diff options
| author | Adam Ierymenko <adam.ierymenko@gmail.com> | 2016-06-16 14:50:08 -0700 |
|---|---|---|
| committer | Adam Ierymenko <adam.ierymenko@gmail.com> | 2016-06-16 14:50:08 -0700 |
| commit | bc3d7d11fe13ce7b3a01b77e1002a78e53d99f83 (patch) | |
| tree | 9e4da34ae7e734efe85d036ec6c6ca1208d10746 /netcon | |
| parent | 490d20e8fb1c936324e3501196004592f46b3ff4 (diff) | |
| download | infinitytier-bc3d7d11fe13ce7b3a01b77e1002a78e53d99f83.tar.gz infinitytier-bc3d7d11fe13ce7b3a01b77e1002a78e53d99f83.zip | |
Remove netcon from dev branch. This is moving to its own new ZeroTierSDK repo for future release under the SDK name.
Diffstat (limited to 'netcon')
80 files changed, 0 insertions, 6664 deletions
diff --git a/netcon/Intercept.c b/netcon/Intercept.c deleted file mode 100644 index 48276c96..00000000 --- a/netcon/Intercept.c +++ /dev/null @@ -1,576 +0,0 @@ -/* - * ZeroTier One - Network Virtualization Everywhere - * Copyright (C) 2011-2015 ZeroTier, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * - * -- - * - * ZeroTier may be used and distributed under the terms of the GPLv3, which - * are available at: http://www.gnu.org/licenses/gpl-3.0.html - * - * If you would like to embed ZeroTier into a commercial application or - * redistribute it in a modified binary form, please contact ZeroTier Networks - * LLC. Start here: http://www.zerotier.com/ - */ - -#ifdef USE_GNU_SOURCE -#define _GNU_SOURCE -#endif - -#include <unistd.h> -#include <stdint.h> -#include <stdio.h> -#include <dlfcn.h> -#include <strings.h> -#include <netinet/in.h> -#include <sys/time.h> -#include <pwd.h> -#include <errno.h> -#include <stdarg.h> -#include <netdb.h> -#include <string.h> -#include <sys/types.h> -#include <sys/socket.h> -#include <sys/poll.h> -#include <sys/un.h> -#include <arpa/inet.h> -#include <sys/resource.h> - -#if defined(__linux__) - #include <linux/errno.h> - #include <sys/syscall.h> - #include <linux/net.h> /* for NPROTO */ -#endif - -#if defined(__linux__) - #define SOCK_MAX (SOCK_PACKET + 1) -#endif -#define SOCK_TYPE_MASK 0xf - -#include "Intercept.h" -#include "RPC.h" -#include "common.inc.c" - -/*------------------------------------------------------------------------------ -------------------- Intercept<--->Service Comm mechanisms ---------------------- -------------------------------------------------------------------------------*/ - -static char *netpath = (char *)0; - -/* Check whether the socket is mapped to the service or not. We -need to know if this is a regular AF_LOCAL socket or an end of a socketpair -that the service uses. We don't want to keep state in the intercept, so -we simply ask the service via an RPC */ - -static int connected_to_service(int sockfd) -{ - dwr(MSG_DEBUG,"connected_to_service():\n"); - socklen_t len; - struct sockaddr_storage addr; - len = sizeof addr; - struct sockaddr_un * addr_un; - getpeername(sockfd, (struct sockaddr*)&addr, &len); - if (addr.ss_family == AF_LOCAL || addr.ss_family == AF_LOCAL) { - addr_un = (struct sockaddr_un*)&addr; - if(strcmp(addr_un->sun_path, netpath) == 0) { - dwr(MSG_DEBUG,"connected_to_service(): Yes, %s\n", addr_un->sun_path); - return 1; - } - } - dwr(MSG_DEBUG,"connected_to_service(): Not connected to service\n"); - return 0; -} - -/* get symbols and initialize mutexes */ -static int set_up_intercept() -{ - if (!realconnect) { - -#if defined(__linux__) - realaccept4 = dlsym(RTLD_NEXT, "accept4"); - realsyscall = dlsym(RTLD_NEXT, "syscall"); -#endif - realconnect = dlsym(RTLD_NEXT, "connect"); - realbind = dlsym(RTLD_NEXT, "bind"); - realaccept = dlsym(RTLD_NEXT, "accept"); - reallisten = dlsym(RTLD_NEXT, "listen"); - realsocket = dlsym(RTLD_NEXT, "socket"); - realbind = dlsym(RTLD_NEXT, "bind"); - realsetsockopt = dlsym(RTLD_NEXT, "setsockopt"); - realgetsockopt = dlsym(RTLD_NEXT, "getsockopt"); - realclose = dlsym(RTLD_NEXT, "close"); - realgetsockname = dlsym(RTLD_NEXT, "getsockname"); - } - if (!netpath) { - netpath = getenv("ZT_NC_NETWORK"); - if (!netpath) - return 0; - dwr(MSG_DEBUG,"Connecting to service at: %s\n", netpath); - /* Hook/intercept Posix net API symbols */ - rpc_mutex_init(); - } - return 1; -} - -/*------------------------------------------------------------------------------ ---------------------------------- setsockopt() --------------------------------- -------------------------------------------------------------------------------*/ - -/* int socket, int level, int option_name, const void *option_value, socklen_t option_len */ -int setsockopt(SETSOCKOPT_SIG) -{ - if (!set_up_intercept()) - return realsetsockopt(socket, level, option_name, option_value, option_len); - - dwr(MSG_DEBUG,"setsockopt(%d)\n", socket); -#if defined(__linux__) - if(level == SOL_IPV6 && option_name == IPV6_V6ONLY) - return 0; - if(level == SOL_IP && (option_name == IP_TTL || option_name == IP_TOS)) - return 0; -#endif - if(level == IPPROTO_TCP || (level == SOL_SOCKET && option_name == SO_KEEPALIVE)) - return 0; - if(realsetsockopt(socket, level, option_name, option_value, option_len) < 0) - perror("setsockopt():\n"); - return 0; -} - -/*------------------------------------------------------------------------------ ---------------------------------- getsockopt() --------------------------------- -------------------------------------------------------------------------------*/ - -/* int sockfd, int level, int optname, void *optval, socklen_t *optlen */ -int getsockopt(GETSOCKOPT_SIG) -{ - dwr(MSG_DEBUG,"getsockopt(%d)\n", sockfd); - if (!set_up_intercept() || !connected_to_service(sockfd)) - return realgetsockopt(sockfd, level, optname, optval, optlen); - if(optname == SO_TYPE) { - int* val = (int*)optval; - *val = 2; - optval = (void*)val; - } - return 0; -} - -/*------------------------------------------------------------------------------ ------------------------------------ socket() ----------------------------------- -------------------------------------------------------------------------------*/ - -/* int socket_family, int socket_type, int protocol - socket() intercept function */ -int socket(SOCKET_SIG) -{ - if (!set_up_intercept()) - return realsocket(socket_family, socket_type, protocol); - - dwr(MSG_DEBUG,"socket():\n"); - /* Check that type makes sense */ -#if defined(__linux__) - int flags = socket_type & ~SOCK_TYPE_MASK; - if (flags & ~(SOCK_CLOEXEC | SOCK_NONBLOCK)) { - errno = EINVAL; - return -1; - } -#endif - socket_type &= SOCK_TYPE_MASK; - /* Check protocol is in range */ -#if defined(__linux__) - if (socket_family < 0 || socket_family >= NPROTO){ - errno = EAFNOSUPPORT; - return -1; - } - if (socket_type < 0 || socket_type >= SOCK_MAX) { - errno = EINVAL; - return -1; - } -#endif - /* TODO: detect ENFILE condition */ - if(socket_family == AF_LOCAL -#if defined(__linux__) - || socket_family == AF_NETLINK -#endif - || socket_family == AF_UNIX) { - int err = realsocket(socket_family, socket_type, protocol); - dwr(MSG_DEBUG,"realsocket() = %d\n", err); - return err; - } - /* Assemble and send RPC */ - struct socket_st rpc_st; - rpc_st.socket_family = socket_family; - rpc_st.socket_type = socket_type; - rpc_st.protocol = protocol; - rpc_st.__tid = syscall(SYS_gettid); - /* -1 is passed since we we're generating the new socket in this call */ - return rpc_send_command(netpath, RPC_SOCKET, -1, &rpc_st, sizeof(struct socket_st)); -} - -/*------------------------------------------------------------------------------ ----------------------------------- connect() ----------------------------------- -------------------------------------------------------------------------------*/ - -/* int __fd, const struct sockaddr * __addr, socklen_t __len - connect() intercept function */ -int connect(CONNECT_SIG) -{ - if (!set_up_intercept()) - return realconnect(__fd, __addr, __len); - - struct sockaddr_in *connaddr; - connaddr = (struct sockaddr_in *)__addr; - if(__addr->sa_family == AF_LOCAL || __addr->sa_family == AF_UNIX) { - struct sockaddr_storage storage; - memcpy(&storage, __addr, __len); - struct sockaddr_un *s_un = (struct sockaddr_un*)&storage; - dwr(MSG_DEBUG, "connect(): address = %s\n", s_un->sun_path); - } - - int port = connaddr->sin_port; - int ip = connaddr->sin_addr.s_addr; - unsigned char d[4]; - d[0] = ip & 0xFF; - d[1] = (ip >> 8) & 0xFF; - d[2] = (ip >> 16) & 0xFF; - d[3] = (ip >> 24) & 0xFF; - dwr(MSG_DEBUG,"connect(): %d.%d.%d.%d: %d\n", d[0],d[1],d[2],d[3], ntohs(port)); - - dwr(MSG_DEBUG,"connect(%d):\n", __fd); - /* Check that this is a valid fd */ - if(fcntl(__fd, F_GETFD) < 0) { - errno = EBADF; - return -1; - } - /* Check that it is a socket */ - int sock_type; - socklen_t sock_type_len = sizeof(sock_type); - if(getsockopt(__fd, SOL_SOCKET, SO_TYPE, (void *) &sock_type, &sock_type_len) < 0) { - errno = ENOTSOCK; - return -1; - } -#if defined(__linux__) - /* Check family */ - if (connaddr->sin_family < 0 || connaddr->sin_family >= NPROTO){ - errno = EAFNOSUPPORT; - return -1; - } -#endif - /* make sure we don't touch any standard outputs */ - if(__fd == STDIN_FILENO || __fd == STDOUT_FILENO || __fd == STDERR_FILENO) - return(realconnect(__fd, __addr, __len)); - - if(__addr != NULL && (connaddr->sin_family == AF_LOCAL -#if defined(__linux__) - || connaddr->sin_family == PF_NETLINK - || connaddr->sin_family == AF_NETLINK -#endif - || connaddr->sin_family == AF_UNIX)) { - return realconnect(__fd, __addr, __len); - } - /* Assemble and send RPC */ - struct connect_st rpc_st; -#if defined(__linux__) - rpc_st.__tid = syscall(SYS_gettid); -#endif - rpc_st.__fd = __fd; - memcpy(&rpc_st.__addr, __addr, sizeof(struct sockaddr_storage)); - memcpy(&rpc_st.__len, &__len, sizeof(socklen_t)); - return rpc_send_command(netpath, RPC_CONNECT, __fd, &rpc_st, sizeof(struct connect_st)); -} - -/*------------------------------------------------------------------------------ ------------------------------------- bind() ------------------------------------ -------------------------------------------------------------------------------*/ - -/* int sockfd, const struct sockaddr *addr, socklen_t addrlen - bind() intercept function */ -int bind(BIND_SIG) -{ - if (!set_up_intercept()) - return realbind(sockfd, addr, addrlen); - - dwr(MSG_DEBUG,"bind(%d):\n", sockfd); - /* Check that this is a valid fd */ - if(fcntl(sockfd, F_GETFD) < 0) { - errno = EBADF; - return -1; - } - /* Check that it is a socket */ - int opt = -1; - socklen_t opt_len; - if(getsockopt(sockfd, SOL_SOCKET, SO_TYPE, (void *) &opt, &opt_len) < 0) { - errno = ENOTSOCK; - return -1; - } - /* make sure we don't touch any standard outputs */ - if(sockfd == STDIN_FILENO || sockfd == STDOUT_FILENO || sockfd == STDERR_FILENO) - return(realbind(sockfd, addr, addrlen)); - /* If local, just use normal syscall */ - struct sockaddr_in *connaddr; - connaddr = (struct sockaddr_in *)addr; - - if(connaddr->sin_family == AF_LOCAL -#if defined(__linux__) - || connaddr->sin_family == AF_NETLINK -#endif - || connaddr->sin_family == AF_UNIX) { - int err = realbind(sockfd, addr, addrlen); - dwr(MSG_DEBUG,"realbind, err = %d\n", err); - return err; - } - int port = connaddr->sin_port; - int ip = connaddr->sin_addr.s_addr; - unsigned char d[4]; - d[0] = ip & 0xFF; - d[1] = (ip >> 8) & 0xFF; - d[2] = (ip >> 16) & 0xFF; - d[3] = (ip >> 24) & 0xFF; - dwr(MSG_DEBUG,"bind(): %d.%d.%d.%d: %d\n", d[0],d[1],d[2],d[3], ntohs(port)); - /* Assemble and send RPC */ - struct bind_st rpc_st; - rpc_st.sockfd = sockfd; -#if defined(__linux__) - rpc_st.__tid = syscall(SYS_gettid); -#endif - memcpy(&rpc_st.addr, addr, sizeof(struct sockaddr_storage)); - memcpy(&rpc_st.addrlen, &addrlen, sizeof(socklen_t)); - return rpc_send_command(netpath, RPC_BIND, sockfd, &rpc_st, sizeof(struct bind_st)); -} - -/*------------------------------------------------------------------------------ ------------------------------------ accept4() ---------------------------------- -------------------------------------------------------------------------------*/ - -/* int sockfd, struct sockaddr *addr, socklen_t *addrlen, int flags */ -#if defined(__linux__) -int accept4(ACCEPT4_SIG) -{ - dwr(MSG_DEBUG,"accept4(%d):\n", sockfd); - if ((flags & SOCK_CLOEXEC)) - fcntl(sockfd, F_SETFL, FD_CLOEXEC); - if ((flags & SOCK_NONBLOCK)) - fcntl(sockfd, F_SETFL, O_NONBLOCK); - return accept(sockfd, addr, addrlen); -} -#endif - -/*------------------------------------------------------------------------------ ------------------------------------ accept() ----------------------------------- -------------------------------------------------------------------------------*/ - -/* int sockfd struct sockaddr *addr, socklen_t *addrlen - accept() intercept function */ -int accept(ACCEPT_SIG) -{ - if (!set_up_intercept()) - return realaccept(sockfd, addr, addrlen); - - dwr(MSG_DEBUG,"accept(%d):\n", sockfd); - /* Check that this is a valid fd */ - if(fcntl(sockfd, F_GETFD) < 0) { - return -1; - errno = EBADF; - dwr(MSG_DEBUG,"EBADF\n"); - return -1; - } - /* Check that it is a socket */ - int opt; - socklen_t opt_len; - if(getsockopt(sockfd, SOL_SOCKET, SO_TYPE, (void *) &opt, &opt_len) < 0) { - errno = ENOTSOCK; - dwr(MSG_DEBUG,"ENOTSOCK\n"); - return -1; - } - /* Check that this socket supports accept() */ - if(!(opt && (SOCK_STREAM | SOCK_SEQPACKET))) { - errno = EOPNOTSUPP; - dwr(MSG_DEBUG,"EOPNOTSUPP\n"); - return -1; - } - /* Check that we haven't hit the soft-limit file descriptors allowed */ - struct rlimit rl; - getrlimit(RLIMIT_NOFILE, &rl); - if(sockfd >= rl.rlim_cur){ - errno = EMFILE; - dwr(MSG_DEBUG,"EMFILE\n"); - return -1; - } - /* Check address length */ - if(addrlen < 0) { - errno = EINVAL; - dwr(MSG_DEBUG,"EINVAL\n"); - return -1; - } - /* redirect calls for standard I/O descriptors to kernel */ - if(sockfd == STDIN_FILENO || sockfd == STDOUT_FILENO || sockfd == STDERR_FILENO){ - dwr(MSG_DEBUG,"realaccept():\n"); - return(realaccept(sockfd, addr, addrlen)); - } - if(addr) - addr->sa_family = AF_INET; - - int new_fd = get_new_fd(sockfd); - if(new_fd > 0) { - errno = ERR_OK; - return new_fd; - } - errno = EAGAIN; - return -EAGAIN; -} - -/*------------------------------------------------------------------------------ -------------------------------------- listen()---------------------------------- -------------------------------------------------------------------------------*/ - -/* int sockfd, int backlog */ -int listen(LISTEN_SIG) -{ - if (!set_up_intercept()) - return(reallisten(sockfd, backlog)); - - dwr(MSG_DEBUG,"listen(%d):\n", sockfd); - int sock_type; - socklen_t sock_type_len = sizeof(sock_type); - - /* Check that this is a valid fd */ - if(fcntl(sockfd, F_GETFD) < 0) { - errno = EBADF; - return -1; - } - /* Check that it is a socket */ - if(getsockopt(sockfd, SOL_SOCKET, SO_TYPE, (void *) &sock_type, &sock_type_len) < 0) { - errno = ENOTSOCK; - return -1; - } - /* Check that this socket supports accept() */ - if(!(sock_type && (SOCK_STREAM | SOCK_SEQPACKET))) { - errno = EOPNOTSUPP; - return -1; - } - /* make sure we don't touch any standard outputs */ - if(sockfd == STDIN_FILENO || sockfd == STDOUT_FILENO || sockfd == STDERR_FILENO) - return(reallisten(sockfd, backlog)); - - if(!connected_to_service(sockfd)) { - reallisten(sockfd, backlog); - } - /* Assemble and send RPC */ - struct listen_st rpc_st; - rpc_st.sockfd = sockfd; - rpc_st.backlog = backlog; -#if defined(__linux__) - rpc_st.__tid = syscall(SYS_gettid); -#endif - return rpc_send_command(netpath, RPC_LISTEN, sockfd, &rpc_st, sizeof(struct listen_st)); -} - -/*------------------------------------------------------------------------------ -------------------------------------- close() ---------------------------------- -------------------------------------------------------------------------------*/ - -/* int fd */ -int close(CLOSE_SIG) -{ - dwr(MSG_DEBUG, "close(%d)\n", fd); - set_up_intercept(); - return realclose(fd); -} - -/*------------------------------------------------------------------------------ --------------------------------- getsockname() --------------------------------- -------------------------------------------------------------------------------*/ - -/* int sockfd, struct sockaddr *addr, socklen_t *addrlen */ -int getsockname(GETSOCKNAME_SIG) -{ - if (!set_up_intercept()) - return realgetsockname(sockfd, addr, addrlen); - - dwr(MSG_DEBUG,"getsockname(%d)\n", sockfd); - if(!connected_to_service(sockfd)) { - dwr(MSG_DEBUG,"getsockname(): not used by service\n"); - return realgetsockname(sockfd, addr, addrlen); - } - /* This is kind of a hack as it stands -- assumes sockaddr is sockaddr_in - * and is an IPv4 address. */ - - /* assemble and send command */ - struct getsockname_st rpc_st; - rpc_st.sockfd = sockfd; - memcpy(&rpc_st.addr, addr, *addrlen); - memcpy(&rpc_st.addrlen, &addrlen, sizeof(socklen_t)); - int rpcfd = rpc_send_command(netpath, RPC_GETSOCKNAME, sockfd, &rpc_st, sizeof(struct getsockname_st)); - /* read address info from service */ - char addrbuf[sizeof(struct sockaddr_storage)]; - memset(&addrbuf, 0, sizeof(struct sockaddr_storage)); - - if(rpcfd > -1) - if(read(rpcfd, &addrbuf, sizeof(struct sockaddr_storage)) > 0) - close(rpcfd); - - struct sockaddr_storage sock_storage; - memcpy(&sock_storage, addrbuf, sizeof(struct sockaddr_storage)); - *addrlen = sizeof(struct sockaddr_in); - memcpy(addr, &sock_storage, (*addrlen > sizeof(sock_storage)) ? sizeof(sock_storage) : *addrlen); - addr->sa_family = AF_INET; - return 0; -} - -/*------------------------------------------------------------------------------ ------------------------------------- syscall() --------------------------------- -------------------------------------------------------------------------------*/ - -#if defined(__linux__) -long syscall(SYSCALL_SIG) -{ - va_list ap; - uintptr_t a,b,c,d,e,f; - va_start(ap, number); - a=va_arg(ap, uintptr_t); - b=va_arg(ap, uintptr_t); - c=va_arg(ap, uintptr_t); - d=va_arg(ap, uintptr_t); - e=va_arg(ap, uintptr_t); - f=va_arg(ap, uintptr_t); - va_end(ap); - - if (!set_up_intercept()) - return realsyscall(number,a,b,c,d,e,f); - - dwr(MSG_DEBUG_EXTRA,"syscall(%u, ...):\n", number); - -#if defined(__i386__) - /* TODO: Implement for 32-bit systems: syscall(__NR_socketcall, 18, args); - args[0] = (unsigned long) fd; - args[1] = (unsigned long) addr; - args[2] = (unsigned long) addrlen; - args[3] = (unsigned long) flags; - */ -#else - if(number == __NR_accept4) { - int sockfd = a; - struct sockaddr * addr = (struct sockaddr*)b; - socklen_t * addrlen = (socklen_t*)c; - int flags = d; - int old_errno = errno; - int err = accept4(sockfd, addr, addrlen, flags); - errno = old_errno; - err = err == -EBADF ? -EAGAIN : err; - return err; - } -#endif - return realsyscall(number,a,b,c,d,e,f); -} -#endif
\ No newline at end of file diff --git a/netcon/Intercept.h b/netcon/Intercept.h deleted file mode 100644 index 9593468f..00000000 --- a/netcon/Intercept.h +++ /dev/null @@ -1,94 +0,0 @@ -/* - * ZeroTier One - Network Virtualization Everywhere - * Copyright (C) 2011-2015 ZeroTier, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * - * -- - * - * ZeroTier may be used and distributed under the terms of the GPLv3, which - * are available at: http://www.gnu.org/licenses/gpl-3.0.html - * - * If you would like to embed ZeroTier into a commercial application or - * redistribute it in a modified binary form, please contact ZeroTier Networks - * LLC. Start here: http://www.zerotier.com/ - */ - -#ifndef _INTERCEPT_H -#define _INTERCEPT_H 1 - -#include <sys/socket.h> - - -#if defined(__linux__) - #define ACCEPT4_SIG int sockfd, struct sockaddr *addr, socklen_t *addrlen, int flags - #define SYSCALL_SIG long number, ... -#endif - -#define CLOSE_SIG int fd -#define READ_SIG int __fd, void *__buf, size_t __nbytes -#define BIND_SIG int sockfd, const struct sockaddr *addr, socklen_t addrlen -#define CONNECT_SIG int __fd, const struct sockaddr * __addr, socklen_t __len -#define WRITE_SIG int __fd, const void *__buf, size_t __n -#define LISTEN_SIG int sockfd, int backlog -#define SOCKET_SIG int socket_family, int socket_type, int protocol -#define ACCEPT_SIG int sockfd, struct sockaddr *addr, socklen_t *addrlen -#define SHUTDOWN_SIG int socket, int how -#define CONNECT_SOCKARG struct sockaddr * -#define IOCTL_SIG int __fd, unsigned long int __request, ... -#define FCNTL_SIG int __fd, int __cmd, ... -#define DAEMON_SIG int nochdir, int noclose -#define SETSOCKOPT_SIG int socket, int level, int option_name, const void *option_value, socklen_t option_len -#define GETSOCKOPT_SIG int sockfd, int level, int optname, void *optval, socklen_t *optlen -#define CLONE_SIG int (*fn)(void *), void *child_stack, int flags, void *arg, ... -#define GETSOCKNAME_SIG int sockfd, struct sockaddr *addr, socklen_t *addrlen -#define DUP2_SIG int oldfd, int newfd -#define DUP3_SIG int oldfd, int newfd, int flags - - -#if defined(__linux__) - int accept4(ACCEPT4_SIG); - long syscall(SYSCALL_SIG); -#endif - -void my_init(void); -int connect(CONNECT_SIG); -int bind(BIND_SIG); -int accept(ACCEPT_SIG); -int listen(LISTEN_SIG); -int socket(SOCKET_SIG); -int setsockopt(SETSOCKOPT_SIG); -int getsockopt(GETSOCKOPT_SIG); -int close(CLOSE_SIG); -int clone(CLONE_SIG); -int dup2(DUP2_SIG); -int dup3(DUP3_SIG); -int getsockname(GETSOCKNAME_SIG); - -#if defined(__linux__) - static int (*realaccept4)(ACCEPT4_SIG) = 0; - static long (*realsyscall)(SYSCALL_SIG) = 0; -#endif - -static int (*realconnect)(CONNECT_SIG) = 0; -static int (*realbind)(BIND_SIG) = 0; -static int (*realaccept)(ACCEPT_SIG) = 0; -static int (*reallisten)(LISTEN_SIG) = 0; -static int (*realsocket)(SOCKET_SIG) = 0; -static int (*realsetsockopt)(SETSOCKOPT_SIG) = 0; -static int (*realgetsockopt)(GETSOCKOPT_SIG) = 0; -static int (*realclose)(CLOSE_SIG) = 0; -static int (*realgetsockname)(GETSOCKNAME_SIG) = 0; - -#endif diff --git a/netcon/LWIPStack.hpp b/netcon/LWIPStack.hpp deleted file mode 100644 index 2ad1a843..00000000 --- a/netcon/LWIPStack.hpp +++ /dev/null @@ -1,223 +0,0 @@ -/* - * ZeroTier One - Network Virtualization Everywhere - * Copyright (C) 2011-2015 ZeroTier, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * - * -- - * - * ZeroTier may be used and distributed under the terms of the GPLv3, which - * are available at: http://www.gnu.org/licenses/gpl-3.0.html - * - * If you would like to embed ZeroTier into a commercial application or - * redistribute it in a modified binary form, please contact ZeroTier Networks - * LLC. Start here: http://www.zerotier.com/ - */ - -#ifndef ZT_LWIPSTACK_H -#define ZT_LWIPSTACK_H - -#include "lwip/mem.h" -#include "lwip/pbuf.h" -#include "lwip/ip_addr.h" -#include "lwip/netif.h" - -#include "../node/Mutex.hpp" - -#include <stdio.h> -#include <dlfcn.h> - -#ifdef D_GNU_SOURCE - #define _GNU_SOURCE -#endif - -typedef ip_addr ip_addr_t; -struct tcp_pcb; - -#define TCP_WRITE_SIG struct tcp_pcb *pcb, const void *arg, u16_t len, u8_t apiflags -#define TCP_SENT_SIG struct tcp_pcb * pcb, err_t (* sent)(void * arg, struct tcp_pcb * tpcb, u16_t len) -#define TCP_NEW_SIG void -#define TCP_SNDBUF_SIG struct tcp_pcb * pcb -#define TCP_CONNECT_SIG struct tcp_pcb * pcb, struct ip_addr * ipaddr, u16_t port, err_t (* connected)(void * arg, struct tcp_pcb * tpcb, err_t err) -#define TCP_RECV_SIG struct tcp_pcb * pcb, err_t (* recv)(void * arg, struct tcp_pcb * tpcb, struct pbuf * p, err_t err) -#define TCP_RECVED_SIG struct tcp_pcb * pcb, u16_t len -#define TCP_ERR_SIG struct tcp_pcb * pcb, void (* err)(void * arg, err_t err) -#define TCP_POLL_SIG struct tcp_pcb * pcb, err_t (* poll)(void * arg, struct tcp_pcb * tpcb), u8_t interval -#define TCP_ARG_SIG struct tcp_pcb * pcb, void * arg -#define TCP_CLOSE_SIG struct tcp_pcb * pcb -#define TCP_ABORT_SIG struct tcp_pcb * pcb -#define TCP_OUTPUT_SIG struct tcp_pcb * pcb -#define TCP_ACCEPT_SIG struct tcp_pcb * pcb, err_t (* accept)(void * arg, struct tcp_pcb * newpcb, err_t err) -#define TCP_LISTEN_SIG struct tcp_pcb * pcb -#define TCP_LISTEN_WITH_BACKLOG_SIG struct tcp_pcb * pcb, u8_t backlog -#define TCP_BIND_SIG struct tcp_pcb * pcb, struct ip_addr * ipaddr, u16_t port -#define PBUF_FREE_SIG struct pbuf *p -#define PBUF_ALLOC_SIG pbuf_layer layer, u16_t length, pbuf_type type -#define LWIP_HTONS_SIG u16_t x -#define LWIP_NTOHS_SIG u16_t x -#define IPADDR_NTOA_SIG const ip_addr_t *addr -#define ETHARP_OUTPUT_SIG struct netif *netif, struct pbuf *q, ip_addr_t *ipaddr -#define ETHERNET_INPUT_SIG struct pbuf *p, struct netif *netif -#define TCP_INPUT_SIG struct pbuf *p, struct netif *inp -#define IP_INPUT_SIG struct pbuf *p, struct netif *inp -#define NETIF_SET_DEFAULT_SIG struct netif *netif -#define NETIF_ADD_SIG struct netif *netif, ip_addr_t *ipaddr, ip_addr_t *netmask, ip_addr_t *gw, void *state, netif_init_fn init, netif_input_fn input -#define NETIF_SET_UP_SIG struct netif *netif -#define NETIF_POLL_SIG struct netif *netif - -namespace ZeroTier { - -/** - * Loads an instance of liblwip.so in a private memory arena - * - * This uses dlmopen() to load an instance of the LWIP stack into its - * own private memory space. This is done to get around the stack's - * lack of thread-safety or multi-instance support. The alternative - * would be to massively refactor the stack so everything lives in a - * state object instead of static memory space. - */ -class LWIPStack -{ -public: - void *_libref; - - void (*_lwip_init)(); - err_t (*_tcp_write)(TCP_WRITE_SIG); - void (*_tcp_sent)(TCP_SENT_SIG); - struct tcp_pcb * (*_tcp_new)(TCP_NEW_SIG); - u16_t (*_tcp_sndbuf)(TCP_SNDBUF_SIG); - err_t (*_tcp_connect)(TCP_CONNECT_SIG); - void (*_tcp_recv)(TCP_RECV_SIG); - void (*_tcp_recved)(TCP_RECVED_SIG); - void (*_tcp_err)(TCP_ERR_SIG); - void (*_tcp_poll)(TCP_POLL_SIG); - void (*_tcp_arg)(TCP_ARG_SIG); - err_t (*_tcp_close)(TCP_CLOSE_SIG); - void (*_tcp_abort)(TCP_ABORT_SIG); - err_t (*_tcp_output)(TCP_OUTPUT_SIG); - void (*_tcp_accept)(TCP_ACCEPT_SIG); - struct tcp_pcb * (*_tcp_listen)(TCP_LISTEN_SIG); - struct tcp_pcb * (*_tcp_listen_with_backlog)(TCP_LISTEN_WITH_BACKLOG_SIG); - err_t (*_tcp_bind)(TCP_BIND_SIG); - void (*_etharp_tmr)(void); - void (*_tcp_tmr)(void); - u8_t (*_pbuf_free)(PBUF_FREE_SIG); - struct pbuf * (*_pbuf_alloc)(PBUF_ALLOC_SIG); - u16_t (*_lwip_htons)(LWIP_HTONS_SIG); - u16_t (*_lwip_ntohs)(LWIP_NTOHS_SIG); - char* (*_ipaddr_ntoa)(IPADDR_NTOA_SIG); - err_t (*_etharp_output)(ETHARP_OUTPUT_SIG); - err_t (*_ethernet_input)(ETHERNET_INPUT_SIG); - void (*_tcp_input)(TCP_INPUT_SIG); - err_t (*_ip_input)(IP_INPUT_SIG); - void (*_netif_set_default)(NETIF_SET_DEFAULT_SIG); - struct netif * (*_netif_add)(NETIF_ADD_SIG); - void (*_netif_set_up)(NETIF_SET_UP_SIG); - void (*_netif_poll)(NETIF_POLL_SIG); - - - Mutex _lock; - - LWIPStack(const char* path) : - _libref(NULL) - { - -#if defined(__linux__) - _libref = dlmopen(LM_ID_NEWLM, path, RTLD_NOW); -#elif defined(__APPLE__) - _libref = dlopen(path, RTLD_NOW); -#endif - - if(_libref == NULL) - printf("dlerror(): %s\n", dlerror()); - - _lwip_init = (void(*)(void))dlsym(_libref, "lwip_init"); - _tcp_write = (err_t(*)(TCP_WRITE_SIG))dlsym(_libref, "tcp_write"); - _tcp_sent = (void(*)(TCP_SENT_SIG))dlsym(_libref, "tcp_sent"); - _tcp_new = (struct tcp_pcb*(*)(TCP_NEW_SIG))dlsym(_libref, "tcp_new"); - _tcp_sndbuf = (u16_t(*)(TCP_SNDBUF_SIG))dlsym(_libref, "tcp_sndbuf"); - _tcp_connect = (err_t(*)(TCP_CONNECT_SIG))dlsym(_libref, "tcp_connect"); - _tcp_recv = (void(*)(TCP_RECV_SIG))dlsym(_libref, "tcp_recv"); - _tcp_recved = (void(*)(TCP_RECVED_SIG))dlsym(_libref, "tcp_recved"); - _tcp_err = (void(*)(TCP_ERR_SIG))dlsym(_libref, "tcp_err"); - _tcp_poll = (void(*)(TCP_POLL_SIG))dlsym(_libref, "tcp_poll"); - _tcp_arg = (void(*)(TCP_ARG_SIG))dlsym(_libref, "tcp_arg"); - _tcp_close = (err_t(*)(TCP_CLOSE_SIG))dlsym(_libref, "tcp_close"); - _tcp_abort = (void(*)(TCP_ABORT_SIG))dlsym(_libref, "tcp_abort"); - _tcp_output = (err_t(*)(TCP_OUTPUT_SIG))dlsym(_libref, "tcp_output"); - _tcp_accept = (void(*)(TCP_ACCEPT_SIG))dlsym(_libref, "tcp_accept"); - _tcp_listen = (struct tcp_pcb*(*)(TCP_LISTEN_SIG))dlsym(_libref, "tcp_listen"); - _tcp_listen_with_backlog = (struct tcp_pcb*(*)(TCP_LISTEN_WITH_BACKLOG_SIG))dlsym(_libref, "tcp_listen_with_backlog"); - _tcp_bind = (err_t(*)(TCP_BIND_SIG))dlsym(_libref, "tcp_bind"); - _etharp_tmr = (void(*)(void))dlsym(_libref, "etharp_tmr"); - _tcp_tmr = (void(*)(void))dlsym(_libref, "tcp_tmr"); - _pbuf_free = (u8_t(*)(PBUF_FREE_SIG))dlsym(_libref, "pbuf_free"); - _pbuf_alloc = (struct pbuf*(*)(PBUF_ALLOC_SIG))dlsym(_libref, "pbuf_alloc"); - _lwip_htons = (u16_t(*)(LWIP_HTONS_SIG))dlsym(_libref, "lwip_htons"); - _lwip_ntohs = (u16_t(*)(LWIP_NTOHS_SIG))dlsym(_libref, "lwip_ntohs"); - _ipaddr_ntoa = (char*(*)(IPADDR_NTOA_SIG))dlsym(_libref, "ipaddr_ntoa"); - _etharp_output = (err_t(*)(ETHARP_OUTPUT_SIG))dlsym(_libref, "etharp_output"); - _ethernet_input = (err_t(*)(ETHERNET_INPUT_SIG))dlsym(_libref, "ethernet_input"); - _tcp_input = (void(*)(TCP_INPUT_SIG))dlsym(_libref, "tcp_input"); - _ip_input = (err_t(*)(IP_INPUT_SIG))dlsym(_libref, "ip_input"); - _netif_set_default = (void(*)(NETIF_SET_DEFAULT_SIG))dlsym(_libref, "netif_set_default"); - _netif_add = (struct netif*(*)(NETIF_ADD_SIG))dlsym(_libref, "netif_add"); - _netif_set_up = (void(*)(NETIF_SET_UP_SIG))dlsym(_libref, "netif_set_up"); - _netif_poll = (void(*)(NETIF_POLL_SIG))dlsym(_libref, "netif_poll"); - } - - ~LWIPStack() - { - if (_libref) - dlclose(_libref); - } - - inline void lwip_init() throw() { Mutex::Lock _l(_lock); return _lwip_init(); } - inline err_t tcp_write(TCP_WRITE_SIG) throw() { Mutex::Lock _l(_lock); return _tcp_write(pcb,arg,len,apiflags); } - inline void tcp_sent(TCP_SENT_SIG) throw() { Mutex::Lock _l(_lock); return _tcp_sent(pcb,sent); } - inline struct tcp_pcb * tcp_new(TCP_NEW_SIG) throw() { Mutex::Lock _l(_lock); return _tcp_new(); } - inline u16_t tcp_sndbuf(TCP_SNDBUF_SIG) throw() { Mutex::Lock _l(_lock); return _tcp_sndbuf(pcb); } - inline err_t tcp_connect(TCP_CONNECT_SIG) throw() { Mutex::Lock _l(_lock); return _tcp_connect(pcb,ipaddr,port,connected); } - inline void tcp_recv(TCP_RECV_SIG) throw() { Mutex::Lock _l(_lock); return _tcp_recv(pcb,recv); } - inline void tcp_recved(TCP_RECVED_SIG) throw() { Mutex::Lock _l(_lock); return _tcp_recved(pcb,len); } - inline void tcp_err(TCP_ERR_SIG) throw() { Mutex::Lock _l(_lock); return _tcp_err(pcb,err); } - inline void tcp_poll(TCP_POLL_SIG) throw() { Mutex::Lock _l(_lock); return _tcp_poll(pcb,poll,interval); } - inline void tcp_arg(TCP_ARG_SIG) throw() { Mutex::Lock _l(_lock); return _tcp_arg(pcb,arg); } - inline err_t tcp_close(TCP_CLOSE_SIG) throw() { Mutex::Lock _l(_lock); return _tcp_close(pcb); } - inline void tcp_abort(TCP_ABORT_SIG) throw() { Mutex::Lock _l(_lock); return _tcp_abort(pcb); } - inline err_t tcp_output(TCP_OUTPUT_SIG) throw() { Mutex::Lock _l(_lock); return _tcp_output(pcb); } - inline void tcp_accept(TCP_ACCEPT_SIG) throw() { Mutex::Lock _l(_lock); return _tcp_accept(pcb,accept); } - inline struct tcp_pcb * tcp_listen(TCP_LISTEN_SIG) throw() { Mutex::Lock _l(_lock); return _tcp_listen(pcb); } - inline struct tcp_pcb * tcp_listen_with_backlog(TCP_LISTEN_WITH_BACKLOG_SIG) throw() { Mutex::Lock _l(_lock); return _tcp_listen_with_backlog(pcb,backlog); } - inline err_t tcp_bind(TCP_BIND_SIG) throw() { Mutex::Lock _l(_lock); return _tcp_bind(pcb,ipaddr,port); } - inline void etharp_tmr(void) throw() { Mutex::Lock _l(_lock); return _etharp_tmr(); } - inline void tcp_tmr(void) throw() { Mutex::Lock _l(_lock); return _tcp_tmr(); } - inline u8_t pbuf_free(PBUF_FREE_SIG) throw() { Mutex::Lock _l(_lock); return _pbuf_free(p); } - inline struct pbuf * pbuf_alloc(PBUF_ALLOC_SIG) throw() { Mutex::Lock _l(_lock); return _pbuf_alloc(layer,length,type); } - inline u16_t lwip_htons(LWIP_HTONS_SIG) throw() { Mutex::Lock _l(_lock); return _lwip_htons(x); } - inline u16_t lwip_ntohs(LWIP_NTOHS_SIG) throw() { Mutex::Lock _l(_lock); return _lwip_ntohs(x); } - inline char* ipaddr_ntoa(IPADDR_NTOA_SIG) throw() { Mutex::Lock _l(_lock); return _ipaddr_ntoa(addr); } - inline err_t etharp_output(ETHARP_OUTPUT_SIG) throw() { Mutex::Lock _l(_lock); return _etharp_output(netif,q,ipaddr); } - inline err_t ethernet_input(ETHERNET_INPUT_SIG) throw() { Mutex::Lock _l(_lock); return _ethernet_input(p,netif); } - inline void tcp_input(TCP_INPUT_SIG) throw() { Mutex::Lock _l(_lock); return _tcp_input(p,inp); } - inline err_t ip_input(IP_INPUT_SIG) throw() { Mutex::Lock _l(_lock); return _ip_input(p,inp); } - inline void netif_set_default(NETIF_SET_DEFAULT_SIG) throw() { Mutex::Lock _l(_lock); return _netif_set_default(netif); } - inline struct netif * netif_add(NETIF_ADD_SIG) throw() { Mutex::Lock _l(_lock); return _netif_add(netif,ipaddr,netmask,gw,state,init,input); } - inline void netif_set_up(NETIF_SET_UP_SIG) throw() { Mutex::Lock _l(_lock); return _netif_set_up(netif); } - inline void netif_poll(NETIF_POLL_SIG) throw() { Mutex::Lock _l(_lock); return _netif_poll(netif); } -}; - -} // namespace ZeroTier - -#endif diff --git a/netcon/NetconEthernetTap.cpp b/netcon/NetconEthernetTap.cpp deleted file mode 100644 index fda53fc0..00000000 --- a/netcon/NetconEthernetTap.cpp +++ /dev/null @@ -1,1059 +0,0 @@ -/* - * ZeroTier One - Network Virtualization Everywhere - * Copyright (C) 2011-2015 ZeroTier, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * - * -- - * - * ZeroTier may be used and distributed under the terms of the GPLv3, which - * are available at: http://www.gnu.org/licenses/gpl-3.0.html - * - * If you would like to embed ZeroTier into a commercial application or - * redistribute it in a modified binary form, please contact ZeroTier Networks - * LLC. Start here: http://www.zerotier.com/ - */ - -#include <algorithm> -#include <utility> -#include <dlfcn.h> -#include <sys/poll.h> -#include <stdint.h> -#include <utility> -#include <string> -#include <sys/resource.h> -#include <sys/syscall.h> - -#include "NetconEthernetTap.hpp" - -#include "../node/Utils.hpp" -#include "../osdep/OSUtils.hpp" -#include "../osdep/Phy.hpp" - -#include "Intercept.h" -#include "LWIPStack.hpp" - -#include "lwip/tcp_impl.h" -#include "netif/etharp.h" -#include "lwip/api.h" -#include "lwip/ip.h" -#include "lwip/ip_addr.h" -#include "lwip/ip_frag.h" -#include "lwip/tcp.h" - -#include "common.inc.c" -#include "RPC.h" - -namespace ZeroTier { - -// --------------------------------------------------------------------------- - -static err_t tapif_init(struct netif *netif) -{ - // Actual init functionality is in addIp() of tap - return ERR_OK; -} - -/* - * Outputs data from the pbuf queue to the interface - */ -static err_t low_level_output(struct netif *netif, struct pbuf *p) -{ - struct pbuf *q; - char buf[ZT_MAX_MTU+32]; - char *bufptr; - int totalLength = 0; - - ZeroTier::NetconEthernetTap *tap = (ZeroTier::NetconEthernetTap*)netif->state; - bufptr = buf; - // Copy data from each pbuf, one at a time - for(q = p; q != NULL; q = q->next) { - memcpy(bufptr, q->payload, q->len); - bufptr += q->len; - totalLength += q->len; - } - - // [Send packet to network] - // Split ethernet header and feed into handler - struct eth_hdr *ethhdr; - ethhdr = (struct eth_hdr *)buf; - - ZeroTier::MAC src_mac; - ZeroTier::MAC dest_mac; - src_mac.setTo(ethhdr->src.addr, 6); - dest_mac.setTo(ethhdr->dest.addr, 6); - - tap->_handler(tap->_arg,tap->_nwid,src_mac,dest_mac, - Utils::ntoh((uint16_t)ethhdr->type),0,buf + sizeof(struct eth_hdr),totalLength - sizeof(struct eth_hdr)); - return ERR_OK; -} - -// --------------------------------------------------------------------------- - -NetconEthernetTap::NetconEthernetTap( - const char *homePath, - const MAC &mac, - unsigned int mtu, - unsigned int metric, - uint64_t nwid, - const char *friendlyName, - void (*handler)(void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int), - void *arg) : - _nwid(nwid), - _handler(handler), - _arg(arg), - _phy(this,false,true), - _unixListenSocket((PhySocket *)0), - _mac(mac), - _homePath(homePath), - _mtu(mtu), - _enabled(true), - _run(true) -{ - char sockPath[4096],lwipPath[4096]; - rpcCounter = -1; - Utils::snprintf(sockPath,sizeof(sockPath),"%s%snc_%.16llx",homePath,ZT_PATH_SEPARATOR_S,_nwid,ZT_PATH_SEPARATOR_S,(unsigned long long)nwid); - _dev = sockPath; // in netcon mode, set device to be just the network ID - - Utils::snprintf(lwipPath,sizeof(lwipPath),"%s%sliblwip.so",homePath,ZT_PATH_SEPARATOR_S); - lwipstack = new LWIPStack(lwipPath); - if(!lwipstack) - throw std::runtime_error("unable to dynamically load a new instance of liblwip.so (searched ZeroTier home path)"); - lwipstack->lwip_init(); - - _unixListenSocket = _phy.unixListen(sockPath,(void *)this); - fprintf(stderr," NetconEthernetTap initialized on: %s\n", sockPath); - if (!_unixListenSocket) - throw std::runtime_error(std::string("unable to bind to ")+sockPath); - _thread = Thread::start(this); -} - -NetconEthernetTap::~NetconEthernetTap() -{ - _run = false; - _phy.whack(); - _phy.whack(); // TODO: Rationale? - Thread::join(_thread); - _phy.close(_unixListenSocket,false); - delete lwipstack; -} - -void NetconEthernetTap::setEnabled(bool en) -{ - _enabled = en; -} - -bool NetconEthernetTap::enabled() const -{ - return _enabled; -} - -bool NetconEthernetTap::addIp(const InetAddress &ip) -{ - Mutex::Lock _l(_ips_m); - if (std::find(_ips.begin(),_ips.end(),ip) == _ips.end()) { - _ips.push_back(ip); - std::sort(_ips.begin(),_ips.end()); - - if (ip.isV4()) { - // Set IP - static ip_addr_t ipaddr, netmask, gw; - IP4_ADDR(&gw,192,168,0,1); - ipaddr.addr = *((u32_t *)ip.rawIpData()); - netmask.addr = *((u32_t *)ip.netmask().rawIpData()); - - // Set up the lwip-netif for LWIP's sake - lwipstack->netif_add(&interface,&ipaddr, &netmask, &gw, NULL, tapif_init, lwipstack->_ethernet_input); - interface.state = this; - interface.output = lwipstack->_etharp_output; - _mac.copyTo(interface.hwaddr, 6); - interface.mtu = _mtu; - interface.name[0] = 't'; - interface.name[1] = 'p'; - interface.linkoutput = low_level_output; - interface.hwaddr_len = 6; - interface.flags = NETIF_FLAG_BROADCAST | NETIF_FLAG_ETHARP | NETIF_FLAG_IGMP; - lwipstack->netif_set_default(&interface); - lwipstack->netif_set_up(&interface); - } - } - return true; -} - -bool NetconEthernetTap::removeIp(const InetAddress &ip) -{ - Mutex::Lock _l(_ips_m); - std::vector<InetAddress>::iterator i(std::find(_ips.begin(),_ips.end(),ip)); - if (i == _ips.end()) - return false; - _ips.erase(i); - if (ip.isV4()) { - // TODO: dealloc from LWIP - } - return true; -} - -std::vector<InetAddress> NetconEthernetTap::ips() const -{ - Mutex::Lock _l(_ips_m); - return _ips; -} - -void NetconEthernetTap::put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len) -{ - struct pbuf *p,*q; - if (!_enabled) - return; - - struct eth_hdr ethhdr; - from.copyTo(ethhdr.src.addr, 6); - to.copyTo(ethhdr.dest.addr, 6); - ethhdr.type = Utils::hton((uint16_t)etherType); - - // We allocate a pbuf chain of pbufs from the pool. - p = lwipstack->pbuf_alloc(PBUF_RAW, len+sizeof(struct eth_hdr), PBUF_POOL); - - if (p != NULL) { - const char *dataptr = reinterpret_cast<const char *>(data); - - // First pbuf gets ethernet header at start - q = p; - if (q->len < sizeof(ethhdr)) { - dwr(MSG_ERROR,"_put(): Dropped packet: first pbuf smaller than ethernet header\n"); - return; - } - memcpy(q->payload,ðhdr,sizeof(ethhdr)); - memcpy((char*)q->payload + sizeof(ethhdr),dataptr,q->len - sizeof(ethhdr)); - dataptr += q->len - sizeof(ethhdr); - - // Remaining pbufs (if any) get rest of data - while ((q = q->next)) { - memcpy(q->payload,dataptr,q->len); - dataptr += q->len; - } - } else { - dwr(MSG_ERROR,"put(): Dropped packet: no pbufs available\n"); - return; - } - - { - Mutex::Lock _l2(lwipstack->_lock); - if(interface.input(p, &interface) != ERR_OK) { - dwr(MSG_ERROR,"put(): Error while RXing packet (netif->input)\n"); - } - } -} - -std::string NetconEthernetTap::deviceName() const -{ - return _dev; -} - -void NetconEthernetTap::setFriendlyName(const char *friendlyName) { -} - -void NetconEthernetTap::scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed) -{ - std::vector<MulticastGroup> newGroups; - Mutex::Lock _l(_multicastGroups_m); - - // TODO: get multicast subscriptions from LWIP - - std::vector<InetAddress> allIps(ips()); - for(std::vector<InetAddress>::iterator ip(allIps.begin());ip!=allIps.end();++ip) - newGroups.push_back(MulticastGroup::deriveMulticastGroupForAddressResolution(*ip)); - - std::sort(newGroups.begin(),newGroups.end()); - std::unique(newGroups.begin(),newGroups.end()); - - for(std::vector<MulticastGroup>::iterator m(newGroups.begin());m!=newGroups.end();++m) { - if (!std::binary_search(_multicastGroups.begin(),_multicastGroups.end(),*m)) - added.push_back(*m); - } - for(std::vector<MulticastGroup>::iterator m(_multicastGroups.begin());m!=_multicastGroups.end();++m) { - if (!std::binary_search(newGroups.begin(),newGroups.end(),*m)) - removed.push_back(*m); - } - _multicastGroups.swap(newGroups); -} - -void NetconEthernetTap::threadMain() - throw() -{ - uint64_t prev_tcp_time = 0, prev_status_time = 0, prev_etharp_time = 0; - - // Main timer loop - while (_run) { - uint64_t now = OSUtils::now(); - uint64_t since_tcp = now - prev_tcp_time; - uint64_t since_etharp = now - prev_etharp_time; - uint64_t since_status = now - prev_status_time; - uint64_t tcp_remaining = ZT_LWIP_TCP_TIMER_INTERVAL; - uint64_t etharp_remaining = ARP_TMR_INTERVAL; - - // Connection prunning - if (since_status >= STATUS_TMR_INTERVAL) { - prev_status_time = now; - for(size_t i=0;i<_TcpConnections.size();++i) { - if(!_TcpConnections[i]->sock) - continue; - int fd = _phy.getDescriptor(_TcpConnections[i]->sock); - dwr(MSG_DEBUG," tap_thread(): tcp\\jobs = {%d, %d}\n", _TcpConnections.size(), jobmap.size()); - // If there's anything on the RX buf, set to notify in case we stalled - if(_TcpConnections[i]->rxsz > 0) - _phy.setNotifyWritable(_TcpConnections[i]->sock, true); - fcntl(fd, F_SETFL, O_NONBLOCK); - unsigned char tmpbuf[BUF_SZ]; - - int n = read(fd,&tmpbuf,BUF_SZ); - if(_TcpConnections[i]->pcb->state == SYN_SENT) { - dwr(MSG_DEBUG_EXTRA," tap_thread(): <%x> state = SYN_SENT, should finish or be removed soon\n", _TcpConnections[i]->sock); - } - if((n < 0 && errno != EAGAIN) || (n == 0 && errno == EAGAIN)) { - dwr(MSG_DEBUG," tap_thread(): closing sock (%x)\n", _TcpConnections[i]->sock); - closeConnection(_TcpConnections[i]->sock); - } else if (n > 0) { - dwr(MSG_DEBUG," tap_thread(): data read during connection check (%d bytes)\n", n); - phyOnUnixData(_TcpConnections[i]->sock,_phy.getuptr(_TcpConnections[i]->sock),&tmpbuf,n); - } - } - } - // Main TCP/ETHARP timer section - if (since_tcp >= ZT_LWIP_TCP_TIMER_INTERVAL) { - prev_tcp_time = now; - lwipstack->tcp_tmr(); - // Makeshift poll - for(size_t i=0;i<_TcpConnections.size();++i) { - if(_TcpConnections[i]->txsz > 0){ - lwipstack->_lock.lock(); - handleWrite(_TcpConnections[i]); - lwipstack->_lock.unlock(); - } - } - } else { - tcp_remaining = ZT_LWIP_TCP_TIMER_INTERVAL - since_tcp; - } - if (since_etharp >= ARP_TMR_INTERVAL) { - prev_etharp_time = now; - lwipstack->etharp_tmr(); - } else { - etharp_remaining = ARP_TMR_INTERVAL - since_etharp; - } - _phy.poll((unsigned long)std::min(tcp_remaining,etharp_remaining)); - } - dlclose(lwipstack->_libref); -} - -// Unused -- no UDP or TCP from this thread/Phy<> -void NetconEthernetTap::phyOnDatagram(PhySocket *sock,void **uptr,const struct sockaddr *from,void *data,unsigned long len) {} -void NetconEthernetTap::phyOnTcpConnect(PhySocket *sock,void **uptr,bool success) {} -void NetconEthernetTap::phyOnTcpAccept(PhySocket *sockL,PhySocket *sockN,void **uptrL,void **uptrN,const struct sockaddr *from) {} -void NetconEthernetTap::phyOnTcpClose(PhySocket *sock,void **uptr) {} -void NetconEthernetTap::phyOnTcpData(PhySocket *sock,void **uptr,void *data,unsigned long len) {} -void NetconEthernetTap::phyOnTcpWritable(PhySocket *sock,void **uptr) {} - - -TcpConnection *NetconEthernetTap::getConnection(PhySocket *sock) -{ - for(size_t i=0;i<_TcpConnections.size();++i) { - if(_TcpConnections[i]->sock == sock) - return _TcpConnections[i]; - } - return NULL; -} - -void NetconEthernetTap::closeConnection(PhySocket *sock) -{ - // Here we assume _tcpconns_m is already locked by caller - if(!sock) { - dwr(MSG_DEBUG," closeConnection(): invalid PhySocket\n"); - return; - } - TcpConnection *conn = getConnection(sock); - if(!conn) - return; - if(conn->pcb && conn->pcb->state != CLOSED) { - dwr(MSG_DEBUG," closeConnection(%x): PCB->state = %d\n", sock, conn->pcb->state); - if(conn->pcb->state == SYN_SENT) { - dwr(MSG_DEBUG," closeConnection(%x): invalid PCB state for this operation. ignoring.\n", sock); - return; - } - if(lwipstack->_tcp_close(conn->pcb) == ERR_OK) { - // Unregister callbacks for this PCB - lwipstack->_tcp_arg(conn->pcb, NULL); - lwipstack->_tcp_recv(conn->pcb, NULL); - lwipstack->_tcp_err(conn->pcb, NULL); - lwipstack->_tcp_sent(conn->pcb, NULL); - lwipstack->_tcp_poll(conn->pcb, NULL, 1); - } - else { - dwr(MSG_ERROR," closeConnection(%x): error while calling tcp_close()\n", sock); - } - } - for(size_t i=0;i<_TcpConnections.size();++i) { - if(_TcpConnections[i] == conn){ - _TcpConnections.erase(_TcpConnections.begin() + i); - delete conn; - break; - } - } - if(!sock) - return; - close(_phy.getDescriptor(sock)); - _phy.close(sock, false); -} - -void NetconEthernetTap::phyOnUnixClose(PhySocket *sock,void **uptr) { - Mutex::Lock _l(_tcpconns_m); - closeConnection(sock); -} - -void NetconEthernetTap::phyOnUnixWritable(PhySocket *sock,void **uptr,bool lwip_invoked) -{ - if(!lwip_invoked) { - _tcpconns_m.lock(); - _rx_buf_m.lock(); - } - TcpConnection *conn = getConnection(sock); - if(conn && conn->rxsz) { - int n = _phy.streamSend(conn->sock, conn->rxbuf, conn->rxsz); - if(n > 0) { - if(conn->rxsz-n > 0) - memcpy(conn->rxbuf, conn->rxbuf+n, conn->rxsz-n); - conn->rxsz -= n; - lwipstack->_tcp_recved(conn->pcb, n); - } else { - dwr(MSG_DEBUG," phyOnUnixWritable(): errno = %d, rxsz = %d\n", errno, conn->rxsz); - _phy.setNotifyWritable(conn->sock, false); - } - } - if(!lwip_invoked) { - _tcpconns_m.unlock(); - _rx_buf_m.unlock(); - } -} - -void NetconEthernetTap::phyOnUnixData(PhySocket *sock,void **uptr,void *data,unsigned long len) -{ - uint64_t CANARY_num; - pid_t pid, tid; - int rpcCount, wlen = len; - char cmd, timestamp[20], CANARY[CANARY_SZ], padding[] = {PADDING}; - void *payload; - unsigned char *buf = (unsigned char*)data; - std::pair<PhySocket*, void*> sockdata; - PhySocket *rpcSock; - bool foundJob = false, detected_rpc = false; - TcpConnection *conn; - - // RPC - char phrase[RPC_PHRASE_SZ]; - memset(phrase, 0, RPC_PHRASE_SZ); - if(len == BUF_SZ) { - memcpy(phrase, buf, RPC_PHRASE_SZ); - if(strcmp(phrase, RPC_PHRASE) == 0) - detected_rpc = true; - } - if(detected_rpc) { - unloadRPC(data, pid, tid, rpcCount, timestamp, CANARY, cmd, payload); - memcpy(&CANARY_num, CANARY, CANARY_SZ); - dwr(MSG_DEBUG," <%x> RPC: (pid=%d, tid=%d, rpcCount=%d, timestamp=%s, cmd=%d)\n", - sock, pid, tid, rpcCount, timestamp, cmd); - - if(cmd == RPC_SOCKET) { - dwr(MSG_DEBUG," <%x> RPC_SOCKET\n", sock); - // Create new lwip socket and associate it with this sock - struct socket_st socket_rpc; - memcpy(&socket_rpc, &buf[IDX_PAYLOAD+STRUCT_IDX], sizeof(struct socket_st)); - TcpConnection * new_conn; - if((new_conn = handleSocket(sock, uptr, &socket_rpc))) { - new_conn->pid = pid; // Merely kept to look up application path/names later, not strictly necessary - } - } else { - jobmap[CANARY_num] = std::make_pair<PhySocket*, void*>(sock, data); - } - write(_phy.getDescriptor(sock), "z", 1); // RPC ACK byte to maintain order - } - // STREAM - else { - int data_start = -1, data_end = -1, canary_pos = -1, padding_pos = -1; - // Look for padding - std::string padding_pattern(padding, padding+PADDING_SZ); - std::string buffer(buf, buf + len); - padding_pos = buffer.find(padding_pattern); - canary_pos = padding_pos-CANARY_SZ; - // Grab token, next we'll use it to look up an RPC job - if(canary_pos > -1) { - memcpy(&CANARY_num, buf+canary_pos, CANARY_SZ); - if(CANARY_num != 0) { - // Find job - sockdata = jobmap[CANARY_num]; - if(!sockdata.first) { - dwr(MSG_DEBUG," <%x> unable to locate job entry for %llu\n", sock, CANARY_num); - return; - } else - foundJob = true; - } - } - - conn = getConnection(sock); - if(!conn) - return; - - if(padding_pos == -1) { // [DATA] - memcpy(&conn->txbuf[conn->txsz], buf, wlen); - } else { // Padding found, implies a canary is present - // [CANARY] - if(len == CANARY_SZ+PADDING_SZ && canary_pos == 0) { - wlen = 0; // Nothing to write - } else { - // [CANARY] + [DATA] - if(len > CANARY_SZ+PADDING_SZ && canary_pos == 0) { - wlen = len - CANARY_SZ+PADDING_SZ; - data_start = padding_pos+PADDING_SZ; - memcpy((&conn->txbuf)+conn->txsz, buf+data_start, wlen); - } - // [DATA] + [CANARY] - if(len > CANARY_SZ+PADDING_SZ && canary_pos > 0 && canary_pos == len - CANARY_SZ+PADDING_SZ) { - wlen = len - CANARY_SZ+PADDING_SZ; - data_start = 0; - memcpy((&conn->txbuf)+conn->txsz, buf+data_start, wlen); - } - // [DATA] + [CANARY] + [DATA] - if(len > CANARY_SZ+PADDING_SZ && canary_pos > 0 && len > (canary_pos + CANARY_SZ+PADDING_SZ)) { - wlen = len - CANARY_SZ+PADDING_SZ; - data_start = 0; - data_end = padding_pos-CANARY_SZ; - memcpy((&conn->txbuf)+conn->txsz, buf+data_start, (data_end-data_start)+1); - memcpy((&conn->txbuf)+conn->txsz, buf+(padding_pos+PADDING_SZ), len-(canary_pos+CANARY_SZ+PADDING_SZ)); - } - } - } - // Write data from stream - if(conn->txsz > (DEFAULT_BUF_SZ / 2)) { - _phy.setNotifyReadable(sock, false); - } - lwipstack->_lock.lock(); - conn->txsz += wlen; - handleWrite(conn); - lwipstack->_lock.unlock(); - } - if(foundJob) { - rpcSock = sockdata.first; - buf = (unsigned char*)sockdata.second; - } - // Process RPC if we have a corresponding jobmap entry - if(foundJob) { - unloadRPC(buf, pid, tid, rpcCount, timestamp, CANARY, cmd, payload); - dwr(MSG_DEBUG," <%x> RPC: (pid=%d, tid=%d, rpcCount=%d, timestamp=%s, cmd=%d)\n", - sock, pid, tid, rpcCount, timestamp, cmd); - - switch(cmd) { - case RPC_BIND: - struct bind_st bind_rpc; - memcpy(&bind_rpc, &buf[IDX_PAYLOAD+STRUCT_IDX], sizeof(struct bind_st)); - handleBind(sock, rpcSock, uptr, &bind_rpc); - break; - case RPC_LISTEN: - struct listen_st listen_rpc; - memcpy(&listen_rpc, &buf[IDX_PAYLOAD+STRUCT_IDX], sizeof(struct listen_st)); - handleListen(sock, rpcSock, uptr, &listen_rpc); - break; - case RPC_GETSOCKNAME: - struct getsockname_st getsockname_rpc; - memcpy(&getsockname_rpc, &buf[IDX_PAYLOAD+STRUCT_IDX], sizeof(struct getsockname_st)); - handleGetsockname(sock, rpcSock, uptr, &getsockname_rpc); - break; - case RPC_CONNECT: - struct connect_st connect_rpc; - memcpy(&connect_rpc, &buf[IDX_PAYLOAD+STRUCT_IDX], sizeof(struct connect_st)); - handleConnect(sock, rpcSock, conn, &connect_rpc); - jobmap.erase(CANARY_num); - return; // Keep open RPC, we'll use it once in nc_connected to send retval - default: - break; - } - Mutex::Lock _l(_tcpconns_m); - closeConnection(sockdata.first); // close RPC after sending retval, no longer needed - jobmap.erase(CANARY_num); - return; - } -} - -int NetconEthernetTap::sendReturnValue(PhySocket *sock, int retval, int _errno = 0){ - return sendReturnValue(_phy.getDescriptor(sock), retval, _errno); -} -int NetconEthernetTap::sendReturnValue(int fd, int retval, int _errno = 0) -{ - dwr(MSG_DEBUG," sendReturnValue(): fd = %d, retval = %d, errno = %d\n", fd, retval, _errno); - int sz = sizeof(char) + sizeof(retval) + sizeof(errno); - char retmsg[sz]; - memset(&retmsg, 0, sizeof(retmsg)); - retmsg[0]=RPC_RETVAL; - memcpy(&retmsg[1], &retval, sizeof(retval)); - memcpy(&retmsg[1]+sizeof(retval), &_errno, sizeof(_errno)); - return write(fd, &retmsg, sz); -} - -void NetconEthernetTap::unloadRPC(void *data, pid_t &pid, pid_t &tid, - int &rpcCount, char (timestamp[RPC_TIMESTAMP_SZ]), char (CANARY[sizeof(uint64_t)]), char &cmd, void* &payload) -{ - unsigned char *buf = (unsigned char*)data; - memcpy(&pid, &buf[IDX_PID], sizeof(pid_t)); - memcpy(&tid, &buf[IDX_TID], sizeof(pid_t)); - memcpy(&rpcCount, &buf[IDX_COUNT], sizeof(int)); - memcpy(timestamp, &buf[IDX_TIME], RPC_TIMESTAMP_SZ); - memcpy(&cmd, &buf[IDX_PAYLOAD], sizeof(char)); - memcpy(CANARY, &buf[IDX_PAYLOAD+1], CANARY_SZ); -} - -/*------------------------------------------------------------------------------ ---------------------------------- LWIP callbacks ------------------------------- -------------------------------------------------------------------------------*/ - -err_t NetconEthernetTap::nc_accept(void *arg, struct tcp_pcb *newPCB, err_t err) -{ - Larg *l = (Larg*)arg; - Mutex::Lock _l(l->tap->_tcpconns_m); - - TcpConnection *conn = l->conn; - NetconEthernetTap *tap = l->tap; - - if(!conn->sock) - return -1; - int fd = tap->_phy.getDescriptor(conn->sock); - - if(conn) { - // create new socketpair - ZT_PHY_SOCKFD_TYPE fds[2]; - if(socketpair(PF_LOCAL, SOCK_STREAM, 0, fds) < 0) { - if(errno < 0) { - l->tap->sendReturnValue(conn, -1, errno); - dwr(MSG_ERROR," nc_accept(): unable to create socketpair\n"); - return ERR_MEM; - } - } - // create and populate new TcpConnection - TcpConnection *newTcpConn = new TcpConnection(); - l->tap->_TcpConnections.push_back(newTcpConn); - newTcpConn->pcb = newPCB; - newTcpConn->sock = tap->_phy.wrapSocket(fds[0], newTcpConn); - - if(sock_fd_write(fd, fds[1]) < 0) - return -1; - tap->lwipstack->_tcp_arg(newPCB, new Larg(tap, newTcpConn)); - tap->lwipstack->_tcp_recv(newPCB, nc_recved); - tap->lwipstack->_tcp_err(newPCB, nc_err); - tap->lwipstack->_tcp_sent(newPCB, nc_sent); - tap->lwipstack->_tcp_poll(newPCB, nc_poll, 1); - if(conn->pcb->state == LISTEN) { - dwr(MSG_DEBUG," nc_accept(): can't call tcp_accept() on LISTEN socket (pcb = %x)\n", conn->pcb); - return ERR_OK; - } - tcp_accepted(conn->pcb); // Let lwIP know that it can queue additional incoming connections - return ERR_OK; - } else - dwr(MSG_ERROR," nc_accept(): can't locate Connection object for PCB.