2013-07-04 20:56:19 +00:00
/*
2015-02-17 21:11:34 +00:00
* ZeroTier One - Network Virtualization Everywhere
* Copyright ( C ) 2011 - 2015 ZeroTier , Inc .
2013-07-04 20:56:19 +00:00
*
* This program is free software : you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation , either version 3 of the License , or
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
* along with this program . If not , see < http : //www.gnu.org/licenses/>.
*
* - -
*
* ZeroTier may be used and distributed under the terms of the GPLv3 , which
* are available at : http : //www.gnu.org/licenses/gpl-3.0.html
*
* If you would like to embed ZeroTier into a commercial application or
* redistribute it in a modified binary form , please contact ZeroTier Networks
* LLC . Start here : http : //www.zerotier.com/
*/
# include <stdio.h>
# include <stdlib.h>
2013-08-12 20:57:34 +00:00
2013-07-04 20:56:19 +00:00
# include <algorithm>
# include <utility>
# include <stdexcept>
2015-04-03 20:14:37 +00:00
# include "../version.h"
# include "../include/ZeroTierOne.h"
2013-08-13 01:25:36 +00:00
2015-04-03 20:14:37 +00:00
# include "Constants.hpp"
2015-04-03 23:52:53 +00:00
# include "RuntimeEnvironment.hpp"
2013-07-04 20:56:19 +00:00
# include "Switch.hpp"
# include "Node.hpp"
# include "InetAddress.hpp"
# include "Topology.hpp"
# include "Peer.hpp"
2014-04-10 21:22:25 +00:00
# include "AntiRecursion.hpp"
2015-07-28 18:28:47 +00:00
# include "SelfAwareness.hpp"
2015-04-03 23:52:53 +00:00
# include "Packet.hpp"
2013-07-04 20:56:19 +00:00
namespace ZeroTier {
2015-07-07 17:06:05 +00:00
# ifdef ZT_TRACE
static const char * etherTypeName ( const unsigned int etherType )
{
switch ( etherType ) {
case ZT_ETHERTYPE_IPV4 : return " IPV4 " ;
case ZT_ETHERTYPE_ARP : return " ARP " ;
case ZT_ETHERTYPE_RARP : return " RARP " ;
case ZT_ETHERTYPE_ATALK : return " ATALK " ;
case ZT_ETHERTYPE_AARP : return " AARP " ;
case ZT_ETHERTYPE_IPX_A : return " IPX_A " ;
case ZT_ETHERTYPE_IPX_B : return " IPX_B " ;
case ZT_ETHERTYPE_IPV6 : return " IPV6 " ;
}
return " UNKNOWN " ;
}
# endif // ZT_TRACE
2013-07-04 20:56:19 +00:00
Switch : : Switch ( const RuntimeEnvironment * renv ) :
2015-07-13 15:33:02 +00:00
RR ( renv ) ,
_lastBeaconResponse ( 0 )
2013-07-04 20:56:19 +00:00
{
}
Switch : : ~ Switch ( )
{
}
2015-05-21 22:58:26 +00:00
void Switch : : onRemotePacket ( const InetAddress & fromAddr , const void * data , unsigned int len )
2013-07-04 20:56:19 +00:00
{
try {
2015-07-13 15:33:02 +00:00
if ( len = = 13 ) {
/* LEGACY: before VERB_PUSH_DIRECT_PATHS, peers used broadcast
* announcements on the LAN to solve the ' same network problem . ' We
* no longer send these , but we ' ll listen for them for a while to
* locate peers with versions < 1.0 .4 . */
Address beaconAddr ( reinterpret_cast < const char * > ( data ) + 8 , 5 ) ;
if ( beaconAddr = = RR - > identity . address ( ) )
return ;
SharedPtr < Peer > peer ( RR - > topology - > getPeer ( beaconAddr ) ) ;
if ( peer ) { // we'll only respond to beacons from known peers
const uint64_t now = RR - > node - > now ( ) ;
if ( ( now - _lastBeaconResponse ) > = 2500 ) { // limit rate of responses
_lastBeaconResponse = now ;
Packet outp ( peer - > address ( ) , RR - > identity . address ( ) , Packet : : VERB_NOP ) ;
outp . armor ( peer - > key ( ) , false ) ;
RR - > node - > putPacket ( fromAddr , outp . data ( ) , outp . size ( ) ) ;
}
}
} else if ( len > ZT_PROTO_MIN_FRAGMENT_LENGTH ) {
2015-04-08 02:31:11 +00:00
if ( ( ( const unsigned char * ) data ) [ ZT_PACKET_FRAGMENT_IDX_FRAGMENT_INDICATOR ] = = ZT_PACKET_FRAGMENT_INDICATOR ) {
2015-05-21 22:58:26 +00:00
_handleRemotePacketFragment ( fromAddr , data , len ) ;
2015-04-08 02:31:11 +00:00
} else if ( len > = ZT_PROTO_MIN_PACKET_LENGTH ) {
2015-05-21 22:58:26 +00:00
_handleRemotePacketHead ( fromAddr , data , len ) ;
2015-04-03 20:14:37 +00:00
}
2013-07-04 20:56:19 +00:00
}
} catch ( std : : exception & ex ) {
2013-07-13 18:45:39 +00:00
TRACE ( " dropped packet from %s: unexpected exception: %s " , fromAddr . toString ( ) . c_str ( ) , ex . what ( ) ) ;
2013-07-04 20:56:19 +00:00
} catch ( . . . ) {
2013-07-13 18:45:39 +00:00
TRACE ( " dropped packet from %s: unexpected exception: (unknown) " , fromAddr . toString ( ) . c_str ( ) ) ;
2013-07-04 20:56:19 +00:00
}
}
2015-04-08 02:31:11 +00:00
void Switch : : onLocalEthernet ( const SharedPtr < Network > & network , const MAC & from , const MAC & to , unsigned int etherType , unsigned int vlanId , const void * data , unsigned int len )
2013-07-04 20:56:19 +00:00
{
2013-10-18 17:20:34 +00:00
SharedPtr < NetworkConfig > nconf ( network - > config2 ( ) ) ;
if ( ! nconf )
return ;
2014-06-14 04:06:34 +00:00
// Sanity check -- bridge loop? OS problem?
if ( to = = network - > mac ( ) )
2014-04-10 21:22:25 +00:00
return ;
2014-06-21 19:19:10 +00:00
/* Check anti-recursion module to ensure that this is not ZeroTier talking over its own links.
