mirror of
https://github.com/zerotier/ZeroTierOne.git
synced 2024-12-20 21:43:08 +00:00
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev
This commit is contained in:
commit
c6682f2a3f
68
.drone.jsonnet
Normal file
68
.drone.jsonnet
Normal file
@ -0,0 +1,68 @@
|
||||
|
||||
local targets = [
|
||||
//
|
||||
// Render these into .drone.yaml by running "make drone"
|
||||
//
|
||||
{ "os": "linux", "name": "el9", "isas": [ "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "tag" ] },
|
||||
{ "os": "linux", "name": "el8", "isas": [ "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "tag" ] },
|
||||
{ "os": "linux", "name": "el7", "isas": [ "amd64", "ppc64le"], "events": [ "tag" ] },
|
||||
{ "os": "linux", "name": "el6", "isas": [ "amd64" ], "events": [ "tag" ] },
|
||||
{ "os": "linux", "name": "amzn2", "isas": [ "amd64", "arm64" ], "events": [ "tag" ] },
|
||||
{ "os": "linux", "name": "fc37", "isas": [ "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "tag" ] },
|
||||
{ "os": "linux", "name": "fc36", "isas": [ "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "tag" ] },
|
||||
{ "os": "linux", "name": "fc35", "isas": [ "amd64", "arm64", "ppc64le", "s390x" ], "events": [ "tag" ] },
|
||||
{ "os": "linux", "name": "jammy", "isas": [ "amd64", "arm64", "armv7", "riscv64", "ppc64le", "s390x" ], "events": [ "tag" ] },
|
||||
{ "os": "linux", "name": "focal", "isas": [ "amd64", "arm64", "armv7", "riscv64", "ppc64le" ], "events": [ "tag" ] },
|
||||
{ "os": "linux", "name": "bionic", "isas": [ "amd64", "arm64", "386", "ppc64le", "s390x" ], "events": ["tag" ] },
|
||||
{ "os": "linux", "name": "xenial", "isas": [ "amd64", "arm64", "386" ], "events": [ "tag" ] },
|
||||
{ "os": "linux", "name": "sid", "isas": [ "386", "amd64", "arm64", "armv7", "riscv64", "mips64le", "ppc64le", "s390x" ], "events": [ "push", "tag" ] },
|
||||
{ "os": "linux", "name": "bookworm", "isas": [ "amd64", "arm64", "armv7", "386", "mips64le", "ppc64le", "s390x" ], "events": [ "tag" ] },
|
||||
{ "os": "linux", "name": "bullseye", "isas": [ "amd64", "arm64", "armv7", "386", "mips64le", "ppc64le", "s390x" ], "events": [ "tag" ] },
|
||||
{ "os": "linux", "name": "buster", "isas": [ "amd64", "arm64", "armv7", "386", "mips64le", "ppc64le", "s390x" ], "events": [ "tag" ] },
|
||||
{ "os": "linux", "name": "stretch", "isas": [ "amd64", "arm64", "386" ], "events": [ "tag" ] },
|
||||
// { "os": "windows", "name": "win2k19", "isas": [ "amd64" ], "events": ["push", "tag" ] }
|
||||
];
|
||||
|
||||
local Build(platform, os, isa, events) = {
|
||||
"kind": "pipeline",
|
||||
"type": "docker",
|
||||
"pull": "always",
|
||||
"name": platform + " " + isa + " " + "build",
|
||||
"clone": { "depth": 1 },
|
||||
"steps": [
|
||||
{
|
||||
"name": "build",
|
||||
"image": "registry.sean.farm/honda-builder",
|
||||
"commands": [ "./ci/scripts/build.sh " + platform + " " + isa + " " + "100.0.0+${DRONE_COMMIT_SHA:0:8}" + " " + "${DRONE_BUILD_EVENT}" ]
|
||||
},
|
||||
{
|
||||
"name": "list",
|
||||
"image": "registry.sean.farm/honda-builder",
|
||||
"commands": [ "ls -la " + platform ]
|
||||
},
|
||||
{
|
||||
"name": "notify-mattermost",
|
||||
"image": "registry.sean.farm/mattermost-notify",
|
||||
"environment": {
|
||||
"token": { "from_secret": "mattermost-token" },
|
||||
"host": { "from_secret": "mattermost-host" },
|
||||
"channel": { "from_secret": "mattermost-channel" },
|
||||
"maxRetry": 3,
|
||||
},
|
||||
"when": { "status": [ "failure" ] }
|
||||
}
|
||||
],
|
||||
"image_pull_secrets": [ "dockerconfigjson" ],
|
||||
[ if isa == "arm64" || isa == "armv7" then "platform" ]: { os: os, arch: "arm64" },
|
||||
"trigger": { "event": events }
|
||||
};
|
||||
|
||||
// puttin on the bits
|
||||
|
||||
std.flattenArrays([
|
||||
[
|
||||
Build(p.name, p.os, isa, p.events)
|
||||
for isa in p.isas
|
||||
]
|
||||
for p in targets
|
||||
])
|
2778
.drone.yml
2778
.drone.yml
File diff suppressed because it is too large
Load Diff
4
Makefile
4
Makefile
@ -26,3 +26,7 @@ endif
|
||||
ifeq ($(OSTYPE),NetBSD)
|
||||
include make-netbsd.mk
|
||||
endif
|
||||
|
||||
drone:
|
||||
@echo "rendering .drone.yaml from .drone.jsonnet"
|
||||
drone jsonnet --format --stream
|
||||
|
@ -53,7 +53,10 @@ To build on Mac and Linux just type `make`. On FreeBSD and OpenBSD `gmake` (GNU
|
||||
- The minimum compiler versions required are GCC/G++ 4.9.3 or CLANG/CLANG++ 3.4.2. (Install `clang` on CentOS 7 as G++ is too old.)
|
||||
- Linux makefiles automatically detect and prefer clang/clang++ if present as it produces smaller and slightly faster binaries in most cases. You can override by supplying CC and CXX variables on the make command line.
|
||||
- **Windows**
|
||||
- Windows 7 or newer is supported. This *may* work on Vista but isn't officially supported there. It will not work on Windows XP.
|
||||
- Windows 8 or newer is supported.
|
||||
- Windows 7 is supported by versions `<=1.6.6`.
|
||||
- Windows Vista *may* work but isn't officially supported there.
|
||||
- Windows XP is will not work.
|
||||
- We build with Visual Studio 2017. Older versions may not work. Clang or MinGW will also probably work but may require some makefile hacking.
|
||||
- **FreeBSD**
|
||||
- GNU make is required. Type `gmake` to build.
|
||||
|
10
ci/Dockerfile.deb
Normal file
10
ci/Dockerfile.deb
Normal file
@ -0,0 +1,10 @@
|
||||
ARG PLATFORM
|
||||
FROM registry.sean.farm/${PLATFORM}-builder as stage
|
||||
WORKDIR /work/build
|
||||
COPY . .
|
||||
RUN make debian
|
||||
RUN ls -ls /work
|
||||
|
||||
FROM scratch AS export
|
||||
ARG PLATFORM
|
||||
COPY --from=stage /work/*.deb ./${PLATFORM}/
|
36
ci/Dockerfile.el6
Normal file
36
ci/Dockerfile.el6
Normal file
@ -0,0 +1,36 @@
|
||||
ARG DOCKER_ARCH
|
||||
FROM --platform=linux/${DOCKER_ARCH} alpine:edge AS builder
|
||||
|
||||
RUN apk update
|
||||
RUN apk add curl
|
||||
RUN apk add bash
|
||||
RUN apk add file
|
||||
RUN apk add rust
|
||||
RUN apk add cargo
|
||||
RUN apk add make
|
||||
RUN apk add cmake
|
||||
RUN apk add clang
|
||||
RUN apk add openssl-dev
|
||||
RUN apk add linux-headers
|
||||
RUN apk add build-base
|
||||
RUN apk add openssl-libs-static
|
||||
|
||||
COPY . .
|
||||
RUN ZT_STATIC=1 make one
|
||||
RUN ls -la
|
||||
|
||||
ARG DOCKER_ARCH
|
||||
FROM --platform=linux/${DOCKER_ARCH} centos:6 AS stage
|
||||
WORKDIR /root/rpmbuild/BUILD
|
||||
COPY . .
|
||||
COPY --from=builder zerotier-one ./
|
||||
RUN curl https://gist.githubusercontent.com/someara/b363002ba6e57b3c474dd027d4daef85/raw/4ac5534139752fc92fbe1a53599a390214f69615/el6%2520vault --output /etc/yum.repos.d/CentOS-Base.repo
|
||||
RUN uname -a
|
||||
RUN yum -y install make gcc rpm-build
|
||||
RUN pwd
|
||||
RUN ls -la
|
||||
RUN make redhat
|
||||
|
||||
FROM scratch AS export
|
||||
ARG PLATFORM
|
||||
COPY --from=stage /root/rpmbuild/RPMS/*/*.rpm ./${PLATFORM}/
|
9
ci/Dockerfile.rpm
Normal file
9
ci/Dockerfile.rpm
Normal file
@ -0,0 +1,9 @@
|
||||
ARG PLATFORM
|
||||
FROM registry.sean.farm/${PLATFORM}-builder as stage
|
||||
WORKDIR /root/rpmbuild/BUILD
|
||||
COPY . .
|
||||
RUN make redhat
|
||||
|
||||
FROM scratch AS export
|
||||
ARG PLATFORM
|
||||
COPY --from=stage /root/rpmbuild/RPMS/*/*.rpm ./${PLATFORM}/
|
@ -1,7 +0,0 @@
|
||||
FROM registry.sean.farm/sid-builder as stage
|
||||
COPY . .
|
||||
RUN /usr/bin/make -j 8
|
||||
|
||||
FROM scratch AS export
|
||||
COPY --from=stage /zerotier-one .
|
||||
COPY --from=stage /zerotier-cli .
|
@ -2,28 +2,115 @@
|
||||
set -euo pipefail
|
||||
IFS=$'\n\t'
|
||||
|
||||
export GOOS=$1
|
||||
export GOARCH=$2
|
||||
export PLATFORM=$1
|
||||
export ZT_ISA=$2
|
||||
export VERSION=$3
|
||||
export DOCKER_BUILDKIT=1
|
||||
export EVENT=$4
|
||||
|
||||
echo "nproc: $(nproc)"
|
||||
|
||||
case $GOARCH in
|
||||
armv5)
|
||||
export ARCH=arm/v5
|
||||
;;
|
||||
armv7)
|
||||
export ARCH=arm/v7
|
||||
;;
|
||||
arm64)
|
||||
export ARCH=arm64/v8
|
||||
case $PLATFORM in
|
||||
el*|fc*|amzn*)
|
||||
export PKGFMT=rpm
|
||||
;;
|
||||
*)
