15:46:36 -04:00
Adam Ierymenko
bad043729f Yet another revision of this algo... yeesh... and update to supernode IDs. I think I am gonna go with this one. Seems memory-hard enough to me. I am probably procrastinating by obsessing over it. 2013-10-20 15:31:32 -04:00
Adam Ierymenko
3c5c3280ff Fix an endian-non-neutrality bug in new hashcash identity algo. 2013-10-20 11:04:58 -04:00
Adam Ierymenko
8c9b73f67b Make Salsa20 variable-round, allowing for Salsa20/12 to be used for Packet encrypt and decrypt. Profiling analysis found that Salsa20 encrypt was accounting for a nontrivial percentage of CPU time, so it makes sense to cut this load fundamentally. There are no published attacks against Salsa20/12, and DJB believes 20 rounds to be overkill. This should be more than enough for our needs. Obviously incorporating ASM Salsa20 is among the next steps for performance. 2013-10-18 17:39:48 -04:00
Adam Ierymenko
fbf6ab5d4d Bug fixes: inverted sense bug, printf format bug. 2013-10-18 16:27:07 -04:00
Adam Ierymenko
e13d4df9ab Forgot to set defaults if multicast parameters are unset. 2013-10-18 15:50:31 -04:00
Adam Ierymenko
fb7d9b1029 Oops we needed _r in there... 2013-10-18 15:00:55 -04:00
Adam Ierymenko
5ef758bbd4 Eliminate unused private field (compiler warning). 2013-10-18 14:27:37 -04:00
Adam Ierymenko
ca93b4a1ac Clean up some stuff, including a few spots where exceptions were not being handled correctly. 2013-10-18 14:16:53 -04:00
Adam Ierymenko
03b909603a Clean up the awful Network::Config mess and break that out into NetworkConfig. 2013-10-18 13:20:34 -04:00
Adam Ierymenko
5a8f213c23 Work in progress... 2013-10-18 12:01:48 -04:00
Adam Ierymenko
b10871cedc More work in netconf cleanup. 2013-10-18 11:01:41 -04:00
Adam Ierymenko
9f107dbd4e Work in progress on cleaning up netconf mess in node code... 2013-10-18 09:48:02 -04:00
Adam Ierymenko
e6eb65be00 Netconf support for ARP and NDP caching TTLs. 2013-10-17 16:49:31 -04:00
Adam Ierymenko
d0dbd869c9 Increase verbosity of multicast tracing and fix tap build problem / GitHub Issue #19 2013-10-17 15:20:43 -04:00
Adam Ierymenko
797bba04dd Get rid of not used and maybe never to be used Filter code. 2013-10-17 13:07:53 -04:00
Adam Ierymenko
ce14ba9004 Take the 0.6.0 opportunity to add flags to a few protocol verbs and do a bit more cleanup. Also fix it so certificates wont be accepted unless they are newer than existing ones. 2013-10-17 06:41:52 -04:00
Adam Ierymenko
7e7e28f5f7 Add support for pushing network config refresh hints from a MEMORY queue table. That ways it will be possible for network changes to take effect almost immediately across all active peers. 2013-10-17 05:37:01 -04:00
Adam Ierymenko
46f868bd4f Lots of cleanup, more work on certificates, some security fixes. 2013-10-16 17:47:26 -04:00
Adam Ierymenko
58fa6cab43 Auto-pushing of membership certs on: MULTICAST_FRAME,FRAME,MULTICAST_LIKE and on receipt of MULTICAST_LIKE. 2013-10-07 17:00:53 -04:00
Adam Ierymenko
4d594b24bc Automagically push netconf certs -- Network support. 2013-10-07 16:13:52 -04:00
Adam Ierymenko
b4ae1adfbf Break out certificate of membership into its own class. 2013-10-07 15:29:03 -04:00
Adam Ierymenko
dcbc9c8ddd Rename error code for no membership certificate. 2013-10-07 15:21:40 -04:00
Adam Ierymenko
430882327e Couple of small fixes, works again with new ID code. 2013-10-07 15:00:38 -04:00
Adam Ierymenko
2fa2796f2a Another tweak, hopefully final, to reduce variance on identity generation times. 2013-10-07 14:31:13 -04:00
Adam Ierymenko
343b7f44fc Old algo for ID derivation was not in fact memory-hard since Salsa20 is seekable, so take two. 2013-10-07 12:48:27 -04:00
Adam Ierymenko
