Update to 1.4.2

2019-08-21 19:51:53 -07:00 · 2019-08-21 19:51:53 -07:00 · 4f9274484a
commit 4f9274484a
parent 0708629155
506 changed files with 101463 additions and 33922 deletions
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@ -0,0 +1,46 @@
 ---
 name: Bug report
 about: Create a report to help us improve
 ---
 **Alternative, faster ways to get help**
 If you have just started using ZeroTier, here are some places to get help:
 - my.zerotier.com has a _Community_ tab. It's a live chat with other users and the developers. 
 - [ZeroTier Knowledge Base](https://zerotier.atlassian.net/wiki/spaces/SD/overview)
 - www.zerotier.com has a Contact Us button
 - email contact@zerotier.com
 **Describe the bug**
 A clear and concise description of what the bug is.
 **To Reproduce**
 Steps to reproduce the behavior:
 1. Create a Network '...'
 2. Install zerotier-one '....'
 3. '....'
 4. See error
 **Expected behavior**
 A clear and concise description of what you expected to happen.
 **Screenshots**
 If applicable, add screenshots or console output to help explain your problem.
 **Desktop (please complete the following information):**
 - OS: [e.g. Mac, Linux, Windows, BSD]
 - OS/Distribution Version
 - ZeroTier Version [e.g. 1.2.4]
 - Hardware [e.g. raspberry pi 3]
 **Smartphone (please complete the following information):**
 - Device: [e.g. iPhone6]
 - OS: [e.g. iOS8.1]
 - Version [e.g. 1.2.4]
 **Additional context**
 Add any other context about the problem here.
 - ZeroTier Network Configuration
 - Router Config
 - Firewall Config (try turning the firewall off)
 - General Network Environment: [ e.g Home, University Campus, Corporate LAN ]
--- a/.github/ISSUE_TEMPLATE/feature_request.md
+++ b/.github/ISSUE_TEMPLATE/feature_request.md
@ -0,0 +1,17 @@
 ---
 name: Feature request
 about: Suggest an idea for this project
 ---
 **Is your feature request related to a problem? Please describe.**
 A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
 **Describe the solution you'd like**
 A clear and concise description of what you want to happen.
 **Describe alternatives you've considered**
 A clear and concise description of any alternative solutions or features you've considered.
 **Additional context**
 Add any other context or screenshots about the feature request here.
--- a/.gitignore
+++ b/.gitignore
@ -1,16 +1,17 @@
 <<<<<<< HEAD
 # Main binaries created in *nix builds
 /zerotier-one
 /zerotier-idtool
 /zerotier-cli
 /zerotier-selftest
 /zerotier
 /nltest
 # OS-created garbage files from various platforms
 .DS_Store
 .Apple*
 Thumbs.db
@eaDir
 ._*
 # Windows build droppings
 /windows/ZeroTierOne.sdf
@ -27,6 +28,7 @@ Thumbs.db
 /windows/Release
 /windows/WebUIWrapper/bin
 /windows/WebUIWrapper/obj
 /windows/lib
 /ext/installfiles/windows/ZeroTier One-SetupFiles
 /ext/installfiles/windows/Prerequisites
 /ext/installfiles/windows/*-cache
@ -49,6 +51,7 @@ enc_temp_folder
 /world/mkworld
 /world/*.c25519
 zt1-src.tar.gz
 /MacEthernetTapAgent
 # Miscellaneous temporaries, build files, etc.
 *.log
@ -111,3 +114,9 @@ build/
 !default.perspectivev3
 *.xccheckout
 xcuserdata/
 ext/librethinkdbxx/build
 .vscode
 __pycache__
 *~
 attic/world/*.c25519
 attic/world/mkworld
--- a/AUTHORS.md
+++ b/AUTHORS.md
@ -2,6 +2,7 @@
 * ZeroTier Core and ZeroTier One virtual networking service<br>
   Adam Ierymenko / adam.ierymenko@zerotier.com
   Joseph Henry / joseph.henry@zerotier.com (QoS and multipath)
 * Java JNI Interface to enable Android application development, and Android app itself (code for that is elsewhere)<br>
   Grant Limberg / glimberg@gmail.com
@ -45,13 +46,6 @@ ZeroTier includes the following third party code, either in ext/ or incorporated
   * Home page: https://github.com/nlohmann/json
   * License grant: MIT
 * TunTapOSX by Mattias Nissler
   * Files: ext/tap-mac/tuntap/*
   * Home page: http://tuntaposx.sourceforge.net/
   * License grant: BSD attribution no-endorsement
   * ZeroTier Modifications: change interface name to zt#, increase max MTU, increase max devices
 * tap-windows6 by the OpenVPN project
   * Files: windows/TapDriver6/*
@ -71,3 +65,9 @@ ZeroTier includes the following third party code, either in ext/ or incorporated
   * Files: ext/libnatpmp/* ext/miniupnpc/*
   * Home page: http://miniupnp.free.fr/
   * License grant: BSD attribution no-endorsement
 * cpp-httplib by yhirose
   * Files: ext/cpp-httplib/*
   * Home page: https://github.com/yhirose/cpp-httplib
   * License grant: MIT
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -0,0 +1,12 @@
 # CMake build script for libzerotiercore.a
 cmake_minimum_required (VERSION 2.8)
 project (zerotiercore)
 set (PROJ_DIR ${PROJECT_SOURCE_DIR})
 set (ZT_DEFS -std=c++11)
 file(GLOB core_src_glob ${PROJ_DIR}/node/*.cpp)
 add_library(zerotiercore STATIC ${core_src_glob})
 target_compile_options(zerotiercore PRIVATE ${ZT_DEFS})
--- a/2
+++ b/2
@ -1,5 +1,5 @@
 ZeroTier One, an endpoint server for the ZeroTier virtual network layer.
-Copyright © 2011–2016 ZeroTier, Inc.
+Copyright © 2011–2019 ZeroTier, Inc.
 ZeroTier One is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
--- a/104
+++ b/104
@ -1,9 +1,11 @@
 #!/usr/bin/env groovy
 node('master') {
    checkout scm
    def changelog = getChangeLog currentBuild
-    slackSend "Building ${env.JOB_NAME} #${env.BUILD_NUMBER} \n Change Log: \n ${changelog}"
+    mattermostSend "Building ${env.JOB_NAME} #${env.BUILD_NUMBER} \n Change Log: \n ${changelog}"
 }
 parallel 'centos7': {
@ -17,66 +19,66 @@ parallel 'centos7': {
        }
        catch (err) {
            currentBuild.result = "FAILURE"
-            slackSend color: '#ff0000', message: "${env.JOB_NAME} broken on Centos 7 (<${env.BUILD_URL}|Open>)"
+            mattermostSend color: '#ff0000', message: "${env.JOB_NAME} broken on Centos 7 (<${env.BUILD_URL}|Open>)"
            throw err
        }
    }
-}, 'android-ndk': {
+// }, 'android-ndk': {
-    node('android-ndk') {
+//     node('android-ndk') {
-        try {
+//         try {
-            checkout scm
+//             checkout scm
-            stage('Build Android NDK') { 
+//             stage('Build Android NDK') { 
-                sh "/android/android-ndk-r13b/ndk-build -C $WORKSPACE/java ZT1=${WORKSPACE}"
+//                 sh "/android/android-ndk-r15b/ndk-build -C $WORKSPACE/java ZT1=${WORKSPACE}"
-            }
+//             }
-        }
+//         }
-        catch (err) {
+//         catch (err) {
-            currentBuild.result = "FAILURE"
+//             currentBuild.result = "FAILURE"
-            slackSend color: '#ff0000', message: "${env.JOB_NAME} broken on Android NDK (<${env.BUILD_URL}|Open>)"
+//             mattermostSend color: '#ff0000', message: "${env.JOB_NAME} broken on Android NDK (<${env.BUILD_URL}|Open>)"
-            throw err
+//             throw err
-        }
+//         }
-    }
+//     }
-}, 'macOS': {
+// }, 'macOS': {
-    node('macOS') {
+//     node('macOS') {
-        try {
+//         try {
-            checkout scm
+//             checkout scm
-            stage('Build macOS') {
+//             stage('Build macOS') {
-                sh 'make -f make-mac.mk'
+//                 sh 'make -f make-mac.mk'
-            }
+//             }
-            stage('Build macOS UI') {
+//             stage('Build macOS UI') {
-                sh 'cd macui && xcodebuild -target "ZeroTier One" -configuration Debug'
+//                 sh 'cd macui && xcodebuild -target "ZeroTier One" -configuration Debug'
-            }
+//             }
-        }
+//         }
-        catch (err) {
+//         catch (err) {
-            currentBuild.result = "FAILURE"
+//             currentBuild.result = "FAILURE"
-            slackSend color: '#ff0000', message: "${env.JOB_NAME} broken on macOS (<${env.BUILD_URL}|Open>)"
+//             mattermostSend color: '#ff0000', message: "${env.JOB_NAME} broken on macOS (<${env.BUILD_URL}|Open>)"
-            throw err
+//             throw err
-        }
+//         }
-    }
+//     }
-}, 'windows': {
+// }, 'windows': {
-    node('windows') {
+//     node('windows') {
-        try {
+//         try {
-            checkout scm
+//             checkout scm
-            stage('Build Windows') {
+//             stage('Build Windows') {
-                bat '''CALL "C:\\Program Files (x86)\\Microsoft Visual Studio 14.0\\VC\\vcvarsall.bat" amd64
+//                 bat '''CALL "C:\\Program Files (x86)\\Microsoft Visual Studio 14.0\\VC\\vcvarsall.bat" amd64
-git clean -dfx
+// git clean -dfx
-msbuild windows\\ZeroTierOne.sln
+// msbuild windows\\ZeroTierOne.sln
-'''
+// '''
-            }
+//             }
-        }
+//         }
-        catch (err) {
+//         catch (err) {
-            currentBuild.result = "FAILURE"
+//             currentBuild.result = "FAILURE"
-            slackSend color: '#ff0000', message: "${env.JOB_NAME} broken on Windows (<${env.BUILD_URL}|Open>)"
+//             mattermostSend color: '#ff0000', message: "${env.JOB_NAME} broken on Windows (<${env.BUILD_URL}|Open>)"
-            throw err
+//             throw err
-        }
+//         }
-    }
+//     }
 }
-slackSend color: "#00ff00", message: "${env.JOB_NAME} #${env.BUILD_NUMBER} Complete (<${env.BUILD_URL}|Show More...>)"
+mattermostSend color: "#00ff00", message: "${env.JOB_NAME} #${env.BUILD_NUMBER} Complete (<${env.BUILD_URL}|Show More...>)"
--- a/LICENSE.txt
+++ b/LICENSE.txt
@ -0,0 +1,37 @@
 ZeroTier One - Network Virtualization Everywhere
 Copyright (C) 2011-2019  ZeroTier, Inc.  https://www.zerotier.com/
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU General Public License for more details.
 You should have received a copy of the GNU General Public License
 along with this program.  If not, see <http://www.gnu.org/licenses/>.
 See LICENSE.GPL-3 for the full GNU GPL v3 license.
 --
 You can be released from the requirements of the license by purchasing
 a commercial license. Buying such a license is mandatory as soon as you
 develop commercial closed-source software that incorporates or links
 directly against ZeroTier software without disclosing the source code
 of your own application.
 --
 The above license does not apply to third party code included with or
 linked against by ZeroTier software. See the third party code section
 of the AUTHORS.md for an index of third party software included in
 this software repository.
 Licenses for third party code are all relatively permissive: MIT,
 BSD, and public domain. The only exception is the tap-windows driver
 which is under the GPLv2, but this is only needed to produce the
 binary tap device driver used by the ZeroTier service on Windows.
--- a/4
+++ b/4
@ -22,3 +22,7 @@ ifeq ($(OSTYPE),OpenBSD)
 	ZT_BUILD_PLATFORM=9
 	include make-bsd.mk
 endif
 ifeq ($(OSTYPE),NetBSD)
 	include make-netbsd.mk
 endif
--- a/OFFICIAL-RELEASE-STEPS.md
+++ b/OFFICIAL-RELEASE-STEPS.md
@ -13,7 +13,6 @@ The version must be incremented in all of the following files:
    /zerotier-one.spec
    /debian/changelog
    /ext/installfiles/mac/ZeroTier One.pkgproj
    /ext/installfiles/windows/chocolatey/zerotier-one.nuspec
    /ext/installfiles/windows/ZeroTier One.aip
    /windows/WinUI/AboutView.xaml
@ -29,36 +28,6 @@ Mac's easy. Just type:
 You will need [Packages](http://s.sudre.free.fr/Software/Packages/about.html) and our release signing key in the keychain.
 ## Linux
 Mount the GPG key for *contact@zerotier.com* and then on an x86_64 box with a recent version of Docker and an Internet connection run:
    make distclean
    cd linux-build-farm
    ./build.sh
 This will build i386 and x86_64 packages. Now ssh into our build Raspberry Pi and type `make debian` there to build the Raspbian armhf package. Copy it to `debian-jessie/` inside `linux-build-farm` so that it will be included in the repositories we generate. Now generate the YUM and APT repos:
    rm -rf ~/.aptly*
    rm -rf /tmp/zt-rpm-repo
    ./make-apt-repos.sh
    ./make-rpm-repos.sh
 This will require the passphrase for *contact@zerotier.com*.
 The contents of ~/.aptly/public must be published as `debian/` on `download.zerotier.com`. The contents of /tmp/zt-rpm-repo are published as `redhat/` on same.
 ## Windows
 First load the Visual Studio solution and rebuild the UI and ZeroTier One in both x64 and i386 `Release` mode. Then load [Advanced Installer Enterprise](http://www.advancedinstaller.com/), check that the version is correct, and build. The build will fail if any build artifacts are missing, and Windows must have our product singing key (from DigiCert) available to sign the resulting MSI file. The MSI must then be tested on at least a few different CLEAN Windows VMs to ensure that the installer is valid and properly signed.
 *After the MSI is published to download.zerotier.com in the proper RELEASE/#.#.#/dist subfolder for its version* the Chocolatey package must be rebuilt and published. Open a command prompt, change to `ext/installfiles/windows/chocolatey`, and type `choco pack`. Then use `choco push` to push it to Chocolatey (API key required).
    choco pack
    choco push zerotier-one.#.#.#.nupkg -s https://chocolatey.org/
 Note that this does not cover rebuilding the drivers or their containing MSI projects, as this is typically not necessary and they are shipped in binary form in the repository for convenience.
 ## iOS, Android
 ... no docs here yet since this is done entirely out of band with regular installs.
--- a/README.md
+++ b/README.md
@ -1,73 +1,57 @@
-ZeroTier - A Planetary Ethernet Switch
+ZeroTier - Global Area Networking
 ======
-ZeroTier is an enterprise Ethernet switch for planet Earth.
+ZeroTier is a smart programmable Ethernet switch for planet Earth. It allows networked devices and applications to be managed as if the entire world is one data center or cloud region.
-It erases the LAN/WAN distinction and makes VPNs, tunnels, proxies, and other kludges arising from the inflexible nature of physical networks obsolete. Everything is encrypted end-to-end and traffic takes the most direct (peer to peer) path available.
+It replaces the physical LAN/WAN boundary with a virtual one, allowing devices of any type at any location to be managed as if they all reside in the same cloud region or data center. All traffic is encrypted end-to-end and takes the most direct path available for minimum latency and maximum performance. The goals and design of ZeroTier are inspired by among other things the original [Google BeyondCorp](https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/43231.pdf) paper and the [Jericho Forum](https://en.wikipedia.org/wiki/Jericho_Forum).
-Visit [ZeroTier's site](https://www.zerotier.com/) for more information and [pre-built binary packages](https://www.zerotier.com/download.shtml). Apps for Android and iOS are available for free in the Google Play and Apple app stores.
+Visit [ZeroTier's site](https://www.zerotier.com/) for more information and [pre-built binary packages](https://www.zerotier.com/download/). Apps for Android and iOS are available for free in the Google Play and Apple app stores.
 ### Getting Started
-ZeroTier's basic operation is easy to understand. Devices have 10-digit *ZeroTier addresses* like `89e92ceee5` and networks have 16-digit network IDs like `8056c2e21c000001`. All it takes for a device to join a network is its 16-digit ID, and all it takes for a network to authorize a device is its 10-digit address. Everything else is automatic.
+Everything in the ZeroTier world is controlled by two types of identifier: 40-bit/10-digit *ZeroTier addresses* and 64-bit/16-digit *network IDs*. A ZeroTier address identifies a node or "device" (laptop, phone, server, VM, app, etc.) while a network ID identifies a virtual Ethernet network that can be joined by devices.
-A "device" in our terminology is any "unit of compute" capable of talking to a network: desktops, laptops, phones, servers, VMs/VPSes, containers, and even user-space applications via our [SDK](https://github.com/zerotier/ZeroTierSDK).
+Another way of thinking about it is that ZeroTier addresses are port numbers on a giant planetary-sized smart switch while network IDs are VLANs to which these ports can be assigned. For more details read about VL1 and VL2 in [the ZeroTier manual](https://www.zerotier.com/manual/).
-For testing purposes we provide a public virtual network called *Earth* with network ID `8056c2e21c000001`. You can join it with:
+*Network controllers* are ZeroTier nodes that act as access control certificate authorities and configuration managers for virtual networks. The first 40 bits (or 10 digits) of a network ID is the ZeroTier address of its controller. You can create networks with our [hosted controllers](https://my.zerotier.com/) and web UI/API or [host your own](controller/) if you don't mind posting some JSON configuration info or writing a script to do so.
    sudo zerotier-cli join 8056c2e21c000001
 Now wait about 30 seconds and check your system with `ip addr list` or `ifconfig`. You'll see a new interface whose name starts with *zt* and it should quickly get an IPv4 and an IPv6 address. Once you see it get an IP, try pinging `earth.zerotier.net` at `29.209.112.93`. If you've joined Earth from more than one system, try pinging your other machine. If you don't want to belong to a giant Ethernet party line anymore, just type:
    sudo zerotier-cli leave 8056c2e21c000001
 The *zt* interface will disappear. You're no longer on the network.
 To create networks of your own, you'll need a network controller. ZeroTier One (for desktops and servers) includes controller functionality in its default build that can be configured via its JSON API (see [README.md in controller/](controller/)). ZeroTier provides a hosted solution with a nice web UI and SaaS add-ons at [my.zerotier.com](https://my.zerotier.com/). Basic controller functionality is free for up to 100 devices.
 ### Project Layout
 The base path contains the ZeroTier One service main entry point (`one.cpp`), self test code, makefiles, etc.
 - `artwork/`: icons, logos, etc.
 - `attic/`: old stuff and experimental code that we want to keep around for reference.
 - `controller/`: the reference network controller implementation, which is built and included by default on desktop and server build targets.
 - `debian/`: files for building Debian packages on Linux.
 - `doc/`: manual pages and other documentation.
 - `docker/`: Dockerfile to build as a container for containerized Linux systems and Kubernetes clusters.
 - `ext/`: third party libraries, binaries that we ship for convenience on some platforms (Mac and Windows), and installation support files.
 - `include/`: include files for the ZeroTier core.
 - `java/`: a JNI wrapper used with our Android mobile app. (The whole Android app is not open source but may be made so in the future.)
 - `macui/`: a Macintosh menu-bar app for controlling ZeroTier One, written in Objective C.
 - `node/`: the ZeroTier virtual Ethernet switch core, which is designed to be entirely separate from the rest of the code and able to be built as a stand-alone OS-independent library. Note to developers: do not use C++11 features in here, since we want this to build on old embedded platforms that lack C++11 support. C++11 can be used elsewhere.
 - `osdep/`: code to support and integrate with OSes, including platform-specific stuff only built for certain targets.
 - `rule-compiler/`: JavaScript rules language compiler for defining network-level rules.
 - `service/`: the ZeroTier One service, which wraps the ZeroTier core and provides VPN-like connectivity to virtual networks for desktops, laptops, servers, VMs, and containers.
 - `tcp-proxy/`: TCP proxy code run by ZeroTier, Inc. to provide TCP fallback (this will die soon!).
 - `windows/`: Visual Studio solution files, Windows service code for ZeroTier One, and the Windows task bar app UI.
 The base path contains the ZeroTier One service main entry point (`one.cpp`), self test code, makefiles, etc.
 ### Build and Platform Notes
 To build on Mac and Linux just type `make`. On FreeBSD and OpenBSD `gmake` (GNU make) is required and can be installed from packages or ports. For Windows there is a Visual Studio solution in `windows/'.
 - **Mac**
-   - Xcode command line tools for OSX 10.7 or newer are required.
+   - Xcode command line tools for OSX 10.8 or newer are required.
   - Tap device driver kext source is in `ext/tap-mac` and a signed pre-built binary can be found in `ext/bin/tap-mac`. You should not need to build it yourself. It's a fork of [tuntaposx](http://tuntaposx.sourceforge.net) with device names changed to `zt#`, support for a larger MTU, and tun functionality removed.
 - **Linux**
-   - The minimum compiler versions required are GCC/G++ 4.9.3 or CLANG/CLANG++ 3.4.2.
+   - The minimum compiler versions required are GCC/G++ 4.9.3 or CLANG/CLANG++ 3.4.2. (Install `clang` on CentOS 7 as G++ is too old.)
   - Linux makefiles automatically detect and prefer clang/clang++ if present as it produces smaller and slightly faster binaries in most cases. You can override by supplying CC and CXX variables on the make command line.
   - CentOS 7 ships with a version of GCC/G++ that is too old, but a new enough version of CLANG can be found in the *epel* repositories. Type `yum install epel-release` and then `yum install clang` to build there.
 - **Windows**
-   - Windows 7 or newer (and equivalent server versions) are supported. This *may* work on Vista but you're on your own there. Windows XP is not supported since it lacks many important network API functions.
+   - Windows 7 or newer is supported. This *may* work on Vista but isn't officially supported there. It will not work on Windows XP.
-   - We build with Visual Studio 2015. Older versions may not work with the solution file and project files we ship and may not have new enough C++11 support.
+   - We build with Visual Studio 2017. Older versions may not work. Clang or MinGW will also probably work but may require some makefile hacking.
   - Pre-built signed Windows drivers are included in `ext/bin/tap-windows-ndis6`. The MSI files found there will install them on 32-bit and 64-bit systems. (These are included in our multi-architecture installer as chained MSIs.)
   - Windows builds are more painful in general than other platforms and are for the adventurous.
 - **FreeBSD**
-   - Tested most recently on FreeBSD-11. Older versions may work but we're not sure.
+   - GNU make is required. Type `gmake` to build.
   - GCC/G++ 4.9 and gmake are required. These can be installed from packages or ports. Type `gmake` to build.
 - **OpenBSD**
-   - There is a limit of four network memberships on OpenBSD as there are only four tap devices (`/dev/tap0` through `/dev/tap3`). We're not sure if this can be increased.
+   - There is a limit of four network memberships on OpenBSD as there are only four tap devices (`/dev/tap0` through `/dev/tap3`).
-   - OpenBSD lacks `getifmaddrs` (or any equivalent method) to get interface multicast memberships. As a result multicast will only work on OpenBSD for ARP and NDP (IP/MAC lookup) and not for other purposes.
+   - GNU make is required. Type `gmake` to build.
   - Only tested on OpenBSD 6.0. Older versions may not work.
   - GCC/G++ 4.9 and gmake are required and can be installed using `pkg_add` or from ports. They get installed in `/usr/local/bin` as `egcc` and `eg++` and our makefile is pre-configured to use them on OpenBSD.
 Typing `make selftest` will build a *zerotier-selftest* binary which unit tests various internals and reports on a few aspects of the build environment. It's a good idea to try this on novel platforms or architectures.
@ -112,7 +96,7 @@ ZeroTier One peers will automatically locate each other and communicate directly
 Users behind certain types of firewalls and "symmetric" NAT devices may not able able to connect to external peers directly at all. ZeroTier has limited support for port prediction and will *attempt* to traverse symmetric NATs, but this doesn't always work. If P2P connectivity fails you'll be bouncing UDP packets off our relay servers resulting in slower performance. Some NAT router(s) have a configurable NAT mode, and setting this to "full cone" will eliminate this problem. If you do this you may also see a magical improvement for things like VoIP phones, Skype, BitTorrent, WebRTC, certain games, etc., since all of these use NAT traversal techniques similar to ours.
-If you're interested, there's a [technical deep dive about NAT traversal on our blog](https://www.zerotier.com/blog/?p=226). A troubleshooting tool to help you diagnose NAT issues is planned for the future as are uPnP/IGD/NAT-PMP and IPv6 transport.
+If you're interested, there's a [technical deep dive about NAT traversal on our blog](https://www.zerotier.com/blog/?p=226?pk_campaign=github_ZeroTierOne). A troubleshooting tool to help you diagnose NAT issues is planned for the future as are uPnP/IGD/NAT-PMP and IPv6 transport.
 If a firewall between you and the Internet blocks ZeroTier's UDP traffic, you will fall back to last-resort TCP tunneling to rootservers over port 443 (https impersonation). This will work almost anywhere but is *very slow* compared to UDP or direct peer to peer connectivity.
--- a/RELEASE-NOTES.md
+++ b/RELEASE-NOTES.md
@ -1,6 +1,86 @@
 ZeroTier Release Notes
 ======
 # 2019-08-12 -- Version 1.4.2
 * Fix high CPU use bug on some platforms
 * Fix issues with PostgreSQL controller DB (only affects Central)
 * Restore backward compatibility with MacOS versions prior to 10.13
 # 2019-07-29 -- Version 1.4.0
 ### Major Changes
 * Mac version no longer requires a kernel extension, instead making use of the [feth interfaces](https://apple.stackexchange.com/questions/337715/fake-ethernet-interfaces-feth-if-fake-anyone-ever-seen-this).
 * Added support for concurrent multipath (multiple paths at once) with traffic weighting by link quality and faster recovery from lost links.
 * Added under-the-hood support for QoS (not yet exposed) that will eventually be configurable via our rules engine.
 ### Minor Changes and Bug Fixes
 * Experimental controller DB driver for [LF](https://github.com/zerotier/lf) to store network controller data (LFDB.cpp / LFDB.hpp).
 * Modified credential push and direct path push timings and algorithms to somewhat reduce "chattiness" of the protocol when idle. More radical background overhead reductions will have to wait for the 2.x line.
 * Removed our beta/half-baked integration of Central with the Windows UI. We're going to do a whole new UI of some kind in the future at least for Windows and Mac.
 * Fixed stack overflow issues on Linux versions using musl libc.
 * Fixed some alignment problems reported on ARM and ARM64, but some reports we could not reproduce so please report any issues with exact chip, OS/distro, and ZeroTier version in use.
 * Fixed numerous other small issues and bugs such as ARM alignment issues causing crashes on some devices.
 * Windows now sets the adapter name such that it is consistent in both the Windows UI and command line utilities.
 # 2018-07-27 -- Version 1.2.12
 * Fixed a bug that caused exits to take a long time on Mac due to huge numbers of redundant attempts to delete managed routes.
 * Fixed a socket limit problem on Windows that caused the ZeroTier service to run out of sockets, causing the UI and CLI to be unable to access the API.
 * Fixed a threading bug in the ZeroTier Core, albeit one that never manifested on the regular ZeroTier One service/client.
 * Fixed a bug that could cause the service to crash if an authorized local client accessed an invalid URL via the control API. (Not exploitable since you needed admin access anyway.)
 # 2018-05-08 -- Version 1.2.10
 * Fix bug loading `moons.d/` files for federated root operation.
 * Fix compile problem with ZT_DEBUG on some versions of `clang`
 * Fix slow network startup bug related to loading of `networks.d/` cache files
 # 2018-04-27 -- Version 1.2.8
 * Linux version once again builds with PIE (position independent executable) flags
 * Fixed bug in zerotier-idtool file sign and verify
 * Fixed minor OSX app typo
 * Merged alpha NetBSD support (mostly untested, so YMMV)
 * Merged several minor typo and one-liner bug fixes
 # 2018-04-17 -- Version 1.2.6
 * Features and Core Improvements
    * Path selection has been overhauled to improve path stability, simplify code, and prepare for multi-path and trunking in the next major release.
    * This version introduces remote tracing for remote diagnostics. Network controllers can set a node (usually the controller itself) to receive remote tracing events from all members of the network or from select members. Events are only sent if they pertain to a given network for security reasons.
    * Multicast replication can now be done by designated multicast replicators on a network (flagged as such at the controller) rather than by the sender. Most users won't want this, but it's useful for specialized use cases on hub-and-spoke networks and for low-power devices.
    * Cryptographic performance improvements on several platforms.
    * Multithreaded performance improvements throughout the code base, including the use of an inline lightweight spinlock for low-contention resources.
 * Bugs fixed
    * Disappearing routes on Mac (GitHub issue #600)
    * Route flapping and path instability in some dual-stack V4/V6 networks
    * Blacklist (in local.conf) doesn't work reliably (GitHub issue #656)
    * Connection instabilities due to unsigned integer overflows in timing comparisons (use int64_t instead of uint64_t)
    * Binaries don't run on some older or lower-end 32-bit ARM chips (build problem)
    * ARM NEON crypto code crashes (build problem)
    * Fixed some lock ordering issues revealed by "valgrind" tool
    * The "zerotier-idtool" command could not be accessed from "zerotier-one" via command line switch
    * Leaking sockets on some platforms when uPnP/NAT-PMP is enabled
    * Fixed two very rare multithreading issues that were only observed on certain systems
 * Platform-Specific Changes
    * MacOS
        * Installer now loads the kernel extension right away so that High Sierra users will see the prompt to authorize it. This is done in the "Security & Privacy" preference pane and must be done directly on the console (not via remote desktop). On High Sierra and newer kexts must be authorized at the console via security settings system preferences pane.
    * Windows
        * The Windows installer should now install the driver without requiring a special prompt in most cases. This should make it easier for our packages to be accepted into and updated in the Chocolatey repository and should make it easier to perform remote installs across groups of machines using IT management and provisioning tools.
        * The Windows official packages are now signed with an EV certificate (with hardware key).
        * The Windows UI can now log into ZeroTier Central and join networks via the Central API.
        * The `zerotier-idtool` command should now work on Windows without ugly hacks.
        * Upgraded the installer version.
        * Made a few changes to hopefully fix sporadic "will not uninstall" problems, though we cannot duplicate these issues ourselves.
    * Linux
        * Device names are now generated deterministically based on network IDs for all newly joined networks.
    * Android
        * Multicast now works on Android in most cases! Android apps can send and receive multicast and subscribe to multicast group IPs. Note that in some cases the app must bind to the specific correct interface for this to work.
        * IPv6 can be disabled in UI for cases where it causes problems.
 # 2017-04-20 -- Version 1.2.4
 * Managed routes are now only bifurcated for the default route. This is a change in behavior, though few people will probably notice. Bifurcating all managed routes was causing more trouble than it was worth for most users.
@ -29,7 +109,7 @@ The largest new feature in 1.2.0, and the product of many months of work, is our
 Rules allow you to filter packets on your network and vector traffic to security observers. Security observation can be performed in-band using REDIRECT or out of band using TEE.
-Tags and capabilites provide advanced methods for implementing fine grained permission structures and micro-segmentation schemes without bloating the size and complexity of your rules table.
+Tags and capabilities provide advanced methods for implementing fine grained permission structures and micro-segmentation schemes without bloating the size and complexity of your rules table.
 See the [rules engine announcement blog post](https://www.zerotier.com/blog/?p=927) for an in-depth discussion of theory and implementation. The [manual](https://www.zerotier.com/manual.shtml) contains detailed information on rule, tag, and capability use, and the `rule-compiler/` subfolder of the ZeroTier source tree contains a JavaScript function to compile rules in our human-readable rule definition language into rules suitable for import into a network controller. (ZeroTier Central uses this same script to compile rules on [my.zerotier.com](https://my.zerotier.com/).)
@ -112,7 +192,7 @@ A special kind of public network called an ad-hoc network may be accessed by joi
    | Start of port range (hex)
    Reserved ZeroTier address prefix indicating a controller-less network
-Ad-hoc networks are public (no access control) networks that have no network controller. Instead their configuration and other credentials are generated locally. Ad-hoc networks permit only IPv6 UDP and TCP unicast traffic (no multicast or broadcast) using 6plane format NDP-emulated IPv6 addresses. In addition an ad-hoc network ID encodes an IP port range. UDP packets and TCP SYN (connection open) packets are only allowed to desintation ports within the encoded range.
+Ad-hoc networks are public (no access control) networks that have no network controller. Instead their configuration and other credentials are generated locally. Ad-hoc networks permit only IPv6 UDP and TCP unicast traffic (no multicast or broadcast) using 6plane format NDP-emulated IPv6 addresses. In addition an ad-hoc network ID encodes an IP port range. UDP packets and TCP SYN (connection open) packets are only allowed to destination ports within the encoded range.
 For example `ff00160016000000` is an ad-hoc network allowing only SSH, while `ff0000ffff000000` is an ad-hoc network allowing any UDP or TCP port.
@ -127,7 +207,7 @@ If you have data in an old SQLite3 controller we've included a NodeJS script in
 ## Major Bug Fixes in 1.2.0
 * **The Windows HyperV 100% CPU bug is FINALLY DEAD**: This long-running problem turns out to have been an issue with Windows itself, but one we were triggering by placing invalid data into the Windows registry. Microsoft is aware of the issue but we've also fixed the triggering problem on our side. ZeroTier should now co-exist quite well with HyperV and should now be able to be bridged with a HyperV virtual switch.
- * **Segmenation faults on musl-libc based Linux systems**: Alpine Linux and some embedded Linux systems that use musl libc (a minimal libc) experienced segmentation faults. These were due to a smaller default stack size. A work-around that sets the stack size for new threads has been added.
+ * **Segmentation faults on musl-libc based Linux systems**: Alpine Linux and some embedded Linux systems that use musl libc (a minimal libc) experienced segmentation faults. These were due to a smaller default stack size. A work-around that sets the stack size for new threads has been added.
 * **Windows firewall blocks local JSON API**: On some Windows systems the firewall likes to block 127.0.0.1:9993 for mysterious reasons. This is now fixed in the installer via the addition of another firewall exemption rule.
 * **UI crash on embedded Windows due to missing fonts**: The MSI installer now ships fonts and will install them if they are not present, so this should be fixed.
--- a/artwork/AppIcon_1024x1024.png
+++ b/artwork/AppIcon_1024x1024.png
--- a/artwork/AppIcon_20x20.png
+++ b/artwork/AppIcon_20x20.png
--- a/artwork/AppIcon_60x60.png
+++ b/artwork/AppIcon_60x60.png
--- a/artwork/AppIcon_90x90.png
+++ b/artwork/AppIcon_90x90.png
--- a/artwork/ZeroTierIcon32x32.png
+++ b/artwork/ZeroTierIcon32x32.png
--- a/attic/OSXEthernetTap.cpp.pcap-with-bridge-test
+++ b/attic/OSXEthernetTap.cpp.pcap-with-bridge-test
@ -1,650 +0,0 @@
 /*
 * ZeroTier One - Network Virtualization Everywhere
 * Copyright (C) 2011-2015  ZeroTier, Inc.
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 *
 * --
 *
 * ZeroTier may be used and distributed under the terms of the GPLv3, which
 * are available at: http://www.gnu.org/licenses/gpl-3.0.html
 *
 * If you would like to embed ZeroTier into a commercial application or
 * redistribute it in a modified binary form, please contact ZeroTier Networks
 * LLC. Start here: http://www.zerotier.com/
 */
 #include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <errno.h>
 #include <unistd.h>
 #include <signal.h>
 #include <fcntl.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/ioctl.h>
 #include <sys/wait.h>
 #include <sys/select.h>
 #include <sys/cdefs.h>
 #include <sys/uio.h>
 #include <sys/param.h>
 #include <sys/ioctl.h>
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
 #include <net/route.h>
 #include <net/if.h>
 #include <net/if_arp.h>
 #include <net/if_dl.h>
 #include <net/if_media.h>
 #include <netinet6/in6_var.h>
 #include <netinet/in_var.h>
 #include <netinet/icmp6.h>
 #include <pcap/pcap.h>
 // OSX compile fix... in6_var defines this in a struct which namespaces it for C++ ... why?!?
 struct prf_ra {
 	u_char onlink : 1;
 	u_char autonomous : 1;
 	u_char reserved : 6;
 } prf_ra;
 #include <netinet6/nd6.h>
 #include <ifaddrs.h>
 // These are KERNEL_PRIVATE... why?
 #ifndef SIOCAUTOCONF_START
 #define SIOCAUTOCONF_START _IOWR('i', 132, struct in6_ifreq)    /* accept rtadvd on this interface */
 #endif
 #ifndef SIOCAUTOCONF_STOP
 #define SIOCAUTOCONF_STOP _IOWR('i', 133, struct in6_ifreq)    /* stop accepting rtadv for this interface */
 #endif
 #ifndef ETH_ALEN
 #define ETH_ALEN 6
 #endif
 // --------------------------------------------------------------------------
 // --------------------------------------------------------------------------
 // This source is from:
 // http://www.opensource.apple.com/source/Libinfo/Libinfo-406.17/gen.subproj/getifmaddrs.c?txt
 // It's here because OSX 10.6 does not have this convenience function.
 #define	SALIGN	(sizeof(uint32_t) - 1)
 #define	SA_RLEN(sa)	((sa)->sa_len ? (((sa)->sa_len + SALIGN) & ~SALIGN) : \
 (SALIGN + 1))
 #define	MAX_SYSCTL_TRY	5
 #define	RTA_MASKS	(RTA_GATEWAY | RTA_IFP | RTA_IFA)
 /* FreeBSD uses NET_RT_IFMALIST and RTM_NEWMADDR from <sys/socket.h> */
 /* We can use NET_RT_IFLIST2 and RTM_NEWMADDR2 on Darwin */
 //#define DARWIN_COMPAT
 //#ifdef DARWIN_COMPAT
 #define GIM_SYSCTL_MIB NET_RT_IFLIST2
 #define GIM_RTM_ADDR RTM_NEWMADDR2
 //#else
 //#define GIM_SYSCTL_MIB NET_RT_IFMALIST
 //#define GIM_RTM_ADDR RTM_NEWMADDR
 //#endif
 // Not in 10.6 includes so use our own
 struct _intl_ifmaddrs {
 	struct _intl_ifmaddrs *ifma_next;
 	struct sockaddr *ifma_name;
 	struct sockaddr *ifma_addr;
 	struct sockaddr *ifma_lladdr;
 };
 static inline int _intl_getifmaddrs(struct _intl_ifmaddrs **pif)
 {
 	int icnt = 1;
 	int dcnt = 0;
 	int ntry = 0;
 	size_t len;
 	size_t needed;
 	int mib[6];
 	int i;
 	char *buf;
 	char *data;
 	char *next;
 	char *p;
 	struct ifma_msghdr2 *ifmam;
 	struct _intl_ifmaddrs *ifa, *ift;
 	struct rt_msghdr *rtm;
 	struct sockaddr *sa;
 	mib[0] = CTL_NET;
 	mib[1] = PF_ROUTE;
 	mib[2] = 0;             /* protocol */
 	mib[3] = 0;             /* wildcard address family */
 	mib[4] = GIM_SYSCTL_MIB;
 	mib[5] = 0;             /* no flags */
 	do {
 		if (sysctl(mib, 6, NULL, &needed, NULL, 0) < 0)
 			return (-1);
 		if ((buf = (char *)malloc(needed)) == NULL)
 			return (-1);
 		if (sysctl(mib, 6, buf, &needed, NULL, 0) < 0) {
 			if (errno != ENOMEM || ++ntry >= MAX_SYSCTL_TRY) {
 				free(buf);
 				return (-1);
 			}
 			free(buf);
 			buf = NULL;
 		}
 	} while (buf == NULL);
 	for (next = buf; next < buf + needed; next += rtm->rtm_msglen) {
 		rtm = (struct rt_msghdr *)(void *)next;
 		if (rtm->rtm_version != RTM_VERSION)
 			continue;
 		switch (rtm->rtm_type) {
 			case GIM_RTM_ADDR:
 				ifmam = (struct ifma_msghdr2 *)(void *)rtm;
 				if ((ifmam->ifmam_addrs & RTA_IFA) == 0)
 					break;
 				icnt++;
 				p = (char *)(ifmam + 1);
 				for (i = 0; i < RTAX_MAX; i++) {
 					if ((RTA_MASKS & ifmam->ifmam_addrs &
 						 (1 << i)) == 0)
 						continue;
 					sa = (struct sockaddr *)(void *)p;
 					len = SA_RLEN(sa);
 					dcnt += len;
 					p += len;
 				}
 				break;
 		}
 	}
 	data = (char *)malloc(sizeof(struct _intl_ifmaddrs) * icnt + dcnt);
 	if (data == NULL) {
 		free(buf);
 		return (-1);
 	}
 	ifa = (struct _intl_ifmaddrs *)(void *)data;
 	data += sizeof(struct _intl_ifmaddrs) * icnt;
 	memset(ifa, 0, sizeof(struct _intl_ifmaddrs) * icnt);
 	ift = ifa;
 	for (next = buf; next < buf + needed; next += rtm->rtm_msglen) {
 		rtm = (struct rt_msghdr *)(void *)next;
 		if (rtm->rtm_version != RTM_VERSION)
 			continue;
 		switch (rtm->rtm_type) {
 			case GIM_RTM_ADDR:
 				ifmam = (struct ifma_msghdr2 *)(void *)rtm;
 				if ((ifmam->ifmam_addrs & RTA_IFA) == 0)
 					break;
 				p = (char *)(ifmam + 1);
 				for (i = 0; i < RTAX_MAX; i++) {
 					if ((RTA_MASKS & ifmam->ifmam_addrs &
 						 (1 << i)) == 0)
 						continue;
 					sa = (struct sockaddr *)(void *)p;
 					len = SA_RLEN(sa);
 					switch (i) {
 						case RTAX_GATEWAY:
 							ift->ifma_lladdr =
 							(struct sockaddr *)(void *)data;
 							memcpy(data, p, len);
 							data += len;
 							break;
 						case RTAX_IFP:
 							ift->ifma_name =
 							(struct sockaddr *)(void *)data;
 							memcpy(data, p, len);
 							data += len;
 							break;
 						case RTAX_IFA:
 							ift->ifma_addr =
 							(struct sockaddr *)(void *)data;
 							memcpy(data, p, len);
 							data += len;
 							break;
 						default:
 							data += len;
 							break;
 					}
 					p += len;
 				}
 				ift->ifma_next = ift + 1;
 				ift = ift->ifma_next;
 				break;
 		}
 	}
 	free(buf);
 	if (ift > ifa) {
 		ift--;
 		ift->ifma_next = NULL;
 		*pif = ifa;
 	} else {
 		*pif = NULL;
 		free(ifa);
 	}
 	return (0);
 }
 static inline void _intl_freeifmaddrs(struct _intl_ifmaddrs *ifmp)
 {
 	free(ifmp);
 }
 // --------------------------------------------------------------------------
 // --------------------------------------------------------------------------
 #include <string>
 #include <map>
 #include <set>
 #include <algorithm>
 #include "../node/Constants.hpp"
 #include "../node/Utils.hpp"
 #include "../node/Mutex.hpp"
 #include "../node/Dictionary.hpp"
 #include "OSUtils.hpp"
 #include "OSXEthernetTap.hpp"
 // ff:ff:ff:ff:ff:ff with no ADI
 static const ZeroTier::MulticastGroup _blindWildcardMulticastGroup(ZeroTier::MAC(0xff),0);
 static inline bool _setIpv6Stuff(const char *ifname,bool performNUD,bool acceptRouterAdverts)
 {
 	struct in6_ndireq nd;
 	struct in6_ifreq ifr;
 	int s = socket(AF_INET6,SOCK_DGRAM,0);
 	if (s <= 0)
 		return false;
 	memset(&nd,0,sizeof(nd));
 	strncpy(nd.ifname,ifname,sizeof(nd.ifname));
 	if (ioctl(s,SIOCGIFINFO_IN6,&nd)) {
 		close(s);
 		return false;
 	}
 	unsigned long oldFlags = (unsigned long)nd.ndi.flags;
 	if (performNUD)
 		nd.ndi.flags |= ND6_IFF_PERFORMNUD;
 	else nd.ndi.flags &= ~ND6_IFF_PERFORMNUD;
 	if (oldFlags != (unsigned long)nd.ndi.flags) {
 		if (ioctl(s,SIOCSIFINFO_FLAGS,&nd)) {
 			close(s);
 			return false;
 		}
 	}
 	memset(&ifr,0,sizeof(ifr));
 	strncpy(ifr.ifr_name,ifname,sizeof(ifr.ifr_name));
 	if (ioctl(s,acceptRouterAdverts ? SIOCAUTOCONF_START : SIOCAUTOCONF_STOP,&ifr)) {
 		close(s);
 		return false;
 	}
 	close(s);
 	return true;
 }
 namespace ZeroTier {
 static std::set<std::string> globalDeviceNames;
 static Mutex globalTapCreateLock;
 OSXEthernetTap::OSXEthernetTap(
 	const char *homePath,
 	const MAC &mac,
 	unsigned int mtu,
 	unsigned int metric,
 	uint64_t nwid,
 	const char *friendlyName,
 	void (*handler)(void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *data,unsigned int len),
 	void *arg) :
 	_handler(handler),
 	_arg(arg),
 	_pcap((void *)0),
 	_nwid(nwid),
 	_mac(mac),
 	_homePath(homePath),
 	_mtu(mtu),
 	_metric(metric),
 	_enabled(true)
 {
 	char errbuf[PCAP_ERRBUF_SIZE];
 	char devname[64],ethaddr[64],mtustr[32],metstr[32],nwids[32];
 	Utils::snprintf(nwids,sizeof(nwids),"%.16llx",nwid);
 	if (mtu > 2800)
 		throw std::runtime_error("max tap MTU is 2800");
 	Mutex::Lock _gl(globalTapCreateLock);
 	std::string desiredDevice;
 	Dictionary devmap;
 	{
 		std::string devmapbuf;
 		if (OSUtils::readFile((_homePath + ZT_PATH_SEPARATOR_S + "devicemap").c_str(),devmapbuf)) {
 			devmap.fromString(devmapbuf);
 			desiredDevice = devmap.get(nwids,"");
 		}
 	}
 	if ((desiredDevice.length() >= 9)&&(desiredDevice.substr(0,6) == "bridge")) {
 		// length() >= 9 matches bridge### or bridge####
 		_dev = desiredDevice;
 	} else {
 		if (globalDeviceNames.size() >= (10000 - 128)) // sanity check... this would be nuts
 			throw std::runtime_error("too many devices!");
 		unsigned int pseudoBridgeNo = (unsigned int)((nwid ^ (nwid >> 32)) % (10000 - 128)) + 128; // range: bridge128 to bridge9999
 		sprintf(devname,"bridge%u",pseudoBridgeNo);
 		while (globalDeviceNames.count(std::string(devname)) > 0) {
 			++pseudoBridgeNo;
 			if (pseudoBridgeNo > 9999)
 				pseudoBridgeNo = 64;
 			sprintf(devname,"bridge%u",pseudoBridgeNo);
 		}
 		_dev = devname;
 	}
 	// Configure MAC address and MTU, bring interface up
 	long cpid = (long)vfork();
 	if (cpid == 0) {
 		::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"create",(const char *)0);
 		::_exit(-1);
 	} else if (cpid > 0) {
 		int exitcode = -1;
 		::waitpid(cpid,&exitcode,0);
 		if (exitcode != 0)
 			throw std::runtime_error("ifconfig failure setting link-layer address and activating tap interface");
 	} else throw std::runtime_error("unable to fork()");
 	Utils::snprintf(ethaddr,sizeof(ethaddr),"%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",(int)mac[0],(int)mac[1],(int)mac[2],(int)mac[3],(int)mac[4],(int)mac[5]);
 	Utils::snprintf(mtustr,sizeof(mtustr),"%u",_mtu);
 	Utils::snprintf(metstr,sizeof(metstr),"%u",_metric);
 	cpid = (long)vfork();
 	if (cpid == 0) {
 		::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"lladdr",ethaddr,"mtu",mtustr,"metric",metstr,"up",(const char *)0);
 		::_exit(-1);
 	} else if (cpid > 0) {
 		int exitcode = -1;
 		::waitpid(cpid,&exitcode,0);
 		if (exitcode != 0)
 			throw std::runtime_error("ifconfig failure setting link-layer address and activating tap interface");
 	} else throw std::runtime_error("unable to fork()");
 	_setIpv6Stuff(_dev.c_str(),true,false);
 	_pcap = (void *)pcap_create(_dev.c_str(),errbuf);
 	if (!_pcap) {
 		cpid = (long)vfork();
 		if (cpid == 0) {
 			::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"destroy",(const char *)0);
 			::_exit(-1);
 		} else if (cpid > 0) {
 			int exitcode = -1;
 			::waitpid(cpid,&exitcode,0);
 		}
 		throw std::runtime_error((std::string("pcap_create() on new bridge device failed: ") + errbuf).c_str());
 	}
 	pcap_set_promisc(reinterpret_cast<pcap_t *>(_pcap),1);
 	pcap_set_timeout(reinterpret_cast<pcap_t *>(_pcap),120000);
 	pcap_set_immediate_mode(reinterpret_cast<pcap_t *>(_pcap),1);
 	if (pcap_set_buffer_size(reinterpret_cast<pcap_t *>(_pcap),1024 * 1024 * 16) != 0) // 16MB
 		fprintf(stderr,"WARNING: pcap_set_buffer_size() failed!\n");
 	if (pcap_set_snaplen(reinterpret_cast<pcap_t *>(_pcap),4096) != 0)
 		fprintf(stderr,"WARNING: pcap_set_snaplen() failed!\n");
 	if (pcap_activate(reinterpret_cast<pcap_t *>(_pcap)) != 0) {
 		pcap_close(reinterpret_cast<pcap_t *>(_pcap));
 		cpid = (long)vfork();
 		if (cpid == 0) {
 			::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"destroy",(const char *)0);
 			::_exit(-1);
 		} else if (cpid > 0) {
 			int exitcode = -1;
 			::waitpid(cpid,&exitcode,0);
 		}
 		throw std::runtime_error("pcap_activate() on new bridge device failed.");
 	}
 	globalDeviceNames.insert(_dev);
 	devmap[nwids] = _dev;
 	OSUtils::writeFile((_homePath + ZT_PATH_SEPARATOR_S + "devicemap").c_str(),devmap.toString());
 	_thread = Thread::start(this);
 }
 OSXEthernetTap::~OSXEthernetTap()
 {
 	_enabled = false;
 	Mutex::Lock _gl(globalTapCreateLock);
 	globalDeviceNames.erase(_dev);
 	long cpid = (long)vfork();
 	if (cpid == 0) {
 		::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"destroy",(const char *)0);
 		::_exit(-1);
 	} else if (cpid > 0) {
 		int exitcode = -1;
 		::waitpid(cpid,&exitcode,0);
 		if (exitcode == 0) {
 			// Destroying the interface nukes pcap and terminates the thread.