|
||||
export ARCH=$GOARCH
|
||||
export PKGFMT=deb
|
||||
esac
|
||||
|
||||
# OSX
|
||||
# x86_64-apple-darwin
|
||||
# aarch64-apple-darwin
|
||||
|
||||
# Windows
|
||||
# x86_64-pc-windows-msvc
|
||||
# i686-pc-windows-msvc
|
||||
# aarch64-pc-windows-msvc
|
||||
|
||||
# Linux
|
||||
# i686-unknown-linux-gnu
|
||||
# x86_64-unknown-linux-gnu
|
||||
# arm-unknown-linux-gnueabi ?
|
||||
# arm-unknown-linux-gnueabihf ?
|
||||
# armv7-unknown-linux-gnueabihf
|
||||
#
|
||||
|
||||
case $ZT_ISA in
|
||||
386)
|
||||
export DOCKER_ARCH=386
|
||||
export RUST_TRIPLET=i686-unknown-linux-gnu
|
||||
;;
|
||||
amd64)
|
||||
export DOCKER_ARCH=amd64
|
||||
export RUST_TRIPLET=x86_64-unknown-linux-gnu
|
||||
;;
|
||||
armv6)
|
||||
export DOCKER_ARCH=arm/v6
|
||||
export RUST_TRIPLET=arm-unknown-linux-gnueabi
|
||||
;;
|
||||
armv7)
|
||||
export DOCKER_ARCH=arm/v7
|
||||
export RUST_TRIPLET=arm-unknown-linux-gnueabihf
|
||||
;;
|
||||
arm64)
|
||||
export DOCKER_ARCH=arm64/v8
|
||||
export RUST_TRIPLET=aarch64-unknown-linux-gnu
|
||||
;;
|
||||
riscv64)
|
||||
export DOCKER_ARCH=riscv64
|
||||
export RUST_TRIPLET=riscv64gc-unknown-linux-gnu
|
||||
;;
|
||||
ppc64le)
|
||||
export DOCKER_ARCH=ppc64le
|
||||
export RUST_TRIPLET=powerpc64le-unknown-linux-gnu
|
||||
;;
|
||||
mips64le)
|
||||
export DOCKER_ARCH=mips64le
|
||||
export RUST_TRIPLET=mips64el-unknown-linux-gnuabi64
|
||||
;;
|
||||
s390x)
|
||||
export DOCKER_ARCH=s390x
|
||||
export RUST_TRIPLET=s390x-unknown-linux-gnu
|
||||
;;
|
||||
*)
|
||||
echo "ERROR: could not determine architecture settings. PLEASE FIX ME"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ -f "ci/Dockerfile.${PLATFORM}" ]; then
|
||||
export DOCKERFILE="ci/Dockerfile.${PLATFORM}"
|
||||
else
|
||||
export DOCKERFILE="ci/Dockerfile.${PKGFMT}"
|
||||
fi
|
||||
|
||||
echo "#~~~~~~~~~~~~~~~~~~~~"
|
||||
echo "$0 variables:"
|
||||
echo "nproc: $(nproc)"
|
||||
echo "ZT_ISA: ${ZT_ISA}"
|
||||
echo "DOCKER_ARCH: ${DOCKER_ARCH}"
|
||||
echo "RUST_TRIPLET: ${RUST_TRIPLET}"
|
||||
echo "VERSION: ${VERSION}"
|
||||
echo "EVENT: ${EVENT}"
|
||||
echo "PKGFMT: ${PKGFMT}"
|
||||
echo "PWD: ${PWD}"
|
||||
echo "DOCKERFILE: ${DOCKERFILE}"
|
||||
echo "#~~~~~~~~~~~~~~~~~~~~"
|
||||
|
||||
if [ ${EVENT} == "push" ]; then
|
||||
make munge_rpm zerotier-one.spec VERSION=${VERSION}
|
||||
make munge_deb debian/changelog VERSION=${VERSION}
|
||||
fi
|
||||
|
||||
export DOCKER_BUILDKIT=1
|
||||
docker run --privileged --rm tonistiigi/binfmt --install all
|
||||
docker pull registry.sean.farm/sid-builder
|
||||
docker buildx build --platform ${GOOS}/${ARCH} -f ci/Dockerfile.sid --target export -t test . --output out/${GOOS}/${GOARCH}
|
||||
|
||||
# docker pull --platform linux/${DOCKER_ARCH} registry.sean.farm/${PLATFORM}-builder
|
||||
|
||||
docker buildx build \
|
||||
--build-arg PLATFORM="${PLATFORM}" \
|
||||
--build-arg RUST_TRIPLET="${RUST_TRIPLET}" \
|
||||
--build-arg DOCKER_ARCH="${DOCKER_ARCH}" \
|
||||
--platform linux/${DOCKER_ARCH} \
|
||||
-f ${DOCKERFILE} \
|
||||
-t build \
|
||||
. \
|
||||
--output type=local,dest=. \
|
||||
--target export
|
||||
|
37
ci/scripts/munge_debian_changelog.sh
Executable file
37
ci/scripts/munge_debian_changelog.sh
Executable file
@ -0,0 +1,37 @@
|
||||
#!/bin/bash
|
||||
set -euo pipefail
|
||||
IFS=$'\n\t'
|
||||
|
||||
export FILE=$1
|
||||
export VERSION=$2
|
||||
export NAME=$3
|
||||
export MESSAGE=$4
|
||||
export DATE=$(date "+%a, %d %b %Y %T %z")
|
||||
# export DATE=$(date "+%a %b %d %Y")
|
||||
|
||||
set +e
|
||||
grep --version | grep BSD &> /dev/null
|
||||
if [ $? == 0 ]; then BSDGREP=true ; else BSDGREP=false ; fi
|
||||
set -e
|
||||
|
||||
# echo "#~~~~~~~~~~~~~~~~~~~~"
|
||||
# echo "$0 variables:"
|
||||
# echo "VERSION: ${VERSION}"
|
||||
# echo "NAME: ${NAME}"
|
||||
# echo "MESSAGE: ${MESSAGE}"
|
||||
# echo "DATE: ${DATE}"
|
||||
# echo "BSDGREP: ${BSDGREP}"
|
||||
# echo "#~~~~~~~~~~~~~~~~~~~~"
|
||||
# echo
|
||||
|
||||
if $BSDGREP ; then
|
||||
sed -i '' s/^Version:.*/"Version: ${VERSION}"/ ${FILE}
|
||||
else
|
||||
sed -i s/^Version:.*/"Version: ${VERSION}"/ ${FILE}
|
||||
fi
|
||||
|
||||
awk -v version=${VERSION} -v date=${DATE} -v name=${NAME} -v message=${MESSAGE} \
|
||||
'BEGIN{print "zerotier-one (" version ") unstable; urgency=medium\n\n * " message "\n\n -- " name " " date "\n" }{ print }' \
|
||||
${FILE} > ${FILE}.new
|
||||
|
||||
mv ${FILE}.new ${FILE}
|
36
ci/scripts/munge_rpm_spec.sh
Executable file
36
ci/scripts/munge_rpm_spec.sh
Executable file
@ -0,0 +1,36 @@
|
||||
#!/bin/bash
|
||||
set -euo pipefail
|
||||
IFS=$'\n\t'
|
||||
|
||||
export FILE=$1
|
||||
export VERSION=$2
|
||||
export NAME=$3
|
||||
export MESSAGE=$4
|
||||
export DATE=$(date "+%a %b %d %Y")
|
||||
|
||||
set +e
|
||||
grep --version | grep BSD &> /dev/null
|
||||
if [ $? == 0 ]; then BSDGREP=true ; else BSDGREP=false ; fi
|
||||
set -e
|
||||
|
||||
# echo "#~~~~~~~~~~~~~~~~~~~~"
|
||||
# echo "$0 variables:"
|
||||
# echo "VERSION: ${VERSION}"
|
||||
# echo "NAME: ${NAME}"
|
||||
# echo "MESSAGE: ${MESSAGE}"
|
||||
# echo "DATE: ${DATE}"
|
||||
# echo "BSDGREP: ${BSDGREP}"
|
||||
# echo "#~~~~~~~~~~~~~~~~~~~~"
|
||||
# echo
|
||||
|
||||
if $BSDGREP ; then
|
||||
sed -i '' s/^Version:.*/"Version: ${VERSION}"/ ${FILE}
|
||||
else
|
||||
sed -i s/^Version:.*/"Version: ${VERSION}"/ ${FILE}
|
||||
fi
|
||||
|
||||
awk -v version=${VERSION} -v date=${DATE} -v name=${NAME} -v message=${MESSAGE} \
|
||||
'FNR==NR{ if (/%changelog/) p=NR; next} 1; FNR==p{ print "* " date " " name " - " version "\n- " message "\n" }' \
|
||||
${FILE} ${FILE} > ${FILE}.new
|
||||
|
||||
mv ${FILE}.new ${FILE}
|
@ -33,7 +33,7 @@
|
||||
#include <set>
|
||||
#include <map>
|
||||
|
||||
#include "../ext/json/json.hpp"
|
||||
#include <nlohmann/json.hpp>
|
||||
|
||||
#define ZT_MEMBER_AUTH_TIMEOUT_NOTIFY_BEFORE 25000
|
||||
|
||||
|
@ -35,7 +35,7 @@
|
||||
#include "../osdep/Thread.hpp"
|
||||
#include "../osdep/BlockingQueue.hpp"
|
||||
|
||||
#include "../ext/json/json.hpp"
|
||||
#include <nlohmann/json.hpp>
|
||||
|
||||
#include "DB.hpp"
|
||||
#include "DBMirrorSet.hpp"
|
||||
|
21
ext/inja/LICENSE
Normal file
21
ext/inja/LICENSE
Normal file
@ -0,0 +1,21 @@
|
||||
MIT License
|
||||
|
||||
Copyright (c) 2018-2021 Berscheid
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
391
ext/inja/README.md
Normal file
391
ext/inja/README.md
Normal file
@ -0,0 +1,391 @@
|
||||
[<div align="center"><img width="500" src="https://raw.githubusercontent.com/pantor/inja/master/doc/logo.svg?sanitize=true"></div>](https://github.com/pantor/inja/releases)
|
||||
|
||||
<p align="center">
|
||||
<a href="https://github.com/pantor/inja/actions">
|
||||
<img src="https://github.com/pantor/inja/workflows/CI/badge.svg" alt="CI Status">
|
||||
</a>
|
||||
|
||||
<a href="https://github.com/pantor/inja/actions">
|
||||
<img src="https://github.com/pantor/inja/workflows/Documentation/badge.svg" alt="Documentation Status">
|
||||
</a>
|
||||
|
||||
<a href="https://www.codacy.com/manual/pantor/inja?utm_source=github.com&utm_medium=referral&utm_content=pantor/inja&utm_campaign=Badge_Grade">
|
||||
<img src="https://app.codacy.com/project/badge/Grade/211718f7a36541819d1244c0e2ee6f08"/>
|
||||
</a>
|
||||
|
||||
<a href="https://github.com/pantor/inja/releases">
|
||||
<img src="https://img.shields.io/github/release/pantor/inja.svg" alt="Github Releases">
|
||||
</a>
|
||||
|
||||
<a href="http://github.com/pantor/inja/issues">
|
||||
<img src="https://img.shields.io/github/issues/pantor/inja.svg" alt="Github Issues">
|
||||
</a>
|
||||
|
||||
<a href="https://raw.githubusercontent.com/pantor/inja/master/LICENSE">
|
||||
<img src="https://img.shields.io/badge/license-MIT-blue.svg" alt="GitHub License">
|
||||
</a>
|
||||
</p>
|
||||
|
||||
Inja is a template engine for modern C++, loosely inspired by [jinja](http://jinja.pocoo.org) for python. It has an easy and yet powerful template syntax with all variables, loops, conditions, includes, callbacks, and comments you need, nested and combined as you like. Inja uses the wonderful [json](https://github.com/nlohmann/json) library by nlohmann for data input. Most importantly, inja needs only two header files, which is (nearly) as trivial as integration in C++ can get. Of course, everything is tested on all relevant compilers. Here is what it looks like:
|
||||
|
||||
```.cpp
|
||||
json data;
|
||||
data["name"] = "world";
|
||||
|
||||
inja::render("Hello {{ name }}!", data); // Returns "Hello world!"
|
||||
```
|
||||
|
||||
## Integration
|
||||
|
||||
Inja is a headers only library, which can be downloaded from the [releases](https://github.com/pantor/inja/releases) or directly from the `include/` or `single_include/` folder. Inja uses `nlohmann/json.hpp` (>= v3.8.0) as its single dependency, so make sure it can be included from `inja.hpp`. json can be downloaded [here](https://github.com/nlohmann/json/releases). Then integration is as easy as:
|
||||
|
||||
```.cpp
|
||||
#include <inja.hpp>
|
||||
|
||||
// Just for convenience
|
||||
using namespace inja;
|
||||
```
|
||||
|
||||
If you are using the [Meson Build System](http://mesonbuild.com), then you can wrap this repository as a subproject.
|
||||
|
||||
If you are using [Conan](https://conan.io) to manage your dependencies, have a look at [this repository](https://github.com/DEGoodmanWilson/conan-inja). Please file issues [here](https://github.com/DEGoodmanWilson/conan-inja/issues) if you experience problems with the packages.
|
||||
|
||||
You can also integrate inja in your project using [Hunter](https://github.com/cpp-pm/hunter), a package manager for C++.
|
||||
|
||||
If you are using [vcpkg](https://github.com/Microsoft/vcpkg) on your project for external dependencies, then you can use the [inja package](https://github.com/Microsoft/vcpkg/tree/master/ports/inja). Please see the vcpkg project for any issues regarding the packaging.
|
||||
|
||||
If you are using [cget](https://cget.readthedocs.io/en/latest/), you can install the latest development version with `cget install pantor/inja`. A specific version can be installed with `cget install pantor/inja@v2.1.0`.
|
||||
|
||||
On macOS, you can install inja via [Homebrew](https://formulae.brew.sh/formula/inja#default) and `brew install inja`.
|
||||
|
||||
If you are using [conda](https://docs.conda.io/en/latest/), you can install the latest version from [conda-forge](https://anaconda.org/conda-forge/inja) with `conda install -c conda-forge inja`.
|
||||
|
||||
## Tutorial
|
||||
|
||||
This tutorial will give you an idea how to use inja. It will explain the most important concepts and give practical advices using examples and executable code. Beside this tutorial, you may check out the [documentation](https://pantor.github.io/inja).
|
||||
|
||||
### Template Rendering
|
||||
|
||||
The basic template rendering takes a template as a `std::string` and a `json` object for all data. It returns the rendered template as an `std::string`.
|
||||
|
||||
```.cpp
|
||||
json data;
|
||||
data["name"] = "world";
|
||||
|
||||
render("Hello {{ name }}!", data); // Returns std::string "Hello world!"
|
||||
render_to(std::cout, "Hello {{ name }}!", data); // Writes "Hello world!" to stream
|
||||
```
|
||||
|
||||
For more advanced usage, an environment is recommended.
|
||||
```.cpp
|
||||
Environment env;
|
||||
|
||||
// Render a string with json data
|
||||
std::string result = env.render("Hello {{ name }}!", data); // "Hello world!"
|
||||
|
||||
// Or directly read a template file
|
||||
Template temp = env.parse_template("./templates/greeting.txt");
|
||||
std::string result = env.render(temp, data); // "Hello world!"
|
||||
|
||||
data["name"] = "Inja";
|
||||
std::string result = env.render(temp, data); // "Hello Inja!"
|
||||
|
||||
// Or read the template file (and/or the json file) directly from the environment
|
||||
result = env.render_file("./templates/greeting.txt", data);
|
||||
result = env.render_file_with_json_file("./templates/greeting.txt", "./data.json");
|
||||
|
||||
// Or write a rendered template file
|
||||
env.write(temp, data, "./result.txt");
|
||||
env.write_with_json_file("./templates/greeting.txt", "./data.json", "./result.txt");
|
||||
```
|
||||
|
||||
The environment class can be configured to your needs.
|
||||
```.cpp
|
||||
// With default settings
|
||||
Environment env_default;
|
||||
|
||||
// With global path to template files and where files will be saved
|
||||
Environment env_1 {"../path/templates/"};
|
||||
|
||||
// With separate input and output path
|
||||
Environment env_2 {"../path/templates/", "../path/results/"};
|
||||
|
||||
// With other opening and closing strings (here the defaults)
|
||||
env.set_expression("{{", "}}"); // Expressions
|
||||
env.set_comment("{#", "#}"); // Comments
|
||||
env.set_statement("{%", "%}"); // Statements {% %} for many things, see below
|
||||
env.set_line_statement("##"); // Line statements ## (just an opener)
|
||||
```
|
||||
|
||||
### Variables
|
||||
|
||||
Variables are rendered within the `{{ ... }}` expressions.
|
||||
```.cpp
|
||||
json data;
|
||||
data["neighbour"] = "Peter";
|
||||
data["guests"] = {"Jeff", "Tom", "Patrick"};
|
||||
data["time"]["start"] = 16;
|
||||
data["time"]["end"] = 22;
|
||||
|
||||
// Indexing in array
|
||||
render("{{ guests.1 }}", data); // "Tom"
|
||||
|
||||
// Objects
|
||||
render("{{ time.start }} to {{ time.end + 1 }}pm", data); // "16 to 23pm"
|
||||
```
|
||||
If no variable is found, valid JSON is printed directly, otherwise an `inja::RenderError` is thrown.
|
||||
|
||||
### Statements
|
||||
|
||||
Statements can be written either with the `{% ... %}` syntax or the `##` syntax for entire lines. Note that `##` needs to start the line without indentation. The most important statements are loops, conditions and file includes. All statements can be nested.
|
||||
|
||||
#### Loops
|
||||
|
||||
```.cpp
|
||||
// Combining loops and line statements
|
||||
render(R"(Guest List:
|
||||
## for guest in guests
|
||||
{{ loop.index1 }}: {{ guest }}
|
||||
## endfor )", data)
|
||||
|
||||
/* Guest List:
|
||||
1: Jeff
|
||||
2: Tom
|
||||
3: Patrick */
|
||||
```
|
||||
In a loop, the special variables `loop.index (number)`, `loop.index1 (number)`, `loop.is_first (boolean)` and `loop.is_last (boolean)` are defined. In nested loops, the parent loop variables are available e.g. via `loop.parent.index`. You can also iterate over objects like `{% for key, value in time %}`.
|
||||
|
||||
#### Conditions
|
||||
|
||||
Conditions support the typical if, else if and else statements. Following conditions are for example possible:
|
||||
```.cpp
|
||||
// Standard comparisons with a variable
|
||||
render("{% if time.hour >= 20 %}Serve{% else if time.hour >= 18 %}Make{% endif %} dinner.", data); // Serve dinner.
|
||||
|
||||
// Variable in list
|
||||
render("{% if neighbour in guests %}Turn up the music!{% endif %}", data); // Turn up the music!
|
||||
|
||||
// Logical operations
|
||||
render("{% if guest_count < (3+2) and all_tired %}Sleepy...{% else %}Keep going...{% endif %}", data); // Sleepy...
|
||||
|
||||
// Negations
|
||||
render("{% if not guest_count %}The End{% endif %}", data); // The End
|
||||
```
|
||||
|
||||
#### Includes
|
||||
|
||||
You can either include other in-memory templates or from the file system.
|
||||
```.cpp
|
||||
// To include in-memory templates, add them to the environment first
|
||||
inja::Template content_template = env.parse("Hello {{ neighbour }}!");
|
||||
env.include_template("content", content_template);
|
||||
env.render("Content: {% include \"content\" %}", data); // "Content: Hello Peter!"
|
||||
|
||||
// Other template files are included relative from the current file location
|
||||
render("{% include \"footer.html\" %}", data);
|
||||
```
|
||||
If a corresponding template could not be found in the file system, the *include callback* is called:
|
||||
```.cpp
|
||||
// The callback takes the current path and the wanted include name and returns a template
|
||||
env.set_include_callback([&env](const std::string& path, const std::string& template_name) {
|
||||
return env.parse("Hello {{ neighbour }} from " + template_name);
|
||||
});
|
||||
|
||||
// You can disable to search for templates in the file system via
|
||||
env.set_search_included_templates_in_files(false);
|
||||
```
|
||||
|
||||
Inja will throw an `inja::RenderError` if an included file is not found and no callback is specified. To disable this error, you can call `env.set_throw_at_missing_includes(false)`.
|
||||
|
||||
#### Assignments
|
||||
|
||||
Variables can also be defined within the template using the set statment.
