More tracing stuff.

include/ZeroTierOne.h

@@ -257,6 +257,65 @@ extern "C" {
  */
 #define ZT_RULE_PACKET_CHARACTERISTICS_TCP_FIN 0x0000000000000001ULL
 
+// Fields in remote trace dictionaries
+#define ZT_REMOTE_TRACE_FIELD__EVENT "E"
+#define ZT_REMOTE_TRACE_FIELD__PACKET_ID "pid"
+#define ZT_REMOTE_TRACE_FIELD__PACKET_VERB "pv"
+#define ZT_REMOTE_TRACE_FIELD__PACKET_TRUSTED_PATH_ID "ptpid"
+#define ZT_REMOTE_TRACE_FIELD__PACKET_TRUSTED_PATH_APPROVED "ptpok"
+#define ZT_REMOTE_TRACE_FIELD__PACKET_HOPS "phops"
+#define ZT_REMOTE_TRACE_FIELD__OLD_REMOTE_PHYADDR "oldrphy"
+#define ZT_REMOTE_TRACE_FIELD__REMOTE_ZTADDR "rzt"
+#define ZT_REMOTE_TRACE_FIELD__REMOTE_PHYADDR "rphy"
+#define ZT_REMOTE_TRACE_FIELD__LOCAL_ZTADDR "lzt"
+#define ZT_REMOTE_TRACE_FIELD__LOCAL_PHYADDR "lphy"
+#define ZT_REMOTE_TRACE_FIELD__LOCAL_SOCKET "ls"
+#define ZT_REMOTE_TRACE_FIELD__IP_SCOPE "ipsc"
+#define ZT_REMOTE_TRACE_FIELD__NETWORK_ID "nwid"
+#define ZT_REMOTE_TRACE_FIELD__SOURCE_MAC "seth"
+#define ZT_REMOTE_TRACE_FIELD__DEST_MAC "deth"
+#define ZT_REMOTE_TRACE_FIELD__ETHERTYPE "et"
+#define ZT_REMOTE_TRACE_FIELD__VLAN_ID "vlan"
+#define ZT_REMOTE_TRACE_FIELD__FRAME_LENGTH "fl"
+#define ZT_REMOTE_TRACE_FIELD__FRAME_DATA "fd"
+#define ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TYPE "crtype"
+#define ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ID "crid"
+#define ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TIMESTAMP "crts"
+#define ZT_REMOTE_TRACE_FIELD__CREDENTIAL_INFO "crinfo"
+#define ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ISSUED_TO "criss"
+#define ZT_REMOTE_TRACE_FIELD__CREDENTIAL_REVOCATION_TARGET "crrevt"
+#define ZT_REMOTE_TRACE_FIELD__REASON "reason"
+
+// Event types in remote traces
+#define ZT_REMOTE_TRACE_EVENT__RESETTING_PATHS_IN_SCOPE 0x1000
+#define ZT_REMOTE_TRACE_EVENT__TX_TIMED_OUT 0x1001
+#define ZT_REMOTE_TRACE_EVENT__PEER_CONFIRMING_UNKNOWN_PATH 0x1002
+#define ZT_REMOTE_TRACE_EVENT__PEER_LEARNED_NEW_PATH 0x1003
+#define ZT_REMOTE_TRACE_EVENT__PEER_REDIRECTED 0x1004
+#define ZT_REMOTE_TRACE_EVENT__PACKET_MAC_FAILURE 0x1005
+#define ZT_REMOTE_TRACE_EVENT__PACKET_INVALID 0x1006
+#define ZT_REMOTE_TRACE_EVENT__DROPPED_HELLO 0x1006
+#define ZT_REMOTE_TRACE_EVENT__OUTGOING_NETWORK_FRAME_DROPPED 0x2000
+#define ZT_REMOTE_TRACE_EVENT__INCOMING_NETWORK_ACCESS_DENIED 0x2001
+#define ZT_REMOTE_TRACE_EVENT__INCOMING_NETWORK_FRAME_DROPPED 0x2002
+#define ZT_REMOTE_TRACE_EVENT__CREDENTIAL_REJECTED 0x2003
+#define ZT_REMOTE_TRACE_EVENT__CREDENTIAL_ACCEPTED 0x2004
+
+// Event types in remote traces in hex string form
+#define ZT_REMOTE_TRACE_EVENT__RESETTING_PATHS_IN_SCOPE_S "1000"
+#define ZT_REMOTE_TRACE_EVENT__TX_TIMED_OUT_S "1001"
+#define ZT_REMOTE_TRACE_EVENT__PEER_CONFIRMING_UNKNOWN_PATH_S "1002"
+#define ZT_REMOTE_TRACE_EVENT__PEER_LEARNED_NEW_PATH_S "1003"
+#define ZT_REMOTE_TRACE_EVENT__PEER_REDIRECTED_S "1004"
+#define ZT_REMOTE_TRACE_EVENT__PACKET_MAC_FAILURE_S "1005"
+#define ZT_REMOTE_TRACE_EVENT__PACKET_INVALID_S "1006"
+#define ZT_REMOTE_TRACE_EVENT__DROPPED_HELLO_S "1006"
+#define ZT_REMOTE_TRACE_EVENT__OUTGOING_NETWORK_FRAME_DROPPED_S "2000"
+#define ZT_REMOTE_TRACE_EVENT__INCOMING_NETWORK_ACCESS_DENIED_S "2001"
+#define ZT_REMOTE_TRACE_EVENT__INCOMING_NETWORK_FRAME_DROPPED_S "2002"
+#define ZT_REMOTE_TRACE_EVENT__CREDENTIAL_REJECTED_S "2003"
+#define ZT_REMOTE_TRACE_EVENT__CREDENTIAL_ACCEPTED_S "2004"
+
 /****************************************************************************/
 /* Structures and other types                                               */
 /****************************************************************************/