 			Thread::join(_thread);
 		}
 	}
 	pcap_close(reinterpret_cast<pcap_t *>(_pcap));
 }
 static bool ___removeIp(const std::string &_dev,const InetAddress &ip)
 {
 	long cpid = (long)vfork();
 	if (cpid == 0) {
 		execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"inet",ip.toIpString().c_str(),"-alias",(const char *)0);
 		_exit(-1);
 	} else if (cpid > 0) {
 		int exitcode = -1;
 		waitpid(cpid,&exitcode,0);
 		return (exitcode == 0);
 	}
 	return false; // never reached, make compiler shut up about return value
 }
 bool OSXEthernetTap::addIp(const InetAddress &ip)
 {
 	if (!ip)
 		return false;
 	std::vector<InetAddress> allIps(ips());
 	if (std::binary_search(allIps.begin(),allIps.end(),ip))
 		return true;
 	// Remove and reconfigure if address is the same but netmask is different
 	for(std::vector<InetAddress>::iterator i(allIps.begin());i!=allIps.end();++i) {
 		if ((i->ipsEqual(ip))&&(i->netmaskBits() != ip.netmaskBits())) {
 			if (___removeIp(_dev,*i))
 				break;
 		}
 	}
 	long cpid = (long)vfork();
 	if (cpid == 0) {
 		::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),ip.isV4() ? "inet" : "inet6",ip.toString().c_str(),"alias",(const char *)0);
 		::_exit(-1);
 	} else if (cpid > 0) {
 		int exitcode = -1;
 		::waitpid(cpid,&exitcode,0);
 		return (exitcode == 0);
 	} // else return false...
 	return false;
 }
 bool OSXEthernetTap::removeIp(const InetAddress &ip)
 {
 	if (!ip)
 		return true;
 	std::vector<InetAddress> allIps(ips());
 	if (!std::binary_search(allIps.begin(),allIps.end(),ip)) {
 		if (___removeIp(_dev,ip))
 			return true;
 	}
 	return false;
 }
 std::vector<InetAddress> OSXEthernetTap::ips() const
 {
 	struct ifaddrs *ifa = (struct ifaddrs *)0;
 	if (getifaddrs(&ifa))
 		return std::vector<InetAddress>();
 	std::vector<InetAddress> r;
 	struct ifaddrs *p = ifa;
 	while (p) {
 		if ((!strcmp(p->ifa_name,_dev.c_str()))&&(p->ifa_addr)&&(p->ifa_netmask)&&(p->ifa_addr->sa_family == p->ifa_netmask->sa_family)) {
 			switch(p->ifa_addr->sa_family) {
 				case AF_INET: {
 					struct sockaddr_in *sin = (struct sockaddr_in *)p->ifa_addr;
 					struct sockaddr_in *nm = (struct sockaddr_in *)p->ifa_netmask;
 					r.push_back(InetAddress(&(sin->sin_addr.s_addr),4,Utils::countBits((uint32_t)nm->sin_addr.s_addr)));
 				}	break;
 				case AF_INET6: {
 					struct sockaddr_in6 *sin = (struct sockaddr_in6 *)p->ifa_addr;
 					struct sockaddr_in6 *nm = (struct sockaddr_in6 *)p->ifa_netmask;
 					uint32_t b[4];
 					memcpy(b,nm->sin6_addr.s6_addr,sizeof(b));
 					r.push_back(InetAddress(sin->sin6_addr.s6_addr,16,Utils::countBits(b[0]) + Utils::countBits(b[1]) + Utils::countBits(b[2]) + Utils::countBits(b[3])));
 				}	break;
 			}
 		}
 		p = p->ifa_next;
 	}
 	if (ifa)
 		freeifaddrs(ifa);
 	std::sort(r.begin(),r.end());
 	std::unique(r.begin(),r.end());
 	return r;
 }
 void OSXEthernetTap::put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len)
 {
 	char putBuf[4096];
 	if ((len <= _mtu)&&(_enabled)) {
 		to.copyTo(putBuf,6);
 		from.copyTo(putBuf + 6,6);
 		*((uint16_t *)(putBuf + 12)) = htons((uint16_t)etherType);
 		memcpy(putBuf + 14,data,len);
 		len += 14;
 		int r = pcap_inject(reinterpret_cast<pcap_t *>(_pcap),putBuf,len);
 		if (r <= 0) {
 			printf("%s: pcap_inject() failed\n",_dev.c_str());
 			return;
 		}
 		printf("%s: inject %s -> %s etherType==%u len=%u r==%d\n",_dev.c_str(),from.toString().c_str(),to.toString().c_str(),etherType,len,r);
 	}
 }
 std::string OSXEthernetTap::deviceName() const
 {
 	return _dev;
 }
 void OSXEthernetTap::setFriendlyName(const char *friendlyName)
 {
 }
 void OSXEthernetTap::scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed)
 {
 	std::vector<MulticastGroup> newGroups;
 	struct _intl_ifmaddrs *ifmap = (struct _intl_ifmaddrs *)0;
 	if (!_intl_getifmaddrs(&ifmap)) {
 		struct _intl_ifmaddrs *p = ifmap;
 		while (p) {
 			if (p->ifma_addr->sa_family == AF_LINK) {
 				struct sockaddr_dl *in = (struct sockaddr_dl *)p->ifma_name;
 				struct sockaddr_dl *la = (struct sockaddr_dl *)p->ifma_addr;
 				if ((la->sdl_alen == 6)&&(in->sdl_nlen <= _dev.length())&&(!memcmp(_dev.data(),in->sdl_data,in->sdl_nlen)))
 					newGroups.push_back(MulticastGroup(MAC(la->sdl_data + la->sdl_nlen,6),0));
 			}
 			p = p->ifma_next;
 		}
 		_intl_freeifmaddrs(ifmap);
 	}
 	std::vector<InetAddress> allIps(ips());
 	for(std::vector<InetAddress>::iterator ip(allIps.begin());ip!=allIps.end();++ip)
 		newGroups.push_back(MulticastGroup::deriveMulticastGroupForAddressResolution(*ip));
 	std::sort(newGroups.begin(),newGroups.end());
 	std::unique(newGroups.begin(),newGroups.end());
 	for(std::vector<MulticastGroup>::iterator m(newGroups.begin());m!=newGroups.end();++m) {
 		if (!std::binary_search(_multicastGroups.begin(),_multicastGroups.end(),*m))
 			added.push_back(*m);
 	}
 	for(std::vector<MulticastGroup>::iterator m(_multicastGroups.begin());m!=_multicastGroups.end();++m) {
 		if (!std::binary_search(newGroups.begin(),newGroups.end(),*m))
 			removed.push_back(*m);
 	}
 	_multicastGroups.swap(newGroups);
 }
 static void _pcapHandler(u_char *ptr,const struct pcap_pkthdr *hdr,const u_char *data)
 {
 	OSXEthernetTap *tap = reinterpret_cast<OSXEthernetTap *>(ptr);
 	if (hdr->caplen > 14) {
 		MAC to(data,6);
 		MAC from(data + 6,6);
 		if (from == tap->_mac) {
 			unsigned int etherType = ntohs(((const uint16_t *)data)[6]);
 			printf("%s: %s -> %s etherType==%u len==%u\n",tap->_dev.c_str(),from.toString().c_str(),to.toString().c_str(),etherType,(unsigned int)hdr->caplen);
 			// TODO: VLAN support
 			tap->_handler(tap->_arg,tap->_nwid,from,to,etherType,0,(const void *)(data + 14),hdr->len - 14);
 		}
 	}
 }
 void OSXEthernetTap::threadMain()
 	throw()
 {
 	pcap_loop(reinterpret_cast<pcap_t *>(_pcap),-1,&_pcapHandler,reinterpret_cast<u_char *>(this));
 }
 } // namespace ZeroTier
--- a/attic/OSXEthernetTap.cpp.utun-work-in-progress
+++ b/attic/OSXEthernetTap.cpp.utun-work-in-progress
@ -1,831 +0,0 @@
 /*
 * ZeroTier One - Network Virtualization Everywhere
 * Copyright (C) 2011-2015  ZeroTier, Inc.
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 *
 * --
 *
 * ZeroTier may be used and distributed under the terms of the GPLv3, which
 * are available at: http://www.gnu.org/licenses/gpl-3.0.html
 *
 * If you would like to embed ZeroTier into a commercial application or
 * redistribute it in a modified binary form, please contact ZeroTier Networks
 * LLC. Start here: http://www.zerotier.com/
 */
 #include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <errno.h>
 #include <unistd.h>
 #include <signal.h>
 #include <fcntl.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/ioctl.h>
 #include <sys/wait.h>
 #include <sys/select.h>
 #include <sys/cdefs.h>
 #include <sys/uio.h>
 #include <sys/param.h>
 #include <sys/ioctl.h>
 #include <sys/socket.h>
 #include <sys/sys_domain.h>
 #include <sys/kern_control.h>
 #include <net/if_utun.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
 #include <net/route.h>
 #include <net/if.h>
 #include <net/if_arp.h>
 #include <net/if_dl.h>
 #include <net/if_media.h>
 #include <netinet6/in6_var.h>
 #include <netinet/in_var.h>
 #include <netinet/icmp6.h>
 // OSX compile fix... in6_var defines this in a struct which namespaces it for C++ ... why?!?
 struct prf_ra {
 	u_char onlink : 1;
 	u_char autonomous : 1;
 	u_char reserved : 6;
 } prf_ra;
 #include <netinet6/nd6.h>
 #include <ifaddrs.h>
 // These are KERNEL_PRIVATE... why?
 #ifndef SIOCAUTOCONF_START
 #define SIOCAUTOCONF_START _IOWR('i', 132, struct in6_ifreq)    /* accept rtadvd on this interface */
 #endif
 #ifndef SIOCAUTOCONF_STOP
 #define SIOCAUTOCONF_STOP _IOWR('i', 133, struct in6_ifreq)    /* stop accepting rtadv for this interface */
 #endif
 // --------------------------------------------------------------------------
 // --------------------------------------------------------------------------
 // This source is from:
 // http://www.opensource.apple.com/source/Libinfo/Libinfo-406.17/gen.subproj/getifmaddrs.c?txt
 // It's here because OSX 10.6 does not have this convenience function.
 #define	SALIGN	(sizeof(uint32_t) - 1)
 #define	SA_RLEN(sa)	((sa)->sa_len ? (((sa)->sa_len + SALIGN) & ~SALIGN) : \
 (SALIGN + 1))
 #define	MAX_SYSCTL_TRY	5
 #define	RTA_MASKS	(RTA_GATEWAY | RTA_IFP | RTA_IFA)
 /* FreeBSD uses NET_RT_IFMALIST and RTM_NEWMADDR from <sys/socket.h> */
 /* We can use NET_RT_IFLIST2 and RTM_NEWMADDR2 on Darwin */
 //#define DARWIN_COMPAT
 //#ifdef DARWIN_COMPAT
 #define GIM_SYSCTL_MIB NET_RT_IFLIST2
 #define GIM_RTM_ADDR RTM_NEWMADDR2
 //#else
 //#define GIM_SYSCTL_MIB NET_RT_IFMALIST
 //#define GIM_RTM_ADDR RTM_NEWMADDR
 //#endif
 // Not in 10.6 includes so use our own
 struct _intl_ifmaddrs {
 	struct _intl_ifmaddrs *ifma_next;
 	struct sockaddr *ifma_name;
 	struct sockaddr *ifma_addr;
 	struct sockaddr *ifma_lladdr;
 };
 static inline int _intl_getifmaddrs(struct _intl_ifmaddrs **pif)
 {
 	int icnt = 1;
 	int dcnt = 0;
 	int ntry = 0;
 	size_t len;
 	size_t needed;
 	int mib[6];
 	int i;
 	char *buf;
 	char *data;
 	char *next;
 	char *p;
 	struct ifma_msghdr2 *ifmam;
 	struct _intl_ifmaddrs *ifa, *ift;
 	struct rt_msghdr *rtm;
 	struct sockaddr *sa;
 	mib[0] = CTL_NET;
 	mib[1] = PF_ROUTE;
 	mib[2] = 0;             /* protocol */
 	mib[3] = 0;             /* wildcard address family */
 	mib[4] = GIM_SYSCTL_MIB;
 	mib[5] = 0;             /* no flags */
 	do {
 		if (sysctl(mib, 6, NULL, &needed, NULL, 0) < 0)
 			return (-1);
 		if ((buf = (char *)malloc(needed)) == NULL)
 			return (-1);
 		if (sysctl(mib, 6, buf, &needed, NULL, 0) < 0) {
 			if (errno != ENOMEM || ++ntry >= MAX_SYSCTL_TRY) {
 				free(buf);
 				return (-1);
 			}
 			free(buf);
 			buf = NULL;
 		}
 	} while (buf == NULL);
 	for (next = buf; next < buf + needed; next += rtm->rtm_msglen) {
 		rtm = (struct rt_msghdr *)(void *)next;
 		if (rtm->rtm_version != RTM_VERSION)
 			continue;
 		switch (rtm->rtm_type) {
 			case GIM_RTM_ADDR:
 				ifmam = (struct ifma_msghdr2 *)(void *)rtm;
 				if ((ifmam->ifmam_addrs & RTA_IFA) == 0)
 					break;
 				icnt++;
 				p = (char *)(ifmam + 1);
 				for (i = 0; i < RTAX_MAX; i++) {
 					if ((RTA_MASKS & ifmam->ifmam_addrs &
 						 (1 << i)) == 0)
 						continue;
 					sa = (struct sockaddr *)(void *)p;
 					len = SA_RLEN(sa);
 					dcnt += len;
 					p += len;
 				}
 				break;
 		}
 	}
 	data = (char *)malloc(sizeof(struct _intl_ifmaddrs) * icnt + dcnt);
 	if (data == NULL) {
 		free(buf);
 		return (-1);
 	}
 	ifa = (struct _intl_ifmaddrs *)(void *)data;
 	data += sizeof(struct _intl_ifmaddrs) * icnt;
 	memset(ifa, 0, sizeof(struct _intl_ifmaddrs) * icnt);
 	ift = ifa;
 	for (next = buf; next < buf + needed; next += rtm->rtm_msglen) {
 		rtm = (struct rt_msghdr *)(void *)next;
 		if (rtm->rtm_version != RTM_VERSION)
 			continue;
 		switch (rtm->rtm_type) {
 			case GIM_RTM_ADDR:
 				ifmam = (struct ifma_msghdr2 *)(void *)rtm;
 				if ((ifmam->ifmam_addrs & RTA_IFA) == 0)
 					break;
 				p = (char *)(ifmam + 1);
 				for (i = 0; i < RTAX_MAX; i++) {
 					if ((RTA_MASKS & ifmam->ifmam_addrs &
 						 (1 << i)) == 0)
 						continue;
 					sa = (struct sockaddr *)(void *)p;
 					len = SA_RLEN(sa);
 					switch (i) {
 						case RTAX_GATEWAY:
 							ift->ifma_lladdr =
 							(struct sockaddr *)(void *)data;
 							memcpy(data, p, len);
 							data += len;
 							break;
 						case RTAX_IFP:
 							ift->ifma_name =
 							(struct sockaddr *)(void *)data;
 							memcpy(data, p, len);
 							data += len;
 							break;
 						case RTAX_IFA:
 							ift->ifma_addr =
 							(struct sockaddr *)(void *)data;
 							memcpy(data, p, len);
 							data += len;
 							break;
 						default:
 							data += len;
 							break;
 					}
 					p += len;
 				}
 				ift->ifma_next = ift + 1;
 				ift = ift->ifma_next;
 				break;
 		}
 	}
 	free(buf);
 	if (ift > ifa) {
 		ift--;
 		ift->ifma_next = NULL;
 		*pif = ifa;
 	} else {
 		*pif = NULL;
 		free(ifa);
 	}
 	return (0);
 }
 static inline void _intl_freeifmaddrs(struct _intl_ifmaddrs *ifmp)
 {
 	free(ifmp);
 }
 // --------------------------------------------------------------------------
 // --------------------------------------------------------------------------
 #include <string>
 #include <map>
 #include <set>
 #include <algorithm>
 #include "../node/Constants.hpp"
 #include "../node/Utils.hpp"
 #include "../node/Mutex.hpp"
 #include "../node/Dictionary.hpp"
 #include "Arp.hpp"
 #include "OSUtils.hpp"
 #include "OSXEthernetTap.hpp"
 // ff:ff:ff:ff:ff:ff with no ADI
 static const ZeroTier::MulticastGroup _blindWildcardMulticastGroup(ZeroTier::MAC(0xff),0);
 static inline bool _setIpv6Stuff(const char *ifname,bool performNUD,bool acceptRouterAdverts)
 {
 	struct in6_ndireq nd;
 	struct in6_ifreq ifr;
 	int s = socket(AF_INET6,SOCK_DGRAM,0);
 	if (s <= 0)
 		return false;
 	memset(&nd,0,sizeof(nd));
 	strncpy(nd.ifname,ifname,sizeof(nd.ifname));
 	if (ioctl(s,SIOCGIFINFO_IN6,&nd)) {
 		close(s);
 		return false;
 	}
 	unsigned long oldFlags = (unsigned long)nd.ndi.flags;
 	if (performNUD)
 		nd.ndi.flags |= ND6_IFF_PERFORMNUD;
 	else nd.ndi.flags &= ~ND6_IFF_PERFORMNUD;
 	if (oldFlags != (unsigned long)nd.ndi.flags) {
 		if (ioctl(s,SIOCSIFINFO_FLAGS,&nd)) {
 			close(s);
 			return false;
 		}
 	}
 	memset(&ifr,0,sizeof(ifr));
 	strncpy(ifr.ifr_name,ifname,sizeof(ifr.ifr_name));
 	if (ioctl(s,acceptRouterAdverts ? SIOCAUTOCONF_START : SIOCAUTOCONF_STOP,&ifr)) {
 		close(s);
 		return false;
 	}
 	close(s);
 	return true;
 }
 // Create an OSX-native utun device (utun# where # is desiredNumber)
 // Adapted from public domain utun example code by Jonathan Levin
 static int _make_utun(int desiredNumber)
 {
 	struct sockaddr_ctl sc;
 	struct ctl_info ctlInfo;
 	struct ifreq ifr;
 	memset(&ctlInfo, 0, sizeof(ctlInfo));
 	if (strlcpy(ctlInfo.ctl_name, UTUN_CONTROL_NAME, sizeof(ctlInfo.ctl_name)) >= sizeof(ctlInfo.ctl_name)) {
 		return -1;
 	}
 	int fd = socket(PF_SYSTEM, SOCK_DGRAM, SYSPROTO_CONTROL);
 	if (fd == -1)
 		return -1;
 	if (ioctl(fd, CTLIOCGINFO, &ctlInfo) == -1) {
 		close(fd);
 		return -1;
 	}
 	sc.sc_id = ctlInfo.ctl_id;
 	sc.sc_len = sizeof(sc);
 	sc.sc_family = AF_SYSTEM;
 	sc.ss_sysaddr = AF_SYS_CONTROL;
 	sc.sc_unit = desiredNumber + 1;
 	if (connect(fd, (struct sockaddr *)&sc, sizeof(sc)) == -1) {
 		close(fd);
 		return -1;
 	}
 	memset(&ifr,0,sizeof(ifr));
 	sprintf(ifr.ifr_name,"utun%d",desiredNumber);
 	if (ioctl(fd,SIOCGIFFLAGS,(void *)&ifr) < 0) {
 		printf("SIOCGIFFLAGS failed\n");
 	}
 	ifr.ifr_flags &= ~IFF_POINTOPOINT;
 	if (ioctl(fd,SIOCSIFFLAGS,(void *)&ifr) < 0) {
 		printf("clear IFF_POINTOPOINT failed\n");
 	}
 	return fd;
 }
 namespace ZeroTier {
 static long globalTapsRunning = 0;
 static Mutex globalTapCreateLock;
 OSXEthernetTap::OSXEthernetTap(
 	const char *homePath,
 	const MAC &mac,
 	unsigned int mtu,
 	unsigned int metric,
 	uint64_t nwid,
 	const char *friendlyName,
 	void (*handler)(void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *data,unsigned int len),
 	void *arg) :
 	_handler(handler),
 	_arg(arg),
 	_arp((Arp *)0),
 	_nwid(nwid),
 	_homePath(homePath),
 	_mtu(mtu),
 	_metric(metric),
 	_fd(0),
 	_utun(false),
 	_enabled(true)
 {
 	char devpath[64],ethaddr[64],mtustr[32],metstr[32],nwids[32];
 	struct stat stattmp;
 	Utils::snprintf(nwids,sizeof(nwids),"%.16llx",nwid);
 	if (mtu > 2800)
 		throw std::runtime_error("max tap MTU is 2800");
 	Mutex::Lock _gl(globalTapCreateLock);
 	// Read remembered previous device name, if any -- we'll try to reuse
 	Dictionary devmap;
 	std::string desiredDevice;
 	{
 		std::string devmapbuf;
 		if (OSUtils::readFile((_homePath + ZT_PATH_SEPARATOR_S + "devicemap").c_str(),devmapbuf)) {
 			devmap.fromString(devmapbuf);
 			desiredDevice = devmap.get(nwids,"");
 		}
 	}
 	if (::stat((_homePath + ZT_PATH_SEPARATOR_S + "tap.kext").c_str(),&stattmp) == 0) {
 		// Try to init kext if it's there, otherwise revert to utun mode
 		if (::stat("/dev/zt0",&stattmp)) {
 			long kextpid = (long)vfork();
 			if (kextpid == 0) {
 				::chdir(homePath);
 				OSUtils::redirectUnixOutputs("/dev/null",(const char *)0);
 				::execl("/sbin/kextload","/sbin/kextload","-q","-repository",homePath,"tap.kext",(const char *)0);
 				::_exit(-1);
 			} else if (kextpid > 0) {
 				int exitcode = -1;
 				::waitpid(kextpid,&exitcode,0);
 			}
 			::usleep(500); // give tap device driver time to start up and try again
 			if (::stat("/dev/zt0",&stattmp))
 				_utun = true;
 		}
 		if (!_utun) {
 			// See if we can re-use the last device we had.
 			bool recalledDevice = false;
 			if (desiredDevice.length() > 2) {
 				Utils::snprintf(devpath,sizeof(devpath),"/dev/%s",desiredDevice.c_str());
 				if (stat(devpath,&stattmp) == 0) {
 					_fd = ::open(devpath,O_RDWR);
 					if (_fd > 0) {
 						_dev = desiredDevice;
 						recalledDevice = true;
 					}
 				}
 			}
 			// Open the first unused tap device if we didn't recall a previous one.
 			if (!recalledDevice) {
 				for(int i=0;i<64;++i) {
 					Utils::snprintf(devpath,sizeof(devpath),"/dev/zt%d",i);
 					if (stat(devpath,&stattmp)) {
 						_utun = true;
 						break;
 					}
 					_fd = ::open(devpath,O_RDWR);
 					if (_fd > 0) {
 						char foo[16];
 						Utils::snprintf(foo,sizeof(foo),"zt%d",i);
 						_dev = foo;
 						break;
 					}
 				}
 			}
 			if (_fd <= 0)
 				_utun = true;
 		}
 	} else {
 		_utun = true;
 	}
 	if (_utun) {
 		// Use OSX built-in utun device if kext is not available or doesn't work
 		int utunNo = 0;
 		if ((desiredDevice.length() > 4)&&(desiredDevice.substr(0,4) == "utun")) {
 			utunNo = Utils::strToInt(desiredDevice.substr(4).c_str());
 			if (utunNo >= 0)
 				_fd = _make_utun(utunNo);
 		}
 		if (_fd <= 0) {
 			// Start at utun8 to leave lower utuns unused since other stuff might
 			// want them -- OpenVPN, cjdns, etc. I'm not sure if those are smart
 			// enough to scan upward like this.
 			for(utunNo=8;utunNo<=256;++utunNo) {
 				if ((_fd = _make_utun(utunNo)) > 0)
 					break;
 			}
 		}
 		if (_fd <= 0)
 			throw std::runtime_error("unable to find/load ZeroTier tap driver OR use built-in utun driver in OSX; permission or system problem or too many open devices?");
 		Utils::snprintf(devpath,sizeof(devpath),"utun%d",utunNo);
 		_dev = devpath;
 		// Configure address and bring it up
 		Utils::snprintf(mtustr,sizeof(mtustr),"%u",_mtu);
 		Utils::snprintf(metstr,sizeof(metstr),"%u",_metric);
 		long cpid = (long)vfork();
 		if (cpid == 0) {
 			::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"mtu",mtustr,"metric",metstr,"up",(const char *)0);
 			::_exit(-1);
 		} else if (cpid > 0) {
 			int exitcode = -1;
 			::waitpid(cpid,&exitcode,0);
 			if (exitcode) {
 				::close(_fd);
 				throw std::runtime_error("ifconfig failure activating utun interface");
 			}
 		}
 	} else {
 		// Use our ZeroTier OSX tun/tap driver for zt# Ethernet tap device
 		if (fcntl(_fd,F_SETFL,fcntl(_fd,F_GETFL) & ~O_NONBLOCK) == -1) {
 			::close(_fd);
 			throw std::runtime_error("unable to set flags on file descriptor for TAP device");
 		}
 		// Configure MAC address and MTU, bring interface up
 		Utils::snprintf(ethaddr,sizeof(ethaddr),"%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",(int)mac[0],(int)mac[1],(int)mac[2],(int)mac[3],(int)mac[4],(int)mac[5]);
 		Utils::snprintf(mtustr,sizeof(mtustr),"%u",_mtu);
 		Utils::snprintf(metstr,sizeof(metstr),"%u",_metric);
 		long cpid = (long)vfork();
 		if (cpid == 0) {
 			::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"lladdr",ethaddr,"mtu",mtustr,"metric",metstr,"up",(const char *)0);
 			::_exit(-1);
 		} else if (cpid > 0) {
 			int exitcode = -1;
 			::waitpid(cpid,&exitcode,0);
 			if (exitcode) {
 				::close(_fd);
 				throw std::runtime_error("ifconfig failure setting link-layer address and activating tap interface");
 			}
 		}
 		_setIpv6Stuff(_dev.c_str(),true,false);
 	}
 	// Set close-on-exec so that devices cannot persist if we fork/exec for update
 	fcntl(_fd,F_SETFD,fcntl(_fd,F_GETFD) | FD_CLOEXEC);
 	::pipe(_shutdownSignalPipe);
 	++globalTapsRunning;
 	devmap[nwids] = _dev;
 	OSUtils::writeFile((_homePath + ZT_PATH_SEPARATOR_S + "devicemap").c_str(),devmap.toString());
 	_thread = Thread::start(this);
 }
 OSXEthernetTap::~OSXEthernetTap()
 {
 	Mutex::Lock _gl(globalTapCreateLock);
 	::write(_shutdownSignalPipe[1],(const void *)this,1); // writing a byte causes thread to exit
 	Thread::join(_thread);
 	::close(_fd);
 	::close(_shutdownSignalPipe[0]);
 	::close(_shutdownSignalPipe[1]);
 	if (_utun) {
 		delete _arp;
 	} else {
 		if (--globalTapsRunning <= 0) {
 			globalTapsRunning = 0; // sanity check -- should not be possible
 			char tmp[16384];
 			sprintf(tmp,"%s/%s",_homePath.c_str(),"tap.kext");
 			long kextpid = (long)vfork();
 			if (kextpid == 0) {
 				OSUtils::redirectUnixOutputs("/dev/null",(const char *)0);
 				::execl("/sbin/kextunload","/sbin/kextunload",tmp,(const char *)0);
 				::_exit(-1);
 			} else if (kextpid > 0) {
 				int exitcode = -1;
 				::waitpid(kextpid,&exitcode,0);
 			}
 		}
 	}
 }
 void OSXEthernetTap::setEnabled(bool en)
 {
 	_enabled = en;
 	// TODO: interface status change
 }
 bool OSXEthernetTap::enabled() const
 {
 	return _enabled;
 }
 static bool ___removeIp(const std::string &_dev,const InetAddress &ip)
 {
 	long cpid = (long)vfork();
 	if (cpid == 0) {
 		execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"inet",ip.toIpString().c_str(),"-alias",(const char *)0);
 		_exit(-1);
 	} else if (cpid > 0) {
 		int exitcode = -1;
 		waitpid(cpid,&exitcode,0);
 		return (exitcode == 0);
 	}
 	return false; // never reached, make compiler shut up about return value
 }
 bool OSXEthernetTap::addIp(const InetAddress &ip)
 {
 	if (!ip)
 		return false;
 	std::vector<InetAddress> allIps(ips());
 	if (std::binary_search(allIps.begin(),allIps.end(),ip))
 		return true;
 	// Remove and reconfigure if address is the same but netmask is different
 	for(std::vector<InetAddress>::iterator i(allIps.begin());i!=allIps.end();++i) {
 		if ((i->ipsEqual(ip))&&(i->netmaskBits() != ip.netmaskBits())) {
 			if (___removeIp(_dev,*i))
 				break;
 		}
 	}
 	if (_utun) {
 		long cpid = (long)vfork();
 		if (cpid == 0) {
 			if (ip.ss_family == AF_INET6) {
 				::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"inet6",ip.toString().c_str(),"alias",(const char *)0);
 			} else {
 				::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),ip.toString().c_str(),ip.toIpString().c_str(),"alias",(const char *)0);
 			}
 			::_exit(-1);
 		} else if (cpid > 0) {
 			int exitcode = -1;
 			::waitpid(cpid,&exitcode,0);
 			if (exitcode == 0) {
 				if (ip.ss_family == AF_INET) {
 					// Add route to network over tun for IPv4 -- otherwise it behaves
 					// as a simple point to point tunnel instead of a true route.
 					cpid = (long)vfork();
 					if (cpid == 0) {
 						::close(STDERR_FILENO);
 						::close(STDOUT_FILENO);
 						::execl("/sbin/route","/sbin/route","add",ip.network().toString().c_str(),ip.toIpString().c_str(),(const char *)0);
 						::exit(-1);
 					} else if (cpid > 0) {
 						int exitcode = -1;
 						::waitpid(cpid,&exitcode,0);
 						return (exitcode == 0);
 					}
 				} else return true;
 			}
 		}
 	} else {
 		long cpid = (long)vfork();
 		if (cpid == 0) {
 			::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),ip.isV4() ? "inet" : "inet6",ip.toString().c_str(),"alias",(const char *)0);
 			::_exit(-1);
 		} else if (cpid > 0) {
 			int exitcode = -1;
 			::waitpid(cpid,&exitcode,0);
 			return (exitcode == 0);
 		}
 	}
 	return false;
 }
 bool OSXEthernetTap::removeIp(const InetAddress &ip)
 {
 	if (!ip)
 		return true;
 	std::vector<InetAddress> allIps(ips());
 	if (!std::binary_search(allIps.begin(),allIps.end(),ip)) {
 		if (___removeIp(_dev,ip))
 			return true;
 	}
 	return false;
 }
 std::vector<InetAddress> OSXEthernetTap::ips() const
 {
 	struct ifaddrs *ifa = (struct ifaddrs *)0;
 	if (getifaddrs(&ifa))
 		return std::vector<InetAddress>();
 	std::vector<InetAddress> r;
 	struct ifaddrs *p = ifa;
 	while (p) {
 		if ((!strcmp(p->ifa_name,_dev.c_str()))&&(p->ifa_addr)&&(p->ifa_netmask)&&(p->ifa_addr->sa_family == p->ifa_netmask->sa_family)) {
 			switch(p->ifa_addr->sa_family) {
 				case AF_INET: {
 					struct sockaddr_in *sin = (struct sockaddr_in *)p->ifa_addr;
 					struct sockaddr_in *nm = (struct sockaddr_in *)p->ifa_netmask;
 					r.push_back(InetAddress(&(sin->sin_addr.s_addr),4,Utils::countBits((uint32_t)nm->sin_addr.s_addr)));
 				}	break;
 				case AF_INET6: {
 					struct sockaddr_in6 *sin = (struct sockaddr_in6 *)p->ifa_addr;
 					struct sockaddr_in6 *nm = (struct sockaddr_in6 *)p->ifa_netmask;
 					uint32_t b[4];
 					memcpy(b,nm->sin6_addr.s6_addr,sizeof(b));
 					r.push_back(InetAddress(sin->sin6_addr.s6_addr,16,Utils::countBits(b[0]) + Utils::countBits(b[1]) + Utils::countBits(b[2]) + Utils::countBits(b[3])));
 				}	break;
 			}
 		}
 		p = p->ifa_next;
 	}
 	if (ifa)
 		freeifaddrs(ifa);
 	std::sort(r.begin(),r.end());
 	std::unique(r.begin(),r.end());
 	return r;
 }
 void OSXEthernetTap::put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len)
 {
 	char putBuf[4096];
 	if ((_fd > 0)&&(len <= _mtu)&&(_enabled)) {
 		to.copyTo(putBuf,6);
 		from.copyTo(putBuf + 6,6);
 		*((uint16_t *)(putBuf + 12)) = htons((uint16_t)etherType);
 		memcpy(putBuf + 14,data,len);
 		len += 14;
 		::write(_fd,putBuf,len);
 	}
 }
 std::string OSXEthernetTap::deviceName() const
 {
 	return _dev;
 }
 void OSXEthernetTap::setFriendlyName(const char *friendlyName)
 {
 }
 void OSXEthernetTap::scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed)
 {
 	std::vector<MulticastGroup> newGroups;
 	struct _intl_ifmaddrs *ifmap = (struct _intl_ifmaddrs *)0;
 	if (!_intl_getifmaddrs(&ifmap)) {
 		struct _intl_ifmaddrs *p = ifmap;
 		while (p) {
 			if (p->ifma_addr->sa_family == AF_LINK) {
 				struct sockaddr_dl *in = (struct sockaddr_dl *)p->ifma_name;
 				struct sockaddr_dl *la = (struct sockaddr_dl *)p->ifma_addr;
 				if ((la->sdl_alen == 6)&&(in->sdl_nlen <= _dev.length())&&(!memcmp(_dev.data(),in->sdl_data,in->sdl_nlen)))
 					newGroups.push_back(MulticastGroup(MAC(la->sdl_data + la->sdl_nlen,6),0));
 			}
 			p = p->ifma_next;
 		}
 		_intl_freeifmaddrs(ifmap);
 	}
 	std::vector<InetAddress> allIps(ips());
 	for(std::vector<InetAddress>::iterator ip(allIps.begin());ip!=allIps.end();++ip)
 		newGroups.push_back(MulticastGroup::deriveMulticastGroupForAddressResolution(*ip));
 	std::sort(newGroups.begin(),newGroups.end());
 	std::unique(newGroups.begin(),newGroups.end());
 	for(std::vector<MulticastGroup>::iterator m(newGroups.begin());m!=newGroups.end();++m) {
 		if (!std::binary_search(_multicastGroups.begin(),_multicastGroups.end(),*m))
 			added.push_back(*m);
 	}
 	for(std::vector<MulticastGroup>::iterator m(_multicastGroups.begin());m!=_multicastGroups.end();++m) {
 		if (!std::binary_search(newGroups.begin(),newGroups.end(),*m))
 			removed.push_back(*m);
 	}
 	_multicastGroups.swap(newGroups);
 }
 void OSXEthernetTap::threadMain()
 	throw()
 {
 	fd_set readfds,nullfds;
 	MAC to,from;
 	int n,nfds,r;
 	char getBuf[8194];
 	Thread::sleep(500);
 	FD_ZERO(&readfds);
 	FD_ZERO(&nullfds);
 	nfds = (int)std::max(_shutdownSignalPipe[0],_fd) + 1;
 	r = 0;
 	for(;;) {
 		FD_SET(_shutdownSignalPipe[0],&readfds);
 		FD_SET(_fd,&readfds);
 		select(nfds,&readfds,&nullfds,&nullfds,(struct timeval *)0);
 		if (FD_ISSET(_shutdownSignalPipe[0],&readfds)) // writes to shutdown pipe terminate thread
 			break;
 		if (FD_ISSET(_fd,&readfds)) {
 			n = (int)::read(_fd,getBuf + r,sizeof(getBuf) - r);
 			if (n < 0) {
 				if ((errno != EINTR)&&(errno != ETIMEDOUT))
 					break;
 			} else {
 				// Some tap drivers like to send the ethernet frame and the
 				// payload in two chunks, so handle that by accumulating
 				// data until we have at least a frame.
 				r += n;
 				if (r > 14) {
 					if (r > ((int)_mtu + 14)) // sanity check for weird TAP behavior on some platforms
 						r = _mtu + 14;
 					if (_enabled) {
 						to.setTo(getBuf,6);
 						from.setTo(getBuf + 6,6);
 						unsigned int etherType = ntohs(((const uint16_t *)getBuf)[6]);
 						// TODO: VLAN support
 						_handler(_arg,_nwid,from,to,etherType,0,(const void *)(getBuf + 14),r - 14);
 					}
 					r = 0;
 				}
 			}
 		}
 	}
 }
 } // namespace ZeroTier
--- a/attic/OSXEthernetTap.hpp.pcap-with-bridge-test
+++ b/attic/OSXEthernetTap.hpp.pcap-with-bridge-test
@ -1,96 +0,0 @@
 /*
 * ZeroTier One - Network Virtualization Everywhere
 * Copyright (C) 2011-2015  ZeroTier, Inc.
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 *
 * --
 *
 * ZeroTier may be used and distributed under the terms of the GPLv3, which
 * are available at: http://www.gnu.org/licenses/gpl-3.0.html
 *
 * If you would like to embed ZeroTier into a commercial application or
 * redistribute it in a modified binary form, please contact ZeroTier Networks
 * LLC. Start here: http://www.zerotier.com/
 */
 #ifndef ZT_OSXETHERNETTAP_HPP
 #define ZT_OSXETHERNETTAP_HPP
 #include <stdio.h>
 #include <stdlib.h>
 #include <stdexcept>
 #include <string>
 #include <vector>
 #include "../node/Constants.hpp"
 #include "../node/MAC.hpp"
 #include "../node/InetAddress.hpp"
 #include "../node/MulticastGroup.hpp"
 #include "Thread.hpp"
 namespace ZeroTier {
 /**
 * OSX Ethernet tap using ZeroTier kernel extension zt# devices
 */
 class OSXEthernetTap
 {
 public:
 	OSXEthernetTap(
 		const char *homePath,
 		const MAC &mac,
 		unsigned int mtu,
 		unsigned int metric,
 		uint64_t nwid,
 		const char *friendlyName,
 		void (*handler)(void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
 		void *arg);
 	~OSXEthernetTap();
 	inline void setEnabled(bool en) { _enabled = en; }
 	inline bool enabled() const { return _enabled; }
 	bool addIp(const InetAddress &ip);
 	bool removeIp(const InetAddress &ip);
 	std::vector<InetAddress> ips() const;
 	void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
 	std::string deviceName() const;
 	void setFriendlyName(const char *friendlyName);
 	void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
 	void threadMain()
 		throw();
 	// Private members of OSXEthernetTap have public visibility to be accessable
 	// from an internal bounce function; don't modify directly.
 	void (*_handler)(void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int);
 	void *_arg;
 	void *_pcap; // pcap_t *
 	uint64_t _nwid;
 	MAC _mac;
 	Thread _thread;
 	std::string _homePath;
 	std::string _dev;
 	std::vector<MulticastGroup> _multicastGroups;
 	unsigned int _mtu;
 	unsigned int _metric;
 	volatile bool _enabled;
 };
 } // namespace ZeroTier
 #endif
--- a/attic/README.md
+++ b/attic/README.md
@ -1,4 +0,0 @@
 Retired Code and Miscellaneous Junk
 ======
 This directory is for old code that isn't used but we don't want to lose track of, and for anything else random like debug scripts.
--- a/attic/big-http-test/2015-11-10_01_50000.out.xz
+++ b/attic/big-http-test/2015-11-10_01_50000.out.xz
--- a/attic/big-http-test/2015-11-10_02_50000.out.xz
+++ b/attic/big-http-test/2015-11-10_02_50000.out.xz
--- a/attic/big-http-test/2015-11-10_03_12500_ec2-east-only.out.xz
+++ b/attic/big-http-test/2015-11-10_03_12500_ec2-east-only.out.xz
--- a/attic/big-http-test/Dockerfile
+++ b/attic/big-http-test/Dockerfile
@ -1,24 +0,0 @@
 FROM centos:latest
 MAINTAINER https://www.zerotier.com/
 EXPOSE 9993/udp
 ADD nodesource-el.repo /etc/yum.repos.d/nodesource-el.repo
 RUN yum -y update && yum install -y nodejs && yum clean all
 RUN mkdir -p /var/lib/zerotier-one
 RUN mkdir -p /var/lib/zerotier-one/networks.d
 RUN touch /var/lib/zerotier-one/networks.d/ffffffffffffffff.conf
 ADD package.json /
 RUN npm install
 ADD zerotier-one /
 RUN chmod a+x /zerotier-one
 ADD agent.js /
 ADD docker-main.sh /
 RUN chmod a+x /docker-main.sh
 CMD ["./docker-main.sh"]
--- a/attic/big-http-test/README.md
+++ b/attic/big-http-test/README.md
@ -1,12 +0,0 @@
 HTTP one-to-all test
 ======
 *This is really internal use code. You're free to test it out but expect to do some editing/tweaking to make it work. We used this to run some massive scale tests of our new geo-cluster-based root server infrastructure prior to taking it live.*
 Before using this code you will want to edit agent.js to change SERVER_HOST to the IP address of where you will run server.js. This should typically be an open Internet IP, since this makes reporting not dependent upon the thing being tested. Also note that this thing does no security of any kind. It's designed for one-off tests run over a short period of time, not to be anything that runs permanently. You will also want to edit the Dockerfile if you want to build containers and change the network ID to the network you want to run tests over.
 This code can be deployed across a large number of VMs or containers to test and benchmark HTTP traffic within a virtual network at scale. The agent acts as a server and can query other agents, while the server collects agent data and tells agents about each other. It's designed to use RFC4193-based ZeroTier IPv6 addresses within the cluster, which allows the easy provisioning of a large cluster without IP conflicts.
 The Dockerfile builds an image that launches the agent. The image must be "docker run" with "--device=/dev/net/tun --privileged" to permit it to open a tun/tap device within the container. (Unfortunately CAP_NET_ADMIN may not work due to a bug in Docker and/or Linux.) You can run a bunch with a command like:
    for ((n=0;n<10;n++)); do docker run --device=/dev/net/tun --privileged -d zerotier/http-test; done
--- a/attic/big-http-test/agent.js
+++ b/attic/big-http-test/agent.js
@ -1,196 +0,0 @@
 // ZeroTier distributed HTTP test agent
 // ---------------------------------------------------------------------------
 // Customizable parameters:
 // Time between startup and first test attempt
 var TEST_STARTUP_LAG = 10000;
 // Maximum interval between test attempts (actual timing is random % this)
 var TEST_INTERVAL_MAX = (60000 * 10);
 // Test timeout in ms
 var TEST_TIMEOUT = 30000;
 // Where should I get other agents' IDs and POST results?
 var SERVER_HOST = '52.26.196.147';
 var SERVER_PORT = 18080;
 // Which port do agents use to serve up test data to each other?
 var AGENT_PORT = 18888;
 // Payload size in bytes
 var PAYLOAD_SIZE = 5000;
 // ---------------------------------------------------------------------------
 var ipaddr = require('ipaddr.js');
 var os = require('os');
 var http = require('http');
 var async = require('async');
 var express = require('express');
 var app = express();
 // Find our ZeroTier-assigned RFC4193 IPv6 address
 var thisAgentId = null;
 var interfaces = os.networkInterfaces();
 if (!interfaces) {
 	console.error('FATAL: os.networkInterfaces() failed.');
 	process.exit(1);
 }
 for(var ifname in interfaces) {
 	var ifaddrs = interfaces[ifname];
 	if (Array.isArray(ifaddrs)) {
 		for(var i=0;i<ifaddrs.length;++i) {
 			if (ifaddrs[i].family == 'IPv6') {
 				try {
 					var ipbytes = ipaddr.parse(ifaddrs[i].address).toByteArray();
 					if ((ipbytes.length === 16)&&(ipbytes[0] == 0xfd)&&(ipbytes[9] == 0x99)&&(ipbytes[10] == 0x93)) {
 						thisAgentId = '';
 						for(var j=0;j<16;++j) {
 							var tmp = ipbytes[j].toString(16);
 							if (tmp.length === 1)
 								thisAgentId += '0';
 							thisAgentId += tmp;
 						}
 					}
 				} catch (e) {
 					console.error(e);
 				}
 			}
 		}
 	}
 }
 if (thisAgentId === null) {
 	console.error('FATAL: no ZeroTier-assigned RFC4193 IPv6 addresses found on any local interface!');
 	process.exit(1);
 }
 //console.log(thisAgentId);
 // Create a random (and therefore not very compressable) payload
 var payload = new Buffer(PAYLOAD_SIZE);
 for(var xx=0;xx<PAYLOAD_SIZE;++xx) {
 	payload.writeUInt8(Math.round(Math.random() * 255.0),xx);
 }
 function agentIdToIp(agentId)
 {
 	var ip = '';
 	ip += agentId.substr(0,4);
 	ip += ':';
 	ip += agentId.substr(4,4);
 	ip += ':';
 	ip += agentId.substr(8,4);
 	ip += ':';
 	ip += agentId.substr(12,4);
 	ip += ':';
 	ip += agentId.substr(16,4);
 	ip += ':';
 	ip += agentId.substr(20,4);
 	ip += ':';
 	ip += agentId.substr(24,4);
 	ip += ':';
 	ip += agentId.substr(28,4);
 	return ip;
 };
 var lastTestResult = null;
 var allOtherAgents = {};
 function doTest()
 {
 	var submit = http.request({
 		host: SERVER_HOST,
 		port: SERVER_PORT,
 		path: '/'+thisAgentId,
 		method: 'POST'
 	},function(res) {
 		var body = '';
 		res.on('data',function(chunk) { body += chunk.toString(); });
 		res.on('end',function() {
 			if (body) {
 				try {
 					var peers = JSON.parse(body);
 					if (Array.isArray(peers)) {
 						for(var xx=0;xx<peers.length;++xx)
 							allOtherAgents[peers[xx]] = true;
 					}
 				} catch (e) {}
 			}
 			var agents = Object.keys(allOtherAgents);
 			if (agents.length > 1) {
 				var target = agents[Math.floor(Math.random() * agents.length)];
 				while (target === thisAgentId)
 					target = agents[Math.floor(Math.random() * agents.length)];
 				var testRequest = null;
 				var timeoutId = null;
 				timeoutId = setTimeout(function() {
 					if (testRequest !== null)
 						testRequest.abort();
 					timeoutId = null;
 				},TEST_TIMEOUT);
 				var startTime = Date.now();
 				testRequest = http.get({
 					host: agentIdToIp(target),
 					port: AGENT_PORT,
 					path: '/'
 				},function(res) {
 					var bytes = 0;
 					res.on('data',function(chunk) { bytes += chunk.length; });
 					res.on('end',function() {
 						lastTestResult = {
 							source: thisAgentId,
 							target: target,
 							time: (Date.now() - startTime),
 							bytes: bytes,
 							timedOut: (timeoutId === null),
 							error: null
 						};
 						if (timeoutId !== null)
 							clearTimeout(timeoutId);
 						return setTimeout(doTest,Math.round(Math.random() * TEST_INTERVAL_MAX) + 1);
 					});
 				}).on('error',function(e) {
 					lastTestResult = {
 						source: thisAgentId,
 						target: target,
 						time: (Date.now() - startTime),
 						bytes: 0,
 						timedOut: (timeoutId === null),
 						error: e.toString()
 					};
 					if (timeoutId !== null)
 						clearTimeout(timeoutId);
 					return setTimeout(doTest,Math.round(Math.random() * TEST_INTERVAL_MAX) + 1);
 				});
 			} else {
 				return setTimeout(doTest,1000);
 			}
 		});
 	}).on('error',function(e) {
 		console.log('POST failed: '+e.toString());
 		return setTimeout(doTest,1000);
 	});
 	if (lastTestResult !== null) {
 		submit.write(JSON.stringify(lastTestResult));
 		lastTestResult = null;
 	}
 	submit.end();
 };
 // Agents just serve up a test payload
 app.get('/',function(req,res) { return res.status(200).send(payload); });
 var expressServer = app.listen(AGENT_PORT,function () {
 	// Start timeout-based loop
 	setTimeout(doTest(),TEST_STARTUP_LAG);
 });
--- a/attic/big-http-test/big-test-kill.sh
+++ b/attic/big-http-test/big-test-kill.sh
@ -1,9 +0,0 @@
 #!/bin/bash
 # Kills all running Docker containers on all big-test-hosts
 export PATH=/bin:/usr/bin:/usr/local/bin:/usr/sbin:/sbin
 pssh -h big-test-hosts -x '-t -t' -i -OUserKnownHostsFile=/dev/null -OStrictHostKeyChecking=no -t 0 -p 256 "sudo docker ps -aq | xargs -r sudo docker rm -f"
 exit 0
--- a/attic/big-http-test/big-test-start.sh
+++ b/attic/big-http-test/big-test-start.sh
@ -1,13 +0,0 @@
 #!/bin/bash
 # More than 500 container seems to result in a lot of sporadic failures, probably due to Linux kernel scaling issues with virtual network ports
 # 250 with a 16GB RAM VM like Amazon m4.xlarge seems good
 NUM_CONTAINERS=250
 CONTAINER_IMAGE=zerotier/http-test
 SCALE_UP_DELAY=10
 export PATH=/bin:/usr/bin:/usr/local/bin:/usr/sbin:/sbin
 pssh -h big-test-hosts -x '-t -t' -i -OUserKnownHostsFile=/dev/null -OStrictHostKeyChecking=no -t 0 -p 256 "sudo sysctl -w net.netfilter.nf_conntrack_max=262144 ; for ((n=0;n<$NUM_CONTAINERS;n++)); do sudo docker run --device=/dev/net/tun --privileged -d $CONTAINER_IMAGE; sleep $SCALE_UP_DELAY; done"
 exit 0
--- a/attic/big-http-test/crunch-results.js
+++ b/attic/big-http-test/crunch-results.js
@ -1,65 +0,0 @@
 //
 // Pipe the output of server.js into this to convert raw test results into bracketed statistics
 // suitable for graphing.
 //
 // Time duration per statistical bracket
 var BRACKET_SIZE = 10000;
 // Number of bytes expected from each test
 var EXPECTED_BYTES = 5000;
 var readline = require('readline');
 var rl = readline.createInterface({
 	input: process.stdin,
 	output: process.stdout,
 	terminal: false
 });
 var count = 0.0;
 var overallCount = 0.0;
 var totalFailures = 0.0;
 var totalOverallFailures = 0.0;
 var totalMs = 0;
 var totalData = 0;
 var devices = {};
 var lastBracketTs = 0;
 rl.on('line',function(line) {
 	line = line.trim();
 	var ls = line.split(',');
 	if (ls.length == 7) {
 		var ts = parseInt(ls[0]);
 		var fromId = ls[1];
 		var toId = ls[2];
 		var ms = parseFloat(ls[3]);
 		var bytes = parseInt(ls[4]);
 		var timedOut = (ls[5] == 'true') ? true : false;
 		var errMsg = ls[6];
 		count += 1.0;
 		overallCount += 1.0;
 		if ((bytes !== EXPECTED_BYTES)||(timedOut)) {
 			totalFailures += 1.0;
 			totalOverallFailures += 1.0;
 		}
 		totalMs += ms;
 		totalData += bytes;
 		devices[fromId] = true;
 		devices[toId] = true;
 		if (lastBracketTs === 0)
 			lastBracketTs = ts;
 		if (((ts - lastBracketTs) >= BRACKET_SIZE)&&(count > 0.0)) {
 			console.log(count.toString()+','+overallCount.toString()+','+(totalMs / count)+','+(totalFailures / count)+','+(totalOverallFailures / overallCount)+','+totalData+','+Object.keys(devices).length);
 			count = 0.0;
 			totalFailures = 0.0;
 			totalMs = 0;
 			totalData = 0;
 			lastBracketTs = ts;
 		}
 	} // else ignore junk
 });
--- a/attic/big-http-test/docker-main.sh
+++ b/attic/big-http-test/docker-main.sh
@ -1,16 +0,0 @@
 #!/bin/bash
 export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin
 /zerotier-one -d >>zerotier-one.out 2>&1
 # Wait for ZeroTier to start and join the network
 while [ ! -d "/proc/sys/net/ipv6/conf/zt0" ]; do
 	sleep 0.25
 done
 # Wait just a bit longer for stuff to settle
 sleep 5
 exec node --harmony /agent.js >>agent.out 2>&1
 #exec node --harmony /agent.js
--- a/attic/big-http-test/nodesource-el.repo
+++ b/attic/big-http-test/nodesource-el.repo
@ -1,6 +0,0 @@
 [nodesource]
 name=Node.js Packages for Enterprise Linux 7 - $basearch
 baseurl=https://rpm.nodesource.com/pub_4.x/el/7/$basearch
 failovermethod=priority
 enabled=1
 gpgcheck=0
--- a/attic/big-http-test/package.json
+++ b/attic/big-http-test/package.json
@ -1,16 +0,0 @@
 {
  "name": "zerotier-test-http",
  "version": "1.0.0",
  "description": "ZeroTier in-network HTTP test",
  "main": "agent.js",
  "scripts": {
    "test": "echo \"Error: no test specified\" && exit 1"
  },
  "author": "ZeroTier, Inc.",
  "license": "GPL-3.0",
  "dependencies": {
    "async": "^1.5.0",
    "express": "^4.13.3",
    "ipaddr.js": "^1.0.3"
  }
 }
--- a/attic/big-http-test/server.js
+++ b/attic/big-http-test/server.js
@ -1,53 +0,0 @@
 // ZeroTier distributed HTTP test coordinator and result-reporting server
 // ---------------------------------------------------------------------------
 // Customizable parameters:
 var SERVER_PORT = 18080;
 // ---------------------------------------------------------------------------
 var fs = require('fs');
 var express = require('express');
 var app = express();
 app.use(function(req,res,next) {
 	req.rawBody = '';
 	req.on('data', function(chunk) { req.rawBody += chunk.toString(); });
 	req.on('end', function() { return next(); });
 });
 var knownAgents = {};
 app.post('/:agentId',function(req,res) {
 	var agentId = req.params.agentId;
 	if ((!agentId)||(agentId.length !== 32))
 		return res.status(404).send('');
 	if (req.rawBody) {
 		var receiveTime = Date.now();
 		var resultData = null;
 		try {
 			resultData = JSON.parse(req.rawBody);
 			console.log(Date.now().toString()+','+resultData.source+','+resultData.target+','+resultData.time+','+resultData.bytes+','+resultData.timedOut+',"'+((resultData.error) ? resultData.error : '')+'"');
 		} catch (e) {}
 	}
 	knownAgents[agentId] = true;
 	var thisUpdate = [];
 	var agents = Object.keys(knownAgents);
 	if (agents.length < 100)
 		thisUpdate = agents;
 	else {
 		for(var xx=0;xx<100;++xx)
 			thisUpdate.push(agents[Math.floor(Math.random() * agents.length)]);
 	}
 	return res.status(200).send(JSON.stringify(thisUpdate));
 });
 var expressServer = app.listen(SERVER_PORT,function () {
 	console.log('LISTENING ON '+SERVER_PORT);
 	console.log('');
 });
--- a/attic/cli/README.md
+++ b/attic/cli/README.md
@ -1,57 +0,0 @@
 The new ZeroTier CLI!
 ====
 With this update we've expanded upon the previous CLI's functionality, so things should seem pretty familiar. Here are some of the new features we've introduced:
 - Create and administer networks on ZeroTier Central directly from the console.
 - Service configurations, allows you to control local/remote instances of ZeroTier One
 - Identity generation and management is now part of the same CLI tool
 ***
 ## Configurations
 Configurations are a way for you to nickname and logically organize the control of ZeroTier services running locally or remotely (this includes ZeroTier Central!). They're merely groupings of service API url's and auth tokens. The CLI's settings data is contained within `.zerotierCliSettings`.
 For instance, you can control your local instance of ZeroTier One via the `@local` config. By default it is represented as follows:
 ```
 "local": {
      "auth": "7tyqRoFytajf21j2l2t9QPm5",
      "type": "one",
      "url": "http://127.0.0.1:9993/"
 }
 ``` 
 As an example, if you issue the command `zerotier ls` is it implicitly stating `zerotier @local ls`. 
 With the same line of thinking, you could create a `@my.zerotier.com` which would allow for something like `zerotier @my.zerotier.com net-create` which talks to our hosted ZeroTier Central to create a new network.
 ## Command families 
 - `cli-` is for configuring the settings data for the CLI itself, such as adding/removing `@thing` configurations, variables, etc.
 - `net-` is for operating on a *ZeroTier Central* service such as `https://my.zerotier.com`
 - `id-` is for handling ZeroTier identities.
 And those commands with no prefix are there to allow you to operate ZeroTier One instances either local or remote.
 ***
 ## Useful command examples
 *Add a ZeroTier One configuration:*
 - `zerotier cli-add-zt MyLocalConfigName https://127.0.0.1:9993/ <authtoken>`
 *Add a ZeroTier Central configuration:*
 - `zerotier cli-add-central MyZTCentralConfigName https://my.zerotier.com/ <centralAPIAuthtoken>`
 *Set a default ZeroTier One instance:*
 - `zerotier cli-set defaultOne MyLocalConfigName`
 *Set a default ZeroTier Central:*
 - `zerotier cli-set defaultCentral MyZTCentralConfigName`
--- a/attic/cli/zerotier.cpp
+++ b/attic/cli/zerotier.cpp
@ -1,957 +0,0 @@
 /*
 * ZeroTier One - Network Virtualization Everywhere
 * Copyright (C) 2011-2016  ZeroTier, Inc.  https://www.zerotier.com/
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 // Note: unlike the rest of ZT's code base, this requires C++11 due to
 // the JSON library it uses and other things.
