Merge branch 'dev' of http://git.int.zerotier.com/ZeroTier/ZeroTierOne into dev

.gitattributes

@@ -0,0 +1,4 @@
+ext/bin/tap-windows-ndis6/x64/zttap300.inf eol=crlf
+ext/bin/tap-windows-ndis6/x64.old/zttap300.inf eol=crlf
+ext/bin/tap-windows-ndis6/x86/zttap300.inf eol=crlf
+windows/TapDriver6/zttap300.inf eol=crlf

ext/bin/tap-windows-ndis6/x64/zttap300.inf

@@ -1,144 +1,144 @@
-;
-; ZeroTier One Virtual Network Port NDIS6 Driver
-;
-; Based on the OpenVPN tap-windows6 driver version 9.21.1 git
-; commit 48f027cfca52b16b5fd23d82e6016ed8a91fc4d3.
-; See: https://github.com/OpenVPN/tap-windows6
-;
-; Modified by ZeroTier, Inc. - https://www.zerotier.com/
-;
-; (1) Comment out 'tun' functionality and related features such as DHCP
-;     emulation, since we don't use any of that. Just want straight 'tap'.
-; (2) Added custom IOCTL to enumerate L2 multicast memberships.
-; (3) Increase maximum number of multicast memberships to 128.
-; (4) Set default and max device MTU to 2800.
-; (5) Rename/rebrand driver as ZeroTier network port driver.
-;
-; Original copyright below. Modifications released under GPLv2 as well.
-;
-; ****************************************************************************
-; * Copyright (C) 2002-2014 OpenVPN Technologies, Inc.                       *
-; *  This program is free software; you can redistribute it and/or modify    *
-; *  it under the terms of the GNU General Public License version 2          *
-; *  as published by the Free Software Foundation.                           *
-; ****************************************************************************
-;
-
-[Version]
-Signature = "$Windows NT$"
-CatalogFile = zttap300.cat
-ClassGUID = {4d36e972-e325-11ce-bfc1-08002be10318}
-Provider = %Provider%
-Class = Net
-DriverVer=11/24/2020,3.00.00.1
-
-[Strings]
-DeviceDescription = "ZeroTier Virtual Port"
-Provider = "ZeroTier"
-
-; To build for x86, take NTamd64 off this and off the named section manually, build, then put it back!
-[Manufacturer]
-%Provider%=zttap300,NTamd64
-
-[zttap300]
-%DeviceDescription% = zttap300.ndi, root\zttap300 ; Root enumerated
-%DeviceDescription% = zttap300.ndi, zttap300      ; Legacy
-
-[zttap300.NTamd64]
-%DeviceDescription% = zttap300.ndi, root\zttap300 ; Root enumerated
-%DeviceDescription% = zttap300.ndi, zttap300      ; Legacy
-
-;----------------- Characteristics ------------
-;    NCF_PHYSICAL = 0x04
-;    NCF_VIRTUAL = 0x01
-;    NCF_SOFTWARE_ENUMERATED = 0x02
-;    NCF_HIDDEN = 0x08
-;    NCF_NO_SERVICE = 0x10
-;    NCF_HAS_UI = 0x80
-;----------------- Characteristics ------------
-[zttap300.ndi]
-CopyFiles       = zttap300.driver, zttap300.files
-AddReg          = zttap300.reg
-AddReg          = zttap300.params.reg
-Characteristics = 0x81
-*IfType            = 0x6 ; IF_TYPE_ETHERNET_CSMACD
-*MediaType         = 0x0 ; NdisMedium802_3
-*PhysicalMediaType = 14  ; NdisPhysicalMedium802_3
-
-[zttap300.ndi.Services]
-AddService = zttap300,        2, zttap300.service
-
-[zttap300.reg]
-HKR, Ndi,            Service,      0, "zttap300"
-HKR, Ndi\Interfaces, UpperRange,   0, "ndis5" ; yes, 'ndis5' is correct... yup, Windows.
-HKR, Ndi\Interfaces, LowerRange,   0, "ethernet"
-HKR, ,               Manufacturer, 0, "%Provider%"
-HKR, ,               ProductName,  0, "%DeviceDescription%"
-
-[zttap300.params.reg]
-HKR, Ndi\params\MTU,                  ParamDesc, 0, "MTU"
-HKR, Ndi\params\MTU,                  Type,      0, "int"
-HKR, Ndi\params\MTU,                  Default,   0, "2800"
-HKR, Ndi\params\MTU,                  Optional,  0, "0"
-HKR, Ndi\params\MTU,                  Min,       0, "100"
-HKR, Ndi\params\MTU,                  Max,       0, "2800"
