6684559cd9
More Mac tap improvements and threading efficiency improvements.
7 years ago
90631adb9b
Improve multithreading support for OneService (faster, dynamic adjustment of thread count based on HW concurrency).
7 years ago
f6450cd7e1
Cleanup and a minor performance improvement.
7 years ago
3b6b1d1674
Make incoming packet processor thread pool dynamic based on core count.
7 years ago
b937aeb857
cleanup
7 years ago
1cec4b1c4c
Raise thread count to 8
7 years ago
c9c17eaddd
Retire RethinkDB, simple receive path multithreading.
7 years ago
15649334a6
Do not use new "feth" devices for ZT traffic.
7 years ago
c6ae81fac7
Added preprocessor check for __APPLE__ as an attempted fix for ticket #600
7 years ago
2e44b90f63
OSX no longer requires the kext due to feth black magic! The MacEthernetTapAgent must be installed in /Library/Application Support/ZeroTier/One for ZT to work now. Eventually this can let us do an app bundle, get rid of the pkg, and have ZT itself run with normal or reduced privileges. Also fixes GitHub issue #870 (at least for me) and may be faster than the old kext.
7 years ago
7c72653385
because Windows....
8 years ago
7b87e9c0cb
Added ability for OneService to monitor local.conf for changes and automatically reload
8 years ago
0fddebc791
Added ability to manually set secondary and tertiary ports in local.conf
8 years ago
76b4ec12a0
Vault-related amendments
8 years ago
0e4cfd897b
Multipath-related amendments from merge into edge
8 years ago
515d7962b0
Build fixes.
8 years ago
e01c0adff2
Added ifdef checks to omit some ManagedRoute code in SDK builds
8 years ago
fa7e7fc6f9
Revert fix for GitHub issue #600 because it causes route objects to build up forever (at least on Mac). Bleh. #600 is a rare issue and will need some other fix after reliable duplication.
8 years ago
5b114791e5
Fix a bug that caused a crash on empty HTTP requests (localhost only) and add a lightweight lock to the RX queue to prevent possible threads stepping on each other in parallel receive paths.
8 years ago
bdcdccfcc3
Improved path selection, more efficient traffic allocation, lower QoS/ACK overhead
8 years ago
17fbb020e7
Added multipath field to zerotier-cli status output. Adjusted how path estimates are computed and cached
8 years ago
dce9cb27c1
helps to have an ==0 on a strcmp
8 years ago
4199c56e99
cant compare character arrays with ==
8 years ago
9681fedbb4
Spellcheck sweep across codebase
8 years ago
b22405b64b
rtnetlink integrated. no more callouts to iproute2
8 years ago
62210e57f1
helps to have an ==0 on a strcmp
8 years ago
4dd093efc9
cant compare character arrays with ==
8 years ago
46a7a2be2e
Added VERB_ACK and VERB_QOS_MEASUREMENT, refined notion of path quality
8 years ago
0cd01b6ff8
Fix silly bug where moons and networks were being loaded by the address of an array rather than the proper value.
8 years ago
91c8e82c42
Adjusted locking order of _paths_m for path pruning. Other minor multipath changes
8 years ago
1debe2292d
Cleanup. Misc type conversion and signedness fixes
8 years ago
6a2ba4baca
Introduced basic multipath support
8 years ago
836d897aec
Re-ordered local.conf and node init logic, also split software update config into separate method to fix bad node pointer reference
8 years ago
916077012e
Make sure fopen is in binary mode on Windows.
8 years ago
2d289a3308
Just a little cleanup
8 years ago
7793060723
Add HashiCorp Vault storage of ZeroTier's public & secret identity
...
Adds a "vault" section to local.conf. Example local.conf:
{
"config": {
"vault": {
"vaultURL": "https://some.vault.host:8200 ",
"vaultToken": "my-super-secret-vault-token",
"vaultPath": "secure/place/to/put/identity"
}
}
Additionally, the following environment variables can be set. Environment variables override local.conf:
VAULT_ADDR
VAULT_TOKEN
VAULT_PATH
Identities will be placed in the keys "public" and "secret" under the user specified path. If no path is specified, they will be placed in the token specific cubbyhole.
If identity.public and identity.secret exist on disk and vault is configured, they will be automatically added to Vault and removed from disk.
TODO:
* Decide behavior for if Vault cannot be reached.
* Add libcurl as a dependency in Linux & Mac builds
* Add libcurl as a requirement for linux packages
8 years ago
5ff0653f9e
Hooks into StateGet and StatePut for grabbing identity.secret from Vault
8 years ago
9574d635c1
Add Vault configuration option parsing to local.conf
...
{
"settings": {
...
"valut": {
"vaultURL": "...",
"vaultKey": "...",
"vaultPath": "..."
}
}
}
8 years ago
db952a050a
Added platform checks for Windows in OneService
8 years ago
73ca9b6373
check physical blacklist for interface binding as well
8 years ago
f3dfd63634
Clean up some old stuff.
8 years ago
5f5302e595
More useful to allow arrays of IPs to bind to.
8 years ago
125ec622ca
Add bindToWildcard local.conf option.
8 years ago
c594351bcc
Remove old code.
8 years ago
f87326fc21
Fixes for lock ordering -- GitHub issue #573
8 years ago
640cc22749
Added allowTcpFallbackRelay to local.conf, fixed logic in Binder's route enumeration
8 years ago
7e2d614975
Attempted fix for ticket #656 (failes to acknowledge physical blacklists)
8 years ago
2e1bc6e500
Cleaned up old code for attempted fix for ticket #600
8 years ago
30694f0b20
Allow trusted paths over global IPs for legacy config format too.
8 years ago
65c07afe05
Copyright updates for 2018.
8 years ago
Adam Ierymenko
Joseph Henry
Grant Limberg
neutronscott