Commit Graph

292 Commits

Author SHA1 Message Date
Adam Ierymenko
09fc9e4d0c indent fix 2016-03-03 14:21:13 -08:00
Adam Ierymenko
fe3a84a422 Fix problems with previous commit. 2016-03-03 14:15:09 -08:00
Adam Ierymenko
ba56a5b9d1 Another NAT-t improvement:
Many NATs revert to symmetric behavior from friendlier modes if they cannot
preserve ports. This can occur if there is, for example, more than one ZT
device behind the NAT using port 9993.

Others (Airport Extreme?) seem to have bugs in which they completely freak
out if more than one device tries to do a lot of mappings using the same
internal local port.

Mostly to fix the latter case and somewhat to fix the former, we introduce
a secondary port. ZeroTier now binds 9993 (or whatever port you specify)
plus another port computed deterministically from your ZeroTier address.
This port is used for new links 1/4 of the time.

This mostly addresses the second problem above and partly helps to address
the first.

If uPnP/NAT-PMP is enabled we also still open a tertiary port because some
routers freak out if NAT-t is attempted using the same port as uPnP.

All of this is IPv4 only of course. IPv6 is sane.
2016-03-03 13:52:27 -08:00
Joseph Henry
bcaf42e075 Transfer speed increate + stability fixes 2016-01-20 13:38:14 -08:00
Adam Ierymenko
4e4fd51117 boring doc stuff 2016-01-12 14:04:55 -08:00
Adam Ierymenko
d6f0f1a82a Use network user ptr in lookup for Ethernet frame handling to eliminate map lookup. 2016-01-12 11:34:22 -08:00
Adam Ierymenko
83ef98a9dc Add a network-associated user ptr in API. 2016-01-12 11:04:35 -08:00
Adam Ierymenko
b3e3d4cacc Instead of using binary packet comparison, add a callback to the API to explicitly check whether paths should be used. Check in with this callback (if present) when learning new paths or sending initial packets. 2016-01-11 10:17:44 -08:00
Adam Ierymenko
eea634a432 Refactor to eliminate copypasta. 2016-01-11 09:11:35 -08:00
Adam Ierymenko
ab19e19f00 Fix a bug that we visually found in Windows code -- it was not advertising uPnP addresses?!? 2016-01-11 09:09:24 -08:00
Adam Ierymenko
436c1fac1d Selectively move over changes from "edge" to "dev" excluding netcon. 2015-12-21 16:15:39 -08:00
Adam Ierymenko
944fdfb65e Low-impact sanity check against GitHub issue #247 -- will likely prevent other weird recursions too. 2015-11-30 16:44:32 -08:00
Adam Ierymenko
40a4ba6e39 indentation 2015-11-30 15:15:43 -08:00
Adam Ierymenko
6768521330 Ton of uPnP work and adding NAT-PMP support, still testing... 2015-11-30 13:10:22 -08:00
Adrian Frühwirth
038476c412 Fix for GitHub issue #253.
Make 'ip' detection more robust (some distros don't ship the binary in /sbin or /usr/sbin).
Add error handling for cases where an ip add/remove fails.