\n"); - return -1; -} - -err_t NetconEthernetTap::nc_recved(void *arg, struct tcp_pcb *PCB, struct pbuf *p, err_t err) -{ - Larg *l = (Larg*)arg; - int tot = 0; - struct pbuf* q = p; - Mutex::Lock _l(l->tap->_tcpconns_m); - - if(!l->conn) { - dwr(MSG_ERROR," nc_recved(): no connection\n"); - return ERR_OK; - } - if(p == NULL) { - if(l->conn->pcb->state == CLOSE_WAIT){ - l->tap->closeConnection(l->conn->sock); - return ERR_ABRT; - } - return err; - } - Mutex::Lock _l2(l->tap->_rx_buf_m); - // Cycle through pbufs and write them to the RX buffer - // The RX buffer will be emptied via phyOnUnixWritable() - while(p != NULL) { - if(p->len <= 0) - break; - int avail = DEFAULT_BUF_SZ - l->conn->rxsz; - int len = p->len; - if(avail < len) - dwr(MSG_ERROR," nc_recved(): not enough room (%d bytes) on RX buffer\n", avail); - memcpy(l->conn->rxbuf + (l->conn->rxsz), p->payload, len); - l->conn->rxsz += len; - p = p->next; - tot += len; - } - if(tot) { - l->tap->phyOnUnixWritable(l->conn->sock, NULL, true); - l->tap->_phy.setNotifyWritable(l->conn->sock, true); - } - l->tap->lwipstack->_pbuf_free(q); - return ERR_OK; -} - -err_t NetconEthernetTap::nc_sent(void* arg, struct tcp_pcb *PCB, u16_t len) -{ - Larg *l = (Larg*)arg; - Mutex::Lock _l(l->tap->_tcpconns_m); - if(l->conn->probation && l->conn->txsz == 0){ - l->conn->probation = false; // TX buffer now empty, removing from probation - } - if(l && l->conn && len && !l->conn->probation) { - if(l->conn->txsz < (float)DEFAULT_BUF_SOFTMAX) { - l->tap->_phy.setNotifyReadable(l->conn->sock, true); - l->tap->_phy.whack(); - } - } - return ERR_OK; -} - -err_t NetconEthernetTap::nc_connected(void *arg, struct tcp_pcb *PCB, err_t err) -{ - Larg *l = (Larg*)arg; - if(l && l->conn) - l->tap->sendReturnValue(l->tap->_phy.getDescriptor(l->conn->rpcSock), ERR_OK); - return ERR_OK; -} - -err_t NetconEthernetTap::nc_poll(void* arg, struct tcp_pcb *PCB) -{ - return ERR_OK; -} - -void NetconEthernetTap::nc_err(void *arg, err_t err) -{ - dwr(MSG_DEBUG,"nc_err() = %d\n", err); - Larg *l = (Larg*)arg; - Mutex::Lock _l(l->tap->_tcpconns_m); - - if(!l->conn) - dwr(MSG_ERROR,"nc_err(): connection is NULL!\n"); - int fd = l->tap->_phy.getDescriptor(l->conn->sock); - - switch(err) - { - case ERR_MEM: - dwr(MSG_ERROR,"nc_err(): ERR_MEM->ENOMEM\n"); - l->tap->sendReturnValue(fd, -1, ENOMEM); - break; - case ERR_BUF: - dwr(MSG_ERROR,"nc_err(): ERR_BUF->ENOBUFS\n"); - l->tap->sendReturnValue(fd, -1, ENOBUFS); - break; - case ERR_TIMEOUT: - dwr(MSG_ERROR,"nc_err(): ERR_TIMEOUT->ETIMEDOUT\n"); - l->tap->sendReturnValue(fd, -1, ETIMEDOUT); - break; - case ERR_RTE: - dwr(MSG_ERROR,"nc_err(): ERR_RTE->ENETUNREACH\n"); - l->tap->sendReturnValue(fd, -1, ENETUNREACH); - break; - case ERR_INPROGRESS: - dwr(MSG_ERROR,"nc_err(): ERR_INPROGRESS->EINPROGRESS\n"); - l->tap->sendReturnValue(fd, -1, EINPROGRESS); - break; - case ERR_VAL: - dwr(MSG_ERROR,"nc_err(): ERR_VAL->EINVAL\n"); - l->tap->sendReturnValue(fd, -1, EINVAL); - break; - case ERR_WOULDBLOCK: - dwr(MSG_ERROR,"nc_err(): ERR_WOULDBLOCK->EWOULDBLOCK\n"); - l->tap->sendReturnValue(fd, -1, EWOULDBLOCK); - break; - case ERR_USE: - dwr(MSG_ERROR,"nc_err(): ERR_USE->EADDRINUSE\n"); - l->tap->sendReturnValue(fd, -1, EADDRINUSE); - break; - case ERR_ISCONN: - dwr(MSG_ERROR,"nc_err(): ERR_ISCONN->EISCONN\n"); - l->tap->sendReturnValue(fd, -1, EISCONN); - break; - case ERR_ABRT: - dwr(MSG_ERROR,"nc_err(): ERR_ABRT->ECONNREFUSED\n"); - l->tap->sendReturnValue(fd, -1, ECONNREFUSED); - break; - - // FIXME: Below are errors which don't have a standard errno correlate - - case ERR_RST: - l->tap->sendReturnValue(fd, -1, -1); - break; - case ERR_CLSD: - l->tap->sendReturnValue(fd, -1, -1); - break; - case ERR_CONN: - l->tap->sendReturnValue(fd, -1, -1); - break; - case ERR_ARG: - l->tap->sendReturnValue(fd, -1, -1); - break; - case ERR_IF: - l->tap->sendReturnValue(fd, -1, -1); - break; - default: - break; - } - dwr(MSG_ERROR,"nc_err(): closing connection\n"); - l->tap->closeConnection(l->conn); -} - -/*------------------------------------------------------------------------------ ------------------------------ RPC Handler functions ---------------------------- -------------------------------------------------------------------------------*/ - -void NetconEthernetTap::handleGetsockname(PhySocket *sock, PhySocket *rpcSock, void **uptr, struct getsockname_st *getsockname_rpc) -{ - Mutex::Lock _l(_tcpconns_m); - TcpConnection *conn = getConnection(sock); - char retmsg[sizeof(struct sockaddr_storage)]; - memset(&retmsg, 0, sizeof(retmsg)); - if ((conn)&&(conn->addr)) - memcpy(&retmsg, conn->addr, sizeof(struct sockaddr_storage)); - write(_phy.getDescriptor(rpcSock), &retmsg, sizeof(struct sockaddr_storage)); -} - -void NetconEthernetTap::handleBind(PhySocket *sock, PhySocket *rpcSock, void **uptr, struct bind_st *bind_rpc) -{ - Mutex::Lock _l(_tcpconns_m); - struct sockaddr_in *rawAddr = (struct sockaddr_in *) &bind_rpc->addr; - int port = lwipstack->ntohs(rawAddr->sin_port); - ip_addr_t connAddr; - connAddr.addr = *((u32_t *)_ips[0].rawIpData()); - TcpConnection *conn = getConnection(sock); - dwr(MSG_DEBUG," handleBind(%d)\n", bind_rpc->sockfd); - if(conn) { - if(conn->pcb->state == CLOSED){ - int err = lwipstack->tcp_bind(conn->pcb, &connAddr, port); - int ip = rawAddr->sin_addr.s_addr; - unsigned char d[4]; - d[0] = ip & 0xFF; - d[1] = (ip >> 8) & 0xFF; - d[2] = (ip >> 16) & 0xFF; - d[3] = (ip >> 24) & 0xFF; - dwr(MSG_DEBUG," handleBind(): %d.%d.%d.%d : %d\n", d[0],d[1],d[2],d[3], port); - - if(err != ERR_OK) { - dwr(MSG_ERROR," handleBind(): err = %d\n", err); - if(err == ERR_USE) - sendReturnValue(rpcSock, -1, EADDRINUSE); - if(err == ERR_MEM) - sendReturnValue(rpcSock, -1, ENOMEM); - if(err == ERR_BUF) - sendReturnValue(rpcSock, -1, ENOMEM); - } else { - conn->addr = (struct sockaddr_storage *) &bind_rpc->addr; - sendReturnValue(rpcSock, ERR_OK, ERR_OK); // Success - } - } else { - dwr(MSG_ERROR," handleBind(): PCB (%x) not in CLOSED state. Ignoring BIND request.\n", conn->pcb); - sendReturnValue(rpcSock, -1, EINVAL); - } - } else { - dwr(MSG_ERROR," handleBind(): unable to locate TcpConnection.\n"); - sendReturnValue(rpcSock, -1, EBADF); - } -} - -void NetconEthernetTap::handleListen(PhySocket *sock, PhySocket *rpcSock, void **uptr, struct listen_st *listen_rpc) -{ - Mutex::Lock _l(_tcpconns_m); - TcpConnection *conn = getConnection(sock); - if(!conn){ - dwr(MSG_ERROR," handleListen(): unable to locate TcpConnection.\n"); - sendReturnValue(rpcSock, -1, EBADF); - return; - } - if(conn->pcb->state == LISTEN) { - dwr(MSG_ERROR," handleListen(): PCB is already in listening state.\n"); - sendReturnValue(rpcSock, ERR_OK, ERR_OK); - return; - } - struct tcp_pcb* listeningPCB; - -#ifdef TCP_LISTEN_BACKLOG - listeningPCB = lwipstack->tcp_listen_with_backlog(conn->pcb, listen_rpc->backlog); -#else - listeningPCB = lwipstack->tcp_listen(conn->pcb); -#endif - - if(listeningPCB != NULL) { - conn->pcb = listeningPCB; - lwipstack->tcp_accept(listeningPCB, nc_accept); - lwipstack->tcp_arg(listeningPCB, new Larg(this, conn)); - /* we need to wait for the client to send us the fd allocated on their end - for this listening socket */ - fcntl(_phy.getDescriptor(conn->sock), F_SETFL, O_NONBLOCK); - conn->listening = true; - sendReturnValue(rpcSock, ERR_OK, ERR_OK); - return; - } - sendReturnValue(rpcSock, -1, -1); -} - -TcpConnection * NetconEthernetTap::handleSocket(PhySocket *sock, void **uptr, struct socket_st* socket_rpc) -{ - Mutex::Lock _l(_tcpconns_m); - struct tcp_pcb *newPCB = lwipstack->tcp_new(); - if(newPCB != NULL) { - TcpConnection *newConn = new TcpConnection(); - *uptr = newConn; - newConn->sock = sock; - newConn->pcb = newPCB; - _TcpConnections.push_back(newConn); - return newConn; - } - dwr(MSG_ERROR," handleSocket(): Memory not available for new PCB\n"); - sendReturnValue(_phy.getDescriptor(sock), -1, ENOMEM); - return NULL; -} - -void NetconEthernetTap::handleConnect(PhySocket *sock, PhySocket *rpcSock, TcpConnection *conn, struct connect_st* connect_rpc) -{ - Mutex::Lock _l(_tcpconns_m); - struct sockaddr_in *rawAddr = (struct sockaddr_in *) &connect_rpc->__addr; - int port = lwipstack->ntohs(rawAddr->sin_port); - ip_addr_t connAddr = convert_ip(rawAddr); - - if(conn != NULL) { - lwipstack->tcp_sent(conn->pcb, nc_sent); - lwipstack->tcp_recv(conn->pcb, nc_recved); - lwipstack->tcp_err(conn->pcb, nc_err); - lwipstack->tcp_poll(conn->pcb, nc_poll, APPLICATION_POLL_FREQ); - lwipstack->tcp_arg(conn->pcb, new Larg(this, conn)); - - int err = 0, ip = rawAddr->sin_addr.s_addr; - unsigned char d[4]; - d[0] = ip & 0xFF; - d[1] = (ip >> 8) & 0xFF; - d[2] = (ip >> 16) & 0xFF; - d[3] = (ip >> 24) & 0xFF; - dwr(MSG_DEBUG," handleConnect(): %d.%d.%d.%d: %d\n", d[0],d[1],d[2],d[3], port); - dwr(MSG_DEBUG," handleConnect(): pcb->state = %x\n", conn->pcb->state); - if(conn->pcb->state != CLOSED) { - dwr(MSG_DEBUG," handleConnect(): PCB != CLOSED, cannot connect using this PCB\n"); - sendReturnValue(rpcSock, -1, EAGAIN); - return; - } - if((err = lwipstack->tcp_connect(conn->pcb,&connAddr,port,nc_connected)) < 0) - { - if(err == ERR_ISCONN) { - sendReturnValue(rpcSock, -1, EISCONN); // Already in connected state - return; - } if(err == ERR_USE) { - sendReturnValue(rpcSock, -1, EADDRINUSE); // Already in use - return; - } if(err == ERR_VAL) { - sendReturnValue(rpcSock, -1, EINVAL); // Invalid ipaddress parameter - return; - } if(err == ERR_RTE) { - sendReturnValue(rpcSock, -1, ENETUNREACH); // No route to host - return; - } if(err == ERR_BUF) { - sendReturnValue(rpcSock, -1, EAGAIN); // No more ports available - return; - } - if(err == ERR_MEM) { - /* Can occur for the following reasons: tcp_enqueue_flags() - - 1) tcp_enqueue_flags is always called with either SYN or FIN in flags. - We need one available snd_buf byte to do that. - This means we can't send FIN while snd_buf==0. A better fix would be to - not include SYN and FIN sequence numbers in the snd_buf count. - - 2) Cannot allocate new pbuf - 3) Cannot allocate new TCP segment - - */ - sendReturnValue(rpcSock, -1, EAGAIN); // FIXME: Doesn't describe the problem well, but closest match - return; - } - - // We should only return a value if failure happens immediately - // Otherwise, we still need to wait for a callback from lwIP. - // - This is because an ERR_OK from tcp_connect() only verifies - // that the SYN packet was enqueued onto the stack properly, - // that's it! - // - Most instances of a retval for a connect() should happen - // in the nc_connect() and nc_err() callbacks! - dwr(MSG_ERROR," handleConnect(): unable to connect\n"); - sendReturnValue(rpcSock, -1, EAGAIN); - } - // Everything seems to be ok, but we don't have enough info to retval - conn->listening=true; - conn->rpcSock=rpcSock; // used for return value from lwip CB - } else { - dwr(MSG_ERROR," handleConnect(): could not locate PCB based on their fd\n"); - sendReturnValue(rpcSock, -1, EBADF); - } -} - -void NetconEthernetTap::handleWrite(TcpConnection *conn) -{ - if(!conn || !conn->pcb) { - dwr(MSG_ERROR," handleWrite(): invalid connection/PCB\n"); - return; - } - // How much we are currently allowed to write to the connection - int err, sz, r, sndbuf = conn->pcb->snd_buf; - if(!sndbuf) { - /* PCB send buffer is full, turn off readability notifications for the - corresponding PhySocket until nc_sent() is called and confirms that there is - now space on the buffer */ - if(!conn->probation) { - dwr(MSG_DEBUG," handleWrite(): sndbuf == 0, LWIP stack is full\n"); - _phy.setNotifyReadable(conn->sock, false); - conn->probation = true; - } - return; - } - if(conn->txsz <= 0) - return; // Nothing to write - if(!conn->listening) - lwipstack->_tcp_output(conn->pcb); - - if(conn->sock) { - r = conn->txsz < sndbuf ? conn->txsz : sndbuf; - /* Writes data pulled from the client's socket buffer to LWIP. This merely sends the - * data to LWIP to be enqueued and eventually sent to the network. */ - if(r > 0) { - err = lwipstack->_tcp_write(conn->pcb, &conn->txbuf, r, TCP_WRITE_FLAG_COPY); - lwipstack->_tcp_output(conn->pcb); - if(err != ERR_OK) { - dwr(MSG_ERROR," handleWrite(): error while writing to PCB, (err = %d)\n", err); - if(err == -1) - dwr(MSG_DEBUG," handleWrite(): out of memory\n"); - return; - } else { - sz = (conn->txsz)-r; - if(sz) - memmove(&conn->txbuf, (conn->txbuf+r), sz); - conn->txsz -= r; - - float max = (float)DEFAULT_BUF_SZ; - dwr(MSG_TRANSFER," TX ---> :: {TX: %.3f%%, RX: %.3f%%, sock=%x} :: %d bytes\n", - (float)conn->txsz / max, (float)conn->rxsz / max, conn->sock, r); - return; - } - } - } -} - -} // namespace ZeroTier diff --git a/netcon/NetconEthernetTap.hpp b/netcon/NetconEthernetTap.hpp deleted file mode 100644 index 2c79840b..00000000 --- a/netcon/NetconEthernetTap.hpp +++ /dev/null @@ -1,460 +0,0 @@ -/* - * ZeroTier One - Network Virtualization Everywhere - * Copyright (C) 2011-2015 ZeroTier, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * - * -- - * - * ZeroTier may be used and distributed under the terms of the GPLv3, which - * are available at: http://www.gnu.org/licenses/gpl-3.0.html - * - * If you would like to embed ZeroTier into a commercial application or - * redistribute it in a modified binary form, please contact ZeroTier Networks - * LLC. Start here: http://www.zerotier.com/ - */ - -#ifndef ZT_NETCONETHERNETTAP_HPP -#define ZT_NETCONETHERNETTAP_HPP - -#include <stdio.h> -#include <stdlib.h> - -#include <string> -#include <vector> -#include <utility> -#include <stdexcept> -#include <stdint.h> - -#include "../node/Constants.hpp" -#include "../node/MulticastGroup.hpp" -#include "../node/Mutex.hpp" -#include "../node/InetAddress.hpp" -#include "../osdep/Thread.hpp" -#include "../osdep/Phy.hpp" - -#include "netif/etharp.h" - -#include "RPC.h" - -struct tcp_pcb; -struct socket_st; -struct listen_st; -struct bind_st; -struct connect_st; -struct getsockname_st; -struct accept_st; - -#define APPLICATION_POLL_FREQ 2 -#define ZT_LWIP_TCP_TIMER_INTERVAL 5 -#define STATUS_TMR_INTERVAL 250 // How often we check connection statuses (in ms) -#define DEFAULT_BUF_SZ 1024 * 1024 * 2 -#define DEFAULT_BUF_SOFTMAX DEFAULT_BUF_SZ / 2 - -namespace ZeroTier { - -class NetconEthernetTap; -class LWIPStack; - -/* - * TCP connection administered by service - */ -struct TcpConnection -{ - bool listening, probation; - int pid, txsz, rxsz; - PhySocket *rpcSock, *sock; - struct tcp_pcb *pcb; - struct sockaddr_storage *addr; - unsigned char txbuf[DEFAULT_BUF_SZ]; - unsigned char rxbuf[DEFAULT_BUF_SZ]; -}; - -/* - * A helper for passing a reference to _phy to LWIP callbacks as a "state" - */ -struct Larg -{ - NetconEthernetTap *tap; - TcpConnection *conn; - Larg(NetconEthernetTap *_tap, TcpConnection *conn) : tap(_tap), conn(conn) {} -}; - -/* - * Network Containers instance -- emulates an Ethernet tap device as far as OneService knows - */ -class NetconEthernetTap -{ - friend class Phy<NetconEthernetTap *>; - -public: - NetconEthernetTap( - const char *homePath, - const MAC &mac, - unsigned int mtu, - unsigned int metric, - uint64_t nwid, - const char *friendlyName, - void (*handler)(void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int), - void *arg); - - ~NetconEthernetTap(); - - void setEnabled(bool en); - bool enabled() const; - bool addIp(const InetAddress &ip); - bool removeIp(const InetAddress &ip); - std::vector<InetAddress> ips() const; - void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len); - std::string deviceName() const; - void setFriendlyName(const char *friendlyName); - void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed); - - void threadMain() - throw(); - - LWIPStack *lwipstack; - uint64_t _nwid; - void (*_handler)(void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int); - void *_arg; - -private: - // LWIP callbacks - // NOTE: these are called from within LWIP, meaning that lwipstack->_lock is ALREADY - // locked in this case! - - /* - * Callback from LWIP for when a connection has been accepted and the PCB has been - * put into an ACCEPT state. - * - * A socketpair is created, one end is kept and wrapped into a PhySocket object - * for use in the main ZT I/O loop, and one end is sent to the client. The client - * is then required to tell the service what new file descriptor it has allocated - * for this connection. After the mapping is complete, the accepted socket can be - * used. - * - * @param associated service state object - * @param newly allocated PCB - * @param error code - * @return ERR_OK if everything is ok, -1 otherwise - * - * i := should be implemented in intercept lib - * I := is implemented in intercept lib - * X := is implemented in service - * ? := required treatment Unknown - * - := Not needed - * - * [ ] EAGAIN or EWOULDBLOCK - The socket is marked nonblocking and no connections are present - * to be accepted. POSIX.1-2001 allows either error to be returned for - * this case, and does not require these constants to have the same value, - * so a portable application should check for both possibilities. - * [I] EBADF - The descriptor is invalid. - * [I] ECONNABORTED - A connection has been aborted. - * [i] EFAULT - The addr argument is not in a writable part of the user address space. - * [-] EINTR - The system call was interrupted by a signal that was caught before a valid connection arrived; see signal(7). - * [I] EINVAL - Socket is not listening for connections, or addrlen is invalid (e.g., is negative). - * [I] EINVAL - (accept4()) invalid value in flags. - * [I] EMFILE - The per-process limit of open file descriptors has been reached. - * [ ] ENFILE - The system limit on the total number of open files has been reached. - * [ ] ENOBUFS, ENOMEM - Not enough free memory. This often means that the memory allocation is - * limited by the socket buffer limits, not by the system memory. - * [I] ENOTSOCK - The descriptor references a file, not a socket. - * [I] EOPNOTSUPP - The referenced socket is not of type SOCK_STREAM. - * [ ] EPROTO - Protocol error. - * - */ - static err_t nc_accept(void *arg, struct tcp_pcb *newPCB, err_t err); - - /* - * Callback from LWIP for when data is available to be read from the network. - * - * Data is in the form of a linked list of struct pbufs, it is then recombined and - * send to the client over the associated unix socket. - * - * @param associated service state object - * @param allocated PCB - * @param chain of pbufs - * @param error code - * @return ERR_OK if everything is ok, -1 otherwise - * - */ - static err_t nc_recved(void *arg, struct tcp_pcb *PCB, struct pbuf *p, err_t err); - - /* - * Callback from LWIP when an internal error is associtated with the given (arg) - * - * Since the PCB related to this error might no longer exist, only its perviously - * associated (arg) is provided to us. - * - * @param associated service state object - * @param error code - * - */ - static void nc_err(void *arg, err_t err); - - /* - * Callback from LWIP to do whatever work we might need to do. - * - * @param associated service state object - * @param PCB we're polling on - * @return ERR_OK if everything is ok, -1 otherwise - * - */ - static err_t nc_poll(void* arg, struct tcp_pcb *PCB); - - /* - * Callback from LWIP to signal that 'len' bytes have successfully been sent. - * As a result, we should put our socket back into a notify-on-readability state - * since there is now room on the PCB buffer to write to. - * - * NOTE: This could be used to track the amount of data sent by a connection. - * - * @param associated service state object - * @param relevant PCB - * @param length of data sent - * @return ERR_OK if everything is ok, -1 otherwise - * - */ - static err_t nc_sent(void *arg, struct tcp_pcb *PCB, u16_t len); - - /* - * Callback from LWIP which sends a return value to the client to signal that - * a connection was established for this PCB - * - * @param associated service state object - * @param relevant PCB - * @param error code - * @return ERR_OK if everything is ok, -1 otherwise - * - */ - static err_t nc_connected(void *arg, struct tcp_pcb *PCB, err_t err); - - //static void nc_close(struct tcp_pcb *PCB); - //static err_t nc_send(struct tcp_pcb *PCB); - - /* - * Handles an RPC to bind an LWIP PCB to a given address and port - * - * @param PhySocket associated with this RPC connection - * @param structure containing the data and parameters for this client's RPC - * - - i := should be implemented in intercept lib - I := is implemented in intercept lib - X := is implemented in service - ? := required treatment Unknown - - := Not needed - - [ ] EACCES - The address is protected, and the user is not the superuser. - [X] EADDRINUSE - The given address is already in use. - [I] EBADF - sockfd is not a valid descriptor. - [X] EINVAL - The socket is already bound to an address. - [I] ENOTSOCK - sockfd is a descriptor for a file, not a socket. - - [X] ENOMEM - Insufficient kernel memory was available. - - - The following errors are specific to UNIX domain (AF_UNIX) sockets: - - [-] EACCES - Search permission is denied on a component of the path prefix. (See also path_resolution(7).) - [-] EADDRNOTAVAIL - A nonexistent interface was requested or the requested address was not local. - [-] EFAULT - addr points outside the user's accessible address space. - [-] EINVAL - The addrlen is wrong, or the socket was not in the AF_UNIX family. - [-] ELOOP - Too many symbolic links were encountered in resolving addr. - [-] ENAMETOOLONG - s addr is too long. - [-] ENOENT - The file does not exist. - [-] ENOTDIR - A component of the path prefix is not a directory. - [-] EROFS - The socket inode would reside on a read-only file system. - */ - void handleBind(PhySocket *sock, PhySocket *rpcsock, void **uptr, struct bind_st *bind_rpc); - - /* - * Handles an RPC to put an LWIP PCB into LISTEN mode - * - * @param PhySocket associated with this RPC connection - * @param structure containing the data and parameters for this client's RPC - * - - i := should be implemented in intercept lib - I := is implemented in intercept lib - X := is implemented in service - ? := required treatment Unknown - - := Not needed - - [?] EADDRINUSE - Another socket is already listening on the same port. - [IX] EBADF - The argument sockfd is not a valid descriptor. - [I] ENOTSOCK - The argument sockfd is not a socket. - [I] EOPNOTSUPP - The socket is not of a type that supports the listen() operation. - */ - void handleListen(PhySocket *sock, PhySocket *rpcsock, void **uptr, struct listen_st *listen_rpc); - - /* - * Handles an RPC to create a socket (LWIP PCB and associated socketpair) - * - * A socketpair is created, one end is kept and wrapped into a PhySocket object - * for use in the main ZT I/O loop, and one end is sent to the client. The client - * is then required to tell the service what new file descriptor it has allocated - * for this connection. After the mapping is complete, the socket can be used. - * - * @param PhySocket associated with this RPC connection - * @param structure containing the data and parameters for this client's RPC - * - - i := should be implemented in intercept lib - I := is implemented in intercept lib - X := is implemented in service - ? := required treatment Unknown - - := Not needed - - [-] EACCES - Permission to create a socket of the specified type and/or protocol is denied. - [I] EAFNOSUPPORT - The implementation does not support the specified address family. - [I] EINVAL - Unknown protocol, or protocol family not available. - [I] EINVAL - Invalid flags in type. - [I] EMFILE - Process file table overflow. - [?] ENFILE - The system limit on the total number of open files has been reached. - [X] ENOBUFS or ENOMEM - Insufficient memory is available. The socket cannot be created until sufficient resources are freed. - [?] EPROTONOSUPPORT - The protocol type or the specified protocol is not supported within this domain. - */ - TcpConnection * handleSocket(PhySocket *sock, void **uptr, struct socket_st* socket_rpc); - - /* - * Handles an RPC to connect to a given address and port - * - * @param PhySocket associated with this RPC connection - * @param structure containing the data and parameters for this client's RPC - - --- Error handling in this method will only catch problems which are immedately - apprent. Some errors will need to be caught in the nc_connected(0 callback - - i := should be implemented in intercept lib - I := is implemented in intercept lib - X := is implemented in service - ? := required treatment Unknown - - := Not needed - - [-] EACCES - For UNIX domain sockets, which are identified by pathname: Write permission is denied ... - [?] EACCES, EPERM - The user tried to connect to a broadcast address without having the socket broadcast flag enabled ... - [X] EADDRINUSE - Local address is already in use. - [I] EAFNOSUPPORT - The passed address didn't have the correct address family in its sa_family field. - [X] EAGAIN - No more free local ports or insufficient entries in the routing cache. - [ ] EALREADY - The socket is nonblocking and a previous connection attempt has not yet been completed. - [IX] EBADF - The file descriptor is not a valid index in the descriptor table. - [ ] ECONNREFUSED - No-one listening on the remote address. - [i] EFAULT - The socket structure address is outside the user's address space. - [ ] EINPROGRESS - The socket is nonblocking and the connection cannot be completed immediately. - [-] EINTR - The system call was interrupted by a signal that was caught. - [X] EISCONN - The socket is already connected. - [X] ENETUNREACH - Network is unreachable. - [I] ENOTSOCK - The file descriptor is not associated with a socket. - [X] ETIMEDOUT - Timeout while attempting connection. - - [X] EINVAL - Invalid argument, SVr4, generally makes sense to set this - */ - void handleConnect(PhySocket *sock, PhySocket *rpcsock, TcpConnection *conn, struct connect_st* connect_rpc); - - /* - * Return the address that the socket is bound to - */ - void handleGetsockname(PhySocket *sock, PhySocket *rpcsock, void **uptr, struct getsockname_st *getsockname_rpc); - - /* - * Writes data from the application's socket to the LWIP connection - */ - void handleWrite(TcpConnection *conn); - - /* - * Sends a return value to the intercepted application - */ - int sendReturnValue(PhySocket *sock, int retval, int _errno); - int sendReturnValue(int fd, int retval, int _errno); - - /* - * Unpacks the buffer from an RPC command - */ - void unloadRPC(void *data, pid_t &pid, pid_t &tid, - int &rpc_count, char (timestamp[RPC_TIMESTAMP_SZ]), char (magic[sizeof(uint64_t)]), char &cmd, void* &payload); - - // Unused -- no UDP or TCP from this thread/Phy<> - void phyOnDatagram(PhySocket *sock,void **uptr,const struct sockaddr *from,void *data,unsigned long len); - void phyOnTcpConnect(PhySocket *sock,void **uptr,bool success); - void phyOnTcpAccept(PhySocket *sockL,PhySocket *sockN,void **uptrL,void **uptrN,const struct sockaddr *from); - void phyOnTcpClose(PhySocket *sock,void **uptr); - void phyOnTcpData(PhySocket *sock,void **uptr,void *data,unsigned long len); - void phyOnTcpWritable(PhySocket *sock,void **uptr); - - /* - * Signals us to close the TcpConnection associated with this PhySocket - */ - void phyOnUnixClose(PhySocket *sock,void **uptr); - - /* - * Notifies us that there is data to be read from an application's socket - */ - void phyOnUnixData(PhySocket *sock,void **uptr,void *data,unsigned long len); - - /* - * Notifies us that we can write to an application's socket - */ - void phyOnUnixWritable(PhySocket *sock,void **uptr,bool lwip_invoked); - - /* - * Returns a pointer to a TcpConnection associated with a given PhySocket - */ - TcpConnection *getConnection(PhySocket *sock); - - /* - * Closes a TcpConnection, associated LWIP PCB strcuture, - * PhySocket, and underlying file descriptor - */ - void closeConnection(PhySocket *sock); - - ip_addr_t convert_ip(struct sockaddr_in * addr) - { - ip_addr_t conn_addr; - struct sockaddr_in *ipv4 = addr; - short a = ip4_addr1(&(ipv4->sin_addr)); - short b = ip4_addr2(&(ipv4->sin_addr)); - short c = ip4_addr3(&(ipv4->sin_addr)); - short d = ip4_addr4(&(ipv4->sin_addr)); - IP4_ADDR(&conn_addr, a,b,c,d); - return conn_addr; - } - - Phy<NetconEthernetTap *> _phy; - PhySocket *_unixListenSocket; - - std::vector<TcpConnection*> _TcpConnections; - std::map<uint64_t, std::pair<PhySocket*, void*> > jobmap; - - pid_t rpcCounter; - netif interface; - - MAC _mac; - Thread _thread; - std::string _homePath; - std::string _dev; // path to Unix domain socket - - std::vector<MulticastGroup> _multicastGroups; - Mutex _multicastGroups_m; - - std::vector<InetAddress> _ips; - Mutex _ips_m, _tcpconns_m, _rx_buf_m; - - unsigned int _mtu; - volatile bool _enabled; - volatile bool _run; -}; - -} // namespace ZeroTier - -#endif diff --git a/netcon/README.md b/netcon/README.md deleted file mode 100644 index 12d48c1d..00000000 --- a/netcon/README.md +++ /dev/null @@ -1,214 +0,0 @@ -Network Containers (beta) -====== - -ZeroTier Network Containers offers a microkernel-like networking paradigm for containerized applications and application-specific virtual networking. - -Network Containers couples the ZeroTier core Ethernet virtualization engine with a user-space TCP/IP stack and a library that intercepts calls to the Posix network API. This allows servers and applications to be used without modification or recompilation. It can be used to run services on virtual networks without elevated privileges, special configuration of the physical host, kernel support, or any other application specific configuration. It's ideal for use with [Docker](http://http://www.docker.com), [LXC](https://linuxcontainers.org), or [Rkt](https://coreos.com/rkt/docs/latest/) to build containerized microservices that automatically connect to a virtual network when deployed. It can also be used on a plain un-containerized Linux system to run applications on virtual networks without elevated privileges or system modification. - -More discussion can be found in our [original blog announcement](https://www.zerotier.com/blog/?p=490) and [the netcon product page](https://www.zerotier.com/product-netcon.shtml). - -Network Containers is currently in **BETA** and is suitable for testing and experimentation. Only Linux is supported. Future updates will focus on compatibility, full stack support, and improved performance, and may also port to other OSes. - -# Limitations and Compatibility - -The beta version of Network Containers **only supports TCP over IPv4**. There is no IPv6 support and no support for UDP or ICMP (or RAW sockets). That means network-containerizing *ping* won't work, nor will UDP-based apps like VoIP servers, DNS servers, or P2P apps. - -The virtual TCP/IP stack will respond to *incoming* ICMP ECHO requests, which means that you can ping it from another host on the same ZeroTier virtual network. This is useful for testing. - -**Network Containers are currently all or nothing.** If engaged, the intercept library intercepts all network I/O calls and redirects them through the new path. A network-containerized application cannot communicate over the regular network connection of its host or container or with anything else except other hosts on its ZeroTier virtual LAN. Support for optional "fall-through" to the host IP stack for outgoing connections outside the virtual network and for gateway routes within the virtual network is planned. (It will be optional since in some cases total network isolation might be considered a nice security feature.) - -#### Compatibility Test Results - -The following applications have been tested and confirmed to work for the beta release: - -Fedora 23: - - httpstub.c - nginx 1.8.0 - http 2.4.16, 2.4.17 - darkhttpd 1.11 - python 2.7.10 (python -m SimpleHTTPServer) - python 3.4.3 (python -m http.server) - redis 3.0.4 - node 6.0.0-pre - sshd - -CentOS 7: - - httpstub.c - nginx 1.6.3 - httpd 2.4.6 (debug mode -X) - darkhttpd 1.11 - node 4.2.2 - redis 2.8.19 - sshd - -Ubuntu 14.04.3: - - httpstub.c - nginx 1.4.6 - python 2.7.6 (python -m SimpleHTTPServer) - python 3.4.0 (python -m http.server) - node 5.2.0 - redis 2.8.4 - sshd - -It is *likely* to work with other things but there are no guarantees. - -# Building Network Containers - -Network Containers are currently only for Linux. To build the network container host, IP stack, and intercept library, from the base of the ZeroTier One tree run: - - make clean - make netcon - -This will build a binary called *zerotier-netcon-service* and a library called *libzerotierintercept.so*. It will also build the IP stack as *netcon/liblwip.so*. - -The *zerotier-netcon-service* binary is almost the same as a regular ZeroTier One build except instead of creating virtual network ports using Linux's */dev/net/tun* interface, it creates instances of a user-space TCP/IP stack for each virtual network and provides RPC access to this stack via a Unix domain socket. The latter is a library that can be loaded with the Linux *LD\_PRELOAD* environment variable or by placement into */etc/ld.so.preload* on a Linux system or container. Additional magic involving nameless Unix domain socket pairs and interprocess socket handoff is used to emulate TCP sockets with extremely low overhead and in a way that's compatible with select, poll, epoll, and other I/O event mechanisms. - -The intercept library does nothing unless the *ZT\_NC\_NETWORK* environment variable is set. If on program launch (or fork) it detects the presence of this environment variable, it will attempt to connect to a running *zerotier-netcon-service* at the specified Unix domain socket path. - -Unlike *zerotier-one*, *zerotier-netcon-service* does not need to be run with root privileges and will not modify the host's network configuration in any way. It can be run alongside *zerotier-one* on the same host with no ill effect, though this can be confusing since you'll have to remember the difference between "real" host interfaces (tun/tap) and network containerized endpoints. The latter are completely unknown to the kernel and will not show up in *ifconfig*. - -# Linking into an application on Mac OSX - -Example: - - gcc myapp.c -o myapp libzerotierintercept.so - export ZT_NC_NETWORK=/tmp/netcon-test-home/nc_8056c2e21c000001 - -Start service - - ./zerotier-netcon-service -d -p8000 /tmp/netcon-test-home - -Run application - - ./myapp - - -# Starting the Network Containers Service - -You don't need Docker or any other container engine to try Network Containers. A simple test can be performed in user space (no root) in your own home directory. - -First, build the netcon service and intercept library as described above. Then create a directory to act as a temporary ZeroTier home for your test netcon service instance. You'll need to move the *liblwip.so* binary that was built with *make netcon* into there, since the service must be able to find it there and load it. - - mkdir /tmp/netcon-test-home - cp -f ./netcon/liblwip.so /tmp/netcon-test-home - -Now you can run the service (no sudo needed, and *-d* tells it to run in the background): - - ./zerotier-netcon-service -d -p8000 /tmp/netcon-test-home - -As with ZeroTier One in its normal incarnation, you'll need to join a network for anything interesting to happen: - - ./zerotier-cli -D/tmp/netcon-test-home join 8056c2e21c000001 - -If you don't want to use [Earth](https://www.zerotier.com/public.shtml) for this test, replace 8056c2e21c000001 with a different network ID. The *-D* option tells *zerotier-cli* not to look in /var/lib/zerotier-one for information about a running instance of the ZeroTier system service but instead to look in */tmp/netcon-test-home*. - -Now type: - - ./zerotier-cli -D/tmp/netcon-test-home listnetworks - -Try it a few times until you see that you've successfully joined the network and have an IP address. Instead of a *zt#* device, a path to a Unix domain socket will be listed for the network's port. - -Now you will want to have ZeroTier One (the normal *zerotier-one* build, not network containers) running somewhere else, such as on another Linux system or VM. Technically you could run it on the *same* Linux system and it wouldn't matter at all, but many people find this intensely confusing until they grasp just what exactly is happening here. - -On the other Linux system, join the same network if you haven't already (8056c2e21c000001 if you're using Earth) and wait until you have an IP address. Then try pinging the IP address your netcon instance received. You should see ping replies. - -Back on the host that's running *zerotier-netcon-service*, type *ip addr list* or *ifconfig* (ifconfig is technically deprecated so some Linux systems might not have it). Notice that the IP address of the network containers endpoint is not listed and no network device is listed for it either. That's because as far as the Linux kernel is concerned it doesn't exist. - -What are you pinging? What is happening here? - -The *zerotier-netcon-service* binary has joined a *virtual* network and is running a *virtual* TCP/IP stack entirely in user space. As far as your system is concerned it's just another program exchanging UDP packets with a few other hosts on the Internet and nothing out of the ordinary is happening at all. That's why you never had to type *sudo*. It didn't change anything on the host. - -Now you can run an application inside your network container. - - export LD_PRELOAD=`pwd`/libzerotierintercept.so - export ZT_NC_NETWORK=/tmp/netcon-test-home/nc_8056c2e21c000001 - node netcon/httpserver.js - -Also note that the "pwd" in LD_PRELOAD assumes you are in the ZeroTier source root and have built netcon there. If not, substitute the full path to *libzerotierintercept.so*. If you want to remove those environment variables later, use "unset LD_PRELOAD" and "unset ZT_NC_NETWORK". - -If you don't have node.js installed, an alternative test using python would be: - - python -m SimpleHTTPServer 80 - -If you are running Python 3, use "-m http.server". - -If all went well a small static HTTP server is now serving up the current directory, but only inside the network container. Going to port 80 on your machine won't work. To reach it, go to the other system where you joined the same network with a conventional ZeroTier instance and try: - - curl http://NETCON.INSTANCE.IP/ - -Replace *NETCON.INSTANCE.IP* with the IP address that *zerotier-netcon-service* was assigned on the virtual network. (This is the same IP you pinged in your first test.) If everything works, you should get back a copy of ZeroTier One's main README.md file. - -# Installing in a Docker container (or any other container engine) - -If it's not immediately obvious, installation into a Docker container is easy. Just install *zerotier-netcon-service*, *libzerotierintercept.so*, and *liblwip.so* into the container at an appropriate locations. We suggest putting it all in */var/lib/zerotier-one* since this is the default ZeroTier home and will eliminate the need to supply a path to any of ZeroTier's services or utilities. Then, in your Docker container entry point script launch the service with *-d* to run it in the background, set the appropriate environment variables as described above, and launch your container's main application. - -The only bit of complexity is configuring which virtual network to join. ZeroTier's service automatically joins networks that have *.conf* files in *ZTHOME/networks.d* even if the *.conf* file is empty. So one way of doing this very easily is to add the following commands to your Dockerfile or container entry point script: - - mkdir -p /var/lib/zerotier-one/networks.d - touch /var/lib/zerotier-one/networks.d/8056c2e21c000001.conf - -Replace 8056c2e21c000001 with the network ID of the network you want your container to automatically join. It's also a good idea in your container's entry point script to add a small loop to wait until the container's instance of ZeroTier generates an identity and comes online. This could be something like: - - /var/lib/zerotier-one/zerotier-netcon-service -d - while [ ! -f /var/lib/zerotier-one/identity.secret ]; do - sleep 0.1 - done - # zerotier-netcon-service is now running and has generated an identity - -(Be sure you don't bundle the identity into the container, otherwise every container will try to be the same device and they will "fight" over the device's address.) - -Now each new instance of your container will automatically join the specified network on startup. Authorizing the container on a private network still requires a manual authorization step either via the ZeroTier Central web UI or the API. We're working on some ideas to automate this via bearer token auth or similar since doing this manually or with scripts for large deployments is tedious. - -# Docker-based Unit Tests - -Each unit test will temporarily copy all required ZeroTier binaries into its local directory, then build the *netcon_dockerfile* and *monitor_dockerfile*. Once built, each container will be run and perform tests and monitoring specified in *netcon_entrypoint.sh* and *monitor_entrypoint.sh* - -Results will be written to the *netcon/docker-test/_results/* directory which is a common shared volume between all containers involved in the test and will be a combination of raw and formatted dumps to files whose names reflect the test performed. In the event of failure, *FAIL.* will be prepended to the result file's name (e.g. *FAIL.my_application_1.0.2.x86_64*), likewise in the event of success, *OK.* will be prepended. - -To run unit tests: - -1) Disable SELinux. This is so the containers can use a shared volume to exchange MD5 sums and address information. - -2) Set up your own network at [https://my.zerotier.com/](https://my.zerotier.com/). For our example we'll just use the Earth network (8056c2e21c000001). Use its network id as follows: - -3) Generate two pairs of identity keys. Each public/private pair will be used by the *netcon* and *monitor* containers: - - mkdir -p /tmp/netcon_first - cp -f ./netcon/liblwip.so /tmp/netcon_first - ./zerotier-netcon-service -d -p8100 /tmp/netcon_first - while [ ! -f /tmp/netcon_first/identity.secret ]; do - sleep 0.1 - done - ./zerotier-cli -D/tmp/netcon_first join 8056c2e21c000001 - kill `cat /tmp/netcon_first/zerotier-one.pid` - - mkdir -p /tmp/netcon_second - cp -f ./netcon/liblwip.so /tmp/netcon_second - ./zerotier-netcon-service -d -p8101 /tmp/netcon_second - while [ ! -f /tmp/netcon_second/identity.secret ]; do - sleep 0.1 - done - ./zerotier-cli -D/tmp/netcon_second join 8056c2e21c000001 - kill `cat /tmp/netcon_second/zerotier-one.pid` - -4) Copy the identity files to your *docker-test* directory. Names will be altered during copy step so the dockerfiles know which identities to use for each image/container: - - cp /tmp/netcon_first/identity.public ./netcon/docker-test/netcon_identity.public - cp /tmp/netcon_first/identity.secret ./netcon/docker-test/netcon_identity.secret - - cp /tmp/netcon_second/identity.public ./netcon/docker-test/monitor_identity.public - cp /tmp/netcon_second/identity.secret ./netcon/docker-test/monitor_identity.secret - - -5) Place a blank network config file in the *netcon/docker-test* directory (e.g. "8056c2e21c000001.conf") - - This will be used to inform test-specific scripts what network to use for testing - -After you've created your network and placed its blank config file in *netcon/docker-test* run the following to perform unit tests for httpd: - - ./build.sh httpd - ./test.sh httpd - -It's useful to note that the keyword *httpd* in this example is merely a substring for a test name, this means that if we replaced it with *x86_64* or *fc23*, it would run all unit tests for *x86_64* systems or *Fedora 23* respectively. diff --git a/netcon/RPC.c b/netcon/RPC.c deleted file mode 100644 index 7d5c11e0..00000000 --- a/netcon/RPC.c +++ /dev/null @@ -1,283 +0,0 @@ -#include <stdio.h> -#include <unistd.h> -#include <sys/un.h> -#include <pthread.h> -#include <errno.h> - -#if defined(__linux__) -#include <sys/syscall.h> -#endif - -#include <fcntl.h> -#include <dlfcn.h> -#include <stdint.h> - -#include <sys/socket.h> -#include <strings.h> -#include "RPC.h" - -#define SERVICE_CONNECT_ATTEMPTS 30 - -#define CONNECT_SIG int __fd, const struct sockaddr * __addr, socklen_t __len -#define SOCKET_SIG int socket_family, int socket_type, int protocol - -static int (*realconnect)(CONNECT_SIG) = 0; -static int (*realsocket)(SOCKET_SIG) = 0; - -#ifdef NETCON_INTERCEPT -static int rpc_count; -#endif - -static pthread_mutex_t lock; -void rpc_mutex_init() { - if(pthread_mutex_init(&lock, NULL) != 0) { - fprintf(stderr, "error while initializing service call mutex\n"); - } -} -void rpc_mutex_destroy() { - pthread_mutex_destroy(&lock); -} - -/* - * Reads a new file descriptor from the service - */ -int get_new_fd(int sock) -{ - char buf[BUF_SZ]; - int newfd; - ssize_t size = sock_fd_read(sock, buf, sizeof(buf), &newfd); - if(size > 0) - return newfd; - return -1; -} - -/* - * Reads a return value from the service and sets errno (if applicable) - */ -int get_retval(int rpc_sock) -{ - if(rpc_sock >= 0) { - int retval; - int sz = sizeof(char) + sizeof(retval) + sizeof(errno); - char retbuf[BUF_SZ]; - memset(&retbuf, 0, sz); - int n_read = read(rpc_sock, &retbuf, sz); - if(n_read > 0) { - memcpy(&retval, &retbuf[1], sizeof(retval)); - memcpy(&errno, &retbuf[1+sizeof(retval)], sizeof(errno)); - return retval; - } - } - return -1; -} - -int load_symbols_rpc() -{ -#ifdef NETCON_INTERCEPT - realsocket = dlsym(RTLD_NEXT, "socket"); - realconnect = dlsym(RTLD_NEXT, "connect"); - if(!realconnect || !realsocket) - return -1; -#endif - return 1; -} - -int rpc_join(const char * sockname) -{ - if(!load_symbols_rpc()) - return -1; - - struct sockaddr_un addr; - int conn_err = -1, attempts = 0; - memset(&addr, 0, sizeof(addr)); - addr.sun_family = AF_UNIX; - strncpy(addr.sun_path, sockname, sizeof(addr.sun_path)-1); - - int sock; - if((sock = realsocket(AF_UNIX, SOCK_STREAM, 0)) < 0){ - fprintf(stderr, "Error while creating RPC socket\n"); - return -1; - } - while((conn_err != 0) && (attempts < SERVICE_CONNECT_ATTEMPTS)){ - if((conn_err = realconnect(sock, (struct sockaddr*)&addr, sizeof(addr))) != 0) { - fprintf(stderr, "Error while connecting to RPC socket. Re-attempting...\n"); - sleep(1); - } - else - return sock; - attempts++; - } - return -1; -} - -/* - * Send a command to the service - */ -int rpc_send_command(char *path, int cmd, int forfd, void *data, int len) -{ - pthread_mutex_lock(&lock); - char c, padding[] = {PADDING}; - char cmdbuf[BUF_SZ], CANARY[CANARY_SZ+PADDING_SZ], metabuf[BUF_SZ]; - memcpy(CANARY+CANARY_SZ, padding, sizeof(padding)); - uint64_t canary_num; - // ephemeral RPC socket used only for this command - int rpc_sock = rpc_join(path); - // Generate token - int fdrand = open("/dev/urandom", O_RDONLY); - - if(read(fdrand, &CANARY, CANARY_SZ) < 0) { - fprintf(stderr,"unable to read from /dev/urandom for RPC canary data\n"); - return -1; - } - memcpy(&canary_num, CANARY, CANARY_SZ); - cmdbuf[CMD_ID_IDX] = cmd; - memcpy(&cmdbuf[CANARY_IDX], &canary_num, CANARY_SZ); - memcpy(&cmdbuf[STRUCT_IDX], data, len); - -#if defined(VERBOSE) - rpc_count++; - memset(metabuf, 0, BUF_SZ); -#if defined(__linux__) - pid_t pid = syscall(SYS_getpid); - pid_t tid = syscall(SYS_gettid); -#endif - char timestring[20]; - time_t timestamp; - timestamp = time(NULL); - strftime(timestring, sizeof(timestring), "%H:%M:%S", localtime(×tamp)); - memcpy(metabuf, RPC_PHRASE, RPC_PHRASE_SZ); // Write signal phrase -#if defined(__linux__) - memcpy(&metabuf[IDX_PID], &pid, sizeof(pid_t) ); /* pid */ - memcpy(&metabuf[IDX_TID], &tid, sizeof(pid_t) ); /* tid */ -#endif - memcpy(&metabuf[IDX_COUNT], &rpc_count, sizeof(rpc_count) ); /* rpc_count */ - memcpy(&metabuf[IDX_TIME], ×tring, 20 ); /* timestamp */ -#endif - /* Combine command flag+payload with RPC metadata */ - memcpy(&metabuf[IDX_PAYLOAD], cmdbuf, len + 1 + CANARY_SZ); - - // Write RPC - int n_write = write(rpc_sock, &metabuf, BUF_SZ); - if(n_write < 0) { - fprintf(stderr, "Error writing command to service (CMD = %d)\n", cmdbuf[CMD_ID_IDX]); - errno = 0; - } - // Write token to corresponding data stream - if(read(rpc_sock, &c, 1) < 0) { - fprintf(stderr, "unable to read RPC ACK byte from service.\n"); - return -1; - } - if(c == 'z' && n_write > 0 && forfd > -1){ - if(send(forfd, &CANARY, CANARY_SZ+PADDING_SZ, 0) < 0) { - fprintf(stderr,"unable to write canary to stream\n"); - return -1; - } - } - // Process response from service - int ret = ERR_OK; - if(n_write > 0) { - if(cmdbuf[CMD_ID_IDX]==RPC_SOCKET) { - pthread_mutex_unlock(&lock); - return rpc_sock; // Used as new socket - } - if(cmdbuf[CMD_ID_IDX]==RPC_CONNECT - || cmdbuf[CMD_ID_IDX]==RPC_BIND - || cmdbuf[CMD_ID_IDX]==RPC_LISTEN) { - ret = get_retval(rpc_sock); - } - if(cmdbuf[CMD_ID_IDX]==RPC_GETSOCKNAME) { - pthread_mutex_unlock(&lock); - return rpc_sock; // Don't close rpc here, we'll use it to read getsockopt_st - } - } - else - ret = -1; - close(rpc_sock); // We're done with this RPC socket, close it (if type-R) - pthread_mutex_unlock(&lock); - return ret; -} - -/* - * Send file descriptor - */ -ssize_t sock_fd_write(int sock, int fd) -{ - ssize_t size; - struct msghdr msg; - struct iovec iov; - char buf = '\0'; - int buflen = 1; - union { - struct cmsghdr cmsghdr; - char control[CMSG_SPACE(sizeof (int))]; - } cmsgu; - struct cmsghdr *cmsg; - iov.iov_base = &buf; - iov.iov_len = buflen; - msg.msg_name = NULL; - msg.msg_namelen = 0; - msg.msg_iov = &iov; - msg.msg_iovlen = 1; - if (fd != -1) { - msg.msg_control = cmsgu.control; - msg.msg_controllen = sizeof(cmsgu.control); - cmsg = CMSG_FIRSTHDR(&msg); - cmsg->cmsg_len = CMSG_LEN(sizeof (int)); - cmsg->cmsg_level = SOL_SOCKET; - cmsg->cmsg_type = SCM_RIGHTS; - *((int *) CMSG_DATA(cmsg)) = fd; - } else { - msg.msg_control = NULL; - msg.msg_controllen = 0; - } - size = sendmsg(sock, &msg, 0); - if (size < 0) - perror ("sendmsg"); - return size; -} -/* - * Read a file descriptor - */ -ssize_t sock_fd_read(int sock, void *buf, ssize_t bufsize, int *fd) -{ - ssize_t size; - if (fd) { - struct msghdr msg; - struct iovec iov; - union { - struct cmsghdr cmsghdr; - char control[CMSG_SPACE(sizeof (int))]; - } cmsgu; - struct cmsghdr *cmsg; - iov.iov_base = buf; - iov.iov_len = bufsize; - msg.msg_name = NULL; - msg.msg_namelen = 0; - msg.msg_iov = &iov; - msg.msg_iovlen = 1; - msg.msg_control = cmsgu.control; - msg.msg_controllen = sizeof(cmsgu.control); - size = recvmsg (sock, &msg, 0); - if (size < 0) - return -1; - cmsg = CMSG_FIRSTHDR(&msg); - if (cmsg && cmsg->cmsg_len == CMSG_LEN(sizeof(int))) { - if (cmsg->cmsg_level != SOL_SOCKET) { - fprintf (stderr, "invalid cmsg_level %d\n",cmsg->cmsg_level); - return -1; - } - if (cmsg->cmsg_type != SCM_RIGHTS) { - fprintf (stderr, "invalid cmsg_type %d\n",cmsg->cmsg_type); - return -1; - } - *fd = *((int *) CMSG_DATA(cmsg)); - } else *fd = -1; - } else { - size = read (sock, buf, bufsize); - if (size < 0) { - fprintf(stderr, "sock_fd_read(): read: Error\n"); - return -1; - } - } - return size; -} diff --git a/netcon/RPC.h b/netcon/RPC.h deleted file mode 100644 index 2ae8f154..00000000 --- a/netcon/RPC.h +++ /dev/null @@ -1,115 +0,0 @@ -#ifndef __RPCLIB_H_ -#define __RPCLIB_H_ - -#include <stdint.h> - -#define CANARY_SZ sizeof(uint64_t) -#define PADDING_SZ 12 -#define PADDING 0, 1, 1, 2, 3, 5, 8, 13, 21, 34, 55, 89 - -#define RPC_PHRASE "zerotier\0" -#define RPC_PHRASE_SZ 9 -#define RPC_TIMESTAMP_SZ 20 -// 1st RPC section (metdata) -#define IDX_SIGNAL_PHRASE 0 -#define IDX_PID IDX_SIGNAL_PHRASE + RPC_PHRASE_SZ -#define IDX_TID sizeof(pid_t) + IDX_PID -#define IDX_COUNT IDX_TID + sizeof(pid_t) -#define IDX_TIME IDX_COUNT + sizeof(int) -#define IDX_PAYLOAD IDX_TIME + RPC_TIMESTAMP_SZ -// 2nd RPC section (payload and canary) -#define CMD_ID_IDX 0 -#define CANARY_IDX 1 -#define STRUCT_IDX CANARY_IDX+CANARY_SZ - -#define BUF_SZ 512 - -#define ERR_OK 0 - -/* RPC codes */ -#define RPC_UNDEFINED 0 -#define RPC_CONNECT 1 -#define RPC_CONNECT_SOCKARG 2 -#define RPC_CLOSE 3 -#define RPC_READ 4 -#define RPC_WRITE 5 -#define RPC_BIND 6 -#define RPC_ACCEPT 7 -#define RPC_LISTEN 8 -#define RPC_SOCKET 9 -#define RPC_SHUTDOWN 10 -#define RPC_GETSOCKNAME 11 -#define RPC_RETVAL 12 - -#ifdef __cplusplus -extern "C" { -#endif - -int get_retval(int); -int rpc_join(const char * sockname); -int rpc_send_command(char *path, int cmd, int forfd, void *data, int len); - -int get_new_fd(int sock); -ssize_t sock_fd_write(int sock, int fd); -ssize_t sock_fd_read(int sock, void *buf, ssize_t bufsize, int *fd); - -void rpc_mutex_destroy(); -void rpc_mutex_init(); - - -/* Structures used for sending commands via RPC mechanism */ - -struct bind_st { - int sockfd; - struct sockaddr_storage addr; - socklen_t addrlen; - int __tid; -}; - -struct connect_st { - int __fd; - struct sockaddr_storage __addr; - socklen_t __len; - int __tid; -}; - -struct close_st { - int fd; -}; - -struct listen_st { - int sockfd; - int backlog; - int __tid; -}; - -struct socket_st { - int socket_family; - int socket_type; - int protocol; - int __tid; -}; - -struct accept_st { - int sockfd; - struct sockaddr_storage addr; - socklen_t addrlen; - int __tid; -}; - -struct shutdown_st { - int socket; - int how; -}; - -struct getsockname_st { - int sockfd; - struct sockaddr_storage addr; - socklen_t addrlen; -}; - -#ifdef __cplusplus -} -#endif - -#endif
