diff options
330 files changed, 21744 insertions, 16047 deletions
@@ -1,3 +1,4 @@ +<<<<<<< HEAD # Main binaries created in *nix builds /zerotier-one /zerotier-idtool @@ -29,6 +30,15 @@ Thumbs.db /ext/installfiles/windows/Prerequisites /ext/installfiles/windows/*-cache /ZeroTier One.msi +/windows/.vs +*.vcxproj.backup +/windows/TapDriver6/Win7Debug +/windows/TapDriver6/win7Release +/windows/*.db +/windows/*.opendb +enc_temp_folder +/windows/copyutil/bin +/windows/copyutil/obj # *nix/Mac build droppings /build-* @@ -59,11 +69,9 @@ zt1-src.tar.gz *.rpm *.autosave *.tmp -doc/*.1 -doc/*.2 -doc/*.8 .depend node_modules +zt1_update_* debian/files debian/zerotier-one debian/zerotier-one*.debhelper @@ -83,3 +91,21 @@ windows/WinUI/obj/ windows/WinUI/bin/ windows/ZeroTierOne/Debug/ /ext/installfiles/windows/chocolatey/zerotier-one/*.nupkg + +# Miscellaneous mac/Xcode droppings +.DS_Store +.Trashes +*.swp +*~.nib +DerivedData/ +build/ +*.pbxuser +*.mode1v3 +*.mode2v3 +*.perspectivev3 +!default.pbxuser +!default.mode1v3 +!default.mode2v3 +!default.perspectivev3 +*.xccheckout +xcuserdata/ @@ -25,13 +25,13 @@ ## Third-Party Code -These are included in ext/ for platforms that do not have them available in common repositories. Otherwise they may be linked and the package may ship with them as dependencies. +ZeroTier includes the following third party code, either in ext/ or incorporated into the ZeroTier core. * LZ4 compression algorithm by Yann Collet - * Files: ext/lz4/* + * Files: node/Packet.cpp (bundled within anonymous namespace) * Home page: http://code.google.com/p/lz4/ - * License grant: BSD attribution + * License grant: BSD 2-clause * http-parser by Joyent, Inc. (many authors) @@ -55,26 +55,19 @@ These are included in ext/ for platforms that do not have them available in comm * tap-windows6 by the OpenVPN project * Files: windows/TapDriver6/* - * Home page: - https://github.com/OpenVPN/tap-windows6/ + * Home page: https://github.com/OpenVPN/tap-windows6/ * License grant: GNU GPL v2 * ZeroTier Modifications: change name of driver to ZeroTier, add ioctl() to get L2 multicast memberships (source is in ext/ and modifications inherit GPL) - * Salsa20 stream cipher, Curve25519 elliptic curve cipher, Ed25519 - digital signature algorithm, and Poly1305 MAC algorithm, all by - Daniel J. Bernstein + * Salsa20 stream cipher, Curve25519 elliptic curve cipher, Ed25519 digital signature algorithm, and Poly1305 MAC algorithm, all by Daniel J. Bernstein - * Files: - node/Salsa20.hpp - node/C25519.hpp - node/Poly1305.hpp + * Files: node/Salsa20.* node/C25519.* node/Poly1305.* * Home page: http://cr.yp.to/ * License grant: public domain + * ZeroTier Modifications: slight cryptographically-irrelevant modifications for inclusion into ZeroTier core * MiniUPNPC and libnatpmp by Thomas Bernard - * Files: - ext/libnatpmp/* - ext/miniupnpc/* + * Files: ext/libnatpmp/* ext/miniupnpc/* * Home page: http://miniupnp.free.fr/ * License grant: BSD attribution no-endorsement diff --git a/Jenkinsfile b/Jenkinsfile new file mode 100644 index 00000000..74c86249 --- /dev/null +++ b/Jenkinsfile @@ -0,0 +1,82 @@ +#!/usr/bin/env groovy + +node('master') { + def changelog = getChangeLog currentBuild + + slackSend "Building ${env.JOB_NAME} #${env.BUILD_NUMBER} \n Change Log: \n ${changelog}" +} + +parallel 'centos7': { + node('centos7') { + try { + checkout scm + + stage('Build Centos 7') { + sh 'make -f make-linux.mk' + } + } + catch (err) { + currentBuild.result = "FAILURE" + slackSend color: '#ff0000', message: "${env.JOB_NAME} broken on Centos 7 (<${env.BUILD_URL}|Open>)" + + throw err + } + } +}, 'android-ndk': { + node('android-ndk') { + try { + checkout scm + + stage('Build Android NDK') { + sh "/android/android-ndk-r13b/ndk-build -C $WORKSPACE/java ZT1=${WORKSPACE}" + } + } + catch (err) { + currentBuild.result = "FAILURE" + slackSend color: '#ff0000', message: "${env.JOB_NAME} broken on Android NDK (<${env.BUILD_URL}|Open>)" + + throw err + } + } +}, 'macOS': { + node('macOS') { + try { + checkout scm + + stage('Build macOS') { + sh 'make -f make-mac.mk' + } + + stage('Build macOS UI') { + sh 'cd macui && xcodebuild -target "ZeroTier One" -configuration Debug' + } + } + catch (err) { + currentBuild.result = "FAILURE" + slackSend color: '#ff0000', message: "${env.JOB_NAME} broken on macOS (<${env.BUILD_URL}|Open>)" + + throw err + } + } +}, 'windows': { + node('windows') { + try { + checkout scm + + stage('Build Windows') { + bat '''CALL "C:\\Program Files (x86)\\Microsoft Visual Studio 14.0\\VC\\vcvarsall.bat" amd64 +git clean -dfx +msbuild windows\\ZeroTierOne.sln +''' + } + } + catch (err) { + currentBuild.result = "FAILURE" + slackSend color: '#ff0000', message: "${env.JOB_NAME} broken on Windows (<${env.BUILD_URL}|Open>)" + + throw err + } + } +} + +slackSend color: "#00ff00", message: "${env.JOB_NAME} #${env.BUILD_NUMBER} Complete (<${env.BUILD_URL}|Show More...>)" @@ -11,8 +11,14 @@ ifeq ($(OSTYPE),Linux) endif ifeq ($(OSTYPE),FreeBSD) - include make-freebsd.mk + CC=gcc + CXX=g++ + ZT_BUILD_PLATFORM=7 + include make-bsd.mk endif ifeq ($(OSTYPE),OpenBSD) - include make-freebsd.mk + CC=egcc + CXX=eg++ + ZT_BUILD_PLATFORM=9 + include make-bsd.mk endif @@ -1,55 +1,76 @@ ZeroTier - A Planetary Ethernet Switch ====== -ZeroTier is a software-based managed Ethernet switch for planet Earth. +ZeroTier is an enterprise Ethernet switch for planet Earth. It erases the LAN/WAN distinction and makes VPNs, tunnels, proxies, and other kludges arising from the inflexible nature of physical networks obsolete. Everything is encrypted end-to-end and traffic takes the most direct (peer to peer) path available. -This repository contains ZeroTier One, a service that provides ZeroTier network connectivity to devices running Windows, Mac, Linux, iOS, Android, and FreeBSD and makes joining virtual networks as easy as joining IRC or Slack channels. It also contains the OS-independent core ZeroTier protocol implementation in [node/](node/). - Visit [ZeroTier's site](https://www.zerotier.com/) for more information and [pre-built binary packages](https://www.zerotier.com/download.shtml). Apps for Android and iOS are available for free in the Google Play and Apple app stores. ### Getting Started ZeroTier's basic operation is easy to understand. Devices have 10-digit *ZeroTier addresses* like `89e92ceee5` and networks have 16-digit network IDs like `8056c2e21c000001`. All it takes for a device to join a network is its 16-digit ID, and all it takes for a network to authorize a device is its 10-digit address. Everything else is automatic. -A "device" can be anything really: desktops, laptops, phones, servers, VMs/VPSes, containers, and even (soon) apps. +A "device" in our terminology is any "unit of compute" capable of talking to a network: desktops, laptops, phones, servers, VMs/VPSes, containers, and even user-space applications via our [SDK](https://github.com/zerotier/ZeroTierSDK). -For testing we provide a public virtual network called *Earth* with network ID `8056c2e21c000001`. On Linux and Mac you can do this with: +For testing purposes we provide a public virtual network called *Earth* with network ID `8056c2e21c000001`. You can join it with: sudo zerotier-cli join 8056c2e21c000001 -Now wait about 30 seconds and check your system with `ip addr list` or `ifconfig`. You'll see a new interface whose name starts with *zt* and it should quickly get an IPv4 and an IPv6 address. Once you see it get an IP, try pinging `earth.zerotier.net` at `29.209.112.93`. If you've joined Earth from more than one system, try pinging your other machine. - -*(IPv4 addresses for Earth are assigned from the block 28.0.0.0/7, which is not a part of the public Internet but is non-standard for private networks. It's used to avoid IP conflicts during testing. Your networks can run any IP addressing scheme you want.)* - -If you don't want to belong to a giant Ethernet party line anymore, just type: +Now wait about 30 seconds and check your system with `ip addr list` or `ifconfig`. You'll see a new interface whose name starts with *zt* and it should quickly get an IPv4 and an IPv6 address. Once you see it get an IP, try pinging `earth.zerotier.net` at `29.209.112.93`. If you've joined Earth from more than one system, try pinging your other machine. If you don't want to belong to a giant Ethernet party line anymore, just type: sudo zerotier-cli leave 8056c2e21c000001 The *zt* interface will disappear. You're no longer on the network. -To create networks of your own you'll need a network controller. You can use [our hosted controller at my.zerotier.com](https://my.zerotier.com) which is free for up to 100 devices on an unlimited number of networks, or you can build your own controller and run it through its local JSON API. See [README.md in controller/](controller/) for more information. - -### Building from Source - -For Mac, Linux, and BSD, just type `make` (or `gmake` on BSD). Platform requirements are: - - - **Mac**: Xcode command line tools for OSX 10.7 or newer. - - **Linux**: GCC/G++ 4.9 or newer or CLANG 3.4 or newer, and GNU make and standard shell tools of course. - - The Linux make file will auto-detect and prefer CLANG if present since in our experience it does a better job optimizing C++ code. You can specify CC= and CXX= on the make command line to override this behavior. - - Several distributions including CentOS 7 ship with G++ 4.8 which has broken C++11 support. If you are running CentOS 7 type `sudo yum install clang` to install CLANG 3.4, which will work fine. There is no C++11 in the ZeroTier core but we have started using it in the service and network controller code. - - If any of the following have development headers on the system they are auto-detected and the build will link against system versions: `http-parser`, `lz4`, `libnatpmp`, and `miniupnpc`. If these are missing (or too old) the versions in `ext/` are used and are statically linked into the binary. Please be aware of this since if you build with these present the resulting binary will require them on other systems too. - - **FreeBSD**: GCC/G++ 4.9 or newer and `gmake` since our make files use GNU extensions. - -Each supported platform has its own *make-XXX.mk* file that contains the actual make rules for the platform. The right .mk file is included by the main Makefile based on the GNU make *OSTYPE* variable. Take a look at the .mk file for your platform for other targets, debug build rules, etc. +To create networks of your own, you'll need a network controller. ZeroTier One (for desktops and servers) includes controller functionality in its default build that can be configured via its JSON API (see [README.md in controller/](controller/)). ZeroTier provides a hosted solution with a nice web UI and SaaS add-ons at [my.zerotier.com](https://my.zerotier.com/). Basic controller functionality is free for up to 100 devices. + +### Project Layout + + - `artwork/`: icons, logos, etc. + - `attic/`: old stuff and experimental code that we want to keep around for reference. + - `controller/`: the reference network controller implementation, which is built and included by default on desktop and server build targets. + - `debian/`: files for building Debian packages on Linux. + - `doc/`: manual pages and other documentation. + - `ext/`: third party libraries, binaries that we ship for convenience on some platforms (Mac and Windows), and installation support files. + - `include/`: include files for the ZeroTier core. + - `java/`: a JNI wrapper used with our Android mobile app. (The whole Android app is not open source but may be made so in the future.) + - `macui/`: a Macintosh menu-bar app for controlling ZeroTier One, written in Objective C. + - `node/`: the ZeroTier virtual Ethernet switch core, which is designed to be entirely separate from the rest of the code and able to be built as a stand-alone OS-independent library. Note to developers: do not use C++11 features in here, since we want this to build on old embedded platforms that lack C++11 support. C++11 can be used elsewhere. + - `osdep/`: code to support and integrate with OSes, including platform-specific stuff only built for certain targets. + - `service/`: the ZeroTier One service, which wraps the ZeroTier core and provides VPN-like connectivity to virtual networks for desktops, laptops, servers, VMs, and containers. + - `tcp-proxy/`: TCP proxy code run by ZeroTier, Inc. to provide TCP fallback (this will die soon!). + - `windows/`: Visual Studio solution files, Windows service code for ZeroTier One, and the Windows task bar app UI. + +The base path contains the ZeroTier One service main entry point (`one.cpp`), self test code, makefiles, etc. + +### Build and Platform Notes + +To build on Mac and Linux just type `make`. On FreeBSD and OpenBSD `gmake` (GNU make) is required and can be installed from packages or ports. For Windows there is a Visual Studio solution in `windows/'. + + - **Mac** + - Xcode command line tools for OSX 10.7 or newer are required. + - Tap device driver kext source is in `ext/tap-mac` and a signed pre-built binary can be found in `ext/bin/tap-mac`. You should not need to build it yourself. It's a fork of [tuntaposx](http://tuntaposx.sourceforge.net) with device names changed to `zt#`, support for a larger MTU, and tun functionality removed. + - **Linux** + - The minimum compiler versions required are GCC/G++ 4.9.3 or CLANG/CLANG++ 3.4.2. + - Linux makefiles automatically detect and prefer clang/clang++ if present as it produces smaller and slightly faster binaries in most cases. You can override by supplying CC and CXX variables on the make command line. + - CentOS 7 ships with a version of GCC/G++ that is too old, but a new enough version of CLANG can be found in the *epel* repositories. Type `yum install epel-release` and then `yum install clang` to build there. + - **Windows** + - Windows 7 or newer (and equivalent server versions) are supported. This *may* work on Vista but you're on your own there. Windows XP is not supported since it lacks many important network API functions. + - We build with Visual Studio 2015. Older versions may not work with the solution file and project files we ship and may not have new enough C++11 support. + - Pre-built signed Windows drivers are included in `ext/bin/tap-windows-ndis6`. The MSI files found there will install them on 32-bit and 64-bit systems. (These are included in our multi-architecture installer as chained MSIs.) + - Windows builds are more painful in general than other platforms and are for the adventurous. + - **FreeBSD** + - Tested most recently on FreeBSD-11. Older versions may work but we're not sure. + - GCC/G++ 4.9 and gmake are required. These can be installed from packages or ports. Type `gmake` to build. + - **OpenBSD** + - There is a limit of four network memberships on OpenBSD as there are only four tap devices (`/dev/tap0` through `/dev/tap3`). We're not sure if this can be increased. + - OpenBSD lacks `getifmaddrs` (or any equivalent method) to get interface multicast memberships. As a result multicast will only work on OpenBSD for ARP and NDP (IP/MAC lookup) and not for other purposes. + - Only tested on OpenBSD 6.0. Older versions may not work. + - GCC/G++ 4.9 and gmake are required and can be installed using `pkg_add` or from ports. They get installed in `/usr/local/bin` as `egcc` and `eg++` and our makefile is pre-configured to use them on OpenBSD. Typing `make selftest` will build a *zerotier-selftest* binary which unit tests various internals and reports on a few aspects of the build environment. It's a good idea to try this on novel platforms or architectures. -Windows, of course, is special. A Visual Studio solution file is located in the *windows/* subfolder. We have not tried MinGW or CLANG for Windows but these may work, though you will have issues building the Windows GUI with them. - -Mac and Windows require tun/tap virtual network port drivers. We include pre-built signed binaries for these in `ext/bin`, so you should not need to build these yourself. Linux, FreeBSD, and others can use built-in kernel support for tun/tap network devices. - ### Running Running *zerotier-one* with -h will show help. @@ -65,7 +86,7 @@ The service is controlled via the JSON API, which by default is available at 127 Here's where home folders live (by default) on each OS: * **Linux**: `/var/lib/zerotier-one` - * **FreeBSD**: `/var/db/zerotier-one` + * **FreeBSD** / **OpenBSD**: `/var/db/zerotier-one` * **Mac**: `/Library/Application Support/ZeroTier/One` * **Windows**: `\ProgramData\ZeroTier\One` (That's for Windows 7. The base 'shared app data' folder might be different on different Windows versions.) diff --git a/attic/BinarySemaphore.hpp b/attic/BinarySemaphore.hpp deleted file mode 100644 index 315d2b00..00000000 --- a/attic/BinarySemaphore.hpp +++ /dev/null @@ -1,97 +0,0 @@ -/* - * ZeroTier One - Network Virtualization Everywhere - * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -#ifndef ZT_BINARYSEMAPHORE_HPP -#define ZT_BINARYSEMAPHORE_HPP - -#include <stdio.h> -#include <stdint.h> -#include <stdlib.h> - -#include "Constants.hpp" -#include "NonCopyable.hpp" - -#ifdef __WINDOWS__ - -#include <Windows.h> - -namespace ZeroTier { - -class BinarySemaphore : NonCopyable -{ -public: - BinarySemaphore() throw() { _sem = CreateSemaphore(NULL,0,1,NULL); } - ~BinarySemaphore() { CloseHandle(_sem); } - inline void wait() { WaitForSingleObject(_sem,INFINITE); } - inline void post() { ReleaseSemaphore(_sem,1,NULL); } -private: - HANDLE _sem; -}; - -} // namespace ZeroTier - -#else // !__WINDOWS__ - -#include <pthread.h> - -namespace ZeroTier { - -class BinarySemaphore : NonCopyable -{ -public: - BinarySemaphore() - { - pthread_mutex_init(&_mh,(const pthread_mutexattr_t *)0); - pthread_cond_init(&_cond,(const pthread_condattr_t *)0); - _f = false; - } - - ~BinarySemaphore() - { - pthread_cond_destroy(&_cond); - pthread_mutex_destroy(&_mh); - } - - inline void wait() - { - pthread_mutex_lock(const_cast <pthread_mutex_t *>(&_mh)); - while (!_f) - pthread_cond_wait(const_cast <pthread_cond_t *>(&_cond),const_cast <pthread_mutex_t *>(&_mh)); - _f = false; - pthread_mutex_unlock(const_cast <pthread_mutex_t *>(&_mh)); - } - - inline void post() - { - pthread_mutex_lock(const_cast <pthread_mutex_t *>(&_mh)); - _f = true; - pthread_mutex_unlock(const_cast <pthread_mutex_t *>(&_mh)); - pthread_cond_signal(const_cast <pthread_cond_t *>(&_cond)); - } - -private: - pthread_cond_t _cond; - pthread_mutex_t _mh; - volatile bool _f; -}; - -} // namespace ZeroTier - -#endif // !__WINDOWS__ - -#endif diff --git a/attic/LockingPtr.hpp b/attic/LockingPtr.hpp deleted file mode 100644 index c373129a..00000000 --- a/attic/LockingPtr.hpp +++ /dev/null @@ -1,99 +0,0 @@ -/* - * ZeroTier One - Network Virtualization Everywhere - * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -#ifndef ZT_LOCKINGPTR_HPP -#define ZT_LOCKINGPTR_HPP - -#include "Mutex.hpp" - -namespace ZeroTier { - -/** - * A simple pointer that locks and holds a mutex until destroyed - * - * Care must be taken when using this. It's not very sophisticated and does - * not handle being copied except for the simple return use case. When it is - * copied it hands off the mutex to the copy and clears it in the original, - * meaning that the mutex is unlocked when the last LockingPtr<> in a chain - * of such handoffs is destroyed. If this chain of handoffs "forks" (more than - * one copy is made) then non-determinism may ensue. - * - * This does not delete or do anything else with the pointer. It also does not - * take care of locking the lock. That must be done beforehand. - */ -template<typename T> -class LockingPtr -{ -public: - LockingPtr() : - _ptr((T *)0), - _lock((Mutex *)0) - { - } - - LockingPtr(T *obj,Mutex *lock) : - _ptr(obj), - _lock(lock) - { - } - - LockingPtr(const LockingPtr &p) : - _ptr(p._ptr), - _lock(p._lock) - { - const_cast<LockingPtr *>(&p)->_lock = (Mutex *)0; - } - - ~LockingPtr() - { - if (_lock) - _lock->unlock(); - } - - inline LockingPtr &operator=(const LockingPtr &p) - { - _ptr = p._ptr; - _lock = p._lock; - const_cast<LockingPtr *>(&p)->_lock = (Mutex *)0; - return *this; - } - - inline operator bool() const throw() { return (_ptr != (T *)0); } - inline T &operator*() const throw() { return *_ptr; } - inline T *operator->() const throw() { return _ptr; } - - /** - * @return Raw pointer to held object - */ - inline T *ptr() const throw() { return _ptr; } - - inline bool operator==(const LockingPtr &sp) const throw() { return (_ptr == sp._ptr); } - inline bool operator!=(const LockingPtr &sp) const throw() { return (_ptr != sp._ptr); } - inline bool operator>(const LockingPtr &sp) const throw() { return (_ptr > sp._ptr); } - inline bool operator<(const LockingPtr &sp) const throw() { return (_ptr < sp._ptr); } - inline bool operator>=(const LockingPtr &sp) const throw() { return (_ptr >= sp._ptr); } - inline bool operator<=(const LockingPtr &sp) const throw() { return (_ptr <= sp._ptr); } - -private: - T *_ptr; - Mutex *_lock; -}; - -} // namespace ZeroTier - -#endif diff --git a/cli/README.md b/attic/cli/README.md index 595df07e..595df07e 100644 --- a/cli/README.md +++ b/attic/cli/README.md diff --git a/cli/zerotier.cpp b/attic/cli/zerotier.cpp index e75268d1..e75268d1 100644 --- a/cli/zerotier.cpp +++ b/attic/cli/zerotier.cpp diff --git a/linux-build-farm/README.md b/attic/linux-build-farm/README.md index 8055eb0b..8055eb0b 100644 --- a/linux-build-farm/README.md +++ b/attic/linux-build-farm/README.md diff --git a/linux-build-farm/amazon-2016.03/x64/Dockerfile b/attic/linux-build-farm/amazon-2016.03/x64/Dockerfile index bd1a246a..bd1a246a 100644 --- a/linux-build-farm/amazon-2016.03/x64/Dockerfile +++ b/attic/linux-build-farm/amazon-2016.03/x64/Dockerfile diff --git a/linux-build-farm/build.sh b/attic/linux-build-farm/build.sh index 0eb7c5d2..0eb7c5d2 100755 --- a/linux-build-farm/build.sh +++ b/attic/linux-build-farm/build.sh diff --git a/linux-build-farm/centos-6/x64/Dockerfile b/attic/linux-build-farm/centos-6/x64/Dockerfile index 2796e422..2796e422 100644 --- a/linux-build-farm/centos-6/x64/Dockerfile +++ b/attic/linux-build-farm/centos-6/x64/Dockerfile diff --git a/linux-build-farm/centos-6/x86/Dockerfile b/attic/linux-build-farm/centos-6/x86/Dockerfile index 8192d139..8192d139 100644 --- a/linux-build-farm/centos-6/x86/Dockerfile +++ b/attic/linux-build-farm/centos-6/x86/Dockerfile diff --git a/linux-build-farm/centos-7/x64/Dockerfile b/attic/linux-build-farm/centos-7/x64/Dockerfile index 10b58402..10b58402 100644 --- a/linux-build-farm/centos-7/x64/Dockerfile +++ b/attic/linux-build-farm/centos-7/x64/Dockerfile diff --git a/linux-build-farm/centos-7/x86/Dockerfile b/attic/linux-build-farm/centos-7/x86/Dockerfile index a637a8d3..a637a8d3 100644 --- a/linux-build-farm/centos-7/x86/Dockerfile +++ b/attic/linux-build-farm/centos-7/x86/Dockerfile diff --git a/linux-build-farm/debian-jessie/x64/Dockerfile b/attic/linux-build-farm/debian-jessie/x64/Dockerfile index 316c1d83..316c1d83 100644 --- a/linux-build-farm/debian-jessie/x64/Dockerfile +++ b/attic/linux-build-farm/debian-jessie/x64/Dockerfile diff --git a/linux-build-farm/debian-jessie/x86/Dockerfile b/attic/linux-build-farm/debian-jessie/x86/Dockerfile index 3ad83329..3ad83329 100644 --- a/linux-build-farm/debian-jessie/x86/Dockerfile +++ b/attic/linux-build-farm/debian-jessie/x86/Dockerfile diff --git a/linux-build-farm/debian-stretch/x64/Dockerfile b/attic/linux-build-farm/debian-stretch/x64/Dockerfile index c973c2b7..c973c2b7 100644 --- a/linux-build-farm/debian-stretch/x64/Dockerfile +++ b/attic/linux-build-farm/debian-stretch/x64/Dockerfile diff --git a/linux-build-farm/debian-stretch/x86/Dockerfile b/attic/linux-build-farm/debian-stretch/x86/Dockerfile index bfc7a86f..bfc7a86f 100644 --- a/linux-build-farm/debian-stretch/x86/Dockerfile +++ b/attic/linux-build-farm/debian-stretch/x86/Dockerfile diff --git a/linux-build-farm/debian-wheezy/x64/Dockerfile b/attic/linux-build-farm/debian-wheezy/x64/Dockerfile index 77e1c325..77e1c325 100644 --- a/linux-build-farm/debian-wheezy/x64/Dockerfile +++ b/attic/linux-build-farm/debian-wheezy/x64/Dockerfile diff --git a/linux-build-farm/debian-wheezy/x86/Dockerfile b/attic/linux-build-farm/debian-wheezy/x86/Dockerfile index 1f0117d2..1f0117d2 100644 --- a/linux-build-farm/debian-wheezy/x86/Dockerfile +++ b/attic/linux-build-farm/debian-wheezy/x86/Dockerfile diff --git a/linux-build-farm/fedora-22/x64/Dockerfile b/attic/linux-build-farm/fedora-22/x64/Dockerfile index 6da0a921..6da0a921 100644 --- a/linux-build-farm/fedora-22/x64/Dockerfile +++ b/attic/linux-build-farm/fedora-22/x64/Dockerfile diff --git a/linux-build-farm/fedora-22/x86/Dockerfile b/attic/linux-build-farm/fedora-22/x86/Dockerfile index 3c24b844..3c24b844 100644 --- a/linux-build-farm/fedora-22/x86/Dockerfile +++ b/attic/linux-build-farm/fedora-22/x86/Dockerfile diff --git a/linux-build-farm/make-apt-repos.sh b/attic/linux-build-farm/make-apt-repos.sh index 7a81cc5c..7a81cc5c 100755 --- a/linux-build-farm/make-apt-repos.sh +++ b/attic/linux-build-farm/make-apt-repos.sh diff --git a/linux-build-farm/make-rpm-repos.sh b/attic/linux-build-farm/make-rpm-repos.sh index 0ed1cfe4..0ed1cfe4 100755 --- a/linux-build-farm/make-rpm-repos.sh +++ b/attic/linux-build-farm/make-rpm-repos.sh diff --git a/linux-build-farm/other/zerotier-containerized/Dockerfile b/attic/linux-build-farm/other/zerotier-containerized/Dockerfile index 678216da..678216da 100644 --- a/linux-build-farm/other/zerotier-containerized/Dockerfile +++ b/attic/linux-build-farm/other/zerotier-containerized/Dockerfile diff --git a/linux-build-farm/other/zerotier-containerized/main.sh b/attic/linux-build-farm/other/zerotier-containerized/main.sh index 685a6891..685a6891 100755 --- a/linux-build-farm/other/zerotier-containerized/main.sh +++ b/attic/linux-build-farm/other/zerotier-containerized/main.sh diff --git a/linux-build-farm/ubuntu-trusty/x64/Dockerfile b/attic/linux-build-farm/ubuntu-trusty/x64/Dockerfile index f84cc6e3..f84cc6e3 100644 --- a/linux-build-farm/ubuntu-trusty/x64/Dockerfile +++ b/attic/linux-build-farm/ubuntu-trusty/x64/Dockerfile diff --git a/linux-build-farm/ubuntu-trusty/x86/Dockerfile b/attic/linux-build-farm/ubuntu-trusty/x86/Dockerfile index 6be3ae87..6be3ae87 100644 --- a/linux-build-farm/ubuntu-trusty/x86/Dockerfile +++ b/attic/linux-build-farm/ubuntu-trusty/x86/Dockerfile diff --git a/linux-build-farm/ubuntu-wily/x64/Dockerfile b/attic/linux-build-farm/ubuntu-wily/x64/Dockerfile index 99b8d34c..99b8d34c 100644 --- a/linux-build-farm/ubuntu-wily/x64/Dockerfile +++ b/attic/linux-build-farm/ubuntu-wily/x64/Dockerfile diff --git a/linux-build-farm/ubuntu-wily/x86/Dockerfile b/attic/linux-build-farm/ubuntu-wily/x86/Dockerfile index 86ad14f2..86ad14f2 100644 --- a/linux-build-farm/ubuntu-wily/x86/Dockerfile +++ b/attic/linux-build-farm/ubuntu-wily/x86/Dockerfile diff --git a/linux-build-farm/ubuntu-xenial/x64/Dockerfile b/attic/linux-build-farm/ubuntu-xenial/x64/Dockerfile index fa665a0a..fa665a0a 100644 --- a/linux-build-farm/ubuntu-xenial/x64/Dockerfile +++ b/attic/linux-build-farm/ubuntu-xenial/x64/Dockerfile diff --git a/linux-build-farm/ubuntu-xenial/x86/Dockerfile b/attic/linux-build-farm/ubuntu-xenial/x86/Dockerfile index d01eec9b..d01eec9b 100644 --- a/linux-build-farm/ubuntu-xenial/x86/Dockerfile +++ b/attic/linux-build-farm/ubuntu-xenial/x86/Dockerfile diff --git a/world/README.md b/attic/world/README.md index dda4920a..dda4920a 100644 --- a/world/README.md +++ b/attic/world/README.md diff --git a/world/build.sh b/attic/world/build.sh index b783702c..b783702c 100755 --- a/world/build.sh +++ b/attic/world/build.sh diff --git a/world/earth-2016-01-13.bin b/attic/world/earth-2016-01-13.bin Binary files differindex 5dea4d21..5dea4d21 100644 --- a/world/earth-2016-01-13.bin +++ b/attic/world/earth-2016-01-13.bin diff --git a/world/mkworld.cpp b/attic/world/mkworld.cpp index 061d6341..e0f477b3 100644 --- a/world/mkworld.cpp +++ b/attic/world/mkworld.cpp @@ -50,25 +50,6 @@ using namespace ZeroTier; -class WorldMaker : public World -{ -public: - static inline World make(uint64_t id,uint64_t ts,const C25519::Public &sk,const std::vector<World::Root> &roots,const C25519::Pair &signWith) - { - WorldMaker w; - w._id = id; - w._ts = ts; - w._updateSigningKey = sk; - w._roots = roots; - - Buffer<ZT_WORLD_MAX_SERIALIZED_LENGTH> tmp; - w.serialize(tmp,true); - w._signature = C25519::sign(signWith,tmp.data(),tmp.size()); - - return w; - } -}; - int main(int argc,char **argv) { std::string previous,current; @@ -139,7 +120,7 @@ int main(int argc,char **argv) fprintf(stderr,"INFO: generating and signing id==%llu ts==%llu"ZT_EOL_S,(unsigned long long)id,(unsigned long long)ts); - World nw = WorldMaker::make(id,ts,currentKP.pub,roots,previousKP); + World nw = World::make(World::TYPE_PLANET,id,ts,currentKP.pub,roots,previousKP); Buffer<ZT_WORLD_MAX_SERIALIZED_LENGTH> outtmp; nw.serialize(outtmp,false); diff --git a/world/old/earth-2015-11-16.bin b/attic/world/old/earth-2015-11-16.bin Binary files differindex 910ff144..910ff144 100644 --- a/world/old/earth-2015-11-16.bin +++ b/attic/world/old/earth-2015-11-16.bin diff --git a/world/old/earth-2015-11-20.bin b/attic/world/old/earth-2015-11-20.bin Binary files differindex 198682e5..198682e5 100644 --- a/world/old/earth-2015-11-20.bin +++ b/attic/world/old/earth-2015-11-20.bin diff --git a/world/old/earth-2015-12-17.bin b/attic/world/old/earth-2015-12-17.bin Binary files differindex 20fadb56..20fadb56 100644 --- a/world/old/earth-2015-12-17.bin +++ b/attic/world/old/earth-2015-12-17.bin diff --git a/controller/EmbeddedNetworkController.cpp b/controller/EmbeddedNetworkController.cpp index aa95ac64..b731db83 100644 --- a/controller/EmbeddedNetworkController.cpp +++ b/controller/EmbeddedNetworkController.cpp @@ -21,7 +21,10 @@ #include <stdlib.h> #include <string.h> #include <time.h> + +#ifndef _WIN32 #include <sys/time.h> +#endif #include <sys/types.h> #include <algorithm> @@ -60,74 +63,13 @@ using json = nlohmann::json; namespace ZeroTier { -// JSON blob I/O -static json _readJson(const std::string &path) -{ - std::string buf; - if (OSUtils::readFile(path.c_str(),buf)) { - try { - return json::parse(buf); - } catch ( ... ) {} - } - return json::object(); -} -static bool _writeJson(const std::string &path,const json &obj) -{ - return OSUtils::writeFile(path.c_str(),obj.dump(2)); -} - -// Get JSON values as unsigned integers, strings, or booleans, doing type conversion if possible -static uint64_t _jI(const json &jv,const uint64_t dfl) -{ - if (jv.is_number()) { - return (uint64_t)jv; - } else if (jv.is_string()) { - std::string s = jv; - return Utils::strToU64(s.c_str()); - } else if (jv.is_boolean()) { - return ((bool)jv ? 