2015-04-10 01:14:27 +00:00
/*
* ZeroTier One - Network Virtualization Everywhere
2016-01-12 22:04:55 +00:00
* Copyright ( C ) 2011 - 2016 ZeroTier , Inc . https : //www.zerotier.com/
2015-04-10 01:14:27 +00:00
*
* This program is free software : you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation , either version 3 of the License , or
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
* along with this program . If not , see < http : //www.gnu.org/licenses/>.
*/
# include <stdio.h>
# include <stdlib.h>
# include <string.h>
2015-05-21 02:38:49 +00:00
# include <stdint.h>
2015-04-10 01:14:27 +00:00
2015-04-11 00:07:06 +00:00
# include <string>
# include <map>
2015-04-14 01:43:33 +00:00
# include <set>
2015-04-11 00:07:06 +00:00
# include <vector>
# include <algorithm>
2016-06-15 22:46:57 +00:00
# include <list>
2015-04-11 00:07:06 +00:00
2015-04-10 01:14:27 +00:00
# include "../version.h"
# include "../include/ZeroTierOne.h"
# include "../node/Constants.hpp"
# include "../node/Mutex.hpp"
# include "../node/Node.hpp"
# include "../node/Utils.hpp"
# include "../node/InetAddress.hpp"
2015-04-15 00:57:51 +00:00
# include "../node/MAC.hpp"
2015-05-21 02:38:49 +00:00
# include "../node/Identity.hpp"
2015-04-10 01:14:27 +00:00
# include "../osdep/Phy.hpp"
2015-05-21 02:38:49 +00:00
# include "../osdep/Thread.hpp"
2015-04-10 01:14:27 +00:00
# include "../osdep/OSUtils.hpp"
2015-05-21 02:38:49 +00:00
# include "../osdep/Http.hpp"
2015-05-21 22:22:41 +00:00
# include "../osdep/BackgroundResolver.hpp"
2015-11-30 21:10:22 +00:00
# include "../osdep/PortMapper.hpp"
2016-04-05 18:59:46 +00:00
# include "../osdep/Binder.hpp"
2016-06-15 22:46:57 +00:00
# include "../osdep/ManagedRoute.hpp"
2015-04-10 01:14:27 +00:00
2015-04-15 21:42:26 +00:00
# include "OneService.hpp"
2015-04-14 01:12:45 +00:00
# include "ControlPlane.hpp"
2015-10-22 23:02:01 +00:00
# include "ClusterGeoIpService.hpp"
# include "ClusterDefinition.hpp"
2015-04-10 01:14:27 +00:00
2016-11-21 21:20:56 +00:00
# ifdef ZT_USE_SYSTEM_HTTP_PARSER
# include <http_parser.h>
# else
# include "../ext/http-parser/http_parser.h"
# endif
# include "../ext/json/json.hpp"
using json = nlohmann : : json ;
2015-05-22 21:52:23 +00:00
/**
* Uncomment to enable UDP breakage switch
*
* If this is defined , the presence of a file called / tmp / ZT_BREAK_UDP
* will cause direct UDP TX / RX to stop working . This can be used to
* test TCP tunneling fallback and other robustness features . Deleting
* this file will cause it to start working again .
*/
//#define ZT_BREAK_UDP
2016-08-17 17:42:32 +00:00
# include "../controller/EmbeddedNetworkController.hpp"
2015-05-17 22:51:07 +00:00
2015-04-24 22:05:28 +00:00
# ifdef __WINDOWS__
2015-07-07 00:22:37 +00:00
# include <WinSock2.h>
# include <Windows.h>
2015-04-24 22:05:28 +00:00
# include <ShlObj.h>
2015-07-07 00:22:37 +00:00
# include <netioapi.h>
# include <iphlpapi.h>
2015-05-21 02:38:49 +00:00
# else
# include <sys/types.h>
2015-07-06 23:32:34 +00:00
# include <sys/socket.h>
2015-05-21 02:38:49 +00:00
# include <sys/wait.h>
# include <unistd.h>
2015-07-06 23:32:34 +00:00
# include <ifaddrs.h>
2015-04-24 22:05:28 +00:00
# endif
2015-04-20 22:12:31 +00:00
// Include the right tap device driver for this platform -- add new platforms here
2015-12-22 00:15:39 +00:00
# ifdef ZT_SERVICE_NETCON
// In network containers builds, use the virtual netcon endpoint instead of a tun/tap port driver
# include "../netcon/NetconEthernetTap.hpp"
namespace ZeroTier { typedef NetconEthernetTap EthernetTap ; }
# else // not ZT_SERVICE_NETCON so pick a tap driver
2015-04-14 22:55:03 +00:00
# ifdef __APPLE__
# include "../osdep/OSXEthernetTap.hpp"
namespace ZeroTier { typedef OSXEthernetTap EthernetTap ; }
2015-12-22 00:15:39 +00:00
# endif // __APPLE__
2015-04-20 22:12:31 +00:00
# ifdef __LINUX__
# include "../osdep/LinuxEthernetTap.hpp"
namespace ZeroTier { typedef LinuxEthernetTap EthernetTap ; }
2015-12-22 00:15:39 +00:00
# endif // __LINUX__
2015-04-24 22:05:28 +00:00
# ifdef __WINDOWS__
# include "../osdep/WindowsEthernetTap.hpp"
namespace ZeroTier { typedef WindowsEthernetTap EthernetTap ; }
2015-12-22 00:15:39 +00:00
# endif // __WINDOWS__
2015-05-25 18:11:37 +00:00
# ifdef __FreeBSD__
2015-05-15 15:48:53 +00:00
# include "../osdep/BSDEthernetTap.hpp"
namespace ZeroTier { typedef BSDEthernetTap EthernetTap ; }
2015-12-22 00:15:39 +00:00
# endif // __FreeBSD__
# endif // ZT_SERVICE_NETCON
2015-04-14 22:55:03 +00:00
2015-04-11 02:08:49 +00:00
// Sanity limits for HTTP
2015-06-04 00:20:30 +00:00
# define ZT_MAX_HTTP_MESSAGE_SIZE (1024 * 1024 * 64)
2015-04-11 02:08:49 +00:00
# define ZT_MAX_HTTP_CONNECTIONS 64
2016-04-05 22:44:08 +00:00
// Interface metric for ZeroTier taps -- this ensures that if we are on WiFi and also
// bridged via ZeroTier to the same LAN traffic will (if the OS is sane) prefer WiFi.
2016-04-01 18:07:44 +00:00
# define ZT_IF_METRIC 5000
2015-04-15 00:57:51 +00:00
// How often to check for new multicast subscriptions on a tap device
2015-12-22 00:15:39 +00:00
# define ZT_TAP_CHECK_MULTICAST_INTERVAL 5000
2015-04-15 00:57:51 +00:00
2015-05-17 22:51:07 +00:00
// Path under ZT1 home for controller database if controller is enabled
2016-08-17 17:42:32 +00:00
# define ZT_CONTROLLER_DB_PATH "controller.d"
2015-05-17 22:51:07 +00:00
2015-05-22 01:33:52 +00:00
// TCP fallback relay host -- geo-distributed using Amazon Route53 geo-aware DNS
2015-09-24 23:21:36 +00:00
# define ZT_TCP_FALLBACK_RELAY "tcp-fallback.zerotier.com"
# define ZT_TCP_FALLBACK_RELAY_PORT 443
2015-05-21 22:22:41 +00:00
// Frequency at which we re-resolve the TCP fallback relay
2015-09-24 23:21:36 +00:00
# define ZT_TCP_FALLBACK_RERESOLVE_DELAY 86400000
2015-05-21 22:22:41 +00:00
2015-05-22 01:33:52 +00:00
// Attempt to engage TCP fallback after this many ms of no reply to packets sent to global-scope IPs
2015-09-24 23:21:36 +00:00
# define ZT_TCP_FALLBACK_AFTER 60000
2015-05-22 01:33:52 +00:00
2015-07-06 23:32:34 +00:00
// How often to check for local interface addresses
2016-04-07 19:13:18 +00:00
# define ZT_LOCAL_INTERFACE_CHECK_INTERVAL 60000
2015-07-06 23:32:34 +00:00
2015-04-10 01:14:27 +00:00
namespace ZeroTier {
2015-05-20 23:35:33 +00:00
namespace {
2016-11-21 21:20:56 +00:00
static uint64_t _jI ( const json & jv , const uint64_t dfl )
{
if ( jv . is_number ( ) ) {
return ( uint64_t ) jv ;
} else if ( jv . is_string ( ) ) {
std : : string s = jv ;
return Utils : : strToU64 ( s . c_str ( ) ) ;
} else if ( jv . is_boolean ( ) ) {
return ( ( bool ) jv ? 1ULL : 0ULL ) ;
}
return dfl ;
}
static bool _jB ( const json & jv , const bool dfl )
{
if ( jv . is_boolean ( ) ) {
return ( bool ) jv ;
} else if ( jv . is_number ( ) ) {
return ( ( uint64_t ) jv > 0ULL ) ;
} else if ( jv . is_string ( ) ) {
std : : string s = jv ;
if ( s . length ( ) > 0 ) {
switch ( s [ 0 ] ) {
case ' t ' :
case ' T ' :
case ' 1 ' :
return true ;
}
}
return false ;
}
return dfl ;
}
static std : : string _jS ( const json & jv , const char * dfl )
{
if ( jv . is_string ( ) ) {
return jv ;
} else if ( jv . is_number ( ) ) {
char tmp [ 64 ] ;
Utils : : snprintf ( tmp , sizeof ( tmp ) , " %llu " , ( uint64_t ) jv ) ;
return tmp ;
} else if ( jv . is_boolean ( ) ) {
return ( ( bool ) jv ? std : : string ( " 1 " ) : std : : string ( " 0 " ) ) ;
}
return std : : string ( ( dfl ) ? dfl : " " ) ;
}
2015-05-21 02:38:49 +00:00
# ifdef ZT_AUTO_UPDATE
# define ZT_AUTO_UPDATE_MAX_HTTP_RESPONSE_SIZE (1024 * 1024 * 64)
2015-05-21 03:17:56 +00:00
# define ZT_AUTO_UPDATE_CHECK_PERIOD 21600000
2015-05-21 02:38:49 +00:00
class BackgroundSoftwareUpdateChecker
{
public :
bool isValidSigningIdentity ( const Identity & id )
{
return (
2016-03-03 21:52:27 +00:00
/* 0001 - 0004 : obsolete, used in old versions */
2015-05-21 02:38:49 +00:00
/* 0005 */ ( id = = Identity ( " ba57ea350e:0:9d4be6d7f86c5660d5ee1951a3d759aa6e12a84fc0c0b74639500f1dbc1a8c566622e7d1c531967ebceb1e9d1761342f88324a8ba520c93c35f92f35080fa23f " ) )
/* 0006 */ | | ( id = = Identity ( " 5067b21b83:0:8af477730f5055c48135b84bed6720a35bca4c0e34be4060a4c636288b1ec22217eb22709d610c66ed464c643130c51411bbb0294eef12fbe8ecc1a1e2c63a7a " ) )
/* 0007 */ | | ( id = = Identity ( " 4f5e97a8f1:0:57880d056d7baeb04bbc057d6f16e6cb41388570e87f01492fce882485f65a798648595610a3ad49885604e7fb1db2dd3c2c534b75e42c3c0b110ad07b4bb138 " ) )
/* 0008 */ | | ( id = = Identity ( " 580bbb8e15:0:ad5ef31155bebc6bc413991992387e083fed26d699997ef76e7c947781edd47d1997161fa56ba337b1a2b44b129fd7c7197ce5185382f06011bc88d1363b4ddd " ) )
) ;
}
void doUpdateCheck ( )
{
std : : string url ( OneService : : autoUpdateUrl ( ) ) ;
if ( ( url . length ( ) < = 7 ) | | ( url . substr ( 0 , 7 ) ! = " http:// " ) )
return ;
std : : string httpHost ;
std : : string httpPath ;
{
std : : size_t slashIdx = url . substr ( 7 ) . find_first_of ( ' / ' ) ;
if ( slashIdx = = std : : string : : npos ) {
httpHost = url . substr ( 7 ) ;
httpPath = " / " ;
} else {
httpHost = url . substr ( 7 , slashIdx ) ;
httpPath = url . substr ( slashIdx + 7 ) ;
}
}
if ( httpHost . length ( ) = = 0 )
return ;
std : : vector < InetAddress > ips ( OSUtils : : resolve ( httpHost . c_str ( ) ) ) ;
for ( std : : vector < InetAddress > : : iterator ip ( ips . begin ( ) ) ; ip ! = ips . end ( ) ; + + ip ) {
if ( ! ip - > port ( ) )
ip - > setPort ( 80 ) ;
std : : string nfoPath = httpPath + " LATEST.nfo " ;
std : : map < std : : string , std : : string > requestHeaders , responseHeaders ;
std : : string body ;
requestHeaders [ " Host " ] = httpHost ;
unsigned int scode = Http : : GET ( ZT_AUTO_UPDATE_MAX_HTTP_RESPONSE_SIZE , 60000 , reinterpret_cast < const struct sockaddr * > ( & ( * ip ) ) , nfoPath . c_str ( ) , requestHeaders , responseHeaders , body ) ;
//fprintf(stderr,"UPDATE %s %s %u %lu\n",ip->toString().c_str(),nfoPath.c_str(),scode,body.length());
if ( ( scode = = 200 ) & & ( body . length ( ) > 0 ) ) {
/* NFO fields:
*
* file = < filename >
* signedBy = < signing identity >
2016-06-21 19:55:43 +00:00
* ed25519 = < ed25519 ECC signature of archive in hex >
2015-05-21 02:38:49 +00:00
* vMajor = < major version >
* vMinor = < minor version >
* vRevision = < revision > */
2016-06-21 19:55:43 +00:00
Dictionary < 4096 > nfo ( body . c_str ( ) ) ;
char tmp [ 2048 ] ;
if ( nfo . get ( " vMajor " , tmp , sizeof ( tmp ) ) < = 0 ) return ;
const unsigned int vMajor = Utils : : strToUInt ( tmp ) ;
if ( nfo . get ( " vMinor " , tmp , sizeof ( tmp ) ) < = 0 ) return ;
const unsigned int vMinor = Utils : : strToUInt ( tmp ) ;
if ( nfo . get ( " vRevision " , tmp , sizeof ( tmp ) ) < = 0 ) return ;
const unsigned int vRevision = Utils : : strToUInt ( tmp ) ;
2015-05-21 02:38:49 +00:00
if ( Utils : : compareVersion ( vMajor , vMinor , vRevision , ZEROTIER_ONE_VERSION_MAJOR , ZEROTIER_ONE_VERSION_MINOR , ZEROTIER_ONE_VERSION_REVISION ) < = 0 ) {
//fprintf(stderr,"UPDATE %u.%u.%u is not newer than our version\n",vMajor,vMinor,vRevision);
return ;
}
2016-06-21 19:55:43 +00:00
if ( nfo . get ( " signedBy " , tmp , sizeof ( tmp ) ) < = 0 ) return ;
2015-05-21 02:38:49 +00:00
Identity signedBy ;
2016-06-21 19:55:43 +00:00
if ( ( ! signedBy . fromString ( tmp ) ) | | ( ! isValidSigningIdentity ( signedBy ) ) ) {
2015-05-21 02:38:49 +00:00
//fprintf(stderr,"UPDATE invalid signedBy or not authorized signing identity.\n");
return ;
}
2016-06-21 19:55:43 +00:00
if ( nfo . get ( " file " , tmp , sizeof ( tmp ) ) < = 0 ) return ;
std : : string filePath ( tmp ) ;
2015-05-21 02:38:49 +00:00
if ( ( ! filePath . length ( ) ) | | ( filePath . find ( " .. " ) ! = std : : string : : npos ) )
return ;
filePath = httpPath + filePath ;
std : : string fileData ;
if ( Http : : GET ( ZT_AUTO_UPDATE_MAX_HTTP_RESPONSE_SIZE , 60000 , reinterpret_cast < const struct sockaddr * > ( & ( * ip ) ) , filePath . c_str ( ) , requestHeaders , responseHeaders , fileData ) ! = 200 ) {
//fprintf(stderr,"UPDATE GET %s failed\n",filePath.c_str());
return ;
}
2016-06-21 19:55:43 +00:00
if ( nfo . get ( " ed25519 " , tmp , sizeof ( tmp ) ) < = 0 ) return ;
std : : string ed25519 ( Utils : : unhex ( tmp ) ) ;
2015-05-21 02:38:49 +00:00
