Starting on new service/ code to encapsulate node/ with osdep/ stuff, and add a user pointer to the CAPI.

5 files changed, 477 insertions, 20 deletions

diff --git a/include/ZeroTierOne.h b/include/ZeroTierOne.h
index 4f743f78..e800292a 100644
--- a/include/ZeroTierOne.h
+++ b/include/ZeroTierOne.h
@@ -611,7 +611,7 @@ typedef void ZT1_Node;
  * on failure, and this results in the network being placed into the
  * PORT_ERROR state.
  */
-typedef int (*ZT1_VirtualNetworkConfigFunction)(ZT1_Node *,uint64_t,enum ZT1_VirtualNetworkConfigOperation,const ZT1_VirtualNetworkConfig *);
+typedef int (*ZT1_VirtualNetworkConfigFunction)(ZT1_Node *,void *,uint64_t,enum ZT1_VirtualNetworkConfigOperation,const ZT1_VirtualNetworkConfig *);
 
 /**
  * Callback for events
@@ -622,7 +622,7 @@ typedef int (*ZT1_VirtualNetworkConfigFunction)(ZT1_Node *,uint64_t,enum ZT1_Vir
  * whether it is present at all) is event type dependent. See the comments
  * in the definition of ZT1_Event.
  */
-typedef void (*ZT1_EventCallback)(ZT1_Node *,enum ZT1_Event,const void *);
+typedef void (*ZT1_EventCallback)(ZT1_Node *,void *,enum ZT1_Event,const void *);
 
 /**
  * Function to get an object from the data store
@@ -644,15 +644,16 @@ typedef void (*ZT1_EventCallback)(ZT1_Node *,enum ZT1_Event,const void *);
  * read. The caller may call the function multiple times to read the whole
  * object.
  */
-typedef long (*ZT1_DataStoreGetFunction)(ZT1_Node *,const char *,void *,unsigned long,unsigned long,unsigned long *);
+typedef long (*ZT1_DataStoreGetFunction)(ZT1_Node *,void *,const char *,void *,unsigned long,unsigned long,unsigned long *);
 
 /**
  * Function to store an object in the data store
  *
- * Parameters: (1) node, (2) object name, (3) object data, (4) object size,
- * and (5) secure? (bool). If secure is true, the file should be set readable
- * and writable only to the user running ZeroTier One. What this means is
- * platform-specific.
+ * Parameters: (1) node, (2) user ptr, (3) object name, (4) object data,
+ * (5) object size, (6) secure? (bool).
+ *
+ * If secure is true, the file should be set readable and writable only
+ * to the user running ZeroTier One. What this means is platform-specific.
  *
  * Name semantics are the same as the get function. This must return zero on
  * success. You can return any OS-specific error code on failure, as these
@@ -661,27 +662,28 @@ typedef long (*ZT1_DataStoreGetFunction)(ZT1_Node *,const char *,void *,unsigned
  * A call to write 0 bytes with a null data pointer should be interpreted
  * as a delete operation. The secure flag is not meaningful in this case.
  */
-typedef int (*ZT1_DataStorePutFunction)(ZT1_Node *,const char *,const void *,unsigned long,int);
+typedef int (*ZT1_DataStorePutFunction)(ZT1_Node *,void *,const char *,const void *,unsigned long,int);
 
 /**
  * Function to send a ZeroTier packet out over the wire
  *
- * Parameters: (1) node, (2) address, (3) link desperation,
- * (4) packet data, (5) packet data length.
+ * Parameters: (1) node, (2) user ptr, (3) address, (4) link desperation,
+ * (5) packet data, (6) packet data length.
  *
  * The function must return zero on success and may return any error code
  * on failure. Note that success does not (of course) guarantee packet
  * delivery. It only means that the packet appears to have been sent.
  */
-typedef int (*ZT1_WirePacketSendFunction)(ZT1_Node *,const struct sockaddr_storage *,unsigned int,const void *,unsigned int);
+typedef int (*ZT1_WirePacketSendFunction)(ZT1_Node *,void *,const struct sockaddr_storage *,unsigned int,const void *,unsigned int);
 