\ No newline at end of file diff --git a/netcon/common.inc.c b/netcon/common.inc.c deleted file mode 100644 index 6468dac2..00000000 --- a/netcon/common.inc.c +++ /dev/null @@ -1,108 +0,0 @@ -/* - * ZeroTier One - Network Virtualization Everywhere - * Copyright (C) 2011-2015 ZeroTier, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * - * -- - * - * ZeroTier may be used and distributed under the terms of the GPLv3, which - * are available at: http://www.gnu.org/licenses/gpl-3.0.html - * - * If you would like to embed ZeroTier into a commercial application or - * redistribute it in a modified binary form, please contact ZeroTier Networks - * LLC. Start here: http://www.zerotier.com/ - */ - -#include <stdio.h> -#include <netdb.h> -#include <stdarg.h> -#include <errno.h> -#include <stdlib.h> -#include <string.h> -#include <time.h> -#include <unistd.h> -#include <arpa/inet.h> -#include <netinet/in.h> -#include <pthread.h> -#include <fcntl.h> -#include <sys/syscall.h> - -#ifndef _COMMON_H -#define _COMMON_H 1 - -#define DEBUG_LEVEL 0 - -#define MSG_TRANSFER 1 // RX/TX specific statements -#define MSG_ERROR 2 // Errors -#define MSG_INFO 3 // Information which is generally useful to any user -#define MSG_DEBUG 4 // Information which is only useful to someone debugging -#define MSG_DEBUG_EXTRA 5 // If nothing in your world makes sense - -#ifdef NETCON_INTERCEPT - -void print_addr(struct sockaddr *addr) -{ - char *s = NULL; - switch(addr->sa_family) { - case AF_INET: { - struct sockaddr_in *addr_in = (struct sockaddr_in *)addr; - s = malloc(INET_ADDRSTRLEN); - inet_ntop(AF_INET, &(addr_in->sin_addr), s, INET_ADDRSTRLEN); - break; - } - case AF_INET6: { - struct sockaddr_in6 *addr_in6 = (struct sockaddr_in6 *)addr; - s = malloc(INET6_ADDRSTRLEN); - inet_ntop(AF_INET6, &(addr_in6->sin6_addr), s, INET6_ADDRSTRLEN); - break; - } - default: - break; - } - fprintf(stderr, "IP address: %s\n", s); - free(s); -} -#endif - -#ifdef NETCON_SERVICE - namespace ZeroTier { -#endif - void dwr(int level, const char *fmt, ... ) - { - if(level > DEBUG_LEVEL) - return; - int saveerr; - saveerr = errno; - va_list ap; - va_start(ap, fmt); - #ifdef VERBOSE // So we can cut out some clutter in the strace output while debugging - char timestring[20]; - time_t timestamp; - timestamp = time(NULL); - strftime(timestring, sizeof(timestring), "%H:%M:%S", localtime(×tamp)); - pid_t tid = syscall(SYS_gettid); - fprintf(stderr, "%s [tid=%7d] ", timestring, tid); - #endif - vfprintf(stderr, fmt, ap); - fflush(stderr); - - errno = saveerr; - va_end(ap); - } -#ifdef NETCON_SERVICE -} -#endif - -#endif diff --git a/netcon/docker-test/_build_single_image.sh b/netcon/docker-test/_build_single_image.sh deleted file mode 100755 index aa4b77d4..00000000 --- a/netcon/docker-test/_build_single_image.sh +++ /dev/null @@ -1,30 +0,0 @@ -# Builds a test docker image - -test_name=${PWD##*/} -echo 'Building dockerfiles for test: ' "$test_name" -touch "$test_name".name - -# Docker won't allow the inclusion of files outside of the build directory -cp ../../*.conf . -cp ../../zerotier-one zerotier-one -cp ../../zerotier-cli zerotier-cli -cp ../../zerotier-cli zerotier-netcon-service -cp ../../zerotier-intercept zerotier-intercept -cp ../../libzerotierintercept.so libzerotierintercept.so -cp ../../liblwip.so liblwip.so -cp ../../netcon_identity.public netcon_identity.public -cp ../../netcon_identity.secret netcon_identity.secret -cp ../../monitor_identity.public monitor_identity.public -cp ../../monitor_identity.secret monitor_identity.secret - -docker build --tag="$test_name" -f netcon_dockerfile . -docker build --tag="$test_name"_monitor -f monitor_dockerfile . - -rm -f zerotier-cli -rm -f zerotier-netcon-service -rm -f zerotier-intercept -rm -f *.so -rm -f *.public -rm -f *.secret -rm -f *.conf -rm -f *.name
\ No newline at end of file diff --git a/netcon/docker-test/_remove_all.sh b/netcon/docker-test/_remove_all.sh deleted file mode 100755 index c6090a9b..00000000 --- a/netcon/docker-test/_remove_all.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -# Delete all containers -docker rm $(docker ps -a -q) -# Delete all images -docker rmi $(docker images -q) diff --git a/netcon/docker-test/_two_party_test.sh b/netcon/docker-test/_two_party_test.sh deleted file mode 100755 index 8fa3b3eb..00000000 --- a/netcon/docker-test/_two_party_test.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash - -# Runs test image and monitor image as daemons -test_name=${PWD##*/} -echo 'Starting containers for: ' "$test_name" -touch "$test_name".name -test_container=$(docker run -d -it -v $PWD/../../_results:/opt/results --device=/dev/net/tun "$test_name":latest) -monitor_container=$(docker run -d -it -v $PWD/../../_results:/opt/results --device=/dev/net/tun "$test_name"_monitor:latest) - -echo "waiting $netcon_test_wait_time for test to complete." -sleep $netcon_test_wait_time -docker stop $(docker ps -a -q) -docker rm $test_container -docker rm $monitor_container - -rm -f *.name
\ No newline at end of file diff --git a/netcon/docker-test/build.sh b/netcon/docker-test/build.sh deleted file mode 100755 index bb5fd8e7..00000000 --- a/netcon/docker-test/build.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash - -echo "*** Building Zerotier-One, libraries, and test/monitor images..." - -./build_zt.sh -./build_tests.sh $1 - -echo "*** Done" diff --git a/netcon/docker-test/build_tests.sh b/netcon/docker-test/build_tests.sh deleted file mode 100755 index 65009f18..00000000 --- a/netcon/docker-test/build_tests.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash - -# Merely BUILDS test images - -# Remove previous test results -rm _results/*.txt - -# How long we shall wait for each test to conclude -export netcon_test_wait_time=60s - -export image_build_script=_build_single_image.sh - -# Iterate over all depth=2 (relatively-speaking) directories and perform each test -find . -mindepth 2 -maxdepth 2 -type d | while read testdir; do - - if [[ $testdir != *$1* ]] - then - continue - fi - - echo "\n\n\n*** Building: '$testdir'..." - rm _results/*.tmp - - # Stage scripts - cp $image_build_script $testdir/$image_build_script - cd $testdir - - # Build test docker images - ./$image_build_script - rm $image_build_script - - cd ../../ -done diff --git a/netcon/docker-test/build_zt.sh b/netcon/docker-test/build_zt.sh deleted file mode 100755 index d36c407f..00000000 --- a/netcon/docker-test/build_zt.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash - -# Builds Zerotier-One and libraries required for Network Containers, then -# copies the binaries into the test directory. - -cd ../../ -make clean -make one -make netcon -cd netcon/docker-test - -cp ../../zerotier-cli zerotier-cli -cp ../../zerotier-netcon-service zerotier-netcon-service -cp ../../libzerotierintercept.so libzerotierintercept.so - -cp ../liblwip.so liblwip.so -cp ../zerotier-intercept zerotier-intercept - -cp ../../zerotier-one zerotier-one - diff --git a/netcon/docker-test/darkhttpd/darkhttpd-1.11.x86_64/monitor_dockerfile b/netcon/docker-test/darkhttpd/darkhttpd-1.11.x86_64/monitor_dockerfile deleted file mode 100644 index d2d2a0cb..00000000 --- a/netcon/docker-test/darkhttpd/darkhttpd-1.11.x86_64/monitor_dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -# ZT Network Containers Test Monitor -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -EXPOSE 9993/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD monitor_identity.public /var/lib/zerotier-one/identity.public -ADD monitor_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -ADD zerotier-one / -ADD zerotier-cli / - -# Start ZeroTier-One -ADD monitor_entrypoint.sh /monitor_entrypoint.sh -RUN chmod -v +x /monitor_entrypoint.sh -CMD ["./monitor_entrypoint.sh"] diff --git a/netcon/docker-test/darkhttpd/darkhttpd-1.11.x86_64/monitor_entrypoint.sh b/netcon/docker-test/darkhttpd/darkhttpd-1.11.x86_64/monitor_entrypoint.sh deleted file mode 100644 index c8fca5a3..00000000 --- a/netcon/docker-test/darkhttpd/darkhttpd-1.11.x86_64/monitor_entrypoint.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -netcon_wait_time=35 # wait for test container to come online -app_timeout_time=25 # app-specific timeout -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -fail=FAIL. # appended to result file in event of failure -ok=OK. # appended to result file in event of success -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile # large, random test transfer file -rx_md5sumfile="$file_path"rx_"$bigfile_name"_md5sum"$tmp_ext" -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test Monitor' -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` -done -echo '*** Starting Test...' -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Sleeping for (' "$netcon_wait_time" 's ) while we wait for the Network Container to come online...' -sleep "$netcon_wait_time"s -ncvirtip=$(<$address_file) - - -# --- Test section --- -echo '*** Curling from intercepted server at' $ncvirtip -rm -rf "$file_path"*."$file_base" -touch "$bigfile_name" - -# Perform test -# curl --connect-timeout "$app_timeout_time" -v -o "$file_path$file_base" http://"$ncvirtip"/index.html -# Large transfer test -curl --connect-timeout "$app_timeout_time" -v -o "$bigfile_name" http://"$ncvirtip"/"$bigfile_name" - -# Check md5 -md5sum < "$bigfile_name" > "$rx_md5sumfile" -rx_md5sum=$(<$rx_md5sumfile) -tx_md5sum=$(<$tx_md5sumfile) - -echo '*** Comparing md5: ' "$rx_md5sum" ' and ' "$tx_md5sum" - -if [ "$rx_md5sum" != "$tx_md5sum" ]; -then - echo 'MD5 FAIL' - touch "$file_path$fail$test_name.txt" - printf 'Test: md5 sum did not match!\n' >> "$file_path$fail$test_name.txt" -else - echo 'MD5 OK' - touch "$file_path$ok$test_name.txt" - printf 'Test: md5 sum ok!\n' >> "$file_path$ok$test_name.txt" - cat "$rx_md5sumfile" >> "$file_path$ok$test_name.txt" - cat "$tx_md5sumfile" >> "$file_path$ok$test_name.txt" -fi - - - - - - - - - - - diff --git a/netcon/docker-test/darkhttpd/darkhttpd-1.11.x86_64/netcon_dockerfile b/netcon/docker-test/darkhttpd/darkhttpd-1.11.x86_64/netcon_dockerfile deleted file mode 100644 index 66a39d88..00000000 --- a/netcon/docker-test/darkhttpd/darkhttpd-1.11.x86_64/netcon_dockerfile +++ /dev/null @@ -1,38 +0,0 @@ -# ZT Network Containers Test -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -# Install apps -RUN yum -y update -RUN yum -y install darkhttpd-1.11 -RUN yum clean all - -EXPOSE 9993/udp 80/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD netcon_identity.public /var/lib/zerotier-one/identity.public -ADD netcon_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -# Install syscall intercept library -ADD zerotier-intercept / -ADD libzerotierintercept.so / -RUN cp libzerotierintercept.so lib/libzerotierintercept.so -RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept -RUN /usr/bin/install -c zerotier-intercept /usr/bin - -ADD zerotier-cli / -ADD zerotier-netcon-service / - -# Install test scripts -ADD netcon_entrypoint.sh /netcon_entrypoint.sh -RUN chmod -v +x /netcon_entrypoint.sh - -# Start ZeroTier-One -CMD ["./netcon_entrypoint.sh"] diff --git a/netcon/docker-test/darkhttpd/darkhttpd-1.11.x86_64/netcon_entrypoint.sh b/netcon/docker-test/darkhttpd/darkhttpd-1.11.x86_64/netcon_entrypoint.sh deleted file mode 100644 index 978696a8..00000000 --- a/netcon/docker-test/darkhttpd/darkhttpd-1.11.x86_64/netcon_entrypoint.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile -bigfile_size=10M # size of file we want to use for the test -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` - dev=`/zerotier-cli listnetworks | grep -F "" | cut -d ' ' -f 8 | cut -d "_" -f 2 | sed "s/^<dev>//" | tr '\n' '\0'` -done -echo '--- Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Writing address to ' "$address_file" -echo $virtip4 > "$address_file" - -# --- Test section --- -# Generate large random file for transfer test, share md5sum for monitor container to check -echo '*** Generating ' "$bigfile_size" ' file' -dd if=/dev/urandom of="$bigfile_name" bs="$bigfile_size" count=1 -md5sum < "$bigfile_name" > "$tx_md5sumfile" -echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" - -echo '*** Starting application...' -sleep 0.5 - -export ZT_NC_NETWORK=/var/lib/zerotier-one/nc_"$dev" -export LD_PRELOAD=./libzerotierintercept.so -darkhttpd / diff --git a/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/monitor_dockerfile b/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/monitor_dockerfile deleted file mode 100644 index d2d2a0cb..00000000 --- a/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/monitor_dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -# ZT Network Containers Test Monitor -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -EXPOSE 9993/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD monitor_identity.public /var/lib/zerotier-one/identity.public -ADD monitor_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -ADD zerotier-one / -ADD zerotier-cli / - -# Start ZeroTier-One -ADD monitor_entrypoint.sh /monitor_entrypoint.sh -RUN chmod -v +x /monitor_entrypoint.sh -CMD ["./monitor_entrypoint.sh"] diff --git a/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/monitor_entrypoint.sh b/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/monitor_entrypoint.sh deleted file mode 100644 index c8fca5a3..00000000 --- a/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/monitor_entrypoint.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -netcon_wait_time=35 # wait for test container to come online -app_timeout_time=25 # app-specific timeout -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -fail=FAIL. # appended to result file in event of failure -ok=OK. # appended to result file in event of success -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile # large, random test transfer file -rx_md5sumfile="$file_path"rx_"$bigfile_name"_md5sum"$tmp_ext" -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test Monitor' -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` -done -echo '*** Starting Test...' -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Sleeping for (' "$netcon_wait_time" 's ) while we wait for the Network Container to come online...' -sleep "$netcon_wait_time"s -ncvirtip=$(<$address_file) - - -# --- Test section --- -echo '*** Curling from intercepted server at' $ncvirtip -rm -rf "$file_path"*."$file_base" -touch "$bigfile_name" - -# Perform test -# curl --connect-timeout "$app_timeout_time" -v -o "$file_path$file_base" http://"$ncvirtip"/index.html -# Large transfer test -curl --connect-timeout "$app_timeout_time" -v -o "$bigfile_name" http://"$ncvirtip"/"$bigfile_name" - -# Check md5 -md5sum < "$bigfile_name" > "$rx_md5sumfile" -rx_md5sum=$(<$rx_md5sumfile) -tx_md5sum=$(<$tx_md5sumfile) - -echo '*** Comparing md5: ' "$rx_md5sum" ' and ' "$tx_md5sum" - -if [ "$rx_md5sum" != "$tx_md5sum" ]; -then - echo 'MD5 FAIL' - touch "$file_path$fail$test_name.txt" - printf 'Test: md5 sum did not match!\n' >> "$file_path$fail$test_name.txt" -else - echo 'MD5 OK' - touch "$file_path$ok$test_name.txt" - printf 'Test: md5 sum ok!\n' >> "$file_path$ok$test_name.txt" - cat "$rx_md5sumfile" >> "$file_path$ok$test_name.txt" - cat "$tx_md5sumfile" >> "$file_path$ok$test_name.txt" -fi - - - - - - - - - - - diff --git a/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_dockerfile b/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_dockerfile deleted file mode 100644 index fe668fb7..00000000 --- a/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_dockerfile +++ /dev/null @@ -1,38 +0,0 @@ -# ZT Network Containers Test -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -# Install apps -RUN yum -y update -RUN yum -y install httpd-2.4.16-1.fc23.x86_64 -RUN yum clean all - -EXPOSE 9993/udp 80/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD netcon_identity.public /var/lib/zerotier-one/identity.public -ADD netcon_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -# Install syscall intercept library -ADD zerotier-intercept / -ADD libzerotierintercept.so / -RUN cp libzerotierintercept.so lib/libzerotierintercept.so -RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept -RUN /usr/bin/install -c zerotier-intercept /usr/bin - -ADD zerotier-cli / -ADD zerotier-netcon-service / - -# Install test scripts -ADD netcon_entrypoint.sh /netcon_entrypoint.sh -RUN chmod -v +x /netcon_entrypoint.sh - -# Start ZeroTier-One -CMD ["./netcon_entrypoint.sh"] diff --git a/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_entrypoint.sh b/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_entrypoint.sh deleted file mode 100644 index 688bd63b..00000000 --- a/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_entrypoint.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile -bigfile_size=10M # size of file we want to use for the test -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` - dev=`/zerotier-cli listnetworks | grep -F "" | cut -d ' ' -f 8 | cut -d "_" -f 2 | sed "s/^<dev>//" | tr '\n' '\0'` -done -echo '--- Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Writing address to ' "$address_file" -echo $virtip4 > "$address_file" - -# --- Test section --- -# Generate large random file for transfer test, share md5sum for monitor container to check -echo '*** Generating ' "$bigfile_size" ' file' -dd if=/dev/urandom of=/var/www/html/"$bigfile_name" bs="$bigfile_size" count=1 -md5sum < /var/www/html/"$bigfile_name" > "$tx_md5sumfile" -echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" - -echo '*** Starting application...' -sleep 0.5 -rm -rf /run/httpd/* /tmp/httpd* - -export ZT_NC_NETWORK=/var/lib/zerotier-one/nc_"$dev" -export LD_PRELOAD=./libzerotierintercept.so -/usr/sbin/httpd -X diff --git a/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/monitor_dockerfile b/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/monitor_dockerfile deleted file mode 100644 index d2d2a0cb..00000000 --- a/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/monitor_dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -# ZT Network Containers Test Monitor -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -EXPOSE 9993/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD monitor_identity.public /var/lib/zerotier-one/identity.public -ADD monitor_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -ADD zerotier-one / -ADD zerotier-cli / - -# Start ZeroTier-One -ADD monitor_entrypoint.sh /monitor_entrypoint.sh -RUN chmod -v +x /monitor_entrypoint.sh -CMD ["./monitor_entrypoint.sh"] diff --git a/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/monitor_entrypoint.sh b/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/monitor_entrypoint.sh deleted file mode 100644 index c8fca5a3..00000000 --- a/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/monitor_entrypoint.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -netcon_wait_time=35 # wait for test container to come online -app_timeout_time=25 # app-specific timeout -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -fail=FAIL. # appended to result file in event of failure -ok=OK. # appended to result file in event of success -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile # large, random test transfer file -rx_md5sumfile="$file_path"rx_"$bigfile_name"_md5sum"$tmp_ext" -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test Monitor' -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` -done -echo '*** Starting Test...' -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Sleeping for (' "$netcon_wait_time" 's ) while we wait for the Network Container to come online...' -sleep "$netcon_wait_time"s -ncvirtip=$(<$address_file) - - -# --- Test section --- -echo '*** Curling from intercepted server at' $ncvirtip -rm -rf "$file_path"*."$file_base" -touch "$bigfile_name" - -# Perform test -# curl --connect-timeout "$app_timeout_time" -v -o "$file_path$file_base" http://"$ncvirtip"/index.html -# Large transfer test -curl --connect-timeout "$app_timeout_time" -v -o "$bigfile_name" http://"$ncvirtip"/"$bigfile_name" - -# Check md5 -md5sum < "$bigfile_name" > "$rx_md5sumfile" -rx_md5sum=$(<$rx_md5sumfile) -tx_md5sum=$(<$tx_md5sumfile) - -echo '*** Comparing md5: ' "$rx_md5sum" ' and ' "$tx_md5sum" - -if [ "$rx_md5sum" != "$tx_md5sum" ]; -then - echo 'MD5 FAIL' - touch "$file_path$fail$test_name.txt" - printf 'Test: md5 sum did not match!\n' >> "$file_path$fail$test_name.txt" -else - echo 'MD5 OK' - touch "$file_path$ok$test_name.txt" - printf 'Test: md5 sum ok!\n' >> "$file_path$ok$test_name.txt" - cat "$rx_md5sumfile" >> "$file_path$ok$test_name.txt" - cat "$tx_md5sumfile" >> "$file_path$ok$test_name.txt" -fi - - - - - - - - - - - diff --git a/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/netcon_dockerfile b/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/netcon_dockerfile deleted file mode 100644 index 76b7b7dd..00000000 --- a/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/netcon_dockerfile +++ /dev/null @@ -1,39 +0,0 @@ -# ZT Network Containers Test -FROM ubuntu:14.04 -MAINTAINER https://www.zerotier.com/ - -RUN \ - sed -i 's/# \(.*multiverse$\)/\1/g' /etc/apt/sources.list && \ - apt-get update && \ - apt-get -y upgrade && \ - apt-get -y install apache2 - -EXPOSE 9993/udp 80/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD netcon_identity.public /var/lib/zerotier-one/identity.public -ADD netcon_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -# Install syscall intercept library -ADD zerotier-intercept / -ADD libzerotierintercept.so / -RUN cp libzerotierintercept.so lib/libzerotierintercept.so -RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept -RUN /usr/bin/install -c zerotier-intercept /usr/bin - -ADD zerotier-cli / -ADD zerotier-netcon-service / - -# Install test scripts -ADD netcon_entrypoint.sh /netcon_entrypoint.sh -RUN chmod -v +x /netcon_entrypoint.sh - -# Start ZeroTier-One -CMD ["./netcon_entrypoint.sh"] diff --git a/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/netcon_entrypoint.sh b/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/netcon_entrypoint.sh deleted file mode 100644 index 688bd63b..00000000 --- a/netcon/docker-test/httpd/httpd-2.4.16-1.ub14.x86_64/netcon_entrypoint.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile -bigfile_size=10M # size of file we want to use for the test -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` - dev=`/zerotier-cli listnetworks | grep -F "" | cut -d ' ' -f 8 | cut -d "_" -f 2 | sed "s/^<dev>//" | tr '\n' '\0'` -done -echo '--- Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Writing address to ' "$address_file" -echo $virtip4 > "$address_file" - -# --- Test section --- -# Generate large random file for transfer test, share md5sum for monitor container to check -echo '*** Generating ' "$bigfile_size" ' file' -dd if=/dev/urandom of=/var/www/html/"$bigfile_name" bs="$bigfile_size" count=1 -md5sum < /var/www/html/"$bigfile_name" > "$tx_md5sumfile" -echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" - -echo '*** Starting application...' -sleep 0.5 -rm -rf /run/httpd/* /tmp/httpd* - -export ZT_NC_NETWORK=/var/lib/zerotier-one/nc_"$dev" -export LD_PRELOAD=./libzerotierintercept.so -/usr/sbin/httpd -X diff --git a/netcon/docker-test/httpd/httpd-2.4.18-1.fc23.x86_64/monitor_dockerfile b/netcon/docker-test/httpd/httpd-2.4.18-1.fc23.x86_64/monitor_dockerfile deleted file mode 100644 index d2d2a0cb..00000000 --- a/netcon/docker-test/httpd/httpd-2.4.18-1.fc23.x86_64/monitor_dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -# ZT Network Containers Test Monitor -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -EXPOSE 9993/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD monitor_identity.public /var/lib/zerotier-one/identity.public -ADD monitor_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -ADD zerotier-one / -ADD zerotier-cli / - -# Start ZeroTier-One -ADD monitor_entrypoint.sh /monitor_entrypoint.sh -RUN chmod -v +x /monitor_entrypoint.sh -CMD ["./monitor_entrypoint.sh"] diff --git a/netcon/docker-test/httpd/httpd-2.4.18-1.fc23.x86_64/monitor_entrypoint.sh b/netcon/docker-test/httpd/httpd-2.4.18-1.fc23.x86_64/monitor_entrypoint.sh deleted file mode 100644 index c8fca5a3..00000000 --- a/netcon/docker-test/httpd/httpd-2.4.18-1.fc23.x86_64/monitor_entrypoint.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -netcon_wait_time=35 # wait for test container to come online -app_timeout_time=25 # app-specific timeout -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -fail=FAIL. # appended to result file in event of failure -ok=OK. # appended to result file in event of success -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile # large, random test transfer file -rx_md5sumfile="$file_path"rx_"$bigfile_name"_md5sum"$tmp_ext" -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test Monitor' -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` -done -echo '*** Starting Test...' -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Sleeping for (' "$netcon_wait_time" 's ) while we wait for the Network Container to come online...' -sleep "$netcon_wait_time"s -ncvirtip=$(<$address_file) - - -# --- Test section --- -echo '*** Curling from intercepted server at' $ncvirtip -rm -rf "$file_path"*."$file_base" -touch "$bigfile_name" - -# Perform test -# curl --connect-timeout "$app_timeout_time" -v -o "$file_path$file_base" http://"$ncvirtip"/index.html -# Large transfer test -curl --connect-timeout "$app_timeout_time" -v -o "$bigfile_name" http://"$ncvirtip"/"$bigfile_name" - -# Check md5 -md5sum < "$bigfile_name" > "$rx_md5sumfile" -rx_md5sum=$(<$rx_md5sumfile) -tx_md5sum=$(<$tx_md5sumfile) - -echo '*** Comparing md5: ' "$rx_md5sum" ' and ' "$tx_md5sum" - -if [ "$rx_md5sum" != "$tx_md5sum" ]; -then - echo 'MD5 FAIL' - touch "$file_path$fail$test_name.txt" - printf 'Test: md5 sum did not match!\n' >> "$file_path$fail$test_name.txt" -else - echo 'MD5 OK' - touch "$file_path$ok$test_name.txt" - printf 'Test: md5 sum ok!