2015-11-24 22:56:02 +01:00
Adam Ierymenko
37acd375d6 Fix 64-bit int warning. 2015-11-16 18:10:40 -08:00
Adam Ierymenko
ddf0cb0278 Docs and tweak some caching values. 2015-11-16 09:54:08 -08:00
Adam Ierymenko
54f68280bd Minor Windows build fixes. Builds on VS2012 again. 2015-11-12 16:48:42 -08:00
Adam Ierymenko
451b8aa7b2 Query both root and network controller for multicast last resort GATHER. 2015-11-10 17:37:38 -08:00
Adam Ierymenko
2cc50bdb10 Try bringing back TTL escalation -- may help with Docker (IP-MASQ) type NAT 2015-11-09 15:44:13 -08:00
Adam Ierymenko
35c4e28f31 Mark geo-redirected paths as suboptimal and do not report that we have a peer if all we have is one of these. Also a few other small fixes. 2015-11-09 14:25:28 -08:00
Adam Ierymenko
83c6b7ab3d Use bigger UDP buffer on bigger x64 machines. Keep old value elsewhere since these are likely to be smaller boxes. 2015-11-05 17:41:07 -08:00
Adam Ierymenko
3e22fee842 Integrate deferred background processing into main OneService implementation. 2015-11-05 12:41:14 -08:00
Adam Ierymenko
a994573a43 Eliminate some more dead code. We may do path trust, but not like that. 2015-10-29 09:42:15 -07:00
Adam Ierymenko
16bc3e0398 Factor out RemotePath subclass of Path -- no longer needed, just cruft. 2015-10-27 15:00:16 -07:00
Adam Ierymenko
7295fcfa86 Merge Phy<> from netcon. 2015-10-27 12:50:23 -07:00
Adam Ierymenko
0ffbd05c0e --wtf; prevent roots from TCP fallback 2015-10-27 12:21:57 -07:00
Adam Ierymenko
0b82c9ebad Fix infinite loop if there are no live roots (never happened before?!? wow!) 2015-10-26 16:09:56 -07:00
Adam Ierymenko
6625d79296 Fix if cluster compiled in but not enabled. 2015-10-26 13:07:00 -07:00
Adam Ierymenko
debed1ac2d Expose cluster status in /status JSON response. 2015-10-26 13:06:10 -07:00
Adam Ierymenko
29b966894c (1) Fix bug in geo-ip service that prevented cache lookup, (2) fix problem in SelfAwareness (will need to test ALL versions in the wild with this), and (3) add more TRACE instrumentation to Cluster. 2015-10-23 13:03:34 -07:00
Adam Ierymenko
2a3dd53952 . 2015-10-22 17:50:00 -07:00
Adam Ierymenko
dee6e7e3c1 . 2015-10-22 16:11:48 -07:00
Adam Ierymenko
7711eba297 More cluster wiring... 2015-10-22 16:02:01 -07:00
Adam Ierymenko
1bc451ed10 GeoIP cluster service works. 2015-10-22 10:41:15 -07:00
Adam Ierymenko
e07bae2525 Run geoip cluster service sub-process. 2015-10-22 10:18:05 -07:00
Adam Ierymenko
385f1410d2 Expose world info in JSON. 2015-10-13 12:33:15 -07:00
Adam Ierymenko
5d2f523e81 World stuff... 2015-10-13 12:10:44 -07:00
Adam Ierymenko
cae58f43f1 More World stuff, and mkworld. 2015-10-13 08:49:36 -07:00
Adam Ierymenko
7394ec6f6a Prep in controller code to run tests. 2015-10-06 15:56:18 -07:00
Adam Ierymenko
5076c49210 Peer serialization and related changes. 2015-10-01 15:40:54 -07:00
Adam Ierymenko
72e7e36a5b No reason to randomly pick uPnP secondary port. In fact it would likely cause problems on restarts and uPnP rule bloat. 2015-10-01 14:40:28 -07:00
Adam Ierymenko
a7409850d6 Get trim() out of core where it is not needed. 2015-10-01 12:37:18 -07:00
Adam Ierymenko
f69454ec98 (1) Make ZT_ naming convention consistent (get rid of ZT1_), (2) Make local interface a full sockaddr_storage instead of an int identifier, which turns out to be better for multi-homing and other uses. 2015-09-24 16:21:36 -07:00
Adam Ierymenko
423412df98 Pick a random secondary UDP port for uPnP mapped traffic because of broken routers. 2015-09-23 15:16:20 -07:00
Adam Ierymenko
7821d1cbdd . 2015-09-23 14:44:13 -07:00
Adam Ierymenko
80dc7fb675 Pick random port on -p0 2015-09-23 14:38:16 -07:00
Adam Ierymenko
367ffde00c Plumb through localInterfaceId to track local interfaces corresponding with remote addresses. 2015-09-23 13:49:56 -07:00
Adam Ierymenko
9dc2ef5549 Rename some stuff in Phy since it can be used with any stream socket. 2015-09-10 15:55:48 -07:00
