From 0a5429cab00696ffc90cdc52790206b1f71e2ae2 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Mon, 17 Aug 2015 21:08:02 +0000
Subject: Lookup of member must be a left outer join in case the member is
 being manually inserted before we see the node.

---
 controller/SqliteNetworkController.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/controller/SqliteNetworkController.cpp b/controller/SqliteNetworkController.cpp
index c95d3b74..2cdd9913 100644
--- a/controller/SqliteNetworkController.cpp
+++ b/controller/SqliteNetworkController.cpp
@@ -196,7 +196,7 @@ SqliteNetworkController::SqliteNetworkController(const char *dbPath) :
 
 			/* Member */
 			||(sqlite3_prepare_v2(_db,"SELECT rowid,authorized,activeBridge FROM Member WHERE networkId = ? AND nodeId = ?",-1,&_sGetMember,(const char **)0) != SQLITE_OK)
-			||(sqlite3_prepare_v2(_db,"SELECT m.authorized,m.activeBridge,m.memberRevision,n.identity FROM Member AS m JOIN Node AS n ON n.id = m.nodeId WHERE m.networkId = ? AND m.nodeId = ?",-1,&_sGetMember2,(const char **)0) != SQLITE_OK)
+			||(sqlite3_prepare_v2(_db,"SELECT m.authorized,m.activeBridge,m.memberRevision,n.identity FROM Member AS m LEFT OUTER JOIN Node AS n ON n.id = m.nodeId WHERE m.networkId = ? AND m.nodeId = ?",-1,&_sGetMember2,(const char **)0) != SQLITE_OK)
 			||(sqlite3_prepare_v2(_db,"INSERT INTO Member (networkId,nodeId,authorized,activeBridge,memberRevision) VALUES (?,?,?,0,(SELECT memberRevisionCounter FROM Network WHERE id = ?))",-1,&_sCreateMember,(const char **)0) != SQLITE_OK)
 			||(sqlite3_prepare_v2(_db,"SELECT nodeId FROM Member WHERE networkId = ? AND activeBridge > 0 AND authorized > 0",-1,&_sGetActiveBridges,(const char **)0) != SQLITE_OK)
 			||(sqlite3_prepare_v2(_db,"SELECT m.nodeId,m.memberRevision FROM Member AS m WHERE m.networkId = ? ORDER BY m.nodeId ASC",-1,&_sListNetworkMembers,(const char **)0) != SQLITE_OK)
-- 
cgit v1.2.3


From 4da794b38970d3899e752ae3adf4e4f64c3651d8 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 19 Aug 2015 11:43:56 -0700
Subject: Add authorizedMemberCount to controller network config records.

---
 controller/SqliteNetworkController.cpp | 6 ++++--
 service/README.md                      | 1 +
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/controller/SqliteNetworkController.cpp b/controller/SqliteNetworkController.cpp
index 2cdd9913..9497ebc3 100644
--- a/controller/SqliteNetworkController.cpp
+++ b/controller/SqliteNetworkController.cpp
@@ -156,7 +156,7 @@ SqliteNetworkController::SqliteNetworkController(const char *dbPath) :
 	if (
 
 			/* Network */
-			  (sqlite3_prepare_v2(_db,"SELECT name,private,enableBroadcast,allowPassiveBridging,v4AssignMode,v6AssignMode,multicastLimit,creationTime,revision,memberRevisionCounter FROM Network WHERE id = ?",-1,&_sGetNetworkById,(const char **)0) != SQLITE_OK)
+			  (sqlite3_prepare_v2(_db,"SELECT name,private,enableBroadcast,allowPassiveBridging,v4AssignMode,v6AssignMode,multicastLimit,creationTime,revision,memberRevisionCounter,(SELECT COUNT(1) FROM Member WHERE Member.networkId = Network.id AND Member.authorized > 0) FROM Network WHERE id = ?",-1,&_sGetNetworkById,(const char **)0) != SQLITE_OK)
 			||(sqlite3_prepare_v2(_db,"SELECT revision FROM Network WHERE id = ?",-1,&_sGetNetworkRevision,(const char **)0) != SQLITE_OK)
 			||(sqlite3_prepare_v2(_db,"UPDATE Network SET revision = ? WHERE id = ?",-1,&_sSetNetworkRevision,(const char **)0) != SQLITE_OK)
 			||(sqlite3_prepare_v2(_db,"INSERT INTO Network (id,name,creationTime,revision) VALUES (?,?,?,1)",-1,&_sCreateNetwork,(const char **)0) != SQLITE_OK)
@@ -1467,6 +1467,7 @@ unsigned int SqliteNetworkController::_doCPGet(
 						"\t\"creationTime\": %llu,\n"
 						"\t\"revision\": %llu,\n"
 						"\t\"memberRevisionCounter\": %llu,\n"
+						"\t\"authorizedMemberCount\": %llu,\n"
 						"\t\"relays\": [",
 						nwids,
 						_instanceId.c_str(),
@@ -1479,7 +1480,8 @@ unsigned int SqliteNetworkController::_doCPGet(
 						sqlite3_column_int(_sGetNetworkById,6),
 						(unsigned long long)sqlite3_column_int64(_sGetNetworkById,7),
 						(unsigned long long)sqlite3_column_int64(_sGetNetworkById,8),
-						(unsigned long long)sqlite3_column_int64(_sGetNetworkById,9));
+						(unsigned long long)sqlite3_column_int64(_sGetNetworkById,9),
+						(unsigned long long)sqlite3_column_int64(_sGetNetworkById,10));
 					responseBody = json;
 
