mirror of
https://github.com/zerotier/ZeroTierOne.git
synced 2024-12-23 14:52:24 +00:00
Software updater work.
This commit is contained in:
parent
a064e19b8a
commit
565842b5ec
@ -113,6 +113,32 @@ endif
|
||||
#LDFLAGS=
|
||||
#STRIP=echo
|
||||
|
||||
# Determine system build architecture from compiler target
|
||||
CC_MACH=$(shell $(CC) -dumpmachine | cut -d '-' -f 1)
|
||||
ZT_ARCHITECTURE=0
|
||||
ifeq ($(CC_MACH),x86_64)
|
||||
ZT_ARCHITECTURE=2
|
||||
endif
|
||||
ifeq ($(CC_MACH),amd64)
|
||||
ZT_ARCHITECTURE=2
|
||||
endif
|
||||
ifeq ($(CC_MACH),i386)
|
||||
ZT_ARCHITECTURE=1
|
||||
endif
|
||||
ifeq ($(CC_MACH),i686)
|
||||
ZT_ARCHITECTURE=1
|
||||
endif
|
||||
ifeq ($(CC_MACH),arm)
|
||||
ZT_ARCHITECTURE=3
|
||||
endif
|
||||
ifeq ($(CC_MACH),arm64)
|
||||
ZT_ARCHITECTURE=4
|
||||
endif
|
||||
ifeq ($(CC_MACH),aarch64)
|
||||
ZT_ARCHITECTURE=4
|
||||
endif
|
||||
DEFS+=-DZT_BUILD_PLATFORM=1 -DZT_BUILD_ARCHITECTURE=$(ZT_ARCHITECTURE)
|
||||
|
||||
all: one
|
||||
|
||||
one: $(OBJS) service/OneService.o one.o osdep/LinuxEthernetTap.o osdep/LinuxDropPrivileges.o
|
||||
|
@ -57,6 +57,9 @@ endif
|
||||
|
||||
CXXFLAGS=$(CFLAGS) -mmacosx-version-min=10.7 -std=c++11 -stdlib=libc++
|
||||
|
||||
# 3 == MacOS, 2 == X64
|
||||
DEFS+=-DZT_BUILD_PLATFORM=3 -DZT_BUILD_ARCHITECTURE=2
|
||||
|
||||
all: one macui
|
||||
|
||||
one: $(OBJS) service/OneService.o one.o
|
||||
|
@ -31,4 +31,5 @@ OBJS=\
|
||||
osdep/Http.o \
|
||||
osdep/OSUtils.o \
|
||||
service/ClusterGeoIpService.o \
|
||||
service/ControlPlane.o
|
||||
service/ControlPlane.o \
|
||||
service/SoftwareUpdater.o
|
||||
|
@ -23,6 +23,7 @@
|
||||
#include <sys/stat.h>
|
||||
|
||||
#include "../node/Constants.hpp"
|
||||
#include "../node/Utils.hpp"
|
||||
|
||||
#ifdef __UNIX_LIKE__
|
||||
#include <unistd.h>
|
||||
@ -453,6 +454,23 @@ std::string OSUtils::jsonString(const nlohmann::json &jv,const char *dfl)
|
||||
return std::string((dfl) ? dfl : "");
|
||||
}
|
||||
|
||||
std::string OSUtils::jsonBinFromHex(const nlohmann::json &jv)
|
||||
{
|
||||
std::string s(jsonString(jv,""));
|
||||
if (s.length() > 0) {
|
||||
char *buf = new char[(s.length() / 2) + 1];
|
||||
try {
|
||||
unsigned int l = Utils::unhex(s,buf,(unsigned int)s.length());
|
||||
std::string b(buf,l);
|
||||
delete [] buf;
|
||||
return b;
|
||||
} catch ( ... ) {
|
||||
delete [] buf;
|
||||
}
|
||||
}
|
||||
return std::string();
|
||||
}
|
||||
|
||||
// Used to convert HTTP header names to ASCII lower case
|
||||
const unsigned char OSUtils::TOLOWER_TABLE[256] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, ' ', '!', '"', '#', '$', '%', '&', 0x27, '(', ')', '*', '+', ',', '-', '.', '/', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', ':', ';', '<', '=', '>', '?', '@', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '{', '|', '}', '~', '_', '`', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '{', '|', '}', '~', 0x7f, 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff };
|
||||
|
||||
|
@ -274,6 +274,7 @@ public:
|
||||
static uint64_t jsonInt(const nlohmann::json &jv,const uint64_t dfl);
|
||||
static bool jsonBool(const nlohmann::json &jv,const bool dfl);
|
||||
static std::string jsonString(const nlohmann::json &jv,const char *dfl);
|
||||
static std::string jsonBinFromHex(const nlohmann::json &jv);
|
||||
|
||||
private:
|
||||
static const unsigned char TOLOWER_TABLE[256];
|
||||
|
235
service/SoftwareUpdater.cpp
Normal file
235
service/SoftwareUpdater.cpp
Normal file
@ -0,0 +1,235 @@
|
||||
/*
|
||||
* ZeroTier One - Network Virtualization Everywhere
|
||||
* Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <stdint.h>
|
||||
|
||||
#include "SoftwareUpdater.hpp"
|
||||
|
||||
#include "../version.h"
|
||||
|
||||
#include "../node/Constants.hpp"
|
||||
#include "../node/Utils.hpp"
|
||||
#include "../node/SHA512.hpp"
|
||||
#include "../node/Buffer.hpp"
|
||||
#include "../node/Node.hpp"
|
||||
#include "../osdep/OSUtils.hpp"
|
||||
|
||||
namespace ZeroTier {
|
||||
|
||||
SoftwareUpdater::SoftwareUpdater(Node &node,const char *homePath,bool updateDistributor) :
|
||||
_node(node),
|
||||
_lastCheckTime(OSUtils::now()), // check in the future in case we just started, in which case we're probably offline
|
||||
_homePath(homePath)
|
||||
{
|
||||
// Load all updates we are distributing if we are an update distributor and have an update-dist.d folder
|
||||
if (updateDistributor) {
|
||||
std::string udd(_homePath + ZT_PATH_SEPARATOR_S + "update-dist.d");
|
||||
std::vector<std::string> ud(OSUtils::listDirectory(udd.c_str()));
|
||||
for(std::vector<std::string>::iterator u(ud.begin());u!=ud.end();++u) {
|
||||
// Each update has a companion .json file describing it. Other files are ignored.
|
||||
if ((u->length() > 5)&&(u->substr(u->length() - 5,5) == ".json")) {
|
||||
std::string buf;
|
||||
if (OSUtils::readFile((udd + ZT_PATH_SEPARATOR_S + *u).c_str(),buf)) {
|
||||
try {
|
||||
_D d;
|
||||
d.meta = OSUtils::jsonParse(buf);
|
||||
std::string metaHash = OSUtils::jsonBinFromHex(d.meta[ZT_SOFTWARE_UPDATE_JSON_UPDATE_HASH]);
|
||||
if ((metaHash.length() == ZT_SHA512_DIGEST_LEN)&&(OSUtils::readFile((udd + ZT_PATH_SEPARATOR_S + u->substr(0,u->length() - 5)).c_str(),d.bin))) {
|
||||
uint8_t sha512[ZT_SHA512_DIGEST_LEN];
|
||||
SHA512::hash(sha512,d.bin.data(),(unsigned int)d.bin.length());
|
||||
if (!memcmp(sha512,metaHash.data(),ZT_SHA512_DIGEST_LEN)) { // double check that hash in JSON is correct
|
||||
_dist[Array<uint8_t,16>(sha512)] = d;
|
||||
}
|
||||
}
|
||||
} catch ( ... ) {} // ignore bad meta JSON, etc.