 #include <stdio.h>
 #include <stdlib.h>
 #include <stdint.h>
 #include <string.h>
 #include "../node/Constants.hpp"
 #include "../node/Identity.hpp"
 #include "../version.h"
 #include "../osdep/OSUtils.hpp"
 #include "../ext/offbase/json/json.hpp"
 #ifdef __WINDOWS__
 #include <WinSock2.h>
 #include <windows.h>
 #include <tchar.h>
 #include <wchar.h>
 #else
 #include <ctype.h>
 #include <unistd.h>
 #endif
 #include <iostream>
 #include <string>
 #include <map>
 #include <vector>
 #include <tuple>
 #include <regex>
 #include <curl/curl.h>
 using json = nlohmann::json;
 using namespace ZeroTier;
 #define ZT_CLI_FLAG_VERBOSE 'v'
 #define ZT_CLI_FLAG_UNSAFE_SSL 'X'
 #define REQ_GET  0
 #define REQ_POST 1
 #define REQ_DEL  2
 #define OK_STR   "[OK  ]: "
 #define FAIL_STR "[FAIL]: "
 #define WARN_STR "[WARN]: "
 #define INVALID_ARGS_STR "Invalid args. Usage: " 
 struct CLIState
 {
 	std::string atname;
 	std::string command;
 	std::string url;
 	std::map<std::string,std::string> reqHeaders;
 	std::vector<std::string> args;
 	std::map<char,std::string> opts;
 	json settings;
 };
 namespace {
 static Identity getIdFromArg(char *arg)
 {
 	Identity id;
 	if ((strlen(arg) > 32)&&(arg[10] == ':')) { // identity is a literal on the command line
 		if (id.fromString(arg))
 			return id;
 	} else { // identity is to be read from a file
 		std::string idser;
 		if (OSUtils::readFile(arg,idser)) {
 			if (id.fromString(idser))
 				return id;
 		}
 	}
 	return Identity();
 }
 static std::string trimString(const std::string &s)
 {
 	unsigned long end = (unsigned long)s.length();
 	while (end) {
 		char c = s[end - 1];
 		if ((c == ' ')||(c == '\r')||(c == '\n')||(!c)||(c == '\t'))
 			--end;
 		else break;
 	}
 	unsigned long start = 0;
 	while (start < end) {
 		char c = s[start];
 		if ((c == ' ')||(c == '\r')||(c == '\n')||(!c)||(c == '\t'))
 			++start;
 		else break;
 	}
 	return s.substr(start,end - start);
 }
 static inline std::string getSettingsFilePath()
 {
 #ifdef __WINDOWS__
 #else
 	const char *home = getenv("HOME");
 	if (!home)
 		home = "/";
 	return (std::string(home) + "/.zerotierCliSettings");
 #endif
 }
 static bool saveSettingsBackup(CLIState &state)
 {
 	std::string sfp(getSettingsFilePath().c_str());
 	if(state.settings.find("generateBackupConfig") != state.settings.end() 
 		&& state.settings["generateBackupConfig"].get<std::string>() == "true") {
 		std::string backup_file = getSettingsFilePath() + ".bak";
 		if(!OSUtils::writeFile(sfp.c_str(), state.settings.dump(2))) {
 			OSUtils::lockDownFile(sfp.c_str(),false);
 			std::cout << WARN_STR << "unable to write backup config file" << std::endl;
 			return false;
 		}
 		return true;
 	}
 	return false;
 }
 static bool saveSettings(CLIState &state)
 {
 	std::string sfp(getSettingsFilePath().c_str());
 	if(OSUtils::writeFile(sfp.c_str(), state.settings.dump(2))) {
 		OSUtils::lockDownFile(sfp.c_str(),false);
 		std::cout << OK_STR << "changes saved." << std::endl;
 		return true;
 	}
 	std::cout << FAIL_STR << "unable to write to " << sfp << std::endl;
 	return false;
 }
 static void dumpHelp()
 {
 	std::cout << "ZeroTier Newer-Spiffier CLI " << ZEROTIER_ONE_VERSION_MAJOR << "." << ZEROTIER_ONE_VERSION_MINOR << "." << ZEROTIER_ONE_VERSION_REVISION << std::endl;
 	std::cout << "(c)2016 ZeroTier, Inc. / Licensed under the GNU GPL v3" << std::endl;
 	std::cout << std::endl;
 	std::cout << "Configuration path: " << getSettingsFilePath() << std::endl;
 	std::cout << std::endl;
 	std::cout << "Usage: zerotier [-option] [@name] <command> [<command options>]" << std::endl;
 	std::cout << std::endl;
 	std::cout << "Options:" << std::endl;
 	std::cout << "  -verbose                            - Verbose JSON output" << std::endl;
 	std::cout << "  -X                                  - Do not check SSL certs (CAUTION!)" << std::endl;
 	std::cout << std::endl;
 	std::cout << "CLI Configuration Commands:" << std::endl;
 	std::cout << "  cli-set <setting> <value>           - Set a CLI option ('cli-set help')" << std::endl;
 	std::cout << "  cli-unset <setting> <value>         - Un-sets a CLI option ('cli-unset help')" << std::endl;
 	std::cout << "  cli-ls                              - List configured @things" << std::endl;
 	std::cout << "  cli-rm @name                        - Remove a configured @thing" << std::endl;
 	std::cout << "  cli-add-zt @name <url> <auth>       - Add a ZeroTier service" << std::endl;
 	std::cout << "  cli-add-central @name <url> <auth>  - Add ZeroTier Central instance" << std::endl;
 	std::cout << std::endl;
 	std::cout << "ZeroTier One Service Commands:" << std::endl;
 	std::cout << "  -v / -version                       - Displays default local instance's version'" << std::endl;
 	std::cout << "  ls                                  - List currently joined networks" << std::endl;
 	std::cout << "  join <network> [opt=value ...]      - Join a network" << std::endl;
 	std::cout << "  leave <network>                     - Leave a network" << std::endl;
 	std::cout << "  peers                               - List ZeroTier VL1 peers" << std::endl;
 	std::cout << "  show [<network/peer address>]       - Get info about self or object" << std::endl;
 	std::cout << std::endl;
 	std::cout << "Network Controller Commands:" << std::endl;
 	std::cout << "  net-create                          - Create a new network" << std::endl;
 	std::cout << "  net-rm <network>                    - Delete a network (CAUTION!)" << std::endl;
 	std::cout << "  net-ls                              - List administered networks" << std::endl;
 	std::cout << "  net-members <network>               - List members of a network" << std::endl;
 	std::cout << "  net-show <network> [<address>]      - Get network or member info" << std::endl;
 	std::cout << "  net-auth <network> <address>        - Authorize a member" << std::endl;
 	std::cout << "  net-unauth <network> <address>      - De-authorize a member" << std::endl;
 	std::cout << "  net-set <path> <value>              - See 'net-set help'" << std::endl;
 	std::cout << std::endl;
 	std::cout << "Identity Commands:" << std::endl;
 	std::cout << "  id-generate [<vanity prefix>]       - Generate a ZeroTier identity" << std::endl;
 	std::cout << "  id-validate <identity>              - Locally validate an identity" << std::endl;
 	std::cout << "  id-sign <identity> <file>           - Sign a file" << std::endl;
 	std::cout << "  id-verify <secret> <file> <sig>     - Verify a file's signature" << std::endl;
 	std::cout << "  id-getpublic <secret>               - Get full identity's public portion" << std::endl;
 	std::cout << std::endl;
 }
 static size_t _curlStringAppendCallback(void *contents,size_t size,size_t nmemb,void *stdstring)
 {
 	size_t totalSize = size * nmemb;
 	reinterpret_cast<std::string *>(stdstring)->append((const char *)contents,totalSize);
 	return totalSize;
 }
 static std::tuple<int,std::string> REQUEST(int requestType, CLIState &state, const std::map<std::string,std::string> &headers, const std::string &postfield, const std::string &url)
 {
 	std::string body;
 	char errbuf[CURL_ERROR_SIZE];
 	char urlbuf[4096];
 	CURL *curl;
 	curl = curl_easy_init();
 	if (!curl) {
 		std::cerr << "FATAL: curl_easy_init() failed" << std::endl;
 		exit(-1);
 	}
 	Utils::scopy(urlbuf,sizeof(urlbuf),url.c_str());
 	curl_easy_setopt(curl,CURLOPT_URL,urlbuf);
 	struct curl_slist *hdrs = (struct curl_slist *)0;
 	for(std::map<std::string,std::string>::const_iterator i(headers.begin());i!=headers.end();++i) {
 		std::string htmp(i->first);
 		htmp.append(": ");
 		htmp.append(i->second);
 		hdrs = curl_slist_append(hdrs,htmp.c_str());
 	}
 	if (hdrs)
 		curl_easy_setopt(curl,CURLOPT_HTTPHEADER,hdrs);
 	//curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
 	curl_easy_setopt(curl,CURLOPT_WRITEDATA,(void *)&body);
 	curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,_curlStringAppendCallback);
 	if(std::find(state.args.begin(), state.args.end(), "-X") == state.args.end())
 			curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,(state.opts.count(ZT_CLI_FLAG_UNSAFE_SSL) > 0) ? 0L : 1L);
 	if(requestType == REQ_POST) {
 		curl_easy_setopt(curl, CURLOPT_POST, 1);
 		curl_easy_setopt(curl, CURLOPT_POSTFIELDS, postfield.c_str());
 	}
 	if(requestType == REQ_DEL)
 		curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "DELETE");
 	if(requestType == REQ_GET) {
 		curl_easy_setopt(curl,CURLOPT_ERRORBUFFER,errbuf);
 		curl_easy_setopt(curl,CURLOPT_FOLLOWLOCATION,0L);
 	}
 	curl_easy_setopt(curl,CURLOPT_USERAGENT,"ZeroTier-CLI");
 	CURLcode res = curl_easy_perform(curl);
 	errbuf[CURL_ERROR_SIZE-1] = (char)0; // sanity check
 	if (res != CURLE_OK)
 		return std::make_tuple(-1,std::string(errbuf));
    long response_code;
 	int rc = (int)curl_easy_getinfo(curl,CURLINFO_RESPONSE_CODE, &response_code);
 	if(response_code == 401) { std::cout << FAIL_STR << response_code << "Unauthorized." << std::endl; exit(0); }
 	else if(response_code == 403) { std::cout << FAIL_STR << response_code << "Forbidden." << std::endl; exit(0); }
 	else if(response_code == 404) { std::cout << FAIL_STR << response_code << "Not found." << std::endl; exit(0); }
 	else if(response_code == 408) { std::cout << FAIL_STR << response_code << "Request timed out." << std::endl; exit(0); }
 	else if(response_code != 200) { std::cout << FAIL_STR << response_code << "Unable to process request." << std::endl; exit(0); }
 	curl_easy_cleanup(curl);
 	if (hdrs)
 		curl_slist_free_all(hdrs);
 	return std::make_tuple(response_code,body);
 }
 } // anonymous namespace
 //////////////////////////////////////////////////////////////////////////////
 // Check for user-specified @thing config
 // Make sure it @thing makes sense
 // Apply appropriate request headers
 static void checkForThing(CLIState &state, std::string thingType, bool warnNoThingProvided)
 {
 	std::string configName;
 	if(state.atname.length()) {
 		configName = state.atname.erase(0,1);
 		// make sure specified @thing makes sense in the context of the command
 		if(thingType == "one" && state.settings["things"][configName]["type"].get<std::string>() != "one") {
 			std::cout << FAIL_STR << "A ZeroTier Central config was specified for a ZeroTier One command." << std::endl;
 			exit(0);
 		}
 		if(thingType == "central" && state.settings["things"][configName]["type"].get<std::string>() != "central") {
 			std::cout << FAIL_STR << "A ZeroTier One config was specified for a ZeroTier Central command." << std::endl;
 			exit(0);
 		}
 	}
 	else { // no @thing specified, check for defaults depending on type
 		if(thingType == "one") {
 			if(state.settings.find("defaultOne") != state.settings.end()) {
 				if(warnNoThingProvided) 
 					std::cout << WARN_STR << "No @thing specified, assuming default for ZeroTier One command: " << state.settings["defaultOne"].get<std::string>().c_str() << std::endl;
 				configName = state.settings["defaultOne"].get<std::string>().erase(0,1); // get default
 			}
 			else {
 				std::cout << WARN_STR << "No @thing specified, and no default is known." << std::endl;
 				std::cout << "HELP: To set a default: zerotier cli-set defaultOne @my_default_thing" << std::endl;
 				exit(0);
 			}
 		}
 		if(thingType == "central") {
 			if(state.settings.find("defaultCentral") != state.settings.end()) {
 				if(warnNoThingProvided) 
 					std::cout << WARN_STR << "No @thing specified, assuming default for ZeroTier Central command: " << state.settings["defaultCentral"].get<std::string>().c_str() << std::endl;
 				configName = state.settings["defaultCentral"].get<std::string>().erase(0,1); // get default
 			}
 			else {
 				std::cout << WARN_STR << "No @thing specified, and no default is known." << std::endl;
 				std::cout << "HELP: To set a default: zerotier cli-set defaultCentral @my_default_thing" << std::endl;
 				exit(0);
 			}
 		}
 	}
 	// Apply headers
 	if(thingType == "one") {
 		state.reqHeaders["X-ZT1-Auth"] = state.settings["things"][configName]["auth"];
 	}
 	if(thingType == "central"){
 		state.reqHeaders["Content-Type"] = "application/json";
 		state.reqHeaders["Authorization"] = "Bearer " + state.settings["things"][configName]["auth"].get<std::string>();
 		state.reqHeaders["Accept"] = "application/json";
 	}
 	state.url = state.settings["things"][configName]["url"];
 }
 static bool checkURL(std::string url)
 {
 	// TODO
 	return true;
 }
 static std::string getLocalVersion(CLIState &state)
 {
 	json result;
 	std::tuple<int,std::string> res;
 	checkForThing(state,"one",false);
 	res = REQUEST(REQ_GET,state,state.reqHeaders,"",state.url + "/status");
 	if(std::get<0>(res) == 200) {		
 		result = json::parse(std::get<1>(res));
 		return result["version"].get<std::string>();
 	}
 	return "---";
 }
 #ifdef __WINDOWS__
 int _tmain(int argc, _TCHAR* argv[])
 #else
 int main(int argc,char **argv)
 #endif
 {
 #ifdef __WINDOWS__
 	{
 		WSADATA wsaData;
 		WSAStartup(MAKEWORD(2,2),&wsaData);
 	}
 #endif
 	curl_global_init(CURL_GLOBAL_DEFAULT);
 	CLIState state;
 	std::string arg1, arg2, authToken;
 	for(int i=1;i<argc;++i) {
 		if (argv[i][0] == '@') {
 			state.atname = argv[i];
 		} 
 		else if (state.command.length() == 0) {
 			if (argv[i][0] == '-') {
 				if (!argv[i][1]) {
 					dumpHelp();
 					return -1;
 				} else if (argv[i][2]) {
 					state.opts[argv[i][1]] = argv[i] + 2;
 				} else {
 					state.opts[argv[i][1]] = "";
 				}
 			} else {
 				state.command = argv[i];
 			}
 		} 
 		else {
 			state.args.push_back(std::string(argv[i]));
 		}
 	}
 	{
 		std::string buf;
 		if (OSUtils::readFile(getSettingsFilePath().c_str(),buf))
 			state.settings = json::parse(buf);
 		if (state.settings.empty()) {
 			// Default settings
 			state.settings = {
 				{ "configVersion", 1 },
 				{ "things", {
 					{ "my.zerotier.com", {
 						{ "type", "central" },
 						{ "url", "https://my.zerotier.com/" },
 						{ "auth", "" }
 					}},
 					{ "local", {
 						{ "type", "one" },
 						{ "url", "" },
 						{ "auth", "" }
 					}}
 				}},
 				{ "defaultController", "@my.zerotier.com" },
 				{ "defaultOne", "@local" }
 			};
 			std::string oneHome(OSUtils::platformDefaultHomePath());
 			std::string portStr;
 			bool initSuccess = false;
 			std::string path = oneHome + ZT_PATH_SEPARATOR_S ;
 			if (OSUtils::readFile((oneHome + ZT_PATH_SEPARATOR_S + "authtoken.secret").c_str(),authToken)&&OSUtils::readFile((oneHome + ZT_PATH_SEPARATOR_S + "zerotier-one.port").c_str(),portStr)) {
 				portStr = trimString(portStr);
 				authToken = trimString(authToken);
 				int port = Utils::strToInt(portStr.c_str());
 				if (((port > 0)&&(port < 65536))&&(authToken.length() > 0)) {
 					state.settings["things"]["local"]["url"] = (std::string("http://127.0.0.1:") + portStr + "/");
 					state.settings["things"]["local"]["auth"] = authToken;
 					initSuccess = true;
 				}
 			}
 			if (!saveSettings(state)) {
 				std::cerr << "FATAL: unable to write " << getSettingsFilePath() << std::endl;
 				exit(-1);
 			}
 			if (initSuccess) {
 				std::cerr << "INFO: initialized new config at " << getSettingsFilePath() << std::endl;
 			} else {
 				std::cerr << "INFO: initialized new config at " << getSettingsFilePath() << " but could not auto-init local ZeroTier One service config from " << oneHome << " -- you will need to set local service URL and port manually if you want to control a local instance of ZeroTier One. (This happens if you are not root/administrator.)" << std::endl;
 			}
 		}
 	}
 	// PRE-REQUEST SETUP
 	json result;
 	std::tuple<int,std::string> res;
 	std::string url = "";
 	// META
 	if ((state.command.length() == 0)||(state.command == "help")) {
 		dumpHelp();
 		return -1;
 	} 
 	// zerotier version
 	else if (state.command == "v" || state.command == "version") {
 		std::cout << getLocalVersion(state) << std::endl;
 		return 1;
 	}
 	// zerotier cli-set <setting> <value>
 	else if (state.command == "cli-set") {
 		if(argc != 4) {
 			std::cerr << INVALID_ARGS_STR << "zerotier cli-set <setting> <value>" << std::endl;
 			return 1;
 		}
 		std::string settingName, settingValue;
 		if(state.atname.length()) { // User provided @thing erroneously, we will ignore it and adjust argument indices
 			settingName = argv[3];
 			settingValue = argv[4];
 		}
 		else {
 			settingName = argv[2];
 			settingValue = argv[3];
 		}
 		saveSettingsBackup(state);
 		state.settings[settingName] = settingValue; // changes
 		saveSettings(state);
 	}
 	// zerotier cli-unset <setting>
 	else if (state.command == "cli-unset") {
 		if(argc != 3) {
 			std::cerr << INVALID_ARGS_STR << "zerotier cli-unset <setting>" << std::endl;
 			return 1;
 		}
 		std::string settingName;
 		if(state.atname.length()) // User provided @thing erroneously, we will ignore it and adjust argument indices
 			settingName = argv[3];
 		else
 			settingName = argv[2];
 		saveSettingsBackup(state);
 		state.settings.erase(settingName); // changes
 		saveSettings(state);	
 	} 
 	// zerotier @thing_to_remove cli-rm --- removes the configuration
 	else if (state.command == "cli-rm") {
 		if(argc != 3) {
 			std::cerr << INVALID_ARGS_STR << "zerotier cli-rm <@thing>" << std::endl;
 			return 1;
 		}
 		if(state.settings["things"].find(state.atname) != state.settings["things"].end()) {
 			if(state.settings["defaultOne"] == state.atname) {
 				std::cout << "WARNING: The config you're trying to remove is currently set as your default. Set a new default first!" << std::endl;
 				std::cout << "      | Usage: zerotier set defaultOne @your_other_thing" << std::endl;
 			}
 			else {
 				state.settings["things"].erase(state.atname.c_str());
 				saveSettings(state);
 			}
 		}
 	} 
 	// zerotier cli-add-zt <shortname> <url> <auth>
 	// TODO: Check for malformed urls/auth
 	else if (state.command == "cli-add-zt") {
 		if(argc != 5) {
 			std::cerr << INVALID_ARGS_STR << "zerotier cli-add-zt <shortname> <url> <authToken>" << std::endl;
 			return 1;
 		}
 		std::string thing_name = argv[2], url = argv[3], auth = argv[4]; 
 		if(!checkURL(url)) {
 			std::cout << FAIL_STR << "Malformed URL" << std::endl;
 			return 1;
 		}
 		if(state.settings.find(thing_name) != state.settings.end()) {
 			std::cout << "WARNING: A @thing with the shortname " << thing_name.c_str() 
 				<< " already exists. Choose another name or rename the old @thing" << std::endl;
 			std::cout << "      | Usage: To rename a @thing: zerotier cli-rename @old_thing_name @new_thing_name" << std::endl;
 		}
 		else {
 			result = json::parse("{ \"auth\": \"" + auth + "\", \"type\": \"" + "one" + "\", \"url\": \"" + url + "\" }");
 			saveSettingsBackup(state);
 			// TODO: Handle cases where user may or may not prepend an @
 			state.settings["things"][thing_name] = result; // changes
 			saveSettings(state);
 		}
 	} 
 	// zerotier cli-add-central <shortname> <url> <auth>
 	// TODO: Check for malformed urls/auth
 	else if (state.command == "cli-add-central") {
 		if(argc != 5) {
 			std::cerr << INVALID_ARGS_STR << "zerotier cli-add-central <shortname> <url> <authToken>" << std::endl;
 			return 1;
 		}
 		std::string thing_name = argv[2], url = argv[3], auth = argv[4]; 
 		if(!checkURL(url)) {
 			std::cout << FAIL_STR << "Malformed URL" << std::endl;
 			return 1;
 		}
 		if(state.settings.find(thing_name) != state.settings.end()) {
 			std::cout << "WARNING: A @thing with the shortname " << thing_name.c_str() 
 				<< " already exists. Choose another name or rename the old @thing" << std::endl;
 			std::cout << "      | Usage: To rename a @thing: zerotier cli-rename @old_thing_name @new_thing_name" << std::endl;
 		}
 		else {
 			result = json::parse("{ \"auth\": \"" + auth + "\", \"type\": \"" + "central" + "\", \"url\": \"" + url + "\" }");
 			saveSettingsBackup(state);
 			// TODO: Handle cases where user may or may not prepend an @
 			state.settings["things"]["@" + thing_name] = result; // changes
 			saveSettings(state);
 		}
 	} 
 	// ONE SERVICE
 	// zerotier ls --- display all networks currently joined
 	else if (state.command == "ls" || state.command == "listnetworks") {
 		if(argc != 2) {
 			std::cerr << INVALID_ARGS_STR << "zerotier ls" << std::endl;
 			return 1;
 		}
 		checkForThing(state,"one",true);
 		url = state.url + "network";
 		res = REQUEST(REQ_GET,state,state.reqHeaders,"",(const std::string)url);
 		if(std::get<0>(res) == 200) {
 			std::cout << "listnetworks <nwid> <name> <mac> <status> <type> <dev> <ZT assigned ips>" << std::endl;
 			auto j = json::parse(std::get<1>(res).c_str());
 			if (j.type() == json::value_t::array) {
 				for(int i=0;i<j.size();i++){
 					std::string nwid = j[i]["nwid"].get<std::string>();
 					std::string name = j[i]["name"].get<std::string>();
 					std::string mac = j[i]["mac"].get<std::string>();
 					std::string status = j[i]["status"].get<std::string>();
 					std::string type = j[i]["type"].get<std::string>();
 					std::string addrs;
 					for(int m=0; m<j[i]["assignedAddresses"].size(); m++) {
 						addrs += j[i]["assignedAddresses"][m].get<std::string>() + " ";
 					}
 					std::string dev = j[i]["portDeviceName"].get<std::string>();
 					std::cout << "listnetworks " << nwid << " " << name << " " << mac << " " << status << " " << type << " " << dev << " " << addrs << std::endl;				
 				}
 			}
 		}
 	} 
 	// zerotier join <nwid> --- joins a network
 	else if (state.command == "join") {
 		if(argc != 3) {
 			std::cerr << INVALID_ARGS_STR << "zerotier join <nwid>" << std::endl;
 			return 1;
 		}
 		checkForThing(state,"one",true);
 		res = REQUEST(REQ_POST,state,state.reqHeaders,"{}",state.url + "/network/" + state.args[0]);
 		if(std::get<0>(res) == 200) {
 			std::cout << OK_STR << "connected to " << state.args[0] << std::endl;
 		}
 	} 
 	// zerotier leave <nwid> --- leaves a network
 	else if (state.command == "leave") {
 		if(argc != 3) {
 			std::cerr << INVALID_ARGS_STR << "zerotier leave <nwid>" << std::endl;
 			return 1;
 		}
 		checkForThing(state,"one",true);
 		res = REQUEST(REQ_DEL,state,state.reqHeaders,"{}",state.url + "/network/" + state.args[0]);
 		if(std::get<0>(res) == 200) {
 			std::cout << OK_STR << "disconnected from " << state.args[0] << std::endl;
 		}
 	} 
 	// zerotier peers --- display address and role of all peers
 	else if (state.command == "peers") {
 		if(argc != 2) {
 			std::cerr << INVALID_ARGS_STR << "zerotier peers" << std::endl;
 			return 1;
 		}
 		checkForThing(state,"one",true);
 		res = REQUEST(REQ_GET,state,state.reqHeaders,"",state.url + "/peer");
 		if(std::get<0>(res) == 200) {		
 			json result = json::parse(std::get<1>(res));
 			for(int i=0; i<result.size(); i++) {
 				std::cout << result[i]["address"] << " " << result[i]["role"] << std::endl;
 			}
 		}
 	} 
 	// zerotier show --- display status of local instance
 	else if (state.command == "show" || state.command == "status") {
 		if(argc != 2) {
 			std::cerr << INVALID_ARGS_STR << "zerotier show" << std::endl;
 			return 1;
 		}
 		checkForThing(state,"one",true);
 		res = REQUEST(REQ_GET,state,state.reqHeaders,"",state.url + "/status");
 		if(std::get<0>(res) == 200) {		
 			result = json::parse(std::get<1>(res));
 			std::string status_str = result["online"].get<bool>() ? "ONLINE" : "OFFLINE";
 			std::cout << "info " << result["address"].get<std::string>() 
 				<< " " << status_str << " " << result["version"].get<std::string>() << std::endl;
 		}
 	} 
 	// REMOTE
 	// zerotier @thing net-create --- creates a new network
 	else if (state.command == "net-create") {
 		if(argc > 3 || (argc == 3 && !state.atname.length())) {
 			std::cerr << INVALID_ARGS_STR << "zerotier <@thing> net-create" << std::endl;
 			return 1;
 		}
 		checkForThing(state,"central",true);
 		res = REQUEST(REQ_POST,state,state.reqHeaders,"",state.url + "api/network");
 		if(std::get<0>(res) == 200) {
 			json result = json::parse(std::get<1>(res));
 			std::cout << OK_STR << "created network " << result["config"]["nwid"].get<std::string>() << std::endl;
 		}
 	} 
 	// zerotier @thing net-rm <nwid> --- deletes a network
 	else if (state.command == "net-rm") {
 		if(argc > 4 || (argc == 4 && !state.atname.length())) {
 			std::cerr << INVALID_ARGS_STR << "zerotier <@thing> net-rm <nwid>" << std::endl;
 			return 1;
 		}
 		checkForThing(state,"central",true);
 		if(!state.args.size()) {
 			std::cout << "Argument error: No network specified." << std::endl;
 			std::cout << "      | Usage: zerotier net-rm <nwid>" << std::endl;
 		}
 		else {
 			std::string nwid = state.args[0];
 			res = REQUEST(REQ_DEL,state,state.reqHeaders,"",state.url + "api/network/" + nwid);
 			if(std::get<0>(res) == 200) {
 				std::cout << "deleted network " << nwid << std::endl;
 			}
 		}
 	} 
 	// zerotier @thing net-ls --- lists all networks
 	else if (state.command == "net-ls") {
 		if(argc > 3 || (argc == 3 && !state.atname.length())) {
 			std::cerr << INVALID_ARGS_STR << "zerotier <@thing> net-ls" << std::endl;
 			return 1;
 		}
 		checkForThing(state,"central",true);
 		res = REQUEST(REQ_GET,state,state.reqHeaders,"",state.url + "api/network");
 		if(std::get<0>(res) == 200) {
 			json result = json::parse(std::get<1>(res));
 			for(int m=0;m<result.size(); m++) {
 				std::cout << "network " << result[m]["id"].get<std::string>() << std::endl;
 			}
 		}
 	} 
 	// zerotier @thing net-members <nwid> --- show all members of a network
 	else if (state.command == "net-members") {
 		if(argc > 4 || (argc == 4 && !state.atname.length())) {
 			std::cerr << INVALID_ARGS_STR << "zerotier <@thing> net-members <nwid>" << std::endl;
 			return 1;
 		}
 		checkForThing(state,"central",true);
 		if(!state.args.size()) {
 			std::cout << FAIL_STR << "Argument error: No network specified." << std::endl;
 			std::cout << "      | Usage: zerotier net-members <nwid>" << std::endl;
 		}
 		else {
 			std::string nwid = state.args[0];
 			res = REQUEST(REQ_GET,state,state.reqHeaders,"",state.url + "api/network/" + nwid + "/member");
 			json result = json::parse(std::get<1>(res));
 			std::cout << "Members of " << nwid << ":" << std::endl;
 			for (json::iterator it = result.begin(); it != result.end(); ++it) {
 				std::cout << it.key() << std::endl;
 			}
 		}
 	} 
 	// zerotier @thing net-show <nwid> <devID> --- show info about a device on a specific network
 	else if (state.command == "net-show") {
 		if(argc > 5 || (argc == 5 && !state.atname.length())) {
 			std::cerr << INVALID_ARGS_STR << "zerotier <@thing> net-show <nwid> <devID>" << std::endl;
 			return 1;
 		}
 		checkForThing(state,"central",true);
 		if(state.args.size() < 2) {
 			std::cout << FAIL_STR << "Argument error: Too few arguments." << std::endl;
 			std::cout << "      | Usage: zerotier net-show <nwid> <devID>" << std::endl;
 		}
 		else {
 			std::string nwid = state.args[0];
 			std::string devid = state.args[1];
 			res = REQUEST(REQ_GET,state,state.reqHeaders,"",state.url + "api/network/" + nwid + "/member/" + devid);
 			// TODO: More info, what would we like to show exactly?
 			if(std::get<0>(res) == 200) {
 				json result = json::parse(std::get<1>(res));
 				std::cout << "Assigned IP: " << std::endl;
 				for(int m=0; m<result["config"]["ipAssignments"].size();m++) {
 					std::cout << "\t" << result["config"]["ipAssignments"][m].get<std::string>() << std::endl;
 				}
 			}
 		}
 	} 
 	// zerotier @thing net-auth <nwid> <devID> --- authorize a device on a network
 	else if (state.command == "net-auth") {
 		if(argc > 5 || (argc == 5 && !state.atname.length())) {
 			std::cerr << INVALID_ARGS_STR << "zerotier <@thing> net-auth <nwid> <devID>" << std::endl;
 			return 1;
 		}
 		checkForThing(state,"central",true);
 		if(state.args.size() != 2) {
 			std::cout << FAIL_STR << "Argument error: Network and/or device ID not specified." << std::endl;
 			std::cout << "      | Usage: zerotier net-auth <nwid> <devID>" << std::endl;
 		}
 		std::string nwid = state.args[0];
 		std::string devid = state.args[1];
 		url = state.url + "api/network/" + nwid + "/member/" + devid;
 		// Add device to network
 		res = REQUEST(REQ_POST,state,state.reqHeaders,"",(const std::string)url);
 		if(std::get<0>(res) == 200) {
 			result = json::parse(std::get<1>(res));
 			res = REQUEST(REQ_GET,state,state.reqHeaders,"",(const std::string)url);
 			result = json::parse(std::get<1>(res));
 			result["config"]["authorized"] = "true";
 			std::string newconfig = result.dump();
 			res = REQUEST(REQ_POST,state,state.reqHeaders,newconfig,(const std::string)url);
 			if(std::get<0>(res) == 200)
 				std::cout << OK_STR << devid << " authorized on " << nwid << std::endl;
 			else
 				std::cout << FAIL_STR << "There was a problem authorizing that device." << std::endl;
 		}
 	} 
 	// zerotier @thing net-unauth <nwid> <devID>
 	else if (state.command == "net-unauth") {
 		if(argc > 5 || (argc == 5 && !state.atname.length())) {
 			std::cerr << INVALID_ARGS_STR << "zerotier <@thing> net-unauth <nwid> <devID>" << std::endl;
 			return 1;
 		}
 		checkForThing(state,"central",true);
 		if(state.args.size() != 2) {
 			std::cout << FAIL_STR << "Bad argument. No network and/or device ID specified." << std::endl;
 			std::cout << "      | Usage: zerotier net-unauth <nwid> <devID>" << std::endl;
 		}
 		std::string nwid = state.args[0];
 		std::string devid = state.args[1];
 		// If successful, get member config
 		res = REQUEST(REQ_GET,state,state.reqHeaders,"",state.url + "api/network/" + nwid + "/member/" + devid);
 		result = json::parse(std::get<1>(res));
 		// modify auth field and re-POST
 		result["config"]["authorized"] = "false";
 		std::string newconfig = result.dump();
 		res = REQUEST(REQ_POST,state,state.reqHeaders,newconfig,state.url + "api/network/" + nwid + "/member/" + devid);
 		if(std::get<0>(res) == 200)
 			std::cout << OK_STR << devid << " de-authorized from " << nwid << std::endl;
 		else
 			std::cout << FAIL_STR << "There was a problem de-authorizing that device." << std::endl;
 	} 
 	// zerotier @thing net-set
 	else if (state.command == "net-set") {
 	} 
 	// ID
 	// zerotier id-generate [<vanity prefix>]
 	else if (state.command == "id-generate") {
 		if(argc != 3) {
 			std::cerr << INVALID_ARGS_STR << "zerotier id-generate [<vanity prefix>]" << std::endl;
 			return 1;
 		}
 		uint64_t vanity = 0;
 		int vanityBits = 0;
 		if (argc >= 5) {
 			vanity = Utils::hexStrToU64(argv[4]) & 0xffffffffffULL;
 			vanityBits = 4 * strlen(argv[4]);
 			if (vanityBits > 40)
 				vanityBits = 40;
 		}
 		ZeroTier::Identity id;
 		for(;;) {
 			id.generate();
 			if ((id.address().toInt() >> (40 - vanityBits)) == vanity) {
 				if (vanityBits > 0) {
 					fprintf(stderr,"vanity address: found %.10llx !\n",(unsigned long long)id.address().toInt());
 				}
 				break;
 			} else {
 				fprintf(stderr,"vanity address: tried %.10llx looking for first %d bits of %.10llx\n",(unsigned long long)id.address().toInt(),vanityBits,(unsigned long long)(vanity << (40 - vanityBits)));
 			}
 		}
 		std::string idser = id.toString(true);
 		if (argc >= 3) {
 			if (!OSUtils::writeFile(argv[2],idser)) {
 				std::cerr << "Error writing to " << argv[2] << std::endl;
 				return 1;
 			} else std::cout << argv[2] << " written" << std::endl;
 			if (argc >= 4) {
 				idser = id.toString(false);
 				if (!OSUtils::writeFile(argv[3],idser)) {
 					std::cerr << "Error writing to " << argv[3] << std::endl;
 					return 1;
 				} else std::cout << argv[3] << " written" << std::endl;
 			}
 		} else std::cout << idser << std::endl;
 	} 
 	// zerotier id-validate <identity>
 	else if (state.command == "id-validate") {
 		if(argc != 3) {
 			std::cerr << INVALID_ARGS_STR << "zerotier id-validate <identity>" << std::endl;
 			return 1;
 		}
 		Identity id = getIdFromArg(argv[2]);
 		if (!id) {
 			std::cerr << "Identity argument invalid or file unreadable: " << argv[2] << std::endl;
 			return 1;
 		}
 		if (!id.locallyValidate()) {
 			std::cerr << argv[2] << " FAILED validation." << std::endl;
 			return 1;
 		} else std::cout << argv[2] << "is a valid identity" << std::endl;
 	} 
 	// zerotier id-sign <identity> <file>
 	else if (state.command == "id-sign") {
 		if(argc != 4) {
 			std::cerr << INVALID_ARGS_STR << "zerotier id-sign <identity> <file>" << std::endl;
 			return 1;
 		}
 		Identity id = getIdFromArg(argv[2]);
 		if (!id) {
 			std::cerr << "Identity argument invalid or file unreadable: " << argv[2] << std::endl;
 			return 1;
 		}
 		if (!id.hasPrivate()) {
 			std::cerr << argv[2] << " does not contain a private key (must use private to sign)" << std::endl;
 			return 1;
 		}
 		std::string inf;
 		if (!OSUtils::readFile(argv[3],inf)) {
 			std::cerr << argv[3] << " is not readable" << std::endl;
 			return 1;
 		}
 		C25519::Signature signature = id.sign(inf.data(),(unsigned int)inf.length());
 		std::cout << Utils::hex(signature.data,(unsigned int)signature.size()) << std::endl;
 	} 
 	// zerotier id-verify <secret> <file> <sig>
 	else if (state.command == "id-verify") {
 		if(argc != 4) {
 			std::cerr << INVALID_ARGS_STR << "zerotier id-verify <secret> <file> <sig>" << std::endl;
 			return 1;
 		}
 		Identity id = getIdFromArg(argv[2]);
 		if (!id) {
 			std::cerr << "Identity argument invalid or file unreadable: " << argv[2] << std::endl;
 			return 1;
 		}
 		std::string inf;
 		if (!OSUtils::readFile(argv[3],inf)) {
 			std::cerr << argv[3] << " is not readable" << std::endl;
 			return 1;
 		}
 		std::string signature(Utils::unhex(argv[4]));
 		if ((signature.length() > ZT_ADDRESS_LENGTH)&&(id.verify(inf.data(),(unsigned int)inf.length(),signature.data(),(unsigned int)signature.length()))) {
 			std::cout << argv[3] << " signature valid" << std::endl;
 		} else {
 			std::cerr << argv[3] << " signature check FAILED" << std::endl;
 			return 1;
 		}
 	} 
 	// zerotier id-getpublic <secret>
 	else if (state.command == "id-getpublic") {
 		if(argc != 3) {
 			std::cerr << INVALID_ARGS_STR << "zerotier id-getpublic <secret>" << std::endl;
 			return 1;
 		}
 		Identity id = getIdFromArg(argv[2]);
 		if (!id) {
 			std::cerr << "Identity argument invalid or file unreadable: " << argv[2] << std::endl;
 			return 1;
 		}
 		std::cerr << id.toString(false) << std::endl;
 	} 
 	//
 	else {
 		dumpHelp();
 		return -1;
 	}
 	if(std::find(state.args.begin(), state.args.end(), "-verbose") != state.args.end())
 		std::cout << "\n\nAPI response = " << std::get<1>(res) << std::endl;
 	curl_global_cleanup();
 	return 0;
 }
--- a/attic/historic/anode/LICENSE.txt
+++ b/attic/historic/anode/LICENSE.txt
@ -0,0 +1,674 @@
                    GNU GENERAL PUBLIC LICENSE
                       Version 3, 29 June 2007
 Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
 Everyone is permitted to copy and distribute verbatim copies
 of this license document, but changing it is not allowed.
                            Preamble
  The GNU General Public License is a free, copyleft license for
 software and other kinds of works.
  The licenses for most software and other practical works are designed
 to take away your freedom to share and change the works.  By contrast,
 the GNU General Public License is intended to guarantee your freedom to
 share and change all versions of a program--to make sure it remains free
 software for all its users.  We, the Free Software Foundation, use the
 GNU General Public License for most of our software; it applies also to
 any other work released this way by its authors.  You can apply it to
 your programs, too.
  When we speak of free software, we are referring to freedom, not
 price.  Our General Public Licenses are designed to make sure that you
 have the freedom to distribute copies of free software (and charge for
 them if you wish), that you receive source code or can get it if you
 want it, that you can change the software or use pieces of it in new
 free programs, and that you know you can do these things.
  To protect your rights, we need to prevent others from denying you
 these rights or asking you to surrender the rights.  Therefore, you have
 certain responsibilities if you distribute copies of the software, or if
 you modify it: responsibilities to respect the freedom of others.
  For example, if you distribute copies of such a program, whether
 gratis or for a fee, you must pass on to the recipients the same
 freedoms that you received.  You must make sure that they, too, receive
 or can get the source code.  And you must show them these terms so they
 know their rights.
  Developers that use the GNU GPL protect your rights with two steps:
 (1) assert copyright on the software, and (2) offer you this License
 giving you legal permission to copy, distribute and/or modify it.
  For the developers' and authors' protection, the GPL clearly explains
 that there is no warranty for this free software.  For both users' and
 authors' sake, the GPL requires that modified versions be marked as
 changed, so that their problems will not be attributed erroneously to
 authors of previous versions.
  Some devices are designed to deny users access to install or run
 modified versions of the software inside them, although the manufacturer
 can do so.  This is fundamentally incompatible with the aim of
 protecting users' freedom to change the software.  The systematic
 pattern of such abuse occurs in the area of products for individuals to
 use, which is precisely where it is most unacceptable.  Therefore, we
 have designed this version of the GPL to prohibit the practice for those
 products.  If such problems arise substantially in other domains, we
 stand ready to extend this provision to those domains in future versions
 of the GPL, as needed to protect the freedom of users.
  Finally, every program is threatened constantly by software patents.
 States should not allow patents to restrict development and use of
 software on general-purpose computers, but in those that do, we wish to
 avoid the special danger that patents applied to a free program could
 make it effectively proprietary.  To prevent this, the GPL assures that
 patents cannot be used to render the program non-free.
  The precise terms and conditions for copying, distribution and
 modification follow.
                       TERMS AND CONDITIONS
  0. Definitions.
  "This License" refers to version 3 of the GNU General Public License.
  "Copyright" also means copyright-like laws that apply to other kinds of
 works, such as semiconductor masks.
  "The Program" refers to any copyrightable work licensed under this
 License.  Each licensee is addressed as "you".  "Licensees" and
 "recipients" may be individuals or organizations.
  To "modify" a work means to copy from or adapt all or part of the work
 in a fashion requiring copyright permission, other than the making of an
 exact copy.  The resulting work is called a "modified version" of the
 earlier work or a work "based on" the earlier work.
  A "covered work" means either the unmodified Program or a work based
 on the Program.
  To "propagate" a work means to do anything with it that, without
 permission, would make you directly or secondarily liable for
 infringement under applicable copyright law, except executing it on a
 computer or modifying a private copy.  Propagation includes copying,
 distribution (with or without modification), making available to the
 public, and in some countries other activities as well.
  To "convey" a work means any kind of propagation that enables other
 parties to make or receive copies.  Mere interaction with a user through
 a computer network, with no transfer of a copy, is not conveying.
  An interactive user interface displays "Appropriate Legal Notices"
 to the extent that it includes a convenient and prominently visible
 feature that (1) displays an appropriate copyright notice, and (2)
 tells the user that there is no warranty for the work (except to the
 extent that warranties are provided), that licensees may convey the
 work under this License, and how to view a copy of this License.  If
 the interface presents a list of user commands or options, such as a
 menu, a prominent item in the list meets this criterion.
  1. Source Code.
  The "source code" for a work means the preferred form of the work
 for making modifications to it.  "Object code" means any non-source
 form of a work.
  A "Standard Interface" means an interface that either is an official
 standard defined by a recognized standards body, or, in the case of
 interfaces specified for a particular programming language, one that
 is widely used among developers working in that language.
  The "System Libraries" of an executable work include anything, other
 than the work as a whole, that (a) is included in the normal form of
 packaging a Major Component, but which is not part of that Major
 Component, and (b) serves only to enable use of the work with that
 Major Component, or to implement a Standard Interface for which an
 implementation is available to the public in source code form.  A
 "Major Component", in this context, means a major essential component
 (kernel, window system, and so on) of the specific operating system
 (if any) on which the executable work runs, or a compiler used to
 produce the work, or an object code interpreter used to run it.
  The "Corresponding Source" for a work in object code form means all
 the source code needed to generate, install, and (for an executable
 work) run the object code and to modify the work, including scripts to
 control those activities.  However, it does not include the work's
 System Libraries, or general-purpose tools or generally available free
 programs which are used unmodified in performing those activities but
 which are not part of the work.  For example, Corresponding Source
 includes interface definition files associated with source files for
 the work, and the source code for shared libraries and dynamically
 linked subprograms that the work is specifically designed to require,
 such as by intimate data communication or control flow between those
 subprograms and other parts of the work.
  The Corresponding Source need not include anything that users
 can regenerate automatically from other parts of the Corresponding
 Source.
  The Corresponding Source for a work in source code form is that
 same work.
  2. Basic Permissions.
  All rights granted under this License are granted for the term of
 copyright on the Program, and are irrevocable provided the stated
 conditions are met.  This License explicitly affirms your unlimited
 permission to run the unmodified Program.  The output from running a
 covered work is covered by this License only if the output, given its
 content, constitutes a covered work.  This License acknowledges your
 rights of fair use or other equivalent, as provided by copyright law.
  You may make, run and propagate covered works that you do not
 convey, without conditions so long as your license otherwise remains
 in force.  You may convey covered works to others for the sole purpose
 of having them make modifications exclusively for you, or provide you
 with facilities for running those works, provided that you comply with
 the terms of this License in conveying all material for which you do
 not control copyright.  Those thus making or running the covered works
 for you must do so exclusively on your behalf, under your direction
 and control, on terms that prohibit them from making any copies of
 your copyrighted material outside their relationship with you.
  Conveying under any other circumstances is permitted solely under
 the conditions stated below.  Sublicensing is not allowed; section 10
 makes it unnecessary.
  3. Protecting Users' Legal Rights From Anti-Circumvention Law.
  No covered work shall be deemed part of an effective technological
 measure under any applicable law fulfilling obligations under article
 11 of the WIPO copyright treaty adopted on 20 December 1996, or
 similar laws prohibiting or restricting circumvention of such
 measures.
  When you convey a covered work, you waive any legal power to forbid
 circumvention of technological measures to the extent such circumvention
 is effected by exercising rights under this License with respect to
 the covered work, and you disclaim any intention to limit operation or
 modification of the work as a means of enforcing, against the work's
 users, your or third parties' legal rights to forbid circumvention of
 technological measures.
  4. Conveying Verbatim Copies.
  You may convey verbatim copies of the Program's source code as you
 receive it, in any medium, provided that you conspicuously and
 appropriately publish on each copy an appropriate copyright notice;
 keep intact all notices stating that this License and any
 non-permissive terms added in accord with section 7 apply to the code;
 keep intact all notices of the absence of any warranty; and give all
 recipients a copy of this License along with the Program.
  You may charge any price or no price for each copy that you convey,
 and you may offer support or warranty protection for a fee.
  5. Conveying Modified Source Versions.
  You may convey a work based on the Program, or the modifications to
 produce it from the Program, in the form of source code under the
 terms of section 4, provided that you also meet all of these conditions:
    a) The work must carry prominent notices stating that you modified
    it, and giving a relevant date.
    b) The work must carry prominent notices stating that it is
    released under this License and any conditions added under section
    7.  This requirement modifies the requirement in section 4 to
    "keep intact all notices".
    c) You must license the entire work, as a whole, under this
    License to anyone who comes into possession of a copy.  This
    License will therefore apply, along with any applicable section 7
    additional terms, to the whole of the work, and all its parts,
    regardless of how they are packaged.  This License gives no
    permission to license the work in any other way, but it does not
    invalidate such permission if you have separately received it.
    d) If the work has interactive user interfaces, each must display
    Appropriate Legal Notices; however, if the Program has interactive
    interfaces that do not display Appropriate Legal Notices, your
    work need not make them do so.
  A compilation of a covered work with other separate and independent
 works, which are not by their nature extensions of the covered work,
 and which are not combined with it such as to form a larger program,
 in or on a volume of a storage or distribution medium, is called an
 "aggregate" if the compilation and its resulting copyright are not
 used to limit the access or legal rights of the compilation's users
 beyond what the individual works permit.  Inclusion of a covered work
 in an aggregate does not cause this License to apply to the other
 parts of the aggregate.
  6. Conveying Non-Source Forms.
  You may convey a covered work in object code form under the terms
 of sections 4 and 5, provided that you also convey the
 machine-readable Corresponding Source under the terms of this License,
 in one of these ways:
    a) Convey the object code in, or embodied in, a physical product
    (including a physical distribution medium), accompanied by the
    Corresponding Source fixed on a durable physical medium
    customarily used for software interchange.
    b) Convey the object code in, or embodied in, a physical product
    (including a physical distribution medium), accompanied by a
    written offer, valid for at least three years and valid for as
    long as you offer spare parts or customer support for that product
    model, to give anyone who possesses the object code either (1) a
    copy of the Corresponding Source for all the software in the
    product that is covered by this License, on a durable physical
    medium customarily used for software interchange, for a price no
    more than your reasonable cost of physically performing this
    conveying of source, or (2) access to copy the
    Corresponding Source from a network server at no charge.
    c) Convey individual copies of the object code with a copy of the
    written offer to provide the Corresponding Source.  This
    alternative is allowed only occasionally and noncommercially, and
    only if you received the object code with such an offer, in accord
    with subsection 6b.
    d) Convey the object code by offering access from a designated
    place (gratis or for a charge), and offer equivalent access to the
    Corresponding Source in the same way through the same place at no
    further charge.  You need not require recipients to copy the
    Corresponding Source along with the object code.  If the place to
    copy the object code is a network server, the Corresponding Source
    may be on a different server (operated by you or a third party)
    that supports equivalent copying facilities, provided you maintain
    clear directions next to the object code saying where to find the
    Corresponding Source.  Regardless of what server hosts the
    Corresponding Source, you remain obligated to ensure that it is
    available for as long as needed to satisfy these requirements.
    e) Convey the object code using peer-to-peer transmission, provided
    you inform other peers where the object code and Corresponding
    Source of the work are being offered to the general public at no
    charge under subsection 6d.
  A separable portion of the object code, whose source code is excluded
 from the Corresponding Source as a System Library, need not be
 included in conveying the object code work.
  A "User Product" is either (1) a "consumer product", which means any
 tangible personal property which is normally used for personal, family,
 or household purposes, or (2) anything designed or sold for incorporation
 into a dwelling.  In determining whether a product is a consumer product,
 doubtful cases shall be resolved in favor of coverage.  For a particular
 product received by a particular user, "normally used" refers to a
 typical or common use of that class of product, regardless of the status
 of the particular user or of the way in which the particular user
 actually uses, or expects or is expected to use, the product.  A product
 is a consumer product regardless of whether the product has substantial
 commercial, industrial or non-consumer uses, unless such uses represent
 the only significant mode of use of the product.
  "Installation Information" for a User Product means any methods,
 procedures, authorization keys, or other information required to install
 and execute modified versions of a covered work in that User Product from
 a modified version of its Corresponding Source.  The information must
 suffice to ensure that the continued functioning of the modified object
 code is in no case prevented or interfered with solely because
 modification has been made.
  If you convey an object code work under this section in, or with, or
 specifically for use in, a User Product, and the conveying occurs as
 part of a transaction in which the right of possession and use of the
 User Product is transferred to the recipient in perpetuity or for a
 fixed term (regardless of how the transaction is characterized), the
 Corresponding Source conveyed under this section must be accompanied
 by the Installation Information.  But this requirement does not apply
 if neither you nor any third party retains the ability to install
 modified object code on the User Product (for example, the work has
 been installed in ROM).
  The requirement to provide Installation Information does not include a
 requirement to continue to provide support service, warranty, or updates
 for a work that has been modified or installed by the recipient, or for
 the User Product in which it has been modified or installed.  Access to a
 network may be denied when the modification itself materially and
 adversely affects the operation of the network or violates the rules and
 protocols for communication across the network.
  Corresponding Source conveyed, and Installation Information provided,
 in accord with this section must be in a format that is publicly
 documented (and with an implementation available to the public in
 source code form), and must require no special password or key for
 unpacking, reading or copying.
  7. Additional Terms.
  "Additional permissions" are terms that supplement the terms of this
 License by making exceptions from one or more of its conditions.
 Additional permissions that are applicable to the entire Program shall
 be treated as though they were included in this License, to the extent
 that they are valid under applicable law.  If additional permissions
 apply only to part of the Program, that part may be used separately
 under those permissions, but the entire Program remains governed by
 this License without regard to the additional permissions.
  When you convey a copy of a covered work, you may at your option
 remove any additional permissions from that copy, or from any part of
 it.  (Additional permissions may be written to require their own
 removal in certain cases when you modify the work.)  You may place
 additional permissions on material, added by you to a covered work,
 for which you have or can give appropriate copyright permission.
  Notwithstanding any other provision of this License, for material you
 add to a covered work, you may (if authorized by the copyright holders of
 that material) supplement the terms of this License with terms:
    a) Disclaiming warranty or limiting liability differently from the
    terms of sections 15 and 16 of this License; or
    b) Requiring preservation of specified reasonable legal notices or
    author attributions in that material or in the Appropriate Legal
    Notices displayed by works containing it; or
    c) Prohibiting misrepresentation of the origin of that material, or
    requiring that modified versions of such material be marked in
    reasonable ways as different from the original version; or
    d) Limiting the use for publicity purposes of names of licensors or
    authors of the material; or
    e) Declining to grant rights under trademark law for use of some
    trade names, trademarks, or service marks; or
    f) Requiring indemnification of licensors and authors of that
    material by anyone who conveys the material (or modified versions of
    it) with contractual assumptions of liability to the recipient, for
    any liability that these contractual assumptions directly impose on
    those licensors and authors.
  All other non-permissive additional terms are considered "further
 restrictions" within the meaning of section 10.  If the Program as you
 received it, or any part of it, contains a notice stating that it is
 governed by this License along with a term that is a further
 restriction, you may remove that term.  If a license document contains
 a further restriction but permits relicensing or conveying under this
 License, you may add to a covered work material governed by the terms
 of that license document, provided that the further restriction does
 not survive such relicensing or conveying.
  If you add terms to a covered work in accord with this section, you
 must place, in the relevant source files, a statement of the
 additional terms that apply to those files, or a notice indicating
 where to find the applicable terms.
  Additional terms, permissive or non-permissive, may be stated in the
 form of a separately written license, or stated as exceptions;
 the above requirements apply either way.
  8. Termination.
  You may not propagate or modify a covered work except as expressly
 provided under this License.  Any attempt otherwise to propagate or
 modify it is void, and will automatically terminate your rights under
 this License (including any patent licenses granted under the third
 paragraph of section 11).