\n' >> "$file_path$ok$test_name.txt" - cat "$rx_md5sumfile" >> "$file_path$ok$test_name.txt" - cat "$tx_md5sumfile" >> "$file_path$ok$test_name.txt" -fi - - - - - - - - - - - diff --git a/netcon/docker-test/httpd/httpd-2.4.18-1.fc23.x86_64/netcon_dockerfile b/netcon/docker-test/httpd/httpd-2.4.18-1.fc23.x86_64/netcon_dockerfile deleted file mode 100644 index 3053a832..00000000 --- a/netcon/docker-test/httpd/httpd-2.4.18-1.fc23.x86_64/netcon_dockerfile +++ /dev/null @@ -1,38 +0,0 @@ -# ZT Network Containers Test -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -# Install apps -RUN yum -y update -RUN yum -y install httpd-2.4.18-1.fc23.x86_64 -RUN yum clean all - -EXPOSE 9993/udp 80/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD netcon_identity.public /var/lib/zerotier-one/identity.public -ADD netcon_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -# Install syscall intercept library -ADD zerotier-intercept / -ADD libzerotierintercept.so / -RUN cp libzerotierintercept.so lib/libzerotierintercept.so -RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept -RUN /usr/bin/install -c zerotier-intercept /usr/bin - -ADD zerotier-cli / -ADD zerotier-netcon-service / - -# Install test scripts -ADD netcon_entrypoint.sh /netcon_entrypoint.sh -RUN chmod -v +x /netcon_entrypoint.sh - -# Start ZeroTier-One -CMD ["./netcon_entrypoint.sh"] diff --git a/netcon/docker-test/httpd/httpd-2.4.18-1.fc23.x86_64/netcon_entrypoint.sh b/netcon/docker-test/httpd/httpd-2.4.18-1.fc23.x86_64/netcon_entrypoint.sh deleted file mode 100644 index d2ab248a..00000000 --- a/netcon/docker-test/httpd/httpd-2.4.18-1.fc23.x86_64/netcon_entrypoint.sh +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile -bigfile_size=10M # size of file we want to use for the test -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` - dev=`/zerotier-cli listnetworks | grep -F "" | cut -d ' ' -f 8 | cut -d "_" -f 2 | sed "s/^<dev>//" | tr '\n' '\0'` -done -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Writing address to ' "$address_file" -echo $virtip4 > "$address_file" - -# --- Test section --- -# Generate large random file for transfer test, share md5sum for monitor container to check -echo '*** Generating ' "$bigfile_size" ' file' -dd if=/dev/urandom of=/var/www/html/"$bigfile_name" bs="$bigfile_size" count=1 -#md5sum /var/www/html/"$bigfile_name" >> "$tx_md5sumfile" -md5sum < /var/www/html/"$bigfile_name" > "$tx_md5sumfile" -echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" - -echo '*** Starting application...' -sleep 0.5 -rm -rf /run/httpd/* /tmp/httpd* - -export ZT_NC_NETWORK=/var/lib/zerotier-one/nc_"$dev" -export LD_PRELOAD=./libzerotierintercept.so -/usr/sbin/httpd -X diff --git a/netcon/docker-test/httpd/httpd_demo/htdocs/ZeroTierIcon.png b/netcon/docker-test/httpd/httpd_demo/htdocs/ZeroTierIcon.png Binary files differdeleted file mode 100644 index 4d9641b3..00000000 --- a/netcon/docker-test/httpd/httpd_demo/htdocs/ZeroTierIcon.png +++ /dev/null diff --git a/netcon/docker-test/httpd/httpd_demo/htdocs/index.html b/netcon/docker-test/httpd/httpd_demo/htdocs/index.html deleted file mode 100644 index 017e4493..00000000 --- a/netcon/docker-test/httpd/httpd_demo/htdocs/index.html +++ /dev/null @@ -1,69 +0,0 @@ -<!DOCTYPE html> -<html lang="en"> -<head> - <meta http-equiv="X-UA-Compatible" content="IE=edge"> - <meta charset="utf-8"> - <meta name="viewport" content="width=device-width, initial-scale=1"> - <link rel="stylesheet" href="http://bootswatch.com/cosmo/bootstrap.min.css"> - <title>ZeroTier Network Containers Preview</title> -</head> -<body> - -<br><br> - -<div class="container-fluid"> - <div class="row"> - <div class="col-xs-1 col-xs-offset-1"><img src="ZeroTierIcon.png" style="width: 100%; height: 100%;"></div> - <div class="col-xs-9"> - <h1>ZeroTier Network Containers Preview</h1> - (a.k.a. super bleeding edge pre-alphe pre-release demo) - </div> - </div> -</div> - -<br> -<hr> -<br> - -<div class="container-fluid"><div class="row"><div class="col-xs-10 col-xs-offset-1 lead"> - -<p><b>This page is being served from a Docker container with its own private TCP/IP microservice.</b></p> - -<p> -It's connected to a virtual network, but if you "docker exec" into it and look around you won't find any special devices. No special privileges or configuration changes on the Docker host were needed. Everything is completely "stock" and completely self-contained. -</p> - -<p> -There's nothing special about the web server. It's just Apache. There's nothing special about the Linux image. It's based on a regular Fedora Docker base image. Other than Apache, the only thing this image contains is the ZeroTier network containers microservice and dynamic library. -</p> - -<p> -When Apache is run, our launcher script configures it to load a special dynamic library. This library intercepts calls to the Linux C networking API, redirecting network I/O to our private network stack microservice instead of the standard Linux kernel network path. This microservice takes care of the rest, automatically encapsulating traffic and sending it over the virtual network instead of the physical. -</p> - -<p> -It's a bit like how networking would work on a microkernel: modular, composable, portable, and independent. -</p> - -<p> -Network Containers allows a Docker (or LXC, CoreOS/rkt, runc, OpenVZ, SmartOS/Triton, <a target="_blank" href="https://github.com/p8952/bocker">bocker</a>, or even just bare metal Linux) system to connect to virtual networks without requiring <u>any</u> special permissions or special configuration on the host node. Processes inside the container don't even need to run with root permissions. It's 100% user-space, making it ideal for multi-tenant deployments or any other situation where modifying the configuration of the host node is impossible or just inconvenient. -</p> - -<p> -Once properly tuned and optimized, Network Containers also has the potential to be much faster than tun/tap or pcap based network overlays. It imposes only a single context switch from application/service to virtual network microservice as opposed to at least four for tun/tap and pcap-based solutions, since the latter require two trips through the kernel network stack. We believe it may be possible to approach or even equal the performance of VXLAN/IPSec or other fully kernel-mode configurations, but with the ease and total independence of a fully container-based solution. -</p> - -<p> -We created this container image to show you a preview of one of the projects we've been working on at ZeroTier. We still have a good deal of packaging, testing, and performance optimization work to do before Network Containers will be ready for a real public beta release. Follow the <a href="https://www.zerotier.com/blog">blog</a> or <a href="https://twitter.com/zerotier">@zerotier</a> for updates and announcements. -</p> - -<p> -P.S. If you want to use ZeroTier in Docker today, you can do it with the same ZeroTier One endpoint service you're using to access this network. The only catch is that you have to launch your containers with "--device=/dev/net/tun --cap-add=NET_ADMIN". Network Containers eliminates the need for these special options. -</p> - -</div></div></div> - -<hr> - -</body> -</html> diff --git a/netcon/docker-test/httpd/httpd_demo/monitor_dockerfile b/netcon/docker-test/httpd/httpd_demo/monitor_dockerfile deleted file mode 100644 index 08f08ae1..00000000 --- a/netcon/docker-test/httpd/httpd_demo/monitor_dockerfile +++ /dev/null @@ -1,25 +0,0 @@ -# ZT Network Containers Test Monitor -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -EXPOSE 9993/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD monitor_identity.public /var/lib/zerotier-one/identity.public -ADD monitor_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / -ADD zerotier-one / -ADD zerotier-cli / - -# Install LWIP library used by service -ADD liblwip.so / -RUN mkdir -p ext/bin/lwip -RUN cp liblwip.so ext/bin/lwip/liblwip.so - -# Start ZeroTier-One -ADD monitor_entrypoint.sh /monitor_entrypoint.sh -RUN chmod -v +x /monitor_entrypoint.sh -CMD ["./monitor_entrypoint.sh"] diff --git a/netcon/docker-test/httpd/httpd_demo/monitor_entrypoint.sh b/netcon/docker-test/httpd/httpd_demo/monitor_entrypoint.sh deleted file mode 100644 index 79d4391d..00000000 --- a/netcon/docker-test/httpd/httpd_demo/monitor_entrypoint.sh +++ /dev/null @@ -1,86 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -netcon_wait_time=25 # wait for test container to come online -app_timeout_time=15 # app-specific timeout -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -fail=FAIL. # appended to result file in event of failure -ok=OK. # appended to result file in event of success -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile # large, random test transfer file -rx_md5sumfile="$file_path"rx_"$bigfile_name"_md5sum"$tmp_ext" -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test Monitor' -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' -echo '*** Waiting for initial identity generation...' -while [ ! -s /var/lib/zerotier-one/identity.secret ]; do - sleep 0.2 -done -echo '*** Waiting for network config...' -virtip4="" -while [ ! -s /var/lib/zerotier-one/networks.d/"$nwconf" ]; do - sleep 0.2 -done -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` -done -echo '*** Starting Test...' -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Sleeping for (' "$netcon_wait_time" 's ) while we wait for the Network Container to come online...' -sleep "$netcon_wait_time"s -ncvirtip=$(<$address_file) - - -# --- Test section --- -echo '*** Curling from intercepted server at' $ncvirtip -rm -rf "$file_path"*."$file_base" -touch "$bigfile_name" - -# Perform test -# curl --connect-timeout "$app_timeout_time" -v -o "$file_path$file_base" http://"$ncvirtip"/index.html -# Large transfer test -curl --connect-timeout "$app_timeout_time" -v -o "$bigfile_name" http://"$ncvirtip"/"$bigfile_name" - -# Check md5 -md5sum < "$bigfile_name" >> "$rx_md5sumfile" -rx_md5sum=$(<$rx_md5sumfile) -tx_md5sum=$(<$tx_md5sumfile) - -echo '*** Comparing md5: ' "$rx_md5sum" ' and ' "$tx_md5sum" - -if [ $rx_md5sum != $tx_md5sum ]; -then - echo 'MD5 FAIL' - touch "$file_path$fail$test_name.txt" - printf 'Test: md5 sum did not match!\n' >> "$file_path$fail$test_name.txt" -else - echo 'MD5 OK' - touch "$file_path$ok$test_name.txt" - printf 'Test: md5 sum ok!\n' >> "$file_path$ok$test_name.txt" -fi - - - - - - - - - - - diff --git a/netcon/docker-test/httpd/httpd_demo/netcon_dockerfile b/netcon/docker-test/httpd/httpd_demo/netcon_dockerfile deleted file mode 100644 index cf50e1d9..00000000 --- a/netcon/docker-test/httpd/httpd_demo/netcon_dockerfile +++ /dev/null @@ -1,45 +0,0 @@ -# ZT Network Containers Test -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -# Install apps -RUN yum -y update -RUN yum -y install httpd-2.4.17-3.fc23.x86_64 -RUN yum clean all - -EXPOSE 9993/udp - -#include Apache -ADD htdocs/index.html / -ADD htdocs/ZeroTierIcon.png / -RUN mv index.html /var/www/html/index.html -RUN mv ZeroTierIcon.png /var/www/html/ZeroTierIcon.png - -# Install syscall intercept library -ADD zerotier-intercept / -ADD libzerotierintercept.so / -RUN cp libzerotierintercept.so lib/libzerotierintercept.so -RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept -RUN /usr/bin/install -c zerotier-intercept /usr/bin - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD netcon_identity.public /var/lib/zerotier-one/identity.public -ADD netcon_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -ADD zerotier-cli / - -# Install test scripts -ADD netcon_entrypoint.sh /netcon_entrypoint.sh -RUN chmod -v +x /netcon_entrypoint.sh - -# Install LWIP library used by service -ADD liblwip.so / -RUN mkdir -p ext/bin/lwip -RUN cp liblwip.so ext/bin/lwip/liblwip.so - -# Start ZeroTier-One -CMD ["./netcon_entrypoint.sh"] diff --git a/netcon/docker-test/httpd/httpd_demo/netcon_entrypoint.sh b/netcon/docker-test/httpd/httpd_demo/netcon_entrypoint.sh deleted file mode 100644 index 5c42b6a6..00000000 --- a/netcon/docker-test/httpd/httpd_demo/netcon_entrypoint.sh +++ /dev/null @@ -1,54 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile -bigfile_size=10M # size of file we want to use for the test -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' -echo '*** Waiting for initial identity generation...' -while [ ! -s /var/lib/zerotier-one/identity.secret ]; do - sleep 0.2 -done -echo '*** Waiting for network config...' -virtip4="" -while [ ! -s /var/lib/zerotier-one/networks.d/"$nwconf" ]; do - sleep 0.2 -done -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` -done -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Writing address to ' "$address_file" -echo $virtip4 > "$address_file" - - -# --- Test section --- -# Generate large random file for transfer test, share md5sum for monitor container to check -echo '*** Generating ' "$bigfile_size" ' file' -dd if=/dev/urandom of=/var/www/html/"$bigfile_name" bs="$bigfile_size" count=1 -#md5sum /var/www/html/"$bigfile_name" >> "$tx_md5sumfile" -md5sum < /var/www/html/"$bigfile_name" >> "$tx_md5sumfile" -echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" - -echo '*** Starting application...' -sleep 0.5 -rm -rf /run/httpd/* /tmp/httpd* -zerotier-intercept /usr/sbin/httpd -X diff --git a/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/monitor_dockerfile b/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/monitor_dockerfile deleted file mode 100644 index d2d2a0cb..00000000 --- a/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/monitor_dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -# ZT Network Containers Test Monitor -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -EXPOSE 9993/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD monitor_identity.public /var/lib/zerotier-one/identity.public -ADD monitor_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -ADD zerotier-one / -ADD zerotier-cli / - -# Start ZeroTier-One -ADD monitor_entrypoint.sh /monitor_entrypoint.sh -RUN chmod -v +x /monitor_entrypoint.sh -CMD ["./monitor_entrypoint.sh"] diff --git a/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/monitor_entrypoint.sh b/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/monitor_entrypoint.sh deleted file mode 100644 index c8fca5a3..00000000 --- a/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/monitor_entrypoint.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -netcon_wait_time=35 # wait for test container to come online -app_timeout_time=25 # app-specific timeout -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -fail=FAIL. # appended to result file in event of failure -ok=OK. # appended to result file in event of success -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile # large, random test transfer file -rx_md5sumfile="$file_path"rx_"$bigfile_name"_md5sum"$tmp_ext" -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test Monitor' -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` -done -echo '*** Starting Test...' -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Sleeping for (' "$netcon_wait_time" 's ) while we wait for the Network Container to come online...' -sleep "$netcon_wait_time"s -ncvirtip=$(<$address_file) - - -# --- Test section --- -echo '*** Curling from intercepted server at' $ncvirtip -rm -rf "$file_path"*."$file_base" -touch "$bigfile_name" - -# Perform test -# curl --connect-timeout "$app_timeout_time" -v -o "$file_path$file_base" http://"$ncvirtip"/index.html -# Large transfer test -curl --connect-timeout "$app_timeout_time" -v -o "$bigfile_name" http://"$ncvirtip"/"$bigfile_name" - -# Check md5 -md5sum < "$bigfile_name" > "$rx_md5sumfile" -rx_md5sum=$(<$rx_md5sumfile) -tx_md5sum=$(<$tx_md5sumfile) - -echo '*** Comparing md5: ' "$rx_md5sum" ' and ' "$tx_md5sum" - -if [ "$rx_md5sum" != "$tx_md5sum" ]; -then - echo 'MD5 FAIL' - touch "$file_path$fail$test_name.txt" - printf 'Test: md5 sum did not match!\n' >> "$file_path$fail$test_name.txt" -else - echo 'MD5 OK' - touch "$file_path$ok$test_name.txt" - printf 'Test: md5 sum ok!\n' >> "$file_path$ok$test_name.txt" - cat "$rx_md5sumfile" >> "$file_path$ok$test_name.txt" - cat "$tx_md5sumfile" >> "$file_path$ok$test_name.txt" -fi - - - - - - - - - - - diff --git a/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/netcon_dockerfile b/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/netcon_dockerfile deleted file mode 100644 index cb9c1cc0..00000000 --- a/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/netcon_dockerfile +++ /dev/null @@ -1,43 +0,0 @@ -# ZT Network Containers Test -FROM ubuntu:14.04 -MAINTAINER https://www.zerotier.com/ - - -# Install -RUN \ - sed -i 's/# \(.*multiverse$\)/\1/g' /etc/apt/sources.list && \ - apt-get update && \ - apt-get -y upgrade && \ - apt-get -y install nginx - -EXPOSE 9993/udp 80/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD netcon_identity.public /var/lib/zerotier-one/identity.public -ADD netcon_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -# Install syscall intercept library -ADD zerotier-intercept / -ADD libzerotierintercept.so / -RUN cp libzerotierintercept.so lib/libzerotierintercept.so -RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept -RUN /usr/bin/install -c zerotier-intercept /usr/bin - -ADD zerotier-cli / -ADD zerotier-netcon-service / - -# Install test scripts -ADD netcon_entrypoint.sh /netcon_entrypoint.sh -RUN chmod -v +x /netcon_entrypoint.sh - -ADD nginx.conf_ / - -# Start ZeroTier-One -CMD ["./netcon_entrypoint.sh"] diff --git a/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/netcon_entrypoint.sh b/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/netcon_entrypoint.sh deleted file mode 100644 index b9b8ef71..00000000 --- a/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/netcon_entrypoint.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls {*.conf,}) # blank test network config file -nwid="${nwconf%.*}" # test network id -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile -bigfile_size=10M # size of file we want to use for the test -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` - dev=`/zerotier-cli listnetworks | grep -F "" | cut -d ' ' -f 8 | cut -d "_" -f 2 | sed "s/^<dev>//" | tr '\n' '\0'` -done -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Writing address to ' "$address_file" -echo $virtip4 > "$address_file" - -# --- Test section --- -cp -f nginx.conf_ /etc/nginx/nginx.conf -nginx_html_path=/usr/share/nginx/html/ -# Generate large random file for transfer test, share md5sum for monitor container to check -echo '*** Generating ' "$bigfile_size" ' file' -dd if=/dev/urandom of="$nginx_html_path$bigfile_name" bs="$bigfile_size" count=1 -#md5sum /var/www/html/"$bigfile_name" >> "$tx_md5sumfile" -md5sum < "$nginx_html_path$bigfile_name" > "$tx_md5sumfile" -echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" - -echo '*** Starting application...' -sleep 0.5 - -export ZT_NC_NETWORK=/var/lib/zerotier-one/nc_"$dev" -export LD_PRELOAD=./libzerotierintercept.so -nginx diff --git a/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/nginx.conf_ b/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/nginx.conf_ deleted file mode 100644 index 7069ef03..00000000 --- a/netcon/docker-test/nginx/nginx-1.4.6-1.ub14.x86_64/nginx.conf_ +++ /dev/null @@ -1,55 +0,0 @@ -# For more information on configuration, see: -# * Official English Documentation: http://nginx.org/en/docs/ -# * Official Russian Documentation: http://nginx.org/ru/docs/ - -user nginx; -worker_processes auto; -error_log /var/log/nginx/error.log; -pid /run/nginx.pid; - -events { - worker_connections 1024; -} - -http { - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 65; - types_hash_max_size 2048; - - include /etc/nginx/mime.types; - default_type application/octet-stream; - - # Load modular configuration files from the /etc/nginx/conf.d directory. - # See http://nginx.org/en/docs/ngx_core_module.html#include - # for more information. - include /etc/nginx/conf.d/*.conf; - - server { - listen 80 default_server; - #listen [::]:80 default_server; - server_name _; - root /usr/share/nginx/html; - - # Load configuration files for the default server block. - include /etc/nginx/default.d/*.conf; - - location / { - } - - error_page 404 /404.html; - location = /40x.html { - } - - error_page 500 502 503 504 /50x.html; - location = /50x.html { - } - } -} diff --git a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/monitor_dockerfile b/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/monitor_dockerfile deleted file mode 100644 index d2d2a0cb..00000000 --- a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/monitor_dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -# ZT Network Containers Test Monitor -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -EXPOSE 9993/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD monitor_identity.public /var/lib/zerotier-one/identity.public -ADD monitor_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -ADD zerotier-one / -ADD zerotier-cli / - -# Start ZeroTier-One -ADD monitor_entrypoint.sh /monitor_entrypoint.sh -RUN chmod -v +x /monitor_entrypoint.sh -CMD ["./monitor_entrypoint.sh"] diff --git a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/monitor_entrypoint.sh b/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/monitor_entrypoint.sh deleted file mode 100644 index c8fca5a3..00000000 --- a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/monitor_entrypoint.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -netcon_wait_time=35 # wait for test container to come online -app_timeout_time=25 # app-specific timeout -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -fail=FAIL. # appended to result file in event of failure -ok=OK. # appended to result file in event of success -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile # large, random test transfer file -rx_md5sumfile="$file_path"rx_"$bigfile_name"_md5sum"$tmp_ext" -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test Monitor' -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` -done -echo '*** Starting Test...' -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Sleeping for (' "$netcon_wait_time" 's ) while we wait for the Network Container to come online...' -sleep "$netcon_wait_time"s -ncvirtip=$(<$address_file) - - -# --- Test section --- -echo '*** Curling from intercepted server at' $ncvirtip -rm -rf "$file_path"*."$file_base" -touch "$bigfile_name" - -# Perform test -# curl --connect-timeout "$app_timeout_time" -v -o "$file_path$file_base" http://"$ncvirtip"/index.html -# Large transfer test -curl --connect-timeout "$app_timeout_time" -v -o "$bigfile_name" http://"$ncvirtip"/"$bigfile_name" - -# Check md5 -md5sum < "$bigfile_name" > "$rx_md5sumfile" -rx_md5sum=$(<$rx_md5sumfile) -tx_md5sum=$(<$tx_md5sumfile) - -echo '*** Comparing md5: ' "$rx_md5sum" ' and ' "$tx_md5sum" - -if [ "$rx_md5sum" != "$tx_md5sum" ]; -then - echo 'MD5 FAIL' - touch "$file_path$fail$test_name.txt" - printf 'Test: md5 sum did not match!\n' >> "$file_path$fail$test_name.txt" -else - echo 'MD5 OK' - touch "$file_path$ok$test_name.txt" - printf 'Test: md5 sum ok!\n' >> "$file_path$ok$test_name.txt" - cat "$rx_md5sumfile" >> "$file_path$ok$test_name.txt" - cat "$tx_md5sumfile" >> "$file_path$ok$test_name.txt" -fi - - - - - - - - - - - diff --git a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_dockerfile b/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_dockerfile deleted file mode 100644 index 8dcd5bf0..00000000 --- a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_dockerfile +++ /dev/null @@ -1,40 +0,0 @@ -# ZT Network Containers Test -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -# Install apps -RUN yum -y update -RUN yum -y install nginx-1:1.8.0-13.fc23.x86_64 -RUN yum clean all - -EXPOSE 9993/udp 80/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD netcon_identity.public /var/lib/zerotier-one/identity.public -ADD netcon_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -# Install syscall intercept library -ADD zerotier-intercept / -ADD libzerotierintercept.so / -RUN cp libzerotierintercept.so lib/libzerotierintercept.so -RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept -RUN /usr/bin/install -c zerotier-intercept /usr/bin - -ADD zerotier-cli / -ADD zerotier-netcon-service / - -# Install test scripts -ADD netcon_entrypoint.sh /netcon_entrypoint.sh -RUN chmod -v +x /netcon_entrypoint.sh - -ADD nginx.conf_ / - -# Start ZeroTier-One -CMD ["./netcon_entrypoint.sh"] diff --git a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_entrypoint.sh b/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_entrypoint.sh deleted file mode 100644 index b9b8ef71..00000000 --- a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_entrypoint.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls {*.conf,}) # blank test network config file -nwid="${nwconf%.*}" # test network id -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile -bigfile_size=10M # size of file we want to use for the test -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` - dev=`/zerotier-cli listnetworks | grep -F "" | cut -d ' ' -f 8 | cut -d "_" -f 2 | sed "s/^<dev>//" | tr '\n' '\0'` -done -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Writing address to ' "$address_file" -echo $virtip4 > "$address_file" - -# --- Test section --- -cp -f nginx.conf_ /etc/nginx/nginx.conf -nginx_html_path=/usr/share/nginx/html/ -# Generate large random file for transfer test, share md5sum for monitor container to check -echo '*** Generating ' "$bigfile_size" ' file' -dd if=/dev/urandom of="$nginx_html_path$bigfile_name" bs="$bigfile_size" count=1 -#md5sum /var/www/html/"$bigfile_name" >> "$tx_md5sumfile" -md5sum < "$nginx_html_path$bigfile_name" > "$tx_md5sumfile" -echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" - -echo '*** Starting application...' -sleep 0.5 - -export ZT_NC_NETWORK=/var/lib/zerotier-one/nc_"$dev" -export LD_PRELOAD=./libzerotierintercept.so -nginx diff --git a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/nginx.conf_ b/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/nginx.conf_ deleted file mode 100644 index 7069ef03..00000000 --- a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/nginx.conf_ +++ /dev/null @@ -1,55 +0,0 @@ -# For more information on configuration, see: -# * Official English Documentation: http://nginx.org/en/docs/ -# * Official Russian Documentation: http://nginx.org/ru/docs/ - -user nginx; -worker_processes auto; -error_log /var/log/nginx/error.log; -pid /run/nginx.pid; - -events { - worker_connections 1024; -} - -http { - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 65; - types_hash_max_size 2048; - - include /etc/nginx/mime.types; - default_type application/octet-stream; - - # Load modular configuration files from the /etc/nginx/conf.d directory. - # See http://nginx.org/en/docs/ngx_core_module.html#include - # for more information. - include /etc/nginx/conf.d/*.conf; - - server { - listen 80 default_server; - #listen [::]:80 default_server; - server_name _; - root /usr/share/nginx/html; - - # Load configuration files for the default server block. - include /etc/nginx/default.d/*.conf; - - location / { - } - - error_page 404 /404.html; - location = /40x.html { - } - - error_page 500 502 503 504 /50x.html; - location = /50x.html { - } - } -} diff --git a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/monitor_dockerfile b/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/monitor_dockerfile deleted file mode 100644 index d2d2a0cb..00000000 --- a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/monitor_dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -# ZT Network Containers Test Monitor -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -EXPOSE 9993/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD monitor_identity.public /var/lib/zerotier-one/identity.public -ADD monitor_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -ADD zerotier-one / -ADD zerotier-cli / - -# Start ZeroTier-One -ADD monitor_entrypoint.sh /monitor_entrypoint.sh -RUN chmod -v +x /monitor_entrypoint.sh -CMD ["./monitor_entrypoint.sh"] diff --git a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/monitor_entrypoint.sh b/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/monitor_entrypoint.sh deleted file mode 100644 index c8fca5a3..00000000 --- a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/monitor_entrypoint.