 /**
  * Function to send a frame out to a virtual network port
  *
- * Parameters: (1) node, (2) network ID, (3) source MAC, (4) destination MAC,
- * (5) ethertype, (6) VLAN ID, (7) frame data, (8) frame length.
+ * Parameters: (1) node, (2) user ptr, (3) network ID, (4) source MAC,
+ * (5) destination MAC, (6) ethertype, (7) VLAN ID, (8) frame data,
+ * (9) frame length.
  */
-typedef void (*ZT1_VirtualNetworkFrameFunction)(ZT1_Node *,uint64_t,uint64_t,uint64_t,unsigned int,unsigned int,const void *,unsigned int);
+typedef void (*ZT1_VirtualNetworkFrameFunction)(ZT1_Node *,void *,uint64_t,uint64_t,uint64_t,unsigned int,unsigned int,const void *,unsigned int);
 
 /****************************************************************************/
 /* C Node API                                                               */
@@ -694,6 +696,7 @@ typedef void (*ZT1_VirtualNetworkFrameFunction)(ZT1_Node *,uint64_t,uint64_t,uin
  * will generate an identity.
  *
  * @param node Result: pointer is set to new node instance on success
+ * @param uptr User pointer to pass to functions/callbacks
  * @param now Current clock in milliseconds
  * @param dataStoreGetFunction Function called to get objects from persistent storage
  * @param dataStorePutFunction Function called to put objects in persistent storage
@@ -704,6 +707,7 @@ typedef void (*ZT1_VirtualNetworkFrameFunction)(ZT1_Node *,uint64_t,uint64_t,uin
  */
 enum ZT1_ResultCode ZT1_Node_new(
 	ZT1_Node **node,
+	void *uptr,
 	uint64_t now,
 	ZT1_DataStoreGetFunction dataStoreGetFunction,
 	ZT1_DataStorePutFunction dataStorePutFunction,
diff --git a/node/Node.cpp b/node/Node.cpp
index 4b6f76ee..e6f73879 100644
--- a/node/Node.cpp
+++ b/node/Node.cpp
@@ -51,6 +51,7 @@ namespace ZeroTier {
 
 Node::Node(
 	uint64_t now,
+	void *uptr,
 	ZT1_DataStoreGetFunction dataStoreGetFunction,
 	ZT1_DataStorePutFunction dataStorePutFunction,
 	ZT1_WirePacketSendFunction wirePacketSendFunction,
@@ -59,6 +60,7 @@ Node::Node(
 	ZT1_EventCallback eventCallback,
 	const char *overrideRootTopology) :
 	RR(new RuntimeEnvironment(this)),
+	_uptr(uptr),
 	_dataStoreGetFunction(dataStoreGetFunction),
 	_dataStorePutFunction(dataStorePutFunction),
 	_wirePacketSendFunction(wirePacketSendFunction),
@@ -412,7 +414,7 @@ std::string Node::dataStoreGet(const char *name)
 	std::string r;
 	unsigned long olen = 0;
 	do {
-		long n = _dataStoreGetFunction(reinterpret_cast<ZT1_Node *>(this),name,buf,sizeof(buf),r.length(),&olen);
+		long n = _dataStoreGetFunction(reinterpret_cast<ZT1_Node *>(this),_uptr,name,buf,sizeof(buf),r.length(),&olen);
 		if (n <= 0)
 			return std::string();
 		r.append(buf,n);
@@ -467,6 +469,7 @@ extern "C" {
 