* Note : even when we introduce a more purposeful binding of the main UDP port , this can
* still happen because Windows likes to send broadcasts over interfaces that have little
* to do with their intended target audience . : P */
2015-04-08 22:26:45 +00:00
if ( ! RR - > antiRec - > checkEthernetFrame ( data , len ) ) {
2015-04-10 03:54:00 +00:00
TRACE ( " %.16llx: rejected recursively addressed ZeroTier packet by tail match (type %s, length: %u) " , network - > id ( ) , etherTypeName ( etherType ) , len ) ;
2013-07-04 20:56:19 +00:00
return ;
}
2014-06-14 00:49:33 +00:00
// Check to make sure this protocol is allowed on this network
2013-10-18 17:20:34 +00:00
if ( ! nconf - > permitsEtherType ( etherType ) ) {
2015-04-03 23:52:53 +00:00
TRACE ( " %.16llx: ignored tap: %s -> %s: ethertype %s not allowed on network %.16llx " , network - > id ( ) , from . toString ( ) . c_str ( ) , to . toString ( ) . c_str ( ) , etherTypeName ( etherType ) , ( unsigned long long ) network - > id ( ) ) ;
2013-07-04 20:56:19 +00:00
return ;
}
2014-06-14 00:49:33 +00:00
// Check if this packet is from someone other than the tap -- i.e. bridged in
bool fromBridged = false ;
if ( from ! = network - > mac ( ) ) {
2014-09-24 20:53:03 +00:00
if ( ! network - > permitsBridging ( RR - > identity . address ( ) ) ) {
2015-04-08 23:49:21 +00:00
TRACE ( " %.16llx: %s -> %s %s not forwarded, bridging disabled or this peer not a bridge " , network - > id ( ) , from . toString ( ) . c_str ( ) , to . toString ( ) . c_str ( ) , etherTypeName ( etherType ) ) ;
2014-06-14 00:49:33 +00:00
return ;
}
fromBridged = true ;
}
if ( to . isMulticast ( ) ) {
2014-06-21 19:19:10 +00:00
// Destination is a multicast address (including broadcast)
2014-06-14 00:49:33 +00:00
MulticastGroup mg ( to , 0 ) ;
2014-03-26 04:38:54 +00:00
2014-06-14 00:49:33 +00:00
if ( to . isBroadcast ( ) ) {
2015-04-08 22:26:45 +00:00
if (
( etherType = = ZT_ETHERTYPE_ARP ) & &
( len > = 28 ) & &
(
( ( ( const unsigned char * ) data ) [ 2 ] = = 0x08 ) & &
( ( ( const unsigned char * ) data ) [ 3 ] = = 0x00 ) & &
( ( ( const unsigned char * ) data ) [ 4 ] = = 6 ) & &
( ( ( const unsigned char * ) data ) [ 5 ] = = 4 ) & &
( ( ( const unsigned char * ) data ) [ 7 ] = = 0x01 )
)
) {
2014-06-14 00:49:33 +00:00
// Cram IPv4 IP into ADI field to make IPv4 ARP broadcast channel specific and scalable
// Also: enableBroadcast() does not apply to ARP since it's required for IPv4
2015-04-08 22:26:45 +00:00
mg = MulticastGroup : : deriveMulticastGroupForAddressResolution ( InetAddress ( ( ( const unsigned char * ) data ) + 24 , 4 , 0 ) ) ;
2014-06-14 00:49:33 +00:00
} else if ( ! nconf - > enableBroadcast ( ) ) {
// Don't transmit broadcasts if this network doesn't want them
2015-04-03 23:52:53 +00:00
TRACE ( " %.16llx: dropped broadcast since ff:ff:ff:ff:ff:ff is not enabled " , network - > id ( ) ) ;
2014-05-23 21:32:31 +00:00
return ;
2013-09-27 20:03:13 +00:00
}
2014-06-14 00:49:33 +00:00
}
2013-09-12 16:11:21 +00:00
2014-06-21 19:19:10 +00:00
/* Learn multicast groups for bridged-in hosts.
* Note that some OSes , most notably Linux , do this for you by learning
* multicast addresses on bridge interfaces and subscribing each slave .
* But in that case this does no harm , as the sets are just merged . */
2014-06-14 00:49:33 +00:00
if ( fromBridged )
2015-06-02 00:50:44 +00:00
network - > learnBridgedMulticastGroup ( mg , RR - > node - > now ( ) ) ;
2014-05-23 21:32:31 +00:00
2015-04-15 20:15:09 +00:00
//TRACE("%.16llx: MULTICAST %s -> %s %s %u",network->id(),from.toString().c_str(),mg.toString().c_str(),etherTypeName(etherType),len);
2014-06-18 15:25:30 +00:00
2014-10-01 19:41:48 +00:00
RR - > mc - > send (
( ( ! nconf - > isPublic ( ) ) & & ( nconf - > com ( ) ) ) ? & ( nconf - > com ( ) ) : ( const CertificateOfMembership * ) 0 ,
2014-10-01 21:05:25 +00:00
nconf - > multicastLimit ( ) ,
2015-06-02 00:50:44 +00:00
RR - > node - > now ( ) ,
2014-10-01 19:41:48 +00:00
network - > id ( ) ,
2014-10-04 20:15:02 +00:00
nconf - > activeBridges ( ) ,
2014-10-01 19:41:48 +00:00
mg ,
2014-10-10 00:58:31 +00:00
( fromBridged ) ? from : MAC ( ) ,
2014-10-01 19:41:48 +00:00
etherType ,
2015-04-08 22:26:45 +00:00
data ,
len ) ;
2014-06-14 04:06:34 +00:00
return ;
}
2014-06-21 15:59:08 +00:00
if ( to [ 0 ] = = MAC : : firstOctetForNetwork ( network - > id ( ) ) ) {
2015-04-15 20:09:20 +00:00
// Destination is another ZeroTier peer on the same network
2014-06-21 19:19:10 +00:00
2015-07-07 17:00:34 +00:00
Address toZT ( to . toAddress ( network - > id ( ) ) ) ; // since in-network MACs are derived from addresses and network IDs, we can reverse this
const bool includeCom = network - > peerNeedsOurMembershipCertificate ( toZT , RR - > node - > now ( ) ) ;
if ( ( fromBridged ) | | ( includeCom ) ) {
Packet outp ( toZT , RR - > identity . address ( ) , Packet : : VERB_EXT_FRAME ) ;