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -netcon_wait_time=35 # wait for test container to come online -app_timeout_time=25 # app-specific timeout -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -fail=FAIL. # appended to result file in event of failure -ok=OK. # appended to result file in event of success -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile # large, random test transfer file -rx_md5sumfile="$file_path"rx_"$bigfile_name"_md5sum"$tmp_ext" -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test Monitor' -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` -done -echo '*** Starting Test...' -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Sleeping for (' "$netcon_wait_time" 's ) while we wait for the Network Container to come online...' -sleep "$netcon_wait_time"s -ncvirtip=$(<$address_file) - - -# --- Test section --- -echo '*** Curling from intercepted server at' $ncvirtip -rm -rf "$file_path"*."$file_base" -touch "$bigfile_name" - -# Perform test -# curl --connect-timeout "$app_timeout_time" -v -o "$file_path$file_base" http://"$ncvirtip"/index.html -# Large transfer test -curl --connect-timeout "$app_timeout_time" -v -o "$bigfile_name" http://"$ncvirtip"/"$bigfile_name" - -# Check md5 -md5sum < "$bigfile_name" > "$rx_md5sumfile" -rx_md5sum=$(<$rx_md5sumfile) -tx_md5sum=$(<$tx_md5sumfile) - -echo '*** Comparing md5: ' "$rx_md5sum" ' and ' "$tx_md5sum" - -if [ "$rx_md5sum" != "$tx_md5sum" ]; -then - echo 'MD5 FAIL' - touch "$file_path$fail$test_name.txt" - printf 'Test: md5 sum did not match!\n' >> "$file_path$fail$test_name.txt" -else - echo 'MD5 OK' - touch "$file_path$ok$test_name.txt" - printf 'Test: md5 sum ok!\n' >> "$file_path$ok$test_name.txt" - cat "$rx_md5sumfile" >> "$file_path$ok$test_name.txt" - cat "$tx_md5sumfile" >> "$file_path$ok$test_name.txt" -fi - - - - - - - - - - - diff --git a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_dockerfile b/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_dockerfile deleted file mode 100644 index 05cd51fb..00000000 --- a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_dockerfile +++ /dev/null @@ -1,40 +0,0 @@ -# ZT Network Containers Test -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -# Install apps -RUN yum -y update -RUN yum -y install nginx-1:1.8.0-14.fc23.x86_64 -RUN yum clean all - -EXPOSE 9993/udp 80/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD netcon_identity.public /var/lib/zerotier-one/identity.public -ADD netcon_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -# Install syscall intercept library -ADD zerotier-intercept / -ADD libzerotierintercept.so / -RUN cp libzerotierintercept.so lib/libzerotierintercept.so -RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept -RUN /usr/bin/install -c zerotier-intercept /usr/bin - -ADD zerotier-cli / -ADD zerotier-netcon-service / - -# Install test scripts -ADD netcon_entrypoint.sh /netcon_entrypoint.sh -RUN chmod -v +x /netcon_entrypoint.sh - -ADD nginx.conf_ / - -# Start ZeroTier-One -CMD ["./netcon_entrypoint.sh"] diff --git a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_entrypoint.sh b/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_entrypoint.sh deleted file mode 100644 index b9b8ef71..00000000 --- a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_entrypoint.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls {*.conf,}) # blank test network config file -nwid="${nwconf%.*}" # test network id -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile -bigfile_size=10M # size of file we want to use for the test -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` - dev=`/zerotier-cli listnetworks | grep -F "" | cut -d ' ' -f 8 | cut -d "_" -f 2 | sed "s/^<dev>//" | tr '\n' '\0'` -done -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Writing address to ' "$address_file" -echo $virtip4 > "$address_file" - -# --- Test section --- -cp -f nginx.conf_ /etc/nginx/nginx.conf -nginx_html_path=/usr/share/nginx/html/ -# Generate large random file for transfer test, share md5sum for monitor container to check -echo '*** Generating ' "$bigfile_size" ' file' -dd if=/dev/urandom of="$nginx_html_path$bigfile_name" bs="$bigfile_size" count=1 -#md5sum /var/www/html/"$bigfile_name" >> "$tx_md5sumfile" -md5sum < "$nginx_html_path$bigfile_name" > "$tx_md5sumfile" -echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" - -echo '*** Starting application...' -sleep 0.5 - -export ZT_NC_NETWORK=/var/lib/zerotier-one/nc_"$dev" -export LD_PRELOAD=./libzerotierintercept.so -nginx diff --git a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/nginx.conf_ b/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/nginx.conf_ deleted file mode 100644 index 7069ef03..00000000 --- a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/nginx.conf_ +++ /dev/null @@ -1,55 +0,0 @@ -# For more information on configuration, see: -# * Official English Documentation: http://nginx.org/en/docs/ -# * Official Russian Documentation: http://nginx.org/ru/docs/ - -user nginx; -worker_processes auto; -error_log /var/log/nginx/error.log; -pid /run/nginx.pid; - -events { - worker_connections 1024; -} - -http { - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 65; - types_hash_max_size 2048; - - include /etc/nginx/mime.types; - default_type application/octet-stream; - - # Load modular configuration files from the /etc/nginx/conf.d directory. - # See http://nginx.org/en/docs/ngx_core_module.html#include - # for more information. - include /etc/nginx/conf.d/*.conf; - - server { - listen 80 default_server; - #listen [::]:80 default_server; - server_name _; - root /usr/share/nginx/html; - - # Load configuration files for the default server block. - include /etc/nginx/default.d/*.conf; - - location / { - } - - error_page 404 /404.html; - location = /40x.html { - } - - error_page 500 502 503 504 /50x.html; - location = /50x.html { - } - } -} diff --git a/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/httpserver.js b/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/httpserver.js deleted file mode 100644 index b2401c50..00000000 --- a/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/httpserver.js +++ /dev/null @@ -1,7 +0,0 @@ -var http = require('http'); -var server = http.createServer(function (request, response) { - response.writeHead(200, {"Content-Type": "text/plain"}); - response.end("welcome to the machine!\n"); -}); -server.listen(8080); -console.log("Server running!"); diff --git a/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/monitor_dockerfile b/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/monitor_dockerfile deleted file mode 100644 index d2d2a0cb..00000000 --- a/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/monitor_dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -# ZT Network Containers Test Monitor -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -EXPOSE 9993/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD monitor_identity.public /var/lib/zerotier-one/identity.public -ADD monitor_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -ADD zerotier-one / -ADD zerotier-cli / - -# Start ZeroTier-One -ADD monitor_entrypoint.sh /monitor_entrypoint.sh -RUN chmod -v +x /monitor_entrypoint.sh -CMD ["./monitor_entrypoint.sh"] diff --git a/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/monitor_entrypoint.sh b/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/monitor_entrypoint.sh deleted file mode 100644 index 1701a467..00000000 --- a/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/monitor_entrypoint.sh +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -netcon_wait_time=25 # wait for test container to come online -app_timeout_time=15 # app-specific timeout -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -fail=FAIL. # appended to result file in event of failure -ok=OK. # appended to result file in event of success -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test Monitor' -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` -done -echo '*** Starting Test...' -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Sleeping for (' "$netcon_wait_time" 's ) while we wait for the Network Container to come online...' -sleep "$netcon_wait_time"s -ncvirtip=$(<$address_file) - - -# --- Test section --- -echo '*** Curling from intercepted server at' $ncvirtip -response_string=$(curl --connect-timeout "$app_timeout_time" -v http://"$ncvirtip":8080/) - -if [[ $response_string == *"welcome to the machine!"* ]] -then - echo 'NODEJS RESPONSE OK' - touch "$file_path$ok$test_name.txt" - printf 'Test: nodejs-server responded!\n' >> "$file_path$ok$test_name.txt" -else - echo 'NODEJS RESPONSE FAIL' - touch "$file_path$fail$test_name.txt" - printf 'Test: nodejs server did NOT respond!\n' >> "$file_path$fail$test_name.txt" -fi - - - - - - diff --git a/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_dockerfile b/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_dockerfile deleted file mode 100644 index 55f48a62..00000000 --- a/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_dockerfile +++ /dev/null @@ -1,41 +0,0 @@ -# ZT Network Containers Test -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -# Install apps -RUN yum -y update -RUN yum -y install nodejs -RUN yum clean all - -EXPOSE 9993/udp 8080/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD netcon_identity.public /var/lib/zerotier-one/identity.public -ADD netcon_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -# -ADD httpserver.js / - -# Install syscall intercept library -ADD zerotier-intercept / -ADD libzerotierintercept.so / -RUN cp libzerotierintercept.so lib/libzerotierintercept.so -RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept -RUN /usr/bin/install -c zerotier-intercept /usr/bin - -ADD zerotier-cli / -ADD zerotier-netcon-service / - -# Install test scripts -ADD netcon_entrypoint.sh /netcon_entrypoint.sh -RUN chmod -v +x /netcon_entrypoint.sh - -# Start ZeroTier-One -CMD ["./netcon_entrypoint.sh"] diff --git a/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_entrypoint.sh b/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_entrypoint.sh deleted file mode 100644 index 44e409d0..00000000 --- a/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_entrypoint.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` - dev=`/zerotier-cli listnetworks | grep -F "" | cut -d ' ' -f 8 | cut -d "_" -f 2 | sed "s/^<dev>//" | tr '\n' '\0'` -done -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Writing address to ' "$address_file" -echo $virtip4 > "$address_file" - -export ZT_NC_NETWORK=/var/lib/zerotier-one/nc_"$dev" -export LD_PRELOAD=./libzerotierintercept.so - -# --- Test section --- -echo '*** Starting application...' -sleep 0.5 -node httpserver.js
\ No newline at end of file diff --git a/netcon/docker-test/python/python/monitor_dockerfile b/netcon/docker-test/python/python/monitor_dockerfile deleted file mode 100644 index d2d2a0cb..00000000 --- a/netcon/docker-test/python/python/monitor_dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -# ZT Network Containers Test Monitor -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -EXPOSE 9993/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD monitor_identity.public /var/lib/zerotier-one/identity.public -ADD monitor_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -ADD zerotier-one / -ADD zerotier-cli / - -# Start ZeroTier-One -ADD monitor_entrypoint.sh /monitor_entrypoint.sh -RUN chmod -v +x /monitor_entrypoint.sh -CMD ["./monitor_entrypoint.sh"] diff --git a/netcon/docker-test/python/python/monitor_entrypoint.sh b/netcon/docker-test/python/python/monitor_entrypoint.sh deleted file mode 100644 index c8fca5a3..00000000 --- a/netcon/docker-test/python/python/monitor_entrypoint.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -netcon_wait_time=35 # wait for test container to come online -app_timeout_time=25 # app-specific timeout -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -fail=FAIL. # appended to result file in event of failure -ok=OK. # appended to result file in event of success -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile # large, random test transfer file -rx_md5sumfile="$file_path"rx_"$bigfile_name"_md5sum"$tmp_ext" -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test Monitor' -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` -done -echo '*** Starting Test...' -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Sleeping for (' "$netcon_wait_time" 's ) while we wait for the Network Container to come online...' -sleep "$netcon_wait_time"s -ncvirtip=$(<$address_file) - - -# --- Test section --- -echo '*** Curling from intercepted server at' $ncvirtip -rm -rf "$file_path"*."$file_base" -touch "$bigfile_name" - -# Perform test -# curl --connect-timeout "$app_timeout_time" -v -o "$file_path$file_base" http://"$ncvirtip"/index.html -# Large transfer test -curl --connect-timeout "$app_timeout_time" -v -o "$bigfile_name" http://"$ncvirtip"/"$bigfile_name" - -# Check md5 -md5sum < "$bigfile_name" > "$rx_md5sumfile" -rx_md5sum=$(<$rx_md5sumfile) -tx_md5sum=$(<$tx_md5sumfile) - -echo '*** Comparing md5: ' "$rx_md5sum" ' and ' "$tx_md5sum" - -if [ "$rx_md5sum" != "$tx_md5sum" ]; -then - echo 'MD5 FAIL' - touch "$file_path$fail$test_name.txt" - printf 'Test: md5 sum did not match!\n' >> "$file_path$fail$test_name.txt" -else - echo 'MD5 OK' - touch "$file_path$ok$test_name.txt" - printf 'Test: md5 sum ok!\n' >> "$file_path$ok$test_name.txt" - cat "$rx_md5sumfile" >> "$file_path$ok$test_name.txt" - cat "$tx_md5sumfile" >> "$file_path$ok$test_name.txt" -fi - - - - - - - - - - - diff --git a/netcon/docker-test/python/python/netcon_dockerfile b/netcon/docker-test/python/python/netcon_dockerfile deleted file mode 100644 index 6646f670..00000000 --- a/netcon/docker-test/python/python/netcon_dockerfile +++ /dev/null @@ -1,38 +0,0 @@ -# ZT Network Containers Test -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -# Install apps -RUN yum -y update -RUN yum -y install python -RUN yum clean all - -EXPOSE 9993/udp 80/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD netcon_identity.public /var/lib/zerotier-one/identity.public -ADD netcon_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -# Install syscall intercept library -ADD zerotier-intercept / -ADD libzerotierintercept.so / -RUN cp libzerotierintercept.so lib/libzerotierintercept.so -RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept -RUN /usr/bin/install -c zerotier-intercept /usr/bin - -ADD zerotier-cli / -ADD zerotier-netcon-service / - -# Install test scripts -ADD netcon_entrypoint.sh /netcon_entrypoint.sh -RUN chmod -v +x /netcon_entrypoint.sh - -# Start ZeroTier-One -CMD ["./netcon_entrypoint.sh"] diff --git a/netcon/docker-test/python/python/netcon_entrypoint.sh b/netcon/docker-test/python/python/netcon_entrypoint.sh deleted file mode 100644 index 5e1a19b8..00000000 --- a/netcon/docker-test/python/python/netcon_entrypoint.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile -bigfile_size=10M # size of file we want to use for the test -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` - dev=`/zerotier-cli listnetworks | grep -F "" | cut -d ' ' -f 8 | cut -d "_" -f 2 | sed "s/^<dev>//" | tr '\n' '\0'` -done -echo '--- Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Writing address to ' "$address_file" -echo $virtip4 > "$address_file" - -# --- Test section --- -# Generate large random file for transfer test, share md5sum for monitor container to check -echo '*** Generating ' "$bigfile_size" ' file' -dd if=/dev/urandom of="$bigfile_name" bs="$bigfile_size" count=1 -md5sum < "$bigfile_name" > "$tx_md5sumfile" -echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" - -echo '*** Starting application...' -sleep 0.5 - -export ZT_NC_NETWORK=/var/lib/zerotier-one/nc_"$dev" -export LD_PRELOAD=./libzerotierintercept.so -python -m SimpleHTTPServer 80 diff --git a/netcon/docker-test/python/python3/monitor_dockerfile b/netcon/docker-test/python/python3/monitor_dockerfile deleted file mode 100644 index d2d2a0cb..00000000 --- a/netcon/docker-test/python/python3/monitor_dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -# ZT Network Containers Test Monitor -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -EXPOSE 9993/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD monitor_identity.public /var/lib/zerotier-one/identity.public -ADD monitor_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -ADD zerotier-one / -ADD zerotier-cli / - -# Start ZeroTier-One -ADD monitor_entrypoint.sh /monitor_entrypoint.sh -RUN chmod -v +x /monitor_entrypoint.sh -CMD ["./monitor_entrypoint.sh"] diff --git a/netcon/docker-test/python/python3/monitor_entrypoint.sh b/netcon/docker-test/python/python3/monitor_entrypoint.sh deleted file mode 100644 index c8fca5a3..00000000 --- a/netcon/docker-test/python/python3/monitor_entrypoint.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -netcon_wait_time=35 # wait for test container to come online -app_timeout_time=25 # app-specific timeout -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -fail=FAIL. # appended to result file in event of failure -ok=OK. # appended to result file in event of success -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile # large, random test transfer file -rx_md5sumfile="$file_path"rx_"$bigfile_name"_md5sum"$tmp_ext" -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test Monitor' -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` -done -echo '*** Starting Test...' -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Sleeping for (' "$netcon_wait_time" 's ) while we wait for the Network Container to come online...' -sleep "$netcon_wait_time"s -ncvirtip=$(<$address_file) - - -# --- Test section --- -echo '*** Curling from intercepted server at' $ncvirtip -rm -rf "$file_path"*."$file_base" -touch "$bigfile_name" - -# Perform test -# curl --connect-timeout "$app_timeout_time" -v -o "$file_path$file_base" http://"$ncvirtip"/index.html -# Large transfer test -curl --connect-timeout "$app_timeout_time" -v -o "$bigfile_name" http://"$ncvirtip"/"$bigfile_name" - -# Check md5 -md5sum < "$bigfile_name" > "$rx_md5sumfile" -rx_md5sum=$(<$rx_md5sumfile) -tx_md5sum=$(<$tx_md5sumfile) - -echo '*** Comparing md5: ' "$rx_md5sum" ' and ' "$tx_md5sum" - -if [ "$rx_md5sum" != "$tx_md5sum" ]; -then - echo 'MD5 FAIL' - touch "$file_path$fail$test_name.txt" - printf 'Test: md5 sum did not match!\n' >> "$file_path$fail$test_name.txt" -else - echo 'MD5 OK' - touch "$file_path$ok$test_name.txt" - printf 'Test: md5 sum ok!\n' >> "$file_path$ok$test_name.txt" - cat "$rx_md5sumfile" >> "$file_path$ok$test_name.txt" - cat "$tx_md5sumfile" >> "$file_path$ok$test_name.txt" -fi - - - - - - - - - - - diff --git a/netcon/docker-test/python/python3/netcon_dockerfile b/netcon/docker-test/python/python3/netcon_dockerfile deleted file mode 100644 index f960fa30..00000000 --- a/netcon/docker-test/python/python3/netcon_dockerfile +++ /dev/null @@ -1,37 +0,0 @@ -# ZT Network Containers Test -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -# Install apps -RUN yum -y update -RUN yum clean all - -EXPOSE 9993/udp 80/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD netcon_identity.public /var/lib/zerotier-one/identity.public -ADD netcon_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -# Install syscall intercept library -ADD zerotier-intercept / -ADD libzerotierintercept.so / -RUN cp libzerotierintercept.so lib/libzerotierintercept.so -RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept -RUN /usr/bin/install -c zerotier-intercept /usr/bin - -ADD zerotier-cli / -ADD zerotier-netcon-service / - -# Install test scripts -ADD netcon_entrypoint.sh /netcon_entrypoint.sh -RUN chmod -v +x /netcon_entrypoint.sh - -# Start ZeroTier-One -CMD ["./netcon_entrypoint.sh"] diff --git a/netcon/docker-test/python/python3/netcon_entrypoint.sh b/netcon/docker-test/python/python3/netcon_entrypoint.sh deleted file mode 100644 index c3c8b281..00000000 --- a/netcon/docker-test/python/python3/netcon_entrypoint.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile -bigfile_size=10M # size of file we want to use for the test -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` - dev=`/zerotier-cli listnetworks | grep -F "" | cut -d ' ' -f 8 | cut -d "_" -f 2 | sed "s/^<dev>//" | tr '\n' '\0'` -done -echo '--- Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Writing address to ' "$address_file" -echo $virtip4 > "$address_file" - -# --- Test section --- -# Generate large random file for transfer test, share md5sum for monitor container to check -echo '*** Generating ' "$bigfile_size" ' file' -dd if=/dev/urandom of="$bigfile_name" bs="$bigfile_size" count=1 -md5sum < "$bigfile_name" > "$tx_md5sumfile" -echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" - -echo '*** Starting application...' -sleep 0.5 - -export ZT_NC_NETWORK=/var/lib/zerotier-one/nc_"$dev" -export LD_PRELOAD=./libzerotierintercept.so -python3 -m http.server 80 diff --git a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/hello.lua b/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/hello.lua deleted file mode 100644 index 59a2dea6..00000000 --- a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/hello.lua +++ /dev/null @@ -1,3 +0,0 @@ -local msg = "welcome to the machine!" -redis.call("SET", "msg", msg) -return redis.call("GET", "msg") diff --git a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/monitor_dockerfile b/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/monitor_dockerfile deleted file mode 100644 index e6cd65a3..00000000 --- a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/monitor_dockerfile +++ /dev/null @@ -1,28 +0,0 @@ -# ZT Network Containers Test Monitor -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -RUN yum -y install redis-3.0.4-1.fc23.x86_64 - -EXPOSE 9993/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD monitor_identity.public /var/lib/zerotier-one/identity.public -ADD monitor_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -ADD hello.lua / - -ADD zerotier-one / -ADD zerotier-cli / - -# Start ZeroTier-One -ADD monitor_entrypoint.sh /monitor_entrypoint.sh -RUN chmod -v +x /monitor_entrypoint.sh -CMD ["./monitor_entrypoint.sh"] diff --git a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/monitor_entrypoint.sh b/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/monitor_entrypoint.sh deleted file mode 100644 index 087f50bb..00000000 --- a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/monitor_entrypoint.sh +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -netcon_wait_time=25 # wait for test container to come online -app_timeout_time=15 # app-specific timeout -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -fail=FAIL. # appended to result file in event of failure -ok=OK. # appended to result file in event of success -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test Monitor' -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` -done -echo '*** Starting Test...' -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Sleeping for (' "$netcon_wait_time" 's ) while we wait for the Network Container to come online...' -sleep "$netcon_wait_time"s -ncvirtip=$(<$address_file) - - -# --- Test section --- -echo '*** Running lua script against redis host at' $ncvirtip -redis-cli -h $ncvirtip EVAL "$(cat hello.lua)" 0 > redis_response.txt -response_string=$(<redis_response.txt) - -if [[ $response_string == *"welcome to the machine!"* ]] -then - echo 'REDIS RESPONSE OK' - touch "$file_path$ok$test_name.txt" - printf 'Test: redis-server responded!\n' >> "$file_path$ok$test_name.txt" -else - echo 'REDIS RESPONSE FAIL' - touch "$file_path$fail$test_name.txt" - printf 'Test: redis server did NOT respond!\n' >> "$file_path$fail$test_name.txt" -fi - - - - diff --git a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_dockerfile b/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_dockerfile deleted file mode 100644 index c5b0773b..00000000 --- a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_dockerfile +++ /dev/null @@ -1,38 +0,0 @@ -# ZT Network Containers Test -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -# Install apps -RUN yum -y update -RUN yum -y install redis-3.0.4-1.fc23.x86_64 -RUN yum clean all - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD netcon_identity.public /var/lib/zerotier-one/identity.public -ADD netcon_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -EXPOSE 9993/udp 6379/udp - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -# Install syscall intercept library -ADD zerotier-intercept / -ADD libzerotierintercept.so / -RUN cp libzerotierintercept.so lib/libzerotierintercept.so -RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept -RUN /usr/bin/install -c zerotier-intercept /usr/bin - -ADD zerotier-cli / -Add zerotier-netcon-service / - -# Install test scripts -ADD netcon_entrypoint.sh /netcon_entrypoint.sh -RUN chmod -v +x /netcon_entrypoint.sh - -# Start ZeroTier-One -CMD ["./netcon_entrypoint.sh"] diff --git a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_entrypoint.sh b/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_entrypoint.sh deleted file mode 100644 index b422d174..00000000 --- a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_entrypoint.