node/Identity.cpp

@@ -157,44 +157,58 @@ char *Identity::toString(bool includePrivate,char buf[ZT_IDENTITY_STRING_BUFFER_
 
 bool Identity::fromString(const char *str)
 {
-	if (!str)
+	if (!str) {
+		_address.zero();
 		return false;
-
+	}
-	char *saveptr = (char *)0;
 	char tmp[ZT_IDENTITY_STRING_BUFFER_LENGTH];
-	if (!Utils::scopy(tmp,sizeof(tmp),str))
+	if (!Utils::scopy(tmp,sizeof(tmp),str)) {
+		_address.zero();
 		return false;
+	}
 
 	delete _privateKey;
 	_privateKey = (C25519::Private *)0;
 
 	int fno = 0;
+	char *saveptr = (char *)0;
 	for(char *f=Utils::stok(tmp,":",&saveptr);(f);f=Utils::stok((char *)0,":",&saveptr)) {
 		switch(fno++) {
 			case 0:
 				_address = Address(Utils::hexStrToU64(f));
-				if (_address.isReserved())
+				if (_address.isReserved()) {
+					_address.zero();
 					return false;
+				}
 				break;
 			case 1:
-				if ((f[0] != '0')||(f[1]))
+				if ((f[0] != '0')||(f[1])) {
+					_address.zero();
 					return false;
+				}
 				break;
 			case 2:
-				if (Utils::unhex(f,_publicKey.data,(unsigned int)_publicKey.size()) != _publicKey.size())
+				if (Utils::unhex(f,_publicKey.data,(unsigned int)_publicKey.size()) != _publicKey.size()) {
+					_address.zero();
 					return false;
+				}
 				break;
 			case 3:
 				_privateKey = new C25519::Private();
-				if (Utils::unhex(f,_privateKey->data,(unsigned int)_privateKey->size()) != _privateKey->size())
+				if (Utils::unhex(f,_privateKey->data,(unsigned int)_privateKey->size()) != _privateKey->size()) {
+					_address.zero();
 					return false;
+				}
 				break;
 			default:
+				_address.zero();
 				return false;
 		}
 	}
-	if (fno < 3)
+	if (fno < 3) {
+		_address.zero();
 		return false;
+	}
 
 	return true;
 }

node/Node.cpp

@@ -78,7 +78,7 @@ Node::Node(void *uptr,void *tptr,const struct ZT_Node_Callbacks *callbacks,uint6
 
 	uint64_t idtmp[2];
 	idtmp[0] = 0; idtmp[1] = 0;
-	char tmp[1024];
+	char tmp[2048];
 	int n = stateObjectGet(tptr,ZT_STATE_OBJECT_IDENTITY_SECRET,idtmp,tmp,sizeof(tmp) - 1);
 	if (n > 0) {
 		tmp[n] = (char)0;
@@ -92,21 +92,18 @@ Node::Node(void *uptr,void *tptr,const struct ZT_Node_Callbacks *callbacks,uint6
 
