1
0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-03-12 04:36:29 -07:00

It builds again

This commit is contained in:
Adam Ierymenko 2020-01-23 14:41:59 -08:00
parent 33bb61c63d
commit 0de194dab3
No known key found for this signature in database
GPG Key ID: C8877CF2D7A5D7F3
7 changed files with 46 additions and 34 deletions

@ -1123,7 +1123,7 @@ void EmbeddedNetworkController::onNetworkMemberUpdate(const void *db,uint64_t ne
void EmbeddedNetworkController::onNetworkMemberDeauthorize(const void *db,uint64_t networkId,uint64_t memberId)
{
const int64_t now = OSUtils::now();
Revocation rev((uint32_t)Utils::random(),networkId,0,now,ZT_REVOCATION_FLAG_FAST_PROPAGATE,Address(memberId),Revocation::CREDENTIAL_TYPE_COM);
Revocation rev((uint32_t)Utils::random(),networkId,0,now,ZT_REVOCATION_FLAG_FAST_PROPAGATE,Address(memberId),ZT_CREDENTIAL_TYPE_COM);
rev.sign(_signingId);
{
std::lock_guard<std::mutex> l(_memberStatus_l);

@ -396,7 +396,9 @@ enum ZT_TraceTryingNewPathReason
{
ZT_TRACE_TRYING_NEW_PATH_REASON_PACKET_RECEIVED_FROM_UNKNOWN_PATH = 1,
ZT_TRACE_TRYING_NEW_PATH_REASON_RECEIVED_PUSH_DIRECT_PATHS = 2,
ZT_TRACE_TRYING_NEW_PATH_REASON_RENDEZVOUS = 3
ZT_TRACE_TRYING_NEW_PATH_REASON_RENDEZVOUS = 3,
ZT_TRACE_TRYING_NEW_PATH_REASON_BOOTSTRAP_ADDRESS = 4,
ZT_TRACE_TRYING_NEW_PATH_REASON_EXPLICITLY_SUGGESTED_ADDRESS = 5
};
/**