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
SoftwareUpdater::~SoftwareUpdater()
|
||||
{
|
||||
}
|
||||
|
||||
void SoftwareUpdater::handleSoftwareUpdateUserMessage(uint64_t origin,const void *data,unsigned int len)
|
||||
{
|
||||
if (!len) return;
|
||||
try {
|
||||
const MessageVerb v = (MessageVerb)reinterpret_cast<const uint8_t *>(data)[0];
|
||||
switch(v) {
|
||||
case VERB_GET_LATEST:
|
||||
case VERB_LATEST: {
|
||||
nlohmann::json req = OSUtils::jsonParse(std::string(reinterpret_cast<const char *>(data) + 1,len - 1));
|
||||
if (req.is_object()) {
|
||||
const unsigned int rvMaj = (unsigned int)OSUtils::jsonInt(req[ZT_SOFTWARE_UPDATE_JSON_VERSION_MAJOR],0);
|
||||
const unsigned int rvMin = (unsigned int)OSUtils::jsonInt(req[ZT_SOFTWARE_UPDATE_JSON_VERSION_MINOR],0);
|
||||
const unsigned int rvRev = (unsigned int)OSUtils::jsonInt(req[ZT_SOFTWARE_UPDATE_JSON_VERSION_REVISION],0);
|
||||
if (v == VERB_GET_LATEST) {
|
||||
|
||||
if (_dist.size() > 0) {
|
||||
const nlohmann::json *latest = (const nlohmann::json *)0;
|
||||
const std::string rSigner = OSUtils::jsonString(req[ZT_SOFTWARE_UPDATE_JSON_EXPECT_SIGNED_BY],"");
|
||||
for(std::map< Array<uint8_t,16>,_D >::const_iterator d(_dist.begin());d!=_dist.end();++d) {
|
||||
if (OSUtils::jsonString(d->second.meta[ZT_SOFTWARE_UPDATE_JSON_UPDATE_SIGNED_BY],"") == rSigner) {
|
||||
const unsigned int dvMaj = (unsigned int)OSUtils::jsonInt(d->second.meta[ZT_SOFTWARE_UPDATE_JSON_VERSION_MAJOR],0);
|
||||
const unsigned int dvMin = (unsigned int)OSUtils::jsonInt(d->second.meta[ZT_SOFTWARE_UPDATE_JSON_VERSION_MINOR],0);
|
||||
const unsigned int dvRev = (unsigned int)OSUtils::jsonInt(d->second.meta[ZT_SOFTWARE_UPDATE_JSON_VERSION_REVISION],0);
|
||||
if (Utils::compareVersion(dvMaj,dvMin,dvRev,rvMaj,rvMin,rvRev) > 0)
|
||||
latest = &(d->second.meta);
|
||||
}
|
||||
}
|
||||
if (latest) {
|
||||
std::string lj;
|
||||
lj.push_back((char)VERB_LATEST);
|
||||
lj.append(OSUtils::jsonDump(*latest));
|
||||
_node.sendUserMessage(origin,ZT_SOFTWARE_UPDATE_USER_MESSAGE_TYPE,lj.data(),(unsigned int)lj.length());
|
||||
}
|
||||
} // else no reply, since we have nothing to distribute
|
||||
|
||||
} else { // VERB_LATEST
|
||||
|
||||
if ((origin == ZT_SOFTWARE_UPDATE_SERVICE)&&
|
||||
(Utils::compareVersion(rvMaj,rvMin,rvRev,ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION) > 0)&&
|
||||
(OSUtils::jsonString(req[ZT_SOFTWARE_UPDATE_JSON_UPDATE_SIGNED_BY],"") == ZT_SOFTWARE_UPDATE_SIGNING_AUTHORITY)) {
|
||||
const unsigned long len = (unsigned long)OSUtils::jsonInt(req[ZT_SOFTWARE_UPDATE_JSON_UPDATE_SIZE],0);
|
||||
const std::string hash = OSUtils::jsonBinFromHex(req[ZT_SOFTWARE_UPDATE_JSON_UPDATE_HASH]);
|
||||
if ((len <= ZT_SOFTWARE_UPDATE_MAX_SIZE)&&(hash.length() >= 16)) {
|
||||
if (_latestMeta != req) {
|
||||
_latestMeta = req;
|
||||
_latestBin = "";
|
||||
memcpy(_latestBinHashPrefix.data,hash.data(),16);
|
||||
_latestBinLength = len;
|
||||
_latestBinValid = false;
|
||||
}
|
||||
|
||||
Buffer<128> gd;
|
||||
gd.append((uint8_t)VERB_GET_DATA);
|
||||
gd.append(_latestBinHashPrefix.data,16);
|
||||
gd.append((uint32_t)_latestBin.length());
|
||||
_node.sendUserMessage(ZT_SOFTWARE_UPDATE_SERVICE,ZT_SOFTWARE_UPDATE_USER_MESSAGE_TYPE,gd.data(),gd.size());
