Commit Graph

281 Commits

Author SHA1 Message Date
Adam Ierymenko
0aae86be2e Merge branch 'dev' of https://github.com/krisek/ZeroTierOne into dev 2016-03-01 12:29:29 -08:00
Adam Ierymenko
d9fa07399e Fix GitHub issue #311 2016-03-01 09:49:33 -08:00
Kristof Imre Szabo
6d1dc47368 Typo fix. 2016-02-28 17:06:46 +01:00
Kristof Imre Szabo
f8d05eb625 Spec description rephrased. 2016-02-28 17:05:43 +01:00
Kristof Imre Szabo
45c233c0e7 Formatting change 2016-02-28 00:04:18 +01:00
Kristof Imre Szabo
b836228465 Formatting change 2016-02-28 00:02:48 +01:00
Kristof Imre Szabo
8118630861 Formatting change 2016-02-28 00:00:55 +01:00
Kristof Imre Szabo
bf3e31ece7 Initial commit of the standard zerotier RPM specification 2016-02-27 23:55:14 +01:00
Adam Ierymenko
f217ce7ff7 Upgrade http-parser. 2016-02-25 18:13:42 -08:00
Adam Ierymenko
039790cf26 Upgrade LZ4 to hopefully fix wacky sporadic crash when built with g++ 5.3.1 on Debian/testing. 2016-02-25 15:39:15 -08:00
Adam Ierymenko
e5f82f5457 cleanup 2016-02-25 10:08:30 -08:00
Adam Ierymenko
a5e4e3fcac Remove ui/ on Linux uninstall. 2016-02-24 17:24:36 -08:00
Adam Ierymenko
3fe60615df Make installers silent when run inside packages. 2016-02-24 15:23:49 -08:00
Joseph Henry
c3e2cb9b8e Modified PCB/state management logic 2016-01-13 12:19:48 -08:00
Joseph Henry
3e65ecb93d Stateless RPC rework 2016-01-11 10:12:59 -08:00
Adam Ierymenko
61becbb7e5 . 2015-12-21 16:56:11 -08:00
Adam Ierymenko
24cc0904fa 1.1.2 Windows build fixes, tweaks, etc. 2015-12-21 13:14:48 -08:00
Adam Ierymenko
823c9979c0 Erase more debug junk. 2015-12-17 11:45:55 -08:00
Adam Ierymenko
ac8918992b Merge dev. 2015-12-04 12:45:21 -08:00
Adam Ierymenko
a4cfe4cd16 Fix Linux init script to properly specify runlevels. 2015-12-01 10:19:10 -08:00
Adam Ierymenko
be44b15eac Fix for GitHub issue #252 2015-11-30 16:15:23 -08:00
Adam Ierymenko
d73edfea56 GitHub issue #257 2015-11-30 16:12:03 -08:00
Adam Ierymenko
6768521330 Ton of uPnP work and adding NAT-PMP support, still testing... 2015-11-30 13:10:22 -08:00
Adam Ierymenko
7e28161638 Merge dev 2015-11-30 15:17:31 -08:00
Adam Ierymenko
d8d4cfbf01 Eliminate a few warnings and some small code reorg. 2015-11-23 12:43:42 -08:00
Adam Ierymenko
a18336fa18 MERGE current "dev" into "netcon" -- should not affect netcon itself but will retest -- brings ZeroTier core up to 1.1.0 2015-11-23 10:46:52 -08:00
Adam Ierymenko
6f16f44438 VERSION 1.1.0: Win/Mac UI improvements, improved NAT-t, CIRCUIT_TEST, and more!
ZeroTier 1.1.0 introduces a number of fixes and improvements in several areas.
We incremented the secondary version to indicate the significance of this release.

Version numbering has been a bit ad-hoc in the past. In future versions we will
adopt the following scheme: odd-numbered revision numbers like 1.1.1 will indicate
development versions, while even numbered ones like 1.1.2 will indicate tagged
releases. The public git repo branching has also been revised: master will always
be the latest tagged release, dev will be usually-working development, and edge
will host maybe-broken "bleeding edge" development. Pull requests on GitHub should
generally be made against dev, not master or edge. Other branches that may appear
from time to time may be feature or experimental branches. Only master is confirmed
good, with dev usually being okay but not guaranteed to be such. (To the extent
that any software is ever guaranteed to be anything.)