 	if (n <= 0) {
 		RR->identity.generate();
-		idtmp[0] = RR->identity.address().toInt(); idtmp[1] = 0;
 		RR->identity.toString(false,RR->publicIdentityStr);
 		RR->identity.toString(true,RR->secretIdentityStr);
+		idtmp[0] = RR->identity.address().toInt(); idtmp[1] = 0;
 		stateObjectPut(tptr,ZT_STATE_OBJECT_IDENTITY_SECRET,idtmp,RR->secretIdentityStr,(unsigned int)strlen(RR->secretIdentityStr));
 		stateObjectPut(tptr,ZT_STATE_OBJECT_IDENTITY_PUBLIC,idtmp,RR->publicIdentityStr,(unsigned int)strlen(RR->publicIdentityStr));
 	} else {
 		idtmp[0] = RR->identity.address().toInt(); idtmp[1] = 0;
 		n = stateObjectGet(tptr,ZT_STATE_OBJECT_IDENTITY_PUBLIC,idtmp,tmp,sizeof(tmp) - 1);
-		if (n > 0) {
+		if ((n > 0)&&(n < sizeof(RR->publicIdentityStr))&&(n < sizeof(tmp))) {
-			tmp[n] = (char)0;
+			if (memcmp(tmp,RR->publicIdentityStr,n))
-			if (RR->publicIdentityStr != tmp)
+				stateObjectPut(tptr,ZT_STATE_OBJECT_IDENTITY_PUBLIC,idtmp,RR->publicIdentityStr,(unsigned int)strlen(RR->publicIdentityStr));
-				n = -1;
 		}
-		if (n <= 0)
-			stateObjectPut(tptr,ZT_STATE_OBJECT_IDENTITY_PUBLIC,idtmp,RR->publicIdentityStr,(unsigned int)strlen(RR->publicIdentityStr));
 	}
 