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` - dev=`/zerotier-cli listnetworks | grep -F "" | cut -d ' ' -f 8 | cut -d "_" -f 2 | sed "s/^<dev>//" | tr '\n' '\0'` -done -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Writing address to ' "$address_file" -echo $virtip4 > "$address_file" - -# --- Test section --- -echo '*** Starting application...' -sleep 0.5 - -export ZT_NC_NETWORK=/var/lib/zerotier-one/nc_"$dev" -export LD_PRELOAD=./libzerotierintercept.so -/usr/bin/redis-server --port 6379 diff --git a/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/monitor_dockerfile b/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/monitor_dockerfile deleted file mode 100644 index d2d2a0cb..00000000 --- a/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/monitor_dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -# ZT Network Containers Test Monitor -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -EXPOSE 9993/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD monitor_identity.public /var/lib/zerotier-one/identity.public -ADD monitor_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -ADD zerotier-one / -ADD zerotier-cli / - -# Start ZeroTier-One -ADD monitor_entrypoint.sh /monitor_entrypoint.sh -RUN chmod -v +x /monitor_entrypoint.sh -CMD ["./monitor_entrypoint.sh"] diff --git a/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/monitor_entrypoint.sh b/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/monitor_entrypoint.sh deleted file mode 100644 index 0756bc6a..00000000 --- a/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/monitor_entrypoint.sh +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -netcon_wait_time=25 # wait for test container to come online -app_timeout_time=15 # app-specific timeout -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -fail=FAIL. # appended to result file in event of failure -ok=OK. # appended to result file in event of success -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile # large, random test transfer file -rx_md5sumfile="$file_path"rx_"$bigfile_name"_md5sum"$tmp_ext" -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test Monitor' -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -su daemon -s /bin/bash -c '/zerotier-one -d -U -p9993 >>/tmp/zerotier-one.out 2>&1' -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` -done -echo '*** Starting Test...' -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Sleeping for (' "$netcon_wait_time" 's ) while we wait for the Network Container to come online...' -sleep "$netcon_wait_time"s -ncvirtip=$(<$address_file) - - -# --- Test section --- -echo '*** Copying file to intercepted server at' $ncvirtip -touch "$bigfile_name" - -# Check md5 -md5sum < "$bigfile_name" > "$rx_md5sumfile" -tx_md5sum=$(<$tx_md5sumfile) - -# ... - - - - - - - - diff --git a/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/netcon_dockerfile b/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/netcon_dockerfile deleted file mode 100644 index 39e00a81..00000000 --- a/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/netcon_dockerfile +++ /dev/null @@ -1,37 +0,0 @@ -# ZT Network Containers Test -FROM fedora:23 -MAINTAINER https://www.zerotier.com/ - -# Install apps -RUN yum -y update -RUN yum -y install openssh-server -RUN yum clean all - -EXPOSE 9993/udp - -# Add ZT files -RUN mkdir -p /var/lib/zerotier-one/networks.d -ADD netcon_identity.public /var/lib/zerotier-one/identity.public -ADD netcon_identity.secret /var/lib/zerotier-one/identity.secret -ADD *.conf /var/lib/zerotier-one/networks.d/ -ADD *.conf / -ADD *.name / - -# Install LWIP library used by service -ADD liblwip.so /var/lib/zerotier-one/liblwip.so - -# Install syscall intercept library -ADD zerotier-intercept / -ADD libzerotierintercept.so / -RUN cp libzerotierintercept.so lib/libzerotierintercept.so -RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept -RUN /usr/bin/install -c zerotier-intercept /usr/bin - -ADD zerotier-cli / - -# Install test scripts -ADD netcon_entrypoint.sh /netcon_entrypoint.sh -RUN chmod -v +x /netcon_entrypoint.sh - -# Start ZeroTier-One -CMD ["./netcon_entrypoint.sh"] diff --git a/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/netcon_entrypoint.sh b/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/netcon_entrypoint.sh deleted file mode 100644 index b52b9f69..00000000 --- a/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/netcon_entrypoint.sh +++ /dev/null @@ -1,52 +0,0 @@ -#!/bin/bash - -export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/ - - -# --- Test Parameters --- -test_namefile=$(ls *.name) -test_name="${test_namefile%.*}" # test network id -nwconf=$(ls *.conf) # blank test network config file -nwid="${nwconf%.*}" # test network id -file_path=/opt/results/ # test result output file path (fs shared between host and containers) -file_base="$test_name".txt # test result output file -tmp_ext=.tmp # temporary filetype used for sharing test data between containers -address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host and containers for sharing address (optional) -bigfile_name=bigfile -bigfile_size=10M # size of file we want to use for the test -tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" - - -# --- Network Config --- -echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-one -chgrp -R daemon /var/lib/zerotier-one -./zerotier-one -d -U -p9993 -virtip4="" -while [ -z "$virtip4" ]; do - sleep 0.2 - virtip4=`/zerotier-cli listnetworks | grep -F $nwid | cut -d ' ' -f 9 | sed 's/,/\n/g' | grep -F '.' | cut -d / -f 1` - dev=`/zerotier-cli listnetworks | grep -F "" | cut -d ' ' -f 8 | cut -d "_" -f 2 | sed "s/^<dev>//" | tr '\n' '\0'` -done -echo '*** Up and running at' $virtip4 ' on network: ' $nwid -echo '*** Writing address to ' "$address_file" -echo $virtip4 > "$address_file" - -export ZT_NC_NWID=$dev - -# --- Test section --- -# Generate large random file for transfer test, share md5sum for monitor container to check -echo '*** Generating ' "$bigfile_size" ' file' -dd if=/dev/urandom of=/var/www/html/"$bigfile_name" bs="$bigfile_size" count=1 -md5sum < /var/www/html/"$bigfile_name" > "$tx_md5sumfile" -echo '*** Wrote MD5 sum to ' "$tx_md5sumfile" - -echo '*** Starting application...' -sleep 0.5 - -# wait for rsa public key from monitor -#while [ ! -s "$file_path$rsa_public_key_file" ]; do -# sleep 0.2 -#done - -zerotier-intercept /usr/sbin/sshd diff --git a/netcon/docker-test/test.sh b/netcon/docker-test/test.sh deleted file mode 100755 index 03e86011..00000000 --- a/netcon/docker-test/test.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash - -# Runs test images - -echo "*** Running unit tests..." - -# Remove previous test results -rm _results/*.txt - -# How long we shall wait for each test to conclude -export netcon_test_wait_time=60s - -# Test structure, in later releases more complex multi-party scripts will be included -export test_script=_two_party_test.sh - -# Iterate over all depth=2 (relatively-speaking) directories and perform each test -find . -mindepth 2 -maxdepth 2 -type d | while read testdir; do - - if [[ $testdir != *$1* ]] - then - continue - fi - - echo "*** Testing: '$testdir'..." - rm _results/*.tmp - - # Stage scripts - cp $test_script $testdir/$test_script - cd $testdir - - # Run test - ./$test_script - rm $test_script - - cd ../../ -done - -echo "*** Done" diff --git a/netcon/httpserver.js b/netcon/httpserver.js deleted file mode 100644 index 5c2c0116..00000000 --- a/netcon/httpserver.js +++ /dev/null @@ -1,7 +0,0 @@ -var http = require('http'); -var server = http.createServer(function (request, response) { - response.writeHead(200, {"Content-Type": "text/plain"}); - response.end("\n\nWelcome to the machine!\n\n"); -}); -server.listen(80); -console.log("Server running!"); diff --git a/netcon/httpstub.c b/netcon/httpstub.c deleted file mode 100644 index e5efaecc..00000000 --- a/netcon/httpstub.c +++ /dev/null @@ -1,542 +0,0 @@ -/* A simple http server for performance test. - Copyright (C) 2013 Sun, Junyi <ccnusjy@gmail.com> */ - -/* https://github.com/fxsjy/httpstub */ - -#include <sys/time.h> -#include <sys/types.h> -#include <ctype.h> -#include <stdio.h> -#include <stdlib.h> -#include <stdarg.h> -#include <string.h> -#include <getopt.h> -#include <unistd.h> -#include <sys/socket.h> -#include <sys/stat.h> -#include <sys/mman.h> -#include <sys/wait.h> -#include <sys/sendfile.h> -#include <netinet/in.h> -#include <arpa/inet.h> -#include <netinet/tcp.h> -#include <net/if.h> -#include <fcntl.h> -#include <time.h> -#include <sys/ioctl.h> -#include <errno.h> -#include <assert.h> -#include <signal.h> -#include <sys/epoll.h> -#include <pthread.h> -#include <errno.h> - -#define MAX_EPOLL_FD 4096 -#define MAX_BUF_SIZE (1<<20) -#define WORKER_COUNT 2 - -int ep_fd[WORKER_COUNT],listen_fd; -int g_delay; -int g_shutdown_flag; -int g_quiet; -FILE *g_logger; -int g_pipe[WORKER_COUNT][2]; - -enum version_t { - HTTP_1_0 = 10, - HTTP_1_1 = 11 -}; -struct io_data_t { - int fd; - struct sockaddr_in addr; - char *in_buf; - char *out_buf; - int in_buf_cur; - int out_buf_cur; - int out_buf_total; - int keep_alive; - enum version_t version; -}; - -struct slice_t { - char *begin; - size_t size; -}; - -struct thread_data_t{ - struct slice_t data_from_file; - int myep_fd; - int mypipe_fd; -}; - -static void *handle_io_loop(void *param); - -static void httpstub_log(const char *fmt, ...); - -static void setnonblocking(int fd) -{ - int opts; - opts = fcntl(fd, F_GETFL); - if (opts < 0) { - fprintf(stderr, "fcntl failed\n"); - return; - } - opts = opts | O_NONBLOCK; - if (fcntl(fd, F_SETFL, opts) < 0) { - fprintf(stderr, "fcntl failed\n"); - return; - } - return; -} - -static void usage() -{ - printf("usage: httpstub -p <port> -f <data file> -d <delay (ms)> [-q quiet] \n"); -} - -static struct slice_t load_data(char *fname) -{ - struct stat buf; - char *bin = NULL; - FILE *fptr; - int ret; - struct slice_t result; - ret = stat(fname, &buf); - if (ret < 0) { - printf("open %s failed\n", fname); - perror(""); - exit(1); - } - printf(">> size of %s is %d\n", fname, (int)buf.st_size); - if (buf.st_size <= 0) { - printf("the file is empty or broken\n"); - exit(1); - } - if (buf.st_size <= 0 || buf.st_size > MAX_BUF_SIZE) { - printf("file is too large\n"); - exit(1); - } - bin = (char *)malloc(sizeof(char) * buf.st_size + 1); - bin[buf.st_size] = '\0'; - result.size = buf.st_size; - result.begin = bin; - fptr = fopen(fname, "rb"); - if(fread(bin, buf.st_size, 1, fptr)<=0){ - perror("failed to read file"); - exit(1); - }; - fclose(fptr); - return result; -} - -static struct io_data_t * alloc_io_data(int client_fd, struct sockaddr_in *client_addr) -{ - struct io_data_t *io_data_ptr = (struct io_data_t *)malloc(sizeof(struct io_data_t)); - io_data_ptr->fd = client_fd; - io_data_ptr->in_buf = (char *)malloc(4096); - io_data_ptr->out_buf = (char *)malloc(MAX_BUF_SIZE); - io_data_ptr->in_buf_cur = 0; - io_data_ptr->out_buf_cur = 0; - io_data_ptr->keep_alive = 1; - if (client_addr) - io_data_ptr->addr = *client_addr; - return io_data_ptr; -} - -static void destroy_io_data(struct io_data_t *io_data_ptr) -{ - if(NULL == io_data_ptr)return; - if(io_data_ptr->in_buf)free(io_data_ptr->in_buf); - if(io_data_ptr->out_buf)free(io_data_ptr->out_buf); - io_data_ptr->in_buf = NULL; - io_data_ptr->out_buf = NULL; - free(io_data_ptr); -} - -void exit_hook(int number) -{ - close(listen_fd); - g_shutdown_flag=1; - printf(">> [%d]will shutdown...[%d]\n", getpid(),number); -} - -int main(int argc, char **argv) -{ - const char *ip_binding = "0.0.0.0"; - int port_listening = 8402; - char *data_file=NULL; - int opt; - int on = 1; - - int client_fd=0; - int worker_count=WORKER_COUNT,i; - register int worker_pointer = 0; - - struct sockaddr_in server_addr; - struct slice_t data_from_file; - - pthread_t tid[WORKER_COUNT]; - pthread_attr_t tattr[WORKER_COUNT]; - struct thread_data_t tdata[WORKER_COUNT]; - - char ip_buf[256] = { 0 }; - struct sockaddr_in client_addr; - socklen_t client_n; - - - g_delay = 0; - g_shutdown_flag = 0; - if (argc == 1) { - usage(); - return 1; - } - g_quiet = 0; - while ((opt = getopt(argc, argv, "l:p:f:d:hq")) != -1) { - switch (opt) { - case 'l': - ip_binding = strdup(optarg); - break; - case 'p': - port_listening = atoi(optarg); - if (port_listening == 0) { - printf(">> invalid port : %s\n", optarg); - exit(1); - } - break; - case 'f': - data_file = strdup(optarg); - break; - case 'd': - g_delay = atoi(optarg); - break; - case 'q': - g_quiet = 1; - break; - case 'h': - usage(); - return 1; - } - - } - printf(">> IP listening:%s\n", ip_binding); - printf(">> port: %d\n", port_listening); - printf(">> data_file: %s\n", data_file); - printf(">> reponse delay(MS): %d\n", g_delay); - printf(">> quite:%d\n",g_quiet); - - if (NULL == data_file || strlen(data_file) == 0) { - printf("\033[31m-data file is needed!~ \033[0m\n"); - usage(); - return 1; - } - - g_logger = fopen("stub.log", "a"); - if (g_logger ==NULL) { - perror("create log file stub.log failed."); - exit(1); - } - - data_from_file = load_data(data_file); - - signal(SIGPIPE, SIG_IGN); - signal(SIGINT, exit_hook); - signal(SIGKILL, exit_hook); - signal(SIGQUIT, exit_hook); - signal(SIGTERM, exit_hook); - signal(SIGHUP, exit_hook); - - for(i=0;i<WORKER_COUNT;i++){ - if(pipe(g_pipe[i])<0){ - perror("failed to create pipe"); - exit(1); - } - } - - listen_fd = socket(AF_INET, SOCK_STREAM, 0); - if (-1 == listen_fd) { - perror("listen faild!"); - exit(-1); - } - - setsockopt(listen_fd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)); - setsockopt(listen_fd, IPPROTO_TCP, TCP_NODELAY, (int[]) {1}, sizeof(int)); - setsockopt(listen_fd, IPPROTO_TCP, TCP_QUICKACK, (int[]) {1}, sizeof(int)); - - memset(&server_addr, 0, sizeof(server_addr)); - server_addr.sin_family = AF_INET; - server_addr.sin_port = htons((short)port_listening); - server_addr.sin_addr.s_addr = inet_addr(ip_binding); - - if (-1 == bind(listen_fd, (struct sockaddr *)&server_addr, sizeof(server_addr))) { - perror("bind error"); - exit(-1); - } - - if (-1 == listen(listen_fd, 32)) { - perror("listen error"); - exit(-1); - } - - for(i=0;i<worker_count;i++){ - ep_fd[i] = epoll_create(MAX_EPOLL_FD); - if(ep_fd[i]<0){ - perror("epoll_create failed."); - exit(-1); - } - } - - for(i=0;i<worker_count;i++){ - pthread_attr_init(tattr+i); - pthread_attr_setdetachstate(tattr+i, PTHREAD_CREATE_JOINABLE); - tdata[i].data_from_file = data_from_file; - tdata[i].myep_fd = ep_fd[i]; - tdata[i].mypipe_fd = g_pipe[i][0]; - if (pthread_create(tid+i, tattr+i, handle_io_loop, tdata+i ) != 0) { - fprintf(stderr, "pthread_create failed\n"); - return -1; - } - - } - - - while(1){ - if ((client_fd = accept(listen_fd, (struct sockaddr *)&client_addr, &client_n)) > 0) { - if(write(g_pipe[worker_pointer][1],(char*)&client_fd,4)<0){ - perror("failed to write pipe"); - exit(1); - } - inet_ntop(AF_INET, &client_addr.sin_addr, ip_buf, sizeof(ip_buf)); - httpstub_log("[CONN]Connection from %s", ip_buf); - worker_pointer++; - if(worker_pointer == worker_count) worker_pointer=0; - } - else if(errno == EBADF && g_shutdown_flag){ - break; - } - else{ - if(0 == g_shutdown_flag){ - perror("please check ulimit -n"); - sleep(1); - } - } - } - - free(data_from_file.begin); - - for(i=0; i< worker_count; i++){ - close(ep_fd[i]); - } - - if(client_fd<0 && 0==g_shutdown_flag){ - perror("Accep failed, try ulimit -n"); - httpstub_log("[ERROR]too many fds open, try ulimit -n"); - g_shutdown_flag = 1; - } - fclose(g_logger); - printf(">> [%d]waiting worker thread....\n",getpid()); - - for(i=0; i< worker_count; i++) - pthread_join(tid[i], NULL); - - printf(">> [%d]Bye~\n",getpid()); - return 0; -} - -static void destroy_fd(int myep_fd, int client_fd, struct io_data_t *data_ptr, int case_no) -{ - struct epoll_event ev; - ev.data.ptr = data_ptr; - epoll_ctl(myep_fd, EPOLL_CTL_DEL, client_fd, &ev); - shutdown(client_fd, SHUT_RDWR); - close(client_fd); - destroy_io_data(data_ptr); - httpstub_log("[DEBUG] close case %d",case_no); -} - -static void httpstub_log(const char *fmt, ...) -{ - if(0 == g_quiet){ - char msg[4096]; - char buf[64]; - time_t now = time(NULL); - va_list ap; - va_start(ap, fmt); - vsnprintf(msg, sizeof(msg), fmt, ap); - va_end(ap); - strftime(buf, sizeof(buf), "%d %b %H:%M:%S", localtime(&now)); - fprintf(g_logger, "[%d] %s %s\n", (int)getpid(), buf, msg); - fflush(g_logger); - } -} - -static void handle_output(int myep_fd, struct io_data_t *client_io_ptr) -{ - int cfd, ret, case_no; - struct epoll_event ev; - - cfd = client_io_ptr->fd; - ret = send(cfd, client_io_ptr->out_buf + client_io_ptr->out_buf_cur, client_io_ptr->out_buf_total - client_io_ptr->out_buf_cur, MSG_NOSIGNAL); - if (ret >= 0) - client_io_ptr->out_buf_cur += ret; - - httpstub_log("[DEBUG]out_buf_cur %d", client_io_ptr->out_buf_cur); - httpstub_log("[DEBUG]out_buf_total %d", client_io_ptr->out_buf_total); - - //printf("ret:%d\n",ret); - //printf("errno:%d\n", errno); - if (0 == ret || (ret < 0 && errno != EAGAIN && errno != EWOULDBLOCK)) { - //printf("loose 2\n"); - case_no = 2; - //perror("send"); - //printf("cfd: %d\n", cfd); - destroy_fd(myep_fd, cfd, client_io_ptr, case_no); - return; - } - if (client_io_ptr->out_buf_cur == client_io_ptr->out_buf_total) { //have sent all - httpstub_log("[NOTICE] all messages have been sent.(%d bytes)", client_io_ptr->out_buf_total); - //printf("alive: %d\n", client_io_ptr->keep_alive); - if (client_io_ptr->version == HTTP_1_0 && 0 == client_io_ptr->keep_alive) { - case_no = 4; - destroy_fd(myep_fd, cfd, client_io_ptr, case_no); - return; - } - ev.data.ptr = client_io_ptr; - ev.events = EPOLLIN; - epoll_ctl(myep_fd, EPOLL_CTL_MOD, cfd, &ev); - } - -} - - -static void handle_input(int myep_fd, struct io_data_t *client_io_ptr, struct slice_t data_from_file, const char *rsps_msg_fmt, int delay) -{ - int npos = 0; - int total = 0; - int ret = 0; - int case_no = 0; - char headmsg[256]; - char *sep = NULL; - const char *CRLF = "\r\n\r\n"; - const char *LF = "\n\n"; - const char *sep_flag=NULL; - - struct epoll_event ev; - int cfd = client_io_ptr->fd; - int pkg_len = 0; - - assert(client_io_ptr->in_buf_cur >= 0); - ret = recv(cfd, client_io_ptr->in_buf + client_io_ptr->in_buf_cur, 512, MSG_DONTWAIT); - //printf("%u\n",(unsigned int)pthread_self()); - if (0 == ret || (ret < 0 && errno != EAGAIN && errno != EWOULDBLOCK)) { - case_no = 1; - //perror("++++++++"); - destroy_fd(myep_fd, cfd, client_io_ptr, case_no); - return; - } - - client_io_ptr->in_buf_cur += ret; - client_io_ptr->in_buf[client_io_ptr->in_buf_cur] = '\0'; - - sep = strstr(client_io_ptr->in_buf, CRLF); - if (NULL == sep) { - sep = strstr(client_io_ptr->in_buf, LF); - if (NULL == sep) - return; - else - sep_flag = LF; - } else { - sep_flag = CRLF; - } - - if (strstr(client_io_ptr->in_buf, "GET ") == client_io_ptr->in_buf) { - if (strstr(client_io_ptr->in_buf, "HTTP/1.0") != NULL) { - client_io_ptr->version = HTTP_1_0; - if (NULL == strstr(client_io_ptr->in_buf, "Connection: Keep-Alive")) { - client_io_ptr->keep_alive = 0; - } - } else { - client_io_ptr->version = HTTP_1_1; - } - } - npos = strcspn(client_io_ptr->in_buf, "\r\n"); - if (npos > 250) - npos = 250; - memcpy(headmsg, client_io_ptr->in_buf, npos); - headmsg[npos] = '\0'; - httpstub_log("[RECV] %s ", headmsg); - - pkg_len = sep - client_io_ptr->in_buf + strlen(sep_flag); - - assert(pkg_len >= 0); - assert(client_io_ptr->in_buf_cur - pkg_len >= 0); - memmove(client_io_ptr->in_buf, sep + strlen(sep_flag), client_io_ptr->in_buf_cur - pkg_len); - client_io_ptr->in_buf_cur -= pkg_len; - - client_io_ptr->out_buf_cur = 0; - total = snprintf(client_io_ptr->out_buf, MAX_BUF_SIZE, rsps_msg_fmt, data_from_file.size); - memcpy(client_io_ptr->out_buf + total, data_from_file.begin, data_from_file.size); - total += data_from_file.size; - httpstub_log("[DEBUG]total:%d", total); - client_io_ptr->out_buf_total = total; - - ev.data.ptr = client_io_ptr; - ev.events = EPOLLOUT; - epoll_ctl(myep_fd, EPOLL_CTL_MOD, cfd, &ev); - if (delay > 0) { - //printf("usleep: %d\n",(int)(g_delay*2000/nfds) ); - usleep(delay); - } -} - -static void * handle_io_loop(void *param) -{ - register int i; - int cfd, nfds, case_no, new_sock_fd; - struct epoll_event events[MAX_EPOLL_FD],ev; - - const char *rsps_msg_fmt = "HTTP/1.1 200 OK\r\nContent-Length: %d\r\nConnection: Keep-Alive\r\nContent-Type: text/plain\r\n\r\n"; - - struct io_data_t *client_io_ptr; - - struct thread_data_t my_tdata = *(struct thread_data_t*)param; - - ev.data.fd = my_tdata.mypipe_fd; - ev.events = EPOLLIN; - epoll_ctl(my_tdata.myep_fd,EPOLL_CTL_ADD,my_tdata.mypipe_fd,&ev); - - while (1) { - nfds = epoll_wait(my_tdata.myep_fd, events, MAX_EPOLL_FD, 1000); - //printf("nfds:%d, epoll fd:%d\n",nfds,my_tdata.myep_fd); - if(nfds<=0 && 0!=g_shutdown_flag){ - break; - } - for (i = 0; i < nfds && nfds>0; i++) { - if( (events[i].data.fd == my_tdata.mypipe_fd) && (events[i].events & EPOLLIN)){ - if(read(my_tdata.mypipe_fd,&new_sock_fd,4)==-1){ - perror("faild to read pipe"); - exit(1); - } - setnonblocking(new_sock_fd); - ev.data.ptr = alloc_io_data(new_sock_fd, (struct sockaddr_in *)NULL); - ev.events = EPOLLIN; - epoll_ctl(my_tdata.myep_fd, EPOLL_CTL_ADD, new_sock_fd, &ev); - continue; - } - client_io_ptr = (struct io_data_t *)events[i].data.ptr; - if(client_io_ptr->fd<=0) continue; - - if (events[i].events & EPOLLIN) { - handle_input(my_tdata.myep_fd, client_io_ptr, my_tdata.data_from_file, rsps_msg_fmt, (int)(g_delay * 1000 / nfds)); - - } else if (events[i].events & EPOLLOUT) { - handle_output(my_tdata.myep_fd, client_io_ptr); - - } else if (events[i].events & EPOLLERR) { - cfd = client_io_ptr->fd; - case_no = 3; - destroy_fd(my_tdata.myep_fd, cfd, client_io_ptr, case_no); - } - } - } - return NULL; -} diff --git a/netcon/install-intercept.sh b/netcon/install-intercept.sh deleted file mode 100755 index b3da8aa8..00000000 --- a/netcon/install-intercept.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash -# This script is only needed for debugging purposes - -cp libzerotierintercept.so /lib/libzerotierintercept.so -ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept -/usr/bin/install -c zerotier-intercept /usr/bin - -# rm -r /lib/libzerotierintercept.so -# rm -r /lib/libzerotierintercept -# rm -r /usr/bin/zerotier-intercept diff --git a/netcon/make-liblwip.mk b/netcon/make-liblwip.mk deleted file mode 100644 index b473e60e..00000000 --- a/netcon/make-liblwip.mk +++ /dev/null @@ -1,107 +0,0 @@ -# -# Copyright (c) 2001, 2002 Swedish Institute of Computer Science. -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without modification, -# are permitted provided that the following conditions are met: -# -# 1. Redistributions of source code must retain the above copyright notice, -# this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright notice, -# this list of conditions and the following disclaimer in the documentation -# and/or other materials provided with the distribution. -# 3. The name of the author may not be used to endorse or promote products -# derived from this software without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT -# SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, -# EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT -# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING -# IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY -# OF SUCH DAMAGE. -# -# This file is part of the lwIP TCP/IP stack. -# -# Author: Adam Dunkels <adam@sics.se> -# - -CONTRIBDIR=../ext/contrib -LWIPARCH=$(CONTRIBDIR)/ports/unix - -#Set this to where you have the lwip core module checked out from CVS -#default assumes it's a dir named lwip at the same level as the contrib module -LWIPDIR=../ext/lwip/src - - -CCDEP=gcc -CC=gcc -CFLAGS=-O3 -g -Wall -DIPv4 -fPIC -#-DLWIP_DEBUG - -CFLAGS:=$(CFLAGS) \ - -I$(LWIPDIR)/include -I$(LWIPARCH)/include -I$(LWIPDIR)/include/ipv4 \ - -I$(LWIPDIR) -I. - - -# COREFILES, CORE4FILES: The minimum set of files needed for lwIP. -COREFILES=$(LWIPDIR)/core/mem.c $(LWIPDIR)/core/memp.c $(LWIPDIR)/core/netif.c \ - $(LWIPDIR)/core/pbuf.c $(LWIPDIR)/core/raw.c $(LWIPDIR)/core/stats.c \ - $(LWIPDIR)/core/sys.c $(LWIPDIR)/core/tcp.c $(LWIPDIR)/core/tcp_in.c \ - $(LWIPDIR)/core/tcp_out.c $(LWIPDIR)/core/udp.c $(LWIPDIR)/core/dhcp.c \ - $(LWIPDIR)/core/init.c $(LWIPDIR)/core/timers.c $(LWIPDIR)/core/def.c -CORE4FILES=$(wildcard $(LWIPDIR)/core/ipv4/*.c) $(LWIPDIR)/core/ipv4/inet.c \ - $(LWIPDIR)/core/ipv4/inet_chksum.c - -# SNMPFILES: Extra SNMPv1 agent -SNMPFILES=$(LWIPDIR)/core/snmp/asn1_dec.c $(LWIPDIR)/core/snmp/asn1_enc.c \ - $(LWIPDIR)/core/snmp/mib2.c $(LWIPDIR)/core/snmp/mib_structs.c \ - $(LWIPDIR)/core/snmp/msg_in.c $(LWIPDIR)/core/snmp/msg_out.c - -# APIFILES: The files which implement the sequential and socket APIs. -APIFILES=$(LWIPDIR)/api/api_lib.c $(LWIPDIR)/api/api_msg.c $(LWIPDIR)/api/tcpip.c \ - $(LWIPDIR)/api/err.c $(LWIPDIR)/api/sockets.c $(LWIPDIR)/api/netbuf.c $(LWIPDIR)/api/netdb.c - -# NETIFFILES: Files implementing various generic network interface functions.' -NETIFFILES=$(LWIPDIR)/netif/etharp.c $(LWIPDIR)/netif/slipif.c - -# NETIFFILES: Add PPP netif -NETIFFILES+=$(LWIPDIR)/netif/ppp/auth.c $(LWIPDIR)/netif/ppp/chap.c \ - $(LWIPDIR)/netif/ppp/chpms.c $(LWIPDIR)/netif/ppp/fsm.c \ - $(LWIPDIR)/netif/ppp/ipcp.c $(LWIPDIR)/netif/ppp/lcp.c \ - $(LWIPDIR)/netif/ppp/magic.c $(LWIPDIR)/netif/ppp/md5.c \ - $(LWIPDIR)/netif/ppp/pap.c $(LWIPDIR)/netif/ppp/ppp.c \ - $(LWIPDIR)/netif/ppp/randm.c $(LWIPDIR)/netif/ppp/vj.c - -# ARCHFILES: Architecture specific files. -ARCHFILES=$(wildcard $(LWIPARCH)/*.c $(LWIPARCH)tapif.c $(LWIPARCH)/netif/list.c $(LWIPARCH)/netif/tcpdump.c) - - -# LWIPFILES: All the above. -LWIPFILES=$(COREFILES) $(CORE4FILES) $(SNMPFILES) $(APIFILES) $(NETIFFILES) $(ARCHFILES) -LWIPFILESW=$(wildcard $(LWIPFILES)) -LWIPOBJS=$(notdir $(LWIPFILESW:.c=.o)) - -LWIPLIB=liblwip.so - -%.o: - $(CC) $(CFLAGS) -c $(<:.o=.c) - -all: $(LWIPLIB) -.PHONY: all - -clean: - rm -f *.o $(LWIPLIB) *.s .depend* *.core core - -depend dep: .depend - -include .depend - -$(LWIPLIB): $(LWIPOBJS) - $(CC) -g -nostartfiles -shared -o $@ $^ - -.depend: $(LWIPFILES) - $(CCDEP) $(CFLAGS) -MM $^ > .depend || rm -f .depend diff --git a/netcon/zerotier-intercept b/netcon/zerotier-intercept deleted file mode 100755 index f35c9d15..00000000 --- a/netcon/zerotier-intercept +++ /dev/null @@ -1,54 +0,0 @@ -#!/bin/sh -# usage: -# /usr/bin/intercept program <args> - -if [ $# = 0 ] ; then - echo "$0: insufficient arguments" - exit -fi - -case "$1" in - on) - if [ -z "$LD_PRELOAD" ] - then - export LD_PRELOAD="/lib/libzerotierintercept.so" - else - echo $LD_PRELOAD | grep -q "/lib/libzerotierintercept\.so" || \ - export LD_PRELOAD="/lib/libzerotierintercept.so $LD_PRELOAD" - fi - ;; - off) - export LD_PRELOAD=`echo -n $LD_PRELOAD | sed 's/\/lib\/libzerotierintercept.so \?//'` - if [ -z "$LD_PRELOAD" ] - then - unset LD_PRELOAD - fi - ;; - show|sh) - echo "LD_PRELOAD=\"$LD_PRELOAD\"" - ;; - -h|-?) - echo "" - ;; - *) - if [ -z "$LD_PRELOAD" ] - then - export LD_PRELOAD="/lib/libzerotierintercept.so" - else - echo $LD_PRELOAD | grep -q "/lib/libzerotierintercept\.so" || \ - export LD_PRELOAD="/lib/libzerotierintercept.so $LD_PRELOAD" - fi - - if [ $# = 0 ] - then - ${SHELL:-/bin/sh} - fi - - if [ $# -gt 0 ] - then - exec "$@" - fi - ;; -esac - -#EOF |
