ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-05-20 17:33:29 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Cleanup and warning removal.

Browse Source
This commit is contained in:
Adam Ierymenko 2019-09-13 16:24:02 -07:00
parent 063a16fcd6
commit 9f9032ae36
No known key found for this signature in database
GPG Key ID: C8877CF2D7A5D7F3
10 changed files with 55 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CMakeLists.txt
View File

@ -121,6 +121,7 @@ if (
message("Adding SSE and AES-NI flags for processor ${CMAKE_SYSTEM_PROCESSOR}") message("Adding SSE and AES-NI flags for processor ${CMAKE_SYSTEM_PROCESSOR}")
add_compile_options( add_compile_options(
-maes -maes
-mmmx
-mrdrnd -mrdrnd
-mpclmul -mpclmul
-msse -msse

83
node/AES-aesni.c
View File

@ -19,20 +19,14 @@
#if (defined(__amd64) || defined(__amd64__) || defined(__x86_64) || defined(__x86_64__) || defined(__AMD64) || defined(__AMD64__) || defined(_M_X64)) #if (defined(__amd64) || defined(__amd64__) || defined(__x86_64) || defined(__x86_64__) || defined(__AMD64) || defined(__AMD64__) || defined(_M_X64))
#include <stdint.h> #include <stdint.h>
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include <wmmintrin.h> #include <wmmintrin.h>
#include <emmintrin.h> #include <emmintrin.h>
#include <smmintrin.h> #include <smmintrin.h>
#include <immintrin.h>
/* #define register */ #define ZT_AES_CTR_AESNI_ROUND(kk) c0 = _mm_aesenc_si128(c0,kk); c1 = _mm_aesenc_si128(c1,kk); c2 = _mm_aesenc_si128(c2,kk); c3 = _mm_aesenc_si128(c3,kk);
void zt_crypt_ctr_aesni(const __m128i key[14],const uint8_t iv[16],const uint8_t *in,unsigned int len,uint8_t *out) void zt_crypt_ctr_aesni(const __m128i key[14],const uint8_t iv[16],const uint8_t *in,unsigned int len,uint8_t *out)
{ {
_mm_prefetch(in,_MM_HINT_NTA);
/* Because our CTR supports full 128-bit nonces, we must do a full 128-bit (big-endian) /* Because our CTR supports full 128-bit nonces, we must do a full 128-bit (big-endian)
* increment to be compatible with canonical NIST-certified CTR implementations. That's * increment to be compatible with canonical NIST-certified CTR implementations. That's
* because it's possible to have a lot of bit saturation in the least significant 64 * because it's possible to have a lot of bit saturation in the least significant 64
@ -55,82 +49,61 @@ void zt_crypt_ctr_aesni(const __m128i key[14],const uint8_t iv[16],const uint8_t