0c8614b9c6 Add a second arg to idtool generate to make generating both secret and public easier, add new supernode identities after generating them, fix known good and bad IDs in selftest. 2013-10-07 09:36:20 -04:00
Adam Ierymenko
5fa7a92048 Allocate genmem[] since its too big for the stack on some systems. 2013-10-06 05:28:25 -04:00
Adam Ierymenko
bc715fbd51 Make new identity hashcash algo memory hard, and tweak generation time a bit. Current hashcash cost should be overkill for what we need but still tolerable to users. 2013-10-05 14:15:59 -04:00
Adam Ierymenko
4267e7da93 Remove a whole bunch of now-unnecessary cruft from Topology and PacketDecoder. 2013-10-05 10:19:12 -04:00
Adam Ierymenko
0e43e5e8f2 Rest of work on new hashcash based identity scheme. 2013-10-05 07:00:55 -04:00
Adam Ierymenko
b0187f4472 Hashcash-based identity, work in progress... committing to test speed on other boxes. 2013-10-05 06:00:47 -04:00
Adam Ierymenko
588a47be89 Some API improvements to C25519 in preparation for that thing I woke up thinking about at 4am. 2013-10-05 05:26:38 -04:00
Adam Ierymenko
ea4e1136dd Flesh out membership certificate with signature, better serialize/deserialize, and rename parameter to qualifier to make better conceptual sense. 2013-10-04 12:24:21 -04:00
Adam Ierymenko
bb4a96c630 Add more info to remote multicast trace (debug facility). 2013-10-03 14:53:15 -04:00
Adam Ierymenko
c7590634e8 Eliminate a lot of redundant WHOIS requests, clean up WHOIS clutter in TRACE, flesh out multicast tracing a bit. 2013-10-03 14:38:07 -04:00
Adam Ierymenko
58538500f2 Clean up some routine stuff like pings, and stop keeping links open forever even if there are no frames passing between them. 2013-10-02 16:12:10 -04:00
Adam Ierymenko
2cfa76fa8b Multicast propagation is now working from non-supernodes, and working quite well. Time for some more simulation before 0.5.0! 2013-10-02 13:50:42 -04:00
Adam Ierymenko
929ed5d8b8 Merge branch 'adamierymenko-dev' of /Users/api/Code/local-ZeroTierOne into adamierymenko-dev 2013-10-01 17:19:36 -04:00
Adam Ierymenko
4b6ec872c7 More multicast fixes. 2013-10-01 17:19:24 -04:00
Adam Ierymenko
676f391ccf Multicast debug changes. 2013-10-01 16:31:46 -04:00
Adam Ierymenko
3443b203e4 Each peer now tracks the last time it announced multicast LIKEs independently and does so frequently enough to prevent expires. Also add a multicast debug facility for use on the testnet. 2013-10-01 16:01:36 -04:00
Adam Ierymenko
1a76455986 Fix for multicast propagation to prevent buildup of frames ping-ponging between supernodes. 2013-09-30 17:10:34 -04:00
Adam Ierymenko
e72a1de0d5 Fix bug in next hop selection. 2013-09-30 16:31:22 -04:00
Adam Ierymenko
20832a0562 Send reset of OK(HELLO) in both places where it gets composed. 2013-09-30 14:55:10 -04:00
Adam Ierymenko
9db7939d38 Make new multicast depth and prefix bits parameters configurable. 2013-09-30 13:51:56 -04:00
Adam Ierymenko
4ecb9369b5 Fix for multicast propagation -- supernodes must always keep propagating. Also fix mac-tap build on new version of Xcode CL tools. Must use old llvm-g++ instead of clang for i686 -mkernel. 2013-09-30 11:05:35 -04:00
Adam Ierymenko
0dca9964bf Whew, it builds! 2013-09-27 16:03:13 -04:00
Adam Ierymenko
4e010da54b Work in progress... 2013-09-26 17:45:19 -04:00
Adam Ierymenko
24bad9f3d1 More work in progress in new multicast propagation... 2013-09-25 17:41:49 -04:00
Adam Ierymenko
f3128a18fe Work in progress... 2013-09-25 10:55:27 -04:00
Adam Ierymenko
5557a8192d Work in progress... 2013-09-24 17:35:05 -04:00
Adam Ierymenko
bddbf4d276 Work in progress... 2013-09-24 12:44:15 -04:00
Adam Ierymenko