outp . append ( network - > id ( ) ) ;
if ( includeCom ) {
outp . append ( ( unsigned char ) 0x01 ) ; // 0x01 -- COM included
nconf - > com ( ) . serialize ( outp ) ;
2014-06-21 15:59:08 +00:00
} else {
2015-07-07 17:00:34 +00:00
outp . append ( ( unsigned char ) 0x00 ) ;
2014-06-21 15:59:08 +00:00
}
2015-07-07 17:00:34 +00:00
to . appendTo ( outp ) ;
from . appendTo ( outp ) ;
outp . append ( ( uint16_t ) etherType ) ;
outp . append ( data , len ) ;
outp . compress ( ) ;
send ( outp , true , network - > id ( ) ) ;
2013-07-04 20:56:19 +00:00
} else {
2015-07-07 17:00:34 +00:00
Packet outp ( toZT , RR - > identity . address ( ) , Packet : : VERB_FRAME ) ;
outp . append ( network - > id ( ) ) ;
outp . append ( ( uint16_t ) etherType ) ;
outp . append ( data , len ) ;
outp . compress ( ) ;
send ( outp , true , network - > id ( ) ) ;
2013-07-04 20:56:19 +00:00
}
2014-06-21 16:01:26 +00:00
2015-07-07 17:00:34 +00:00
//TRACE("%.16llx: UNICAST: %s -> %s etherType==%s(%.4x) vlanId==%u len==%u fromBridged==%d includeCom==%d",network->id(),from.toString().c_str(),to.toString().c_str(),etherTypeName(etherType),etherType,vlanId,len,(int)fromBridged,(int)includeCom);
2014-06-21 16:01:26 +00:00
return ;
2014-06-14 04:06:34 +00:00
}
2014-06-21 19:19:10 +00:00
{
2014-09-30 15:38:03 +00:00
// Destination is bridged behind a remote peer
2014-06-21 19:19:10 +00:00
Address bridges [ ZT_MAX_BRIDGE_SPAM ] ;
unsigned int numBridges = 0 ;
2015-07-06 19:46:27 +00:00
/* Create an array of up to ZT_MAX_BRIDGE_SPAM recipients for this bridged frame. */
2014-06-21 19:19:10 +00:00
bridges [ 0 ] = network - > findBridgeTo ( to ) ;
2015-07-07 17:00:34 +00:00
if ( ( bridges [ 0 ] ) & & ( bridges [ 0 ] ! = RR - > identity . address ( ) ) & & ( network - > permitsBridging ( bridges [ 0 ] ) ) ) {
2015-07-06 19:46:27 +00:00
/* We have a known bridge route for this MAC, send it there. */
2014-06-21 19:19:10 +00:00
+ + numBridges ;
} else if ( ! nconf - > activeBridges ( ) . empty ( ) ) {
/* If there is no known route, spam to up to ZT_MAX_BRIDGE_SPAM active
2015-07-06 19:46:27 +00:00
* bridges . If someone responds , we ' ll learn the route . */
2014-10-04 20:15:02 +00:00
std : : vector < Address > : : const_iterator ab ( nconf - > activeBridges ( ) . begin ( ) ) ;
2014-06-21 19:19:10 +00:00
if ( nconf - > activeBridges ( ) . size ( ) < = ZT_MAX_BRIDGE_SPAM ) {
// If there are <= ZT_MAX_BRIDGE_SPAM active bridges, spam them all
while ( ab ! = nconf - > activeBridges ( ) . end ( ) ) {
2015-07-07 17:00:34 +00:00
bridges [ numBridges + + ] = * ab ;
2014-06-21 19:19:10 +00:00
+ + ab ;
}
} else {
// Otherwise pick a random set of them
while ( numBridges < ZT_MAX_BRIDGE_SPAM ) {
if ( ab = = nconf - > activeBridges ( ) . end ( ) )
ab = nconf - > activeBridges ( ) . begin ( ) ;
2015-07-07 17:49:50 +00:00
if ( ( ( unsigned long ) RR - > node - > prng ( ) % ( unsigned long ) nconf - > activeBridges ( ) . size ( ) ) = = 0 ) {
2015-07-07 17:00:34 +00:00
bridges [ numBridges + + ] = * ab ;
2014-06-21 19:19:10 +00:00
+ + ab ;
} else + + ab ;
}
2014-06-14 00:49:33 +00:00
}
}
2014-06-21 19:19:10 +00:00
for ( unsigned int b = 0 ; b < numBridges ; + + b ) {
2014-09-24 20:53:03 +00:00
Packet outp ( bridges [ b ] , RR - > identity . address ( ) , Packet : : VERB_EXT_FRAME ) ;
2014-06-21 15:59:08 +00:00
outp . append ( network - > id ( ) ) ;
2015-07-06 19:46:27 +00:00
if ( network - > peerNeedsOurMembershipCertificate ( bridges [ b ] , RR - > node - > now ( ) ) ) {
outp . append ( ( unsigned char ) 0x01 ) ; // 0x01 -- COM included
nconf - > com ( ) . serialize ( outp ) ;
} else {
outp . append ( ( unsigned char ) 0 ) ;
}
2014-06-21 15:59:08 +00:00
to . appendTo ( outp ) ;
from . appendTo ( outp ) ;
outp . append ( ( uint16_t ) etherType ) ;
2015-04-08 22:26:45 +00:00
outp . append ( data , len ) ;
2014-06-21 15:59:08 +00:00
outp . compress ( ) ;
2015-06-02 00:50:44 +00:00
send ( outp , true , network - > id ( ) ) ;
2014-06-21 15:59:08 +00:00
}
2013-07-04 20:56:19 +00:00
}
}
2015-06-02 00:50:44 +00:00
void Switch : : send ( const Packet & packet , bool encrypt , uint64_t nwid )
2013-07-04 20:56:19 +00:00
{
2014-09-24 20:53:03 +00:00
if ( packet . destination ( ) = = RR - > identity . address ( ) ) {
2013-07-13 02:07:48 +00:00
TRACE ( " BUG: caught attempt to send() to self, ignored " ) ;
return ;
}
2015-06-02 00:50:44 +00:00
if ( ! _trySend ( packet , encrypt , nwid ) ) {
2013-07-11 20:19:06 +00:00
Mutex : : Lock _l ( _txQueue_m ) ;
2015-06-02 00:50:44 +00:00
_txQueue . insert ( std : : pair < Address , TXQueueEntry > ( packet . destination ( ) , TXQueueEntry ( RR - > node - > now ( ) , packet , encrypt , nwid ) ) ) ;
2013-07-04 20:56:19 +00:00
}
}
bool Switch : : unite ( const Address & p1 , const Address & p2 , bool force )
{
2014-09-24 20:53:03 +00:00
if ( ( p1 = = RR - > identity . address ( ) ) | | ( p2 = = RR - > identity . address ( ) ) )