register __m128i ctr3 = _mm_shuffle_epi8(_mm_add_epi64(ctr0,_mm_set_epi64x((long long)(notctr0msq < 3ULL),3LL)),swap128); register __m128i ctr3 = _mm_shuffle_epi8(_mm_add_epi64(ctr0,_mm_set_epi64x((long long)(notctr0msq < 3ULL),3LL)),swap128);
ctr0 = _mm_shuffle_epi8(ctr0,swap128); ctr0 = _mm_shuffle_epi8(ctr0,swap128);
register __m128i k0 = key[0];
register __m128i k1 = key[1];
while (len >= 64) { while (len >= 64) {
_mm_prefetch(in + 64,_MM_HINT_NTA); register __m128i ka = key[2];
register __m128i ka = key[0]; register __m128i c0 = _mm_xor_si128(ctr0,k0);
register __m128i c0 = _mm_xor_si128(ctr0,ka); register __m128i c1 = _mm_xor_si128(ctr1,k0);
register __m128i c2 = _mm_xor_si128(ctr2,k0);
register __m128i c3 = _mm_xor_si128(ctr3,k0);
ctr0 = _mm_shuffle_epi8(ctr0,swap128); ctr0 = _mm_shuffle_epi8(ctr0,swap128);
notctr0msq = ~((uint64_t)_mm_extract_epi64(ctr0,0)); notctr0msq = ~((uint64_t)_mm_extract_epi64(ctr0,0));
register __m128i c1 = _mm_xor_si128(ctr1,ka);
register __m128i c2 = _mm_xor_si128(ctr2,ka);
register __m128i c3 = _mm_xor_si128(ctr3,ka);
register __m128i kb = key[1];
ctr1 = _mm_shuffle_epi8(_mm_add_epi64(ctr0,_mm_set_epi64x((long long)(notctr0msq < 5ULL),5LL)),swap128); ctr1 = _mm_shuffle_epi8(_mm_add_epi64(ctr0,_mm_set_epi64x((long long)(notctr0msq < 5ULL),5LL)),swap128);
ctr2 = _mm_shuffle_epi8(_mm_add_epi64(ctr0,_mm_set_epi64x((long long)(notctr0msq < 6ULL),6LL)),swap128); ctr2 = _mm_shuffle_epi8(_mm_add_epi64(ctr0,_mm_set_epi64x((long long)(notctr0msq < 6ULL),6LL)),swap128);
register __m128i kc = key[2];
ctr3 = _mm_shuffle_epi8(_mm_add_epi64(ctr0,_mm_set_epi64x((long long)(notctr0msq < 7ULL),7LL)),swap128); ctr3 = _mm_shuffle_epi8(_mm_add_epi64(ctr0,_mm_set_epi64x((long long)(notctr0msq < 7ULL),7LL)),swap128);
ctr0 = _mm_shuffle_epi8(_mm_add_epi64(ctr0,_mm_set_epi64x((long long)(notctr0msq < 4ULL),4LL)),swap128); ctr0 = _mm_shuffle_epi8(_mm_add_epi64(ctr0,_mm_set_epi64x((long long)(notctr0msq < 4ULL),4LL)),swap128);
register __m128i kd = key[3]; register __m128i kb = key[3];
#define ZT_AES_CTR_AESNI_ROUND(kk) \ ZT_AES_CTR_AESNI_ROUND(k1);
c0 = _mm_aesenc_si128(c0,kk); \ register __m128i kc = key[4];
c1 = _mm_aesenc_si128(c1,kk); \
c2 = _mm_aesenc_si128(c2,kk); \
c3 = _mm_aesenc_si128(c3,kk);
ka = key[4];
ZT_AES_CTR_AESNI_ROUND(kb);
kb = key[5];
ZT_AES_CTR_AESNI_ROUND(kc);
kc = key[6];
ZT_AES_CTR_AESNI_ROUND(kd);
kd = key[7];
ZT_AES_CTR_AESNI_ROUND(ka); ZT_AES_CTR_AESNI_ROUND(ka);
ka = key[8]; register __m128i kd = key[5];
ZT_AES_CTR_AESNI_ROUND(kb); ZT_AES_CTR_AESNI_ROUND(kb);
kb = key[9]; ka = key[6];
ZT_AES_CTR_AESNI_ROUND(kc); ZT_AES_CTR_AESNI_ROUND(kc);
