ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-02-06 11:10:13 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

for now, only enable sso on certain platforms

Browse Source 
mac, windows, linux x86/x86_64/aarch64
This commit is contained in:
Grant Limberg 2022-02-01 11:07:37 -08:00
parent b7952d7f39
commit aa97aabb4e
No known key found for this signature in database
GPG Key ID: 2BA62CCABBB4095A
6 changed files with 139 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
node/Constants.hpp
View File

@ -50,9 +50,16 @@
#define __UNIX_LIKE__ #define __UNIX_LIKE__
#endif #endif
#include <endian.h> #include <endian.h>
#if (defined(__amd64) || defined(__amd64__) || defined(__x86_64) || defined(__x86_64__) || defined(__AMD64) || defined(__AMD64__) || defined(_M_X64) || defined(__aarch64__))
#define OIDC_SUPPORTED 1
#else
#define OIDC_SUPPORTED 0
#endif
#endif #endif
#ifdef __APPLE__ #ifdef __APPLE__
#define OIDC_SUPPORTED 1
#define likely(x) __builtin_expect((x),1) #define likely(x) __builtin_expect((x),1)
#define unlikely(x) __builtin_expect((x),0) #define unlikely(x) __builtin_expect((x),0)
#include <TargetConditionals.h> #include <TargetConditionals.h>
@ -66,6 +73,7 @@
#endif #endif
#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) #if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__)
#define OIDC_SUPPORTED 0
#ifndef __UNIX_LIKE__ #ifndef __UNIX_LIKE__
#define __UNIX_LIKE__ #define __UNIX_LIKE__
#endif #endif
@ -81,6 +89,7 @@
#endif #endif
#if defined(_WIN32) || defined(_WIN64) #if defined(_WIN32) || defined(_WIN64)
#define OIDC_SUPPORTED 1
#ifndef __WINDOWS__ #ifndef __WINDOWS__
#define __WINDOWS__ #define __WINDOWS__
#endif #endif