-HKR, Ndi\params\MTU,                  Step,      0, "1"
-HKR, Ndi\params\MediaStatus,          ParamDesc, 0, "Media Status"
-HKR, Ndi\params\MediaStatus,          Type,      0, "enum"
-HKR, Ndi\params\MediaStatus,          Default,   0, "0"
-HKR, Ndi\params\MediaStatus,          Optional,  0, "0"
-HKR, Ndi\params\MediaStatus\enum,     "0",       0, "Application Controlled"
-HKR, Ndi\params\MediaStatus\enum,     "1",       0, "Always Connected"
-HKR, Ndi\params\MAC,                  ParamDesc, 0, "MAC Address"
-HKR, Ndi\params\MAC,                  Type,      0, "edit"
-HKR, Ndi\params\MAC,                  Optional,  0, "1"
-HKR, Ndi\params\AllowNonAdmin,        ParamDesc, 0, "Non-Admin Access"
-HKR, Ndi\params\AllowNonAdmin,        Type,      0, "enum"
-HKR, Ndi\params\AllowNonAdmin,        Default,   0, "0"
-HKR, Ndi\params\AllowNonAdmin,        Optional,  0, "0"
-HKR, Ndi\params\AllowNonAdmin\enum,   "0",       0, "Not Allowed"
-HKR, Ndi\params\AllowNonAdmin\enum,   "1",       0, "Allowed"
-
-;---------- Service Type -------------
-;    SERVICE_KERNEL_DRIVER     = 0x01
-;    SERVICE_WIN32_OWN_PROCESS = 0x10
-;---------- Service Type -------------
-
-;---------- Start Mode ---------------
-;    SERVICE_BOOT_START   = 0x0
-;    SERVICE_SYSTEM_START = 0x1
-;    SERVICE_AUTO_START   = 0x2
-;    SERVICE_DEMAND_START = 0x3
-;    SERVICE_DISABLED     = 0x4
-;---------- Start Mode ---------------
-
-[zttap300.service]
-DisplayName = %DeviceDescription%
-ServiceType = 1
-StartType = 3
-ErrorControl = 1
-LoadOrderGroup = NDIS
-ServiceBinary = %12%\zttap300.sys
-
-;----------------- Copy Flags ------------
-;    COPYFLG_NOSKIP = 0x02
-;    COPYFLG_NOVERSIONCHECK = 0x04
-;----------------- Copy Flags ------------
-
-[SourceDisksNames]
-1 = %DeviceDescription%, zttap300.sys
-
-[SourceDisksFiles]
-zttap300.sys = 1
-
-[DestinationDirs]
-zttap300.files  = 11
-zttap300.driver = 12
-
-[zttap300.files]
-;
-
-[zttap300.driver]
-zttap300.sys,,,6     ; COPYFLG_NOSKIP | COPYFLG_NOVERSIONCHECK
-
-
+;
+; ZeroTier One Virtual Network Port NDIS6 Driver
+;
+; Based on the OpenVPN tap-windows6 driver version 9.21.1 git
+; commit 48f027cfca52b16b5fd23d82e6016ed8a91fc4d3.
+; See: https://github.com/OpenVPN/tap-windows6
+;
+; Modified by ZeroTier, Inc. - https://www.zerotier.com/
+;
+; (1) Comment out 'tun' functionality and related features such as DHCP
+;     emulation, since we don't use any of that. Just want straight 'tap'.
+; (2) Added custom IOCTL to enumerate L2 multicast memberships.
+; (3) Increase maximum number of multicast memberships to 128.
+; (4) Set default and max device MTU to 2800.
+; (5) Rename/rebrand driver as ZeroTier network port driver.
+;
+; Original copyright below. Modifications released under GPLv2 as well.
+;
+; ****************************************************************************
+; * Copyright (C) 2002-2014 OpenVPN Technologies, Inc.                       *
+; *  This program is free software; you can redistribute it and/or modify    *
+; *  it under the terms of the GNU General Public License version 2          *
+; *  as published by the Free Software Foundation.                           *
+; ****************************************************************************
+;
+
+[Version]
+Signature = "$Windows NT$"
+CatalogFile = zttap300.cat
+ClassGUID = {4d36e972-e325-11ce-bfc1-08002be10318}
+Provider = %Provider%
+Class = Net
+DriverVer=11/24/2020,3.00.00.1
+
+[Strings]
+DeviceDescription = "ZeroTier Virtual Port"
+Provider = "ZeroTier"
+
+; To build for x86, take NTamd64 off this and off the named section manually, build, then put it back!
+[Manufacturer]
+%Provider%=zttap300,NTamd64