|
||||
```.cpp
|
||||
render("{% set new_hour=23 %}{{ new_hour }}pm", data); // "23pm"
|
||||
render("{% set time.start=18 %}{{ time.start }}pm", data); // using json pointers
|
||||
```
|
||||
|
||||
Assignments only set the value within the rendering context; they do not modify the json object passed into the `render` call.
|
||||
|
||||
### Functions
|
||||
|
||||
A few functions are implemented within the inja template syntax. They can be called with
|
||||
```.cpp
|
||||
// Upper and lower function, for string cases
|
||||
render("Hello {{ upper(neighbour) }}!", data); // "Hello PETER!"
|
||||
render("Hello {{ lower(neighbour) }}!", data); // "Hello peter!"
|
||||
|
||||
// Range function, useful for loops
|
||||
render("{% for i in range(4) %}{{ loop.index1 }}{% endfor %}", data); // "1234"
|
||||
render("{% for i in range(3) %}{{ at(guests, i) }} {% endfor %}", data); // "Jeff Tom Patrick "
|
||||
|
||||
// Length function (please don't combine with range, use list directly...)
|
||||
render("I count {{ length(guests) }} guests.", data); // "I count 3 guests."
|
||||
|
||||
// Get first and last element in a list
|
||||
render("{{ first(guests) }} was first.", data); // "Jeff was first."
|
||||
render("{{ last(guests) }} was last.", data); // "Patir was last."
|
||||
|
||||
// Sort a list
|
||||
render("{{ sort([3,2,1]) }}", data); // "[1,2,3]"
|
||||
render("{{ sort(guests) }}", data); // "[\"Jeff\", \"Patrick\", \"Tom\"]"
|
||||
|
||||
// Join a list with a separator
|
||||
render("{{ join([1,2,3], \" + \") }}", data); // "1 + 2 + 3"
|
||||
render("{{ join(guests, \", \") }}", data); // "Jeff, Patrick, Tom"
|
||||
|
||||
// Round numbers to a given precision
|
||||
render("{{ round(3.1415, 0) }}", data); // 3
|
||||
render("{{ round(3.1415, 3) }}", data); // 3.142
|
||||
|
||||
// Check if a value is odd, even or divisible by a number
|
||||
render("{{ odd(42) }}", data); // false
|
||||
render("{{ even(42) }}", data); // true
|
||||
render("{{ divisibleBy(42, 7) }}", data); // true
|
||||
|
||||
// Maximum and minimum values from a list
|
||||
render("{{ max([1, 2, 3]) }}", data); // 3
|
||||
render("{{ min([-2.4, -1.2, 4.5]) }}", data); // -2.4
|
||||
|
||||
// Convert strings to numbers
|
||||
render("{{ int(\"2\") == 2 }}", data); // true
|
||||
render("{{ float(\"1.8\") > 2 }}", data); // false
|
||||
|
||||
// Set default values if variables are not defined
|
||||
render("Hello {{ default(neighbour, \"my friend\") }}!", data); // "Hello Peter!"
|
||||
render("Hello {{ default(colleague, \"my friend\") }}!", data); // "Hello my friend!"
|
||||
|
||||
// Access an objects value dynamically
|
||||
render("{{ at(time, \"start\") }} to {{ time.end }}", data); // "16 to 22"
|
||||
|
||||
// Check if a key exists in an object
|
||||
render("{{ exists(\"guests\") }}", data); // "true"
|
||||
render("{{ exists(\"city\") }}", data); // "false"
|
||||
render("{{ existsIn(time, \"start\") }}", data); // "true"
|
||||
render("{{ existsIn(time, neighbour) }}", data); // "false"
|
||||
|
||||
// Check if a key is a specific type
|
||||
render("{{ isString(neighbour) }}", data); // "true"
|
||||
render("{{ isArray(guests) }}", data); // "true"
|
||||
// Implemented type checks: isArray, isBoolean, isFloat, isInteger, isNumber, isObject, isString,
|
||||
```
|
||||
|
||||
### Callbacks
|
||||
|
||||
You can create your own and more complex functions with callbacks. These are implemented with `std::function`, so you can for example use C++ lambdas. Inja `Arguments` are a vector of json pointers.
|
||||
```.cpp
|
||||
Environment env;
|
||||
|
||||
/*
|
||||
* Callbacks are defined by its:
|
||||
* - name,
|
||||
* - (optional) number of arguments,
|
||||
* - callback function.
|
||||
*/
|
||||
env.add_callback("double", 1, [](Arguments& args) {
|
||||
int number = args.at(0)->get<int>(); // Adapt the index and type of the argument
|
||||
return 2 * number;
|
||||
});
|
||||
|
||||
// You can then use a callback like a regular function
|
||||
env.render("{{ double(16) }}", data); // "32"
|
||||
|
||||
// Inja falls back to variadic callbacks if the number of expected arguments is omitted.
|
||||
env.add_callback("argmax", [](Arguments& args) {
|
||||
auto result = std::max_element(args.begin(), args.end(), [](const json* a, const json* b) { return *a < *b;});
|
||||
return std::distance(args.begin(), result);
|
||||
});
|
||||
env.render("{{ argmax(4, 2, 6) }}", data); // "2"
|
||||
env.render("{{ argmax(0, 2, 6, 8, 3) }}", data); // "3"
|
||||
|
||||
// A callback without argument can be used like a dynamic variable:
|
||||
std::string greet = "Hello";
|
||||
env.add_callback("double-greetings", 0, [greet](Arguments args) {
|
||||
return greet + " " + greet + "!";
|
||||
});
|
||||
env.render("{{ double-greetings }}", data); // "Hello Hello!"
|
||||
```
|
||||
You can also add a void callback without return variable, e.g. for debugging:
|
||||
```.cpp
|
||||
env.add_void_callback("log", 1, [greet](Arguments args) {
|
||||
std::cout << "logging: " << args[0] << std::endl;
|
||||
});
|
||||
env.render("{{ log(neighbour) }}", data); // Prints nothing to result, only to cout...
|
||||
```
|
||||
|
||||
### Template Inheritance
|
||||
|
||||
Template inheritance allows you to build a base *skeleton* template that contains all the common elements and defines blocks that child templates can override. Lets show an example: The base template
|
||||
```.html
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
{% block head %}
|
||||
<link rel="stylesheet" href="style.css" />
|
||||
<title>{% block title %}{% endblock %} - My Webpage</title>
|
||||
{% endblock %}
|
||||
</head>
|
||||
<body>
|
||||
<div id="content">{% block content %}{% endblock %}</div>
|
||||
</body>
|
||||
</html>
|
||||
```
|
||||
contains three `blocks` that child templates can fill in. The child template
|
||||
```.html
|
||||
{% extends "base.html" %}
|
||||
{% block title %}Index{% endblock %}
|
||||
{% block head %}
|
||||
{{ super() }}
|
||||
<style type="text/css">
|
||||
.important { color: #336699; }
|
||||
</style>
|
||||
{% endblock %}
|
||||
{% block content %}
|
||||
<h1>Index</h1>
|
||||
<p class="important">
|
||||
Welcome to my blog!
|
||||
</p>
|
||||
{% endblock %}
|
||||
```
|
||||
calls a parent template with the `extends` keyword; it should be the first element in the template. It is possible to render the contents of the parent block by calling `super()`. In the case of multiple levels of `{% extends %}`, super references may be called with an argument (e.g. `super(2)`) to skip levels in the inheritance tree.
|
||||
|
||||
### Whitespace Control
|
||||
|
||||
In the default configuration, no whitespace is removed while rendering the file. To support a more readable template style, you can configure the environment to control whitespaces before and after a statement automatically. While enabling `set_trim_blocks` removes the first newline after a statement, `set_lstrip_blocks` strips tabs and spaces from the beginning of a line to the start of a block.
|
||||
|
||||
```.cpp
|
||||
Environment env;
|
||||
env.set_trim_blocks(true);
|
||||
env.set_lstrip_blocks(true);
|
||||
```
|
||||
|
||||
With both `trim_blocks` and `lstrip_blocks` enabled, you can put statements on their own lines. Furthermore, you can also strip whitespaces for both statements and expressions by hand. If you add a minus sign (`-`) to the start or end, the whitespaces before or after that block will be removed:
|
||||
|
||||
```.cpp
|
||||
render("Hello {{- name -}} !", data); // "Hello Inja!"
|
||||
render("{% if neighbour in guests -%} I was there{% endif -%} !", data); // Renders without any whitespaces
|
||||
```
|
||||
|
||||
Stripping behind a statement or expression also removes any newlines.
|
||||
|
||||
### Comments
|
||||
|
||||
Comments can be written with the `{# ... #}` syntax.
|
||||
```.cpp
|
||||
render("Hello{# Todo #}!", data); // "Hello!"
|
||||
```
|
||||
|
||||
### Exceptions
|
||||
|
||||
Inja uses exceptions to handle ill-formed template input. However, exceptions can be switched off with either using the compiler flag `-fno-exceptions` or by defining the symbol `INJA_NOEXCEPTION`. In this case, exceptions are replaced by `abort()` calls.
|
||||
|
||||
|
||||
## Supported compilers
|
||||
|
||||
Inja uses the `string_view` feature of the C++17 STL. Currently, the following compilers are tested:
|
||||
|
||||
- GCC 7 - 11 (and possibly later)
|
||||
- Clang 5 - 12 (and possibly later)
|
||||
- Microsoft Visual C++ 2017 15.0 - 2022 (and possibly later)
|
||||
|
||||
A list of supported compiler / os versions can be found in the [CI definition](https://github.com/pantor/inja/blob/master/.github/workflows/ci.yml).
|
2949
ext/inja/inja.hpp
Normal file
2949
ext/inja/inja.hpp
Normal file
File diff suppressed because it is too large
Load Diff
@ -1,6 +1,6 @@
|
||||
# This requires GNU make, which is typically "gmake" on BSD systems
|
||||
|
||||
INCLUDES=
|
||||
INCLUDES=-isystem ext
|
||||
DEFS=
|
||||
LIBS=
|
||||
|
||||
@ -152,7 +152,7 @@ endif
|
||||
|
||||
override DEFS+=-DZT_BUILD_PLATFORM=$(ZT_BUILD_PLATFORM) -DZT_BUILD_ARCHITECTURE=$(ZT_ARCHITECTURE) -DZT_SOFTWARE_UPDATE_DEFAULT="\"disable\""
|
||||
|
||||
CXXFLAGS+=$(CFLAGS) -std=c++11 #-D_GLIBCXX_USE_C99 -D_GLIBCXX_USE_C99_MATH -D_GLIBCXX_USE_C99_MATH_TR1
|
||||
CXXFLAGS+=$(CFLAGS) -std=c++17 #-D_GLIBCXX_USE_C99 -D_GLIBCXX_USE_C99_MATH -D_GLIBCXX_USE_C99_MATH_TR1
|
||||
|
||||
all: one
|
||||
|
||||
|
@ -9,7 +9,7 @@ ifeq ($(origin CXX),default)
|
||||
CXX:=$(shell if [ -e /opt/rh/devtoolset-8/root/usr/bin/g++ ]; then echo /opt/rh/devtoolset-8/root/usr/bin/g++; else echo $(CXX); fi)
|
||||
endif
|
||||
|
||||
INCLUDES?=-Izeroidc/target
|
||||
INCLUDES?=-Izeroidc/target -isystem ext
|
||||
DEFS?=
|
||||
LDLIBS?=
|
||||
DESTDIR?=
|
||||
@ -31,7 +31,7 @@ ifeq ($(MINIUPNPC_IS_NEW_ENOUGH),1)
|
||||
override DEFS+=-DZT_USE_SYSTEM_MINIUPNPC
|
||||
LDLIBS+=-lminiupnpc
|
||||
else
|
||||
override DEFS+=-DMINIUPNP_STATICLIB -DMINIUPNPC_SET_SOCKET_TIMEOUT -DMINIUPNPC_GET_SRC_ADDR -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_XOPEN_SOURCE=600 -DOS_STRING=\"Linux\" -DMINIUPNPC_VERSION_STRING=\"2.0\" -DUPNP_VERSION_STRING=\"UPnP/1.1\" -DENABLE_STRNATPMPERR
|
||||
override DEFS+=-DMINIUPNP_STATICLIB -DMINIUPNPC_SET_SOCKET_TIMEOUT -DMINIUPNPC_GET_SRC_ADDR -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_XOPEN_SOURCE=600 -DOS_STRING="\"Linux\"" -DMINIUPNPC_VERSION_STRING="\"2.0\"" -DUPNP_VERSION_STRING="\"UPnP/1.1\"" -DENABLE_STRNATPMPERR
|
||||
ONE_OBJS+=ext/miniupnpc/connecthostport.o ext/miniupnpc/igd_desc_parse.o ext/miniupnpc/minisoap.o ext/miniupnpc/minissdpc.o ext/miniupnpc/miniupnpc.o ext/miniupnpc/miniwget.o ext/miniupnpc/minixml.o ext/miniupnpc/portlistingparse.o ext/miniupnpc/receivedata.o ext/miniupnpc/upnpcommands.o ext/miniupnpc/upnpdev.o ext/miniupnpc/upnperrors.o ext/miniupnpc/upnpreplyparse.o
|
||||
endif
|
||||
ifeq ($(wildcard /usr/include/natpmp.h),)
|
||||
@ -59,17 +59,17 @@ ifeq ($(ZT_SANITIZE),1)
|
||||
endif
|
||||
ifeq ($(ZT_DEBUG),1)
|
||||
override CFLAGS+=-Wall -Wno-deprecated -g -O -pthread $(INCLUDES) $(DEFS)
|
||||
override CXXFLAGS+=-Wall -Wno-deprecated -g -O -std=c++11 -pthread $(INCLUDES) $(DEFS)
|
||||
override CXXFLAGS+=-Wall -Wno-deprecated -g -O -std=c++17 -pthread $(INCLUDES) $(DEFS)