1ULL : 0ULL); - } - return dfl; -} -static bool _jB(const json &jv,const bool dfl) -{ - if (jv.is_boolean()) { - return (bool)jv; - } else if (jv.is_number()) { - return ((uint64_t)jv > 0ULL); - } else if (jv.is_string()) { - std::string s = jv; - if (s.length() > 0) { - switch(s[0]) { - case 't': - case 'T': - case '1': - return true; - } - } - return false; - } - return dfl; -} -static std::string _jS(const json &jv,const char *dfl) -{ - if (jv.is_string()) { - return jv; - } else if (jv.is_number()) { - char tmp[64]; - Utils::snprintf(tmp,sizeof(tmp),"%llu",(uint64_t)jv); - return tmp; - } else if (jv.is_boolean()) { - return ((bool)jv ? std::string("1") : std::string("0")); - } - return std::string((dfl) ? dfl : ""); -} - static json _renderRule(ZT_VirtualNetworkRule &rule) { char tmp[128]; json r = json::object(); - switch((rule.t) & 0x7f) { + const ZT_VirtualNetworkRuleType rt = (ZT_VirtualNetworkRuleType)(rule.t & 0x3f); + + switch(rt) { case ZT_NETWORK_RULE_ACTION_DROP: r["type"] = "ACTION_DROP"; break; @@ -151,149 +93,151 @@ static json _renderRule(ZT_VirtualNetworkRule &rule) r["address"] = Address(rule.v.fwd.address).toString(); r["flags"] = (unsigned int)rule.v.fwd.flags; break; - case ZT_NETWORK_RULE_ACTION_DEBUG_LOG: - r["type"] = "ACTION_DEBUG_LOG"; - break; - case ZT_NETWORK_RULE_MATCH_SOURCE_ZEROTIER_ADDRESS: - r["type"] = "MATCH_SOURCE_ZEROTIER_ADDRESS"; - r["not"] = ((rule.t & 0x80) != 0); - r["zt"] = Address(rule.v.zt).toString(); - break; - case ZT_NETWORK_RULE_MATCH_DEST_ZEROTIER_ADDRESS: - r["type"] = "MATCH_DEST_ZEROTIER_ADDRESS"; - r["not"] = ((rule.t & 0x80) != 0); - r["zt"] = Address(rule.v.zt).toString(); - break; - case ZT_NETWORK_RULE_MATCH_VLAN_ID: - r["type"] = "MATCH_VLAN_ID"; - r["not"] = ((rule.t & 0x80) != 0); - r["vlanId"] = (unsigned int)rule.v.vlanId; - break; - case ZT_NETWORK_RULE_MATCH_VLAN_PCP: - r["type"] = "MATCH_VLAN_PCP"; - r["not"] = ((rule.t & 0x80) != 0); - r["vlanPcp"] = (unsigned int)rule.v.vlanPcp; - break; - case ZT_NETWORK_RULE_MATCH_VLAN_DEI: - r["type"] = "MATCH_VLAN_DEI"; - r["not"] = ((rule.t & 0x80) != 0); - r["vlanDei"] = (unsigned int)rule.v.vlanDei; - break; - case ZT_NETWORK_RULE_MATCH_ETHERTYPE: - r["type"] = "MATCH_ETHERTYPE"; - r["not"] = ((rule.t & 0x80) != 0); - r["etherType"] = (unsigned int)rule.v.etherType; - break; - case ZT_NETWORK_RULE_MATCH_MAC_SOURCE: - r["type"] = "MATCH_MAC_SOURCE"; - r["not"] = ((rule.t & 0x80) != 0); - Utils::snprintf(tmp,sizeof(tmp),"%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",(unsigned int)rule.v.mac[0],(unsigned int)rule.v.mac[1],(unsigned int)rule.v.mac[2],(unsigned int)rule.v.mac[3],(unsigned int)rule.v.mac[4],(unsigned int)rule.v.mac[5]); - r["mac"] = tmp; + case ZT_NETWORK_RULE_ACTION_BREAK: + r["type"] = "ACTION_BREAK"; break; - case ZT_NETWORK_RULE_MATCH_MAC_DEST: - r["type"] = "MATCH_MAC_DEST"; - r["not"] = ((rule.t & 0x80) != 0); - Utils::snprintf(tmp,sizeof(tmp),"%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",(unsigned int)rule.v.mac[0],(unsigned int)rule.v.mac[1],(unsigned int)rule.v.mac[2],(unsigned int)rule.v.mac[3],(unsigned int)rule.v.mac[4],(unsigned int)rule.v.mac[5]); - r["mac"] = tmp; - break; - case ZT_NETWORK_RULE_MATCH_IPV4_SOURCE: - r["type"] = "MATCH_IPV4_SOURCE"; - r["not"] = ((rule.t & 0x80) != 0); - r["ip"] = InetAddress(&(rule.v.ipv4.ip),4,(unsigned int)rule.v.ipv4.mask).toString(); - break; - case ZT_NETWORK_RULE_MATCH_IPV4_DEST: - r["type"] = "MATCH_IPV4_DEST"; - r["not"] = ((rule.t & 0x80) != 0); - r["ip"] = InetAddress(&(rule.v.ipv4.ip),4,(unsigned int)rule.v.ipv4.mask).toString(); - break; - case ZT_NETWORK_RULE_MATCH_IPV6_SOURCE: - r["type"] = "MATCH_IPV6_SOURCE"; - r["not"] = ((rule.t & 0x80) != 0); - r["ip"] = InetAddress(rule.v.ipv6.ip,16,(unsigned int)rule.v.ipv6.mask).toString(); - break; - case ZT_NETWORK_RULE_MATCH_IPV6_DEST: - r["type"] = "MATCH_IPV6_DEST"; - r["not"] = ((rule.t & 0x80) != 0); - r["ip"] = InetAddress(rule.v.ipv6.ip,16,(unsigned int)rule.v.ipv6.mask).toString(); - break; - case ZT_NETWORK_RULE_MATCH_IP_TOS: - r["type"] = "MATCH_IP_TOS"; - r["not"] = ((rule.t & 0x80) != 0); - r["ipTos"] = (unsigned int)rule.v.ipTos; - break; - case ZT_NETWORK_RULE_MATCH_IP_PROTOCOL: - r["type"] = "MATCH_IP_PROTOCOL"; - r["not"] = ((rule.t & 0x80) != 0); - r["ipProtocol"] = (unsigned int)rule.v.ipProtocol; - break; - case ZT_NETWORK_RULE_MATCH_ICMP: - r["type"] = "MATCH_ICMP"; - r["not"] = ((rule.t & 0x80) != 0); - r["type"] = (unsigned int)rule.v.icmp.type; - if ((rule.v.icmp.flags & 0x01) != 0) - r["code"] = (unsigned int)rule.v.icmp.code; - else r["code"] = json(); - break; - case ZT_NETWORK_RULE_MATCH_IP_SOURCE_PORT_RANGE: - r["type"] = "MATCH_IP_SOURCE_PORT_RANGE"; - r["not"] = ((rule.t & 0x80) != 0); - r["start"] = (unsigned int)rule.v.port[0]; - r["end"] = (unsigned int)rule.v.port[1]; - break; - case ZT_NETWORK_RULE_MATCH_IP_DEST_PORT_RANGE: - r["type"] = "MATCH_IP_DEST_PORT_RANGE"; - r["not"] = ((rule.t & 0x80) != 0); - r["start"] = (unsigned int)rule.v.port[0]; - r["end"] = (unsigned int)rule.v.port[1]; - break; - case ZT_NETWORK_RULE_MATCH_CHARACTERISTICS: - r["type"] = "MATCH_CHARACTERISTICS"; - r["not"] = ((rule.t & 0x80) != 0); - Utils::snprintf(tmp,sizeof(tmp),"%.16llx",rule.v.characteristics); - r["mask"] = tmp; + default: break; - case ZT_NETWORK_RULE_MATCH_FRAME_SIZE_RANGE: - r["type"] = "MATCH_FRAME_SIZE_RANGE"; - r["not"] = ((rule.t & 0x80) != 0); - r["start"] = (unsigned int)rule.v.frameSize[0]; - r["end"] = (unsigned int)rule.v.frameSize[1]; - break; - case ZT_NETWORK_RULE_MATCH_RANDOM: - r["type"] = "MATCH_RANDOM"; - r["not"] = ((rule.t & 0x80) != 0); - r["probability"] = (unsigned long)rule.v.randomProbability; - break; - case ZT_NETWORK_RULE_MATCH_TAGS_DIFFERENCE: - r["type"] = "MATCH_TAGS_DIFFERENCE"; - r["not"] = ((rule.t & 0x80) != 0); - r["id"] = rule.v.tag.id; - r["value"] = rule.v.tag.value; - break; - case ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_AND: - r["type"] = "MATCH_TAGS_BITWISE_AND"; - r["not"] = ((rule.t & 0x80) != 0); - r["id"] = rule.v.tag.id; - r["value"] = rule.v.tag.value; - break; - case ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_OR: - r["type"] = "MATCH_TAGS_BITWISE_OR"; - r["not"] = ((rule.t & 0x80) != 0); - r["id"] = rule.v.tag.id; - r["value"] = rule.v.tag.value; - break; - case ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_XOR: - r["type"] = "MATCH_TAGS_BITWISE_XOR"; - r["not"] = ((rule.t & 0x80) != 0); - r["id"] = rule.v.tag.id; - r["value"] = rule.v.tag.value; - break; - case ZT_NETWORK_RULE_MATCH_TAGS_EQUAL: - r["type"] = "MATCH_TAGS_EQUAL"; + } + + if (r.size() == 0) { + switch(rt) { + case ZT_NETWORK_RULE_MATCH_SOURCE_ZEROTIER_ADDRESS: + r["type"] = "MATCH_SOURCE_ZEROTIER_ADDRESS"; + r["zt"] = Address(rule.v.zt).toString(); + break; + case ZT_NETWORK_RULE_MATCH_DEST_ZEROTIER_ADDRESS: + r["type"] = "MATCH_DEST_ZEROTIER_ADDRESS"; + r["zt"] = Address(rule.v.zt).toString(); + break; + case ZT_NETWORK_RULE_MATCH_VLAN_ID: + r["type"] = "MATCH_VLAN_ID"; + r["vlanId"] = (unsigned int)rule.v.vlanId; + break; + case ZT_NETWORK_RULE_MATCH_VLAN_PCP: + r["type"] = "MATCH_VLAN_PCP"; + r["vlanPcp"] = (unsigned int)rule.v.vlanPcp; + break; + case ZT_NETWORK_RULE_MATCH_VLAN_DEI: + r["type"] = "MATCH_VLAN_DEI"; + r["vlanDei"] = (unsigned int)rule.v.vlanDei; + break; + case ZT_NETWORK_RULE_MATCH_MAC_SOURCE: + r["type"] = "MATCH_MAC_SOURCE"; + Utils::snprintf(tmp,sizeof(tmp),"%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",(unsigned int)rule.v.mac[0],(unsigned int)rule.v.mac[1],(unsigned int)rule.v.mac[2],(unsigned int)rule.v.mac[3],(unsigned int)rule.v.mac[4],(unsigned int)rule.v.mac[5]); + r["mac"] = tmp; + break; + case ZT_NETWORK_RULE_MATCH_MAC_DEST: + r["type"] = "MATCH_MAC_DEST"; + Utils::snprintf(tmp,sizeof(tmp),"%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",(unsigned int)rule.v.mac[0],(unsigned int)rule.v.mac[1],(unsigned int)rule.v.mac[2],(unsigned int)rule.v.mac[3],(unsigned int)rule.v.mac[4],(unsigned int)rule.v.mac[5]); + r["mac"] = tmp; + break; + case ZT_NETWORK_RULE_MATCH_IPV4_SOURCE: + r["type"] = "MATCH_IPV4_SOURCE"; + r["ip"] = InetAddress(&(rule.v.ipv4.ip),4,(unsigned int)rule.v.ipv4.mask).toString(); + break; + case ZT_NETWORK_RULE_MATCH_IPV4_DEST: + r["type"] = "MATCH_IPV4_DEST"; + r["ip"] = InetAddress(&(rule.v.ipv4.ip),4,(unsigned int)rule.v.ipv4.mask).toString(); + break; + case ZT_NETWORK_RULE_MATCH_IPV6_SOURCE: + r["type"] = "MATCH_IPV6_SOURCE"; + r["ip"] = InetAddress(rule.v.ipv6.ip,16,(unsigned int)rule.v.ipv6.mask).toString(); + break; + case ZT_NETWORK_RULE_MATCH_IPV6_DEST: + r["type"] = "MATCH_IPV6_DEST"; + r["ip"] = InetAddress(rule.v.ipv6.ip,16,(unsigned int)rule.v.ipv6.mask).toString(); + break; + case ZT_NETWORK_RULE_MATCH_IP_TOS: + r["type"] = "MATCH_IP_TOS"; + r["mask"] = (unsigned int)rule.v.ipTos.mask; + r["start"] = (unsigned int)rule.v.ipTos.value[0]; + r["end"] = (unsigned int)rule.v.ipTos.value[1]; + break; + case ZT_NETWORK_RULE_MATCH_IP_PROTOCOL: + r["type"] = "MATCH_IP_PROTOCOL"; + r["ipProtocol"] = (unsigned int)rule.v.ipProtocol; + break; + case ZT_NETWORK_RULE_MATCH_ETHERTYPE: + r["type"] = "MATCH_ETHERTYPE"; + r["etherType"] = (unsigned int)rule.v.etherType; + break; + case ZT_NETWORK_RULE_MATCH_ICMP: + r["type"] = "MATCH_ICMP"; + r["icmpType"] = (unsigned int)rule.v.icmp.type; + if ((rule.v.icmp.flags & 0x01) != 0) + r["icmpCode"] = (unsigned int)rule.v.icmp.code; + else r["icmpCode"] = json(); + break; + case ZT_NETWORK_RULE_MATCH_IP_SOURCE_PORT_RANGE: + r["type"] = "MATCH_IP_SOURCE_PORT_RANGE"; + r["start"] = (unsigned int)rule.v.port[0]; + r["end"] = (unsigned int)rule.v.port[1]; + break; + case ZT_NETWORK_RULE_MATCH_IP_DEST_PORT_RANGE: + r["type"] = "MATCH_IP_DEST_PORT_RANGE"; + r["start"] = (unsigned int)rule.v.port[0]; + r["end"] = (unsigned int)rule.v.port[1]; + break; + case ZT_NETWORK_RULE_MATCH_CHARACTERISTICS: + r["type"] = "MATCH_CHARACTERISTICS"; + Utils::snprintf(tmp,sizeof(tmp),"%.16llx",rule.v.characteristics); + r["mask"] = tmp; + break; + case ZT_NETWORK_RULE_MATCH_FRAME_SIZE_RANGE: + r["type"] = "MATCH_FRAME_SIZE_RANGE"; + r["start"] = (unsigned int)rule.v.frameSize[0]; + r["end"] = (unsigned int)rule.v.frameSize[1]; + break; + case ZT_NETWORK_RULE_MATCH_RANDOM: + r["type"] = "MATCH_RANDOM"; + r["probability"] = (unsigned long)rule.v.randomProbability; + break; + case ZT_NETWORK_RULE_MATCH_TAGS_DIFFERENCE: + r["type"] = "MATCH_TAGS_DIFFERENCE"; + r["id"] = rule.v.tag.id; + r["value"] = rule.v.tag.value; + break; + case ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_AND: + r["type"] = "MATCH_TAGS_BITWISE_AND"; + r["id"] = rule.v.tag.id; + r["value"] = rule.v.tag.value; + break; + case ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_OR: + r["type"] = "MATCH_TAGS_BITWISE_OR"; + r["id"] = rule.v.tag.id; + r["value"] = rule.v.tag.value; + break; + case ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_XOR: + r["type"] = "MATCH_TAGS_BITWISE_XOR"; + r["id"] = rule.v.tag.id; + r["value"] = rule.v.tag.value; + break; + case ZT_NETWORK_RULE_MATCH_TAGS_EQUAL: + r["type"] = "MATCH_TAGS_EQUAL"; + r["id"] = rule.v.tag.id; + r["value"] = rule.v.tag.value; + break; + case ZT_NETWORK_RULE_MATCH_TAG_SENDER: + r["type"] = "MATCH_TAG_SENDER"; + r["id"] = rule.v.tag.id; + r["value"] = rule.v.tag.value; + break; + case ZT_NETWORK_RULE_MATCH_TAG_RECEIVER: + r["type"] = "MATCH_TAG_RECEIVER"; + r["id"] = rule.v.tag.id; + r["value"] = rule.v.tag.value; + break; + default: + break; + } + + if (r.size() > 0) { r["not"] = ((rule.t & 0x80) != 0); - r["id"] = rule.v.tag.id; - r["value"] = rule.v.tag.value; - break; + r["or"] = ((rule.t & 0x40) != 0); + } } + return r; } @@ -301,11 +245,17 @@ static bool _parseRule(json &r,ZT_VirtualNetworkRule &rule) { if (!r.is_object()) return false; - const std::string t(_jS(r["type"],"")); + + const std::string t(OSUtils::jsonString(r["type"],"")); memset(&rule,0,sizeof(ZT_VirtualNetworkRule)); - if (_jB(r["not"],false)) + + if (OSUtils::jsonBool(r["not"],false)) rule.t = 0x80; else rule.t = 0x00; + if (OSUtils::jsonBool(r["or"],false)) + rule.t |= 0x40; + + bool tag = false; if (t == "ACTION_DROP") { rule.t |= ZT_NETWORK_RULE_ACTION_DROP; return true; @@ -314,115 +264,117 @@ static bool _parseRule(json &r,ZT_VirtualNetworkRule &rule) return true; } else if (t == "ACTION_TEE") { rule.t |= ZT_NETWORK_RULE_ACTION_TEE; - rule.v.fwd.address = Utils::hexStrToU64(_jS(r["address"],"0").c_str()) & 0xffffffffffULL; - rule.v.fwd.flags = (uint32_t)(_jI(r["flags"],0ULL) & 0xffffffffULL); - rule.v.fwd.length = (uint16_t)(_jI(r["length"],0ULL) & 0xffffULL); + rule.v.fwd.address = Utils::hexStrToU64(OSUtils::jsonString(r["address"],"0").c_str()) & 0xffffffffffULL; + rule.v.fwd.flags = (uint32_t)(OSUtils::jsonInt(r["flags"],0ULL) & 0xffffffffULL); + rule.v.fwd.length = (uint16_t)(OSUtils::jsonInt(r["length"],0ULL) & 0xffffULL); return true; } else if (t == "ACTION_WATCH") { rule.t |= ZT_NETWORK_RULE_ACTION_WATCH; - rule.v.fwd.address = Utils::hexStrToU64(_jS(r["address"],"0").c_str()) & 0xffffffffffULL; - rule.v.fwd.flags = (uint32_t)(_jI(r["flags"],0ULL) & 0xffffffffULL); - rule.v.fwd.length = (uint16_t)(_jI(r["length"],0ULL) & 0xffffULL); + rule.v.fwd.address = Utils::hexStrToU64(OSUtils::jsonString(r["address"],"0").c_str()) & 0xffffffffffULL; + rule.v.fwd.flags = (uint32_t)(OSUtils::jsonInt(r["flags"],0ULL) & 0xffffffffULL); + rule.v.fwd.length = (uint16_t)(OSUtils::jsonInt(r["length"],0ULL) & 0xffffULL); return true; } else if (t == "ACTION_REDIRECT") { rule.t |= ZT_NETWORK_RULE_ACTION_REDIRECT; - rule.v.fwd.address = Utils::hexStrToU64(_jS(r["zt"],"0").c_str()) & 0xffffffffffULL; - rule.v.fwd.flags = (uint32_t)(_jI(r["flags"],0ULL) & 0xffffffffULL); + rule.v.fwd.address = Utils::hexStrToU64(OSUtils::jsonString(r["address"],"0").c_str()) & 0xffffffffffULL; + rule.v.fwd.flags = (uint32_t)(OSUtils::jsonInt(r["flags"],0ULL) & 0xffffffffULL); return true; - } else if (t == "ACTION_DEBUG_LOG") { - rule.t |= ZT_NETWORK_RULE_ACTION_DEBUG_LOG; + } else if (t == "ACTION_BREAK") { + rule.t |= ZT_NETWORK_RULE_ACTION_BREAK; return true; } else if (t == "MATCH_SOURCE_ZEROTIER_ADDRESS") { rule.t |= ZT_NETWORK_RULE_MATCH_SOURCE_ZEROTIER_ADDRESS; - rule.v.zt = Utils::hexStrToU64(_jS(r["zt"],"0").c_str()) & 0xffffffffffULL; + rule.v.zt = Utils::hexStrToU64(OSUtils::jsonString(r["zt"],"0").c_str()) & 0xffffffffffULL; return true; } else if (t == "MATCH_DEST_ZEROTIER_ADDRESS") { rule.t |= ZT_NETWORK_RULE_MATCH_DEST_ZEROTIER_ADDRESS; - rule.v.zt = Utils::hexStrToU64(_jS(r["zt"],"0").c_str()) & 0xffffffffffULL; + rule.v.zt = Utils::hexStrToU64(OSUtils::jsonString(r["zt"],"0").c_str()) & 0xffffffffffULL; return true; } else if (t == "MATCH_VLAN_ID") { rule.t |= ZT_NETWORK_RULE_MATCH_VLAN_ID; - rule.v.vlanId = (uint16_t)(_jI(r["vlanId"],0ULL) & 0xffffULL); + rule.v.vlanId = (uint16_t)(OSUtils::jsonInt(r["vlanId"],0ULL) & 0xffffULL); return true; } else if (t == "MATCH_VLAN_PCP") { rule.t |= ZT_NETWORK_RULE_MATCH_VLAN_PCP; - rule.v.vlanPcp = (uint8_t)(_jI(r["vlanPcp"],0ULL) & 0xffULL); + rule.v.vlanPcp = (uint8_t)(OSUtils::jsonInt(r["vlanPcp"],0ULL) & 0xffULL); return true; } else if (t == "MATCH_VLAN_DEI") { rule.t |= ZT_NETWORK_RULE_MATCH_VLAN_DEI; - rule.v.vlanDei = (uint8_t)(_jI(r["vlanDei"],0ULL) & 0xffULL); - return true; - } else if (t == "MATCH_ETHERTYPE") { - rule.t |= ZT_NETWORK_RULE_MATCH_ETHERTYPE; - rule.v.etherType = (uint16_t)(_jI(r["etherType"],0ULL) & 0xffffULL); + rule.v.vlanDei = (uint8_t)(OSUtils::jsonInt(r["vlanDei"],0ULL) & 0xffULL); return true; } else if (t == "MATCH_MAC_SOURCE") { rule.t |= ZT_NETWORK_RULE_MATCH_MAC_SOURCE; - const std::string mac(_jS(r["mac"],"0")); + const std::string mac(OSUtils::jsonString(r["mac"],"0")); Utils::unhex(mac.c_str(),(unsigned int)mac.length(),rule.v.mac,6); return true; } else if (t == "MATCH_MAC_DEST") { rule.t |= ZT_NETWORK_RULE_MATCH_MAC_DEST; - const std::string mac(_jS(r["mac"],"0")); + const std::string mac(OSUtils::jsonString(r["mac"],"0")); Utils::unhex(mac.c_str(),(unsigned int)mac.length(),rule.v.mac,6); return true; } else if (t == "MATCH_IPV4_SOURCE") { rule.t |= ZT_NETWORK_RULE_MATCH_IPV4_SOURCE; - InetAddress ip(_jS(r["ip"],"0.0.0.0")); + InetAddress ip(OSUtils::jsonString(r["ip"],"0.0.0.0")); rule.v.ipv4.ip = reinterpret_cast<struct sockaddr_in *>(&ip)->sin_addr.s_addr; rule.v.ipv4.mask = Utils::ntoh(reinterpret_cast<struct sockaddr_in *>(&ip)->sin_port) & 0xff; if (rule.v.ipv4.mask > 32) rule.v.ipv4.mask = 32; return true; } else if (t == "MATCH_IPV4_DEST") { rule.t |= ZT_NETWORK_RULE_MATCH_IPV4_DEST; - InetAddress ip(_jS(r["ip"],"0.0.0.0")); + InetAddress ip(OSUtils::jsonString(r["ip"],"0.0.0.0")); rule.v.ipv4.ip = reinterpret_cast<struct sockaddr_in *>(&ip)->sin_addr.s_addr; rule.v.ipv4.mask = Utils::ntoh(reinterpret_cast<struct sockaddr_in *>(&ip)->sin_port) & 0xff; if (rule.v.ipv4.mask > 32) rule.v.ipv4.mask = 32; return true; } else if (t == "MATCH_IPV6_SOURCE") { rule.t |= ZT_NETWORK_RULE_MATCH_IPV6_SOURCE; - InetAddress ip(_jS(r["ip"],"::0")); + InetAddress ip(OSUtils::jsonString(r["ip"],"::0")); memcpy(rule.v.ipv6.ip,reinterpret_cast<struct sockaddr_in6 *>(&ip)->sin6_addr.s6_addr,16); rule.v.ipv6.mask = Utils::ntoh(reinterpret_cast<struct sockaddr_in6 *>(&ip)->sin6_port) & 0xff; if (rule.v.ipv6.mask > 128) rule.v.ipv6.mask = 128; return true; } else if (t == "MATCH_IPV6_DEST") { rule.t |= ZT_NETWORK_RULE_MATCH_IPV6_DEST; - InetAddress ip(_jS(r["ip"],"::0")); + InetAddress ip(OSUtils::jsonString(r["ip"],"::0")); memcpy(rule.v.ipv6.ip,reinterpret_cast<struct sockaddr_in6 *>(&ip)->sin6_addr.s6_addr,16); rule.v.ipv6.mask = Utils::ntoh(reinterpret_cast<struct sockaddr_in6 *>(&ip)->sin6_port) & 0xff; if (rule.v.ipv6.mask > 128) rule.v.ipv6.mask = 128; return true; } else if (t == "MATCH_IP_TOS") { rule.t |= ZT_NETWORK_RULE_MATCH_IP_TOS; - rule.v.ipTos = (uint8_t)(_jI(r["ipTos"],0ULL) & 0xffULL); + rule.v.ipTos.mask = (uint8_t)(OSUtils::jsonInt(r["mask"],0ULL) & 0xffULL); + rule.v.ipTos.value[0] = (uint8_t)(OSUtils::jsonInt(r["start"],0ULL) & 0xffULL); + rule.v.ipTos.value[1] = (uint8_t)(OSUtils::jsonInt(r["end"],0ULL) & 0xffULL); return true; } else if (t == "MATCH_IP_PROTOCOL") { rule.t |= ZT_NETWORK_RULE_MATCH_IP_PROTOCOL; - rule.v.ipProtocol = (uint8_t)(_jI(r["ipProtocol"],0ULL) & 0xffULL); + rule.v.ipProtocol = (uint8_t)(OSUtils::jsonInt(r["ipProtocol"],0ULL) & 0xffULL); + return true; + } else if (t == "MATCH_ETHERTYPE") { + rule.t |= ZT_NETWORK_RULE_MATCH_ETHERTYPE; + rule.v.etherType = (uint16_t)(OSUtils::jsonInt(r["etherType"],0ULL) & 0xffffULL); return true; } else if (t == "MATCH_ICMP") { rule.t |= ZT_NETWORK_RULE_MATCH_ICMP; - rule.v.icmp.type = (uint8_t)(_jI(r["type"],0ULL) & 0xffULL); - json &code = r["code"]; + rule.v.icmp.type = (uint8_t)(OSUtils::jsonInt(r["icmpType"],0ULL) & 0xffULL); + json &code = r["icmpCode"]; if (code.is_null()) { rule.v.icmp.code = 0; rule.v.icmp.flags = 0x00; } else { - rule.v.icmp.code = (uint8_t)(_jI(code,0ULL) & 0xffULL); + rule.v.icmp.code = (uint8_t)(OSUtils::jsonInt(code,0ULL) & 0xffULL); rule.v.icmp.flags = 0x01; } return true; } else if (t == "MATCH_IP_SOURCE_PORT_RANGE") { rule.t |= ZT_NETWORK_RULE_MATCH_IP_SOURCE_PORT_RANGE; - rule.v.port[0] = (uint16_t)(_jI(r["start"],0ULL) & 0xffffULL); - rule.v.port[1] = (uint16_t)(_jI(r["end"],(uint64_t)rule.v.port[0]) & 0xffffULL); + rule.v.port[0] = (uint16_t)(OSUtils::jsonInt(r["start"],0ULL) & 0xffffULL); + rule.v.port[1] = (uint16_t)(OSUtils::jsonInt(r["end"],(uint64_t)rule.v.port[0]) & 0xffffULL); return true; } else if (t == "MATCH_IP_DEST_PORT_RANGE") { rule.t |= ZT_NETWORK_RULE_MATCH_IP_DEST_PORT_RANGE; - rule.v.port[0] = (uint16_t)(_jI(r["start"],0ULL) & 0xffffULL); - rule.v.port[1] = (uint16_t)(_jI(r["end"],(uint64_t)rule.v.port[0]) & 0xffffULL); + rule.v.port[0] = (uint16_t)(OSUtils::jsonInt(r["start"],0ULL) & 0xffffULL); + rule.v.port[1] = (uint16_t)(OSUtils::jsonInt(r["end"],(uint64_t)rule.v.port[0]) & 0xffffULL); return true; } else if (t == "MATCH_CHARACTERISTICS") { rule.t |= ZT_NETWORK_RULE_MATCH_CHARACTERISTICS; @@ -438,548 +390,96 @@ static bool _parseRule(json &r,ZT_VirtualNetworkRule &rule) return true; } else if (t == "MATCH_FRAME_SIZE_RANGE") { rule.t |= ZT_NETWORK_RULE_MATCH_FRAME_SIZE_RANGE; - rule.v.frameSize[0] = (uint16_t)(_jI(r["start"],0ULL) & 0xffffULL); - rule.v.frameSize[1] = (uint16_t)(_jI(r["end"],(uint64_t)rule.v.frameSize[0]) & 0xffffULL); + rule.v.frameSize[0] = (uint16_t)(OSUtils::jsonInt(r["start"],0ULL) & 0xffffULL); + rule.v.frameSize[1] = (uint16_t)(OSUtils::jsonInt(r["end"],(uint64_t)rule.v.frameSize[0]) & 0xffffULL); return true; } else if (t == "MATCH_RANDOM") { rule.t |= ZT_NETWORK_RULE_MATCH_RANDOM; - rule.v.randomProbability = (uint32_t)(_jI(r["probability"],0ULL) & 0xffffffffULL); + rule.v.randomProbability = (uint32_t)(OSUtils::jsonInt(r["probability"],0ULL) & 0xffffffffULL); + return true; } else if (t == "MATCH_TAGS_DIFFERENCE") { rule.t |= ZT_NETWORK_RULE_MATCH_TAGS_DIFFERENCE; - rule.v.tag.id = (uint32_t)(_jI(r["id"],0ULL) & 0xffffffffULL); - rule.v.tag.value = (uint32_t)(_jI(r["value"],0ULL) & 0xffffffffULL); - return true; + tag = true; } else if (t == "MATCH_TAGS_BITWISE_AND") { rule.t |= ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_AND; - rule.v.tag.id = (uint32_t)(_jI(r["id"],0ULL) & 0xffffffffULL); - rule.v.tag.value = (uint32_t)(_jI(r["value"],0ULL) & 0xffffffffULL); - return true; + tag = true; } else if (t == "MATCH_TAGS_BITWISE_OR") { rule.t |= ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_OR; - rule.v.tag.id = (uint32_t)(_jI(r["id"],0ULL) & 0xffffffffULL); - rule.v.tag.value = (uint32_t)(_jI(r["value"],0ULL) & 0xffffffffULL); - return true; + tag = true; } else if (t == "MATCH_TAGS_BITWISE_XOR") { rule.t |= ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_XOR; - rule.v.tag.id = (uint32_t)(_jI(r["id"],0ULL) & 0xffffffffULL); - rule.v.tag.value = (uint32_t)(_jI(r["value"],0ULL) & 0xffffffffULL); - return true; + tag = true; } else if (t == "MATCH_TAGS_EQUAL") { rule.t |= ZT_NETWORK_RULE_MATCH_TAGS_EQUAL; - rule.v.tag.id = (uint32_t)(_jI(r["id"],0ULL) & 0xffffffffULL); - rule.v.tag.value = (uint32_t)(_jI(r["value"],0ULL) & 0xffffffffULL); + tag = true; + } else if (t == "MATCH_TAG_SENDER") { + rule.t |= ZT_NETWORK_RULE_MATCH_TAG_SENDER; + tag = true; + } else if (t == "MATCH_TAG_RECEIVER") { + rule.t |= ZT_NETWORK_RULE_MATCH_TAG_RECEIVER; + tag = true; + } + if (tag) { + rule.v.tag.id = (uint32_t)(OSUtils::jsonInt(r["id"],0ULL) & 0xffffffffULL); + rule.v.tag.value = (uint32_t)(OSUtils::jsonInt(r["value"],0ULL) & 0xffffffffULL); return true; } + return false; } EmbeddedNetworkController::EmbeddedNetworkController(Node *node,const char *dbPath) : - _node(node), - _path(dbPath), - _daemonRun(true) + _threadsStarted(false), + _db(dbPath), + _node(node) { OSUtils::mkdir(dbPath); OSUtils::lockDownFile(dbPath,true); // networks might contain auth tokens, etc., so restrict directory permissions - _daemon = Thread::start(this); } EmbeddedNetworkController::~EmbeddedNetworkController() { + Mutex::Lock _l(_threads_m); + if (_threadsStarted) { + for(int i=0;i<(ZT_EMBEDDEDNETWORKCONTROLLER_BACKGROUND_THREAD_COUNT*2);++i) + _queue.post((_RQEntry *)0); + for(int i=0;i<ZT_EMBEDDEDNETWORKCONTROLLER_BACKGROUND_THREAD_COUNT;++i) + Thread::join(_threads[i]); + } } -void EmbeddedNetworkController::threadMain() - throw() +void EmbeddedNetworkController::init(const Identity &signingId,Sender *sender) { - uint64_t lastUpdatedNetworkMemberCache = 0; - while (_daemonRun) { - // Every 60 seconds we rescan the filesystem for network members and rebuild our cache - if ((OSUtils::now() - lastUpdatedNetworkMemberCache) >= 60000) { - const std::vector<std::string> networks(OSUtils::listSubdirectories((_path + ZT_PATH_SEPARATOR_S + "network").c_str())); - for(auto n=networks.begin();n!=networks.end();++n) { - if (n->length() == 16) { - const std::vector<std::string> members(OSUtils::listSubdirectories((*n + ZT_PATH_SEPARATOR_S + "member").c_str())); - std::map<Address,nlohmann::json> newCache; - for(auto m=members.begin();m!=members.end();++m) { - if (m->length() == ZT_ADDRESS_LENGTH_HEX) { - const Address maddr(*m); - try { - const json mj(_readJson((_path + ZT_PATH_SEPARATOR_S + "network" + ZT_PATH_SEPARATOR_S + *n + ZT_PATH_SEPARATOR_S + "member" + ZT_PATH_SEPARATOR_S + *m + ZT_PATH_SEPARATOR_S + "config.json"))); - if ((mj.is_object())&&(mj.size() > 0)) { - newCache[maddr] = mj; - } - } catch ( ... ) {} - } - } - { - Mutex::Lock _l(_networkMemberCache_m); - _networkMemberCache[Utils::hexStrToU64(n->c_str())] = newCache; - } - } - } - lastUpdatedNetworkMemberCache = OSUtils::now(); - } - - { // Every 25ms we push up to 50 network refreshes, which amounts to a max of about 300-500kb/sec - unsigned int count = 0; - Mutex::Lock _l(_refreshQueue_m); - while (_refreshQueue.size() > 0) { - _Refresh &r = _refreshQueue.front(); - //if (_node) - // _node->pushNetworkRefresh(r.dest,r.nwid,r.blacklistAddresses,r.blacklistThresholds,r.numBlacklistEntries); - _refreshQueue.pop_front(); - if (++count >= 50) - break; - } - } - - Thread::sleep(25); - } + this->_sender = sender; + this->_signingId = signingId; } -NetworkController::ResultCode EmbeddedNetworkController::doNetworkConfigRequest(const InetAddress &fromAddr,const Identity &signingId,const Identity &identity,uint64_t nwid,const Dictionary<ZT_NETWORKCONFIG_METADATA_DICT_CAPACITY> &metaData,NetworkConfig &nc) +void EmbeddedNetworkController::request( + uint64_t nwid, + const InetAddress &fromAddr, + uint64_t requestPacketId, + const Identity &identity, + const Dictionary<ZT_NETWORKCONFIG_METADATA_DICT_CAPACITY> &metaData) { - if (((!signingId)||(!signingId.hasPrivate()))||(signingId.address().toInt() != (nwid >> 24))) { - return NetworkController::NETCONF_QUERY_INTERNAL_SERVER_ERROR; - } - - const uint64_t now = OSUtils::now(); - - // Check rate limit circuit breaker to prevent flooding - { - Mutex::Lock _l(_lastRequestTime_m); - uint64_t &lrt = _lastRequestTime[std::pair<uint64_t,uint64_t>(identity.address().toInt(),nwid)]; - if ((now - lrt) <= ZT_NETCONF_MIN_REQUEST_PERIOD) - return NetworkController::NETCONF_QUERY_IGNORE; - lrt = now; - } - - json network(_readJson(_networkJP(nwid,false))); - if (!network.size()) - return NetworkController::NETCONF_QUERY_OBJECT_NOT_FOUND; - - const std::string memberJP(_memberJP(nwid,identity.address(),true)); - json member(_readJson(memberJP)); - _initMember(member); - - { - std::string haveIdStr(_jS(member["identity"],"")); - if (haveIdStr.length() > 0) { - // If we already know this member's identity perform a full compare. This prevents - // a "collision" from being able to auth onto our network in place of an already - // known member. - try { - if (Identity(haveIdStr.c_str()) != identity) - return NetworkController::NETCONF_QUERY_ACCESS_DENIED; - } catch ( ... ) { - return NetworkController::NETCONF_QUERY_ACCESS_DENIED; - } - } else { - // If we do not yet know this member's identity, learn it. - member["identity"] = identity.toString(false); - } - } - - // These are always the same, but make sure they are set - member["id"] = identity.address().toString(); - member["address"] = member["id"]; - member["nwid"] = network["id"]; - - // Determine whether and how member is authorized - const char *authorizedBy = (const char *)0; - if (_jB(member["authorized"],false)) { - authorizedBy = "memberIsAuthorized"; - } else if (!_jB(network["private"],true)) { - authorizedBy = "networkIsPublic"; - if (!member.count("authorized")) { - member["authorized"] = true; - json ah; - ah["a"] = true; - ah["by"] = authorizedBy; - ah["ts"] = now; - ah["ct"] = json(); - ah["c"] = json(); - member["authHistory"].push_back(ah); - member["lastModified"] = now; - json &revj = member["revision"]; - member["revision"] = (revj.is_number() ? ((uint64_t)revj + 1ULL) : 1ULL); - } - } else { - char presentedAuth[512]; - if (metaData.get(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_AUTH,presentedAuth,sizeof(presentedAuth)) > 0) { - presentedAuth[511] = (char)0; // sanity check - - // Check for bearer token presented by member - if ((strlen(presentedAuth) > 6)&&(!strncmp(presentedAuth,"token:",6))) { - const char *const presentedToken = presentedAuth + 6; - - json &authTokens = network["authTokens"]; - if (authTokens.is_array()) { - for(unsigned long i=0;i<authTokens.size();++i) { - json &token = authTokens[i]; - if (token.is_object()) { - const uint64_t expires = _jI(token["expires"],0ULL); - const uint64_t maxUses = _jI(token["maxUsesPerMember"],0ULL); - std::string tstr = _jS(token["token"],""); - - if (((expires == 0ULL)||(expires > now))&&(tstr == presentedToken)) { - bool usable = (maxUses == 0); - if (!usable) { - uint64_t useCount = 0; - json &ahist = member["authHistory"]; - if (ahist.is_array()) { - for(unsigned long j=0;j<ahist.size();++j) { - json &ah = ahist[j]; - if ((_jS(ah["ct"],"") == "token")&&(_jS(ah["c"],"") == tstr)&&(_jB(ah["a"],false))) - ++useCount; - } - } - usable = (useCount < maxUses); - } - if (usable) { - authorizedBy = "token"; - member["authorized"] = true; - json ah; - ah["a"] = true; - ah["by"] = authorizedBy; - ah["ts"] = now; - ah["ct"] = "token"; - ah["c"] = tstr; - member["authHistory"].push_back(ah); - member["lastModified"] = now; - json &revj = member["revision"]; - member["revision"] = (revj.is_number() ? ((uint64_t)revj + 1ULL) : 1ULL); - } - } - } - } - } - } - } - } + if (((!_signingId)||(!_signingId.hasPrivate()))||(_signingId.address().toInt() != (nwid >> 24))||(!_sender)) + return; - // Log this request { - json rlEntry = json::object(); - rlEntry["ts"] = now; - rlEntry["authorized"] = (authorizedBy) ? true : false; - rlEntry["authorizedBy"] = (authorizedBy) ? authorizedBy : ""; - rlEntry["clientMajorVersion"] = metaData.getUI(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_NODE_MAJOR_VERSION,0); - rlEntry["clientMinorVersion"] = metaData.getUI(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_NODE_MINOR_VERSION,0); - rlEntry["clientRevision"] = metaData.getUI(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_NODE_REVISION,0); - rlEntry["clientProtocolVersion"] = metaData.getUI(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_PROTOCOL_VERSION,0); - if (fromAddr) - rlEntry["fromAddr"] = fromAddr.toString(); - - json recentLog = json::array(); - recentLog.push_back(rlEntry); - json &oldLog = member["recentLog"]; - if (oldLog.is_array()) { - for(unsigned long i=0;i<oldLog.size();++i) { - recentLog.push_back(oldLog[i]); - if (recentLog.size() >= ZT_NETCONF_DB_MEMBER_HISTORY_LENGTH) - break; - } + Mutex::Lock _l(_threads_m); + if (!