Change summary:

User-facing changes and improvements:

 - Windows now has a new .NET-based native UI, which replaces the old WebControl
   wrapper around the React UI. This just didn't work well on older Windows systems,
   and we did not want to bundle 40+ megabytes of web browser with our app just for
   its very simple UI.
 - The web UI (still used for Mac and usable in Linux as well) is updated with
   improved look and simplifications.
 - Both UIs no longer have the "Peers" tab, since several users reported that non-
   technical users found this confusing and even alarming (does this mean people
   can access my system?). This information is visibile with "listpeers" from the
   command line (zerotier-cli).

New features:

 - Virtual networks that use our RFC4193-based IPv6 numbering scheme now emulate
   IPv6 NDP for queries that target these addresses within the same network. This
   allows for faster multicast-free connection init and improved security since
   the address is now hard-wired to the device ID (which is a crypto token). This
   does not affect IPv6 NDP for other IPv6 addresses or link-local, which will
   continue to work normally. This also opens the potential for a reduced footprint
   multicast-free build for embedded applications.
 - This version includes beta support for a feature called CIRCUIT_TEST. Network
   controllers for networks you have joined can now send a special message called
   CIRCUIT_TEST which allows for ZeroTier-layer link testing and remote diagnosis
   of link issues. Any operator of a network controller can do this; more
   documentation will be forthcoming. The only information that may be gathered
   in this way is IP addressing info and very basic system info (OS, 32/64 bit,
   ZeroTier version). No personal information, hard drive data, location, or other
   private info is available. This can only be ordered by a controller of a network
   you have joined and is secured using cryptographic signatures.
 - This version includes an alpha version of clustering a.k.a. multi-homing! This
   powerful feature allows for a single ZeroTier device to be run from multiple
   endpoints, with connecting peers being handed off to endpoints that are closer
   via GeoIP lookup and/or are more lightly loaded. Currently this is only suitable
   for use in our soon-to-be-upgraded root server infrastructure (details will be
   blogged soon), but in the future it will be capable of hosting multi-homed
   devices on user networks. This will allow things like (for example) a geo-
   clustered Cassandra server that appears behind a single IP on a virtual LAN.
   This feature must be enabled with the ZT_ENABLE_CLUSTER=1 build option.

Bug fixes and other improvements (including performance!):

 - A faster version of the Poly1305 cryptographic MAC function was substituted
   for sometimes greatly improved performance.
 - C++ STL std::map was replaced throughout the entire core with a hand-rolled
   Hashtable implementation for improved performance and in some cases a reduced
   memory footprint. Some maps are still used in peripheral code that is not
   performance critical or where ordered keys are needed.
 - The zerotier-cli and zerotier-idtool symbolic links are now created in
   /usr/local/bin on OSX to comply with El Capitan file security restrictions.
 - The OSX tap device driver has been updated. This update may fix issues that
   some users have reported with bridging on OSX. This new tap device driver
   drops 32-bit support, but if you have a 32-bit system you can manually install
   the old driver from ext/bin/tap-mac.
 - Mac users could experience a problem with the UI if they installed ZeroTier,
   then uninstalled it, then installed again. This is now fixed.
 - UPnP port mappings should work better on some routers, and a different local
   port is now used for UPnP mapped traffic vs. NAT-t'd traffic to get around
   a bug in several popular mid-tier routers where using UPnP mapping alongside
   traditional NAT traversal made a port unreachable.
 - Debian package now builds with the right arch label on armv7l systems (Pi 2)
 - The old "root topology" has been replaced with a similar but better thought
   out concept called a World. The World defines the root servers and possibly
   in the future other things, and can be updated in-band from trusted peers
   allowing for software-upgrade-free network upgrades to keep up with growing
   demand. See node/World.hpp for details.
 - A fix was made to "self-awareness," which keeps track of your external IP
   info and adapts to changes, to eliminate a problem that could cause "link
   thrashing" behind some symmetric NATs.
 - Escalating UDP TTLs was re-introduced to better transit some port-restricted
   cone NATs such as Linux IP MASQ (used for Docker).
 - An otherwise harmless crash-on-exit bug in the network controller was fixed.
 - All new direct links are now confirmed in both directions. This adds a very
   small amount of initial HELLO/OK traffic but fixes some edge cases where an
   incomplete or unidirectional path might be used.
 - [SECURITY] Better rate limiting was put in place for VERB_PUSH_DIRECT_PATHS
   to prevent potential abuse for amplification attacks.
 - [SECURITY] Build flags were tweaked on OSX to ensure that all code including
   dependency libraries are built with full stack canary protection and ASLR
   support.