if ( ( ed25519 . length ( ) = = 0 ) | | ( ! signedBy . verify ( fileData . data ( ) , ( unsigned int ) fileData . length ( ) , ed25519 . data ( ) , ( unsigned int ) ed25519 . length ( ) ) ) ) {
//fprintf(stderr,"UPDATE %s failed signature check!\n",filePath.c_str());
return ;
}
/* --------------------------------------------------------------- */
/* We made it! Begin OS-specific installation code. */
# ifdef __APPLE__
/* OSX version is in the form of a MacOSX .pkg file, so we will
* launch installer ( normally in / usr / sbin ) to install it . It will
* then turn around and shut down the service , update files , and
* relaunch . */
{
char bashp [ 128 ] , pkgp [ 128 ] ;
Utils : : snprintf ( bashp , sizeof ( bashp ) , " /tmp/ZeroTierOne-update-%u.%u.%u.sh " , vMajor , vMinor , vRevision ) ;
Utils : : snprintf ( pkgp , sizeof ( pkgp ) , " /tmp/ZeroTierOne-update-%u.%u.%u.pkg " , vMajor , vMinor , vRevision ) ;
FILE * pkg = fopen ( pkgp , " w " ) ;
if ( ( ! pkg ) | | ( fwrite ( fileData . data ( ) , fileData . length ( ) , 1 , pkg ) ! = 1 ) ) {
fclose ( pkg ) ;
unlink ( bashp ) ;
unlink ( pkgp ) ;
fprintf ( stderr , " UPDATE error writing %s \n " , pkgp ) ;
return ;
}
fclose ( pkg ) ;
FILE * bash = fopen ( bashp , " w " ) ;
if ( ! bash ) {
fclose ( pkg ) ;
unlink ( bashp ) ;
unlink ( pkgp ) ;
fprintf ( stderr , " UPDATE error writing %s \n " , bashp ) ;
return ;
}
fprintf ( bash ,
" #!/bin/bash \n "
" export PATH=/bin:/usr/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/local/sbin \n "
2015-06-02 23:54:27 +00:00
" sleep 1 \n "
2015-05-21 02:38:49 +00:00
" installer -pkg \" %s \" -target / \n "
" sleep 1 \n "
" rm -f \" %s \" \" %s \" \n "
" exit 0 \n " ,
pkgp ,
pkgp ,
bashp ) ;
fclose ( bash ) ;
long pid = ( long ) vfork ( ) ;
if ( pid = = 0 ) {
2015-06-03 23:37:24 +00:00
setsid ( ) ; // detach from parent so that shell isn't killed when parent is killed
signal ( SIGHUP , SIG_IGN ) ;
signal ( SIGTERM , SIG_IGN ) ;
signal ( SIGQUIT , SIG_IGN ) ;
2015-05-21 02:38:49 +00:00
execl ( " /bin/bash " , " /bin/bash " , bashp , ( char * ) 0 ) ;
exit ( 0 ) ;
}
}
# endif // __APPLE__
# ifdef __WINDOWS__
/* Windows version comes in the form of .MSI package that
* takes care of everything . */
{
2015-05-21 03:17:56 +00:00
char tempp [ 512 ] , batp [ 512 ] , msip [ 512 ] , cmdline [ 512 ] ;
if ( GetTempPathA ( sizeof ( tempp ) , tempp ) < = 0 )
return ;
CreateDirectoryA ( tempp , ( LPSECURITY_ATTRIBUTES ) 0 ) ;
Utils : : snprintf ( batp , sizeof ( batp ) , " %s \\ ZeroTierOne-update-%u.%u.%u.bat " , tempp , vMajor , vMinor , vRevision ) ;
Utils : : snprintf ( msip , sizeof ( msip ) , " %s \\ ZeroTierOne-update-%u.%u.%u.msi " , tempp , vMajor , vMinor , vRevision ) ;
FILE * msi = fopen ( msip , " wb " ) ;
if ( ( ! msi ) | | ( fwrite ( fileData . data ( ) , ( size_t ) fileData . length ( ) , 1 , msi ) ! = 1 ) ) {
fclose ( msi ) ;
return ;
}
fclose ( msi ) ;
FILE * bat = fopen ( batp , " wb " ) ;
if ( ! bat )
return ;
fprintf ( bat ,
" TIMEOUT.EXE /T 1 /NOBREAK \r \n "
" NET.EXE STOP \" ZeroTierOneService \" \r \n "
" TIMEOUT.EXE /T 1 /NOBREAK \r \n "
" MSIEXEC.EXE /i \" %s \" /qn \r \n "
" TIMEOUT.EXE /T 1 /NOBREAK \r \n "
" NET.EXE START \" ZeroTierOneService \" \r \n "
" DEL \" %s \" \r \n "
" DEL \" %s \" \r \n " ,
msip ,
msip ,
batp ) ;
fclose ( bat ) ;
STARTUPINFOA si ;
PROCESS_INFORMATION pi ;
memset ( & si , 0 , sizeof ( si ) ) ;
memset ( & pi , 0 , sizeof ( pi ) ) ;
Utils : : snprintf ( cmdline , sizeof ( cmdline ) , " CMD.EXE /c \" %s \" " , batp ) ;
CreateProcessA ( NULL , cmdline , NULL , NULL , FALSE , CREATE_NO_WINDOW | CREATE_NEW_PROCESS_GROUP , NULL , NULL , & si , & pi ) ;
2015-05-21 02:38:49 +00:00
}
# endif // __WINDOWS__
/* --------------------------------------------------------------- */
return ;
} // else try to fetch from next IP address
}
}
void threadMain ( )
throw ( )
{
try {
this - > doUpdateCheck ( ) ;
} catch ( . . . ) { }
}
} ;
static BackgroundSoftwareUpdateChecker backgroundSoftwareUpdateChecker ;
# endif // ZT_AUTO_UPDATE
2015-12-01 00:44:32 +00:00
static bool isBlacklistedLocalInterfaceForZeroTierTraffic ( const char * ifn )
{
# if defined(__linux__) || defined(linux) || defined(__LINUX__) || defined(__linux)
if ( ( ifn [ 0 ] = = ' l ' ) & & ( ifn [ 1 ] = = ' o ' ) ) return true ; // loopback
if ( ( ifn [ 0 ] = = ' z ' ) & & ( ifn [ 1 ] = = ' t ' ) ) return true ; // sanity check: zt#
if ( ( ifn [ 0 ] = = ' t ' ) & & ( ifn [ 1 ] = = ' u ' ) & & ( ifn [ 2 ] = = ' n ' ) ) return true ; // tun# is probably an OpenVPN tunnel or similar
if ( ( ifn [ 0 ] = = ' t ' ) & & ( ifn [ 1 ] = = ' a ' ) & & ( ifn [ 2 ] = = ' p ' ) ) return true ; // tap# is probably an OpenVPN tunnel or similar
# endif
# ifdef __APPLE__
if ( ( ifn [ 0 ] = = ' l ' ) & & ( ifn [ 1 ] = = ' o ' ) ) return true ; // loopback
if ( ( ifn [ 0 ] = = ' z ' ) & & ( ifn [ 1 ] = = ' t ' ) ) return true ; // sanity check: zt#
if ( ( ifn [ 0 ] = = ' t ' ) & & ( ifn [ 1 ] = = ' u ' ) & & ( ifn [ 2 ] = = ' n ' ) ) return true ; // tun# is probably an OpenVPN tunnel or similar
if ( ( ifn [ 0 ] = = ' t ' ) & & ( ifn [ 1 ] = = ' a ' ) & & ( ifn [ 2 ] = = ' p ' ) ) return true ; // tap# is probably an OpenVPN tunnel or similar
if ( ( ifn [ 0 ] = = ' u ' ) & & ( ifn [ 1 ] = = ' t ' ) & & ( ifn [ 2 ] = = ' u ' ) & & ( ifn [ 3 ] = = ' n ' ) ) return true ; // ... as is utun#
# endif
return false ;
}
2015-10-01 19:37:18 +00:00
static std : : string _trimString ( const std : : string & s )
{
unsigned long end = ( unsigned long ) s . length ( ) ;
while ( end ) {
char c = s [ end - 1 ] ;
if ( ( c = = ' ' ) | | ( c = = ' \r ' ) | | ( c = = ' \n ' ) | | ( ! c ) | | ( c = = ' \t ' ) )
- - end ;
else break ;
}
unsigned long start = 0 ;
while ( start < end ) {
char c = s [ start ] ;
if ( ( c = = ' ' ) | | ( c = = ' \r ' ) | | ( c = = ' \n ' ) | | ( ! c ) | | ( c = = ' \t ' ) )
+ + start ;
else break ;
}
return s . substr ( start , end - start ) ;
}
2015-04-15 21:42:26 +00:00
class OneServiceImpl ;
2015-04-11 02:08:49 +00:00
2016-01-12 19:34:22 +00:00
static int SnodeVirtualNetworkConfigFunction ( ZT_Node * node , void * uptr , uint64_t nwid , void * * nuptr , enum ZT_VirtualNetworkConfigOperation op , const ZT_VirtualNetworkConfig * nwconf ) ;
2015-09-24 23:21:36 +00:00
static void SnodeEventCallback ( ZT_Node * node , void * uptr , enum ZT_Event event , const void * metaData ) ;
static long SnodeDataStoreGetFunction ( ZT_Node * node , void * uptr , const char * name , void * buf , unsigned long bufSize , unsigned long readIndex , unsigned long * totalSize ) ;
static int SnodeDataStorePutFunction ( ZT_Node * node , void * uptr , const char * name , const void * data , unsigned long len , int secure ) ;
2015-11-09 23:44:13 +00:00
static int SnodeWirePacketSendFunction ( ZT_Node * node , void * uptr , const struct sockaddr_storage * localAddr , const struct sockaddr_storage * addr , const void * data , unsigned int len , unsigned int ttl ) ;
2016-01-12 19:34:22 +00:00
static void SnodeVirtualNetworkFrameFunction ( ZT_Node * node , void * uptr , uint64_t nwid , void * * nuptr , uint64_t sourceMac , uint64_t destMac , unsigned int etherType , unsigned int vlanId , const void * data , unsigned int len ) ;
2016-11-22 18:54:58 +00:00
static int SnodePathCheckFunction ( ZT_Node * node , void * uptr , uint64_t ztaddr , const struct sockaddr_storage * localAddr , const struct sockaddr_storage * remoteAddr ) ;
static int SnodePathLookupFunction ( ZT_Node * node , void * uptr , uint64_t ztaddr , int family , struct sockaddr_storage * result ) ;
2015-04-10 01:14:27 +00:00
2015-10-22 23:02:01 +00:00
# ifdef ZT_ENABLE_CLUSTER
static void SclusterSendFunction ( void * uptr , unsigned int toMemberId , const void * data , unsigned int len ) ;
static int SclusterGeoIpFunction ( void * uptr , const struct sockaddr_storage * addr , int * x , int * y , int * z ) ;
# endif
2015-04-15 00:57:51 +00:00
static void StapFrameHandler ( void * uptr , uint64_t nwid , const MAC & from , const MAC & to , unsigned int etherType , unsigned int vlanId , const void * data , unsigned int len ) ;
2015-04-11 02:08:49 +00:00
static int ShttpOnMessageBegin ( http_parser * parser ) ;
static int ShttpOnUrl ( http_parser * parser , const char * ptr , size_t length ) ;
2016-06-08 19:49:07 +00:00
# if (HTTP_PARSER_VERSION_MAJOR >= 2) && (HTTP_PARSER_VERSION_MINOR >= 2)
2015-04-11 02:08:49 +00:00
static int ShttpOnStatus ( http_parser * parser , const char * ptr , size_t length ) ;
2016-06-08 19:49:07 +00:00
# else
static int ShttpOnStatus ( http_parser * parser ) ;
# endif
2015-04-11 02:08:49 +00:00
static int ShttpOnHeaderField ( http_parser * parser , const char * ptr , size_t length ) ;
static int ShttpOnValue ( http_parser * parser , const char * ptr , size_t length ) ;
static int ShttpOnHeadersComplete ( http_parser * parser ) ;
static int ShttpOnBody ( http_parser * parser , const char * ptr , size_t length ) ;
static int ShttpOnMessageComplete ( http_parser * parser ) ;
2016-06-08 22:09:09 +00:00
# if (HTTP_PARSER_VERSION_MAJOR >= 2) && (HTTP_PARSER_VERSION_MINOR >= 1)
2015-04-16 21:13:44 +00:00
static const struct http_parser_settings HTTP_PARSER_SETTINGS = {
2015-04-11 02:08:49 +00:00
ShttpOnMessageBegin ,
ShttpOnUrl ,
ShttpOnStatus ,
ShttpOnHeaderField ,
ShttpOnValue ,
ShttpOnHeadersComplete ,
ShttpOnBody ,
ShttpOnMessageComplete
} ;
2016-06-08 22:09:09 +00:00
# else
static const struct http_parser_settings HTTP_PARSER_SETTINGS = {
ShttpOnMessageBegin ,
ShttpOnUrl ,
ShttpOnHeaderField ,
ShttpOnValue ,
ShttpOnHeadersComplete ,
ShttpOnBody ,
ShttpOnMessageComplete
} ;
# endif
2015-04-11 00:07:06 +00:00
2015-04-28 19:43:10 +00:00
struct TcpConnection
2015-04-11 02:08:49 +00:00
{
2015-04-28 19:43:10 +00:00
enum {
TCP_HTTP_INCOMING ,
TCP_HTTP_OUTGOING , // not currently used
TCP_TUNNEL_OUTGOING // fale-SSL outgoing tunnel -- HTTP-related fields are not used
} type ;
2015-04-11 02:08:49 +00:00
bool shouldKeepAlive ;
2015-04-15 21:42:26 +00:00
OneServiceImpl * parent ;
2015-04-11 02:08:49 +00:00
PhySocket * sock ;
2015-04-11 02:36:29 +00:00
InetAddress from ;
2015-04-11 02:08:49 +00:00
http_parser parser ;
unsigned long messageSize ;
uint64_t lastActivity ;
std : : string currentHeaderField ;
std : : string currentHeaderValue ;
std : : string url ;
std : : string status ;
std : : map < std : : string , std : : string > headers ;
2015-04-28 19:43:10 +00:00
std : : string body ;
std : : string writeBuf ;
2015-05-22 21:52:23 +00:00
Mutex writeBuf_m ;
2015-04-11 02:08:49 +00:00
} ;
2015-04-11 00:07:06 +00:00
2016-03-03 21:52:27 +00:00
// Used to pseudo-randomize local source port picking
static volatile unsigned int _udpPortPickerCounter = 0 ;
2015-04-15 21:42:26 +00:00
class OneServiceImpl : public OneService
2015-04-10 01:14:27 +00:00
{
public :
2016-04-05 18:59:46 +00:00
// begin member variables --------------------------------------------------
const std : : string _homePath ;
BackgroundResolver _tcpFallbackResolver ;
2016-11-14 23:47:06 +00:00
InetAddress _allowManagementFrom ;
2016-08-17 17:42:32 +00:00
EmbeddedNetworkController * _controller ;
2016-04-05 18:59:46 +00:00
Phy < OneServiceImpl * > _phy ;
Node * _node ;
2016-11-22 18:54:58 +00:00
// Local configuration and memo-ized static path definitions
json _localConfig ;
Hashtable < uint64_t , std : : vector < InetAddress > > _v4Hints ;
Hashtable < uint64_t , std : : vector < InetAddress > > _v6Hints ;
Hashtable < uint64_t , std : : vector < InetAddress > > _v4Blacklists ;
Hashtable < uint64_t , std : : vector < InetAddress > > _v6Blacklists ;
std : : vector < InetAddress > _globalV4Blacklist ;
std : : vector < InetAddress > _globalV6Blacklist ;
Mutex _localConfig_m ;
2016-04-05 18:59:46 +00:00
/*
2016-06-14 17:09:26 +00:00
* To attempt to handle NAT / gateway craziness we use three local UDP ports :
2016-04-05 18:59:46 +00:00
*
* [ 0 ] is the normal / default port , usually 9993
* [ 1 ] is a port dervied from our ZeroTier address
* [ 2 ] is a port computed from the normal / default for use with uPnP / NAT - PMP mappings
*
* [ 2 ] exists because on some gateways trying to do regular NAT - t interferes
* destructively with uPnP port mapping behavior in very weird buggy ways .
* It ' s only used if uPnP / NAT - PMP is enabled in this build .