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
} break;
|
||||
|
||||
case VERB_GET_DATA:
|
||||
if ((len >= 21)&&(_dist.size() > 0)) {
|
||||
std::map< Array<uint8_t,16>,_D >::iterator d(_dist.find(Array<uint8_t,16>(reinterpret_cast<const uint8_t *>(data) + 1)));
|
||||
if (d != _dist.end()) {
|
||||
unsigned long idx = (unsigned long)*(reinterpret_cast<const uint8_t *>(data) + 17) << 24;
|
||||
idx |= (unsigned long)*(reinterpret_cast<const uint8_t *>(data) + 18) << 16;
|
||||
idx |= (unsigned long)*(reinterpret_cast<const uint8_t *>(data) + 19) << 8;
|
||||
idx |= (unsigned long)*(reinterpret_cast<const uint8_t *>(data) + 20);
|
||||
if (idx < d->second.bin.length()) {
|
||||
Buffer<ZT_SOFTWARE_UPDATE_CHUNK_SIZE + 128> buf;
|
||||
buf.append((uint8_t)VERB_DATA);
|
||||
buf.append(reinterpret_cast<const uint8_t *>(data) + 1,16);
|
||||
buf.append((uint32_t)idx);
|
||||
buf.append(d->second.bin.data() + idx,std::max((unsigned long)ZT_SOFTWARE_UPDATE_CHUNK_SIZE,(unsigned long)(d->second.bin.length() - idx)));
|
||||
_node.sendUserMessage(origin,ZT_SOFTWARE_UPDATE_USER_MESSAGE_TYPE,buf.data(),buf.size());
|
||||
}
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
case VERB_DATA:
|
||||
if ((len >= 21)&&(!memcmp(_latestBinHashPrefix.data,reinterpret_cast<const uint8_t *>(data) + 1,16))) {
|
||||
unsigned long idx = (unsigned long)*(reinterpret_cast<const uint8_t *>(data) + 17) << 24;
|
||||
idx |= (unsigned long)*(reinterpret_cast<const uint8_t *>(data) + 18) << 16;
|
||||
idx |= (unsigned long)*(reinterpret_cast<const uint8_t *>(data) + 19) << 8;
|
||||
idx |= (unsigned long)*(reinterpret_cast<const uint8_t *>(data) + 20);
|
||||
if (idx == _latestBin.length())
|
||||
_latestBin.append(reinterpret_cast<const char *>(data) + 21,len - 21);
|
||||
|
||||
if (_latestBin.length() < _latestBinLength) {
|
||||
Buffer<128> gd;
|
||||
gd.append((uint8_t)VERB_GET_DATA);
|
||||
gd.append(_latestBinHashPrefix.data,16);
|
||||
gd.append((uint32_t)_latestBin.length());
|
||||
_node.sendUserMessage(ZT_SOFTWARE_UPDATE_SERVICE,ZT_SOFTWARE_UPDATE_USER_MESSAGE_TYPE,gd.data(),gd.size());
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
default:
|
||||
break;
|
||||
}
|
||||
} catch ( ... ) {
|
||||
// Discard bad messages
|
||||
}
|
||||
}
|
||||
|
||||
nlohmann::json SoftwareUpdater::check()
|
||||
{
|
||||
if (_latestBinLength > 0) {
|
||||
if (_latestBin.length() >= _latestBinLength) {
|
||||
if (_latestBinValid) {
|
||||
return _latestMeta;
|
||||
} else {
|
||||
// This is the important security verification part!
|
||||
|
||||
try {
|
||||
// (1) Check the hash itself to make sure the image is basically okay
|
||||
uint8_t sha512[ZT_SHA512_DIGEST_LEN];
|
||||
SHA512::hash(sha512,_latestBin.data(),(unsigned int)_latestBin.length());
|
||||
if (Utils::hex(sha512,ZT_SHA512_DIGEST_LEN) == OSUtils::jsonString(_latestMeta[ZT_SOFTWARE_UPDATE_JSON_UPDATE_HASH],"")) {
|
||||
// (2) Check signature by signing authority
|
||||
std::string sig(OSUtils::jsonBinFromHex(_latestMeta[ZT_SOFTWARE_UPDATE_JSON_UPDATE_SIGNATURE]));
|
||||
if (Identity(ZT_SOFTWARE_UPDATE_SIGNING_AUTHORITY).verify(_latestBin.data(),(unsigned int)_latestBin.length(),sig.data(),(unsigned int)sig.length())) {
|
||||
// If we passed both of these, the update is good!