  However, if you cease all violation of this License, then your
 license from a particular copyright holder is reinstated (a)
 provisionally, unless and until the copyright holder explicitly and
 finally terminates your license, and (b) permanently, if the copyright
 holder fails to notify you of the violation by some reasonable means
 prior to 60 days after the cessation.
  Moreover, your license from a particular copyright holder is
 reinstated permanently if the copyright holder notifies you of the
 violation by some reasonable means, this is the first time you have
 received notice of violation of this License (for any work) from that
 copyright holder, and you cure the violation prior to 30 days after
 your receipt of the notice.
  Termination of your rights under this section does not terminate the
 licenses of parties who have received copies or rights from you under
 this License.  If your rights have been terminated and not permanently
 reinstated, you do not qualify to receive new licenses for the same
 material under section 10.
  9. Acceptance Not Required for Having Copies.
  You are not required to accept this License in order to receive or
 run a copy of the Program.  Ancillary propagation of a covered work
 occurring solely as a consequence of using peer-to-peer transmission
 to receive a copy likewise does not require acceptance.  However,
 nothing other than this License grants you permission to propagate or
 modify any covered work.  These actions infringe copyright if you do
 not accept this License.  Therefore, by modifying or propagating a
 covered work, you indicate your acceptance of this License to do so.
  10. Automatic Licensing of Downstream Recipients.
  Each time you convey a covered work, the recipient automatically
 receives a license from the original licensors, to run, modify and
 propagate that work, subject to this License.  You are not responsible
 for enforcing compliance by third parties with this License.
  An "entity transaction" is a transaction transferring control of an
 organization, or substantially all assets of one, or subdividing an
 organization, or merging organizations.  If propagation of a covered
 work results from an entity transaction, each party to that
 transaction who receives a copy of the work also receives whatever
 licenses to the work the party's predecessor in interest had or could
 give under the previous paragraph, plus a right to possession of the
 Corresponding Source of the work from the predecessor in interest, if
 the predecessor has it or can get it with reasonable efforts.
  You may not impose any further restrictions on the exercise of the
 rights granted or affirmed under this License.  For example, you may
 not impose a license fee, royalty, or other charge for exercise of
 rights granted under this License, and you may not initiate litigation
 (including a cross-claim or counterclaim in a lawsuit) alleging that
 any patent claim is infringed by making, using, selling, offering for
 sale, or importing the Program or any portion of it.
  11. Patents.
  A "contributor" is a copyright holder who authorizes use under this
 License of the Program or a work on which the Program is based.  The
 work thus licensed is called the contributor's "contributor version".
  A contributor's "essential patent claims" are all patent claims
 owned or controlled by the contributor, whether already acquired or
 hereafter acquired, that would be infringed by some manner, permitted
 by this License, of making, using, or selling its contributor version,
 but do not include claims that would be infringed only as a
 consequence of further modification of the contributor version.  For
 purposes of this definition, "control" includes the right to grant
 patent sublicenses in a manner consistent with the requirements of
 this License.
  Each contributor grants you a non-exclusive, worldwide, royalty-free
 patent license under the contributor's essential patent claims, to
 make, use, sell, offer for sale, import and otherwise run, modify and
 propagate the contents of its contributor version.
  In the following three paragraphs, a "patent license" is any express
 agreement or commitment, however denominated, not to enforce a patent
 (such as an express permission to practice a patent or covenant not to
 sue for patent infringement).  To "grant" such a patent license to a
 party means to make such an agreement or commitment not to enforce a
 patent against the party.
  If you convey a covered work, knowingly relying on a patent license,
 and the Corresponding Source of the work is not available for anyone
 to copy, free of charge and under the terms of this License, through a
 publicly available network server or other readily accessible means,
 then you must either (1) cause the Corresponding Source to be so
 available, or (2) arrange to deprive yourself of the benefit of the
 patent license for this particular work, or (3) arrange, in a manner
 consistent with the requirements of this License, to extend the patent
 license to downstream recipients.  "Knowingly relying" means you have
 actual knowledge that, but for the patent license, your conveying the
 covered work in a country, or your recipient's use of the covered work
 in a country, would infringe one or more identifiable patents in that
 country that you have reason to believe are valid.
  If, pursuant to or in connection with a single transaction or
 arrangement, you convey, or propagate by procuring conveyance of, a
 covered work, and grant a patent license to some of the parties
 receiving the covered work authorizing them to use, propagate, modify
 or convey a specific copy of the covered work, then the patent license
 you grant is automatically extended to all recipients of the covered
 work and works based on it.
  A patent license is "discriminatory" if it does not include within
 the scope of its coverage, prohibits the exercise of, or is
 conditioned on the non-exercise of one or more of the rights that are
 specifically granted under this License.  You may not convey a covered
 work if you are a party to an arrangement with a third party that is
 in the business of distributing software, under which you make payment
 to the third party based on the extent of your activity of conveying
 the work, and under which the third party grants, to any of the
 parties who would receive the covered work from you, a discriminatory
 patent license (a) in connection with copies of the covered work
 conveyed by you (or copies made from those copies), or (b) primarily
 for and in connection with specific products or compilations that
 contain the covered work, unless you entered into that arrangement,
 or that patent license was granted, prior to 28 March 2007.
  Nothing in this License shall be construed as excluding or limiting
 any implied license or other defenses to infringement that may
 otherwise be available to you under applicable patent law.
  12. No Surrender of Others' Freedom.
  If conditions are imposed on you (whether by court order, agreement or
 otherwise) that contradict the conditions of this License, they do not
 excuse you from the conditions of this License.  If you cannot convey a
 covered work so as to satisfy simultaneously your obligations under this
 License and any other pertinent obligations, then as a consequence you may
 not convey it at all.  For example, if you agree to terms that obligate you
 to collect a royalty for further conveying from those to whom you convey
 the Program, the only way you could satisfy both those terms and this
 License would be to refrain entirely from conveying the Program.
  13. Use with the GNU Affero General Public License.
  Notwithstanding any other provision of this License, you have
 permission to link or combine any covered work with a work licensed
 under version 3 of the GNU Affero General Public License into a single
 combined work, and to convey the resulting work.  The terms of this
 License will continue to apply to the part which is the covered work,
 but the special requirements of the GNU Affero General Public License,
 section 13, concerning interaction through a network will apply to the
 combination as such.
  14. Revised Versions of this License.
  The Free Software Foundation may publish revised and/or new versions of
 the GNU General Public License from time to time.  Such new versions will
 be similar in spirit to the present version, but may differ in detail to
 address new problems or concerns.
  Each version is given a distinguishing version number.  If the
 Program specifies that a certain numbered version of the GNU General
 Public License "or any later version" applies to it, you have the
 option of following the terms and conditions either of that numbered
 version or of any later version published by the Free Software
 Foundation.  If the Program does not specify a version number of the
 GNU General Public License, you may choose any version ever published
 by the Free Software Foundation.
  If the Program specifies that a proxy can decide which future
 versions of the GNU General Public License can be used, that proxy's
 public statement of acceptance of a version permanently authorizes you
 to choose that version for the Program.
  Later license versions may give you additional or different
 permissions.  However, no additional obligations are imposed on any
 author or copyright holder as a result of your choosing to follow a
 later version.
  15. Disclaimer of Warranty.
  THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
 APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
 HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
 OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
 THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
 IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
 ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
  16. Limitation of Liability.
  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
 WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
 THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
 GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
 USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
 DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
 PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
 EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
 SUCH DAMAGES.
  17. Interpretation of Sections 15 and 16.
  If the disclaimer of warranty and limitation of liability provided
 above cannot be given local legal effect according to their terms,
 reviewing courts shall apply local law that most closely approximates
 an absolute waiver of all civil liability in connection with the
 Program, unless a warranty or assumption of liability accompanies a
 copy of the Program in return for a fee.
                     END OF TERMS AND CONDITIONS
            How to Apply These Terms to Your New Programs
  If you develop a new program, and you want it to be of the greatest
 possible use to the public, the best way to achieve this is to make it
 free software which everyone can redistribute and change under these terms.
  To do so, attach the following notices to the program.  It is safest
 to attach them to the start of each source file to most effectively
 state the exclusion of warranty; and each file should have at least
 the "copyright" line and a pointer to where the full notice is found.
    <one line to give the program's name and a brief idea of what it does.>
    Copyright (C) <year>  <name of author>
    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 Also add information on how to contact you by electronic and paper mail.
  If the program does terminal interaction, make it output a short
 notice like this when it starts in an interactive mode:
    <program>  Copyright (C) <year>  <name of author>
    This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
    This is free software, and you are welcome to redistribute it
    under certain conditions; type `show c' for details.
 The hypothetical commands `show w' and `show c' should show the appropriate
 parts of the General Public License.  Of course, your program's commands
 might be different; for a GUI interface, you would use an "about box".
  You should also get your employer (if you work as a programmer) or school,
 if any, to sign a "copyright disclaimer" for the program, if necessary.
 For more information on this, and how to apply and follow the GNU GPL, see
 <http://www.gnu.org/licenses/>.
  The GNU General Public License does not permit incorporating your program
 into proprietary programs.  If your program is a subroutine library, you
 may consider it more useful to permit linking proprietary applications with
 the library.  If this is what you want to do, use the GNU Lesser General
 Public License instead of this License.  But first, please read
 <http://www.gnu.org/philosophy/why-not-lgpl.html>.
--- a/attic/historic/anode/config.mk.Darwin
+++ b/attic/historic/anode/config.mk.Darwin
@ -0,0 +1,17 @@
 CC=gcc
 CXX=g++
 #ARCH_FLAGS=-arch x86_64 -arch i386 -arch ppc
 DEFS=-DHAS_DEV_URANDOM
 CXXDEFS=-DBOOST_DISABLE_ASSERTS -DBOOST_NO_TYPEID -DNDEBUG
 CFLAGS=-mmacosx-version-min=10.4 -std=c99 -O6 -ftree-vectorize -Wall $(DEFS) $(ARCH_FLAGS)
 CXXFLAGS=-mmacosx-version-min=10.4 -Drestrict=__restrict__ -O6 -ftree-vectorize -Wall $(DEFS) $(CXXDEFS) $(ARCH_FLAGS)
 LDFLAGS=-mmacosx-version-min=10.4 $(ARCH_FLAGS)
 DLLFLAGS=$(ARCH_FLAGS) -shared
 DLLEXT=dylib
 LIBANODE_LIBS=-lcrypto -lpthread -lresolv
 LIBSPARK_LIBS=-lz
--- a/attic/historic/anode/config.mk.Linux
+++ b/attic/historic/anode/config.mk.Linux
@ -0,0 +1,17 @@
 CC=gcc
 CXX=g++
 DEFS=-DHAS_DEV_URANDOM
 CFLAGS=-std=c99 -O6 -fPIC -Wall $(DEFS)
 CXXFLAGS=-Drestrict=__restrict__ -O6 -Wall $(DEFS) -I..
 #CFLAGS=-g -Wall $(DEFS)
 #CXXFLAGS=-g -Wall $(DEFS)
 LDFLAGS=
 DLLFLAGS=-shared
 DLLEXT=so
 LIBANODE_LIBS=-lcrypto -lresolv -pthread
 LIBSPARK_LIBS=-lz
--- a/attic/historic/anode/docs/anode_protocol.txt
+++ b/attic/historic/anode/docs/anode_protocol.txt
@ -0,0 +1,764 @@
 *****************************************************************************
 Anode Protocol Specification Draft
 Version 0.8
 (c)2009-2010 Adam Ierymenko
 *****************************************************************************
 Table of Contents
 *****************************************************************************
 1. Introduction
 Anode provides three components that work together to provide a global,
 secure, and mobile addressing system for computer networks:
 1) An addressing system based on public key cryptography enabling network
   devices or applications to assign themselves secure, unique, and globally
   reachable network addresses in a flat address space.
 2) A system enabling network participants holding global addresses to locate
   one another on local or global networks with "zero configuration."
 3) A communications protocol for communication between addressed network
   participants that requires no special operating system support and no
   changes to existing network infrastructure.
 Using Anode, both fixed and mobile applications and devices can communicate
 directly as if they were all connected to the same VPN. Anode restores the
 original vision of the Internet as a "flat" network where anything can talk
 to anything, and adds the added benefits of address mobility and strong
 protection against address spoofing and other protocol level attacks.
 1.1. Design Philosophy
 Anode's design philosophy is the classical "KISS" principle: "Keep It Simple
 Stupid." Anode's design principles are:
 #1: Do not try to solve too many problems at once, and stay in scope.
 Anode does not attempt to solve too many problems at once. It attempts to
 solve the problems of mobile addressing, address portability, and "flat"
 addressing in the presence of NAT or other barriers.
 It does not attempt to duplicate the full functionality of SSL, X.509, SSH,
 XMPP, an enterprise service bus, a pub/sub architecture, BitTorrent, etc. All
 of those protocols and services can be used over Anode if their functionality
 is desired.
 #2: Avoid state management.
 State multiplies the complexity and failure modes of network protocols. State
 also tends to get in the way of the achievement of new features implicitly
 (see principle #4). Avoid state whenever possible.
 #3: Avoid algorithm and dependency bloat.
 Anode uses only elliptic curve Diffie-Hellman (EC-DH) and AES-256. No other
 cryptographic algorithms or hash functions are presently necessary. This
 yields implementations compact enough for embedded devices.
 Anode also requires few or no dependencies, depending on whether the two
 needed cryptographic algorithms are obtained through a library or included.
 No other protocols or libraries are required in an implementation.
 #4: Achieve features implicitly.
 Use a simple stateless design that allows features to be achieved implicitly
 rather than specified explicitly. For example, Anode can do multi-homing and
 could be used to build a mesh network, but neither of these features is
 explicitly specified.
 *****************************************************************************
 2. Core Concepts and Algorithms
 This section describes addresses, zones, common algorithms, and other core
 concepts.
 2.1. Zones
 A zone is a 32-bit integer encoded into every Anode address. Zones serve to
 assist in the location of peers by address on global IP networks. They are
 not presently significant for local communications, though they could be
 used to partition addresses into groups or link them with configuration
 options.
 Each zone has a corresponding zone file which can be fetched in a number of
 ways (see below). A zone file is a flat text format dictionary of the format
 "key=value" separated by carriage returns. Line feeds are ignored, and any
 character may be escaped with a backslash (\) character. Blank lines are
 ignored.
 The following entries must appear in a zone file:
 n=<zone name>
 d=<zone description>
 c=<zone contact, e-mail address of zone administrator>
 r=<zone revision, monotonically increasing integer with each edit>
 ttl=<seconds before zone file should be re-checked for changes>
 Additional fields may appear as well, including fields specific to special
 applications or protocols supported within the zone. Some of these are
 defined in this document.
 Zone file fetching mechanisms are described below. Multiple mechanisms are
 specified to enable fallback in the event that one mechanism is not available.
 2.1.1. Zone File Retrieval
 Zone files are retrieved via HTTP, with the HTTP address being formed in one
 of two ways.
 The preferred DNS method:
 To fetch a zone file via DNS, use the zone ID to generate a host name and URI
 of the form:
  http://a--XXXXXXXX.net/z
 The XXXXXXXX field is the zone ID in hexadecimal.
 The fallback IP method:
 For fallback in the absence of DNS, the zone ID can be used directly as an
 IPv4 or IPv4-mapped-to-IPv6 IP address. A URI is generated of the form:
  http://ip_address/z
 Support for this method requires that a zone ID be chosen to correspond to a
 permanent IPv4 (preferably mappable to IPv6 space as well) IP address.
 2.1.2. Zone ID Reservation
 By convention, a zone ID is considered reserved when a domain of the form
 "a--XXXXXXXX.net" (where XXXXXXXX is the ID in hex) is registered.
 It is recommended that this be done even for zone IDs not used for global
 address location in order to globally reserve them.
 2.2. Addresses
 Anode addresses are binary strings containing a 32-bit zone ID, a public key,
 and possibly other fields. Only one address type is presently defined:
 |---------------------------------------------------------------------------|
 | Name         | Type ID | Elliptic Curve Parameters         | Total Length |
 |---------------------------------------------------------------------------|
 | ANODE-256-40 | 1       | NIST-P-256                        | 40           |
 |---------------------------------------------------------------------------|
 |---------------------------------------------------------------------------|
 | Name         | Binary Layout                                              |
 |---------------------------------------------------------------------------|
 | ANODE-256-40 | <type[1]><zone[4]><unused[2]><public key[33]>              |
 |---------------------------------------------------------------------------|
 The public key is a "compressed" form elliptic curve public key as described
 in RFC5480.
 The unused section of the address must be zero. These bytes are reserved for
 future use.
 2.2.1. ASCII Format For Addresses
 Addresses are encoded in ASCII using base-32, which provides a quotable and
 printable encoding that is of manageable length and is case-insensitive. For
 example, an ANODE-256-40 address is 64 characters long in base-32 encoding.
 2.3. Relaying
 An Anode peer may optionally relay packets to any other reachable peer.
 Relaying is accomplished by sending a packet to a peer with the recipient set
 to the final recipient. The receiving peer will, if relaying is allowed and if
 it knows of or can reach the recipient, forward the packet.
 No error is returned if relaying fails, so relay paths are treated as possible
 paths for communication until a return is received in the same way as direct
 paths.
 Relaying can be used by peers to send messages indirectly, locate one
 another, and determine network location information to facilitate the
 establishment of direct communications.
 Peers may refuse to relay or may limit the transmission rate at which packets
 can be relayed.
 2.3.1. Zone Relays
 If a zone's addresses are globally reachable on global IP networks, it must
 have one or more zone relays. These must have globally reachable public
 static IP addresses.
 Zone relays are specified in the zone file in the following format:
  zr.<address checksum>=<ip>[,<ip>]:<udp port>:<tcp port>:<anode addresses>
 The address checksum is the sum of the bytes in the Anode address modulus
 the number of "zr" entries, in hexadecimal. For example, if a zone had four
 global relays its zone file could contain the lines:
  zr.0=1.2.3.4:4343:4344:klj4j3...
  zr.1=2.3.4.5:4343:4344:00194j...
  zr.2=3.4.5.6:4343:4344:1j42zz...
  zr.3=4.5.6.7:4343:4344:z94j1q...
 The relay would be chosen by taking the sum of the bytes in the address
 modulo 4. For example, if the bytes of an address sum to 5081 then relay
 zr.1 would be used to communicate with that address.
 If more than one IP address is listed for a given relay, the peer must choose
 at random from among the addresses of the desired type (IPv4 or IPv6).
 Each relay must have one Anode address for every address type supported within
 the zone. (At present there is only one address type defined.)
 Peers should prefer UDP and fall back to TCP only if UDP is not available.
 To make itself available, a peer must make itself known to its designated zone
 relay. This is accomplished by sending a PING message.
 2.4. Key Agreement and Derivation
 Key agreement is performed using elliptic curve Diffie-Hellman. This yields
 a raw key whose size depends on the elliptic curve parameters in use.
 The following algorithm is used to derive a key of any length from a raw
 key generated through key agreement:
 1) Zero the derived key buffer.
 2) Determine the largest of the original raw key or the derived key.
 3) Loop from 0 to the largest length determined in step 2, XOR each byte of
   the derived key buffer with the corresponding byte of the original key
   buffer with each index being modulus the length of the respective buffer.
 2.5. Message Authentication
 For message authentication, CMAC-AES (with AES-256) is used. This is also
 known in some literature as OMAC1-AES. The key is derived from key agreement
 between the key pair of the sending peer and the address of the recipient.
 2.6. AES-DIGEST
 To maintain cryptographic algorithm frugality, a cryptographic hash function
 is constructed from the AES-256 cipher. This hash function uses the common
 Davis-Meyer construction with Merkle-Damgård length padding.
 It is described by the following pseudocode:
  byte previous_digest[16] 
  byte digest[16] = { 0,0,... } 
  byte block[32] = { 0,0,... } 
  integer block_counter = 0 
  ; digest message 
  for each byte b of message 
    block[block_counter] = b 
    block_counter = block_counter + 1 
    if block_counter == 32 then 
      block_counter = 0 
      save digest[] in previous_digest[] 
      encrypt digest[] with aes-256 using block[] as 256-bit aes-256 key 
      xor digest[] with previous_digest[] 
    end if 
  next 
  ; append end marker, do final block 
  block[block_counter] = 0x80 
  block_counter = block_counter + 1 
  zero rest of block[] from block_counter to 15 
  save digest[] in previous_digest[] 
  encrypt digest[] with aes-256 using block[] as 256-bit aes-256 key 
  xor digest[] with previous_digest[] 
  ; Merkle-Damgård length padding 
  zero first 8 bytes of block[] 
  fill last 8 bytes of block[] w/64-bit length in big-endian order 
  save digest[] in previous_digest[] 
  encrypt digest[] with aes-256 using block[] as 256-bit aes-128 key 
  xor digest[] with previous_digest[] 
  ; digest[] now contains 128-bit message digest 
 2.7. Short Address Identifiers (Address IDs)
 A short 8-byte version of the Anode address is used in the protocol to reduce
 transmission overhead when both sides are already aware of the other's full
 address.
 The short address identifier is formed by computing the AES-DIGEST of the
 full address and then XORing the first 8 bytes of the digest with the last
 8 bytes to yield an 8-byte shortened digest.
 2.8. DNS Resolution of Anode Addresses
 Anode addresses can be saved in DNS TXT records in the following format:
 anode:<address in base32 ASCII encoding>
 This permits Anode addresses to be resolved from normal DNS host name.
 2.9. Packet Transmission Mechanisms
 2.9.1. UDP Transmission
 The recommended method of sending Anode packets is UDP. Each packet is simply
 sent as a UDP packet.
 2.9.2. TCP Transmission
 To send packets over TCP, each packet is prefixed by its size as a 16-bit
 integer.
 2.9.3. HTTP Transmission
 Anode packets may be submitted in HTTP POST transactions for transport over
 networks where HTTP is the only available protocol.
 Anode packets are simply prefixed with a 16-byte packet size and concatenated
 together just as they are in a TCP stream. One or more packets may be sent
 with each HTTP POST transaction for improved performance.
 Since this method is intended for use in "hostile" or highly restricted
 circumstances, no additional details such as special headers or MIME types
 are specified to allow maximum flexibility. Peers should ignore anything
 other than the payload.
 2.10. Endpoints
 An endpoint indicates a place where Anode packets may be sent. The following
 endpoint types are specified:
 |---------------------------------------------------------------------------|
 | Endpoint Type | Description   | Address Format                            |
 |---------------------------------------------------------------------------|
 | 0x00          | Unspecified   | (none)                                    |
 | 0x01          | Ethernet      | <mac[6]>                                  |
 | 0x02          | UDP/IPv4      | <ip[4]><port[2]>                          |
 | 0x03          | TCP/IPv4      | <ip[4]><port[2]>                          |
 | 0x04          | UDP/IPv6      | <ip[16]><port[2]>                         |
 | 0x05          | TCP/IPv6      | <ip[16]><port[2]>                         |
 | 0x06          | HTTP          | <null-terminated full URI>                |
 |---------------------------------------------------------------------------|
 Endpoints are encoded by beginning with a single byte indicating the endpoint
 type followed by the address information required for the given type.
 Note that IP ports bear no relationship to Anode protocol ports.
 2.11. Notes
 All integers in the protocol are transmitted in network (big endian) byte
 order.
 *****************************************************************************
 3. Common Packet Format
 A common header is used for all Anode packets:
 |---------------------------------------------------------------------------|
 | Field                    | Length | Description                           |
 |---------------------------------------------------------------------------|
 | Hop Count                | 1      | 8-bit hop count (not included in MAC) |
 | Flags                    | 1      | 8-bit flags                           |
 | MAC                      | 8      | 8 byte shortened CMAC-AES of packet   |
 | Sender Address           | ?      | Full address or short ID of sender    |
 | Recipient Address        | ?      | Full address or short ID of recipient |
 | Peer IDs                 | 1      | Two 4-bit peer IDs: sender, recipient |
 | Message Type             | 1      | 8-bit message type                    |
 | Message                  | ?      | Message payload                       |
 |---------------------------------------------------------------------------|
 3.1. Hop Count
 The hop count begins at zero and must be incremented by each peer that relays
 the packet to another peer. The hop count must not wrap to zero at 255.
 Because the hop count is modified in transit, it is not included in MAC
 calculation or authentication.
 The hop count is used to prioritize endpoints that are direct over endpoints
 that involve relaying, or to prioritize closer routes over more distant
 ones.
 3.2. Flags and Flag Behavior
 |---------------------------------------------------------------------------|
 | Flag  | Description                                                       |
 |---------------------------------------------------------------------------|
 | 0x01  | Sender address fully specified                                    |
 | 0x02  | Recipient address fully specified                                 |
 | 0x04  | Authentication error response                                     |
 |---------------------------------------------------------------------------|
 If flag 0x01 is set, then the sender address will be the full address rather
 than a short address identifier. The length of the address can be determined
 from the first byte of the address, which always specifies the address type.
 Flag 0x02 has the same meaning for the recipient address.
 A peer must send fully specified sender addresses until it receives a response
 from the recipient. At this point the sender may assume that the recipient
 knows its address and use short a short sender address instead. This
 assumption should time out, with a recommended timeout of 60 seconds.
 There is presently no need to send fully specified recipient addresses, but
 the flag is present in case it is needed and must be honored.
 Flag 0x04 indicates that this is an error response containing a failed
 authentication error. Since authentication failed, this packet may not have
 a valid MAC. Packets with this flag must never have any effect other than
 to inform of an error. This error, since it is unauthenticated, must never
 have any side effects such as terminating a connection.
 3.3. MAC
 The MAC is calculated as follows:
 1) Temporarily set the 64-bit/8-byte MAC field in the packet to the packet's
   size as a 64-bit big-endian integer.
 2) Calculate the MAC for the entire packet (excluding the first byte) using
   the key agreed upon between the sender and the recipient, resulting in a
   16 byte full CMAC-AES MAC.
 3) Derive the 8 byte packet MAC by XORing the first 8 bytes of the full 16
   byte CMAC-AES MAC with the last 8 bytes. Place this into the packet's MAC
   field.
 3.4. Peer IDs
 Peer IDs provide a method for up to 15 different peers to share an address,
 each with a unique ID allowing packets to be routed to them individually.
 A peer ID of zero indicates "any" or "unspecified." Real peers must have a
 nonzero peer ID. In the normal single peer per address case, any peer ID may
 be used. If multiple peers are to share an address, some implementation-
 dependent method must be used to ensure that each peer has a unique peer ID.
 Relaying peers must follow these rules based on the recipient peer ID when
 relaying messages:
 - IF the peer ID is zero or if the peer ID is not known, the message must
   be forwarded to a random endpoint for the given recipient address.
 - IF the peer ID is nonzero and matches one or more known endpoints for the
   given recipient address and peer ID, the message must only be sent to
   a matching endpoint.
 A receiving peer should process any message that it receives regardless of
 whether its recipient peer ID is correct. The peer ID is primarily for relays.
 Peers should typically send messages with a nonzero recipient peer ID when
 responding to or involved in a conversation with a specific peer (e.g. a
 streaming connection), and send zero recipient peer IDs otherwise.
 3.5. Short Address Conflict Disambiguation
 In the unlikely event of two Anode addresses with the same short identifier,
 the recipient should use MAC validation to disambiguate. The peer ID must not
 be relied upon for this purpose.
 *****************************************************************************
 4. Basic Signaling and Transport Protocol
 4.1. Message Types
 |---------------------------------------------------------------------------|
 | Type        | ID   | Description                                          |
 |---------------------------------------------------------------------------|
 | ERROR       | 0x00 | Error response                                       |
 | PING        | 0x01 | Echo request                                         |
 | PONG        | 0x02 | Echo response                                        |
 | EPC_REQ     | 0x03 | Endpoint check request                               |
 | EPC         | 0x04 | Endpoint check response                              |
 | EPI         | 0x05 | Endpoint information                                 |
 | NAT_T       | 0x06 | NAT traversal message                                |
 | NETID_REQ   | 0x07 | Request network address identification and/or test   |
 | NETID       | 0x08 | Response to network address identification request   |
 | DGRAM       | 0x09 | Simple UDP-like datagram                             |
 |---------------------------------------------------------------------------|
 4.2. Message Details
 4.2.1. ERROR
 |---------------------------------------------------------------------------|
 | Field             | Length | Description                                  |
 |---------------------------------------------------------------------------|
 | Error Code        | 2      | 16-bit error code                            |
 | Error Arguments   | ?      | Error arguments, depending on error type     |
 |---------------------------------------------------------------------------|
 Error arguments are empty unless otherwise stated below.
 Error codes:
 |---------------------------------------------------------------------------|
 | Error Code | Description                                                  |
 |---------------------------------------------------------------------------|
 | 0x01       | Message not valid                                            |
 | 0x02       | Message authentication or decryption failed                  |
 | 0x03       | Relaying and related features not authorized                 |
 | 0x04       | Relay recipient not reachable                                |
 |---------------------------------------------------------------------------|
 Generation of errors is optional. A peer may choose to ignore invalid
 messages or to throttle the sending of errors.
 4.2.2. PING
 (Payload unspecified.)
 Request echo of payload as PONG message.
 4.2.3. PONG
 (Payload unspecified.)
 Echoed payload of received PING message.
 4.2.4. EPC_REQ
 |---------------------------------------------------------------------------|
 | Field             | Length | Description                                  |
 |---------------------------------------------------------------------------|
 | Request ID        | 4      | 32-bit request ID                            |
 |---------------------------------------------------------------------------|
 Request echo of request ID in EPC message, used to check and learn endpoints.
 To learn a network endpoint for a peer, CHECK_REQ is sent. If CHECK is
 returned with a valid request ID, the endpoint is considered valid.
 4.2.5. EPC
 |---------------------------------------------------------------------------|
 | Field             | Length | Description                                  |
 |---------------------------------------------------------------------------|
 | Request ID        | 4      | 32-bit request ID echoed back                |
 |---------------------------------------------------------------------------|
 Response to EPC_REQ containing request ID.
 4.2.6. EPI
 |---------------------------------------------------------------------------|
 | Field             | Length | Description                                  |
 |---------------------------------------------------------------------------|
 | Flags             | 1      | 8-bit flags                                  |
 | Endpoint          | ?      | Endpoint type and address                    |
 | NAT-T mode        | 1      | 8-bit NAT traversal mode                     |
 | NAT-T options     | ?      | Options related to specified NAT-T mode      |
 |---------------------------------------------------------------------------|
 EPI stands for EndPoint Identification, and is sent to notify another peer of
 a network endpoint where the sending peer is reachable.
 If the receiving peer is interested in communicating with the sending peer,
 the receiving peer must send EPC_REQ to the sending peer at the specified
 endpoint to check the validity of that endpoint. The endpoint is learned if a
 valid EPC is returned.
 If the endpoint in EPI is unspecified, the actual source of the EPI message
 is the endpoint. This allows EPI messages to be broadcast on a local LAN
 segment to advertise the presence of an address on a local network. EPI
 broadcasts on local IP networks must be made to UDP port 8737.
 Usually EPI is sent via relays (usually zone relays) to inform a peer of an
 endpoint for direct communication.
 There are presently no flags, so flags must be zero.
 4.2.7. NAT_T
 |---------------------------------------------------------------------------|
 | Field             | Length | Description                                  |
 |---------------------------------------------------------------------------|
 | NAT-T mode        | 1      | 8-bit NAT traversal mode                     |
 | NAT-T options     | ?      | Options related to specified NAT-T mode      |
 |---------------------------------------------------------------------------|
 NAT_T is used to send messages specific to certain NAT traversal modes.
 4.2.8. NETID_REQ
 |---------------------------------------------------------------------------|
 | Field             | Length | Description                                  |
 |---------------------------------------------------------------------------|
 | Request ID        | 4      | 32-bit request ID                            |
 | Endpoint          | ?      | Endpoint type and address information        |
 |---------------------------------------------------------------------------|
 When a NETID_REQ message is received, the recipient attempts to echo it back
 as a NETID message to the specified endpoint address. If the endpoint is
 unspecified, the recipient must fill it in with the actual origin of the
 NETID_REQ message. This allows a peer to cooperate with another peer (usually
 a zone relay) to empirically determine its externally visible network
 address information.
 A peer may ignore NETID_REQ or respond with an error if it does not allow
 relaying.
 4.2.9. NETID
 |---------------------------------------------------------------------------|
 | Field             | Length | Description                                  |
 |---------------------------------------------------------------------------|
 | Request ID        | 4      | 32-bit request ID echoed back                |
 | Endpoint Type     | 1      | 8-bit endpoint type                          |
 | Endpoint Address  | ?      | Endpoint Address (size depends on type)      |
 |---------------------------------------------------------------------------|
 NETID is sent in response to NETID_REQ to the specified endpoint address. It
 always contains the endpoint address to which it was sent.
 4.2.10. DGRAM
 |---------------------------------------------------------------------------|
 | Field             | Length | Description                                  |
 |---------------------------------------------------------------------------|
 | Source Port       | 2      | 16-bit source port                           |
 | Destination Port  | 2      | 16-bit destination port                      |
 | Payload           | ?      | Datagram packet payload                      |
 |---------------------------------------------------------------------------|
 A datagram is a UDP-like message without flow control or delivery assurance.
 *****************************************************************************
 5. Stream Protocol
 The stream protocol is very similar to TCP, though it omits some features
 that are not required since they are taken care of by the encapsulating
 protocol. SCTP was also an inspiration in the design.
 5.1. Message Types
 |---------------------------------------------------------------------------|
 | Type      | ID | Description                                              |
 |---------------------------------------------------------------------------|
 | S_OPEN    | 20 | Initiate a streaming connection (like TCP SYN)           |
 | S_CLOSE   | 21 | Terminate a streaming connection (like TCP RST/FIN)      |
 | S_DATA    | 22 | Data packet                                              |
 | S_ACK     | 23 | Acknowedge receipt of one or more data packets           |
 | S_DACK    | 24 | Combination of DATA and ACK                              |
 |---------------------------------------------------------------------------|
 5.2. Message Details
 5.2.1. S_OPEN
 |---------------------------------------------------------------------------|
 | Field             | Length | Description                                  |
 |---------------------------------------------------------------------------|
 | Sender Link ID    | 2      | 16-bit sender link ID                        |
 | Destination Port  | 2      | 16-bit destination port                      |
 | Window Size       | 2      | 16-bit window size in 1024-byte increments   |
 | Init. Seq. Number | 4      | 32-bit initial sequence number               |
 | Flags             | 1      | 8-bit flags                                  |
 |---------------------------------------------------------------------------|
 The OPEN message corresponds to TCP SYN, and initiates a connection. It
 specifies the initial window size for the sender and the sender's initial
 sequence number, which should be randomly chosen to prevent replay attacks.
 If OPEN is successful, the recipient sends its own OPEN to establish the
 connetion. If OPEN is unsuccessful, CLOSE is sent with its initial and current
 sequence numbers equal and an appropriate reason such as "connection refused."
 The sender link ID must be unique for a given recipient.
 If flag 01 is set, the sender link ID is actually a source port where the
 sender might be listening for connections as well. This exactly duplicates
 the behavior of standard TCP. Otherwise, the sender link ID is simply an
 arbitrary number that the sender uses to identify the connection with this
 recipient and there is no port of origin. Ports of origin are optional for
 Anode streaming connections to permit greater scalability.
 5.2.2. S_CLOSE
 |---------------------------------------------------------------------------|
 | Field             | Length | Description                                  |
 |---------------------------------------------------------------------------|
 | Sender Link ID    | 2      | 16-bit sender link ID                        |
 | Destination Port  | 2      | 16-bit destination port                      |
 | Flags             | 1      | 8-bit flags                                  |
 | Reason            | 1      | 8-bit close reason                           |
 | Init. Seq. Number | 4      | 32-bit initial sequence number               |
 | Sequence Number   | 4      | 32-bit current sequence number               |
 |---------------------------------------------------------------------------|
 The CLOSE message serves a function similar to TCP FIN. The initial sequence
 number is the original starting sequence number sent with S_OPEN, while the
 current sequence number is the sequence number corresponding to the close
 and must be ACKed to complete the close operation. The use of the initial
 sequence number helps to serve as a key to prevent replay attacks.
 CLOSE is also used to indicate a failed OPEN attempt. In this case the current
 sequence number will be equal to the initial sequence number and no ACK will
 be expected.
 There are currently no flags, so flags must be zero.
 The reason field describes the reason for the close:
 |---------------------------------------------------------------------------|
 | Reason Code | Description                                                 |
 |---------------------------------------------------------------------------|
 | 00          | Application closed connection                               |
 | 01          | Connection refused                                          |
 | 02          | Protocol error                                              |
 | 03          | Timed out                                                   |
 |---------------------------------------------------------------------------|
 Established connections will usually be closed with reason 00, while reason
 01 is usually provided if an OPEN is received but the port is not bound.
 5.2.3. S_DATA
 |---------------------------------------------------------------------------|
 | Field             | Length | Description                                  |
 |---------------------------------------------------------------------------|
 | Sender Link ID    | 2      | 16-bit sender link ID                        |
 | Destination Port  | 2      | 16-bit destination port                      |
 | Sequence Number   | 4      | 32-bit sequence number                       |
 | Payload           | ?      | Data payload                                 |
 |---------------------------------------------------------------------------|
 The DATA message carries a packet of data, with the sequence number
 determining order. The sequence number is monotonically incremented with
 each data packet, and wraps at the maximum value of an unsigned 32-bit
 integer.
 5.2.4. S_ACK
 |---------------------------------------------------------------------------|
 | Field             | Length | Description                                  |
 |---------------------------------------------------------------------------|
 | Sender Link ID    | 2      | 16-bit sender link ID                        |
 | Destination Port  | 2      | 16-bit destination port                      |
 | Window Size       | 2      | 16-bit window size in 1024-byte increments   |
 | Acknowledgements  | ?      | One or more acknowledgements (see below)     |
 |---------------------------------------------------------------------------|
 Each acknowledgement is a 32-bit integer followed by an 8-bit integer (5 bytes
 total). The 32-bit integer is the first sequence number to acknowledge, and
 the 8-bit integer is the number of sequential following sequence numbers to
 acknowledge. For example "1, 4" would acknowledge sequence numbers 1, 2, 3,
 and 4.
 5.2.5. S_DACK
 |---------------------------------------------------------------------------|
 | Field             | Length | Description                                  |
 |---------------------------------------------------------------------------|
 | Sender Link ID    | 2      | 16-bit sender link ID                        |
 | Destination Port  | 2      | 16-bit destination port                      |
 | Window Size       | 2      | 16-bit window size in 1024-byte increments   |
 | Num. Acks         | 1      | 8-bit number of acknowledgements             |
 | Acknowledgements  | ?      | One or more acknowledgements                 |
 | Payload           | ?      | Data payload                                 |
 |---------------------------------------------------------------------------|
 The DACK message combines ACK and DATA, allowing two peers that are both
 transmitting data to efficiently ACK without a separate packet.
--- a/attic/historic/anode/libanode/Makefile
+++ b/attic/historic/anode/libanode/Makefile
@ -0,0 +1,33 @@
 SYSNAME:=${shell uname}
 SYSNAME!=uname
 include ../config.mk.${SYSNAME}
 LIBANODE_OBJS= \
  impl/aes.o \
  impl/dictionary.o \
  impl/dns_txt.o \
  impl/ec.o \
  impl/environment.o \
  impl/misc.o \
  impl/thread.o \
  address.o \
  aes_digest.o \
  errors.o \
  identity.o \
  network_address.o \
  secure_random.o \
  system_transport.o \
  uri.o
 #  zone.o
 all:	$(LIBANODE_OBJS)
 	ar rcs libanode.a $(LIBANODE_OBJS)
 	ranlib libanode.a
 	$(CC) $(CFLAGS) -o utils/anode-make-identity utils/anode-make-identity.c $(LIBANODE_OBJS) $(LIBANODE_LIBS)
 clean: force
 	rm -f $(LIBANODE_OBJS)
 	rm -f libanode.$(DLLEXT) libanode.a
 	rm -f utils/anode-make-identity
 force: ;
--- a/attic/historic/anode/libanode/address.c
+++ b/attic/historic/anode/libanode/address.c
@ -0,0 +1,98 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include "impl/aes.h"
 #include "impl/ec.h"
 #include "impl/misc.h"
 #include "impl/types.h"
 #include "anode.h"
 int AnodeAddress_calc_short_id(
  const AnodeAddress *address,
  AnodeAddressId *short_address_id)
 {
  unsigned char digest[16];
  switch(AnodeAddress_get_type(address)) {
    case ANODE_ADDRESS_ANODE_256_40:
      Anode_aes_digest(address->bits,ANODE_ADDRESS_LENGTH_ANODE_256_40,digest);
      break;
    default:
      return ANODE_ERR_ADDRESS_INVALID;
  }
  *((uint64_t *)short_address_id->bits) = ((uint64_t *)digest)[0] ^ ((uint64_t *)digest)[1];
  return 0;
 }
 int AnodeAddress_get_zone(const AnodeAddress *address,AnodeZone *zone)
 {
  switch(AnodeAddress_get_type(address)) {
    case ANODE_ADDRESS_ANODE_256_40:
      *((uint32_t *)&(zone->bits[0])) = *((uint32_t *)&(address->bits[1]));
      return 0;
  }
  return ANODE_ERR_ADDRESS_INVALID;
 }
 int AnodeAddress_to_string(const AnodeAddress *address,char *buf,int len)
 {
  const unsigned char *inptr;
  char *outptr;
  unsigned int i;
  switch(AnodeAddress_get_type(address)) {
    case ANODE_ADDRESS_ANODE_256_40:
      if (len < (((ANODE_ADDRESS_LENGTH_ANODE_256_40 / 5) * 8) + 1))
        return ANODE_ERR_BUFFER_TOO_SMALL;
      inptr = (const unsigned char *)address->bits;
      outptr = buf;
      for(i=0;i<(ANODE_ADDRESS_LENGTH_ANODE_256_40 / 5);++i) {
        Anode_base32_5_to_8(inptr,outptr);
        inptr += 5;
        outptr += 8;
      }
      *outptr = (char)0;
      return ((ANODE_ADDRESS_LENGTH_ANODE_256_40 / 5) * 8);
  }
  return ANODE_ERR_ADDRESS_INVALID;
 }
 int AnodeAddress_from_string(const char *str,AnodeAddress *address)
 {
  const char *blk_start = str;
  const char *ptr = str;
  unsigned int address_len = 0;
  while (*ptr) {
    if ((unsigned long)(ptr - blk_start) == 8) {
      if ((address_len + 5) > sizeof(address->bits))
        return ANODE_ERR_ADDRESS_INVALID;
      Anode_base32_8_to_5(blk_start,(unsigned char *)&(address->bits[address_len]));
      address_len += 5;
      blk_start = ptr;
    }
    ++ptr;
  }
  if (ptr != blk_start)
    return ANODE_ERR_ADDRESS_INVALID;
  if (AnodeAddress_get_type(address) != ANODE_ADDRESS_ANODE_256_40)
    return ANODE_ERR_ADDRESS_INVALID;
  return 0;
 }
--- a/attic/historic/anode/libanode/aes_digest.c
+++ b/attic/historic/anode/libanode/aes_digest.c
@ -0,0 +1,85 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include "anode.h"
 #include "impl/aes.h"
 #include "impl/misc.h"
 #include "impl/types.h"
 void Anode_aes_digest(const void *const message,unsigned long message_len,void *const hash)
 {
  unsigned char previous_digest[16];
  unsigned char digest[16];
  unsigned char block[32];
  const unsigned char *in = (const unsigned char *)message;
  const unsigned char *end = in + message_len;
  unsigned long block_counter;
  AnodeAesExpandedKey expkey;
  ((uint64_t *)digest)[0] = 0ULL;
  ((uint64_t *)digest)[1] = 0ULL;
  ((uint64_t *)block)[0] = 0ULL;
  ((uint64_t *)block)[1] = 0ULL;
  ((uint64_t *)block)[2] = 0ULL;
  ((uint64_t *)block)[3] = 0ULL;
  /* Davis-Meyer hash function built from block cipher */
  block_counter = 0;
  while (in != end) {
    block[block_counter++] = *(in++);
    if (block_counter == 32) {
      block_counter = 0;
      ((uint64_t *)previous_digest)[0] = ((uint64_t *)digest)[0];
      ((uint64_t *)previous_digest)[1] = ((uint64_t *)digest)[1];
      Anode_aes256_expand_key(block,&expkey);
      Anode_aes256_encrypt(&expkey,digest,digest);
      ((uint64_t *)digest)[0] ^= ((uint64_t *)previous_digest)[0];
      ((uint64_t *)digest)[1] ^= ((uint64_t *)previous_digest)[1];
    }
  }
  /* Davis-Meyer end marker */
  block[block_counter++] = 0x80;
  while (block_counter != 32) block[block_counter++] = 0;
  ((uint64_t *)previous_digest)[0] = ((uint64_t *)digest)[0];
  ((uint64_t *)previous_digest)[1] = ((uint64_t *)digest)[1];
  Anode_aes256_expand_key(block,&expkey);
  Anode_aes256_encrypt(&expkey,digest,digest);
  ((uint64_t *)digest)[0] ^= ((uint64_t *)previous_digest)[0];
  ((uint64_t *)digest)[1] ^= ((uint64_t *)previous_digest)[1];
  /* Merkle-Damgård length padding */
  ((uint64_t *)block)[0] = 0ULL;
  if (sizeof(message_len) >= 8) { /* 32/64 bit? this will get optimized out */
    block[8] = (uint8_t)((uint64_t)message_len >> 56);
    block[9] = (uint8_t)((uint64_t)message_len >> 48);
    block[10] = (uint8_t)((uint64_t)message_len >> 40);
    block[11] = (uint8_t)((uint64_t)message_len >> 32);
  } else ((uint32_t *)block)[2] = 0;
  block[12] = (uint8_t)(message_len >> 24);
  block[13] = (uint8_t)(message_len >> 16);
  block[14] = (uint8_t)(message_len >> 8);
  block[15] = (uint8_t)message_len;
  ((uint64_t *)previous_digest)[0] = ((uint64_t *)digest)[0];
  ((uint64_t *)previous_digest)[1] = ((uint64_t *)digest)[1];
  Anode_aes256_expand_key(block,&expkey);
  Anode_aes256_encrypt(&expkey,digest,digest);
  ((uint64_t *)digest)[0] ^= ((uint64_t *)previous_digest)[0];
  ((uint64_t *)digest)[1] ^= ((uint64_t *)previous_digest)[1];
  ((uint64_t *)hash)[0] = ((uint64_t *)digest)[0];
  ((uint64_t *)hash)[1] = ((uint64_t *)digest)[1];
 }
--- a/attic/historic/anode/libanode/anode.h
+++ b/attic/historic/anode/libanode/anode.h
@ -0,0 +1,795 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #ifndef _ANODE_ANODE_H
 #define _ANODE_ANODE_H
 #ifdef __cplusplus
 extern "C" {
 #endif
 #ifndef NULL
 #define NULL ((void *)0)
 #endif
 #define ANODE_ADDRESS_LENGTH_ANODE_256_40 40
 #define ANODE_ADDRESS_MAX_LENGTH 40
 #define ANODE_ADDRESS_SECRET_LENGTH_ANODE_256_40 32
 #define ANODE_ADDRESS_MAX_SECRET_LENGTH 32
 #define ANODE_ADDRESS_ID_LENGTH 8
 #define ANODE_ZONE_LENGTH 4
 #define ANODE_ERR_NONE 0
 #define ANODE_ERR_INVALID_ARGUMENT (-10000)
 #define ANODE_ERR_OUT_OF_MEMORY (-10001)
 #define ANODE_ERR_INVALID_URI (-10002)
 #define ANODE_ERR_BUFFER_TOO_SMALL (-10003)
 #define ANODE_ERR_ADDRESS_INVALID (-10010)
 #define ANODE_ERR_ADDRESS_TYPE_NOT_SUPPORTED (-10011)
 #define ANODE_ERR_CONNECTION_CLOSED (-10012)
 #define ANODE_ERR_CONNECTION_CLOSED_BY_REMOTE (-10013)
 #define ANODE_ERR_CONNECT_FAILED (-10014)
 #define ANODE_ERR_UNABLE_TO_BIND (-10015)
 #define ANODE_ERR_TOO_MANY_OPEN_SOCKETS (-10016)
 #define ANODE_ERR_DNS_NAME_NOT_FOUND_OR_TIMED_OUT (-10017)
 /**
 * Get a human-readable error description for an error code
 *
 * The value of 'err' can be either negative or positive.
 *
 * @param err Error code
 * @return Human-readable description
 */
 extern const char *Anode_strerror(int err);
 /* ----------------------------------------------------------------------- */
 /* Secure random source                                                    */
 /* ----------------------------------------------------------------------- */
 /**
 * Opaque secure random instance
 */
 typedef void AnodeSecureRandom;
 /**
 * Initialize a secure random source
 *
 * No cleanup/destructor is necessary.
 *
 * @param srng Random structure to initialize
 */
 extern AnodeSecureRandom *AnodeSecureRandom_new();
 /**
 * Generate random bytes
 *
 * @param srng Secure random source
 * @param buf Buffer to fill
 * @param count Number of bytes to generate
 */
 extern void AnodeSecureRandom_gen_bytes(AnodeSecureRandom *srng,void *buf,long count);
 /**
 * Destroy and free a secure random instance
 *
 * @param srng Secure random source
 */
 extern void AnodeSecureRandom_delete(AnodeSecureRandom *srng);
 /* ----------------------------------------------------------------------- */
 /* AES-256 derived Davis-Meyer hash function                               */
 /* ----------------------------------------------------------------------- */
 /**
 * Digest a message using AES-DIGEST to yield a 16-byte hash code
 *
 * @param message Message to digest
 * @param message_len Length of message in bytes
 * @param hash Buffer to store 16 byte hash code
 */
 extern void Anode_aes_digest(
  const void *const message,
  unsigned long message_len,
  void *const hash);
 /* ----------------------------------------------------------------------- */
 /* Address Types and Components                                            */
 /* ----------------------------------------------------------------------- */
 /**
 * Anode address
 *
 * The first byte always identifies the address type, which right now can
 * only be type 1 (ANODE-256-40).
 */
 typedef struct
 {
  char bits[ANODE_ADDRESS_MAX_LENGTH];
 } AnodeAddress;
 /**
 * 8-byte short Anode address ID
 */
 typedef struct
 {
  char bits[ANODE_ADDRESS_ID_LENGTH];
 } AnodeAddressId;
 /**
 * 4-byte Anode zone ID
 */
 typedef struct
 {
  char bits[ANODE_ZONE_LENGTH];
 } AnodeZone;
 /**
 * Anode address types
 */
 enum AnodeAddressType
 {
  ANODE_ADDRESS_ANODE_256_40 = 1
 };
 /**
 * Get the type of an Anode address
 *
 * This is a shortcut macro for just looking at the first byte and casting
 * it to the AnodeAddressType enum.
 *
 * @param a Pointer to address
 * @return Type as enum AnodeAddressType
 */
 #define AnodeAddress_get_type(a) ((enum AnodeAddressType)((a)->bits[0]))
 /**
 * Calculate the short 8 byte address ID from an address
 *
 * @param address Binary address
 * @param short_address_id Buffer to store 8-byte short address ID
 * @return 0 on success or error code on failure
 */
 extern int AnodeAddress_calc_short_id(
  const AnodeAddress *address,
  AnodeAddressId *short_address_id);
 /**
 * Extract the zone from an anode address
 *
 * @param address Binary address
 * @param zone Zone value-result parameter to fill on success
 * @return 0 on success or error code on failure
 */
 extern int AnodeAddress_get_zone(const AnodeAddress *address,AnodeZone *zone);
 /**
 * Convert an address to an ASCII string
 *
 * Anode addresses are 64 characters in ASCII form, so the buffer should
 * have 65 bytes of space.
 *
 * @param address Address to convert
 * @param buf Buffer to receive address in string form (should have 65 bytes of space)
 * @param len Length of buffer
 * @return Length of resulting string or a negative error code on error
 */
 extern int AnodeAddress_to_string(const AnodeAddress *address,char *buf,int len);
 /**
 * Convert a string into an address
 *
 * @param str Address in string form
 * @param address Address buffer to receive result
 * @return Zero on sucess or error code on error
 */
 extern int AnodeAddress_from_string(const char *str,AnodeAddress *address);
 /**
 * Supported network address types
 */
 enum AnodeNetworkAddressType
 {
  ANODE_NETWORK_ADDRESS_IPV4 = 0,
  ANODE_NETWORK_ADDRESS_IPV6 = 1,
  ANODE_NETWORK_ADDRESS_ETHERNET = 2,  /* reserved but unused */
  ANODE_NETWORK_ADDRESS_USB = 3,       /* reserved but unused */
  ANODE_NETWORK_ADDRESS_BLUETOOTH = 4, /* reserved but unused */
  ANODE_NETWORK_ADDRESS_IPC = 5,       /* reserved but unused */
  ANODE_NETWORK_ADDRESS_80211S = 6,    /* reserved but unused */
  ANODE_NETWORK_ADDRESS_SERIAL = 7,    /* reserved but unused */
  ANODE_NETWORK_ADDRESS_ANODE_256_40 = 8
 };
 /**
 * Anode network address
 *
 * This can contain an address of any type: IPv4, IPv6, or Anode, and is used
 * with the common transport API.
 *
 * The length of the address stored in bits[] is determined by the type.
 */
 typedef struct
 {
  enum AnodeNetworkAddressType type;
  char bits[ANODE_ADDRESS_MAX_LENGTH];
 } AnodeNetworkAddress;
 /**
 * An endpoint with an address and a port
 */
 typedef struct
 {
  AnodeNetworkAddress address;
  int port;
 } AnodeNetworkEndpoint;
 /* Constants for binding to any address (v4 or v6) */
 extern const AnodeNetworkAddress AnodeNetworkAddress_IP_ANY_V4;
 extern const AnodeNetworkAddress AnodeNetworkAddress_IP_ANY_V6;
 /* Local host address in v4 and v6 */
 extern const AnodeNetworkAddress AnodeNetworkAddress_IP_LOCAL_V4;
 extern const AnodeNetworkAddress AnodeNetworkAddress_IP_LOCAL_V6;
 /**
 * Convert a network address to an ASCII string
 *
 * The buffer must have room for a 15 character string for IPv4, a 40 byte
 * string for IPv6, and a 64 byte string for Anode addresses. This does not
 * include the trailing null.
