Commit Graph

506 Commits

Author SHA1 Message Date
Adam Ierymenko
a18336fa18 MERGE current "dev" into "netcon" -- should not affect netcon itself but will retest -- brings ZeroTier core up to 1.1.0 2015-11-23 10:46:52 -08:00
Adam Ierymenko
6f16f44438 VERSION 1.1.0: Win/Mac UI improvements, improved NAT-t, CIRCUIT_TEST, and more!
ZeroTier 1.1.0 introduces a number of fixes and improvements in several areas.
We incremented the secondary version to indicate the significance of this release.

Version numbering has been a bit ad-hoc in the past. In future versions we will
adopt the following scheme: odd-numbered revision numbers like 1.1.1 will indicate
development versions, while even numbered ones like 1.1.2 will indicate tagged
releases. The public git repo branching has also been revised: master will always
be the latest tagged release, dev will be usually-working development, and edge
will host maybe-broken "bleeding edge" development. Pull requests on GitHub should
generally be made against dev, not master or edge. Other branches that may appear
from time to time may be feature or experimental branches. Only master is confirmed
good, with dev usually being okay but not guaranteed to be such. (To the extent
that any software is ever guaranteed to be anything.)

Change summary:

User-facing changes and improvements:

 - Windows now has a new .NET-based native UI, which replaces the old WebControl
   wrapper around the React UI. This just didn't work well on older Windows systems,
   and we did not want to bundle 40+ megabytes of web browser with our app just for
   its very simple UI.
 - The web UI (still used for Mac and usable in Linux as well) is updated with
   improved look and simplifications.
 - Both UIs no longer have the "Peers" tab, since several users reported that non-
   technical users found this confusing and even alarming (does this mean people
   can access my system?). This information is visibile with "listpeers" from the
   command line (zerotier-cli).

New features:

 - Virtual networks that use our RFC4193-based IPv6 numbering scheme now emulate
   IPv6 NDP for queries that target these addresses within the same network. This
   allows for faster multicast-free connection init and improved security since
   the address is now hard-wired to the device ID (which is a crypto token). This
   does not affect IPv6 NDP for other IPv6 addresses or link-local, which will
   continue to work normally. This also opens the potential for a reduced footprint
   multicast-free build for embedded applications.
 - This version includes beta support for a feature called CIRCUIT_TEST. Network
   controllers for networks you have joined can now send a special message called
   CIRCUIT_TEST which allows for ZeroTier-layer link testing and remote diagnosis
   of link issues. Any operator of a network controller can do this; more
   documentation will be forthcoming. The only information that may be gathered
   in this way is IP addressing info and very basic system info (OS, 32/64 bit,
   ZeroTier version). No personal information, hard drive data, location, or other
   private info is available. This can only be ordered by a controller of a network
   you have joined and is secured using cryptographic signatures.
 - This version includes an alpha version of clustering a.k.a. multi-homing! This
   powerful feature allows for a single ZeroTier device to be run from multiple
   endpoints, with connecting peers being handed off to endpoints that are closer
   via GeoIP lookup and/or are more lightly loaded. Currently this is only suitable
   for use in our soon-to-be-upgraded root server infrastructure (details will be
   blogged soon), but in the future it will be capable of hosting multi-homed
   devices on user networks. This will allow things like (for example) a geo-
   clustered Cassandra server that appears behind a single IP on a virtual LAN.
   This feature must be enabled with the ZT_ENABLE_CLUSTER=1 build option.

Bug fixes and other improvements (including performance!):

 - A faster version of the Poly1305 cryptographic MAC function was substituted
   for sometimes greatly improved performance.
 - C++ STL std::map was replaced throughout the entire core with a hand-rolled
   Hashtable implementation for improved performance and in some cases a reduced
   memory footprint. Some maps are still used in peripheral code that is not
   performance critical or where ordered keys are needed.
 - The zerotier-cli and zerotier-idtool symbolic links are now created in
   /usr/local/bin on OSX to comply with El Capitan file security restrictions.
 - The OSX tap device driver has been updated. This update may fix issues that
   some users have reported with bridging on OSX. This new tap device driver
   drops 32-bit support, but if you have a 32-bit system you can manually install
   the old driver from ext/bin/tap-mac.
 - Mac users could experience a problem with the UI if they installed ZeroTier,
   then uninstalled it, then installed again. This is now fixed.
 - UPnP port mappings should work better on some routers, and a different local
   port is now used for UPnP mapped traffic vs. NAT-t'd traffic to get around
   a bug in several popular mid-tier routers where using UPnP mapping alongside
   traditional NAT traversal made a port unreachable.
 - Debian package now builds with the right arch label on armv7l systems (Pi 2)
 - The old "root topology" has been replaced with a similar but better thought
   out concept called a World. The World defines the root servers and possibly
   in the future other things, and can be updated in-band from trusted peers
   allowing for software-upgrade-free network upgrades to keep up with growing
   demand. See node/World.hpp for details.
 - A fix was made to "self-awareness," which keeps track of your external IP
   info and adapts to changes, to eliminate a problem that could cause "link
   thrashing" behind some symmetric NATs.
 - Escalating UDP TTLs was re-introduced to better transit some port-restricted
   cone NATs such as Linux IP MASQ (used for Docker).
 - An otherwise harmless crash-on-exit bug in the network controller was fixed.
 - All new direct links are now confirmed in both directions. This adds a very
   small amount of initial HELLO/OK traffic but fixes some edge cases where an
   incomplete or unidirectional path might be used.
 - [SECURITY] Better rate limiting was put in place for VERB_PUSH_DIRECT_PATHS
   to prevent potential abuse for amplification attacks.
 - [SECURITY] Build flags were tweaked on OSX to ensure that all code including
   dependency libraries are built with full stack canary protection and ASLR
   support.