*/
2016-04-05 22:44:08 +00:00
Binder _bindings [ 3 ] ;
unsigned int _ports [ 3 ] ;
uint16_t _portsBE [ 3 ] ; // ports in big-endian network byte order as in sockaddr
2016-04-05 18:59:46 +00:00
// Sockets for JSON API -- bound only to V4 and V6 localhost
PhySocket * _v4TcpControlSocket ;
PhySocket * _v6TcpControlSocket ;
// JSON API handler
ControlPlane * _controlPlane ;
// Time we last received a packet from a global address
uint64_t _lastDirectReceiveFromGlobal ;
# ifdef ZT_TCP_FALLBACK_RELAY
uint64_t _lastSendToGlobalV4 ;
# endif
// Last potential sleep/wake event
uint64_t _lastRestart ;
// Deadline for the next background task service function
volatile uint64_t _nextBackgroundTaskDeadline ;
2016-06-14 17:09:26 +00:00
// Configured networks
struct NetworkState
{
2016-06-21 21:58:30 +00:00
NetworkState ( ) :
tap ( ( EthernetTap * ) 0 )
{
2016-06-21 23:52:49 +00:00
// Real defaults are in network 'up' code in network event handler
2016-06-21 21:58:30 +00:00
settings . allowManaged = true ;
settings . allowGlobal = false ;
settings . allowDefault = false ;
}
2016-06-14 17:09:26 +00:00
EthernetTap * tap ;
2016-06-17 20:14:48 +00:00
ZT_VirtualNetworkConfig config ; // memcpy() of raw config from core
2016-06-14 17:09:26 +00:00
std : : vector < InetAddress > managedIps ;
2016-09-13 23:25:48 +00:00
std : : list < SharedPtr < ManagedRoute > > managedRoutes ;
2016-06-21 21:58:30 +00:00
NetworkSettings settings ;
2016-06-14 17:09:26 +00:00
} ;
std : : map < uint64_t , NetworkState > _nets ;
Mutex _nets_m ;
2016-04-05 18:59:46 +00:00
// Active TCP/IP connections
std : : set < TcpConnection * > _tcpConnections ; // no mutex for this since it's done in the main loop thread only
TcpConnection * _tcpFallbackTunnel ;
// Termination status information
ReasonForTermination _termReason ;
std : : string _fatalErrorMessage ;
Mutex _termReason_m ;
// uPnP/NAT-PMP port mapper if enabled
# ifdef ZT_USE_MINIUPNPC
PortMapper * _portMapper ;
# endif
// Cluster management instance if enabled
# ifdef ZT_ENABLE_CLUSTER
PhySocket * _clusterMessageSocket ;
ClusterDefinition * _clusterDefinition ;
unsigned int _clusterMemberId ;
# endif
// Set to false to force service to stop
volatile bool _run ;
Mutex _run_m ;
// end member variables ----------------------------------------------------
2016-11-14 23:47:06 +00:00
OneServiceImpl ( const char * hp , unsigned int port , const char * allowManagementFrom ) :
2015-10-22 23:02:01 +00:00
_homePath ( ( hp ) ? hp : " . " )
, _tcpFallbackResolver ( ZT_TCP_FALLBACK_RELAY )
2016-08-17 17:42:32 +00:00
, _controller ( ( EmbeddedNetworkController * ) 0 )
2015-10-22 23:02:01 +00:00
, _phy ( this , false , true )
, _node ( ( Node * ) 0 )
, _controlPlane ( ( ControlPlane * ) 0 )
, _lastDirectReceiveFromGlobal ( 0 )
2016-03-03 21:52:27 +00:00
# ifdef ZT_TCP_FALLBACK_RELAY
, _lastSendToGlobalV4 ( 0 )
# endif
2015-10-22 23:02:01 +00:00
, _lastRestart ( 0 )
, _nextBackgroundTaskDeadline ( 0 )
, _tcpFallbackTunnel ( ( TcpConnection * ) 0 )
, _termReason ( ONE_STILL_RUNNING )
2015-07-28 21:32:02 +00:00
# ifdef ZT_USE_MINIUPNPC
2015-11-30 21:10:22 +00:00
, _portMapper ( ( PortMapper * ) 0 )
2015-07-28 21:32:02 +00:00
# endif
2015-10-22 23:02:01 +00:00
# ifdef ZT_ENABLE_CLUSTER
, _clusterMessageSocket ( ( PhySocket * ) 0 )
, _clusterDefinition ( ( ClusterDefinition * ) 0 )
, _clusterMemberId ( 0 )
# endif
, _run ( true )
2015-04-10 01:14:27 +00:00
{
2016-11-14 23:47:06 +00:00
if ( allowManagementFrom )
_allowManagementFrom . fromString ( allowManagementFrom ) ;
2016-04-05 22:44:08 +00:00
_ports [ 0 ] = 0 ;
_ports [ 1 ] = 0 ;
_ports [ 2 ] = 0 ;
2016-03-03 21:52:27 +00:00
2016-04-05 22:44:08 +00:00
// The control socket is bound to the default/static port on localhost. If we
// can do this, we have successfully allocated a port. The binders will take
// care of binding non-local addresses for ZeroTier traffic.
2015-09-23 21:38:16 +00:00
const int portTrials = ( port = = 0 ) ? 256 : 1 ; // if port is 0, pick random
for ( int k = 0 ; k < portTrials ; + + k ) {
if ( port = = 0 ) {
unsigned int randp = 0 ;
Utils : : getSecureRandom ( & randp , sizeof ( randp ) ) ;
2016-04-07 16:51:14 +00:00
port = 20000 + ( randp % 45500 ) ;
2015-09-23 21:38:16 +00:00
}
2016-04-07 16:51:14 +00:00
if ( _trialBind ( port ) ) {
struct sockaddr_in in4 ;
memset ( & in4 , 0 , sizeof ( in4 ) ) ;
in4 . sin_family = AF_INET ;
2016-11-14 23:47:06 +00:00
in4 . sin_addr . s_addr = Utils : : hton ( ( uint32_t ) ( ( allowManagementFrom ) ? 0 : 0x7f000001 ) ) ; // right now we just listen for TCP @127.0.0.1
2016-04-07 16:51:14 +00:00
in4 . sin_port = Utils : : hton ( ( uint16_t ) port ) ;
_v4TcpControlSocket = _phy . tcpListen ( ( const struct sockaddr * ) & in4 , this ) ;
struct sockaddr_in6 in6 ;
memset ( ( void * ) & in6 , 0 , sizeof ( in6 ) ) ;
in6 . sin6_family = AF_INET6 ;
in6 . sin6_port = in4 . sin_port ;
2016-11-14 23:47:06 +00:00
if ( ! allowManagementFrom )
in6 . sin6_addr . s6_addr [ 15 ] = 1 ; // IPv6 localhost == ::1
2016-04-07 16:51:14 +00:00
_v6TcpControlSocket = _phy . tcpListen ( ( const struct sockaddr * ) & in6 , this ) ;
// We must bind one of IPv4 or IPv6 -- support either failing to support hosts that
// have only IPv4 or only IPv6 stacks.
if ( ( _v4TcpControlSocket ) | | ( _v6TcpControlSocket ) ) {
_ports [ 0 ] = port ;
break ;
} else {
if ( _v4TcpControlSocket )
_phy . close ( _v4TcpControlSocket , false ) ;
if ( _v6TcpControlSocket )
_phy . close ( _v6TcpControlSocket , false ) ;
port = 0 ;
}
2016-04-05 22:44:08 +00:00
} else {
port = 0 ;
2015-09-23 21:38:16 +00:00
}
2015-04-10 01:14:27 +00:00
}
2016-04-05 22:44:08 +00:00
if ( _ports [ 0 ] = = 0 )
throw std : : runtime_error ( " cannot bind to local control interface port " ) ;
2015-04-16 02:38:01 +00:00
char portstr [ 64 ] ;
2016-04-05 22:44:08 +00:00
Utils : : snprintf ( portstr , sizeof ( portstr ) , " %u " , _ports [ 0 ] ) ;
2015-04-16 02:38:01 +00:00
OSUtils : : writeFile ( ( _homePath + ZT_PATH_SEPARATOR_S + " zerotier-one.port " ) . c_str ( ) , std : : string ( portstr ) ) ;
2015-04-10 01:14:27 +00:00
}
2015-04-15 21:42:26 +00:00
virtual ~ OneServiceImpl ( )
2015-04-10 01:14:27 +00:00
{
2016-04-05 22:44:08 +00:00
for ( int i = 0 ; i < 3 ; + + i )
_bindings [ i ] . closeAll ( _phy ) ;
2016-04-05 18:59:46 +00:00
_phy . close ( _v4TcpControlSocket ) ;
_phy . close ( _v6TcpControlSocket ) ;
2016-04-05 22:44:08 +00:00
2015-10-22 23:02:01 +00:00
# ifdef ZT_ENABLE_CLUSTER
_phy . close ( _clusterMessageSocket ) ;
# endif
2016-04-05 22:44:08 +00:00
2015-09-23 21:38:16 +00:00
# ifdef ZT_USE_MINIUPNPC
2015-11-30 21:10:22 +00:00
delete _portMapper ;
2015-10-06 22:56:18 +00:00
# endif
delete _controller ;
2015-10-22 23:02:01 +00:00
# ifdef ZT_ENABLE_CLUSTER
delete _clusterDefinition ;
2015-09-23 21:38:16 +00:00
# endif
2015-04-10 01:14:27 +00:00
}
2015-04-10 18:40:45 +00:00
virtual ReasonForTermination run ( )
{
try {
2015-04-16 02:14:12 +00:00
std : : string authToken ;
{
std : : string authTokenPath ( _homePath + ZT_PATH_SEPARATOR_S + " authtoken.secret " ) ;
if ( ! OSUtils : : readFile ( authTokenPath . c_str ( ) , authToken ) ) {
unsigned char foo [ 24 ] ;
Utils : : getSecureRandom ( foo , sizeof ( foo ) ) ;
authToken = " " ;
for ( unsigned int i = 0 ; i < sizeof ( foo ) ; + + i )
authToken . push_back ( " abcdefghijklmnopqrstuvwxyz0123456789 " [ ( unsigned long ) foo [ i ] % 36 ] ) ;
if ( ! OSUtils : : writeFile ( authTokenPath . c_str ( ) , authToken ) ) {
Mutex : : Lock _l ( _termReason_m ) ;
_termReason = ONE_UNRECOVERABLE_ERROR ;
_fatalErrorMessage = " authtoken.secret could not be written " ;
return _termReason ;
2016-04-05 22:44:08 +00:00
} else {
OSUtils : : lockDownFile ( authTokenPath . c_str ( ) , false ) ;
}
2015-04-16 02:14:12 +00:00
}
}
2015-10-01 19:37:18 +00:00
authToken = _trimString ( authToken ) ;
2015-04-16 02:14:12 +00:00
2016-08-04 01:04:08 +00:00
// Clean up any legacy files if present
OSUtils : : rm ( ( _homePath + ZT_PATH_SEPARATOR_S + " peers.save " ) . c_str ( ) ) ;
2016-11-22 18:54:58 +00:00
{
struct ZT_Node_Callbacks cb ;
cb . version = 0 ;
cb . dataStoreGetFunction = SnodeDataStoreGetFunction ;
cb . dataStorePutFunction = SnodeDataStorePutFunction ;
cb . wirePacketSendFunction = SnodeWirePacketSendFunction ;
cb . virtualNetworkFrameFunction = SnodeVirtualNetworkFrameFunction ;
cb . virtualNetworkConfigFunction = SnodeVirtualNetworkConfigFunction ;
cb . eventCallback = SnodeEventCallback ;
cb . pathCheckFunction = SnodePathCheckFunction ;
cb . pathLookupFunction = SnodePathLookupFunction ;
_node = new Node ( this , & cb , OSUtils : : now ( ) ) ;
}
2015-04-10 18:40:45 +00:00
2016-04-05 22:44:08 +00:00
// Attempt to bind to a secondary port chosen from our ZeroTier address.
// This exists because there are buggy NATs out there that fail if more
// than one device behind the same NAT tries to use the same internal
// private address port number.
_ports [ 1 ] = 20000 + ( ( unsigned int ) _node - > address ( ) % 45500 ) ;
for ( int i = 0 ; ; + + i ) {
2016-04-07 16:51:14 +00:00
if ( i > 1000 ) {
2016-04-05 22:44:08 +00:00
_ports [ 1 ] = 0 ;
break ;
} else if ( + + _ports [ 1 ] > = 65536 ) {
_ports [ 1 ] = 20000 ;
2016-03-03 21:52:27 +00:00
}
2016-04-05 22:44:08 +00:00
if ( _trialBind ( _ports [ 1 ] ) )
break ;
2016-03-03 21:52:27 +00:00
}
2015-11-30 21:10:22 +00:00
# ifdef ZT_USE_MINIUPNPC
2016-04-05 22:44:08 +00:00
// If we're running uPnP/NAT-PMP, bind a *third* port for that. We can't
// use the other two ports for that because some NATs do really funky
// stuff with ports that are explicitly mapped that breaks things.
2016-04-07 16:51:14 +00:00
if ( _ports [ 1 ] ) {
_ports [ 2 ] = _ports [ 1 ] ;
for ( int i = 0 ; ; + + i ) {
if ( i > 1000 ) {
_ports [ 2 ] = 0 ;
break ;
} else if ( + + _ports [ 2 ] > = 65536 ) {
_ports [ 2 ] = 20000 ;
}
if ( _trialBind ( _ports [ 2 ] ) )
break ;
}
if ( _ports [ 2 ] ) {
char uniqueName [ 64 ] ;
Utils : : snprintf ( uniqueName , sizeof ( uniqueName ) , " ZeroTier/%.10llx@%u " , _node - > address ( ) , _ports [ 2 ] ) ;
_portMapper = new PortMapper ( _ports [ 2 ] , uniqueName ) ;
2015-11-30 21:10:22 +00:00
}
}
# endif
2016-04-05 22:44:08 +00:00
for ( int i = 0 ; i < 3 ; + + i )
_portsBE [ i ] = Utils : : hton ( ( uint16_t ) _ports [ i ] ) ;
2016-07-12 18:30:22 +00:00
{
2016-11-21 21:20:56 +00:00
uint64_t trustedPathIds [ ZT_MAX_TRUSTED_PATHS ] ;
InetAddress trustedPathNetworks [ ZT_MAX_TRUSTED_PATHS ] ;
unsigned int trustedPathCount = 0 ;
// Old style "trustedpaths" flat file -- will eventually go away
2016-07-12 18:41:19 +00:00
FILE * trustpaths = fopen ( ( _homePath + ZT_PATH_SEPARATOR_S + " trustedpaths " ) . c_str ( ) , " r " ) ;
2016-07-12 18:30:22 +00:00
if ( trustpaths ) {
char buf [ 1024 ] ;
2016-11-21 21:20:56 +00:00
while ( ( fgets ( buf , sizeof ( buf ) , trustpaths ) ) & & ( trustedPathCount < ZT_MAX_TRUSTED_PATHS ) ) {
2016-07-12 18:30:22 +00:00
int fno = 0 ;
char * saveptr = ( char * ) 0 ;
uint64_t trustedPathId = 0 ;
InetAddress trustedPathNetwork ;
for ( char * f = Utils : : stok ( buf , " = \r \n \t " , & saveptr ) ; ( f ) ; f = Utils : : stok ( ( char * ) 0 , " = \r \n \t " , & saveptr ) ) {
if ( fno = = 0 ) {
trustedPathId = Utils : : hexStrToU64 ( f ) ;
} else if ( fno = = 1 ) {
trustedPathNetwork = InetAddress ( f ) ;
} else break ;
+ + fno ;
}
if ( ( trustedPathId ! = 0 ) & & ( ( trustedPathNetwork . ss_family = = AF_INET ) | | ( trustedPathNetwork . ss_family = = AF_INET6 ) ) & & ( trustedPathNetwork . ipScope ( ) ! = InetAddress : : IP_SCOPE_GLOBAL ) & & ( trustedPathNetwork . netmaskBits ( ) > 0 ) ) {
2016-11-21 21:20:56 +00:00
trustedPathIds [ trustedPathCount ] = trustedPathId ;
trustedPathNetworks [ trustedPathCount ] = trustedPathNetwork ;
+ + trustedPathCount ;
2016-07-12 18:30:22 +00:00
}
}
fclose ( trustpaths ) ;
2016-11-21 21:20:56 +00:00
}
// Read local config file
2016-11-22 18:54:58 +00:00
Mutex : : Lock _l2 ( _localConfig_m ) ;
2016-11-21 21:20:56 +00:00
std : : string lcbuf ;
if ( OSUtils : : readFile ( ( _homePath + ZT_PATH_SEPARATOR_S + " local.conf " ) . c_str ( ) , lcbuf ) ) {
try {
_localConfig = json : : parse ( lcbuf ) ;
if ( ! _localConfig . is_object ( ) ) {
2016-11-21 22:14:43 +00:00
fprintf ( stderr , " WARNING: unable to parse local.conf (root element is not a JSON object) " ZT_EOL_S ) ;
2016-11-21 21:20:56 +00:00
}
} catch ( . . . ) {
2016-11-21 22:14:43 +00:00
fprintf ( stderr , " WARNING: unable to parse local.conf (invalid JSON) " ZT_EOL_S ) ;
2016-11-21 21:20:56 +00:00
}
}
2016-11-22 18:54:58 +00:00
// Get any trusted paths in local.conf (we'll parse the rest of physical[] elsewhere)
2016-11-21 21:20:56 +00:00
json & physical = _localConfig [ " physical " ] ;
if ( physical . is_object ( ) ) {
for ( json : : iterator phy ( physical . begin ( ) ) ; phy ! = physical . end ( ) ; + + phy ) {
2016-11-22 18:54:58 +00:00
InetAddress net ( _jS ( phy . key ( ) , " " ) ) ;
if ( net ) {
2016-11-21 21:20:56 +00:00
if ( phy . value ( ) . is_object ( ) ) {
2016-11-22 18:54:58 +00:00
uint64_t tpid ;