Visit https://www.zerotier.com/blog or follow @ZeroTier on Twitter for updates
and announcements!
2015-11-17 12:18:45 -08:00
Adam Ierymenko
1c0c3e62dc Just add a launch prerequisite for .NET 4.5 -- it's usually there, and if not it can be easily installed. This is mostly an issue on old Windows Server systems, and in that case the admin will likely want to decide how to proceed. 2015-11-17 11:13:44 -08:00
Adam Ierymenko
48745eca57 Fix ARM dpkg build. 2015-11-16 19:54:58 -08:00
Adam Ierymenko
0f5fb48a0b Turns out it wasn't hard to add miniupnpc to the VS2012 project and just have it build with the rest of the code. 2015-11-16 19:04:04 -08:00
Adam Ierymenko
cf6164e847 Build libminiupnpc from source now, and update version. 2015-11-16 18:28:55 -08:00
Adam Ierymenko
a13a21377c Delete pre-build miniupnpc for Linux and Mac -- will add Make rules to build from source and include source in ext/ 2015-11-16 18:18:08 -08:00
Adam Ierymenko
e4d1aba3f8 Use new OSX tap version, and update OSX install scripts. 2015-11-16 16:19:24 -08:00
Adam Ierymenko
220552af62 GitHub issue #241 -- and also some appearance updates. Eventually this might get replaced by a native Mac app. 2015-11-16 14:30:25 -08:00
Adam Ierymenko
90f9415107 Update installer to drag along a net-install binary for .NET 4.5 that it runs if .NET 4.5 is not present... because yes we have to install Microsoft's own flagship runtime under some conditions. (Rare, but present.) 2015-11-13 09:11:12 -08:00
Adam Ierymenko
bacb53fe8f Remove old Windows NDIS5 tap driver -- I think this is dead. 2015-11-12 16:40:50 -08:00
Adam Ierymenko
3b9411044f Patch tap-mac to latest tuntaposx upstream changes, and add updated build for 10.8 or later (keep old one for 10.7). 2015-11-10 16:00:21 -08:00
Adam Ierymenko
141e2db38c More results. 2015-11-10 15:47:18 -08:00
Adam Ierymenko
0cf4ddda4a Some more test results, and fix OSX installer to put symlinks in /usr/local as per El Capitan requirements. 2015-11-10 15:11:15 -08:00
Joseph Henry
3e84e8b8c3 Performance tweaks to lwipopts.h (TX=12MB/s) 2015-11-04 14:45:26 -08:00
Joseph Henry
4b07987210 Added throughput-test Docker files 2015-11-03 18:10:39 -08:00
Joseph Henry
df391c8413 Added debug statements for transfer test 2015-11-03 10:30:18 -08:00
Joseph Henry
4c20fa4874 Added debug statements for transfer test 2015-11-03 10:26:10 -08:00
Joseph Henry
0405ba1ccf Misc changes 2015-10-16 18:02:07 -04:00
Joseph Henry
e722eab892 Disabled TCP listen backlog, must be enabled in lwipopts.h 2015-10-14 17:03:32 -04:00
Joseph Henry
9ca699c86d Added support for listen backlogs 2015-10-14 16:04:26 -04:00
Joseph Henry
0912d4be59 Fixed socket protocol check logic in socket() 2015-10-13 17:05:11 -04:00
Joseph Henry
4e1e857949 Minor bug fixes 2015-10-12 21:26:32 -04:00
Joseph Henry
5dffa43201 Additional retval+errno handling 2015-10-12 19:29:27 -04:00
Joseph Henry
7f56678d84 Added liblwip.so and libintercept build files 2015-10-09 17:06:09 -04:00
Joseph Henry
bbfc9359e9 Minor timer changes (~21 Mb/s local) 2015-10-08 17:55:58 -04:00
Joseph Henry
1bc33ae8d7 Minor debug output changes 2015-10-06 21:22:08 -04:00
Joseph Henry
36db5865e7 Refactored tcp_write code - Reduced CPU usage to respectable levels 2015-10-06 20:32:48 -04:00
Joseph Henry
c85dd262ed moved lib files to ext 2015-09-23 18:03:21 -04:00
Joseph Henry
02d5a31822 added lwip unix port lib files 2015-09-23 17:55:15 -04:00
Joseph Henry
750352836f initial commit 2015-09-10 13:56:01 -04:00
Adam Ierymenko
085734aaba Windows driver (NDIS6) rebuild using earlier DDK revision to allow driver to load in Windows 2008 Server and Windows Vista. Still issues with those platforms, but driver loads -- and shouldn't hurt newer versions (will test). 2015-08-13 15:18:48 -07:00
Adam Ierymenko
c826cec1d4 Bring back _winPokeAHole() to dynamically allocate firewall exception. Shouldn't be needed but seems to help on Windows 8. 2015-07-30 17:52:35 -07:00
Adam Ierymenko
620562f7cf Because Windows, because Windows. Now it upgrades correctly from 1.0.1, including automatic driver update from NDIS5 to NDIS6. Also a bit more robust on creating new ports, just in case. 2015-07-30 17:00:57 -07:00
Adam Ierymenko
922d9657b9 Save enumeration of statically assigned IPs so they will always be reassigned on device "power cycle." 2015-07-30 14:10:32 -07:00
Adam Ierymenko
499b2dccad 1.0.4 installer GUID 2015-07-30 13:30:10 -07:00
Adam Ierymenko
8169b35482 Kill the devcon.exe dependency by dynamically loading cfgmgr32, newdev, and setupapi and using these functions directly. 2015-07-30 11:31:38 -07:00
Adam Ierymenko
7cd3c419ee 1.0.4 release installer changes 2015-07-29 16:17:52 -07:00
Adam Ierymenko
fa03d50e90 Rebuild Mac UI wrapper with smaller icon and a small UI fix. 2015-07-29 15:58:16 -07:00
Adam Ierymenko
14264c2d6f Add miniupnpc builds for Windows, fix some Windows build warnings. 2015-07-28 16:50:18 -07:00
Adam Ierymenko
3c54187c40 Linux x86 libminiupnpc.a 2015-07-28 15:56:37 -07:00
Adam Ierymenko
7df4eb69b5 Linux x64 libminiupnpc.a 2015-07-24 17:49:56 -07:00
Adam Ierymenko
559e384130 Linux make support for libminiupnpc. 2015-07-28 15:37:18 -07:00
Adam Ierymenko
ebe5c526bb libminiupnpc.a for arm6l 2015-07-28 15:05:04 -07:00
Adam Ierymenko
569c5e77fd Add binary build of libminiupnpc for Mac x64. 2015-07-28 14:48:26 -07:00
Adam Ierymenko
1537109514 Merge branch 'master' into adamierymenko-dev 2015-07-28 09:40:54 -07:00
Nelson Chen
b41079ddf9 Update Application Mac Menu. Small MacGap leftover.
Hide ZeroTier One, not MacGap. 