Visit https://www.zerotier.com/blog or follow @ZeroTier on Twitter for updates
and announcements!
2015-11-17 12:18:45 -08:00
Adam Ierymenko
1c0c3e62dc Just add a launch prerequisite for .NET 4.5 -- it's usually there, and if not it can be easily installed. This is mostly an issue on old Windows Server systems, and in that case the admin will likely want to decide how to proceed. 2015-11-17 11:13:44 -08:00
Adam Ierymenko
48745eca57 Fix ARM dpkg build. 2015-11-16 19:54:58 -08:00
Adam Ierymenko
0f5fb48a0b Turns out it wasn't hard to add miniupnpc to the VS2012 project and just have it build with the rest of the code. 2015-11-16 19:04:04 -08:00
Adam Ierymenko
cf6164e847 Build libminiupnpc from source now, and update version. 2015-11-16 18:28:55 -08:00
Adam Ierymenko
a13a21377c Delete pre-build miniupnpc for Linux and Mac -- will add Make rules to build from source and include source in ext/ 2015-11-16 18:18:08 -08:00
Adam Ierymenko
e4d1aba3f8 Use new OSX tap version, and update OSX install scripts. 2015-11-16 16:19:24 -08:00
Adam Ierymenko
220552af62 GitHub issue #241 -- and also some appearance updates. Eventually this might get replaced by a native Mac app. 2015-11-16 14:30:25 -08:00
Adam Ierymenko
90f9415107 Update installer to drag along a net-install binary for .NET 4.5 that it runs if .NET 4.5 is not present... because yes we have to install Microsoft's own flagship runtime under some conditions. (Rare, but present.) 2015-11-13 09:11:12 -08:00
Adam Ierymenko
bacb53fe8f Remove old Windows NDIS5 tap driver -- I think this is dead. 2015-11-12 16:40:50 -08:00
Adam Ierymenko
3b9411044f Patch tap-mac to latest tuntaposx upstream changes, and add updated build for 10.8 or later (keep old one for 10.7). 2015-11-10 16:00:21 -08:00
Adam Ierymenko
141e2db38c More results. 2015-11-10 15:47:18 -08:00
Adam Ierymenko
0cf4ddda4a Some more test results, and fix OSX installer to put symlinks in /usr/local as per El Capitan requirements. 2015-11-10 15:11:15 -08:00
Joseph Henry
3e84e8b8c3 Performance tweaks to lwipopts.h (TX=12MB/s) 2015-11-04 14:45:26 -08:00
Joseph Henry
4b07987210 Added throughput-test Docker files 2015-11-03 18:10:39 -08:00
Joseph Henry
df391c8413 Added debug statements for transfer test 2015-11-03 10:30:18 -08:00
Joseph Henry
4c20fa4874 Added debug statements for transfer test 2015-11-03 10:26:10 -08:00
Joseph Henry
0405ba1ccf Misc changes 2015-10-16 18:02:07 -04:00
Joseph Henry
e722eab892 Disabled TCP listen backlog, must be enabled in lwipopts.h 2015-10-14 17:03:32 -04:00
Joseph Henry
9ca699c86d Added support for listen backlogs 2015-10-14 16:04:26 -04:00
Joseph Henry
0912d4be59 Fixed socket protocol check logic in socket() 2015-10-13 17:05:11 -04:00
Joseph Henry
4e1e857949 Minor bug fixes 2015-10-12 21:26:32 -04:00
Joseph Henry
5dffa43201 Additional retval+errno handling 2015-10-12 19:29:27 -04:00
Joseph Henry
7f56678d84 Added liblwip.so and libintercept build files 2015-10-09 17:06:09 -04:00
Joseph Henry
bbfc9359e9 Minor timer changes (~21 Mb/s local) 2015-10-08 17:55:58 -04:00
Joseph Henry
1bc33ae8d7 Minor debug output changes 2015-10-06 21:22:08 -04:00
Joseph Henry
36db5865e7 Refactored tcp_write code - Reduced CPU usage to respectable levels 2015-10-06 20:32:48 -04:00
Joseph Henry
c85dd262ed moved lib files to ext 2015-09-23 18:03:21 -04:00
Joseph Henry
02d5a31822 added lwip unix port lib files 2015-09-23 17:55:15 -04:00
Joseph Henry
750352836f initial commit 2015-09-10 13:56:01 -04:00
Adam Ierymenko
085734aaba Windows driver (NDIS6) rebuild using earlier DDK revision to allow driver to load in Windows 2008 Server and Windows Vista. Still issues with those platforms, but driver loads -- and shouldn't hurt newer versions (will test). 2015-08-13 15:18:48 -07:00
Adam Ierymenko
c826cec1d4 Bring back _winPokeAHole() to dynamically allocate firewall exception. Shouldn't be needed but seems to help on Windows 8. 2015-07-30 17:52:35 -07:00
Adam Ierymenko
620562f7cf Because Windows, because Windows. Now it upgrades correctly from 1.0.1, including automatic driver update from NDIS5 to NDIS6. Also a bit more robust on creating new ports, just in case. 2015-07-30 17:00:57 -07:00
Adam Ierymenko
922d9657b9 Save enumeration of statically assigned IPs so they will always be reassigned on device "power cycle." 2015-07-30 14:10:32 -07:00
Adam Ierymenko
499b2dccad 1.0.4 installer GUID 2015-07-30 13:30:10 -07:00
Adam Ierymenko
8169b35482 Kill the devcon.exe dependency by dynamically loading cfgmgr32, newdev, and setupapi and using these functions directly. 2015-07-30 11:31:38 -07:00
Adam Ierymenko
7cd3c419ee 1.0.4 release installer changes 2015-07-29 16:17:52 -07:00
Adam Ierymenko
fa03d50e90 Rebuild Mac UI wrapper with smaller icon and a small UI fix. 2015-07-29 15:58:16 -07:00
Adam Ierymenko
14264c2d6f Add miniupnpc builds for Windows, fix some Windows build warnings. 2015-07-28 16:50:18 -07:00
Adam Ierymenko
3c54187c40 Linux x86 libminiupnpc.a 2015-07-28 15:56:37 -07:00
Adam Ierymenko
7df4eb69b5 Linux x64 libminiupnpc.a 2015-07-24 17:49:56 -07:00
Adam Ierymenko
559e384130 Linux make support for libminiupnpc. 2015-07-28 15:37:18 -07:00
Adam Ierymenko
ebe5c526bb libminiupnpc.a for arm6l 2015-07-28 15:05:04 -07:00
Adam Ierymenko
569c5e77fd Add binary build of libminiupnpc for Mac x64. 2015-07-28 14:48:26 -07:00
Adam Ierymenko
1537109514 Merge branch 'master' into adamierymenko-dev 2015-07-28 09:40:54 -07:00
Nelson Chen
b41079ddf9 Update Application Mac Menu. Small MacGap leftover.
Hide ZeroTier One, not MacGap. 