kc = key[10]; kb = key[7];
ZT_AES_CTR_AESNI_ROUND(kd); ZT_AES_CTR_AESNI_ROUND(kd);
kd = key[11]; kc = key[8];
ZT_AES_CTR_AESNI_ROUND(ka); ZT_AES_CTR_AESNI_ROUND(ka);
ka = key[12]; kd = key[9];
ZT_AES_CTR_AESNI_ROUND(kb); ZT_AES_CTR_AESNI_ROUND(kb);
kb = key[13]; ka = key[10];
ZT_AES_CTR_AESNI_ROUND(kc); ZT_AES_CTR_AESNI_ROUND(kc);
kc = key[14]; kb = key[11];
ZT_AES_CTR_AESNI_ROUND(kd); ZT_AES_CTR_AESNI_ROUND(kd);
kc = key[12];
ZT_AES_CTR_AESNI_ROUND(ka); ZT_AES_CTR_AESNI_ROUND(ka);
kd = key[13];
ZT_AES_CTR_AESNI_ROUND(kb); ZT_AES_CTR_AESNI_ROUND(kb);
#undef ZT_AES_CTR_AESNI_ROUND ka = key[14];
register __m128i d0 = _mm_loadu_si128((const __m128i *)in); ZT_AES_CTR_AESNI_ROUND(kc);
register __m128i d1 = _mm_loadu_si128((const __m128i *)(in + 16)); ZT_AES_CTR_AESNI_ROUND(kd);
register __m128i d2 = _mm_loadu_si128((const __m128i *)(in + 32)); _mm_storeu_si128((__m128i *)out,_mm_xor_si128(_mm_loadu_si128((const __m128i *)in),_mm_aesenclast_si128(c0,ka)));
register __m128i d3 = _mm_loadu_si128((const __m128i *)(in + 48)); _mm_storeu_si128((__m128i *)(out + 16),_mm_xor_si128(_mm_loadu_si128((const __m128i *)(in + 16)),_mm_aesenclast_si128(c1,ka)));
c0 = _mm_aesenclast_si128(c0,kc); _mm_storeu_si128((__m128i *)(out + 32),_mm_xor_si128(_mm_loadu_si128((const __m128i *)(in + 32)),_mm_aesenclast_si128(c2,ka)));
c1 = _mm_aesenclast_si128(c1,kc); _mm_storeu_si128((__m128i *)(out + 48),_mm_xor_si128(_mm_loadu_si128((const __m128i *)(in + 48)),_mm_aesenclast_si128(c3,ka)));
c2 = _mm_aesenclast_si128(c2,kc);
c3 = _mm_aesenclast_si128(c3,kc);
d0 = _mm_xor_si128(d0,c0);
d1 = _mm_xor_si128(d1,c1);
d2 = _mm_xor_si128(d2,c2);
d3 = _mm_xor_si128(d3,c3);
_mm_storeu_si128((__m128i *)out,d0);
_mm_storeu_si128((__m128i *)(out + 16),d1);
_mm_storeu_si128((__m128i *)(out + 32),d2);
_mm_storeu_si128((__m128i *)(out + 48),d3);
in += 64; in += 64;
out += 64; out += 64;
len -= 64; len -= 64;
} }
register __m128i k0 = key[0];
register __m128i k1 = key[1];
register __m128i k2 = key[2]; register __m128i k2 = key[2];
register __m128i k3 = key[3]; register __m128i k3 = key[3];
register __m128i k4 = key[4]; register __m128i k4 = key[4];
register __m128i k5 = key[5]; register __m128i k5 = key[5];
register __m128i k6 = key[6]; register __m128i k6 = key[6];
register __m128i k7 = key[7]; register __m128i k7 = key[7];
/* not enough XMM registers for all of them, but it helps slightly... */
while (len >= 16) { while (len >= 16) {
register __m128i c0 = _mm_xor_si128(ctr0,k0); register __m128i c0 = _mm_xor_si128(ctr0,k0);