_threadsStarted) { + for(int i=0;i<ZT_EMBEDDEDNETWORKCONTROLLER_BACKGROUND_THREAD_COUNT;++i) + _threads[i] = Thread::start(this); } - member["recentLog"] = recentLog; - } - - // If they are not authorized, STOP! - if (!authorizedBy) { - _writeJson(memberJP,member); - return NetworkController::NETCONF_QUERY_ACCESS_DENIED; - } - - // ------------------------------------------------------------------------- - // If we made it this far, they are authorized. - // ------------------------------------------------------------------------- - - _NetworkMemberInfo nmi; - _getNetworkMemberInfo(now,nwid,nmi); - - // Compute credential TTL. This is the "moving window" for COM agreement and - // the global TTL for Capability and Tag objects. (The same value is used - // for both.) This is computed by reference to the last time we deauthorized - // a member, since within the time period since this event any temporal - // differences are not particularly relevant. - uint64_t credentialtmd = ZT_NETWORKCONFIG_DEFAULT_CREDENTIAL_TIME_MIN_MAX_DELTA; - if (now > nmi.mostRecentDeauthTime) - credentialtmd += (now - nmi.mostRecentDeauthTime); - if (credentialtmd > ZT_NETWORKCONFIG_DEFAULT_CREDENTIAL_TIME_MAX_MAX_DELTA) - credentialtmd = ZT_NETWORKCONFIG_DEFAULT_CREDENTIAL_TIME_MAX_MAX_DELTA; - - nc.networkId = nwid; - nc.type = _jB(network["private"],true) ? ZT_NETWORK_TYPE_PRIVATE : ZT_NETWORK_TYPE_PUBLIC; - nc.timestamp = now; - nc.credentialTimeMaxDelta = credentialtmd; - nc.revision = _jI(network["revision"],0ULL); - nc.issuedTo = identity.address(); - if (_jB(network["enableBroadcast"],true)) nc.flags |= ZT_NETWORKCONFIG_FLAG_ENABLE_BROADCAST; - if (_jB(network["allowPassiveBridging"],false)) nc.flags |= ZT_NETWORKCONFIG_FLAG_ALLOW_PASSIVE_BRIDGING; - Utils::scopy(nc.name,sizeof(nc.name),_jS(network["name"],"").c_str()); - nc.multicastLimit = (unsigned int)_jI(network["multicastLimit"],32ULL); - - for(std::set<Address>::const_iterator ab(nmi.activeBridges.begin());ab!=nmi.activeBridges.end();++ab) - nc.addSpecialist(*ab,ZT_NETWORKCONFIG_SPECIALIST_TYPE_ACTIVE_BRIDGE); - - json &v4AssignMode = network["v4AssignMode"]; - json &v6AssignMode = network["v6AssignMode"]; - json &ipAssignmentPools = network["ipAssignmentPools"]; - json &routes = network["routes"]; - json &rules = network["rules"]; - json &capabilities = network["capabilities"]; - json &memberCapabilities = member["capabilities"]; - json &memberTags = member["tags"]; - - if (rules.is_array()) { - for(unsigned long i=0;i<rules.size();++i) { - if (nc.ruleCount >= ZT_MAX_NETWORK_RULES) - break; - if (_parseRule(rules[i],nc.rules[nc.ruleCount])) - ++nc.ruleCount; - } - } - - if ((memberCapabilities.is_array())&&(memberCapabilities.size() > 0)&&(capabilities.is_array())) { - std::map< uint64_t,json * > capsById; - for(unsigned long i=0;i<capabilities.size();++i) { - json &cap = capabilities[i]; - if (cap.is_object()) - capsById[_jI(cap["id"],0ULL) & 0xffffffffULL] = ∩ - } - - for(unsigned long i=0;i<memberCapabilities.size();++i) { - const uint64_t capId = _jI(memberCapabilities[i],0ULL) & 0xffffffffULL; - json *cap = capsById[capId]; - if ((cap->is_object())&&(cap->size() > 0)) { - ZT_VirtualNetworkRule capr[ZT_MAX_CAPABILITY_RULES]; - unsigned int caprc = 0; - json &caprj = (*cap)["rules"]; - if ((caprj.is_array())&&(caprj.size() > 0)) { - for(unsigned long j=0;j<caprj.size();++j) { - if (caprc >= ZT_MAX_CAPABILITY_RULES) - break; - if (_parseRule(caprj[j],capr[caprc])) - ++caprc; - } - } - nc.capabilities[nc.capabilityCount] = Capability((uint32_t)capId,nwid,now,1,capr,caprc); - if (nc.capabilities[nc.capabilityCount].sign(signingId,identity.address())) - ++nc.capabilityCount; - if (nc.capabilityCount >= ZT_MAX_NETWORK_CAPABILITIES) - break; - } - } - } - - if (memberTags.is_array()) { - std::map< uint32_t,uint32_t > tagsById; - for(unsigned long i=0;i<memberTags.size();++i) { - json &t = memberTags[i]; - if ((t.is_array())&&(t.size() == 2)) - tagsById[(uint32_t)(_jI(t[0],0ULL) & 0xffffffffULL)] = (uint32_t)(_jI(t[1],0ULL) & 0xffffffffULL); - } - for(std::map< uint32_t,uint32_t >::const_iterator t(tagsById.begin());t!=tagsById.end();++t) { - if (nc.tagCount >= ZT_MAX_NETWORK_TAGS) - break; - nc.tags[nc.tagCount] = Tag(nwid,now,identity.address(),t->first,t->second); - if (nc.tags[nc.tagCount].sign(signingId)) - ++nc.tagCount; - } - } - - if (routes.is_array()) { - for(unsigned long i=0;i<routes.size();++i) { - if (nc.routeCount >= ZT_MAX_NETWORK_ROUTES) - break; - json &route = routes[i]; - json &target = route["target"]; - json &via = route["via"]; - if (target.is_string()) { - const InetAddress t(target.get<std::string>()); - InetAddress v; - if (via.is_string()) v.fromString(via.get<std::string>()); - if ((t.ss_family == AF_INET)||(t.ss_family == AF_INET6)) { - ZT_VirtualNetworkRoute *r = &(nc.routes[nc.routeCount]); - *(reinterpret_cast<InetAddress *>(&(r->target))) = t; - if (v.ss_family == t.ss_family) - *(reinterpret_cast<InetAddress *>(&(r->via))) = v; - ++nc.routeCount; - } - } - } - } - - const bool noAutoAssignIps = _jB(member["noAutoAssignIps"],false); - - if ((v6AssignMode.is_object())&&(!noAutoAssignIps)) { - if ((_jB(v6AssignMode["rfc4193"],false))&&(nc.staticIpCount < ZT_MAX_ZT_ASSIGNED_ADDRESSES)) { - nc.staticIps[nc.staticIpCount++] = InetAddress::makeIpv6rfc4193(nwid,identity.address().toInt()); - nc.flags |= ZT_NETWORKCONFIG_FLAG_ENABLE_IPV6_NDP_EMULATION; - } - if ((_jB(v6AssignMode["6plane"],false))&&(nc.staticIpCount < ZT_MAX_ZT_ASSIGNED_ADDRESSES)) { - nc.staticIps[nc.staticIpCount++] = InetAddress::makeIpv66plane(nwid,identity.address().toInt()); - nc.flags |= ZT_NETWORKCONFIG_FLAG_ENABLE_IPV6_NDP_EMULATION; - } - } - - bool haveManagedIpv4AutoAssignment = false; - bool haveManagedIpv6AutoAssignment = false; // "special" NDP-emulated address types do not count - json ipAssignments = member["ipAssignments"]; // we want to make a copy - if (ipAssignments.is_array()) { - for(unsigned long i=0;i<ipAssignments.size();++i) { - if (!ipAssignments[i].is_string()) - continue; - std::string ips = ipAssignments[i]; - InetAddress ip(ips); - - // IP assignments are only pushed if there is a corresponding local route. We also now get the netmask bits from - // this route, ignoring the netmask bits field of the assigned IP itself. Using that was worthless and a source - // of user error / poor UX. - int routedNetmaskBits = 0; - for(unsigned int rk=0;rk<nc.routeCount;++rk) { - if ( (!nc.routes[rk].via.ss_family) && (reinterpret_cast<const InetAddress *>(&(nc.routes[rk].target))->containsAddress(ip)) ) - routedNetmaskBits = reinterpret_cast<const InetAddress *>(&(nc.routes[rk].target))->netmaskBits(); - } - - if (routedNetmaskBits > 0) { - if (nc.staticIpCount < ZT_MAX_ZT_ASSIGNED_ADDRESSES) { - ip.setPort(routedNetmaskBits); - nc.staticIps[nc.staticIpCount++] = ip; - } - if (ip.ss_family == AF_INET) - haveManagedIpv4AutoAssignment = true; - else if (ip.ss_family == AF_INET6) - haveManagedIpv6AutoAssignment = true; - } - } - } else { - ipAssignments = json::array(); - } - - if ( (ipAssignmentPools.is_array()) && ((v6AssignMode.is_object())&&(_jB(v6AssignMode["zt"],false))) && (!haveManagedIpv6AutoAssignment) && (!noAutoAssignIps) ) { - for(unsigned long p=0;((p<ipAssignmentPools.size())&&(!haveManagedIpv6AutoAssignment));++p) { - json &pool = ipAssignmentPools[p]; - if (pool.is_object()) { - InetAddress ipRangeStart(_jS(pool["ipRangeStart"],"")); - InetAddress ipRangeEnd(_jS(pool["ipRangeEnd"],"")); - if ( (ipRangeStart.ss_family == AF_INET6) && (ipRangeEnd.ss_family == AF_INET6) ) { - uint64_t s[2],e[2],x[2],xx[2]; - memcpy(s,ipRangeStart.rawIpData(),16); - memcpy(e,ipRangeEnd.rawIpData(),16); - s[0] = Utils::ntoh(s[0]); - s[1] = Utils::ntoh(s[1]); - e[0] = Utils::ntoh(e[0]); - e[1] = Utils::ntoh(e[1]); - x[0] = s[0]; - x[1] = s[1]; - - for(unsigned int trialCount=0;trialCount<1000;++trialCount) { - if ((trialCount == 0)&&(e[1] > s[1])&&((e[1] - s[1]) >= 0xffffffffffULL)) { - // First see if we can just cram a ZeroTier ID into the higher 64 bits. If so do that. - xx[0] = Utils::hton(x[0]); - xx[1] = Utils::hton(x[1] + identity.address().toInt()); - } else { - // Otherwise pick random addresses -- this technically doesn't explore the whole range if the lower 64 bit range is >= 1 but that won't matter since that would be huge anyway - Utils::getSecureRandom((void *)xx,16); - if ((e[0] > s[0])) - xx[0] %= (e[0] - s[0]); - else xx[0] = 0; - if ((e[1] > s[1])) - xx[1] %= (e[1] - s[1]); - else xx[1] = 0; - xx[0] = Utils::hton(x[0] + xx[0]); - xx[1] = Utils::hton(x[1] + xx[1]); - } - - InetAddress ip6((const void *)xx,16,0); - - // Check if this IP is within a local-to-Ethernet routed network - int routedNetmaskBits = 0; - for(unsigned int rk=0;rk<nc.routeCount;++rk) { - if ( (!nc.routes[rk].via.ss_family) && (nc.routes[rk].target.ss_family == AF_INET6) && (reinterpret_cast<const InetAddress *>(&(nc.routes[rk].target))->containsAddress(ip6)) ) - routedNetmaskBits = reinterpret_cast<const InetAddress *>(&(nc.routes[rk].target))->netmaskBits(); - } - - // If it's routed, then try to claim and assign it and if successful end loop - if ((routedNetmaskBits > 0)&&(!nmi.allocatedIps.count(ip6))) { - ipAssignments.push_back(ip6.toIpString()); - member["ipAssignments"] = ipAssignments; - ip6.setPort((unsigned int)routedNetmaskBits); - if (nc.staticIpCount < ZT_MAX_ZT_ASSIGNED_ADDRESSES) - nc.staticIps[nc.staticIpCount++] = ip6; - haveManagedIpv6AutoAssignment = true; - break; - } - } - } - } - } - } - - if ( (ipAssignmentPools.is_array()) && ((v4AssignMode.is_object())&&(_jB(v4AssignMode["zt"],false))) && (!haveManagedIpv4AutoAssignment) && (!noAutoAssignIps) ) { - for(unsigned long p=0;((p<ipAssignmentPools.size())&&(!haveManagedIpv4AutoAssignment));++p) { - json &pool = ipAssignmentPools[p]; - if (pool.is_object()) { - InetAddress ipRangeStartIA(_jS(pool["ipRangeStart"],"")); - InetAddress ipRangeEndIA(_jS(pool["ipRangeEnd"],"")); - if ( (ipRangeStartIA.ss_family == AF_INET) && (ipRangeEndIA.ss_family == AF_INET) ) { - uint32_t ipRangeStart = Utils::ntoh((uint32_t)(reinterpret_cast<struct sockaddr_in *>(&ipRangeStartIA)->sin_addr.s_addr)); - uint32_t ipRangeEnd = Utils::ntoh((uint32_t)(reinterpret_cast<struct sockaddr_in *>(&ipRangeEndIA)->sin_addr.s_addr)); - if ((ipRangeEnd < ipRangeStart)||(ipRangeStart == 0)) - continue; - uint32_t ipRangeLen = ipRangeEnd - ipRangeStart; - - // Start with the LSB of the member's address - uint32_t ipTrialCounter = (uint32_t)(identity.address().toInt() & 0xffffffff); - - for(uint32_t k=ipRangeStart,trialCount=0;((k<=ipRangeEnd)&&(trialCount < 1000));++k,++trialCount) { - uint32_t ip = (ipRangeLen > 0) ? (ipRangeStart + (ipTrialCounter % ipRangeLen)) : ipRangeStart; - ++ipTrialCounter; - if ((ip & 0x000000ff) == 0x000000ff) - continue; // don't allow addresses that end in .255 - - // Check if this IP is within a local-to-Ethernet routed network - int routedNetmaskBits = -1; - for(unsigned int rk=0;rk<nc.routeCount;++rk) { - if (nc.routes[rk].target.ss_family == AF_INET) { - uint32_t targetIp = Utils::ntoh((uint32_t)(reinterpret_cast<const struct sockaddr_in *>(&(nc.routes[rk].target))->sin_addr.s_addr)); - int targetBits = Utils::ntoh((uint16_t)(reinterpret_cast<const struct sockaddr_in *>(&(nc.routes[rk].target))->sin_port)); - if ((ip & (0xffffffff << (32 - targetBits))) == targetIp) { - routedNetmaskBits = targetBits; - break; - } - } - } - - // If it's routed, then try to claim and assign it and if successful end loop - const InetAddress ip4(Utils::hton(ip),0); - if ((routedNetmaskBits > 0)&&(!nmi.allocatedIps.count(ip4))) { - ipAssignments.push_back(ip4.toIpString()); - member["ipAssignments"] = ipAssignments; - if (nc.staticIpCount < ZT_MAX_ZT_ASSIGNED_ADDRESSES) { - struct sockaddr_in *const v4ip = reinterpret_cast<struct sockaddr_in *>(&(nc.staticIps[nc.staticIpCount++])); - v4ip->sin_family = AF_INET; - v4ip->sin_port = Utils::hton((uint16_t)routedNetmaskBits); - v4ip->sin_addr.s_addr = Utils::hton(ip); - } - haveManagedIpv4AutoAssignment = true; - break; - } - } - } - } - } - } - - CertificateOfMembership com(now,credentialtmd,nwid,identity.address()); - if (com.sign(signingId)) { - nc.com = com; - } else { - return NETCONF_QUERY_INTERNAL_SERVER_ERROR; + _threadsStarted = true; } - _writeJson(memberJP,member); - return NetworkController::NETCONF_QUERY_OK; + _RQEntry *qe = new _RQEntry; + qe->nwid = nwid; + qe->requestPacketId = requestPacketId; + qe->fromAddr = fromAddr; + qe->identity = identity; + qe->metaData = metaData; + _queue.post(qe); } unsigned int EmbeddedNetworkController::handleControlPlaneHttpGET( @@ -997,7 +497,11 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpGET( char nwids[24]; Utils::snprintf(nwids,sizeof(nwids),"%.16llx",(unsigned long long)nwid); - json network(_readJson(_networkJP(nwid,false))); + json network; + { + Mutex::Lock _l(_db_m); + network = _db.get("network",nwids,0); + } if (!network.size()) return 404; @@ -1008,51 +512,40 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpGET( if (path.size() >= 4) { const uint64_t address = Utils::hexStrToU64(path[3].c_str()); - json member(_readJson(_memberJP(nwid,Address(address),false))); + json member; + { + Mutex::Lock _l(_db_m); + member = _db.get("network",nwids,"member",Address(address).toString(),0); + } if (!member.size()) return 404; _addMemberNonPersistedFields(member,OSUtils::now()); - responseBody = member.dump(2); + responseBody = OSUtils::jsonDump(member); responseContentType = "application/json"; return 200; } else { + Mutex::Lock _l(_db_m); + responseBody = "{"; - std::vector<std::string> members(OSUtils::listSubdirectories((_networkBP(nwid,false) + ZT_PATH_SEPARATOR_S + "member").c_str())); - for(std::vector<std::string>::iterator i(members.begin());i!=members.end();++i) { - if (i->length() == ZT_ADDRESS_LENGTH_HEX) { - json member(_readJson(_memberJP(nwid,Address(Utils::hexStrToU64(i->c_str())),false))); - if (member.size()) { - responseBody.append((responseBody.length() == 1) ? "\"" : ",\""); - responseBody.append(*i); - responseBody.append("\":"); - responseBody.append(_jS(member["revision"],"0")); - } + std::string pfx(std::string("network/") + nwids + "member/"); + _db.filter(pfx,120000,[&responseBody](const std::string &n,const json &member) { + if (member.size() > 0) { + responseBody.append((responseBody.length() == 1) ? "\"" : ",\""); + responseBody.append(OSUtils::jsonString(member["id"],"")); + responseBody.append("\":"); + responseBody.append(OSUtils::jsonString(member["revision"],"0")); } - } + return true; // never delete + }); responseBody.push_back('}'); responseContentType = "application/json"; return 200; } - } else if ((path[2] == "test")&&(path.size() >= 4)) { - - Mutex::Lock _l(_circuitTests_m); - std::map< uint64_t,_CircuitTestEntry >::iterator cte(_circuitTests.find(Utils::hexStrToU64(path[3].c_str()))); - if ((cte != _circuitTests.end())&&(cte->second.test)) { - - responseBody = "["; - responseBody.append(cte->second.jsonResults); - responseBody.push_back(']'); - responseContentType = "application/json"; - - return 200; - - } // else 404 - } // else 404 } else { @@ -1061,21 +554,28 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpGET( _NetworkMemberInfo nmi; _getNetworkMemberInfo(now,nwid,nmi); _addNetworkNonPersistedFields(network,now,nmi); - responseBody = network.dump(2); + responseBody = OSUtils::jsonDump(network); responseContentType = "application/json"; return 200; } } else if (path.size() == 1) { - responseBody = "["; - std::vector<std::string> networks(OSUtils::listSubdirectories((_path + ZT_PATH_SEPARATOR_S + "network").c_str())); - for(auto i(networks.begin());i!=networks.end();++i) { - if (i->length() == 16) { - responseBody.append((responseBody.length() == 1) ? "\"" : ",\""); - responseBody.append(*i); - responseBody.append("\""); - } + std::set<std::string> networkIds; + { + Mutex::Lock _l(_db_m); + _db.filter("network/",120000,[&networkIds](const std::string &n,const json &obj) { + if (n.length() == (16 + 8)) + networkIds.insert(n.substr(8)); + return true; // do not delete + }); + } + + responseBody.push_back('['); + for(std::set<std::string>::iterator i(networkIds.begin());i!=networkIds.end();++i) { + responseBody.append((responseBody.length() == 1) ? "\"" : ",\""); + responseBody.append(*i); + responseBody.append("\""); } responseBody.push_back(']'); responseContentType = "application/json"; @@ -1109,16 +609,12 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST( json b; try { - b = json::parse(body); + b = OSUtils::jsonParse(body); if (!b.is_object()) { responseBody = "{ \"message\": \"body is not a JSON object\" }"; responseContentType = "application/json"; return 400; } - } catch (std::exception &exc) { - responseBody = std::string("{ \"message\": \"body JSON is invalid: ") + exc.what() + "\" }"; - responseContentType = "application/json"; - return 400; } catch ( ... ) { responseBody = "{ \"message\": \"body JSON is invalid\" }"; responseContentType = "application/json"; @@ -1134,27 +630,30 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST( Utils::snprintf(nwids,sizeof(nwids),"%.16llx",(unsigned long long)nwid); if (path.size() >= 3) { - json network(_readJson(_networkJP(nwid,false))); - if (!network.size()) - return 404; if ((path.size() == 4)&&(path[2] == "member")&&(path[3].length() == 10)) { uint64_t address = Utils::hexStrToU64(path[3].c_str()); char addrs[24]; Utils::snprintf(addrs,sizeof(addrs),"%.10llx",(unsigned long long)address); - json member(_readJson(_memberJP(nwid,Address(address),true))); + json member; + { + Mutex::Lock _l(_db_m); + member = _db.get("network",nwids,"member",Address(address).toString(),0); + } + json origMember(member); // for detecting changes _initMember(member); try { - if (b.count("activeBridge")) member["activeBridge"] = _jB(b["activeBridge"],false); - if (b.count("noAutoAssignIps")) member["noAutoAssignIps"] = _jB(b["noAutoAssignIps"],false); - if ((b.count("identity"))&&(!member.count("identity"))) member["identity"] = _jS(b["identity"],""); // allow identity to be populated only if not already known + if (b.count("activeBridge")) member["activeBridge"] = OSUtils::jsonBool(b["activeBridge"],false); + if (b.count("noAutoAssignIps")) member["noAutoAssignIps"] = OSUtils::jsonBool(b["noAutoAssignIps"],false); if (b.count("authorized")) { - const bool newAuth = _jB(b["authorized"],false); - if (newAuth != _jB(member["authorized"],false)) { + const bool newAuth = OSUtils::jsonBool(b["authorized"],false); + if (newAuth != OSUtils::jsonBool(member["authorized"],false)) { member["authorized"] = newAuth; + member[((newAuth) ? "lastAuthorizedTime" : "lastDeauthorizedTime")] = now; + json ah; ah["a"] = newAuth; ah["by"] = "api"; @@ -1162,11 +661,23 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST( ah["ct"] = json(); ah["c"] = json(); member["authHistory"].push_back(ah); + + // Member is being de-authorized, so spray Revocation objects to all online members + if (!newAuth) { + _clearNetworkMemberInfoCache(nwid); + Revocation rev(_node->prng(),nwid,0,now,ZT_REVOCATION_FLAG_FAST_PROPAGATE,Address(address),Revocation::CREDENTIAL_TYPE_COM); + rev.sign(_signingId); + Mutex::Lock _l(_lastRequestTime_m); + for(std::map< std::pair<uint64_t,uint64_t>,uint64_t >::iterator i(_lastRequestTime.begin());i!=_lastRequestTime.end();++i) { + if ((now - i->second) < ZT_NETWORK_AUTOCONF_DELAY) + _node->ncSendRevocation(Address(i->first.first),rev); + } + } } } if (b.count("ipAssignments")) { - auto ipa = b["ipAssignments"]; + json &ipa = b["ipAssignments"]; if (ipa.is_array()) { json mipa(json::array()); for(unsigned long i=0;i<ipa.size();++i) { @@ -1181,13 +692,13 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST( } if (b.count("tags")) { - auto tags = b["tags"]; + json &tags = b["tags"]; if (tags.is_array()) { std::map<uint64_t,uint64_t> mtags; for(unsigned long i=0;i<tags.size();++i) { - auto tag = tags[i]; + json &tag = tags[i]; if ((tag.is_array())&&(tag.size() == 2)) - mtags[_jI(tag[0],0ULL) & 0xffffffffULL] = _jI(tag[1],0ULL) & 0xffffffffULL; + mtags[OSUtils::jsonInt(tag[0],0ULL) & 0xffffffffULL] = OSUtils::jsonInt(tag[1],0ULL) & 0xffffffffULL; } json mtagsa = json::array(); for(std::map<uint64_t,uint64_t>::iterator t(mtags.begin());t!=mtags.end();++t) { @@ -1201,11 +712,11 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST( } if (b.count("capabilities")) { - auto capabilities = b["capabilities"]; + json &capabilities = b["capabilities"]; if (capabilities.is_array()) { json mcaps = json::array(); for(unsigned long i=0;i<capabilities.size();++i) { - mcaps.push_back(_jI(capabilities[i],0ULL)); + mcaps.push_back(OSUtils::jsonInt(capabilities[i],0ULL)); } std::sort(mcaps.begin(),mcaps.end()); mcaps.erase(std::unique(mcaps.begin(),mcaps.end()),mcaps.end()); @@ -1221,37 +732,30 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST( member["id"] = addrs; member["address"] = addrs; // legacy member["nwid"] = nwids; - member["lastModified"] = now; - auto revj = member["revision"]; - member["revision"] = (revj.is_number() ? ((uint64_t)revj + 1ULL) : 1ULL); - - _writeJson(_memberJP(nwid,Address(address),true).c_str(),member); - - { - Mutex::Lock _l(_networkMemberCache_m); - _networkMemberCache[nwid][Address(address)] = member; - } - { - Mutex::Lock _l(_refreshQueue_m); - _refreshQueue.push_back(_Refresh()); - _Refresh &r = _refreshQueue.back(); - r.dest = Address(address); - r.nwid = nwid; - r.numBlacklistEntries = 0; + if (member != origMember) { + member["lastModified"] = now; + json &revj = member["revision"]; + member["revision"] = (revj.is_number() ? ((uint64_t)revj + 1ULL) : 1ULL); + { + Mutex::Lock _l(_db_m); + _db.put("network",nwids,"member",Address(address).toString(),member); + } + _pushMemberUpdate(now,nwid,member); } // Add non-persisted fields member["clock"] = now; - responseBody = member.dump(2); + responseBody = OSUtils::jsonDump(member); responseContentType = "application/json"; return 200; } else if ((path.size() == 3)&&(path[2] == "test")) { - Mutex::Lock _l(_circuitTests_m); + Mutex::Lock _l(_tests_m); - ZT_CircuitTest *test = (ZT_CircuitTest *)malloc(sizeof(ZT_CircuitTest)); + _tests.push_back(ZT_CircuitTest()); + ZT_CircuitTest *const test = &(_tests.back()); memset(test,0,sizeof(ZT_CircuitTest)); Utils::getSecureRandom(&(test->testId),sizeof(test->testId)); @@ -1260,22 +764,24 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST( json hops = b["hops"]; if (hops.is_array()) { for(unsigned long i=0;i<hops.size();++i) { - auto hops2 = hops[i]; + json &hops2 = hops[i]; if (hops2.is_array()) { for(unsigned long j=0;j<hops2.size();++j) { std::string s = hops2[j]; test->hops[test->hopCount].addresses[test->hops[test->hopCount].breadth++] = Utils::hexStrToU64(s.c_str()) & 0xffffffffffULL; } + ++test->hopCount; } else if (hops2.is_string()) { std::string s = hops2; test->hops[test->hopCount].addresses[test->hops[test->hopCount].breadth++] = Utils::hexStrToU64(s.c_str()) & 0xffffffffffULL; + ++test->hopCount; } } } - test->reportAtEveryHop = (_jB(b["reportAtEveryHop"],true) ? 1 : 0); + test->reportAtEveryHop = (OSUtils::jsonBool(b["reportAtEveryHop"],true) ? 1 : 0); if (!test->hopCount) { - ::free((void *)test); + _tests.pop_back(); responseBody = "{ \"message\": \"a test must contain at least one hop\" }"; responseContentType = "application/json"; return 400; @@ -1283,18 +789,18 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST( test->timestamp = OSUtils::now(); - _CircuitTestEntry &te = _circuitTests[test->testId]; - te.test = test; - te.jsonResults = ""; - - if (_node) + if (_node) { _node->circuitTestBegin(test,&(EmbeddedNetworkController::_circuitTestCallback)); - else return 500; + } else { + _tests.pop_back(); + return 500; + } - char json[1024]; - Utils::snprintf(json,sizeof(json),"{\"testId\":\"%.16llx\"}",test->testId); + char json[512]; + Utils::snprintf(json,sizeof(json),"{\"testId\":\"%.16llx\",\"timestamp\":%llu}",test->testId,test->timestamp); responseBody = json; responseContentType = "application/json"; + return 200; } // else 404 @@ -1302,42 +808,48 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST( } else { // POST to network ID - // Magic ID ending with ______ picks a random unused network ID - if (path[1].substr(10) == "______") { - nwid = 0; - uint64_t nwidPrefix = (Utils::hexStrToU64(path[1].substr(0,10).c_str()) << 24) & 0xffffffffff000000ULL; - uint64_t nwidPostfix = 0; - for(unsigned long k=0;k<100000;++k) { // sanity limit on trials - Utils::getSecureRandom(&nwidPostfix,sizeof(nwidPostfix)); - uint64_t tryNwid = nwidPrefix | (nwidPostfix & 0xffffffULL); - if ((tryNwid & 0xffffffULL) == 0ULL) tryNwid |= 1ULL; - Utils::snprintf(nwids,sizeof(nwids),"%.16llx",(unsigned long long)tryNwid); - if (!OSUtils::fileExists(_networkJP(tryNwid,false).c_str())) { - nwid = tryNwid; - break; + json network; + { + Mutex::Lock _l(_db_m); + + // Magic ID ending with ______ picks a random unused network ID + if (path[1].substr(10) == "______") { + nwid = 0; + uint64_t nwidPrefix = (Utils::hexStrToU64(path[1].substr(0,10).c_str()) << 24) & 0xffffffffff000000ULL; + uint64_t nwidPostfix = 0; + for(unsigned long k=0;k<100000;++k) { // sanity limit on trials + Utils::getSecureRandom(&nwidPostfix,sizeof(nwidPostfix)); + uint64_t tryNwid = nwidPrefix | (nwidPostfix & 0xffffffULL); + if ((tryNwid & 0xffffffULL) == 0ULL) tryNwid |= 1ULL; + Utils::snprintf(nwids,sizeof(nwids),"%.16llx",(unsigned long long)tryNwid); + if (_db.get("network",nwids,120000).size() <= 0) { + nwid = tryNwid; + break; + } } + if (!nwid) + return 503; } - if (!nwid) - return 503; - } - json network(_readJson(_networkJP(nwid,true))); + network = _db.get("network",nwids,0); + } + json origNetwork(network); // for detecting changes _initNetwork(network); try { - if (b.count("name")) network["name"] = _jS(b["name"],""); - if (b.count("private")) network["private"] = _jB(b["private"],true); - if (b.count("enableBroadcast")) network["enableBroadcast"] = _jB(b["enableBroadcast"],false); - if (b.count("allowPassiveBridging")) network["allowPassiveBridging"] = _jB(b["allowPassiveBridging"],false); - if (b.count("multicastLimit")) network["multicastLimit"] = _jI(b["multicastLimit"],32ULL); + if (b.count("name")) network["name"] = OSUtils::jsonString(b["name"],""); + if (b.count("private")) network["private"] = OSUtils::jsonBool(b["private"],true); + if (b.count("enableBroadcast")) network["enableBroadcast"] = OSUtils::jsonBool(b["enableBroadcast"],false); + if (b.count("allowPassiveBridging")) network["allowPassiveBridging"] = OSUtils::jsonBool(b["allowPassiveBridging"],false); + if (b.count("multicastLimit")) network["multicastLimit"] = OSUtils::jsonInt(b["multicastLimit"],32ULL); if (b.count("v4AssignMode")) { json nv4m; json &v4m = b["v4AssignMode"]; if (v4m.is_string()) { // backward compatibility - nv4m["zt"] = (_jS(v4m,"") == "zt"); + nv4m["zt"] = (OSUtils::jsonString(v4m,"") == "zt"); } else if (v4m.is_object()) { - nv4m["zt"] = _jB(v4m["zt"],false); + nv4m["zt"] = OSUtils::jsonBool(v4m["zt"],false); } else nv4m["zt"] = false; network["v4AssignMode"] = nv4m; } @@ -1347,7 +859,7 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST( json &v6m = b["v6AssignMode"]; if (!nv6m.is_object()) nv6m = json::object(); if (v6m.is_string()) { // backward compatibility - std::vector<std::string> v6ms(Utils::split(_jS(v6m,"").c_str(),",","","")); + std::vector<std::string> v6ms(OSUtils::split(OSUtils::jsonString(v6m,"").c_str(),",","","")); std::sort(v6ms.begin(),v6ms.end()); v6ms.erase(std::unique(v6ms.begin(),v6ms.end()),v6ms.end()); nv6m["rfc4193"] = false; @@ -1362,9 +874,9 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST( nv6m["6plane"] = true; } } else if (v6m.is_object()) { - if (v6m.count("rfc4193")) nv6m["rfc4193"] = _jB(v6m["rfc4193"],false); - if (v6m.count("zt")) nv6m["zt"] = _jB(v6m["zt"],false); - if (v6m.count("6plane")) nv6m["6plane"] = _jB(v6m["6plane"],false); + if (v6m.count("rfc4193")) nv6m["rfc4193"] = OSUtils::jsonBool(v6m["rfc4193"],false); + if (v6m.count("zt")) nv6m["zt"] = OSUtils::jsonBool(v6m["zt"],false); + if (v6m.count("6plane")) nv6m["6plane"] = OSUtils::jsonBool(v6m["6plane"],false); } else { nv6m["rfc4193"] = false; nv6m["zt"] = false; @@ -1406,10 +918,10 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST( if (ipp.is_array()) { json nipp = json::array(); for(unsigned long i=0;i<ipp.size();++i) { - auto ip = ipp[i]; + json &ip = ipp[i]; if ((ip.is_object())&&(ip.count("ipRangeStart"))&&(ip.count("ipRangeEnd"))) { - InetAddress f(_jS(ip["ipRangeStart"],"")); - InetAddress t(_jS(ip["ipRangeEnd"],"")); + InetAddress f(OSUtils::jsonString(ip["ipRangeStart"],"")); + InetAddress t(OSUtils::jsonString(ip["ipRangeEnd"],"")); if ( ((f.ss_family == AF_INET)||(f.ss_family == AF_INET6)) && (f.ss_family == t.ss_family) ) { json tmp = json::object(); tmp["ipRangeStart"] = f.toIpString(); @@ -1449,8 +961,8 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST( if (tstr.length() > 0) { json t = json::object(); t["token"] = tstr; - t["expires"] = _jI(token["expires"],0ULL); - t["maxUsesPerMember"] = _jI(token["maxUsesPerMember"],0ULL); + t["expires"] = OSUtils::jsonInt(token["expires"],0ULL); + t["maxUsesPerMember"] = OSUtils::jsonInt(token["maxUsesPerMember"],0ULL); nat.push_back(t); } } @@ -1467,14 +979,15 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST( json &cap = capabilities[i]; if (cap.is_object()) { json ncap = json::object(); - const uint64_t capId = _jI(cap["id"],0ULL); + const uint64_t capId = OSUtils::jsonInt(cap["id"],0ULL); ncap["id"] = capId; + ncap["default"] = OSUtils::jsonBool(cap["default"],false); json &rules = cap["rules"]; json nrules = json::array(); if (rules.is_array()) { for(unsigned long i=0;i<rules.size();++i) { - json rule = rules[i]; + json &rule = rules[i]; if (rule.is_object()) { ZT_VirtualNetworkRule ztr; if (_parseRule(rule,ztr)) @@ -1494,6 +1007,31 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST( network["capabilities"] = ncapsa; } } + + if (b.count("tags")) { + json &tags = b["tags"]; + if (tags.is_array()) { + std::map< uint64_t,json > ntags; + for(unsigned long i=0;i<tags.size();++i) { + json &tag = tags[i]; + if (tag.is_object()) { + json ntag = json::object(); + const uint64_t tagId = OSUtils::jsonInt(tag["id"],0ULL); + ntag["id"] = tagId; + if (tag.find("default") == tag.end()) + ntag["default"] = json(); + else ntag["default"] = OSUtils::jsonInt(tag["default"],0ULL); + ntags[tagId] = ntag; + } + } + + json ntagsa = json::array(); + for(std::map< uint64_t,json >::iterator t(ntags.begin());t!