if ( ( tpid = _jI ( phy . value ( ) [ " trustedPathId " ] , 0ULL ) ) ! = 0ULL ) {
if ( ( ( net . ss_family = = AF_INET ) | | ( net . ss_family = = AF_INET6 ) ) & & ( trustedPathCount < ZT_MAX_TRUSTED_PATHS ) & & ( net . ipScope ( ) ! = InetAddress : : IP_SCOPE_GLOBAL ) & & ( net . netmaskBits ( ) > 0 ) ) {
2016-11-21 21:20:56 +00:00
trustedPathIds [ trustedPathCount ] = tpid ;
2016-11-22 18:54:58 +00:00
trustedPathNetworks [ trustedPathCount ] = net ;
2016-11-21 21:20:56 +00:00
+ + trustedPathCount ;
}
}
}
}
}
}
// Set trusted paths if there are any
if ( trustedPathCount )
_node - > setTrustedPaths ( reinterpret_cast < const struct sockaddr_storage * > ( trustedPathNetworks ) , trustedPathIds , trustedPathCount ) ;
2016-07-12 18:30:22 +00:00
}
2016-11-22 18:54:58 +00:00
applyLocalConfig ( ) ;
2016-07-12 18:30:22 +00:00
2016-08-17 17:42:32 +00:00
_controller = new EmbeddedNetworkController ( _node , ( _homePath + ZT_PATH_SEPARATOR_S + ZT_CONTROLLER_DB_PATH ) . c_str ( ) ) ;
2015-10-06 22:56:18 +00:00
_node - > setNetconfMaster ( ( void * ) _controller ) ;
2015-04-10 18:40:45 +00:00
2015-10-22 23:02:01 +00:00
# ifdef ZT_ENABLE_CLUSTER
2015-11-30 23:15:43 +00:00
if ( OSUtils : : fileExists ( ( _homePath + ZT_PATH_SEPARATOR_S + " cluster " ) . c_str ( ) ) ) {
_clusterDefinition = new ClusterDefinition ( _node - > address ( ) , ( _homePath + ZT_PATH_SEPARATOR_S + " cluster " ) . c_str ( ) ) ;
if ( _clusterDefinition - > size ( ) > 0 ) {
std : : vector < ClusterDefinition : : MemberDefinition > members ( _clusterDefinition - > members ( ) ) ;
for ( std : : vector < ClusterDefinition : : MemberDefinition > : : iterator m ( members . begin ( ) ) ; m ! = members . end ( ) ; + + m ) {
PhySocket * cs = _phy . udpBind ( reinterpret_cast < const struct sockaddr * > ( & ( m - > clusterEndpoint ) ) ) ;
if ( cs ) {
if ( _clusterMessageSocket ) {
_phy . close ( _clusterMessageSocket , false ) ;
_phy . close ( cs , false ) ;
Mutex : : Lock _l ( _termReason_m ) ;
_termReason = ONE_UNRECOVERABLE_ERROR ;
2016-11-21 21:20:56 +00:00
_fatalErrorMessage = " cluster: can't determine my cluster member ID: able to bind more than one cluster message socket IP/port! " ;
2015-11-30 23:15:43 +00:00
return _termReason ;
}
_clusterMessageSocket = cs ;
_clusterMemberId = m - > id ;
2015-10-22 23:02:01 +00:00
}
}
2015-11-30 23:15:43 +00:00
if ( ! _clusterMessageSocket ) {
Mutex : : Lock _l ( _termReason_m ) ;
_termReason = ONE_UNRECOVERABLE_ERROR ;
2016-11-21 21:20:56 +00:00
_fatalErrorMessage = " cluster: can't determine my cluster member ID: unable to bind to any cluster message socket IP/port. " ;
2015-11-30 23:15:43 +00:00
return _termReason ;
}
2015-10-22 23:02:01 +00:00
2015-11-30 23:15:43 +00:00
const ClusterDefinition : : MemberDefinition & me = ( * _clusterDefinition ) [ _clusterMemberId ] ;
InetAddress endpoints [ 255 ] ;
unsigned int numEndpoints = 0 ;
for ( std : : vector < InetAddress > : : const_iterator i ( me . zeroTierEndpoints . begin ( ) ) ; i ! = me . zeroTierEndpoints . end ( ) ; + + i )
endpoints [ numEndpoints + + ] = * i ;
2016-04-18 18:33:54 +00:00
if ( _node - > clusterInit ( _clusterMemberId , reinterpret_cast < const struct sockaddr_storage * > ( endpoints ) , numEndpoints , me . x , me . y , me . z , & SclusterSendFunction , this , _clusterDefinition - > geo ( ) . available ( ) ? & SclusterGeoIpFunction : 0 , this ) = = ZT_RESULT_OK ) {
2015-11-30 23:15:43 +00:00
std : : vector < ClusterDefinition : : MemberDefinition > members ( _clusterDefinition - > members ( ) ) ;
for ( std : : vector < ClusterDefinition : : MemberDefinition > : : iterator m ( members . begin ( ) ) ; m ! = members . end ( ) ; + + m ) {
if ( m - > id ! = _clusterMemberId )
_node - > clusterAddMember ( m - > id ) ;
}
2015-10-22 23:02:01 +00:00
}
2015-11-30 23:15:43 +00:00
} else {
delete _clusterDefinition ;
_clusterDefinition = ( ClusterDefinition * ) 0 ;
2015-10-22 23:02:01 +00:00
}
}
# endif
2015-05-06 03:53:30 +00:00
_controlPlane = new ControlPlane ( this , _node , ( _homePath + ZT_PATH_SEPARATOR_S + " ui " ) . c_str ( ) ) ;
2015-04-16 02:14:12 +00:00
_controlPlane - > addAuthToken ( authToken . c_str ( ) ) ;
2015-10-06 22:56:18 +00:00
_controlPlane - > setController ( _controller ) ;
2015-04-14 01:12:45 +00:00
2015-04-14 22:55:03 +00:00
{ // Remember networks from previous session
2015-04-14 22:32:05 +00:00
std : : vector < std : : string > networksDotD ( OSUtils : : listDirectory ( ( _homePath + ZT_PATH_SEPARATOR_S + " networks.d " ) . c_str ( ) ) ) ;
for ( std : : vector < std : : string > : : iterator f ( networksDotD . begin ( ) ) ; f ! = networksDotD . end ( ) ; + + f ) {
std : : size_t dot = f - > find_last_of ( ' . ' ) ;
if ( ( dot = = 16 ) & & ( f - > substr ( 16 ) = = " .conf " ) )
2016-01-12 19:04:35 +00:00
_node - > join ( Utils : : hexStrToU64 ( f - > substr ( 0 , dot ) . c_str ( ) ) , ( void * ) 0 ) ;
2015-04-14 22:32:05 +00:00
}
}
2015-04-10 18:40:45 +00:00
_nextBackgroundTaskDeadline = 0 ;
2015-05-22 21:52:23 +00:00
uint64_t clockShouldBe = OSUtils : : now ( ) ;
_lastRestart = clockShouldBe ;
2015-04-15 00:57:51 +00:00
uint64_t lastTapMulticastGroupCheck = 0 ;
2015-05-21 22:22:41 +00:00
uint64_t lastTcpFallbackResolve = 0 ;
2016-04-05 22:44:08 +00:00
uint64_t lastBindRefresh = 0 ;
2015-11-30 21:10:22 +00:00
uint64_t lastLocalInterfaceAddressCheck = ( OSUtils : : now ( ) - ZT_LOCAL_INTERFACE_CHECK_INTERVAL ) + 15000 ; // do this in 15s to give portmapper time to configure and other things time to settle
2015-05-21 03:17:56 +00:00
# ifdef ZT_AUTO_UPDATE
uint64_t lastSoftwareUpdateCheck = 0 ;
# endif // ZT_AUTO_UPDATE
2015-04-10 18:40:45 +00:00
for ( ; ; ) {
_run_m . lock ( ) ;
if ( ! _run ) {
_run_m . unlock ( ) ;
_termReason_m . lock ( ) ;
_termReason = ONE_NORMAL_TERMINATION ;
_termReason_m . unlock ( ) ;
break ;
2016-04-05 22:44:08 +00:00
} else {
_run_m . unlock ( ) ;
}
2015-04-10 18:40:45 +00:00
2016-04-05 22:44:08 +00:00
const uint64_t now = OSUtils : : now ( ) ;
// Attempt to detect sleep/wake events by detecting delay overruns
bool restarted = false ;
if ( ( now > clockShouldBe ) & & ( ( now - clockShouldBe ) > 10000 ) ) {
_lastRestart = now ;
restarted = true ;
}
2016-06-17 20:14:48 +00:00
// Refresh bindings in case device's interfaces have changed, and also sync routes to update any shadow routes (e.g. shadow default)
2016-04-05 22:44:08 +00:00
if ( ( ( now - lastBindRefresh ) > = ZT_BINDER_REFRESH_PERIOD ) | | ( restarted ) ) {
lastBindRefresh = now ;
for ( int i = 0 ; i < 3 ; + + i ) {
if ( _ports [ i ] ) {
_bindings [ i ] . refresh ( _phy , _ports [ i ] , * this ) ;
}
}
2016-06-17 20:14:48 +00:00
{
Mutex : : Lock _l ( _nets_m ) ;
for ( std : : map < uint64_t , NetworkState > : : iterator n ( _nets . begin ( ) ) ; n ! = _nets . end ( ) ; + + n ) {
if ( n - > second . tap )
syncManagedStuff ( n - > second , false , true ) ;
}
}
2016-04-05 22:44:08 +00:00
}
2015-05-22 21:52:23 +00:00
uint64_t dl = _nextBackgroundTaskDeadline ;
2015-04-10 18:40:45 +00:00
if ( dl < = now ) {
2015-04-11 02:08:49 +00:00
_node - > processBackgroundTasks ( now , & _nextBackgroundTaskDeadline ) ;
2015-04-10 18:40:45 +00:00
dl = _nextBackgroundTaskDeadline ;
2015-04-15 20:09:20 +00:00
}
2015-05-21 03:17:56 +00:00
# ifdef ZT_AUTO_UPDATE
if ( ( now - lastSoftwareUpdateCheck ) > = ZT_AUTO_UPDATE_CHECK_PERIOD ) {
2015-09-23 21:44:13 +00:00
lastSoftwareUpdateCheck = now ;
2015-05-21 03:17:56 +00:00
Thread : : start ( & backgroundSoftwareUpdateChecker ) ;
}
# endif // ZT_AUTO_UPDATE
2015-09-24 23:21:36 +00:00
if ( ( now - lastTcpFallbackResolve ) > = ZT_TCP_FALLBACK_RERESOLVE_DELAY ) {
2015-05-21 22:22:41 +00:00
lastTcpFallbackResolve = now ;
_tcpFallbackResolver . resolveNow ( ) ;
}
2015-09-24 23:21:36 +00:00
if ( ( _tcpFallbackTunnel ) & & ( ( now - _lastDirectReceiveFromGlobal ) < ( ZT_TCP_FALLBACK_AFTER / 2 ) ) )
2015-05-22 01:33:52 +00:00
_phy . close ( _tcpFallbackTunnel - > sock ) ;
2015-04-15 20:09:20 +00:00
if ( ( now - lastTapMulticastGroupCheck ) > = ZT_TAP_CHECK_MULTICAST_INTERVAL ) {
lastTapMulticastGroupCheck = now ;
2016-06-14 17:09:26 +00:00
Mutex : : Lock _l ( _nets_m ) ;
for ( std : : map < uint64_t , NetworkState > : : const_iterator n ( _nets . begin ( ) ) ; n ! = _nets . end ( ) ; + + n ) {
if ( n - > second . tap ) {
std : : vector < MulticastGroup > added , removed ;
n - > second . tap - > scanMulticastGroups ( added , removed ) ;
for ( std : : vector < MulticastGroup > : : iterator m ( added . begin ( ) ) ; m ! = added . end ( ) ; + + m )
_node - > multicastSubscribe ( n - > first , m - > mac ( ) . toInt ( ) , m - > adi ( ) ) ;
for ( std : : vector < MulticastGroup > : : iterator m ( removed . begin ( ) ) ; m ! = removed . end ( ) ; + + m )
_node - > multicastUnsubscribe ( n - > first , m - > mac ( ) . toInt ( ) , m - > adi ( ) ) ;
}
2015-04-15 20:09:20 +00:00
}
2015-04-10 18:40:45 +00:00
}
2015-09-24 23:21:36 +00:00
if ( ( now - lastLocalInterfaceAddressCheck ) > = ZT_LOCAL_INTERFACE_CHECK_INTERVAL ) {
2015-07-06 23:32:34 +00:00
lastLocalInterfaceAddressCheck = now ;
2016-04-05 22:53:19 +00:00
_node - > clearLocalInterfaceAddresses ( ) ;
2016-01-11 17:11:35 +00:00
2016-04-05 22:53:19 +00:00
# ifdef ZT_USE_MINIUPNPC
if ( _portMapper ) {
std : : vector < InetAddress > mappedAddresses ( _portMapper - > get ( ) ) ;
for ( std : : vector < InetAddress > : : const_iterator ext ( mappedAddresses . begin ( ) ) ; ext ! = mappedAddresses . end ( ) ; + + ext )
_node - > addLocalInterfaceAddress ( reinterpret_cast < const struct sockaddr_storage * > ( & ( * ext ) ) ) ;
2015-07-06 23:32:34 +00:00
}
2016-04-05 22:53:19 +00:00
# endif
2015-07-06 23:32:34 +00:00
2016-04-05 22:53:19 +00:00
std : : vector < InetAddress > boundAddrs ( _bindings [ 0 ] . allBoundLocalInterfaceAddresses ( ) ) ;
for ( std : : vector < InetAddress > : : const_iterator i ( boundAddrs . begin ( ) ) ; i ! = boundAddrs . end ( ) ; + + i )
_node - > addLocalInterfaceAddress ( reinterpret_cast < const struct sockaddr_storage * > ( & ( * i ) ) ) ;
2015-07-06 23:32:34 +00:00
}
2015-04-10 18:40:45 +00:00
const unsigned long delay = ( dl > now ) ? ( unsigned long ) ( dl - now ) : 100 ;
2015-05-22 21:52:23 +00:00
clockShouldBe = now + ( uint64_t ) delay ;
2015-04-10 18:40:45 +00:00
_phy . poll ( delay ) ;
}
} catch ( std : : exception & exc ) {
Mutex : : Lock _l ( _termReason_m ) ;
_termReason = ONE_UNRECOVERABLE_ERROR ;
_fatalErrorMessage = exc . what ( ) ;
} catch ( . . . ) {
Mutex : : Lock _l ( _termReason_m ) ;
_termReason = ONE_UNRECOVERABLE_ERROR ;
_fatalErrorMessage = " unexpected exception in main thread " ;
}
2015-04-11 02:36:29 +00:00
try {
2015-05-22 01:33:52 +00:00
while ( ! _tcpConnections . empty ( ) )
2015-05-22 22:46:06 +00:00
_phy . close ( ( * _tcpConnections . begin ( ) ) - > sock ) ;
2015-04-11 02:36:29 +00:00
} catch ( . . . ) { }
2015-04-15 00:57:51 +00:00
{
2016-06-14 17:09:26 +00:00
Mutex : : Lock _l ( _nets_m ) ;
for ( std : : map < uint64_t , NetworkState > : : iterator n ( _nets . begin ( ) ) ; n ! = _nets . end ( ) ; + + n )
delete n - > second . tap ;
_nets . clear ( ) ;
2015-04-15 00:57:51 +00:00
}
2015-04-14 01:12:45 +00:00
delete _controlPlane ;
_controlPlane = ( ControlPlane * ) 0 ;
2015-04-10 18:40:45 +00:00
delete _node ;
_node = ( Node * ) 0 ;
return _termReason ;
}
2015-04-10 01:22:04 +00:00
virtual ReasonForTermination reasonForTermination ( ) const
2015-04-10 01:14:27 +00:00
{
Mutex : : Lock _l ( _termReason_m ) ;
return _termReason ;
}
2015-04-10 01:22:04 +00:00
virtual std : : string fatalErrorMessage ( ) const
2015-04-10 01:14:27 +00:00
{
2015-04-10 01:22:04 +00:00
Mutex : : Lock _l ( _termReason_m ) ;
return _fatalErrorMessage ;
2015-04-10 01:14:27 +00:00
}
2015-04-14 22:55:03 +00:00
virtual std : : string portDeviceName ( uint64_t nwid ) const
{
2016-06-14 17:09:26 +00:00
Mutex : : Lock _l ( _nets_m ) ;
std : : map < uint64_t , NetworkState > : : const_iterator n ( _nets . find ( nwid ) ) ;
if ( ( n ! = _nets . end ( ) ) & & ( n - > second . tap ) )
return n - > second . tap - > deviceName ( ) ;
else return std : : string ( ) ;
2015-04-14 22:55:03 +00:00
}
2015-05-22 21:52:23 +00:00
virtual bool tcpFallbackActive ( ) const
{
return ( _tcpFallbackTunnel ! = ( TcpConnection * ) 0 ) ;
}
2015-04-10 01:14:27 +00:00
virtual void terminate ( )
{
_run_m . lock ( ) ;
_run = false ;
_run_m . unlock ( ) ;
_phy . whack ( ) ;
}
2016-06-21 21:58:30 +00:00
virtual bool getNetworkSettings ( const uint64_t nwid , NetworkSettings & settings ) const
{
Mutex : : Lock _l ( _nets_m ) ;
std : : map < uint64_t , NetworkState > : : const_iterator n ( _nets . find ( nwid ) ) ;
if ( n = = _nets . end ( ) )
return false ;
memcpy ( & settings , & ( n - > second . settings ) , sizeof ( NetworkSettings ) ) ;
return true ;
}
2016-06-21 23:52:49 +00:00
virtual bool setNetworkSettings ( const uint64_t nwid , const NetworkSettings & settings )
{
Mutex : : Lock _l ( _nets_m ) ;
std : : map < uint64_t , NetworkState > : : iterator n ( _nets . find ( nwid ) ) ;
if ( n = = _nets . end ( ) )
return false ;