|
||||
_latestBinValid = true;
|
||||
return _latestMeta;
|
||||
}
|
||||
}
|
||||
} catch ( ... ) {} // any exception equals verification failure
|
||||
|
||||
// If we get here, checks failed.
|
||||
_latestMeta = nlohmann::json();
|
||||
_latestBin = "";
|
||||
_latestBinLength = 0;
|
||||
_latestBinValid = false;
|
||||
}
|
||||
} else {
|
||||
Buffer<128> gd;
|
||||
gd.append((uint8_t)VERB_GET_DATA);
|
||||
gd.append(_latestBinHashPrefix.data,16);
|
||||
gd.append((uint32_t)_latestBin.length());
|
||||
_node.sendUserMessage(ZT_SOFTWARE_UPDATE_SERVICE,ZT_SOFTWARE_UPDATE_USER_MESSAGE_TYPE,gd.data(),gd.size());
|
||||
}
|
||||
}
|
||||
|
||||
const uint64_t now = OSUtils::now();
|
||||
if ((now - _lastCheckTime) >= ZT_SOFTWARE_UPDATE_CHECK_PERIOD) {
|
||||
}
|
||||
|
||||
return nlohmann::json();
|
||||
}
|
||||
|
||||
void SoftwareUpdater::apply()
|
||||
{
|
||||
if ((_latestBin.length() == _latestBinLength)&&(_latestBinLength > 0)&&(_latestBinValid)) {
|
||||
}
|
||||
}
|
||||
|
||||
} // namespace ZeroTier
|
171
service/SoftwareUpdater.hpp
Normal file
171
service/SoftwareUpdater.hpp
Normal file
@ -0,0 +1,171 @@
|
||||
/*
|
||||
* ZeroTier One - Network Virtualization Everywhere
|
||||
* Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#ifndef ZT_SOFTWAREUPDATER_HPP
|
||||
#define ZT_SOFTWAREUPDATER_HPP
|
||||
|
||||
#include <stdint.h>
|
||||
|
||||
#include <vector>
|
||||
#include <map>
|
||||
#include <string>
|
||||
|
||||
#include "../include/ZeroTierOne.h"
|
||||
#include "../node/Identity.hpp"
|
||||
#include "../node/Array.hpp"
|
||||
|
||||
#include "../ext/json/json.hpp"
|
||||
|
||||
/**
|
||||
* VERB_USER_MESSAGE type ID for software update messages
|
||||
*/
|
||||
#define ZT_SOFTWARE_UPDATE_USER_MESSAGE_TYPE 1000
|
||||
|
||||
/**
|
||||
* ZeroTier address of node that provides software updates
|
||||
*/
|
||||
#define ZT_SOFTWARE_UPDATE_SERVICE 0xc1243d3869ULL
|
||||
|
||||
/**
|
||||
* ZeroTier identity that must be used to sign software updates
|
||||
*/
|
||||
#define ZT_SOFTWARE_UPDATE_SIGNING_AUTHORITY ""
|
||||
|
||||
/**
|
||||
* Chunk size for in-band downloads (can be changed, designed to always fit in one UDP packet easily)
|
||||
*/
|
||||
#define ZT_SOFTWARE_UPDATE_CHUNK_SIZE 1380
|
||||
|
||||
/**
|
||||
* Sanity limit for the size of an update binary image
|
||||
*/
|
||||
#define ZT_SOFTWARE_UPDATE_MAX_SIZE (1024 * 1024 * 256)
|
||||
|
||||
/**
|
||||
* How often (ms) do we check?
