mirror of
https://github.com/zerotier/ZeroTierOne.git
synced 2024-12-21 05:53:09 +00:00
Get rid of some noisy remote traces that should not be needed.
This commit is contained in:
Adam Ierymenko
parent
106dff0d53
commit
fcaf1d89c2
@ -66,10 +66,9 @@ bool IncomingPacket::tryDecode(const RuntimeEnvironment *RR,void *tPtr)
|
||||
// packets are dropped on the floor.
|
||||
const uint64_t tpid = trustedPathId();
|
||||
if (RR->topology->shouldInboundPathBeTrusted(_path->address(),tpid)) {
|
||||
RR->t->incomingPacketTrustedPath(tPtr,_path,packetId(),sourceAddress,tpid,true);
|
||||
trusted = true;
|
||||
} else {
|
||||
RR->t->incomingPacketTrustedPath(tPtr,_path,packetId(),sourceAddress,tpid,false);
|
||||
RR->t->incomingPacketMessageAuthenticationFailure(tPtr,_path,packetId(),sourceAddress,hops(),"path not trusted");
|
||||
return true;
|
||||
}
|
||||
} else if ((c == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_NONE)&&(verb() == Packet::VERB_HELLO)) {
|
||||
@ -81,7 +80,7 @@ bool IncomingPacket::tryDecode(const RuntimeEnvironment *RR,void *tPtr)
|
||||
if (peer) {
|
||||
if (!trusted) {
|
||||
if (!dearmor(peer->key())) {
|
||||
RR->t->incomingPacketMessageAuthenticationFailure(tPtr,_path,packetId(),sourceAddress,hops());
|
||||
RR->t->incomingPacketMessageAuthenticationFailure(tPtr,_path,packetId(),sourceAddress,hops(),"invalid MAC");
|
||||
return true;
|
||||
}
|
||||
}
|
||||
@ -246,10 +245,10 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,void *tPtr,const bool
|
||||
outp.armor(key,true,_path->nextOutgoingCounter());
|
||||
_path->send(RR,tPtr,outp.data(),outp.size(),RR->node->now());
|
||||
} else {
|
||||
RR->t->incomingPacketMessageAuthenticationFailure(tPtr,_path,pid,fromAddress,hops());
|
||||
RR->t->incomingPacketMessageAuthenticationFailure(tPtr,_path,pid,fromAddress,hops(),"invalid MAC");
|
||||
}
|
||||
} else {
|
||||
RR->t->incomingPacketMessageAuthenticationFailure(tPtr,_path,pid,fromAddress,hops());
|
||||
RR->t->incomingPacketMessageAuthenticationFailure(tPtr,_path,pid,fromAddress,hops(),"invalid identity");
|
||||
}
|
||||
|
||||
return true;
|
||||
@ -257,7 +256,7 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,void *tPtr,const bool
|
||||
// Identity is the same as the one we already have -- check packet integrity
|
||||
|
||||
if (!dearmor(peer->key())) {
|
||||
RR->t->incomingPacketMessageAuthenticationFailure(tPtr,_path,pid,fromAddress,hops());
|
||||
RR->t->incomingPacketMessageAuthenticationFailure(tPtr,_path,pid,fromAddress,hops(),"invalid MAC");
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -282,7 +281,7 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,void *tPtr,const bool
|
||||
// Check packet integrity and MAC (this is faster than locallyValidate() so do it first to filter out total crap)
|
||||
SharedPtr<Peer> newPeer(new Peer(RR,RR->identity,id));
|
||||
if (!dearmor(newPeer->key())) {
|
||||
RR->t->incomingPacketMessageAuthenticationFailure(tPtr,_path,pid,fromAddress,hops());
|
||||
RR->t->incomingPacketMessageAuthenticationFailure(tPtr,_path,pid,fromAddress,hops(),"invalid MAC");
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
@ -147,7 +147,6 @@ Membership::AddCredentialResult Membership::addCredential(const RuntimeEnvironme
|
||||
return ADD_REJECTED;
|
||||
case 0:
|
||||
_com = com;
|
||||
RR->t->credentialAccepted(tPtr,com);
|
||||
return ADD_ACCEPTED_NEW;
|
||||
case 1:
|
||||
return ADD_DEFERRED_FOR_WHOIS;
|
||||
@ -179,7 +178,6 @@ static Membership::AddCredentialResult _addCredImpl(Hashtable<uint32_t,C> &remot
|
||||
RR->t->credentialRejected(tPtr,cred,"invalid");
|
||||
return Membership::ADD_REJECTED;
|
||||
case 0:
|
||||
RR->t->credentialAccepted(tPtr,cred);
|
||||
if (!rc)
|
||||
rc = &(remoteCreds[cred.id()]);
|
||||
*rc = cred;
|
||||
