Skip to content

Commit 1c58978

Browse files
adamierymenkoladukeglimbergleleobhzbostick
authored
1.10.4 merge into main (#1893)
* add note about forceTcpRelay * Create a sample systemd unit for tcp proxy * set gitattributes for rust & cargo so hashes dont conflict on Windows * Revert "set gitattributes for rust & cargo so hashes dont conflict on Windows" This reverts commit 032dc5c. * Turn off autocrlf for rust source Doesn't appear to play nice well when it comes to git and vendored cargo package hashes * Fix #1883 (#1886) Still unknown as to why, but the call to `nc->GetProperties()` can fail when setting a friendly name on the Windows virtual ethernet adapter. Ensure that `ncp` is not null before continuing and accessing the device GUID. * Don't vendor packages for zeroidc (#1885) * Added docker environment way to join networks (#1871) * add StringUtils * fix headers use recommended headers and remove unused headers * move extern "C" only JNI functions need to be exported * cleanup * fix ANDROID-50: RESULT_ERROR_BAD_PARAMETER typo * fix typo in log message * fix typos in JNI method signatures * fix typo * fix ANDROID-51: fieldName is uninitialized * fix ANDROID-35: memory leak * fix missing DeleteLocalRef in loops * update to use unique error codes * add GETENV macro * add LOG_TAG defines * ANDROID-48: add ZT_jnicache.cpp * ANDROID-48: use ZT_jnicache.cpp and remove ZT_jnilookup.cpp and ZT_jniarray.cpp * add Event.fromInt * add PeerRole.fromInt * add ResultCode.fromInt * fix ANDROID-36: issues with ResultCode * add VirtualNetworkConfigOperation.fromInt * fix ANDROID-40: VirtualNetworkConfigOperation out-of-sync with ZT_VirtualNetworkConfigOperation enum * add VirtualNetworkStatus.fromInt * fix ANDROID-37: VirtualNetworkStatus out-of-sync with ZT_VirtualNetworkStatus enum * add VirtualNetworkType.fromInt * make NodeStatus a plain data class * fix ANDROID-52: synchronization bug with nodeMap * Node init work: separate Node construction and init * add Node.toString * make PeerPhysicalPath a plain data class * remove unused PeerPhysicalPath.fixed * add array functions * make Peer a plain data class * make Version a plain data class * fix ANDROID-42: copy/paste error * fix ANDROID-49: VirtualNetworkConfig.equals is wrong * reimplement VirtualNetworkConfig.equals * reimplement VirtualNetworkConfig.compareTo * add VirtualNetworkConfig.hashCode * make VirtualNetworkConfig a plain data class * remove unused VirtualNetworkConfig.enabled * reimplement VirtualNetworkDNS.equals * add VirtualNetworkDNS.hashCode * make VirtualNetworkDNS a plain data class * reimplement VirtualNetworkRoute.equals * reimplement VirtualNetworkRoute.compareTo * reimplement VirtualNetworkRoute.toString * add VirtualNetworkRoute.hashCode * make VirtualNetworkRoute a plain data class * add isSocketAddressEmpty * add addressPort * add fromSocketAddressObject * invert logic in a couple of places and return early * newInetAddress and newInetSocketAddress work allow newInetSocketAddress to return NULL if given empty address * fix ANDROID-38: stack corruption in onSendPacketRequested * use GETENV macro * JniRef work JniRef does not use callbacks struct, so remove fix NewGlobalRef / DeleteGlobalRef mismatch * use PRId64 macros * switch statement work * comments and logging * Modifier 'public' is redundant for interface members * NodeException can be made a checked Exception * 'NodeException' does not define a 'serialVersionUID' field * 'finalize()' should not be overridden this is fine to do because ZeroTierOneService calls close() when it is done * error handling, error reporting, asserts, logging * simplify loadLibrary * rename Node.networks -> Node.networkConfigs * Windows file permissions fix (#1887) * Allow macOS interfaces to use multiple IP addresses (#1879) Co-authored-by: Sean OMeara <someara@users.noreply.github.com> Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com> * Fix condition where full HELLOs might not be sent when necessary (#1877) Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com> * 1.10.4 version bumps * Add security policy to repo (#1889) * [+] add e2k64 arch (#1890) * temp fix for ANDROID-56: crash inside newNetworkConfig from too many args * 1.10.4 release notes --------- Co-authored-by: travis laduke <travisladuke@gmail.com> Co-authored-by: Grant Limberg <grant.limberg@zerotier.com> Co-authored-by: Grant Limberg <glimberg@users.noreply.github.com> Co-authored-by: Leonardo Amaral <leleobhz@users.noreply.github.com> Co-authored-by: Brenton Bostick <bostick@gmail.com> Co-authored-by: Sean OMeara <someara@users.noreply.github.com> Co-authored-by: Joseph Henry <joseph-henry@users.noreply.github.com> Co-authored-by: Roman Peshkichev <roman.peshkichev@gmail.com>
1 parent dea47f6 commit 1c58978

