From 5533b8245082e88b7b116be04756340279e98246 Mon Sep 17 00:00:00 2001 From: ChrisCarini <6374067+ChrisCarini@users.noreply.github.com> Date: Fri, 3 Nov 2023 18:11:51 -0700 Subject: [PATCH 1/8] Add ARM architectures to Synology DSM7 --- pkg/synology/dsm7-docker/README.md | 5 +++++ pkg/synology/dsm7-docker/build.sh | 22 ++++++++++------------ 2 files changed, 15 insertions(+), 12 deletions(-) diff --git a/pkg/synology/dsm7-docker/README.md b/pkg/synology/dsm7-docker/README.md index 14bacde76..99cd979cf 100644 --- a/pkg/synology/dsm7-docker/README.md +++ b/pkg/synology/dsm7-docker/README.md @@ -1,3 +1,8 @@ ## Docker image for Synology's DSM7 Documentation: [docs.zerotier.com/devices/synology](https://docs.zerotier.com/devices/synology) + +### Build & Push changes to DockerHub +```shell +./build.sh build +``` diff --git a/pkg/synology/dsm7-docker/build.sh b/pkg/synology/dsm7-docker/build.sh index acec5e0c9..1706ac686 100755 --- a/pkg/synology/dsm7-docker/build.sh +++ b/pkg/synology/dsm7-docker/build.sh @@ -3,19 +3,17 @@ ZTO_VER=$(git describe --tags $(git rev-list --tags --max-count=1)) ZTO_COMMIT=$(git rev-parse HEAD) -build() -{ - sudo docker build --load --rm -t zerotier-synology . --build-arg ZTO_COMMIT=${ZTO_COMMIT} --build-arg ZTO_VER=${ZTO_VER} - LATEST_DOCKER_IMAGE_HASH=$(sudo docker images -q zerotier-synology) - sudo docker tag ${LATEST_DOCKER_IMAGE_HASH} zerotier/zerotier-synology:${ZTO_VER} - sudo docker tag ${LATEST_DOCKER_IMAGE_HASH} zerotier/zerotier-synology:latest -} - -push() -{ +build() { sudo docker login --username=${DOCKERHUB_USERNAME} - sudo docker push zerotier/zerotier-synology:${ZTO_VER} - sudo docker push zerotier/zerotier-synology:latest + + sudo docker buildx build \ + --push \ + --platform linux/arm/v7,linux/arm64/v8,linux/amd64 \ + --tag zerotier/zerotier-synology:${ZTO_VER} \ + --tag zerotier/zerotier-synology:latest \ + --build-arg ZTO_COMMIT=${ZTO_COMMIT} \ + --build-arg ZTO_VER=${ZTO_VER} \ + . } "$@" From 9de2b90528d1fe7efe963acca3313defd1eb5662 Mon Sep 17 00:00:00 2001 From: Grant Limberg Date: Wed, 27 Mar 2024 14:40:38 -0700 Subject: [PATCH 2/8] fix rebuild for x64 --- rustybits/zeroidc.vcxproj | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rustybits/zeroidc.vcxproj b/rustybits/zeroidc.vcxproj index b31ed0ee4..833437238 100644 --- a/rustybits/zeroidc.vcxproj +++ b/rustybits/zeroidc.vcxproj @@ -91,7 +91,7 @@ cargo clean - cargo clean & cargo build --release --target=x86_64-pc-windows-msvc + cargo clean & cargo build -p zeroidc --release --target=x86_64-pc-windows-msvc NDEBUG;$(NMakePreprocessorDefinitions) From dca77cb0d2dc7dd9403ab32a6338703e23645c0f Mon Sep 17 00:00:00 2001 From: Brenton Bostick Date: Tue, 21 May 2024 12:09:14 -0400 Subject: [PATCH 3/8] expand GETENV macro that needs to be modified --- java/jni/com_zerotierone_sdk_Node.cpp | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/java/jni/com_zerotierone_sdk_Node.cpp b/java/jni/com_zerotierone_sdk_Node.cpp index 36d722c7d..260e523cf 100644 --- a/java/jni/com_zerotierone_sdk_Node.cpp +++ b/java/jni/com_zerotierone_sdk_Node.cpp @@ -194,7 +194,13 @@ namespace { assert(ref); assert(ref->node == node); JNIEnv *env; - GETENV(env, ref->jvm); + + jint getEnvRet; + assert(ref->jvm); + if ((getEnvRet = ref->jvm->GetEnv(reinterpret_cast(&env), JNI_VERSION_1_6)) != JNI_OK) { + LOGE("Error calling GetEnv: %d", getEnvRet); + assert(false && "Error calling GetEnv"); + } if (env->ExceptionCheck()) { LOGE("Unhandled pending exception"); From e32fecd16deeab0df65e4aad15ef3e096e35c5a9 Mon Sep 17 00:00:00 2001 From: Brenton Bostick Date: Tue, 21 May 2024 12:10:00 -0400 Subject: [PATCH 4/8] Thread might actually be detached, so need to handle that --- java/jni/com_zerotierone_sdk_Node.cpp | 52 ++++++++++++++++++++++++++- 1 file changed, 51 insertions(+), 1 