 enum ZT1_ResultCode ZT1_Node_new(
 	ZT1_Node **node,
+	void *uptr,
 	uint64_t now,
 	ZT1_DataStoreGetFunction dataStoreGetFunction,
 	ZT1_DataStorePutFunction dataStorePutFunction,
@@ -478,7 +481,7 @@ enum ZT1_ResultCode ZT1_Node_new(
 {
 	*node = (ZT1_Node *)0;
 	try {
-		*node = reinterpret_cast<ZT1_Node *>(new ZeroTier::Node(now,dataStoreGetFunction,dataStorePutFunction,wirePacketSendFunction,virtualNetworkFrameFunction,virtualNetworkConfigFunction,eventCallback,overrideRootTopology));
+		*node = reinterpret_cast<ZT1_Node *>(new ZeroTier::Node(now,uptr,dataStoreGetFunction,dataStorePutFunction,wirePacketSendFunction,virtualNetworkFrameFunction,virtualNetworkConfigFunction,eventCallback,overrideRootTopology));
 		return ZT1_RESULT_OK;
 	} catch (std::bad_alloc &exc) {
 		return ZT1_RESULT_FATAL_ERROR_OUT_OF_MEMORY;
diff --git a/node/Node.hpp b/node/Node.hpp
index e16061b0..7e943820 100644
--- a/node/Node.hpp
+++ b/node/Node.hpp
@@ -64,6 +64,7 @@ class Node
 public:
 	Node(
 		uint64_t now,
+		void *uptr,
 		ZT1_DataStoreGetFunction dataStoreGetFunction,
 		ZT1_DataStorePutFunction dataStorePutFunction,
 		ZT1_WirePacketSendFunction wirePacketSendFunction,
@@ -125,6 +126,7 @@ public:
 	{
 		return (_wirePacketSendFunction(
 			reinterpret_cast<ZT1_Node *>(this),
+			_uptr,
 			reinterpret_cast<const struct sockaddr_storage *>(&addr),
 			desperation,
 			data,
@@ -146,6 +148,7 @@ public:
 	{
 		_virtualNetworkFrameFunction(
 			reinterpret_cast<ZT1_Node *>(this),
+			_uptr,
 			nwid,
 			source.toInt(),
 			dest.toInt(),
@@ -188,9 +191,9 @@ public:
 	 */
 	inline unsigned int coreDesperation() const throw() { return _coreDesperation; }
 
-	inline bool dataStorePut(const char *name,const void *data,unsigned int len,bool secure) { return (_dataStorePutFunction(reinterpret_cast<ZT1_Node *>(this),name,data,len,(int)secure) == 0); }
+	inline bool dataStorePut(const char *name,const void *data,unsigned int len,bool secure) { return (_dataStorePutFunction(reinterpret_cast<ZT1_Node *>(this),_uptr,name,data,len,(int)secure) == 0); }
 	inline bool dataStorePut(const char *name,const std::string &data,bool secure) { return dataStorePut(name,(const void *)data.data(),(unsigned int)data.length(),secure); }
-	inline void dataStoreDelete(const char *name) { _dataStorePutFunction(reinterpret_cast<ZT1_Node *>(this),name,(const void *)0,0,0); }
+	inline void dataStoreDelete(const char *name) { _dataStorePutFunction(reinterpret_cast<ZT1_Node *>(this),_uptr,name,(const void *)0,0,0); }
 	std::string dataStoreGet(const char *name);
 
 	/**
@@ -199,7 +202,7 @@ public:
 	 * @param ev Event type
 	 * @param md Meta-data (default: NULL/none)
 	 */
-	inline void postEvent(ZT1_Event ev,const void *md = (const void *)0) { _eventCallback(reinterpret_cast<ZT1_Node *>(this),ev,md); }
+	inline void postEvent(ZT1_Event ev,const void *md = (const void *)0) { _eventCallback(reinterpret_cast<ZT1_Node *>(this),_uptr,ev,md); }
 
 	/**
 	 * Update virtual network port configuration
@@ -208,7 +211,7 @@ public:
 	 * @param op Configuration operation
 	 * @param nc Network configuration
 	 */
-	inline int configureVirtualNetworkPort(uint64_t nwid,ZT1_VirtualNetworkConfigOperation op,const ZT1_VirtualNetworkConfig *nc) { return _virtualNetworkConfigFunction(reinterpret_cast<ZT1_Node *>(this),nwid,op,nc); }
+	inline int configureVirtualNetworkPort(uint64_t nwid,ZT1_VirtualNetworkConfigOperation op,const ZT1_VirtualNetworkConfig *nc) { return _virtualNetworkConfigFunction(reinterpret_cast<ZT1_Node *>(this),_uptr,nwid,op,nc); }
 
 	/**
 	 * @return True if we appear to be online
@@ -227,6 +230,8 @@ public:
 private:
 	RuntimeEnvironment *RR;
 
