Merge dev.

ext/installfiles/linux/DEBIAN/control.in

@@ -3,6 +3,7 @@ Architecture: __ARCH__
 Maintainer: ZeroTier, Inc. <[email protected]>
 Priority: optional
 Version: __VERSION__
+Installed-Size: 1024
 Homepage: https://github.com/zerotier/ZeroTierOne
 Description: ZeroTier One network virtualization service
  ZeroTier One is a fast, secure, and easy to use peer to peer network

ext/installfiles/linux/init.d/zerotier-one

@@ -7,21 +7,20 @@
 #              networks. See https://www.zerotier.com/ for more information.
 
 ### BEGIN INIT INFO
-# Provides: zerotier-one
-# Required-Start: $local_fs $network
-# Required-Stop: $local_fs
-# Default-Start:  2345
-# Default-Stop: 90
-# Short-Description: start ZeroTier One
-# Description: ZeroTier One provides public and private distributed ethernet \
-#              networks. See https://www.zerotier.com/ for more information.
+# Provides:          zerotier-one
+# Required-Start:    $local_fs $network
+# Required-Stop:     $local_fs
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Start ZeroTier One
+# Description:       ZeroTier One provides public and private distributed ethernet \
+#                    networks. See https://www.zerotier.com/ for more information.
 ### END INIT INFO
 
 #
 # This script is written to avoid distro-specific dependencies, so it does not
 # use the rc bash script libraries found on some systems. It should work on
-# just about anything, even systems using Upstart. Upstart native support may
-# come in the future.
+# just about anything.
 #
 
 zthome=/var/lib/zerotier-one

ext/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/_CodeSignature/CodeResources

@@ -39,7 +39,7 @@
 		<dict>
 			<key>hash</key>
 			<data>
-			7dgumnPDtoIzhi9QoaFhDvCo9ys=
+			aP0mIANPPnnTMmxYlELioz9ZO1I=
 			</data>
 			<key>optional</key>
 			<true/>
@@ -82,7 +82,7 @@
 		<dict>
 			<key>hash</key>
 			<data>
-			7dgumnPDtoIzhi9QoaFhDvCo9ys=
+			aP0mIANPPnnTMmxYlELioz9ZO1I=
 			</data>
 			<key>optional</key>
 			<true/>

ext/mac-ui-macgap1-wrapper/src/MacGap/en.lproj/Window.xib

@@ -13,22 +13,22 @@
             </connections>
         </customObject>
         <customObject id="-1" userLabel="First Responder" customClass="FirstResponder"/>
-        <customObject id="-3" userLabel="Application"/>
+        <customObject id="-3" userLabel="Application" customClass="NSObject"/>
         <window title="Window" allowsToolTipsWhenApplicationIsInactive="NO" autorecalculatesKeyViewLoop="NO" oneShot="NO" animationBehavior="default" id="1">
-            <windowStyleMask key="styleMask" titled="YES" closable="YES" miniaturizable="YES"/>
-            <rect key="contentRect" x="575" y="564" width="500" height="700"/>
+            <windowStyleMask key="styleMask" titled="YES" closable="YES" miniaturizable="YES" resizable="YES"/>
+            <rect key="contentRect" x="575" y="564" width="500" height="500"/>
             <rect key="screenRect" x="0.0" y="0.0" width="1920" height="1178"/>
-            <value key="minSize" type="size" width="500" height="700"/>
-            <value key="maxSize" type="size" width="500" height="700"/>
             <view key="contentView" id="2" customClass="ContentView">
-                <rect key="frame" x="0.0" y="0.0" width="500" height="700"/>
+                <rect key="frame" x="0.0" y="0.0" width="500" height="500"/>
                 <autoresizingMask key="autoresizingMask"/>
                 <subviews>
                     <webView id="5">
-                        <rect key="frame" x="0.0" y="0.0" width="500" height="700"/>
+                        <rect key="frame" x="0.0" y="0.0" width="500" height="500"/>
                         <autoresizingMask key="autoresizingMask" widthSizable="YES" heightSizable="YES"/>
                         <animations/>
-                        <webPreferences key="preferences" defaultFontSize="12" defaultFixedFontSize="12"/>
+                        <webPreferences key="preferences" defaultFontSize="12" defaultFixedFontSize="12">
+                            <nil key="identifier"/>
+                        </webPreferences>
                     </webView>
                 </subviews>
                 <animations/>

node/Peer.hpp

@@ -263,7 +263,6 @@ public:
 		return (l * (((unsigned int)tsr / (ZT_PEER_DIRECT_PING_DELAY + 1000)) + 1));
 	}
 