Just a papercut.
2015-07-22 22:40:43 -07:00
Kees Bos
dc50e8ae5b Add ui to /var/lib/zerotier (linux installer) 2015-06-11 17:56:54 +02:00
Adam Ierymenko
ee1a008f2d Product code for 1.0.3 etc. 2015-06-03 18:53:54 -07:00
Adam Ierymenko
4fe12756d4 Get rid of "autoupdating" in Linux package names. 2015-06-02 17:14:18 -07:00
Adam Ierymenko
c5a3e80113 Linux installer tweaks, and Mac updater tweak. 2015-06-02 16:54:27 -07:00
Adam Ierymenko
b8f40c0b91 Yet another /Users/api path in packages script. 2015-06-02 12:01:00 -07:00
Adam Ierymenko
97dd8d864f Fix paths again in Mac pkg build. 2015-06-02 11:59:05 -07:00
Adam Ierymenko
1afd02df54 Path fix in Packages build file for Mac 2015-06-02 11:47:32 -07:00
Adam Ierymenko
502cd6921f Fix for GitHub issue #133, and move restart out of installer to address restart problem. Installer probably should NOT mess with the running service, since Linux servers are likely to be production. 2015-05-27 13:50:11 -07:00
Adam Ierymenko
fbb990f8a3 Mac uninstall.sh update. 2015-05-26 14:36:04 -07:00
Adam Ierymenko
905d2e91e5 Windows auto-update integration into OneService. 2015-05-20 20:17:56 -07:00
Adam Ierymenko
1213073916 Apple auto-update stuff, now for Windows. 2015-05-20 19:38:49 -07:00
Adam Ierymenko
b6698d8415 Ground work for reincorporating software updater for select platforms. 2015-05-20 16:35:33 -07:00
Adam Ierymenko
0caac25d28 . 2015-05-19 20:13:19 -07:00
Adam Ierymenko
dd70188643 Make tap driver even more defensive... seems to maybe fix the new network problem. Have to test a bit more. 2015-05-19 18:40:34 -07:00
Adam Ierymenko
c7eb5f0c81 Windows build warning removal, be more defensive in Windows tap driver code, and clean up service start/stop in installer. 2015-05-19 18:13:20 -07:00
Adam Ierymenko
68cb7ad4cd Few more fixes to installer firewall rule settings. 2015-05-19 16:31:00 -07:00
Adam Ierymenko
9682f50b15 Get rid of old _winPokeAHole() hack in one.cpp and use Advanced Installer to configure firewall rules (because we can now). 2015-05-19 16:26:41 -07:00
Adam Ierymenko
63cea7d337 Try to automatically enable access to http://127.0.0.1 in web wrapper if IE is in enhanced security mode. 2015-05-19 16:02:26 -07:00
Adam Ierymenko
44d1bd14bd Enable right-click menu for copy/paste/etc. in Windows UI wrapper. 2015-05-19 14:48:57 -07:00
Adam Ierymenko
b4a34cc105 Add 32-bit chained MSI for NDIS6 driver... now to go test on 32-bit Windows (clean). (And Windows 10, and Windows Server, and ...) 2015-05-19 13:01:55 -07:00
Adam Ierymenko
32588b3d84 A visit to the Windows house of pain:
(1) Yes, you *can* create a mixed 32/64 bit Windows MSI installer that installs drivers. All you have to do is... umm... create individual sub-MSI files for each driver (one for 32, one for 64) and then package those in the main MSI files as "chained" MSI installers. Each of these must only be considered a prerequisite on 32 or 64 bit machines, respectively.