@ -355,8 +355,9 @@ ZT_ALWAYS_INLINE bool _doRENDEZVOUS(IncomingPacket &pkt,const RuntimeEnvironment
InetAddress atAddr(pkt.field(ZT_PROTO_VERB_RENDEZVOUS_IDX_ADDRESS,addrlen),addrlen,port);
if (rendezvousWith->shouldTryPath(tPtr,RR->node->now(),peer,atAddr)) {
if (atAddr.isV4())
RR->node->putPacket(tPtr,path->localSocket(),atAddr,&junk,2,2); // IPv4 "firewall opener"
RR->node->putPacket(tPtr,path->localSocket(),atAddr,&junk,2,2); // IPv4 "firewall opener" hack
rendezvousWith->sendHELLO(tPtr,path->localSocket(),atAddr,RR->node->now());
RR->t->tryingNewPath(tPtr,rendezvousWith->identity(),atAddr,path->address(),pkt.packetId(),Packet::VERB_RENDEZVOUS,peer->address(),peer->identity().hash(),ZT_TRACE_TRYING_NEW_PATH_REASON_RENDEZVOUS);
}
}
}
@ -401,7 +402,7 @@ ZT_ALWAYS_INLINE bool _doEXT_FRAME(IncomingPacket &pkt,const RuntimeEnvironment
CertificateOfMembership com;
comLen = com.deserialize(pkt,ZT_PROTO_VERB_EXT_FRAME_IDX_COM);
if (com)
network->addCredential(tPtr,com);
network->addCredential(tPtr,peer->identity(),com);
}
if (!network->gate(tPtr,peer)) {
@ -501,7 +502,7 @@ ZT_ALWAYS_INLINE bool _doNETWORK_CREDENTIALS(IncomingPacket &pkt,const RuntimeEn
if (com) {
network = RR->node->network(com.networkId());
if (network) {
if (network->addCredential(tPtr,com) == Membership::ADD_DEFERRED_FOR_WHOIS)
if (network->addCredential(tPtr,peer->identity(),com) == Membership::ADD_DEFERRED_FOR_WHOIS)
return false;
}
}
@ -515,7 +516,7 @@ ZT_ALWAYS_INLINE bool _doNETWORK_CREDENTIALS(IncomingPacket &pkt,const RuntimeEn
if ((!network)||(network->id() != cap.networkId()))
network = RR->node->network(cap.networkId());
if (network) {
if (network->addCredential(tPtr,cap) == Membership::ADD_DEFERRED_FOR_WHOIS)
if (network->addCredential(tPtr,peer->identity(),cap) == Membership::ADD_DEFERRED_FOR_WHOIS)
return false;
}
}
@ -528,7 +529,7 @@ ZT_ALWAYS_INLINE bool _doNETWORK_CREDENTIALS(IncomingPacket &pkt,const RuntimeEn
if ((!network)||(network->id() != tag.networkId()))
network = RR->node->network(tag.networkId());
if (network) {
if (network->addCredential(tPtr,tag) == Membership::ADD_DEFERRED_FOR_WHOIS)
if (network->addCredential(tPtr,peer->identity(),tag) == Membership::ADD_DEFERRED_FOR_WHOIS)
return false;
}
}
@ -541,7 +542,7 @@ ZT_ALWAYS_INLINE bool _doNETWORK_CREDENTIALS(IncomingPacket &pkt,const RuntimeEn
if ((!network)||(network->id() != revocation.networkId()))
network = RR->node->network(revocation.networkId());
if (network) {
if (network->addCredential(tPtr,peer->address(),revocation) == Membership::ADD_DEFERRED_FOR_WHOIS)
if (network->addCredential(tPtr,peer->identity(),revocation) == Membership::ADD_DEFERRED_FOR_WHOIS)
return false;
}
}
@ -554,7 +555,7 @@ ZT_ALWAYS_INLINE bool _doNETWORK_CREDENTIALS(IncomingPacket &pkt,const RuntimeEn