 *
 * @param address Address to convert
 * @param buf Buffer to receive address in string form
 * @param len Length of buffer
 * @return Length of resulting string or a negative error code on error
 */
 extern int AnodeNetworkAddress_to_string(const AnodeNetworkAddress *address,char *buf,int len);
 /**
 * Convert a string into a network address of the correct type
 *
 * @param str Address in string form
 * @param address Address buffer to receive result
 * @return Zero on sucess or error code on error
 */
 extern int AnodeNetworkAddress_from_string(const char *str,AnodeNetworkAddress *address);
 /**
 * Fill a network endpoint from a C-API sockaddr structure
 *
 * The argument must be struct sockaddr_in for IPv4 or sockaddr_in6 for IPv6.
 * The common sin_family field will be used to differentiate.
 *
 * @param sockaddr Pointer to proper sockaddr structure
 * @param endpoint Endpoint structure to fill
 * @return Zero on success or error on failure
 */
 extern int AnodeNetworkEndpoint_from_sockaddr(const void *sockaddr,AnodeNetworkEndpoint *endpoint);
 /**
 * Fill a sockaddr from a network endpoint
 *
 * To support either IPv4 or IPv6 addresses, there is a sockaddr_storage
 * structure in most C APIs. If you supply anything other than an IP address
 * such as an Anode address, this will return an error.
 *
 * @param endpoint Endpoint structure to convert
 * @param sockaddr Sockaddr structure storage
 * @param sockaddr_len Length of sockaddr structure storage in bytes
 * @return Zero on success or error on failure
 */
 extern int AnodeNetworkEndpoint_to_sockaddr(const AnodeNetworkEndpoint *endpoint,void *sockaddr,int sockaddr_len);
 /* ----------------------------------------------------------------------- */
 /* Identity Generation and Management                                      */
 /* ----------------------------------------------------------------------- */
 /**
 * Anode identity structure containing address and secret key
 *
 * This structure is memcpy-safe, and its members are accessible.
 */
 typedef struct
 {
  /* The public Anode address */
  AnodeAddress address;
  /* Short address ID */
  AnodeAddressId address_id;
  /* The secret key corresponding with the public address */
  /* Secret length is determined by address type */
  char secret[ANODE_ADDRESS_MAX_SECRET_LENGTH];
 } AnodeIdentity;
 /**
 * Generate a new identity
 *
 * This generates a public/private key pair and from that generates an
 * identity containing an address and a secret key.
 *
 * @param identity Destination structure to store new identity
 * @param zone Zone ID
 * @param type Type of identity to generate
 * @return Zero on success, error on failure
 */
 extern int AnodeIdentity_generate(
  AnodeIdentity *identity,
  const AnodeZone *zone,
  enum AnodeAddressType type);
 /**
 * Convert an Anode identity to a string representation
 *
 * @param identity Identity to convert
 * @param dest String buffer
 * @param dest_len Length of string buffer
 * @return Length of string created or negative error code on failure
 */
 extern int AnodeIdentity_to_string(
  const AnodeIdentity *identity,
  char *dest,
  int dest_len);
 /**
 * Convert a string representation to an Anode identity structure
 *
 * @param identity Destination structure to fill
 * @param str C-string containing string representation
 * @return Zero on success or negative error code on failure
 */
 extern int AnodeIdentity_from_string(
  AnodeIdentity *identity,
  const char *str);
 /* ----------------------------------------------------------------------- */
 /* Transport API                                                           */
 /* ----------------------------------------------------------------------- */
 struct _AnodeTransport;
 typedef struct _AnodeTransport AnodeTransport;
 struct _AnodeEvent;
 typedef struct _AnodeEvent AnodeEvent;
 /**
 * Anode socket
 */
 typedef struct
 {
  /* Type of socket (read-only) */
  enum {
    ANODE_SOCKET_DATAGRAM = 1,
    ANODE_SOCKET_STREAM_LISTEN = 2,
    ANODE_SOCKET_STREAM_CONNECTION = 3
  } type;
  /* Socket state */
  enum {
    ANODE_SOCKET_CLOSED = 0,
    ANODE_SOCKET_OPEN = 1,
    ANODE_SOCKET_CONNECTING = 2,
  } state;
  /* Local address or remote address for stream connections (read-only) */
  AnodeNetworkEndpoint endpoint;
  /* Name of owning class (read-only) */
  const char *class_name;
  /* Pointers for end user use (writable) */
  void *user_ptr[2];
  /* Special handler to receive events or null for default (writable) */
  void (*event_handler)(const AnodeEvent *event);
 } AnodeSocket;
 /**
 * Anode transport I/O event
 */
 struct _AnodeEvent
 {
  enum {
    ANODE_TRANSPORT_EVENT_DATAGRAM_RECEIVED = 1,
    ANODE_TRANSPORT_EVENT_STREAM_INCOMING_CONNECT = 2,
    ANODE_TRANSPORT_EVENT_STREAM_OUTGOING_CONNECT_ESTABLISHED = 3,
    ANODE_TRANSPORT_EVENT_STREAM_OUTGOING_CONNECT_FAILED = 4,
    ANODE_TRANSPORT_EVENT_STREAM_CLOSED = 5,
    ANODE_TRANSPORT_EVENT_STREAM_DATA_RECEIVED = 6,
    ANODE_TRANSPORT_EVENT_STREAM_AVAILABLE_FOR_WRITE = 7,
    ANODE_TRANSPORT_EVENT_DNS_RESULT = 8
  } type;
  AnodeTransport *transport;
  /* Anode socket corresponding to this event */
  AnodeSocket *sock;
  /* Originating endpoint for incoming datagrams */
  AnodeNetworkEndpoint *datagram_from;
  /* DNS lookup results */
  const char *dns_name;
  AnodeNetworkAddress *dns_addresses;
  int dns_address_count;
  /* Error code or 0 for none */
  int error_code;
  /* Data for incoming datagrams and stream received events */
  int data_length;
  char *data;
 };
 /**
 * Enum used for dns_resolve method in transport to specify query rules
 *
 * This can be specified for ipv4, ipv6, and Anode address types to tell the
 * DNS resolver when to bother querying for addresses of the given type.
 * NEVER means to never query for this type, and ALWAYS means to always
 * query. IF_NO_PREVIOUS means to query for this type if no addresses were
 * found in previous queries. Addresses are queried in the order of ipv4,
 * ipv6, then Anode, so if you specify IF_NO_PREVIOUS for all three you will
 * get addresses in that order of priority.
 */
 enum AnodeTransportDnsIncludeMode
 {
  ANODE_TRANSPORT_DNS_QUERY_NEVER = 0,
  ANODE_TRANSPORT_DNS_QUERY_ALWAYS = 1,
  ANODE_TRANSPORT_DNS_QUERY_IF_NO_PREVIOUS = 2
 };
 struct _AnodeTransport
 {
  /**
   * Set the default event handler
   *
   * @param transport Transport engine
   * @param event_handler Default event handler
   */
  void (*set_default_event_handler)(AnodeTransport *transport,
    void (*event_handler)(const AnodeEvent *event));
  /**
   * Enqueue a function to be executed during a subsequent call to poll()
   *
   * This can be called from other threads, so it can be used to pass a
   * message to the I/O thread in multithreaded applications.
   *
   * If it is called from the same thread, the function is still queued to be
   * run later rather than being run instantly.
   *
   * The order in which invoked functions are called is undefined.
   *
   * @param transport Transport engine
   * @param ptr Arbitrary pointer to pass to function to be called
   * @param func Function to be called
   */
  void (*invoke)(AnodeTransport *transport,
    void *ptr,
    void (*func)(void *));
  /**
   * Initiate a forward DNS query
   *
   * @param transport Transport instance
   * @param name DNS name to query
   * @param event_handler Event handler or null for default event path
   * @param ipv4_include_mode Inclusion mode for IPv4 addresses
   * @param ipv6_include_mode Inclusion mode for IPv6 addresses
   * @param anode_include_mode Inclusion mode for Anode addresses
   */
  void (*dns_resolve)(AnodeTransport *transport,
    const char *name,
    void (*event_handler)(const AnodeEvent *),
    enum AnodeTransportDnsIncludeMode ipv4_include_mode,
    enum AnodeTransportDnsIncludeMode ipv6_include_mode,
    enum AnodeTransportDnsIncludeMode anode_include_mode);
  /**
   * Open a datagram socket
   *
   * @param transport Transport instance
   * @param local_address Local address to bind
   * @param local_port Local port to bind
   * @param error_code Value-result parameter to receive error code on error
   * @return Listen socket or null if error (check error_code in error case)
   */
  AnodeSocket *(*datagram_listen)(AnodeTransport *transport,
    const AnodeNetworkAddress *local_address,
    int local_port,
    int *error_code);
  /**
   * Open a socket to listen for incoming stream connections
   *
   * @param transport Transport instance
   * @param local_address Local address to bind
   * @param local_port Local port to bind
   * @param error_code Value-result parameter to receive error code on error
   * @return Listen socket or null if error (check error_code in error case)
   */
  AnodeSocket *(*stream_listen)(AnodeTransport *transport,
    const AnodeNetworkAddress *local_address,
    int local_port,
    int *error_code);
  /**
   * Send a datagram to a network endpoint
   *
   * @param transport Transport instance
   * @param socket Originating datagram socket
   * @param data Data to send
   * @param data_len Length of data to send
   * @param to_endpoint Destination endpoint
   * @return Zero on success or error code on error
   */
  int (*datagram_send)(AnodeTransport *transport,
    AnodeSocket *sock,
    const void *data,
    int data_len,
    const AnodeNetworkEndpoint *to_endpoint);
  /**
   * Initiate an outgoing stream connection attempt
   *
   * For IPv4 and IPv6 addresses, this will initiate a TCP connection. For
   * Anode addresses, Anode's internal streaming protocol will be used.
   *
   * @param transport Transport instance
   * @param to_endpoint Destination endpoint
   * @param error_code Error code value-result parameter, filled on error
   * @return Stream socket object or null on error (check error_code)
   */
  AnodeSocket *(*stream_connect)(AnodeTransport *transport,
    const AnodeNetworkEndpoint *to_endpoint,
    int *error_code);
  /**
   * Indicate that you are interested in writing to a stream
   *
   * This does nothing if the socket is not a stream connection or is not
   * connected.
   *
   * @param transport Transport instance
   * @param sock Stream connection
   */
  void (*stream_start_writing)(AnodeTransport *transport,
    AnodeSocket *sock);
  /**
   * Indicate that you are no longer interested in writing to a stream
   *
   * This does nothing if the socket is not a stream connection or is not
   * connected.
   *
   * @param transport Transport instance
   * @param sock Stream connection
   */
  void (*stream_stop_writing)(AnodeTransport *transport,
    AnodeSocket *sock);
  /**
   * Send data to a stream connection
   *
   * This must be called after a stream is indicated to be ready for writing.
   * It returns the number of bytes actually written, or a negative error
   * code on failure.
   *
   * A return value of zero can occur here, and simply indicates that nothing
   * was sent. This may occur with certain network stacks on certain
   * platforms.
   *
   * @param transport Transport engine
   * @param sock Stream socket
   * @param data Data to send
   * @param data_len Maximum data to send in bytes
   * @return Actual data sent or negative error code on error
   */
  int (*stream_send)(AnodeTransport *transport,
    AnodeSocket *sock,
    const void *data,
    int data_len);
  /**
   * Close a socket
   *
   * If the socket is a stream connection in the connected state, this
   * will generate a stream closed event with a zero error_code to indicate
   * a normal close.
   *
   * @param transport Transport engine
   * @param sock Socket object
   */
  void (*close)(AnodeTransport *transport,
    AnodeSocket *sock);
  /**
   * Run main polling loop
   *
   * This should be called repeatedly from the I/O thread of your main
   * process. It blocks until one or more events occur, and then returns
   * the number of events. Error returns here are fatal and indicate
   * serious problems such as build or platform issues or a lack of any
   * network interface.
   *
   * Functions queued with invoke() are also called inside here.
   *
   * @param transport Transport engine
   * @return Number of events handled or negative on (fatal) error
   */
  int (*poll)(AnodeTransport *transport);
  /**
   * Check whether transport supports an address type
   *
   * Inheriting classes should call their base if they do not natively
   * speak the specified type.
   *
   * @param transport Transport engine
   * @param at Address type
   * @return Nonzero if true
   */
  int (*supports_address_type)(const AnodeTransport *transport,
    enum AnodeNetworkAddressType at);
  /**
   * Get the instance of AnodeTransport under this one (if any)
   *
   * @param transport Transport engine
   * @return Base instance or null if none
   */
  AnodeTransport *(*base_instance)(const AnodeTransport *transport);
  /**
   * @param transport Transport engine
   * @return Class name of this instance
   */
  const char *(*class_name)(AnodeTransport *transport);
  /**
   * Delete this transport and its base transports
   *
   * The 'transport' pointer and any streams or sockets it owns are no longer
   * valid after this call.
   *
   * @param transport Transport engine
   */
  void (*delete)(AnodeTransport *transport);
 };
 /**
 * Construct a new system transport
 *
 * This is the default base for AnodeTransport, and it is constructed
 * automatically if 'base' is null in AnodeTransport_new(). However, it also
 * exposed to the user so that specialized transports (such as those that use
 * proxy servers) can be developed on top of it. These in turn can be supplied
 * as 'base' to AnodeTransport_new() to talk Anode over these transports.
 *
 * The system transport supports IP protocols and possibly others.
 *
 * @param base Base class or null for none (usually null)
 * @return Base transport engine instance
 */
 extern AnodeTransport *AnodeSystemTransport_new(AnodeTransport *base);
 /**
 * Construct a new Anode core transport
 *
 * This is the transport that talks Anode using the specified base transport.
 * Requests for other address types are passed through to the base. If the
 * base is null, an instance of AnodeSystemTransport is used.
 *
 * Since transport engines inherit their functionality, this transport
 * will also do standard IP and everything else that the system transport
 * supports. Most users will just want to construct this with a null base.
 *
 * @param base Base transport to use, or null to use SystemTransport
 * @return Anode transport engine or null on error
 */
 extern AnodeTransport *AnodeCoreTransport_new(AnodeTransport *base);
 /* ----------------------------------------------------------------------- */
 /* URI Parser                                                              */
 /* ----------------------------------------------------------------------- */
 /**
 * URI broken down by component
 */
 typedef struct
 {
  char scheme[8];
  char username[64];
  char password[64];
  char host[128];
  char path[256];
  char query[256];
  char fragment[64];
  int port;
 } AnodeURI;
 /**
 * URI parser
 *
 * A buffer too small error will occur if any field is too large for the
 * AnodeURI structure.
 *
 * @param parsed_uri Structure to fill with parsed URI data
 * @param uri_string URI in string format
 * @return Zero on success or error on failure
 */
 extern int AnodeURI_parse(AnodeURI *parsed_uri,const char *uri_string);
 /**
 * Output a URI in string format
 *
 * @param uri URI to output as string
 * @param buf Buffer to store URI string
 * @param len Length of buffer
 * @return Buffer or null on error
 */
 extern char *AnodeURI_to_string(const AnodeURI *uri,char *buf,int len);
 /* ----------------------------------------------------------------------- */
 /* Zone File Lookup and Dictionary                                         */
 /* ----------------------------------------------------------------------- */
 /**
 * Zone file dictionary
 */
 typedef void AnodeZoneFile;
 /**
 * Start asynchronous zone fetch
 *
 * When the zone is retrieved, the lookup handler is called. If zone lookup
 * failed, the zone file argument to the handler will be null.
 *
 * @param transport Transport engine
 * @param zone Zone ID
 * @param user_ptr User pointer
 * @param zone_lookup_handler Handler for Anode zone lookup
 */
 extern void AnodeZoneFile_lookup(
  AnodeTransport *transport,
  const AnodeZone *zone,
  void *ptr,
  void (*zone_lookup_handler)(const AnodeZone *,AnodeZoneFile *,void *));
 /**
 * Look up a key in a zone file
 *
 * @param zone Zone file object
 * @param key Key to get in zone file
 */
 extern const char *AnodeZoneFile_get(const AnodeZoneFile *zone,const char *key);
 /**
 * Free a zone file
 *
 * @param zone Zone to free
 */
 extern void AnodeZoneFile_free(AnodeZoneFile *zone);
 /* ----------------------------------------------------------------------- */
 #ifdef __cplusplus
 }
 #endif
 #endif
--- a/attic/historic/anode/libanode/errors.c
+++ b/attic/historic/anode/libanode/errors.c
@ -0,0 +1,52 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include "anode.h"
 struct AnodeErrDesc
 {
  int code;
  const char *desc;
 };
 #define TOTAL_ERRORS 12
 static const struct AnodeErrDesc ANODE_ERRORS[TOTAL_ERRORS] = {
  { ANODE_ERR_NONE, "No error (success)" },
  { ANODE_ERR_INVALID_ARGUMENT, "Invalid argument" },
  { ANODE_ERR_OUT_OF_MEMORY, "Out of memory" },
  { ANODE_ERR_INVALID_URI, "Invalid URI" },
  { ANODE_ERR_BUFFER_TOO_SMALL, "Supplied buffer too small" },
  { ANODE_ERR_ADDRESS_INVALID, "Address invalid" },
  { ANODE_ERR_ADDRESS_TYPE_NOT_SUPPORTED, "Address type not supported"},
  { ANODE_ERR_CONNECTION_CLOSED, "Connection closed"},
  { ANODE_ERR_CONNECT_FAILED, "Connect failed"},
  { ANODE_ERR_UNABLE_TO_BIND, "Unable to bind to address"},
  { ANODE_ERR_TOO_MANY_OPEN_SOCKETS, "Too many open sockets"},
  { ANODE_ERR_DNS_NAME_NOT_FOUND_OR_TIMED_OUT, "DNS name not found or timed out"}
 };
 extern const char *Anode_strerror(int err)
 {
  int i;
  int negerr = -err;
  for(i=0;i<TOTAL_ERRORS;++i) {
    if ((ANODE_ERRORS[i].code == err)||(ANODE_ERRORS[i].code == negerr))
      return ANODE_ERRORS[i].desc;
  }
  return "Unknown error";
 }
--- a/attic/historic/anode/libanode/identity.c
+++ b/attic/historic/anode/libanode/identity.c
@ -0,0 +1,110 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdlib.h>
 #include <stdio.h>
 #include "impl/types.h"
 #include "impl/ec.h"
 #include "impl/misc.h"
 #include "anode.h"
 int AnodeIdentity_generate(AnodeIdentity *identity,const AnodeZone *zone,enum AnodeAddressType type)
 {
  struct AnodeECKeyPair kp;
  switch(type) {
    case ANODE_ADDRESS_ANODE_256_40:
      if (!AnodeECKeyPair_generate(&kp))
        return ANODE_ERR_OUT_OF_MEMORY;
      identity->address.bits[0] = (unsigned char)ANODE_ADDRESS_ANODE_256_40;
      identity->address.bits[1] = zone->bits[0];
      identity->address.bits[2] = zone->bits[1];
      identity->address.bits[3] = zone->bits[2];
      identity->address.bits[4] = zone->bits[3];
      identity->address.bits[5] = 0;
      identity->address.bits[6] = 0;
      Anode_memcpy((void *)&(identity->address.bits[7]),(const void *)kp.pub.key,ANODE_EC_PUBLIC_KEY_BYTES);
      Anode_memcpy((void *)identity->secret,(const void *)kp.priv.key,kp.priv.bytes);
      AnodeAddress_calc_short_id(&identity->address,&identity->address_id);
      AnodeECKeyPair_destroy(&kp);
      return 0;
  }
  return ANODE_ERR_INVALID_ARGUMENT;
 }
 int AnodeIdentity_to_string(const AnodeIdentity *identity,char *dest,int dest_len)
 {
  char hexbuf[128];
  char strbuf[128];
  int n;
  if ((n = AnodeAddress_to_string(&identity->address,strbuf,sizeof(strbuf))) <= 0)
    return n;
  switch(AnodeAddress_get_type(&identity->address)) {
    case ANODE_ADDRESS_ANODE_256_40:
      Anode_to_hex((const unsigned char *)identity->secret,ANODE_ADDRESS_SECRET_LENGTH_ANODE_256_40,hexbuf,sizeof(hexbuf));
      n = snprintf(dest,dest_len,"ANODE-256-40:%s:%s",strbuf,hexbuf);
      if (n >= dest_len)
        return ANODE_ERR_BUFFER_TOO_SMALL;
      return n;
  }
  return ANODE_ERR_INVALID_ARGUMENT;
 }
 int AnodeIdentity_from_string(AnodeIdentity *identity,const char *str)
 {
  char buf[1024];
  char *id_name;
  char *address;
  char *secret;
  int ec;
  Anode_str_copy(buf,str,sizeof(buf));
  id_name = buf;
  if (!id_name) return 0;
  if (!*id_name) return 0;
  address = (char *)Anode_strchr(id_name,':');
  if (!address) return 0;
  if (!*address) return 0;
  *(address++) = (char)0;
  secret = (char *)Anode_strchr(address,':');
  if (!secret) return 0;
  if (!*secret) return 0;
  *(secret++) = (char)0;
  if (Anode_strcaseeq("ANODE-256-40",id_name)) {
    if ((ec = AnodeAddress_from_string(address,&identity->address)))
      return ec;
    if (Anode_strlen(secret) != (ANODE_ADDRESS_SECRET_LENGTH_ANODE_256_40 * 2))
      return ANODE_ERR_INVALID_ARGUMENT;
    Anode_from_hex(secret,(unsigned char *)identity->secret,sizeof(identity->secret));
    AnodeAddress_calc_short_id(&identity->address,&identity->address_id);
    return 0;
  }
  return ANODE_ERR_INVALID_ARGUMENT;
 }
--- a/attic/historic/anode/libanode/impl/aes.c
+++ b/attic/historic/anode/libanode/impl/aes.c
@ -0,0 +1,72 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include "aes.h"
 void Anode_cmac_aes256(
  const AnodeAesExpandedKey *expkey,
  const unsigned char *restrict data,
  unsigned long data_len,
  unsigned char *restrict mac)
 {
  unsigned char cbc[16];
  unsigned char pad[16];
  const unsigned char *restrict pos = data;
  unsigned long i;
  unsigned long remaining = data_len;
  unsigned char c;
  ((uint64_t *)((void *)cbc))[0] = 0ULL;
  ((uint64_t *)((void *)cbc))[1] = 0ULL;
  while (remaining >= 16) {
    ((uint64_t *)((void *)cbc))[0] ^= ((uint64_t *)((void *)pos))[0];
    ((uint64_t *)((void *)cbc))[1] ^= ((uint64_t *)((void *)pos))[1];
    pos += 16;
    if (remaining > 16)
      Anode_aes256_encrypt(expkey,cbc,cbc);
    remaining -= 16;
  }
  ((uint64_t *)((void *)pad))[0] = 0ULL;
  ((uint64_t *)((void *)pad))[1] = 0ULL;
  Anode_aes256_encrypt(expkey,pad,pad);
  c = pad[0] & 0x80;
  for(i=0;i<15;++i)
    pad[i] = (pad[i] << 1) | (pad[i + 1] >> 7);
  pad[15] <<= 1;
  if (c)
    pad[15] ^= 0x87;
  if (remaining||(!data_len)) {
    for(i=0;i<remaining;++i)
      cbc[i] ^= *(pos++);
    cbc[remaining] ^= 0x80;
    c = pad[0] & 0x80;
    for(i=0;i<15;++i)
      pad[i] = (pad[i] << 1) | (pad[i + 1] >> 7);
    pad[15] <<= 1;
    if (c)
      pad[15] ^= 0x87;
  }
  ((uint64_t *)((void *)mac))[0] = ((uint64_t *)((void *)pad))[0] ^ ((uint64_t *)((void *)cbc))[0];
  ((uint64_t *)((void *)mac))[1] = ((uint64_t *)((void *)pad))[1] ^ ((uint64_t *)((void *)cbc))[1];
  Anode_aes256_encrypt(expkey,mac,mac);
 }
--- a/attic/historic/anode/libanode/impl/aes.h
+++ b/attic/historic/anode/libanode/impl/aes.h
@ -0,0 +1,64 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #ifndef _ANODE_AES_H
 #define _ANODE_AES_H
 #include <openssl/aes.h>
 #include "types.h"
 /* This just glues us to OpenSSL's built-in AES-256 implementation */
 #define ANODE_AES_BLOCK_SIZE 16
 #define ANODE_AES_KEY_SIZE 32
 typedef AES_KEY AnodeAesExpandedKey;
 #define Anode_aes256_expand_key(k,ek) AES_set_encrypt_key((const unsigned char *)(k),256,(AES_KEY *)(ek))
 /* Note: in and out can be the same thing */
 #define Anode_aes256_encrypt(ek,in,out) AES_encrypt((const unsigned char *)(in),(unsigned char *)(out),(const AES_KEY *)(ek))
 /* Note: iv is modified */
 static inline void Anode_aes256_cfb_encrypt(
  const AnodeAesExpandedKey *expkey,
  const unsigned char *in,
  unsigned char *out,
  unsigned char *iv,
  unsigned long len)
 {
  int tmp = 0;
  AES_cfb128_encrypt(in,out,len,(const AES_KEY *)expkey,iv,&tmp,AES_ENCRYPT);
 }
 static inline void Anode_aes256_cfb_decrypt(
  const AnodeAesExpandedKey *expkey,
  const unsigned char *in,
  unsigned char *out,
  unsigned char *iv,
  unsigned long len)
 {
  int tmp = 0;
  AES_cfb128_encrypt(in,out,len,(const AES_KEY *)expkey,iv,&tmp,AES_DECRYPT);
 }
 /* CMAC message authentication code */
 void Anode_cmac_aes256(
  const AnodeAesExpandedKey *expkey,
  const unsigned char *restrict data,
  unsigned long data_len,
  unsigned char *restrict mac);
 #endif
--- a/attic/historic/anode/libanode/impl/dictionary.c
+++ b/attic/historic/anode/libanode/impl/dictionary.c
@ -0,0 +1,239 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdio.h>
 #include <stdlib.h>
 #include "dictionary.h"
 static const char *EMPTY_STR = "";
 void AnodeDictionary_clear(struct AnodeDictionary *d)
 {
  struct AnodeDictionaryEntry *e,*ne;
  int oldcs;
  unsigned int i;
  oldcs = d->case_sensitive;
  for(i=0;i<ANODE_DICTIONARY_FIXED_HASH_TABLE_SIZE;++i) {
    e = d->ht[i];
    while (e) {
      ne = e->next;
      if ((e->key)&&(e->key != EMPTY_STR)) free((void *)e->key);
      if ((e->value)&&(e->value != EMPTY_STR)) free((void *)e->value);
      free((void *)e);
      e = ne;
    }
  }
  Anode_zero((void *)d,sizeof(struct AnodeDictionary));
  d->case_sensitive = oldcs;
 }
 void AnodeDictionary_put(struct AnodeDictionary *d,const char *key,const char *value)
 {
  struct AnodeDictionaryEntry *e;
  char *p1;
  const char *p2;
  unsigned int bucket = (d->case_sensitive) ? AnodeDictionary__get_bucket(key) : AnodeDictionary__get_bucket_ci(key);
  unsigned int len,i;
  e = d->ht[bucket];
  while (e) {
    if (((d->case_sensitive) ? Anode_streq(key,e->key) : Anode_strcaseeq(key,e->key))) {
      if (!d->case_sensitive) {
        p1 = e->key;
        p2 = key;
        while (*p2) *(p1++) = *(p2++);
      }
      len = 0;
      while (value[len]) ++len;
      if (len) {
        if ((e->value)&&(e->value != EMPTY_STR))
          e->value = (char *)realloc((void *)e->value,len + 1);
        else e->value = (char *)malloc(len + 1);
        for(i=0;i<len;++i) e->value[i] = value[i];
        e->value[i] = (char)0;
      } else {
        if ((e->value)&&(e->value != EMPTY_STR)) free((void *)e->value);
        e->value = (char *)EMPTY_STR;
      }
      return;
    }
    e = e->next;
  }
  e = (struct AnodeDictionaryEntry *)malloc(sizeof(struct AnodeDictionaryEntry));
  len = 0;
  while (key[len]) ++len;
  if (len) {
    e->key = (char *)malloc(len + 1);
    for(i=0;i<len;++i) e->key[i] = key[i];
    e->key[i] = (char)0;
  } else e->key = (char *)EMPTY_STR;
  len = 0;
  while (value[len]) ++len;
  if (len) {
    e->value = (char *)malloc(len + 1);
    for(i=0;i<len;++i) e->value[i] = value[i];
    e->value[i] = (char)0;
  } else e->value = (char *)EMPTY_STR;
  e->next = d->ht[bucket];
  d->ht[bucket] = e;
  ++d->size;
 }
 void AnodeDictionary_read(
  struct AnodeDictionary *d,
  char *in,
  const char *line_breaks,
  const char *kv_breaks,
  const char *comment_chars,
  char escape_char,
  int trim_whitespace_from_keys,
  int trim_whitespace_from_values)
 {
  char *line = in;
  char *key;
  char *value;
  char *p1,*p2,*p3;
  char last = ~escape_char;
  int eof_state = 0;
  for(;;) {
    if ((!*in)||((Anode_strchr(line_breaks,*in))&&((last != escape_char)||(!escape_char)))) {
      if (!*in)
        eof_state = 1;
      else *in = (char)0;
      if ((*line)&&((comment_chars)&&(!Anode_strchr(comment_chars,*line)))) {
        key = line;
        while (*line) {
          if ((Anode_strchr(kv_breaks,*line))&&((last != escape_char)||(!escape_char))) {
            *(line++) = (char)0;
            break;
          } else last = *(line++);
        }
        while ((*line)&&(Anode_strchr(kv_breaks,*line))&&((last != escape_char)||(!escape_char)))
          last = *(line++);
        value = line;
        if (escape_char) {
          p1 = key;
          while (*p1) {
            if (*p1 == escape_char) {
              p2 = p1;
              p3 = p1 + 1;
              while (*p3)
                *(p2++) = *(p3++);
              *p2 = (char)0;
            }
            ++p1;
          }
          p1 = value;
          while (*p1) {
            if (*p1 == escape_char) {
              p2 = p1;
              p3 = p1 + 1;
              while (*p3)
                *(p2++) = *(p3++);
              *p2 = (char)0;
            }
            ++p1;
          }
        }
        if (trim_whitespace_from_keys)
          Anode_trim(key);
        if (trim_whitespace_from_values)
          Anode_trim(value);
        AnodeDictionary_put(d,key,value);
      }
      if (eof_state)
        break;
      else line = in + 1;
    }
    last = *(in++);
  }
 }
 long AnodeDictionary_write(
  struct AnodeDictionary *d,
  char *out,
  long out_size,
  const char *line_break,
  const char *kv_break)
 {
  struct AnodeDictionaryEntry *e;
  const char *tmp;
  long ptr = 0;
  unsigned int bucket;
  if (out_size <= 0)
    return -1;
  for(bucket=0;bucket<ANODE_DICTIONARY_FIXED_HASH_TABLE_SIZE;++bucket) {
    e = d->ht[bucket];
    while (e) {
      tmp = e->key;
      if (tmp) {
        while (*tmp) {
          out[ptr++] = *tmp++;
          if (ptr >= (out_size - 1)) return -1;
        }
      }
      tmp = kv_break;
      if (tmp) {
        while (*tmp) {
          out[ptr++] = *tmp++;
          if (ptr >= (out_size - 1)) return -1;
        }
      }
      tmp = e->value;
      if (tmp) {
        while (*tmp) {
          out[ptr++] = *tmp++;
          if (ptr >= (out_size - 1)) return -1;
        }
      }
      tmp = line_break;
      if (tmp) {
        while (*tmp) {
          out[ptr++] = *tmp++;
          if (ptr >= (out_size - 1)) return -1;
        }
      }
      e = e->next;
    }
  }
  out[ptr] = (char)0;
  return ptr;
 }
--- a/attic/historic/anode/libanode/impl/dictionary.h
+++ b/attic/historic/anode/libanode/impl/dictionary.h
@ -0,0 +1,126 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 /* This is a simple string hash table suitable for small tables such as zone
 * files or HTTP header lists. */
 #ifndef _ANODE_DICTIONARY_H
 #define _ANODE_DICTIONARY_H
 #include "misc.h"
 /* This is a fixed hash table and is designed for relatively small numbers
 * of keys for things like zone files. */
 #define ANODE_DICTIONARY_FIXED_HASH_TABLE_SIZE 16
 #define ANODE_DICTIONARY_FIXED_HASH_TABLE_MASK 15
 /* Computes a hash code for a string and returns the hash bucket */
 static inline unsigned int AnodeDictionary__get_bucket(const char *s)
 {
  unsigned int hc = 3;
  while (*s)
    hc = ((hc << 4) + hc) + (unsigned int)*(s++);
  return ((hc ^ (hc >> 4)) & ANODE_DICTIONARY_FIXED_HASH_TABLE_MASK);
 }
 /* Case insensitive version of get_bucket */
 static inline unsigned int AnodeDictionary__get_bucket_ci(const char *s)
 {
  unsigned int hc = 3;
  while (*s)
    hc = ((hc << 4) + hc) + (unsigned int)Anode_tolower(*(s++));
  return ((hc ^ (hc >> 4)) & ANODE_DICTIONARY_FIXED_HASH_TABLE_MASK);
 }
 struct AnodeDictionaryEntry
 {
  char *key;
  char *value;
  struct AnodeDictionaryEntry *next;
 };
 struct AnodeDictionary
 {
  struct AnodeDictionaryEntry *ht[ANODE_DICTIONARY_FIXED_HASH_TABLE_SIZE];
  unsigned int size;
  int case_sensitive;
 };
 static inline void AnodeDictionary_init(struct AnodeDictionary *d,int case_sensitive)
 {
  Anode_zero((void *)d,sizeof(struct AnodeDictionary));
  d->case_sensitive = case_sensitive;
 }
 void AnodeDictionary_clear(struct AnodeDictionary *d);
 static inline void AnodeDictionary_destroy(struct AnodeDictionary *d)
 {
  AnodeDictionary_clear(d);
 }
 void AnodeDictionary_put(struct AnodeDictionary *d,const char *key,const char *value);
 static inline const char *AnodeDictionary_get(struct AnodeDictionary *d,const char *key)
 {
  struct AnodeDictionaryEntry *e;
  unsigned int bucket = (d->case_sensitive) ? AnodeDictionary__get_bucket(key) : AnodeDictionary__get_bucket_ci(key);
  e = d->ht[bucket];
  while (e) {
    if ((d->case_sensitive ? Anode_streq(key,e->key) : Anode_strcaseeq(key,e->key)))
      return e->value;
    e = e->next;
  }
  return (const char *)0;
 }
 static inline void AnodeDictionary_iterate(
  struct AnodeDictionary *d,
  void *arg,
  int (*func)(void *,const char *,const char *))
 {
  struct AnodeDictionaryEntry *e;
  unsigned int bucket;
  for(bucket=0;bucket<ANODE_DICTIONARY_FIXED_HASH_TABLE_SIZE;++bucket) {
    e = d->ht[bucket];
    while (e) {
      if (!func(arg,e->key,e->value))
        return;
      e = e->next;
    }
  }
 }
 void AnodeDictionary_read(
  struct AnodeDictionary *d,
  char *in,
  const char *line_breaks,
  const char *kv_breaks,
  const char *comment_chars,
  char escape_char,
  int trim_whitespace_from_keys,
  int trim_whitespace_from_values);
 long AnodeDictionary_write(
  struct AnodeDictionary *d,
  char *out,
  long out_size,
  const char *line_break,
  const char *kv_break);
 #endif
--- a/attic/historic/anode/libanode/impl/dns_txt.c
+++ b/attic/historic/anode/libanode/impl/dns_txt.c
@ -0,0 +1,93 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdlib.h>
 #include <string.h>
 #include <stdio.h>
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <arpa/nameser.h>
 #include <resolv.h>
 #include <netdb.h>
 #include "dns_txt.h"
 #ifndef C_IN
 #define C_IN ns_c_in
 #endif
 #ifndef T_TXT
 #define T_TXT ns_t_txt
 #endif
 static volatile int Anode_resolver_initialized = 0;
 int Anode_sync_resolve_txt(const char *host,char *txt,unsigned int txt_len)
 {
  unsigned char answer[16384],*pptr,*end;
  char name[16384];
  int len,explen,i;
  if (!Anode_resolver_initialized) {
    Anode_resolver_initialized = 1;
    res_init();
  }
  /* Do not taunt happy fun ball. */
  len = res_search(host,C_IN,T_TXT,answer,sizeof(answer));
  if (len > 12) {
    pptr = answer + 12;
    end = answer + len;
    explen = dn_expand(answer,end,pptr,name,sizeof(name));
    if (explen > 0) {
      pptr += explen;
      if ((pptr + 2) >= end) return 2;
      if (ntohs(*((uint16_t *)pptr)) == T_TXT) {
        pptr += 4;
        if (pptr >= end) return 2;
        explen = dn_expand(answer,end,pptr,name,sizeof(name));
        if (explen > 0) {
          pptr += explen;
          if ((pptr + 2) >= end) return 2;
          if (ntohs(*((uint16_t *)pptr)) == T_TXT) {
            pptr += 10;
            if (pptr >= end) return 2;
            len = *(pptr++);
            if (len <= 0) return 2;
            if ((pptr + len) > end) return 2;
            if (txt_len < (len + 1))
              return 4;
            else {
              for(i=0;i<len;++i)
                txt[i] = pptr[i];
              txt[len] = (char)0;
              return 0;
            }
          }
        }
      }
    }
  }
  return 1;
 }
--- a/attic/historic/anode/libanode/impl/dns_txt.h
+++ b/attic/historic/anode/libanode/impl/dns_txt.h
@ -0,0 +1,37 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #ifndef _ANODE_DNS_TXT_H
 #define _ANODE_DNS_TXT_H
 /**
 * Synchronous TXT resolver routine
 *
 * Error codes:
 *  1 - I/O error
 *  2 - Invalid response
 *  3 - TXT record not found
 *  4 - Destination buffer too small for result
 *
 * @param host Host name
 * @param txt Buffer to store TXT result
 * @param txt_len Size of buffer
 * @return Zero on success, special error code on failure
 */
 int Anode_sync_resolve_txt(const char *host,char *txt,unsigned int txt_len);
 #endif
--- a/attic/historic/anode/libanode/impl/ec.c
+++ b/attic/historic/anode/libanode/impl/ec.c
@ -0,0 +1,219 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <openssl/bn.h>
 #include <openssl/obj_mac.h>
 #include <openssl/rand.h>
 #include <openssl/ec.h>
 #include <openssl/ecdh.h>
 #include <openssl/ecdsa.h>
 #include "types.h"
 #include "misc.h"
 #include "ec.h"
 static EC_GROUP *AnodeEC_group = (EC_GROUP *)0;
 static void *AnodeEC_KDF(const void *in,size_t inlen,void *out,size_t *outlen)
 {
  unsigned long i,longest_length;
  if (!*outlen)
    return out;
  for(i=0;i<(unsigned long)*outlen;++i)
    ((unsigned char *)out)[i] = (unsigned char)0;
  longest_length = inlen;
  if (longest_length < *outlen)
    longest_length = *outlen;
  for(i=0;i<longest_length;++i)
    ((unsigned char *)out)[i % (unsigned long)*outlen] ^= ((const unsigned char *)in)[i % (unsigned long)inlen];
  return out;
 }
 int AnodeECKeyPair_generate(struct AnodeECKeyPair *pair)
 {
  EC_KEY *key;
  int len;
 #ifdef HAS_DEV_URANDOM
  char buf[128];
  FILE *f = fopen("/dev/urandom","r");
  if (f) {
    if (fread(buf,1,sizeof(buf),f) == sizeof(buf))
      RAND_add(buf,sizeof(buf),sizeof(buf)/2);
    fclose(f);
  }
 #endif
  if (!AnodeEC_group) {
    AnodeEC_group = EC_GROUP_new_by_curve_name(ANODE_EC_GROUP);
    if (!AnodeEC_group) return 0;
  }
  key = EC_KEY_new();
  if (!key) return 0;
  if (!EC_KEY_set_group(key,AnodeEC_group)) {
    EC_KEY_free(key);
    return 0;
  }
  if (!EC_KEY_generate_key(key)) {
    EC_KEY_free(key);
    return 0;
  }
  Anode_zero(pair,sizeof(struct AnodeECKeyPair));
  /* Stuff the private key into priv.key */
  len = BN_num_bytes(EC_KEY_get0_private_key(key));
  if ((len > ANODE_EC_PRIME_BYTES)||(len < 0)) {
    EC_KEY_free(key);
    return 0;
  }
  BN_bn2bin(EC_KEY_get0_private_key(key),&(pair->priv.key[ANODE_EC_PRIME_BYTES - len]));
  pair->priv.bytes = ANODE_EC_PRIME_BYTES;
  len = EC_POINT_point2oct(AnodeEC_group,EC_KEY_get0_public_key(key),POINT_CONVERSION_COMPRESSED,pair->pub.key,sizeof(pair->pub.key),0);
  if (len != ANODE_EC_PUBLIC_KEY_BYTES) {
    EC_KEY_free(key);
    return 0;
  }
  pair->pub.bytes = ANODE_EC_PUBLIC_KEY_BYTES;
  /* Keep a copy of OpenSSL's structure around so we don't have to re-init
   * it every time we use our key pair structure. */
  pair->internal_key = key;
  return 1;
 }
 int AnodeECKeyPair_init(struct AnodeECKeyPair *pair,const struct AnodeECKey *pub,const struct AnodeECKey *priv)
 {
  EC_KEY *key;
  EC_POINT *kxy;
  BIGNUM *pn;
  if (!AnodeEC_group) {
    AnodeEC_group = EC_GROUP_new_by_curve_name(ANODE_EC_GROUP);
    if (!AnodeEC_group) return 0;
  }
  key = EC_KEY_new();
  if (!key)
    return 0;
  if (!EC_KEY_set_group(key,AnodeEC_group)) {
    EC_KEY_free(key);
    return 0;
  }
  /* Grab the private key */
  if (priv->bytes != ANODE_EC_PRIME_BYTES) {
    EC_KEY_free(key);
    return 0;
  }
  pn = BN_new();
  if (!pn) {
    EC_KEY_free(key);
    return 0;
  }
  if (!BN_bin2bn(priv->key,ANODE_EC_PRIME_BYTES,pn)) {
    BN_free(pn);
    EC_KEY_free(key);
    return 0;
  }
  if (!EC_KEY_set_private_key(key,pn)) {
    BN_free(pn);
    EC_KEY_free(key);
    return 0;
  }
  BN_free(pn);
  /* Set the public key */
  if (pub->bytes != ANODE_EC_PUBLIC_KEY_BYTES) {
    EC_KEY_free(key);
    return 0;
  }
  kxy = EC_POINT_new(AnodeEC_group);
  if (!kxy) {
    EC_KEY_free(key);
    return 0;
  }
  EC_POINT_oct2point(AnodeEC_group,kxy,pub->key,ANODE_EC_PUBLIC_KEY_BYTES,0);
  if (!EC_KEY_set_public_key(key,kxy)) {
    EC_POINT_free(kxy);
    EC_KEY_free(key);
    return 0;
  }
  EC_POINT_free(kxy);
  Anode_zero(pair,sizeof(struct AnodeECKeyPair));
  Anode_memcpy((void *)&(pair->pub),(const void *)pub,sizeof(struct AnodeECKey));
  Anode_memcpy((void *)&(pair->priv),(const void *)priv,sizeof(struct AnodeECKey));
  pair->internal_key = key;
  return 1;
 }
 void AnodeECKeyPair_destroy(struct AnodeECKeyPair *pair)
 {
  if (pair) {
    if (pair->internal_key)
      EC_KEY_free((EC_KEY *)pair->internal_key);
  }
 }
 int AnodeECKeyPair_agree(const struct AnodeECKeyPair *my_key_pair,const struct AnodeECKey *their_pub_key,unsigned char *key_buf,unsigned int key_len)
 {
  EC_POINT *pub;
  int i;
  if (!AnodeEC_group) {
    AnodeEC_group = EC_GROUP_new_by_curve_name(ANODE_EC_GROUP);
    if (!AnodeEC_group) return 0;
  }
  if (!my_key_pair->internal_key)
    return 0;
  if (their_pub_key->bytes != ANODE_EC_PUBLIC_KEY_BYTES)
    return 0;
  pub = EC_POINT_new(AnodeEC_group);
  if (!pub)
    return 0;
  EC_POINT_oct2point(AnodeEC_group,pub,their_pub_key->key,ANODE_EC_PUBLIC_KEY_BYTES,0);
  i = ECDH_compute_key(key_buf,key_len,pub,(EC_KEY *)my_key_pair->internal_key,&AnodeEC_KDF);
  if (i != (int)key_len) {
    EC_POINT_free(pub);
    return 0;
  }
  EC_POINT_free(pub);
  return 1;
 }
 void AnodeEC_random(unsigned char *buf,unsigned int len)
 {
  RAND_pseudo_bytes(buf,len);
 }
--- a/attic/historic/anode/libanode/impl/ec.h
+++ b/attic/historic/anode/libanode/impl/ec.h
@ -0,0 +1,61 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 /* Elliptic curve glue -- hides OpenSSL code behind this source module */
 #ifndef _ANODE_EC_H
 #define _ANODE_EC_H
 #include "misc.h"
 /* Right now, only one mode is supported: NIST-P-256. This is the only mode
 * supported in the spec as well, and should be good for quite some time.