(2) Upgrade Advanced Installer version, add rules to uninstall NDIS6 tap device on uninstall.

(3) Fix IE issue in UI code.
2015-05-18 20:30:54 -07:00
Adam Ierymenko
ac629150ac Create symlinks in Mac postinst script. 2015-05-17 21:26:38 -07:00
Adam Ierymenko
89027d78ac Mac .pkg building using Packages (third party app) instead of old bootstrapping .app and installer script. 2015-05-17 21:24:02 -07:00
Adam Ierymenko
f48509d50c Mac script to get HTTP proxy settings -- will be used by Mac updater. 2015-05-17 20:28:09 -07:00
Adam Ierymenko
2d700f644b Add signed binary build of Mac GUI wrapper. 2015-05-17 19:48:21 -07:00
Adam Ierymenko
4565e9948f Now this works... Windows UI wrapper. Turns out there were workarounds, but IE does indeed suck. 2015-05-08 14:58:29 -07:00
Adam Ierymenko
8594e17f2b Move mac-ui into src/ 2015-05-08 12:35:41 -07:00
Adam Ierymenko
a40192a40b Scratch that wrapper... it was easy to make, but it turns out WebControl is IE4 (!!!?!). Also prefer NDIS5 to NDIS6 *if* NDIS5 is installed. We will no longer ship it, but this will make older installs use the same driver they are already using. Should ease upgrade. 2015-05-08 12:35:03 -07:00
Adam Ierymenko
92ca53e141 Add pre-build signed UI wrapper .exe. 2015-05-08 12:16:02 -07:00
Adam Ierymenko
4426899e8c Add support for local user account caching of authtoken.secret as in old UI -- this is now pretty much working. 2015-05-06 21:02:59 -07:00
Adam Ierymenko
d56e9fce41 Get user data out of repo. 2015-05-06 20:45:02 -07:00
Adam Ierymenko
5b54612d91 Pass authtoken in from user, and add a wrapper for web UI on Mac. 2015-05-06 20:41:51 -07:00
Adam Ierymenko
e78899fddf Rebuild and re-sign the x86 driver... previous attempt was somehow borked but this one loads on Win7/x86 fine. 2015-04-25 16:00:25 -07:00
Adam Ierymenko
9325535ced x86 version of signed NDIS6 driver. 2015-04-25 15:31:27 -07:00
Adam Ierymenko
42b4148876 NDIS6 driver signed x64 build (not fully tested yet, but committing work) 2015-04-25 14:52:02 -07:00
Adam Ierymenko
4b658d83bc Rename old driver to -ndis5. 2015-04-25 13:11:58 -07:00
Adam Ierymenko
54954f5b88 First pass of Windows cleanup and build fixes... 2015-04-24 13:35:17 -07:00
Adam Ierymenko
6c29e966dd Include a BSD licensed JSON parser for the CLI. 2015-04-16 12:27:51 -07:00
Adam Ierymenko
377367175c Update LZ4 in ext/ 2015-04-16 12:18:47 -07:00
Adam Ierymenko
96737368aa Add MIT-licensed Joyent http-parser lib to ext/ for use with new control plane. 2015-03-20 13:32:31 -07:00
Adam Ierymenko
08ba2ff752 Upgrade LZ4. 2015-01-05 16:23:32 -08:00
Adam Ierymenko
d10abab786 Remove &s from restarts in installer -- probably part of the restart problem. 2014-12-16 12:32:53 -05:00
Adam Ierymenko
0324ef2a47 VERSION 1.0.1
This version is mostly a bug fix release. It fixes a bug that could cause
the service to crash on Windows while running the GUI application. It also
contains a number of fixes to the Linux installer and Linux support for
systemd-based init systems.

It also includes a minor tweak to the multicast algorithm. Version 1.0.0
sent multicasts in a deterministic order, while this version randomizes
the order. The vast majority of users will notice nothing, but this may result
in superior coverage for service announcements on very large networks. It's
a hard variation to test, so we're releasing like this to gather information
from users about the effect. Nothing will change on small networks, and
ordinary multicast functions like ARP and NDP should be unaffected.