memcpy ( & ( n - > second . settings ) , & settings , sizeof ( NetworkSettings ) ) ;
char nlcpath [ 256 ] ;
Utils : : snprintf ( nlcpath , sizeof ( nlcpath ) , " %s " ZT_PATH_SEPARATOR_S " networks.d " ZT_PATH_SEPARATOR_S " %.16llx.local.conf " , _homePath . c_str ( ) , nwid ) ;
FILE * out = fopen ( nlcpath , " w " ) ;
if ( out ) {
fprintf ( out , " allowManaged=%d \n " , ( int ) n - > second . settings . allowManaged ) ;
fprintf ( out , " allowGlobal=%d \n " , ( int ) n - > second . settings . allowGlobal ) ;
fprintf ( out , " allowDefault=%d \n " , ( int ) n - > second . settings . allowDefault ) ;
fclose ( out ) ;
}
if ( n - > second . tap )
syncManagedStuff ( n - > second , true , true ) ;
return true ;
}
2016-11-22 18:54:58 +00:00
// Internal implementation methods -----------------------------------------
2016-11-22 22:23:13 +00:00
// Must be called after _localConfig is read or modified
2016-11-22 18:54:58 +00:00
void applyLocalConfig ( )
{
Mutex : : Lock _l ( _localConfig_m ) ;
_v4Hints . clear ( ) ;
_v6Hints . clear ( ) ;
_v4Blacklists . clear ( ) ;
_v6Blacklists . clear ( ) ;
json & virt = _localConfig [ " virtual " ] ;
if ( virt . is_object ( ) ) {
for ( json : : iterator v ( virt . begin ( ) ) ; v ! = virt . end ( ) ; + + v ) {
const std : : string nstr = v . key ( ) ;
if ( ( nstr . length ( ) = = ZT_ADDRESS_LENGTH_HEX ) & & ( v . value ( ) . is_object ( ) ) ) {
const Address ztaddr ( nstr . c_str ( ) ) ;
if ( ztaddr ) {
2016-11-23 23:53:53 +00:00
const std : : string rstr ( _jS ( v . value ( ) [ " role " ] , " " ) ) ;
_node - > setRole ( ztaddr . toInt ( ) , ( ( rstr = = " upstream " ) | | ( rstr = = " UPSTREAM " ) ) ? ZT_PEER_ROLE_UPSTREAM : ZT_PEER_ROLE_LEAF ) ;
2016-11-22 18:54:58 +00:00
const uint64_t ztaddr2 = ztaddr . toInt ( ) ;
std : : vector < InetAddress > & v4h = _v4Hints [ ztaddr2 ] ;
std : : vector < InetAddress > & v6h = _v6Hints [ ztaddr2 ] ;
std : : vector < InetAddress > & v4b = _v4Blacklists [ ztaddr2 ] ;
std : : vector < InetAddress > & v6b = _v6Blacklists [ ztaddr2 ] ;
json & tryAddrs = v . value ( ) [ " try " ] ;
if ( tryAddrs . is_array ( ) ) {
for ( unsigned long i = 0 ; i < tryAddrs . size ( ) ; + + i ) {
const InetAddress ip ( _jS ( tryAddrs [ i ] , " " ) ) ;
if ( ip . ss_family = = AF_INET )
v4h . push_back ( ip ) ;
else if ( ip . ss_family = = AF_INET6 )
v6h . push_back ( ip ) ;
}
}
json & blAddrs = v . value ( ) [ " blacklist " ] ;
if ( blAddrs . is_array ( ) ) {
for ( unsigned long i = 0 ; i < blAddrs . size ( ) ; + + i ) {
const InetAddress ip ( _jS ( tryAddrs [ i ] , " " ) ) ;
if ( ip . ss_family = = AF_INET )
v4b . push_back ( ip ) ;
else if ( ip . ss_family = = AF_INET6 )
v6b . push_back ( ip ) ;
}
}
if ( v4h . empty ( ) ) _v4Hints . erase ( ztaddr2 ) ;
if ( v6h . empty ( ) ) _v6Hints . erase ( ztaddr2 ) ;
if ( v4b . empty ( ) ) _v4Blacklists . erase ( ztaddr2 ) ;
if ( v6b . empty ( ) ) _v6Blacklists . erase ( ztaddr2 ) ;
}
}
}
}
_globalV4Blacklist . clear ( ) ;
_globalV6Blacklist . clear ( ) ;
json & physical = _localConfig [ " physical " ] ;
if ( physical . is_object ( ) ) {
for ( json : : iterator phy ( physical . begin ( ) ) ; phy ! = physical . end ( ) ; + + phy ) {
const InetAddress net ( _jS ( phy . key ( ) , " " ) ) ;
if ( ( net ) & & ( net . netmaskBits ( ) > 0 ) ) {
if ( phy . value ( ) . is_object ( ) ) {
if ( _jB ( phy . value ( ) [ " blacklist " ] , false ) ) {
if ( net . ss_family = = AF_INET )
_globalV4Blacklist . push_back ( net ) ;
else if ( net . ss_family = = AF_INET6 )
_globalV6Blacklist . push_back ( net ) ;
}
}
}
}
}
json & settings = _localConfig [ " settings " ] ;
if ( settings . is_object ( ) ) {
const std : : string rp ( _jS ( settings [ " relayPolicy " ] , " " ) ) ;
2016-11-23 23:53:53 +00:00
if ( ( rp = = " always " ) | | ( rp = = " ALWAYS " ) )
2016-11-22 18:54:58 +00:00
_node - > setRelayPolicy ( ZT_RELAY_POLICY_ALWAYS ) ;
2016-11-23 23:53:53 +00:00
else if ( ( rp = = " never " ) | | ( rp = = " NEVER " ) )
2016-11-22 18:54:58 +00:00
_node - > setRelayPolicy ( ZT_RELAY_POLICY_NEVER ) ;
else _node - > setRelayPolicy ( ZT_RELAY_POLICY_TRUSTED ) ;
}
}
2015-04-10 01:14:27 +00:00
2016-06-17 20:14:48 +00:00
// Checks if a managed IP or route target is allowed
2016-07-12 15:42:36 +00:00
bool checkIfManagedIsAllowed ( const NetworkState & n , const InetAddress & target )
2016-06-17 20:14:48 +00:00
{
2016-06-21 21:58:30 +00:00
if ( ! n . settings . allowManaged )
2016-06-17 20:14:48 +00:00
return false ;
2016-07-12 15:42:36 +00:00
if ( target . isDefaultRoute ( ) )
2016-06-21 21:58:30 +00:00
return n . settings . allowDefault ;
2016-07-12 15:42:36 +00:00
switch ( target . ipScope ( ) ) {
2016-06-17 20:14:48 +00:00
case InetAddress : : IP_SCOPE_NONE :
case InetAddress : : IP_SCOPE_MULTICAST :
case InetAddress : : IP_SCOPE_LOOPBACK :
case InetAddress : : IP_SCOPE_LINK_LOCAL :
return false ;
case InetAddress : : IP_SCOPE_GLOBAL :
2016-06-21 21:58:30 +00:00
return n . settings . allowGlobal ;
2016-06-17 20:14:48 +00:00
default :
return true ;
}
}
2016-07-12 22:00:30 +00:00
// Match only an IP from a vector of IPs -- used in syncManagedStuff()
bool matchIpOnly ( const std : : vector < InetAddress > & ips , const InetAddress & ip ) const
{
for ( std : : vector < InetAddress > : : const_iterator i ( ips . begin ( ) ) ; i ! = ips . end ( ) ; + + i ) {
if ( i - > ipsEqual ( ip ) )
return true ;
}
return false ;
}
2016-06-17 20:14:48 +00:00
// Apply or update managed IPs for a configured network (be sure n.tap exists)
void syncManagedStuff ( NetworkState & n , bool syncIps , bool syncRoutes )
{
2016-06-21 23:52:49 +00:00
// assumes _nets_m is locked
2016-06-17 20:14:48 +00:00
if ( syncIps ) {
std : : vector < InetAddress > newManagedIps ;
newManagedIps . reserve ( n . config . assignedAddressCount ) ;
for ( unsigned int i = 0 ; i < n . config . assignedAddressCount ; + + i ) {
const InetAddress * ii = reinterpret_cast < const InetAddress * > ( & ( n . config . assignedAddresses [ i ] ) ) ;
if ( checkIfManagedIsAllowed ( n , * ii ) )
newManagedIps . push_back ( * ii ) ;
}
std : : sort ( newManagedIps . begin ( ) , newManagedIps . end ( ) ) ;
newManagedIps . erase ( std : : unique ( newManagedIps . begin ( ) , newManagedIps . end ( ) ) , newManagedIps . end ( ) ) ;
for ( std : : vector < InetAddress > : : iterator ip ( n . managedIps . begin ( ) ) ; ip ! = n . managedIps . end ( ) ; + + ip ) {
if ( std : : find ( newManagedIps . begin ( ) , newManagedIps . end ( ) , * ip ) = = newManagedIps . end ( ) ) {
if ( ! n . tap - > removeIp ( * ip ) )
2016-08-16 21:07:11 +00:00
fprintf ( stderr , " ERROR: unable to remove ip address %s " ZT_EOL_S , ip - > toString ( ) . c_str ( ) ) ;
2016-06-17 20:14:48 +00:00
}
}
2016-07-12 16:43:12 +00:00
for ( std : : vector < InetAddress > : : iterator ip ( newManagedIps . begin ( ) ) ; ip ! = newManagedIps . end ( ) ; + + ip ) {
if ( std : : find ( n . managedIps . begin ( ) , n . managedIps . end ( ) , * ip ) = = n . managedIps . end ( ) ) {
if ( ! n . tap - > addIp ( * ip ) )
2016-08-16 21:07:11 +00:00
fprintf ( stderr , " ERROR: unable to add ip address %s " ZT_EOL_S , ip - > toString ( ) . c_str ( ) ) ;
2016-07-12 16:43:12 +00:00
}
}
2016-06-17 20:14:48 +00:00
n . managedIps . swap ( newManagedIps ) ;
}
if ( syncRoutes ) {
2016-06-21 20:54:03 +00:00
char tapdev [ 64 ] ;
# ifdef __WINDOWS__
Utils : : snprintf ( tapdev , sizeof ( tapdev ) , " %.16llx " , ( unsigned long long ) n . tap - > luid ( ) . Value ) ;
# else
Utils : : scopy ( tapdev , sizeof ( tapdev ) , n . tap - > deviceName ( ) . c_str ( ) ) ;
# endif
2016-06-17 20:14:48 +00:00
2016-07-12 15:42:36 +00:00
std : : vector < InetAddress > myIps ( n . tap - > ips ( ) ) ;
2016-06-17 20:14:48 +00:00
// Nuke applied routes that are no longer in n.config.routes[] and/or are not allowed
2016-09-13 23:25:48 +00:00
for ( std : : list < SharedPtr < ManagedRoute > > : : iterator mr ( n . managedRoutes . begin ( ) ) ; mr ! = n . managedRoutes . end ( ) ; ) {
2016-06-17 20:14:48 +00:00
bool haveRoute = false ;
2016-09-13 23:25:48 +00:00
if ( ( checkIfManagedIsAllowed ( n , ( * mr ) - > target ( ) ) ) & & ( ( ( * mr ) - > via ( ) . ss_family ! = ( * mr ) - > target ( ) . ss_family ) | | ( ! matchIpOnly ( myIps , ( * mr ) - > via ( ) ) ) ) ) {
2016-06-17 20:14:48 +00:00
for ( unsigned int i = 0 ; i < n . config . routeCount ; + + i ) {
const InetAddress * const target = reinterpret_cast < const InetAddress * > ( & ( n . config . routes [ i ] . target ) ) ;
const InetAddress * const via = reinterpret_cast < const InetAddress * > ( & ( n . config . routes [ i ] . via ) ) ;
2016-09-13 23:25:48 +00:00
if ( ( ( * mr ) - > target ( ) = = * target ) & & ( ( ( via - > ss_family = = target - > ss_family ) & & ( ( * mr ) - > via ( ) . ipsEqual ( * via ) ) ) | | ( tapdev = = ( * mr ) - > device ( ) ) ) ) {
2016-06-17 20:14:48 +00:00
haveRoute = true ;
break ;
}
}
}
if ( haveRoute ) {
+ + mr ;
} else {
n . managedRoutes . erase ( mr + + ) ;
}
}
// Apply routes in n.config.routes[] that we haven't applied yet, and sync those we have in case shadow routes need to change
for ( unsigned int i = 0 ; i < n . config . routeCount ; + + i ) {
const InetAddress * const target = reinterpret_cast < const InetAddress * > ( & ( n . config . routes [ i ] . target ) ) ;
const InetAddress * const via = reinterpret_cast < const InetAddress * > ( & ( n . config . routes [ i ] . via ) ) ;
2016-07-12 22:00:30 +00:00
if ( ( ! checkIfManagedIsAllowed ( n , * target ) ) | | ( ( via - > ss_family = = target - > ss_family ) & & ( matchIpOnly ( myIps , * via ) ) ) )
2016-06-17 20:14:48 +00:00
continue ;
bool haveRoute = false ;
// Ignore routes implied by local managed IPs since adding the IP adds the route
for ( std : : vector < InetAddress > : : iterator ip ( n . managedIps . begin ( ) ) ; ip ! = n . managedIps . end ( ) ; + + ip ) {
if ( ( target - > netmaskBits ( ) = = ip - > netmaskBits ( ) ) & & ( target - > containsAddress ( * ip ) ) ) {
haveRoute = true ;
break ;
}
}
if ( haveRoute )
continue ;
// If we've already applied this route, just sync it and continue
2016-09-13 23:25:48 +00:00
for ( std : : list < SharedPtr < ManagedRoute > > : : iterator mr ( n . managedRoutes . begin ( ) ) ; mr ! = n . managedRoutes . end ( ) ; + + mr ) {
if ( ( ( * mr ) - > target ( ) = = * target ) & & ( ( ( via - > ss_family = = target - > ss_family ) & & ( ( * mr ) - > via ( ) . ipsEqual ( * via ) ) ) | | ( tapdev = = ( * mr ) - > device ( ) ) ) ) {
2016-06-17 20:14:48 +00:00
haveRoute = true ;
2016-09-13 23:25:48 +00:00
( * mr ) - > sync ( ) ;
2016-06-17 20:14:48 +00:00
break ;
}
}
if ( haveRoute )
continue ;
// Add and apply new routes
2016-09-13 23:25:48 +00:00
n . managedRoutes . push_back ( SharedPtr < ManagedRoute > ( new ManagedRoute ( * target , * via , tapdev ) ) ) ;
if ( ! n . managedRoutes . back ( ) - > sync ( ) )
2016-06-17 20:14:48 +00:00
n . managedRoutes . pop_back ( ) ;
}
}
}
2016-11-22 18:54:58 +00:00
// Handlers for Node and Phy<> callbacks -----------------------------------
2016-04-05 22:44:08 +00:00
inline void phyOnDatagram ( PhySocket * sock , void * * uptr , const struct sockaddr * localAddr , const struct sockaddr * from , void * data , unsigned long len )
2015-04-10 01:14:27 +00:00
{
2015-10-22 23:02:01 +00:00
# ifdef ZT_ENABLE_CLUSTER
if ( sock = = _clusterMessageSocket ) {
2015-10-27 19:21:57 +00:00
_lastDirectReceiveFromGlobal = OSUtils : : now ( ) ;
2015-10-22 23:02:01 +00:00
_node - > clusterHandleIncomingMessage ( data , len ) ;
return ;
}
# endif
2015-05-22 21:52:23 +00:00
# ifdef ZT_BREAK_UDP
if ( OSUtils : : fileExists ( " /tmp/ZT_BREAK_UDP " ) )
return ;
# endif
2015-10-22 23:02:01 +00:00
2015-05-22 21:52:23 +00:00
if ( ( len > = 16 ) & & ( reinterpret_cast < const InetAddress * > ( from ) - > ipScope ( ) = = InetAddress : : IP_SCOPE_GLOBAL ) )
2015-05-22 01:33:52 +00:00
_lastDirectReceiveFromGlobal = OSUtils : : now ( ) ;
2016-03-03 21:52:27 +00:00
const ZT_ResultCode rc = _node - > processWirePacket (
2015-04-11 00:07:06 +00:00
OSUtils : : now ( ) ,
2016-04-05 22:44:08 +00:00
reinterpret_cast < const struct sockaddr_storage * > ( localAddr ) ,
2015-04-11 00:07:06 +00:00
( const struct sockaddr_storage * ) from , // Phy<> uses sockaddr_storage, so it'll always be that big
data ,
len ,
2015-04-11 02:08:49 +00:00
& _nextBackgroundTaskDeadline ) ;
2015-09-24 23:21:36 +00:00
if ( ZT_ResultCode_isFatal ( rc ) ) {
2015-04-11 00:07:06 +00:00
char tmp [ 256 ] ;
2015-04-28 19:43:10 +00:00
Utils : : snprintf ( tmp , sizeof ( tmp ) , " fatal error code from processWirePacket: %d " , ( int ) rc ) ;
2015-04-11 00:07:06 +00:00
Mutex : : Lock _l ( _termReason_m ) ;
_termReason = ONE_UNRECOVERABLE_ERROR ;
_fatalErrorMessage = tmp ;
this - > terminate ( ) ;
}
2015-04-10 01:14:27 +00:00
}
2015-04-11 00:07:06 +00:00
inline void phyOnTcpConnect ( PhySocket * sock , void * * uptr , bool success )
2015-04-10 01:14:27 +00:00
{
2015-04-28 19:43:10 +00:00
if ( ! success )
return ;
2015-05-21 22:22:41 +00:00
// Outgoing TCP connections are always TCP fallback tunnel connections.