|
||||
ZT_TRACE=1
|
||||
RUSTFLAGS=
|
||||
# The following line enables optimization for the crypto code, since
|
||||
# C25519 in particular is almost UNUSABLE in -O0 even on a 3ghz box!
|
||||
node/Salsa20.o node/SHA512.o node/C25519.o node/Poly1305.o: CXXFLAGS=-Wall -O2 -g -pthread $(INCLUDES) $(DEFS)
|
||||
else
|
||||
CFLAGS?=-O3 -fstack-protector -fPIE
|
||||
CFLAGS?=-O3 -fstack-protector
|
||||
override CFLAGS+=-Wall -Wno-deprecated -pthread $(INCLUDES) -DNDEBUG $(DEFS)
|
||||
CXXFLAGS?=-O3 -fstack-protector -fPIE
|
||||
override CXXFLAGS+=-Wall -Wno-deprecated -std=c++11 -pthread $(INCLUDES) -DNDEBUG $(DEFS)
|
||||
CXXFLAGS?=-O3 -fstack-protector
|
||||
override CXXFLAGS+=-Wall -Wno-deprecated -std=c++17 -pthread $(INCLUDES) -DNDEBUG $(DEFS)
|
||||
LDFLAGS=-pie -Wl,-z,relro,-z,now
|
||||
RUSTFLAGS=--release
|
||||
endif
|
||||
@ -84,8 +84,6 @@ ifeq ($(ZT_UBIQUITI), 1)
|
||||
endif
|
||||
|
||||
ifeq ($(ZT_SYNOLOGY), 1)
|
||||
override CFLAGS+=-fPIC
|
||||
override CXXFLAGS+=-fPIC
|
||||
override DEFS+=-D__SYNOLOGY__
|
||||
ZT_EMBEDDED=1
|
||||
endif
|
||||
@ -336,12 +334,20 @@ ifeq ($(ZT_USE_ARM32_NEON_ASM_CRYPTO),1)
|
||||
override CORE_OBJS+=ext/arm32-neon-salsa2012-asm/salsa2012.o
|
||||
endif
|
||||
|
||||
# Position Independence
|
||||
override CFLAGS+=-fPIC -fPIE
|
||||
override CXXFLAGS+=-fPIC -fPIE
|
||||
|
||||
.PHONY: all
|
||||
all: one
|
||||
|
||||
.PHONY: one
|
||||
one: zerotier-one zerotier-idtool zerotier-cli
|
||||
|
||||
from_builder:
|
||||
ln -sf zerotier-one zerotier-idtool
|
||||
ln -sf zerotier-one zerotier-cli
|
||||
|
||||
zerotier-one: $(CORE_OBJS) $(ONE_OBJS) one.o
|
||||
$(CXX) $(CXXFLAGS) $(LDFLAGS) -o zerotier-one $(CORE_OBJS) $(ONE_OBJS) one.o $(LDLIBS)
|
||||
|
||||
@ -354,7 +360,7 @@ zerotier-cli: zerotier-one
|
||||
$(ONE_OBJS): zeroidc
|
||||
|
||||
libzerotiercore.a: FORCE
|
||||
make CFLAGS="-O3 -fstack-protector -fPIC" CXXFLAGS="-O3 -std=c++11 -fstack-protector -fPIC" $(CORE_OBJS)
|
||||
make CFLAGS="-O3 -fstack-protector -fPIC" CXXFLAGS="-O3 -std=c++17 -fstack-protector -fPIC" $(CORE_OBJS)
|
||||
ar rcs libzerotiercore.a $(CORE_OBJS)
|
||||
ranlib libzerotiercore.a
|
||||
|
||||
@ -452,6 +458,20 @@ uninstall: FORCE
|
||||
|
||||
# These are just for convenience for building Linux packages
|
||||
|
||||
echo_flags:
|
||||
@echo "=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~"
|
||||
@echo "echo_flags :: CC=$(CC)"
|
||||
@echo "echo_flags :: CXX=$(CXX)"
|
||||
@echo "echo_flags :: CFLAGS=$(CFLAGS)"
|
||||
@echo "echo_flags :: CXXFLAGS=$(CXXFLAGS)"
|
||||
@echo "echo_flags :: LDFLAGS=$(LDFLAGS)"
|
||||
@echo "echo_flags :: RUSTFLAGS=$(RUSTFLAGS)"
|
||||
@echo "=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~"
|
||||
|
||||
# debian: echo_flags
|
||||
# @echo "building deb package"
|
||||
# debuild --no-lintian -b -uc -us
|
||||
|
||||
debian: FORCE
|
||||
debuild --no-lintian -I -i -us -uc -nc -b
|
||||
|
||||
@ -491,9 +511,19 @@ snap-upload-stable: FORCE
|
||||
done
|
||||
|
||||
synology-pkg: FORCE
|
||||
cd synology ; ./build.sh build
|
||||
cd pkg/synology ; ./build.sh build
|
||||
|
||||
synology-docker: FORCE
|
||||
cd synology/dsm7-docker/; ./build.sh build
|
||||
cd pkg/synology/dsm7-docker/; ./build.sh build-and-push
|
||||
|
||||
munge_rpm:
|
||||
@:$(call check_defined, VERSION)
|
||||
@echo "Updating rpm spec to $(VERSION)"
|
||||
ci/scripts/munge_rpm_spec.sh zerotier-one.spec $(VERSION) "Adam Ierymenko <adam.ierymenko@zerotier.com>" "see https://github.com/zerotier/ZeroTierOne for release notes"
|
||||
|
||||
munge_deb:
|
||||
@:$(call check_defined, VERSION)
|
||||
@echo "Updating debian/changelog to $(VERSION)"
|
||||
ci/scripts/munge_debian_changelog.sh debian/changelog $(VERSION) "Adam Ierymenko <adam.ierymenko@zerotier.com>" "see https://github.com/zerotier/ZeroTierOne for release notes"
|
||||
|
||||
FORCE:
|
||||
|
@ -2,7 +2,7 @@ CC=clang
|
||||
CXX=clang++
|
||||
TOPDIR=$(shell PWD)
|
||||
|
||||
INCLUDES=-I$(shell PWD)/zeroidc/target
|
||||
INCLUDES=-I$(shell PWD)/zeroidc/target -isystem $(TOPDIR)/ext
|
||||
DEFS=
|
||||
LIBS=
|
||||
ARCH_FLAGS=-arch x86_64 -arch arm64
|
||||
@ -47,7 +47,7 @@ endif
|
||||
# Use fast ASM Salsa20/12 for x64 processors
|
||||
DEFS+=-DZT_USE_X64_ASM_SALSA2012
|
||||
CORE_OBJS+=ext/x64-salsa2012-asm/salsa2012.o
|
||||
CXXFLAGS=$(CFLAGS) -std=c++11 -stdlib=libc++
|
||||
CXXFLAGS=$(CFLAGS) -std=c++17 -stdlib=libc++
|
||||
|
||||
# Build miniupnpc and nat-pmp as included libraries -- extra defs are required for these sources
|
||||
DEFS+=-DMACOSX -DZT_SSO_SUPPORTED -DZT_USE_MINIUPNPC -DMINIUPNP_STATICLIB -D_DARWIN_C_SOURCE -DMINIUPNPC_SET_SOCKET_TIMEOUT -DMINIUPNPC_GET_SRC_ADDR -D_BSD_SOURCE -D_DEFAULT_SOURCE -DOS_STRING=\"Darwin/15.0.0\" -DMINIUPNPC_VERSION_STRING=\"2.0\" -DUPNP_VERSION_STRING=\"UPnP/1.1\" -DENABLE_STRNATPMPERR
|
||||
|
@ -236,7 +236,7 @@ void Bond::nominatePathToBond(const SharedPtr<Path>& path, int64_t now)
|
||||
/**
|
||||
* Ensure the link is allowed and the path is not already present
|
||||
*/
|
||||
if (! RR->bc->linkAllowed(_policyAlias, getLink(path))) {
|
||||
if (! RR->bc->linkAllowed(_policyAlias, getLinkBySocket(_policyAlias, path->localSocket(), true))) {
|
||||
debug("link %s is not permitted according to user-specified rules", pathToStr(path).c_str());
|
||||
return;
|
||||
}
|
||||
|
2
one.cpp
2
one.cpp
@ -88,7 +88,7 @@
|
||||
|
||||
#include "service/OneService.hpp"
|
||||
|
||||
#include "ext/json/json.hpp"
|
||||
#include <nlohmann/json.hpp>
|
||||
|
||||
#ifdef __APPLE__
|
||||
#include <SystemConfiguration/SystemConfiguration.h>
|
||||
|
@ -40,7 +40,7 @@
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if (defined(__unix__) || defined(__APPLE__)) && !defined(__LINUX__)
|
||||
#if (defined(__unix__) || defined(__APPLE__)) && !defined(__LINUX__) && !defined(ZT_SDK)
|
||||
#include <net/if.h>
|
||||
#include <netinet6/in6_var.h>
|
||||
#include <sys/ioctl.h>
|
||||
@ -311,7 +311,7 @@ class Binder {
|
||||
if (! gotViaProc) {
|
||||
struct ifaddrs* ifatbl = (struct ifaddrs*)0;
|
||||
struct ifaddrs* ifa;
|
||||
#if (defined(__unix__) || defined(__APPLE__)) && !defined(__LINUX__)
|
||||
#if (defined(__unix__) || defined(__APPLE__)) && !defined(__LINUX__) && !defined(ZT_SDK)
|
||||
// set up an IPv6 socket so we can check the state of interfaces via SIOCGIFAFLAG_IN6
|
||||
int infoSock = socket(AF_INET6, SOCK_DGRAM, 0);
|
||||
#endif
|
||||
@ -320,7 +320,7 @@ class Binder {
|
||||
while (ifa) {
|
||||
if ((ifa->ifa_name) && (ifa->ifa_addr)) {
|
||||
InetAddress ip = *(ifa->ifa_addr);
|
||||
#if (defined(__unix__) || defined(__APPLE__)) && !defined(__LINUX__)
|
||||
#if (defined(__unix__) || defined(__APPLE__)) && !defined(__LINUX__) && !defined(ZT_SDK)
|
||||
// Check if the address is an IPv6 Temporary Address, macOS/BSD version
|
||||
if (ifa->ifa_addr->sa_family == AF_INET6) {
|
||||
struct sockaddr_in6* sa6 = (struct sockaddr_in6*)ifa->ifa_addr;
|
||||
@ -368,7 +368,7 @@ class Binder {
|
||||
else {
|
||||
interfacesEnumerated = false;
|
||||
}
|
||||
#if (defined(__unix__) || defined(__APPLE__)) && !defined(__LINUX__)
|
||||
#if (defined(__unix__) || defined(__APPLE__)) && !defined(__LINUX__) && !defined(ZT_SDK)
|
||||
close(infoSock);
|
||||
#endif
|
||||
}
|
||||
|
@ -43,7 +43,7 @@
|
||||
#endif
|
||||
|
||||
#ifndef OMIT_JSON_SUPPORT
|
||||
#include "../ext/json/json.hpp"
|
||||
#include <nlohmann/json.hpp>
|
||||
#endif
|
||||
|
||||
namespace ZeroTier {
|
||||
|
@ -3,16 +3,17 @@
|
||||
ZTO_VER=$(git describe --abbrev=0 --tags)
|
||||
ZTO_COMMIT=$(git rev-parse HEAD)
|
||||
|
||||
build()
|
||||
build-and-push()
|
||||
{
|
||||
# build
|
||||
|
||||
sudo docker build --load --rm -t zerotier-synology . --build-arg ZTO_COMMIT=${ZTO_COMMIT} --build-arg ZTO_VER=${ZTO_VER}
|
||||
LATEST_DOCKER_IMAGE_HASH=$(sudo docker images -q zerotier-synology)
|
||||
sudo docker tag ${LATEST_DOCKER_IMAGE_HASH} zerotier/zerotier-synology:${ZTO_VER}
|
||||
sudo docker tag ${LATEST_DOCKER_IMAGE_HASH} zerotier/zerotier-synology:latest
|
||||
}
|
||||
|
||||
push()
|
||||
{
|
||||
# push
|
||||
|
||||
sudo docker login --username=${DOCKERHUB_USERNAME}
|
||||
sudo docker push zerotier/zerotier-synology:${ZTO_VER}
|
||||
sudo docker push zerotier/zerotier-synology:latest
|
||||
|
@ -92,7 +92,8 @@ extern "C" {
|
||||
}
|
||||
#endif
|
||||
|
||||
#include "../ext/json/json.hpp"
|
||||
#include <nlohmann/json.hpp>
|
||||
#include <inja/inja.hpp>
|
||||
|
||||
using json = nlohmann::json;
|
||||
|
||||
@ -150,43 +151,54 @@ size_t curlResponseWrite(void *ptr, size_t size, size_t nmemb, std::string *data
|
||||
|
||||
namespace ZeroTier {
|
||||
|
||||
const char *ssoResponseTemplate = "<html>\
|
||||
<head>\
|
||||
<style type=\"text/css\">\
|
||||
html,body {\
|
||||
background: #eeeeee;\
|
||||
margin: 0;\
|
||||
padding: 0;\
|
||||
font-family: \"Helvetica\";\
|
||||
font-weight: bold;\
|
||||
font-size: 12pt;\
|
||||
height: 100%;\
|
||||
width: 100%;\
|
||||
}\
|
||||
div.icon {\
|
||||
background: #ffb354;\
|
||||
color: #000000;\
|
||||
font-size: 120pt;\
|
||||
border-radius: 2.5rem;\
|
||||
display: inline-block;\
|
||||
width: 1.3em;\
|
||||
height: 1.3em;\
|
||||
padding: 0;\
|
||||
margin: 15;\
|
||||
line-height: 1.4em;\
|
||||
vertical-align: middle;\
|
||||
text-align: center;\
|
||||
}\
|
||||
</style>\
|
||||
</head>\
|
||||
<body>\
|
||||
<br><br><br><br><br><br>\
|
||||
<center>\
|
||||
<div class=\"icon\">⏁</div>\
|
||||
<div class=\"text\">%s</div>\
|
||||
</center>\
|
||||
</body>\
|
||||
</html>";
|
||||
std::string ssoResponseTemplate = R"""(
|
||||
<!doctype html>
|
||||
<html class="no-js" lang="">
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<meta http-equiv="x-ua-compatible" content="ie=edge">
|
||||
<title>Network SSO Login {{ networkId }}</title>
|
||||
<meta name="description" content="">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
<style type=\"text/css\">
|
||||
html,body {
|
||||
background: #eeeeee;
|
||||
margin: 0;
|
||||
padding: 0;
|
||||
font-family: "Helvetica";
|
||||
font-weight: bold;
|
||||
font-size: 12pt;
|
||||
height: 100%;
|
||||
width: 100%;
|
||||
}
|
||||
div.icon {
|
||||
background: #ffb354;
|
||||
color: #000000;
|
||||
font-size: 120pt;
|
||||
border-radius: 2.5rem;
|
||||
display: inline-block;
|
||||
width: 1.3em;
|
||||
height: 1.3em;
|
||||
padding: 0;
|
||||
margin: 15;
|
||||
line-height: 1.4em;
|
||||
vertical-align: middle;
|
||||
text-align: center;
|
||||
}
|
||||
.container {
|
||||
vertical-align: center;
|
||||
text-align: center;
|
||||
}
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<div class="container">
|
||||
<div class="icon">⏁</div>
|
||||
<div class="text">{{ messageText }}</div>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
)""";
|
||||
|
||||
// Configured networks
|
||||
class NetworkState
|
||||
@ -286,16 +298,9 @@ public:
|
||||
}
|
||||
|
||||
void setConfig(const ZT_VirtualNetworkConfig *nwc) {
|
||||
char nwbuf[17] = {};
|
||||
const char* nwid = Utils::hex(nwc->nwid, nwbuf);
|
||||
// fprintf(stderr, "NetworkState::setConfig(%s)\n", nwid);
|
||||
|
||||
memcpy(&_config, nwc, sizeof(ZT_VirtualNetworkConfig));
|
||||
// fprintf(stderr, "ssoEnabled: %s, ssoVersion: %d\n",
|
||||
// _config.ssoEnabled ? "true" : "false", _config.ssoVersion);
|
||||
|
||||
if (_config.ssoEnabled && _config.ssoVersion == 1) {
|
||||
// fprintf(stderr, "ssoEnabled for %s\n", nwid);
|
||||
#if ZT_SSO_ENABLED
|
||||
if (_idc == nullptr)
|
||||
{
|
||||
@ -303,10 +308,6 @@ public:
|
||||
assert(_config.ssoClientID != nullptr);
|
||||
assert(_config.centralAuthURL != nullptr);
|
||||
|
||||
// fprintf(stderr, "Issuer URL: %s\n", _config.issuerURL);
|
||||
// fprintf(stderr, "Client ID: %s\n", _config.ssoClientID);
|
||||
// fprintf(stderr, "Central Auth URL: %s\n", _config.centralAuthURL);
|
||||
|
||||
_idc = zeroidc::zeroidc_new(
|
||||
_config.issuerURL,
|
||||
_config.ssoClientID,
|
||||
@ -318,8 +319,6 @@ public:
|
||||
fprintf(stderr, "idc is null\n");
|
||||
return;
|
||||
}
|
||||
|
||||
// fprintf(stderr, "idc created (%s, %s, %s)\n", _config.issuerURL, _config.ssoClientID, _config.centralAuthURL);
|
||||
}
|
||||
|
||||
zeroidc::zeroidc_set_nonce_and_csrf(
|
||||
@ -334,7 +333,6 @@ public:
|
||||
zeroidc::free_cstr(url);
|
||||
|
||||