The next version will likely focus on additional improvements to Microsoft
Windows support, since there are several known Windows issues in need of
attention. We're working on an NDIS6-based Tap driver that should address
the driver issues experienced by a small number of Windows 7 users.
2014-12-05 12:10:18 -08:00
Adam Ierymenko
83a6edd08e Make RPM version contain .autoupdating to indicate that it auto updates outside normal RPM channels. 2014-12-05 12:26:53 -05:00
Adam Ierymenko
58f2dc5cf3 RPM build support in buildinstaller.sh 2014-12-04 20:13:41 -05:00
Adam Ierymenko
03c7dc2b4c Add .service to unit name in uninstall too. 2014-12-04 00:16:10 +00:00
Adam Ierymenko
000eac5a2b Another systemd change... should fix problems on some systems. 2014-12-03 16:05:18 -08:00
Adam Ierymenko
62c31e70d4 Systemd permission fix in Linux installer. 2014-12-03 23:57:08 +00:00
Adam Ierymenko
1b6af7836e Don't restart ZeroTier One service if version has not changed. 2014-12-03 23:25:06 +00:00
Adam Ierymenko
638ae153cc fix service command, eliminate all uses of killall since it might be missing 2014-12-03 22:46:44 +00:00
Adam Ierymenko
059aaae7a9 Preinst and postinst Debian scripts. 2014-12-03 22:09:17 +00:00
Adam Ierymenko
4bf2fa3edb Basic Debian package support in buildinstaller.sh 2014-12-03 21:40:33 +00:00
Adam Ierymenko
8f29f19e98 Fix for UI client. 2014-10-30 00:12:45 -07:00
Adam Ierymenko
5ca20da7af Windows service fix -- it helps if we actually launch the control socket thing. 2014-10-29 23:57:54 -07:00
Adam Ierymenko
d8d4aace42 Fix for init.d/zerotier-one (again) 2014-10-13 12:55:16 -04:00
Adam Ierymenko
7943414c89 Part two of fix to GitHub issue #118 -- need to test thoroughly though. 2014-10-13 08:15:00 -07:00
Adam Ierymenko
c7c545bf6c Fix for part one of GitHub issue #118 2014-10-13 08:11:19 -07:00
Adam Ierymenko
924f030994 docs 2014-09-18 09:41:12 -07:00
Adam Ierymenko
6e1339fedf Remove zerotier-idtool symlink on mac uninstall.sh 2014-09-05 11:39:54 -07:00
Adam Ierymenko
6f8364ba59 VERSION 0.9.2:
The primary focus of this version is better integration with the
Microsoft Windows operating system.

Virtual networks should now be detected as "real" networks. For
each network, a message box should pop up the first time the network
is detected and classified allowing the user to choose its services
and security designation. On Windows 7 this is "work," "home," or
"public." On Windows 8 it's a simple choice of whether or not to
enable file and printer sharing and other services.

Several bugs have been fixed. Among these are a Windows threading
issue, several minor threading deadlock issues that could manifest
if rapidly adding and removing networks, and a command line interface
issue. The network list now shows the network MAC address as well,
a UI oversight in previous versions. A vectorized SSE implementation
of Salsa20 is now included for improved encrypt/decrypt performance.

The sending of low-TTL "firewall opener" packets has been disabled
in this version, since they may not be necessary and may harm NAT
traversal in some configurations. We will measure the effectiveness
of NAT traversal and see if this change improves performance in the
field.

Finally, this version obsoletes both the Tokyo and Sydney supernodes
in favor of a single larger supernode in Singapore. This decision was
made on the basis of bandwidth costs-- both Tokyo and Sydney are
significantly more expensive. We'd like to keep the basic service free,
so keeping bandwidth costs for relaying low is important. Since NAT
traversal works well and is constantly being improved, most users will
not see a speed decrease from this. Some Chinese users may see
improved performance since Singapore may be closer than Tokyo to many
Chinese cities.

The next major releases will focus on better Macintosh platform integration,
further improvements to NAT traversal, and UI improvements.
2014-08-22 12:05:56 -07:00
Adam Ierymenko
de4e29288d Fix for crazy Windows threading bug... repeatedly adding and removing a network now doesn't leave networks in limbo. 2014-08-21 17:49:05 -07:00
Adam Ierymenko
9d5819ff44 Version bump to 0.9.2 -- preparing for release... 2014-08-20 18:29:27 -07:00
Adam Ierymenko
b7389995f4 Make install scripts also symlink zerotier-idtool script, and doc updates. 2014-08-07 06:25:01 -07:00
Adam Ierymenko
7adf0eac7e Windows Ethernet tap refactoring complete. 2014-08-04 21:48:59 -07:00
Adam Ierymenko
b80c229d87 Tons of code cleanup, refactor Network to use EthernetTapFactory, probably also fix GitHub issue #90 2014-07-31 14:09:32 -07:00
Adam Ierymenko
9b93141dd0 Upgrade LZ4 to latest version. 2014-07-30 15:34:15 -07:00
Adam Ierymenko
96faaa85cf VERSION 0.9.1: bug fixes and experimental bridging support
This version fixes several bugs including an issue with networks that have
EtherType filtering disabled, a file permission issue that affected non-English
versions of Windows, a multicast propagation bug that caused multicasts to
be dropped more often than they should be, and an issue with IP auto-configuration.

It also introduces experimental support for bridging between physical and virtual
networks, a much-requested and powerful ability that's been planned from the start.
ZeroTier One can now replace the functionality of ordinary VPNs, link multiple
offices into a single LAN, and connect virtual machine backplanes in the cloud to
physical networks at home, among other things.

Bridging support isn't "officially" out yet, since the web UI part is still
in development. But when that is done, an official announcement will be
made on the blog and users can try it out. So far bridging has only
been tested under Linux with the Linux kernel's native bridging driver.
YMMV on other platforms. Try it out and let us know by filing bugs at GitHub
or e-mailing them to "contact@zerotier.com".
2014-07-03 13:32:53 -07:00
Adam Ierymenko
f720f04fa0 Installer updates from 0.9.0 release -- only useful to me. 2014-05-29 20:23:25 -07:00
Adam Ierymenko
f939d0ee62 Upgrade AIP for new version of Advanced Installer, bump to 0.9.0. 2014-05-23 16:08:05 -07:00
Adam Ierymenko
42c3474223 VERSION 0.8.2
This version fixes a few more issues with TCP tunneling including GitHub issue #63.
It also adds automatic announcement and location of peers on physical LANs (GitHub
issue #56) which should greatly improve performance if you happen to be on the same
LAN or WiFi network as another peer. It can take 60 seconds or so for this to occur,
but it should.
2014-04-10 22:46:17 -07:00
Adam Ierymenko
a1c1c82b0d VERSION 0.8.1
This, quick on the heels of 0.8.0, fixes the fact that TCP tunneling was
broken. :)

There was a bug that only manifested in some cases, and not on my testnet.
I took the opportunity to clean up some of that logic generally. I need a
better testnet, but that will have to wait until we exit beta and hopefully
I can earn a little bit of money off this. A better testnet will require
a big beefy virtualization box or two to run hundreds to thousands of KVMs.