|
||||
*/
|
||||
#define ZT_SOFTWARE_UPDATE_CHECK_PERIOD (60 * 60 * 1000)
|
||||
|
||||
#define ZT_SOFTWARE_UPDATE_JSON_VERSION_MAJOR "versionMajor"
|
||||
#define ZT_SOFTWARE_UPDATE_JSON_VERSION_MINOR "versionMinor"
|
||||
#define ZT_SOFTWARE_UPDATE_JSON_VERSION_REVISION "versionRev"
|
||||
#define ZT_SOFTWARE_UPDATE_JSON_EXPECT_SIGNED_BY "expectedSigner"
|
||||
#define ZT_SOFTWARE_UPDATE_JSON_PLATFORM "platform"
|
||||
#define ZT_SOFTWARE_UPDATE_JSON_ARCHITECTURE "arch"
|
||||
#define ZT_SOFTWARE_UPDATE_JSON_WORD_SIZE "wordSize"
|
||||
#define ZT_SOFTWARE_UPDATE_JSON_VENDOR "vendor"
|
||||
#define ZT_SOFTWARE_UPDATE_JSON_CHANNEL "channel"
|
||||
#define ZT_SOFTWARE_UPDATE_JSON_UPDATE_SIGNED_BY "updateSigner"
|
||||
#define ZT_SOFTWARE_UPDATE_JSON_UPDATE_SIGNATURE "updateSig"
|
||||
#define ZT_SOFTWARE_UPDATE_JSON_UPDATE_HASH "updateHash"
|
||||
#define ZT_SOFTWARE_UPDATE_JSON_UPDATE_SIZE "updateSize"
|
||||
#define ZT_SOFTWARE_UPDATE_JSON_EXEC_ARGS "updateExecArgs"
|
||||
|
||||
namespace ZeroTier {
|
||||
|
||||
class Node;
|
||||
|
||||
/**
|
||||
* This class handles retrieving and executing updates, or serving them
|
||||
*/
|
||||
class SoftwareUpdater
|
||||
{
|
||||
public:
|
||||
/**
|
||||
* Each message begins with an 8-bit message verb
|
||||
*/
|
||||
enum MessageVerb
|
||||
{
|
||||
/**
|
||||
* Payload: JSON containing current system platform, version, etc.
|
||||
*/
|
||||
VERB_GET_LATEST = 1,
|
||||
|
||||
/**
|
||||
* Payload: JSON describing latest update for this target. (No response is sent if there is none.)
|
||||
*/
|
||||
VERB_LATEST = 2,
|
||||
|
||||
/**
|
||||
* Payload:
|
||||
* <[16] first 128 bits of hash of data object>
|
||||
* <[4] 32-bit index of chunk to get>
|
||||
*/
|
||||
VERB_GET_DATA = 3,
|
||||
|
||||
/**
|
||||
* Payload:
|
||||
* <[16] first 128 bits of hash of data object>
|
||||
* <[4] 32-bit index of chunk>
|
||||
* <[...] chunk data>
|
||||
*/
|
||||
VERB_DATA = 4
|
||||
};
|
||||
|
||||
SoftwareUpdater(Node &node,const char *homePath,bool updateDistributor);
|
||||
~SoftwareUpdater();
|
||||
|
||||
/**
|
||||
* Handle a software update user message
|
||||
*
|
||||
* @param origin ZeroTier address of message origin
|
||||
* @param data Message payload
|
||||
* @param len Length of message
|
||||
*/
|
||||
void handleSoftwareUpdateUserMessage(uint64_t origin,const void *data,unsigned int len);
|
||||
|
||||
/**
|
||||
* Check for updates and do other update-related housekeeping
|
||||
*
|
||||
* It should be called about every 10 seconds.
|
||||
*
|
||||
* @return Null JSON object or update information if there is an update downloaded and ready
|
||||
*/
|
||||
nlohmann::json check();
|
||||
|
||||
/**
|
||||
* Apply any ready update now
|
||||
*
|
||||
* Depending on the platform this function may never return and may forcibly
|
||||
* exit the process. It does nothing if no update is ready.
|
||||
*/
|
||||
void apply();
|
||||
|
||||
private:
|
||||
Node &_node;
|
||||
uint64_t _lastCheckTime;
|
||||
std::string _homePath;
|
||||
|
||||
// Offered software updates if we are an update host (we have update-dist.d and update hosting is enabled)
|
||||
struct _D
|
||||
{
|
||||
nlohmann::json meta;
|
||||
std::string bin;
|
||||
};
|
||||
std::map< Array<uint8_t,16>,_D > _dist; // key is first 16 bytes of hash
|
||||
|
||||
nlohmann::json _latestMeta;
|
||||
std::string _latestBin;
|
||||
Array<uint8_t,16> _latestBinHashPrefix;
|
||||
unsigned long _latestBinLength;
|
||||
bool _latestBinValid;
|
||||
};
|
||||
|
||||
} // namespace ZeroTier
|
||||
|
||||
#endif
|
Loading…
Reference in New Issue
Block a user