 * If other modes are needed this code will need to be refactored. */
 /* NIST-P-256 prime size in bytes */
 #define ANODE_EC_PRIME_BYTES 32
 /* Sizes of key fields */
 #define ANODE_EC_GROUP NID_X9_62_prime256v1
 #define ANODE_EC_PUBLIC_KEY_BYTES (ANODE_EC_PRIME_BYTES + 1)
 #define ANODE_EC_PRIVATE_KEY_BYTES ANODE_EC_PRIME_BYTES
 /* Larger of public or private key bytes, used for buffers */
 #define ANODE_EC_MAX_BYTES ANODE_EC_PUBLIC_KEY_BYTES
 struct AnodeECKey
 {
  unsigned char key[ANODE_EC_MAX_BYTES];
  unsigned int bytes;
 };
 struct AnodeECKeyPair
 {
  struct AnodeECKey pub;
  struct AnodeECKey priv;
  void *internal_key;
 };
 /* Key management functions */
 int AnodeECKeyPair_generate(struct AnodeECKeyPair *pair);
 int AnodeECKeyPair_init(struct AnodeECKeyPair *pair,const struct AnodeECKey *pub,const struct AnodeECKey *priv);
 void AnodeECKeyPair_destroy(struct AnodeECKeyPair *pair);
 int AnodeECKeyPair_agree(const struct AnodeECKeyPair *my_key_pair,const struct AnodeECKey *their_pub_key,unsigned char *key_buf,unsigned int key_len);
 /* Provides access to the secure PRNG used to generate keys */
 void AnodeEC_random(unsigned char *buf,unsigned int len);
 #endif
--- a/attic/historic/anode/libanode/impl/environment.c
+++ b/attic/historic/anode/libanode/impl/environment.c
@ -0,0 +1,118 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdio.h>
 #include <stdlib.h>
 #include "environment.h"
 #ifdef WINDOWS
 #include <windows.h>
 #else
 #include <sys/stat.h>
 #include <string.h>
 #endif
 static char Anode_cache_base[1024] = { 0 };
 const char *Anode_get_cache()
 {
  if (Anode_cache_base[0])
    return Anode_cache_base;
 #ifdef WINDOWS
 #else
  char tmp[1024];
  char home[1024];
  unsigned int i;
  struct stat st;
  const char *_home = getenv("HOME");
  if (!_home)
    return (const char *)0;
  for(i=0;i<sizeof(home);++i) {
    home[i] = _home[i];
    if (!home[i]) {
      if (i == 0)
        return (const char *)0;
      else if (home[i-1] == ANODE_PATH_SEPARATOR)
        home[i-1] = (char)0;
      break;
    }
  }
  if (i == sizeof(home))
    return (const char *)0;
 #ifdef __APPLE__
  snprintf(tmp,sizeof(tmp),"%s%cLibrary",home,ANODE_PATH_SEPARATOR);
  tmp[sizeof(tmp)-1] = (char)0;
  if (!stat(tmp,&st)) {
    sprintf(tmp,"%s%cLibrary%cCaches",home,ANODE_PATH_SEPARATOR,ANODE_PATH_SEPARATOR);
    if (stat(tmp,&st)) {
      if (mkdir(tmp,0700))
        return (const char *)0;
    }
    snprintf(Anode_cache_base,sizeof(Anode_cache_base),"%s%ccom.zerotier.anode",tmp,ANODE_PATH_SEPARATOR);
    Anode_cache_base[sizeof(Anode_cache_base)-1] = (char)0;
    if (stat(Anode_cache_base,&st)) {
      if (mkdir(Anode_cache_base,0700)) {
        Anode_cache_base[0] = (char)0;
        return (const char *)0;
      }
    }
    return Anode_cache_base;
  }
 #endif
  snprintf(tmp,sizeof(tmp),"%s%c.anode",home,ANODE_PATH_SEPARATOR);
  tmp[sizeof(tmp)-1] = (char)0;
  if (stat(tmp,&st)) {
    if (mkdir(tmp,0700)) {
      Anode_cache_base[0] = (char)0;
      return (const char *)0;
    }
  }
  snprintf(Anode_cache_base,sizeof(Anode_cache_base),"%s%ccaches",tmp,ANODE_PATH_SEPARATOR);
  Anode_cache_base[sizeof(Anode_cache_base)-1] = (char)0;
  if (stat(Anode_cache_base,&st)) {
    if (mkdir(Anode_cache_base,0700)) {
      Anode_cache_base[0] = (char)0;
      return (const char *)0;
    }
  }
  return Anode_cache_base;
 #endif
 }
 char *Anode_get_cache_sub(const char *cache_subdir,char *buf,unsigned int len)
 {
  struct stat st;
  const char *cache_base = Anode_get_cache();
  if (!len)
    return (char *)0;
  if (!cache_base)
    return (char *)0;
  snprintf(buf,len,"%s%c%s",cache_base,ANODE_PATH_SEPARATOR,cache_subdir);
  buf[len-1] = (char)0;
  if (stat(buf,&st)) {
    if (mkdir(buf,0700))
      return (char *)0;
  }
  return buf;
 }
--- a/attic/historic/anode/libanode/impl/environment.h
+++ b/attic/historic/anode/libanode/impl/environment.h
@ -1,6 +1,5 @@
-/*
+/* libanode: the Anode C reference implementation
- * ZeroTier One - Network Virtualization Everywhere
+ * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 * Copyright (C) 2011-2016  ZeroTier, Inc.  https://www.zerotier.com/
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@ -13,26 +12,19 @@
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 */
-#ifndef ZT_NONCOPYABLE_HPP__
+#ifndef _ANODE_ENVIRONMENT_H
-#define ZT_NONCOPYABLE_HPP__
+#define _ANODE_ENVIRONMENT_H
-namespace ZeroTier {
+#ifdef WINDOWS
 #define ANODE_PATH_SEPARATOR '\\'
 #else
 #define ANODE_PATH_SEPARATOR '/'
 #endif
-/**
+const char *Anode_get_cache();
- * A simple concept that belongs in the C++ language spec
+char *Anode_get_cache_sub(const char *cache_subdir,char *buf,unsigned int len);
 */
 class NonCopyable
 {
 protected:
 	NonCopyable() throw() {}
 private:
 	NonCopyable(const NonCopyable&);
 	const NonCopyable& operator=(const NonCopyable&);
 };
 } // namespace ZeroTier
 #endif
--- a/attic/historic/anode/libanode/impl/http_client.c
+++ b/attic/historic/anode/libanode/impl/http_client.c
@ -0,0 +1,558 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdio.h>
 #include <netinet/in.h>
 #include <sys/socket.h>
 #include "http_client.h"
 #include "misc.h"
 #include "types.h"
 /* How much to increment read buffer at each capacity top? */
 #define ANODE_HTTP_CAPACITY_INCREMENT 4096
 static void AnodeHttpClient_close_and_fail(struct AnodeHttpClient *client)
 {
  if (client->impl.tcp_connection) {
    client->impl.transport_engine->tcp_close(client->impl.transport_engine,client->impl.tcp_connection);
    client->impl.tcp_connection = (AnodeTransportTcpConnection *)0;
  }
  client->response.data_length = 0;
  client->impl.phase = ANODE_HTTP_REQUEST_PHASE_CLOSED;
  if (client->handler)
    client->handler(client);
 }
 static void AnodeHttpClient_do_initiate_client(struct AnodeHttpClient *client)
 {
  const char *method = "";
  long l,i;
  switch(client->method) {
    case ANODE_HTTP_GET: method = "GET"; break;
    case ANODE_HTTP_HEAD: method = "HEAD"; break;
    case ANODE_HTTP_POST: method = "POST"; break;
  }
  client->impl.outbuf_len = snprintf((char *)client->impl.outbuf,sizeof(client->impl.outbuf),
    "%s %s%s%s HTTP/1.1\r\nHost: %s:%d\r\n%s",
    method,
    client->uri.path,
    ((client->uri.query[0]) ? "?" : ""),
    client->uri.query,
    client->uri.host,
    ((client->uri.port > 0) ? client->uri.port : 80),
    ((client->keepalive) ? "" : "Connection: close\r\n")
  );
  if (client->impl.outbuf_len >= (sizeof(client->impl.outbuf) - 2)) {
    client->response.code = ANODE_HTTP_SPECIAL_RESPONSE_HEADERS_TOO_LARGE;
    AnodeHttpClient_close_and_fail(client);
    return;
  }
  if (client->method == ANODE_HTTP_POST) {
    if ((client->data)&&(client->data_length)) {
      client->impl.outbuf_len += snprintf((char *)client->impl.outbuf + client->impl.outbuf_len,sizeof(client->impl.outbuf) - client->impl.outbuf_len,
        "Content-Type: %s\r\n",
        (client->data_content_type ? client->data_content_type : "application/x-www-form-urlencoded")
      );
      if (client->impl.outbuf_len >= (sizeof(client->impl.outbuf) - 2)) {
        client->response.code = ANODE_HTTP_SPECIAL_RESPONSE_HEADERS_TOO_LARGE;
        AnodeHttpClient_close_and_fail(client);
        return;
      }
      client->impl.outbuf_len += snprintf((char *)client->impl.outbuf + client->impl.outbuf_len,sizeof(client->impl.outbuf) - client->impl.outbuf_len,
        "Content-Length: %u\r\n",
        client->data_length
      );
      if (client->impl.outbuf_len >= (sizeof(client->impl.outbuf) - 2)) {
        client->response.code = ANODE_HTTP_SPECIAL_RESPONSE_HEADERS_TOO_LARGE;
        AnodeHttpClient_close_and_fail(client);
        return;
      }
    } else {
      client->impl.outbuf_len += snprintf((char *)client->impl.outbuf + client->impl.outbuf_len,sizeof(client->impl.outbuf) - client->impl.outbuf_len,
        "Content-Length: 0\r\n"
      );
      if (client->impl.outbuf_len >= (sizeof(client->impl.outbuf) - 2)) {
        client->response.code = ANODE_HTTP_SPECIAL_RESPONSE_HEADERS_TOO_LARGE;
        AnodeHttpClient_close_and_fail(client);
        return;
      }
    }
  }
  l = AnodeDictionary_write(&(client->headers),(char *)client->impl.outbuf + client->impl.outbuf_len,(long)(sizeof(client->impl.outbuf) - client->impl.outbuf_len - 2),"\r\n",": ");
  if (l < 0) {
    client->response.code = ANODE_HTTP_SPECIAL_RESPONSE_HEADERS_TOO_LARGE;
    AnodeHttpClient_close_and_fail(client);
    return;
  }
  client->impl.outbuf_len += (unsigned int)l;
  if (client->impl.outbuf_len >= (sizeof(client->impl.outbuf) - 2)) { /* sanity check */
    client->response.code = ANODE_HTTP_SPECIAL_RESPONSE_HEADERS_TOO_LARGE;
    AnodeHttpClient_close_and_fail(client);
    return;
  }
  client->impl.outbuf[client->impl.outbuf_len++] = '\r';
  client->impl.outbuf[client->impl.outbuf_len++] = '\n';
  if ((client->method == ANODE_HTTP_POST)&&(client->data)&&(client->data_length)) {
    i = sizeof(client->impl.outbuf) - client->impl.outbuf_len;
    if (i > client->data_length)
      i = client->data_length;
    Anode_memcpy((client->impl.outbuf + client->impl.outbuf_len),client->data,i);
    client->impl.request_data_ptr += i;
    client->impl.outbuf_len += i;
  }
  client->impl.phase = ANODE_HTTP_REQUEST_PHASE_SEND;
  client->impl.transport_engine->tcp_start_writing(client->impl.transport_engine,client->impl.tcp_connection);
 }
 static void AnodeHttpClient_tcp_outgoing_connect_handler(
  AnodeTransportEngine *transport,
  AnodeTransportTcpConnection *connection,
  int error_code)
 {
  struct AnodeHttpClient *client;
  if (!(client = (struct AnodeHttpClient *)(connection->ptr)))
    return;
  if ((client->impl.phase == ANODE_HTTP_REQUEST_PHASE_CONNECT)&&(!client->impl.freed)) {
    if (error_code) {
      client->response.code = ANODE_HTTP_SPECIAL_RESPONSE_CONNECT_FAILED;
      AnodeHttpClient_close_and_fail(client);
    } else {
      client->impl.tcp_connection = connection;
      AnodeHttpClient_do_initiate_client(client);
    }
  } else transport->tcp_close(transport,connection);
 }
 static void AnodeHttpClient_tcp_connection_terminated_handler(
  AnodeTransportEngine *transport,
  AnodeTransportTcpConnection *connection,
  int error_code)
 {
  struct AnodeHttpClient *client;
  if (!(client = (struct AnodeHttpClient *)(connection->ptr)))
    return;
  if (client->impl.freed)
    return;
  client->response.data_length = 0;
  client->impl.tcp_connection = (AnodeTransportTcpConnection *)0;
  if ((client->impl.phase != ANODE_HTTP_REQUEST_PHASE_KEEPALIVE)&&(client->impl.phase != ANODE_HTTP_REQUEST_PHASE_CLOSED)) {
    client->response.code = ANODE_HTTP_SPECIAL_RESPONSE_SERVER_CLOSED_CONNECTION;
    client->impl.phase = ANODE_HTTP_REQUEST_PHASE_CLOSED;
    AnodeHttpClient_close_and_fail(client);
  } else client->impl.phase = ANODE_HTTP_REQUEST_PHASE_CLOSED;
 }
 static void AnodeHttpClient_tcp_receive_handler(
  AnodeTransportEngine *transport,
  AnodeTransportTcpConnection *connection,
  void *data,
  unsigned int data_length)
 {
  struct AnodeHttpClient *client;
  char *p1,*p2;
  unsigned int i;
  long l;
  if (!(client = (struct AnodeHttpClient *)(connection->ptr)))
    return;
  if (client->impl.freed) {
    transport->tcp_close(transport,connection);
    return;
  }
  if (!client->response.data)
    client->response.data = malloc(client->impl.response_data_capacity = ANODE_HTTP_CAPACITY_INCREMENT);
  i = 0;
  while (i < data_length) {
    switch(client->impl.read_mode) {
      case ANODE_HTTP_READ_MODE_WAITING:
        for(;i<data_length;++i) {
          if (((const char *)data)[i] == '\n') {
            ((char *)client->response.data)[client->response.data_length] = (char)0;
            client->response.data_length = 0;
            p1 = (char *)Anode_strchr((char *)client->response.data,' ');
            if (!p1)
              p1 = (char *)Anode_strchr((char *)client->response.data,'\t');
            if (p1) {
              while ((*p1 == ' ')||(*p1 == '\t')) ++p1;
              if (!*p1) {
                client->response.code = ANODE_HTTP_SPECIAL_RESPONSE_INVALID_RESPONSE;
                AnodeHttpClient_close_and_fail(client);
                return;
              }
              p2 = p1 + 1;
              while (*p2) {
                if ((*p2 == ' ')||(*p2 == '\t')||(*p2 == '\r')||(*p2 == '\n')) {
                  *p2 = (char)0;
                  break;
                } else ++p2;
              }
              client->response.code = (int)strtol(p1,(char **)0,10);
              client->impl.read_mode = ANODE_HTTP_READ_MODE_HEADERS;
              ++i; break; /* Exit inner for() */
            }
          } else {
            ((char *)client->response.data)[client->response.data_length++] = ((const char *)data)[i];
            if (client->response.data_length >= client->impl.response_data_capacity)
              client->response.data = realloc(client->response.data,client->impl.response_data_capacity += ANODE_HTTP_CAPACITY_INCREMENT);
          }
        }
        break;
      case ANODE_HTTP_READ_MODE_HEADERS:
      case ANODE_HTTP_READ_MODE_CHUNKED_FOOTER:
        for(;i<data_length;++i) {
          if (((const char *)data)[i] == '\n') {
            client->impl.header_line_buf[client->impl.header_line_buf_ptr] = (char)0;
            client->impl.header_line_buf_ptr = 0;
            if ((!client->impl.header_line_buf[0])||((client->impl.header_line_buf[0] == '\r')&&(!client->impl.header_line_buf[1]))) {
              /* If the line is empty (or is empty with \r\n as the
               * line terminator), we're at the end. */
              if (client->impl.read_mode == ANODE_HTTP_READ_MODE_CHUNKED_FOOTER) {
                /* If this is a chunked footer, we finally end the
                 * chunked response. */
                client->impl.read_mode = ANODE_HTTP_READ_MODE_WAITING;
                if (client->keepalive)
                  client->impl.phase = ANODE_HTTP_REQUEST_PHASE_KEEPALIVE;
                else {
                  client->impl.transport_engine->tcp_close(client->impl.transport_engine,client->impl.tcp_connection);
                  client->impl.tcp_connection = (AnodeTransportTcpConnection *)0;
                  client->impl.phase = ANODE_HTTP_REQUEST_PHASE_CLOSED;
                }
                if (client->handler)
                  client->handler(client);
                if (client->impl.freed)
                  return;
              } else {
                /* Otherwise, this is a regular header block */
                if (client->response.code == 100) {
                  /* Ignore 100 Continue messages */
                  client->impl.read_mode = ANODE_HTTP_READ_MODE_WAITING;
                  ++i; break; /* Exit inner for() */
                } else if ((client->response.code == 200)&&(client->method != ANODE_HTTP_HEAD)) {
                  /* Other messages get their headers parsed to determine
                   * how to read them. */
                  p1 = (char *)AnodeDictionary_get(&(client->response.headers),"transfer-encoding");
                  if ((p1)&&(Anode_strcaseeq(p1,"chunked"))) {
                    /* Chunked encoding enters chunked mode */
                    client->impl.header_line_buf_ptr = 0;
                    client->impl.read_mode = ANODE_HTTP_READ_MODE_CHUNKED_CHUNK_SIZE;
                    ++i; break; /* Exit inner for() */
                  } else {
                    /* Else we must have a Content-Length header */
                    p1 = (char *)AnodeDictionary_get(&(client->response.headers),"content-length");
                    if (!p1) {
                      /* No chunked or content length is not supported */
                      client->response.code = ANODE_HTTP_SPECIAL_RESPONSE_INVALID_RESPONSE;
                      AnodeHttpClient_close_and_fail(client);
                      return;
                    } else {
                      /* Enter block read mode with content length */
                      l = strtol(p1,(char **)0,10);
                      if (l <= 0) {
                        /* Zero length data is all done... */
                        client->impl.expecting_response_length = 0;
                        client->impl.read_mode = ANODE_HTTP_READ_MODE_WAITING;
                        if (client->keepalive)
                          client->impl.phase = ANODE_HTTP_REQUEST_PHASE_KEEPALIVE;
                        else {
                          client->impl.transport_engine->tcp_close(client->impl.transport_engine,client->impl.tcp_connection);
                          client->impl.tcp_connection = (AnodeTransportTcpConnection *)0;
                          client->impl.phase = ANODE_HTTP_REQUEST_PHASE_CLOSED;
                        }
                        if (client->handler)
                          client->handler(client);
                        if (client->impl.freed)
                          return;
                        ++i; break; /* Exit inner for() */
                      } else {
                        /* Else start reading... */
                        client->impl.expecting_response_length = (unsigned int)l;
                        client->impl.read_mode = ANODE_HTTP_READ_MODE_BLOCK;
                        ++i; break; /* Exit inner for() */
                      }
                    }
                  }
                } else {
                  /* HEAD clients or non-200 codes get headers only */
                  client->impl.expecting_response_length = 0;
                  client->impl.read_mode = ANODE_HTTP_READ_MODE_WAITING;
                  if (client->keepalive)
                    client->impl.phase = ANODE_HTTP_REQUEST_PHASE_KEEPALIVE;
                  else {
                    client->impl.transport_engine->tcp_close(client->impl.transport_engine,client->impl.tcp_connection);
                    client->impl.tcp_connection = (AnodeTransportTcpConnection *)0;
                    client->impl.phase = ANODE_HTTP_REQUEST_PHASE_CLOSED;
                  }
                  if (client->handler)
                    client->handler(client);
                  if (client->impl.freed)
                    return;
                  ++i; break; /* Exit inner for() */
                }
              }
            } else {
              /* Otherwise this is another header, add to dictionary */
              AnodeDictionary_read(
                &(client->response.headers),
                client->impl.header_line_buf,
                "\r\n",
                ": \t",
                "",
                (char)0,
                1,
                1
              );
            }
          } else {
            client->impl.header_line_buf[client->impl.header_line_buf_ptr++] = ((const char *)data)[i];
            if (client->impl.header_line_buf_ptr >= sizeof(client->impl.header_line_buf)) {
              client->response.code = ANODE_HTTP_SPECIAL_RESPONSE_INVALID_RESPONSE;
              AnodeHttpClient_close_and_fail(client);
              return;
            }
          }
        }
        break;
      case ANODE_HTTP_READ_MODE_BLOCK:
        if ((client->response.data_length + client->impl.expecting_response_length) > client->impl.response_data_capacity)
          client->response.data = realloc(client->response.data,client->impl.response_data_capacity = (client->response.data_length + client->impl.expecting_response_length));
        for(;((i<data_length)&&(client->impl.expecting_response_length));++i) {
          ((char *)client->response.data)[client->response.data_length++] = ((const char *)data)[i];
          --client->impl.expecting_response_length;
        }
        if (!client->impl.expecting_response_length) {
          client->impl.read_mode = ANODE_HTTP_READ_MODE_WAITING;
          if (client->keepalive)
            client->impl.phase = ANODE_HTTP_REQUEST_PHASE_KEEPALIVE;
          else {
            client->impl.transport_engine->tcp_close(client->impl.transport_engine,client->impl.tcp_connection);
            client->impl.tcp_connection = (AnodeTransportTcpConnection *)0;
            client->impl.phase = ANODE_HTTP_REQUEST_PHASE_CLOSED;
          }
          if (client->handler)
            client->handler(client);
          if (client->impl.freed)
            return;
        }
        break;
      case ANODE_HTTP_READ_MODE_CHUNKED_CHUNK_SIZE:
        for(;i<data_length;++i) {
          if (((const char *)data)[i] == '\n') {
            client->impl.header_line_buf[client->impl.header_line_buf_ptr] = (char)0;
            client->impl.header_line_buf_ptr = 0;
            p1 = client->impl.header_line_buf;
            while (*p1) {
              if ((*p1 == ';')||(*p1 == ' ')||(*p1 == '\r')||(*p1 == '\n')||(*p1 == '\t')) {
                *p1 = (char)0;
                break;
              } else ++p1;
            }
            if (client->impl.header_line_buf[0]) {
              l = strtol(client->impl.header_line_buf,(char **)0,16);
              if (l <= 0) {
                /* Zero length ends chunked and enters footer mode */
                client->impl.expecting_response_length = 0;
                client->impl.read_mode = ANODE_HTTP_READ_MODE_CHUNKED_FOOTER;
              } else {
                /* Otherwise the next chunk is to be read */
                client->impl.expecting_response_length = (unsigned int)l;
                client->impl.read_mode = ANODE_HTTP_READ_MODE_CHUNKED_DATA;
              }
              ++i; break; /* Exit inner for() */
            }
          } else {
            client->impl.header_line_buf[client->impl.header_line_buf_ptr++] = ((const char *)data)[i];
            if (client->impl.header_line_buf_ptr >= sizeof(client->impl.header_line_buf)) {
              client->response.code = ANODE_HTTP_SPECIAL_RESPONSE_INVALID_RESPONSE;
              AnodeHttpClient_close_and_fail(client);
              return;
            }
          }
        }
        break;
      case ANODE_HTTP_READ_MODE_CHUNKED_DATA:
        if ((client->response.data_length + client->impl.expecting_response_length) > client->impl.response_data_capacity)
          client->response.data = realloc(client->response.data,client->impl.response_data_capacity = (client->response.data_length + client->impl.expecting_response_length));
        for(;((i<data_length)&&(client->impl.expecting_response_length));++i) {
          ((char *)client->response.data)[client->response.data_length++] = ((const char *)data)[i];
          --client->impl.expecting_response_length;
        }
        if (!client->impl.expecting_response_length)
          client->impl.read_mode = ANODE_HTTP_READ_MODE_CHUNKED_CHUNK_SIZE;
        break;
    }
  }
 }
 static void AnodeHttpClient_tcp_available_for_write_handler(
  AnodeTransportEngine *transport,
  AnodeTransportTcpConnection *connection)
 {
  struct AnodeHttpClient *client;
  unsigned int i,j;
  int n;
  if (!(client = (struct AnodeHttpClient *)(connection->ptr)))
    return;
  if (client->impl.freed) {
    transport->tcp_close(transport,connection);
    return;
  }
  if (client->impl.phase == ANODE_HTTP_REQUEST_PHASE_SEND) {
    n = client->impl.transport_engine->tcp_send(client->impl.transport_engine,client->impl.tcp_connection,(const void *)client->impl.outbuf,(int)client->impl.outbuf_len);
    if (n < 0) {
      client->response.code = ANODE_HTTP_SPECIAL_RESPONSE_SERVER_CLOSED_CONNECTION;
      AnodeHttpClient_close_and_fail(client);
    } else if (n > 0) {
      for(i=0,j=(client->impl.outbuf_len - (unsigned int)n);i<j;++i)
        client->impl.outbuf[i] = client->impl.outbuf[i + (unsigned int)n];
      client->impl.outbuf_len -= (unsigned int)n;
      if ((client->method == ANODE_HTTP_POST)&&(client->data)&&(client->data_length)) {
        i = sizeof(client->impl.outbuf) - client->impl.outbuf_len;
        j = client->data_length - client->impl.request_data_ptr;
        if (i > j)
          i = j;
        Anode_memcpy((client->impl.outbuf + client->impl.outbuf_len),client->data,i);
        client->impl.request_data_ptr += i;
        client->impl.outbuf_len += i;
      }
      if (!client->impl.outbuf_len) {
        client->impl.transport_engine->tcp_stop_writing(client->impl.transport_engine,client->impl.tcp_connection);
        client->impl.phase = ANODE_HTTP_REQUEST_PHASE_RECEIVE;
      }
    }
  } else client->impl.transport_engine->tcp_stop_writing(client->impl.transport_engine,client->impl.tcp_connection);
 }
 static void AnodeHttpClient_dns_result_handler(
  AnodeTransportEngine *transport,
  void *ptr,
  int error_code,
  const char *name,
  const AnodeTransportIpAddress *ip_addresses,
  unsigned int ip_address_count,
  const AnodeAddress *anode_address)
 {
  struct AnodeHttpClient *client;
  AnodeTransportIpEndpoint to_endpoint;
  if (!(client = (struct AnodeHttpClient *)ptr))
    return;
  if (client->impl.freed)
    return;
  if ((error_code)||(!ip_address_count)) {
    if (client->impl.phase == ANODE_HTTP_REQUEST_PHASE_RESOLVE) {
      client->response.code = ANODE_HTTP_SPECIAL_RESPONSE_DNS_RESOLVE_FAILED;
      AnodeHttpClient_close_and_fail(client);
    }
  } else {
    client->impl.phase = ANODE_HTTP_REQUEST_PHASE_CONNECT;
    Anode_memcpy(&to_endpoint.address,ip_addresses,sizeof(AnodeTransportIpAddress));
    to_endpoint.port = (client->uri.port > 0) ? client->uri.port : 80;
    client->impl.transport_engine->tcp_connect(
      client->impl.transport_engine,
      client,
      &AnodeHttpClient_tcp_outgoing_connect_handler,
      &AnodeHttpClient_tcp_connection_terminated_handler,
      &AnodeHttpClient_tcp_receive_handler,
      &AnodeHttpClient_tcp_available_for_write_handler,
      &to_endpoint);
  }
 }
 struct AnodeHttpClient *AnodeHttpClient_new(AnodeTransportEngine *transport_engine)
 {
  struct AnodeHttpClient *req = malloc(sizeof(struct AnodeHttpClient));
  Anode_zero(req,sizeof(struct AnodeHttpClient));
  AnodeDictionary_init(&(req->headers),0);
  AnodeDictionary_init(&(req->response.headers),0);
  req->impl.transport_engine = transport_engine;
  return req;
 }
 void AnodeHttpClient_send(struct AnodeHttpClient *client)
 {
  client->response.code = 0;
  client->response.data_length = 0;
  AnodeDictionary_clear(&(client->response.headers));
  client->impl.request_data_ptr = 0;
  client->impl.expecting_response_length = 0;
  client->impl.read_mode = ANODE_HTTP_READ_MODE_WAITING;
  client->impl.outbuf_len = 0;
  if (!client->impl.tcp_connection) {
    client->impl.transport_engine->dns_resolve(
      client->impl.transport_engine,
      &AnodeHttpClient_dns_result_handler,
      client,
      client->uri.host,
      ANODE_TRANSPORT_DNS_QUERY_ALWAYS,
      ANODE_TRANSPORT_DNS_QUERY_IF_NO_PREVIOUS,
      ANODE_TRANSPORT_DNS_QUERY_NEVER);
  } else AnodeHttpClient_do_initiate_client(client);
 }
 void AnodeHttpClient_free(struct AnodeHttpClient *client)
 {
  AnodeDictionary_destroy(&(client->headers));
  AnodeDictionary_destroy(&(client->response.headers));
  if (client->impl.tcp_connection) {
    client->impl.transport_engine->tcp_close(client->impl.transport_engine,client->impl.tcp_connection);
    client->impl.tcp_connection = (AnodeTransportTcpConnection *)0;
  }
  if (client->response.data)
    free(client->response.data);
  client->impl.freed = 1;
  client->impl.transport_engine->run_later(client->impl.transport_engine,client,&free);
 }
--- a/attic/historic/anode/libanode/impl/http_client.h
+++ b/attic/historic/anode/libanode/impl/http_client.h
@ -0,0 +1,200 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #ifndef _ANODE_HTTP_CLIENT_H
 #define _ANODE_HTTP_CLIENT_H
 #include <stdio.h>
 #include <stdlib.h>
 #include "dictionary.h"
 #include "../anode.h"
 #ifdef __cplusplus
 extern "C" {
 #endif
 /**
 * HTTP request type
 */
 enum AnodeHttpClientRequestMethod
 {
  ANODE_HTTP_GET = 0,
  ANODE_HTTP_HEAD = 1,
  ANODE_HTTP_POST = 2
 };
 /*
 * Special response codes to indicate I/O errors
 */
 #define ANODE_HTTP_SPECIAL_RESPONSE_DNS_RESOLVE_FAILED -1
 #define ANODE_HTTP_SPECIAL_RESPONSE_CONNECT_FAILED -2
 #define ANODE_HTTP_SPECIAL_RESPONSE_HEADERS_TOO_LARGE -3
 #define ANODE_HTTP_SPECIAL_RESPONSE_SERVER_CLOSED_CONNECTION -4
 #define ANODE_HTTP_SPECIAL_RESPONSE_INVALID_RESPONSE -5
 /**
 * Simple HTTP client
 */
 struct AnodeHttpClient
 {
  /**
   * Request URI
   */
  AnodeURI uri;
  /**
   * Request method: GET, PUT, HEAD, or POST
   */
  enum AnodeHttpClientRequestMethod method;
  /**
   * Data for POST requests
   *
   * It is your responsibility to manage and/or free this pointer. The HTTP
   * client only reads from it.
   */
  const void *data;
  unsigned int data_length;
  /**
   * Content type for data, or null for application/x-www-form-urlencoded
   */
  const char *data_content_type;
  /**
   * Set to non-zero to use HTTP connection keepalive
   *
   * If keepalive is enabled, this request can be modified and re-used and
   * its associated connection will stay open (being reopened if needed)
   * until it is freed.
   *
   * Note that this client is too dumb to pool connections and pick them on
   * the basis of host. Keepalive mode should only be set if the next request
   * will be from the same host and port, otherwise you will get a '404'.
   */
  int keepalive;
  /**
   * Function pointer to be called when request is complete (or fails)
   */
  void (*handler)(struct AnodeHttpClient *);
  /**
   * Two arbitrary pointers that can be stored here for use by the handler.
   * These are not accessed or modified by the client.
   */
  void *ptr[2];
  /**
   * Request headers
   */
  struct AnodeDictionary headers;
  struct {
    /**
     * Response code, set on completion or failure before handler is called
     *
     * Also check for the special response codes defined in http_client.h as
     * these negative codes indicate network or other errors.
     */
    int code;
    /**
     * Response data, for GET and POST requests
     */
    void *data;
    /**
     * Length of response data
     */
    unsigned int data_length;
    /**
     * Response headers
     */
    struct AnodeDictionary headers;
  } response;
  /**
   * Internal fields used by implementation
   */
  struct {
    /* Transport engine being used by request */
    AnodeTransportEngine *transport_engine;
    /* Connection to which request has been sent, or null if none */
    struct AnodeHttpConnection *connection;
    /* Buffer for reading chunked mode chunk lines (can't use data buf) */
    char header_line_buf[256];
    unsigned int header_line_buf_ptr;
    /* Where are we in sending request data? */
    unsigned int request_data_ptr;
    /* Capacity of response_data buffer */
    unsigned int response_data_capacity;
    /* How much response data are we currently expecting? */
    /* This is content-length in block mode or chunk length in chunked mode */
    unsigned int expecting_response_length;
    /* Read mode */
    enum {
      ANODE_HTTP_READ_MODE_WAITING = 0,
      ANODE_HTTP_READ_MODE_HEADERS = 1,
      ANODE_HTTP_READ_MODE_BLOCK = 2,
      ANODE_HTTP_READ_MODE_CHUNKED_CHUNK_SIZE = 3,
      ANODE_HTTP_READ_MODE_CHUNKED_DATA = 4,
      ANODE_HTTP_READ_MODE_CHUNKED_FOOTER = 5
    } read_mode;
    /* Connection from transport engine */
    AnodeTransportTcpConnection *tcp_connection;
    /* Write buffer */
    unsigned char outbuf[16384];
    unsigned int outbuf_len;
    /* Phase of request state machine */
    enum {
      ANODE_HTTP_REQUEST_PHASE_RESOLVE = 0,
      ANODE_HTTP_REQUEST_PHASE_CONNECT = 1,
      ANODE_HTTP_REQUEST_PHASE_SEND = 2,
      ANODE_HTTP_REQUEST_PHASE_RECEIVE = 3,
      ANODE_HTTP_REQUEST_PHASE_KEEPALIVE = 4,
      ANODE_HTTP_REQUEST_PHASE_CLOSED = 5
    } phase;
    /* Has request object been freed? */
    int freed;
    /**
     * Pointer used internally for putting requests into linked lists
     */
    struct AnodeHttpClient *next;
  } impl;
 };
 struct AnodeHttpClient *AnodeHttpClient_new(AnodeTransportEngine *transport_engine);
 void AnodeHttpClient_send(struct AnodeHttpClient *client);
 void AnodeHttpClient_free(struct AnodeHttpClient *client);
 #ifdef __cplusplus
 }
 #endif
 #endif
--- a/attic/historic/anode/libanode/impl/misc.c
+++ b/attic/historic/anode/libanode/impl/misc.c
@ -0,0 +1,190 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include "misc.h"
 #include "types.h"
 static const char Anode_hex_chars[16] = {
  '0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'
 };
 static const char Anode_base32_chars[32] = {
  'a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q',
  'r','s','t','u','v','w','x','y','z','2','3','4','5','6','7'
 };
 static const unsigned char Anode_base32_bits[256] = {
  0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
  0,0,0,0,0,0,0,0,0,0,0,0,0,26,27,28,29,30,31,0,0,0,0,0,0,0,0,0,0,1,2,3,4,5,
  6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,0,0,0,0,0,0,0,1,2,
  3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,0,0,0,0,0,0,
  0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
  0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
  0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
  0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
 };
 /* Table for converting ASCII chars to lower case */
 const unsigned char Anode_ascii_tolower_table[256] = {
  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
  0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
  0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
  0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
  0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
  0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
  0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
  0x40, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
  0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
  0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
  0x78, 0x79, 0x7a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
  0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
  0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
  0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
  0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f,
  0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
  0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
  0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
  0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
  0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
  0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
  0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
  0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
  0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
  0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
  0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
  0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
  0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
  0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
  0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
  0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
 };
 void Anode_trim(char *s)
 {
  char *dest = s;
  char *last;
  while ((*s)&&((*s == ' ')||(*s == '\t')||(*s == '\r')||(*s == '\n')))
    ++s;
  last = s;
  while ((*dest = *s)) {
    if ((*dest != ' ')&&(*dest != '\t')&&(*dest != '\r')&&(*dest != '\n'))
      last = dest;
    ++dest;
    ++s;
  }
  if (*last)
    *(++last) = (char)0;
 }
 unsigned int Anode_rand()
 {
  static volatile int need_seed = 1;
  if (need_seed) {
    need_seed = 0;
    srandom((unsigned long)Anode_time64());
  }
  return (unsigned int)random();
 }
 void Anode_to_hex(const unsigned char *b,unsigned int len,char *h,unsigned int hlen)
 {
  unsigned int i;
  if ((len * 2) >= hlen)
    len = (hlen - 1) / 2;
  for(i=0;i<len;++i) {
    *(h++) = Anode_hex_chars[b[i] >> 4];
    *(h++) = Anode_hex_chars[b[i] & 0xf];
  }
  *h = (char)0;
 }
 void Anode_from_hex(const char *h,unsigned char *b,unsigned int blen)
 {
  unsigned char *end = b + blen;
  unsigned char v = (unsigned char)0;
  while (b != end) {
    switch(*(h++)) {
      case '0': v = 0x00; break;
      case '1': v = 0x10; break;
      case '2': v = 0x20; break;
      case '3': v = 0x30; break;
      case '4': v = 0x40; break;
      case '5': v = 0x50; break;
      case '6': v = 0x60; break;
      case '7': v = 0x70; break;
      case '8': v = 0x80; break;
      case '9': v = 0x90; break;
      case 'a': v = 0xa0; break;
      case 'b': v = 0xb0; break;
      case 'c': v = 0xc0; break;
      case 'd': v = 0xd0; break;
      case 'e': v = 0xe0; break;
      case 'f': v = 0xf0; break;
      default: return;
    }
    switch(*(h++)) {
      case '0': v |= 0x00; break;
      case '1': v |= 0x01; break;
      case '2': v |= 0x02; break;
      case '3': v |= 0x03; break;
      case '4': v |= 0x04; break;
      case '5': v |= 0x05; break;
      case '6': v |= 0x06; break;
      case '7': v |= 0x07; break;
      case '8': v |= 0x08; break;
      case '9': v |= 0x09; break;
      case 'a': v |= 0x0a; break;
      case 'b': v |= 0x0b; break;
      case 'c': v |= 0x0c; break;
      case 'd': v |= 0x0d; break;
      case 'e': v |= 0x0e; break;
      case 'f': v |= 0x0f; break;
      default: return;
    }
    *(b++) = v;
  }
 }
 void Anode_base32_5_to_8(const unsigned char *in,char *out)
 {
  out[0] = Anode_base32_chars[(in[0]) >> 3];
  out[1] = Anode_base32_chars[(in[0] & 0x07) << 2 | (in[1] & 0xc0) >> 6];
  out[2] = Anode_base32_chars[(in[1] & 0x3e) >> 1];
  out[3] = Anode_base32_chars[(in[1] & 0x01) << 4 | (in[2] & 0xf0) >> 4];
  out[4] = Anode_base32_chars[(in[2] & 0x0f) << 1 | (in[3] & 0x80) >> 7];
  out[5] = Anode_base32_chars[(in[3] & 0x7c) >> 2];
  out[6] = Anode_base32_chars[(in[3] & 0x03) << 3 | (in[4] & 0xe0) >> 5];
  out[7] = Anode_base32_chars[(in[4] & 0x1f)];
 }
 void Anode_base32_8_to_5(const char *in,unsigned char *out)
 {
  out[0] = ((Anode_base32_bits[(unsigned int)in[0]]) << 3) | (Anode_base32_bits[(unsigned int)in[1]] & 0x1C) >> 2;
  out[1] = ((Anode_base32_bits[(unsigned int)in[1]] & 0x03) << 6) | (Anode_base32_bits[(unsigned int)in[2]]) << 1 | (Anode_base32_bits[(unsigned int)in[3]] & 0x10) >> 4;
  out[2] = ((Anode_base32_bits[(unsigned int)in[3]] & 0x0F) << 4) | (Anode_base32_bits[(unsigned int)in[4]] & 0x1E) >> 1;
  out[3] = ((Anode_base32_bits[(unsigned int)in[4]] & 0x01) << 7) | (Anode_base32_bits[(unsigned int)in[5]]) << 2 | (Anode_base32_bits[(unsigned int)in[6]] & 0x18) >> 3;
  out[4] = ((Anode_base32_bits[(unsigned int)in[6]] & 0x07) << 5) | (Anode_base32_bits[(unsigned int)in[7]]);
 }
--- a/attic/historic/anode/libanode/impl/misc.h
+++ b/attic/historic/anode/libanode/impl/misc.h
@ -0,0 +1,193 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 /* This contains miscellaneous functions, including some re-implementations
 * of some functions from string.h. This is to help us port to some platforms
 * (cough Windows Mobile cough) that lack a lot of the basic C library. */
 #ifndef _ANODE_MISC_H
 #define _ANODE_MISC_H
 #include <time.h>
 #include <sys/time.h>
 #include "types.h"
 #ifndef ANODE_NO_STRING_H
 #include <string.h>
 #include <stdlib.h>
 #endif
 /* Table mapping ASCII characters to themselves or their lower case */
 extern const unsigned char Anode_ascii_tolower_table[256];
 /* Get the lower case version of an ASCII char */
 #define Anode_tolower(c) ((char)Anode_ascii_tolower_table[((unsigned long)((unsigned char)(c)))])
 /* Test strings for equality, return nonzero if equal */
 static inline unsigned int Anode_streq(const char *restrict a,const char *restrict b)
 {
  if ((!a)||(!b))
    return 0;
  while (*a == *(b++)) {
    if (!*(a++))
      return 1;
  }
  return 0;
 }
 /* Equality test ignoring (ASCII) case */
 static inline unsigned int Anode_strcaseeq(const char *restrict a,const char *restrict b)
 {
  if ((!a)||(!b))
    return 0;
  while (Anode_tolower(*a) == Anode_tolower(*(b++))) {
    if (!*(a++))
      return 1;
  }
  return 0;
 }
 /* Safe c-string copy, ensuring that dest[] always ends with zero */
 static inline void Anode_str_copy(char *restrict dest,const char *restrict src,unsigned int dest_size)
 {
  char *restrict dest_end = dest + (dest_size - 1);
  while ((*src)&&(dest != dest_end))
    *(dest++) = *(src++);
  *dest = (char)0;
 }
 /* Simple memcpy() */
 #ifdef ANODE_NO_STRING_H
 static inline void Anode_memcpy(void *restrict dest,const void *restrict src,unsigned int len)
 {
  unsigned int i;
  for(i=0;i<len;++i)
    ((unsigned char *restrict)dest)[i] = ((const unsigned char *restrict)src)[i];
 }
 #else
 #define Anode_memcpy(d,s,l) memcpy((d),(s),(l))
 #endif
 /* Memory test for equality */
 #ifdef ANODE_NO_STRING_H
 static inline unsigned int Anode_mem_eq(const void *restrict a,const void *restrict b,unsigned int len)
 {
  unsigned int i;
  for(i=0;i<len;++i) {
    if (((const unsigned char *restrict)a)[i] != ((const unsigned char *restrict)b)[i])
      return 0;
  }
  return 1;
 }
 #else
 #define Anode_mem_eq(a,b,l) (!memcmp((a),(b),(l)))
 #endif
 /* Zero memory */
 #ifdef ANODE_NO_STRING_H
 static inline void Anode_zero(void *restrict ptr,unsigned int len)
 {
  unsigned int i;
  for(i=0;i<len;++i)
    ((unsigned char *restrict)ptr)[i] = (unsigned char)0;
 }
 #else
 #define Anode_zero(p,l) memset((p),0,(l))
 #endif
 /* Get a pointer to the first occurrance of a character in a string */
 #ifdef ANODE_NO_STRING_H
 static inline const char *Anode_strchr(const char *s,char c)
 {
  while (*s) {
    if (*s == c)
      return s;
    ++s;
  }
  return (char *)0;
 }
 #else
 #define Anode_strchr(s,c) strchr((s),(c))
 #endif
 static inline unsigned int Anode_count_char(const char *s,char c)
 {
  unsigned int cnt = 0;
  while (s) {
    if (*s == c)
      ++cnt;
    ++s;
  }
  return cnt;
 }
 /* Strip all of a given set of characters from a string */
 static inline void Anode_strip_all(char *s,const char *restrict schars)
 {
  char *d = s;
  while (*s) {
    if (!Anode_strchr(schars,*s))
      *(d++) = *s;
    ++s;
  }
  *d = (char)0;
 }
 /* Trim whitespace from beginning and end of string */
 void Anode_trim(char *s);
 /* Get the length of a string */
 #ifdef ANODE_NO_STRING_H
 static inline unsigned int Anode_strlen(const char *s)
 {
  const char *ptr = s;
  while (*ptr) ++ptr;
  return (unsigned int)(ptr - s);
 }
 #else
 #define Anode_strlen(s) strlen((s))
 #endif
 /* Returns number of milliseconds since the epoch (Java-style) */
 static inline uint64_t Anode_time64()
 {
  struct timeval tv;
  gettimeofday(&tv,(void *)0);
  return ( (((uint64_t)tv.tv_sec) / 1000ULL) + ((uint64_t)(tv.tv_usec / 1000ULL)) );
 }
 /* Returns number of seconds since the epoch (*nix style) */
 static inline unsigned long Anode_time()
 {
  struct timeval tv;
  gettimeofday(&tv,(void *)0);
  return (unsigned long)tv.tv_sec;
 }
 /* Simple random function, not cryptographically safe */
 unsigned int Anode_rand();
 /* Fast hex/ascii conversion */
 void Anode_to_hex(const unsigned char *b,unsigned int len,char *h,unsigned int hlen);
 void Anode_from_hex(const char *h,unsigned char *b,unsigned int blen);
 /* Convert back and forth from base32 encoding */
 /* 5 bytes -> 8 base32 characters and vice versa */
 void Anode_base32_5_to_8(const unsigned char *in,char *out);
 void Anode_base32_8_to_5(const char *in,unsigned char *out);
 #endif
--- a/attic/historic/anode/libanode/impl/mutex.h
+++ b/attic/historic/anode/libanode/impl/mutex.h
@ -0,0 +1,34 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #ifndef _ANODE_MUTEX_H
 #define _ANODE_MUTEX_H
 #ifdef WINDOWS
 #else /* WINDOWS */
 #include <pthread.h>
 #define AnodeMutex pthread_mutex_t
 #define AnodeMutex_init(m) pthread_mutex_init((m),(const pthread_mutexattr_t *)0)
 #define AnodeMutex_destroy(m) pthread_mutex_destroy((m))
 #define AnodeMutex_lock(m) pthread_mutex_lock((m))
 #define AnodeMutex_unlock(m) pthread_mutex_unlock((m))
 #endif /* WINDOWS */
 #endif
--- a/attic/historic/anode/libanode/impl/thread.c
+++ b/attic/historic/anode/libanode/impl/thread.c
@ -0,0 +1,58 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include "thread.h"
 #include <stdlib.h>
 #ifdef WINDOWS
 #else /* not WINDOWS */
 struct _AnodeThread
 {
  void (*func)(void *);
  void *arg;
  int wait_for_join;
  pthread_t thread;
 };
 static void *_AnodeThread_main(void *arg)
 {
  ((struct _AnodeThread *)arg)->func(((struct _AnodeThread *)arg)->arg);
  if (!((struct _AnodeThread *)arg)->wait_for_join)
    free(arg);
  return (void *)0;
 }
 AnodeThread *AnodeThread_create(void (*func)(void *),void *arg,int wait_for_join)
 {
  struct _AnodeThread *t = malloc(sizeof(struct _AnodeThread));
  t->func = func;
  t->arg = arg;
  t->wait_for_join = wait_for_join;
  pthread_create(&t->thread,(const pthread_attr_t *)0,&_AnodeThread_main,(void *)t);
  if (!wait_for_join)
    pthread_detach(t->thread);
  return (AnodeThread *)t;
 }
 void AnodeThread_join(AnodeThread *thread)
 {
  pthread_join(((struct _AnodeThread *)thread)->thread,(void **)0);
  free((void *)thread);
 }
 #endif /* WINDOWS / not WINDOWS */
--- a/attic/historic/anode/libanode/impl/thread.h
+++ b/attic/historic/anode/libanode/impl/thread.h
@ -0,0 +1,65 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #ifndef _ANODE_THREAD_H
 #define _ANODE_THREAD_H
 #ifdef WINDOWS
 #include <windows.h>
 #include <thread.h>
 typedef DWORD AnodeThreadId;
 #else /* not WINDOWS */
 #include <pthread.h>
 typedef pthread_t AnodeThreadId;
 #define AnodeThread_self() pthread_self()
 #define AnodeThreadId_equal(a,b) pthread_equal((pthread_t)(a),(pthread_t)(b))
 #endif
 typedef void AnodeThread;
 /**
 * Create and launch a new thread
 *
 * If wait_for_join is true (nonzero), the thread can and must be joined. The
 * thread object won't be freed until join is called and returns. If
 * wait_for_join is false, the thread object frees itself automatically on
 * termination.
 *
 * If wait_for_join is false (zero), there is really no need to keep track of
 * the thread object.
 *
 * @param func Function to call as thread main
 * @param arg Argument to pass to function
 * @param wait_for_join If false, thread deletes itself when it terminates
 */
 AnodeThread *AnodeThread_create(void (*func)(void *),void *arg,int wait_for_join);
 /**
 * Wait for a thread to terminate and delete thread object
 *
 * This can only be used for threads created with wait_for_join set to true.
 * The thread object is no longer valid after this call.