File tree

13,322 files changed

+3059
-3572005
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

13,322 files changed

+3059
-3572005
lines changed

.github/workflows/build.yml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -6,8 +6,8 @@ jobs:
66
steps:
77
- name: gitconfig
88
run: |
9-
git config --global core.autocrlf false
10-
git config --global core.eol lf
9+
git config --global core.autocrlf input
10+
# git config --global core.eol lf
1111
- name: checkout
1212
uses: actions/checkout@v3
1313
- name: Install Rust
@@ -42,8 +42,8 @@ jobs:
4242
steps:
4343
- name: gitconfig
4444
run: |
45-
git config --global core.autocrlf false
46-
git config --global core.eol lf
45+
git config --global core.autocrlf input
46+
# git config --global core.eol lf
4747
- name: checkout
4848
uses: actions/checkout@v3
4949
- name: Install Rust
@@ -77,8 +77,8 @@ jobs:
7777
steps:
7878
- name: gitconfig
7979
run: |
80-
git config --global core.autocrlf false
81-
git config --global core.eol lf
80+
git config --global core.autocrlf true
81+
# git config --global core.eol lf
8282
- name: checkout
8383
uses: actions/checkout@v3
8484
- name: Install Rust

README.docker.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -60,6 +60,7 @@ To ensure you have a network available before trying to listen on it. Without pr
6060

6161
You can control a few settings including the identity used and the authtoken used to interact with the control socket (which you can forward and access through `localhost:9993`).
6262

63+
- `ZEROTIER_JOIN_NETWORKS`: additional way to set networks to join.
6364
- `ZEROTIER_API_SECRET`: replaces the `authtoken.secret` before booting and allows you to manage the control socket's authentication key.
6465
- `ZEROTIER_IDENTITY_PUBLIC`: the `identity.public` file for zerotier-one. Use `zerotier-idtool` to generate one of these for you.
6566
- `ZEROTIER_IDENTITY_SECRET`: the `identity.secret` file for zerotier-one. Use `zerotier-idtool` to generate one of these for you.

RELEASE-NOTES.md

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,19 @@
11
ZeroTier Release Notes
22
======
33

4+
# 2023-03-07 -- Version 1.10.4
5+
6+
* SECURITY FIX (Windows): this version fixes a file permission problem on
7+
Windows that could allow non-privileged users on a Windows system to read
8+
privileged files in the ZeroTier service's working directory. This could
9+
allow an unprivileged local Windows user to administrate the local ZeroTier
10+
instance without appropriate local permissions. This issue is not remotely
11+
exploitable unless a remote user can read arbitrary local files, and does
12+
not impact other operating systems.
13+
14+
* Fix a bug in the handling of multiple IP address assignments to virtual
15+
interfaces on macOS.
16+
417
# 2023-02-15 -- Version 1.10.3
518

619
* Fix for duplicate paths in client. Could cause connectivity issues. Affects all platforms.