deletion(-) diff --git a/java/jni/com_zerotierone_sdk_Node.cpp b/java/jni/com_zerotierone_sdk_Node.cpp index 260e523cf..ba1627856 100644 --- a/java/jni/com_zerotierone_sdk_Node.cpp +++ b/java/jni/com_zerotierone_sdk_Node.cpp @@ -111,6 +111,44 @@ namespace { bool finishInitializing(); }; + // + // RAII construct for calling AttachCurrentThread and DetachCurrent automatically + // + struct ScopedJNIThreadAttacher { + + JavaVM *jvm; + JNIEnv **env_p; + jint getEnvRet; + + ScopedJNIThreadAttacher(JavaVM *jvmIn, JNIEnv **env_pIn, jint getEnvRetIn) : + jvm(jvmIn), + env_p(env_pIn), + getEnvRet(getEnvRetIn) { + + if (getEnvRet != JNI_EDETACHED) { + return; + } + + jint attachCurrentThreadRet; + if ((attachCurrentThreadRet = jvm->AttachCurrentThread(env_p, NULL)) != JNI_OK) { + LOGE("Error calling AttachCurrentThread: %d", attachCurrentThreadRet); + assert(false && "Error calling AttachCurrentThread"); + } + } + + ~ScopedJNIThreadAttacher() { + + if (getEnvRet != JNI_EDETACHED) { + return; + } + + jint detachCurrentThreadRet; + if ((detachCurrentThreadRet = jvm->DetachCurrentThread()) != JNI_OK) { + LOGE("Error calling DetachCurrentThread: %d", detachCurrentThreadRet); + assert(false && "Error calling DetachCurrentThread"); + } + } + }; /* * This must return 0 on success. It can return any OS-dependent error code @@ -197,11 +235,23 @@ namespace { jint getEnvRet; assert(ref->jvm); - if ((getEnvRet = ref->jvm->GetEnv(reinterpret_cast(&env), JNI_VERSION_1_6)) != JNI_OK) { + getEnvRet = ref->jvm->GetEnv(reinterpret_cast(&env), JNI_VERSION_1_6); + + if (!(getEnvRet == JNI_OK || getEnvRet == JNI_EDETACHED)) { LOGE("Error calling GetEnv: %d", getEnvRet); assert(false && "Error calling GetEnv"); } + // + // Thread might actually be detached. + // + // e.g: + // https://github.com/zerotier/ZeroTierOne/blob/91e7ce87f09ac1cfdeaf6ff22c3cedcd93574c86/node/Switch.cpp#L519 + // + // Make sure to attach if needed + // + ScopedJNIThreadAttacher attacher{ref->jvm, &env, getEnvRet}; + if (env->ExceptionCheck()) { LOGE("Unhandled pending exception"); return; From ad60d708e1bd4880f341b2622ed808eab038bb9c Mon Sep 17 00:00:00 2001 From: Grant Limberg Date: Mon, 17 Jun 2024 16:32:53 -0700 Subject: [PATCH 5/8] fix log line --- controller/PostgreSQL.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/controller/PostgreSQL.cpp b/controller/PostgreSQL.cpp index abfdbd31d..010df3b9d 100644 --- a/controller/PostgreSQL.cpp +++ b/controller/PostgreSQL.cpp @@ -1180,7 +1180,7 @@ void PostgreSQL::_membersWatcher_Redis() { _memberChanged(oldConfig,newConfig,(this->_ready >= 2)); } } catch (...) { - fprintf(stderr, "json parse error in networkWatcher_Redis\n"); + fprintf(stderr, "json parse error in _membersWatcher_Redis: %s\n", a.second.c_str()); } } if (_rc->clusterMode) { @@ -1269,8 +1269,8 @@ void PostgreSQL::_networksWatcher_Redis() { if (oldConfig.is_object()||newConfig.is_object()) { _networkChanged(oldConfig,newConfig,(this->_ready >= 2)); } - } catch (...) { - fprintf(stderr, "json parse error in networkWatcher_Redis\n"); + } catch (std::exception &e) { + fprintf(stderr, "json parse error in networkWatcher_Redis: what: %s json: %s\n", e.what(), a.second.c_str()); } } if (_rc->clusterMode) { From 9d57ccd7b145071c662e57d5b7a27c14f5d0f636 Mon Sep 17 00:00:00 2001 From: Grant Limberg Date: Mon, 17 Jun 2024 16:35:08 -0700 Subject: [PATCH 6/8] deauth all members upon network delete --- controller/DB.cpp | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/controller/DB.cpp b/controller/DB.cpp index fe2973990..2c354ae7f 100644 --- a/controller/DB.cpp +++ b/controller/DB.cpp @@ -382,6 +382,24 @@ void DB::_networkChanged(nlohmann::json &old,nlohmann::json &networkConfig,bool const std::string ids = old["id"]; const uint64_t networkId = Utils::hexStrToU64(ids.c_str()); if (networkId) { + try { + // deauth all members on the network + nlohmann::json network; + std::vector members; + this->get(networkId, network, members); + for(auto i=members.begin();i!