Rename topology/ to be more descriptive, and some more updates.

.gitignore

@@ -31,4 +31,4 @@
 .qmake.stash
 *.autosave
 /ZeroTier One.dmg
-/topology/topology.secret
+/root-topology/*.secret

topology/Makefile → root-topology/Makefile

@@ -11,4 +11,7 @@ official: all
 clean:
 	rm -f *.o mktopology bin2c root_topology.out
 
+realclean: clean
+	rm -f ZT_DEFAULT_ROOT_TOPOLOGY.c
+
 FORCE:

root-topology/README.md

@@ -0,0 +1,7 @@
+This folder contains the source files to compile the signed network root topology dictionary. Users outside ZeroTier won't find this useful except for testing, since the root topology must be signed by the root topology authority (public identity in root-topology-authority.public) to be considered valid.
+
+ZT_DEFAULT_ROOT_TOPOLOGY.c contains the current default value, and this URL is periodically checked for updates:
+
+http://download.zerotier.com/sys/topology
+
+Obviously nothing prevents OSS users from replacing this topology with their own, changing the hard coded topology signing identity and update URL in Defaults, and signing their own dictionary. But doing so would yield a network that would have a tough(ish) time talking to the main one. Since the main network is a free service, why bother? (Except for building testnets, which ZeroTier already does for internal testing.)

topology/ZT_DEFAULT_ROOT_TOPOLOGY.c → root-topology/ZT_DEFAULT_ROOT_TOPOLOGY.c

@@ -94,6 +94,6 @@ static unsigned char ZT_DEFAULT_ROOT_TOPOLOGY[] = {
 	0x34, 0x32, 0x38, 0x33, 0x37, 0x33, 0x35, 0x38, 0x32, 0x64, 0x61, 0x33, 0x64, 0x30, 0x61, 0x39,
 	0x61, 0x31, 0x34, 0x62, 0x33, 0x36, 0x65, 0x34, 0x35, 0x34, 0x36, 0x63, 0x33, 0x31, 0x37, 0x65,
 	0x38, 0x31, 0x31, 0x65, 0x36, 0x0a, 0x7e, 0x21, 0x73, 0x69, 0x67, 0x74, 0x73, 0x3d, 0x31, 0x34,
-	0x37, 0x62, 0x32, 0x66, 0x37, 0x30, 0x34, 0x37, 0x34, 0x0a 
+	0x37, 0x62, 0x32, 0x66, 0x62, 0x65, 0x66, 0x38, 0x35, 0x0a 
 };
 #define ZT_DEFAULT_ROOT_TOPOLOGY_LEN 1530

topology/mktopology.cpp → root-topology/mktopology.cpp

@@ -1,9 +1,3 @@
-/* Makes topology dictionary out of source dictionary and signs with
- * 'topology.secret', which must be present (or symlinked) from where
- * this is run. */
-
-/* Just type 'make' and then run (Only tested on Linux) */
-
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
@@ -22,8 +16,8 @@ int main(int argc,char **argv)
 {
 	std::string buf;
 
-	if (!Utils::readFile("topology.secret",buf)) {
-		std::cerr << "Cannot read topology.secret" << std::endl;
+	if (!Utils::readFile("root-topology-authority.secret",buf)) {
+		std::cerr << "Cannot read root-topology-authority.secret" << std::endl;
 		return 1;
 	}
 	Identity topologyAuthority(buf);

topology/README.md

@@ -1,9 +0,0 @@
-This folder contains the source files to compile the signed network topology dictionary. Users outside ZeroTier won't find this useful except for documentation purposes, since this dictionary must be signed by a valid topology signing key to be considered valid. These keys are hard-coded into the source and distributed with all versions of the app.
-
-A default value for this dictionary is included in node/Defaults.cpp, and the following URL is periodically checked for updates:
-
-http://download.zerotier.com/sys/topology
-
-Obviously nothing prevents OSS users from replacing this topology with their own, changing the hard coded topology signing identity and update URL in Defaults, and signing their own dictionary. But doing so would yield a network that would have a tough(ish) time talking to the main one. Since the main network is a free service, why bother? (Except for building testnets, which ZeroTier already does for internal testing.)
-
-Increasing decentralization via federation or trust network is possible in the future though, provided it can be done without sacrificing stability, security, performance, or ease of use.