2013-07-13 02:07:48 +00:00
return false ;
2014-09-24 20:53:03 +00:00
SharedPtr < Peer > p1p = RR - > topology - > getPeer ( p1 ) ;
2013-07-04 20:56:19 +00:00
if ( ! p1p )
return false ;
2014-09-24 20:53:03 +00:00
SharedPtr < Peer > p2p = RR - > topology - > getPeer ( p2 ) ;
2013-07-04 20:56:19 +00:00
if ( ! p2p )
return false ;
2015-04-08 22:26:45 +00:00
const uint64_t now = RR - > node - > now ( ) ;
2013-07-04 20:56:19 +00:00
2015-05-21 22:58:26 +00:00
std : : pair < InetAddress , InetAddress > cg ( Peer : : findCommonGround ( * p1p , * p2p , now ) ) ;
2013-07-04 20:56:19 +00:00
if ( ! ( cg . first ) )
return false ;
2015-04-26 23:03:16 +00:00
if ( cg . first . ipScope ( ) ! = cg . second . ipScope ( ) )
return false ;
2013-07-04 20:56:19 +00:00
// Addresses are sorted in key for last unite attempt map for order
// invariant lookup: (p1,p2) == (p2,p1)
Array < Address , 2 > uniteKey ;
if ( p1 > = p2 ) {
uniteKey [ 0 ] = p2 ;
uniteKey [ 1 ] = p1 ;
} else {
uniteKey [ 0 ] = p1 ;
uniteKey [ 1 ] = p2 ;
}
{
Mutex : : Lock _l ( _lastUniteAttempt_m ) ;
std : : map < Array < Address , 2 > , uint64_t > : : const_iterator e ( _lastUniteAttempt . find ( uniteKey ) ) ;
if ( ( ! force ) & & ( e ! = _lastUniteAttempt . end ( ) ) & & ( ( now - e - > second ) < ZT_MIN_UNITE_INTERVAL ) )
return false ;
else _lastUniteAttempt [ uniteKey ] = now ;
}
TRACE ( " unite: %s(%s) <> %s(%s) " , p1 . toString ( ) . c_str ( ) , cg . second . toString ( ) . c_str ( ) , p2 . toString ( ) . c_str ( ) , cg . first . toString ( ) . c_str ( ) ) ;
2014-01-29 20:11:01 +00:00
/* Tell P1 where to find P2 and vice versa, sending the packets to P1 and
* P2 in randomized order in terms of which gets sent first . This is done
* since in a few cases NAT - t can be sensitive to slight timing differences
* in terms of when the two peers initiate . Normally this is accounted for
2015-06-19 17:23:25 +00:00
* by the nearly - simultaneous RENDEZVOUS kickoff from the relay , but
* given that relay are hosted on cloud providers this can in some
2014-01-29 20:11:01 +00:00
* cases have a few ms of latency between packet departures . By randomizing
* the order we make each attempted NAT - t favor one or the other going
* first , meaning if it doesn ' t succeed the first time it might the second
* and so forth . */
2015-07-07 17:49:50 +00:00
unsigned int alt = ( unsigned int ) RR - > node - > prng ( ) & 1 ;
2014-01-29 20:11:01 +00:00
unsigned int completed = alt + 2 ;
while ( alt ! = completed ) {
if ( ( alt & 1 ) = = 0 ) {
// Tell p1 where to find p2.
2014-09-24 20:53:03 +00:00
Packet outp ( p1 , RR - > identity . address ( ) , Packet : : VERB_RENDEZVOUS ) ;
2014-01-29 20:11:01 +00:00
outp . append ( ( unsigned char ) 0 ) ;
p2 . appendTo ( outp ) ;
outp . append ( ( uint16_t ) cg . first . port ( ) ) ;
if ( cg . first . isV6 ( ) ) {
outp . append ( ( unsigned char ) 16 ) ;
outp . append ( cg . first . rawIpData ( ) , 16 ) ;
} else {
outp . append ( ( unsigned char ) 4 ) ;
outp . append ( cg . first . rawIpData ( ) , 4 ) ;
}
outp . armor ( p1p - > key ( ) , true ) ;
2014-09-24 20:53:03 +00:00
p1p - > send ( RR , outp . data ( ) , outp . size ( ) , now ) ;
2013-07-04 20:56:19 +00:00
} else {
2014-01-29 20:11:01 +00:00
// Tell p2 where to find p1.
2014-09-24 20:53:03 +00:00
Packet outp ( p2 , RR - > identity . address ( ) , Packet : : VERB_RENDEZVOUS ) ;
2014-01-29 20:11:01 +00:00
outp . append ( ( unsigned char ) 0 ) ;
p1 . appendTo ( outp ) ;
outp . append ( ( uint16_t ) cg . second . port ( ) ) ;
if ( cg . second . isV6 ( ) ) {
outp . append ( ( unsigned char ) 16 ) ;
outp . append ( cg . second . rawIpData ( ) , 16 ) ;
} else {
outp . append ( ( unsigned char ) 4 ) ;
outp . append ( cg . second . rawIpData ( ) , 4 ) ;
}
outp . armor ( p2p - > key ( ) , true ) ;
2014-09-24 20:53:03 +00:00
p2p - > send ( RR , outp . data ( ) , outp . size ( ) , now ) ;
2013-07-04 20:56:19 +00:00
}
2014-01-29 20:11:01 +00:00
+ + alt ; // counts up and also flips LSB
2013-07-04 20:56:19 +00:00
}
return true ;
}
2015-07-28 18:28:47 +00:00
void Switch : : rendezvous ( const SharedPtr < Peer > & peer , const InetAddress & atAddr )
2013-07-12 02:25:12 +00:00
{
2015-04-03 20:14:37 +00:00
TRACE ( " sending NAT-t message to %s(%s) " , peer - > address ( ) . toString ( ) . c_str ( ) , atAddr . toString ( ) . c_str ( ) ) ;
2015-04-07 19:22:33 +00:00
const uint64_t now = RR - > node - > now ( ) ;
2013-07-13 02:07:48 +00:00
2015-07-28 18:28:47 +00:00
/* Attempt direct contact now unless we are IPv4 and our external ports
* appear to be randomized by a NAT device . In that case , we should let
* the other side send a message first . Why ? If the other side is also
* randomized and symmetric , we are probably going to fail . But if the
* other side is " port restricted " but otherwise sane , us sending a
* packet first may actually close the remote ' s outgoing port to us !