24
service/OneService.cpp
View File

@ -53,7 +53,9 @@
#include "OneService.hpp" #include "OneService.hpp"
#include "SoftwareUpdater.hpp" #include "SoftwareUpdater.hpp"
#if OIDC_SUPPORTED
#include <zeroidc.h> #include <zeroidc.h>
#endif
#ifdef __WINDOWS__ #ifdef __WINDOWS__
#include <winsock2.h> #include <winsock2.h>
@ -169,11 +171,13 @@ public:
this->_managedRoutes.clear(); this->_managedRoutes.clear();
this->_tap.reset(); this->_tap.reset();
#if OIDC_SUPPORTED
if (_idc) { if (_idc) {
zeroidc::zeroidc_stop(_idc); zeroidc::zeroidc_stop(_idc);
zeroidc::zeroidc_delete(_idc); zeroidc::zeroidc_delete(_idc);
_idc = nullptr; _idc = nullptr;
} }
#endif
} }
void setWebPort(unsigned int port) { void setWebPort(unsigned int port) {
@ -251,6 +255,7 @@ public:
if (_config.ssoEnabled && _config.ssoVersion == 1) { if (_config.ssoEnabled && _config.ssoVersion == 1) {
// fprintf(stderr, "ssoEnabled for %s\n", nwid); // fprintf(stderr, "ssoEnabled for %s\n", nwid);
#if OIDC_SUPPORTED
if (_idc == nullptr) if (_idc == nullptr)
{ {
assert(_config.issuerURL != nullptr); assert(_config.issuerURL != nullptr);
@ -290,6 +295,7 @@ public:
// TODO: kick the refresh thread // TODO: kick the refresh thread
zeroidc::zeroidc_kick_refresh_thread(_idc); zeroidc::zeroidc_kick_refresh_thread(_idc);
} }
#endif
} }
} }
@ -306,14 +312,17 @@ public:
} }
const char* getAuthURL() { const char* getAuthURL() {
#if OIDC_SUPPORTED
if (_idc != nullptr) { if (_idc != nullptr) {
return zeroidc::zeroidc_get_auth_url(_idc); return zeroidc::zeroidc_get_auth_url(_idc);
} }
fprintf(stderr, "_idc is null\n"); fprintf(stderr, "_idc is null\n");
#endif
return ""; return "";
} }
const char* doTokenExchange(const char *code) { const char* doTokenExchange(const char *code) {
#if OIDC_SUPPORTED
if (_idc == nullptr) { if (_idc == nullptr) {
fprintf(stderr, "ainfo or idc null\n"); fprintf(stderr, "ainfo or idc null\n");
return ""; return "";
@ -330,6 +339,9 @@ public:
memcpy(_config.authenticationURL, url, strlen(url)); memcpy(_config.authenticationURL, url, strlen(url));
_config.authenticationURL[strlen(url)] = 0; _config.authenticationURL[strlen(url)] = 0;
return ret; return ret;
#else
return "";
#endif
} }
uint64_t getExpiryTime() { uint64_t getExpiryTime() {
@ -337,8 +349,11 @@ public:
fprintf(stderr, "idc is null\n"); fprintf(stderr, "idc is null\n");
return 0; return 0;
} }
#if OIDC_SUPPORTED
return zeroidc::zeroidc_get_exp_time(_idc); return zeroidc::zeroidc_get_exp_time(_idc);
#else
return 0;
#endif
} }
private: private:
@ -348,7 +363,9 @@ private:
std::vector<InetAddress> _managedIps; std::vector<InetAddress> _managedIps;
std::map< InetAddress, SharedPtr<ManagedRoute> > _managedRoutes; std::map< InetAddress, SharedPtr<ManagedRoute> > _managedRoutes;
OneService::NetworkSettings _settings; OneService::NetworkSettings _settings;
#if OIDC_SUPPORTED
zeroidc::ZeroIDC *_idc; zeroidc::ZeroIDC *_idc;
#endif
}; };
namespace { namespace {
@ -1661,10 +1678,10 @@ public:
scode = _controller->handleControlPlaneHttpGET(std::vector<std::string>(ps.begin()+1,ps.end()),urlArgs,headers,body,responseBody,responseContentType); scode = _controller->handleControlPlaneHttpGET(std::vector<std::string>(ps.begin()+1,ps.end()),urlArgs,headers,body,responseBody,responseContentType);
} else scode = 404; } else scode = 404;
} }
#if OIDC_SUPPORTED
} else if (ps[0] == "sso") { } else if (ps[0] == "sso") {
// SSO redirect handling // SSO redirect handling
const char* state = zeroidc::zeroidc_get_url_param_value("state", path.c_str()); const char* state = zeroidc::zeroidc_get_url_param_value("state", path.c_str());
const char* nwid = zeroidc::zeroidc_network_id_from_state(state); const char* nwid = zeroidc::zeroidc_network_id_from_state(state);
const uint64_t id = Utils::hexStrToU64(nwid); const uint64_t id = Utils::hexStrToU64(nwid);
@ -1716,6 +1733,7 @@ div.icon {\
} else { } else {
scode = 404; scode = 404;
} }
#endif
} else { } else {
scode = 401; // isAuth == false && !sso scode = 401; // isAuth == false && !sso
} }