=ntags.end();++t) + ntagsa.push_back(t->second); + network["tags"] = ntagsa; + } + } + } catch ( ... ) { responseBody = "{ \"message\": \"exception occurred while parsing body variables\" }"; responseContentType = "application/json"; @@ -1502,17 +1040,28 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST( network["id"] = nwids; network["nwid"] = nwids; // legacy - auto rev = network["revision"]; - network["revision"] = (rev.is_number() ? ((uint64_t)rev + 1ULL) : 1ULL); - network["lastModified"] = now; - _writeJson(_networkJP(nwid,true),network); + if (network != origNetwork) { + json &revj = network["revision"]; + network["revision"] = (revj.is_number() ? ((uint64_t)revj + 1ULL) : 1ULL); + network["lastModified"] = now; + { + Mutex::Lock _l(_db_m); + _db.put("network",nwids,network); + } + + // Send an update to all members of the network + _db.filter((std::string("network/") + nwids + "/member/"),120000,[this,&now,&nwid](const std::string &n,const json &obj) { + _pushMemberUpdate(now,nwid,obj); + return true; // do not delete + }); + } _NetworkMemberInfo nmi; _getNetworkMemberInfo(now,nwid,nmi); _addNetworkNonPersistedFields(network,now,nmi); - responseBody = network.dump(2); + responseBody = OSUtils::jsonDump(network); responseContentType = "application/json"; return 200; } // else 404 @@ -1539,7 +1088,13 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpDELETE( if ((path.size() >= 2)&&(path[1].length() == 16)) { const uint64_t nwid = Utils::hexStrToU64(path[1].c_str()); - json network(_readJson(_networkJP(nwid,false))); + char nwids[24]; + Utils::snprintf(nwids,sizeof(nwids),"%.16llx",nwid); + json network; + { + Mutex::Lock _l(_db_m); + network = _db.get("network",nwids,0); + } if (!network.size()) return 404; @@ -1547,23 +1102,29 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpDELETE( if ((path.size() == 4)&&(path[2] == "member")&&(path[3].length() == 10)) { const uint64_t address = Utils::hexStrToU64(path[3].c_str()); - json member(_readJson(_memberJP(nwid,Address(address),false))); - if (!member.size()) - return 404; + Mutex::Lock _l(_db_m); - OSUtils::rmDashRf(_memberBP(nwid,Address(address),false).c_str()); + json member = _db.get("network",nwids,"member",Address(address).toString(),0); + _db.erase("network",nwids,"member",Address(address).toString()); - responseBody = member.dump(2); + if (!member.size()) + return 404; + responseBody = OSUtils::jsonDump(member); responseContentType = "application/json"; return 200; } } else { - OSUtils::rmDashRf(_networkBP(nwid,false).c_str()); - { - Mutex::Lock _l(_networkMemberCache_m); - _networkMemberCache.erase(nwid); - } - responseBody = network.dump(2); + Mutex::Lock _l(_db_m); + + std::string pfx("network/"); pfx.append(nwids); + _db.filter(pfx,120000,[](const std::string &n,const json &obj) { + return false; // delete + }); + + Mutex::Lock _l2(_nmiCache_m); + _nmiCache.erase(nwid); + + responseBody = OSUtils::jsonDump(network); responseContentType = "application/json"; return 200; } @@ -1574,52 +1135,70 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpDELETE( return 404; } +void EmbeddedNetworkController::threadMain() + throw() +{ + uint64_t lastCircuitTestCheck = 0; + for(;;) { + _RQEntry *const qe = _queue.get(); // waits on next request + if (!qe) break; // enqueue a NULL to terminate threads + try { + _request(qe->nwid,qe->fromAddr,qe->requestPacketId,qe->identity,qe->metaData); + } catch ( ... ) {} + delete qe; + + uint64_t now = OSUtils::now(); + if ((now - lastCircuitTestCheck) > ZT_EMBEDDEDNETWORKCONTROLLER_CIRCUIT_TEST_EXPIRATION) { + lastCircuitTestCheck = now; + Mutex::Lock _l(_tests_m); + for(std::list< ZT_CircuitTest >::iterator i(_tests.begin());i!=_tests.end();) { + if ((now - i->timestamp) > ZT_EMBEDDEDNETWORKCONTROLLER_CIRCUIT_TEST_EXPIRATION) { + _node->circuitTestEnd(&(*i)); + _tests.erase(i++); + } else ++i; + } + } + } +} + void EmbeddedNetworkController::_circuitTestCallback(ZT_Node *node,ZT_CircuitTest *test,const ZT_CircuitTestReport *report) { - char tmp[65535]; + char tmp[1024],id[128]; EmbeddedNetworkController *const self = reinterpret_cast<EmbeddedNetworkController *>(test->ptr); - if (!test) - return; - if (!report) - return; - - Mutex::Lock _l(self->_circuitTests_m); - std::map< uint64_t,_CircuitTestEntry >::iterator cte(self->_circuitTests.find(test->testId)); - - if (cte == self->_circuitTests.end()) { // sanity check: a circuit test we didn't launch? - self->_node->circuitTestEnd(test); - ::free((void *)test); - return; - } + if ((!test)||(!report)||(!test->credentialNetworkId)) return; // sanity check + const uint64_t now = OSUtils::now(); + Utils::snprintf(id,sizeof(id),"network/%.16llx/test/%.16llx-%.16llx-%.10llx-%.10llx",test->credentialNetworkId,test->testId,now,report->upstream,report->current); Utils::snprintf(tmp,sizeof(tmp), - "%s{\n" - "\t\"timestamp\": %llu," ZT_EOL_S - "\t\"testId\": \"%.16llx\"," ZT_EOL_S - "\t\"upstream\": \"%.10llx\"," ZT_EOL_S - "\t\"current\": \"%.10llx\"," ZT_EOL_S - "\t\"receivedTimestamp\": %llu," ZT_EOL_S - "\t\"sourcePacketId\": \"%.16llx\"," ZT_EOL_S - "\t\"flags\": %llu," ZT_EOL_S - "\t\"sourcePacketHopCount\": %u," ZT_EOL_S - "\t\"errorCode\": %u," ZT_EOL_S - "\t\"vendor\": %d," ZT_EOL_S - "\t\"protocolVersion\": %u," ZT_EOL_S - "\t\"majorVersion\": %u," ZT_EOL_S - "\t\"minorVersion\": %u," ZT_EOL_S - "\t\"revision\": %u," ZT_EOL_S - "\t\"platform\": %d," ZT_EOL_S - "\t\"architecture\": %d," ZT_EOL_S - "\t\"receivedOnLocalAddress\": \"%s\"," ZT_EOL_S - "\t\"receivedFromRemoteAddress\": \"%s\"" ZT_EOL_S - "}", - ((cte->second.jsonResults.length() > 0) ? ",\n" : ""), - (unsigned long long)report->timestamp, + "{\"id\": \"%s\"," + "\"timestamp\": %llu," + "\"networkId\": \"%.16llx\"," + "\"testId\": \"%.16llx\"," + "\"upstream\": \"%.10llx\"," + "\"current\": \"%.10llx\"," + "\"receivedTimestamp\": %llu," + "\"sourcePacketId\": \"%.16llx\"," + "\"flags\": %llu," + "\"sourcePacketHopCount\": %u," + "\"errorCode\": %u," + "\"vendor\": %d," + "\"protocolVersion\": %u," + "\"majorVersion\": %u," + "\"minorVersion\": %u," + "\"revision\": %u," + "\"platform\": %d," + "\"architecture\": %d," + "\"receivedOnLocalAddress\": \"%s\"," + "\"receivedFromRemoteAddress\": \"%s\"," + "\"receivedFromLinkQuality\": %f}", + id + 30, // last bit only, not leading path + (unsigned long long)test->timestamp, + (unsigned long long)test->credentialNetworkId, (unsigned long long)test->testId, (unsigned long long)report->upstream, (unsigned long long)report->current, - (unsigned long long)OSUtils::now(), + (unsigned long long)now, (unsigned long long)report->sourcePacketId, (unsigned long long)report->flags, report->sourcePacketHopCount, @@ -1632,49 +1211,632 @@ void EmbeddedNetworkController::_circuitTestCallback(ZT_Node *node,ZT_CircuitTes (int)report->platform, (int)report->architecture, reinterpret_cast<const InetAddress *>(&(report->receivedOnLocalAddress))->toString().c_str(), - reinterpret_cast<const InetAddress *>(&(report->receivedFromRemoteAddress))->toString().c_str()); + reinterpret_cast<const InetAddress *>(&(report->receivedFromRemoteAddress))->toString().c_str(), + ((double)report->receivedFromLinkQuality / (double)ZT_PATH_LINK_QUALITY_MAX)); - cte->second.jsonResults.append(tmp); + Mutex::Lock _l(self->_db_m); + self->_db.writeRaw(id,std::string(tmp)); } -void EmbeddedNetworkController::_getNetworkMemberInfo(uint64_t now,uint64_t nwid,_NetworkMemberInfo &nmi) +void EmbeddedNetworkController::_request( + uint64_t nwid, + const InetAddress &fromAddr, + uint64_t requestPacketId, + const Identity &identity, + const Dictionary<ZT_NETWORKCONFIG_METADATA_DICT_CAPACITY> &metaData) { - Mutex::Lock _mcl(_networkMemberCache_m); - std::map< Address,nlohmann::json > &memberCacheEntry = _networkMemberCache[nwid]; - nmi.totalMemberCount = memberCacheEntry.size(); - for(std::map< Address,nlohmann::json >::iterator nm(memberCacheEntry.begin());nm!=memberCacheEntry.end();++nm) { - if (_jB(nm->second["authorized"],false)) { - ++nmi.authorizedMemberCount; - - if (nm->second.count("recentLog")) { - json &mlog = nm->second["recentLog"]; - if ((mlog.is_array())&&(mlog.size() > 0)) { - json &mlog1 = mlog[0]; - if (mlog1.is_object()) { - if ((now - _jI(mlog1["ts"],0ULL)) < ZT_NETCONF_NODE_ACTIVE_THRESHOLD) - ++nmi.activeMemberCount; + if (((!_signingId)||(!_signingId.hasPrivate()))||(_signingId.address().toInt() != (nwid >> 24))||(!_sender)) + return; + + const uint64_t now = OSUtils::now(); + + if (requestPacketId) { + Mutex::Lock _l(_lastRequestTime_m); + uint64_t &lrt = _lastRequestTime[std::pair<uint64_t,uint64_t>(identity.address().toInt(),nwid)]; + if ((now - lrt) <= ZT_NETCONF_MIN_REQUEST_PERIOD) + return; + lrt = now; + } + + char nwids[24]; + Utils::snprintf(nwids,sizeof(nwids),"%.16llx",nwid); + json network; + json member; + { + Mutex::Lock _l(_db_m); + network = _db.get("network",nwids,0); + member = _db.get("network",nwids,"member",identity.address().toString(),0); + } + + if (!network.size()) { + _sender->ncSendError(nwid,requestPacketId,identity.address(),NetworkController::NC_ERROR_OBJECT_NOT_FOUND); + return; + } + + const bool newMember = (member.size() == 0); + + json origMember(member); // for detecting modification later + _initMember(member); + + { + std::string haveIdStr(OSUtils::jsonString(member["identity"],"")); + if (haveIdStr.length() > 0) { + // If we already know this member's identity perform a full compare. This prevents + // a "collision" from being able to auth onto our network in place of an already + // known member. + try { + if (Identity(haveIdStr.c_str()) != identity) { + _sender->ncSendError(nwid,requestPacketId,identity.address(),NetworkController::NC_ERROR_ACCESS_DENIED); + return; + } + } catch ( ... ) { + _sender->ncSendError(nwid,requestPacketId,identity.address(),NetworkController::NC_ERROR_ACCESS_DENIED); + return; + } + } else { + // If we do not yet know this member's identity, learn it. + member["identity"] = identity.toString(false); + } + } + + // These are always the same, but make sure they are set + member["id"] = identity.address().toString(); + member["address"] = member["id"]; + member["nwid"] = nwids; + + // Determine whether and how member is authorized + const char *authorizedBy = (const char *)0; + bool autoAuthorized = false; + json autoAuthCredentialType,autoAuthCredential; + if (OSUtils::jsonBool(member["authorized"],false)) { + authorizedBy = "memberIsAuthorized"; + } else if (!OSUtils::jsonBool(network["private"],true)) { + authorizedBy = "networkIsPublic"; + json &ahist = member["authHistory"]; + if ((!ahist.is_array())||(ahist.size() == 0)) + autoAuthorized = true; + } else { + char presentedAuth[512]; + if (metaData.get(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_AUTH,presentedAuth,sizeof(presentedAuth)) > 0) { + presentedAuth[511] = (char)0; // sanity check + + // Check for bearer token presented by member + if ((strlen(presentedAuth) > 6)&&(!strncmp(presentedAuth,"token:",6))) { + const char *const presentedToken = presentedAuth + 6; + + json &authTokens = network["authTokens"]; + if (authTokens.is_array()) { + for(unsigned long i=0;i<authTokens.size();++i) { + json &token = authTokens[i]; + if (token.is_object()) { + const uint64_t expires = OSUtils::jsonInt(token["expires"],0ULL); + const uint64_t maxUses = OSUtils::jsonInt(token["maxUsesPerMember"],0ULL); + std::string tstr = OSUtils::jsonString(token["token"],""); + + if (((expires == 0ULL)||(expires > now))&&(tstr == presentedToken)) { + bool usable = (maxUses == 0); + if (!usable) { + uint64_t useCount = 0; + json &ahist = member["authHistory"]; + if (ahist.is_array()) { + for(unsigned long j=0;j<ahist.size();++j) { + json &ah = ahist[j]; + if ((OSUtils::jsonString(ah["ct"],"") == "token")&&(OSUtils::jsonString(ah["c"],"") == tstr)&&(OSUtils::jsonBool(ah["a"],false))) + ++useCount; + } + } + usable = (useCount < maxUses); + } + if (usable) { + authorizedBy = "token"; + autoAuthorized = true; + autoAuthCredentialType = "token"; + autoAuthCredential = tstr; + } + } + } } } } + } + } - if (_jB(nm->second["activeBridge"],false)) { - nmi.activeBridges.insert(nm->first); + // If we auto-authorized, update member record + if ((autoAuthorized)&&(authorizedBy)) { + member["authorized"] = true; + member["lastAuthorizedTime"] = now; + + json ah; + ah["a"] = true; + ah["by"] = authorizedBy; + ah["ts"] = now; + ah["ct"] = autoAuthCredentialType; + ah["c"] = autoAuthCredential; + member["authHistory"].push_back(ah); + + json &revj = member["revision"]; + member["revision"] = (revj.is_number() ? ((uint64_t)revj + 1ULL) : 1ULL); + } + + // Log this request + if (requestPacketId) { // only log if this is a request, not for generated pushes + json rlEntry = json::object(); + rlEntry["ts"] = now; + rlEntry["auth"] = (authorizedBy) ? true : false; + rlEntry["authBy"] = (authorizedBy) ? authorizedBy : ""; + rlEntry["vMajor"] = metaData.getUI(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_NODE_MAJOR_VERSION,0); + rlEntry["vMinor"] = metaData.getUI(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_NODE_MINOR_VERSION,0); + rlEntry["vRev"] = metaData.getUI(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_NODE_REVISION,0); + rlEntry["vProto"] = metaData.getUI(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_PROTOCOL_VERSION,0); + if (fromAddr) + rlEntry["fromAddr"] = fromAddr.toString(); + + json recentLog = json::array(); + recentLog.push_back(rlEntry); + json &oldLog = member["recentLog"]; + if (oldLog.is_array()) { + for(unsigned long i=0;i<oldLog.size();++i) { + recentLog.push_back(oldLog[i]); + if (recentLog.size() >= ZT_NETCONF_DB_MEMBER_HISTORY_LENGTH) + break; } + } + member["recentLog"] = recentLog; - if (nm->second.count("ipAssignments")) { - json &mips = nm->second["ipAssignments"]; - if (mips.is_array()) { - for(unsigned long i=0;i<mips.size();++i) { - InetAddress mip(_jS(mips[i],"")); - if ((mip.ss_family == AF_INET)||(mip.ss_family == AF_INET6)) - nmi.allocatedIps.insert(mip); + // Also only do this on real requests + member["lastRequestMetaData"] = metaData.data(); + } + + // If they are not authorized, STOP! + if (!authorizedBy) { + if (origMember != member) { + member["lastModified"] = now; + Mutex::Lock _l(_db_m); + _db.put("network",nwids,"member",identity.address().toString(),member); + } + _sender->ncSendError(nwid,requestPacketId,identity.address(),NetworkController::NC_ERROR_ACCESS_DENIED); + return; + } + + // ------------------------------------------------------------------------- + // If we made it this far, they are authorized. + // ------------------------------------------------------------------------- + + NetworkConfig nc; + _NetworkMemberInfo nmi; + _getNetworkMemberInfo(now,nwid,nmi); + + uint64_t credentialtmd = ZT_NETWORKCONFIG_DEFAULT_CREDENTIAL_TIME_MAX_MAX_DELTA; + if (now > nmi.mostRecentDeauthTime) { + // If we recently de-authorized a member, shrink credential TTL/max delta to + // be below the threshold required to exclude it. Cap this to a min/max to + // prevent jitter or absurdly large values. + const uint64_t deauthWindow = now - nmi.mostRecentDeauthTime; + if (deauthWindow < ZT_NETWORKCONFIG_DEFAULT_CREDENTIAL_TIME_MIN_MAX_DELTA) { + credentialtmd = ZT_NETWORKCONFIG_DEFAULT_CREDENTIAL_TIME_MIN_MAX_DELTA; + } else if (deauthWindow < (ZT_NETWORKCONFIG_DEFAULT_CREDENTIAL_TIME_MAX_MAX_DELTA + 5000ULL)) { + credentialtmd = deauthWindow - 5000ULL; + } + } + + nc.networkId = nwid; + nc.type = OSUtils::jsonBool(network["private"],true) ? ZT_NETWORK_TYPE_PRIVATE : ZT_NETWORK_TYPE_PUBLIC; + nc.timestamp = now; + nc.credentialTimeMaxDelta = credentialtmd; + nc.revision = OSUtils::jsonInt(network["revision"],0ULL); + nc.issuedTo = identity.address(); + if (OSUtils::jsonBool(network["enableBroadcast"],true)) nc.flags |= ZT_NETWORKCONFIG_FLAG_ENABLE_BROADCAST; + if (OSUtils::jsonBool(network["allowPassiveBridging"],false)) nc.flags |= ZT_NETWORKCONFIG_FLAG_ALLOW_PASSIVE_BRIDGING; + Utils::scopy(nc.name,sizeof(nc.name),OSUtils::jsonString(network["name"],"").c_str()); + nc.multicastLimit = (unsigned int)OSUtils::jsonInt(network["multicastLimit"],32ULL); + + for(std::set<Address>::const_iterator ab(nmi.activeBridges.begin());ab!=nmi.activeBridges.end();++ab) { + nc.addSpecialist(*ab,ZT_NETWORKCONFIG_SPECIALIST_TYPE_ACTIVE_BRIDGE); + } + + json &v4AssignMode = network["v4AssignMode"]; + json &v6AssignMode = network["v6AssignMode"]; + json &ipAssignmentPools = network["ipAssignmentPools"]; + json &routes = network["routes"]; + json &rules = network["rules"]; + json &capabilities = network["capabilities"]; + json &tags = network["tags"]; + json &memberCapabilities = member["capabilities"]; + json &memberTags = member["tags"]; + + if (metaData.getUI(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_RULES_ENGINE_REV,0) <= 0) { + // Old versions with no rules engine support get an allow everything rule. + // Since rules are enforced bidirectionally, newer versions *will* still + // enforce rules on the inbound side. + nc.ruleCount = 1; + nc.rules[0].t = ZT_NETWORK_RULE_ACTION_ACCEPT; + } else { + if (rules.is_array()) { + for(unsigned long i=0;i<rules.size();++i) { + if (nc.ruleCount >= ZT_MAX_NETWORK_RULES) + break; + if (_parseRule(rules[i],nc.rules[nc.ruleCount])) + ++nc.ruleCount; + } + } + + std::map< uint64_t,json * > capsById; + if (!memberCapabilities.is_array()) + memberCapabilities = json::array(); + if (capabilities.is_array()) { + for(unsigned long i=0;i<capabilities.size();++i) { + json &cap = capabilities[i]; + if (cap.is_object()) { + const uint64_t id = OSUtils::jsonInt(cap["id"],0ULL) & 0xffffffffULL; + capsById[id] = ∩ + if ((newMember)&&(OSUtils::jsonBool(cap["default"],false))) { + bool have = false; + for(unsigned long i=0;i<memberCapabilities.size();++i) { + if (id == (OSUtils::jsonInt(memberCapabilities[i],0ULL) & 0xffffffffULL)) { + have = true; + break; + } + } + if (!have) + memberCapabilities.push_back(id); } } } - } else { - nmi.mostRecentDeauthTime = std::max(nmi.mostRecentDeauthTime,_jI(nm->second["lastDeauthorizedTime"],0ULL)); + } + for(unsigned long i=0;i<memberCapabilities.size();++i) { + const uint64_t capId = OSUtils::jsonInt(memberCapabilities[i],0ULL) & 0xffffffffULL; + std::map< uint64_t,json * >::const_iterator ctmp = capsById.find(capId); + if (ctmp != capsById.end()) { + json *cap = ctmp->second; + if ((cap)&&(cap->is_object())&&(cap->size() > 0)) { + ZT_VirtualNetworkRule capr[ZT_MAX_CAPABILITY_RULES]; + unsigned int caprc = 0; + json &caprj = (*cap)["rules"]; + if ((caprj.is_array())&&(caprj.size() > 0)) { + for(unsigned long j=0;j<caprj.size();++j) { + if (caprc >= ZT_MAX_CAPABILITY_RULES) + break; + if (_parseRule(caprj[j],capr[caprc])) + ++caprc; + } + } + nc.capabilities[nc.capabilityCount] = Capability((uint32_t)capId,nwid,now,1,capr,caprc); + if (nc.capabilities[nc.capabilityCount].sign(_signingId,identity.address())) + ++nc.capabilityCount; + if (nc.capabilityCount >= ZT_MAX_NETWORK_CAPABILITIES) + break; + } + } + } + + std::map< uint32_t,uint32_t > memberTagsById; + if (memberTags.is_array()) { + for(unsigned long i=0;i<memberTags.size();++i) { + json &t = memberTags[i]; + if ((t.is_array())&&(t.size() == 2)) + memberTagsById[(uint32_t)(OSUtils::jsonInt(t[0],0ULL) & 0xffffffffULL)] = (uint32_t)(OSUtils::jsonInt(t[1],0ULL) & 0xffffffffULL); + } + } + if (tags.is_array()) { // check network tags array for defaults that are not present in member tags + for(unsigned long i=0;i<tags.size();++i) { + json &t = tags[i]; + if (t.is_object()) { + const uint32_t id = (uint32_t)(OSUtils::jsonInt(t["id"],0) & 0xffffffffULL); + json &dfl = t["default"]; + if ((dfl.is_number())&&(memberTagsById.find(id) == memberTagsById.end())) { + memberTagsById[id] = (uint32_t)(OSUtils::jsonInt(dfl,0) & 0xffffffffULL); + json mt = json::array(); + mt.push_back(id); + mt.push_back(dfl); + memberTags.push_back(mt); // add default to member tags if not present + } + } + } + } + for(std::map< uint32_t,uint32_t >::const_iterator t(memberTagsById.begin());t!=memberTagsById.end();++t) { + if (nc.tagCount >= ZT_MAX_NETWORK_TAGS) + break; + nc.tags[nc.tagCount] = Tag(nwid,now,identity.address(),t->first,t->second); + if (nc.tags[nc.tagCount].sign(_signingId)) + ++nc.tagCount; + } + } + + if (routes.is_array()) { + for(unsigned long i=0;i<routes.size();++i) { + if (nc.routeCount >= ZT_MAX_NETWORK_ROUTES) + break; + json &route = routes[i]; + json &target = route["target"]; + json &via = route["via"]; + if (target.is_string()) { + const InetAddress t(target.get<std::string>()); + InetAddress v; + if (via.is_string()) v.fromString(via.get<std::string>()); + if ((t.ss_family == AF_INET)||(t.ss_family == AF_INET6)) { + ZT_VirtualNetworkRoute *r = &(nc.routes[nc.routeCount]); + *(reinterpret_cast<InetAddress *>(&(r->target))) = t; + if (v.ss_family == t.ss_family) + *(reinterpret_cast<InetAddress *>(&(r->via))) = v; + ++nc.routeCount; + } + } } } + + const bool noAutoAssignIps = OSUtils::jsonBool(member["noAutoAssignIps"],false); + + if ((v6AssignMode.is_object())&&(!noAutoAssignIps)) { + if ((OSUtils::jsonBool(v6AssignMode["rfc4193"],false))&&(nc.staticIpCount < ZT_MAX_ZT_ASSIGNED_ADDRESSES)) { + nc.staticIps[nc.staticIpCount++] = InetAddress::makeIpv6rfc4193(nwid,identity.address().toInt()); + nc.flags |= ZT_NETWORKCONFIG_FLAG_ENABLE_IPV6_NDP_EMULATION; + } + if ((OSUtils::jsonBool(v6AssignMode["6plane"],false))&&(nc.staticIpCount < ZT_MAX_ZT_ASSIGNED_ADDRESSES)) { + nc.staticIps[nc.staticIpCount++] = InetAddress::makeIpv66plane(nwid,identity.address().toInt()); + nc.flags |= ZT_NETWORKCONFIG_FLAG_ENABLE_IPV6_NDP_EMULATION; + } + } + + bool haveManagedIpv4AutoAssignment = false; + bool haveManagedIpv6AutoAssignment = false; // "special" NDP-emulated address types do not count + json ipAssignments = member["ipAssignments"]; // we want to make a copy + if (ipAssignments.is_array()) { + for(unsigned long i=0;i<ipAssignments.size();++i) { + if (!ipAssignments[i].is_string()) + continue; + std::string ips = ipAssignments[i]; + InetAddress ip(ips); + + // IP assignments are only pushed if there is a corresponding local route. We also now get the netmask bits from + // this route, ignoring the netmask bits field of the assigned IP itself. Using that was worthless and a source + // of user error / poor UX. + int routedNetmaskBits = 0; + for(unsigned int rk=0;rk<nc.routeCount;++rk) { + if ( (!nc.routes[rk].via.ss_family) && (reinterpret_cast<const InetAddress *>(&(nc.routes[rk].target))->containsAddress(ip)) ) + routedNetmaskBits = reinterpret_cast<const InetAddress *>(&(nc.routes[rk].target))->netmaskBits(); + } + + if (routedNetmaskBits > 0) { + if (nc.staticIpCount < ZT_MAX_ZT_ASSIGNED_ADDRESSES) { + ip.setPort(routedNetmaskBits); + nc.staticIps[nc.staticIpCount++] = ip; + } + if (ip.ss_family == AF_INET) + haveManagedIpv4AutoAssignment = true; + else if (ip.ss_family == AF_INET6) + haveManagedIpv6AutoAssignment = true; + } + } + } else { + ipAssignments = json::array(); + } + + if ( (ipAssignmentPools.is_array()) && ((v6AssignMode.is_object())&&(OSUtils::jsonBool(v6AssignMode["zt"],false))) && (!haveManagedIpv6AutoAssignment) && (!noAutoAssignIps) ) { + for(unsigned long p=0;((p<ipAssignmentPools.size())&&(!haveManagedIpv6AutoAssignment));++p) { + json &pool = ipAssignmentPools[p]; + if (pool.is_object()) { + InetAddress ipRangeStart(OSUtils::jsonString(pool["ipRangeStart"],"")); + InetAddress ipRangeEnd(OSUtils::jsonString(pool["ipRangeEnd"],"")); + if ( (ipRangeStart.ss_family == AF_INET6) && (ipRangeEnd.ss_family == AF_INET6) ) { + uint64_t s[2],e[2],x[2],xx[2]; + memcpy(s,ipRangeStart.rawIpData(),16); + memcpy(e,ipRangeEnd.rawIpData(),16); + s[0] = Utils::ntoh(s[0]); + s[1] = Utils::ntoh(s[1]); + e[0] = Utils::ntoh(e[0]); + e[1] = Utils::ntoh(e[1]); + x[0] = s[0]; + x[1] = s[1]; + + for(unsigned int trialCount=0;trialCount<1000;++trialCount) { + if ((trialCount == 0)&&(e[1] > s[1])&&((e[1] - s[1]) >= 0xffffffffffULL)) { + // First see if we can just cram a ZeroTier ID into the higher 64 bits. If so do that. + xx[0] = Utils::hton(x[0]); + xx[1] = Utils::hton(x[1] + identity.address().toInt()); + } else { + // Otherwise pick random addresses -- this technically doesn't explore the whole range if the lower 64 bit range is >= 1 but that won't matter since that would be huge anyway + Utils::getSecureRandom((void *)xx,16); + if ((e[0] > s[0])) + xx[0] %= (e[0] - s[0]); + else xx[0] = 0; + if ((e[1] > s[1])) + xx[1] %= (e[1] - s[1]); + else xx[1] = 0; + xx[0] = Utils::hton(x[0] + xx[0]); + xx[1] = Utils::hton(x[1] + xx[1]); + } + + InetAddress ip6((const void *)xx,16,0); + + // Check if this IP is within a local-to-Ethernet routed network + int routedNetmaskBits = 0; + for(unsigned int rk=0;rk<nc.routeCount;++rk) { + if ( (!nc.routes[rk].via.ss_family) && (nc.routes[rk].target.ss_family == AF_INET6) && (reinterpret_cast<const InetAddress *>(&(nc.routes[rk].target))->containsAddress(ip6)) ) + routedNetmaskBits = reinterpret_cast<const InetAddress *>(&(nc.routes[rk].target))->netmaskBits(); + } + + // If it's routed, then try to claim and assign it and if successful end loop + if ((routedNetmaskBits > 0)&&(!nmi.allocatedIps.count(ip6))) { + ipAssignments.push_back(ip6.toIpString()); + member["ipAssignments"] = ipAssignments; + ip6.setPort((unsigned int)routedNetmaskBits); + if (nc.staticIpCount < ZT_MAX_ZT_ASSIGNED_ADDRESSES) + nc.staticIps[nc.staticIpCount++] = ip6; + haveManagedIpv6AutoAssignment = true; + _clearNetworkMemberInfoCache(nwid); // clear cache to prevent IP assignment duplication on many rapid assigns + break; + } + } + } + } + } + } + + if ( (ipAssignmentPools.is_array()) && ((v4AssignMode.is_object())&&(OSUtils::jsonBool(v4AssignMode["zt"],false))) && (!haveManagedIpv4AutoAssignment) && (!noAutoAssignIps) ) { + for(unsigned long p=0;((p<ipAssignmentPools.size())&&(!haveManagedIpv4AutoAssignment));++p) { + json &pool = ipAssignmentPools[p]; + if (pool.is_object()) { + InetAddress ipRangeStartIA(OSUtils::jsonString(pool["ipRangeStart"],"")); + InetAddress ipRangeEndIA(OSUtils::jsonString(pool["ipRangeEnd"],"")); + if ( (ipRangeStartIA.ss_family == AF_INET) && (ipRangeEndIA.ss_family == AF_INET) ) { + uint32_t ipRangeStart = Utils::ntoh((uint32_t)(reinterpret_cast<struct sockaddr_in *>(&ipRangeStartIA)->sin_addr.s_addr)); + uint32_t ipRangeEnd = Utils::ntoh((uint32_t)(reinterpret_cast<struct sockaddr_in *>(&ipRangeEndIA)->sin_addr.s_addr)); + if ((ipRangeEnd < ipRangeStart)||(ipRangeStart == 0)) + continue; + uint32_t ipRangeLen = ipRangeEnd - ipRangeStart; + + // Start with the LSB of the member's address + uint32_t ipTrialCounter = (uint32_t)(identity.address().toInt() & 0xffffffff); + + for(uint32_t k=ipRangeStart,trialCount=0;((k<=ipRangeEnd)&&(trialCount < 1000));++k,++trialCount) { + uint32_t ip = (ipRangeLen > 0) ? (ipRangeStart + (ipTrialCounter % ipRangeLen)) : ipRangeStart; + ++ipTrialCounter; + if ((ip & 0x000000ff) == 0x000000ff) + continue; // don't allow addresses that end in .255 + + // Check if this IP is within a local-to-Ethernet routed network + int routedNetmaskBits = -1; + for(unsigned int rk=0;rk<nc.routeCount;++rk) { + if (nc.routes[rk].target.ss_family == AF_INET) { + uint32_t targetIp = Utils::ntoh((uint32_t)(reinterpret_cast<const struct sockaddr_in *>(&(nc.routes[rk].target))->sin_addr.s_addr)); + int targetBits = Utils::ntoh((uint16_t)(reinterpret_cast<const struct sockaddr_in *>(&(nc.routes[rk].target))->sin_port)); + if ((ip & (0xffffffff << (32 - targetBits))) == targetIp) { + routedNetmaskBits = targetBits; + break; + } + } + } + + // If it's routed, then try to claim and assign it and if successful end loop + const InetAddress ip4(Utils::hton(ip),0); + if ((routedNetmaskBits > 0)&&(!nmi.allocatedIps.count(ip4))) { + ipAssignments.push_back(ip4.toIpString()); + member["ipAssignments"] = ipAssignments; + if (nc.staticIpCount < ZT_MAX_ZT_ASSIGNED_ADDRESSES) { + struct sockaddr_in *const v4ip = reinterpret_cast<struct sockaddr_in *>(&(nc.staticIps[nc.staticIpCount++])); + v4ip->sin_family = AF_INET; + v4ip->sin_port = Utils::hton((uint16_t)routedNetmaskBits); + v4ip->sin_addr.s_addr = Utils::hton(ip); + } + haveManagedIpv4AutoAssignment = true; + _clearNetworkMemberInfoCache(nwid); // clear cache to prevent IP assignment duplication on many rapid assigns + break; + } + } + } + } + } + } + + // Issue a certificate of ownership for all static IPs + if (nc.staticIpCount) { + nc.certificatesOfOwnership[0] = CertificateOfOwnership(nwid,now,identity.address(),1); + for(unsigned int i=0;i<nc.staticIpCount;++i) + nc.certificatesOfOwnership[0].addThing(nc.staticIps[i]); + nc.certificatesOfOwnership[0].sign(_signingId); + nc.certificateOfOwnershipCount = 1; + } + + CertificateOfMembership com(now,credentialtmd,nwid,identity.address()); + if (com.sign(_signingId)) { + nc.com = com; + } else { + _sender->ncSendError(nwid,requestPacketId,identity.address(),NetworkController::NC_ERROR_INTERNAL_SERVER_ERROR); + return; + } + + if (member != origMember) { + member["lastModified"] = now; + Mutex::Lock _l(_db_m); + _db.put("network",nwids,"member",identity.address().toString(),member); + } + + _sender->ncSendConfig(nwid,requestPacketId,identity.address(),nc,metaData.getUI(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_VERSION,0) < 6); +} + +void EmbeddedNetworkController::_getNetworkMemberInfo(uint64_t now,uint64_t nwid,_NetworkMemberInfo &nmi) +{ + char pfx[256]; + Utils::snprintf(pfx,sizeof(pfx),"network/%.16llx/member",nwid); + + { + Mutex::Lock _l(_nmiCache_m); + std::map<uint64_t,_NetworkMemberInfo>::iterator c(_nmiCache.find(nwid)); + if ((c != _nmiCache.end())&&((now - c->second.nmiTimestamp) < 1000)) { // a short duration cache but limits CPU use on big networks + nmi = c->second; + return; + } + } + + { + Mutex::Lock _l(_db_m); + _db.filter(pfx,120000,[&nmi,&now](const std::string &n,const json &member) { + try { + if (OSUtils::jsonBool(member["authorized"],false)) { + ++nmi.authorizedMemberCount; + + if (member.count("recentLog")) { + const json &mlog = member["recentLog"]; + if ((mlog.is_array())&&(mlog.size() > 0)) { + const json &mlog1 = mlog[0]; + if (mlog1.is_object()) { + if ((now - OSUtils::jsonInt(mlog1["ts"],0ULL)) < ZT_NETCONF_NODE_ACTIVE_THRESHOLD) + ++nmi.activeMemberCount; + } + } + } + + if (OSUtils::jsonBool(member["activeBridge"],false)) { + nmi.activeBridges.insert(Address(Utils::hexStrToU64(OSUtils::jsonString(member["id"],"0000000000").c_str()))); + } + + if (member.count("ipAssignments")) { + const json &mips = member["ipAssignments"]; + if (mips.is_array()) { + for(unsigned long i=0;i<mips.size();++i) { + InetAddress mip(OSUtils::jsonString(mips[i],"")); + if ((mip.ss_family == AF_INET)||(mip.ss_family == AF_INET6)) + nmi.allocatedIps.insert(mip); + } + } + } + } else { + nmi.mostRecentDeauthTime = std::max(nmi.mostRecentDeauthTime,OSUtils::jsonInt(member["lastDeauthorizedTime"],0ULL)); + } + } catch ( ... ) {} + return true; + }); + } + nmi.nmiTimestamp = now; + + { + Mutex::Lock _l(_nmiCache_m); + _nmiCache[nwid] = nmi; + } +} + +void EmbeddedNetworkController::_pushMemberUpdate(uint64_t now,uint64_t nwid,const nlohmann::json &member) +{ + try { + const std::string idstr = member["identity"]; + const std::string mdstr = member["lastRequestMetaData"]; + if ((idstr.length() > 0)&&(mdstr.length() > 0)) { + const Identity id(idstr); + bool online; + { + Mutex::Lock _l(_lastRequestTime_m); + std::map< std::pair<uint64_t,uint64_t>,uint64_t >::iterator lrt(_lastRequestTime.find(std::pair<uint64_t,uint64_t>(id.address().toInt(),nwid))); + online = ( (lrt != _lastRequestTime.end()) && ((now - lrt->second) < ZT_NETWORK_AUTOCONF_DELAY) ); + } + if (online) { + Dictionary<ZT_NETWORKCONFIG_METADATA_DICT_CAPACITY> *metaData = new Dictionary<ZT_NETWORKCONFIG_METADATA_DICT_CAPACITY>(mdstr.c_str()); + try { + this->request(nwid,InetAddress(),0,id,*metaData); + } catch ( ... ) {} + delete metaData; + } + } + } catch ( ... ) {} } } // namespace ZeroTier diff --git a/controller/EmbeddedNetworkController.hpp b/controller/EmbeddedNetworkController.hpp index bce8890c..bca0956e 100644 --- a/controller/EmbeddedNetworkController.hpp +++ b/controller/EmbeddedNetworkController.hpp @@ -37,9 +37,18 @@ #include "../osdep/OSUtils.hpp" #include "../osdep/Thread.hpp" +#include "../osdep/BlockingQueue.hpp" #include "../ext/json/json.hpp" +#include "JSONDB.hpp" + +// Number of background threads to start -- not actually started until needed +#define ZT_EMBEDDEDNETWORKCONTROLLER_BACKGROUND_THREAD_COUNT 2 + +// TTL for circuit tests +#define ZT_EMBEDDEDNETWORKCONTROLLER_CIRCUIT_TEST_EXPIRATION 120000 + namespace ZeroTier { class Node; @@ -47,20 +56,21 @@ class Node; class EmbeddedNetworkController : public NetworkController { public: + /** + * @param node Parent node + * @param dbPath Path to store data + */ EmbeddedNetworkController(Node *node,const char *dbPath); virtual ~EmbeddedNetworkController(); - // Thread main method -- do not call directly - void threadMain() - throw(); + virtual void init(const Identity &signingId,Sender *sender); - virtual NetworkController::ResultCode doNetworkConfigRequest( + virtual void request( + uint64_t nwid, const InetAddress &fromAddr, - const Identity &signingId, + uint64_t requestPacketId, const Identity &identity, - uint64_t nwid, - const Dictionary<ZT_NETWORKCONFIG_METADATA_DICT_CAPACITY> &metaData, - NetworkConfig &nc); + const Dictionary<ZT_NETWORKCONFIG_METADATA_DICT_CAPACITY> &metaData); unsigned int handleControlPlaneHttpGET( const std::vector<std::string> &path, @@ -84,49 +94,33 @@ public: std::string &responseBody, std::string &responseContentType); + void threadMain() + throw(); + private: static void _circuitTestCallback(ZT_Node *node,ZT_CircuitTest *test,const ZT_CircuitTestReport *report); + void _request( + uint64_t nwid, + const InetAddress &fromAddr, + uint64_t requestPacketId, + const Identity &identity, + const Dictionary<ZT_NETWORKCONFIG_METADATA_DICT_CAPACITY> &metaData); - // Network base path and network JSON path - inline std::string _networkBP(const uint64_t nwid,bool create) - { - char tmp[64]; - std::string p(_path + ZT_PATH_SEPARATOR_S + "network"); - if (create) OSUtils::mkdir(p.c_str()); - p.push_back(ZT_PATH_SEPARATOR); - Utils::snprintf(tmp,sizeof(tmp),"%.16llx",nwid); - p.append(tmp); - if (create) OSUtils::mkdir(p.c_str()); - return p; - } - inline std::string _networkJP(const uint64_t nwid,bool create) - { - return (_networkBP(nwid,create) + ZT_PATH_SEPARATOR + "config.json"); - } - - // Member base path and member JSON path - inline std::string _memberBP(const uint64_t nwid,const Address &member,bool create) + struct _RQEntry { - std::string p(_networkBP(nwid,create)); - p.push_back(ZT_PATH_SEPARATOR); - p.append("member"); - if (create) OSUtils::mkdir(p.c_str()); - p.push_back(ZT_PATH_SEPARATOR); - p.append(member.toString()); - if (create) OSUtils::mkdir(p.c_str()); - return p; - } - inline std::string _memberJP(const uint64_t nwid,const Address &member,bool create) - { - return (_memberBP(nwid,member,create) + ZT_PATH_SEPARATOR + "config.json"); - } + uint64_t nwid; + uint64_t requestPacketId; + InetAddress fromAddr; + Identity identity; + Dictionary<ZT_NETWORKCONFIG_METADATA_DICT_CAPACITY> metaData; + }; + BlockingQueue<_RQEntry *> _queue; - // In-memory cache of network members - std::map< uint64_t,std::map< Address,nlohmann::json > > _networkMemberCache; - Mutex _networkMemberCache_m; + Thread _threads[ZT_EMBEDDEDNETWORKCONTROLLER_BACKGROUND_THREAD_COUNT]; + bool _threadsStarted; + Mutex _threads_m; // Gathers a bunch of statistics about members of a network, IP assignments, etc. that we need in various places - // This does lock _networkMemberCache_m struct _NetworkMemberInfo { _NetworkMemberInfo() : authorizedMemberCount(0),activeMemberCount(0),totalMemberCount(0),mostRecentDeauthTime(0) {} @@ -136,8 +130,18 @@ private: unsigned long activeMemberCount; unsigned long totalMemberCount; uint64_t mostRecentDeauthTime; + uint64_t nmiTimestamp; // time this NMI structure was computed }; + std::map<uint64_t,_NetworkMemberInfo> _nmiCache; + Mutex _nmiCache_m; void _getNetworkMemberInfo(uint64_t now,uint64_t nwid,_NetworkMemberInfo &nmi); + inline void _clearNetworkMemberInfoCache(const uint64_t nwid) + { + Mutex::Lock _l(_nmiCache_m); + _nmiCache.erase(nwid); + } + + void _pushMemberUpdate(uint64_t now,uint64_t nwid,const nlohmann::json &member); // These init objects with default and static/informational fields inline void _initMember(nlohmann::json &member) @@ -152,7 +156,8 @@ private: if (!member.count("creationTime")) member["creationTime"] = OSUtils::now(); if (!member.count("noAutoAssignIps")) member["noAutoAssignIps"] = false; if (!member.count("revision")) member["revision"] = 0ULL; - if (!member.count("enableBroadcast")) member["enableBroadcast"] = true; + if (!member.count("lastDeauthorizedTime")) member["lastDeauthorizedTime"] = 0ULL; + if (!member.count("lastAuthorizedTime")) member["lastAuthorizedTime"] = 0ULL; member["objtype"] = "member"; } inline void _initNetwork(nlohmann::json &network) @@ -161,17 +166,21 @@ private: if (!network.count("creationTime")) network["creationTime"] = OSUtils::now(); if (!network.count("name")) network["name"] = ""; if (!network.count("multicastLimit")) network["multicastLimit"] = (uint64_t)32; + if (!network.count("enableBroadcast")) network["enableBroadcast"] = true; if (!network.count("v4AssignMode")) network["v4AssignMode"] = {{"zt",false}}; if (!network.count("v6AssignMode")) network["v6AssignMode"] = {{"rfc4193",false},{"zt",false},{"6plane",false}}; if (!network.count("authTokens")) network["authTokens"] = nlohmann::json::array(); if (!network.count("capabilities")) network["capabilities"] = nlohmann::json::array(); + if (!network.count("tags")) network["tags"] = nlohmann::json::array(); + if (!network.count("routes")) network["routes"] = nlohmann::json::array(); if (!network.count("ipAssignmentPools")) network["ipAssignmentPools"] = nlohmann::json::array(); if (!network.count("rules")) { // If unspecified, rules are set to allow anything and behave like a flat L2 segment - network["rules"] = { + network["rules"] = {{ { "not",false }, + { "or", false }, { "type","ACTION_ACCEPT" } - }; + }}; } network["objtype"] = "network"; } @@ -187,37 +196,20 @@ private: member["clock"] = now; } - // These are const after construction + JSONDB _db; + Mutex _db_m; + Node *const _node; std::string _path; - // Circuit tests outstanding - struct _CircuitTestEntry - { - ZT_CircuitTest *test; - std::string jsonResults; - }; - std::map< uint64_t,_CircuitTestEntry > _circuitTests; - Mutex _circuitTests_m; - - // Last request time by address, for rate limitation - std::map< std::pair<uint64_t,uint64_t>,uint64_t > _lastRequestTime; - Mutex _lastRequestTime_m; + NetworkController::Sender *_sender; + Identity _signingId; - // Queue of network member refreshes to be pushed - struct _Refresh - { - Address dest; - uint64_t nwid; - uint64_t blacklistAddresses[64]; - uint64_t blacklistThresholds[64]; - unsigned int numBlacklistEntries; - }; - std::list< _Refresh > _refreshQueue; - Mutex _refreshQueue_m; + std::list< ZT_CircuitTest > _tests; + Mutex _tests_m; - Thread _daemon; - volatile bool _daemonRun; + std::map< std::pair<uint64_t,uint64_t>,uint64_t > _lastRequestTime; // last request time by <address,networkId> + Mutex _lastRequestTime_m; }; } // namespace ZeroTier diff --git a/controller/JSONDB.cpp b/controller/JSONDB.cpp new file mode 100644 index 00000000..1277aabb --- /dev/null +++ b/controller/JSONDB.cpp @@ -0,0 +1,184 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2015 ZeroTier, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#include "JSONDB.hpp" + +namespace ZeroTier { + +static const nlohmann::json _EMPTY_JSON(nlohmann::json::object()); + +bool JSONDB::writeRaw(const std::string &n,const std::string &obj) +{ + if (!_isValidObjectName(n)) + return false; + + const std::string path(_genPath(n,true)); + if (!path.length()) + return false; + + const std::string buf(obj); + if (!OSUtils::writeFile(path.c_str(),buf)) + return false; + + return true; +} + +bool JSONDB::put(const std::string &n,const nlohmann::json &obj) +{ + if (!_isValidObjectName(n)) + return false; + + const std::string path(_genPath(n,true)); + if (!path.length()) + return false; + + const std::string buf(OSUtils::jsonDump(obj)); + if (!OSUtils::writeFile(path.c_str(),buf)) + return false; + + _E &e = _db[n]; + e.obj = obj; + e.lastModifiedOnDisk = OSUtils::getLastModified(path.c_str()); + e.lastCheck = OSUtils::now(); + + return true; +} + +const nlohmann::json &JSONDB::get(const std::string &n,unsigned long maxSinceCheck) +{ + if (!_isValidObjectName(n)) + return _EMPTY_JSON; + + const uint64_t now = OSUtils::now(); + std::string buf; + std::map<std::string,_E>::iterator e(_db.find(n)); + + if (e != _db.end()) { + if ((now - e->second.lastCheck) <= (uint64_t)maxSinceCheck) + return e->second.obj; + + const std::string path(_genPath(n,false)); + if (!path.length()) // sanity check + return _EMPTY_JSON; + + // We are somewhat tolerant to momentary disk failures here. This may + // occur over e.g. EC2's elastic filesystem (NFS). + const uint64_t lm = OSUtils::getLastModified(path.c_str()); + if (e->second.lastModifiedOnDisk != lm) { + if (OSUtils::readFile(path.c_str(),buf)) { + try { + e->second.obj = OSUtils::jsonParse(buf); + e->second.lastModifiedOnDisk = lm; // don't update these if there is a parse error -- try again and again ASAP + e->second.lastCheck = now; + } catch ( ... ) {} // parse errors result in "holding pattern" behavior + } + } + + return e->second.obj; + } else { + const std::string path(_genPath(n,false)); + if (!path.length()) + return _EMPTY_JSON; + + if (!OSUtils::readFile(path.c_str(),buf)) + return _EMPTY_JSON; + + const uint64_t lm = OSUtils::getLastModified(path.c_str()); + _E &e2 = _db[n]; + try { + e2.obj = OSUtils::jsonParse(buf); + } catch ( ... ) { + e2.obj = _EMPTY_JSON; + buf = "{}"; + } + e2.lastModifiedOnDisk = lm; + e2.lastCheck = now; + + return e2.obj; + } +} + +void JSONDB::erase(const std::string &n) +{ + if (!_isValidObjectName(n)) + return; + + std::string path(_genPath(n,true)); + if (!path.length()) + return; + + OSUtils::rm(path.c_str()); + _db.erase(n); +} + +void JSONDB::_reload(const std::string &p) +{ + std::map<std::string,char> l(OSUtils::listDirectoryFull(p.c_str())); + for(std::map<std::string,char>::iterator li(l.begin());li!=l.end();++li) { + if (li->second == 'f') { + // assume p starts with _basePath, which it always does -- will throw otherwise + std::string n(p.substr(_basePath.length())); + while ((n.length() > 0)&&(n[0] == ZT_PATH_SEPARATOR)) n = n.substr(1); + if (ZT_PATH_SEPARATOR != '/') std::replace(n.begin(),n.end(),ZT_PATH_SEPARATOR,'/'); + if ((n.length() > 0)&&(n[n.length() - 1] != '/')) n.push_back('/'); + n.append(li->first); + if ((n.length() > 5)&&(n.substr(n.length() - 5) == ".json")) { + this->get(n.substr(0,n.length() - 5),0); // causes load and cache or update + } + } else if (li->second == 'd') { + this->_reload(p + ZT_PATH_SEPARATOR + li->first); + } + } +} + +bool JSONDB::_isValidObjectName(const std::string &n) +{ + if (n.length() == 0) + return false; + const char *p = n.c_str(); + char c; + // For security reasons we should not allow dots, backslashes, or other path characters or potential path characters. + while ((c = *(p++))) { + if (!( ((c >= 'a')&&(c <= 'z')) || ((c >= 'A')&&(c <= 'Z')) || ((c >= '0')&&(c <= '9')) || (c == '/') || (c == '_') || (c == '~') || (c == '-') )) + return false; + } + return true; +} + +std::string JSONDB::_genPath(const std::string &n,bool create) +{ + std::vector<std::string> pt(OSUtils::split(n.c_str(),"/","","")); + if (pt.size() == 0) + return std::string(); + + std::string p(_basePath); + if (create) OSUtils::mkdir(p.c_str()); + for(unsigned long i=0,j=(unsigned long)(pt.size()-1);i<j;++i) { + p.push_back(ZT_PATH_SEPARATOR); + p.append(pt[i]); + if (create) OSUtils::mkdir(p.c_str()); + } + + p.push_back(ZT_PATH_SEPARATOR); + p.append(pt[pt.size()-1]); + p.append(".json"); + + return p; +} + +} // namespace ZeroTier diff --git a/controller/JSONDB.hpp b/controller/JSONDB.hpp new file mode 100644 index 00000000..5b7c5e50 --- /dev/null +++ b/controller/JSONDB.hpp @@ -0,0 +1,118 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2015 ZeroTier, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef ZT_JSONDB_HPP +#define ZT_JSONDB_HPP + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include <string> +#include <map> +#include <stdexcept> +#include <vector> +#include <algorithm> + +#include "../node/Constants.hpp" +#include "../node/Utils.hpp" +#include "../ext/json/json.hpp" +#include "../osdep/OSUtils.hpp" + +namespace ZeroTier { + +/** + * Hierarchical JSON store that persists into the filesystem + */ +class JSONDB +{ +public: + JSONDB(const std::string &basePath) : + _basePath(basePath) + { + _reload(_basePath); + } + + inline void reload() + { + _db.clear(); + _reload(_basePath); + } + + bool writeRaw(const std::string &n,const std::string &obj); + + bool put(const std::string &n,const nlohmann::json &obj); + + inline bool put(const std::string &n1,const std::string &n2,const nlohmann::json &obj) { return this->put((n1 + "/" + n2),obj); } + inline bool put(const std::string &n1,const std::string &n2,const std::string &n3,const nlohmann::json &obj) { return this->put((n1 + "/" + n2 + "/" + n3),obj); } + inline bool put(const std::string &n1,const std::string &n2,const std::string &n3,const std::string &n4,const nlohmann::json &obj) { return this->put((n1 + "/" + n2 + "/" + n3 + "/" + n4),obj); } + inline bool put(const std::string &n1,const std::string &n2,const std::string &n3,const std::string &n4,const std::string &n5,const nlohmann::json &obj) { return this->put((n1 + "/" + n2 + "/" + n3 + "/" + n4 + "/" + n5),obj); } + + const nlohmann::json &get(const std::string &n,unsigned long maxSinceCheck = 0); + + inline const nlohmann::json &get(const std::string &n1,const std::string &n2,unsigned long maxSinceCheck = 0) { return this->get((n1 + "/" + n2),maxSinceCheck); } + inline const nlohmann::json &get(const std::string &n1,const std::string &n2,const std::string &n3,unsigned long maxSinceCheck = 0) { return this->get((n1 + "/" + n2 + "/" + n3),maxSinceCheck); } + inline const nlohmann::json &get(const std::string &n1,const std::string &n2,const std::string &n3,const std::string &n4,unsigned long maxSinceCheck = 0) { return this->get((n1 + "/" + n2 + "/" + n3 + "/" + n4),maxSinceCheck); } + inline const nlohmann::json &get(const std::string &n1,const std::string &n2,const std::string &n3,const std::string &n4,const std::string &n5,unsigned long maxSinceCheck = 0) { return this->get((n1 + "/" + n2 + "/" + n3 + "/" + n4 + "/" + n5),maxSinceCheck); } + + void erase(const std::string &n); + + inline void erase(const std::string &n1,const std::string &n2) { this->erase(n1 + "/" + n2); } + inline void erase(const std::string &n1,const std::string &n2,const std::string &n3) { this->erase(n1 + "/" + n2 + "/" + n3); } + inline void erase(const std::string &n1,const std::string &n2,const std::string &n3,const std::string &n4) { this->erase(n1 + "/" + n2 + "/" + n3 + "/" + n4); } + inline void erase(const std::string &n1,const std::string &n2,const std::string &n3,const std::string &n4,const std::string &n5) { this->erase(n1 + "/" + n2 + "/" + n3 + "/" + n4 + "/" + n5); } + + template<typename F> + inline void filter(const std::string &prefix,unsigned long maxSinceCheck,F func) + { + for(std::map<std::string,_E>::iterator i(_db.lower_bound(prefix));i!=_db.end();) { + if ((i->first.length() >= prefix.length())&&(!memcmp(i->first.data(),prefix.data(),prefix.length()))) { + if (!func(i->first,get(i->first,maxSinceCheck))) { + std::map<std::string,_E>::iterator i2(i); ++i2; + this->erase(i->first); + i = i2; + } else ++i; + } else break; + } + } + + inline bool operator==(const JSONDB &db) const { return ((_basePath == db._basePath)&&(_db == db._db)); } + inline bool operator!=(const JSONDB &db) const { return (!(*this == db)); } + +private: + void _reload(const std::string &p); + bool _isValidObjectName(const std::string &n); + std::string _genPath(const std::string &n,bool create); + + struct _E + { + nlohmann::json obj; + uint64_t lastModifiedOnDisk; + uint64_t lastCheck; + + inline bool operator==(const _E &e) const { return (obj == e.obj); } + inline bool operator!=(const _E &e) const { return (obj != e.obj); } + }; + + std::string _basePath; + std::map<std::string,_E> _db; +}; + +} // namespace ZeroTier + +#endif diff --git a/controller/README.md b/controller/README.md index 805641d9..db8d0153 100644 --- a/controller/README.md +++ b/controller/README.md @@ -7,7 +7,7 @@ As of ZeroTier One version 1.2.0 this code is included in normal builds for desk Controller data is stored in JSON format under `controller.d` in the ZeroTier working directory. It can be copied, rsync'd, placed in `git`, etc. The files under `controller.d` should not be modified in place while the controller is running or data loss may result, and if they are edited directly take care not to save corrupt JSON since that can also lead to data loss when the controller is restarted. Going through the API is strongly preferred to directly modifying these files. -### Upgrading from Older Versions +### Upgrading from Older (1.1.14 or earlier) Versions Older versions of this code used a SQLite database instead of in-filesystem JSON. A migration utility called `migrate-sqlite` is included here and *must* be used to migrate this data to the new format. If the controller is started with an old `controller.db` in its working directory it will terminate after printing an error to *stderr*. This is done to prevent "surprises" for those running DIY controllers using the old code. @@ -15,15 +15,9 @@ The migration tool is written in nodeJS and can be used like this: cd migrate-sqlite npm install - node migrate-sqlite.js <path to ZeroTier working directory> + node migrate.js </path/to/controller.db> </path/to/controller.d> -You may need to `sudo node ...` if the ZeroTier working directory is owned by root. - -This code will dump the contents of any `controller.db` in the ZeroTier working directory and recreate its data in the form of JSON objects under `controller.d`. The old `controller.db` will then be renamed to `controller.db.migrated` and the controller will start normally. - -After migrating make sure that the contents of `controller.d` are owned and writable by the user that will be running the ZeroTier controller process! (Usually this is root but controllers that don't also join networks are sometimes run as unprivileged users.) - -If you don't have nodeJS on the machine running ZeroTier it is perfectly fine to just copy `controller.db` to a directory on another machine and run the migration tool there. After running your migration the contents of `controller.d` can be tar'd up and copied back over to the controller. Just remember to rename or remove `controller.db` on the controller machine afterwords so the controller will start. +Very old versions of nodeJS may have issues. We tested it with version 7. ### Scalability and Reliability @@ -243,11 +237,12 @@ Note that managed IP assignments are only used if they fall within a managed rou | Field | Type | Description | | --------------------- | ------------- | ------------------------------------------------- | | ts | integer | Time of request, ms since epoch | -| authorized | boolean | Was member authorized? | -| clientMajorVersion | integer | Client major version or -1 if unknown | -| clientMinorVersion | integer | Client minor version or -1 if unknown | -| clientRevision | integer | Client revision or -1 if unknown | -| clientProtocolVersion | integer | ZeroTier protocol version reported by client | +| auth | boolean | Was member authorized? | +| authBy | string | How was member authorized? | +| vMajor | integer | Client major version or -1 if unknown | +| vMinor | integer | Client minor version or -1 if unknown | +| vRev | integer | Client revision or -1 if unknown | +| vProto | integer | ZeroTier protocol version reported by client | | fromAddr | string | Physical address if known | The controller can only know a member's `fromAddr` if it's able to establish a direct path to it. Members behind very restrictive firewalls may not have this information since the controller will be receiving the member's requests by way of a relay. ZeroTier does not back-trace IP paths as packets are relayed since this would add a lot of protocol overhead. diff --git a/controller/migrate-sqlite/migrate.js b/controller/migrate-sqlite/migrate.js new file mode 100644 index 00000000..ac9678a7 --- /dev/null +++ b/controller/migrate-sqlite/migrate.js @@ -0,0 +1,320 @@ +'use strict'; + +var sqlite3 = require('sqlite3').verbose(); +var fs = require('fs'); +var async = require('async'); + +function blobToIPv4(b) +{ + if (!b) + return null; + if (b.length !== 16) + return null; + return b.readUInt8(12).toString()+'.'+b.readUInt8(13).toString()+'.'+b.readUInt8(14).toString()+'.'+b.readUInt8(15).toString(); +} +function blobToIPv6(b) +{ + if (!b) + return null; + if (b.length !== 16) + return null; + var s = ''; + for(var i=0;i<16;++i) { + var x = b.readUInt8(i).toString(16); + if (x.length === 1) + s += '0'; + s += x; + if ((((i+1) & 1) === 0)&&(i !== 15)) + s += ':'; + } + return s; +} + +if (process.argv.length !== 4) { + console.log('ZeroTier Old Sqlite3 Controller DB Migration Utility'); + console.log('(c)2017 ZeroTier, Inc. [GPL3]'); + console.log(''); + console.log('Usage: node migrate.js </path/to/controller.db> </path/to/controller.d>'); + console.log(''); + console.log('The first argument must be the path to the old Sqlite3 controller.db'); + console.log('file. The second must be the path to the EMPTY controller.d database'); + console.log('directory for a new (1.1.17 or newer) controller. If this path does'); + console.log('not exist it will be created.'); + console.log(''); + console.log('WARNING: this will ONLY work correctly on a 1.1.14 controller database.'); + console.log('If your controller is old you should first upgrade to 1.1.14 and run the'); + console.log('controller so that it will brings its Sqlite3 database up to the latest'); + console.log('version before running this migration.'); + console.log(''); + process.exit(1); +} + +var oldDbPath = process.argv[2]; +var newDbPath = process.argv[3]; + +console.log('Starting migrate of "'+oldDbPath+'" to "'+newDbPath+'"...'); +console.log(''); + +var old = new sqlite3.Database(oldDbPath); + +var networks = {}; + +var nodeIdentities = {}; +var networkCount = 0; +var memberCount = 0; +var routeCount = 0; +var ipAssignmentPoolCount = 0; +var ipAssignmentCount = 0; +var ruleCount = 0; +var oldSchemaVersion = -1; + +async.series([function(nextStep) { + + old.each('SELECT v from Config WHERE k = \'schemaVersion\'',function(err,row) { + oldSchemaVersion = parseInt(row.v)||-1; + },nextStep); + +},function(nextStep) { + + if (oldSchemaVersion !== 4) { + console.log('FATAL: this MUST be run on a 1.1.14 controller.db! Upgrade your old'); + console.log('controller to 1.1.14 first and run it once to bring its DB up to date.'); + return process.exit(1); + } + + console.log('Reading networks...'); + old.each('SELECT * FROM Network',function(err,row) { + if ((typeof row.id === 'string')&&(row.id.length === 16)) { + var flags = parseInt(row.flags)||0; + networks[row.id] = { + id: row.id, + nwid: row.id, + objtype: 'network', + authTokens: [], + capabilities: [], + creationTime: parseInt(row.creationTime)||0, + enableBroadcast: !!row.enableBroadcast, + ipAssignmentPools: [], + lastModified: Date.now(), + multicastLimit: row.multicastLimit||32, + name: row.name||'', + private: !!row.private, + revision: parseInt(row.revision)||1, + rules: [{ 'type': 'ACTION_ACCEPT' }], // populated later if there are defined rules, otherwise default is allow all + routes: [], + v4AssignMode: { + 'zt': ((flags & 1) !== 0) + }, + v6AssignMode: { + '6plane': ((flags & 4) !== 0), + 'rfc4193': ((flags & 2) !== 0), + 'zt': ((flags & 8) !== 0) + }, + _members: {} // temporary + }; + ++networkCount; + //console.log(networks[row.id]); + } + },nextStep); + +},function(nextStep) { + + console.log(' '+networkCount+' networks.'); + console.log('Reading network route definitions...'); + old.each('SELECT * from Route WHERE ipVersion = 4 OR ipVersion = 6',function(err,row) { + var network = networks[row.networkId]; + if (network) { + var rt = { + target: (((row.ipVersion == 4) ? blobToIPv4(row.target) : blobToIPv6(row.target))+'/'+row.targetNetmaskBits), + via: ((row.via) ? ((row.ipVersion == 4) ? blobToIPv4(row.via) : blobToIPv6(row.via)) : null) + }; + network.routes.push(rt); + ++routeCount; + } + },nextStep); + +},function(nextStep) { + + console.log(' '+routeCount+' routes in '+networkCount+' networks.'); + console.log('Reading IP assignment pools...'); + old.each('SELECT * FROM IpAssignmentPool WHERE ipVersion = 4 OR ipVersion = 6',function(err,row) { + var network = networks[row.networkId]; + if (network) { + var p = { + ipRangeStart: ((row.ipVersion == 4) ? blobToIPv4(row.ipRangeStart) : blobToIPv6(row.ipRangeStart)), + ipRangeEnd: ((row.ipVersion == 4) ? blobToIPv4(row.ipRangeEnd) : blobToIPv6(row.ipRangeEnd)) + }; + network.ipAssignmentPools.push(p); + ++ipAssignmentPoolCount; + } + },nextStep); + +},function(nextStep) { + + console.log(' '+ipAssignmentPoolCount+' IP assignment pools in '+networkCount+' networks.'); + console.log('Reading known node identities...'); + old.each('SELECT * FROM Node',function(err,row) { + nodeIdentities[row.id] = row.identity; + },nextStep); + +},function(nextStep) { + + console.log(' '+Object.keys(nodeIdentities).length+' known identities.'); + console.log('Reading network members...'); + old.each('SELECT * FROM Member',function(err,row) { + var network = networks[row.networkId]; + if (network) { + network._members[row.nodeId] = { + id: row.nodeId, + address: row.nodeId, + objtype: 'member', + authorized: !!row.authorized, + activeBridge: !!row.activeBridge, + authHistory: [], + capabilities: [], + creationTime: 0, + identity: nodeIdentities[row.nodeId]||null, + ipAssignments: [], + lastAuthorizedTime: (row.authorized) ? Date.now() : 0, + lastDeauthorizedTime: (row.authorized) ? 