Also fixed a tiny cosmetic issue on Windows. Other than that no changes.
2014-04-09 13:03:33 -07:00
Adam Ierymenko
dd404b8ba3 VERSION 0.8.0
This version introduces a major new feature requested by several users,
both via the user survey and otherwise: TCP tunneling.

If you are not able to communicate over UDP/9993, ZeroTier One will switch to
TCP connections to ZeroTier's supernodes. This is always slower than UDP, but
will allow you to communicate behind all but the most extremely restrictive
firewalls. This TCP traffic travels over port 443 and looks like HTTPS (SSL)
traffic (though it isn't), since that port is almost always open.

This also fixes several minor bugs and attempts to improve the robustness of
Windows tap driver management. Several users have reported spurious issues
with the Windows tap device, though I was unable to reproduce any of these with
clean VMs. (Tried Windows 7 and 8.1, both x86 and x64. No luck.) But I tried
to beef up the tap code anyway in the hopes of catching it. It now tries a lot
harder to make sure the tap is up and running.

There was some significant under the hood refactoring in support of TCP, so
this was a non-trivial change.

I bumped the version to 0.8 to indicate that more and more features are being
crossed off the list as we approach 1.0 and exit from beta. After this, the next
major feature will be LAN announcement to find direct paths to peers on the
same physical LAN. But assuming that 0.8.0 goes smoothly, I am going to divert
attention to the web site. A new design is coming that is much cleaner, sharper,
and easier to use.