1
node/AES.hpp
View File

@ -23,7 +23,6 @@
#include <wmmintrin.h> #include <wmmintrin.h>
#include <emmintrin.h> #include <emmintrin.h>
#include <smmintrin.h> #include <smmintrin.h>
#include <immintrin.h>
#define ZT_AES_AESNI 1 #define ZT_AES_AESNI 1

25
node/Constants.hpp
View File

@ -25,13 +25,6 @@
#define ZEROTIER_ONE_VERSION_BUILD 255 #define ZEROTIER_ONE_VERSION_BUILD 255
#endif #endif
#ifndef ZT_BUILD_ARCHITECTURE
#define ZT_BUILD_ARCHITECTURE 0
#endif
#ifndef ZT_BUILD_PLATFORM
#define ZT_BUILD_PLATFORM 0
#endif
// //
// This include file also auto-detects and canonicalizes some environment // This include file also auto-detects and canonicalizes some environment
// information defines: // information defines:
@ -106,7 +99,7 @@
#ifdef __NetBSD__ #ifdef __NetBSD__
#ifndef RTF_MULTICAST #ifndef RTF_MULTICAST
#define RTF_MULTICAST 0x20000000 #define RTF_MULTICAST 0x20000000
#endif #endif
#endif #endif
@ -126,6 +119,9 @@
#define __LITTLE_ENDIAN 1234 #define __LITTLE_ENDIAN 1234
#define __BYTE_ORDER 1234 #define __BYTE_ORDER 1234
#endif #endif
#ifndef __BYTE_ORDER
#include <endian.h>
#endif
#ifdef __WINDOWS__ #ifdef __WINDOWS__
#define ZT_PATH_SEPARATOR '\\' #define ZT_PATH_SEPARATOR '\\'
@ -137,10 +133,6 @@
#define ZT_EOL_S "\n" #define ZT_EOL_S "\n"
#endif #endif
#ifndef __BYTE_ORDER
#include <endian.h>
#endif
#if (defined(__GNUC__) && (__GNUC__ >= 3)) || (defined(__INTEL_COMPILER) && (__INTEL_COMPILER >= 800)) || defined(__clang__) #if (defined(__GNUC__) && (__GNUC__ >= 3)) || (defined(__INTEL_COMPILER) && (__INTEL_COMPILER >= 800)) || defined(__clang__)
#define ZT_ALWAYS_INLINE inline __attribute__((always_inline)) #define ZT_ALWAYS_INLINE inline __attribute__((always_inline))
#ifndef likely #ifndef likely
@ -516,7 +508,7 @@
#define ZT_MAX_BRIDGE_SPAM 32 #define ZT_MAX_BRIDGE_SPAM 32
/** /**
* Interval between direct path pushes in milliseconds * Interval between direct path pushes in milliseconds if we don't have a path
*/ */
#define ZT_DIRECT_PATH_PUSH_INTERVAL 15000 #define ZT_DIRECT_PATH_PUSH_INTERVAL 15000
@ -562,7 +554,7 @@
/** /**
* General rate limit for other kinds of rate-limited packets (HELLO, credential request, etc.) both inbound and outbound * General rate limit for other kinds of rate-limited packets (HELLO, credential request, etc.) both inbound and outbound
*/ */
#define ZT_PEER_GENERAL_RATE_LIMIT 1000 #define ZT_PEER_GENERAL_RATE_LIMIT 500
/** /**
* Don't do expensive identity validation more often than this * Don't do expensive identity validation more often than this
@ -584,11 +576,6 @@
#endif #endif
#endif #endif
/**
* How long is a path or peer considered to have a trust relationship with us (for e.g. relay policy) since last trusted established packet?
*/
#define ZT_TRUST_EXPIRATION 600000
/** /**
* Size of a buffer to store either a C25519 or an ECC P-384 signature * Size of a buffer to store either a C25519 or an ECC P-384 signature
* *

12
node/IncomingPacket.cpp
View File

@ -11,12 +11,6 @@
*/ */
/****/ /****/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <list>
#include "../include/ZeroTierOne.h" #include "../include/ZeroTierOne.h"
#include "Constants.hpp" #include "Constants.hpp"
@ -35,6 +29,12 @@
#include "Revocation.hpp" #include "Revocation.hpp"
#include "Trace.hpp" #include "Trace.hpp"
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <list>
namespace ZeroTier { namespace ZeroTier {
bool IncomingPacket::tryDecode(const RuntimeEnvironment *RR,void *tPtr) bool IncomingPacket::tryDecode(const RuntimeEnvironment *RR,void *tPtr)