+
+[zttap300]
+%DeviceDescription% = zttap300.ndi, root\zttap300 ; Root enumerated
+%DeviceDescription% = zttap300.ndi, zttap300      ; Legacy
+
+[zttap300.NTamd64]
+%DeviceDescription% = zttap300.ndi, root\zttap300 ; Root enumerated
+%DeviceDescription% = zttap300.ndi, zttap300      ; Legacy
+
+;----------------- Characteristics ------------
+;    NCF_PHYSICAL = 0x04
+;    NCF_VIRTUAL = 0x01
+;    NCF_SOFTWARE_ENUMERATED = 0x02
+;    NCF_HIDDEN = 0x08
+;    NCF_NO_SERVICE = 0x10
+;    NCF_HAS_UI = 0x80
+;----------------- Characteristics ------------
+[zttap300.ndi]
+CopyFiles       = zttap300.driver, zttap300.files
+AddReg          = zttap300.reg
+AddReg          = zttap300.params.reg
+Characteristics = 0x81
+*IfType            = 0x6 ; IF_TYPE_ETHERNET_CSMACD
+*MediaType         = 0x0 ; NdisMedium802_3
+*PhysicalMediaType = 14  ; NdisPhysicalMedium802_3
+
+[zttap300.ndi.Services]
+AddService = zttap300,        2, zttap300.service
+
+[zttap300.reg]
+HKR, Ndi,            Service,      0, "zttap300"
+HKR, Ndi\Interfaces, UpperRange,   0, "ndis5" ; yes, 'ndis5' is correct... yup, Windows.
+HKR, Ndi\Interfaces, LowerRange,   0, "ethernet"
+HKR, ,               Manufacturer, 0, "%Provider%"
+HKR, ,               ProductName,  0, "%DeviceDescription%"
+
+[zttap300.params.reg]
+HKR, Ndi\params\MTU,                  ParamDesc, 0, "MTU"
+HKR, Ndi\params\MTU,                  Type,      0, "int"
+HKR, Ndi\params\MTU,                  Default,   0, "2800"
+HKR, Ndi\params\MTU,                  Optional,  0, "0"
+HKR, Ndi\params\MTU,                  Min,       0, "100"
+HKR, Ndi\params\MTU,                  Max,       0, "2800"
+HKR, Ndi\params\MTU,                  Step,      0, "1"
+HKR, Ndi\params\MediaStatus,          ParamDesc, 0, "Media Status"
+HKR, Ndi\params\MediaStatus,          Type,      0, "enum"
+HKR, Ndi\params\MediaStatus,          Default,   0, "0"
+HKR, Ndi\params\MediaStatus,          Optional,  0, "0"
+HKR, Ndi\params\MediaStatus\enum,     "0",       0, "Application Controlled"
+HKR, Ndi\params\MediaStatus\enum,     "1",       0, "Always Connected"
+HKR, Ndi\params\MAC,                  ParamDesc, 0, "MAC Address"
+HKR, Ndi\params\MAC,                  Type,      0, "edit"
+HKR, Ndi\params\MAC,                  Optional,  0, "1"
+HKR, Ndi\params\AllowNonAdmin,        ParamDesc, 0, "Non-Admin Access"
+HKR, Ndi\params\AllowNonAdmin,        Type,      0, "enum"
+HKR, Ndi\params\AllowNonAdmin,        Default,   0, "0"
+HKR, Ndi\params\AllowNonAdmin,        Optional,  0, "0"
+HKR, Ndi\params\AllowNonAdmin\enum,   "0",       0, "Not Allowed"
+HKR, Ndi\params\AllowNonAdmin\enum,   "1",       0, "Allowed"
+
+;---------- Service Type -------------
+;    SERVICE_KERNEL_DRIVER     = 0x01
+;    SERVICE_WIN32_OWN_PROCESS = 0x10
+;---------- Service Type -------------
+
+;---------- Start Mode ---------------
+;    SERVICE_BOOT_START   = 0x0
+;    SERVICE_SYSTEM_START = 0x1
+;    SERVICE_AUTO_START   = 0x2
+;    SERVICE_DEMAND_START = 0x3
+;    SERVICE_DISABLED     = 0x4
+;---------- Start Mode ---------------
+
+[zttap300.service]
+DisplayName = %DeviceDescription%
+ServiceType = 1
+StartType = 3
+ErrorControl = 1
+LoadOrderGroup = NDIS
+ServiceBinary = %12%\zttap300.sys
+
+;----------------- Copy Flags ------------
+;    COPYFLG_NOSKIP = 0x02
+;    COPYFLG_NOVERSIONCHECK = 0x04
+;----------------- Copy Flags ------------
+
+[SourceDisksNames]
+1 = %DeviceDescription%, zttap300.sys
+
+[SourceDisksFiles]
+zttap300.sys = 1
+
+[DestinationDirs]
+zttap300.files  = 11
+zttap300.driver = 12
+
+[zttap300.files]
+;
+
+[zttap300.driver]
+zttap300.sys,,,6     ; COPYFLG_NOSKIP | COPYFLG_NOVERSIONCHECK
+
+