Thank you all for all your excellent feedback! We're well on the way to a killer
product that makes conventional VPNs and other kludges obsolete.
2014-04-08 22:38:51 -07:00
Adam Ierymenko
48a1799f49 More Windows tap cleanup... seems solid. We'll see. 2014-04-08 16:10:48 -07:00
Adam Ierymenko
5abfb11813 Some installer stuff, complete refactoring of Windows side of newly split tap driver. Seems to work. Now to see if the cleanup we did here gets rid of the zombie tap device issue on Windows. 2014-04-08 12:00:21 -07:00
Adam Ierymenko
19c4d82512 Intaller upgrade and stuff, fix to Windows service for new Node API changes. 2014-04-04 16:59:02 -07:00
Adam Ierymenko
dfee7e0389 VERSION 0.7.2: first Windows release!
Version 0.7.2 marks the first release of ZeroTier One for Windows. Binaries will be
released to a few select testers at first, then to the whole world. Installation from
MSI and auto-update appear to be working. So far Windows 7 and 8 and Windows Server
2008 or newer are supported. Vista has issues so it's not supported at the moment,
and may not be since nobody seems to use it (according to Google Analytics).
2014-03-07 15:20:37 -08:00
Adam Ierymenko
60f25ccdf9 Some text changes, remove unused modules from installer project. 2014-03-07 14:25:24 -08:00
Adam Ierymenko
2b0dbead17 Disable Vista in installer. 2014-03-06 15:32:30 -08:00
Adam Ierymenko
742261c7fc (1) Fix menu bar item font size on Windows, (2) fix for possible Windows EthernetTap infinite loop while enumerating registry. 2014-03-06 14:06:31 -08:00
Adam Ierymenko
17c77da38f Fix GitHub issue #45 - Linux install issues 2014-03-05 23:57:25 +01:00
Adam Ierymenko
b2673eab55 Revisions to Linux install script, and support for init.d or upstart systems without chkconfig (Ubuntu). 2014-03-05 22:33:58 +01:00
Adam Ierymenko
282d41bc94 Script to build UI against our own new precompiled Win32 static Qt binary, which paradoxiclally results in a smaller executable than dynamic Qt and doesn't require us to bundle a million DLLs. Also update installer to reflect that. Finally, add a step to the installer to remove all instances of the tap device on full uninstall so as not to leave orphaned junk in your network connections or device manager. Looking good! 2014-03-05 09:52:59 -08:00
Adam Ierymenko
78f3966d66 Make sysV init script run as daemon, for GitHub issue #45 2014-03-03 12:00:26 -08:00
Adam Ierymenko
cef750d1d2 Add option to install drivers in driver cache on Windows, needed for Windows installer. Blech. 2014-03-03 10:23:19 -08:00
Adam Ierymenko
be36eda858 Add prerequisites (VS2012 redistributables) to installer. 2014-02-28 16:09:42 -08:00
Adam Ierymenko
d997c1a32a Installer work... 2014-02-28 12:20:05 -08:00
Adam Ierymenko
d27251ec4e Make AtomicCounter use <atomic> on Windows (eventually this will replace it on other platforms), and some installer work. 2014-02-28 09:15:29 -08:00
Adam Ierymenko
9ae6403346 Installer works, and fix for ugly fonts in pulldown menus in main windows in UI. Also remove dummy installer, which we don't need anymore. 2014-02-27 21:56:57 -08:00
Adam Ierymenko
39d411ce0b Installer work... 2014-02-27 21:28:34 -08:00
Adam Ierymenko
9d05897f7a Windows service works now! 2014-02-27 16:28:55 -08:00
Adam Ierymenko
cbeb9c5236 Installer work, sign devcon. 2014-02-26 16:32:32 -08:00
Adam Ierymenko
655b6d1996 Windows auto-update URL and dummy Windows update for testing. 2014-02-23 08:01:52 -08:00
Adam Ierymenko
aceb938e07 Another Linux installer fix: do not clobber existing directory permissions! 2014-02-14 21:45:42 -08:00
Adam Ierymenko
68f44fb932 Another little Linux installer fix. 2014-02-15 00:29:32 -05:00
Adam Ierymenko
e38619dd02 Small fix to Linux installer. 2014-02-14 21:14:34 -08:00
Adam Ierymenko
b0277ab904 Clean up old init.d installation files on systemd systems if present. 2014-02-14 15:28:45 -08:00
Adam Ierymenko
87b26b0aaf Systemd support on Linux - GitHub issue #39 2014-02-14 15:18:59 -08:00
Adam Ierymenko
e54a34d8dd Finally found a Windows installer option that doesn't cost $500 or require me to climb a huge learning curve just to do a basic software install. 2014-02-08 22:22:18 -08:00
Adam Ierymenko
117e6fb356 Remove some more junk from tap driver tree. 2014-01-31 12:40:06 -08:00
Adam Ierymenko
fb49d2ced9 Small mac installer script fix. 2014-01-24 17:30:46 -08:00
Adam Ierymenko
434ce96f2c Officially signed 32-bit build of Windows tap driver. 2014-01-24 17:29:46 -08:00
Adam Ierymenko
8771418170 Fix bug in tap driver introduced during unused code purge (deleted the part that acknowledges writes!), and fix bug in EthernetTap causing 0000 for etherType. Windows works now! Yay! 2014-01-23 16:10:24 -08:00
Adam Ierymenko
a0916b926f Finally got the Windows x64 driver signed correctly. Turns out signtool.exe with the older (NDIS5) version of the Windows DDK does not understand cross-certificates, yet it blithely continues on and signs incorrectly anyway. Got it working by using DigiCert's own certificate tool which includes a sign files operation. Must be done manually but this doesn't have to be done often. F@!K. 2014-01-22 22:11:22 -08:00
Adam Ierymenko
2da6a7570b More tap driver work, increment version number, remove old binaries since signatures may not have been valid. 2014-01-22 18:38:45 -08:00
Adam Ierymenko
06ca24e8e2 More work on Windows service, cleanup. 2014-01-21 09:18:12 -08:00
Adam Ierymenko
3375363d93 More tap driver cleanup, and add IOCTL to get L2 multicast ethernet address subscriptions. 2014-01-20 14:33:05 -08:00
Adam Ierymenko
9df7f65dd5 Mac installation, and dump pre10.8 stuff because it turns out that 10.6 loads the existing kext fine. 2014-01-16 13:53:31 -08:00
Adam Ierymenko
ad77d9b014 Rebuild tap.kext on OSX 10.6 for all versions so it works on that platform. 2014-01-14 16:08:04 -08:00
Adam Ierymenko
2a3c9e73e5 More mac installer fixes. 2014-01-10 14:09:08 -08:00
Adam Ierymenko
15854a1b14 Mac installer work... 2014-01-09 22:58:31 -08:00