-
 	/**
 	 * Update latency with a new direct measurment
 	 *

node/Switch.cpp

@@ -820,10 +820,12 @@ bool Switch::_trySend(const Packet &packet,bool encrypt,uint64_t nwid)
 				for(std::vector< std::pair<Address,InetAddress> >::const_iterator r(nconf->relays().begin());r!=nconf->relays().end();++r) {
 					if (r->first != peer->address()) {
 						SharedPtr<Peer> rp(RR->topology->getPeer(r->first));
-						const unsigned int q = rp->relayQuality(now);
-						if ((rp)&&(q < bestq)) { // SUBTILE: < == don't use these if they are nil quality (unsigned int max), instead use a root
-							bestq = q;
-							rp.swap(relay);
+						if (rp) {
+							const unsigned int q = rp->relayQuality(now);
+							if (q < bestq) { // SUBTILE: < == don't use these if they are nil quality (unsigned int max), instead use a root
+								bestq = q;
+								rp.swap(relay);
+							}
 						}
 					}
 				}

osdep/OSXEthernetTap.cpp

@@ -143,7 +143,7 @@ static inline int _intl_getifmaddrs(struct _intl_ifmaddrs **pif)
 			}
 			free(buf);
 			buf = NULL;
-		} 
+		}
 	} while (buf == NULL);
 
 	for (next = buf; next < buf + needed; next += rtm->rtm_msglen) {
@@ -475,37 +475,11 @@ bool OSXEthernetTap::enabled() const
 	return _enabled;
 }
 
-static bool ___removeIp(const std::string &_dev,const InetAddress &ip)
-{
-	long cpid = (long)vfork();
-	if (cpid == 0) {
-		execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"inet",ip.toIpString().c_str(),"-alias",(const char *)0);
-		_exit(-1);
-	} else if (cpid > 0) {
-		int exitcode = -1;
-		waitpid(cpid,&exitcode,0);
-		return (exitcode == 0);
-	}
-	return false; // never reached, make compiler shut up about return value
-}
-
 bool OSXEthernetTap::addIp(const InetAddress &ip)
 {
 	if (!ip)
 		return false;
 
-	std::vector<InetAddress> allIps(ips());
-	if (std::binary_search(allIps.begin(),allIps.end(),ip))
-		return true;
-
-	// Remove and reconfigure if address is the same but netmask is different
-	for(std::vector<InetAddress>::iterator i(allIps.begin());i!=allIps.end();++i) {
-		if ((i->ipsEqual(ip))&&(i->netmaskBits() != ip.netmaskBits())) {
-			if (___removeIp(_dev,*i))
-				break;
-		}
-	}
-
 	long cpid = (long)vfork();
 	if (cpid == 0) {
 		::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),ip.isV4() ? "inet" : "inet6",ip.toString().c_str(),"alias",(const char *)0);
@@ -524,9 +498,18 @@ bool OSXEthernetTap::removeIp(const InetAddress &ip)
 	if (!ip)
 		return true;
 	std::vector<InetAddress> allIps(ips());
-	if (!std::binary_search(allIps.begin(),allIps.end(),ip)) {
-		if (___removeIp(_dev,ip))
-			return true;
+	for(std::vector<InetAddress>::iterator i(allIps.begin());i!=allIps.end();++i) {
+		if (*i == ip) {
+			long cpid = (long)vfork();
+			if (cpid == 0) {
+				execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"inet",ip.toIpString().c_str(),"-alias",(const char *)0);
+				_exit(-1);
+			} else if (cpid > 0) {
+				int exitcode = -1;
+				waitpid(cpid,&exitcode,0);
+				return (exitcode == 0);
+			}
+		}
 	}
 	return false;
 }
@@ -564,7 +547,7 @@ std::vector<InetAddress> OSXEthernetTap::ips() const
 		freeifaddrs(ifa);
 
 	std::sort(r.begin(),r.end());
-	std::unique(r.begin(),r.end());
+	r.erase(std::unique(r.begin(),r.end()),r.end());
 
 	return r;
 }

osdep/PortMapper.cpp

@@ -28,7 +28,7 @@
 #ifdef ZT_USE_MINIUPNPC
 
 // Uncomment to dump debug messages
-#define ZT_PORTMAPPER_TRACE 1
+//#define ZT_PORTMAPPER_TRACE 1
 