2015-05-22 22:46:06 +00:00
TcpConnection * tc = new TcpConnection ( ) ;
_tcpConnections . insert ( tc ) ;
2015-04-28 19:43:10 +00:00
tc - > type = TcpConnection : : TCP_TUNNEL_OUTGOING ;
2015-05-22 21:52:23 +00:00
tc - > shouldKeepAlive = true ;
2015-04-28 19:43:10 +00:00
tc - > parent = this ;
tc - > sock = sock ;
// from and parser are not used
tc - > messageSize = 0 ; // unused
tc - > lastActivity = OSUtils : : now ( ) ;
// HTTP stuff is not used
tc - > writeBuf = " " ;
* uptr = ( void * ) tc ;
// Send "hello" message
tc - > writeBuf . push_back ( ( char ) 0x17 ) ;
tc - > writeBuf . push_back ( ( char ) 0x03 ) ;
tc - > writeBuf . push_back ( ( char ) 0x03 ) ; // fake TLS 1.2 header
tc - > writeBuf . push_back ( ( char ) 0x00 ) ;
tc - > writeBuf . push_back ( ( char ) 0x04 ) ; // mlen == 4
tc - > writeBuf . push_back ( ( char ) ZEROTIER_ONE_VERSION_MAJOR ) ;
tc - > writeBuf . push_back ( ( char ) ZEROTIER_ONE_VERSION_MINOR ) ;
tc - > writeBuf . push_back ( ( char ) ( ( ZEROTIER_ONE_VERSION_REVISION > > 8 ) & 0xff ) ) ;
tc - > writeBuf . push_back ( ( char ) ( ZEROTIER_ONE_VERSION_REVISION & 0xff ) ) ;
2015-09-10 22:55:48 +00:00
_phy . setNotifyWritable ( sock , true ) ;
2015-05-22 21:52:23 +00:00
_tcpFallbackTunnel = tc ;
2015-04-10 01:14:27 +00:00
}
2015-04-11 00:07:06 +00:00
inline void phyOnTcpAccept ( PhySocket * sockL , PhySocket * sockN , void * * uptrL , void * * uptrN , const struct sockaddr * from )
2015-04-10 01:14:27 +00:00
{
2016-11-14 23:29:36 +00:00
if ( ! from ) {
2016-04-05 22:44:08 +00:00
_phy . close ( sockN , false ) ;
return ;
} else {
TcpConnection * tc = new TcpConnection ( ) ;
_tcpConnections . insert ( tc ) ;
tc - > type = TcpConnection : : TCP_HTTP_INCOMING ;
tc - > shouldKeepAlive = true ;
tc - > parent = this ;
tc - > sock = sockN ;
tc - > from = from ;
http_parser_init ( & ( tc - > parser ) , HTTP_REQUEST ) ;
tc - > parser . data = ( void * ) tc ;
tc - > messageSize = 0 ;
tc - > lastActivity = OSUtils : : now ( ) ;
tc - > currentHeaderField = " " ;
tc - > currentHeaderValue = " " ;
tc - > url = " " ;
tc - > status = " " ;
tc - > headers . clear ( ) ;
tc - > body = " " ;
tc - > writeBuf = " " ;
* uptrN = ( void * ) tc ;
}
2015-04-10 01:14:27 +00:00
}
2015-04-11 00:07:06 +00:00
inline void phyOnTcpClose ( PhySocket * sock , void * * uptr )
2015-04-10 01:14:27 +00:00
{
2015-05-22 22:46:06 +00:00
TcpConnection * tc = ( TcpConnection * ) * uptr ;
if ( tc ) {
if ( tc = = _tcpFallbackTunnel )
2015-05-22 01:33:52 +00:00
_tcpFallbackTunnel = ( TcpConnection * ) 0 ;
_tcpConnections . erase ( tc ) ;
2015-05-22 22:46:06 +00:00
delete tc ;
2015-05-22 01:33:52 +00:00
}
2015-04-10 01:14:27 +00:00
}
2015-04-11 00:07:06 +00:00
inline void phyOnTcpData ( PhySocket * sock , void * * uptr , void * data , unsigned long len )
2015-04-10 01:14:27 +00:00
{
2015-04-28 19:43:10 +00:00
TcpConnection * tc = reinterpret_cast < TcpConnection * > ( * uptr ) ;
switch ( tc - > type ) {
2015-05-21 22:22:41 +00:00
2015-04-28 19:43:10 +00:00
case TcpConnection : : TCP_HTTP_INCOMING :
case TcpConnection : : TCP_HTTP_OUTGOING :
http_parser_execute ( & ( tc - > parser ) , & HTTP_PARSER_SETTINGS , ( const char * ) data , len ) ;
if ( ( tc - > parser . upgrade ) | | ( tc - > parser . http_errno ! = HPE_OK ) ) {
_phy . close ( sock ) ;
return ;
}
break ;
2015-05-21 22:22:41 +00:00
2015-04-28 19:43:10 +00:00
case TcpConnection : : TCP_TUNNEL_OUTGOING :
tc - > body . append ( ( const char * ) data , len ) ;
2015-05-22 21:52:23 +00:00
while ( tc - > body . length ( ) > = 5 ) {
2015-04-28 19:43:10 +00:00
const char * data = tc - > body . data ( ) ;
const unsigned long mlen = ( ( ( ( ( unsigned long ) data [ 3 ] ) & 0xff ) < < 8 ) | ( ( ( unsigned long ) data [ 4 ] ) & 0xff ) ) ;
if ( tc - > body . length ( ) > = ( mlen + 5 ) ) {
InetAddress from ;
unsigned long plen = mlen ; // payload length, modified if there's an IP header
2015-04-30 17:47:27 +00:00
data + = 5 ; // skip forward past pseudo-TLS junk and mlen
if ( plen = = 4 ) {
2015-04-28 19:43:10 +00:00
// Hello message, which isn't sent by proxy and would be ignored by client
2015-04-30 17:47:27 +00:00
} else if ( plen ) {
2015-04-28 19:43:10 +00:00
// Messages should contain IPv4 or IPv6 source IP address data
switch ( data [ 0 ] ) {
case 4 : // IPv4
if ( plen > = 7 ) {
from . set ( ( const void * ) ( data + 1 ) , 4 , ( ( ( ( unsigned int ) data [ 5 ] ) & 0xff ) < < 8 ) | ( ( ( unsigned int ) data [ 6 ] ) & 0xff ) ) ;
data + = 7 ; // type + 4 byte IP + 2 byte port
plen - = 7 ;
2015-04-30 17:47:27 +00:00
} else {
_phy . close ( sock ) ;
return ;
2015-04-28 19:43:10 +00:00
}
break ;
case 6 : // IPv6
if ( plen > = 19 ) {
from . set ( ( const void * ) ( data + 1 ) , 16 , ( ( ( ( unsigned int ) data [ 17 ] ) & 0xff ) < < 8 ) | ( ( ( unsigned int ) data [ 18 ] ) & 0xff ) ) ;
data + = 19 ; // type + 16 byte IP + 2 byte port
plen - = 19 ;
2015-04-30 17:47:27 +00:00
} else {
_phy . close ( sock ) ;
return ;
2015-04-28 19:43:10 +00:00
}
break ;
case 0 : // none/omitted
2015-04-30 17:47:27 +00:00
+ + data ;
- - plen ;
2015-04-28 19:43:10 +00:00
break ;
2015-04-30 17:47:27 +00:00
default : // invalid address type
2015-04-28 19:43:10 +00:00
_phy . close ( sock ) ;
return ;
}
2015-04-30 17:47:27 +00:00
2015-05-22 01:33:52 +00:00
if ( from ) {
2016-04-05 22:44:08 +00:00
InetAddress fakeTcpLocalInterfaceAddress ( ( uint32_t ) 0xffffffff , 0xffff ) ;
2016-03-03 21:52:27 +00:00
const ZT_ResultCode rc = _node - > processWirePacket (
2015-05-22 01:33:52 +00:00
OSUtils : : now ( ) ,
2016-04-05 22:44:08 +00:00
reinterpret_cast < struct sockaddr_storage * > ( & fakeTcpLocalInterfaceAddress ) ,
2015-05-22 01:33:52 +00:00
reinterpret_cast < struct sockaddr_storage * > ( & from ) ,
data ,
plen ,
& _nextBackgroundTaskDeadline ) ;
2015-09-24 23:21:36 +00:00
if ( ZT_ResultCode_isFatal ( rc ) ) {
2015-05-22 01:33:52 +00:00
char tmp [ 256 ] ;
Utils : : snprintf ( tmp , sizeof ( tmp ) , " fatal error code from processWirePacket: %d " , ( int ) rc ) ;
Mutex : : Lock _l ( _termReason_m ) ;
_termReason = ONE_UNRECOVERABLE_ERROR ;
_fatalErrorMessage = tmp ;
this - > terminate ( ) ;
_phy . close ( sock ) ;
return ;
}
2015-04-28 19:43:10 +00:00
}
}
2015-05-21 22:22:41 +00:00
2015-04-28 19:43:10 +00:00
if ( tc - > body . length ( ) > ( mlen + 5 ) )
tc - > body = tc - > body . substr ( mlen + 5 ) ;
else tc - > body = " " ;
2015-05-22 21:52:23 +00:00
} else break ;
2015-04-28 19:43:10 +00:00
}
break ;
2015-05-21 22:22:41 +00:00
2015-04-28 19:43:10 +00:00
}
2015-04-10 01:14:27 +00:00
}
2015-04-11 00:07:06 +00:00
inline void phyOnTcpWritable ( PhySocket * sock , void * * uptr )
2015-04-10 01:14:27 +00:00
{
2015-04-28 19:43:10 +00:00
TcpConnection * tc = reinterpret_cast < TcpConnection * > ( * uptr ) ;
2015-05-22 21:52:23 +00:00
Mutex : : Lock _l ( tc - > writeBuf_m ) ;
if ( tc - > writeBuf . length ( ) > 0 ) {
2015-09-10 22:55:48 +00:00
long sent = ( long ) _phy . streamSend ( sock , tc - > writeBuf . data ( ) , ( unsigned long ) tc - > writeBuf . length ( ) , true ) ;
2015-04-28 19:43:10 +00:00
if ( sent > 0 ) {
tc - > lastActivity = OSUtils : : now ( ) ;
2015-05-22 21:52:23 +00:00
if ( ( unsigned long ) sent > = ( unsigned long ) tc - > writeBuf . length ( ) ) {
2015-04-28 19:43:10 +00:00
tc - > writeBuf = " " ;
2015-09-10 22:55:48 +00:00
_phy . setNotifyWritable ( sock , false ) ;
2015-04-28 19:43:10 +00:00
if ( ! tc - > shouldKeepAlive )
2015-05-22 01:33:52 +00:00
_phy . close ( sock ) ; // will call close handler to delete from _tcpConnections
2015-05-22 21:52:23 +00:00
} else {
tc - > writeBuf = tc - > writeBuf . substr ( sent ) ;
}
2015-04-11 02:08:49 +00:00
}
2015-05-22 21:52:23 +00:00
} else {
2015-09-10 22:55:48 +00:00
_phy . setNotifyWritable ( sock , false ) ;
2015-05-22 21:52:23 +00:00
}
2015-04-10 01:14:27 +00:00
}
2015-12-22 00:15:39 +00:00
inline void phyOnFileDescriptorActivity ( PhySocket * sock , void * * uptr , bool readable , bool writable ) { }
2015-09-02 21:32:01 +00:00
inline void phyOnUnixAccept ( PhySocket * sockL , PhySocket * sockN , void * * uptrL , void * * uptrN ) { }
inline void phyOnUnixClose ( PhySocket * sock , void * * uptr ) { }
inline void phyOnUnixData ( PhySocket * sock , void * * uptr , void * data , unsigned long len ) { }
2016-01-20 21:38:14 +00:00
inline void phyOnUnixWritable ( PhySocket * sock , void * * uptr , bool lwip_invoked ) { }
2015-09-02 21:32:01 +00:00
2016-01-12 19:34:22 +00:00
inline int nodeVirtualNetworkConfigFunction ( uint64_t nwid , void * * nuptr , enum ZT_VirtualNetworkConfigOperation op , const ZT_VirtualNetworkConfig * nwc )
2015-04-10 01:14:27 +00:00
{
2016-06-14 17:09:26 +00:00
Mutex : : Lock _l ( _nets_m ) ;
NetworkState & n = _nets [ nwid ] ;
2015-04-15 00:57:51 +00:00
switch ( op ) {
2016-06-14 17:09:26 +00:00
2015-09-24 23:21:36 +00:00
case ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_UP :
2016-06-14 17:09:26 +00:00
if ( ! n . tap ) {
2015-04-15 00:57:51 +00:00
try {
2016-06-14 17:09:26 +00:00
char friendlyName [ 128 ] ;
2015-04-15 00:57:51 +00:00
Utils : : snprintf ( friendlyName , sizeof ( friendlyName ) , " ZeroTier One [%.16llx] " , nwid ) ;
2016-06-14 17:09:26 +00:00
n . tap = new EthernetTap (
2015-04-15 00:57:51 +00:00
_homePath . c_str ( ) ,
MAC ( nwc - > mac ) ,
nwc - > mtu ,
2015-04-24 22:05:28 +00:00
( unsigned int ) ZT_IF_METRIC ,
2015-04-15 00:57:51 +00:00
nwid ,
friendlyName ,
StapFrameHandler ,
2016-06-14 17:09:26 +00:00
( void * ) this ) ;
* nuptr = ( void * ) & n ;
2016-06-21 23:52:49 +00:00
char nlcpath [ 256 ] ;
Utils : : snprintf ( nlcpath , sizeof ( nlcpath ) , " %s " ZT_PATH_SEPARATOR_S " networks.d " ZT_PATH_SEPARATOR_S " %.16llx.local.conf " , _homePath . c_str ( ) , nwid ) ;
std : : string nlcbuf ;
if ( OSUtils : : readFile ( nlcpath , nlcbuf ) ) {
Dictionary < 4096 > nc ;
nc . load ( nlcbuf . c_str ( ) ) ;
n . settings . allowManaged = nc . getB ( " allowManaged " , true ) ;
n . settings . allowGlobal = nc . getB ( " allowGlobal " , false ) ;
n . settings . allowDefault = nc . getB ( " allowDefault " , false ) ;
}
2015-07-31 00:00:57 +00:00
} catch ( std : : exception & exc ) {
# ifdef __WINDOWS__
FILE * tapFailLog = fopen ( ( _homePath + ZT_PATH_SEPARATOR_S " port_error_log.txt " ) . c_str ( ) , " a " ) ;
if ( tapFailLog ) {
2016-08-16 21:07:11 +00:00
fprintf ( tapFailLog , " %.16llx: %s " ZT_EOL_S , ( unsigned long long ) nwid , exc . what ( ) ) ;
2015-07-31 00:00:57 +00:00
fclose ( tapFailLog ) ;
}
# else
2016-08-16 21:07:11 +00:00
fprintf ( stderr , " ERROR: unable to configure virtual network port: %s " ZT_EOL_S , exc . what ( ) ) ;
2015-07-31 00:00:57 +00:00
# endif
2016-06-14 17:09:26 +00:00
_nets . erase ( nwid ) ;
2015-07-31 00:00:57 +00:00
return - 999 ;
2015-04-15 00:57:51 +00:00
} catch ( . . . ) {
2015-04-15 20:09:20 +00:00
return - 999 ; // tap init failed
2015-04-15 00:57:51 +00:00
}
}
2016-06-14 17:09:26 +00:00
// After setting up tap, fall through to CONFIG_UPDATE since we also want to do this...