+	void *_uptr;
+
 	ZT1_DataStoreGetFunction _dataStoreGetFunction;
 	ZT1_DataStorePutFunction _dataStorePutFunction;
 	ZT1_WirePacketSendFunction _wirePacketSendFunction;
diff --git a/service/One.cpp b/service/One.cpp
new file mode 100644
index 00000000..f6d2f08d
--- /dev/null
+++ b/service/One.cpp
@@ -0,0 +1,319 @@
+/*
+ * ZeroTier One - Network Virtualization Everywhere
+ * Copyright (C) 2011-2015  ZeroTier, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "../version.h"
+#include "../include/ZeroTierOne.h"
+
+#include "../node/Constants.hpp"
+#include "../node/Mutex.hpp"
+#include "../node/Node.hpp"
+#include "../node/Utils.hpp"
+#include "../node/InetAddress.hpp"
+
+#include "../osdep/Phy.hpp"
+#include "../osdep/Thread.hpp"
+#include "../osdep/OSUtils.hpp"
+
+#include "One.hpp"
+
+namespace ZeroTier {
+
+static void SphyOnDatagramFunction(PhySocket *sock,void **uptr,const struct sockaddr *from,void *data,unsigned long len);
+static void SphyOnTcpConnectFunction(PhySocket *sock,void **uptr,bool success);
+static void SphyOnTcpAcceptFunction(PhySocket *sockL,PhySocket *sockN,void **uptrL,void **uptrN,const struct sockaddr *from);
+static void SphyOnTcpCloseFunction(PhySocket *sock,void **uptr);
+static void SphyOnTcpDataFunction(PhySocket *sock,void **uptr,void *data,unsigned long len);
+static void SphyOnTcpWritableFunction(PhySocket *sock,void **uptr);
+
+static int SnodeVirtualNetworkConfigFunction(ZT1_Node *node,void *uptr,uint64_t nwid,enum ZT1_VirtualNetworkConfigOperation op,const ZT1_VirtualNetworkConfig *nwconf);
+static void SnodeEventCallback(ZT1_Node *node,void *uptr,enum ZT1_Event event,const void *metaData);
+static long SnodeDataStoreGetFunction(ZT1_Node *node,void *uptr,const char *name,void *buf,unsigned long bufSize,unsigned long readIndex,unsigned long *totalSize);
+static int SnodeDataStorePutFunction(ZT1_Node *node,void *uptr,const char *name,const void *data,unsigned long len,int secure);
+static int SnodeWirePacketSendFunction(ZT1_Node *node,void *uptr,const struct sockaddr_storage *addr,unsigned int desperation,const void *data,unsigned int len);
+static void SnodeVirtualNetworkFrameFunction(ZT1_Node *node,void *uptr,uint64_t nwid,uint64_t sourceMac,uint64_t destMac,unsigned int etherType,unsigned int vlanId,const void *data,unsigned int len);
+
+class OneImpl : public One
+{
+public:
+	OneImpl(const char *hp,unsigned int port,NetworkConfigMaster *master,const char *overrideRootTopology) :
+		_phy(SphyOnDatagramFunction,SphyOnTcpWritableFunction,SphyOnTcpAcceptFunction,SphyOnTcpCloseFunction,SphyOnTcpDataFunction,SphyOnTcpWritableFunction,true),
+		_master(master),
+		_overrideRootTopology((overrideRootTopology) ? overrideRootTopology : ""),
+		_node((Node *)0),
+		_nextBackgroundTaskDeadline(0),
+		_termReason(ONE_STILL_RUNNING),
+		_run(true)
+	{
+		struct sockaddr_in in4;
+		struct sockaddr_in6 in6;
+
+		::memset(&in4,0,sizeof(in4));
+		in4.sin_family = AF_INET;
+		in4.sin_port = Utils::hton(port);
+		_v4UdpSocket = _phy.udpBind((const struct sockaddr *)&in4,this,131072);
+		if (!_v4UdpSocket)
+			throw std::runtime_error("cannot bind to port (UDP/IPv4)");
+		_v4TcpListenSocket = _phy.tcpListen((const struct sockaddr *)&in4,this);
+		if (!_v4TcpListenSocket) {
+			_phy.close(_v4UdpSocket);
+			throw std::runtime_error("cannot bind to port (TCP/IPv4)");
+		}
+
+		::memset(in6,0,sizeof(in6));
+		in6.sin_family = AF_INET6;
+		in6.sin_port = in4.sin_port;
