Signing of Capability and Tag objects.

This commit is contained in:
Adam Ierymenko 2016-08-22 14:25:59 -07:00
parent 9827b8991d
commit b0d888d235
2 changed files with 33 additions and 6 deletions

View File

@ -548,8 +548,7 @@ NetworkController::ResultCode EmbeddedNetworkController::doNetworkConfigRequest(
for(unsigned long i=0;i<rules.size();++i) { for(unsigned long i=0;i<rules.size();++i) {
if (nc.ruleCount >= ZT_MAX_NETWORK_RULES) if (nc.ruleCount >= ZT_MAX_NETWORK_RULES)
break; break;
auto rule = rules[i]; if (_parseRule(rules[i],nc.rules[nc.ruleCount]))
if (_parseRule(rule,nc.rules[nc.ruleCount]))
++nc.ruleCount; ++nc.ruleCount;
} }
} }
@ -559,18 +558,47 @@ NetworkController::ResultCode EmbeddedNetworkController::doNetworkConfigRequest(
for(unsigned long i=0;i<capabilities.size();++i) { for(unsigned long i=0;i<capabilities.size();++i) {
auto cap = capabilities[i]; auto cap = capabilities[i];
if (cap.is_object()) if (cap.is_object())
capsById[_jI(cap["id"],0ULL)] = cap; capsById[_jI(cap["id"],0ULL) & 0xffffffffULL] = cap;
} }
for(unsigned long i=0;i<memberCapabilities.size();++i) { for(unsigned long i=0;i<memberCapabilities.size();++i) {
const uint64_t capId = _jI(memberCapabilities[i],0ULL); const uint64_t capId = _jI(memberCapabilities[i],0ULL) & 0xffffffffULL;
json &cap = capsById[capId]; json &cap = capsById[capId];
if ((cap.is_object())&&(cap.size() > 0)) { if ((cap.is_object())&&(cap.size() > 0)) {
ZT_VirtualNetworkRule capr[ZT_MAX_CAPABILITY_RULES];
unsigned int caprc = 0;
auto caprj = cap["rules"];
if ((caprj.is_array())&&(caprj.size() > 0)) {
for(unsigned long j=0;j<caprj.size();++j) {
if (caprc >= ZT_MAX_CAPABILITY_RULES)
break;
if (_parseRule(caprj[j],capr[caprc]))
++caprc;
}
}
nc.capabilities[nc.capabilityCount] = Capability((uint32_t)capId,nwid,now,now + ZT_NETWORK_COM_DEFAULT_REVISION_MAX_DELTA,1,capr,caprc);
if (nc.capabilities[nc.capabilityCount].sign(signingId,identity.address()))
++nc.capabilityCount;
if (nc.capabilityCount >= ZT_MAX_NETWORK_CAPABILITIES)
break;
} }
} }
} }
if (memberTags.is_array()) { if (memberTags.is_array()) {
std::map< uint32_t,uint32_t > tagsById;
for(unsigned long i=0;i<memberTags.size();++i) {
auto t = memberTags[i];
if ((t.is_array())&&(t.size() == 2))
tagsById[(uint32_t)(_jI(t[0],0ULL) & 0xffffffffULL)] = (uint32_t)(_jI(t[1],0ULL) & 0xffffffffULL);
}
for(std::map< uint32_t,uint32_t >::const_iterator t(tagsById.begin());t!=tagsById.end();++t) {
if (nc.tagCount >= ZT_MAX_NETWORK_TAGS)
break;
nc.tags[nc.tagCount] = Tag(nwid,now,now + ZT_NETWORK_COM_DEFAULT_REVISION_MAX_DELTA,identity.address(),t->first,t->second);
if (nc.tags[nc.tagCount].sign(signingId))
++nc.tagCount;
}
} }
if (routes.is_array()) { if (routes.is_array()) {

View File

@ -73,12 +73,11 @@ public:
* @param nwid Network ID * @param nwid Network ID
* @param ts Timestamp (at controller) * @param ts Timestamp (at controller)
* @param expiration Expiration relative to network config timestamp * @param expiration Expiration relative to network config timestamp
* @param name Capability short name (max strlen == ZT_MAX_CAPABILITY_NAME_LENGTH, overflow ignored)
* @param mccl Maximum custody chain length (1 to create non-transferrable capability) * @param mccl Maximum custody chain length (1 to create non-transferrable capability)
* @param rules Network flow rules for this capability * @param rules Network flow rules for this capability
* @param ruleCount Number of flow rules * @param ruleCount Number of flow rules
*/ */
Capability(uint32_t id,uint64_t nwid,uint64_t ts,uint64_t expiration,const char *name,unsigned int mccl,const ZT_VirtualNetworkRule *rules,unsigned int ruleCount) Capability(uint32_t id,uint64_t nwid,uint64_t ts,uint64_t expiration,unsigned int mccl,const ZT_VirtualNetworkRule *rules,unsigned int ruleCount)
{ {
memset(this,0,sizeof(Capability)); memset(this,0,sizeof(Capability));
_nwid = nwid; _nwid = nwid;