osdep/EthernetTap.cpp

@@ -112,7 +112,7 @@ std::shared_ptr<EthernetTap> EthernetTap::newInstance(
 				-1,
 				NULL,
 				NULL,
-				RPC_C_AUTHN_LEVEL_DEFAULT,
+				RPC_C_AUTHN_LEVEL_PKT,
 				RPC_C_IMP_LEVEL_IMPERSONATE,
 				NULL,
 				EOAC_NONE,
@@ -120,6 +120,7 @@ std::shared_ptr<EthernetTap> EthernetTap::newInstance(
 			);
 			if (FAILED(hres)) {
 				CoUninitialize();
+				fprintf(stderr, "WinEthernetTap: Failed to initialize security");
 				throw std::runtime_error("WinEthernetTap: Failed to initialize security");
 			}
 			_comInit = true;

osdep/WindowsEthernetTap.cpp

@@ -816,13 +816,7 @@ void WindowsEthernetTap::setFriendlyName(const char *dn)
 		RegCloseKey(ifp);
 	}
 
-	HRESULT hr = CoInitialize(nullptr);
-	if (hr != S_OK) return;
-	CoInitializeSecurity(NULL, -1, NULL, NULL,
-		RPC_C_AUTHN_LEVEL_PKT,
-		RPC_C_IMP_LEVEL_IMPERSONATE,
-		NULL, EOAC_NONE, NULL);
-	if (hr != S_OK) return;
+	HRESULT hr = S_OK;
 
 	INetSharingManager *nsm;
 	hr = CoCreateInstance(__uuidof(NetSharingManager), NULL, CLSCTX_ALL, __uuidof(INetSharingManager), (void**)&nsm);