89
zeroidc/Cargo.lock generated
View File

@ -412,19 +412,6 @@ dependencies = [
"want", "want",
] ]
[[package]]
name = "hyper-rustls"
version = "0.23.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d87c48c02e0dc5e3b849a2041db3029fd066650f8f717c07bf8ed78ccb895cac"
dependencies = [
"http",
"hyper",
"rustls",
"tokio",
"tokio-rustls",
]
[[package]] [[package]]
name = "hyper-tls" name = "hyper-tls"
version = "0.5.0" version = "0.5.0"
@ -851,7 +838,6 @@ dependencies = [
"http", "http",
"http-body", "http-body",
"hyper", "hyper",
"hyper-rustls",
"hyper-tls", "hyper-tls",
"ipnet", "ipnet",
"js-sys", "js-sys",
@ -861,19 +847,15 @@ dependencies = [
"native-tls", "native-tls",
"percent-encoding", "percent-encoding",
"pin-project-lite", "pin-project-lite",
"rustls",
"rustls-pemfile",
"serde", "serde",
"serde_json", "serde_json",
"serde_urlencoded", "serde_urlencoded",
"tokio", "tokio",
"tokio-native-tls", "tokio-native-tls",
"tokio-rustls",
"url", "url",
"wasm-bindgen", "wasm-bindgen",
"wasm-bindgen-futures", "wasm-bindgen-futures",
"web-sys", "web-sys",
"webpki-roots",
"winreg", "winreg",
] ]
@ -892,27 +874,6 @@ dependencies = [
"winapi", "winapi",
] ]
[[package]]
name = "rustls"
version = "0.20.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d37e5e2290f3e040b594b1a9e04377c2c671f1a1cfd9bfdef82106ac1c113f84"
dependencies = [
"log",
"ring",
"sct",
"webpki 0.22.0",
]
[[package]]
name = "rustls-pemfile"
version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5eebeaeb360c87bfb72e84abdb3447159c0eaececf1bef2aecd65a8be949d1c9"
dependencies = [
"base64",
]
[[package]] [[package]]
name = "ryu" name = "ryu"
version = "1.0.5" version = "1.0.5"
@ -929,16 +890,6 @@ dependencies = [
"winapi", "winapi",
] ]
[[package]]
name = "sct"
version = "0.7.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d53dcdb7c9f8158937a7981b48accfd39a43af418591a5d008c7b22b5e1b7ca4"
dependencies = [
"ring",
"untrusted",
]
[[package]] [[package]]
name = "security-framework" name = "security-framework"
version = "2.4.2" version = "2.4.2"
@ -1187,17 +1138,6 @@ dependencies = [
"tokio", "tokio",
] ]
[[package]]
name = "tokio-rustls"
version = "0.23.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4baa378e417d780beff82bf54ceb0d195193ea6a00c14e22359e7f39456b5689"
dependencies = [
"rustls",
"tokio",
"webpki 0.22.0",
]
[[package]] [[package]]
name = "tokio-util" name = "tokio-util"
version = "0.6.8" version = "0.6.8"
@ -1421,35 +1361,6 @@ dependencies = [
"wasm-bindgen", "wasm-bindgen",
] ]
[[package]]
name = "webpki"
version = "0.21.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b8e38c0608262c46d4a56202ebabdeb094cef7e560ca7a226c6bf055188aa4ea"
dependencies = [
"ring",
"untrusted",
]
[[package]]
name = "webpki"
version = "0.22.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f095d78192e208183081cc07bc5515ef55216397af48b873e5edcd72637fa1bd"
dependencies = [
"ring",
"untrusted",
]
[[package]]
name = "webpki-roots"
version = "0.21.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "aabe153544e473b775453675851ecc86863d2a81d786d741f6b76778f2a48940"
dependencies = [
"webpki 0.21.4",
]
[[package]] [[package]]
name = "winapi" name = "winapi"
version = "0.3.9" version = "0.3.9"

2
zeroidc/Cargo.toml
View File

@ -12,7 +12,7 @@ crate-type = ["staticlib","rlib"]
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies] [dependencies]
openidconnect = "2.2" openidconnect = { version = "2.2", default-features = false, features = ["reqwest", "native-tls"] }
base64 = "0.13" base64 = "0.13"
url = "2.2" url = "2.2"
reqwest = "0.11" reqwest = "0.11"

