ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-01-29 15:43:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'dev' of github.com:/zerotier/ZeroTierOne into dev

Browse Source
This commit is contained in:
Adam Ierymenko 2022-10-06 16:54:00 -04:00
commit 5a6c229b27
5 changed files with 36 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
controller/PostgreSQL.cpp
View File

@ -442,13 +442,9 @@ AuthInfo PostgreSQL::getSSOAuthInfo(const nlohmann::json &member, const std::str
exit(7);
}
r = w.exec_params("SELECT oc.client_id, oc.authorization_endpoint, oc.issuer, oc.sso_impl_version "
"FROM ztc_network n "
"INNER JOIN ztc_network_oidc_config noc "
" ON noc.network_id = n.id "
"INNER JOIN ztc_oidc_config oc "
" ON noc.client_id = oc.client_id "
"WHERE n.id = $1 AND n.sso_enabled = true", networkId);
r = w.exec_params("SELECT org.client_id, org.authorization_endpoint, org.issuer, org.sso_impl_version "
"FROM ztc_network AS nw, ztc_org AS org "
"WHERE nw.id = $1 AND nw.sso_enabled = true AND org.owner_id = nw.owner_id", networkId);
std::string client_id = "";
std::string authorization_endpoint = "";

4
ext/central-controller-docker/Dockerfile.builder
View File

@ -18,6 +18,8 @@ RUN apt -y install \
libssl-dev \
postgresql-client \
postgresql-client-common \
curl
curl \
google-perftools \
libgoogle-perftools-dev
RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y

8
ext/central-controller-docker/Dockerfile.run_base
View File

@ -1,8 +1,14 @@
FROM ubuntu:jammy
RUN apt update && apt upgrade -y
RUN apt -y install \
postgresql-client \
postgresql-client-common \
libjemalloc2 \
libpq5 \
curl
curl \
binutils \
linux-tools-gke \
perf-tools-unstable \
google-perftools

22
zeroidc/src/lib.rs
View File

@ -498,7 +498,8 @@ impl ZeroIDC {
let n = match i.nonce.clone() {
Some(n) => n,
None => {
println!("no noce");
println!("no nonce");
i.running = false;
return None;
}
};
@ -507,6 +508,7 @@ impl ZeroIDC {
Some(t) => t,
None => {
println!("no id token");
i.running = false;
return None;
}
};
@ -515,6 +517,7 @@ impl ZeroIDC {
Ok(c) => c,
Err(_e) => {
println!("no claims");
i.running = false;
return None;
}
};
@ -523,6 +526,7 @@ impl ZeroIDC {
Ok(s) => s,
Err(_) => {
println!("no signing algorithm");
i.running = false;
return None;
}
};
@ -535,12 +539,14 @@ impl ZeroIDC {
Ok(h) => h,
Err(e) => {
println!("Error hashing access token: {}", e);
i.running = false;
return None;
}
};
if actual_hash != *expected_hash {
println!("token hash error");
i.running = false;
return None;
}
}
@ -549,7 +555,7 @@ impl ZeroIDC {
Err(e) => {
println!("token response error: {:?}", e.to_string());
println!("\t {:?}", e.source());
i.running = false;
None
}
}
@ -634,10 +640,12 @@ impl ZeroIDC {
Ok(bytes)
} else if res.status() == 402 {
Err(SSOExchangeError::new(
"additional license seats required. Please contact your network administrator.".to_string(),
))
i.running = false;
Err(SSOExchangeError::new(
"additional license seats required. Please contact your network administrator.".to_string(),
))
} else {
i.running = false;
Err(SSOExchangeError::new(
"error from central endpoint".to_string(),
))
@ -649,20 +657,24 @@ impl ZeroIDC {
println!("Status: {}", res.status().unwrap());
println!("Post error: {}", res);
i.exp_time = 0;
i.running = false;
Err(SSOExchangeError::new(
"error from central endpoint".to_string(),
))
}
}
} else {
i.running = false;
Err(SSOExchangeError::new(
"error splitting state token".to_string(),
))
}
} else {
i.running = false;
Err(SSOExchangeError::new("invalid token response".to_string()))
}
} else {
i.running = false;
Err(SSOExchangeError::new("invalid pkce verifier".to_string()))
}
});

6
zerotier-one.spec
View File

@ -59,6 +59,12 @@ Requires: systemd openssl
Requires(pre): /usr/sbin/useradd, /usr/bin/getent
%endif
%if "%{?dist}" == ".amzn2022"
BuildRequires: systemd openssl-devel
Requires: systemd openssl
Requires(pre): /usr/sbin/useradd, /usr/bin/getent
%endif
%description
ZeroTier is a software defined networking layer for Earth.