* This assists with NAT - t in cases where one side is symmetric and the
* other is full cone but port restricted . */
2015-07-28 18:32:34 +00:00
if ( ( atAddr . ss_family ! = AF_INET ) | | ( ! RR - > sa - > areGlobalIPv4PortsRandomized ( ) ) ) {
2015-07-28 18:28:47 +00:00
peer - > attemptToContactAt ( RR , atAddr , now ) ;
2015-07-28 18:32:34 +00:00
} else {
TRACE ( " behind randomizing symmetric NAT -- delaying initial message to %s(%s) " , peer - > address ( ) . toString ( ) . c_str ( ) , atAddr . toString ( ) . c_str ( ) ) ;
}
2015-07-28 18:28:47 +00:00
// After 1s, try again and perhaps try more NAT-t strategies
2013-07-13 02:07:48 +00:00
{
Mutex : : Lock _l ( _contactQueue_m ) ;
2015-05-21 22:58:26 +00:00
_contactQueue . push_back ( ContactQueueEntry ( peer , now + ZT_NAT_T_TACTICAL_ESCALATION_DELAY , atAddr ) ) ;
2013-07-13 02:07:48 +00:00
}
2013-07-12 02:25:12 +00:00
}
2013-07-11 21:52:04 +00:00
void Switch : : requestWhois ( const Address & addr )
2013-07-11 20:19:06 +00:00
{
2013-10-03 18:38:07 +00:00
bool inserted = false ;
2013-07-11 21:52:04 +00:00
{
Mutex : : Lock _l ( _outstandingWhoisRequests_m ) ;
std : : pair < std : : map < Address , WhoisRequest > : : iterator , bool > entry ( _outstandingWhoisRequests . insert ( std : : pair < Address , WhoisRequest > ( addr , WhoisRequest ( ) ) ) ) ;
2013-10-03 18:38:07 +00:00
if ( ( inserted = entry . second ) )
2015-04-08 22:26:45 +00:00
entry . first - > second . lastSent = RR - > node - > now ( ) ;
2013-07-11 21:52:04 +00:00
entry . first - > second . retries = 0 ; // reset retry count if entry already existed
}
2013-10-03 18:38:07 +00:00
if ( inserted )
_sendWhoisRequest ( addr , ( const Address * ) 0 , 0 ) ;
2013-07-11 20:19:06 +00:00
}
2013-10-16 21:47:26 +00:00
void Switch : : cancelWhoisRequest ( const Address & addr )
{
Mutex : : Lock _l ( _outstandingWhoisRequests_m ) ;
_outstandingWhoisRequests . erase ( addr ) ;
}
2013-07-12 02:06:25 +00:00
void Switch : : doAnythingWaitingForPeer ( const SharedPtr < Peer > & peer )
2013-07-04 20:56:19 +00:00
{
2014-08-19 17:09:21 +00:00
{ // cancel pending WHOIS since we now know this peer
2013-07-11 21:52:04 +00:00
Mutex : : Lock _l ( _outstandingWhoisRequests_m ) ;
_outstandingWhoisRequests . erase ( peer - > address ( ) ) ;
}
2014-08-19 17:09:21 +00:00
{ // finish processing any packets waiting on peer's public key / identity
2013-07-11 21:52:04 +00:00
Mutex : : Lock _l ( _rxQueue_m ) ;
2014-10-04 05:03:19 +00:00
for ( std : : list < SharedPtr < IncomingPacket > > : : iterator rxi ( _rxQueue . begin ( ) ) ; rxi ! = _rxQueue . end ( ) ; ) {
2014-10-01 19:41:48 +00:00
if ( ( * rxi ) - > tryDecode ( RR ) )
2013-07-11 21:52:04 +00:00
_rxQueue . erase ( rxi + + ) ;
else + + rxi ;
}
}
2014-08-19 17:09:21 +00:00
{ // finish sending any packets waiting on peer's public key / identity
2013-07-11 21:52:04 +00:00
Mutex : : Lock _l ( _txQueue_m ) ;
std : : pair < std : : multimap < Address , TXQueueEntry > : : iterator , std : : multimap < Address , TXQueueEntry > : : iterator > waitingTxQueueItems ( _txQueue . equal_range ( peer - > address ( ) ) ) ;
for ( std : : multimap < Address , TXQueueEntry > : : iterator txi ( waitingTxQueueItems . first ) ; txi ! = waitingTxQueueItems . second ; ) {
2015-06-02 00:50:44 +00:00
if ( _trySend ( txi - > second . packet , txi - > second . encrypt , txi - > second . nwid ) )
2013-07-11 21:52:04 +00:00
_txQueue . erase ( txi + + ) ;
else + + txi ;
2013-07-11 20:19:06 +00:00
}
}
}
2013-07-04 20:56:19 +00:00
2015-04-08 02:31:11 +00:00
unsigned long Switch : : doTimerTasks ( uint64_t now )
2014-09-24 20:45:58 +00:00
{
2015-04-08 02:31:11 +00:00
unsigned long nextDelay = 0xffffffff ; // ceiling delay, caller will cap to minimum
2014-09-24 20:45:58 +00:00
2015-07-27 23:43:05 +00:00
{
2014-09-24 20:45:58 +00:00
Mutex : : Lock _l ( _contactQueue_m ) ;
for ( std : : list < ContactQueueEntry > : : iterator qi ( _contactQueue . begin ( ) ) ; qi ! = _contactQueue . end ( ) ; ) {
if ( now > = qi - > fireAtTime ) {
2015-04-03 23:52:53 +00:00
if ( qi - > peer - > hasActiveDirectPath ( now ) ) {
// We've successfully NAT-t'd, so cancel attempt
_contactQueue . erase ( qi + + ) ;
continue ;
} else {
2015-05-22 20:11:55 +00:00
if ( qi - > strategyIteration = = 0 ) {
2015-05-22 22:33:33 +00:00
// First strategy: send packet directly (we already tried this but try again)
2015-05-22 20:11:55 +00:00
qi - > peer - > attemptToContactAt ( RR , qi - > inaddr , now ) ;
2015-07-27 23:43:05 +00:00
} else if ( qi - > strategyIteration < = 4 ) {
// Strategies 1-4: try escalating ports
2015-05-22 20:11:55 +00:00
InetAddress tmpaddr ( qi - > inaddr ) ;
int p = ( int ) qi - > inaddr . port ( ) + qi - > strategyIteration ;
if ( p < 0xffff ) {
tmpaddr . setPort ( ( unsigned int ) p ) ;
qi - > peer - > attemptToContactAt ( RR , tmpaddr , now ) ;
2015-07-28 00:34:58 +00:00
} else qi - > strategyIteration = 5 ;
2015-05-22 20:11:55 +00:00
} else {
// All strategies tried, expire entry
_contactQueue . erase ( qi + + ) ;
continue ;
2014-09-24 20:45:58 +00:00
}
2015-05-22 20:11:55 +00:00
+ + qi - > strategyIteration ;
2015-04-03 23:52:53 +00:00
qi - > fireAtTime = now + ZT_NAT_T_TACTICAL_ESCALATION_DELAY ;
nextDelay = std : : min ( nextDelay , ( unsigned long ) ZT_NAT_T_TACTICAL_ESCALATION_DELAY ) ;
}
2014-09-24 20:45:58 +00:00
} else {
nextDelay = std : : min ( nextDelay , ( unsigned long ) ( qi - > fireAtTime - now ) ) ;
}
2015-04-03 23:52:53 +00:00
+ + qi ; // if qi was erased, loop will have continued before here
2014-09-24 20:45:58 +00:00
}
}
2015-04-03 23:52:53 +00:00
{ // Retry outstanding WHOIS requests
2014-09-24 20:45:58 +00:00
Mutex : : Lock _l ( _outstandingWhoisRequests_m ) ;
for ( std : : map < Address , WhoisRequest > : : iterator i ( _outstandingWhoisRequests . begin ( ) ) ; i ! = _outstandingWhoisRequests . end ( ) ; ) {
unsigned long since = ( unsigned long ) ( now - i - > second . lastSent ) ;
if ( since > = ZT_WHOIS_RETRY_DELAY ) {
if ( i - > second . retries > = ZT_MAX_WHOIS_RETRIES ) {
TRACE ( " WHOIS %s timed out " , i - > first . toString ( ) . c_str ( ) ) ;
_outstandingWhoisRequests . erase ( i + + ) ;
continue ;
} else {
i - > second . lastSent = now ;
i - > second . peersConsulted [ i - > second . retries ] = _sendWhoisRequest ( i - > first , i - > second . peersConsulted , i - > second . retries ) ;
+ + i - > second . retries ;
TRACE ( " WHOIS %s (retry %u) " , i - > first . toString ( ) . c_str ( ) , i - > second . retries ) ;
nextDelay = std : : min ( nextDelay , ( unsigned long ) ZT_WHOIS_RETRY_DELAY ) ;
}
2015-04-03 23:52:53 +00:00
} else {
nextDelay = std : : min ( nextDelay , ZT_WHOIS_RETRY_DELAY - since ) ;
}
2014-09-24 20:45:58 +00:00
+ + i ;
}
}
2015-04-03 23:52:53 +00:00
{ // Time out TX queue packets that never got WHOIS lookups or other info.