@ -205,7 +203,6 @@ Membership::AddCredentialResult Membership::addCredential(const RuntimeEnvironme
|
||||
switch(ct) {
|
||||
case Credential::CREDENTIAL_TYPE_COM:
|
||||
if (rev.threshold() > _comRevocationThreshold) {
|
||||
RR->t->credentialAccepted(tPtr,rev);
|
||||
_comRevocationThreshold = rev.threshold();
|
||||
return ADD_ACCEPTED_NEW;
|
||||
}
|
||||
|
||||
@ -164,12 +164,7 @@ void Trace::incomingNetworkFrameDropped(void *const tPtr,const SharedPtr<Network
|
||||
_send(tPtr,d,*network);
|
||||
}
|
||||
|
||||
void Trace::incomingPacketTrustedPath(void *const tPtr,const SharedPtr<Path> &path,const uint64_t packetId,const Address &source,const uint64_t trustedPathId,bool approved)
|
||||
{
|
||||
// TODO
|
||||
}
|
||||
|
||||
void Trace::incomingPacketMessageAuthenticationFailure(void *const tPtr,const SharedPtr<Path> &path,const uint64_t packetId,const Address &source,const unsigned int hops)
|
||||
void Trace::incomingPacketMessageAuthenticationFailure(void *const tPtr,const SharedPtr<Path> &path,const uint64_t packetId,const Address &source,const unsigned int hops,const char *reason)
|
||||
{
|
||||
char tmp[128];
|
||||
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
|
||||
@ -179,6 +174,8 @@ void Trace::incomingPacketMessageAuthenticationFailure(void *const tPtr,const Sh
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_ZTADDR,source);
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_PHYADDR,path->address().toString(tmp));
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__LOCAL_SOCKET,path->localSocket());
|
||||
if (reason)
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
|
||||
_send(tPtr,d,0);
|
||||
}
|
||||
|
||||
@ -344,76 +341,6 @@ void Trace::credentialRejected(void *const tPtr,const Revocation &c,const char *
|
||||
_send(tPtr,d,c.networkId());
|
||||
}
|
||||
|
||||
void Trace::credentialAccepted(void *const tPtr,const CertificateOfMembership &c)
|
||||
{
|
||||
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__CREDENTIAL_ACCEPTED_S);
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__NETWORK_ID,c.networkId());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TYPE,(uint64_t)c.credentialType());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ID,(uint64_t)c.id());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TIMESTAMP,c.timestamp());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ISSUED_TO,c.issuedTo());
|
||||
_send(tPtr,d,c.networkId());
|
||||
}
|
||||
|
||||
void Trace::credentialAccepted(void *const tPtr,const CertificateOfOwnership &c)
|
||||
{
|
||||
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__CREDENTIAL_ACCEPTED_S);
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__NETWORK_ID,c.networkId());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TYPE,(uint64_t)c.credentialType());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ID,(uint64_t)c.id());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TIMESTAMP,c.timestamp());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ISSUED_TO,c.issuedTo());
|
||||
_send(tPtr,d,c.networkId());
|
||||
}
|
||||
|
||||
void Trace::credentialAccepted(void *const tPtr,const CertificateOfRepresentation &c)
|
||||
{
|
||||
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__CREDENTIAL_ACCEPTED_S);
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TYPE,(uint64_t)c.credentialType());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ID,(uint64_t)c.id());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TIMESTAMP,c.timestamp());
|
||||
_send(tPtr,d,0);
|
||||
}
|
||||
|
||||
void Trace::credentialAccepted(void *const tPtr,const Capability &c)
|
||||
{
|
||||
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__CREDENTIAL_ACCEPTED_S);