Adam Ierymenko
9a723be263 Add socketpair support to Phy. 2015-09-10 13:18:57 -07:00
Adam Ierymenko
4838cbc350 Unix domain sockets in Phy<> 2015-09-02 14:32:01 -07:00
Adam Ierymenko
b4487cefc9 Document rules requirement in controller. 2015-08-25 09:46:59 -07:00
Adam Ierymenko
867258de8b Document clock convenience field. 2015-08-25 09:44:21 -07:00
Adam Ierymenko
4da794b389 Add authorizedMemberCount to controller network config records. 2015-08-19 11:43:56 -07:00
Adam Ierymenko
620562f7cf Because Windows, because Windows. Now it upgrades correctly from 1.0.1, including automatic driver update from NDIS5 to NDIS6. Also a bit more robust on creating new ports, just in case. 2015-07-30 17:00:57 -07:00
Adam Ierymenko
8169b35482 Kill the devcon.exe dependency by dynamically loading cfgmgr32, newdev, and setupapi and using these functions directly. 2015-07-30 11:31:38 -07:00
Adam Ierymenko
2599b1bacc Add CLI support for /explicit/urls (automatically outputs JSON in this case), and some cleanup. 2015-07-28 17:10:56 -07:00
Adam Ierymenko
569c5e77fd Add binary build of libminiupnpc for Mac x64. 2015-07-28 14:48:26 -07:00
Adam Ierymenko
fe6d5b1402 UPNP/NAT-PMP support with libminiupnpc (if built with it) -- GitHub issue #64 2015-07-28 14:32:02 -07:00
Adam Ierymenko
40d5c79b62 Enable SO_NO_CHECK if available to skip UDP checksum on packet send for slight performance improvement. We do our own cryptographically secure authentication so UDP checksum is worthless. 2015-07-28 10:29:25 -07:00
Adam Ierymenko
a061aa3d87 Remove "members" from Network record and instead enumerate members via specific query to /network/nwid/member sub-path. More RESTful, scalable, and compatible with how OnePoint code works. 2015-07-21 12:57:01 -07:00
Grant Limberg
5ef806c43c Fix addLocalInterfaceAddress call in OneService on Windows 2015-07-16 19:20:43 -07:00
Adam Ierymenko
0db7c94c90 Add memberRevision stuff to JSON output, and update docs. 2015-07-16 17:42:47 -07:00
Adam Ierymenko
0b354803f3 Clean up some YAGNI issues with implementation of GitHub issue #180, and make best path choice aware of path rank. 2015-07-13 10:03:04 -07:00
Adam Ierymenko
c863ff3f02 A bunch of comments and cleanup, including some to yesterday's direct path pushing changes. Move path viability check to one place, and stop trying to use link-local addresses since they are not reliable. 2015-07-07 08:54:48 -07:00
Adam Ierymenko
25a067c8c3 Eliminate debug printf(). 2015-07-06 17:37:32 -07:00
Adam Ierymenko
91fa643131 Minor fix to Windows local adapter address enumeration. 2015-07-06 17:36:58 -07:00
Adam Ierymenko
f881cdd767 Add new .h file to VS build, and Windows side of local interface address enumeration. 2015-07-06 17:22:37 -07:00
Adam Ierymenko
a87cd2d094 Unix side of local interface address awareness for GitHub issue #180. 2015-07-06 16:32:34 -07:00
Adam Ierymenko
30e4a188d0 ipLocalRoutes now exposed via network objects in JSON controller API, and documentation changes. 2015-06-29 15:34:26 -07:00
Adam Ierymenko
dbee1b38b3 Fix semantics of std::unique() to actually remove duplicates (hidden memory leak?) 2015-06-29 10:21:28 -07:00
Adam Ierymenko
7bae95836c Root server terminology cleanup, and tighten up a security check by checking full identity of peers instead of just address. 2015-06-19 10:23:25 -07:00
Kees Bos
a425bbc673 Renamed supernode to rootserver 2015-05-06 12:05:20 +02:00
Adam Ierymenko
8a9715f183 Rename ruleId to ruleNo and optimize some indexes in Sqlite3 schema. 2015-06-13 10:05:34 +02:00
Kees Bos
42390e662b Pickup return code from handleControlPlaneHttpGET and handleControlPlaneHttpPOST 2015-06-13 03:14:06 +02:00
Kees Bos
0d0af07ce9 Get deletion of networks in controller going
Multiple statements in a sqlite3_prepare_v2 is not usable. Only
the first statement will be executed.