 #include <stdio.h>
 #include <stdlib.h>

selftest.cpp

@@ -1096,7 +1096,7 @@ int main(int argc,char **argv)
 
 	srand((unsigned int)time(0));
 
-	/*
+	///*
 	r |= testSqliteNetworkController();
 	r |= testOther();
 	r |= testCrypto();
@@ -1106,17 +1106,19 @@ int main(int argc,char **argv)
 	r |= testPhy();
 	r |= testResolver();
 	//r |= testHttp();
-	*/
+	//*/
 
 	if (r)
 		std::cout << std::endl << "SOMETHING FAILED!" << std::endl;
 
+	/*
 #ifdef ZT_USE_MINIUPNPC
 	std::cout << std::endl;
 	std::cout << "[portmapper] Starting port mapper and waiting forever... use CTRL+C to exit. (enable ZT_PORTMAPPER_TRACE in PortMapper.cpp for output)" << std::endl;
 	PortMapper mapper(12345,"ZeroTier/__selftest");
 	Thread::sleep(0xffffffff);
 #endif
+	*/
 
 	return r;
 }

service/OneService.cpp

@@ -355,6 +355,26 @@ public:
 static BackgroundSoftwareUpdateChecker backgroundSoftwareUpdateChecker;
 #endif // ZT_AUTO_UPDATE
 
+static bool isBlacklistedLocalInterfaceForZeroTierTraffic(const char *ifn)
+{
+#if defined(__linux__) || defined(linux) || defined(__LINUX__) || defined(__linux)
+	if ((ifn[0] == 'l')&&(ifn[1] == 'o')) return true; // loopback
+	if ((ifn[0] == 'z')&&(ifn[1] == 't')) return true; // sanity check: zt#
+	if ((ifn[0] == 't')&&(ifn[1] == 'u')&&(ifn[2] == 'n')) return true; // tun# is probably an OpenVPN tunnel or similar
+	if ((ifn[0] == 't')&&(ifn[1] == 'a')&&(ifn[2] == 'p')) return true; // tap# is probably an OpenVPN tunnel or similar
+#endif
+
+#ifdef __APPLE__
+	if ((ifn[0] == 'l')&&(ifn[1] == 'o')) return true; // loopback
+	if ((ifn[0] == 'z')&&(ifn[1] == 't')) return true; // sanity check: zt#
+	if ((ifn[0] == 't')&&(ifn[1] == 'u')&&(ifn[2] == 'n')) return true; // tun# is probably an OpenVPN tunnel or similar
+	if ((ifn[0] == 't')&&(ifn[1] == 'a')&&(ifn[2] == 'p')) return true; // tap# is probably an OpenVPN tunnel or similar
+	if ((ifn[0] == 'u')&&(ifn[1] == 't')&&(ifn[2] == 'u')&&(ifn[3] == 'n')) return true; // ... as is utun#
+#endif
+
+	return false;
+}
+
 static std::string _trimString(const std::string &s)
 {
 	unsigned long end = (unsigned long)s.length();
@@ -768,7 +788,7 @@ public:
 					if ((getifaddrs(&ifatbl) == 0)&&(ifatbl)) {
 						struct ifaddrs *ifa = ifatbl;
 						while (ifa) {
-							if ((ifa->ifa_name)&&(ifa->ifa_addr)) {
+							if ((ifa->ifa_name)&&(ifa->ifa_addr)&&(!isBlacklistedLocalInterfaceForZeroTierTraffic(ifa->ifa_name))) {
 								bool isZT = false;
 								for(std::vector<std::string>::const_iterator d(ztDevices.begin());d!=ztDevices.end();++d) {
 									if (*d == ifa->ifa_name) {