 	try {

node/Trace.cpp

@@ -39,101 +39,6 @@
 
 namespace ZeroTier {
 
-// Defining ZT_TRACE causes debug tracing messages to be dumped to stderr
-#ifdef ZT_TRACE
-
-static const char *packetVerbString(Packet::Verb v)
-{
-	switch(v) {
-		case Packet::VERB_NOP: return "NOP";
-		case Packet::VERB_HELLO: return "HELLO";
-		case Packet::VERB_ERROR: return "ERROR";
-		case Packet::VERB_OK: return "OK";
-		case Packet::VERB_WHOIS: return "WHOIS";
-		case Packet::VERB_RENDEZVOUS: return "RENDEZVOUS";
-		case Packet::VERB_FRAME: return "FRAME";
-		case Packet::VERB_EXT_FRAME: return "EXT_FRAME";
-		case Packet::VERB_ECHO: return "ECHO";
-		case Packet::VERB_MULTICAST_LIKE: return "MULTICAST_LIKE";
-		case Packet::VERB_NETWORK_CREDENTIALS: return "NETWORK_CREDENTIALS";
-		case Packet::VERB_NETWORK_CONFIG_REQUEST: return "NETWORK_CONFIG_REQUEST";
-		case Packet::VERB_NETWORK_CONFIG: return "NETWORK_CONFIG";
-		case Packet::VERB_MULTICAST_GATHER: return "MULTICAST_GATHER";
-		case Packet::VERB_MULTICAST_FRAME: return "MULTICAST_FRAME";
-		case Packet::VERB_PUSH_DIRECT_PATHS: return "PUSH_DIRECT_PATHS";
-		case Packet::VERB_USER_MESSAGE: return "USER_MESSAGE";
-		case Packet::VERB_REMOTE_TRACE: return "REMOTE_TRACE";
-	}
-	return "(unknown)";
-}
-
-static const char *packetErrorString(Packet::ErrorCode e)
-{
-	switch(e) {
-		case Packet::ERROR_NONE: return "NONE";
-		case Packet::ERROR_INVALID_REQUEST: return "INVALID_REQUEST";
-		case Packet::ERROR_BAD_PROTOCOL_VERSION: return "BAD_PROTOCOL_VERSION";
-		case Packet::ERROR_OBJ_NOT_FOUND: return "OBJECT_NOT_FOUND";
-		case Packet::ERROR_IDENTITY_COLLISION: return "IDENTITY_COLLISION";
-		case Packet::ERROR_UNSUPPORTED_OPERATION: return "UNSUPPORTED_OPERATION";
-		case Packet::ERROR_NEED_MEMBERSHIP_CERTIFICATE: return "NEED_MEMBERSHIP_CERTIFICATE";
-		case Packet::ERROR_NETWORK_ACCESS_DENIED_: return "NETWORK_ACCESS_DENIED";
-		case Packet::ERROR_UNWANTED_MULTICAST: return "UNWANTED_MULTICAST";
-	}
-	return "(unknown)";
-}
-
-#define TRprintf(f,...) { fprintf(stderr,(f),__VA_ARGS__); fflush(stderr); }
-
-#else
-
-#define TRprintf(f,...) 
-
-#endif // ZT_TRACE
-
-#define ZT_REMOTE_TRACE_FIELD__EVENT "E"
-#define ZT_REMOTE_TRACE_FIELD__PACKET_ID "pid"
-#define ZT_REMOTE_TRACE_FIELD__PACKET_VERB "pv"
-#define ZT_REMOTE_TRACE_FIELD__PACKET_TRUSTED_PATH_ID "ptpid"
-#define ZT_REMOTE_TRACE_FIELD__PACKET_TRUSTED_PATH_APPROVED "ptpok"
-#define ZT_REMOTE_TRACE_FIELD__PACKET_HOPS "phops"
-#define ZT_REMOTE_TRACE_FIELD__OLD_REMOTE_PHYADDR "oldrphy"
-#define ZT_REMOTE_TRACE_FIELD__REMOTE_ZTADDR "rzt"
-#define ZT_REMOTE_TRACE_FIELD__REMOTE_PHYADDR "rphy"
-#define ZT_REMOTE_TRACE_FIELD__LOCAL_ZTADDR "lzt"
-#define ZT_REMOTE_TRACE_FIELD__LOCAL_PHYADDR "lphy"
-#define ZT_REMOTE_TRACE_FIELD__LOCAL_SOCKET "ls"
-#define ZT_REMOTE_TRACE_FIELD__IP_SCOPE "ipsc"
-#define ZT_REMOTE_TRACE_FIELD__NETWORK_ID "nwid"
-#define ZT_REMOTE_TRACE_FIELD__SOURCE_MAC "seth"
-#define ZT_REMOTE_TRACE_FIELD__DEST_MAC "deth"
-#define ZT_REMOTE_TRACE_FIELD__ETHERTYPE "et"
-#define ZT_REMOTE_TRACE_FIELD__VLAN_ID "vlan"
-#define ZT_REMOTE_TRACE_FIELD__FRAME_LENGTH "fl"
-#define ZT_REMOTE_TRACE_FIELD__FRAME_DATA "fd"
-#define ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TYPE "credtype"
-#define ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ID "credid"
-#define ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TIMESTAMP "credts"
-#define ZT_REMOTE_TRACE_FIELD__CREDENTIAL_INFO "credinfo"
-#define ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ISSUED_TO "crediss"
-#define ZT_REMOTE_TRACE_FIELD__CREDENTIAL_REVOCATION_TARGET "credRt"
-#define ZT_REMOTE_TRACE_FIELD__REASON "reason"
-
-#define ZT_REMOTE_TRACE_EVENT__RESETTING_PATHS_IN_SCOPE_S "1000"
-#define ZT_REMOTE_TRACE_EVENT__TX_TIMED_OUT_S "1001"
-#define ZT_REMOTE_TRACE_EVENT__PEER_CONFIRMING_UNKNOWN_PATH_S "1002"
-#define ZT_REMOTE_TRACE_EVENT__PEER_LEARNED_NEW_PATH_S "1003"
-#define ZT_REMOTE_TRACE_EVENT__PEER_REDIRECTED_S "1004"
-#define ZT_REMOTE_TRACE_EVENT__PACKET_MAC_FAILURE_S "1005"
-#define ZT_REMOTE_TRACE_EVENT__PACKET_INVALID_S "1006"
-#define ZT_REMOTE_TRACE_EVENT__DROPPED_HELLO_S "1006"
-
-#define ZT_REMOTE_TRACE_EVENT__OUTGOING_NETWORK_FRAME_DROPPED_S "2000"
-#define ZT_REMOTE_TRACE_EVENT__INCOMING_NETWORK_ACCESS_DENIED_S "2001"
-#define ZT_REMOTE_TRACE_EVENT__INCOMING_NETWORK_FRAME_DROPPED_S "2002"
-#define ZT_REMOTE_TRACE_EVENT__CREDENTIAL_REJECTED_S "2003"
-#define ZT_REMOTE_TRACE_EVENT__CREDENTIAL_ACCEPTED_S "2004"
-
 void Trace::resettingPathsInScope(void *const tPtr,const Address &reporter,const InetAddress &reporterPhysicalAddress,const InetAddress &myPhysicalAddress,const InetAddress::IpScope scope)
 {
 	char tmp[128];
@@ -328,6 +233,7 @@ void Trace::credentialRejected(void *const tPtr,const CertificateOfMembership &c
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ISSUED_TO,c.issuedTo());
 	if (reason)
 		d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
+	_send(tPtr,d,0);
 }
 
 void Trace::credentialRejected(void *const tPtr,const CertificateOfOwnership &c,const char *reason)
@@ -341,6 +247,7 @@ void Trace::credentialRejected(void *const tPtr,const CertificateOfOwnership &c,
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ISSUED_TO,c.issuedTo());
 	if (reason)
 		d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
+	_send(tPtr,d,0);
 }
 
 void Trace::credentialRejected(void *const tPtr,const CertificateOfRepresentation &c,const char *reason)
@@ -352,6 +259,7 @@ void Trace::credentialRejected(void *const tPtr,const CertificateOfRepresentatio
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TIMESTAMP,c.timestamp());
 	if (reason)
 		d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
+	_send(tPtr,d,0);
 }
 