Since the schema now uses 'ON DELETE CASCADE', there's only
one statement needed.

If multiple statements are needed, there should be either multiple
sqlite3_prepare_v2 calls be used or the sqlite3_exec function.
2015-06-11 11:49:13 +02:00
Adam Ierymenko
7213a6cf0b Make max HTTP message size (max update size) larger since Windows MSI is about 8MB already. 2015-06-03 17:20:30 -07:00
Adam Ierymenko
7e647c5303 NOHUP-ify the child process on OSX auto-update. 2015-06-03 16:37:24 -07:00
Adam Ierymenko
fe87136870 Auto-update fix -- signature is in hex. 2015-06-03 16:25:16 -07:00
Adam Ierymenko
c5a3e80113 Linux installer tweaks, and Mac updater tweak. 2015-06-02 16:54:27 -07:00
Adam Ierymenko
91f02d699e Right now only FreeBSD can use BSDEthernetTap, which will probably get renamed accordingly. NetBSD and OpenBSD do not support tap, only tun, so they will have to wait. 2015-05-25 11:11:37 -07:00
Adam Ierymenko
d8783b14eb Build fix. 2015-05-22 15:46:06 -07:00
Adam Ierymenko
9774f789f2 TCP fallback tunneling is now working. That hurt more than expected. 2015-05-22 14:52:23 -07:00
Adam Ierymenko
50aedda54d Basic TCP fallback -- now to test. 2015-05-21 18:33:52 -07:00
Adam Ierymenko
d9006712f6 Completely factor out "desperation" from the core. I thought of a significantly simpler way to move all of this logic entirely into the containing service, liberating the core from any concern over the nature of its pipe to the outside world. 2015-05-21 15:58:26 -07:00
Adam Ierymenko
0f7dcb3ef2 Add some proxy debugging, and auto-resolve and periodically re-resolve TCP fallback tunnel hostname. 2015-05-21 15:22:41 -07:00
Adam Ierymenko
905d2e91e5 Windows auto-update integration into OneService. 2015-05-20 20:17:56 -07:00
Adam Ierymenko
1213073916 Apple auto-update stuff, now for Windows. 2015-05-20 19:38:49 -07:00
Adam Ierymenko
b6698d8415 Ground work for reincorporating software updater for select platforms. 2015-05-20 16:35:33 -07:00
Adam Ierymenko
c7eb5f0c81 Windows build warning removal, be more defensive in Windows tap driver code, and clean up service start/stop in installer. 2015-05-19 18:13:20 -07:00
Adam Ierymenko
2810cd7c15 Build fixes for G++, building without SQLite3 present, and warning removal. 2015-05-17 23:56:47 +00:00
Adam Ierymenko
0af18b164c /var/db is for all of xBSD 2015-05-17 16:06:29 -07:00
Adam Ierymenko
086f21ed70 Refactor and simplify controller integration with JSON API and OneService. 2015-05-17 15:51:07 -07:00
Adam Ierymenko
7649d6746b docs 2015-05-17 15:38:01 -07:00
Adam Ierymenko
0e00981059 docs 2015-05-17 14:01:25 -07:00
Adam Ierymenko
e0090e56f4 Build fix on OSX -- cannot call SqliteNetworkController if not compiled in. 2015-05-16 18:59:11 -07:00
Adam Ierymenko
a187d290f1 Fixes to control plane, API, eliminate problematic inheritance pattern, and start on a NodeJS class for talking to the network controller. 2015-05-16 16:09:28 -07:00
Adam Ierymenko
