diff options
author | Adam Ierymenko <adam.ierymenko@gmail.com> | 2013-07-17 14:39:34 -0400 |
---|---|---|
committer | Adam Ierymenko <adam.ierymenko@gmail.com> | 2013-07-17 14:39:34 -0400 |
commit | 2e85cf18c19ce86363de636ff30827fe232aa80b (patch) | |
tree | 38fd2034be8a919e88078b2bb8d8c25aa1d9e7a7 /node | |
parent | 76bc9968ff0ec7d044042f9214fa59efb3146685 (diff) | |
download | infinitytier-2e85cf18c19ce86363de636ff30827fe232aa80b.tar.gz infinitytier-2e85cf18c19ce86363de636ff30827fe232aa80b.zip |
Cleanup and build fixes.
Diffstat (limited to 'node')
-rw-r--r-- | node/Node.cpp | 96 | ||||
-rw-r--r-- | node/Node.hpp | 11 | ||||
-rw-r--r-- | node/RuntimeEnvironment.hpp | 6 | ||||
-rw-r--r-- | node/UdpSocket.cpp | 4 |
4 files changed, 30 insertions, 87 deletions
diff --git a/node/Node.cpp b/node/Node.cpp index 3b18d7ba..5dbc5bb6 100644 --- a/node/Node.cpp +++ b/node/Node.cpp @@ -37,15 +37,15 @@ #include <vector> #include <string> -#ifndef _WIN32 +#ifdef _WIN32 +#include <Windows.h> +#else #include <fcntl.h> #include <unistd.h> #include <signal.h> #include <sys/file.h> #endif -#include <openssl/sha.h> - #include "Condition.hpp" #include "Node.hpp" #include "Topology.hpp" @@ -78,7 +78,6 @@ struct _NodeImpl Node::ReasonForTermination reasonForTermination; volatile bool started; volatile bool running; - volatile bool updateStatusNow; volatile bool terminateNow; // Helper used to rapidly terminate from run() @@ -94,20 +93,17 @@ struct _NodeImpl } }; -Node::Node(const char *hp,const char *urlPrefix,const char *configAuthorityIdentity) +Node::Node(const char *hp) throw() : _impl(new _NodeImpl) { _NodeImpl *impl = (_NodeImpl *)_impl; impl->renv.homePath = hp; - impl->renv.autoconfUrlPrefix = urlPrefix; - impl->renv.configAuthorityIdentityStr = configAuthorityIdentity; impl->reasonForTermination = Node::NODE_RUNNING; impl->started = false; impl->running = false; - impl->updateStatusNow = false; impl->terminateNow = false; } @@ -155,11 +151,9 @@ Node::ReasonForTermination Node::run() TRACE("initializing..."); + // Create non-crypto PRNG right away in case other code in init wants to use it _r->prng = new CMWC4096(); - if (!_r->configAuthority.fromString(_r->configAuthorityIdentityStr)) - return impl->terminateBecause(Node::NODE_UNRECOVERABLE_ERROR,"configuration authority identity is not valid"); - bool gotId = false; std::string identitySecretPath(_r->homePath + ZT_PATH_SEPARATOR_S + "identity.secret"); std::string identityPublicPath(_r->homePath + ZT_PATH_SEPARATOR_S + "identity.public"); @@ -188,37 +182,35 @@ Node::ReasonForTermination Node::run() } Utils::lockDownFile(identitySecretPath.c_str(),false); - // Generate ownership verification secret, which can be presented to - // a controlling web site (like ours) to prove ownership of a node and - // permit its configuration to be centrally modified. When ZeroTier One - // requests its config it sends a hash of this secret, and so the - // config server can verify this hash to determine if the secret the - // user presents is correct. - std::string ovsPath(_r->homePath + ZT_PATH_SEPARATOR_S + "thisdeviceismine"); - if (((Utils::now() - Utils::getLastModified(ovsPath.c_str())) >= ZT_OVS_GENERATE_NEW_IF_OLDER_THAN)||(!Utils::readFile(ovsPath.c_str(),_r->ownershipVerificationSecret))) { - _r->ownershipVerificationSecret = ""; - unsigned int securern = 0; + // Clean up some obsolete files if present -- this will be removed later + unlink((_r->homePath + ZT_PATH_SEPARATOR_S + "status").c_str()); + unlink((_r->homePath + ZT_PATH_SEPARATOR_S + "thisdeviceismine").c_str()); + + // Load