Just a papercut.
2015-07-22 22:40:43 -07:00
Kees Bos
dc50e8ae5b Add ui to /var/lib/zerotier (linux installer) 2015-06-11 17:56:54 +02:00
Adam Ierymenko
ee1a008f2d Product code for 1.0.3 etc. 2015-06-03 18:53:54 -07:00
Adam Ierymenko
4fe12756d4 Get rid of "autoupdating" in Linux package names. 2015-06-02 17:14:18 -07:00
Adam Ierymenko
c5a3e80113 Linux installer tweaks, and Mac updater tweak. 2015-06-02 16:54:27 -07:00
Adam Ierymenko
b8f40c0b91 Yet another /Users/api path in packages script. 2015-06-02 12:01:00 -07:00
Adam Ierymenko
97dd8d864f Fix paths again in Mac pkg build. 2015-06-02 11:59:05 -07:00
Adam Ierymenko
1afd02df54 Path fix in Packages build file for Mac 2015-06-02 11:47:32 -07:00
Adam Ierymenko
502cd6921f Fix for GitHub issue #133, and move restart out of installer to address restart problem. Installer probably should NOT mess with the running service, since Linux servers are likely to be production. 2015-05-27 13:50:11 -07:00
Adam Ierymenko
fbb990f8a3 Mac uninstall.sh update. 2015-05-26 14:36:04 -07:00
Adam Ierymenko
905d2e91e5 Windows auto-update integration into OneService. 2015-05-20 20:17:56 -07:00
Adam Ierymenko
1213073916 Apple auto-update stuff, now for Windows. 2015-05-20 19:38:49 -07:00
Adam Ierymenko
b6698d8415 Ground work for reincorporating software updater for select platforms. 2015-05-20 16:35:33 -07:00
Adam Ierymenko
0caac25d28 . 2015-05-19 20:13:19 -07:00
Adam Ierymenko
dd70188643 Make tap driver even more defensive... seems to maybe fix the new network problem. Have to test a bit more. 2015-05-19 18:40:34 -07:00
Adam Ierymenko
c7eb5f0c81 Windows build warning removal, be more defensive in Windows tap driver code, and clean up service start/stop in installer. 2015-05-19 18:13:20 -07:00
Adam Ierymenko
68cb7ad4cd Few more fixes to installer firewall rule settings. 2015-05-19 16:31:00 -07:00
Adam Ierymenko
9682f50b15 Get rid of old _winPokeAHole() hack in one.cpp and use Advanced Installer to configure firewall rules (because we can now). 2015-05-19 16:26:41 -07:00
Adam Ierymenko
63cea7d337 Try to automatically enable access to http://127.0.0.1 in web wrapper if IE is in enhanced security mode. 2015-05-19 16:02:26 -07:00
Adam Ierymenko
44d1bd14bd Enable right-click menu for copy/paste/etc. in Windows UI wrapper. 2015-05-19 14:48:57 -07:00
Adam Ierymenko
b4a34cc105 Add 32-bit chained MSI for NDIS6 driver... now to go test on 32-bit Windows (clean). (And Windows 10, and Windows Server, and ...) 2015-05-19 13:01:55 -07:00
Adam Ierymenko
32588b3d84 A visit to the Windows house of pain:
(1) Yes, you *can* create a mixed 32/64 bit Windows MSI installer that installs drivers. All you have to do is... umm... create individual sub-MSI files for each driver (one for 32, one for 64) and then package those in the main MSI files as "chained" MSI installers. Each of these must only be considered a prerequisite on 32 or 64 bit machines, respectively.