2015-04-15 00:57:51 +00:00
2016-06-14 17:09:26 +00:00
case ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_CONFIG_UPDATE :
2016-06-17 20:14:48 +00:00
memcpy ( & ( n . config ) , nwc , sizeof ( ZT_VirtualNetworkConfig ) ) ;
2016-06-14 17:09:26 +00:00
if ( n . tap ) { // sanity check
2016-06-17 20:14:48 +00:00
syncManagedStuff ( n , true , true ) ;
2015-04-15 20:09:20 +00:00
} else {
2016-06-14 17:09:26 +00:00
_nets . erase ( nwid ) ;
2015-04-15 20:09:20 +00:00
return - 999 ; // tap init failed
2015-04-15 00:57:51 +00:00
}
break ;
2016-06-14 17:09:26 +00:00
2015-09-24 23:21:36 +00:00
case ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_DOWN :
case ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_DESTROY :
2016-06-14 17:09:26 +00:00
if ( n . tap ) { // sanity check
2015-04-24 23:31:19 +00:00
# ifdef __WINDOWS__
2016-06-14 17:09:26 +00:00
std : : string winInstanceId ( n . tap - > instanceId ( ) ) ;
2015-04-24 23:31:19 +00:00
# endif
2016-01-12 19:34:22 +00:00
* nuptr = ( void * ) 0 ;
2016-06-14 17:09:26 +00:00
delete n . tap ;
_nets . erase ( nwid ) ;
2015-04-24 23:31:19 +00:00
# ifdef __WINDOWS__
2015-09-24 23:21:36 +00:00
if ( ( op = = ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_DESTROY ) & & ( winInstanceId . length ( ) > 0 ) )
2015-07-30 18:31:38 +00:00
WindowsEthernetTap : : deletePersistentTapDevice ( winInstanceId . c_str ( ) ) ;
2015-04-24 23:31:19 +00:00
# endif
2016-06-21 23:52:49 +00:00
if ( op = = ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_DESTROY ) {
char nlcpath [ 256 ] ;
Utils : : snprintf ( nlcpath , sizeof ( nlcpath ) , " %s " ZT_PATH_SEPARATOR_S " networks.d " ZT_PATH_SEPARATOR_S " %.16llx.local.conf " , _homePath . c_str ( ) , nwid ) ;
OSUtils : : rm ( nlcpath ) ;
}
2016-06-14 17:09:26 +00:00
} else {
_nets . erase ( nwid ) ;
2015-04-15 00:57:51 +00:00
}
break ;
2016-06-14 17:09:26 +00:00
2015-04-15 00:57:51 +00:00
}
2015-04-10 03:54:00 +00:00
return 0 ;
2015-04-10 01:14:27 +00:00
}
2015-09-24 23:21:36 +00:00
inline void nodeEventCallback ( enum ZT_Event event , const void * metaData )
2015-04-10 01:14:27 +00:00
{
switch ( event ) {
2015-09-24 23:21:36 +00:00
case ZT_EVENT_FATAL_ERROR_IDENTITY_COLLISION : {
2015-04-10 01:22:04 +00:00
Mutex : : Lock _l ( _termReason_m ) ;
2015-04-10 01:14:27 +00:00
_termReason = ONE_IDENTITY_COLLISION ;
_fatalErrorMessage = " identity/address collision " ;
this - > terminate ( ) ;
} break ;
2015-09-24 23:21:36 +00:00
case ZT_EVENT_TRACE : {
2015-04-10 01:14:27 +00:00
if ( metaData ) {
2016-08-16 21:07:11 +00:00
: : fprintf ( stderr , " %s " ZT_EOL_S , ( const char * ) metaData ) ;
2015-04-10 01:14:27 +00:00
: : fflush ( stderr ) ;
}
} break ;
default :
break ;
}
}
inline long nodeDataStoreGetFunction ( const char * name , void * buf , unsigned long bufSize , unsigned long readIndex , unsigned long * totalSize )
{
2015-04-11 00:07:06 +00:00
std : : string p ( _dataStorePrepPath ( name ) ) ;
if ( ! p . length ( ) )
return - 2 ;
2015-04-10 02:58:04 +00:00
FILE * f = fopen ( p . c_str ( ) , " rb " ) ;
if ( ! f )
return - 1 ;
if ( fseek ( f , 0 , SEEK_END ) ! = 0 ) {
fclose ( f ) ;
return - 2 ;
}
long ts = ftell ( f ) ;
if ( ts < 0 ) {
fclose ( f ) ;
return - 2 ;
}
* totalSize = ( unsigned long ) ts ;
if ( fseek ( f , ( long ) readIndex , SEEK_SET ) ! = 0 ) {
fclose ( f ) ;
return - 2 ;
}
long n = ( long ) fread ( buf , 1 , bufSize , f ) ;
fclose ( f ) ;
return n ;
2015-04-10 01:14:27 +00:00
}
inline int nodeDataStorePutFunction ( const char * name , const void * data , unsigned long len , int secure )
{
2015-04-11 00:07:06 +00:00
std : : string p ( _dataStorePrepPath ( name ) ) ;
if ( ! p . length ( ) )
return - 2 ;
2015-04-10 02:58:04 +00:00
if ( ! data ) {
OSUtils : : rm ( p . c_str ( ) ) ;
return 0 ;
}
FILE * f = fopen ( p . c_str ( ) , " wb " ) ;
if ( ! f )
return - 1 ;
2015-04-10 03:54:00 +00:00
if ( fwrite ( data , len , 1 , f ) = = 1 ) {
2015-04-10 02:58:04 +00:00
fclose ( f ) ;
2015-04-10 03:54:00 +00:00
if ( secure )
OSUtils : : lockDownFile ( p . c_str ( ) , false ) ;
2015-04-10 02:58:04 +00:00
return 0 ;
} else {
fclose ( f ) ;
OSUtils : : rm ( p . c_str ( ) ) ;
return - 1 ;
}
2015-04-10 01:14:27 +00:00
}
2015-11-09 23:44:13 +00:00
inline int nodeWirePacketSendFunction ( const struct sockaddr_storage * localAddr , const struct sockaddr_storage * addr , const void * data , unsigned int len , unsigned int ttl )
2015-04-10 01:14:27 +00:00
{
2016-04-05 22:44:08 +00:00
unsigned int fromBindingNo = 0 ;
2015-09-23 22:16:20 +00:00
2016-03-03 21:52:27 +00:00
if ( addr - > ss_family = = AF_INET ) {
2016-03-03 22:15:09 +00:00
if ( reinterpret_cast < const struct sockaddr_in * > ( localAddr ) - > sin_port = = 0 ) {
2016-04-05 22:44:08 +00:00
// If sender is sending from wildcard (null address), choose the secondary backup
// port 1/4 of the time. (but only for IPv4)
fromBindingNo = ( + + _udpPortPickerCounter & 0x4 ) > > 2 ;
if ( ! _ports [ fromBindingNo ] )
fromBindingNo = 0 ;
2016-03-03 21:52:27 +00:00
} else {
2016-04-05 22:44:08 +00:00
const uint16_t lp = reinterpret_cast < const struct sockaddr_in * > ( localAddr ) - > sin_port ;
if ( lp = = _portsBE [ 1 ] )
fromBindingNo = 1 ;
else if ( lp = = _portsBE [ 2 ] )
fromBindingNo = 2 ;
2016-03-03 21:52:27 +00:00
}
2015-05-22 01:33:52 +00:00
2015-09-24 23:21:36 +00:00
# ifdef ZT_TCP_FALLBACK_RELAY
2016-03-03 22:21:13 +00:00
// TCP fallback tunnel support, currently IPv4 only
if ( ( len > = 16 ) & & ( reinterpret_cast < const InetAddress * > ( addr ) - > ipScope ( ) = = InetAddress : : IP_SCOPE_GLOBAL ) ) {
// Engage TCP tunnel fallback if we haven't received anything valid from a global
// IP address in ZT_TCP_FALLBACK_AFTER milliseconds. If we do start getting
// valid direct traffic we'll stop using it and close the socket after a while.
const uint64_t now = OSUtils : : now ( ) ;
if ( ( ( now - _lastDirectReceiveFromGlobal ) > ZT_TCP_FALLBACK_AFTER ) & & ( ( now - _lastRestart ) > ZT_TCP_FALLBACK_AFTER ) ) {
if ( _tcpFallbackTunnel ) {
Mutex : : Lock _l ( _tcpFallbackTunnel - > writeBuf_m ) ;
if ( ! _tcpFallbackTunnel - > writeBuf . length ( ) )
_phy . setNotifyWritable ( _tcpFallbackTunnel - > sock , true ) ;
unsigned long mlen = len + 7 ;
_tcpFallbackTunnel - > writeBuf . push_back ( ( char ) 0x17 ) ;
_tcpFallbackTunnel - > writeBuf . push_back ( ( char ) 0x03 ) ;
_tcpFallbackTunnel - > writeBuf . push_back ( ( char ) 0x03 ) ; // fake TLS 1.2 header
_tcpFallbackTunnel - > writeBuf . push_back ( ( char ) ( ( mlen > > 8 ) & 0xff ) ) ;
_tcpFallbackTunnel - > writeBuf . push_back ( ( char ) ( mlen & 0xff ) ) ;
_tcpFallbackTunnel - > writeBuf . push_back ( ( char ) 4 ) ; // IPv4
_tcpFallbackTunnel - > writeBuf . append ( reinterpret_cast < const char * > ( reinterpret_cast < const void * > ( & ( reinterpret_cast < const struct sockaddr_in * > ( addr ) - > sin_addr . s_addr ) ) ) , 4 ) ;
_tcpFallbackTunnel - > writeBuf . append ( reinterpret_cast < const char * > ( reinterpret_cast < const void * > ( & ( reinterpret_cast < const struct sockaddr_in * > ( addr ) - > sin_port ) ) ) , 2 ) ;
_tcpFallbackTunnel - > writeBuf . append ( ( const char * ) data , len ) ;
} else if ( ( ( now - _lastSendToGlobalV4 ) < ZT_TCP_FALLBACK_AFTER ) & & ( ( now - _lastSendToGlobalV4 ) > ( ZT_PING_CHECK_INVERVAL / 2 ) ) ) {
std : : vector < InetAddress > tunnelIps ( _tcpFallbackResolver . get ( ) ) ;
if ( tunnelIps . empty ( ) ) {
if ( ! _tcpFallbackResolver . running ( ) )
_tcpFallbackResolver . resolveNow ( ) ;
} else {
bool connected = false ;
InetAddress addr ( tunnelIps [ ( unsigned long ) now % tunnelIps . size ( ) ] ) ;
addr . setPort ( ZT_TCP_FALLBACK_RELAY_PORT ) ;
_phy . tcpConnect ( reinterpret_cast < const struct sockaddr * > ( & addr ) , connected ) ;
2015-05-22 01:33:52 +00:00
}
}
}
2016-03-03 22:21:13 +00:00
_lastSendToGlobalV4 = now ;
}
2015-09-24 23:21:36 +00:00
# endif // ZT_TCP_FALLBACK_RELAY
2016-03-03 21:52:27 +00:00
} else if ( addr - > ss_family = = AF_INET6 ) {
2016-03-03 22:15:09 +00:00
if ( reinterpret_cast < const struct sockaddr_in6 * > ( localAddr ) - > sin6_port ! = 0 ) {
2016-04-05 22:44:08 +00:00
const uint16_t lp = reinterpret_cast < const struct sockaddr_in6 * > ( localAddr ) - > sin6_port ;
if ( lp = = _portsBE [ 1 ] )
fromBindingNo = 1 ;
else if ( lp = = _portsBE [ 2 ] )
fromBindingNo = 2 ;
2016-03-03 21:52:27 +00:00
}
} else {
return - 1 ;
}
2015-05-22 01:33:52 +00:00
2015-05-22 21:52:23 +00:00
# ifdef ZT_BREAK_UDP
2016-03-03 21:52:27 +00:00
if ( OSUtils : : fileExists ( " /tmp/ZT_BREAK_UDP " ) )
return 0 ; // silently break UDP
2015-05-22 21:52:23 +00:00
# endif
2015-09-23 21:38:16 +00:00
2016-04-05 22:44:08 +00:00
return ( _bindings [ fromBindingNo ] . udpSend ( _phy , * ( reinterpret_cast < const InetAddress * > ( localAddr ) ) , * ( reinterpret_cast < const InetAddress * > ( addr ) ) , data , len , ttl ) ) ? 0 : - 1 ;
2015-04-10 01:14:27 +00:00
}
2016-01-12 19:34:22 +00:00
inline void nodeVirtualNetworkFrameFunction ( uint64_t nwid , void * * nuptr , uint64_t sourceMac , uint64_t destMac , unsigned int etherType , unsigned int vlanId , const void * data , unsigned int len )
2015-04-10 01:14:27 +00:00
{
2016-06-14 17:09:26 +00:00
NetworkState * n = reinterpret_cast < NetworkState * > ( * nuptr ) ;
if ( ( ! n ) | | ( ! n - > tap ) )
2016-01-12 19:34:22 +00:00
return ;
2016-06-14 17:09:26 +00:00
n - > tap - > put ( MAC ( sourceMac ) , MAC ( destMac ) , etherType , data , len ) ;
2015-04-15 00:57:51 +00:00
}
2016-11-22 18:54:58 +00:00
inline int nodePathCheckFunction ( uint64_t ztaddr , const struct sockaddr_storage * localAddr , const struct sockaddr_storage * remoteAddr )
2016-01-11 18:17:44 +00:00
{
2016-11-22 18:54:58 +00:00
// Make sure we're not trying to do ZeroTier-over-ZeroTier
{
Mutex : : Lock _l ( _nets_m ) ;
for ( std : : map < uint64_t , NetworkState > : : const_iterator n ( _nets . begin ( ) ) ; n ! = _nets . end ( ) ; + + n ) {
if ( n - > second . tap ) {
std : : vector < InetAddress > ips ( n - > second . tap - > ips ( ) ) ;
for ( std : : vector < InetAddress > : : const_iterator i ( ips . begin ( ) ) ; i ! = ips . end ( ) ; + + i ) {
if ( i - > containsAddress ( * ( reinterpret_cast < const InetAddress * > ( remoteAddr ) ) ) ) {
return 0 ;
}
2016-01-11 18:17:44 +00:00
}
}
}
}
2016-11-22 18:54:58 +00:00
2016-11-22 22:23:13 +00:00
/* Note: I do not think we need to scan for overlap with managed routes
* because of the " route forking " and interface binding that we do . This
* ensures ( we hope ) that ZeroTier traffic will still take the physical
* path even if its managed routes override this for other traffic . Will
* revisit if we see recursion problems . */
2016-11-22 18:54:58 +00:00
// Check blacklists
const Hashtable < uint64_t , std : : vector < InetAddress > > * blh = ( const Hashtable < uint64_t , std : : vector < InetAddress > > * ) 0 ;
const std : : vector < InetAddress > * gbl = ( const std : : vector < InetAddress > * ) 0 ;
if ( remoteAddr - > ss_family = = AF_INET ) {
blh = & _v4Blacklists ;
gbl = & _globalV4Blacklist ;
} else if ( remoteAddr - > ss_family = = AF_INET6 ) {
blh = & _v6Blacklists ;
gbl = & _globalV6Blacklist ;
}
if ( blh ) {
Mutex : : Lock _l ( _localConfig_m ) ;
const std : : vector < InetAddress > * l = blh - > get ( ztaddr ) ;
if ( l ) {
for ( std : : vector < InetAddress > : : const_iterator a ( l - > begin ( ) ) ; a ! = l - > end ( ) ; + + a ) {
if ( a - > containsAddress ( * reinterpret_cast < const InetAddress * > ( remoteAddr ) ) )
return 0 ;
}
}
for ( std : : vector < InetAddress > : : const_iterator a ( gbl - > begin ( ) ) ; a ! = gbl - > end ( ) ; + + a ) {
if ( a - > containsAddress ( * reinterpret_cast < const InetAddress * > ( remoteAddr ) ) )
return 0 ;
}
}
2016-01-11 18:17:44 +00:00
return 1 ;
}
2016-11-22 18:54:58 +00:00
inline int nodePathLookupFunction ( uint64_t ztaddr , int family , struct sockaddr_storage * result )
{
const Hashtable < uint64_t , std : : vector < InetAddress > > * lh = ( const Hashtable < uint64_t , std : : vector < InetAddress > > * ) 0 ;
if ( family < 0 )
lh = ( _node - > prng ( ) & 1 ) ? & _v4Hints : & _v6Hints ;
else if ( family = = AF_INET )
lh = & _v4Hints ;
else if ( family = = AF_INET6 )
lh = & _v6Hints ;
else return 0 ;
const std : : vector < InetAddress > * l = lh - > get ( ztaddr ) ;
if ( ( l ) & & ( l - > size ( ) > 0 ) ) {
memcpy ( result , & ( ( * l ) [ ( unsigned long ) _node - > prng ( ) % l - > size ( ) ] ) , sizeof ( struct sockaddr_storage ) ) ;
return 1 ;
} else return 0 ;
}
2015-04-15 00:57:51 +00:00
inline void tapFrameHandler ( uint64_t nwid , const MAC & from , const MAC & to , unsigned int etherType , unsigned int vlanId , const void * data , unsigned int len )
{
_node - > processVirtualNetworkFrame ( OSUtils : : now ( ) , nwid , from . toInt ( ) , to . toInt ( ) , etherType , vlanId , data , len , & _nextBackgroundTaskDeadline ) ;
2015-04-10 01:14:27 +00:00
}
2015-04-28 19:43:10 +00:00
inline void onHttpRequestToServer ( TcpConnection * tc )
2015-04-11 02:08:49 +00:00
{
char tmpn [ 256 ] ;
2015-04-11 02:36:29 +00:00
std : : string data ;
2015-04-14 01:12:45 +00:00
std : : string contentType ( " text/plain " ) ; // default if not changed in handleRequest()
2015-04-11 02:36:29 +00:00
unsigned int scode = 404 ;
2016-11-14 23:47:06 +00:00
if ( ( ( ! _allowManagementFrom ) & & ( tc - > from . ipScope ( ) = = InetAddress : : IP_SCOPE_LOOPBACK ) ) | | ( _allowManagementFrom . containsAddress ( tc - > from ) ) ) {
try {
if ( _controlPlane )
scode = _controlPlane - > handleRequest ( tc - > from , tc - > parser . method , tc - > url , tc - > headers , tc - > body , data , contentType ) ;
else scode = 500 ;
} catch ( std : : exception & exc ) {
fprintf ( stderr , " WARNING: unexpected exception processing control HTTP request: %s " ZT_EOL_S , exc . what ( ) ) ;
scode = 500 ;
} catch ( . . . ) {
fprintf ( stderr , " WARNING: unexpected exception processing control HTTP request: unknown exceptino " ZT_EOL_S ) ;
scode = 500 ;
}