2014-09-24 20:45:58 +00:00
Mutex : : Lock _l ( _txQueue_m ) ;
for ( std : : multimap < Address , TXQueueEntry > : : iterator i ( _txQueue . begin ( ) ) ; i ! = _txQueue . end ( ) ; ) {
2015-06-02 00:50:44 +00:00
if ( _trySend ( i - > second . packet , i - > second . encrypt , i - > second . nwid ) )
2014-09-24 20:45:58 +00:00
_txQueue . erase ( i + + ) ;
else if ( ( now - i - > second . creationTime ) > ZT_TRANSMIT_QUEUE_TIMEOUT ) {
TRACE ( " TX %s -> %s timed out " , i - > second . packet . source ( ) . toString ( ) . c_str ( ) , i - > second . packet . destination ( ) . toString ( ) . c_str ( ) ) ;
_txQueue . erase ( i + + ) ;
} else + + i ;
}
}
2015-04-03 23:52:53 +00:00
{ // Time out RX queue packets that never got WHOIS lookups or other info.
2014-09-24 20:45:58 +00:00
Mutex : : Lock _l ( _rxQueue_m ) ;
2014-10-04 05:03:19 +00:00
for ( std : : list < SharedPtr < IncomingPacket > > : : iterator i ( _rxQueue . begin ( ) ) ; i ! = _rxQueue . end ( ) ; ) {
2014-09-24 20:45:58 +00:00
if ( ( now - ( * i ) - > receiveTime ( ) ) > ZT_RECEIVE_QUEUE_TIMEOUT ) {
TRACE ( " RX %s -> %s timed out " , ( * i ) - > source ( ) . toString ( ) . c_str ( ) , ( * i ) - > destination ( ) . toString ( ) . c_str ( ) ) ;
_rxQueue . erase ( i + + ) ;
} else + + i ;
}
}
2015-04-03 23:52:53 +00:00
{ // Time out packets that didn't get all their fragments.
2014-09-24 20:45:58 +00:00
Mutex : : Lock _l ( _defragQueue_m ) ;
for ( std : : map < uint64_t , DefragQueueEntry > : : iterator i ( _defragQueue . begin ( ) ) ; i ! = _defragQueue . end ( ) ; ) {
if ( ( now - i - > second . creationTime ) > ZT_FRAGMENTED_PACKET_RECEIVE_TIMEOUT ) {
TRACE ( " incomplete fragmented packet %.16llx timed out, fragments discarded " , i - > first ) ;
_defragQueue . erase ( i + + ) ;
} else + + i ;
}
}
2015-04-08 02:31:11 +00:00
return nextDelay ;
2014-09-24 20:45:58 +00:00
}
2015-05-21 22:58:26 +00:00
void Switch : : _handleRemotePacketFragment ( const InetAddress & fromAddr , const void * data , unsigned int len )
2013-07-11 20:19:06 +00:00
{
2015-04-08 02:31:11 +00:00
Packet : : Fragment fragment ( data , len ) ;
2013-07-11 20:19:06 +00:00
Address destination ( fragment . destination ( ) ) ;
2013-07-13 02:07:48 +00:00
2014-09-24 20:53:03 +00:00
if ( destination ! = RR - > identity . address ( ) ) {
2013-07-11 20:19:06 +00:00
// Fragment is not for us, so try to relay it
if ( fragment . hops ( ) < ZT_RELAY_MAX_HOPS ) {
fragment . incrementHops ( ) ;
2013-07-13 18:45:39 +00:00
2014-08-19 17:09:21 +00:00
// Note: we don't bother initiating NAT-t for fragments, since heads will set that off.
// It wouldn't hurt anything, just redundant and unnecessary.
2014-09-24 20:53:03 +00:00
SharedPtr < Peer > relayTo = RR - > topology - > getPeer ( destination ) ;
2015-04-03 23:52:53 +00:00
if ( ( ! relayTo ) | | ( ! relayTo - > send ( RR , fragment . data ( ) , fragment . size ( ) , RR - > node - > now ( ) ) ) ) {
2015-06-19 17:23:25 +00:00
// Don't know peer or no direct path -- so relay via root server
relayTo = RR - > topology - > getBestRoot ( ) ;
2013-07-11 20:19:06 +00:00
if ( relayTo )
2015-04-03 23:52:53 +00:00
relayTo - > send ( RR , fragment . data ( ) , fragment . size ( ) , RR - > node - > now ( ) ) ;
2013-07-11 20:19:06 +00:00
}
} else {
TRACE ( " dropped relay [fragment](%s) -> %s, max hops exceeded " , fromAddr . toString ( ) . c_str ( ) , destination . toString ( ) . c_str ( ) ) ;
}
} else {
// Fragment looks like ours
uint64_t pid = fragment . packetId ( ) ;
unsigned int fno = fragment . fragmentNumber ( ) ;
unsigned int tf = fragment . totalFragments ( ) ;
if ( ( tf < = ZT_MAX_PACKET_FRAGMENTS ) & & ( fno < ZT_MAX_PACKET_FRAGMENTS ) & & ( fno > 0 ) & & ( tf > 1 ) ) {
// Fragment appears basically sane. Its fragment number must be
// 1 or more, since a Packet with fragmented bit set is fragment 0.
// Total fragments must be more than 1, otherwise why are we
// seeing a Packet::Fragment?