31
node/Root.hpp
View File

@ -42,7 +42,7 @@ namespace ZeroTier {
class Root class Root
{ {
public: public:
inline Root() : _dnsPublicKeySize(0) {} ZT_ALWAYS_INLINE Root() : _dnsPublicKeySize(0) {}
/** /**
* Create a new root entry * Create a new root entry
@ -54,7 +54,7 @@ public:
* @param dflAddrs Default IP addresses if DNS is not available * @param dflAddrs Default IP addresses if DNS is not available
*/ */
template<typename S> template<typename S>
inline Root(S dn,const uint8_t *const dnspk,const unsigned int dnspksize,const Identity &dflId,const std::vector<InetAddress> &dflAddrs) : ZT_ALWAYS_INLINE Root(S dn,const uint8_t *const dnspk,const unsigned int dnspksize,const Identity &dflId,const std::vector<InetAddress> &dflAddrs) :
_defaultIdentity(dflId), _defaultIdentity(dflId),
_defaultAddresses(dflAddrs), _defaultAddresses(dflAddrs),
_dnsName(dn), _dnsName(dn),
@ -70,7 +70,7 @@ public:
/** /**
* @return Current identity (either default or latest locator) * @return Current identity (either default or latest locator)
*/ */
inline const Identity id() const ZT_ALWAYS_INLINE const Identity id() const
{ {
if (_lastFetchedLocator.id()) if (_lastFetchedLocator.id())
return _lastFetchedLocator.id(); return _lastFetchedLocator.id();
@ -81,7 +81,7 @@ public:
* @param id Identity to check * @param id Identity to check
* @return True if identity equals this root's current identity * @return True if identity equals this root's current identity
*/ */
inline bool is(const Identity &id) const ZT_ALWAYS_INLINE bool is(const Identity &id) const
{ {
return ((_lastFetchedLocator.id()) ? (id == _lastFetchedLocator.id()) : (id == _defaultIdentity)); return ((_lastFetchedLocator.id()) ? (id == _lastFetchedLocator.id()) : (id == _defaultIdentity));
} }
@ -89,7 +89,7 @@ public:
/** /**
* @return Current ZeroTier address (either default or latest locator) * @return Current ZeroTier address (either default or latest locator)
*/ */
inline const Address address() const ZT_ALWAYS_INLINE const Address address() const
{ {
if (_lastFetchedLocator.id()) if (_lastFetchedLocator.id())
return _lastFetchedLocator.id().address(); return _lastFetchedLocator.id().address();
@ -99,31 +99,22 @@ public:
/** /**
* @return DNS name for this root or empty string if static entry with no DNS * @return DNS name for this root or empty string if static entry with no DNS
*/ */
inline const Str dnsName() const ZT_ALWAYS_INLINE const Str dnsName() const { return _dnsName; }
{
return _dnsName;
}
/** /**
* @return Latest locator or NIL locator object if none * @return Latest locator or NIL locator object if none
*/ */
inline Locator locator() const ZT_ALWAYS_INLINE Locator locator() const { return _lastFetchedLocator; }
{
return _lastFetchedLocator;
}
/** /**
* @return Timestamp of latest retrieved locator or 0 if none * @return Timestamp of latest retrieved locator or 0 if none
*/ */
inline int64_t locatorTimestamp() const ZT_ALWAYS_INLINE int64_t locatorTimestamp() const { return _lastFetchedLocator.timestamp(); }
{
return _lastFetchedLocator.timestamp();
}
/** /**
* Update locator, returning true if new locator is valid and newer than existing * Update locator, returning true if new locator is valid and newer than existing
*/ */
inline bool updateLocator(const Locator &loc) ZT_ALWAYS_INLINE bool updateLocator(const Locator &loc)
{ {
if (!loc.verify()) if (!loc.verify())
return false; return false;
@ -138,7 +129,7 @@ public:
* Update this root's locator from a series of TXT records * Update this root's locator from a series of TXT records
*/ */
template<typename I> template<typename I>
inline bool updateLocatorFromTxt(I start,I end) ZT_ALWAYS_INLINE bool updateLocatorFromTxt(I start,I end)
{ {
try { try {
if (_dnsPublicKeySize != ZT_ECC384_PUBLIC_KEY_SIZE) if (_dnsPublicKeySize != ZT_ECC384_PUBLIC_KEY_SIZE)
@ -161,7 +152,7 @@ public:
* @param addressFamily AF_INET or AF_INET6 * @param addressFamily AF_INET or AF_INET6
* @return Address or InetAddress::NIL if no addresses exist for the given family * @return Address or InetAddress::NIL if no addresses exist for the given family
*/ */
inline const InetAddress &pickPhysical(const int addressFamily) const ZT_ALWAYS_INLINE const InetAddress &pickPhysical(const int addressFamily) const
{ {
std::vector<const InetAddress *> pickList; std::vector<const InetAddress *> pickList;
const std::vector<InetAddress> *const av = (_lastFetchedLocator) ? &(_lastFetchedLocator.phy()) : &_defaultAddresses; const std::vector<InetAddress> *const av = (_lastFetchedLocator) ? &(_lastFetchedLocator.phy()) : &_defaultAddresses;