+		_v6UdpSocket = _phy.udpBind((const struct sockaddr *)&in6,this,131072);
+		_v6TcpListenSocket = _phy.tcpListen((const struct sockaddr *)&in6,this);
+
+		_thread = Thread::start(this);
+	}
+
+	virtual ~OneImpl()
+	{
+		if (reasonForTermination() == ONE_STILL_RUNNING) {
+			terminate();
+			waitForTermination();
+		}
+		_phy.close(_v4UdpSocket);
+		_phy.close(_v6UdpSocket);
+		_phy.close(_v4TcpListenSocket);
+		_phy.close(_v6TcpListenSocket);
+	}
+
+	virtual ReasonForTermination reasonForTermination()
+	{
+		Mutex::Lock _l(_termReason_m);
+		return _termReason;
+	}
+
+	virtual void waitForTermination()
+	{
+		if (reasonForTermination() == ONE_STILL_RUNNING)
+			Thread::join(_thread);
+	}
+
+	virtual std::string fatalErrorMessage()
+	{
+		Mutex::Lock _l(_termReason_m);
+		return _fatalErrorMessage;
+	}
+
+	virtual void terminate()
+	{
+		_run_m.lock();
+		_run = false;
+		_run_m.unlock();
+		_phy.whack();
+	}
+
+	// Begin private implementation methods
+
+	inline void phyOnDatagramFunction(PhySocket *sock,const struct sockaddr *from,void *data,unsigned long len)
+	{
+		InetAddress fromss(from);
+		ZT1_ResultCode rc = _node->processWirePacket(OSUtils::now(),(const struct sockaddr_storage *)&fromss,0,reinterpret_cast<uint64_t *>(&_nextBackgroundTaskDeadline));
+		if (ZT1_ResultCode_isFatal(rc)) {
+			char tmp[256];
+			Utils::snprintf(tmp,sizeof(tmp),"fatal error code from processWirePacket(%d)",(int)rc);
+			Mutex::Lock _termReason_m;
+			_termReason = ONE_UNRECOVERABLE_ERROR;
+			_fatalErrorMessage = tmp;
+			this->terminate();
+		}
+	}
+
+	inline void phyOnTcpConnectFunction(PhySocket *sock,bool success)
+	{
+	}
+
+	inline void phyOnTcpAcceptFunction(PhySocket *sockN,const struct sockaddr *from)
+	{
+	}
+
+	inline void phyOnTcpCloseFunction(PhySocket *sock)
+	{
+	}
+
+	inline void phyOnTcpDataFunction(PhySocket *sock,void *data,unsigned long len)
+	{
+	}
+
+	inline void phyOnTcpWritableFunction(PhySocket *sock)
+	{
+	}
+
+	inline int nodeVirtualNetworkConfigFunction(uint64_t nwid,enum ZT1_VirtualNetworkConfigOperation op,const ZT1_VirtualNetworkConfig *nwconf)
+	{
+	}
+
+	inline void nodeEventCallback(enum ZT1_Event event,const void *metaData)
+	{
+		switch(event) {
+			case ZT1_EVENT_FATAL_ERROR_IDENTITY_COLLISION: {
+				Mutex::Lock _termReason_m;
+				_termReason = ONE_IDENTITY_COLLISION;
+				_fatalErrorMessage = "identity/address collision";
+				this->terminate();
+			}	break;
+
+			case ZT1_EVENT_SAW_MORE_RECENT_VERSION: {
+			}	break;
+
+			case ZT1_EVENT_TRACE: {
+				if (metaData) {
+					::fprintf(stderr,"%s"ZT_EOL_S,(const char *)metaData);
+					::fflush(stderr);
+				}
+			}	break;
+
+			default:
+				break;
+		}
+	}
+
+	inline long nodeDataStoreGetFunction(const char *name,void *buf,unsigned long bufSize,unsigned long readIndex,unsigned long *totalSize)
+	{
+	}
+
+	inline int nodeDataStorePutFunction(const char *name,const void *data,unsigned long len,int secure)
+	{
+	}
+
+	inline int nodeWirePacketSendFunction(const struct sockaddr_storage *addr,unsigned int desperation,const void *data,unsigned int len)
+	{
+		switch(addr->ss_family) {
+			case AF_INET:
+				if (_v4UdpSocket)
+					_phy.udpSend(_v4UdpSocket,(const struct sockaddr *)addr,data,len);
+				break;
+			case AF_INET6:
+				if (_v6UdpSocket)
+					_phy.udpSend(_v6UdpSocket,(const struct sockaddr *)addr,data,len);
+				break;
+		}
+	}
+