Mutex : : Lock _l ( _defragQueue_m ) ;
std : : map < uint64_t , DefragQueueEntry > : : iterator dqe ( _defragQueue . find ( pid ) ) ;
if ( dqe = = _defragQueue . end ( ) ) {
// We received a Packet::Fragment without its head, so queue it and wait
DefragQueueEntry & dq = _defragQueue [ pid ] ;
2015-04-08 22:26:45 +00:00
dq . creationTime = RR - > node - > now ( ) ;
2013-07-11 20:19:06 +00:00
dq . frags [ fno - 1 ] = fragment ;
dq . totalFragments = tf ; // total fragment count is known
dq . haveFragments = 1 < < fno ; // we have only this fragment
//TRACE("fragment (%u/%u) of %.16llx from %s",fno + 1,tf,pid,fromAddr.toString().c_str());
} else if ( ! ( dqe - > second . haveFragments & ( 1 < < fno ) ) ) {
// We have other fragments and maybe the head, so add this one and check
dqe - > second . frags [ fno - 1 ] = fragment ;
dqe - > second . totalFragments = tf ;
//TRACE("fragment (%u/%u) of %.16llx from %s",fno + 1,tf,pid,fromAddr.toString().c_str());
if ( Utils : : countBits ( dqe - > second . haveFragments | = ( 1 < < fno ) ) = = tf ) {
// We have all fragments -- assemble and process full Packet
//TRACE("packet %.16llx is complete, assembling and processing...",pid);
2013-07-11 21:52:04 +00:00
2014-09-24 16:04:09 +00:00
SharedPtr < IncomingPacket > packet ( dqe - > second . frag0 ) ;
2013-07-11 20:19:06 +00:00
for ( unsigned int f = 1 ; f < tf ; + + f )
2013-07-11 21:52:04 +00:00
packet - > append ( dqe - > second . frags [ f - 1 ] . payload ( ) , dqe - > second . frags [ f - 1 ] . payloadLength ( ) ) ;
2013-07-11 20:19:06 +00:00
_defragQueue . erase ( dqe ) ;
2014-10-01 19:41:48 +00:00
if ( ! packet - > tryDecode ( RR ) ) {
2013-07-11 21:52:04 +00:00
Mutex : : Lock _l ( _rxQueue_m ) ;
2013-07-12 02:06:25 +00:00
_rxQueue . push_back ( packet ) ;
2013-07-11 21:52:04 +00:00
}
2013-07-11 20:19:06 +00:00
}
} // else this is a duplicate fragment, ignore
}
2013-07-11 02:58:43 +00:00
}
2013-07-11 20:19:06 +00:00
}
2015-05-21 22:58:26 +00:00
void Switch : : _handleRemotePacketHead ( const InetAddress & fromAddr , const void * data , unsigned int len )
2013-07-11 20:19:06 +00:00
{
2015-05-21 22:58:26 +00:00
SharedPtr < IncomingPacket > packet ( new IncomingPacket ( data , len , fromAddr , RR - > node - > now ( ) ) ) ;
2013-07-13 02:07:48 +00:00
Address source ( packet - > source ( ) ) ;
2013-07-11 21:52:04 +00:00
Address destination ( packet - > destination ( ) ) ;
2013-07-11 20:19:06 +00:00
2013-08-07 15:55:55 +00:00
//TRACE("<< %.16llx %s -> %s (size: %u)",(unsigned long long)packet->packetId(),source.toString().c_str(),destination.toString().c_str(),packet->size());
2014-09-24 20:53:03 +00:00
if ( destination ! = RR - > identity . address ( ) ) {
2013-07-11 20:19:06 +00:00
// Packet is not for us, so try to relay it
2013-07-11 21:52:04 +00:00
if ( packet - > hops ( ) < ZT_RELAY_MAX_HOPS ) {
packet - > incrementHops ( ) ;
2013-07-11 20:19:06 +00:00
2014-09-24 20:53:03 +00:00
SharedPtr < Peer > relayTo = RR - > topology - > getPeer ( destination ) ;
2015-04-03 23:52:53 +00:00
if ( ( relayTo ) & & ( ( relayTo - > send ( RR , packet - > data ( ) , packet - > size ( ) , RR - > node - > now ( ) ) ) ) ) {
unite ( source , destination , false ) ;
2013-07-11 20:19:06 +00:00
} else {
2015-06-19 17:23:25 +00:00
// Don't know peer or no direct path -- so relay via root server
relayTo = RR - > topology - > getBestRoot ( & source , 1 , true ) ;
2013-07-11 20:19:06 +00:00
if ( relayTo )
2015-04-03 23:52:53 +00:00
relayTo - > send ( RR , packet - > data ( ) , packet - > size ( ) , RR - > node - > now ( ) ) ;
2013-07-11 20:19:06 +00:00
}
} else {
2013-07-11 21:52:04 +00:00
TRACE ( " dropped relay %s(%s) -> %s, max hops exceeded " , packet - > source ( ) . toString ( ) . c_str ( ) , fromAddr . toString ( ) . c_str ( ) , destination . toString ( ) . c_str ( ) ) ;
2013-07-11 20:19:06 +00:00
}
2013-07-11 21:52:04 +00:00
} else if ( packet - > fragmented ( ) ) {
2013-07-11 20:19:06 +00:00
// Packet is the head of a fragmented packet series
2013-07-11 21:52:04 +00:00
uint64_t pid = packet - > packetId ( ) ;
2013-07-11 20:19:06 +00:00
Mutex : : Lock _l ( _defragQueue_m ) ;
std : : map < uint64_t , DefragQueueEntry > : : iterator dqe ( _defragQueue . find ( pid ) ) ;
if ( dqe = = _defragQueue . end ( ) ) {
// If we have no other fragments yet, create an entry and save the head
DefragQueueEntry & dq = _defragQueue [ pid ] ;
2015-04-08 22:26:45 +00:00
dq . creationTime = RR - > node - > now ( ) ;
2013-07-11 20:19:06 +00:00
dq . frag0 = packet ;
dq . totalFragments = 0 ; // 0 == unknown, waiting for Packet::Fragment
dq . haveFragments = 1 ; // head is first bit (left to right)
//TRACE("fragment (0/?) of %.16llx from %s",pid,fromAddr.toString().c_str());
} else if ( ! ( dqe - > second . haveFragments & 1 ) ) {
// If we have other fragments but no head, see if we are complete with the head
if ( ( dqe - > second . totalFragments ) & & ( Utils : : countBits ( dqe - > second . haveFragments | = 1 ) = = dqe - > second . totalFragments ) ) {
// We have all fragments -- assemble and process full Packet
//TRACE("packet %.16llx is complete, assembling and processing...",pid);
// packet already contains head, so append fragments
for ( unsigned int f = 1 ; f < dqe - > second . totalFragments ; + + f )
2013-07-11 21:52:04 +00:00
packet - > append ( dqe - > second . frags [ f - 1 ] . payload ( ) , dqe - > second . frags [ f - 1 ] . payloadLength ( ) ) ;
2013-07-11 20:19:06 +00:00