 					sqlite3_reset(_sGetRelays);
diff --git a/service/README.md b/service/README.md
index 668aab05..3e52a8a1 100644
--- a/service/README.md
+++ b/service/README.md
@@ -173,6 +173,7 @@ To create a new network with a random last six digits safely and atomically, you
 <tr><td>creationTime</td><td>integer</td><td>Time network was created in ms since epoch</td><td>no</td></tr>
 <tr><td>revision</td><td>integer</td><td>Network config revision number</td><td>no</td></tr>
 <tr><td>memberRevisionCounter</td><td>integer</td><td>Current value of network revision counter (incremented after every member add or revision)</td><td>no</td></tr>
+<tr><td>authorizedMemberCount</td><td>integer</td><td>Number of authorized members</td><td>no</td></tr>
 <tr><td>relays</td><td>[object]</td><td>Array of network-specific relay nodes (see below)</td><td>yes</td></tr>
 <tr><td>ipLocalRoutes</td><td>[string]</td><td>Array of IP network/netmask entries corresponding to networks routed directly via this interface (e.g. 10.0.0.0/8 to route 10.0.0.0 via this interface)</td></tr>
 <tr><td>ipAssignmentPools</td><td>[object]</td><td>Array of IP auto-assignment pools for 'zt' assignment mode</td><td>yes</td></tr>
-- 
cgit v1.2.3


From 9a5be0a0926d004ee2eb99a6c09f2395e0f7db39 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Mon, 24 Aug 2015 11:24:33 -0700
Subject: typo

---
 controller/SqliteNetworkController.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/controller/SqliteNetworkController.cpp b/controller/SqliteNetworkController.cpp
index 9497ebc3..e1cc2654 100644
--- a/controller/SqliteNetworkController.cpp
+++ b/controller/SqliteNetworkController.cpp
@@ -1721,7 +1721,7 @@ unsigned int SqliteNetworkController::_doCPGet(
 		// GET /controller returns status and API version if controller is supported
 		Utils::snprintf(json,sizeof(json),"{\n\t\"controller\": true,\n\t\"apiVersion\": %d,\n\t\"clock\": %llu,\n\t\"instanceId\": \"%s\"\n}\n",ZT_NETCONF_CONTROLLER_API_VERSION,(unsigned long long)OSUtils::now(),_instanceId.c_str());
 		responseBody = json;
-		responseContentType = "applicaiton/json";
+		responseContentType = "application/json";
 		return 200;
 	}
 
-- 
cgit v1.2.3


From 2aa1b5d9b78c965ced4390292d9ae60a6314ad2a Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Mon, 24 Aug 2015 12:44:07 -0700
Subject: Add clock helper field to both member and network to permit time
 duration calculation easily.