=members.end();++i) { + const std::string nodeID = (*i)["id"]; + const uint64_t memberId = Utils::hexStrToU64(nodeID.c_str()); + std::unique_lock ll(_changeListeners_l); + for(auto j=_changeListeners.begin();j!=_changeListeners.end();++j) { + (*j)->onNetworkMemberDeauthorize(this,networkId,memberId); + } + } + } catch (std::exception &e) { + std::cerr << "Error deauthorizing members on network delete: " << e.what() << std::endl; + } + + // delete the network std::unique_lock l(_networks_l); _networks.erase(networkId); } From f9c6ee0181acb1b77605d9a4e4106ac79aaacca3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 21 Jun 2024 13:18:42 +0200 Subject: [PATCH 7/8] macos: use more portable pwd instead of PWD MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In nixpkgs we use coreutils and do not have PWD available. This change have any downsides on normal macOS systems, but helps nixpkgs packaging a bit. Signed-off-by: Jörg Thalheim --- make-mac.mk | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/make-mac.mk b/make-mac.mk index 018fb8325..7af200adc 100644 --- a/make-mac.mk +++ b/make-mac.mk @@ -1,8 +1,8 @@ CC=clang CXX=clang++ -TOPDIR=$(shell PWD) +TOPDIR=$(shell pwd) -INCLUDES=-I$(shell PWD)/rustybits/target -isystem $(TOPDIR)/ext -I$(TOPDIR)/ext/prometheus-cpp-lite-1.0/core/include -I$(TOPDIR)/ext-prometheus-cpp-lite-1.0/3rdparty/http-client-lite/include -I$(TOPDIR)/ext/prometheus-cpp-lite-1.0/simpleapi/include +INCLUDES=-I$(shell pwd)/rustybits/target -isystem $(TOPDIR)/ext -I$(TOPDIR)/ext/prometheus-cpp-lite-1.0/core/include -I$(TOPDIR)/ext-prometheus-cpp-lite-1.0/3rdparty/http-client-lite/include -I$(TOPDIR)/ext/prometheus-cpp-lite-1.0/simpleapi/include DEFS= LIBS= ARCH_FLAGS=-arch x86_64 -arch arm64 From 508527f7cdcf622b51cedab86d95be79a82d9a37 Mon Sep 17 00:00:00 2001 From: Grant Limberg Date: Mon, 8 Jul 2024 14:08:54 -0700 Subject: [PATCH 8/8] break up redis tx inserts into smaller chunks --- controller/PostgreSQL.cpp | 28 ++++++++++++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) diff --git a/controller/PostgreSQL.cpp b/controller/PostgreSQL.cpp index 010df3b9d..e4a31ba28 100644 --- a/controller/PostgreSQL.cpp +++ b/controller/PostgreSQL.cpp @@ -780,11 +780,25 @@ void PostgreSQL::initializeNetworks() fprintf(stderr, "adding networks to redis...\n"); if (_rc->clusterMode) { auto tx = _cluster->transaction(_myAddressStr, true, false); - tx.sadd(setKey, networkSet.begin(), networkSet.end()); + uint64_t count = 0; + for (std::string nwid : networkSet) { + tx.sadd(setKey, nwid); + if (++count % 30000 == 0) { + tx.exec(); + tx = _cluster->transaction(_myAddressStr, true, false); + } + } tx.exec(); } else { auto tx = _redis->transaction(true, false); - tx.sadd(setKey, networkSet.begin(), networkSet.end()); + uint64_t count = 0; + for (std::string nwid : networkSet) { + tx.sadd(setKey, nwid); + if (++count % 30000 == 0) { + tx.exec(); + tx = _redis->transaction(true, false); + } + } tx.exec(); } fprintf(stderr, "done.\n"); @@ -1005,14 +1019,24 @@ void PostgreSQL::initializeMembers() fprintf(stderr, "Load member data into redis...\n"); if (_rc->clusterMode) { auto tx = _cluster->transaction(_myAddressStr, true, false); + uint64_t count = 0; for (auto it : networkMembers) { tx.sadd(it.first, it.second); + if (++count % 30000 == 0) { + tx.exec(); + tx = _cluster->transaction(_myAddressStr, true, false); + } } tx.exec(); } else { auto tx = _redis->transaction(true, false); + uint64_t count = 0; for (auto it : networkMembers) { tx.sadd(it.first, it.second); + if (++count % 30000 == 0) { + tx.exec(); + tx = _redis->transaction(true, false); + } } tx.exec(); }