or generate config authentication secret + std::string configAuthTokenPath(_r->homePath + ZT_PATH_SEPARATOR_S + "authtoken.secret"); + std::string configAuthToken; + if (!Utils::readFile(configAuthTokenPath.c_str(),configAuthToken)) { + configAuthToken = ""; + unsigned int sr = 0; for(unsigned int i=0;i<24;++i) { - Utils::getSecureRandom(&securern,sizeof(securern)); - _r->ownershipVerificationSecret.push_back("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"[securern % 62]); + Utils::getSecureRandom(&sr,sizeof(sr)); + configAuthToken.push_back("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"[sr % 62]); } - _r->ownershipVerificationSecret.append(ZT_EOL_S); - if (!Utils::writeFile(ovsPath.c_str(),_r->ownershipVerificationSecret)) - return impl->terminateBecause(Node::NODE_UNRECOVERABLE_ERROR,"could not write 'thisdeviceismine' (home path not writable?)"); + if (!Utils::writeFile(configAuthTokenPath.c_str(),configAuthToken)) + return impl->terminateBecause(Node::NODE_UNRECOVERABLE_ERROR,"could not write authtoken.secret (home path not writable?)"); } - Utils::lockDownFile(ovsPath.c_str(),false); - _r->ownershipVerificationSecret = Utils::trim(_r->ownershipVerificationSecret); // trim off CR file is saved with - unsigned char ovsDig[32]; - SHA256_CTX sha; - SHA256_Init(&sha); - SHA256_Update(&sha,_r->ownershipVerificationSecret.data(),_r->ownershipVerificationSecret.length()); - SHA256_Final(ovsDig,&sha); - _r->ownershipVerificationSecretHash = Utils::base64Encode(ovsDig,32); + Utils::lockDownFile(configAuthTokenPath.c_str(),false); // Create the core objects in RuntimeEnvironment: node config, demarcation // point, switch, network topology database, and system environment // watcher. - _r->nc = new NodeConfig(_r,_r->autoconfUrlPrefix + _r->identity.address().toString()); + try { + _r->nc = new NodeConfig(_r,configAuthToken.c_str()); + } catch ( ... ) { + // An exception here currently means that another instance of ZeroTier + // One is running. + return impl->terminateBecause(Node::NODE_UNRECOVERABLE_ERROR,"another instance of ZeroTier One appears to be running, or local control UDP port cannot be bound"); + } _r->demarc = new Demarc(_r); _r->multicaster = new Multicaster(); _r->sw = new Switch(_r); @@ -248,8 +240,6 @@ Node::ReasonForTermination Node::run() } try { - std::string statusPath(_r->homePath + ZT_PATH_SEPARATOR_S + "status"); - uint64_t lastPingCheck = 0; uint64_t lastTopologyClean = Utils::now(); // don't need to do this immediately uint64_t lastNetworkFingerprintCheck = 0; @@ -257,7 +247,6 @@ Node::ReasonForTermination Node::run() uint64_t networkConfigurationFingerprint = _r->sysEnv->getNetworkConfigurationFingerprint(); uint64_t lastMulticastCheck = 0; uint64_t lastMulticastAnnounceAll = 0; - uint64_t lastStatusUpdate = 0; long lastDelayDelta = 0; LOG("%s starting version %s",_r->identity.address().toString().c_str(),versionString()); @@ -292,16 +281,6 @@ Node::ReasonForTermination Node::run() } } - if ((now - lastAutoconfigureCheck) >= ZT_AUTOCONFIGURE_CHECK_DELAY) { - // It seems odd to only do this simple check every so often, but the purpose is to - // delay between calls to refreshConfiguration() enough that the previous attempt - // has time to either succeed or fail. Otherwise we'll block the whole loop, since - // config update is guarded by a Mutex. - lastAutoconfigureCheck = now; - if ((now - _r->nc->lastAutoconfigure()) >= ZT_AUTOCONFIGURE_INTERVAL) - _r->nc->refreshConfiguration(); // happens in background - } - // Periodically check for changes in our local multicast subscriptions