} else {
scode = 401 ;
2015-04-11 02:36:29 +00:00
}
2015-04-11 02:08:49 +00:00
2015-04-14 01:12:45 +00:00
const char * scodestr ;
switch ( scode ) {
2015-04-14 01:43:33 +00:00
case 200 : scodestr = " OK " ; break ;
case 400 : scodestr = " Bad Request " ; break ;
case 401 : scodestr = " Unauthorized " ; break ;
case 403 : scodestr = " Forbidden " ; break ;
case 404 : scodestr = " Not Found " ; break ;
case 500 : scodestr = " Internal Server Error " ; break ;
case 501 : scodestr = " Not Implemented " ; break ;
case 503 : scodestr = " Service Unavailable " ; break ;
default : scodestr = " Error " ; break ;
2015-04-14 01:12:45 +00:00
}
Utils : : snprintf ( tmpn , sizeof ( tmpn ) , " HTTP/1.1 %.3u %s \r \n Cache-Control: no-cache \r \n Pragma: no-cache \r \n " , scode , scodestr ) ;
2015-05-22 21:52:23 +00:00
{
Mutex : : Lock _l ( tc - > writeBuf_m ) ;
tc - > writeBuf . assign ( tmpn ) ;
tc - > writeBuf . append ( " Content-Type: " ) ;
tc - > writeBuf . append ( contentType ) ;
Utils : : snprintf ( tmpn , sizeof ( tmpn ) , " \r \n Content-Length: %lu \r \n " , ( unsigned long ) data . length ( ) ) ;
tc - > writeBuf . append ( tmpn ) ;
if ( ! tc - > shouldKeepAlive )
tc - > writeBuf . append ( " Connection: close \r \n " ) ;
tc - > writeBuf . append ( " \r \n " ) ;
if ( tc - > parser . method ! = HTTP_HEAD )
tc - > writeBuf . append ( data ) ;
}
2015-04-28 19:43:10 +00:00
2015-09-10 22:55:48 +00:00
_phy . setNotifyWritable ( tc - > sock , true ) ;
2015-04-11 02:08:49 +00:00
}
2015-04-28 19:43:10 +00:00
inline void onHttpResponseFromClient ( TcpConnection * tc )
2015-04-11 02:08:49 +00:00
{
2015-04-28 19:43:10 +00:00
if ( ! tc - > shouldKeepAlive )
2015-05-22 01:33:52 +00:00
_phy . close ( tc - > sock ) ; // will call close handler, which deletes from _tcpConnections
2015-04-11 02:08:49 +00:00
}
2016-04-05 22:44:08 +00:00
bool shouldBindInterface ( const char * ifname , const InetAddress & ifaddr )
{
if ( isBlacklistedLocalInterfaceForZeroTierTraffic ( ifname ) )
return false ;
2016-06-14 17:09:26 +00:00
Mutex : : Lock _l ( _nets_m ) ;
for ( std : : map < uint64_t , NetworkState > : : const_iterator n ( _nets . begin ( ) ) ; n ! = _nets . end ( ) ; + + n ) {
if ( n - > second . tap ) {
std : : vector < InetAddress > ips ( n - > second . tap - > ips ( ) ) ;
2016-04-05 22:44:08 +00:00
for ( std : : vector < InetAddress > : : const_iterator i ( ips . begin ( ) ) ; i ! = ips . end ( ) ; + + i ) {
if ( i - > ipsEqual ( ifaddr ) )
return false ;
}
}
}
return true ;
}
2015-04-11 00:07:06 +00:00
std : : string _dataStorePrepPath ( const char * name ) const
{
std : : string p ( _homePath ) ;
p . push_back ( ZT_PATH_SEPARATOR ) ;
char lastc = ( char ) 0 ;
for ( const char * n = name ; ( * n ) ; + + n ) {
if ( ( * n = = ' . ' ) & & ( lastc = = ' . ' ) )
return std : : string ( ) ; // don't allow ../../ stuff as a precaution
if ( * n = = ' / ' ) {
OSUtils : : mkdir ( p . c_str ( ) ) ;
p . push_back ( ZT_PATH_SEPARATOR ) ;
} else p . push_back ( * n ) ;
lastc = * n ;
}
return p ;
}
2016-04-05 22:44:08 +00:00
bool _trialBind ( unsigned int port )
{
struct sockaddr_in in4 ;
struct sockaddr_in6 in6 ;
PhySocket * tb ;
memset ( & in4 , 0 , sizeof ( in4 ) ) ;
in4 . sin_family = AF_INET ;
in4 . sin_port = Utils : : hton ( ( uint16_t ) port ) ;
tb = _phy . udpBind ( reinterpret_cast < const struct sockaddr * > ( & in4 ) , ( void * ) 0 , 0 ) ;
if ( tb ) {
_phy . close ( tb , false ) ;
tb = _phy . tcpListen ( reinterpret_cast < const struct sockaddr * > ( & in4 ) , ( void * ) 0 ) ;
if ( tb ) {
_phy . close ( tb , false ) ;
return true ;
}
}
memset ( & in6 , 0 , sizeof ( in6 ) ) ;
in6 . sin6_family = AF_INET6 ;
in6 . sin6_port = Utils : : hton ( ( uint16_t ) port ) ;
tb = _phy . udpBind ( reinterpret_cast < const struct sockaddr * > ( & in6 ) , ( void * ) 0 , 0 ) ;
if ( tb ) {
_phy . close ( tb , false ) ;
tb = _phy . tcpListen ( reinterpret_cast < const struct sockaddr * > ( & in6 ) , ( void * ) 0 ) ;
if ( tb ) {
_phy . close ( tb , false ) ;
return true ;
}
}
return false ;
}
2015-04-10 01:14:27 +00:00
} ;
2016-01-12 19:34:22 +00:00
static int SnodeVirtualNetworkConfigFunction ( ZT_Node * node , void * uptr , uint64_t nwid , void * * nuptr , enum ZT_VirtualNetworkConfigOperation op , const ZT_VirtualNetworkConfig * nwconf )
{ return reinterpret_cast < OneServiceImpl * > ( uptr ) - > nodeVirtualNetworkConfigFunction ( nwid , nuptr , op , nwconf ) ; }
2015-09-24 23:21:36 +00:00
static void SnodeEventCallback ( ZT_Node * node , void * uptr , enum ZT_Event event , const void * metaData )
2015-04-15 21:42:26 +00:00
{ reinterpret_cast < OneServiceImpl * > ( uptr ) - > nodeEventCallback ( event , metaData ) ; }
2015-09-24 23:21:36 +00:00
static long SnodeDataStoreGetFunction ( ZT_Node * node , void * uptr , const char * name , void * buf , unsigned long bufSize , unsigned long readIndex , unsigned long * totalSize )
2015-04-15 21:42:26 +00:00
{ return reinterpret_cast < OneServiceImpl * > ( uptr ) - > nodeDataStoreGetFunction ( name , buf , bufSize , readIndex , totalSize ) ; }
2015-09-24 23:21:36 +00:00
static int SnodeDataStorePutFunction ( ZT_Node * node , void * uptr , const char * name , const void * data , unsigned long len , int secure )
2015-04-15 21:42:26 +00:00
{ return reinterpret_cast < OneServiceImpl * > ( uptr ) - > nodeDataStorePutFunction ( name , data , len , secure ) ; }
2015-11-09 23:44:13 +00:00
static int SnodeWirePacketSendFunction ( ZT_Node * node , void * uptr , const struct sockaddr_storage * localAddr , const struct sockaddr_storage * addr , const void * data , unsigned int len , unsigned int ttl )
{ return reinterpret_cast < OneServiceImpl * > ( uptr ) - > nodeWirePacketSendFunction ( localAddr , addr , data , len , ttl ) ; }
2016-01-12 19:34:22 +00:00
static void SnodeVirtualNetworkFrameFunction ( ZT_Node * node , void * uptr , uint64_t nwid , void * * nuptr , uint64_t sourceMac , uint64_t destMac , unsigned int etherType , unsigned int vlanId , const void * data , unsigned int len )
{ reinterpret_cast < OneServiceImpl * > ( uptr ) - > nodeVirtualNetworkFrameFunction ( nwid , nuptr , sourceMac , destMac , etherType , vlanId , data , len ) ; }
2016-11-22 18:54:58 +00:00
static int SnodePathCheckFunction ( ZT_Node * node , void * uptr , uint64_t ztaddr , const struct sockaddr_storage * localAddr , const struct sockaddr_storage * remoteAddr )
{ return reinterpret_cast < OneServiceImpl * > ( uptr ) - > nodePathCheckFunction ( ztaddr , localAddr , remoteAddr ) ; }
static int SnodePathLookupFunction ( ZT_Node * node , void * uptr , uint64_t ztaddr , int family , struct sockaddr_storage * result )
{ return reinterpret_cast < OneServiceImpl * > ( uptr ) - > nodePathLookupFunction ( ztaddr , family , result ) ; }
2015-04-10 01:14:27 +00:00
2015-10-23 20:03:34 +00:00
# ifdef ZT_ENABLE_CLUSTER
2015-10-22 23:02:01 +00:00
static void SclusterSendFunction ( void * uptr , unsigned int toMemberId , const void * data , unsigned int len )
{
OneServiceImpl * const impl = reinterpret_cast < OneServiceImpl * > ( uptr ) ;
const ClusterDefinition : : MemberDefinition & md = ( * ( impl - > _clusterDefinition ) ) [ toMemberId ] ;
if ( md . clusterEndpoint )
impl - > _phy . udpSend ( impl - > _clusterMessageSocket , reinterpret_cast < const struct sockaddr * > ( & ( md . clusterEndpoint ) ) , data , len ) ;
}
static int SclusterGeoIpFunction ( void * uptr , const struct sockaddr_storage * addr , int * x , int * y , int * z )
{
OneServiceImpl * const impl = reinterpret_cast < OneServiceImpl * > ( uptr ) ;
2016-04-18 18:33:54 +00:00
return ( int ) ( impl - > _clusterDefinition - > geo ( ) . locate ( * ( reinterpret_cast < const InetAddress * > ( addr ) ) , * x , * y , * z ) ) ;
2015-10-22 23:02:01 +00:00
}
2015-10-23 20:03:34 +00:00
# endif
2015-10-22 23:02:01 +00:00
2015-04-15 00:57:51 +00:00
static void StapFrameHandler ( void * uptr , uint64_t nwid , const MAC & from , const MAC & to , unsigned int etherType , unsigned int vlanId , const void * data , unsigned int len )
2015-04-15 21:42:26 +00:00
{ reinterpret_cast < OneServiceImpl * > ( uptr ) - > tapFrameHandler ( nwid , from , to , etherType , vlanId , data , len ) ; }
2015-04-15 00:57:51 +00:00
2015-04-11 02:08:49 +00:00
static int ShttpOnMessageBegin ( http_parser * parser )
{
2015-04-28 19:43:10 +00:00
TcpConnection * tc = reinterpret_cast < TcpConnection * > ( parser - > data ) ;
tc - > currentHeaderField = " " ;
tc - > currentHeaderValue = " " ;
tc - > messageSize = 0 ;
tc - > url = " " ;
tc - > status = " " ;
tc - > headers . clear ( ) ;
tc - > body = " " ;
2015-04-11 02:08:49 +00:00
return 0 ;
}
static int ShttpOnUrl ( http_parser * parser , const char * ptr , size_t length )
{
2015-04-28 19:43:10 +00:00
TcpConnection * tc = reinterpret_cast < TcpConnection * > ( parser - > data ) ;
tc - > messageSize + = ( unsigned long ) length ;
if ( tc - > messageSize > ZT_MAX_HTTP_MESSAGE_SIZE )
2015-04-11 02:08:49 +00:00
return - 1 ;
2015-04-28 19:43:10 +00:00
tc - > url . append ( ptr , length ) ;
2015-04-11 02:08:49 +00:00
return 0 ;
}
2016-06-08 19:49:07 +00:00
# if (HTTP_PARSER_VERSION_MAJOR >= 2) && (HTTP_PARSER_VERSION_MINOR >= 2)
2015-04-11 02:08:49 +00:00
static int ShttpOnStatus ( http_parser * parser , const char * ptr , size_t length )
2016-06-08 19:49:07 +00:00
# else
static int ShttpOnStatus ( http_parser * parser )
# endif
2015-04-11 02:08:49 +00:00
{
2016-06-08 19:49:07 +00:00
/*
2015-04-28 19:43:10 +00:00
TcpConnection * tc = reinterpret_cast < TcpConnection * > ( parser - > data ) ;
tc - > messageSize + = ( unsigned long ) length ;
if ( tc - > messageSize > ZT_MAX_HTTP_MESSAGE_SIZE )
2015-04-11 02:08:49 +00:00
return - 1 ;
2015-04-28 19:43:10 +00:00
tc - > status . append ( ptr , length ) ;
2016-06-08 19:49:07 +00:00
*/
2015-04-11 02:08:49 +00:00
return 0 ;
}
static int ShttpOnHeaderField ( http_parser * parser , const char * ptr , size_t length )
{
2015-04-28 19:43:10 +00:00
TcpConnection * tc = reinterpret_cast < TcpConnection * > ( parser - > data ) ;
tc - > messageSize + = ( unsigned long ) length ;
if ( tc - > messageSize > ZT_MAX_HTTP_MESSAGE_SIZE )
2015-04-11 02:08:49 +00:00
return - 1 ;
2015-04-28 19:43:10 +00:00
if ( ( tc - > currentHeaderField . length ( ) ) & & ( tc - > currentHeaderValue . length ( ) ) ) {
tc - > headers [ tc - > currentHeaderField ] = tc - > currentHeaderValue ;
tc - > currentHeaderField = " " ;
tc - > currentHeaderValue = " " ;
2015-04-11 02:08:49 +00:00
}
for ( size_t i = 0 ; i < length ; + + i )
2015-04-28 19:43:10 +00:00
tc - > currentHeaderField . push_back ( OSUtils : : toLower ( ptr [ i ] ) ) ;
2015-04-11 02:08:49 +00:00
return 0 ;
}
static int ShttpOnValue ( http_parser * parser , const char * ptr , size_t length )
{
2015-04-28 19:43:10 +00:00
TcpConnection * tc = reinterpret_cast < TcpConnection * > ( parser - > data ) ;
tc - > messageSize + = ( unsigned long ) length ;
if ( tc - > messageSize > ZT_MAX_HTTP_MESSAGE_SIZE )
2015-04-11 02:08:49 +00:00
return - 1 ;
2015-04-28 19:43:10 +00:00
tc - > currentHeaderValue . append ( ptr , length ) ;
2015-04-11 02:08:49 +00:00
return 0 ;
}
static int ShttpOnHeadersComplete ( http_parser * parser )
{
2015-04-28 19:43:10 +00:00
TcpConnection * tc = reinterpret_cast < TcpConnection * > ( parser - > data ) ;
if ( ( tc - > currentHeaderField . length ( ) ) & & ( tc - > currentHeaderValue . length ( ) ) )
tc - > headers [ tc - > currentHeaderField ] = tc - > currentHeaderValue ;
2015-04-11 02:08:49 +00:00
return 0 ;
}
static int ShttpOnBody ( http_parser * parser , const char * ptr , size_t length )
{
2015-04-28 19:43:10 +00:00
TcpConnection * tc = reinterpret_cast < TcpConnection * > ( parser - > data ) ;
tc - > messageSize + = ( unsigned long ) length ;
if ( tc - > messageSize > ZT_MAX_HTTP_MESSAGE_SIZE )
2015-04-11 02:08:49 +00:00
return - 1 ;
2015-04-28 19:43:10 +00:00
tc - > body . append ( ptr , length ) ;
2015-04-11 02:08:49 +00:00
return 0 ;
}
static int ShttpOnMessageComplete ( http_parser * parser )
{
2015-04-28 19:43:10 +00:00
TcpConnection * tc = reinterpret_cast < TcpConnection * > ( parser - > data ) ;
tc - > shouldKeepAlive = ( http_should_keep_alive ( parser ) ! = 0 ) ;
tc - > lastActivity = OSUtils : : now ( ) ;
if ( tc - > type = = TcpConnection : : TCP_HTTP_INCOMING ) {
tc - > parent - > onHttpRequestToServer ( tc ) ;
2015-04-11 02:08:49 +00:00
} else {
2015-04-28 19:43:10 +00:00
tc - > parent - > onHttpResponseFromClient ( tc ) ;
2015-04-11 02:08:49 +00:00
}
return 0 ;
}
2015-05-20 23:35:33 +00:00
} // anonymous namespace
2015-04-15 21:42:26 +00:00
std : : string OneService : : platformDefaultHomePath ( )
2015-04-10 02:58:04 +00:00
{
2016-06-23 19:37:15 +00:00
return OSUtils : : platformDefaultHomePath ( ) ;
2015-04-10 02:58:04 +00:00
}
2015-05-20 23:35:33 +00:00
std : : string OneService : : autoUpdateUrl ( )
{
# ifdef ZT_AUTO_UPDATE
/*
# if defined(__LINUX__) && ( defined(__i386__) || defined(__x86_64) || defined(__x86_64__) || defined(__amd64) || defined(__i386) )
if ( sizeof ( void * ) = = 8 )
return " http://download.zerotier.com/ZeroTierOneInstaller-linux-x64-LATEST.nfo " ;
else return " http://download.zerotier.com/ZeroTierOneInstaller-linux-x86-LATEST.nfo " ;
# endif
*/
# if defined(__APPLE__) && ( defined(__i386__) || defined(__x86_64) || defined(__x86_64__) || defined(__amd64) || defined(__i386) )
2015-05-21 02:38:49 +00:00
return " http://download.zerotier.com/update/mac_intel/ " ;
2015-05-20 23:35:33 +00:00
# endif
# ifdef __WINDOWS__
2015-05-21 02:38:49 +00:00
return " http://download.zerotier.com/update/win_intel/ " ;
2015-05-20 23:35:33 +00:00
# endif
# endif // ZT_AUTO_UPDATE
return std : : string ( ) ;
}
2016-11-14 23:47:06 +00:00
OneService * OneService : : newInstance ( const char * hp , unsigned int port , const char * allowManagementFrom ) { return new OneServiceImpl ( hp , port , allowManagementFrom ) ; }
2015-04-15 21:42:26 +00:00
OneService : : ~ OneService ( ) { }
2015-04-10 01:14:27 +00:00
} // namespace ZeroTier