if ((!network)||(network->id() != coo.networkId()))
network = RR->node->network(coo.networkId());
if (network) {
if (network->addCredential(tPtr,coo) == Membership::ADD_DEFERRED_FOR_WHOIS)
if (network->addCredential(tPtr,peer->identity(),coo) == Membership::ADD_DEFERRED_FOR_WHOIS)
return false;
}
}
@ -619,12 +620,13 @@ ZT_ALWAYS_INLINE bool _doMULTICAST_GATHER(IncomingPacket &pkt,const RuntimeEnvir
const SharedPtr<Network> network(RR->node->network(nwid));
if ((flags & 0x01) != 0) {
// LEGACY: older versions would send this
if ((flags & 0x01U) != 0) {
try {
CertificateOfMembership com;
com.deserialize(pkt,ZT_PROTO_VERB_MULTICAST_GATHER_IDX_COM);
if ((com)&&(network))
network->addCredential(tPtr,com);
network->addCredential(tPtr,peer->identity(),com);
} catch ( ... ) {} // discard invalid COMs
}
@ -658,6 +660,7 @@ ZT_ALWAYS_INLINE bool _doMULTICAST_GATHER(IncomingPacket &pkt,const RuntimeEnvir
return true;
}
volatile uint16_t junk = 0;
ZT_ALWAYS_INLINE bool _doPUSH_DIRECT_PATHS(IncomingPacket &pkt,const RuntimeEnvironment *const RR,void *const tPtr,const SharedPtr<Peer> &peer,const SharedPtr<Path> &path)
{
const int64_t now = RR->node->now();
@ -668,7 +671,6 @@ ZT_ALWAYS_INLINE bool _doPUSH_DIRECT_PATHS(IncomingPacket &pkt,const RuntimeEnvi
unsigned int count = pkt.at<uint16_t>(ZT_PACKET_IDX_PAYLOAD);
unsigned int ptr = ZT_PACKET_IDX_PAYLOAD + 2;
uint16_t junk = (uint16_t)Utils::random();
while (count--) {
/* unsigned int flags = (*this)[ptr++]; */ ++ptr;
@ -682,17 +684,20 @@ ZT_ALWAYS_INLINE bool _doPUSH_DIRECT_PATHS(IncomingPacket &pkt,const RuntimeEnvi
const InetAddress a(pkt.field(ptr,4),4,pkt.at<uint16_t>(ptr + 4));
if (peer->shouldTryPath(tPtr,now,peer,a)) {
if (++countPerScope[(int)a.ipScope()][0] <= ZT_PUSH_DIRECT_PATHS_MAX_PER_SCOPE_AND_FAMILY) {
RR->node->putPacket(tPtr,path->localSocket(),a,&junk,2,2); // IPv4 "firewall opener"
RR->node->putPacket(tPtr,path->localSocket(),a,(const void *)&junk,sizeof(junk),2); // IPv4 "firewall opener"
++junk;
peer->sendHELLO(tPtr,-1,a,now);
RR->t->tryingNewPath(tPtr,peer->identity(),a,path->address(),pkt.packetId(),Packet::VERB_PUSH_DIRECT_PATHS,peer->address(),peer->identity().hash(),ZT_TRACE_TRYING_NEW_PATH_REASON_RECEIVED_PUSH_DIRECT_PATHS);
}
}
} break;
case 6: {
const InetAddress a(pkt.field(ptr,16),16,pkt.at<uint16_t>(ptr + 16));
if (peer->shouldTryPath(tPtr,now,peer,a)) {
if (++countPerScope[(int)a.ipScope()][1] <= ZT_PUSH_DIRECT_PATHS_MAX_PER_SCOPE_AND_FAMILY)
if (++countPerScope[(int)a.ipScope()][1] <= ZT_PUSH_DIRECT_PATHS_MAX_PER_SCOPE_AND_FAMILY) {
peer->sendHELLO(tPtr,-1,a,now);
RR->t->tryingNewPath(tPtr,peer->identity(),a,path->address(),pkt.packetId(),Packet::VERB_PUSH_DIRECT_PATHS,peer->address(),peer->identity().hash(),ZT_TRACE_TRYING_NEW_PATH_REASON_RECEIVED_PUSH_DIRECT_PATHS);
}
}
} break;
}