81
zeroidc/src/ext.rs
View File

@ -16,6 +16,15 @@ use url::{Url};
use crate::ZeroIDC; use crate::ZeroIDC;
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
#[no_mangle] #[no_mangle]
pub extern "C" fn zeroidc_new( pub extern "C" fn zeroidc_new(
issuer: *const c_char, issuer: *const c_char,
@ -57,6 +66,15 @@ pub extern "C" fn zeroidc_new(
} }
} }
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
#[no_mangle] #[no_mangle]
pub extern "C" fn zeroidc_delete(ptr: *mut ZeroIDC) { pub extern "C" fn zeroidc_delete(ptr: *mut ZeroIDC) {
if ptr.is_null() { if ptr.is_null() {
@ -67,6 +85,15 @@ pub extern "C" fn zeroidc_delete(ptr: *mut ZeroIDC) {
} }
} }
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
#[no_mangle] #[no_mangle]
pub extern "C" fn zeroidc_start(ptr: *mut ZeroIDC) { pub extern "C" fn zeroidc_start(ptr: *mut ZeroIDC) {
let idc = unsafe { let idc = unsafe {
@ -76,6 +103,15 @@ pub extern "C" fn zeroidc_start(ptr: *mut ZeroIDC) {
idc.start(); idc.start();
} }
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
#[no_mangle] #[no_mangle]
pub extern "C" fn zeroidc_stop(ptr: *mut ZeroIDC) { pub extern "C" fn zeroidc_stop(ptr: *mut ZeroIDC) {
let idc = unsafe { let idc = unsafe {
@ -85,6 +121,15 @@ pub extern "C" fn zeroidc_stop(ptr: *mut ZeroIDC) {
idc.stop(); idc.stop();
} }
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
#[no_mangle] #[no_mangle]
pub extern "C" fn zeroidc_is_running(ptr: *mut ZeroIDC) -> bool { pub extern "C" fn zeroidc_is_running(ptr: *mut ZeroIDC) -> bool {
let idc = unsafe { let idc = unsafe {
@ -105,6 +150,15 @@ pub extern "C" fn zeroidc_get_exp_time(ptr: *mut ZeroIDC) -> u64 {
id.get_exp_time() id.get_exp_time()
} }
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
#[no_mangle] #[no_mangle]
pub extern "C" fn zeroidc_set_nonce_and_csrf( pub extern "C" fn zeroidc_set_nonce_and_csrf(
ptr: *mut ZeroIDC, ptr: *mut ZeroIDC,
@ -137,6 +191,15 @@ pub extern "C" fn zeroidc_set_nonce_and_csrf(
idc.set_nonce_and_csrf(csrf_token, nonce); idc.set_nonce_and_csrf(csrf_token, nonce);
} }
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
#[no_mangle] #[no_mangle]
pub extern "C" fn zeroidc_get_auth_url(ptr: *mut ZeroIDC) -> *const c_char { pub extern "C" fn zeroidc_get_auth_url(ptr: *mut ZeroIDC) -> *const c_char {
if ptr.is_null() { if ptr.is_null() {
@ -151,6 +214,15 @@ pub extern "C" fn zeroidc_get_auth_url(ptr: *mut ZeroIDC) -> *const c_char {
return s.into_raw(); return s.into_raw();
} }
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
#[no_mangle] #[no_mangle]
pub extern "C" fn zeroidc_token_exchange(idc: *mut ZeroIDC, code: *const c_char ) -> *const c_char { pub extern "C" fn zeroidc_token_exchange(idc: *mut ZeroIDC, code: *const c_char ) -> *const c_char {
if idc.is_null() { if idc.is_null() {
@ -219,6 +291,15 @@ pub extern "C" fn zeroidc_network_id_from_state(state: *const c_char) -> *const
return s.into_raw(); return s.into_raw();
} }
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
#[no_mangle] #[no_mangle]
pub extern "C" fn zeroidc_kick_refresh_thread(idc: *mut ZeroIDC) { pub extern "C" fn zeroidc_kick_refresh_thread(idc: *mut ZeroIDC) {
if idc.is_null() { if idc.is_null() {

28
zeroidc/src/lib.rs
View File

@ -35,10 +35,28 @@ use time::{OffsetDateTime, format_description};
use url::Url; use url::Url;
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
pub struct ZeroIDC { pub struct ZeroIDC {
inner: Arc<Mutex<Inner>>, inner: Arc<Mutex<Inner>>,
} }
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
struct Inner { struct Inner {
running: bool, running: bool,
auth_endpoint: String, auth_endpoint: String,
@ -88,6 +106,15 @@ fn systemtime_strftime<T>(dt: T, format: &str) -> String
} }
} }
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
impl ZeroIDC { impl ZeroIDC {
pub fn new( pub fn new(
issuer: &str, issuer: &str,
@ -606,4 +633,3 @@ impl ZeroIDC {
}; };
} }
} }