+	inline void nodeVirtualNetworkFrameFunction(uint64_t nwid,uint64_t sourceMac,uint64_t destMac,unsigned int etherType,unsigned int vlanId,const void *data,unsigned int len)
+	{
+	}
+
+	void threadMain()
+		throw()
+	{
+		_nextBackgroundTaskDeadline = OSUtils::now();
+		try {
+			_node = new Node(
+				OSUtils::now(),
+				this,
+				SnodeDataStoreGetFunction,
+				SnodeDataStorePutFunction,
+				SnodeWirePacketSendFunction,
+				SnodeVirtualNetworkFrameFunction,
+				SnodeVirtualNetworkConfigFunction,
+				SnodeEventCallback,
+				((_overrideRootTopology.length() > 0) ? _overrideRootTopology.c_str() : (const char *)0));
+
+			if (_master)
+				_node->setNetconfMaster((void *)_master);
+
+			for(;;) {
+				_run_m.lock();
+				if (!_run) {
+					_run_m.unlock();
+					break;
+				} else _run_m.unlock();
+
+				const uint64_t dl = _nextBackgroundTaskDeadline;
+				const uint64_t now = OSUtils::now();
+				_phy.poll((dl > now) ? (unsigned long)(dl - now) : 500);
+			}
+		} catch (std::exception &exc) {
+			Mutex::Lock _l(_termReason_m);
+			_termReason = ONE_UNRECOVERABLE_ERROR;
+			_fatalErrorMessage = exc.what();
+		} catch ( ... ) {
+			Mutex::Lock _l(_termReason_m);
+			_termReason = ONE_UNRECOVERABLE_ERROR;
+			_fatalErrorMessage = "unexpected exception in main thread";
+		}
+		delete _node;
+	}
+
+private:
+	SimpleFunctionPhy _phy;
+	NetworkConfigMaster *_master;
+	std::string _overrideRootTopology;
+	Node *_node;
+	PhySocket *_v4UdpSocket;
+	PhySocket *_v6UdpSocket;
+	PhySocket *_v4TcpListenSocket;
+	PhySocket *_v6TcpListenSocket;
+	Thread _thread;
+	volatile uint64_t _nextBackgroundTaskDeadline;
+
+	ReasonForTermination _termReason;
+	std::string _fatalErrorMessage;
+	Mutex _termReason_m;
+
+	bool _run;
+	Mutex _run_m;
+};
+
+static void SphyOnDatagramFunction(PhySocket *sock,void **uptr,const struct sockaddr *from,void *data,unsigned long len)
+{ reinterpret_cast<OneImpl *>(*uptr)->phyOnDatagramFunction(sock,data,len); }
+static void SphyOnTcpConnectFunction(PhySocket *sock,void **uptr,bool success)
+{ reinterpret_cast<OneImpl *>(*uptr)->phyOnTcpConnectFunction(sock,success); }
+static void SphyOnTcpAcceptFunction(PhySocket *sockL,PhySocket *sockN,void **uptrL,void **uptrN,const struct sockaddr *from)
+{ *uptrN = *uptrL; reinterpret_cast<OneImpl *>(*uptrL)->phyOnTcpAcceptFunction(sockN,from); }
+static void SphyOnTcpCloseFunction(PhySocket *sock,void **uptr)
+{ reinterpret_cast<OneImpl *>(*uptr)->phyOnTcpCloseFunction(sock); }
+static void SphyOnTcpDataFunction(PhySocket *sock,void **uptr,void *data,unsigned long len)
+{ reinterpret_cast<OneImpl *>(*uptr)->phyOnTcpDataFunction(sock,data,len); }
+static void SphyOnTcpWritableFunction(PhySocket *sock,void **uptr)
+{ reinterpret_cast<OneImpl *>(*uptr)->phyOnTcpWritableFunction(sock); }
+
+static int SnodeVirtualNetworkConfigFunction(ZT1_Node *node,void *uptr,uint64_t nwid,enum ZT1_VirtualNetworkConfigOperation op,const ZT1_VirtualNetworkConfig *nwconf)
+{ reinterpret_cast<OneImpl *>(uptr)->nodeVirtualNetworkConfigFunction(nwid,op,nwconf); }
+static void SnodeEventCallback(ZT1_Node *node,void *uptr,enum ZT1_Event event,const void *metaData)
+{ reinterpret_cast<OneImpl *>(uptr)->nodeEventCallback(event,metaData); }
+static long SnodeDataStoreGetFunction(ZT1_Node *node,void *uptr,const char *name,void *buf,unsigned long bufSize,unsigned long readIndex,unsigned long *totalSize)
+{ reinterpret_cast<OneImpl *>(uptr)->nodeDataStoreGetFunction(name,buf,bufSize,readIndex,totalSize); }