if (zeroidc::zeroidc_is_running(_idc) && nwc->status == ZT_NETWORK_STATUS_AUTHENTICATION_REQUIRED) {
|
||||
// TODO: kick the refresh thread
|
||||
zeroidc::zeroidc_kick_refresh_thread(_idc);
|
||||
}
|
||||
#endif
|
||||
@ -364,13 +362,14 @@ public:
|
||||
}
|
||||
|
||||
char* doTokenExchange(const char *code) {
|
||||
char *ret = nullptr;
|
||||
#if ZT_SSO_ENABLED
|
||||
if (_idc == nullptr) {
|
||||
fprintf(stderr, "ainfo or idc null\n");
|
||||
return "";
|
||||
return ret;
|
||||
}
|
||||
|
||||
char *ret = zeroidc::zeroidc_token_exchange(_idc, code);
|
||||
ret = zeroidc::zeroidc_token_exchange(_idc, code);
|
||||
zeroidc::zeroidc_set_nonce_and_csrf(
|
||||
_idc,
|
||||
_config.ssoState,
|
||||
@ -381,11 +380,8 @@ public:
|
||||
memcpy(_config.authenticationURL, url, strlen(url));
|
||||
_config.authenticationURL[strlen(url)] = 0;
|
||||
zeroidc::free_cstr(url);
|
||||
|
||||
return ret;
|
||||
#else
|
||||
return "";
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
|
||||
uint64_t getExpiryTime() {
|
||||
@ -1702,16 +1698,28 @@ public:
|
||||
}
|
||||
#if ZT_SSO_ENABLED
|
||||
} else if (ps[0] == "sso") {
|
||||
char resBuf[4096] = {0};
|
||||
const char *error = zeroidc::zeroidc_get_url_param_value("error", path.c_str());
|
||||
if (error != nullptr) {
|
||||
const char *desc = zeroidc::zeroidc_get_url_param_value("error_description", path.c_str());
|
||||
scode = 500;
|
||||
char errBuff[256] = {0};
|
||||
sprintf(errBuff, "ERROR %s: %s", error, desc);
|
||||
sprintf(resBuf, ssoResponseTemplate, errBuff);
|
||||
responseBody = std::string(resBuf);
|
||||
std::string htmlTemplatePath = _homePath + ZT_PATH_SEPARATOR + "sso-auth.template.html";
|
||||
std::string htmlTemplate;
|
||||
if (!OSUtils::readFile(htmlTemplatePath.c_str(), htmlTemplate)) {
|
||||
htmlTemplate = ssoResponseTemplate;
|
||||
}
|
||||
|
||||
responseContentType = "text/html";
|
||||
json outData;
|
||||
|
||||
char *error = zeroidc::zeroidc_get_url_param_value("error", path.c_str());
|
||||
if (error != nullptr) {
|
||||
char *desc = zeroidc::zeroidc_get_url_param_value("error_description", path.c_str());
|
||||
scode = 500;
|
||||
|
||||
json data;
|
||||
outData["isError"] = true;
|
||||
outData["messageText"] = (std::string("ERROR ") + error + std::string(": ") + desc);
|
||||
responseBody = inja::render(htmlTemplate, outData);
|
||||
|
||||
zeroidc::free_cstr(desc);
|
||||
zeroidc::free_cstr(error);
|
||||
|
||||
return scode;
|
||||
}
|
||||
|
||||
@ -1719,6 +1727,8 @@ public:
|
||||
char* state = zeroidc::zeroidc_get_url_param_value("state", path.c_str());
|
||||
char* nwid = zeroidc::zeroidc_network_id_from_state(state);
|
||||
|
||||
outData["networkId"] = std::string(nwid);
|
||||
|
||||
const uint64_t id = Utils::hexStrToU64(nwid);
|
||||
|
||||
zeroidc::free_cstr(nwid);
|
||||
@ -1729,14 +1739,30 @@ public:
|
||||
NetworkState& ns = _nets[id];
|
||||
char* code = zeroidc::zeroidc_get_url_param_value("code", path.c_str());
|
||||
char *ret = ns.doTokenExchange(code);
|
||||
json ssoResult = json::parse(ret);
|
||||
if (ssoResult.is_object()) {
|
||||
if (ssoResult.contains("errorMessage")) {
|
||||
outData["isError"] = true;
|
||||
outData["messageText"] = ssoResult["errorMessage"];
|
||||
responseBody = inja::render(htmlTemplate, outData);
|
||||
scode = 500;
|
||||
} else {
|
||||
scode = 200;
|
||||
sprintf(resBuf, ssoResponseTemplate, "Authentication Successful. You may now access the network.");
|
||||
responseBody = std::string(resBuf);
|
||||
outData["isError"] = false;
|
||||
outData["messageText"] = "Authentication Successful. You may now access the network.";
|
||||
responseBody = inja::render(htmlTemplate, outData);
|
||||
}
|
||||
} else {
|
||||
// not an object? We got a problem
|
||||
outData["isError"] = true;
|
||||
outData["messageText"] = "ERROR: Unkown SSO response. Please contact your administrator.";
|
||||
responseBody = inja::render(htmlTemplate, outData);
|
||||
scode= 500;
|
||||
}
|
||||
|
||||
zeroidc::free_cstr(code);
|
||||
zeroidc::free_cstr(ret);
|
||||
|
||||
responseContentType = "text/html";
|
||||
return scode;
|
||||
} else {
|
||||
scode = 404;
|
||||
@ -1884,8 +1910,7 @@ public:
|
||||
scode = _controller->handleControlPlaneHttpPOST(std::vector<std::string>(ps.begin()+1,ps.end()),urlArgs,headers,body,responseBody,responseContentType);
|
||||
else scode = 404;
|
||||
}
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
scode = 401; // isAuth == false
|
||||
}
|
||||
} else if (httpMethod == HTTP_DELETE) {
|
||||
|
@ -27,7 +27,7 @@
|
||||
#include "../node/Identity.hpp"
|
||||
#include "../node/Packet.hpp"
|
||||
|
||||
#include "../ext/json/json.hpp"
|
||||
#include <nlohmann/json.hpp>
|
||||
|
||||
/**
|
||||
* VERB_USER_MESSAGE type ID for software update messages
|
||||
|
@ -410,11 +410,11 @@
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<Optimization>Disabled</Optimization>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)\..\zeroidc\target;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)\..\ext;$(SolutionDir)\..\zeroidc\target;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>ZT_SSO_ENABLED=1;ZT_EXPORT;FD_SETSIZE=1024;NOMINMAX;STATICLIB;WIN32;ZT_TRACE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="disable";%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<DisableSpecificWarnings>4996</DisableSpecificWarnings>
|
||||
<RuntimeTypeInfo>false</RuntimeTypeInfo>
|
||||
<LanguageStandard>stdcpp14</LanguageStandard>
|
||||
<LanguageStandard>stdcpp17</LanguageStandard>
|
||||
<MultiProcessorCompilation>true</MultiProcessorCompilation>
|
||||
<LanguageStandard_C>stdc11</LanguageStandard_C>
|
||||
<CreateHotpatchableImage>false</CreateHotpatchableImage>
|
||||
@ -432,11 +432,11 @@
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<Optimization>Disabled</Optimization>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)\..\zeroidc\target;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)\..\ext;$(SolutionDir)\..\zeroidc\target;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>ZT_SSO_ENABLED=1;ZT_EXPORT;FD_SETSIZE=1024;NOMINMAX;STATICLIB;WIN32;ZT_TRACE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="disable";%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<DisableSpecificWarnings>4996</DisableSpecificWarnings>
|
||||
<RuntimeTypeInfo>false</RuntimeTypeInfo>
|
||||
<LanguageStandard>stdcpp14</LanguageStandard>
|
||||
<LanguageStandard>stdcpp17</LanguageStandard>
|
||||
<LanguageStandard_C>stdc11</LanguageStandard_C>
|
||||
<MultiProcessorCompilation>true</MultiProcessorCompilation>
|
||||
<CreateHotpatchableImage>false</CreateHotpatchableImage>
|
||||
@ -453,12 +453,12 @@
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<Optimization>Disabled</Optimization>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)\..\zeroidc\target;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)\..\ext;$(SolutionDir)\..\zeroidc\target;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>ZT_SSO_ENABLED=1;ZT_EXPORT;FD_SETSIZE=1024;NOMINMAX;STATICLIB;WIN32;ZT_TRACE;ZT_RULES_ENGINE_DEBUGGING;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="disable";%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<MultiProcessorCompilation>true</MultiProcessorCompilation>
|
||||
<DisableSpecificWarnings>4996</DisableSpecificWarnings>
|
||||
<RuntimeTypeInfo>false</RuntimeTypeInfo>
|
||||
<LanguageStandard>stdcpp14</LanguageStandard>
|
||||
<LanguageStandard>stdcpp17</LanguageStandard>
|
||||
<LanguageStandard_C>stdc11</LanguageStandard_C>
|
||||
<CreateHotpatchableImage>false</CreateHotpatchableImage>
|
||||
<GuardEHContMetadata>false</GuardEHContMetadata>
|
||||
@ -476,7 +476,7 @@
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<Optimization>Disabled</Optimization>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)\..\zeroidc\target;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)\..\ext;$(SolutionDir)\..\zeroidc\target;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>ZT_EXPORT;FD_SETSIZE=1024;NOMINMAX;STATICLIB;WIN32;ZT_TRACE;ZT_RULES_ENGINE_DEBUGGING;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="disable";%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<MultiProcessorCompilation>true</MultiProcessorCompilation>
|
||||
<DisableSpecificWarnings>4996</DisableSpecificWarnings>
|
||||
@ -499,12 +499,12 @@
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<Optimization>Disabled</Optimization>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)\..\zeroidc\target;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)\..\ext;$(SolutionDir)\..\zeroidc\target;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>ZT_SSO_ENABLED=1;ZT_EXPORT;FD_SETSIZE=1024;NOMINMAX;STATICLIB;WIN32;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="disable";%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<MultiProcessorCompilation>true</MultiProcessorCompilation>
|
||||
<DisableSpecificWarnings>4996</DisableSpecificWarnings>
|
||||
<RuntimeTypeInfo>false</RuntimeTypeInfo>
|
||||
<LanguageStandard>stdcpp14</LanguageStandard>
|
||||
<LanguageStandard>stdcpp17</LanguageStandard>
|
||||
<LanguageStandard_C>stdc11</LanguageStandard_C>
|
||||
<CreateHotpatchableImage>false</CreateHotpatchableImage>
|
||||
<GuardEHContMetadata>false</GuardEHContMetadata>
|
||||
@ -521,12 +521,12 @@
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<Optimization>Disabled</Optimization>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)\..\zeroidc\target;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)\..\ext;$(SolutionDir)\..\zeroidc\target;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>ZT_EXPORT;FD_SETSIZE=1024;NOMINMAX;STATICLIB;WIN32;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="disable";%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<MultiProcessorCompilation>true</MultiProcessorCompilation>
|
||||
<DisableSpecificWarnings>4996</DisableSpecificWarnings>
|
||||
<RuntimeTypeInfo>false</RuntimeTypeInfo>
|
||||
<LanguageStandard>stdcpp14</LanguageStandard>
|
||||
<LanguageStandard>stdcpp17</LanguageStandard>
|
||||
<LanguageStandard_C>stdc11</LanguageStandard_C>
|
||||
<CreateHotpatchableImage>false</CreateHotpatchableImage>
|
||||
<GuardEHContMetadata>false</GuardEHContMetadata>
|
||||
@ -545,7 +545,7 @@
|
||||
<FunctionLevelLinking>false</FunctionLevelLinking>
|
||||
<IntrinsicFunctions>true</IntrinsicFunctions>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)\..\zeroidc\target;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)\..\ext;$(SolutionDir)\..\zeroidc\target;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>ZT_SSO_ENABLED=1;ZT_EXPORT;FD_SETSIZE=1024;STATICLIB;ZT_SALSA20_SSE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;WIN32;NOMINMAX;ZT_SOFTWARE_UPDATE_DEFAULT="apply";ZT_BUILD_PLATFORM=2;ZT_BUILD_ARCHITECTURE=1;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<RuntimeLibrary>MultiThreaded</RuntimeLibrary>
|
||||
<StringPooling>true</StringPooling>
|
||||
@ -555,7 +555,7 @@
|
||||
<DisableSpecificWarnings>4996</DisableSpecificWarnings>
|
||||
<ControlFlowGuard>Guard</ControlFlowGuard>
|
||||
<RuntimeTypeInfo>false</RuntimeTypeInfo>
|
||||
<LanguageStandard>stdcpp14</LanguageStandard>
|
||||
<LanguageStandard>stdcpp17</LanguageStandard>
|
||||
<DebugInformationFormat>None</DebugInformationFormat>
|
||||
<CompileAsManaged>false</CompileAsManaged>
|
||||
<CompileAsWinRT>false</CompileAsWinRT>
|
||||
@ -581,7 +581,7 @@
|
||||
<FunctionLevelLinking>false</FunctionLevelLinking>
|
||||
<IntrinsicFunctions>true</IntrinsicFunctions>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)\..\zeroidc\target;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)\..\ext;$(SolutionDir)\..\zeroidc\target;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>ZT_SSO_ENABLED=1;ZT_EXPORT;FD_SETSIZE=1024;STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="apply";ZT_SALSA20_SSE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;WIN32;NOMINMAX;ZT_BUILD_PLATFORM=2;ZT_BUILD_ARCHITECTURE=2;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<RuntimeLibrary>MultiThreaded</RuntimeLibrary>
|
||||
<EnableEnhancedInstructionSet>NotSet</EnableEnhancedInstructionSet>
|
||||
@ -594,7 +594,7 @@
|
||||
<EnableParallelCodeGeneration>false</EnableParallelCodeGeneration>
|
||||
<CallingConvention>Cdecl</CallingConvention>