SECURITY.md

Lines changed: 95 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,95 @@
1+
# Security
2+
3+
ZeroTier takes the security of our software products and services seriously, which
4+
includes all source code repositories managed through our GitHub organization.
5+
6+
## Supported Versions
7+
8+
The following versions of ZeroTier One receive security updates
9+
10+
| Version | Supported |
11+
| ------- | ------------------ |
12+
| 1.10.x | :white_check_mark: |
13+
| 1.8.x | :white_check_mark: |
14+
| < 1.8.0 | :x: |
15+
16+
## Reporting a Vulnerability
17+
18+
**Please do not report security issues through public GitHub issues**
19+
20+
Instead, please report vulnerabilities via email to security@zerotier.com. If possible,
21+
please encrypt with our PGP key (see below).
22+
23+
Please include the following information, or as much as you can provide to help us
24+
understand the nature and scope of the issue:
25+
26+
27+
* Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
28+
* Full paths of source file(s) related to the manifestation of the issue
29+
* The location of the affected source code (tag/branch/commit or direct URL)
30+
* Any special configuration required to reproduce the issue
31+
* Step-by-step instructions to reproduce the issue
32+
* Proof-of-concept or exploit code (if possible)
33+
* Impact of the issue, including how an attacker might exploit the issue
34+
35+
36+
## Preferred Languages
37+
38+
We prefer all communications to be in English.
39+
40+
## security@zerotier.com PGP key
41+
42+
```
43+
-----BEGIN PGP PUBLIC KEY BLOCK-----
44+
45+
mQINBGQGOVIBEACalXTnNqaiSOVLFEiqHpDMg8N/OI5D5850Xy1ZEvx3B3rz7cbn
46+
k30ozHtJKbh+vqpyItE7DjyQAuF19gP5Q64Yh0Y+MmLHq60q/GwOwAYz7cI+UzA3
47+
5x8YqcmTp32LAM1xJn+iMlMLBuAmJl4kULKmOXPlpqPiyTFs5saizvm7fgRmfgJJ
48+
HpsnIrTkaDFJhAR+jvMJohVYwmhuydeI0DsHu7KGpG1ddcHDrUjOPNqXnnAPSPwx
49+
llw4yfKlQb8GYErsv/G5QVyzd5+SxEuiI4MARRnrk8LlMQ33CR6pzIQ/Bk5AAmye
50+
mHqfEAknkiOf++urYhRs9BL3Kz3MdV0cg92zr9EFOg0u56jxf5OnAiTOhGUUA0hn
51+
dS7peVGl46R9Oy2JYIazNDGi+4NIsYDFXsnsss9xOQVygPyeQd71zFHfix0jct9w
52+
j3o/kj7Egsnm9nc13354bYT6bbalqXiRWwGH1eAFpjueNWiVFwZS6NZUP3WeNDiY
53+
BlPo1LodvolbXiJcTILTCyEkERJPCK2zoE2nTdVfvTLWsuehw1M6Yd2/q74TVYy/
54+
RY+KjHkrChEBQ9PqXsXRHj6opKbT8JLfZkvU5k+3IiqqxOpB+QXFI/whj493CxWW
55+
so7QAmzOCyJq8GDVPxzkwUac22YIkXdiOmb8i/HWq+kLY/HjQE259Gx6KwARAQAB
56+
tClaZXJvVGllciBTZWN1cml0eSA8c2VjdXJpdHlAemVyb3RpZXIuY29tPokCTAQT
57+
AQoANhYhBH1HQGb+4jzl6mnFqf09m6uqADkABQJkBjlSAhsDBAsJCAcEFQoJCAUW
58+
AgMBAAIeAQIXgAAKCRD9PZurqgA5ACqPD/sFt6SG6Tu0HwTY2ofJtYsa2GBLL0pf
59+
dYlX4cWSs1PVB5+m5Oj18y+GB2umA9GnsVtmvaSfp3XEngt2zNWX27uUsVfL35b2
60+
/5TVVe8RjzOedqMN+lQWMvO+f/C1zmWYXjjpC+iGjgMMaRRrofkkn+7uL4N9y6gY
61+
rcXtpACT1rYFC+i1AKnZfUO8Vr5ji7odq0f7bDkN/N38rB0kRRwEmO8wqdpQK6gK
62+
nxf9vgJl5ggimDk5Xtz1sfd3y28bf5N4hdOCkXUbd10nUFY3wDNTM4VxozxTGJeG
63+
imdcc19Wuw/1fGUZ5SIjgPanCdPLGYwSTr+M6Fuern9uTtlC1GOby3BUtmVGP6EU
64+
1pSAJSRpmoBPHKKOYtSMwV8PCboXru9P1ab8y8STKM3SKyghUJrl17gdc0LaksZa
65+
E54pJudGPIQMFRqZjMdV6jgMuaLTozjZ4mW8EThf4mkX4xDkO8l7cOn0225ZYJZC
66+
lZKpdnwzk9owkJA80u4KBNJxTtB4ZAPzjBsD5hFzCZQTLNQp/psU3EjZsau28eXT
67+
E/C1QjEQHgy4ohkgQlCm1H1+clKssCWcdmsVGXuS1u8gh4K6X9b0Z6LeCGRaQvH2
68+
+DB8oTAdqp9nUZv9rP4pbo+sR4fF67CFLriVuxjedAiFkbM4uHMFcL4tc/X9+DRo
69+
YN5X7oEkZvO507kCDQRkBjlSARAAz58UMF7K1qKyQjzKTcutaYZ5SaIGky9lCLZn
70+
/2vjpFCoBogkxS/6IKQcwZk8b4S9QstaaQZDFEkxqNeKC0GiFTAMAb6SmYcK495h
71+
EZnHl0NA5Nc2dBlZk5E/ENzTCz2bXaxCcVESc2z+xCzu07brbhGrqvliKiwOUzt9
72+
JzqEsar6I95OutBcZvkFCs44/Uf9bS1qf1w4klE8w3vdMtGH23umrET4tFZ+sh6o
73+
ZFtQx0u2eKjsRdn/RMtsxLNaJlcE1DdIAqBpQrcmuwMC8v5wUGfCGZjhClzmyQlq
74+
akUkayir7UtbHbFT/mgO+YI77YGXWk5QrwPscqqT2l8KB/YMujNDmaWa/0KV1lIY
75+
zr5s4dzVeiwqFLR9ANFIhzFwzf3JLi6XSx123Qix0TxZoYPZCHl7yoi9qi6qybz5
76+
0Od2LSz3jbApeKYymZ+zjE+YV5y9DI6Wzy1j2M1FogNvTO9fMk+6dLt4HhTdSNvH
77+
cKya462YCcy+tnZTkhmh+FTebbJlV6D4wG7skE5KCdBhjm53xLwp6XW9L6n2CrkL
78+
W1IDBcCz0oPd1sMkXbO3wnxdXprV2XurCfsg/R2nszSNzvdJ8/xj3cr9hpoJ714R
79+
qqyoEDRZ1Ss9kGL166o5MpN5qb/EewdkqGgWP7YFXbhsdHQiW7Z7dAqzjoaybD4O
80+
nakkwyUAEQEAAYkCNgQYAQoAIBYhBH1HQGb+4jzl6mnFqf09m6uqADkABQJkBjlS
81+
AhsMAAoJEP09m6uqADkAax0P/Rh8EZYRqW6dPYTl1YQusAK10rAcRNq3ekjofXGk
82+
oXK1S7HWGoFgl5++5nfSfNgFJ5VLcgIM56wtIf49zFjWe5oC6fw8k+ghh4d2chMP
83+
hdDILx6e0c30Iq1+EvovGR9hWa0wJ4cKTdzlwhY9ZC09q0ia+bl2mwpie1JQDR0c
84+
zXCjt+PldLeeK9z1/XT0Q7KowYC+U18oR+KFm+EaRV4QT85JVequnIeGkmaHJrHB
85+
lH4T5A5ib7y8edon1c0Zx3GsaxJUojkEJ0SX7ffVDu6ztUZfkHfCVpMW4VzUeGA/
86+
m+CtFO9ciLRGZEkRa+zhIGoBvwEXU0GiwiF4nZ0F2C8UioeW0YIEV9zl3nXJctYE
87+
ZKc2whSENQRTGgaYHVoVZhznt71LKWgFLshwBo81UCXVkzwAjMW1ActDnmPw5M7q
88+
xR5Qp5G49Z1GmfSozazha0HVFPKNV5i3RlTzs4yLUnZyH0yC9IvtOefMHcLjG96L
89+
N5miEV97gvJJjrn8rhRvpUwAWgmT/9IuYjBNQTtNN40arto5HxezR76WCjdKYxdL
90+
p3dM1iiBDShHNm7LdyZlLFhTOMU0tNBxJJ7B09ar5gakeZjD+2aB1ODX9VuFtozL
91+
onBjI2gIkry0UIkuznHfFw05lZAZAiqHEVgVi/WTk4C/bklDZNgE0lx+IWzEz2iS
92+
L455
93+
=lheL
94+
-----END PGP PUBLIC KEY BLOCK-----
95+
```