+static int SnodeDataStorePutFunction(ZT1_Node *node,void *uptr,const char *name,const void *data,unsigned long len,int secure)
+{ reinterpret_cast<OneImpl *>(uptr)->nodeDataStorePutFunction(name,data,len,secure); }
+static int SnodeWirePacketSendFunction(ZT1_Node *node,void *uptr,const struct sockaddr_storage *addr,unsigned int desperation,const void *data,unsigned int len)
+{ reinterpret_cast<OneImpl *>(uptr)->nodeWirePacketSendFunction(addr,desperation,data,len); }
+static void SnodeVirtualNetworkFrameFunction(ZT1_Node *node,void *uptr,uint64_t nwid,uint64_t sourceMac,uint64_t destMac,unsigned int etherType,unsigned int vlanId,const void *data,unsigned int len)
+{ reinterpret_cast<OneImpl *>(uptr)->nodeVirtualNetworkFrameFunction(nwid,sourceMac,destMac,etherType,vlanId,data,len); }
+
+One *One::newInstance(const char *hp,unsigned int port,NetworkConfigMaster *master,const char *overrideRootTopology) { return new OneImpl(hp,port,master,overrideRootTopology); }
+One::~One() {}
+
+} // namespace ZeroTier
diff --git a/service/One.hpp b/service/One.hpp
new file mode 100644
index 00000000..78d32e36
--- /dev/null
+++ b/service/One.hpp
@@ -0,0 +1,126 @@
+/*
+ * ZeroTier One - Network Virtualization Everywhere
+ * Copyright (C) 2011-2015  ZeroTier, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#ifndef ZT_ONE_HPP
+#define ZT_ONE_HPP
+
+namespace ZeroTier {
+
+class NetworkConfigMaster;
+
+/**
+ * ZeroTier One -- local VPN/NVF service built around ZeroTier core
+ *
+ * Actual implementation is under the fold, hence the pure virtual
+ * interface.
+ */
+class One
+{
+public:
+	/**
+	 * Returned by node main if/when it terminates
+	 */
+	enum ReasonForTermination
+	{
+		/**
+		 * Instance is still running
+		 */
+		ONE_STILL_RUNNING = 0,
+
+		/**
+		 * Normal shutdown
+		 */
+		ONE_NORMAL_TERMINATION = 1,
+
+		/**
+		 * A serious unrecoverable error has occurred
+		 */
+		ONE_UNRECOVERABLE_ERROR = 2,
+
+		/**
+		 * Your identity has collided with another
+		 */
+		ONE_IDENTITY_COLLISION = 3
+	};
+
+	/**
+	 * Create and start a new instance of the service
+	 *
+	 * @param hp Home path
+	 * @param port TCP and UDP port for packets and HTTP control
+	 * @param master Instance of network config master if this instance is to act as one (default: NULL)
+	 * @param overrideRootTopology String-serialized root topology (for testing, default: NULL)
+	 */
+	static One *newInstance(
+		const char *hp,
+		unsigned int port,
+		NetworkConfigMaster *master = (NetworkConfigMaster *)0),
+		const char *overrideRootTopology = (const char *)0);
+
+	/**
+	 * Deletion will block until service stops if it's still running
+	 */
+	virtual ~One();
+
+	/**
+	 * @return Reason for terminating or ONE_STILL_RUNNING if running
+	 */
+	virtual ReasonForTermination reasonForTermination() = 0;
+
+	/**
+	 * @return Fatal error message or empty string if none
+	 */
+	virtual std::string fatalErrorMessage() = 0;
+
+	/**
+	 * Block until service terminates
+	 */
+	virtual void waitForTermination() = 0;
+
+	/**
+	 * Terminate background service
+	 *
+	 * Actual shutdown might take a few seconds.
+	 */
+	virtual void terminate() = 0;
+
+	/**
+	 * @return True if service is still running
+	 */
+	inline isRunning() const { return (this->reasonForTermination() == ONE_STILL_RUNNING); }
+
+protected:
+	One() {}
+
+private:
+	One(const One &one) {}
+	inline One &operator=(const One &one) { return *this; }
+};
+
+} // namespace ZeroTier
+
+#endif