0 : Date.now(), + lastModified: Date.now(), + lastRequestMetaData: '', + noAutoAssignIps: false, + nwid: row.networkId, + revision: parseInt(row.memberRevision)||1, + tags: [], + recentLog: [] + }; + ++memberCount; + //console.log(network._members[row.nodeId]); + } + },nextStep); + +},function(nextStep) { + + console.log(' '+memberCount+' members of '+networkCount+' networks.'); + console.log('Reading static IP assignments...'); + old.each('SELECT * FROM IpAssignment WHERE ipVersion = 4 OR ipVersion = 6',function(err,row) { + var network = networks[row.networkId]; + if (network) { + var member = network._members[row.nodeId]; + if ((member)&&((member.authorized)||(!network['private']))) { // don't mirror assignments to unauthorized members to avoid conflicts + if (row.ipVersion == 4) { + member.ipAssignments.push(blobToIPv4(row.ip)); + ++ipAssignmentCount; + } else if (row.ipVersion == 6) { + member.ipAssignments.push(blobToIPv6(row.ip)); + ++ipAssignmentCount; + } + } + } + },nextStep); + +},function(nextStep) { + + // Old versions only supported Ethertype whitelisting, so that's + // all we mirror forward. The other fields were always unused. + + console.log(' '+ipAssignmentCount+' IP assignments for '+memberCount+' authorized members of '+networkCount+' networks.'); + console.log('Reading allowed Ethernet types (old basic rules)...'); + var etherTypesByNetwork = {}; + old.each('SELECT DISTINCT networkId,ruleNo,etherType FROM Rule WHERE "action" = \'accept\'',function(err,row) { + if (row.networkId in networks) { + var et = parseInt(row.etherType)||0; + var ets = etherTypesByNetwork[row.networkId]; + if (!ets) + etherTypesByNetwork[row.networkId] = [ et ]; + else ets.push(et); + } + },function(err) { + if (err) return nextStep(err); + for(var nwid in etherTypesByNetwork) { + var ets = etherTypesByNetwork[nwid].sort(); + var network = networks[nwid]; + if (network) { + var rules = []; + if (ets.indexOf(0) >= 0) { + // If 0 is in the list, all Ethernet types are allowed so we accept all. + rules.push({ 'type': 'ACTION_ACCEPT' }); + } else { + // Otherwise we whitelist. + for(var i=0;i<ets.length;++i) { + rules.push({ + 'etherType': ets[i], + 'not': true, + 'or': false, + 'type': 'MATCH_ETHERTYPE' + }); + } + rules.push({ 'type': 'ACTION_DROP' }); + rules.push({ 'type': 'ACTION_ACCEPT' }); + } + network.rules = rules; + ++ruleCount; + } + } + return nextStep(null); + }); + +}],function(err) { + + if (err) { + console.log('FATAL: '+err.toString()); + return process.exit(1); + } + + console.log(' '+ruleCount+' ethernet type whitelists converted to new format rules.'); + old.close(); + console.log('Done reading and converting Sqlite3 database! Writing JSONDB files...'); + + try { + fs.mkdirSync(newDbPath,0o700); + } catch (e) {} + var nwBase = newDbPath+'/network'; + try { + fs.mkdirSync(nwBase,0o700); + } catch (e) {} + nwBase = nwBase + '/'; + var nwids = Object.keys(networks).sort(); + var fileCount = 0; + for(var ni=0;ni<nwids.length;++ni) { + var network = networks[nwids[ni]]; + + var mids = Object.keys(network._members).sort(); + if (mids.length > 0) { + try { + fs.mkdirSync(nwBase+network.id); + } catch (e) {} + var mbase = nwBase+network.id+'/member'; + try { + fs.mkdirSync(mbase,0o700); + } catch (e) {} + mbase = mbase + '/'; + + for(var mi=0;mi<mids.length;++mi) { + var member = network._members[mids[mi]]; + fs.writeFileSync(mbase+member.id+'.json',JSON.stringify(member,null,1),{ mode: 0o600 }); + ++fileCount; + //console.log(mbase+member.id+'.json'); + } + } + + delete network._members; // temporary field, not part of actual JSONDB, so don't write + fs.writeFileSync(nwBase+network.id+'.json',JSON.stringify(network,null,1),{ mode: 0o600 }); + ++fileCount; + //console.log(nwBase+network.id+'.json'); + } + + console.log(''); + console.log('SUCCESS! Wrote '+fileCount+' JSONDB files.'); + + console.log(''); + console.log('You should still inspect the new DB before going live. Also be sure'); + console.log('to "chown -R" and "chgrp -R" the new DB to the user and group under'); + console.log('which the ZeroTier One instance acting as controller will be running.'); + console.log('The controller must be able to read and write the DB, of course.'); + console.log(''); + console.log('Have fun!'); + + return process.exit(0); +}); diff --git a/controller/migrate-sqlite/package.json b/controller/migrate-sqlite/package.json new file mode 100644 index 00000000..0dac008f --- /dev/null +++ b/controller/migrate-sqlite/package.json @@ -0,0 +1,15 @@ +{ + "name": "migrate-sqlite", + "version": "1.0.0", + "description": "Migrate old SQLite to new JSON filesystem DB for ZeroTier network controller", + "main": "migrate.js", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "author": "Adam Ierymenko <adam.ierymenko@zerotier.com>", + "license": "GPL-3.0", + "dependencies": { + "async": "^2.1.4", + "sqlite3": "^3.1.8" + } +} diff --git a/debian/changelog b/debian/changelog index aa2fb534..e5c7b61e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +zerotier-one (1.2.0) unstable; urgency=medium + + * See https://github.com/zerotier/ZeroTierOne for release notes. + + -- Adam Ierymenko <adam.ierymenko@zerotier.com> Tue, 07 Mar 2017 09:08:00 -0700 + zerotier-one (1.1.14) unstable; urgency=medium * See https://github.com/zerotier/ZeroTierOne for release notes. diff --git a/debian/control b/debian/control index 46b8307f..3e9b6494 100644 --- a/debian/control +++ b/debian/control @@ -3,14 +3,14 @@ Maintainer: Adam Ierymenko <adam.ierymenko@zerotier.com> Section: net Priority: optional Standards-Version: 3.9.6 -Build-Depends: debhelper (>= 9), liblz4-dev, libnatpmp-dev, dh-systemd, ruby-ronn +Build-Depends: debhelper (>= 9), dh-systemd Vcs-Git: git://github.com/zerotier/ZeroTierOne Vcs-Browser: https://github.com/zerotier/ZeroTierOne Homepage: https://www.zerotier.com/ Package: zerotier-one Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, liblz4-1, libnatpmp1, iproute2 +Depends: ${shlibs:Depends}, ${misc:Depends}, iproute2, adduser Homepage: https://www.zerotier.com/ Description: ZeroTier network virtualization service ZeroTier One lets you join ZeroTier virtual networks and diff --git a/debian/control.wheezy b/debian/control.wheezy index 0cbd151b..5e4b0502 100644 --- a/debian/control.wheezy +++ b/debian/control.wheezy @@ -3,7 +3,7 @@ Maintainer: Adam Ierymenko <adam.ierymenko@zerotier.com> Section: net Priority: optional Standards-Version: 3.9.4 -Build-Depends: debhelper (>= 9), ruby-ronn +Build-Depends: debhelper (>= 9) Vcs-Git: git://github.com/zerotier/ZeroTierOne Vcs-Browser: https://github.com/zerotier/ZeroTierOne Homepage: https://www.zerotier.com/ diff --git a/debian/postinst b/debian/postinst new file mode 100644 index 00000000..ecd148a4 --- /dev/null +++ b/debian/postinst @@ -0,0 +1,9 @@ +#!/bin/sh -e + +case "$1" in + configure) + adduser --system --group --home /var/lib/zerotier-one --no-create-home zerotier-one + ;; +esac + +#DEBHELPER# diff --git a/debian/rules b/debian/rules index cf0b04ff..72c52955 100755 --- a/debian/rules +++ b/debian/rules @@ -7,7 +7,7 @@ CXXFLAGS=-O3 -fstack-protector-strong dh $@ --with systemd override_dh_auto_build: - make ZT_USE_MINIUPNPC=1 -j 2 +# make -j 2 override_dh_systemd_start: dh_systemd_start --restart-after-upgrade diff --git a/debian/rules.wheezy b/debian/rules.wheezy index e51d794e..0165be37 100755 --- a/debian/rules.wheezy +++ b/debian/rules.wheezy @@ -7,5 +7,5 @@ CXXFLAGS=-O3 -fstack-protector dh $@ override_dh_auto_build: - make ZT_USE_MINIUPNPC=1 -j 2 +# make -j 2 diff --git a/debian/format b/debian/source/format index 46ebe026..46ebe026 100644 --- a/debian/format +++ b/debian/source/format diff --git a/doc/MANUAL.md b/doc/MANUAL.md new file mode 100644 index 00000000..b26ad3a5 --- /dev/null +++ b/doc/MANUAL.md @@ -0,0 +1,354 @@ +ZeroTier Manual +====== + +## **1.** Introduction <a name="1"></a> + +ZeroTier is a smart Ethernet switch for planet Earth. + +It's a distributed network hypervisor built atop a cryptographically secure global peer to peer network that provides capabilities similar to an enterprise smart switch such as VLANs, rules, device authentication, and security monitoring. + +This manual describes the design and operation of ZeroTier and its associated services, apps, and libraries. Its intended audience includes IT professionals, network administrators, information security experts, and developers. + +The first section (2) of this guide explains ZeroTier's design and operation at a high level and is written for those with at least an intermediate knowledge of topics like TCP/IP and Ethernet networking. It's not required reading for most users, but understanding how things work in detail helps clarify everything else and helps tremendously with troubleshooting should anything go wrong. + +The remaining sections deal more concretely with deployment and administration. + +### Table of Contents + +1. [Introduction](#1) +2. [Network Hypervisor Overview](#2) + 1. [VL1: The ZeroTier Peer to Peer Network](#2_1) + 1. [Network Topology and Peer Discovery](#2_1_1) + 2. [Addressing](#2_1_2) + 3. [Cryptography](#2_1_3) + 4. [Trusted Paths for Fast Local SDN](#2_1_4) + 2. [VL2: The Ethernet Virtualization Layer](#2_2) + 1. [Network Identifiers and Controllers](#2_2_1) + 2. [Certificates and Other Credentials](#2_2_2) + 3. [Multicast, ARP, NDP, and Special Addressing Modes](#2_2_3) + 4. [Ethernet Bridging](#2_2_4) + 5. [Public Networks](#2_2_5) + 6. [Ad-Hoc Networks](#2_2_6) +3. [The Network Rules Engine](#3) + 1. [Rule Sets and Rule Evaluation](#3_1) + 2. [Capabilities](#3_2) + 3. [Tags](#3_3) + 4. [Rule Description Language](#3_4) + 1. [Syntax](#3_4_1) + 2. [Actions](#3_4_2) + 3. [Match Conditions](#3_4_3) + 4. [Capabilities](#3_4_4) + 5. [Tags](#3_4_5) + 6. [Macros](#3_4_6) + 5. [Design Patterns](#3_5) + 1. [TCP Whitelisting](#3_5_1) + 2. [Low-Overhead Network Monitoring](#3_5_2) + +------ + +## **2.** Network Hypervisor Overview <a name="2"></a> + +The ZeroTier network hypervisor (currently found in the [node/](https://github.com/zerotier/ZeroTierOne/tree/master/node) subfolder of the ZeroTierOne git repository) is a self-contained network virtualization engine that implements an Ethernet virtualization layer similar to [VXLAN](https://en.wikipedia.org/wiki/Virtual_Extensible_LAN) on top of a global encrypted peer to peer network. + +The ZeroTier protocol is original, though aspects of it are similar to VXLAN and IPSec. It has two conceptually separate but closely coupled layers [in the OSI model](https://en.wikipedia.org/wiki/OSI_model) sense: **VL1** and **VL2**. VL1 is the underlying peer to peer transport layer, the "virtual wire," while VL2 is an emulated Ethernet layer that provides operating systems and apps with a familiar communication medium. + +### **2.1.** VL1: The ZeroTier Peer to Peer Network <a name="2_1"></a> + +A global data center requires a global wire closet. + +In conventional networks L1 (OSI layer 1) refers to the actual CAT5/CAT6 cables or wireless radio channels over which data is carried and the physical transciever chips that modulate and demodulate it. VL1 is a peer to peer network that does the same thing by using encryption, authentication, and a lot of networking tricks to create virtual wires on a dyniamic as-needed basis. + +### **2.1.1.** Network Topology and Peer Discovery <a name="2_1_1"></a> + +VL1 is designed to be zero-configuration. A user can start a new ZeroTier node without having to write configuration files or provide the IP addresses of other nodes. It's also designed to be fast. Any two devices in the world should be able to locate each other and communicate almost instantly. + +To achieve this VL1 is organized like DNS. At the base of the network is a collection of always-present **root servers** whose role is similar to that of [DNS root name servers](https://en.wikipedia.org/wiki/Root_name_server). Roots run the same software as regular endpoints but reside at fast stable locations on the network and are designated as such by a **world definition**. World definitions come in two forms: the **planet** and one or more **moons**. The protocol includes a secure mechanism allowing world definitions to be updated in-band if root servers' IP addresses or ZeroTier addresses change. + +There is only one planet. Earth's root servers are operated by ZeroTier, Inc. as a free service. There are currently twelve root servers organized into two six-member clusters distributed across every major continent and multiple network providers. Almost everyone in the world has one within less than 100ms network latency from their location. + +A node can "orbit" any number of moons. A moon is just a convenient way to add user-defined root servers to the pool. Users can create moons to reduce dependency on ZeroTier, Inc. infrastructure or to locate root servers closer for better performance. For on-premise SDN use a cluster of root servers can be located inside a building or data center so that ZeroTier can continue to operate normally if Internet connectivity is lost. + +Nodes start with no direct links to one another, only upstream to roots (planet and moons). Every peer on VL1 possesses a globally unique 40-bit (10 hex digit) **ZeroTier address**, but unlike IP addresses these are opaque cryptographic identifiers that encode no routing information. To communicate peers first send packets "up" the tree, and as these packets traverse the network they trigger the opportunistic creation of direct links along the way. The tree is constantly trying to "collapse itself" to optimize itself to the pattern of traffic it is carrying. + +Peer to peer connection setup goes like this: + +1. A wants to send a packet to B, but since it has no direct path it sends it upstream to R (a root). +2. If R has a direct link to B, it forwards the packet there. Otherwise it sends the packet upstream until planetary roots are reached. Planetary roots know about all nodes, so eventually the packet will reach B if B is online. +3. R also sends a message called *rendezvous* to A containing hints about how it might reach B. Meanwhile the root that forwards the packet to B sends *rendezvous* informing B how it might reach A. +4. A and B get their *rendezvous* messages and attempt to send test messages to each other, possibly accomplishing [hole punching](https://en.wikipedia.org/wiki/UDP_hole_punching) of any NATs or stateful firewalls that happen to be in the way. If this works a direct link is established and packets no longer need to take the scenic route. + +Since roots forward packets, A and B can reach each other instantly. A and B then begin attempting to make a direct peer to peer connection. If this succeeds it results in a faster lower latency link. We call this *transport triggered link provisioning* since it's the forwarding of the packet itself that triggers the peer to peer network to attempt direct connection. + +VL1 never gives up. If a direct path can't be established, communication can continue through (slower) relaying. Direct connection attempts continue forever on a periodic basis. VL1 also has other features for establishing direct connectivity including LAN peer discovery, port prediction for traversal of symmetric IPv4 NATs, and explicit port mapping using uPnP and/or NAT-PMP if these are available on the local physical LAN. + +*[A blog post from 2014 by ZeroTier's original author explains some of the reasoning behind VL1's design.](http://adamierymenko.com/decentralization-i-want-to-believe/)* + +### **2.1.2.** Addressing <a name="2_1_2"></a> + +Every node is uniquely identified on VL1 by a 40-bit (10 hex digit) **ZeroTier address**. This address is computed from the public portion of a public/private key pair. A node's address, public key, and private key together form its **identity**. + +*On devices running ZeroTier One the node identity is stored in `identity.public` and `identity.secret` in the service's home directory.* + +When ZeroTier starts for the first time it generates a new identity. It then attempts to advertise it upstream to the network. In the very unlikely event that the identity's 40-bit unique address is taken, it discards it and generates another. + +Identities are claimed on a first come first serve basis and currently expire from planetary roots after 60 days of inactivity. If a long-dormant device returns it may re-claim its identity unless its address has been taken in the meantime (again, highly unlikely). + +The address derivation algorithm used to compute addresses from public keys imposes a computational cost barrier against the intentional generation of a collision. Currently it would take approximately 10,000 CPU-years to do so (assuming e.g. a 3ghz Intel core). This is expensive but not impossible, but it's only the first line of defense. After generating a collision an attacker would then have to compromise all upstream nodes, network controllers, and anything else that has recently communicated with the target node and replace their cached identities. + +ZeroTier addresses are, once advertised and claimed, a very secure method of unique identification. + +When a node attempts to send a message to another node whose identity is not cached, it sends a *whois* query upstream to a root. Roots provide an authoritative identity cache. + +### **2.1.3.** Cryptography <a name="2_1_3"></a> + +If you don't know much about cryptography you can safely skip this section. **TL;DR: packets are end-to-end encrypted and can't be read by roots or anyone else, and we use modern 256-bit crypto in ways recommended by the professional cryptographers that created it.** + +Asymmetric public key encryption is [Curve25519/Ed25519](https://en.wikipedia.org/wiki/Curve25519), a 256-bit elliptic curve variant. + +Every VL1 packet is encrypted end to end using (as of the current version) 256-bit [Salsa20](https://ianix.com/pub/salsa20-deployment.html) and authenticated using the [Poly1305](https://en.wikipedia.org/wiki/Poly1305) message authentication (MAC) algorithm. MAC is computed after encryption [(encrypt-then-MAC)](https://tonyarcieri.com/all-the-crypto-code-youve-ever-written-is-probably-broken) and the cipher/MAC composition used is identical to the [NaCl reference implementation](https://nacl.cr.yp.to). + +As of today we do not implement [forward secrecy](https://en.wikipedia.org/wiki/Forward_secrecy) or other stateful cryptographic features in VL1. We don't do this for the sake of simplicity, reliability, and code footprint, and because frequently changing state makes features like clustering and fail-over much harder to implement. See [our discussion on GitHub](https://github.com/zerotier/ZeroTierOne/issues/204). + +We may implement forward secrecy in the future. For those who want this level of security today, we recommend using other cryptographic protocols such as SSL or SSH over ZeroTier. These protocols typically implement forward secrecy, but using them over ZeroTier also provides the secondary benefit of defense in depth. Most cryptography is compromised not by a flaw in encryption but through bugs in the implementation. If you're using two secure transports, the odds of a critical bug being discovered in both at the same time is very low. The CPU overhead of double-encryption is not significant for most work loads. + +### **2.1.4.** Trusted Paths for Fast Local SDN <a name="2_1_4"></a> + +To support the use of ZeroTier as a high performance SDN/NFV protocol over physically secure networks the protocol supports a feature called *trusted paths*. It is possible to configure all ZeroTier devices on a given network to skip encryption and authentication for traffic over a designated physical path. This can cut CPU use noticably in high traffic scenarios but at the cost of losing virtually all transport security. + +Trusted paths do not prevent communication with devices elsewhere, since traffic over other paths will be encrypted and authenticated normally. + +We don't recommend the use of this feature unless you really need the performance and you know what you're doing. We also recommend thinking carefully before disabling transport security on a cloud private network. Larger cloud providers such as Amazon and Azure tend to provide good network segregation but many less costly providers offer private networks that are "party lines" and are not much more secure than the open Internet. + +### **2.2.** VL2: The Ethernet Virtualization Layer <a name="2_2"></a> + +**VL2** is a [VXLAN](https://en.wikipedia.org/wiki/Virtual_Extensible_LAN)-like network virtualization protocol with SDN management features. It implements secure VLAN boundaries, multicast, rules, capability based security, and certificate based access control. + +VL2 is built atop and carried by VL1, and in so doing it inherits VL1's encryption and endpoint authentication and can use VL1 asymmetric keys to sign and verify credentials. VL1 also allows us to implement VL2 entirely free of concern for underlying physical network topology. Connectivity and routing efficiency issues are VL1 concerns. It's important to understand that there is no relationship between VL2 virtual networks and VL1 paths. Much like VLAN multiplexing on a wired LAN, two nodes that share multiple network memberships in common will still only have one VL1 path (virtual wire) between them. + +### **2.2.1.** Network Identifiers and Controllers <a name="2_2_1"></a> + +Each VL2 network (VLAN) is identified by a 64-bit (16 hex digit) **ZeroTier network ID** that contains the 40-bit ZeroTier address of the network's **controller** and a 24-bit number identifying the network on the controller. + + Network ID: 8056c2e21c123456 + | | + | Network number on controller + | + ZeroTier address of controller + +When a node joins a network or requests a network configuration update, it sends a network config query message (via VL1) to the network's controller. The controller can then use the node's VL1 address to look it up on the network and send it the appropriate certificates, credentials, and configuration information. From the perpsective of VL2 virtual networks, VL1 ZeroTier addresses can be thought of as port numbers on an enormous global-scale virtual switch. + +A common misunderstanding is to conflate network controllers with root servers (planet and moons). Root servers are connection facilitators that operate at the VL1 level. Network controllers are configuration managers and certificate authorities that belong to VL2. Generally root servers don't join or control virtual networks and network controllers are not root servers, though it is possible to have a node do both. + +#### Controller Security Considerations + +Network controllers serve as certificate authorities for ZeroTier virtual networks. As such, their `identity.secret` files should be guarded closely and backed up securely. Compromise of a controller's secret key would allow an attacker to issue fraudulent network configurations or admit unauthorized members, while loss of the secret key results in loss of ability to control the network in any way or issue configuration updates and effectively renders the network unusable. + +It is important that controllers' system clocks remain relatively accurate (to within 30-60 seconds) and that they are secure against remote tampering. Many cloud providers provide secure time sources either directly via the hypervisor or via NTP servers within their networks. + +### **2.2.2.** Certificates and Other Credentials <a name="2_2_2"></a> + +All credentials issued by network controllers to member nodes in a given network are signed by the controller's secret key to allow all network members to verify them. Credentials have timestamp fields populated by the controller, allowing relative comparison without the need to trust the node's local system clock. + +Credentials are issued only to their owners and are then pushed peer to peer by nodes that wish to communicate with other nodes on the network. This allows networks to grow to enormous sizes without requiring nodes to cache large numbers of credentials or to constantly consult the controller. + +#### Credential Types + + * **Certificates of Membership**: a certificate that a node presents to obtain the right to communicate on a given network. Certificates of membership are accepted if they *agree*, meaning that the submitting member's certificate's timestamp differs from the recipient's certificate's timestamp by no more than the recipient certificate's maximum timestamp delta value. This creates a decentralized moving-window scheme for certificate expiration without requiring node clock synchronization or constant checking with the controller. + + * **Revocations**: a revocation instantaneously revokes a given credential by setting a hard timestamp limit before which it will not be accepted. Revocations are rapidly propagated peer to peer among members of a network using a rumor mill algorithm, allowing a controller to revoke a member credential across the entire network even if its connection to some members is unreliable. + + * **Capabilities**: a capability is a bundle of network rules that is signed by the controller and can be presented to other members of a network to grant the presenter elevated privileges within the framework of the network's base rule set. More on this in the section on rules. + + * **Tags**: a tag is a key/value pair signed by the controller that is automatically presented by members to one another and can be matched on in base or capability network rules. Tags can be used to categorize members by role, department, classification, etc. + + * **Certificates of Ownership**: these certify that a given network member owns something, such as an IP address. These are currently only used to lock down networks against IP address spoofing but could be used in the future to certify ownership of other network-level entities that can be matched in a filter. + +### **2.2.3.** Multicast, ARP, NDP, and Special Addressing Modes <a name="2_2_3"></a> + +ZeroTier networks support multicast via a simple publish/subscribe system. + +When a node wishes to receive multicasts for a given multicast group, it advertises membership in this group to other members of the network with which it is communicating and to the network controller. When a node wishes to send a multicast it both consults its cache of recent advertisements and periodically solicits additional advertisements. + +Broadcast (Ethernet *ff:ff:ff:ff:ff:ff*) is treated as a multicast group to which all members subscribe. It can be disabled at the network level to reduce traffic if it is not needed. IPv4 ARP receives special handling (see below) and will still work if normal broadcast is disabled. + +Multicasts are propagated using simple sender-side replication. This places the full outbound bandwidth load for multicast on the sender and minimizes multicast latency. Network configurations contain a network-wide **multicast limit** configurable at the network controller. This specifies the maximum number of other nodes to which any node will send a multicast. If the number of known recipients in a given multicast group exceeds the multicast limit, the sender chooses a random subset. + +There is no global limit on multicast recipients, but setting the multicast limit very high on very large networks could result in significant bandwidth overhead. + +#### Special Handling of IPv4 ARP Broadcasts + +IPv4 [ARP](https://en.wikipedia.org/wiki/Address_Resolution_Protocol) is built on simple Ethernet broadcast and scales poorly on large or distributed networks. To improve ARP's scalability ZeroTier generates a unique multicast group for each IPv4 address detected on its system and then transparently intercepts ARP queries and sends them only to the correct group. This converts ARP into effectively a unicast or narrow multicast protocol (like IPv6 NDP) and allows IPv4 ARP to work reliably across wide area networks without excess bandwidth consumption. A similar strategy is implemented under the hood by a number of enterprise switches and WiFi routers designed for deployment on extremely large LANs. This ARP emulation mode is transparent to the OS and application layers, but it does mean that packet sniffers will not see all ARP queries on a virtual network the way they typically can on smaller wired LANs. + +#### Multicast-Free IPv6 Addressing Modes + +IPv6 uses a protocol called [NDP](https://en.wikipedia.org/wiki/Neighbor_Discovery_Protocol) in place of ARP. It is similar in role and design but uses narrow multicast in place of broadcast for superior scalability on large networks. This protocol nevertheless still imposes the latency of an additional multicast lookup whenever a new address is contacted. This can add hundreds of milliseconds over a wide area network, or more if latencies associated with pub/sub recipient lookup are significant. + +IPv6 addresses are large enough to easily encode ZeroTier addresses. For faster operation and better scaling we've implemented several special IPv6 addressing modes that allow the local node to emulate NDP. These are ZeroTier's **rfc4193** and **6plane** IPv6 address assignment schemes. If these addressing schemes are enabled on a network, nodes locally intercept outbound NDP queries for matching addresses and then locally generate spoofed NDP replies. + +Both modes dramatically reduce initial connection latency between network members. **6plane** additionally exploits NDP emulation to transparently assign an entire IPv6 /80 prefix to every node without requiring any node to possess additional routing table entries. This is designed for virtual machine and container hosts that wish to auto-assign IPv6 addresses to guests and is very useful on microservice architecture backplane networks. + +Finally there is a security benefit to NDP emulation. ZeroTier addresses are cryptographically authenticated, and since Ethernet MAC addresses on networks are computed from ZeroTier addresses these are also secure. NDP emulated IPv6 addressing modes are therefore not vulnerable to NDP reply spoofing. + +Normal non-NDP-emulated IPv6 addresses (including link-local addresses) can coexist with NDP-emulated addressing schemes. Any NDP queries that do not match NDP-emulated addresses are sent via normal multicast. + +### **2.2.4.** Ethernet Bridging <a name="2_2_4"></a> + +ZeroTier emulates a true Ethernet switch. This includes the ability to L2 bridge other Ethernet networks (wired LAN, WiFi, virtual backplanes, etc.) to virtual networks using conventional Ethernet bridging. + +To act as a bridge a network member must be designated as such by the controller. This is for security reasons as normal network members are not permitted to send traffic from any origin other than their MAC address. Designated bridges also receive special treatment from the multicast algorithm, which more aggressively and directly queries them for group subscriptions and replicates all broadcast traffic and ARP requests to them. As a result bridge nodes experience a slightly higher amount of multicast bandwidth overhead. + +Bridging has been tested extensively on Linux using the Linux kernel native bridge, which cleanly handles network MTU mismatch. There are third party reports of bridging working on other platforms. The details of setting up bridging, including how to selectively block traffic like DHCP that may not be wanted across the bridge, are beyond the scope of this manual. + +### **2.2.5.** Public Networks <a name="2_2_5"></a> + +It is possible to disable access control on a ZeroTier network. A public network's members do not check certificates of membership, and new members to a public network are automatically marked as authorized by their host controller. It is not possible to de-authorize a member from a public network. + +Rules on the other hand *are* enforced, so it's possible to implement a special purpose public network that only allows access to a few things or that only allows a restricted subset of traffic. + +Public networks are useful for testing and for peer to peer "party lines" for gaming, chat, and other applications. Participants in public networks are warned to pay special attention to security. If joining a public network be careful not to expose vulnerable services or accidentally share private files via open network shares or HTTP servers. Make sure your operating system, applications, and services are fully up to date. + +ZeroTier, Inc. operates a public network called Earth (no relation to the root server planet definition of the same name) with the network ID `8056c2e21c000001`. Earth issues IPv4 addresses in the unused IPv4 space 28.0.0.0/7 and rfc4193 IPv6 addresses and allows multicast for service discovery. It's essentially a global LAN party. After joining Earth visit `http://earth.zerotier.net/` to get a page showing your Earth virtual IP address and Ethernet MAC address. + +### **2.2.6.