Adam Ierymenko
5c90afa296 Work on mac launch script, sign binary mac tap driver kext (and there was much rejoicing!) 2014-01-09 11:00:36 -08:00
Adam Ierymenko
68ddba60a3 Another fix to mdfind line in Mac scripts. 2014-01-08 23:35:26 -08:00
Adam Ierymenko
3482d836ae Mac install fixes, more internal use scripts. 2014-01-08 23:12:03 -08:00
Adam Ierymenko
f2976178c9 Installer bugfix on Linux. 2014-01-06 13:25:07 -05:00
Adam Ierymenko
76638aae76 Linux installer builds... 2014-01-06 13:11:32 -05:00
Adam Ierymenko
2edaf0588a Linux installer work... 2014-01-06 12:56:00 -05:00
Adam Ierymenko
67a71868cb Install dialog in UI. 2014-01-03 22:14:30 -08:00
Adam Ierymenko
63d6052159 Mac installer work. 2014-01-03 16:53:00 -08:00
Adam Ierymenko
59b1623477 More install/deploy work for mac... 2014-01-03 15:39:09 -08:00
Adam Ierymenko
baea75f2df Installer app helper... 2014-01-03 12:15:47 -08:00
Adam Ierymenko
69c993357d Update mac launcher and uninstaller to use mdfind to locate app. 2014-01-03 10:26:40 -08:00
Adam Ierymenko
fb685bcb1d New Unix installer is script-based with a payload... no fracking idea what I will do for Windows. 2014-01-03 09:00:59 -08:00
Adam Ierymenko
b99940f8a1 Forget mac .pkg, we will integrate the installer into the app and have it launch it on first run. This is much more user-friendly. 2014-01-01 16:13:35 -08:00
Adam Ierymenko
c9c093777f Move PackageMaker stuff into installfiles. 2013-12-28 20:48:13 -08:00
Adam Ierymenko
a5b3747c01 Linux uninstaller should remove uninstall.sh itself. 2013-12-27 21:17:00 -08:00
Adam Ierymenko
ec3a6428b8 Mac installation scripts fixes. 2013-12-27 15:30:39 -08:00
Adam Ierymenko
7a6fe203ee Rebuild OSX tap for up to 32 devices. 2013-12-27 07:41:36 -08:00
Adam Ierymenko
a8345b6a44 Save unsigned tap driver in pre10.8 to possibly distribute for older OSX versions that cannot load signed kexts. 2013-12-27 07:22:03 -08:00
Adam Ierymenko
191d204674 Mac uninstall script fixes. 2013-12-19 10:51:46 -08:00
Adam Ierymenko
b54f998a85 Linux installer: remove old init.d files, fix for init.d startup/shutdown script. 2013-12-16 16:40:03 -08:00
Adam Ierymenko
50ef47cf0a Mac launchd item and launcher script, uninstaller work. 2013-12-13 16:15:42 -08:00
Adam Ierymenko
f7f3bef313 Move some stuff to clean up root. 2013-12-10 16:17:57 -08:00
Adam Ierymenko
2133984318 Build instructions for tap-mac. 2013-12-03 13:47:13 -08:00
Adam Ierymenko
6b8c90bffd Upgrade LZ4, remove extraneous files, put tap-mac into ext/ to declutter root. 2013-11-06 11:01:34 -05:00
Adam Ierymenko
12b297a712 Put default MTU in tap back to 2800, clean up tun-related files and other things from the original pre-fork tap code base that we will never use. 2013-10-28 15:18:06 -04:00
Adam Ierymenko
d290306bb3 Update binary build of tap. 2013-10-28 13:23:56 -04:00
Adam Ierymenko
148619f0ba Make tap build on OSX 10.9, though not in a way that is easy for users. Instead package binaries. 2013-10-28 09:33:32 -04:00
Adam Ierymenko
df28cd88b8 docs: we no longer use MS loopback 2013-10-26 07:39:07 -04:00
Adam Ierymenko
6e217dfcb0 Get rid of DBM, which technically is a case of YAGNI. Supernodes will need a way to save identities, but that can be a different feature. Regular clients do not really need a permanent cache (yet). When/if we do need one we can do it then. Until then it only caused problems. 2013-10-21 10:29:44 -04:00
Adam Ierymenko
3b2d98e7dc Integrating new crypto -- work in progress, wont build yet. 2013-09-16 09:20:59 -04:00
Adam Ierymenko
487eb17ec0 ZeroTierOne for Windows binary project, builds and runs and mostly works but still some issues with tap. 2013-08-26 17:22:20 -04:00
Adam Ierymenko
e0bdc02139 Docs, Node picks a default home folder if created with NULL as its home path, and add binary tap drivers (self-signed for now). 2013-08-24 17:10:34 -04:00
Adam Ierymenko
f6e7be102a Decided to abandon the winpcap direction for Windows tap... re-evaluating using OpenVPN tap driver in some form for now. 2013-08-23 09:50:51 -04:00
Adam Ierymenko
d19516b40a Add winpcap development libraries and includes. 2013-08-22 16:42:17 -04:00
Adam Ierymenko
3daf73710a Add devcon 32-bit and 64-bit Windoze binaries. 2013-08-19 17:20:27 -04:00
Adam Ierymenko
150a53eb17 Self test almost builds, now need skeleton EthernetTap implementation for Windows. 2013-08-14 11:19:21 -04:00
Adam Ierymenko
d6414c9ff7 Windows compiles! (w/Visual Studio 2012) That's about all it does, but it's a start. 2013-08-12 21:25:36 -04:00
Adam Ierymenko
5076c75b07 More Windows port work. 2013-08-12 16:57:34 -04:00
Adam Ierymenko
63fa4a684d Merge my adamierymenko-dev into the new master that incorporates Raspberry Pi build changes in order to keep everything in sync. 2013-08-03 10:29:56 -04:00
Paul Furley
58c9e90b49 Fixed typo in symlink, v61 vs v6l 2013-08-03 13:00:29 +00:00
Paul Furley
d415c61c67 libcrypto.afor linux-armv4 2013-08-03 12:15:15 +00:00
Paul Furley
2e373f6400 Symlink linux-armv61 to linux-armv4 2013-08-03 12:01:20 +00:00
Paul Furley
421a04b35f Added linux-armv4 openssl build script 2013-08-03 11:51:00 +00:00
Adam Ierymenko
9df88a3933 Change mind again... dump Http. Launcher will do this and will use libcurl. Also fix some format string errors. 2013-07-31 10:05:00 -04:00
Adam Ierymenko
dd203f0065 Revert removal of Http. Witness my indecisiveness. 2013-07-27 15:45:01 -04:00
Adam Ierymenko
a816f56426 Dump huffman, doesnt add much and complicates porting to other languages. Also fix compile error in idtool. 2013-07-27 14:01:19 -04:00
Adam Ierymenko
e6e825da70 Get rid of built-in HTTP. If we do HTTP it will probably be via libcurl to support HTTPS and chunking and other complexities. 2013-07-27 13:54:59 -04:00
Adam Ierymenko
76bc9968ff New simpler command interface via loopback UDP protected by a crypto token. 2013-07-17 14:10:44 -04:00
Adam Ierymenko
150850b800 New git repository for release - version 0.2.0 tagged 2013-07-04 16:56:19 -04:00