|
||||
<RuntimeTypeInfo>false</RuntimeTypeInfo>
|
||||
<LanguageStandard>stdcpp14</LanguageStandard>
|
||||
<LanguageStandard>stdcpp17</LanguageStandard>
|
||||
<DebugInformationFormat>None</DebugInformationFormat>
|
||||
<CompileAsManaged>false</CompileAsManaged>
|
||||
<CompileAsWinRT>false</CompileAsWinRT>
|
||||
@ -619,7 +619,7 @@
|
||||
<FunctionLevelLinking>false</FunctionLevelLinking>
|
||||
<IntrinsicFunctions>true</IntrinsicFunctions>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)\..\zeroidc\target;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)\..\ext;$(SolutionDir)\..\zeroidc\target;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<PreprocessorDefinitions>ZT_EXPORT;FD_SETSIZE=1024;STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="apply";ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;WIN32;NOMINMAX;ZT_BUILD_PLATFORM=2;ZT_BUILD_ARCHITECTURE=2;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<RuntimeLibrary>MultiThreaded</RuntimeLibrary>
|
||||
<EnableEnhancedInstructionSet>NotSet</EnableEnhancedInstructionSet>
|
||||
@ -632,7 +632,7 @@
|
||||
<EnableParallelCodeGeneration>false</EnableParallelCodeGeneration>
|
||||
<CallingConvention>Cdecl</CallingConvention>
|
||||
<RuntimeTypeInfo>false</RuntimeTypeInfo>
|
||||
<LanguageStandard>stdcpp14</LanguageStandard>
|
||||
<LanguageStandard>stdcpp17</LanguageStandard>
|
||||
<DebugInformationFormat>None</DebugInformationFormat>
|
||||
<CompileAsManaged>false</CompileAsManaged>
|
||||
<CompileAsWinRT>false</CompileAsWinRT>
|
||||
|
@ -13,11 +13,24 @@
|
||||
use thiserror::Error;
|
||||
|
||||
#[derive(Error, Debug)]
|
||||
pub enum ZeroIDCError
|
||||
{
|
||||
pub enum ZeroIDCError {
|
||||
#[error(transparent)]
|
||||
DiscoveryError(#[from] openidconnect::DiscoveryError<openidconnect::reqwest::Error<reqwest::Error>>),
|
||||
DiscoveryError(
|
||||
#[from] openidconnect::DiscoveryError<openidconnect::reqwest::Error<reqwest::Error>>,
|
||||
),
|
||||
|
||||
#[error(transparent)]
|
||||
ParseError(#[from] url::ParseError),
|
||||
}
|
||||
|
||||
#[derive(Error, Debug)]
|
||||
#[error("SSO Exchange Error: {message:}")]
|
||||
pub struct SSOExchangeError {
|
||||
message: String,
|
||||
}
|
||||
|
||||
impl SSOExchangeError {
|
||||
pub fn new(message: String) -> Self {
|
||||
SSOExchangeError { message }
|
||||
}
|
||||
}
|
||||
|
@ -12,19 +12,17 @@
|
||||
|
||||
use std::ffi::{CStr, CString};
|
||||
use std::os::raw::c_char;
|
||||
use url::{Url};
|
||||
use url::Url;
|
||||
|
||||
use crate::ZeroIDC;
|
||||
|
||||
#[cfg(
|
||||
any(
|
||||
#[cfg(any(
|
||||
all(target_os = "linux", target_arch = "x86"),
|
||||
all(target_os = "linux", target_arch = "x86_64"),
|
||||
all(target_os = "linux", target_arch = "aarch64"),
|
||||
target_os = "windows",
|
||||
target_os = "macos",
|
||||
)
|
||||
)]
|
||||
))]
|
||||
#[no_mangle]
|
||||
pub extern "C" fn zeroidc_new(
|
||||
issuer: *const c_char,
|
||||
@ -56,25 +54,21 @@ pub extern "C" fn zeroidc_new(
|
||||
auth_endpoint.to_str().unwrap(),
|
||||
web_listen_port,
|
||||
) {
|
||||
Ok(idc) => {
|
||||
return Box::into_raw(Box::new(idc));
|
||||
}
|
||||
Ok(idc) => Box::into_raw(Box::new(idc)),
|
||||
Err(s) => {
|
||||
println!("Error creating ZeroIDC instance: {}", s);
|
||||
return std::ptr::null_mut();
|
||||
std::ptr::null_mut()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(
|
||||
any(
|
||||
#[cfg(any(
|
||||
all(target_os = "linux", target_arch = "x86"),
|
||||
all(target_os = "linux", target_arch = "x86_64"),
|
||||
all(target_os = "linux", target_arch = "aarch64"),
|
||||
target_os = "windows",
|
||||
target_os = "macos",
|
||||
)
|
||||
)]
|
||||
))]
|
||||
#[no_mangle]
|
||||
pub extern "C" fn zeroidc_delete(ptr: *mut ZeroIDC) {
|
||||
if ptr.is_null() {
|
||||
@ -91,15 +85,13 @@ pub extern "C" fn zeroidc_delete(ptr: *mut ZeroIDC) {
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(
|
||||
any(
|
||||
#[cfg(any(
|
||||
all(target_os = "linux", target_arch = "x86"),
|
||||
all(target_os = "linux", target_arch = "x86_64"),
|
||||
all(target_os = "linux", target_arch = "aarch64"),
|
||||
target_os = "windows",
|
||||
target_os = "macos",
|
||||
)
|
||||
)]
|
||||
))]
|
||||
#[no_mangle]
|
||||
pub extern "C" fn zeroidc_start(ptr: *mut ZeroIDC) {
|
||||
let idc = unsafe {
|
||||
@ -109,15 +101,13 @@ pub extern "C" fn zeroidc_start(ptr: *mut ZeroIDC) {
|
||||
idc.start();
|
||||
}
|
||||
|
||||
#[cfg(
|
||||
any(
|
||||
#[cfg(any(
|
||||
all(target_os = "linux", target_arch = "x86"),
|
||||
all(target_os = "linux", target_arch = "x86_64"),
|
||||
all(target_os = "linux", target_arch = "aarch64"),
|
||||
target_os = "windows",
|
||||
target_os = "macos",
|
||||
)
|
||||
)]
|
||||
))]
|
||||
#[no_mangle]
|
||||
pub extern "C" fn zeroidc_stop(ptr: *mut ZeroIDC) {
|
||||
let idc = unsafe {
|
||||
@ -127,15 +117,13 @@ pub extern "C" fn zeroidc_stop(ptr: *mut ZeroIDC) {
|
||||
idc.stop();
|
||||
}
|
||||
|
||||
#[cfg(
|
||||
any(
|
||||
#[cfg(any(
|
||||
all(target_os = "linux", target_arch = "x86"),
|
||||
all(target_os = "linux", target_arch = "x86_64"),
|
||||
all(target_os = "linux", target_arch = "aarch64"),
|
||||
target_os = "windows",
|
||||
target_os = "macos",
|
||||
)
|
||||
)]
|
||||
))]
|
||||
#[no_mangle]
|
||||
pub extern "C" fn zeroidc_is_running(ptr: *mut ZeroIDC) -> bool {
|
||||
let idc = unsafe {
|
||||
@ -156,20 +144,19 @@ pub extern "C" fn zeroidc_get_exp_time(ptr: *mut ZeroIDC) -> u64 {
|
||||
id.get_exp_time()
|
||||
}
|
||||
|
||||
#[cfg(
|
||||
any(
|
||||
#[cfg(any(
|
||||
all(target_os = "linux", target_arch = "x86"),
|
||||
all(target_os = "linux", target_arch = "x86_64"),
|
||||
all(target_os = "linux", target_arch = "aarch64"),
|
||||
target_os = "windows",
|
||||
target_os = "macos",
|
||||
)
|
||||
)]
|
||||
))]
|
||||
#[no_mangle]
|
||||
pub extern "C" fn zeroidc_set_nonce_and_csrf(
|
||||
ptr: *mut ZeroIDC,
|
||||
csrf_token: *const c_char,
|
||||
nonce: *const c_char) {
|
||||
nonce: *const c_char,
|
||||
) {
|
||||
let idc = unsafe {
|
||||
assert!(!ptr.is_null());
|
||||
&mut *ptr
|
||||
@ -197,15 +184,13 @@ pub extern "C" fn zeroidc_set_nonce_and_csrf(
|
||||
idc.set_nonce_and_csrf(csrf_token, nonce);
|
||||
}
|
||||
|
||||
#[cfg(
|
||||
any(
|
||||
#[cfg(any(
|
||||
all(target_os = "linux", target_arch = "x86"),
|
||||
all(target_os = "linux", target_arch = "x86_64"),
|
||||
all(target_os = "linux", target_arch = "aarch64"),
|
||||
target_os = "windows",
|
||||
target_os = "macos",
|
||||
)
|
||||
)]
|
||||
))]
|
||||
#[no_mangle]
|
||||
pub extern "C" fn free_cstr(s: *mut c_char) {
|
||||
if s.is_null() {
|
||||
@ -218,38 +203,32 @@ pub extern "C" fn free_cstr(s: *mut c_char) {
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(
|
||||
any(
|
||||
#[cfg(any(
|
||||
all(target_os = "linux", target_arch = "x86"),
|
||||
all(target_os = "linux", target_arch = "x86_64"),
|
||||
all(target_os = "linux", target_arch = "aarch64"),
|
||||
target_os = "windows",
|
||||
target_os = "macos",
|
||||
)
|
||||
)]
|
||||
))]
|
||||
#[no_mangle]
|
||||
pub extern "C" fn zeroidc_get_auth_url(ptr: *mut ZeroIDC) -> *mut c_char {
|
||||
if ptr.is_null() {
|
||||
println!("passed a null object");
|
||||
return std::ptr::null_mut();
|
||||
}
|
||||
let idc = unsafe {
|
||||
&mut *ptr
|
||||
};
|
||||
let idc = unsafe { &mut *ptr };
|
||||
|
||||
let s = CString::new(idc.auth_url()).unwrap();
|
||||
return s.into_raw();
|
||||
s.into_raw()
|
||||
}
|
||||
|
||||
#[cfg(
|
||||
any(
|
||||
#[cfg(any(
|
||||
all(target_os = "linux", target_arch = "x86"),
|
||||
all(target_os = "linux", target_arch = "x86_64"),
|
||||
all(target_os = "linux", target_arch = "aarch64"),
|
||||
target_os = "windows",
|
||||
target_os = "macos",
|
||||
)
|
||||
)]
|
||||
))]
|
||||
#[no_mangle]
|
||||
pub extern "C" fn zeroidc_token_exchange(idc: *mut ZeroIDC, code: *const c_char) -> *mut c_char {
|
||||
if idc.is_null() {
|
||||
@ -261,19 +240,37 @@ pub extern "C" fn zeroidc_token_exchange(idc: *mut ZeroIDC, code: *const c_char
|
||||
println!("code is null");
|
||||
return std::ptr::null_mut();
|
||||
}
|
||||
let idc = unsafe {
|
||||
&mut *idc
|
||||
};
|
||||
let idc = unsafe { &mut *idc };
|
||||
|
||||
let code = unsafe { CStr::from_ptr(code) }.to_str().unwrap();
|
||||
|
||||
let ret = idc.do_token_exchange(code);
|
||||
match ret {
|
||||
Ok(ret) => {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
println!("do_token_exchange ret: {}", ret);
|
||||
}
|
||||
let ret = CString::new(ret).unwrap();
|
||||
return ret.into_raw();
|
||||
ret.into_raw()
|
||||
}
|
||||
Err(e) => {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
println!("do_token_exchange err: {}", e);
|
||||
}
|
||||
let errstr = format!("{{\"errorMessage\": \"{}\"}}", e);
|
||||
let ret = CString::new(errstr).unwrap();
|
||||
ret.into_raw()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[no_mangle]
|
||||
pub extern "C" fn zeroidc_get_url_param_value(param: *const c_char, path: *const c_char) -> *mut c_char {
|
||||
pub extern "C" fn zeroidc_get_url_param_value(
|
||||
param: *const c_char,
|
||||
path: *const c_char,
|
||||
) -> *mut c_char {
|
||||
if param.is_null() {
|
||||
println!("param is null");
|
||||
return std::ptr::null_mut();
|
||||
@ -292,11 +289,11 @@ pub extern "C" fn zeroidc_get_url_param_value(param: *const c_char, path: *const
|
||||
for p in pairs {
|
||||
if p.0 == param {
|
||||
let s = CString::new(p.1.into_owned()).unwrap();
|
||||
return s.into_raw()
|
||||
return s.into_raw();
|
||||
}
|
||||
}
|
||||
|
||||
return std::ptr::null_mut();
|
||||
std::ptr::null_mut()
|
||||
}
|
||||
|
||||
#[no_mangle]
|
||||
@ -308,34 +305,30 @@ pub extern "C" fn zeroidc_network_id_from_state(state: *const c_char) -> *mut c_
|
||||
|
||||
let state = unsafe { CStr::from_ptr(state) }.to_str().unwrap();
|
||||
|
||||
let split = state.split("_");
|
||||
let split = state.split('_');
|
||||
let split = split.collect::<Vec<&str>>();
|
||||
if split.len() != 2 {
|
||||
return std::ptr::null_mut();
|
||||
}
|
||||
|
||||
let s = CString::new(split[1]).unwrap();
|
||||
return s.into_raw();
|
||||
s.into_raw()
|
||||
}
|
||||
|
||||
#[cfg(
|
||||
any(
|
||||
#[cfg(any(
|
||||
all(target_os = "linux", target_arch = "x86"),
|
||||
all(target_os = "linux", target_arch = "x86_64"),
|
||||
all(target_os = "linux", target_arch = "aarch64"),
|
||||
target_os = "windows",
|
||||
target_os = "macos",
|
||||
)
|
||||
)]
|
||||
))]
|
||||
#[no_mangle]
|
||||
pub extern "C" fn zeroidc_kick_refresh_thread(idc: *mut ZeroIDC) {
|
||||
if idc.is_null() {
|
||||
println!("idc is null");
|
||||
return;
|
||||
}
|
||||
let idc = unsafe {
|
||||
&mut *idc
|
||||
};
|
||||
let idc = unsafe { &mut *idc };
|
||||
|
||||
idc.kick_refresh_thread();
|
||||
}
|
@ -19,45 +19,44 @@ extern crate openidconnect;
|
||||
extern crate time;
|
||||
extern crate url;
|
||||
|
||||
use crate::error::ZeroIDCError;
|
||||
use crate::error::*;
|
||||
|
||||
use bytes::Bytes;
|
||||
use jwt::{Token};
|
||||
use jwt::Token;
|
||||
use openidconnect::core::{CoreClient, CoreProviderMetadata, CoreResponseType};
|
||||
use openidconnect::reqwest::http_client;
|
||||
use openidconnect::{AccessToken, AccessTokenHash, AuthorizationCode, AuthenticationFlow, ClientId, CsrfToken, IssuerUrl, Nonce, OAuth2TokenResponse, PkceCodeChallenge, PkceCodeVerifier, RedirectUrl, RefreshToken, Scope, TokenResponse};
|
||||
use openidconnect::{
|
||||
AccessToken, AccessTokenHash, AuthenticationFlow, AuthorizationCode, ClientId, CsrfToken,
|
||||
IssuerUrl, Nonce, OAuth2TokenResponse, PkceCodeChallenge, PkceCodeVerifier, RedirectUrl,
|
||||
RefreshToken, Scope, TokenResponse,
|
||||
};
|
||||
use std::error::Error;
|
||||
use std::str::from_utf8;
|
||||
use std::sync::{Arc, Mutex};
|
||||
use std::thread::{sleep, spawn, JoinHandle};
|
||||
use std::time::{SystemTime, UNIX_EPOCH, Duration};
|
||||
use time::{OffsetDateTime, format_description};
|
||||
|
||||
use std::time::{Duration, SystemTime, UNIX_EPOCH};
|
||||
use time::{format_description, OffsetDateTime};
|
||||
|
||||
use url::Url;
|
||||
|
||||
#[cfg(
|
||||
any(
|
||||
#[cfg(any(
|
||||
all(target_os = "linux", target_arch = "x86"),
|
||||
all(target_os = "linux", target_arch = "x86_64"),
|
||||
all(target_os = "linux", target_arch = "aarch64"),
|
||||