@ -698,7 +698,7 @@ void Node::ncSendRevocation(const Address &destination,const Revocation &rev)
if (destination == RR->identity.address()) {
SharedPtr<Network> n(network(rev.networkId()));
if (!n) return;
n->addCredential((void *)0,RR->identity.address(),rev);
n->addCredential((void *)0,RR->identity,rev);
} else {
Packet outp(destination,RR->identity.address(),Packet::VERB_NETWORK_CREDENTIALS);
outp.append((uint8_t)0x00);

@ -109,30 +109,35 @@ void Peer::received(
}
_lastPrioritizedPaths = now;
InetAddress old;
if (_paths[lastReceiveTimeMaxAt])
old = _paths[lastReceiveTimeMaxAt]->address();
_paths[lastReceiveTimeMaxAt] = path;
_bootstrap = path->address();
_prioritizePaths(now);
RR->t->peerLearnedNewPath(tPtr,networkId,*this,path,packetId);
RR->t->learnedNewPath(tPtr,packetId,_id,path->address(),old);
} else {
if (RR->node->shouldUsePathForZeroTierTraffic(tPtr,_id,path->localSocket(),path->address())) {
RR->t->tryingNewPath(tPtr,_id,path->address(),path->address(),packetId,(uint8_t)verb,_id.address(),_id.hash(),ZT_TRACE_TRYING_NEW_PATH_REASON_PACKET_RECEIVED_FROM_UNKNOWN_PATH);
sendHELLO(tPtr,path->localSocket(),path->address(),now);
path->sent(now);
RR->t->peerConfirmingUnknownPath(tPtr,networkId,*this,path,packetId,verb);
}
}
}
path_check_done:
const int64_t sinceLastP2PInit = now - _lastAttemptedP2PInit;
if (sinceLastP2PInit >= ((hops == 0) ? ZT_DIRECT_PATH_PUSH_INTERVAL_HAVEPATH : ZT_DIRECT_PATH_PUSH_INTERVAL)) {
if ((now - _lastAttemptedP2PInit) >= ((hops == 0) ? ZT_DIRECT_PATH_PUSH_INTERVAL_HAVEPATH : ZT_DIRECT_PATH_PUSH_INTERVAL)) {
_lastAttemptedP2PInit = now;
InetAddress addr;
if ((_bootstrap.type() == Endpoint::INETADDR_V4)||(_bootstrap.type() == Endpoint::INETADDR_V6))
if ((_bootstrap.type() == Endpoint::INETADDR_V4)||(_bootstrap.type() == Endpoint::INETADDR_V6)) {
RR->t->tryingNewPath(tPtr,_id,_bootstrap.inetAddr(),InetAddress::NIL,0,0,0,nullptr,ZT_TRACE_TRYING_NEW_PATH_REASON_BOOTSTRAP_ADDRESS);
sendHELLO(tPtr,-1,_bootstrap.inetAddr(),now);
if (RR->node->externalPathLookup(tPtr,_id,-1,addr)) {
if (RR->node->shouldUsePathForZeroTierTraffic(tPtr,_id,-1,addr))
} if (RR->node->externalPathLookup(tPtr,_id,-1,addr)) {
if (RR->node->shouldUsePathForZeroTierTraffic(tPtr,_id,-1,addr)) {
RR->t->tryingNewPath(tPtr,_id,_bootstrap.inetAddr(),InetAddress::NIL,0,0,0,nullptr,ZT_TRACE_TRYING_NEW_PATH_REASON_EXPLICITLY_SUGGESTED_ADDRESS);
sendHELLO(tPtr,-1,addr,now);
}
}
std::vector<ZT_InterfaceAddress> localInterfaceAddresses(RR->node->localInterfaceAddresses());
@ -157,7 +162,7 @@ path_check_done:
uint8_t addressType = 4;
uint8_t addressLength = 6;
unsigned int ipLength = 4;
const void *rawIpData = (const void *)0;
const void *rawIpData = nullptr;
uint16_t port = 0;
switch(a->ss_family) {
case AF_INET:

@ -12,18 +12,14 @@
/****/
#include <cstdio>
#include <cstdlib>
#include <algorithm>
#include <utility>
#include <stdexcept>
#include "Constants.hpp"
#include "RuntimeEnvironment.hpp"
#include "Switch.hpp"
#include "Node.hpp"
#include "InetAddress.hpp"
#include "Topology.hpp"
#include "Peer.hpp"
#include "SelfAwareness.hpp"
#include "Packet.hpp"
@ -211,7 +207,7 @@ void Switch::onLocalEthernet(void *tPtr,const SharedPtr<Network> &network,const
bool fromBridged;
if ((fromBridged = (from != network->mac()))) {
if (!network->config().permitsBridging(RR->identity.address())) {
RR->t->outgoingNetworkFrameDropped(tPtr,network,from,to,etherType,vlanId,len,ZT_TRACE_FRAME_DROP_REASON_BRIDGING_NOT_ALLOWED_LOCAL);
RR->t->outgoingNetworkFrameDropped(tPtr,network->id(),from,to,(uint16_t)etherType,(uint16_t)len,(const uint8_t *)data,ZT_TRACE_FRAME_DROP_REASON_BRIDGING_NOT_ALLOWED_LOCAL);
return;
}
}
@ -235,7 +231,7 @@ void Switch::onLocalEthernet(void *tPtr,const SharedPtr<Network> &network,const
multicastGroup = MulticastGroup::deriveMulticastGroupForAddressResolution(InetAddress(((const unsigned char *)data) + 24,4,0));
} else if (!network->config().enableBroadcast()) {
// Don't transmit broadcasts if this network doesn't want them
RR->t->outgoingNetworkFrameDropped(tPtr,network,from,to,etherType,vlanId,len,ZT_TRACE_FRAME_DROP_REASON_BROADCAST_DISABLED);
RR->t->outgoingNetworkFrameDropped(tPtr,network->id(),from,to,(uint16_t)etherType,(uint16_t)len,(const uint8_t *)data,ZT_TRACE_FRAME_DROP_REASON_BROADCAST_DISABLED);
return;
}
} else if ((etherType == ZT_ETHERTYPE_IPV6)&&(len >= (40 + 8 + 16))) {
@ -323,7 +319,7 @@ void Switch::onLocalEthernet(void *tPtr,const SharedPtr<Network> &network,const
// Check this after NDP emulation, since that has to be allowed in exactly this case
if (network->config().multicastLimit == 0) {
RR->t->outgoingNetworkFrameDropped(tPtr,network,from,to,etherType,vlanId,len,ZT_TRACE_FRAME_DROP_REASON_MULTICAST_DISABLED);
RR->t->outgoingNetworkFrameDropped(tPtr,network->id(),from,to,(uint16_t)etherType,(uint16_t)len,(const uint8_t *)data,ZT_TRACE_FRAME_DROP_REASON_MULTICAST_DISABLED);
return;
}
@ -336,7 +332,7 @@ void Switch::onLocalEthernet(void *tPtr,const SharedPtr<Network> &network,const
// First pass sets noTee to false, but noTee is set to true in OutboundMulticast to prevent duplicates.
if (!network->filterOutgoingPacket(tPtr,false,RR->identity.address(),Address(),from,to,(const uint8_t *)data,len,etherType,vlanId,qosBucket)) {
RR->t->outgoingNetworkFrameDropped(tPtr,network,from,to,etherType,vlanId,len,ZT_TRACE_FRAME_DROP_REASON_FILTER_BLOCKED);
RR->t->outgoingNetworkFrameDropped(tPtr,network->id(),from,to,(uint16_t)etherType,(uint16_t)len,(const uint8_t *)data,ZT_TRACE_FRAME_DROP_REASON_FILTER_BLOCKED);
return;
}
@ -365,7 +361,7 @@ void Switch::onLocalEthernet(void *tPtr,const SharedPtr<Network> &network,const
SharedPtr<Peer> toPeer(RR->topology->get(tPtr,toZT));
if (!network->filterOutgoingPacket(tPtr,false,RR->identity.address(),toZT,from,to,(const uint8_t *)data,len,etherType,vlanId,qosBucket)) {
RR->t->outgoingNetworkFrameDropped(tPtr,network,from,to,etherType,vlanId,len,ZT_TRACE_FRAME_DROP_REASON_FILTER_BLOCKED);
RR->t->outgoingNetworkFrameDropped(tPtr,network->id(),from,to,(uint16_t)etherType,(uint16_t)len,(const uint8_t *)data,ZT_TRACE_FRAME_DROP_REASON_FILTER_BLOCKED);
return;
}
@ -392,7 +388,7 @@ void Switch::onLocalEthernet(void *tPtr,const SharedPtr<Network> &network,const
// for each ZT destination are also done below. This is the same rationale
// and design as for multicast.
if (!network->filterOutgoingPacket(tPtr,false,RR->identity.address(),Address(),from,to,(const uint8_t *)data,len,etherType,vlanId,qosBucket)) {
RR->t->outgoingNetworkFrameDropped(tPtr,network,from,to,etherType,vlanId,len,ZT_TRACE_FRAME_DROP_REASON_FILTER_BLOCKED);
RR->t->outgoingNetworkFrameDropped(tPtr,network->id(),from,to,(uint16_t)etherType,(uint16_t)len,(const uint8_t *)data,ZT_TRACE_FRAME_DROP_REASON_FILTER_BLOCKED);
return;
}
@ -442,7 +438,7 @@ void Switch::onLocalEthernet(void *tPtr,const SharedPtr<Network> &network,const
outp.append((uint16_t)etherType);
outp.append(data,len);
} else {
RR->t->outgoingNetworkFrameDropped(tPtr,network,from,to,etherType,vlanId,len,ZT_TRACE_FRAME_DROP_REASON_FILTER_BLOCKED_AT_BRIDGE_REPLICATION);
RR->t->outgoingNetworkFrameDropped(tPtr,network->id(),from,to,(uint16_t)etherType,(uint16_t)len,(const uint8_t *)data,ZT_TRACE_FRAME_DROP_REASON_FILTER_BLOCKED_AT_BRIDGE_REPLICATION);
}
}
}

@ -15,6 +15,10 @@
#ifdef __LINUX__
#ifdef __GCC__
#pragma GCC diagnostic ignored "-Wrestrict"
#endif
#include "../node/Utils.hpp"
#include "../node/Mutex.hpp"
#include "../node/Dictionary.hpp"