 void Trace::credentialRejected(void *const tPtr,const Capability &c,const char *reason)
@@ -365,6 +273,7 @@ void Trace::credentialRejected(void *const tPtr,const Capability &c,const char *
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ISSUED_TO,c.issuedTo());
 	if (reason)
 		d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
+	_send(tPtr,d,0);
 }
 
 void Trace::credentialRejected(void *const tPtr,const Tag &c,const char *reason)
@@ -379,6 +288,7 @@ void Trace::credentialRejected(void *const tPtr,const Tag &c,const char *reason)
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_INFO,(uint64_t)c.value());
 	if (reason)
 		d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
+	_send(tPtr,d,0);
 }
 
 void Trace::credentialRejected(void *const tPtr,const Revocation &c,const char *reason)
@@ -391,6 +301,7 @@ void Trace::credentialRejected(void *const tPtr,const Revocation &c,const char *
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_REVOCATION_TARGET,c.target());
 	if (reason)
 		d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
+	_send(tPtr,d,0);
 }
 
 void Trace::credentialAccepted(void *const tPtr,const CertificateOfMembership &c)
@@ -402,6 +313,7 @@ void Trace::credentialAccepted(void *const tPtr,const CertificateOfMembership &c
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ID,(uint64_t)c.id());
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TIMESTAMP,c.timestamp());
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ISSUED_TO,c.issuedTo());
+	_send(tPtr,d,0);
 }
 
 void Trace::credentialAccepted(void *const tPtr,const CertificateOfOwnership &c)
@@ -413,6 +325,7 @@ void Trace::credentialAccepted(void *const tPtr,const CertificateOfOwnership &c)
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ID,(uint64_t)c.id());
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TIMESTAMP,c.timestamp());
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ISSUED_TO,c.issuedTo());
+	_send(tPtr,d,0);
 }
 
 void Trace::credentialAccepted(void *const tPtr,const CertificateOfRepresentation &c)
@@ -422,6 +335,7 @@ void Trace::credentialAccepted(void *const tPtr,const CertificateOfRepresentatio
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TYPE,(uint64_t)c.credentialType());
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ID,(uint64_t)c.id());
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TIMESTAMP,c.timestamp());
+	_send(tPtr,d,0);
 }
 
 void Trace::credentialAccepted(void *const tPtr,const Capability &c)
@@ -433,6 +347,7 @@ void Trace::credentialAccepted(void *const tPtr,const Capability &c)
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ID,(uint64_t)c.id());
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TIMESTAMP,c.timestamp());
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ISSUED_TO,c.issuedTo());
+	_send(tPtr,d,0);
 }
 
 void Trace::credentialAccepted(void *const tPtr,const Tag &c)
@@ -445,6 +360,7 @@ void Trace::credentialAccepted(void *const tPtr,const Tag &c)
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TIMESTAMP,c.timestamp());
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ISSUED_TO,c.issuedTo());
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_INFO,(uint64_t)c.value());
+	_send(tPtr,d,0);
 }
 
 void Trace::credentialAccepted(void *const tPtr,const Revocation &c)
@@ -455,10 +371,33 @@ void Trace::credentialAccepted(void *const tPtr,const Revocation &c)
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TYPE,(uint64_t)c.credentialType());
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ID,(uint64_t)c.id());
 	d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_REVOCATION_TARGET,c.target());
+	_send(tPtr,d,0);
 }
 
 void Trace::_send(void *const tPtr,const Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> &d)
 {
+#ifdef ZT_TRACE
+	unsigned int i = 0;
+	while (i < (unsigned int)(sizeof(_traceMsgBuf) - 1)) {
+		const char c = d.data()[i];
+		if (c == 0) {
+			break;
+		} else if (c == '\n') {
+			_traceMsgBuf[i++] = ' ';
+		} else if ((c >= 32)&&(c <= 126)) {
+			_traceMsgBuf[i++] = c;
+		} else {
+			if ((i + 3) < (unsigned int)(sizeof(_traceMsgBuf) - 1)) {
+				_traceMsgBuf[i++] = '\\';
+				Utils::hex((uint8_t)c,_traceMsgBuf + i);
+			}
+		}
+	}
+	_traceMsgBuf[i] = (char)0;
+	//printf("%s\n",_traceMsgBuf);
+	RR->node->postEvent(tPtr,ZT_EVENT_TRACE,_traceMsgBuf);
+#endif
+
 	const Address rtt(RR->node->remoteTraceTarget());
 	if (rtt) {
 		Packet outp(rtt,RR->identity.address(),Packet::VERB_REMOTE_TRACE);

node/Trace.hpp

@@ -155,6 +155,10 @@ private:
 	void _send(void *const tPtr,const Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> &d);
 	void _send(void *const tPtr,const Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> &d,const uint64_t networkId);
 	void _send(void *const tPtr,const Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> &d,const SharedPtr<Network> &network);
+
+#ifdef ZT_TRACE
+	char _traceMsgBuf[4096];
+#endif
 };
 