target_os = "windows",
|
||||
target_os = "macos",
|
||||
)
|
||||
)]
|
||||
))]
|
||||
pub struct ZeroIDC {
|
||||
inner: Arc<Mutex<Inner>>,
|
||||
}
|
||||
|
||||
#[cfg(
|
||||
any(
|
||||
#[cfg(any(
|
||||
all(target_os = "linux", target_arch = "x86"),
|
||||
all(target_os = "linux", target_arch = "x86_64"),
|
||||
all(target_os = "linux", target_arch = "aarch64"),
|
||||
target_os = "windows",
|
||||
target_os = "macos",
|
||||
)
|
||||
)]
|
||||
))]
|
||||
struct Inner {
|
||||
running: bool,
|
||||
auth_endpoint: String,
|
||||
@ -82,40 +81,35 @@ impl Inner {
|
||||
}
|
||||
|
||||
fn csrf_func(csrf_token: String) -> Box<dyn Fn() -> CsrfToken> {
|
||||
return Box::new(move || CsrfToken::new(csrf_token.to_string()));
|
||||
Box::new(move || CsrfToken::new(csrf_token.to_string()))
|
||||
}
|
||||
|
||||
fn nonce_func(nonce: String) -> Box<dyn Fn() -> Nonce> {
|
||||
return Box::new(move || Nonce::new(nonce.to_string()));
|
||||
Box::new(move || Nonce::new(nonce.to_string()))
|
||||
}
|
||||
|
||||
#[cfg(debug_assertions)]
|
||||
fn systemtime_strftime<T>(dt: T, format: &str) -> String
|
||||
where T: Into<OffsetDateTime>
|
||||
where
|
||||
T: Into<OffsetDateTime>,
|
||||
{
|
||||
let f = format_description::parse(format);
|
||||
match f {
|
||||
Ok(f) => {
|
||||
match dt.into().format(&f) {
|
||||
Ok(f) => match dt.into().format(&f) {
|
||||
Ok(s) => s,
|
||||
Err(_e) => "".to_string(),
|
||||
}
|
||||
},
|
||||
Err(_e) => {
|
||||
"".to_string()
|
||||
},
|
||||
Err(_e) => "".to_string(),
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(
|
||||
any(
|
||||
#[cfg(any(
|
||||
all(target_os = "linux", target_arch = "x86"),
|
||||
all(target_os = "linux", target_arch = "x86_64"),
|
||||
all(target_os = "linux", target_arch = "aarch64"),
|
||||
target_os = "windows",
|
||||
target_os = "macos",
|
||||
)
|
||||
)]
|
||||
))]
|
||||
impl ZeroIDC {
|
||||
pub fn new(
|
||||
issuer: &str,
|
||||
@ -141,8 +135,10 @@ impl ZeroIDC {
|
||||
})),
|
||||
};
|
||||
|
||||
println!("issuer: {}, client_id: {}, auth_endopint: {}, local_web_port: {}",
|
||||
issuer, client_id, auth_ep, local_web_port);
|
||||
println!(
|
||||
"issuer: {}, client_id: {}, auth_endopint: {}, local_web_port: {}",
|
||||
issuer, client_id, auth_ep, local_web_port
|
||||
);
|
||||
let iss = IssuerUrl::new(issuer.to_string())?;
|
||||
|
||||
let provider_meta = CoreProviderMetadata::discover(&iss, http_client)?;
|
||||
@ -184,11 +180,23 @@ impl ZeroIDC {
|
||||
let nonce = (*inner_local.lock().unwrap()).nonce.clone();
|
||||
|
||||
while running {
|
||||
let exp = UNIX_EPOCH + Duration::from_secs((*inner_local.lock().unwrap()).exp_time);
|
||||
let exp =
|
||||
UNIX_EPOCH + Duration::from_secs((*inner_local.lock().unwrap()).exp_time);
|
||||
let now = SystemTime::now();
|
||||
|
||||
#[cfg(debug_assertions)] {
|
||||
println!("refresh token thread tick, now: {}, exp: {}", systemtime_strftime(now, "[year]-[month]-[day] [hour]:[minute]:[second]"), systemtime_strftime(exp, "[year]-[month]-[day] [hour]:[minute]:[second]"));
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
println!(
|
||||
"refresh token thread tick, now: {}, exp: {}",
|
||||
systemtime_strftime(
|
||||
now,
|
||||
"[year]-[month]-[day] [hour]:[minute]:[second]"
|
||||
),
|
||||
systemtime_strftime(
|
||||
exp,
|
||||
"[year]-[month]-[day] [hour]:[minute]:[second]"
|
||||
)
|
||||
);
|
||||
}
|
||||
let refresh_token = (*inner_local.lock().unwrap()).refresh_token.clone();
|
||||
|
||||
@ -196,18 +204,24 @@ impl ZeroIDC {
|
||||
let should_kick = (*inner_local.lock().unwrap()).kick;
|
||||
if now >= (exp - Duration::from_secs(30)) || should_kick {
|
||||
if should_kick {
|
||||
#[cfg(debug_assertions)] {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
println!("refresh thread kicked");
|
||||
}
|
||||
(*inner_local.lock().unwrap()).kick = false;
|
||||
}
|
||||
|
||||
#[cfg(debug_assertions)] {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
println!("Refresh Token: {}", refresh_token.secret());
|
||||
}
|
||||
|
||||
let token_response = (*inner_local.lock().unwrap()).oidc_client.as_ref().map(|c| {
|
||||
let res = c.exchange_refresh_token(&refresh_token)
|
||||
let token_response = (*inner_local.lock().unwrap())
|
||||
.oidc_client
|
||||
.as_ref()
|
||||
.map(|c| {
|
||||
let res = c
|
||||
.exchange_refresh_token(&refresh_token)
|
||||
.request(http_client);
|
||||
|
||||
res
|
||||
@ -223,78 +237,123 @@ impl ZeroIDC {
|
||||
None => "".to_string(),
|
||||
};
|
||||
|
||||
let params = [("id_token", id_token.to_string()),("state", "refresh".to_string()),("extra_nonce", n)];
|
||||
#[cfg(debug_assertions)] {
|
||||
println!("New ID token: {}", id_token.to_string());
|
||||
let params = [
|
||||
("id_token", id_token.to_string()),
|
||||
("state", "refresh".to_string()),
|
||||
("extra_nonce", n),
|
||||
];
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
println!(
|
||||
"New ID token: {}",
|
||||
id_token.to_string()
|
||||
);
|
||||
}
|
||||
let client = reqwest::blocking::Client::new();
|
||||
let r = client.post((*inner_local.lock().unwrap()).auth_endpoint.clone())
|
||||
let r = client
|
||||
.post(
|
||||
(*inner_local.lock().unwrap())
|
||||
.auth_endpoint
|
||||
.clone(),
|
||||
)
|
||||
.form(¶ms)
|
||||
.send();
|
||||
|
||||
match r {
|
||||
Ok(r) => {
|
||||
if r.status().is_success() {
|
||||
#[cfg(debug_assertions)] {
|
||||
println!("hit url: {}", r.url().as_str());
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
println!(
|
||||
"hit url: {}",
|
||||
r.url().as_str()
|
||||
);
|
||||
println!("status: {}", r.status());
|
||||
}
|
||||
|
||||
let access_token = res.access_token();
|
||||
let idt = &id_token.to_string();
|
||||
|
||||
let t: Result<Token<jwt::Header, jwt::Claims, jwt::Unverified<'_>>, jwt::Error> =
|
||||
Token::parse_unverified(idt);
|
||||
let t: Result<
|
||||
Token<
|
||||
jwt::Header,
|
||||
jwt::Claims,
|
||||
jwt::Unverified<'_>,
|
||||
>,
|
||||
jwt::Error,
|
||||
> = Token::parse_unverified(idt);
|
||||
|
||||
if let Ok(t) = t {
|
||||
let claims = t.claims().registered.clone();
|
||||
let claims =
|
||||
t.claims().registered.clone();
|
||||
match claims.expiration {
|
||||
Some(exp) => {
|
||||
(*inner_local.lock().unwrap()).exp_time = exp;
|
||||
},
|
||||
(*inner_local
|
||||
.lock()
|
||||
.unwrap())
|
||||
.exp_time = exp;
|
||||
}
|
||||
None => {
|
||||
panic!("expiration is None. This shouldn't happen")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
(*inner_local.lock().unwrap()).access_token = Some(access_token.clone());
|
||||
(*inner_local.lock().unwrap())
|
||||
.access_token =
|
||||
Some(access_token.clone());
|
||||
if let Some(t) = res.refresh_token() {
|
||||
// println!("New Refresh Token: {}", t.secret());
|
||||
(*inner_local.lock().unwrap()).refresh_token = Some(t.clone());
|
||||
(*inner_local.lock().unwrap())
|
||||
.refresh_token =
|
||||
Some(t.clone());
|
||||
}
|
||||
#[cfg(debug_assertions)] {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
println!("Central post succeeded");
|
||||
}
|
||||
} else {
|
||||
println!("Central post failed: {}", r.status().to_string());
|
||||
println!("hit url: {}", r.url().as_str());
|
||||
println!(
|
||||
"Central post failed: {}",
|
||||
r.status()
|
||||
);
|
||||
println!(
|
||||
"hit url: {}",
|
||||
r.url().as_str()
|
||||
);
|
||||
println!("Status: {}", r.status());
|
||||
if let Ok(body) = r.bytes() {
|
||||
if let Ok(body) = std::str::from_utf8(&body) {
|
||||
if let Ok(body) =
|
||||
std::str::from_utf8(&body)
|
||||
{
|
||||
println!("Body: {}", body);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
(*inner_local.lock().unwrap()).exp_time = 0;
|
||||
(*inner_local.lock().unwrap()).running = false;
|
||||
(*inner_local.lock().unwrap())
|
||||
.exp_time = 0;
|
||||
(*inner_local.lock().unwrap())
|
||||
.running = false;
|
||||
}
|
||||
}
|
||||
},
|
||||
Err(e) => {
|
||||
println!("Central post failed: {}", e.to_string());
|
||||
println!("hit url: {}", e.url().unwrap().as_str());
|
||||
println!("Central post failed: {}", e);
|
||||
println!(
|
||||
"hit url: {}",
|
||||
e.url().unwrap().as_str()
|
||||
);
|
||||
println!("Status: {}", e.status().unwrap());
|
||||
(*inner_local.lock().unwrap()).exp_time = 0;
|
||||
(*inner_local.lock().unwrap()).running = false;
|
||||
(*inner_local.lock().unwrap()).running =
|
||||
false;
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
None => {
|
||||
println!("no id token?!?");
|
||||
}
|
||||
}
|
||||
},
|
||||
}
|
||||
Err(e) => {
|
||||
println!("token error: {}", e);
|
||||
}
|
||||
@ -341,33 +400,24 @@ impl ZeroIDC {
|
||||
|
||||
pub fn set_nonce_and_csrf(&mut self, csrf_token: String, nonce: String) {
|
||||
let local = Arc::clone(&self.inner);
|
||||
(*local.lock().expect("can't lock inner")).as_opt().map(|i| {
|
||||
let _ = (*local.lock().expect("can't lock inner"))
|
||||
.as_opt()
|
||||
.map(|i| {
|
||||
if i.running {
|
||||
println!("refresh thread running. not setting new nonce or csrf");
|
||||
return
|
||||
return;
|
||||
}
|
||||
|
||||
let need_verifier = match i.pkce_verifier {
|
||||
None => true,
|
||||
_ => false,
|
||||
};
|
||||
let need_verifier = matches!(i.pkce_verifier, None);
|
||||
|
||||
let csrf_diff = if let Some(csrf) = i.csrf_token.clone() {
|
||||
if *csrf.secret() != csrf_token {
|
||||
true
|
||||
} else {
|
||||
false
|
||||
}
|
||||
*csrf.secret() != csrf_token
|
||||
} else {
|
||||
false
|
||||
};
|
||||
|
||||
let nonce_diff = if let Some(n) = i.nonce.clone() {
|
||||
if *n.secret() != nonce {
|
||||
true
|
||||
} else {
|
||||
false
|
||||
}
|
||||
*n.secret() != nonce
|
||||
} else {
|
||||
false
|
||||
};
|
||||
@ -402,20 +452,20 @@ impl ZeroIDC {
|
||||
}
|
||||
|
||||
pub fn auth_url(&self) -> String {
|
||||
let url = (*self.inner.lock().expect("can't lock inner")).as_opt().map(|i| {
|
||||
match i.url.clone() {
|
||||
let url = (*self.inner.lock().expect("can't lock inner"))
|
||||
.as_opt()
|
||||
.map(|i| match i.url.clone() {
|
||||
Some(u) => u.to_string(),
|
||||
_ => "".to_string(),
|
||||
}
|
||||
});
|
||||
|
||||
match url {
|
||||
Some(url) => url.to_string(),
|
||||
Some(url) => url,
|
||||
None => "".to_string(),
|
||||
}
|
||||
}
|
||||
|
||||
pub fn do_token_exchange(&mut self, code: &str) -> String {
|
||||
pub fn do_token_exchange(&mut self, code: &str) -> Result<String, SSOExchangeError> {
|
||||
let local = Arc::clone(&self.inner);
|
||||
let mut should_start = false;
|
||||
let res = (*local.lock().unwrap()).as_opt().map(|i| {
|
||||
@ -423,7 +473,8 @@ impl ZeroIDC {
|
||||
let token_response = i.oidc_client.as_ref().map(|c| {
|
||||
println!("auth code: {}", code);
|
||||
|
||||
let r = c.exchange_code(AuthorizationCode::new(code.to_string()))
|
||||
let r = c
|
||||
.exchange_code(AuthorizationCode::new(code.to_string()))
|
||||
.set_pkce_verifier(verifier)
|
||||
.request(http_client);
|
||||
|
||||
@ -463,7 +514,10 @@ impl ZeroIDC {
|
||||
};
|
||||
|
||||
if let Some(expected_hash) = claims.access_token_hash() {
|
||||
let actual_hash = match AccessTokenHash::from_token(res.access_token(), &signing_algo) {
|
||||
let actual_hash = match AccessTokenHash::from_token(
|
||||
res.access_token(),
|
||||
&signing_algo,
|
||||
) {
|
||||
Ok(h) => h,
|
||||
Err(e) => {
|
||||
println!("Error hashing access token: {}", e);
|
||||
@ -477,50 +531,53 @@ impl ZeroIDC {
|
||||
}
|
||||
}
|
||||
Some(res)
|
||||
},
|
||||
}
|
||||
Err(e) => {
|
||||
println!("token response error: {:?}", e.to_string());
|
||||
println!("\t {:?}", e.source());
|
||||
|
||||
return None;
|
||||
},
|
||||
None
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
if let Some(Some(tok)) = token_response {
|
||||
let id_token = tok.id_token().unwrap();
|
||||
#[cfg(debug_assertions)] {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
println!("ID token: {}", id_token.to_string());
|
||||
}
|
||||
|
||||
let mut split = "".to_string();
|
||||
match i.csrf_token.clone() {
|
||||
Some(csrf_token) => {
|
||||
split = csrf_token.secret().to_owned();
|
||||
},
|
||||
_ => (),
|
||||
if let Some(tok) = i.csrf_token.clone() {
|
||||
split = tok.secret().to_owned();
|
||||
}
|
||||
|
||||
let split = split.split("_").collect::<Vec<&str>>();
|
||||
let split = split.split('_').collect::<Vec<&str>>();
|
||||
|
||||