38243e5eff OSX build fix 2015-05-16 14:07:15 -07:00
Adam Ierymenko
0bb92715f4 DELETE function in network controller JSON API, and a newIdentity convenience request in ControlPlane for scripted testing. 2015-05-16 13:42:53 -07:00
Adam Ierymenko
78769900a9 More network controller cleanup, and some features to permit scripted testing. 2015-05-16 12:50:42 -07:00
Adam Ierymenko
e269846f84 Netconf docs, add clock field to status, simplify netconf a bit by eliminating caching for now. We will re-add if it is needed. 2015-05-15 15:20:12 -07:00
Adam Ierymenko
d0e0f5dd12 Basic OpenBSD compile fixes -- still need to update BSDEthernetTap, will do that later. Should be able to re-use FreeBSD port for OpenBSD, but we will see. 2015-05-15 08:48:53 -07:00
Adam Ierymenko
b2b32e5969 Beginning of HTML+Bootstrap+React UI for new desktop client -- looking like it will be easier than retrofitting the old Qt client for the new API. 2015-05-05 20:53:30 -07:00
Adam Ierymenko
105e1a016f Get rid of G++ compiler warning. 2015-04-30 20:41:25 -07:00
Adam Ierymenko
f3d7c9d681 Helps to index the array when enumerating a C array. 2015-04-30 15:16:21 -07:00
Adam Ierymenko
288d73a4ad A few more refinements to TCP code, ready to integrate with "desperation" stuff and test. 2015-04-30 10:47:27 -07:00
Adam Ierymenko
a9a3705877 TCP tunneling implementation -- not tested yet and no initiation yet. 2015-04-28 12:43:10 -07:00
Adam Ierymenko
7dcde7503a For now just bind TCP to localhost, since we do not permit remote use of the control bus at all yet. 2015-04-26 18:15:40 -07:00
Adam Ierymenko
ce09e363dc Destroy tap devices on Windows 'leave'. 2015-04-24 16:31:19 -07:00
Adam Ierymenko
f5848972f9 Windows now builds and runs selftest correctly, and fixed a Windows (and possibly other platforms) issue in Phy<>. 2015-04-24 15:05:28 -07:00
Adam Ierymenko
883a216d2a Build fixes. 2015-04-24 12:29:31 -07:00
Adam Ierymenko
ddebe2d4c7 Network controller CRUD... :P 2015-04-21 16:41:35 -07:00
Adam Ierymenko
60f05518aa (1) now builds and works on Linux, (2) fix a threading problem causing carsh on shutdown, (3) cleanup in selftest, re-enable Phy and Http tests. 2015-04-20 15:12:31 -07:00
Adam Ierymenko
1f5700191f zerotier-cli suspiciously working... that didn't hurt *too* badly. 2015-04-16 16:12:10 -07:00
Adam Ierymenko
53cbe485f0 Some cleanup, and bite the bullet and go ahead and write a simple Http client. Need a cross-platform built-in one to do cli right. 2015-04-16 14:13:44 -07:00
Adam Ierymenko
12b4646ce8 Prettify JSON output. 2015-04-16 12:06:40 -07:00
Adam Ierymenko
4e5d2d2c72 Write a zerotier-one.port file to the home path to make CLI easy to write, and do a backward compatiable CLI in bash instead of as part of the executable. 2015-04-15 19:38:01 -07:00
Adam Ierymenko
21a7e774bb Wire API auth token stuff. 2015-04-15 19:14:12 -07:00
Adam Ierymenko