** Ad-Hoc Networks <a name="2_2_6"></a> + +A special kind of public network called an ad-hoc network may be accessed by joining a network ID with the format: + + ffSSSSEEEE000000 + | | | | + | | | Reserved for future use, must be 0 + | | End of port range (hex) + | Start of port range (hex) + Reserved ZeroTier address prefix indicating a controller-less network + +Ad-hoc networks are public (no access control) networks that have no network controller. Instead their configuration and other credentials are generated locally. Ad-hoc networks permit only IPv6 UDP and TCP unicast traffic (no multicast or broadcast) using 6plane format NDP-emulated IPv6 addresses. In addition an ad-hoc network ID encodes an IP port range. UDP packets and TCP SYN (connection open) packets are only allowed to desintation ports within the encoded range. + +For example `ff00160016000000` is an ad-hoc network allowing only SSH, while `ff0000ffff000000` is an ad-hoc network allowing any UDP or TCP port. + +Keep in mind that these networks are public and anyone in the entire world can join them. Care must be taken to avoid exposing vulnerable services or sharing unwanted files or other resources. + +## **3.** The Network Rules Engine <a name="3"></a> + +Traffic on ZeroTier networks can be observed and controlled with a system of globally applied network rules. These are enforced in a distributed fashion by both the senders and the receivers of packets, meaning that to escape the rules engine a malicious attacker would need to compromise systems on both sides of the conversation. + +The ZeroTier VL2 rules engine differs from most other firewalls and SDN rules engines in several ways. The most immediately relevant of these is that the ZeroTier rules engine is stateless, meaning it lacks connection tracking. This means that bidirectional whitelisting can't be accomplished by simply whitelisting reply packets to established connections. Instead some thought must be put into how to allow both sides of a desired flow. Rule patterns to achieve the most common desired objectives are included in this manual. + +The decision to make our rules engine stateless was a design trade-off driven by several concerns. First we wanted to keep complexity, code footprint, and memory use very low to support small embedded devices. The second and more fundamental reason is that distributed stateful filtering requires distributed state synchronization. This would have added a large volume of additional sync traffic as well as introducing [inescapable](https://en.wikipedia.org/wiki/CAP_theorem) new sources of instablity and failure and a lot of surface area for security vulnerabilities. + +While ZeroTier lacks state tracking, its rules engine includes something not found anywhere else in the enterprise networking space: [capability-based security](https://en.wikipedia.org/wiki/Capability-based_security) and device tagging. Capabilities and tags allow extremely complex micro-segmented network rule schemes to be implemented in a sane, conceptual way that is both easier for human beings to understand and more efficient for machines to handle. + +This section assumes some level of familiarity with network rules as they're commonly used on firewalls and routers, etc. While the rules engine is part of VL2, it's been given its own section in this manual due to the depth and cross-cutting nature of the topic. + +### **3.1.** Rule Sets and Rule Evaluation <a name="3_1"></a> + +Rule sets are ordered lists of one or more rules, with each rule consisting of one or more **match** conditions followed by one **action**. As a rule set is evaluated, each match is tested in order and is then ANDed or ORed with the previous match result state. When an action is encountered it is taken if the result of the preceding matches is *true*. An action with no preceding matches is always taken. If no permissive actions are taken by any rule set the packet is discarded. + +Here is a simple rule set that constrains Ethernet traffic on a network to only IPv4, ARP, or IPv6 as it would appear in the raw JSON format used by ZeroTier One's built-in network controller implementation. Don't worry if this seems verbose and difficult. We have a more human-friendly way of writing rule sets, but before we introduce it it's important to understand what is really happening. + + [ + { + "etherType": 2048, + "not": true, + "or": false, + "type": "MATCH_ETHERTYPE" + }, + { + "etherType": 2054, + "not": true, + "or": false, + "type": "MATCH_ETHERTYPE" + }, + { + "etherType": 34525, + "not": true, + "or": false, + "type": "MATCH_ETHERTYPE" + }, + { + "type": "ACTION_DROP" + }, + { + "type": "ACTION_ACCEPT" + } + ] + +This checks whether an Ethernet level packet is _not_ IPv4 (ethertype 2048) _and not_ IPv4 ARP (ethertype 2054) _and not_ IPv6 (ethertype 34525). If all three matches evaluate to true (meaning the ethertype is none of these) then the **drop** action is taken. Otherwise the **accept** action is taken. + +Networks have one base rule set that is applied to all traffic. Its size is constrained to 1024 entries (each match or action is an entry). It should be used to set the overall policies for all members of the network, and for most common use cases it's all you'll need. For more complex scenarios, both capabilities and tags provide methods of both managing complexity and scaling the overall size of a network's rule system. + +### **3.2.** Capabilities <a name="3_2"></a> + +A capability is a small rule set that is bundled into a credential object, signed by the network controller, and issued to only those member(s) permitted to exercise it. When a member detects that outgoing traffic does not match the base rule set but is allowed by one of its capabilities, it periodically pushes the matching capability credential to the recipient ahead of the packet(s) in question. Peer to peer capability distribution is automatic and is triggered by capability match. + +When the recipient receives the capability it authenticates it by checking its signature and timestamp and, provided the capability is valid, adds it to the set of capabilities to apply to incoming traffic from the capability's owner. The sender has effectively told the recipient "I can too send this packet! Teacher says so!" + +Capabilities allow large systems of rules to be broken down into functional aspects and then distributed intelligently only to those members with a need to know. This avoids the bandwidth and storage overhead of distributing huge monolithic rule sets and organizes rules conceptually to make them easier for administrators to understand. + +There are three terminating actions that can be taken in a rule set: **accept**, **break**, and **drop**. The accept action terminates rule evaluation and accepts the packet. The break action terminates the evaluation of the current rule set but permits the further evaluation of capabilities. The drop action terminates rule evaluation and drops the packet without checking capabilities in the base rule set, but is equivalent to break in capability rule sets. In most cases break should be used unless certain traffic must be absolutely prohibited under any circumstance. + +In the simple base rule set example in section 3.1 the drop action is taken in the unapproved case. This means that ethernet whitelisting cannot be overridden by a capability. If we change `ACTION_DROP` in our example to `ACTION_BREAK`, then it becomes possible to issue the following capability: + + [ + { + "etherType": 2114, + "not": false, + "or": false, + "type": "MATCH_ETHERTYPE" + }, + { + "type": "ACTION_ACCEPT" + } + ] + +Ethertype 2114 is [wake-on-LAN](https://wiki.wireshark.org/WakeOnLAN), a special packet that can cause some systems to wake from sleep mode. If we place the above tiny rule set into a capability and issue it to a device, this device *but no others* will now be permitted to send wake-on-LAN magic packets. (Wake-on-LAN requires hardware support so it would only work to target devices plugged into a physical network bridged to a ZeroTier network, but don't worry about that here. It's just an example of special traffic.) + +Capability rule sets are limited to only 64 entries. The idea is to keep them small and simple. A capability should grant one thing or one small set of conceptually related things. + +### **3.3.** Tags <a name="3_3"></a> + +ZeroTier provides a second mechanism to control rule set complexity. Tags are 32-bit numeric key-value pair credentials that are issued to network members and signed by the controller. They are then distributed peer to peer on a need to know basis in a similar manner to capabilities. + +Tags provide a way to conditionally drop or allow traffic between members by member classification. They allow very detailed network micro-segmentation by member role, permission, function, etc. without resulting in a combinatorial explosion in rules table size. + +Let's say we want to permit traffic on TCP ports 139 and 445 (netbios/CIFS file sharing) only between systems that belong to the same department. Our company has 12,000 devices and 10 departments. Without tags this would require 144,000,000 rules, but with tags it can be accomplished by only a few. + +First a tag is created to represent the department. Let's give it tag ID 100. Each member system receives the tag with a value from 1 to 10 indicating which department it belongs to. We can then add the following rules to our network's base rule set (or to a capability if so desired): + + [ + { + "type": "MATCH_IP_DEST_PORT_RANGE", + "not": false, + "or": false, + "start": 139, + "end": 139 + }, + { + "type": "MATCH_IP_DEST_PORT_RANGE", + "not": false, + "or": true, + "start": 445, + "end": 445 + }, + { + "type": "MATCH_IP_PROTOCOL", + "not": false, + "or": false, + "ipProtocol": 6 + }, + { + "type": "MATCH_TAGS_DIFFERENCE", + "not": false, + "or": false, + "id": 10, + "value": 0 + }, + { + "type": "ACTION_ACCEPT" + } + ] + +This tells members in our network to accept TCP packets on ports 139 or 445 if the difference between tags with tag ID 10 is zero, meaning they match. (If a member does not have a value for this tag, it does not match.) Now all members of the same department can access CIFS file shares, but CIFS sharing between departments could still be prohibited. (TCP whitelisting requires some additional rules due to the stateless nature of our rules engine. See the section below on rule design patterns.) + +Tags can be compared on numeric value or as bit fields via several different bit mask operations allowing many different systems of member classification to be implemented. + +### **3.4.** Rule Description Language <a name="3_4"></a> + diff --git a/doc/zerotier-cli.1 b/doc/zerotier-cli.1 new file mode 100644 index 00000000..167109ec --- /dev/null +++ b/doc/zerotier-cli.1 @@ -0,0 +1,83 @@ +.TH "ZEROTIER\-CLI" "1" "December 2016" "" "" +.SH "NAME" +\fBzerotier-cli\fR \- control local ZeroTier virtual network service +.SH SYNOPSIS +.P +\fBzerotier\-cli\fP [\-switches] <command> [arguments] +.SH DESCRIPTION +.P +\fBzerotier\-cli\fR provides a simple command line interface to the local JSON API of the ZeroTier virtual network endpoint service zerotier\-one(8)\. +.P +By default \fBzerotier\-cli\fR must be run as root or with \fBsudo\fP\|\. If you want to allow an unprivileged user to use \fBzerotier\-cli\fR to control the system ZeroTier service, you can create a local copy of the ZeroTier service authorization token in the user's home directory: +.P +.RS 2 +.nf +sudo cp /var/lib/zerotier\-one/authtoken\.secret /home/user/\.zeroTierOneAuthToken +chown user /home/user/\.zeroTierOneAuthToken +chmod 0600 /home/user/\.zeroTierOneAuthToken +.fi +.RE +.P +(The location of ZeroTier's service home may differ by platform\. See zerotier\-one(8)\.) +.P +Note that this gives the user the power to connect or disconnect the system to or from any virtual network, which is a significant permission\. +.P +\fBzerotier\-cli\fR has several command line arguments that are visible in \fBhelp\fP output\. The two most commonly used are \fB\-j\fP for raw JSON output and \fB\-D<path>\fP to specify an alternative ZeroTier service working directory\. Raw JSON output is easier to parse in scripts and also contains verbose details not present in the tabular output\. The \fB\-D<path>\fP option specifies where the service's zerotier\-one\.port and authtoken\.secret files are located if the service is not running at the default location for your system\. +.SH COMMANDS +.RS 0 +.IP \(bu 2 +\fBhelp\fP: +Displays \fBzerotier\-cli\fR help\. +.IP \(bu 2 +\fBinfo\fP: +Shows information about this device including its 10\-digit ZeroTier address and apparent connection status\. Use \fB\-j\fP for more verbose output\. +.IP \(bu 2 +\fBlistpeers\fP: +This command lists the ZeroTier VL1 (virtual layer 1, the peer to peer network) peers this service knows about and has recently (within the past 30 minutes or so) communicated with\. These are not necessarily all the devices on your virtual network(s), and may also include a few devices not on any virtual network you've joined\. These are typically either root servers or network controllers\. +.IP \(bu 2 +\fBlistnetworks\fP: +This lists the networks your system belongs to and some information about them, such as any ZeroTier\-managed IP addresses you have been assigned\. (IP addresses assigned manually to ZeroTier interfaces will not be listed here\. Use the standard network interface commands to see these\.) +.IP \(bu 2 +\fBjoin\fP: +To join a network just use \fBjoin\fP and its 16\-digit hex network ID\. That's it\. Then use \fBlistnetworks\fP to see the status\. You'll either get a reply from the network controller with a certificate and other info such as IP assignments, or you'll get "access denied\." In this case you'll need the administrator of this network to authorize your device by its 10\-digit device ID (visible with \fBinfo\fP) on the network's controller\. +.IP \(bu 2 +\fBleave\fP: +Leaving a network is as easy as joining it\. This disconnects from the network and deletes its interface from the system\. Note that peers on the network may hang around in \fBlistpeers\fP for up to 30 minutes until they time out due to lack of traffic\. But if they no longer share a network with you, they can't actually communicate with you in any meaningful way\. + +.RE +.SH EXAMPLES +.P +Join "Earth," ZeroTier's big public party line network: +.P +.RS 2 +.nf +$ sudo zerotier\-cli join 8056c2e21c000001 +$ sudo zerotier\-cli listnetworks +( wait until you get an Earth IP ) +$ ping earth\.zerotier\.net +( you should now be able to ping our Earth test IP ) +.fi +.RE +.P +Leave "Earth": +.P +.RS 2 +.nf +$ sudo zerotier\-cli leave 8056c2e21c000001 +.fi +.RE +.P +List VL1 peers: +.P +.RS 2 +.nf +$ sudo zerotier\-cli listpeers +.fi +.RE +.SH COPYRIGHT +.P +(c)2011\-2016 ZeroTier, Inc\. \-\- https://www\.zerotier\.com/ \-\- https://github\.com/zerotier +.SH SEE ALSO +.P +zerotier\-one(8), zerotier\-idtool(1) + diff --git a/doc/zerotier-idtool.1 b/doc/zerotier-idtool.1 new file mode 100644 index 00000000..fbc367a6 --- /dev/null +++ b/doc/zerotier-idtool.1 @@ -0,0 +1,84 @@ +.TH "ZEROTIER\-IDTOOL" "1" "December 2016" "" "" +.SH "NAME" +\fBzerotier-idtool\fR \- tool for creating and manipulating ZeroTier identities +.SH SYNOPSIS +.P +\fBzerotier\-idtool\fP <command> [args] +.SH DESCRIPTION +.P +\fBzerotier\-idtool\fR is a command line utility for doing things with ZeroTier identities\. A ZeroTier identity consists of a public/private key pair (or just the public if it's only an identity\.public) and a 10\-digit hexadecimal ZeroTier address derived from the public key by way of a proof of work based hash function\. +.SH COMMANDS +.P +When command arguments call for a public or secret (full) identity, the identity can be specified as a path to a file or directly on the command line\. +.RS 0 +.IP \(bu 2 +\fBhelp\fP: +Display help\. (Also running with no command does this\.) +.IP \(bu 2 +\fBgenerate\fP [secret file] [public file] [vanity]: +Generate a new ZeroTier identity\. If a secret file is specified, the full identity including the private key will be written to this file\. If the public file is specified, the public portion will be written there\. If no file paths are specified the full secret identity is output to STDOUT\. The vanity prefix is a series of hexadecimal digits that the generated identity's address should start with\. Typically this isn't used, and if it's specified generation can take a very long time due to the intrinsic cost of generating identities with their proof of work function\. Generating an identity with a known 16\-bit (4 digit) prefix on a 2\.8ghz Core i5 (using one core) takes an average of two hours\. +.IP \(bu 2 +\fBvalidate\fP <identity, only public part required>: +Locally validate an identity's key and proof of work function correspondence\. +.IP \(bu 2 +\fBgetpublic\fP <full identity with secret>: +Extract the public portion of an identity\.secret and print to STDOUT\. +.IP \(bu 2 +\fBsign\fP <full identity with secret> <file to sign>: +Sign a file's contents with SHA512+ECC\-256 (ed25519)\. The signature is output in hex to STDOUT\. +.IP \(bu 2 +\fBverify\fP <identity, only public part required> <file to check> <signature in hex>: +Verify a signature created with \fBsign\fP\|\. +.IP \(bu 2 +\fBmkcom\fP <full identity with secret> [id,value,maxdelta] [\|\.\.\.]: +Create and sign a network membership certificate\. This is not generally useful since network controllers do this automatically and is included mostly for testing purposes\. + +.RE +.SH EXAMPLES +.P +Generate and dump a new identity: +.P +.RS 2 +.nf +$ zerotier\-idtool generate +.fi +.RE +.P +Generate and write a new identity, both secret and public parts: +.P +.RS 2 +.nf +$ zerotier\-idtool generate identity\.secret identity\.public +.fi +.RE +.P +Generate a vanity address that begins with the hex digits "beef" (this will take a while!): +.P +.RS 2 +.nf +$ zerotier\-idtool generate beef\.secret beef\.public beef +.fi +.RE +.P +Sign a file with an identity's secret key: +.P +.RS 2 +.nf +$ zerotier\-idtool sign identity\.secret last_will_and_testament\.txt +.fi +.RE +.P +Verify a file's signature with a public key: +.P +.RS 2 +.nf +$ zerotier\-idtool verify identity\.public last_will_and_testament\.txt +.fi +.RE +.SH COPYRIGHT +.P +(c)2011\-2016 ZeroTier, Inc\. \-\- https://www\.zerotier\.com/ \-\- https://github\.com/zerotier +.SH SEE ALSO +.P +zerotier\-one(8), zerotier\-cli(1) + diff --git a/doc/zerotier-one.8 b/doc/zerotier-one.8 new file mode 100644 index 00000000..4ad7a15d --- /dev/null +++ b/doc/zerotier-one.8 @@ -0,0 +1,104 @@ +.TH "ZEROTIER\-ONE" "8" "December 2016" "" "" +.SH "NAME" +\fBzerotier-one\fR \- ZeroTier virtual network endpoint service +.SH SYNOPSIS +.P +\fBzerotier\-one\fP [\-switches] [working directory] +.SH DESCRIPTION +.P +\fBzerotier\-one\fR is the service/daemon responsible for connecting a Unix (Linux/BSD/OSX) system to one or more ZeroTier virtual networks and presenting those networks to the system as virtual network ports\. You can think of it as a peer to peer VPN client\. +.P +It's typically run by init systems like systemd (Linux) or launchd (Mac) rather than directly by the user, and it must be run as root unless you give it the \fB\-U\fP switch and don't plan on actually joining networks (e\.g\. to run a network controller microservice only)\. +.P +The \fBzerotier\-one\fR service keeps its state and other files in a working directory\. If this directory is not specified at launch it defaults to "/var/lib/zerotier\-one" on Linux, "/Library/Application Support/ZeroTier/One" on Mac, and "/var/db/zerotier\-one" on FreeBSD and other similar BSDs\. The working directory should persist\. It shouldn't be automatically cleaned by system cleanup daemons or stored in a volatile location\. Loss of its identity\.secret file results in loss of this system's unique 10\-digit ZeroTier address and key\. +.P +Multiple instances of \fBzerotier\-one\fR can be run on the same system as long as they are run with different primary ports (see switches) and a different working directory\. But since a single service can join any number of networks, typically there's no point in doing this\. +.P +The \fBzerotier\-one\fR service is controlled via a JSON API available at 127\.0\.0\.1:<primary port> with the default primary port being 9993\. Access to this API requires an authorization token normally found in the authtoken\.secret file in the service's working directory\. On some platforms access may be guarded by other measures such as socket peer UID/GID lookup if additional security options are enabled (this is not the default)\. +.P +The first time the service is started in a fresh working directory, it generates a ZeroTier identity\. On slow systems this process can take ten seconds or more due to an anti\-DDOS/anti\-counterfeit proof of work function used by ZeroTier in address generation\. This only happens once, and once generated the result is saved in identity\.secret in the working directory\. This file represents and defines/claims your ZeroTier address and associated ECC\-256 key pair\. +.SH SWITCHES +.RS 0 +.IP \(bu 2 +\fB\-h\fP: +Display help\. +.IP \(bu 2 +\fB\-v\fP: +Display ZeroTier One version\. +.IP \(bu 2 +\fB\-U\fP: +Skip privilege check and allow to be run by non\-privileged user\. This is typically used when \fBzerotier\-one\fR is built with the network controller option included\. In this case the ZeroTier service might only be acting as a network controller and might never actually join networks, in which case it does not require elevated system permissions\. +.IP \(bu 2 +\fB\-p<port>\fP: +Specify a different primary port\. If this is not given the default is 9993\. If zero is given a random port is chosen each time\. +.IP \(bu 2 +\fB\-d\fP: +Fork and run as a daemon\. +.IP \(bu 2 +\fB\-i\fP: +Invoke the \fBzerotier\-idtool\fR personality, in which case the binary behaves like zerotier\-idtool(1)\. This happens automatically if the name of the binary (or a symlink to it) is zerotier\-idtool\. +.IP \(bu 2 +\fB\-q\fP: +Invoke the \fBzerotier\-cli\fR personality, in which case the binary behaves like zerotier\-cli(1)\. This happens automatically if the name of the binary (or a symlink to it) is zerotier\-cli\. + +.RE +.SH EXAMPLES +.P +Run as daemon with OS default working directory and default port: +.P +.RS 2 +.nf +$ sudo zerotier\-one \-d +.fi +.RE +.P +Run as daemon with a different working directory and port: +.P +.RS 2 +.nf +$ sudo zerotier\-one \-d \-p12345 /tmp/zerotier\-working\-directory\-test +.fi +.RE +.SH FILES +.P +These are found in the service's working directory\. +.RS 0 +.IP \(bu 2 +\fBidentity\.public\fP: +The public portion of your ZeroTier identity, which is your 10\-digit hex address and the associated public key\. +.IP \(bu 2 +\fBidentity\.secret\fP: +Your full ZeroTier identity including its private key\. This file identifies the system on the network, which means you can move a ZeroTier address around by copying this file and you should back up this file if you want to save your system's static ZeroTier address\. This file must be protected, since theft of its secret key will allow anyone to impersonate your device on any network and decrypt traffic\. For network controllers this file is particularly sensitive since it constitutes the private key for a certificate authority for the controller's networks\. +.IP \(bu 2 +\fBauthtoken\.secret\fP: +The secret token used to authenticate requests to the service's local JSON API\. If it does not exist it is generated from a secure random source on service start\. To use, send it in the "X\-ZT1\-Auth" header with HTTP requests to 127\.0\.0\.1:<primary port>\|\. +.IP \(bu 2 +\fBdevicemap\fP: +Remembers mappings of zt# interface numbers to ZeroTier networks so they'll persist across restarts\. On some systems that support longer interface names that can encode the network ID (such as FreeBSD) this file may not be present\. +.IP \(bu 2 +\fBzerotier\-one\.pid\fP: +ZeroTier's PID\. This file is deleted on normal shutdown\. +.IP \(bu 2 +\fBzerotier\-one\.port\fP: +ZeroTier's primary port, which is also where its JSON API is found at 127\.0\.0\.1:<this port>\|\. This file is created on startup and is read by zerotier\-cli(1) to determine where it should find the control API\. +.IP \(bu 2 +\fBcontroller\.db\fP: +If the ZeroTier One service is built with the network controller enabled, this file contains the controller's SQLite3 database\. +.IP \(bu 2 +\fBcontroller\.db\.backup\fP: +If the ZeroTier One service is built with the network controller enabled, it periodically backs up its controller\.db database in this file (currently every 5 minutes if there have been changes)\. Since this file is not a currently in use SQLite3 database it's safer to back up without corruption\. On new backups the file is rotated out rather than being rewritten in place\. +.IP \(bu 2 +\fBiddb\.d/\fP (directory): +Caches the public identity of every peer ZeroTier has spoken with in the last 60 days\. This directory and its contents can be deleted, but this may result in slower connection initations since it will require that we go out and re\-fetch full identities for peers we're speaking to\. +.IP \(bu 2 +\fBnetworks\.d\fP (directory): +This caches network configurations and certificate information for networks you belong to\. ZeroTier scans this directory for <network ID>\|\.conf files on startup to recall its networks, so "touch"ing an empty <network ID>\|\.conf file in this directory is a way of pre\-configuring ZeroTier to join a specific network on startup without using the API\. If the config file is empty ZeroTIer will just fetch it from the network's controller\. + +.RE +.SH COPYRIGHT +.P +(c)2011\-2016 ZeroTier, Inc\. \-\- https://www\.zerotier\.com/ \-\- https://github\.com/zerotier +.SH SEE ALSO +.P +zerotier\-cli(1), zerotier\-idtool(1) + diff --git a/ext/bin/tap-windows-ndis5/x64/WdfCoinstaller01011.dll b/ext/bin/tap-windows-ndis5/x64/WdfCoinstaller01011.dll Binary files differdeleted file mode 100644 index d49d2913..00000000 --- a/ext/bin/tap-windows-ndis5/x64/WdfCoinstaller01011.dll +++ /dev/null diff --git a/ext/bin/tap-windows-ndis5/x64/zttap200.cat b/ext/bin/tap-windows-ndis5/x64/zttap200.cat Binary files differdeleted file mode 100644 index a3769e40..00000000 --- a/ext/bin/tap-windows-ndis5/x64/zttap200.cat +++ /dev/null diff --git a/ext/bin/tap-windows-ndis5/x64/zttap200.inf b/ext/bin/tap-windows-ndis5/x64/zttap200.inf deleted file mode 100644 index dc1a7422..00000000 --- a/ext/bin/tap-windows-ndis5/x64/zttap200.inf +++ /dev/null @@ -1,79 +0,0 @@ -[Version] -Signature="$WINDOWS NT$" -Class=Net -ClassGuid={4d36e972-e325-11ce-bfc1-08002be10318} -Provider=%Provider% -CatalogFile=zttap200.cat -DriverVer=01/23/2014,15.19.17.816 - -[Strings] -DeviceDescription = "ZeroTier One Virtual Network Port" -Provider = "ZeroTier Networks LLC" - -; To build for x86, take NTamd64 off this and off the named section manually, build, then put it back! -[Manufacturer] -%Provider%=zttap200,NTamd64 - -[zttap200] -%DeviceDescription%=zttap200.ndi,zttap200 - -[ztTap200.NTamd64] -%DeviceDescription%=zttap200.ndi,zttap200 - -[zttap200.ndi] -CopyFiles = zttap200.driver,zttap200.files -AddReg = zttap200.reg -AddReg = zttap200.params.reg -Characteristics = 0x81 - -[zttap200.ndi.Services] -AddService = zttap200, 2, zttap200.service - -[zttap200.reg] -HKR, Ndi, Service, 0, "zttap200" -HKR, Ndi\Interfaces, UpperRange, 0, "ndis5" -HKR, Ndi\Interfaces, LowerRange, 0, "ethernet" -HKR, , Manufacturer, 0, "%Provider%" -HKR, , ProductName, 0, "%DeviceDescription%" - -[zttap200.params.reg] -HKR, Ndi\params\MTU, ParamDesc, 0, "MTU" -HKR, Ndi\params\MTU, Type, 0, "int" -HKR, Ndi\params\MTU, Default, 0, "2800" -HKR, Ndi\params\MTU, Optional, 0, "0" -HKR, Ndi\params\MTU, Min, 0, "100" -HKR, Ndi\params\MTU, Max, 0, "2800" -HKR, Ndi\params\MTU, Step, 0, "1" -HKR, Ndi\params\MediaStatus, ParamDesc, 0, "Media Status" -HKR, Ndi\params\MediaStatus, Type, 0, "enum" -HKR, Ndi\params\MediaStatus, Default, 0, "0" -HKR, Ndi\params\MediaStatus, Optional, 0, "0" -HKR, Ndi\params\MediaStatus\enum, "0", 0, "Application Controlled" -HKR, Ndi\params\MediaStatus\enum, "1", 0, "Always Connected" -HKR, Ndi\params\MAC, ParamDesc, 0, "MAC Address" -HKR, Ndi\params\MAC, Type, 0, "edit" -HKR, Ndi\params\MAC, Optional, 0, "1" - -[zttap200.service] -DisplayName = %DeviceDescription% -ServiceType = 1 -StartType = 3 -ErrorControl = 1 -LoadOrderGroup = NDIS -ServiceBinary = %12%\zttap200.sys - -[SourceDisksNames] -1 = %DeviceDescription%, zttap200.sys - -[SourceDisksFiles] -zttap200.sys = 1 - -[DestinationDirs] -zttap200.files = 11 -zttap200.driver = 12 - -[zttap200.files] -; - -[zttap200.driver] -zttap200.sys,,,6 ; COPYFLG_NOSKIP | COPYFLG_NOVERSIONCHECK diff --git a/ext/bin/tap-windows-ndis5/x64/zttap200.sys b/ext/bin/tap-windows-ndis5/x64/zttap200.sys Binary files differdeleted file mode 100644 index 339351fb..00000000 --- a/ext/bin/tap-windows-ndis5/x64/zttap200.sys +++ /dev/null diff --git a/ext/bin/tap-windows-ndis5/x86/WdfCoinstaller01011.dll b/ext/bin/tap-windows-ndis5/x86/WdfCoinstaller01011.dll Binary files differdeleted file mode 100644 index e943ea45..00000000 --- a/ext/bin/tap-windows-ndis5/x86/WdfCoinstaller01011.dll +++ /dev/null diff --git a/ext/bin/tap-windows-ndis5/x86/zttap200.cat b/ext/bin/tap-windows-ndis5/x86/zttap200.cat Binary files differdeleted file mode 100644 index d90ecbbe..00000000 --- a/ext/bin/tap-windows-ndis5/x86/zttap200.cat +++ /dev/null diff --git a/ext/bin/tap-windows-ndis5/x86/zttap200.inf b/ext/bin/tap-windows-ndis5/x86/zttap200.inf deleted file mode 100644 index 99aac9f2..00000000 --- a/ext/bin/tap-windows-ndis5/x86/zttap200.inf +++ /dev/null @@ -1,76 +0,0 @@ -[Version] -Signature="$WINDOWS NT$" -Class=Net -ClassGuid={4d36e972-e325-11ce-bfc1-08002be10318} -Provider=%Provider% -CatalogFile=zttap200.cat -DriverVer=01/24/2014,17.25.51.226 - -[Strings] -DeviceDescription = "ZeroTier One Virtual Network Port" -Provider = "ZeroTier Networks LLC" - -; To build for x86, take NTamd64 off this and off the named section manually, build, then put it back! -[Manufacturer] -%Provider%=zttap200 - -[zttap200] -%DeviceDescription%=zttap200.ndi,zttap200 - -[zttap200.ndi] -CopyFiles = zttap200.driver,zttap200.files -AddReg = zttap200.reg -AddReg = zttap200.params.reg -Characteristics = 0x81 - -[zttap200.ndi.Services] -AddService = zttap200, 2, zttap200.service - -[zttap200.reg] -HKR, Ndi, Service, 0, "zttap200" -HKR, Ndi\Interfaces, UpperRange, 0, "ndis5" -HKR, Ndi\Interfaces, LowerRange, 0, "ethernet" -HKR, , Manufacturer, 0, "%Provider%" -HKR, , ProductName, 0, "%DeviceDescription%" - -[zttap200.params.reg] -HKR, Ndi\params\MTU, ParamDesc, 0, "MTU" -HKR, Ndi\params\MTU, Type, 