 } // namespace ZeroTier

node/Utils.hpp

@@ -150,8 +150,8 @@ public:
 	{
 		char *save = s;
 		for(unsigned int i=0;i<l;++i) {
-			unsigned int b = reinterpret_cast<const uint8_t *>(d)[i];
+			const unsigned int b = reinterpret_cast<const uint8_t *>(d)[i];
-			*(s++) = HEXCHARS[(b >> 4) & 0xf];
+			*(s++) = HEXCHARS[b >> 4];
 			*(s++) = HEXCHARS[b & 0xf];
 		}
 		*s = (char)0;
@@ -162,18 +162,18 @@ public:
 	{
 		unsigned int l = 0;
 		while (l < buflen) {
-			uint8_t hc = (uint8_t)*(h++);
+			uint8_t hc = *(reinterpret_cast<const uint8_t *>(h++));
 			if (!hc) break;
 
 			uint8_t c = 0;
-			if ((hc >= 48)&&(hc <= 57))
+			if ((hc >= 48)&&(hc <= 57)) // 0..9
 				c = hc - 48;
-			else if ((hc >= 97)&&(hc <= 102))
+			else if ((hc >= 97)&&(hc <= 102)) // a..f
 				c = hc - 87;
-			else if ((hc >= 65)&&(hc <= 70))
+			else if ((hc >= 65)&&(hc <= 70)) // A..F
 				c = hc - 55;
 
-			hc = (uint8_t)*(h++);
+			hc = *(reinterpret_cast<const uint8_t *>(h++));
 			if (!hc) break;
 
 			c <<= 4;
@@ -195,7 +195,7 @@ public:
 		const char *hend = h + hlen;
 		while (l < buflen) {
 			if (h == hend) break;
-			uint8_t hc = (uint8_t)*(h++);
+			uint8_t hc = *(reinterpret_cast<const uint8_t *>(h++));
 			if (!hc) break;
 
 			uint8_t c = 0;
@@ -207,7 +207,7 @@ public:
 				c = hc - 55;
 
 			if (h == hend) break;
-			hc = (uint8_t)*(h++);
+			hc = *(reinterpret_cast<const uint8_t *>(h++));
 			if (!hc) break;
 
 			c <<= 4;

osdep/Binder.hpp

@@ -58,6 +58,7 @@
 #include <utility>
 #include <map>
 #include <set>
+#include <atomic>
 
 #include "../node/NonCopyable.hpp"
 #include "../node/InetAddress.hpp"
@@ -70,6 +71,9 @@
 // Period between refreshes of bindings
 #define ZT_BINDER_REFRESH_PERIOD 30000
 
+// Max number of bindings
+#define ZT_BINDER_MAX_BINDINGS 128
+
 namespace ZeroTier {
 
 /**
@@ -95,7 +99,7 @@ private:
 	};
 
 public:
-	Binder() {}
+	Binder() : _bindingCount(0) {}
 
 	/**
 	 * Close all bound ports, should be called on shutdown
@@ -106,10 +110,11 @@ public:
 	void closeAll(Phy<PHY_HANDLER_TYPE> &phy)
 	{
 		Mutex::Lock _l(_lock);
-		for(std::vector<_Binding>::iterator b(_bindings.begin());b!=_bindings.end();++b) {
+		for(unsigned int b=0,c=_bindingCount;b<c;++b) {
-			phy.close(b->udpSock,false);
+			phy.close(_bindings[b].udpSock,false);
-			phy.close(b->tcpListenSock,false);
+			phy.close(_bindings[b].tcpListenSock,false);
 		}
+		_bindingCount = 0;
 	}
 
 	/**
@@ -321,27 +326,34 @@ public:
 			}
 		}
 
-		std::vector<_Binding> newBindings;
+		const unsigned int oldBindingCount = _bindingCount;
+		_bindingCount = 0;
 