c301d8e438 Remove network/controller -- we will do this in Ruby instead since it will be part of the whole OnePoint project anyway. 2015-04-15 19:01:38 -07:00
Adam Ierymenko
d2503172d8 Add some additional detail to the peer record in CAPI and JSON control plane. 2015-04-15 19:00:26 -07:00
Adam Ierymenko
33c8d3c50b Compile fixes. 2015-04-15 18:36:32 -07:00
Adam Ierymenko
ea1859541c More cleanup, and fix for the extremely unlikely case of identity collision. 2015-04-15 18:32:25 -07:00
Adam Ierymenko
a0f8685453 cleanup 2015-04-15 14:44:30 -07:00
Adam Ierymenko
8639538299 Rename One to OneService, create separate sources for other tools. 2015-04-15 14:42:26 -07:00
Adam Ierymenko
1c9ca73065 Fix some deadlock issues, move awareness of broadcast subscription into core, other bug fixes. 2015-04-15 13:09:20 -07:00
Adam Ierymenko
aeb4b42ab3 Make tap itself handle remembering sticky device to nwid mappings. 2015-04-14 18:13:46 -07:00
Adam Ierymenko
67f1f1892f Bunch of tap stuff, IP address assignment hookups, etc. 2015-04-14 17:57:51 -07:00
Adam Ierymenko
e205e5fdfe Include tap device name in JSON output for network info. 2015-04-14 15:55:03 -07:00
Adam Ierymenko
347e98dcd2 Just return files from listDirectory() since that is all we need, fix network request on network restore logic, and remember saved networks in service/One 2015-04-14 15:32:05 -07:00
Adam Ierymenko
49d31613b9 Fix some minor issues, now to reintegrate taps. 2015-04-14 15:16:04 -07:00
Adam Ierymenko
1cfa67bbdd Bunch more control plane work, and shelve old UI -- React FTW. 2015-04-14 13:56:28 -07:00
Adam Ierymenko
a2605561af Basic control plane queries working. 2015-04-13 18:43:33 -07:00
Adam Ierymenko
b888e033c0 JSON control plane, almost done... 2015-04-13 18:12:45 -07:00
Adam Ierymenko
ff0eff4b7c Decided to back out of doing HTTP/TCP server *and* client within ZT itself. Instead we'll do the TCP tunneling endpoint as a separate little daemon. It will appear here shortly. 2015-04-13 12:27:29 -07:00
Adam Ierymenko
5c1262f324 Basic framework of HTTP server is there. 2015-04-10 19:36:29 -07:00
Adam Ierymenko
daef54ba32 HTTP server is in, and works. 2015-04-10 19:08:49 -07:00
Adam Ierymenko
5572b7ffb6 Simplify Phy<> to get rid of more indirections. 2015-04-10 17:07:06 -07:00
Adam Ierymenko
9e651b39e4 Add some TRACE around pinging (for now), and refactor service/One to just run in the foreground as some platforms may not require threads at all. 2015-04-10 11:40:45 -07:00
Adam Ierymenko
068d311ecc TRACE compile fixes, other fixes, and it basically works! It says HELLO. 2015-04-09 20:54:00 -07:00
Adam Ierymenko
38200cc6a5 Add data store functions to service/One, and shelve old main.cpp since it will get rebuilt. 2015-04-09 19:58:04 -07:00
Adam Ierymenko
6615a70027 Service code builds now. 2015-04-09 18:22:04 -07:00
Adam Ierymenko
46ecad451c Starting on new service/ code to encapsulate node/ with osdep/ stuff, and add a user pointer to the CAPI. 2015-04-09 18:14:27 -07:00