---
 controller/SqliteNetworkController.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/controller/SqliteNetworkController.cpp b/controller/SqliteNetworkController.cpp
index e1cc2654..2a004bda 100644
--- a/controller/SqliteNetworkController.cpp
+++ b/controller/SqliteNetworkController.cpp
@@ -1363,6 +1363,7 @@ unsigned int SqliteNetworkController::_doCPGet(
 								"\t\"authorized\": %s,\n"
 								"\t\"activeBridge\": %s,\n"
 								"\t\"memberRevision\": %llu,\n"
+								"\t\"clock\": %llu,\n"
 								"\t\"identity\": \"%s\",\n"
 								"\t\"ipAssignments\": [",
 								nwids,
@@ -1371,6 +1372,7 @@ unsigned int SqliteNetworkController::_doCPGet(
 								(sqlite3_column_int(_sGetMember2,0) > 0) ? "true" : "false",
 								(sqlite3_column_int(_sGetMember2,1) > 0) ? "true" : "false",
 								(unsigned long long)sqlite3_column_int64(_sGetMember2,2),
+								(unsigned long long)OSUtils::now(),
 								_jsonEscape((const char *)sqlite3_column_text(_sGetMember2,3)).c_str());
 							responseBody = json;
 
@@ -1457,6 +1459,7 @@ unsigned int SqliteNetworkController::_doCPGet(
 						"{\n"
 						"\t\"nwid\": \"%s\",\n"
 						"\t\"controllerInstanceId\": \"%s\",\n"
+						"\t\"clock\": %llu,\n"
 						"\t\"name\": \"%s\",\n"
 						"\t\"private\": %s,\n"
 						"\t\"enableBroadcast\": %s,\n"
@@ -1471,6 +1474,7 @@ unsigned int SqliteNetworkController::_doCPGet(
 						"\t\"relays\": [",
 						nwids,
 						_instanceId.c_str(),
+						(unsigned long long)OSUtils::now(),
 						_jsonEscape((const char *)sqlite3_column_text(_sGetNetworkById,0)).c_str(),
 						(sqlite3_column_int(_sGetNetworkById,1) > 0) ? "true" : "false",
 						(sqlite3_column_int(_sGetNetworkById,2) > 0) ? "true" : "false",
-- 
cgit v1.2.3


From 5fcef91278fe9acc5ff2c696dc767faad2a62630 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Tue, 25 Aug 2015 09:42:37 -0700
Subject: Ignore old root-topology if present -- fix for upgrading on Linux and
 possibly elsewhere.

---
 node/Node.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/node/Node.cpp b/node/Node.cpp
index d40ceab9..534c085d 100644
--- a/node/Node.cpp
+++ b/node/Node.cpp
@@ -136,7 +136,7 @@ Node::Node(
 			if (!Topology::authenticateRootTopology(rt))
 				rt.clear();
 		}
-		if (!rt.size())
+		if ((!rt.size())||(!rt.contains("rootservers")))
 			rt.fromString(ZT_DEFAULTS.defaultRootTopology);
 	}
 	RR->topology->setRootServers(Dictionary(rt.get("rootservers","")));
-- 
cgit v1.2.3


From 867258de8b5cbc3e3b26baa9b9e7332df9048328 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Tue, 25 Aug 2015 09:44:21 -0700
Subject: Document clock convenience field.

---
 service/README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/service/README.md b/service/README.md
index 3e52a8a1..7ffabba3 100644
--- a/service/README.md
+++ b/service/README.md
@@ -173,6 +173,7 @@ To create a new network with a random last six digits safely and atomically, you
 <tr><td>creationTime</td><td>integer</td><td>Time network was created in ms since epoch</td><td>no</td></tr>
 <tr><td>revision</td><td>integer</td><td>Network config revision number</td><td>no</td></tr>
 <tr><td>memberRevisionCounter</td><td>integer</td><td>Current value of network revision counter (incremented after every member add or revision)</td><td>no</td></tr>
+<tr><td>clock</td><td>integer</td><td>Current clock in ms since epoch (for convenience)</td><td>no</td></tr>
 <tr><td>authorizedMemberCount</td><td>integer</td><td>Number of authorized members</td><td>no</td></tr>
 <tr><td>relays</td><td>[object]</td><td>Array of network-specific relay nodes (see below)</td><td>yes</td></tr>
 <tr><td>ipLocalRoutes</td><td>[string]</td><td>Array of IP network/netmask entries corresponding to networks routed directly via this interface (e.g. 10.0.0.0/8 to route 10.0.0.0 via this interface)</td></tr>
@@ -243,6 +244,7 @@ IP related fields apply only to Ethernet frames of type IPv4 or IPV6. Otherwise
 <table>
 <tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Description</b></td><td><b>Writable</b></td></tr>
 <tr><td>nwid</td><td>string</td><td>16-digit hex network ID</td><td>no</td></tr>
+<tr><td>clock</td><td>integer</td><td>Current clock in ms since epoch (for convenience)</td><td>no</td></tr>
 <tr><td>address</td><td>string</td><td>10-digit hex ZeroTier address</td><td>no</td></tr>
 <tr><td>authorized</td><td>boolean</td><td>Is member authorized?</td><td>yes</td></tr>
 <tr><td>activeBridge</td><td>boolean</td><td>This member is an active network bridge</td><td>yes</td></tr>
-- 
cgit v1.2.3


From b4487cefc978491ae40ba29c8c84ce0c23ba8fdb Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Tue, 25 Aug 2015 09:46:59 -0700
Subject: Document rules requirement in controller.

