Commit Graph

6009 Commits

Author SHA1 Message Date
travis laduke
67cf4c42d5 add note about forceTcpRelay 2023-02-21 09:15:18 -08:00
Adam Ierymenko
dc762196dc
1.10.3 (#1875)
Version bumps and other release stuff to ship 1.10.3
2023-02-15 14:04:42 -05:00
Adam Ierymenko
0a900dc275
Add date to release notes
Add date
2023-02-15 14:04:02 -05:00
Joseph Henry
6f58510431
Update release notes (#1874) 2023-02-15 14:03:13 -05:00
Monica Moniot
666fb7ea2d
eliminated duplicate paths (#1870) 2023-02-06 11:50:05 -08:00
dependabot[bot]
f0778860e5
Bump tokio from 1.24.1 to 1.24.2 in /zeroidc (#1869)
* Bump tokio from 1.24.1 to 1.24.2 in /zeroidc

Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.24.1 to 1.24.2.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/commits)

---
updated-dependencies:
- dependency-name: tokio
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* vendor tokio update

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Grant Limberg <grant.limberg@zerotier.com>
2023-02-06 10:52:52 -08:00
dependabot[bot]
6aea546d6f
Bump bumpalo from 3.10.0 to 3.12.0 in /zeroidc (#1857)
* Bump bumpalo from 3.10.0 to 3.12.0 in /zeroidc

Bumps [bumpalo](https://github.com/fitzgen/bumpalo) from 3.10.0 to 3.12.0.
- [Release notes](https://github.com/fitzgen/bumpalo/releases)
- [Changelog](https://github.com/fitzgen/bumpalo/blob/main/CHANGELOG.md)
- [Commits](https://github.com/fitzgen/bumpalo/compare/3.10.0...3.12.0)

---
updated-dependencies:
- dependency-name: bumpalo
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* vendor bumpalo update to fix dependabot

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Grant Limberg <grant.limberg@zerotier.com>
2023-01-30 09:03:01 -08:00
Joseph Henry
e0a3291235
Fix setMtu() on Linux. Add error checking (#1860)
* Fix setMtu() on Linux. Add error checking

* Slightly tweak ioctl MTU error message
2023-01-26 10:26:12 -08:00
Joseph Henry
b88d7091c8
Simplify dump command. Fix bond list command 2023-01-20 13:54:04 -08:00
zwf
15cfa3bf62
exclude static route with via ip in route helper (#1791)
When adding Routes to zerotier's Managed Routes, the helper will
add a route rule to the device that does not have a via ip,
so that the address of the Destination segment cannot be routed
correctly within the container.
Here, based on the contents of the routes key in
`zerotier-cli -j listnetworks`,
by determining whether the via key has an ip address,
if it is not null, helper will no longer add route rules.
2023-01-20 11:57:13 -08:00
Gleb Mazovetskiy
9c9d1650d1 Check for ARM Cryptography Extension support
ARM Cryptography Extension is optional and not all ARM CPUs support it.
For example, the CPU in Raspberry Pi 4 does not support it.

Check for `__ARM_FEATURE_CRYPTO` before attempting to use the optional
extension.

`__ARM_FEATURE_CRYPTO` is defined by both clang and gcc when the target
has the cryptography extension.

Fixes #1854.
2023-01-20 09:29:09 +01:00
Grant Limberg
0ae09577f6
Client & Central Controller updates to support additonal OIDC features (#1848)
Client side:
* Fix compatibility with OneLogin
* Requested scopes vary by OIDC provider. Different providers have different

Controller side:
*Update Postgres queries to latest Central schema
* Added Central Controller support for the different providers
* Base OIDC provider details are still attached to an org. Client ID & group/email lists are now associated with individual networks.
2023-01-19 15:39:15 -08:00
Brenton Bostick
a59f82093a
Fix Possible misuse of comma operator here (#1851)
Xcode warns about "Possible misuse of comma operator here".
Comma is a sequencing operator in C++ and original code does work, but
is highly non-idiomatic.
2023-01-17 12:38:10 -05:00
Brenton Bostick
be95b56c10
fix typos (#1846) 2023-01-13 10:14:57 -05:00
Sean OMeara
ea0f7dde95 removing pull_request builds from workflow 2023-01-13 14:15:02 +01:00
Grant Limberg
a59626c971
Bump zeroidc dependencies (#1847)
openidconnect -> 2.5
base64 -> 0.21
url -> 2.3
bytes -> 1.3
2023-01-12 13:24:58 -08:00
Sean OMeara
67a7534c21
cargo update tokio >= 1.24 (#1842) 2023-01-12 12:41:29 -08:00
Joseph Henry
39f3f5b2d9 User-configurable physical MTU for individual links
This patch allows users to specify the physical layer MTU for individual links
when in multipath mode. For example:

{
  "settings":
  {
    "defaultBondingPolicy": "custom-balance-xor",
    "policies":
    {
      "custom-balance-xor":
      {
        "basePolicy": "balance-xor",
        "failoverInterval": 5000,
        "links": {
          "weird_5g_link": { "mtu": 1300 },
          "enp5s0": { "mtu": 1400  }
        }
      }
    }
  }
}
2023-01-12 07:12:19 +01:00
Joseph Henry
eccc31a4b9 Add forced TCP relay mode
This patch implements a "TUNNELED" status indicator and "forceTcpRelay" setting for custom relays via local.conf.

For example:

{
  "settings":
  {
    "tcpFallbackRelay": "6.79.53.215/443",
    "forceTcpRelay":true
  }
}
2023-01-12 07:12:19 +01:00
Brenton Bostick
d31f238be0
fix typos (#1843) 2023-01-11 19:42:30 +01:00
Sean OMeara
27c26a77a2 running build workflow on pull_requests 2023-01-07 21:28:12 +01:00
Adam Ierymenko
ab503902c8
Merge pull request #1825 from zerotier/windows-allow-ping
enable ICMPv4 in windows firewall
2023-01-04 11:49:26 -05:00
Adam Ierymenko
ed53b62f1b
Merge pull request #1827 from zerotier/default-route-mac2
Prevent shadowing VM routes as default route (macOS)
2023-01-04 11:48:54 -05:00
Adam Ierymenko
ad5ba54cd4
Merge pull request #1820 from zerotier/dev-low-bandwidth
Low Bandwidth Mode (for IoT)
2023-01-04 11:48:15 -05:00
travis laduke
a6742b7f82 Prevent shadowing VM routes as default route (macOS)
If you have a VM host like parallels, sometimes you get these link-local
default routes:

```
netstat -nrfinet | grep "default\|\/1"
0/1                10.2.0.12          UGScg        feth4823
default            192.168.82.1       UGScg             en1
0/1                192.168.82.1       UGScIg            en1
default            link#22            UCSIg       bridge101      !
128.0/1            10.2.0.12          UGSc         feth4823
128.0/1            192.168.82.1       UGScI             en1
```

(the link#22 one)

The _getRTEs function inclused these routes in the list it makes as like:

device: bridge101, target: 0.0.0.0/0

If it happens to be first in the list, bridge101 gets
selected as the default route.

Then Full Tunnel Mode doesn't work.

The other routes in the list are like:
device: en1 target: 192.168.1.0/24 via:  metric: 0 ifscope: 0
device: en1 target: 192.168.1.1/32 via:  metric: 0 ifscope: 0

We only need the device name from this, so either one will work.
2022-12-23 16:18:00 -08:00
Joseph Henry
91bae4b1a8 Add missing default initialization of _lowBandwidthMode 2022-12-22 10:08:02 -08:00
travis laduke
4959d8079b enable ICMP in windows firewall 2022-12-21 15:38:46 -08:00
Sean OMeara
a558bd9312
cache cago on github actions (#1819) 2022-12-14 19:10:08 +01:00
Sean OMeara
3e41163bbe
fixing windows github builds (#1818) 2022-12-14 11:52:30 +01:00
Sean OMeara
10170b41c3 Revert "Improve default route on macOS (#1680)"
This reverts commit 117d7194af.
2022-12-13 18:32:07 +01:00
Sean OMeara
e0e91e8397 disabling windows builds 2022-12-13 17:20:52 +01:00
Sean OMeara
d2de0292cc
mac and windows github builds (#1817) 2022-12-13 16:49:08 +01:00
Sean OMeara
0210ba9c13 enabling mac and windows github builds 2022-12-13 16:16:17 +01:00
Travis LaDuke
117d7194af
Improve default route on macOS (#1680)
re: issue #1088
and probably: https://discuss.zerotier.com/t/default-route-issue-osx-monterey-m1/6974