_defragQueue . erase ( dqe ) ;
2014-10-01 19:41:48 +00:00
if ( ! packet - > tryDecode ( RR ) ) {
2013-07-11 21:52:04 +00:00
Mutex : : Lock _l ( _rxQueue_m ) ;
2013-07-12 02:06:25 +00:00
_rxQueue . push_back ( packet ) ;
2013-07-11 21:52:04 +00:00
}
2013-07-11 20:19:06 +00:00
} else {
// Still waiting on more fragments, so queue the head
dqe - > second . frag0 = packet ;
}
} // else this is a duplicate head, ignore
} else {
// Packet is unfragmented, so just process it
2014-10-01 19:41:48 +00:00
if ( ! packet - > tryDecode ( RR ) ) {
2013-07-11 21:52:04 +00:00
Mutex : : Lock _l ( _rxQueue_m ) ;
2013-07-12 02:06:25 +00:00
_rxQueue . push_back ( packet ) ;
2013-07-04 20:56:19 +00:00
}
}
}
Address Switch : : _sendWhoisRequest ( const Address & addr , const Address * peersAlreadyConsulted , unsigned int numPeersAlreadyConsulted )
{
2015-06-19 17:23:25 +00:00
SharedPtr < Peer > root ( RR - > topology - > getBestRoot ( peersAlreadyConsulted , numPeersAlreadyConsulted , false ) ) ;
if ( root ) {
Packet outp ( root - > address ( ) , RR - > identity . address ( ) , Packet : : VERB_WHOIS ) ;
2013-07-25 17:24:39 +00:00
addr . appendTo ( outp ) ;
2015-06-19 17:23:25 +00:00
outp . armor ( root - > key ( ) , true ) ;
if ( root - > send ( RR , outp . data ( ) , outp . size ( ) , RR - > node - > now ( ) ) )
return root - > address ( ) ;
2013-07-04 20:56:19 +00:00
}
return Address ( ) ;
}
2015-06-02 00:50:44 +00:00
bool Switch : : _trySend ( const Packet & packet , bool encrypt , uint64_t nwid )
2013-07-04 20:56:19 +00:00
{
2014-09-24 20:53:03 +00:00
SharedPtr < Peer > peer ( RR - > topology - > getPeer ( packet . destination ( ) ) ) ;
2013-07-11 21:52:04 +00:00
2013-07-04 20:56:19 +00:00
if ( peer ) {
2015-04-03 23:52:53 +00:00
const uint64_t now = RR - > node - > now ( ) ;
2013-07-04 20:56:19 +00:00
2015-07-07 17:00:34 +00:00
SharedPtr < Network > network ;
SharedPtr < NetworkConfig > nconf ;
2015-07-06 22:05:04 +00:00
if ( nwid ) {
2015-07-07 17:00:34 +00:00
network = RR - > node - > network ( nwid ) ;
if ( ! network )
return false ; // we probably just left this network, let its packets die
nconf = network - > config2 ( ) ;
if ( ! nconf )
return false ; // sanity check: unconfigured network? why are we trying to talk to it?
2015-07-06 22:05:04 +00:00
}
2015-07-06 21:08:13 +00:00
RemotePath * viaPath = peer - > getBestPath ( now ) ;
2015-07-07 17:00:34 +00:00
SharedPtr < Peer > relay ;
2015-04-04 00:01:07 +00:00
if ( ! viaPath ) {
2015-07-06 22:05:04 +00:00
// See if this network has a preferred relay (if packet has an associated network)
2015-07-07 17:00:34 +00:00
if ( nconf ) {
unsigned int latency = ~ ( ( unsigned int ) 0 ) ;
for ( std : : vector < std : : pair < Address , InetAddress > > : : const_iterator r ( nconf - > relays ( ) . begin ( ) ) ; r ! = nconf - > relays ( ) . end ( ) ; + + r ) {
if ( r - > first ! = peer - > address ( ) ) {
SharedPtr < Peer > rp ( RR - > topology - > getPeer ( r - > first ) ) ;
if ( ( rp ) & & ( rp - > hasActiveDirectPath ( now ) ) & & ( rp - > latency ( ) < = latency ) )
rp . swap ( relay ) ;
2015-06-02 00:50:44 +00:00
}
}
}
2015-07-06 22:05:04 +00:00
// Otherwise relay off a root server
2015-06-02 00:50:44 +00:00
if ( ! relay )
2015-06-19 17:23:25 +00:00
relay = RR - > topology - > getBestRoot ( ) ;
2015-06-02 00:50:44 +00:00
if ( ! ( relay ) | | ( ! ( viaPath = relay - > getBestPath ( now ) ) ) )
2015-07-07 17:00:34 +00:00
return false ; // no paths, no root servers?
}
if ( ( network ) & & ( relay ) & & ( network - > isAllowed ( peer - > address ( ) ) ) ) {
// Push hints for direct connectivity to this peer if we are relaying
peer - > pushDirectPaths ( RR , viaPath , now , false ) ;
2013-07-04 20:56:19 +00:00
}
Packet tmp ( packet ) ;
unsigned int chunkSize = std : : min ( tmp . size ( ) , ( unsigned int ) ZT_UDP_DEFAULT_PAYLOAD_MTU ) ;
tmp . setFragmented ( chunkSize < tmp . size ( ) ) ;
2013-09-27 20:03:13 +00:00
tmp . armor ( peer - > key ( ) , encrypt ) ;
2013-07-04 20:56:19 +00:00
2015-04-03 23:52:53 +00:00
if ( viaPath - > send ( RR , tmp . data ( ) , chunkSize , now ) ) {
2013-07-04 20:56:19 +00:00
if ( chunkSize < tmp . size ( ) ) {
2015-07-06 22:05:04 +00:00
// Too big for one packet, fragment the rest
2013-07-04 20:56:19 +00:00
unsigned int fragStart = chunkSize ;
unsigned int remaining = tmp . size ( ) - chunkSize ;
unsigned int fragsRemaining = ( remaining / ( ZT_UDP_DEFAULT_PAYLOAD_MTU - ZT_PROTO_MIN_FRAGMENT_LENGTH ) ) ;
if ( ( fragsRemaining * ( ZT_UDP_DEFAULT_PAYLOAD_MTU - ZT_PROTO_MIN_FRAGMENT_LENGTH ) ) < remaining )
+ + fragsRemaining ;
unsigned int totalFragments = fragsRemaining + 1 ;
2014-10-29 00:25:34 +00:00
for ( unsigned int fno = 1 ; fno < totalFragments ; + + fno ) {
2013-07-04 20:56:19 +00:00
chunkSize = std : : min ( remaining , ( unsigned int ) ( ZT_UDP_DEFAULT_PAYLOAD_MTU - ZT_PROTO_MIN_FRAGMENT_LENGTH ) ) ;
2014-10-29 00:25:34 +00:00
Packet : : Fragment frag ( tmp , fragStart , chunkSize , fno , totalFragments ) ;
2015-04-03 23:52:53 +00:00
viaPath - > send ( RR , frag . data ( ) , frag . size ( ) , now ) ;
2013-07-04 20:56:19 +00:00
fragStart + = chunkSize ;
remaining - = chunkSize ;
}
}
2015-07-06 22:05:04 +00:00
2013-07-11 20:19:06 +00:00
return true ;
2013-07-04 20:56:19 +00:00
}
2014-10-29 00:25:34 +00:00
} else {
requestWhois ( packet . destination ( ) ) ;
}
2013-07-11 20:19:06 +00:00
return false ;
2013-07-04 20:56:19 +00:00
}
} // namespace ZeroTier