 		// Save bindings that are still valid, close those that are not
-		for(std::vector<_Binding>::iterator b(_bindings.begin());b!=_bindings.end();++b) {
+		for(unsigned int b=0;b<oldBindingCount;++b) {
-			if (localIfAddrs.find(b->address) != localIfAddrs.end()) {
+			if (localIfAddrs.find(_bindings[b].address) != localIfAddrs.end()) {
-				newBindings.push_back(*b);
+				if (_bindingCount != b)
+					_bindings[(unsigned int)_bindingCount] = _bindings[b];
+				++_bindingCount;
 			} else {
-				phy.close(b->udpSock,false);
+				PhySocket *const udps = _bindings[b].udpSock;
-				phy.close(b->tcpListenSock,false);
+				PhySocket *const tcps = _bindings[b].tcpListenSock;
+				_bindings[b].udpSock = (PhySocket *)0;
+				_bindings[b].tcpListenSock = (PhySocket *)0;
+				phy.close(udps,false);
+				phy.close(tcps,false);
 			}
 		}
 
 		// Create new bindings for those not already bound
 		for(std::map<InetAddress,std::string>::const_iterator ii(localIfAddrs.begin());ii!=localIfAddrs.end();++ii) {
-			typename std::vector<_Binding>::const_iterator bi(newBindings.begin());
+			unsigned int bi = 0;
-			while (bi != newBindings.end()) {
+			while (bi != _bindingCount) {
-				if (bi->address == ii->first)
+				if (_bindings[bi].address == ii->first)
 					break;
 				++bi;
 			}
-			if (bi == newBindings.end()) {
+			if (bi == _bindingCount) {
 				udps = phy.udpBind(reinterpret_cast<const struct sockaddr *>(&(ii->first)),(void *)0,ZT_UDP_DESIRED_BUF_SIZE);
 				tcps = phy.tcpListen(reinterpret_cast<const struct sockaddr *>(&(ii->first)),(void *)0);
 				if ((udps)&&(tcps)) {
@@ -358,15 +370,18 @@ public:
 							setsockopt(fd,SOL_SOCKET,SO_BINDTODEVICE,tmp,strlen(tmp));
 					}
 #endif // __LINUX__
-					newBindings.push_back(_Binding());
+					if (_bindingCount < ZT_BINDER_MAX_BINDINGS) {
-					newBindings.back().udpSock = udps;
+						_bindings[_bindingCount].udpSock = udps;
-					newBindings.back().tcpListenSock = tcps;
+						_bindings[_bindingCount].tcpListenSock = tcps;
-					newBindings.back().address = ii->first;
+						_bindings[_bindingCount].address = ii->first;
+						++_bindingCount;
+					}
+				} else {
+					phy.close(udps,false);
+					phy.close(tcps,false);
 				}
 			}
 		}
-
-		_bindings.swap(newBindings);
 	}
 
 	/**
@@ -376,8 +391,8 @@ public:
 	{
 		std::vector<InetAddress> aa;
 		Mutex::Lock _l(_lock);
-		for(std::vector<_Binding>::const_iterator b(_bindings.begin());b!=_bindings.end();++b)
+		for(unsigned int b=0,c=_bindingCount;b<c;++b)
-			aa.push_back(b->address);
+			aa.push_back(_bindings[b].address);
 		return aa;
 	}
 
@@ -389,10 +404,10 @@ public:
 	{
 		bool r = false;
 		Mutex::Lock _l(_lock);
-		for(std::vector<_Binding>::const_iterator b(_bindings.begin());b!=_bindings.end();++b) {
+		for(unsigned int b=0,c=_bindingCount;b<c;++b) {
-			if (ttl) phy.setIp4UdpTtl(b->udpSock,ttl);
+			if (ttl) phy.setIp4UdpTtl(_bindings[b].udpSock,ttl);
-			if (phy.udpSend(b->udpSock,(const struct sockaddr *)addr,data,len)) r = true;
+			if (phy.udpSend(_bindings[b].udpSock,(const struct sockaddr *)addr,data,len)) r = true;
-			if (ttl) phy.setIp4UdpTtl(b->udpSock,255);
+			if (ttl) phy.setIp4UdpTtl(_bindings[b].udpSock,255);
 		}
 		return r;
 	}
@@ -404,15 +419,31 @@ public:
 	inline bool isBoundLocalInterfaceAddress(const InetAddress &addr) const
 	{
 		Mutex::Lock _l(_lock);
-		for(std::vector<_Binding>::const_iterator b(_bindings.begin());b!=_bindings.end();++b) {
+		for(unsigned int b=0;b<_bindingCount;++b) {
-			if (b->address == addr)
+			if (_bindings[b].address == addr)
 				return true;
 		}
 		return false;
 	}
 