and broadcast // those changes to peers. if ((now - lastMulticastCheck) >= ZT_MULTICAST_LOCAL_POLL_PERIOD) { @@ -389,20 +368,6 @@ Node::ReasonForTermination Node::run() _r->topology->clean(); // happens in background } - if (((now - lastStatusUpdate) >= ZT_STATUS_OUTPUT_PERIOD)||(impl->updateStatusNow)) { - lastStatusUpdate = now; - impl->updateStatusNow = false; - FILE *statusf = ::fopen(statusPath.c_str(),"w"); - if (statusf) { - try { - _r->topology->eachPeer(Topology::DumpPeerStatistics(statusf)); - } catch ( ... ) { - TRACE("unexpected exception updating status dump"); - } - ::fclose(statusf); - } - } - try { unsigned long delay = std::min((unsigned long)ZT_MIN_SERVICE_LOOP_INTERVAL,_r->sw->doTimerTasks()); uint64_t start = Utils::now(); @@ -436,13 +401,6 @@ void Node::terminate() ((_NodeImpl *)_impl)->renv.mainLoopWaitCondition.signal(); } -void Node::updateStatusNow() - throw() -{ - ((_NodeImpl *)_impl)->updateStatusNow = true; - ((_NodeImpl *)_impl)->renv.mainLoopWaitCondition.signal(); -} - class _VersionStringMaker { public: diff --git a/node/Node.hpp b/node/Node.hpp index df6b946f..f4e2d423 100644 --- a/node/Node.hpp +++ b/node/Node.hpp @@ -58,11 +58,8 @@ public: * The node is not executed until run() is called. * * @param hp Home directory path - * @param url URL prefix for autoconfiguration (http and file permitted) - * @param configAuthorityIdentity Public identity used to encrypt/authenticate configuration from this URL (ASCII string format) - * @throws std::invalid_argument Invalid argument supplied to constructor */ - Node(const char *hp,const char *urlPrefix,const char *configAuthorityIdentity) + Node(const char *hp) throw(); ~Node(); @@ -99,12 +96,6 @@ public: throw(); /** - * Update the status file in the home directory on next service loop - */ - void updateStatusNow() - throw(); - - /** * Get the ZeroTier version in major.minor.revision string format * * @return Version in string form diff --git a/node/RuntimeEnvironment.hpp b/node/RuntimeEnvironment.hpp index 5f76c8ac..bc63543a 100644 --- a/node/RuntimeEnvironment.hpp +++ b/node/RuntimeEnvironment.hpp @@ -59,7 +59,6 @@ class RuntimeEnvironment { public: RuntimeEnvironment() : - identity(), log((Logger *)0), prng((CMWC4096 *)0), nc((NodeConfig *)0), @@ -71,15 +70,10 @@ public: } std::string homePath; - std::string autoconfUrlPrefix; - std::string configAuthorityIdentityStr; - std::string ownershipVerificationSecret; - std::string ownershipVerificationSecretHash; // base64 of SHA-256 X16 rounds // signal() to prematurely interrupt main loop wait Condition mainLoopWaitCondition; - Identity configAuthority; Identity identity; Logger *log; // may be null diff --git a/node/UdpSocket.cpp b/node/UdpSocket.cpp index 8b48b3b0..6178d16e 100644 --- a/node/UdpSocket.cpp +++ b/node/UdpSocket.cpp @@ -89,7 +89,7 @@ UdpSocket::UdpSocket( sin6.sin6_family = AF_INET6; sin6.sin6_port = htons(localPort); if (localOnly) - memcpy(&(sin6.sin6_addr.s6_addr),InetAddress::LO6.rawIpBytes(),16); + memcpy(&(sin6.sin6_addr.s6_addr),InetAddress::LO6.rawIpData(),16); else memcpy(&(sin6.sin6_addr),&in6addr_any,sizeof(struct in6_addr)); if (::bind(_sock,(const struct sockaddr *)&sin6,sizeof(sin6))) { ::close(_sock); @@ -113,7 +113,7 @@ UdpSocket::UdpSocket( sin.sin_family = AF_INET; sin.sin_port = htons(localPort); if (localOnly) - memcpy(&(sin.sin_addr.s_addr),InetAddress::LO4.rawIpBytes(),4); + memcpy(&(sin.sin_addr.s_addr),InetAddress::LO4.rawIpData(),4); else sin.sin_addr.s_addr = INADDR_ANY; if (::bind(_sock,(const struct sockaddr *)&sin,sizeof(sin))) { ::close(_sock); |