 *
 * @param thread Thread to wait for termination and delete
 */
 void AnodeThread_join(AnodeThread *thread);
 #endif
--- a/attic/historic/anode/libanode/impl/types.h
+++ b/attic/historic/anode/libanode/impl/types.h
@ -0,0 +1,25 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #ifndef _ANODE_TYPES_H
 #define _ANODE_TYPES_H
 #ifdef WINDOWS
 #else
 #include <stdint.h>
 #endif
 #endif
--- a/attic/historic/anode/libanode/network_address.c
+++ b/attic/historic/anode/libanode/network_address.c
@ -0,0 +1,136 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <netinet/in.h>
 #include <arpa/inet.h>
 #include "impl/misc.h"
 #include "impl/types.h"
 #include "anode.h"
 const AnodeNetworkAddress AnodeNetworkAddress_ANY4 = {
  ANODE_NETWORK_ADDRESS_IPV4,
  { 0,0,0,0, 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 }
 };
 const AnodeNetworkAddress AnodeNetworkAddress_ANY6 = {
  ANODE_NETWORK_ADDRESS_IPV6,
  { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 ,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 }
 };
 const AnodeNetworkAddress AnodeNetworkAddress_LOCAL4 = {
  ANODE_NETWORK_ADDRESS_IPV4,
  { 127,0,0,1, 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 }
 };
 const AnodeNetworkAddress AnodeNetworkAddress_LOCAL6 = {
  ANODE_NETWORK_ADDRESS_IPV6,
  { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1 ,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 }
 };
 int AnodeNetworkAddress_to_string(const AnodeNetworkAddress *address,char *buf,int len)
 {
  const char *s;
  switch(address->type) {
    case ANODE_NETWORK_ADDRESS_IPV4:
      s = inet_ntop(AF_INET,(const void *)address->bits,buf,len);
      if (s)
        return Anode_strlen(s);
      else return ANODE_ERR_INVALID_ARGUMENT;
      break;
    case ANODE_NETWORK_ADDRESS_IPV6:
      s = inet_ntop(AF_INET6,address->bits,buf,len);
      if (s)
        return Anode_strlen(s);
      else return ANODE_ERR_INVALID_ARGUMENT;
    /*
    case ANODE_NETWORK_ADDRESS_ETHERNET:
      break;
    case ANODE_NETWORK_ADDRESS_USB:
      break;
    case ANODE_NETWORK_ADDRESS_BLUETOOTH:
      break;
    case ANODE_NETWORK_ADDRESS_IPC:
      break;
    case ANODE_NETWORK_ADDRESS_80211S:
      break;
    case ANODE_NETWORK_ADDRESS_SERIAL:
      break;
    */
    case ANODE_NETWORK_ADDRESS_ANODE_256_40:
      return AnodeAddress_to_string((const AnodeAddress *)address->bits,buf,len);
    default:
      return ANODE_ERR_ADDRESS_TYPE_NOT_SUPPORTED;
  }
 }
 int AnodeNetworkAddress_from_string(const char *str,AnodeNetworkAddress *address)
 {
  unsigned int dots = Anode_count_char(str,'.');
  unsigned int colons = Anode_count_char(str,':');
  if ((dots == 3)&&(!colons)) {
    address->type = ANODE_NETWORK_ADDRESS_IPV4;
    if (inet_pton(AF_INET,str,address->bits) > 0)
      return 0;
    else return ANODE_ERR_INVALID_ARGUMENT;
  } else if ((colons)&&(!dots)) {
    address->type = ANODE_NETWORK_ADDRESS_IPV6;
    if (inet_pton(AF_INET6,str,address->bits) > 0)
      return 0;
    else return ANODE_ERR_INVALID_ARGUMENT;
  } else {
    address->type = ANODE_NETWORK_ADDRESS_ANODE_256_40;
    return AnodeAddress_from_string(str,(AnodeAddress *)address->bits);
  }
 }
 int AnodeNetworkEndpoint_from_sockaddr(const void *sockaddr,AnodeNetworkEndpoint *endpoint)
 {
  switch(((struct sockaddr_storage *)sockaddr)->ss_family) {
    case AF_INET:
      *((uint32_t *)endpoint->address.bits) = (uint32_t)(((struct sockaddr_in *)sockaddr)->sin_addr.s_addr);
      endpoint->port = (int)ntohs(((struct sockaddr_in *)sockaddr)->sin_port);
      return 0;
    case AF_INET6:
      Anode_memcpy(endpoint->address.bits,((struct sockaddr_in6 *)sockaddr)->sin6_addr.s6_addr,16);
      endpoint->port = (int)ntohs(((struct sockaddr_in6 *)sockaddr)->sin6_port);
      return 0;
    default:
      return ANODE_ERR_INVALID_ARGUMENT;
  }
 }
 int AnodeNetworkEndpoint_to_sockaddr(const AnodeNetworkEndpoint *endpoint,void *sockaddr,int sockaddr_len)
 {
  switch(endpoint->address.type) {
    case ANODE_NETWORK_ADDRESS_IPV4:
      if (sockaddr_len < (int)sizeof(struct sockaddr_in))
        return ANODE_ERR_BUFFER_TOO_SMALL;
      Anode_zero(sockaddr,sizeof(struct sockaddr_in));
      ((struct sockaddr_in *)sockaddr)->sin_family = AF_INET;
      ((struct sockaddr_in *)sockaddr)->sin_port = htons((uint16_t)endpoint->port);
      ((struct sockaddr_in *)sockaddr)->sin_addr.s_addr = *((uint32_t *)endpoint->address.bits);
      return 0;
    case ANODE_NETWORK_ADDRESS_IPV6:
      if (sockaddr_len < (int)sizeof(struct sockaddr_in6))
        return ANODE_ERR_BUFFER_TOO_SMALL;
      Anode_zero(sockaddr,sizeof(struct sockaddr_in6));
      ((struct sockaddr_in6 *)sockaddr)->sin6_family = AF_INET6;
      ((struct sockaddr_in6 *)sockaddr)->sin6_port = htons((uint16_t)endpoint->port);
      Anode_memcpy(((struct sockaddr_in6 *)sockaddr)->sin6_addr.s6_addr,endpoint->address.bits,16);
      return 0;
    default:
      return ANODE_ERR_INVALID_ARGUMENT;
  }
 }
--- a/attic/historic/anode/libanode/secure_random.c
+++ b/attic/historic/anode/libanode/secure_random.c
@ -0,0 +1,88 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdlib.h>
 #include <stdio.h>
 #include "impl/aes.h"
 #include "impl/misc.h"
 #include "anode.h"
 #ifdef WINDOWS
 #include <windows.h>
 #include <wincrypt.h>
 #endif
 struct AnodeSecureRandomImpl
 {
  AnodeAesExpandedKey key;
  unsigned char state[ANODE_AES_BLOCK_SIZE];
  unsigned char block[ANODE_AES_BLOCK_SIZE];
  unsigned int ptr;
 };
 AnodeSecureRandom *AnodeSecureRandom_new()
 {
  unsigned char keybuf[ANODE_AES_KEY_SIZE + ANODE_AES_BLOCK_SIZE + ANODE_AES_BLOCK_SIZE];
  unsigned int i;
  struct AnodeSecureRandomImpl *srng;
 #ifdef WINDOWS
  HCRYPTPROV hProv;
  if (CryptAcquireContext(&hProv,NULL,NULL,PROV_RSA_FULL,CRYPT_VERIFYCONTEXT|CRYPT_SILENT)) {
    CryptGenRandom(hProv,sizeof(keybuf),keybuf);
    CryptReleaseContext(hProv,0);
  }
 #else
  FILE *urandf = fopen("/dev/urandom","rb");
  if (urandf) {
    fread((void *)keybuf,sizeof(keybuf),1,urandf);
    fclose(urandf);
  }
 #endif
  for(i=0;i<sizeof(keybuf);++i)
    keybuf[i] ^= (unsigned char)(Anode_rand() >> 5);
  srng = malloc(sizeof(struct AnodeSecureRandomImpl));
  Anode_aes256_expand_key(keybuf,&srng->key);
  for(i=0;i<ANODE_AES_BLOCK_SIZE;++i)
    srng->state[i] = keybuf[ANODE_AES_KEY_SIZE + i];
  for(i=0;i<ANODE_AES_BLOCK_SIZE;++i)
    srng->block[i] = keybuf[ANODE_AES_KEY_SIZE + ANODE_AES_KEY_SIZE + i];
  srng->ptr = ANODE_AES_BLOCK_SIZE;
  return (AnodeSecureRandom *)srng;
 }
 void AnodeSecureRandom_gen_bytes(AnodeSecureRandom *srng,void *buf,long count)
 {
  long i,j;
  for(i=0;i<count;++i) {
    if (((struct AnodeSecureRandomImpl *)srng)->ptr == ANODE_AES_BLOCK_SIZE) {
      Anode_aes256_encrypt(&((struct AnodeSecureRandomImpl *)srng)->key,((struct AnodeSecureRandomImpl *)srng)->state,((struct AnodeSecureRandomImpl *)srng)->state);
      for(j=0;j<ANODE_AES_KEY_SIZE;++j)
        ((struct AnodeSecureRandomImpl *)srng)->block[j] ^= ((struct AnodeSecureRandomImpl *)srng)->state[j];
      ((struct AnodeSecureRandomImpl *)srng)->ptr = 0;
    }
    ((unsigned char *)buf)[i] = ((struct AnodeSecureRandomImpl *)srng)->block[((struct AnodeSecureRandomImpl *)srng)->ptr++];
  }
 }
 void AnodeSecureRandom_delete(AnodeSecureRandom *srng)
 {
  free(srng);
 }
--- a/attic/historic/anode/libanode/system_transport.c
+++ b/attic/historic/anode/libanode/system_transport.c
@ -0,0 +1,948 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdio.h>
 #include <netdb.h>
 #include <fcntl.h>
 #include <errno.h>
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <arpa/inet.h>
 #include "anode.h"
 #include "impl/mutex.h"
 #include "impl/thread.h"
 #include "impl/misc.h"
 #include "impl/dns_txt.h"
 #ifdef WINDOWS
 #include <windows.h>
 #include <winsock2.h>
 #define AnodeSystemTransport__close_socket(s) closesocket((s))
 #define ANODE_USE_SELECT 1
 #else
 #include <poll.h>
 #include <unistd.h>
 #define AnodeSystemTransport__close_socket(s) close((s))
 #endif
 static const char *AnodeSystemTransport_CLASS = "SystemTransport";
 /* ======================================================================== */
 struct AnodeSystemTransport;
 struct AnodeSystemTransport_AnodeSocket
 {
  AnodeSocket base; /* must be first */
  unsigned int entry_idx;
 };
 #define ANODE_SYSTEM_TRANSPORT_DNS_MAX_RESULTS 16
 struct AnodeSystemTransport__dns_request
 {
  struct AnodeSystemTransport__dns_request *next;
  AnodeThread *thread;
  struct AnodeSystemTransport *owner;
  void (*event_handler)(const AnodeEvent *event);
  char name[256];  
  enum AnodeTransportDnsIncludeMode ipv4_include_mode;
  enum AnodeTransportDnsIncludeMode ipv6_include_mode;
  enum AnodeTransportDnsIncludeMode anode_include_mode;
  AnodeNetworkAddress addresses[ANODE_SYSTEM_TRANSPORT_DNS_MAX_RESULTS];
  unsigned int address_count;
  int error_code;
 };
 #ifdef ANODE_USE_SELECT
 typedef int AnodeSystemTransport__poll_fd; /* for select() */
 #else
 typedef struct pollfd AnodeSystemTransport__poll_fd; /* for poll() */
 #endif
 struct AnodeSystemTransport
 {
  AnodeTransport interface; /* must be first */
  AnodeTransport *base;
 #ifdef ANODE_USE_SELECT
  FD_SET readfds;
  FD_SET writefds;
 #endif
  void (*default_event_handler)(const AnodeEvent *event);
  AnodeSystemTransport__poll_fd *fds;
  struct AnodeSystemTransport_AnodeSocket *sockets;
  unsigned int fd_count;
  unsigned int fd_capacity;
  struct AnodeSystemTransport__dns_request *pending_dns_requests;
  int invoke_pipe[2];
  AnodeMutex invoke_pipe_m;
  void *invoke_pipe_buf[2];
  unsigned int invoke_pipe_buf_ptr;
 };
 /* ======================================================================== */
 /* Internal helper methods                                                  */
 static unsigned int AnodeSystemTransport__add_entry(struct AnodeSystemTransport *transport)
 {
  if ((transport->fd_count + 1) > transport->fd_capacity) {
    transport->fd_capacity += 8;
    transport->fds = realloc(transport->fds,sizeof(AnodeSystemTransport__poll_fd) * transport->fd_capacity);
    transport->sockets = realloc(transport->sockets,sizeof(struct AnodeSystemTransport_AnodeSocket) * transport->fd_capacity);
  }
  return transport->fd_count++;
 }
 static void AnodeSystemTransport__remove_entry(struct AnodeSystemTransport *transport,const unsigned int idx)
 {
  unsigned int i;
  --transport->fd_count;
  for(i=idx;i<transport->fd_count;++i) {
    Anode_memcpy(&transport->fds[i],&transport->fds[i+1],sizeof(AnodeSystemTransport__poll_fd));
    Anode_memcpy(&transport->sockets[i],&transport->sockets[i+1],sizeof(struct AnodeSystemTransport_AnodeSocket));
  }
  if ((transport->fd_capacity - transport->fd_count) > 16) {
    transport->fd_capacity -= 16;
    transport->fds = realloc(transport->fds,sizeof(AnodeSystemTransport__poll_fd) * transport->fd_capacity);
    transport->sockets = realloc(transport->sockets,sizeof(struct AnodeSystemTransport_AnodeSocket) * transport->fd_capacity);
  }
 }
 static void AnodeSystemTransport__dns_invoke_on_completion(void *_dreq)
 {
  struct AnodeSystemTransport__dns_request *dreq = (struct AnodeSystemTransport__dns_request *)_dreq;
  struct AnodeSystemTransport__dns_request *ptr,**lastnext;
  AnodeThread_join(dreq->thread);
  ptr = dreq->owner->pending_dns_requests;
  lastnext = &dreq->owner->pending_dns_requests;
  while (ptr) {
    if (ptr == dreq) {
      *lastnext = ptr->next;
      break;
    } else {
      lastnext = &ptr->next;
      ptr = ptr->next;
    }
  }
  free(dreq);
 }
 static void AnodeSystemTransport__dns_thread_main(void *_dreq)
 {
  struct AnodeSystemTransport__dns_request *dreq = (struct AnodeSystemTransport__dns_request *)_dreq;
  dreq->owner->interface.invoke((AnodeTransport *)dreq->owner,dreq,&AnodeSystemTransport__dns_invoke_on_completion);
 }
 static void AnodeSystemTransport__do_close(struct AnodeSystemTransport *transport,struct AnodeSystemTransport_AnodeSocket *sock,const int error_code,const int generate_event)
 {
  AnodeEvent evbuf;
  int fd;
  if (sock->base.class_name == AnodeSystemTransport_CLASS) {
 #ifdef ANODE_USE_SELECT
    fd = (int)(transport->fds[((struct AnodeSystemTransport_AnodeSocket *)sock)->entry_idx]);
 #else
    fd = transport->fds[((struct AnodeSystemTransport_AnodeSocket *)sock)->entry_idx].fd;
 #endif
    if ((sock->base.type == ANODE_SOCKET_STREAM_CONNECTION)&&(sock->base.state != ANODE_SOCKET_CLOSED)) {
      sock->base.state = ANODE_SOCKET_CLOSED;
      if (generate_event) {
        evbuf.type = ANODE_TRANSPORT_EVENT_STREAM_CLOSED;
        evbuf.transport = (AnodeTransport *)transport;
        evbuf.sock = (AnodeSocket *)sock;
        evbuf.datagram_from = NULL;
        evbuf.dns_name = NULL;
        evbuf.dns_addresses = NULL;
        evbuf.dns_address_count = 0;
        evbuf.error_code = error_code;
        evbuf.data_length = 0;
        evbuf.data = NULL;
        if (sock->base.event_handler)
          sock->base.event_handler(&evbuf);
        else if (transport->default_event_handler)
          transport->default_event_handler(&evbuf);
      }
    }
    AnodeSystemTransport__close_socket(fd);
    AnodeSystemTransport__remove_entry(transport,((struct AnodeSystemTransport_AnodeSocket *)sock)->entry_idx);
 #ifdef ANODE_USE_SELECT
    FD_CLR(sock,&THIS->readfds);
    FD_CLR(sock,&THIS->writefds);
 #endif
  } else transport->base->close(transport->base,(AnodeSocket *)sock);
 }
 static int AnodeSystemTransport__populate_network_endpoint(const struct sockaddr_storage *saddr,AnodeNetworkEndpoint *ep)
 {
  switch(saddr->ss_family) {
    case AF_INET:
      ep->address.type = ANODE_NETWORK_ADDRESS_IPV4;
      *((uint32_t *)ep->address.bits) = ((struct sockaddr_in *)saddr)->sin_addr.s_addr;
      ep->port = ntohs(((struct sockaddr_in *)saddr)->sin_port);
      return 1;
    case AF_INET6:
      ep->address.type = ANODE_NETWORK_ADDRESS_IPV6;
      Anode_memcpy(ep->address.bits,((struct sockaddr_in6 *)saddr)->sin6_addr.s6_addr,16);
      ep->port = ntohs(((struct sockaddr_in6 *)saddr)->sin6_port);
      return 1;
  }
  return 0;
 }
 /* ======================================================================== */
 #ifdef THIS
 #undef THIS
 #endif
 #define THIS ((struct AnodeSystemTransport *)transport)
 static void AnodeSystemTransport_invoke(AnodeTransport *transport,
  void *ptr,
  void (*func)(void *))
 {
  void *invoke_msg[2];
  invoke_msg[0] = ptr;
  invoke_msg[1] = (void *)func;
  AnodeMutex_lock(&THIS->invoke_pipe_m);
  write(THIS->invoke_pipe[1],(void *)(&invoke_msg),sizeof(invoke_msg));
  AnodeMutex_unlock(&THIS->invoke_pipe_m);
 }
 static void AnodeSystemTransport_dns_resolve(AnodeTransport *transport,
  const char *name,
  void (*event_handler)(const AnodeEvent *),
  enum AnodeTransportDnsIncludeMode ipv4_include_mode,
  enum AnodeTransportDnsIncludeMode ipv6_include_mode,
  enum AnodeTransportDnsIncludeMode anode_include_mode)
 {
  struct AnodeSystemTransport__dns_request *dreq = malloc(sizeof(struct AnodeSystemTransport__dns_request));
  dreq->owner = THIS;
  dreq->event_handler = event_handler;
  Anode_str_copy(dreq->name,name,sizeof(dreq->name));
  dreq->ipv4_include_mode = ipv4_include_mode;
  dreq->ipv6_include_mode = ipv6_include_mode;
  dreq->anode_include_mode = anode_include_mode;
  dreq->address_count = 0;
  dreq->error_code = 0;
  dreq->next = THIS->pending_dns_requests;
  THIS->pending_dns_requests = dreq;
  dreq->thread = AnodeThread_create(&AnodeSystemTransport__dns_thread_main,dreq,0);
 }
 static AnodeSocket *AnodeSystemTransport_datagram_listen(AnodeTransport *transport,
  const AnodeNetworkAddress *local_address,
  int local_port,
  int *error_code)
 {
  struct sockaddr_in sin4;
  struct sockaddr_in6 sin6;
  struct AnodeSystemTransport_AnodeSocket *sock;
  unsigned int entry_idx;
  int fd;
  int tmp;
  switch(local_address->type) {
    case ANODE_NETWORK_ADDRESS_IPV4:
      fd = socket(AF_INET,SOCK_DGRAM,0);
      if (fd <= 0) {
        *error_code = ANODE_ERR_UNABLE_TO_BIND;
        return (AnodeSocket *)0;
      }
      tmp = 1;
      setsockopt(fd,SOL_SOCKET,SO_REUSEADDR,&tmp,sizeof(tmp));
      fcntl(fd,F_SETFL,O_NONBLOCK);
      Anode_zero(&sin4,sizeof(struct sockaddr_in));
      sin4.sin_family = AF_INET;
      sin4.sin_port = htons(local_port);
      sin4.sin_addr.s_addr = *((uint32_t *)local_address->bits);
      if (bind(fd,(const struct sockaddr *)&sin4,sizeof(sin4))) {
        AnodeSystemTransport__close_socket(fd);
        *error_code = ANODE_ERR_UNABLE_TO_BIND;
        return (AnodeSocket *)0;
      }
      break;
    case ANODE_NETWORK_ADDRESS_IPV6:
      fd = socket(AF_INET6,SOCK_DGRAM,0);
      if (fd <= 0) {
        *error_code = ANODE_ERR_UNABLE_TO_BIND;
        return (AnodeSocket *)0;
      }
      tmp = 1; setsockopt(fd,SOL_SOCKET,SO_REUSEADDR,&tmp,sizeof(tmp));
      fcntl(fd,F_SETFL,O_NONBLOCK);
 #ifdef IPV6_V6ONLY
      tmp = 1; setsockopt(fd,IPPROTO_IPV6,IPV6_V6ONLY,&tmp,sizeof(tmp));
 #endif
      Anode_zero(&sin6,sizeof(struct sockaddr_in6));
      sin6.sin6_family = AF_INET6;
      sin6.sin6_port = htons(local_port);
      Anode_memcpy(sin6.sin6_addr.s6_addr,local_address->bits,16);
      if (bind(fd,(const struct sockaddr *)&sin6,sizeof(sin6))) {
        AnodeSystemTransport__close_socket(fd);
        *error_code = ANODE_ERR_UNABLE_TO_BIND;
        return (AnodeSocket *)0;
      }
      break;
    default:
      if (THIS->base)
        return THIS->base->datagram_listen(THIS->base,local_address,local_port,error_code);
      else {
        *error_code = ANODE_ERR_ADDRESS_TYPE_NOT_SUPPORTED;
        return (AnodeSocket *)0;
      }
  }
  entry_idx = AnodeSystemTransport__add_entry(THIS);
  sock = &(THIS->sockets[entry_idx]);
  sock->base.type = ANODE_SOCKET_DATAGRAM;
  sock->base.state = ANODE_SOCKET_OPEN;
  Anode_memcpy(&sock->base.endpoint.address,local_address,sizeof(AnodeNetworkAddress));
  sock->base.endpoint.port = local_port;
  sock->base.class_name = AnodeSystemTransport_CLASS;
  sock->base.user_ptr[0] = NULL;
  sock->base.user_ptr[1] = NULL;
  sock->base.event_handler = NULL;
  sock->entry_idx = entry_idx;
  THIS->fds[entry_idx].fd = fd;
  THIS->fds[entry_idx].events = POLLIN;
  THIS->fds[entry_idx].revents = 0;
  *error_code = 0;
  return (AnodeSocket *)sock;
 }
 static AnodeSocket *AnodeSystemTransport_stream_listen(AnodeTransport *transport,
  const AnodeNetworkAddress *local_address,
  int local_port,
  int *error_code)
 {
  struct sockaddr_in sin4;
  struct sockaddr_in6 sin6;
  struct AnodeSystemTransport_AnodeSocket *sock;
  unsigned int entry_idx;
  int fd;
  int tmp;
  switch(local_address->type) {
    case ANODE_NETWORK_ADDRESS_IPV4:
      fd = socket(AF_INET,SOCK_STREAM,0);
      if (fd < 0) {
        *error_code = ANODE_ERR_UNABLE_TO_BIND;
        return (AnodeSocket *)0;
      }
      fcntl(fd,F_SETFL,O_NONBLOCK);
      Anode_zero(&sin4,sizeof(struct sockaddr_in));
      sin4.sin_family = AF_INET;
      sin4.sin_port = htons(local_port);
      sin4.sin_addr.s_addr = *((uint32_t *)local_address->bits);
      if (bind(fd,(const struct sockaddr *)&sin4,sizeof(sin4))) {
        AnodeSystemTransport__close_socket(fd);
        *error_code = ANODE_ERR_UNABLE_TO_BIND;
        return (AnodeSocket *)0;
      }
      if (listen(fd,8)) {
        AnodeSystemTransport__close_socket(fd);
        *error_code = ANODE_ERR_UNABLE_TO_BIND;
        return (AnodeSocket *)0;
      }
      break;
    case ANODE_NETWORK_ADDRESS_IPV6:
      fd = socket(AF_INET6,SOCK_STREAM,0);
      if (fd < 0) {
        *error_code = ANODE_ERR_UNABLE_TO_BIND;
        return (AnodeSocket *)0;
      }
      fcntl(fd,F_SETFL,O_NONBLOCK);
 #ifdef IPV6_V6ONLY
      tmp = 1; setsockopt(fd,IPPROTO_IPV6,IPV6_V6ONLY,&tmp,sizeof(tmp));
 #endif
      Anode_zero(&sin6,sizeof(struct sockaddr_in6));
      sin6.sin6_family = AF_INET6;
      sin6.sin6_port = htons(local_port);
      Anode_memcpy(sin6.sin6_addr.s6_addr,local_address->bits,16);
      if (bind(fd,(const struct sockaddr *)&sin6,sizeof(sin6))) {
        AnodeSystemTransport__close_socket(fd);
        *error_code = ANODE_ERR_UNABLE_TO_BIND;
        return (AnodeSocket *)0;
      }
      if (listen(fd,8)) {
        AnodeSystemTransport__close_socket(fd);
        *error_code = ANODE_ERR_UNABLE_TO_BIND;
        return (AnodeSocket *)0;
      }
      break;
    default:
      if (THIS->base)
        return THIS->base->stream_listen(THIS->base,local_address,local_port,error_code);
      else {
        *error_code = ANODE_ERR_ADDRESS_TYPE_NOT_SUPPORTED;
        return (AnodeSocket *)0;
      }
  }
  entry_idx = AnodeSystemTransport__add_entry(THIS);
  sock = &(THIS->sockets[entry_idx]);
  sock->base.type = ANODE_SOCKET_STREAM_LISTEN;
  sock->base.state = ANODE_SOCKET_OPEN;
  Anode_memcpy(&sock->base.endpoint.address,local_address,sizeof(AnodeNetworkAddress));
  sock->base.endpoint.port = local_port;
  sock->base.class_name = AnodeSystemTransport_CLASS;
  sock->base.user_ptr[0] = NULL;
  sock->base.user_ptr[1] = NULL;
  sock->base.event_handler = NULL;
  sock->entry_idx = entry_idx;
  THIS->fds[entry_idx].fd = fd;
  THIS->fds[entry_idx].events = POLLIN;
  THIS->fds[entry_idx].revents = 0;
  *error_code = 0;
  return (AnodeSocket *)sock;
 }
 static int AnodeSystemTransport_datagram_send(AnodeTransport *transport,
  AnodeSocket *sock,
  const void *data,
  int data_len,
  const AnodeNetworkEndpoint *to_endpoint)
 {
  struct sockaddr_in sin4;
  struct sockaddr_in6 sin6;
 #ifdef ANODE_USE_SELECT
  const int fd = (int)(THIS->fds[((struct AnodeSystemTransport_AnodeSocket *)sock)->entry_idx]);
 #else
  const int fd = THIS->fds[((struct AnodeSystemTransport_AnodeSocket *)sock)->entry_idx].fd;
 #endif
  switch(to_endpoint->address.type) {
    case ANODE_NETWORK_ADDRESS_IPV4:
      Anode_zero(&sin4,sizeof(struct sockaddr_in));
      sin4.sin_family = AF_INET;
      sin4.sin_port = htons((uint16_t)to_endpoint->port);
      sin4.sin_addr.s_addr = *((uint32_t *)to_endpoint->address.bits);
      sendto(fd,data,data_len,0,(struct sockaddr *)&sin4,sizeof(sin4));
      return 0;
    case ANODE_NETWORK_ADDRESS_IPV6:
      Anode_zero(&sin6,sizeof(struct sockaddr_in6));
      sin6.sin6_family = AF_INET6;
      sin6.sin6_port = htons((uint16_t)to_endpoint->port);
      Anode_memcpy(sin6.sin6_addr.s6_addr,to_endpoint->address.bits,16);
      sendto(fd,data,data_len,0,(struct sockaddr *)&sin6,sizeof(sin6));
      return 0;
    default:
      if (THIS->base)
        return THIS->base->datagram_send(THIS->base,sock,data,data_len,to_endpoint);
      else return ANODE_ERR_ADDRESS_TYPE_NOT_SUPPORTED;
  }
 }
 static AnodeSocket *AnodeSystemTransport_stream_connect(AnodeTransport *transport,
  const AnodeNetworkEndpoint *to_endpoint,
  int *error_code)
 {
  struct sockaddr_in sin4;
  struct sockaddr_in6 sin6;
  struct AnodeSystemTransport_AnodeSocket *sock;
  unsigned int entry_idx;
  int fd;
  switch(to_endpoint->address.type) {
    case ANODE_NETWORK_ADDRESS_IPV4:
      Anode_zero(&sin4,sizeof(struct sockaddr_in));
      sin4.sin_family = AF_INET;
      sin4.sin_port = htons(to_endpoint->port);
      sin4.sin_addr.s_addr = *((uint32_t *)to_endpoint->address.bits);
      fd = socket(AF_INET,SOCK_STREAM,0);
      if (fd < 0) {
        *error_code = ANODE_ERR_ADDRESS_TYPE_NOT_SUPPORTED;
        return (AnodeSocket *)0;
      }
      fcntl(fd,F_SETFL,O_NONBLOCK);
      if (connect(fd,(struct sockaddr *)&sin4,sizeof(sin4))) {
        if (errno != EINPROGRESS) {
          *error_code = ANODE_ERR_CONNECT_FAILED;
          AnodeSystemTransport__close_socket(fd);
          return (AnodeSocket *)0;
        }
      }
      break;
    case ANODE_NETWORK_ADDRESS_IPV6:
      Anode_zero(&sin6,sizeof(struct sockaddr_in6));
      sin6.sin6_family = AF_INET6;
      sin6.sin6_port = htons(to_endpoint->port);
      Anode_memcpy(sin6.sin6_addr.s6_addr,to_endpoint->address.bits,16);
      fd = socket(AF_INET6,SOCK_STREAM,0);
      if (fd < 0) {
        *error_code = ANODE_ERR_ADDRESS_TYPE_NOT_SUPPORTED;
        return (AnodeSocket *)0;
      }
      fcntl(fd,F_SETFL,O_NONBLOCK);
      if (connect(fd,(struct sockaddr *)&sin6,sizeof(sin6))) {
        if (errno == EINPROGRESS) {
          *error_code = ANODE_ERR_CONNECT_FAILED;
          AnodeSystemTransport__close_socket(fd);
          return (AnodeSocket *)0;
        }
      }
      break;
    default:
      if (THIS->base)
        return THIS->base->stream_connect(THIS->base,to_endpoint,error_code);
      else {
        *error_code = ANODE_ERR_ADDRESS_TYPE_NOT_SUPPORTED;
        return (AnodeSocket *)0;
      }
  }
  entry_idx = AnodeSystemTransport__add_entry(THIS);
  sock = &(THIS->sockets[entry_idx]);
  sock->base.type = ANODE_SOCKET_STREAM_CONNECTION;
  sock->base.state = ANODE_SOCKET_CONNECTING;
  Anode_memcpy(&sock->base.endpoint,to_endpoint,sizeof(AnodeNetworkEndpoint));
  sock->base.class_name = AnodeSystemTransport_CLASS;
  sock->base.user_ptr[0] = NULL;
  sock->base.user_ptr[1] = NULL;
  sock->base.event_handler = NULL;
  sock->entry_idx = entry_idx;
  THIS->fds[entry_idx].fd = fd;
  THIS->fds[entry_idx].events = POLLIN|POLLOUT;
  THIS->fds[entry_idx].revents = 0;
  return (AnodeSocket *)sock;
 }
 static void AnodeSystemTransport_stream_start_writing(AnodeTransport *transport,
  AnodeSocket *sock)
 {
  if ((sock->type == ANODE_SOCKET_STREAM_CONNECTION)&&(((struct AnodeSystemTransport_AnodeSocket *)sock)->base.state == ANODE_SOCKET_OPEN)) {
    if (sock->class_name == AnodeSystemTransport_CLASS) {
 #ifdef ANODE_USE_SELECT
      FD_SET((int)(THIS->fds[((struct AnodeSystemTransport_AnodeSocket *)sock)->entry_idx]),&THIS->writefds);
 #else
      THIS->fds[((struct AnodeSystemTransport_AnodeSocket *)sock)->entry_idx].events = (POLLIN|POLLOUT);
 #endif
    } else THIS->base->stream_start_writing(THIS->base,sock);
  }
 }
 static void AnodeSystemTransport_stream_stop_writing(AnodeTransport *transport,
  AnodeSocket *sock)
 {
  if ((sock->type == ANODE_SOCKET_STREAM_CONNECTION)&&(((struct AnodeSystemTransport_AnodeSocket *)sock)->base.state == ANODE_SOCKET_OPEN)) {
    if (sock->class_name == AnodeSystemTransport_CLASS) {
 #ifdef ANODE_USE_SELECT
      FD_CLR((int)(THIS->fds[((struct AnodeSystemTransport_AnodeSocket *)sock)->entry_idx]),&THIS->writefds);
 #else
      THIS->fds[((struct AnodeSystemTransport_AnodeSocket *)sock)->entry_idx].events = POLLIN;
 #endif
    } else THIS->base->stream_stop_writing(THIS->base,sock);
  }
 }
 static int AnodeSystemTransport_stream_send(AnodeTransport *transport,
  AnodeSocket *sock,
  const void *data,
  int data_len)
 {
  int result;
  if (sock->type == ANODE_SOCKET_STREAM_CONNECTION) {
    if (sock->class_name == AnodeSystemTransport_CLASS) {
      if (((struct AnodeSystemTransport_AnodeSocket *)sock)->base.state != ANODE_SOCKET_OPEN)
        return ANODE_ERR_CONNECTION_CLOSED;
 #ifdef ANODE_USE_SELECT
      result = send((int)(THIS->fds[((struct AnodeSystemTransport_AnodeSocket *)sock)->entry_idx]),data,data_len,0);
 #else
      result = send(THIS->fds[((struct AnodeSystemTransport_AnodeSocket *)sock)->entry_idx].fd,data,data_len,0);
 #endif
      if (result >= 0)
        return result;
      else {
        AnodeSystemTransport__do_close(THIS,(struct AnodeSystemTransport_AnodeSocket *)sock,ANODE_ERR_CONNECTION_CLOSED_BY_REMOTE,1);
        return ANODE_ERR_CONNECTION_CLOSED;
      }
    } else return THIS->base->stream_send(THIS->base,sock,data,data_len);
  } else return ANODE_ERR_INVALID_ARGUMENT;
 }
 static void AnodeSystemTransport_close(AnodeTransport *transport,
  AnodeSocket *sock)
 {
  AnodeSystemTransport__do_close(THIS,(struct AnodeSystemTransport_AnodeSocket *)sock,0,1);
 }
 static void AnodeSystemTransport__poll_do_read_datagram(struct AnodeSystemTransport *transport,int fd,struct AnodeSystemTransport_AnodeSocket *sock)
 {
  char buf[16384];
  struct sockaddr_storage fromaddr;
  AnodeNetworkEndpoint tmp_ep;
  AnodeEvent evbuf;
  socklen_t addrlen;
  int n;
  addrlen = sizeof(struct sockaddr_storage);
  n = recvfrom(fd,buf,sizeof(buf),0,(struct sockaddr *)&fromaddr,&addrlen);
  if ((n >= 0)&&(AnodeSystemTransport__populate_network_endpoint(&fromaddr,&tmp_ep))) {
    evbuf.type = ANODE_TRANSPORT_EVENT_DATAGRAM_RECEIVED;
    evbuf.transport = (AnodeTransport *)transport;
    evbuf.sock = (AnodeSocket *)sock;
    evbuf.datagram_from = &tmp_ep;
    evbuf.dns_name = NULL;
    evbuf.dns_addresses = NULL;
    evbuf.dns_address_count = 0;
    evbuf.error_code = 0;
    evbuf.data_length = n;
    evbuf.data = buf;
    if (sock->base.event_handler)
      sock->base.event_handler(&evbuf);
    else if (transport->default_event_handler)
      transport->default_event_handler(&evbuf);
  }
 }
 static void AnodeSystemTransport__poll_do_accept_incoming_connection(struct AnodeSystemTransport *transport,int fd,struct AnodeSystemTransport_AnodeSocket *sock)
 {
  struct sockaddr_storage fromaddr;
  AnodeNetworkEndpoint tmp_ep;
  AnodeEvent evbuf;
  struct AnodeSystemTransport_AnodeSocket *newsock;
  socklen_t addrlen;
  int n;
  unsigned int entry_idx;
  addrlen = sizeof(struct sockaddr_storage);
  n = accept(fd,(struct sockaddr *)&fromaddr,&addrlen);
  if ((n >= 0)&&(AnodeSystemTransport__populate_network_endpoint(&fromaddr,&tmp_ep))) {
    entry_idx = AnodeSystemTransport__add_entry(transport);
    newsock = &(transport->sockets[entry_idx]);
    newsock->base.type = ANODE_SOCKET_STREAM_CONNECTION;
    newsock->base.state = ANODE_SOCKET_OPEN;
    Anode_memcpy(&newsock->base.endpoint,&tmp_ep,sizeof(AnodeNetworkEndpoint));
    newsock->base.class_name = AnodeSystemTransport_CLASS;
    newsock->base.user_ptr[0] = NULL;
    newsock->base.user_ptr[1] = NULL;
    newsock->base.event_handler = NULL;
    newsock->entry_idx = entry_idx;
    THIS->fds[entry_idx].fd = n;
    THIS->fds[entry_idx].events = POLLIN;
    THIS->fds[entry_idx].revents = 0;
    evbuf.type = ANODE_TRANSPORT_EVENT_STREAM_INCOMING_CONNECT;
    evbuf.transport = (AnodeTransport *)transport;
    evbuf.sock = (AnodeSocket *)newsock;
    evbuf.datagram_from = NULL;
    evbuf.dns_name = NULL;
    evbuf.dns_addresses = NULL;
    evbuf.dns_address_count = 0;
    evbuf.error_code = 0;
    evbuf.data_length = 0;
    evbuf.data = NULL;
    if (sock->base.event_handler)
      sock->base.event_handler(&evbuf);
    else if (transport->default_event_handler)
      transport->default_event_handler(&evbuf);
  }
 }
 static void AnodeSystemTransport__poll_do_read_stream(struct AnodeSystemTransport *transport,int fd,struct AnodeSystemTransport_AnodeSocket *sock)
 {
  char buf[65536];
  AnodeEvent evbuf;
  int n;
  n = recv(fd,buf,sizeof(buf),0);
  if (n > 0) {
    evbuf.type = ANODE_TRANSPORT_EVENT_STREAM_DATA_RECEIVED;
    evbuf.transport = (AnodeTransport *)transport;
    evbuf.sock = (AnodeSocket *)sock;
    evbuf.datagram_from = NULL;
    evbuf.dns_name = NULL;
    evbuf.dns_addresses = NULL;
    evbuf.dns_address_count = 0;
    evbuf.error_code = 0;
    evbuf.data_length = n;
    evbuf.data = buf;
    if (sock->base.event_handler)
      sock->base.event_handler(&evbuf);
    else if (transport->default_event_handler)
      transport->default_event_handler(&evbuf);
  } else AnodeSystemTransport__do_close(transport,sock,ANODE_ERR_CONNECTION_CLOSED_BY_REMOTE,1);
 }
 static void AnodeSystemTransport__poll_do_stream_available_for_write(struct AnodeSystemTransport *transport,int fd,struct AnodeSystemTransport_AnodeSocket *sock)
 {
  AnodeEvent evbuf;
  evbuf.type = ANODE_TRANSPORT_EVENT_STREAM_DATA_RECEIVED;
  evbuf.transport = (AnodeTransport *)transport;
  evbuf.sock = (AnodeSocket *)sock;
  evbuf.datagram_from = NULL;
  evbuf.dns_name = NULL;
  evbuf.dns_addresses = NULL;
  evbuf.dns_address_count = 0;
  evbuf.error_code = 0;
  evbuf.data_length = 0;
  evbuf.data = NULL;
  if (sock->base.event_handler)
    sock->base.event_handler(&evbuf);
  else if (transport->default_event_handler)
    transport->default_event_handler(&evbuf);
 }
 static void AnodeSystemTransport__poll_do_outgoing_connect(struct AnodeSystemTransport *transport,int fd,struct AnodeSystemTransport_AnodeSocket *sock)
 {
  AnodeEvent evbuf;
  int err_code;
  socklen_t optlen;
  optlen = sizeof(err_code);
  if (getsockopt(fd,SOL_SOCKET,SO_ERROR,(void *)&err_code,&optlen)) {
    /* Error getting result, so we assume a failure */
    evbuf.type = ANODE_TRANSPORT_EVENT_STREAM_OUTGOING_CONNECT_FAILED;
    evbuf.transport = (AnodeTransport *)transport;
    evbuf.sock = (AnodeSocket *)sock;
    evbuf.datagram_from = NULL;
    evbuf.dns_name = NULL;
    evbuf.dns_addresses = NULL;
    evbuf.dns_address_count = 0;
    evbuf.error_code = ANODE_ERR_CONNECT_FAILED;
    evbuf.data_length = 0;
    evbuf.data = NULL;
    AnodeSystemTransport__do_close(transport,sock,0,0);
  } else if (err_code) {
    /* Error code is nonzero, so connect failed */
    evbuf.type = ANODE_TRANSPORT_EVENT_STREAM_OUTGOING_CONNECT_FAILED;
    evbuf.transport = (AnodeTransport *)transport;
    evbuf.sock = (AnodeSocket *)sock;
    evbuf.datagram_from = NULL;
    evbuf.dns_name = NULL;
    evbuf.dns_addresses = NULL;
    evbuf.dns_address_count = 0;
    evbuf.error_code = ANODE_ERR_CONNECT_FAILED;
    evbuf.data_length = 0;
    evbuf.data = NULL;
    AnodeSystemTransport__do_close(transport,sock,0,0);
  } else {
    /* Connect succeeded */
    evbuf.type = ANODE_TRANSPORT_EVENT_STREAM_OUTGOING_CONNECT_ESTABLISHED;
    evbuf.transport = (AnodeTransport *)transport;
    evbuf.sock = (AnodeSocket *)sock;
    evbuf.datagram_from = NULL;
    evbuf.dns_name = NULL;
    evbuf.dns_addresses = NULL;
    evbuf.dns_address_count = 0;
    evbuf.error_code = 0;
    evbuf.data_length = 0;
    evbuf.data = NULL;
  }
  if (sock->base.event_handler)
    sock->base.event_handler(&evbuf);
  else if (transport->default_event_handler)
    transport->default_event_handler(&evbuf);
 }
 static int AnodeSystemTransport_poll(AnodeTransport *transport)
 {
  int timeout = -1;
  unsigned int fd_idx;
  int event_count = 0;
  int n;
  if (poll((struct pollfd *)THIS->fds,THIS->fd_count,timeout) > 0) {
    for(fd_idx=0;fd_idx<THIS->fd_count;++fd_idx) {
      if ((THIS->fds[fd_idx].revents & (POLLERR|POLLHUP|POLLNVAL))) {
        if (THIS->sockets[fd_idx].base.type == ANODE_SOCKET_STREAM_CONNECTION) {
          if (THIS->sockets[fd_idx].base.state == ANODE_SOCKET_CONNECTING)
            AnodeSystemTransport__poll_do_outgoing_connect(THIS,THIS->fds[fd_idx].fd,&THIS->sockets[fd_idx]);
          else AnodeSystemTransport__do_close(THIS,&THIS->sockets[fd_idx],ANODE_ERR_CONNECTION_CLOSED_BY_REMOTE,1);
          ++event_count;
        }
      } else {
        if ((THIS->fds[fd_idx].revents & POLLIN)) {
          if (THIS->fds[fd_idx].fd == THIS->invoke_pipe[0]) {
            n = read(THIS->invoke_pipe[0],&(((unsigned char *)(&(THIS->invoke_pipe_buf)))[THIS->invoke_pipe_buf_ptr]),sizeof(THIS->invoke_pipe_buf) - THIS->invoke_pipe_buf_ptr);
            if (n > 0) {
              THIS->invoke_pipe_buf_ptr += (unsigned int)n;
              if (THIS->invoke_pipe_buf_ptr >= sizeof(THIS->invoke_pipe_buf)) {
                THIS->invoke_pipe_buf_ptr -= sizeof(THIS->invoke_pipe_buf);
                ((void (*)(void *))(THIS->invoke_pipe_buf[1]))(THIS->invoke_pipe_buf[0]);
              }
            }
          } else {
            switch(THIS->sockets[fd_idx].base.type) {
              case ANODE_SOCKET_DATAGRAM:
                AnodeSystemTransport__poll_do_read_datagram(THIS,THIS->fds[fd_idx].fd,&THIS->sockets[fd_idx]);
                break;
              case ANODE_SOCKET_STREAM_LISTEN:
                AnodeSystemTransport__poll_do_accept_incoming_connection(THIS,THIS->fds[fd_idx].fd,&THIS->sockets[fd_idx]);
                break;
              case ANODE_SOCKET_STREAM_CONNECTION:
                if (THIS->sockets[fd_idx].base.state == ANODE_SOCKET_CONNECTING)
                  AnodeSystemTransport__poll_do_outgoing_connect(THIS,THIS->fds[fd_idx].fd,&THIS->sockets[fd_idx]);
                else AnodeSystemTransport__poll_do_read_stream(THIS,THIS->fds[fd_idx].fd,&THIS->sockets[fd_idx]);
                break;
            }
            ++event_count;
          }
        }
        if ((THIS->fds[fd_idx].revents & POLLOUT)) {
          if (THIS->sockets[fd_idx].base.state == ANODE_SOCKET_CONNECTING)
            AnodeSystemTransport__poll_do_outgoing_connect(THIS,THIS->fds[fd_idx].fd,&THIS->sockets[fd_idx]);
          else AnodeSystemTransport__poll_do_stream_available_for_write(THIS,THIS->fds[fd_idx].fd,&THIS->sockets[fd_idx]);
          ++event_count;
        }
      }
    }
  }
  return event_count;
 }
 static int AnodeSystemTransport_supports_address_type(const AnodeTransport *transport,
  enum AnodeNetworkAddressType at)
 {
  switch(at) {
    case ANODE_NETWORK_ADDRESS_IPV4:
      return 1;
    case ANODE_NETWORK_ADDRESS_IPV6:
      return 1;
    default:
      if (THIS->base)
        return THIS->base->supports_address_type(THIS->base,at);
      return 0;
  }
 }
 static AnodeTransport *AnodeSystemTransport_base_instance(const AnodeTransport *transport)
 {
  return THIS->base;
 }
 static const char *AnodeSystemTransport_class_name(AnodeTransport *transport)
 {
  return AnodeSystemTransport_CLASS;
 }
 static void AnodeSystemTransport_delete(AnodeTransport *transport)
 {
  close(THIS->invoke_pipe[0]);
  close(THIS->invoke_pipe[1]);
  AnodeMutex_destroy(&THIS->invoke_pipe_m);
  if (THIS->fds) free(THIS->fds);
  if (THIS->sockets) free(THIS->sockets);
  if (THIS->base) THIS->base->delete(THIS->base);
  free(transport);
 }
 /* ======================================================================== */
 AnodeTransport *AnodeSystemTransport_new(AnodeTransport *base)
 {
  struct AnodeSystemTransport *t;
  unsigned int entry_idx;
  t = malloc(sizeof(struct AnodeSystemTransport));
  if (!t) return (AnodeTransport *)0;
  Anode_zero(t,sizeof(struct AnodeSystemTransport));
  t->interface.invoke = &AnodeSystemTransport_invoke;
  t->interface.dns_resolve = &AnodeSystemTransport_dns_resolve;
  t->interface.datagram_listen = &AnodeSystemTransport_datagram_listen;
  t->interface.stream_listen = &AnodeSystemTransport_stream_listen;
  t->interface.datagram_send = &AnodeSystemTransport_datagram_send;
  t->interface.stream_connect = &AnodeSystemTransport_stream_connect;
  t->interface.stream_start_writing = &AnodeSystemTransport_stream_start_writing;
  t->interface.stream_stop_writing = &AnodeSystemTransport_stream_stop_writing;
  t->interface.stream_send = &AnodeSystemTransport_stream_send;
  t->interface.close = &AnodeSystemTransport_close;
  t->interface.poll = &AnodeSystemTransport_poll;
  t->interface.supports_address_type = &AnodeSystemTransport_supports_address_type;
  t->interface.base_instance = &AnodeSystemTransport_base_instance;
  t->interface.class_name = &AnodeSystemTransport_class_name;
  t->interface.delete = &AnodeSystemTransport_delete;
  t->base = base;
  pipe(t->invoke_pipe);
  fcntl(t->invoke_pipe[0],F_SETFL,O_NONBLOCK);
  entry_idx = AnodeSystemTransport__add_entry(t);
  t->fds[entry_idx].fd = t->invoke_pipe[0];
  t->fds[entry_idx].events = POLLIN;
  t->fds[entry_idx].revents = 0;
  AnodeMutex_init(&t->invoke_pipe_m);
  return (AnodeTransport *)t;
 }
--- a/attic/historic/anode/libanode/tests/Makefile
+++ b/attic/historic/anode/libanode/tests/Makefile
@ -0,0 +1,25 @@
 all: force clean anode-utils-test anode-zone-test aes-test ec-test
 aes-test:
 	gcc -Wall -O6 -ftree-vectorize -std=c99 -o aes-test aes-test.c ../aes_digest.c -lcrypto
 http_client-test:
 	gcc -O0 -g -std=c99 -o http_client-test http_client-test.c ../anode-utils.c ../misc.c ../http_client.c ../dictionary.c ../iptransport.c ../anode-transport.c -lcrypto
 anode-utils-test:
 	gcc -O0 -g -std=c99 -o anode-utils-test anode-utils-test.c ../anode-utils.c ../misc.c
 ec-test:
 	gcc -O0 -g -std=c99 -o ec-test ec-test.c ../impl/ec.c ../impl/misc.c -lcrypto
 anode-zone-test:
 	gcc -O0 -g -std=c99 -o anode-zone-test anode-zone-test.c ../anode-zone.c ../http_client.c ../dictionary.c ../misc.c ../anode-transport.c ../iptransport.c ../environment.c
 system_transport-test:
 	gcc -O0 -g -std=c99 -o system_transport-test system_transport-test.c ../system_transport.c ../network_address.c ../address.c ../aes_digest.c ../impl/misc.c ../impl/thread.c ../impl/dns_txt.c ../impl/aes.c -lresolv -lcrypto
 clean:	force
 	rm -rf *.dSYM
 	rm -f http_client-test anode-utils-test anode-zone-test ec-test aes-test system_transport-test
 force: ;
--- a/attic/historic/anode/libanode/tests/aes-test.c
+++ b/attic/historic/anode/libanode/tests/aes-test.c
@ -0,0 +1,191 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <time.h>
 #include <sys/time.h>
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
 #include "../impl/aes.h"
 #include "../anode.h"
 static const unsigned char AES_TEST_KEY[32] = {
  0x08,0x09,0x0A,0x0B,0x0D,0x0E,0x0F,0x10,0x12,0x13,0x14,0x15,0x17,0x18,0x19,0x1A,
  0x1C,0x1D,0x1E,0x1F,0x21,0x22,0x23,0x24,0x26,0x27,0x28,0x29,0x2B,0x2C,0x2D,0x2E
 };
 static const unsigned char AES_TEST_IN[16] = {
  0x06,0x9A,0x00,0x7F,0xC7,0x6A,0x45,0x9F,0x98,0xBA,0xF9,0x17,0xFE,0xDF,0x95,0x21
 };
 static const unsigned char AES_TEST_OUT[16] = {
  0x08,0x0e,0x95,0x17,0xeb,0x16,0x77,0x71,0x9a,0xcf,0x72,0x80,0x86,0x04,0x0a,0xe3
 };
 static const unsigned char CMAC_TEST_KEY[32] = {
  0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
  0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
 };
 static const unsigned char CMAC_TEST1_OUT[16] = {
  0x02,0x89,0x62,0xf6,0x1b,0x7b,0xf8,0x9e,0xfc,0x6b,0x55,0x1f,0x46,0x67,0xd9,0x83
 };
 static const unsigned char CMAC_TEST2_IN[16] = {
  0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
 };
 static const unsigned char CMAC_TEST2_OUT[16] = {
  0x28,0xa7,0x02,0x3f,0x45,0x2e,0x8f,0x82,0xbd,0x4b,0xf2,0x8d,0x8c,0x37,0xc3,0x5c
 };
 static const unsigned char CMAC_TEST3_IN[40] = {
  0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a,
  0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c,0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51,
  0x30,0xc8,0x1c,0x46,0xa3,0x5c,0xe4,0x11  
 };
 static const unsigned char CMAC_TEST3_OUT[16] = {
  0xaa,0xf3,0xd8,0xf1,0xde,0x56,0x40,0xc2,0x32,0xf5,0xb1,0x69,0xb9,0xc9,0x11,0xe6
 };
 static const unsigned char CMAC_TEST4_IN[64] = {
  0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a,
  0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c,0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51,
  0x30,0xc8,0x1c,0x46,0xa3,0x5c,0xe4,0x11,0xe5,0xfb,0xc1,0x19,0x1a,0x0a,0x52,0xef,
  0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17,0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10
 };
 static const unsigned char CMAC_TEST4_OUT[16] = {
  0xe1,0x99,0x21,0x90,0x54,0x9f,0x6e,0xd5,0x69,0x6a,0x2c,0x05,0x6c,0x31,0x54,0x10
 };
 static void test_cmac(const AnodeAesExpandedKey *expkey,const unsigned char *in,unsigned int inlen,const unsigned char *expected)
 {
  unsigned int i;
  unsigned char out[16];
  printf("Testing CMAC with %u byte input:\n",inlen);
  printf("  IN:  ");
  for(i=0;i<inlen;++i)
    printf("%.2x",(int)in[i]);
  printf("\n");
  printf("  EXP: ");
  for(i=0;i<16;++i)
    printf("%.2x",(int)expected[i]);
  printf("\n");
  Anode_cmac_aes256(expkey,in,inlen,out);
  printf("  OUT: ");
  for(i=0;i<16;++i)
    printf("%.2x",(int)out[i]);
  printf("\n");
  if (memcmp(expected,out,16)) {
    printf("FAILED!\n");
    exit(1);
  } else printf("Passed.\n");
 }
 static void test_cfb(const AnodeAesExpandedKey *expkey,const unsigned char *in,unsigned int inlen,unsigned char *iv,const unsigned char *expected)
 {
  unsigned char tmp[131072];
  unsigned char tmp2[131072];
  unsigned char tmpiv[16];
  printf("Testing AES-256 CFB mode with %u bytes: ",inlen);
  fflush(stdout);
  memcpy(tmpiv,iv,16);
  Anode_aes256_cfb_encrypt(expkey,in,tmp,tmpiv,inlen);
  if (!memcmp(tmp,expected,inlen)) {
    printf("FAILED (didn't encrypt)!\n");
    exit(1);
  }
  memcpy(tmpiv,iv,16);
  Anode_aes256_cfb_decrypt(expkey,tmp,tmp2,tmpiv,inlen);
  if (memcmp(tmp2,expected,inlen)) {
    printf("FAILED (didn't encrypt)!\n");
    exit(1);
  } else printf("Passed.\n");
 }
 static const char *AES_DIGEST_TEST_1 = "test";
 static const char *AES_DIGEST_TEST_2 = "supercalifragilisticexpealidocious";
 static const char *AES_DIGEST_TEST_3 = "12345678";
 static const char *AES_DIGEST_TEST_4 = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
 int main(int argc,char **argv)
 {
  AnodeAesExpandedKey expkey;
  unsigned int i;
  unsigned char aestestbuf[16];
  unsigned char cfbin[131072];
  unsigned char iv[16];
  printf("Testing AES-256:");
  Anode_aes256_expand_key(AES_TEST_KEY,&expkey);
  printf("  IN:  ");
  for(i=0;i<16;++i)
    printf("%.2x",(int)AES_TEST_IN[i]);
  printf("\n");
  printf("  EXP: ");
  for(i=0;i<16;++i)
    printf("%.2x",(int)AES_TEST_OUT[i]);
  printf("\n");
  Anode_aes256_encrypt(&expkey,AES_TEST_IN,aestestbuf);
  printf("  OUT: ");
  for(i=0;i<16;++i)
    printf("%.2x",(int)aestestbuf[i]);
  printf("\n");
  if (memcmp(AES_TEST_OUT,aestestbuf,16)) {
    printf("FAILED!\n");
    return 1;
  } else printf("Passed.\n");
  printf("\n");
  Anode_aes256_expand_key(CMAC_TEST_KEY,&expkey);
  test_cmac(&expkey,(unsigned char *)0,0,CMAC_TEST1_OUT);
  test_cmac(&expkey,CMAC_TEST2_IN,16,CMAC_TEST2_OUT);
  test_cmac(&expkey,CMAC_TEST3_IN,40,CMAC_TEST3_OUT);
  test_cmac(&expkey,CMAC_TEST4_IN,64,CMAC_TEST4_OUT);
  printf("\n");
  for(i=0;i<131072;++i)
    cfbin[i] = (unsigned char)(i & 0xff);
  for(i=0;i<16;++i)
    iv[i] = (unsigned char)(i & 0xff);
  for(i=12345;i<131072;i+=7777)
    test_cfb(&expkey,cfbin,i,iv,cfbin);
  printf("\nTesting AES-DIGEST...\n");
  printf("0 bytes: ");
  Anode_aes_digest(cfbin,0,iv);
  for(i=0;i<16;++i) printf("%.2x",(unsigned int)iv[i]);
  printf("\n");
  printf("%d bytes: ",(int)strlen(AES_DIGEST_TEST_1));
  Anode_aes_digest(AES_DIGEST_TEST_1,strlen(AES_DIGEST_TEST_1),iv);
  for(i=0;i<16;++i) printf("%.2x",(unsigned int)iv[i]);
  printf("\n");
  printf("%d bytes: ",(int)strlen(AES_DIGEST_TEST_2));
  Anode_aes_digest(AES_DIGEST_TEST_2,strlen(AES_DIGEST_TEST_2),iv);
  for(i=0;i<16;++i) printf("%.2x",(unsigned int)iv[i]);
  printf("\n");
  printf("%d bytes: ",(int)strlen(AES_DIGEST_TEST_3));
  Anode_aes_digest(AES_DIGEST_TEST_3,strlen(AES_DIGEST_TEST_3),iv);
  for(i=0;i<16;++i) printf("%.2x",(unsigned int)iv[i]);
  printf("\n");
  printf("%d bytes: ",(int)strlen(AES_DIGEST_TEST_4));
  Anode_aes_digest(AES_DIGEST_TEST_4,strlen(AES_DIGEST_TEST_4),iv);
  for(i=0;i<16;++i) printf("%.2x",(unsigned int)iv[i]);
  printf("\n");
  return 0;
 }
--- a/attic/historic/anode/libanode/tests/anode-secure_random-test.c
+++ b/attic/historic/anode/libanode/tests/anode-secure_random-test.c
@ -0,0 +1,38 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdlib.h>
 #include <stdio.h>
 #include "../anode.h"
 #include "../misc.h"
 int main(int argc,char **argv)
 {
  unsigned char test[10005];
  unsigned int i;
  AnodeSecureRandom srng;
  AnodeSecureRandom_init(&srng);
  AnodeSecureRandom_gen_bytes(&srng,test,sizeof(test));
  for(i=0;i<sizeof(test);++i) {
    printf("%.2x",(unsigned int)test[i]);
    if ((i % 20) == 19)
      printf("\n");
  }
  printf("\n");
 }
--- a/attic/historic/anode/libanode/tests/anode-utils-test.c
+++ b/attic/historic/anode/libanode/tests/anode-utils-test.c
@ -0,0 +1,75 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdlib.h>
 #include <stdio.h>
 #include "../anode.h"
 #include "../misc.h"
 static const char *testuris[22] = {
  "http://www.test.com",
  "http://www.test.com/",
  "http://www.test.com/path/to/something",
  "http://user@www.test.com",
  "http://user@www.test.com/path/to/something",
  "http://user:password@www.test.com/path/to/something",
  "http://www.test.com/path/to/something?query=foo&bar=baz",
  "http://www.test.com/path/to/something#fragment",
  "http://www.test.com/path/to/something?query=foo&bar=baz#fragment",
  "http://user:password@www.test.com/path/to/something#fragment",
  "http://user:password@www.test.com/path/to/something?query=foo&bar=baz#fragment",
  "http://@www.test.com/",
  "http://:@www.test.com/",
  "http://www.test.com:8080/path/to/something",
  "http://user:password@www.test.com:8080/path/to/something?query=foo#fragment",
  "http://",
  "http://www.test.com/path/to/something?#",
  "http://www.test.com/path/to/something?#fragment",
  "http:",
  "http",
  "mailto:this_is_a_urn@somedomain.com",
  ""
 };
 int main(int argc,char **argv)
 {
  int i,r;
  char reconstbuf[2048];
  char *reconst;
  AnodeURI uri;
  for(i=0;i<22;++i) {
    printf("\"%s\":\n",testuris[i]);
    r = AnodeURI_parse(&uri,testuris[i]);
    if (r) {
      printf("  error: %d\n",r);
    } else {
      printf("  scheme: %s\n",uri.scheme);
      printf("  username: %s\n",uri.username);
      printf("  password: %s\n",uri.password);
      printf("  host: %s\n",uri.host);
      printf("  port: %d\n",uri.port);
      printf("  path: %s\n",uri.path);
      printf("  query: %s\n",uri.query);
      printf("  fragment: %s\n",uri.fragment);
    }
    reconst = AnodeURI_to_string(&uri,reconstbuf,sizeof(reconstbuf));
    printf("Reconstituted URI: %s\n",reconst ? reconst : "(null)");
    printf("\n");
  }
  return 0;
 }
--- a/attic/historic/anode/libanode/tests/anode-zone-test.c
+++ b/attic/historic/anode/libanode/tests/anode-zone-test.c
@ -0,0 +1,47 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
 #include "../anode.h"
 #include "../dictionary.h"
 static int got_it = 0;