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__NETWORK_ID,c.networkId());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TYPE,(uint64_t)c.credentialType());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ID,(uint64_t)c.id());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TIMESTAMP,c.timestamp());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ISSUED_TO,c.issuedTo());
|
||||
_send(tPtr,d,c.networkId());
|
||||
}
|
||||
|
||||
void Trace::credentialAccepted(void *const tPtr,const Tag &c)
|
||||
{
|
||||
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__CREDENTIAL_ACCEPTED_S);
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__NETWORK_ID,c.networkId());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TYPE,(uint64_t)c.credentialType());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ID,(uint64_t)c.id());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TIMESTAMP,c.timestamp());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ISSUED_TO,c.issuedTo());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_INFO,(uint64_t)c.value());
|
||||
_send(tPtr,d,c.networkId());
|
||||
}
|
||||
|
||||
void Trace::credentialAccepted(void *const tPtr,const Revocation &c)
|
||||
{
|
||||
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__CREDENTIAL_ACCEPTED_S);
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__NETWORK_ID,c.networkId());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_TYPE,(uint64_t)c.credentialType());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ID,(uint64_t)c.id());
|
||||
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_REVOCATION_TARGET,c.target());
|
||||
_send(tPtr,d,c.networkId());
|
||||
}
|
||||
|
||||
void Trace::_send(void *const tPtr,const Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> &d)
|
||||
{
|
||||
#ifdef ZT_TRACE
|
||||
|
||||
@ -108,8 +108,7 @@ public:
|
||||
void peerLearnedNewPath(void *const tPtr,const uint64_t networkId,Peer &peer,const SharedPtr<Path> &oldPath,const SharedPtr<Path> &newPath,const uint64_t packetId);
|
||||
void peerRedirected(void *const tPtr,const uint64_t networkId,Peer &peer,const SharedPtr<Path> &oldPath,const SharedPtr<Path> &newPath);
|
||||
|
||||
void incomingPacketTrustedPath(void *const tPtr,const SharedPtr<Path> &path,const uint64_t packetId,const Address &source,const uint64_t trustedPathId,bool approved);
|
||||
void incomingPacketMessageAuthenticationFailure(void *const tPtr,const SharedPtr<Path> &path,const uint64_t packetId,const Address &source,const unsigned int hops);
|
||||
void incomingPacketMessageAuthenticationFailure(void *const tPtr,const SharedPtr<Path> &path,const uint64_t packetId,const Address &source,const unsigned int hops,const char *reason);
|
||||
void incomingPacketInvalid(void *const tPtr,const SharedPtr<Path> &path,const uint64_t packetId,const Address &source,const unsigned int hops,const Packet::Verb verb,const char *reason);
|
||||
void incomingPacketDroppedHELLO(void *const tPtr,const SharedPtr<Path> &path,const uint64_t packetId,const Address &source,const char *reason);
|
||||
|
||||
@ -142,12 +141,6 @@ public:
|
||||
void credentialRejected(void *const tPtr,const Capability &c,const char *reason);
|
||||
void credentialRejected(void *const tPtr,const Tag &c,const char *reason);
|
||||
void credentialRejected(void *const tPtr,const Revocation &c,const char *reason);
|
||||
void credentialAccepted(void *const tPtr,const CertificateOfMembership &c);
|
||||
void credentialAccepted(void *const tPtr,const CertificateOfOwnership &c);
|
||||
void credentialAccepted(void *const tPtr,const CertificateOfRepresentation &c);
|
||||
void credentialAccepted(void *const tPtr,const Capability &c);
|
||||
void credentialAccepted(void *const tPtr,const Tag &c);
|
||||
void credentialAccepted(void *const tPtr,const Revocation &c);
|
||||
|
||||
private:
|
||||
const RuntimeEnvironment *const RR;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user