7
node/RuntimeEnvironment.hpp
View File

@ -37,7 +37,7 @@ class Trace;
class RuntimeEnvironment class RuntimeEnvironment
{ {
public: public:
RuntimeEnvironment(Node *n) : ZT_ALWAYS_INLINE RuntimeEnvironment(Node *n) :
node(n) node(n)
,localNetworkController((NetworkController *)0) ,localNetworkController((NetworkController *)0)
,rtmem((void *)0) ,rtmem((void *)0)
@ -50,10 +50,7 @@ public:
secretIdentityStr[0] = (char)0; secretIdentityStr[0] = (char)0;
} }
~RuntimeEnvironment() ZT_ALWAYS_INLINE ~RuntimeEnvironment() { Utils::burn(secretIdentityStr,sizeof(secretIdentityStr)); }
{
Utils::burn(secretIdentityStr,sizeof(secretIdentityStr));
}
// Node instance that owns this RuntimeEnvironment // Node instance that owns this RuntimeEnvironment
Node *const node; Node *const node;

1
node/Switch.cpp
View File

@ -35,7 +35,6 @@ namespace ZeroTier {
Switch::Switch(const RuntimeEnvironment *renv) : Switch::Switch(const RuntimeEnvironment *renv) :
RR(renv), RR(renv),
_lastBeaconResponse(0),
_lastCheckedQueues(0), _lastCheckedQueues(0),
_lastUniteAttempt(8) // only really used on root servers and upstreams, and it'll grow there just fine _lastUniteAttempt(8) // only really used on root servers and upstreams, and it'll grow there just fine
{ {

1
node/Switch.hpp
View File

@ -202,7 +202,6 @@ private:
bool _trySend(void *tPtr,Packet &packet,bool encrypt); // packet is modified if return is true bool _trySend(void *tPtr,Packet &packet,bool encrypt); // packet is modified if return is true
const RuntimeEnvironment *const RR; const RuntimeEnvironment *const RR;
int64_t _lastBeaconResponse;
volatile int64_t _lastCheckedQueues; volatile int64_t _lastCheckedQueues;
// Time we last sent a WHOIS request for each address // Time we last sent a WHOIS request for each address

1
node/Utils.cpp
View File

@ -43,6 +43,7 @@
namespace ZeroTier { namespace ZeroTier {
#if (defined(__amd64) || defined(__amd64__) || defined(__x86_64) || defined(__x86_64__) || defined(__AMD64) || defined(__AMD64__) || defined(_M_X64)) #if (defined(__amd64) || defined(__amd64__) || defined(__x86_64) || defined(__x86_64__) || defined(__AMD64) || defined(__AMD64__) || defined(_M_X64))
#include <immintrin.h>
static bool _zt_rdrand_supported() static bool _zt_rdrand_supported()
{ {
#ifdef __WINDOWS__ #ifdef __WINDOWS__