62a6f7ca63 More work in progress on new Multicaster. This should be pretty much good to go, and performance should not be too O(crappy). 2013-09-22 13:35:40 -04:00
Adam Ierymenko
770fbaf4b2 New multicast algorithm work in progress... 2013-09-21 16:46:00 -04:00
Adam Ierymenko
64c9c2e06b New packet formats for MULTICAST_FRAME, and MULTICAST_GOT. Not implemented yet in decoder, so wont compile. Work in progress. 2013-09-20 13:36:14 -04:00
Adam Ierymenko
c26b64f24b Fix for netconf advertising of multicast propagation parameters, and defaults in Network.hpp. 2013-09-19 16:16:48 -04:00
Adam Ierymenko
795f41c331 Change Linux default build back to debug, and fix startup message. Oh, and new crypto just kinda works. Awesome. 2013-09-19 15:17:11 -04:00
Adam Ierymenko
d8d71df301 Build fix for network ID remap hack. 2013-09-19 14:40:46 -04:00
Adam Ierymenko
aac40562d3 Add temporary code to remap old Earth network ID to new one. 2013-09-19 14:36:37 -04:00
Adam Ierymenko
fb8d5204e3 Remove code to automatically join Earth -- network joins will now be user-initiated and manual. 2013-09-18 12:32:08 -04:00
Adam Ierymenko
5ccc91a7c3 Prescient endian-ness fix in deriveAddress. 2013-09-17 16:49:16 -04:00
Adam Ierymenko
157aba5c3f Get rid of 000000000000000.mcerts junk files. 2013-09-17 16:28:17 -04:00
Adam Ierymenko
f9079a110e Make network multicast breadth/depth parameters configurable on a per-net basis. 2013-09-17 16:11:57 -04:00
Adam Ierymenko
4c06fcfc9d More include formatting cleanup. 2013-09-17 15:53:59 -04:00
Adam Ierymenko
b2b24ca41b Some file format cleanup. 2013-09-17 15:46:56 -04:00
Adam Ierymenko
0133da1dcd Get rid of onSent(), which was never used consistently anyway. 2013-09-17 15:33:34 -04:00
Adam Ierymenko
300588c5e8 Add port and control port command line options to daemon and command line client, add new supernode keys to Defaults. 2013-09-17 14:47:48 -04:00
Adam Ierymenko
de5cc82b5b Build fix to eliminate strict aliasing warnings, and a bug fix. 2013-09-16 19:25:31 +00:00
Adam Ierymenko
77f8d75529 Fix idtool build, tweak address derivation again. 2013-09-16 15:06:17 -04:00
Adam Ierymenko
94bf3e9a0e More tweaks to address derivation, going to test on other boxen. 2013-09-16 14:54:17 -04:00
Adam Ierymenko
4f53d09c7e Build fix for 32-bit Linux and tweaks to address derivation algorithm. 2013-09-16 14:47:48 -04:00
Adam Ierymenko
e376c6f6a9 New crypto integrated -- going to be testing new identity address generation algo a bit more before finalizing. 2013-09-16 13:57:57 -04:00
Adam Ierymenko
ceb024ab03 Integrating new crypto, work still in progress... 2013-09-16 13:02:10 -04:00
Adam Ierymenko
3b2d98e7dc Integrating new crypto -- work in progress, wont build yet. 2013-09-16 09:20:59 -04:00
Adam Ierymenko
02f3369185 Small amount of crypto cleanup. 2013-09-15 11:02:53 -04:00
Adam Ierymenko
300d26973a Test vectors for all new crypto. 2013-09-15 10:41:52 -04:00
Adam Ierymenko
660f92b6a7 Add test vectors for ensuring identical C25519 operation across systems. 2013-09-14 13:51:08 -04:00
Adam Ierymenko
09c8b4bbb3 More new crypto: Ed25519 signatures. 2013-09-13 19:18:01 -04:00
Adam Ierymenko
b2bb7b41fc More work in progress on new crypto... 2013-09-13 17:32:00 -04:00
Adam Ierymenko
0b94a04914 More crypto work in progress... 2013-09-13 16:53:47 -04:00
Adam Ierymenko
032ce498c4 More new crypto -- poly1305 one-time auth code. 2013-09-13 15:59:45 -04:00
Adam Ierymenko
77965af288 Add new crypto: SHA512 and C25519 -- not integrated yet. 2013-09-13 15:47:00 -04:00
Adam Ierymenko
f6ad138561 Bit more of adding version to OK(HELLO) 2013-09-13 14:41:20 -04:00
Adam Ierymenko
d87a1d6b99 Add version info to OK(HELLO) so both sides know their version info. 2013-09-13 13:35:31 -04:00