+	/**
+	 * Quickly check that a UDP socket is valid
+	 *
+	 * @param udpSock UDP socket to check
+	 * @return True if socket is currently bound/allocated
+	 */
+	inline bool isUdpSocketValid(PhySocket *const udpSock)
+	{
+		for(unsigned int b=0,c=_bindingCount;b<c;++b) {
+			if (_bindings[b].udpSock == udpSock)
+				return (b < _bindingCount); // double check atomic which may have changed
+		}
+		return false;
+	}
+
 private:
-	std::vector<_Binding> _bindings;
+	_Binding _bindings[ZT_BINDER_MAX_BINDINGS];
+	std::atomic<unsigned int> _bindingCount;
 	Mutex _lock;
 };
 

selftest.cpp

@@ -633,33 +633,25 @@ static int testPacket()
 	return 0;
 }
 
-static void _testExcept(int &depth)
-{
-	if (depth >= 16) {
-		throw std::runtime_error("LOL!");
-	} else {
-		++depth;
-		_testExcept(depth);
-	}
-}
-
 static int testOther()
 {
 	char buf[1024];
+	char buf2[4096];
+	char buf3[1024];
 
-	std::cout << "[other] Testing C++ exceptions... "; std::cout.flush();
+	std::cout << "[other] Testing hex/unhex... "; std::cout.flush();
-	int depth = 0;
+	Utils::getSecureRandom(buf,(unsigned int)sizeof(buf));
-	try {
+	Utils::hex(buf,(unsigned int)sizeof(buf),buf2);
-		_testExcept(depth);
+	Utils::unhex(buf2,buf3,(unsigned int)sizeof(buf3));
-	} catch (std::runtime_error &e) {
+	if (memcmp(buf,buf3,sizeof(buf)) == 0) {
-		if (depth == 16) {
+		std::cout << "PASS" << std::endl;
-			std::cout << "OK" << std::endl;
+	} else {
-		} else {
+		std::cout << "FAIL!" << std::endl;
-			std::cout << "ERROR (depth not 16)" << std::endl;
+		buf2[78] = 0;
-			return -1;
+		std::cout << buf2 << std::endl;
-		}
+		Utils::hex(buf3,(unsigned int)sizeof(buf3),buf2);
-	} catch ( ... ) {
+		buf2[78] = 0;
-		std::cout << "ERROR (exception not std::runtime_error)" << std::endl;
+		std::cout << buf2 << std::endl;
 		return -1;
 	}
 

service/OneService.cpp

@@ -658,16 +658,18 @@ public:
 				return _termReason;
 			}
 
-			// Bind local control socket
+			// Bind TCP control socket to 127.0.0.1 and ::1 as well for loopback TCP control socket queries
 			{
 				struct sockaddr_in lo4;
 				memset(&lo4,0,sizeof(lo4));
 				lo4.sin_family = AF_INET;
+				lo4.sin_addr.s_addr = Utils::hton((uint32_t)0x7f000001);
 				lo4.sin_port = Utils::hton((uint16_t)_ports[0]);
 				_localControlSocket4 = _phy.tcpListen((const struct sockaddr *)&lo4);
 				struct sockaddr_in6 lo6;
 				memset(&lo6,0,sizeof(lo6));
 				lo6.sin6_family = AF_INET6;
+				lo6.sin6_addr.s6_addr[15] = 1;
 				lo6.sin6_port = lo4.sin_port;
 				_localControlSocket6 = _phy.tcpListen((const struct sockaddr *)&lo6);
 			}
@@ -1661,12 +1663,11 @@ public:
 	{
 		if ((len >= 16)&&(reinterpret_cast<const InetAddress *>(from)->ipScope() == InetAddress::IP_SCOPE_GLOBAL))
 			_lastDirectReceiveFromGlobal = OSUtils::now();
-
 		const ZT_ResultCode rc = _node->processWirePacket(
 			(void *)0,
 			OSUtils::now(),
-			(int64_t)((uintptr_t)sock),
+			reinterpret_cast<int64_t>(sock),
-			(const struct sockaddr_storage *)from, // Phy<> uses sockaddr_storage, so it'll always be that big
+			reinterpret_cast<const struct sockaddr_storage *>(from), // Phy<> uses sockaddr_storage, so it'll always be that big
 			data,
 			len,
 			&_nextBackgroundTaskDeadline);
@@ -2200,7 +2201,7 @@ public:
 		// proxy fallback, which is slow.
 #endif // ZT_TCP_FALLBACK_RELAY
 
-		if ((localSocket != 0)&&(localSocket != -1)) {
+		if ((localSocket != -1)&&(localSocket != 0)&&(_binder.isUdpSocketValid((PhySocket *)((uintptr_t)localSocket)))) {
 			if ((ttl)&&(addr->ss_family == AF_INET)) _phy.setIp4UdpTtl((PhySocket *)((uintptr_t)localSocket),ttl);
 			const bool r = _phy.udpSend((PhySocket *)((uintptr_t)localSocket),(const struct sockaddr *)addr,data,len);
 			if ((ttl)&&(addr->ss_family == AF_INET)) _phy.setIp4UdpTtl((PhySocket *)((uintptr_t)localSocket),255);