 static void zone_lookup_handler(void *ptr,long zone_id,AnodeZone *zone)
 {
  if (zone)
    printf("got %.8lx: %d entries\n",(unsigned long)zone_id & 0xffffffff,((struct AnodeDictionary *)zone)->size);
  else printf("failed.\n");
  got_it = 1;
 }
 int main(int argc,char **argv)
 {
  AnodeTransportEngine transport;
  Anode_init_ip_transport_engine(&transport);
  AnodeZone_lookup(&transport,0,0,&zone_lookup_handler);
  while (!got_it)
    transport.poll(&transport);
  transport.destroy(&transport);
  return 0;
 }
--- a/attic/historic/anode/libanode/tests/dictionary-test.c
+++ b/attic/historic/anode/libanode/tests/dictionary-test.c
@ -0,0 +1,149 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
 #include <time.h>
 #include <sys/time.h>
 #include "../dictionary.h"
 static const char *HASH_TESTS[16] = {
  "test",
  "testt",
  "",
  "foo",
  "fooo",
  "1",
  "2",
  "3",
  "4",
  "11",
  "22",
  "33",
  "44",
  "adklfjklejrer",
  "erngnetbekjrq",
  "erklerqqqqre"
 };
 int diterate(void *arg,const char *key,const char *value)
 {
  printf("  %s: %s\n",key ? key : "(null)",value ? value : "(null)");
  return 1;
 }
 int main(int argc,char **argv)
 {
  char tmp[1024];
  char fuzzparam1[16],fuzzparam2[16],fuzzparam3[16];
  struct AnodeDictionary d;
  unsigned int i,j,k,cs;
  srandom(time(0));
  printf("Trying out hash function a little...\n");
  for(i=0;i<16;++i)
    printf("  %s: %u\n",HASH_TESTS[i],(unsigned int)AnodeDictionary__get_bucket(HASH_TESTS[i]));
  for(cs=0;cs<2;++cs) {
    printf("\nTesting with case sensitivity = %d\n",cs);
    AnodeDictionary_init(&d,cs);
    printf("\nTesting dictionary by adding and retrieving some keys...\n");
    AnodeDictionary_put(&d,"test1","This is the first test");
    AnodeDictionary_put(&d,"test2","This is the second test");
    AnodeDictionary_put(&d,"test3","This is the third test (lower case)");
    AnodeDictionary_put(&d,"TEST3","This is the third test (UPPER CASE)");
    AnodeDictionary_iterate(&d,(void *)0,&diterate);
    if (d.size != (cs ? 4 : 3)) {
      printf("Failed (size).\n");
      return 1;
    }
    AnodeDictionary_clear(&d);
    if (d.size||(AnodeDictionary_get(&d,"test1"))) {
      printf("Failed (clear).\n");
      return 1;
    }
    printf("\nTesting read, trial 1: simple key=value with unterminated line\n");
    strcpy(tmp,"foo=bar\nbar=baz\ntest1=Happy happy joyjoy!\ntest2=foobarbaz\nlinewithnocr=thisworked");  
    AnodeDictionary_read(&d,tmp,"\r\n","=","",'\\',0,0);
    printf("Results:\n");
    AnodeDictionary_iterate(&d,(void *)0,&diterate);
    AnodeDictionary_clear(&d);
    printf("\nTesting read, trial 2: key=value with escape chars, escaped CRs\n");
    strcpy(tmp,"foo=bar\r\nbar==baz\nte\\=st1=\\=Happy happy joyjoy!\ntest2=foobarbaz\\\nfoobarbaz on next line\r\n");  
    AnodeDictionary_read(&d,tmp,"\r\n","=","",'\\',0,0);
    printf("Results:\n");
    AnodeDictionary_iterate(&d,(void *)0,&diterate);
    AnodeDictionary_clear(&d);
    printf("\nTesting read, trial 3: HTTP header-like dictionary\n");
    strcpy(tmp,"Host: some.host.net\r\nX-Some-Header: foo bar\r\nX-Some-Other-Header: y0y0y0y0y0\r\n");  
    AnodeDictionary_read(&d,tmp,"\r\n",": ","",0,0,0);
    printf("Results:\n");
    AnodeDictionary_iterate(&d,(void *)0,&diterate);
    AnodeDictionary_clear(&d);
    printf("\nTesting read, trial 4: single line key/value\n");
    strcpy(tmp,"Header: one line only");
    AnodeDictionary_read(&d,tmp,"\r\n",": ","",0,0,0);
    printf("Results:\n");
    AnodeDictionary_iterate(&d,(void *)0,&diterate);
    AnodeDictionary_clear(&d);
    printf("\nFuzzing dictionary reader...\n"); fflush(stdout);
    for(i=0;i<200000;++i) {
      j = random() % (sizeof(tmp) - 1);
      for(k=0;k<j;++k) {
        tmp[k] = (char)((unsigned int)random() >> 3);
        if (!tmp[k]) tmp[k] = 1;
      }
      tmp[j] = (char)0;
      j = random() % (sizeof(fuzzparam1) - 1);
      for(k=0;k<j;++k) {
        fuzzparam1[k] = (char)((unsigned int)random() >> 3);
        if (!fuzzparam1[k]) fuzzparam1[k] = 1;
      }
      fuzzparam1[j] = (char)0;
      j = random() % (sizeof(fuzzparam2) - 1);
      for(k=0;k<j;++k) {
        fuzzparam1[k] = (char)((unsigned int)random() >> 3);
        if (!fuzzparam2[k]) fuzzparam2[k] = 1;
      }
      fuzzparam2[j] = (char)0;
      j = random() % (sizeof(fuzzparam3) - 1);
      for(k=0;k<j;++k) {
        fuzzparam3[k] = (char)((unsigned int)random() >> 3);
        if (!fuzzparam3[k]) fuzzparam3[k] = 1;
      }
      fuzzparam3[j] = (char)0;
      AnodeDictionary_read(&d,tmp,fuzzparam1,fuzzparam2,fuzzparam3,random() & 3,random() & 1,random() & 1);
      AnodeDictionary_clear(&d);
    }
    AnodeDictionary_destroy(&d);
  }
  return 0;
 }
--- a/attic/historic/anode/libanode/tests/ec-test.c
+++ b/attic/historic/anode/libanode/tests/ec-test.c
@ -0,0 +1,97 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
 #include "../impl/ec.h"
 #include "../impl/misc.h"
 #define TEST_KEY_LEN 128
 #define AnodeEC_key_to_hex(k,b,l) Anode_to_hex((k)->key,(k)->bytes,(b),l)
 int main(int argc,char **argv)
 {
  struct AnodeECKeyPair pair1;
  struct AnodeECKeyPair pair2;
  struct AnodeECKeyPair pair3;
  unsigned char key[TEST_KEY_LEN];
  char str[16384];
  printf("Creating key pair #1...\n");
  if (!AnodeECKeyPair_generate(&pair1)) {
    printf("Could not create key pair.\n");
    return 1;
  }
  AnodeEC_key_to_hex(&pair1.pub,str,sizeof(str));
  printf("Public:  %s\n",str);
  AnodeEC_key_to_hex(&pair1.priv,str,sizeof(str));
  printf("Private: %s\n\n",str);
  printf("Creating key pair #2...\n");
  if (!AnodeECKeyPair_generate(&pair2)) {
    printf("Could not create key pair.\n");
    return 1;
  }
  AnodeEC_key_to_hex(&pair2.pub,str,sizeof(str));
  printf("Public:  %s\n",str);
  AnodeEC_key_to_hex(&pair2.priv,str,sizeof(str));
  printf("Private: %s\n\n",str);
  printf("Key agreement between public #2 and private #1...\n");
  if (!AnodeECKeyPair_agree(&pair1,&pair2.pub,key,TEST_KEY_LEN)) {
    printf("Agreement failed.\n");
    return 1;
  }
  Anode_to_hex(key,TEST_KEY_LEN,str,sizeof(str));
  printf("Agreed secret: %s\n\n",str);
  printf("Key agreement between public #1 and private #2...\n");
  if (!AnodeECKeyPair_agree(&pair2,&pair1.pub,key,TEST_KEY_LEN)) {
    printf("Agreement failed.\n");
    return 1;
  }
  Anode_to_hex(key,TEST_KEY_LEN,str,sizeof(str));
  printf("Agreed secret: %s\n\n",str);
  printf("Testing key pair init function (init #3 from #2's parts)...\n");
  if (!AnodeECKeyPair_init(&pair3,&(pair2.pub),&(pair2.priv))) {
    printf("Init failed.\n");
    return 1;
  }
  printf("Key agreement between public #1 and private #3...\n");
  if (!AnodeECKeyPair_agree(&pair3,&pair1.pub,key,TEST_KEY_LEN)) {
    printf("Agreement failed.\n");
    return 1;
  }
  Anode_to_hex(key,TEST_KEY_LEN,str,sizeof(str));
  printf("Agreed secret: %s\n\n",str);
  printf("Key agreement between public #1 and private #1...\n");
  if (!AnodeECKeyPair_agree(&pair1,&pair1.pub,key,TEST_KEY_LEN)) {
    printf("Agreement failed.\n");
    return 1;
  }
  Anode_to_hex(key,TEST_KEY_LEN,str,sizeof(str));
  printf("Agreed secret (should not match): %s\n\n",str);
  AnodeECKeyPair_destroy(&pair1);
  AnodeECKeyPair_destroy(&pair2);
  AnodeECKeyPair_destroy(&pair3);
  return 0;
 }
--- a/attic/historic/anode/libanode/tests/environment-test.c
+++ b/attic/historic/anode/libanode/tests/environment-test.c
@ -0,0 +1,28 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdio.h>
 #include <stdlib.h>
 #include "../environment.h"
 int main(int argc,char **argv)
 {
  const char *cache = Anode_get_cache();
  printf("Cache folder: %s\n",cache ? cache : "(null)");
  return 0;
 }
--- a/attic/historic/anode/libanode/tests/http_client-test.c
+++ b/attic/historic/anode/libanode/tests/http_client-test.c
@ -0,0 +1,233 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
 #include <openssl/sha.h>
 #include "../anode.h"
 #include "../misc.h"
 #include "../http_client.h"
 #include "../dictionary.h"
 struct TestCase
 {
  int method;
  AnodeURI uri;
  const void *client_data;
  unsigned int client_data_len;
  const char *expected_sha1;
  char actual_sha1[64];
  int got_it;
  int keepalive;
  struct TestCase *next;
 };
 #define NUM_TEST_CASES 7
 static struct TestCase test_cases[NUM_TEST_CASES];
 static void init_test_cases(int keepalive)
 {
  AnodeURI_parse(&(test_cases[0].uri),"http://zerotier.com/for_unit_tests/test1.txt");
  test_cases[0].method = ANODE_HTTP_GET;
  test_cases[0].client_data_len = 0;
  test_cases[0].expected_sha1 = "0828324174b10cc867b7255a84a8155cf89e1b8b";
  test_cases[0].actual_sha1[0] = (char)0;
  test_cases[0].got_it = 0;
  test_cases[0].keepalive = keepalive;
  test_cases[0].next = &(test_cases[1]);
  AnodeURI_parse(&(test_cases[1].uri),"http://zerotier.com/for_unit_tests/test2.bin");
  test_cases[1].method = ANODE_HTTP_GET;
  test_cases[1].client_data_len = 0;
  test_cases[1].expected_sha1 = "6b67c635786ab52666211d02412c0d0f0372980d";
  test_cases[1].actual_sha1[0] = (char)0;
  test_cases[1].got_it = 0;
  test_cases[1].keepalive = keepalive;
  test_cases[1].next = &(test_cases[2]);
  AnodeURI_parse(&(test_cases[2].uri),"http://zerotier.com/for_unit_tests/test3.bin");
  test_cases[2].method = ANODE_HTTP_GET;
  test_cases[2].client_data_len = 0;
  test_cases[2].expected_sha1 = "efa7722029fdbb6abd0e3ed32a0b44bfb982cff0";
  test_cases[2].actual_sha1[0] = (char)0;
  test_cases[2].got_it = 0;
  test_cases[2].keepalive = keepalive;
  test_cases[2].next = &(test_cases[3]);
  AnodeURI_parse(&(test_cases[3].uri),"http://zerotier.com/for_unit_tests/test4.bin");
  test_cases[3].method = ANODE_HTTP_GET;
  test_cases[3].client_data_len = 0;
  test_cases[3].expected_sha1 = "da39a3ee5e6b4b0d3255bfef95601890afd80709";
  test_cases[3].actual_sha1[0] = (char)0;
  test_cases[3].got_it = 0;
  test_cases[3].keepalive = keepalive;
  test_cases[3].next = &(test_cases[4]);
  AnodeURI_parse(&(test_cases[4].uri),"http://zerotier.com/for_unit_tests/echo.php?echo=foobar");
  test_cases[4].method = ANODE_HTTP_GET;
  test_cases[4].client_data_len = 0;
  test_cases[4].expected_sha1 = "8843d7f92416211de9ebb963ff4ce28125932878";
  test_cases[4].actual_sha1[0] = (char)0;
  test_cases[4].got_it = 0;
  test_cases[4].keepalive = keepalive;
  test_cases[4].next = &(test_cases[5]);
  AnodeURI_parse(&(test_cases[5].uri),"http://zerotier.com/for_unit_tests/echo.php");
  test_cases[5].method = ANODE_HTTP_POST;
  test_cases[5].client_data = "echo=foobar";
  test_cases[5].client_data_len = strlen((char *)test_cases[5].client_data);
  test_cases[5].expected_sha1 = "8843d7f92416211de9ebb963ff4ce28125932878";
  test_cases[5].actual_sha1[0] = (char)0;
  test_cases[5].got_it = 0;
  test_cases[5].keepalive = keepalive;
  test_cases[5].next = &(test_cases[6]);
  AnodeURI_parse(&(test_cases[6].uri),"http://zerotier.com/for_unit_tests/test3.bin");
  test_cases[6].method = ANODE_HTTP_HEAD;
  test_cases[6].client_data_len = 0;
  test_cases[6].expected_sha1 = "da39a3ee5e6b4b0d3255bfef95601890afd80709";
  test_cases[6].actual_sha1[0] = (char)0;
  test_cases[6].got_it = 0;
  test_cases[6].keepalive = keepalive;
  test_cases[6].next = 0;
 }
 static int http_handler_dump_headers(void *arg,const char *key,const char *value)
 {
  printf(" H %s: %s\n",key,value);
  return 1;
 }
 static void http_handler(struct AnodeHttpClient *client)
 {
  const char *method = "???";
  char buf[1024];
  unsigned char sha[20];
  struct TestCase *test = (struct TestCase *)client->ptr[0];
  switch(client->method) {
    case ANODE_HTTP_GET:
      method = "GET";
      break;
    case ANODE_HTTP_HEAD:
      method = "HEAD";
      break;
    case ANODE_HTTP_POST:
      method = "POST";
      break;
  }
  if (client->response.code == 200) {
    SHA1((unsigned char *)client->response.data,client->response.data_length,sha);
    Anode_to_hex(sha,20,test->actual_sha1,sizeof(test->actual_sha1));
    printf("%s %s\n * SHA1: %s exp: %s\n",method,AnodeURI_to_string(&(test->uri),buf,sizeof(buf)),test->actual_sha1,test->expected_sha1);
    if (strcmp(test->actual_sha1,test->expected_sha1))
      printf(" ! SHA1 MISMATCH!\n");
    AnodeDictionary_iterate(&(client->response.headers),0,&http_handler_dump_headers);
  } else printf("%s %s: ERROR: %d\n",method,AnodeURI_to_string(&(test->uri),buf,sizeof(buf)),client->response.code);
  test->got_it = 1;
  if (!test->keepalive)
    AnodeHttpClient_free(client);
  else {
    test = test->next;
    if (test) {
      memcpy((void *)&(client->uri),(const void *)&(test->uri),sizeof(AnodeURI));
      client->data = test->client_data;
      client->data_length = test->client_data_len;
      client->ptr[0] = test;
      client->keepalive = test->keepalive;
      client->method = test->method;
      client->handler = &http_handler;
      AnodeHttpClient_send(client);
    } else {
      AnodeHttpClient_free(client);
    }
  }
 }
 int main(int argc,char **argv)
 {
  struct AnodeHttpClient *client;
  AnodeTransportEngine transport_engine;
  int i;
  if (Anode_init_ip_transport_engine(&transport_engine)) {
    printf("Failed (transport engine init)\n");
    return 1;
  }
  printf("Testing without keepalive...\n\n");
  init_test_cases(0);
  for(i=0;i<NUM_TEST_CASES;++i) {
    client = AnodeHttpClient_new(&transport_engine);
    memcpy((void *)&(client->uri),(const void *)&(test_cases[i].uri),sizeof(AnodeURI));
    client->data = test_cases[i].client_data;
    client->data_length = test_cases[i].client_data_len;
    client->ptr[0] = &test_cases[i];
    client->keepalive = test_cases[i].keepalive;
    client->method = test_cases[i].method;
    client->handler = &http_handler;
    AnodeHttpClient_send(client);
  }
  for(;;) {
    for(i=0;i<NUM_TEST_CASES;++i) {
      if (!test_cases[i].got_it)
        break;
    }
    if (i == NUM_TEST_CASES)
      break;
    transport_engine.poll(&transport_engine);
  }
  printf("\n\n");
  printf("Testing with keepalive...\n\n");
  init_test_cases(1);
  client = AnodeHttpClient_new(&transport_engine);
  i = 0;
  memcpy((void *)&(client->uri),(const void *)&(test_cases[i].uri),sizeof(AnodeURI));
  client->data = test_cases[i].client_data;
  client->data_length = test_cases[i].client_data_len;
  client->ptr[0] = &test_cases[i];
  client->keepalive = test_cases[i].keepalive;
  client->method = test_cases[i].method;
  client->handler = &http_handler;
  AnodeHttpClient_send(client);
  for(;;) {
    for(i=0;i<NUM_TEST_CASES;++i) {
      if (!test_cases[i].got_it)
        break;
    }
    if (i == NUM_TEST_CASES)
      break;
    transport_engine.poll(&transport_engine);
  }
  transport_engine.destroy(&transport_engine);
  return 0;
 }
--- a/attic/historic/anode/libanode/tests/misc-test.c
+++ b/attic/historic/anode/libanode/tests/misc-test.c
@ -0,0 +1,137 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
 #include <time.h>
 #include <sys/time.h>
 #include "../misc.h"
 int main(int argc,char **argv)
 {
  const char *base32TestStr = "asdf";
  char *fields[16];
  char buf[1024];
  char buf2[1024];
  char buf3[4096];
  unsigned int i;
  unsigned long tmpl,tmpl2;
  unsigned long long tmp64;
  srand(time(0));
  Anode_base32_5_to_8((const unsigned char *)base32TestStr,buf);
  printf("Base32 from test string: %s\n",buf);
  Anode_base32_8_to_5("MFZWIZQA",(unsigned char *)buf2);
  printf("Test string from Base32 (upper case): %s\n",buf2);
  Anode_base32_8_to_5("mfzwizqa",(unsigned char *)buf2);
  printf("Test string from Base32 (lower case): %s\n",buf2);
  printf("Testing variable length encoding/decoded with pad5 functions...\n");
  for(i=0;i<1024;++i) {
    tmpl = rand() % (sizeof(buf) - 8);
    if (!tmpl)
      tmpl = 1;
    for(tmpl2=0;tmpl2<tmpl;++tmpl2)
      buf[tmpl2] = (buf2[tmpl2] = (char)(rand() >> 3));
    if (!Anode_base32_encode_pad5(buf2,tmpl,buf3,sizeof(buf3))) {
      printf("Failed (encode failed).\n");
      return 1;
    }
    memset(buf2,0,sizeof(buf2));
    if (!Anode_base32_decode_pad5(buf3,buf2,sizeof(buf2))) {
      printf("Failed (decode failed).\n");
      return 1;
    }
    if (memcmp(buf,buf2,tmpl)) {
      printf("Failed (compare failed).\n");
      return 1;
    }
  }
  printf("Anode_htonll(0x0102030405060708) == 0x%.16llx\n",tmp64 = Anode_htonll(0x0102030405060708ULL));
  printf("Anode_ntohll(0x%.16llx) == 0x%.16llx\n",tmp64,Anode_ntohll(tmp64));
  if (Anode_ntohll(tmp64) != 0x0102030405060708ULL) {
    printf("Failed.\n");
    return 1;
  }
  strcpy(buf,"foo bar baz");
  Anode_trim(buf);
  printf("Testing string trim: 'foo bar baz' -> '%s'\n",buf);
  strcpy(buf,"foo bar baz  ");
  Anode_trim(buf);
  printf("Testing string trim: 'foo bar baz  ' -> '%s'\n",buf);
  strcpy(buf,"  foo bar baz");
  Anode_trim(buf);
  printf("Testing string trim: '  foo bar baz' -> '%s'\n",buf);
  strcpy(buf,"  foo bar baz  ");
  Anode_trim(buf);
  printf("Testing string trim: '  foo bar baz  ' -> '%s'\n",buf);
  strcpy(buf,"");
  Anode_trim(buf);
  printf("Testing string trim: '' -> '%s'\n",buf);
  strcpy(buf,"  ");
  Anode_trim(buf);
  printf("Testing string trim: '  ' -> '%s'\n",buf);
  printf("Testing string split.\n");
  strcpy(buf,"66.246.138.121,5323,0");
  i = Anode_split(buf,';',fields,16);
  if (i != 1) {
    printf("Failed.\n");
    return 1;
  } else printf("Fields: %s\n",fields[0]);
  strcpy(buf,"a;b;c");
  i = Anode_split(buf,';',fields,16);
  if (i != 3) {
    printf("Failed.\n");
    return 1;
  } else printf("Fields: %s %s %s\n",fields[0],fields[1],fields[2]);
  strcpy(buf,";;");
  i = Anode_split(buf,';',fields,16);
  if (i != 3) {
    printf("Failed.\n");
    return 1;
  } else printf("Fields: %s %s %s\n",fields[0],fields[1],fields[2]);
  strcpy(buf,"a;b;");
  i = Anode_split(buf,';',fields,16);
  if (i != 3) {
    printf("Failed.\n");
    return 1;
  } else printf("Fields: %s %s %s\n",fields[0],fields[1],fields[2]);
  strcpy(buf,"a;;c");
  i = Anode_split(buf,';',fields,16);
  if (i != 3) {
    printf("Failed.\n");
    return 1;
  } else printf("Fields: %s %s %s\n",fields[0],fields[1],fields[2]);
  strcpy(buf,";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;");
  i = Anode_split(buf,';',fields,16);
  if (i != 16) {
    printf("Failed.\n");
    return 1;
  }
  strcpy(buf,"");
  i = Anode_split(buf,';',fields,16);
  if (i != 0) {
    printf("Failed.\n");
    return 1;
  }
  printf("Passed.\n");
  return 0;
 }
--- a/attic/historic/anode/libanode/tests/system_transport-test.c
+++ b/attic/historic/anode/libanode/tests/system_transport-test.c
@ -0,0 +1,70 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
 #include <sys/socket.h>
 #include "../anode.h"
 #include "../impl/thread.h"
 static int do_client()
 {
  AnodeTransport *st;
  AnodeSocket *udp_sock;
  int run = 1;
  st = AnodeSystemTransport_new(NULL);
  if (!st) {
    printf("FAILED: unable to construct AnodeSystemTransport.\n");
    return -1;
  }
  printf("Created AnodeSystemTransport.\n");
  while (run)
    st->poll(st);
 }
 static int do_server()
 {
  AnodeTransport *st;
  AnodeSocket *udp_sock;
  AnodeSocket *tcp_sock;
  int run = 1;
  st = AnodeSystemTransport_new(NULL);
  if (!st) {
    printf("FAILED: unable to construct AnodeSystemTransport.\n");
    return -1;
  }
  printf("Created AnodeSystemTransport.\n");
  while (run)
    st->poll(st);
 }
 int main(int argc,char **argv)
 {
  if (argc == 2) {
    if (!strcmp(argv[1],"client"))
      return do_client();
    else if (!strcmp(argv[1],"server"))
      return do_server();
  }
  printf("Usage: system_transport-test <client / server>\n");
  return -1;
 }
--- a/attic/historic/anode/libanode/uri.c
+++ b/attic/historic/anode/libanode/uri.c
@ -0,0 +1,185 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdio.h>
 #include <stdlib.h>
 #include "impl/misc.h"
 #include "anode.h"
 int AnodeURI_parse(AnodeURI *parsed_uri,const char *uri_string)
 {
  char buf[sizeof(AnodeURI)];
  unsigned long ptr = 0;
  char c;
  char *p1,*p2;
  Anode_zero((void *)parsed_uri,sizeof(AnodeURI));
  /* Get the scheme */
  for(;;) {
    c = *(uri_string++);
    if (!c) {
      parsed_uri->scheme[ptr] = (char)0;
      return ANODE_ERR_INVALID_URI;
    } else if (c == ':') {
      parsed_uri->scheme[ptr] = (char)0;
      break;
    } else {
      parsed_uri->scheme[ptr++] = c;
      if (ptr == sizeof(parsed_uri->scheme))
        return ANODE_ERR_BUFFER_TOO_SMALL;
    }
  }
  if (*uri_string == '/') {
    /* If it starts with /, it's a URL */
    /* Skip double slash */
    if (!(*(++uri_string)))
      return 0; /* Scheme with no path */
    if (*uri_string == '/') {
      if (!(*(++uri_string)))
        return 0; /* Scheme with no path */
    }
    /* Get the host section and put it in buf[] */
    ptr = 0;
    while ((*uri_string)&&(*uri_string != '/')) {
      buf[ptr++] = *(uri_string++);
      if (ptr == sizeof(buf))
        return ANODE_ERR_BUFFER_TOO_SMALL;
    }
    buf[ptr] = (char)0;
    /* Parse host section for host, username, password, and port */
    if (buf[0]) {
      p1 = (char *)Anode_strchr(buf,'@');
      if (p1) {
        *(p1++) = (char)0;
        if (*p1) {
          p2 = (char *)Anode_strchr(buf,':');
          if (p2) {
            *(p2++) = (char)0;
            Anode_str_copy(parsed_uri->password,p2,sizeof(parsed_uri->password));
          }
          Anode_str_copy(parsed_uri->username,buf,sizeof(parsed_uri->username));
        } else return ANODE_ERR_INVALID_URI;
      } else p1 = buf;
      p2 = (char *)Anode_strchr(p1,':');
      if (p2) {
        *(p2++) = (char)0;
        if (*p2)
          parsed_uri->port = (int)strtoul(p2,(char **)0,10);
      }
      Anode_str_copy(parsed_uri->host,p1,sizeof(parsed_uri->host));
    }
    /* Get the path, query, and fragment section and put it in buf[] */
    ptr = 0;
    while ((buf[ptr++] = *(uri_string++))) {
      if (ptr == sizeof(buf))
        return ANODE_ERR_BUFFER_TOO_SMALL;
    }
    /* Parse path section for path, query, and fragment */
    if (buf[0]) {
      p1 = (char *)Anode_strchr(buf,'?');
      if (p1) {
        *(p1++) = (char)0;
        p2 = (char *)Anode_strchr(p1,'#');
        if (p2) {
          *(p2++) = (char)0;
          Anode_str_copy(parsed_uri->fragment,p2,sizeof(parsed_uri->fragment));
        }
        Anode_str_copy(parsed_uri->query,p1,sizeof(parsed_uri->query));
      } else {
        p2 = (char *)Anode_strchr(buf,'#');
        if (p2) {
          *(p2++) = (char)0;
          Anode_str_copy(parsed_uri->fragment,p2,sizeof(parsed_uri->fragment));
        }
      }
      Anode_str_copy(parsed_uri->path,buf,sizeof(parsed_uri->path));
    }
  } else {
    /* Otherwise, it's a URN and what remains is all path */
    ptr = 0;
    while ((parsed_uri->path[ptr++] = *(uri_string++))) {
      if (ptr == sizeof(parsed_uri->path))
        return ANODE_ERR_BUFFER_TOO_SMALL;
    }
  }
  return 0;
 }
 char *AnodeURI_to_string(const AnodeURI *uri,char *buf,int len)
 {
  int i = 0;
  char portbuf[16];
  const char *p;
  p = uri->scheme;
  while (*p) { buf[i++] = *(p++); if (i >= len) return (char *)0; }
  buf[i++] = ':'; if (i >= len) return (char *)0;
  if (uri->host[0]) {
    buf[i++] = '/'; if (i >= len) return (char *)0;
    buf[i++] = '/'; if (i >= len) return (char *)0;
    if (uri->username[0]) {
      p = uri->username;
      while (*p) { buf[i++] = *(p++); if (i >= len) return (char *)0; }
      if (uri->password[0]) {
        buf[i++] = ':'; if (i >= len) return (char *)0;
        p = uri->password;
        while (*p) { buf[i++] = *(p++); if (i >= len) return (char *)0; }
      }
      buf[i++] = '@'; if (i >= len) return (char *)0;
    }
    p = uri->host;
    while (*p) { buf[i++] = *(p++); if (i >= len) return (char *)0; }
    if ((uri->port > 0)&&(uri->port <= 0xffff)) {
      buf[i++] = ':'; if (i >= len) return (char *)0;
      snprintf(portbuf,sizeof(portbuf),"%d",uri->port);
      p = portbuf;
      while (*p) { buf[i++] = *(p++); if (i >= len) return (char *)0; }
    }
  }
  p = uri->path;
  while (*p) { buf[i++] = *(p++); if (i >= len) return (char *)0; }
  if (uri->query[0]) {
    buf[i++] = '?'; if (i >= len) return (char *)0;
    p = uri->query;
    while (*p) { buf[i++] = *(p++); if (i >= len) return (char *)0; }
  }
  if (uri->fragment[0]) {
    buf[i++] = '#'; if (i >= len) return (char *)0;
    p = uri->fragment;
    while (*p) { buf[i++] = *(p++); if (i >= len) return (char *)0; }
  }
  buf[i] = (char)0;
  return buf;
 }
--- a/attic/historic/anode/libanode/utils/anode-make-identity.c
+++ b/attic/historic/anode/libanode/utils/anode-make-identity.c
@ -0,0 +1,50 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <arpa/inet.h>
 #include "../anode.h"
 #include "../impl/misc.h"
 #include "../impl/types.h"
 int main(int argc,char **argv)
 {
  char str[1024];
  AnodeZone zone;
  AnodeIdentity identity;
  if (argc < 2) {
    printf("Usage: anode-make-identity <32-bit zone ID hex>\n");
    return 0;
  }
  *((uint32_t *)zone.bits) = htonl((uint32_t)strtoul(argv[1],(char **)0,16));
  if (AnodeIdentity_generate(&identity,&zone,ANODE_ADDRESS_ANODE_256_40)) {
    fprintf(stderr,"Error: identity key pair generation failed (check build settings).\n");
    return 1;
  }
  if (AnodeIdentity_to_string(&identity,str,sizeof(str)) <= 0) {
    fprintf(stderr,"Error: internal error converting identity to string.\n");
    return -1;
  }
  printf("%s\n",str);
  return 0;
 }
--- a/attic/historic/anode/libanode/zone.c
+++ b/attic/historic/anode/libanode/zone.c
@ -0,0 +1,184 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009-2010 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #include <stdio.h>
 #include <stdlib.h>
 #include <time.h>
 #include <sys/time.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 #include "impl/types.h"
 #include "impl/misc.h"
 #include "impl/dictionary.h"
 #include "impl/environment.h"
 #include "impl/http_client.h"
 #include "anode.h"
 static const char *_MONTHS[12] = { "Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec" };
 static const char *_DAYS_OF_WEEK[7] = { "Sun","Mon","Tue","Wed","Thu","Fri","Sat" };
 static inline unsigned long get_file_time_for_http(const char *path,char *buf,unsigned int len)
 {
  struct stat st;
  struct tm *gmt;
  if (!stat(path,(struct stat *)&st)) {
    gmt = gmtime(&st.st_mtime);
    if (gmt) {
      snprintf(buf,len,"%s, %d %s %d %d:%d:%d GMT",
        _DAYS_OF_WEEK[gmt->tm_wday],
        gmt->tm_mday,
        _MONTHS[gmt->tm_mon],
        (1900 + gmt->tm_year),
        gmt->tm_hour,
        gmt->tm_min,
        gmt->tm_sec);
      buf[len - 1] = (char)0;
      return (unsigned long)st.st_size;
    }
  }
  return 0;
 }
 struct AnodeZoneLookupJob
 {
  char cached_zone_file[2048];
  struct AnodeDictionary *zone_dict;
  AnodeZone zone;
  void *ptr;
  void (*zone_lookup_handler)(void *,const AnodeZone *,AnodeZoneFile *);
  int had_cached_zone;
 };
 static void AnodeZone_lookup_http_handler(struct AnodeHttpClient *client)
 {
  char *data_tmp;
  struct AnodeZoneLookupJob *job = (struct AnodeZoneLookupJob *)client->ptr[0];
  FILE *zf;
  if ((client->response.code == 200)&&(client->response.data_length > 0)) {
    zf = fopen(job->cached_zone_file,"w");
    if (zf) {
      fwrite(client->response.data,1,client->response.data_length,zf);
      fclose(zf);
    }
    data_tmp = (char *)malloc(client->response.data_length + 1);
    Anode_memcpy((void *)data_tmp,client->response.data,client->response.data_length);
    data_tmp[client->response.data_length] = (char)0;
    AnodeDictionary_clear(job->zone_dict);
    AnodeDictionary_read(
      job->zone_dict,
      data_tmp,
      "\r\n",
      "=",
      ";",
      '\\',
      1,1);
    free((void *)data_tmp);
    job->zone_lookup_handler(job->ptr,&job->zone,(AnodeZoneFile *)job->zone_dict);
  } else if (job->had_cached_zone)
    job->zone_lookup_handler(job->ptr,&job->zone,(AnodeZoneFile *)job->zone_dict);
  else {
    AnodeDictionary_destroy(job->zone_dict);
    free((void *)job->zone_dict);
    job->zone_lookup_handler(job->ptr,&job->zone,(AnodeZoneFile *)0);
  }
  free((void *)job);
  AnodeHttpClient_free(client);
 }
 void AnodeZone_lookup(
  AnodeTransportEngine *transport,
  const AnodeZone *zone,
  void *ptr,
  void (*zone_lookup_handler)(void *,const AnodeZone *,AnodeZone *))
 {
  char cached_zones_folder[2048];
  char cached_zone_file[2048];
  char if_modified_since[256];
  unsigned long file_size;
  struct AnodeZoneLookupJob *job;
  struct AnodeHttpClient *client;
  char *file_data;
  FILE *zf;
  if (Anode_get_cache_sub("zones",cached_zones_folder,sizeof(cached_zones_folder))) {
    snprintf(cached_zone_file,sizeof(cached_zone_file),"%s%c%.2x%.2x%.2x%.2x.z",cached_zones_folder,ANODE_PATH_SEPARATOR,(unsigned int)zone->bits[0],(unsigned int)zone->bits[1],(unsigned int)zone->bits[2],(unsigned int)zone->bits[3]);
    cached_zone_file[sizeof(cached_zone_file)-1] = (char)0;
    job = (struct AnodeZoneLookupJob *)malloc(sizeof(struct AnodeZoneLookupJob));
    Anode_str_copy(job->cached_zone_file,cached_zone_file,sizeof(job->cached_zone_file));
    job->zone_dict = (struct AnodeDictionary *)malloc(sizeof(struct AnodeDictionary));
    AnodeDictionary_init(job->zone_dict,0);
    job->zone.bits[0] = zone->bits[0];
    job->zone.bits[1] = zone->bits[1];
    job->zone.bits[2] = zone->bits[2];
    job->zone.bits[3] = zone->bits[3];
    job->ptr = ptr;
    job->zone_lookup_handler = zone_lookup_handler;
    job->had_cached_zone = 0;
    client = AnodeHttpClient_new(transport);
    Anode_str_copy(client->uri.scheme,"http",sizeof(client->uri.scheme));
    snprintf(client->uri.host,sizeof(client->uri.host),"a--%.2x%.2x%.2x%.2x.net",(unsigned int)zone->bits[0],(unsigned int)zone->bits[1],(unsigned int)zone->bits[2],(unsigned int)zone->bits[3]);
    client->uri.host[sizeof(client->uri.host)-1] = (char)0;
    Anode_str_copy(client->uri.path,"/z",sizeof(client->uri.path));
    client->handler = &AnodeZone_lookup_http_handler;
    client->ptr[0] = job;
    if ((file_size = get_file_time_for_http(cached_zone_file,if_modified_since,sizeof(if_modified_since)))) {
      zf = fopen(cached_zone_file,"r");
      if (zf) {
        AnodeDictionary_put(&client->headers,"If-Modified-Since",if_modified_since);
        file_data = (char *)malloc(file_size + 1);
        if (fread((void *)file_data,1,file_size,zf)) {
          file_data[file_size] = (char)0;
          AnodeDictionary_read(
            job->zone_dict,
            file_data,
            "\r\n",
            "=",
            ";",
            '\\',
            1,1);
          job->had_cached_zone = 1;
        }
        free((void *)file_data);
        fclose(zf);
      }
    }
    AnodeHttpClient_send(client);
  } else zone_lookup_handler(ptr,zone,(AnodeZone *)0);
 }
 const char *AnodeZoneFile_get(AnodeZoneFile *zone,const char *key)
 {
  return AnodeDictionary_get((struct AnodeDictionary *)zone,key);
 }
 void AnodeZoneFile_free(AnodeZoneFile *zone)
 {
  AnodeDictionary_destroy((struct AnodeDictionary *)zone);
  free((void *)zone);
 }
--- a/attic/historic/anode/libspark/Makefile
+++ b/attic/historic/anode/libspark/Makefile
@ -0,0 +1,16 @@
 SYSNAME:=${shell uname}
 SYSNAME!=uname
 include ../config.mk.${SYSNAME}
 LIBSPARK_OBJS=
 all: libspark
 libspark: $(LIBSPARK_OBJS)
 	ar rcs libspark.a $(LIBSPARK_OBJS)
 	ranlib libspark.a
 clean: force
 	rm -f *.a *.so *.dylib *.dll *.lib *.exe *.o
 force: ;
--- a/attic/historic/anode/libspark/experiments/FindGoodSegmentDelimiters.cpp
+++ b/attic/historic/anode/libspark/experiments/FindGoodSegmentDelimiters.cpp
@ -0,0 +1,161 @@
 // Searches for good delimiters to cut streams into relatively well sized
 // segments.
 #include <stdio.h>
 #include <stdlib.h>
 #include <time.h>
 #include <sys/time.h>
 #include <boost/cstdint.hpp>
 #include <boost/array.hpp>
 #include <boost/random/mersenne_twister.hpp>
 #include <boost/thread.hpp>
 #include <boost/bind.hpp>
 #include <boost/shared_ptr.hpp>
 #include <iostream>
 #include <vector>
 #include <map>
 // Desired size range
 #define MIN_DESIRED_SIZE 4096
 #define MAX_DESIRED_SIZE 131072
 #define DELIMITER_SET_SIZE 1
 typedef boost::array<boost::uint16_t,DELIMITER_SET_SIZE> DelimArray;
 struct BestEntry
 {
  DelimArray best;
  double bestScore;
  std::vector<unsigned char> data;
 };
 boost::mutex bestLock;
 boost::mutex outLock;
 std::map<std::string,BestEntry> best;
 static void runThread(const std::string &fileName)
 {
  char tmp[4096];
  boost::mt19937 prng;
  {
    boost::uint32_t seed;
    FILE *ur = fopen("/dev/urandom","r");
    fread((void *)&seed,1,sizeof(seed),ur);
    fclose(ur);
    prng.seed(seed);
  }
  BestEntry *myEntry;
  {
    boost::mutex::scoped_lock l(bestLock);
    myEntry = &(best[fileName]);
    myEntry->bestScore = 99999999.0;
  }
  {
    boost::mutex::scoped_lock l(outLock);
    std::cout << "*** Reading test data from: " << fileName << std::endl;
    FILE *f = fopen(fileName.c_str(),"r");
    if (f) {
      int n;
      while ((n = fread((void *)tmp,1,sizeof(tmp),f)) > 0) {
        for(int i=0;i<n;++i)
          myEntry->data.push_back((unsigned char)tmp[i]);
      }
      fclose(f);
    }
    if (myEntry->data.size() <= 0) {
      std::cout << "Error: no data read." << std::endl;
      exit(1);
    } else std::cout << "*** Read " << myEntry->data.size() << " bytes of test data." << std::endl;
    std::cout.flush();
  }
  DelimArray current;
  for(unsigned int i=0;i<DELIMITER_SET_SIZE;++i)
    current[i] = (boost::uint16_t)prng();
  for(;;) {
    unsigned long numTooShort = 0;
    unsigned long numTooLong = 0;
    unsigned long numGood = 0;
    boost::uint32_t shiftRegister = 0;
    unsigned long segSize = 0;
    for(std::vector<unsigned char>::iterator i=myEntry->data.begin();i!=myEntry->data.end();++i) {
      shiftRegister <<= 1;
      shiftRegister |= (((boost::uint32_t)*i) & 1);
      ++segSize;
      boost::uint16_t transformedShiftRegister = (boost::uint16_t)(shiftRegister);
      for(DelimArray::iterator d=current.begin();d!=current.end();++d) {
        if (transformedShiftRegister == *d) {
          if (segSize < MIN_DESIRED_SIZE)
            ++numTooShort;
          else if (segSize > MAX_DESIRED_SIZE)
            ++numTooLong;
          else ++numGood;
          segSize = 0;
          break;
        }
      }
    }
    if (segSize) {
      if (segSize < MIN_DESIRED_SIZE)
        ++numTooShort;
      else if (segSize > MAX_DESIRED_SIZE)
        ++numTooLong;
      else ++numGood;
    }
    if (numGood) {
      double score = ((double)(numTooShort + numTooLong)) / ((double)numGood);
      if (score < myEntry->bestScore) {
        myEntry->best = current;
        myEntry->bestScore = score;
        boost::mutex::scoped_lock l(outLock);
        std::cout << fileName << ": ";
        for(DelimArray::iterator d=current.begin();d!=current.end();++d) {
          sprintf(tmp,"0x%.4x",(unsigned int)*d);
          if (d != current.begin())
            std::cout << ',';
          std::cout << tmp;
        }
        std::cout << ": " << numTooShort << " / " << numGood << " / " << numTooLong << " (" << score << ")" << std::endl;
        std::cout.flush();
        if ((numTooShort == 0)&&(numTooLong == 0))
          break;
      }
    }
    for(DelimArray::iterator i=current.begin();i!=current.end();++i)
      *i = (boost::uint16_t)prng();
  }
 }
 int main(int argc,char **argv)
 {
  std::vector< boost::shared_ptr<boost::thread> > threads;
  for(int i=1;i<argc;++i) {
    boost::shared_ptr<boost::thread> t(new boost::thread(boost::bind(&runThread,std::string(argv[i]))));
    threads.push_back(t);
  }
  for(std::vector< boost::shared_ptr<boost::thread> >::iterator i=threads.begin();i!=threads.end();++i)
    (*i)->join();
  return 0;
 }
--- a/attic/historic/anode/libspark/experiments/Makefile
+++ b/attic/historic/anode/libspark/experiments/Makefile
@ -0,0 +1,5 @@
 all:
 	g++ -O6 -ftree-vectorize -o FindGoodSegmentDelimiters FindGoodSegmentDelimiters.cpp -lboost_thread -lpthread
 clean:
 	rm FindGoodSegmentDelimiters
--- a/attic/historic/anode/libspark/streamencoder.h
+++ b/attic/historic/anode/libspark/streamencoder.h
@ -0,0 +1,108 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #ifndef _SPARK_STREAMENCODER_H
 #define _SPARK_STREAMENCODER_H
 #ifdef __cplusplus
 extern "C" {
 #endif
 typedef struct
 {
  unsigned char *input_buf;
  unsigned long input_buf_capacity;
  unsigned long input_length;
  unsigned char *stream_out_buf;
  unsigned long stream_out_buf_capacity;
  unsigned long stream_out_length;
  void (*data_segment_add_func)(const void *data,unsigned long len,const void *global_hash,unsigned long global_hash_len);
 } SparkStreamEncoder;
 /**
 * Initialize a spark stream encoder
 *
 * @param enc Encoder structure to initialize
 * @param data_segment_add_func Function to call to store or cache data
 */
 void SparkStreamEncoder_init(
  SparkStreamEncoder *enc,
  void (*data_segment_add_func)(
    const void *data,
    unsigned long len,
    const void *global_hash,
    unsigned long global_hash_len));
 /**
 * Clean up a spark stream encoder structure
 *
 * @param enc Structure to clear
 */
 void SparkStreamEncoder_destroy(SparkStreamEncoder *enc);
 /**
 * Add data to encode
 *
 * @param enc Encoder structure
 * @param data Data to encode
 * @param len Length of data in bytes
 * @return Number of bytes of result stream now available
 */
 unsigned long SparkStreamEncoder_put(
  SparkStreamEncoder *enc,
  const void *data,
  unsigned long len);
 /**
 * Flush all data currently in input buffer
 *
 * @param enc Encoder structure to flush
 */
 void SparkStreamEncoder_flush(SparkStreamEncoder *enc);
 /**
 * @return Number of bytes of output stream available
 */
 static inline unsigned long SparkStreamEncoder_available(SparkStreamEncoder *enc)
 {
  return enc->stream_out_length;
 }
 /**
 * @return Pointer to result stream bytes (may return null if none available)
 */
 static inline const void *SparkStreamEncoder_get(SparkStreamEncoder *enc)
 {
  return (const void *)(enc->stream_out_buf);
 }
 /**
 * @return "Consume" result stream bytes after they're read or sent
 */
 static inline void SparkStreamEncoder_consume(SparkStreamEncoder *enc,unsigned long len)
 {
  unsigned long i;
  for(i=len;i<enc->stream_out_length;++i)
    enc->stream_out_buf[i - len] = enc->stream_out_buf[i];
 }
 #ifdef __cplusplus
 }
 #endif
 #endif
--- a/attic/historic/anode/libspark/wrapper.h
+++ b/attic/historic/anode/libspark/wrapper.h
@ -0,0 +1,66 @@
 /* libanode: the Anode C reference implementation
 * Copyright (C) 2009 Adam Ierymenko <adam.ierymenko@gmail.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */
 #ifndef _SPARK_WRAPPER_H
 #define _SPARK_WRAPPER_H
 #include <openssl/sha.h>
 #include "../libanode/aes128.h"
 #ifdef __cplusplus
 extern "C" {
 #endif
 /* Spark uses SHA-256 with hash length 32 */
 #define SPARK_HASH_LENGTH 32
 // Wrap a segment for forward propagation
 static inline void Spark_wrap(void *data,unsigned long len,void *plaintext_hash_buf,void *global_hash_buf)
 {
  unsigned char expkey[ANODE_AES128_EXP_KEY_SIZE];
  SHA256((const unsigned char *)data,len,(unsigned char *)plaintext_hash_buf);
  Anode_aes128_expand_key(expkey,(const unsigned char *)plaintext_hash_buf);
  Anode_aes128_cfb_encrypt(expkey,((const unsigned char *)plaintext_hash_buf) + 16,(unsigned char *)data,len);
  SHA256((const unsigned char *)data,len,(unsigned char *)global_hash_buf);
 }
 // Unwrap a segment and check its integrity
 static inline int Spark_unwrap(void *data,unsigned long len,const void *plaintext_hash)
 {
  unsigned char expkey[ANODE_AES128_EXP_KEY_SIZE];
  unsigned char check_hash[32];
  unsigned long i;
  Anode_aes128_expand_key(expkey,(const unsigned char *)plaintext_hash);
  Anode_aes128_cfb_decrypt(expkey,((const unsigned char *)plaintext_hash) + 16,(unsigned char *)data,len);
  SHA256((const unsigned char *)data,len,check_hash);
  for(i=0;i<32;++i) {
    if (check_hash[i] != ((const unsigned char *)plaintext_hash)[i])
      return 0;
  }
  return 1;
 }
 #ifdef __cplusplus
 }
 #endif
 #endif
--- a/attic/linux-build-farm/README.md
+++ b/attic/linux-build-farm/README.md
@ -1,8 +0,0 @@
 Dockerized Linux Build Farm
 ======
 This subfolder contains Dockerfiles and a script to build Linux packages for a variety of Linux distributions. It's also an excellent way to test your CPU fans and stress test your disk.
 Running `build.sh` with no arguments builds everything. You can run `build.sh` with the name of a distro (e.g. centos-7) to only build that. Both 32 and 64 bit packages are built except where no 32-bit version of the distribution exists.
 The `make-apt-repos.sh` and `make-rpm-repos.sh` scripts build repositories. They may require some editing for outside-of-ZeroTier use, and be careful with the apt one if you have an existing *aptly* configuration.
--- a/attic/linux-build-farm/amazon-2016.03/x64/Dockerfile
+++ b/attic/linux-build-farm/amazon-2016.03/x64/Dockerfile
@ -1,13 +0,0 @@
 #FROM ambakshi/amazon-linux:2016.03
 #MAINTAINER Adam Ierymenko <adam.ierymenko@zerotier.com>
 #RUN yum update -y
 #RUN yum install -y epel-release
 #RUN yum install -y make development-tools rpmdevtools clang gcc-c++ ruby ruby-devel
 #RUN gem install ronn
 FROM zerotier/zt1-build-amazon-2016.03-x64-base
 MAINTAINER Adam Ierymenko <adam.ierymenko@zerotier.com>
 ADD zt1-src.tar.gz /
--- a/attic/linux-build-farm/build.sh
+++ b/attic/linux-build-farm/build.sh
@ -1,69 +0,0 @@
 #!/bin/bash
 export PATH=/bin:/usr/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/local/sbin
 subdirs=$*
 if [ ! -n "$subdirs" ]; then
 	subdirs=`find . -type d -name '*-*' -printf '%f '`
 fi
 if [ ! -d ./ubuntu-trusty ]; then
 	echo 'Must run from linux-build-farm subfolder.'
 	exit 1
 fi
 rm -f zt1-src.tar.gz
 cd ..
 git archive --format=tar.gz --prefix=ZeroTierOne/ -o linux-build-farm/zt1-src.tar.gz HEAD
 cd linux-build-farm
 # Note that --privileged is used so we can bind mount VM shares when building in a VM.
 # It has no other impact or purpose, but probably doesn't matter here in any case.
 for distro in $subdirs; do
 	echo
 	echo "--- BUILDING FOR $distro ---"
 	echo
 	cd $distro
 	if [ -d x64 ]; then
 		cd x64
 		mv ../../zt1-src.tar.gz .
 		docker build -t zt1-build-${distro}-x64 .
 		mv zt1-src.tar.gz ../..
 		cd ..
 	fi
 	if [ -d x86 ]; then
 		cd x86
 		mv ../../zt1-src.tar.gz .
 		docker build -t zt1-build-${distro}-x86 .
 		mv zt1-src.tar.gz ../..
 		cd ..
 	fi
 	rm -f *.deb *.rpm
 #	exit 0
 	if [ ! -n "`echo $distro | grep -F debian`" -a ! -n "`echo $distro | grep -F ubuntu`" ]; then
 		if [ -d x64 ]; then
 			docker run --rm -v `pwd`:/artifacts --privileged -it zt1-build-${distro}-x64 /bin/bash -c 'cd /ZeroTierOne ; make redhat ; cd .. ; cp `find /root/rpmbuild -type f -name *.rpm` /artifacts ; ls -l /artifacts'
 		fi
 		if [ -d x86 ]; then
 			docker run --rm -v `pwd`:/artifacts --privileged -it zt1-build-${distro}-x86 /bin/bash -c 'cd /ZeroTierOne ; make redhat ; cd .. ; cp `find /root/rpmbuild -type f -name *.rpm` /artifacts ; ls -l /artifacts'
 		fi
 	else
 		if [ -d x64 ]; then
 			docker run --rm -v `pwd`:/artifacts --privileged -it zt1-build-${distro}-x64 /bin/bash -c 'cd /ZeroTierOne ; make debian ; cd .. ; cp *.deb /artifacts ; ls -l /artifacts'
 		fi
 		if [ -d x86 ]; then
 			docker run --rm -v `pwd`:/artifacts --privileged -it zt1-build-${distro}-x86 /bin/bash -c 'cd /ZeroTierOne ; make debian ; cd .. ; cp *.deb /artifacts ; ls -l /artifacts'
 		fi
 	fi
 	cd ..
 done
 rm -f zt1-src.tar.gz
--- a/attic/linux-build-farm/centos-6/x64/Dockerfile
+++ b/attic/linux-build-farm/centos-6/x64/Dockerfile
@ -1,13 +0,0 @@
 FROM centos:6
 MAINTAINER Adam Ierymenko <adam.ierymenko@zerotier.com>
 RUN yum update -y
 RUN yum install -y epel-release
 RUN yum install -y make development-tools rpmdevtools clang gcc-c++ tar
 RUN yum install -y nodejs npm
 # Stop use of http-parser-devel which is installed by nodejs/npm
 RUN rm -f /usr/include/http_parser.h
 ADD zt1-src.tar.gz /
--- a/attic/linux-build-farm/centos-6/x86/Dockerfile
+++ b/attic/linux-build-farm/centos-6/x86/Dockerfile
@ -1,13 +0,0 @@
 FROM toopher/centos-i386:centos6
 MAINTAINER Adam Ierymenko <adam.ierymenko@zerotier.com>
 RUN yum update -y
 RUN yum install -y epel-release
 RUN yum install -y make development-tools rpmdevtools clang gcc-c++ tar
 RUN yum install -y nodejs npm
 # Stop use of http-parser-devel which is installed by nodejs/npm
 RUN rm -f /usr/include/http_parser.h
 ADD zt1-src.tar.gz /
--- a/attic/linux-build-farm/centos-7/x64/Dockerfile
+++ b/attic/linux-build-farm/centos-7/x64/Dockerfile
@ -1,10 +0,0 @@
 FROM centos:7
 MAINTAINER Adam Ierymenko <adam.ierymenko@zerotier.com>
 RUN yum update -y
 RUN yum install -y epel-release
 RUN yum install -y make development-tools rpmdevtools clang gcc-c++ ruby ruby-devel
 RUN gem install ronn
 ADD zt1-src.tar.gz /
--- a/attic/linux-build-farm/centos-7/x86/Dockerfile
+++ b/attic/linux-build-farm/centos-7/x86/Dockerfile
@ -1,22 +0,0 @@
 #FROM zerotier/centos7-32bit
 #MAINTAINER Adam Ierymenko <adam.ierymenko@zerotier.com>
 #RUN echo 'i686-redhat-linux' >/etc/rpm/platform
 #RUN yum update -y
 #RUN yum install -y make development-tools rpmdevtools http-parser-devel lz4-devel libnatpmp-devel
 #RUN yum install -y gcc-c++
 #RUN rpm --install --force https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
 #RUN rpm --install --force ftp://rpmfind.net/linux/centos/6.8/os/i386/Packages/libffi-3.0.5-3.2.el6.i686.rpm
 #RUN yum install -y clang
 FROM zerotier/zt1-build-centos-7-x86-base
 MAINTAINER Adam Ierymenko <adam.ierymenko@zerotier.com>
 RUN yum install -y ruby ruby-devel
 RUN gem install ronn
 #RUN rpm --erase http-parser-devel lz4-devel libnatpmp-devel
 ADD zt1-src.tar.gz /
--- a/attic/linux-build-farm/debian-jessie/x64/Dockerfile
+++ b/attic/linux-build-farm/debian-jessie/x64/Dockerfile
@ -1,12 +0,0 @@
 FROM debian:jessie
 MAINTAINER Adam Ierymenko <adam.ierymenko@zerotier.com>
 RUN apt-get update
 RUN apt-get install -y build-essential debhelper libhttp-parser-dev liblz4-dev libnatpmp-dev dh-systemd ruby-ronn g++ make devscripts clang-3.5
 RUN ln -sf /usr/bin/clang++-3.5 /usr/bin/clang++
 RUN ln -sf /usr/bin/clang-3.5 /usr/bin/clang
 RUN dpkg --purge libhttp-parser-dev
 ADD zt1-src.tar.gz /
--- a/attic/linux-build-farm/debian-jessie/x86/Dockerfile
+++ b/attic/linux-build-farm/debian-jessie/x86/Dockerfile
@ -1,12 +0,0 @@
 FROM 32bit/debian:jessie
 MAINTAINER Adam Ierymenko <adam.ierymenko@zerotier.com>
 RUN apt-get update
 RUN apt-get install -y build-essential debhelper libhttp-parser-dev liblz4-dev libnatpmp-dev dh-systemd ruby-ronn g++ make devscripts clang-3.5
 RUN ln -sf /usr/bin/clang++-3.5 /usr/bin/clang++
 RUN ln -sf /usr/bin/clang-3.5 /usr/bin/clang
 RUN dpkg --purge libhttp-parser-dev
 ADD zt1-src.tar.gz /
--- a/attic/linux-build-farm/debian-stretch/x64/Dockerfile
+++ b/attic/linux-build-farm/debian-stretch/x64/Dockerfile
@ -1,12 +0,0 @@
 FROM debian:stretch
 MAINTAINER Adam Ierymenko <adam.ierymenko@zerotier.com>
 RUN apt-get update
 RUN apt-get install -y build-essential debhelper libhttp-parser-dev liblz4-dev libnatpmp-dev dh-systemd ruby-ronn g++ make devscripts clang
 #RUN ln -sf /usr/bin/clang++-3.5 /usr/bin/clang++
 #RUN ln -sf /usr/bin/clang-3.5 /usr/bin/clang
 RUN dpkg --purge libhttp-parser-dev
 ADD zt1-src.tar.gz /
--- a/attic/linux-build-farm/debian-stretch/x86/Dockerfile
+++ b/attic/linux-build-farm/debian-stretch/x86/Dockerfile
@ -1,12 +0,0 @@
 FROM mcandre/docker-debian-32bit:stretch
 MAINTAINER Adam Ierymenko <adam.ierymenko@zerotier.com>
 RUN apt-get update
 RUN apt-get install -y build-essential debhelper libhttp-parser-dev liblz4-dev libnatpmp-dev dh-systemd ruby-ronn g++ make devscripts clang
 #RUN ln -sf /usr/bin/clang++-3.5 /usr/bin/clang++
 #RUN ln -sf /usr/bin/clang-3.5 /usr/bin/clang
 RUN dpkg --purge libhttp-parser-dev
 ADD zt1-src.tar.gz /
--- a/attic/linux-build-farm/debian-wheezy/x64/Dockerfile
+++ b/attic/linux-build-farm/debian-wheezy/x64/Dockerfile
@ -1,12 +0,0 @@
 FROM debian:wheezy
 MAINTAINER Adam Ierymenko <adam.ierymenko@zerotier.com>
 RUN apt-get update
 RUN apt-get install -y build-essential debhelper ruby-ronn g++ make devscripts
 RUN dpkg --purge libhttp-parser-dev
 ADD zt1-src.tar.gz /
 RUN mv -f /ZeroTierOne/debian/control.wheezy /ZeroTierOne/debian/control
 RUN mv -f /ZeroTierOne/debian/rules.wheezy /ZeroTierOne/debian/rules
--- a/attic/linux-build-farm/debian-wheezy/x86/Dockerfile
+++ b/attic/linux-build-farm/debian-wheezy/x86/Dockerfile
@ -1,15 +0,0 @@
 #FROM tubia/debian:wheezy
 #MAINTAINER Adam Ierymenko <adam.ierymenko@zerotier.com>
 #RUN apt-get update
 #RUN apt-get install -y build-essential debhelper ruby-ronn g++ make devscripts
 FROM zerotier/zt1-build-debian-wheezy-x86-base
 MAINTAINER Adam Ierymenko <adam.ierymenko@zerotier.com>
 RUN dpkg --purge libhttp-parser-dev
 ADD zt1-src.tar.gz /
 RUN mv -f /ZeroTierOne/debian/control.wheezy /ZeroTierOne/debian/control
 RUN mv -f /ZeroTierOne/debian/rules.wheezy /ZeroTierOne/debian/rules
--- a/attic/linux-build-farm/fedora-22/x64/Dockerfile
+++ b/attic/linux-build-farm/fedora-22/x64/Dockerfile
@ -1,10 +0,0 @@
 FROM fedora:22
 MAINTAINER Adam Ierymenko <adam.ierymenko@zerotier.com>
 RUN yum update -y
 RUN yum install -y make rpmdevtools gcc-c++ rubygem-ronn json-parser-devel lz4-devel http-parser-devel libnatpmp-devel
 RUN rpm --erase http-parser-devel
 RUN yum install -y rubygem-ronn ruby
 ADD zt1-src.tar.gz /
--- a/Show more
+++ b/Show more