if split.len() == 2 {
|
||||
let params = [("id_token", id_token.to_string()),("state", split[0].to_string())];
|
||||
let params = [
|
||||
("id_token", id_token.to_string()),
|
||||
("state", split[0].to_string()),
|
||||
];
|
||||
let client = reqwest::blocking::Client::new();
|
||||
let res = client.post(i.auth_endpoint.clone())
|
||||
.form(¶ms)
|
||||
.send();
|
||||
let res = client.post(i.auth_endpoint.clone()).form(¶ms).send();
|
||||
|
||||
match res {
|
||||
Ok(res) => {
|
||||
#[cfg(debug_assertions)] {
|
||||
if res.status() == 200 {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
println!("hit url: {}", res.url().as_str());
|
||||
println!("Status: {}", res.status());
|
||||
}
|
||||
|
||||
let idt = &id_token.to_string();
|
||||
|
||||
let t: Result<Token<jwt::Header, jwt::Claims, jwt::Unverified<'_>>, jwt::Error>=
|
||||
Token::parse_unverified(idt);
|
||||
let t: Result<
|
||||
Token<jwt::Header, jwt::Claims, jwt::Unverified<'_>>,
|
||||
jwt::Error,
|
||||
> = Token::parse_unverified(idt);
|
||||
|
||||
if let Ok(t) = t {
|
||||
let claims = t.claims().registered.clone();
|
||||
@ -528,9 +585,9 @@ impl ZeroIDC {
|
||||
Some(exp) => {
|
||||
i.exp_time = exp;
|
||||
println!("Set exp time to: {:?}", i.exp_time);
|
||||
},
|
||||
}
|
||||
None => {
|
||||
panic!("expiration is None. This shouldn't happen")
|
||||
panic!("expiration is None. This shouldn't happen");
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -540,7 +597,8 @@ impl ZeroIDC {
|
||||
i.refresh_token = Some(t.clone());
|
||||
should_start = true;
|
||||
}
|
||||
#[cfg(debug_assertions)] {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
let access_token = tok.access_token();
|
||||
println!("Access Token: {}", access_token.secret());
|
||||
|
||||
@ -558,30 +616,46 @@ impl ZeroIDC {
|
||||
Err(_) => "".to_string(),
|
||||
};
|
||||
|
||||
return bytes;
|
||||
},
|
||||
Ok(bytes)
|
||||
} else if res.status() == 402 {
|
||||
Err(SSOExchangeError::new(
|
||||
"additional license seats required. Please contact your network administrator.".to_string(),
|
||||
))
|
||||
} else {
|
||||
Err(SSOExchangeError::new(
|
||||
"error from central endpoint".to_string(),
|
||||
))
|
||||
}
|
||||
}
|
||||
Err(res) => {
|
||||
println!("error result: {}", res);
|
||||
println!("hit url: {}", res.url().unwrap().as_str());
|
||||
println!("Status: {}", res.status().unwrap());
|
||||
println!("Post error: {}", res.to_string());
|
||||
println!("Post error: {}", res);
|
||||
i.exp_time = 0;
|
||||
Err(SSOExchangeError::new(
|
||||
"error from central endpoint".to_string(),
|
||||
))
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
} else {
|
||||
println!("invalid split length?!?");
|
||||
Err(SSOExchangeError::new(
|
||||
"error splitting state token".to_string(),
|
||||
))
|
||||
}
|
||||
} else {
|
||||
Err(SSOExchangeError::new("invalid token response".to_string()))
|
||||
}
|
||||
} else {
|
||||
Err(SSOExchangeError::new("invalid pkce verifier".to_string()))
|
||||
}
|
||||
"".to_string()
|
||||
});
|
||||
if should_start {
|
||||
self.start();
|
||||
}
|
||||
return match res {
|
||||
match res {
|
||||
Some(res) => res,
|
||||
_ => "".to_string(),
|
||||
};
|
||||
_ => Err(SSOExchangeError::new("invalid result".to_string())),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -6,28 +6,56 @@ Summary: ZeroTier network virtualization service
|
||||
License: ZeroTier BSL 1.1
|
||||
URL: https://www.zerotier.com
|
||||
|
||||
%if 0%{?rhel} >= 7
|
||||
BuildRequires: systemd
|
||||
%endif
|
||||
# Fedora
|
||||
|
||||
%if 0%{?fedora} >= 21
|
||||
BuildRequires: systemd
|
||||
%endif
|
||||
|
||||
Requires: iproute libstdc++ openssl
|
||||
AutoReqProv: no
|
||||
|
||||
%if 0%{?rhel} >= 7
|
||||
Requires: systemd
|
||||
%if "%{?dist}" == ".fc35"
|
||||
BuildRequires: systemd clang openssl openssl-devel
|
||||
Requires: systemd openssl
|
||||
Requires(pre): /usr/sbin/useradd, /usr/bin/getent
|
||||
%endif
|
||||
|
||||
%if 0%{?rhel} <= 6
|
||||
Requires: chkconfig
|
||||
%if "%{?dist}" == ".fc36"
|
||||
BuildRequires: systemd clang openssl1.1 openssl1.1-devel
|
||||
Requires: systemd openssl1.1
|
||||
Requires(pre): /usr/sbin/useradd, /usr/bin/getent
|
||||
%endif
|
||||
|
||||
%if 0%{?fedora} >= 21
|
||||
Requires: systemd
|
||||
%if "%{?dist}" == ".fc37"
|
||||
BuildRequires: systemd clang openssl1.1 openssl1.1-devel
|
||||
Requires: systemd openssl1.1
|
||||
Requires(pre): /usr/sbin/useradd, /usr/bin/getent
|
||||
%endif
|
||||
|
||||
# RHEL
|
||||
|
||||
%if "%{?dist}" == ".el6"
|
||||
Requires: chkconfig
|
||||
Requires(pre): /usr/sbin/useradd, /usr/bin/getent
|
||||
%endif
|
||||
|
||||
%if "%{?dist}" == ".el7"
|
||||
BuildRequires: systemd openssl11-devel
|
||||
Requires: systemd openssl11
|
||||
Requires(pre): /usr/sbin/useradd, /usr/bin/getent
|
||||
%endif
|
||||
|
||||
%if "%{?dist}" == ".el8"
|
||||
BuildRequires: systemd openssl-devel
|
||||
Requires: systemd openssl
|
||||
Requires(pre): /usr/sbin/useradd, /usr/bin/getent
|
||||
%endif
|
||||
|
||||
%if "%{?dist}" == ".el9"
|
||||
BuildRequires: systemd openssl-devel
|
||||
Requires: systemd openssl
|
||||
Requires(pre): /usr/sbin/useradd, /usr/bin/getent
|
||||
%endif
|
||||
|
||||
# Amazon
|
||||
|
||||
%if "%{?dist}" == ".amzn2"
|
||||
BuildRequires: systemd openssl-devel
|
||||
Requires: systemd openssl
|
||||
Requires(pre): /usr/sbin/useradd, /usr/bin/getent
|
||||
%endif
|
||||
|
||||
@ -44,123 +72,60 @@ like conventional VPNs or VLANs. It can run on native systems, VMs, or
|
||||
containers (Docker, OpenVZ, etc.).
|
||||
|
||||
%prep
|
||||
%if 0%{?rhel} >= 7
|
||||
rm -rf *
|
||||
ln -s %{getenv:PWD} %{name}-%{version}
|
||||
tar --exclude=%{name}-%{version}/.git --exclude=%{name}-%{version}/%{name}-%{version} -czf %{_sourcedir}/%{name}-%{version}.tar.gz %{name}-%{version}/*
|
||||
rm -f %{name}-%{version}
|
||||
cp -a %{getenv:PWD}/* .
|
||||
%endif
|
||||
# ls -la
|
||||
# %if 0%{?rhel} && 0%{?rhel} >= 7
|
||||
# rm -rf *
|
||||
# ln -s %{getenv:PWD} %{name}-%{version}
|
||||
# tar --exclude=%{name}-%{version}/.git --exclude=%{name}-%{version}/%{name}-%{version} -czf %{_sourcedir}/%{name}-%{version}.tar.gz %{name}-%{version}/*
|
||||
# rm -f %{name}-%{version}
|
||||
# cp -a %{getenv:PWD}/* .
|
||||
# %endif
|
||||
|
||||
%build
|
||||
#%if 0%{?rhel} <= 7
|
||||
#make CFLAGS="`echo %{optflags} | sed s/stack-protector-strong/stack-protector/`" CXXFLAGS="`echo %{optflags} | sed s/stack-protector-strong/stack-protector/`" ZT_USE_MINIUPNPC=1 %{?_smp_mflags} one manpages selftest
|
||||
#%else
|
||||
%if 0%{?rhel} >= 7
|
||||
make ZT_USE_MINIUPNPC=1 %{?_smp_mflags} one
|
||||
%if "%{?dist}" == ".el6"
|
||||
make RUST_BACKTRACE=full ZT_USE_MINIUPNPC=1 %{?_smp_mflags} from_builder
|
||||
%else
|
||||
make RUST_BACKTRACE=full ZT_USE_MINIUPNPC=1 %{?_smp_mflags} one
|
||||
%endif
|
||||
|
||||
%pre
|
||||
%if 0%{?rhel} >= 7
|
||||
/usr/bin/getent passwd zerotier-one || /usr/sbin/useradd -r -d /var/lib/zerotier-one -s /sbin/nologin zerotier-one
|
||||
%endif
|
||||
%if 0%{?fedora} >= 21
|
||||
/usr/bin/getent passwd zerotier-one || /usr/sbin/useradd -r -d /var/lib/zerotier-one -s /sbin/nologin zerotier-one
|
||||
%endif
|
||||
|
||||
%install
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
%if 0%{?rhel} < 7
|
||||
pushd %{getenv:PWD}
|
||||
%endif
|
||||
# rm -rf $RPM_BUILD_ROOT
|
||||
make install DESTDIR=$RPM_BUILD_ROOT
|
||||
%if 0%{?rhel} < 7
|
||||
popd
|
||||
%endif
|
||||
%if 0%{?rhel} >= 7
|
||||
mkdir -p $RPM_BUILD_ROOT%{_unitdir}
|
||||
cp %{getenv:PWD}/debian/zerotier-one.service $RPM_BUILD_ROOT%{_unitdir}/%{name}.service
|
||||
%endif
|
||||
%if 0%{?fedora} >= 21
|
||||
mkdir -p $RPM_BUILD_ROOT%{_unitdir}
|
||||
cp ${getenv:PWD}/debian/zerotier-one.service $RPM_BUILD_ROOT%{_unitdir}/%{name}.service
|
||||
%endif
|
||||
%if 0%{?rhel} <= 6
|
||||
mkdir -p $RPM_BUILD_ROOT/etc/init.d
|
||||
|
||||
%if 0%{?rhel} && 0%{?rhel} <= 6
|
||||
mkdir -p $RPM_BUILD_ROOT/etc/init.d/
|
||||
cp %{getenv:PWD}/ext/installfiles/linux/zerotier-one.init.rhel6 $RPM_BUILD_ROOT/etc/init.d/zerotier-one
|
||||
chmod 0755 $RPM_BUILD_ROOT/etc/init.d/zerotier-one
|
||||
chmod 700 $RPM_BUILD_ROOT/etc/init.d/${name}
|
||||
%endif
|
||||
|
||||
%files
|
||||
%{_sbindir}/*
|
||||
%{_mandir}/*
|
||||
%{_localstatedir}/*
|
||||
%if 0%{?rhel} >= 7
|
||||
%{_unitdir}/%{name}.service
|
||||
%endif
|
||||
%if 0%{?fedora} >= 21
|
||||
%{_unitdir}/%{name}.service
|
||||
%endif
|
||||
%if 0%{?rhel} <= 6
|
||||
|
||||
%if 0%{?rhel} && 0%{?rhel} <= 6
|
||||
/etc/init.d/zerotier-one
|
||||
%else
|
||||
%{_unitdir}/%{name}.service
|
||||
%endif
|
||||
|
||||
%post
|
||||
%if 0%{?rhel} >= 7
|
||||
%if ! 0%{?rhel} && 0%{?rhel} <= 6
|
||||
%systemd_post zerotier-one.service
|
||||
%endif
|
||||
%if 0%{?fedora} >= 21
|
||||
%systemd_post zerotier-one.service
|
||||
%endif
|
||||
%if 0%{?rhel} <= 6
|
||||
case "$1" in
|
||||
1)
|
||||
chkconfig --add zerotier-one
|
||||
;;
|
||||
2)
|
||||
chkconfig --del zerotier-one
|
||||
chkconfig --add zerotier-one
|
||||
;;
|
||||
esac
|
||||
if [ -x /usr/bin/checkmodule -a -x /usr/bin/semodule_package -a -x /usr/sbin/semodule ]; then
|
||||
rm -f /var/lib/zerotier-one/zerotier-one.mod
|
||||
/usr/bin/checkmodule -M -m -o /var/lib/zerotier-one/zerotier-one.mod /var/lib/zerotier-one/zerotier-one.te
|
||||
if [ -f /var/lib/zerotier-one/zerotier-one.pp ]; then
|
||||
rm -f /var/lib/zerotier-one/zerotier-one.pp
|
||||
/usr/bin/semodule_package -o /var/lib/zerotier-one/zerotier-one.pp -m /var/lib/zerotier-one/zerotier-one.mod
|
||||
/usr/sbin/semodule -u /var/lib/zerotier-one/zerotier-one.pp
|
||||
else
|
||||
/usr/bin/semodule_package -o /var/lib/zerotier-one/zerotier-one.pp -m /var/lib/zerotier-one/zerotier-one.mod
|
||||
/usr/sbin/semodule -i /var/lib/zerotier-one/zerotier-one.pp
|
||||
fi
|
||||
fi
|
||||
%endif
|
||||
|
||||
%preun
|
||||
%if 0%{?rhel} >= 7
|
||||
%if ! 0%{?rhel} && 0%{?rhel} <= 6
|
||||
%systemd_preun zerotier-one.service
|
||||
%endif
|
||||
%if 0%{?fedora} >= 21
|
||||
%systemd_preun zerotier-one.service
|
||||
%endif
|
||||
%if 0%{?rhel} <= 6
|
||||
case "$1" in
|
||||
0)
|
||||
service zerotier-one stop
|
||||
chkconfig --del zerotier-one
|
||||
;;
|
||||
1)
|
||||
# This is an upgrade.
|
||||
:
|
||||
;;
|
||||
esac
|
||||
%endif
|
||||
|
||||
%postun
|
||||
%if 0%{?rhel} >= 7
|
||||
%systemd_postun_with_restart zerotier-one.service
|
||||
%endif
|
||||
%if 0%{?fedora} >= 21
|
||||
%if ! 0%{?rhel} && 0%{?rhel} <= 6
|
||||
%systemd_postun_with_restart zerotier-one.service
|
||||
%endif
|
||||
|
||||
@ -171,16 +136,16 @@ esac
|
||||
* Tue May 10 2022 Adam Ierymenko <adam.ierymenko@zerotier.com> - 1.8.10
|
||||
- see https://github.com/zerotier/ZeroTierOne for release notes
|
||||
|
||||
* Fri Apr 25 2022 Adam Ierymenko <adam.ierymenko@zerotier.com> - 1.8.9
|
||||
* Mon Apr 25 2022 Adam Ierymenko <adam.ierymenko@zerotier.com> - 1.8.9
|
||||
- see https://github.com/zerotier/ZeroTierOne for release notes
|
||||
|
||||
* Fri Apr 11 2022 Adam Ierymenko <adam.ierymenko@zerotier.com> - 1.8.8
|
||||
* Mon Apr 11 2022 Adam Ierymenko <adam.ierymenko@zerotier.com> - 1.8.8
|
||||
- see https://github.com/zerotier/ZeroTierOne for release notes
|
||||
|
||||
* Fri Mar 21 2022 Adam Ierymenko <adam.ierymenko@zerotier.com> - 1.8.7
|
||||
* Mon Mar 21 2022 Adam Ierymenko <adam.ierymenko@zerotier.com> - 1.8.7
|
||||
- see https://github.com/zerotier/ZeroTierOne for release notes
|
||||
|
||||
* Fri Mar 07 2022 Adam Ierymenko <adam.ierymenko@zerotier.com> - 1.8.6
|
||||
* Mon Mar 07 2022 Adam Ierymenko <adam.ierymenko@zerotier.com> - 1.8.6
|
||||
- see https://github.com/zerotier/ZeroTierOne for release notes
|
||||
|
||||
* Fri Dec 17 2021 Adam Ierymenko <adam.ierymenko@zerotier.com> - 1.8.5
|
||||
@ -198,7 +163,7 @@ esac
|
||||
* Wed Oct 20 2021 Adam Ierymenko <adam.ierymenko@zerotier.com> - 1.8.1
|
||||
- see https://github.com/zerotier/ZeroTierOne for release notes
|
||||
|
||||
* Tue Sep 15 2021 Adam Ierymenko <adam.ierymenko@zerotier.com> - 1.8.0
|
||||
* Wed Sep 15 2021 Adam Ierymenko <adam.ierymenko@zerotier.com> - 1.8.0
|
||||
- see https://github.com/zerotier/ZeroTierOne for release notes
|
||||
|
||||
* Tue Apr 13 2021 Adam Ierymenko <adam.ierymenko@zerotier.com> - 1.6.5
|
||||
|
Loading…
Reference in New Issue
Block a user