---
 service/README.md | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/service/README.md b/service/README.md
index 7ffabba3..05f340d8 100644
--- a/service/README.md
+++ b/service/README.md
@@ -156,9 +156,7 @@ By making queries to this path you can create, configure, and delete networks. D
 
 It's important to understand how network IDs work. The first ten digits (most significant 40 bits) of a network ID are the ZeroTier address of the controller. This is how clients find it. The last six digits (least significant 24 bits) are arbitrary and serve to identify the network uniquely on the controller.
 
-Thus a network's first ten digits *must* be the controller's address. If your controller is *deadbeef01*, then the networks it controls must have IDs like *deadbeef01feed02* or *deadbeef01beef03*. This API however *does not* enforce this requirement. It will allow you to add arbitrary network IDs, but they won't work since clients will never be able to find them.
-
-To create a new network with a random last six digits safely and atomically, you can POST to */controller/network/##########\_\_\_\_\_\_* where ########## is the controller's address and the underscores are as shown. This will pick a random unallocated network ID, which will be returned in the 'nwid' field of the returned JSON object.
+Thus a network's first ten digits *must* be the controller's address. If your controller is *deadbeef01*, then the networks it controls must have IDs like *deadbeef01feed02* or *deadbeef01beef03*. This API however *does not* enforce this requirement. It will allow you to add arbitrary network IDs, but they won't work since clients will never be able to find them. To create a new network with a random last six digits safely and atomically, you can POST to */controller/network/##########\_\_\_\_\_\_* where ########## is the controller's address and the underscores are as shown. This will pick a random unallocated network ID, which will be returned in the 'nwid' field of the returned JSON object.
 
 <table>
 <tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Description</b></td><td><b>Writable</b></td></tr>
@@ -181,9 +179,9 @@ To create a new network with a random last six digits safely and atomically, you
 <tr><td>rules</td><td>[object]</td><td>Array of network flow rules (see below)</td><td>yes</td></tr>
 </table>
 
-The network member list includes both authorized and unauthorized members. DELETE unauthorized members to remove them from the list.
+The network member list includes both authorized and unauthorized members. DELETE unauthorized members to remove them from the list. Relays, IP assignment pools, and rules are edited via direct POSTs to the network object. New values replace all previous values.
 
-Relays, IP assignment pools, and rules are edited via direct POSTs to the network object. New values replace all previous values.
+Networks must have rules. If there are no rules, the default action is 'deny'. As also documented in the Rule object definition below, rules currently only support etherType and allow/deny. Thus to make a functioning network, add etherType allow entries for IPV4/ARP and/or IPv6. Alternately you can add a null allow entry to allow all traffic, causing the network to behave like a normal pass-through switch.
 
 **Relay object format:**
 
-- 
cgit v1.2.3

-- 
cgit v1.2.3


From 5db538d85ef739fa969a5b71d294501ac0bb5335 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Tue, 25 Aug 2015 09:55:14 -0700
Subject: VERSION 1.0.5: Windows and Linux (upgrade) bug fixes

Version 1.0.5 is a very minor release. It includes a new build of the Windows
device driver that supports Windows Vista and 2008 Server, and a fix to prevent
an issue that could occur when updating Linux installations from old pre-1.0.3
versions to 1.0.3 or 1.0.4.

It also includes a few very minor fixes and improvements to the controller code,
which doesn't affect most users.

This second commit just bumps version.h. :)
---
 version.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/version.h b/version.h
index 62f8fb69..010330ac 100644
--- a/version.h
+++ b/version.h
@@ -41,6 +41,6 @@
 /**
  * Revision
  */
-#define ZEROTIER_ONE_VERSION_REVISION 4
+#define ZEROTIER_ONE_VERSION_REVISION 5
 
 #endif
-- 
cgit v1.2.3