// current zerotier.
// allow default adds two sets of routes.
```
netstat -rnfinet | grep "/1\|default" | sort
0/1                10.2.0.2           UGScg        feth4823
0/1                192.168.82.1       UGScIg            en7
128.0/1            10.2.0.2           UGSc         feth4823
128.0/1            192.168.82.1       UGScI             en7
default            192.168.82.1       UGScg             en7
```

Then, something chaotic happens eventually, and networking stops working.

// after patch
```
netstat -rnfinet | grep "/1\|default" | sort
0/1                10.2.0.2           UGScg        feth4823
128.0/1            10.2.0.2           UGSc         feth4823
default            192.168.82.1       UGScg             en7
```

After the change, I can still:
- use default route
- route to other subnets

I tested on high sierra through monterey
and on freebsd13.1
2022-12-13 11:52:21 +01:00
Sean OMeara
7587ef5136
basic builds on github (#1815)
Initial Github Actions build
2022-12-12 09:44:31 +01:00
Joseph Henry
087a797257
Merge pull request #1808 from zerotier/dev-tcp-proxy
Dig tcp-proxy out of the git history
2022-12-07 09:40:42 -08:00
Grant Limberg
a02f42188c
Merge pull request #1811 from zerotier/cleanup/typos
Cleanup/typos
2022-12-07 08:33:12 -08:00
Brenton Bostick
98e0bf22d3 fix actual typo in config key code 2022-12-07 10:23:11 -05:00
Brenton Bostick
1e2ff042b4 fix typos in docs, comments, and strings 2022-12-07 10:17:53 -05:00
travis laduke
b8eb9196e8 update tcp-relay README 2022-12-06 11:49:12 -08:00
travis laduke
db1df58955 resurrect tcp proxy 2022-12-06 11:49:12 -08:00
Brenton Bostick
2f5dc10399
Fix syntax error (#1806)
Similar previous fix:
668ab8b85c
2022-12-05 13:33:00 -08:00
Joseph Henry
4100615cd6 Merge branch 'dev' into dev-low-bandwidth 2022-12-05 13:26:57 -08:00
Joseph Henry
e27c3edaba Merge branch 'dev' into dev-low-bandwidth 2022-12-05 13:23:04 -08:00
Joseph Henry
3c9ea2b667
Add low-bandwidth mode 2022-12-05 13:21:05 -08:00
Grant Limberg
065f42af1d
Merge pull request #1807 from zerotier/cleanup/typos
fix typos
2022-12-05 08:34:53 -08:00
Grant Limberg
1d503f45ad
Merge pull request #1805 from zerotier/update/bad-file-descriptor
Update/bad file descriptor
2022-12-05 08:33:12 -08:00
Brenton Bostick
5b5f9a069a fix typos 2022-12-05 11:29:21 -05:00
Brenton Bostick
77c7f9133f Migrate from ndk-build to CMake 2022-12-05 10:34:12 -05:00
Brenton Bostick
475281935e Remove unused flags for arm64-v8a
Through using ndk-build, -Wno-unused-command-line-argument is passed in
somewhere in the pipeline and hides this warning.

The warning can be turned on with:
APP_CPPFLAGS := -Wunused-command-line-argument ...

and then when building, you can see:
C/C++: clang++: warning: argument unused during compilation: '-mfloat-abi=softfp' [-Wunused-command-line-argument]
C/C++: clang++: warning: argument unused during compilation: '-mfpu=neon' [-Wunused-command-line-argument]
C/C++: clang++: warning: argument unused during compilation: '-maes' [-Wunused-command-line-argument]

These are unused because both floating-point and NEON are required in
all standard ARMv8 implementations. [1] [2]

[1] https://developer.arm.com/documentation/den0024/a/AArch64-Floating-point-and-NEON

[2] https://stackoverflow.com/a/29891469
2022-12-05 10:34:12 -05:00