debian/changelog

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,9 @@
1+
zerotier-one (1.10.4) unstable; urgency=medium
2+
3+
* See RELEASE-NOTES.md for release notes.
4+
5+
-- Adam Ierymenko <adam.ierymenko@zerotier.com> Mon, 06 Mar 2023 01:00:00 -0700
6+
17
zerotier-one (1.10.3) unstable; urgency=medium
28

39
* See RELEASE-NOTES.md for release notes.

entrypoint.sh.release

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -71,13 +71,23 @@ trap killzerotier INT TERM
7171
log "Configuring networks to join"
7272
mkdir -p /var/lib/zerotier-one/networks.d
7373

74-
log_params "Joining networks:" $@
74+
log_params "Joining networks from command line:" $@
7575
for i in "$@"
7676
do
7777
log_detail_params "Configuring join:" "$i"
7878
touch "/var/lib/zerotier-one/networks.d/${i}.conf"
7979
done
8080

81+
if [ "x$ZEROTIER_JOIN_NETWORKS" != "x" ]
82+
then
83+
log_params "Joining networks from environment:" $ZEROTIER_JOIN_NETWORKS
84+
for i in "$ZEROTIER_JOIN_NETWORKS"
85+
do
86+
log_detail_params "Configuring join:" "$i"
87+
touch "/var/lib/zerotier-one/networks.d/${i}.conf"
88+
done
89+
fi
90+
8191
log "Starting ZeroTier"
8292
nohup /usr/sbin/zerotier-one &
8393

ext/installfiles/mac/ZeroTier One.pkgproj

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -701,7 +701,7 @@
701701
<key>USE_HFS+_COMPRESSION</key>
702702
<false/>
703703
<key>VERSION</key>
704-
<string>1.10.3</string>
704+
<string>1.10.4</string>
705705
</dict>
706706
<key>TYPE</key>
707707
<integer>0</integer>

java/jni/ZT_jniarray.cpp

Lines changed: 0 additions & 112 deletions
This file was deleted.

java/jni/ZT_jniarray.h

Lines changed: 0 additions & 60 deletions
This file was deleted.

0 commit comments

Comments
 (0)