(2) Upgrade Advanced Installer version, add rules to uninstall NDIS6 tap device on uninstall.

(3) Fix IE issue in UI code.
2015-05-18 20:30:54 -07:00
Adam Ierymenko
ac629150ac Create symlinks in Mac postinst script. 2015-05-17 21:26:38 -07:00
Adam Ierymenko
89027d78ac Mac .pkg building using Packages (third party app) instead of old bootstrapping .app and installer script. 2015-05-17 21:24:02 -07:00
Adam Ierymenko
f48509d50c Mac script to get HTTP proxy settings -- will be used by Mac updater. 2015-05-17 20:28:09 -07:00
Adam Ierymenko
2d700f644b Add signed binary build of Mac GUI wrapper. 2015-05-17 19:48:21 -07:00
Adam Ierymenko
4565e9948f Now this works... Windows UI wrapper. Turns out there were workarounds, but IE does indeed suck. 2015-05-08 14:58:29 -07:00
Adam Ierymenko
8594e17f2b Move mac-ui into src/ 2015-05-08 12:35:41 -07:00
Adam Ierymenko
a40192a40b Scratch that wrapper... it was easy to make, but it turns out WebControl is IE4 (!!!?!). Also prefer NDIS5 to NDIS6 *if* NDIS5 is installed. We will no longer ship it, but this will make older installs use the same driver they are already using. Should ease upgrade. 2015-05-08 12:35:03 -07:00