0, "int" -HKR, Ndi\params\MTU, Default, 0, "2800" -HKR, Ndi\params\MTU, Optional, 0, "0" -HKR, Ndi\params\MTU, Min, 0, "100" -HKR, Ndi\params\MTU, Max, 0, "2800" -HKR, Ndi\params\MTU, Step, 0, "1" -HKR, Ndi\params\MediaStatus, ParamDesc, 0, "Media Status" -HKR, Ndi\params\MediaStatus, Type, 0, "enum" -HKR, Ndi\params\MediaStatus, Default, 0, "0" -HKR, Ndi\params\MediaStatus, Optional, 0, "0" -HKR, Ndi\params\MediaStatus\enum, "0", 0, "Application Controlled" -HKR, Ndi\params\MediaStatus\enum, "1", 0, "Always Connected" -HKR, Ndi\params\MAC, ParamDesc, 0, "MAC Address" -HKR, Ndi\params\MAC, Type, 0, "edit" -HKR, Ndi\params\MAC, Optional, 0, "1" - -[zttap200.service] -DisplayName = %DeviceDescription% -ServiceType = 1 -StartType = 3 -ErrorControl = 1 -LoadOrderGroup = NDIS -ServiceBinary = %12%\zttap200.sys - -[SourceDisksNames] -1 = %DeviceDescription%, zttap200.sys - -[SourceDisksFiles] -zttap200.sys = 1 - -[DestinationDirs] -zttap200.files = 11 -zttap200.driver = 12 - -[zttap200.files] -; - -[zttap200.driver] -zttap200.sys,,,6 ; COPYFLG_NOSKIP | COPYFLG_NOVERSIONCHECK diff --git a/ext/bin/tap-windows-ndis5/x86/zttap200.sys b/ext/bin/tap-windows-ndis5/x86/zttap200.sys Binary files differdeleted file mode 100644 index b7b11fbe..00000000 --- a/ext/bin/tap-windows-ndis5/x86/zttap200.sys +++ /dev/null diff --git a/ext/bin/tap-windows-ndis6/x64/ZeroTierOne_NDIS6_x64.msi b/ext/bin/tap-windows-ndis6/x64/ZeroTierOne_NDIS6_x64.msi Binary files differindex 818796f4..4cfb7d77 100644 --- a/ext/bin/tap-windows-ndis6/x64/ZeroTierOne_NDIS6_x64.msi +++ b/ext/bin/tap-windows-ndis6/x64/ZeroTierOne_NDIS6_x64.msi diff --git a/ext/bin/tap-windows-ndis6/x86/ZeroTierOne_NDIS6_x86.msi b/ext/bin/tap-windows-ndis6/x86/ZeroTierOne_NDIS6_x86.msi Binary files differindex b9e2d7ea..1b9aec40 100644 --- a/ext/bin/tap-windows-ndis6/x86/ZeroTierOne_NDIS6_x86.msi +++ b/ext/bin/tap-windows-ndis6/x86/ZeroTierOne_NDIS6_x86.msi diff --git a/ext/http-parser/http_parser.c b/ext/http-parser/http_parser.c index 3c896ffa..895bf0c7 100644 --- a/ext/http-parser/http_parser.c +++ b/ext/http-parser/http_parser.c @@ -1366,12 +1366,7 @@ reexecute: || c != CONTENT_LENGTH[parser->index]) { parser->header_state = h_general; } else if (parser->index == sizeof(CONTENT_LENGTH)-2) { - if (parser->flags & F_CONTENTLENGTH) { - SET_ERRNO(HPE_UNEXPECTED_CONTENT_LENGTH); - goto error; - } parser->header_state = h_content_length; - parser->flags |= F_CONTENTLENGTH; } break; @@ -1474,6 +1469,12 @@ reexecute: goto error; } + if (parser->flags & F_CONTENTLENGTH) { + SET_ERRNO(HPE_UNEXPECTED_CONTENT_LENGTH); + goto error; + } + + parser->flags |= F_CONTENTLENGTH; parser->content_length = ch - '0'; break; diff --git a/ext/http-parser/http_parser.h b/ext/http-parser/http_parser.h index 105ae510..45c72a07 100644 --- a/ext/http-parser/http_parser.h +++ b/ext/http-parser/http_parser.h @@ -27,7 +27,7 @@ extern "C" { /* Also update SONAME in the Makefile whenever you change these. */ #define HTTP_PARSER_VERSION_MAJOR 2 #define HTTP_PARSER_VERSION_MINOR 7 -#define HTTP_PARSER_VERSION_PATCH 0 +#define HTTP_PARSER_VERSION_PATCH 1 #include <sys/types.h> #if defined(_WIN32) && !defined(__MINGW32__) && \ @@ -90,6 +90,76 @@ typedef int (*http_data_cb) (http_parser*, const char *at, size_t length); typedef int (*http_cb) (http_parser*); +/* Status Codes */ +#define HTTP_STATUS_MAP(XX) \ + XX(100, CONTINUE, Continue) \ + XX(101, SWITCHING_PROTOCOLS, Switching Protocols) \ + XX(102, PROCESSING, Processing) \ + XX(200, OK, OK) \ + XX(201, CREATED, Created) \ + XX(202, ACCEPTED, Accepted) \ + XX(203, NON_AUTHORITATIVE_INFORMATION, Non-Authoritative Information) \ + XX(204, NO_CONTENT, No Content) \ + XX(205, RESET_CONTENT, Reset Content) \ + XX(206, PARTIAL_CONTENT, Partial Content) \ + XX(207, MULTI_STATUS, Multi-Status) \ + XX(208, ALREADY_REPORTED, Already Reported) \ + XX(226, IM_USED, IM Used) \ + XX(300, MULTIPLE_CHOICES, Multiple Choices) \ + XX(301, MOVED_PERMANENTLY, Moved Permanently) \ + XX(302, FOUND, Found) \ + XX(303, SEE_OTHER, See Other) \ + XX(304, NOT_MODIFIED, Not Modified) \ + XX(305, USE_PROXY, Use Proxy) \ + XX(307, TEMPORARY_REDIRECT, Temporary Redirect) \ + XX(308, PERMANENT_REDIRECT, Permanent Redirect) \ + XX(400, BAD_REQUEST, Bad Request) \ + XX(401, UNAUTHORIZED, Unauthorized) \ + XX(402, PAYMENT_REQUIRED, Payment Required) \ + XX(403, FORBIDDEN, Forbidden) \ + XX(404, NOT_FOUND, Not Found) \ + XX(405, METHOD_NOT_ALLOWED, Method Not Allowed) \ + XX(406, NOT_ACCEPTABLE, Not Acceptable) \ + XX(407, PROXY_AUTHENTICATION_REQUIRED, Proxy Authentication Required) \ + XX(408, REQUEST_TIMEOUT, Request Timeout) \ + XX(409, CONFLICT, Conflict) \ + XX(410, GONE, Gone) \ + XX(411, LENGTH_REQUIRED, Length Required) \ + XX(412, PRECONDITION_FAILED, Precondition Failed) \ + XX(413, PAYLOAD_TOO_LARGE, Payload Too Large) \ + XX(414, URI_TOO_LONG, URI Too Long) \ + XX(415, UNSUPPORTED_MEDIA_TYPE, Unsupported Media Type) \ + XX(416, RANGE_NOT_SATISFIABLE, Range Not Satisfiable) \ + XX(417, EXPECTATION_FAILED, Expectation Failed) \ + XX(421, MISDIRECTED_REQUEST, Misdirected Request) \ + XX(422, UNPROCESSABLE_ENTITY, Unprocessable Entity) \ + XX(423, LOCKED, Locked) \ + XX(424, FAILED_DEPENDENCY, Failed Dependency) \ + XX(426, UPGRADE_REQUIRED, Upgrade Required) \ + XX(428, PRECONDITION_REQUIRED, Precondition Required) \ + XX(429, TOO_MANY_REQUESTS, Too Many Requests) \ + XX(431, REQUEST_HEADER_FIELDS_TOO_LARGE, Request Header Fields Too Large) \ + XX(451, UNAVAILABLE_FOR_LEGAL_REASONS, Unavailable For Legal Reasons) \ + XX(500, INTERNAL_SERVER_ERROR, Internal Server Error) \ + XX(501, NOT_IMPLEMENTED, Not Implemented) \ + XX(502, BAD_GATEWAY, Bad Gateway) \ + XX(503, SERVICE_UNAVAILABLE, Service Unavailable) \ + XX(504, GATEWAY_TIMEOUT, Gateway Timeout) \ + XX(505, HTTP_VERSION_NOT_SUPPORTED, HTTP Version Not Supported) \ + XX(506, VARIANT_ALSO_NEGOTIATES, Variant Also Negotiates) \ + XX(507, INSUFFICIENT_STORAGE, Insufficient Storage) \ + XX(508, LOOP_DETECTED, Loop Detected) \ + XX(510, NOT_EXTENDED, Not Extended) \ + XX(511, NETWORK_AUTHENTICATION_REQUIRED, Network Authentication Required) \ + +enum http_status + { +#define XX(num, name, string) HTTP_STATUS_##name = num, + HTTP_STATUS_MAP(XX) +#undef XX + }; + + /* Request Methods */ #define HTTP_METHOD_MAP(XX) \ XX(0, DELETE, DELETE) \ diff --git a/ext/installfiles/mac-update/updater.tmpl.sh b/ext/installfiles/mac-update/updater.tmpl.sh new file mode 100644 index 00000000..0b07f6d9 --- /dev/null +++ b/ext/installfiles/mac-update/updater.tmpl.sh @@ -0,0 +1,49 @@ +#!/bin/bash + +export PATH=/bin:/usr/bin:/sbin:/usr/sbin +shopt -s expand_aliases + +if [ "$UID" -ne 0 ]; then + echo '*** Auto-updater must be run as root.' + exit 1 +fi + +scriptPath="`dirname "$0"`/`basename "$0"`" +if [ ! -s "$scriptPath" ]; then + scriptPath="$0" + if [ ! -s "$scriptPath" ]; then + echo "*** Auto-updater cannot determine its own path; $scriptPath is not readable." + exit 2 + fi +fi + +endMarkerIndex=`grep -a -b -E '^################' "$scriptPath" | head -c 16 | cut -d : -f 1` +if [ "$endMarkerIndex" -le 100 ]; then + echo 'Internal error: unable to find end of script / start of binary data marker.' + exit 2 +fi +blobStart=`expr $endMarkerIndex + 17` +if [ "$blobStart" -le "$endMarkerIndex" ]; then + echo 'Internal error: unable to find end of script / start of binary data marker.' + exit 2 +fi + +rm -f /tmp/ZeroTierOne-update.pkg +tail -c +$blobStart "$scriptPath" >/tmp/ZeroTierOne-update.pkg +chmod 0600 /tmp/ZeroTierOne-update.pkg + +if [ -s /tmp/ZeroTierOne-update.pkg ]; then + rm -f '/Library/Application Support/ZeroTier/One/latest-update.exe' '/Library/Application Support/ZeroTier/One/latest-update.json' /tmp/ZeroTierOne-update.log + installer -verbose -pkg /tmp/ZeroTierOne-update.pkg -target / >/tmp/ZeroTierOne-update.log 2>&1 + rm -f /tmp/ZeroTierOne-update.pkg + exit 0 +else + echo '*** Error self-unpacking update!' + exit 3 +fi + +# Do not remove the last line or add a carriage return to it! The installer +# looks for an unterminated line beginning with 16 #'s in itself to find +# the binary blob data, which is appended after it. + +################
\ No newline at end of file diff --git a/ext/installfiles/mac/ZeroTier One.pkgproj b/ext/installfiles/mac/ZeroTier One.pkgproj index d9730527..4215fd22 100755 --- a/ext/installfiles/mac/ZeroTier One.pkgproj +++ b/ext/installfiles/mac/ZeroTier One.pkgproj @@ -37,7 +37,7 @@ <key>GID</key> <integer>80</integer> <key>PATH</key> - <string>mac-ui-macgap1-wrapper/bin/ZeroTier One.app</string> + <string>../../../macui/build/Release/ZeroTier One.app</string> <key>PATH_TYPE</key> <integer>1</integer> <key>PERMISSIONS</key> @@ -123,119 +123,6 @@ </dict> <dict> <key>CHILDREN</key> - <array> - <dict> - <key>CHILDREN</key> - <array/> - <key>GID</key> - <integer>0</integer> - <key>PATH</key> - <string>ui/index.html</string> - <key>PATH_TYPE</key> - <integer>1</integer> - <key>PERMISSIONS</key> - <integer>420</integer> - <key>TYPE</key> - <integer>3</integer> - <key>UID</key> - <integer>0</integer> - </dict> - <dict> - <key>CHILDREN</key> - <array/> - <key>GID</key> - <integer>0</integer> - <key>PATH</key> - <string>ui/main.js</string> - <key>PATH_TYPE</key> - <integer>1</integer> - <key>PERMISSIONS</key> - <integer>420</integer> - <key>TYPE</key> - <integer>3</integer> - <key>UID</key> - <integer>0</integer> - </dict> - <dict> - <key>CHILDREN</key> - <array/> - <key>GID</key> - <integer>0</integer> - <key>PATH</key> - <string>ui/react.min.js</string> - <key>PATH_TYPE</key> - <integer>1</integer> - <key>PERMISSIONS</key> - <integer>420</integer> - <key>TYPE</key> - <integer>3</integer> - <key>UID</key> - <integer>0</integer> - </dict> - <dict> - <key>CHILDREN</key> - <array/> - <key>GID</key> - <integer>0</integer> - <key>PATH</key> - <string>ui/simpleajax.min.js</string> - <key>PATH_TYPE</key> - <integer>1</integer> - <key>PERMISSIONS</key> - <integer>420</integer> - <key>TYPE</key> - <integer>3</integer> - <key>UID</key> - <integer>0</integer> - </dict> - <dict> - <key>CHILDREN</key> - <array/> - <key>GID</key> - <integer>0</integer> - <key>PATH</key> - <string>ui/zerotier.css</string> - <key>PATH_TYPE</key> - <integer>1</integer> - <key>PERMISSIONS</key> - <integer>420</integer> - <key>TYPE</key> - <integer>3</integer> - <key>UID</key> - <integer>0</integer> - </dict> - <dict> - <key>CHILDREN</key> - <array/> - <key>GID</key> - <integer>0</integer> - <key>PATH</key> - <string>ui/ztui.min.js</string> - <key>PATH_TYPE</key> - <integer>1</integer> - <key>PERMISSIONS</key> - <integer>420</integer> - <key>TYPE</key> - <integer>3</integer> - <key>UID</key> - <integer>0</integer> - </dict> - </array> - <key>GID</key> - <integer>0</integer> - <key>PATH</key> - <string>ui</string> - <key>PATH_TYPE</key> - <integer>0</integer> - <key>PERMISSIONS</key> - <integer>493</integer> - <key>TYPE</key> - <integer>2</integer> - <key>UID</key> - <integer>0</integer> - </dict> - <dict> - <key>CHILDREN</key> <array/> <key>GID</key> <integer>0</integer> @@ -759,7 +646,7 @@ <key>OVERWRITE_PERMISSIONS</key> <false/> <key>VERSION</key> - <string>1.1.14</string> + <string>1.1.17</string> </dict> <key>PROJECT_COMMENTS</key> <dict> @@ -773,7 +660,7 @@ ZW50LVN0eWxlLVR5cGUiIGNvbnRlbnQ9InRleHQvY3NzIj4KPHRp dGxlPjwvdGl0bGU+CjxtZXRhIG5hbWU9IkdlbmVyYXRvciIgY29u dGVudD0iQ29jb2EgSFRNTCBXcml0ZXIiPgo8bWV0YSBuYW1lPSJD - b2NvYVZlcnNpb24iIGNvbnRlbnQ9IjE0MDQuNDciPgo8c3R5bGUg + b2NvYVZlcnNpb24iIGNvbnRlbnQ9IjE1MDQuNzYiPgo8c3R5bGUg dHlwZT0idGV4dC9jc3MiPgpwLnAxIHttYXJnaW46IDAuMHB4IDAu MHB4IDAuMHB4IDAuMHB4OyBsaW5lLWhlaWdodDogMTQuMHB4OyBm b250OiAxMi4wcHggSGVsdmV0aWNhOyBjb2xvcjogIzAwMDAwMDsg @@ -782,7 +669,7 @@ b2R5Pgo8cCBjbGFzcz0icDEiPjxzcGFuIGNsYXNzPSJzMSI+WmVy b1RpZXIgT25lIC0gTmV0d29yayBWaXJ0dWFsaXphdGlvbiBFdmVy eXdoZXJlPC9zcGFuPjwvcD4KPHAgY2xhc3M9InAxIj48c3BhbiBj - bGFzcz0iczEiPihjKTIwMTEtMjAxNiBaZXJvVGllciwgSW5jLjwv + bGFzcz0iczEiPihjKTIwMTEtMjAxNyBaZXJvVGllciwgSW5jLjwv c3Bhbj48L3A+CjxwIGNsYXNzPSJwMSI+PHNwYW4gY2xhc3M9InMx Ij5jb250YWN0QHplcm90aWVyLmNvbTwvc3Bhbj48L3A+CjxwIGNs YXNzPSJwMSI+PHNwYW4gY2xhc3M9InMxIj48YnI+Cjwvc3Bhbj48 diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/Info.plist b/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/Info.plist deleted file mode 100644 index c67923c7..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/Info.plist +++ /dev/null @@ -1,59 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> -<plist version="1.0"> -<dict> - <key>BuildMachineOSBuild</key> - <string>15B42</string> - <key>CFBundleDevelopmentRegion</key> - <string>en</string> - <key>CFBundleExecutable</key> - <string>ZeroTier One</string> - <key>CFBundleIconFile</key> - <string>ZeroTierIcon</string> - <key>CFBundleIdentifier</key> - <string>com.zerotier.ZeroTier-One</string> - <key>CFBundleInfoDictionaryVersion</key> - <string>6.0</string> - <key>CFBundleName</key> - <string>ZeroTier One</string> - <key>CFBundlePackageType</key> - <string>APPL</string> - <key>CFBundleShortVersionString</key> - <string>1.0</string> - <key>CFBundleSignature</key> - <string>????</string> - <key>CFBundleSupportedPlatforms</key> - <array> - <string>MacOSX</string> - </array> - <key>CFBundleVersion</key> - <string>1</string> - <key>DTCompiler</key> - <string>com.apple.compilers.llvm.clang.1_0</string> - <key>DTPlatformBuild</key> - <string>7B1005</string> - <key>DTPlatformVersion</key> - <string>GM</string> - <key>DTSDKBuild</key> - <string>15A278</string> - <key>DTSDKName</key> - <string>macosx10.11</string> - <key>DTXcode</key> - <string>0711</string> - <key>DTXcodeBuild</key> - <string>7B1005</string> - <key>LSApplicationCategoryType</key> - <string>public.app-category.utilities</string> - <key>LSMinimumSystemVersion</key> - <string>10.7</string> - <key>NSAppTransportSecurity</key> - <dict> - <key>NSAllowsArbitraryLoads</key> - <true/> - </dict> - <key>NSMainNibFile</key> - <string>MainMenu</string> - <key>NSPrincipalClass</key> - <string>NSApplication</string> -</dict> -</plist> diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/MacOS/ZeroTier One b/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/MacOS/ZeroTier One Binary files differdeleted file mode 100755 index 8e38b861..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/MacOS/ZeroTier One +++ /dev/null diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/PkgInfo b/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/PkgInfo deleted file mode 100644 index bd04210f..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/PkgInfo +++ /dev/null @@ -1 +0,0 @@ -APPL????
\ No newline at end of file diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/Resources/en.lproj/Credits.rtf b/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/Resources/en.lproj/Credits.rtf deleted file mode 100644 index 6f388f66..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/Resources/en.lproj/Credits.rtf +++ /dev/null @@ -1,13 +0,0 @@ -{\rtf1\ansi\ansicpg1252\cocoartf1347\cocoasubrtf570 -{\fonttbl\f0\fswiss\fcharset0 Helvetica;} -{\colortbl;\red255\green255\blue255;} -\vieww9600\viewh8400\viewkind0 -\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720 - -\f0\b\fs24 \cf0 (c)2011-2015 ZeroTier, Inc.\ -Licensed under the GNU GPLv3\ -\ -UI Wrapper MacGap (c) Twitter, Inc.\ -Licensed under the MIT License\ -http://macgap.com/\ -}
\ No newline at end of file diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/Resources/en.lproj/InfoPlist.strings b/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/Resources/en.lproj/InfoPlist.strings Binary files differdeleted file mode 100644 index 5e45963c..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/Resources/en.lproj/InfoPlist.strings +++ /dev/null diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/Resources/en.lproj/MainMenu.nib b/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/Resources/en.lproj/MainMenu.nib Binary files differdeleted file mode 100644 index bac7faa7..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/Resources/en.lproj/MainMenu.nib +++ /dev/null diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/Resources/en.lproj/Window.nib b/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/Resources/en.lproj/Window.nib Binary files differdeleted file mode 100644 index e7b174a1..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/Resources/en.lproj/Window.nib +++ /dev/null diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/_CodeSignature/CodeResources b/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/_CodeSignature/CodeResources deleted file mode 100644 index 5e334db0..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/_CodeSignature/CodeResources +++ /dev/null @@ -1,187 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> -<plist version="1.0"> -<dict> - <key>files</key> - <dict> - <key>Resources/ZeroTierIcon.icns</key> - <data> - 430Gd+4+jnim7WxXEEugp6G+Tgk= - </data> - <key>Resources/en.lproj/Credits.rtf</key> - <dict> - <key>hash</key> - <data> - ePttkAH2X1GJ6OL0UhDBAktxB3Y= - </data> - <key>optional</key> - <true/> - </dict> - <key>Resources/en.lproj/InfoPlist.strings</key> - <dict> - <key>hash</key> - <data> - MiLKDDnrUKr4EmuvhS5VQwxHGK8= - </data> - <key>optional</key> - <true/> - </dict> - <key>Resources/en.lproj/MainMenu.nib</key> - <dict> - <key>hash</key> - <data> - 8JZXf4/3df3LD+o74Y8WM0dV8io= - </data> - <key>optional</key> - <true/> - </dict> - <key>Resources/en.lproj/Window.nib</key> - <dict> - <key>hash</key> - <data> - aP0mIANPPnnTMmxYlELioz9ZO1I= - </data> - <key>optional</key> - <true/> - </dict> - </dict> - <key>files2</key> - <dict> - <key>Resources/ZeroTierIcon.icns</key> - <data> - 430Gd+4+jnim7WxXEEugp6G+Tgk= - </data> - <key>Resources/en.lproj/Credits.rtf</key> - <dict> - <key>hash</key> - <data> - ePttkAH2X1GJ6OL0UhDBAktxB3Y= - </data> - <key>optional</key> - <true/> - </dict> - <key>Resources/en.lproj/InfoPlist.strings</key> - <dict> - <key>hash</key> - <data> - MiLKDDnrUKr4EmuvhS5VQwxHGK8= - </data> - <key>optional</key> - <true/> - </dict> - <key>Resources/en.lproj/MainMenu.nib</key> - <dict> - <key>hash</key> - <data> - 8JZXf4/3df3LD+o74Y8WM0dV8io= - </data> - <key>optional</key> - <true/> - </dict> - <key>Resources/en.lproj/Window.nib</key> - <dict> - <key>hash</key> - <data> - aP0mIANPPnnTMmxYlELioz9ZO1I= - </data> - <key>optional</key> - <true/> - </dict> - </dict> - <key>rules</key> - <dict> - <key>^Resources/</key> - <true/> - <key>^Resources/.*\.lproj/</key> - <dict> - <key>optional</key> - <true/> - <key>weight</key> - <real>1000</real> - </dict> - <key>^Resources/.*\.lproj/locversion.plist$</key> - <dict> - <key>omit</key> - <true/> - <key>weight</key> - <real>1100</real> - </dict> - <key>^version.plist$</key> - <true/> - </dict> - <key>rules2</key> - <dict> - <key>.*\.dSYM($|/)</key> - <dict> - <key>weight</key> - <real>11</real> - </dict> - <key>^(.*/)?\.DS_Store$</key> - <dict> - <key>omit</key> - <true/> - <key>weight</key> - <real>2000</real> - </dict> - <key>^(Frameworks|SharedFrameworks|PlugIns|Plug-ins|XPCServices|Helpers|MacOS|Library/(Automator|Spotlight|LoginItems))/</key> - <dict> - <key>nested</key> - <true/> - <key>weight</key> - <real>10</real> - </dict> - <key>^.*</key> - <true/> - <key>^Info\.plist$</key> - <dict> - <key>omit</key> - <true/> - <key>weight</key> - <real>20</real> - </dict> - <key>^PkgInfo$</key> - <dict> - <key>omit</key> - <true/> - <key>weight</key> - <real>20</real> - </dict> - <key>^Resources/</key> - <dict> - <key>weight</key> - <real>20</real> - </dict> - <key>^Resources/.*\.lproj/</key> - <dict> - <key>optional</key> - <true/> - <key>weight</key> - <real>1000</real> - </dict> - <key>^Resources/.*\.lproj/locversion.plist$</key> - <dict> - <key>omit</key> - <true/> - <key>weight</key> - <real>1100</real> - </dict> - <key>^[^/]+$</key> - <dict> - <key>nested</key> - <true/> - <key>weight</key> - <real>10</real> - </dict> - <key>^embedded\.provisionprofile$</key> - <dict> - <key>weight</key> - <real>20</real> - </dict> - <key>^version\.plist$</key> - <dict> - <key>weight</key> - <real>20</real> - </dict> - </dict> -</dict> -</plist> diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/LICENSE b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/LICENSE deleted file mode 100644 index c7fd4a4a..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/LICENSE +++ /dev/null @@ -1,25 +0,0 @@ -MacGap was ported from phonegap-mac, and is under the same license (MIT) - -The MIT License -***************** - -Copyright (c) <2012> <Nitobi Software Inc., et. al., > - - Permission is hereby granted, free of charge, to any person obtaining a copy - of this software and associated documentation files (the "Software"), to deal - in the Software without restriction, including without limitation the rights - to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - copies of the Software, and to permit persons to whom the Software is - furnished to do so, subject to the following conditions: - - The above copyright notice and this permission notice shall be included in - all copies or substantial portions of the Software. - - THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - THE SOFTWARE. - diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.pbxproj b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.pbxproj deleted file mode 100644 index 775c5964..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.pbxproj +++ /dev/null @@ -1,489 +0,0 @@ -// !$*UTF8*$! -{ - archiveVersion = 1; - classes = { - }; - objectVersion = 46; - objects = { - -/* Begin PBXBuildFile section */ - 1495814F15C15CCC00E1CFE5 /* Notice.m in Sources */ = {isa = PBXBuildFile; fileRef = 1495814E15C15CCC00E1CFE5 /* Notice.m */; }; - 6F169DA718CC332E005EDDF3 /* Command.m in Sources */ = {isa = PBXBuildFile; fileRef = 6F169DA618CC332E005EDDF3 /* Command.m */; }; - 6F169DAA18CC35FD005EDDF3 /* CallbackDelegate.m in Sources */ = {isa = PBXBuildFile; fileRef = 6F169DA918CC35FD005EDDF3 /* CallbackDelegate.m */; }; - 6F169DAC18CD8A4A005EDDF3 /* JavaScriptCore.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 6F169DAB18CD8A4A005EDDF3 /* JavaScriptCore.framework */; }; - 6F169DB118CD906F005EDDF3 /* MenuItemProxy.m in Sources */ = {isa = PBXBuildFile; fileRef = 6F169DAE18CD906F005EDDF3 /* MenuItemProxy.m */; }; - 6F169DB218CD906F005EDDF3 /* MenuProxy.m in Sources */ = {isa = PBXBuildFile; fileRef = 6F169DB018CD906F005EDDF3 /* MenuProxy.m */; }; - 6FD672B618FE618E00C0DAAD /* UserDefaults.m in Sources */ = {isa = PBXBuildFile; fileRef = 6FD672B518FE618E00C0DAAD /* UserDefaults.m */; }; - 6FD6E4ED18C2D48C00DFFBE6 /* fonts.m in Sources */ = {isa = PBXBuildFile; fileRef = 6FD6E4EC18C2D48C00DFFBE6 /* fonts.m */; }; - 88746BEE14CCA435001E160E /* JSEventHelper.m in Sources */ = {isa = PBXBuildFile; fileRef = 88746BED14CCA435001E160E /* JSEventHelper.m */; }; - 88C0646014BDE10A00E4BCE2 /* Window.m in Sources */ = {isa = PBXBuildFile; fileRef = 88C0645F14BDE10A00E4BCE2 /* Window.m */; }; - 88C0646614BDEC5800E4BCE2 /* Window.xib in Resources */ = {isa = PBXBuildFile; fileRef = 88C0646414BDEC5800E4BCE2 /* Window.xib */; }; - 88C0646D14BDF6A600E4BCE2 /* WindowController.m in Sources */ = {isa = PBXBuildFile; fileRef = 88C0646C14BDF6A600E4BCE2 /* WindowController.m */; }; - C14EFCA71B0986AF00894B5F /* ZeroTierIcon.icns in Resources */ = {isa = PBXBuildFile; fileRef = C14EFCA61B0986AF00894B5F /* ZeroTierIcon.icns */; }; - C1C2B9911AFB0CF10060D7C2 /* Security.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = C1C2B9901AFB0CF10060D7C2 /* Security.framework */; }; - F2B80016179E0FC100B069A8 /* Clipboard.m in Sources */ = {isa = PBXBuildFile; fileRef = F2B80015179E0FC100B069A8 /* Clipboard.m */; }; - FA32509D14BA813600BF0781 /* WebKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = FA32509C14BA813600BF0781 /* WebKit.framework */; }; - FA3250C314BA85E700BF0781 /* ContentView.m in Sources */ = {isa = PBXBuildFile; fileRef = FA3250BC14BA85E700BF0781 /* ContentView.m */; }; - FA3250C514BA85E700BF0781 /* Utils.m in Sources */ = {isa = PBXBuildFile; fileRef = FA3250BE14BA85E700BF0781 /* Utils.m */; }; - FA3250C714BA85E700BF0781 /* WebViewDelegate.m in Sources */ = {isa = PBXBuildFile; fileRef = FA3250C014BA85E700BF0781 /* WebViewDelegate.m */; }; - FA3250D314BA860800BF0781 /* App.m in Sources */ = {isa = PBXBuildFile; fileRef = FA3250C914BA860800BF0781 /* App.m */; }; - FA3250D514BA860800BF0781 /* Dock.m in Sources */ = {isa = PBXBuildFile; fileRef = FA3250CB14BA860800BF0781 /* Dock.m */; }; - FA3250D914BA860800BF0781 /* Path.m in Sources */ = {isa = PBXBuildFile; fileRef = FA3250CF14BA860800BF0781 /* Path.m */; }; - FA3250DB14BA860800BF0781 /* Sound.m in Sources */ = {isa = PBXBuildFile; fileRef = FA3250D114BA860800BF0781 /* Sound.m */; }; - FA3F7742168F70790027B324 /* Cocoa.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = FA3F7741168F70780027B324 /* Cocoa.framework */; }; - FAE451C914BA79C600190544 /* InfoPlist.strings in Resources */ = {isa = PBXBuildFile; fileRef = FAE451C714BA79C600190544 /* InfoPlist.strings */; }; - FAE451CB14BA79C600190544 /* main.m in Sources */ = {isa = PBXBuildFile; fileRef = FAE451CA14BA79C600190544 /* main.m */; }; - FAE451CF14BA79C600190544 /* Credits.rtf in Resources */ = {isa = PBXBuildFile; fileRef = FAE451CD14BA79C600190544 /* Credits.rtf */; }; - FAE451D214BA79C600190544 /* AppDelegate.m in Sources */ = {isa = PBXBuildFile; fileRef = FAE451D114BA79C600190544 /* AppDelegate.m */; }; - FAE451D514BA79C600190544 /* MainMenu.xib in Resources */ = {isa = PBXBuildFile; fileRef = FAE451D314BA79C600190544 /* MainMenu.xib */; }; -/* End PBXBuildFile section */ - -/* Begin PBXCopyFilesBuildPhase section */ - FA3250DD14BA876F00BF0781 /* CopyFiles */ = { - isa = PBXCopyFilesBuildPhase; - buildActionMask = 2147483647; - dstPath = ""; - dstSubfolderSpec = 10; - files = ( - ); - runOnlyForDeploymentPostprocessing = 0; - }; -/* End PBXCopyFilesBuildPhase section */ - -/* Begin PBXFileReference section */ - 1495814D15C15CCC00E1CFE5 /* Notice.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = Notice.h; path = Classes/Commands/Notice.h; sourceTree = "<group>"; }; - 1495814E15C15CCC00E1CFE5 /* Notice.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = Notice.m; path = Classes/Commands/Notice.m; sourceTree = "<group>"; }; - 6F169DA518CC332E005EDDF3 /* Command.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = Command.h; path = Classes/Commands/Command.h; sourceTree = "<group>"; }; - 6F169DA618CC332E005EDDF3 /* Command.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = Command.m; path = Classes/Commands/Command.m; sourceTree = "<group>"; }; - 6F169DA818CC35FD005EDDF3 /* CallbackDelegate.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = CallbackDelegate.h; path = Classes/CallbackDelegate.h; sourceTree = "<group>"; }; - 6F169DA918CC35FD005EDDF3 /* CallbackDelegate.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = CallbackDelegate.m; path = Classes/CallbackDelegate.m; sourceTree = "<group>"; }; - 6F169DAB18CD8A4A005EDDF3 /* JavaScriptCore.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = JavaScriptCore.framework; path = System/Library/Frameworks/JavaScriptCore.framework; sourceTree = SDKROOT; }; - 6F169DAD18CD906F005EDDF3 /* MenuItemProxy.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = MenuItemProxy.h; path = Classes/Commands/MenuItemProxy.h; sourceTree = "<group>"; }; - 6F169DAE18CD906F005EDDF3 /* MenuItemProxy.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = MenuItemProxy.m; path = Classes/Commands/MenuItemProxy.m; sourceTree = "<group>"; }; - 6F169DAF18CD906F005EDDF3 /* MenuProxy.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = MenuProxy.h; path = Classes/Commands/MenuProxy.h; sourceTree = "<group>"; }; - 6F169DB018CD906F005EDDF3 /* MenuProxy.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = MenuProxy.m; path = Classes/Commands/MenuProxy.m; sourceTree = "<group>"; }; - 6FD672B418FE618E00C0DAAD /* UserDefaults.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = UserDefaults.h; path = Classes/Commands/UserDefaults.h; sourceTree = "<group>"; }; - 6FD672B518FE618E00C0DAAD /* UserDefaults.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = UserDefaults.m; path = Classes/Commands/UserDefaults.m; sourceTree = "<group>"; }; - 6FD6E4EB18C2D48200DFFBE6 /* fonts.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; name = fonts.h; path = Classes/Commands/fonts.h; sourceTree = "<group>"; }; - 6FD6E4EC18C2D48C00DFFBE6 /* fonts.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = fonts.m; path = Classes/Commands/fonts.m; sourceTree = "<group>"; }; - 88746BEC14CCA435001E160E /* JSEventHelper.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = JSEventHelper.h; path = Classes/JSEventHelper.h; sourceTree = "<group>"; }; - 88746BED14CCA435001E160E /* JSEventHelper.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = JSEventHelper.m; path = Classes/JSEventHelper.m; sourceTree = "<group>"; }; - 88C0645E14BDE10A00E4BCE2 /* Window.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = Window.h; path = Classes/Window.h; sourceTree = "<group>"; }; - 88C0645F14BDE10A00E4BCE2 /* Window.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = Window.m; path = Classes/Window.m; sourceTree = "<group>"; }; - 88C0646514BDEC5800E4BCE2 /* en */ = {isa = PBXFileReference; lastKnownFileType = file.xib; name = en; path = en.lproj/Window.xib; sourceTree = "<group>"; }; - 88C0646B14BDF6A600E4BCE2 /* WindowController.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WindowController.h; sourceTree = "<group>"; }; - 88C0646C14BDF6A600E4BCE2 /* WindowController.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = WindowController.m; sourceTree = "<group>"; }; - C14EFCA61B0986AF00894B5F /* ZeroTierIcon.icns */ = {isa = PBXFileReference; lastKnownFileType = image.icns; name = ZeroTierIcon.icns; path = ../../../../artwork/ZeroTierIcon.icns; sourceTree = "<group>"; }; - C1C2B9901AFB0CF10060D7C2 /* Security.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Security.framework; path = System/Library/Frameworks/Security.framework; sourceTree = SDKROOT; }; - F2B80014179E0FC100B069A8 /* Clipboard.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = Clipboard.h; sourceTree = "<group>"; }; - F2B80015179E0FC100B069A8 /* Clipboard.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = Clipboard.m; sourceTree = "<group>"; }; - FA32509C14BA813600BF0781 /* WebKit.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = WebKit.framework; path = System/Library/Frameworks/WebKit.framework; sourceTree = SDKROOT; }; - FA3250BA14BA85E700BF0781 /* Constants.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; name = Constants.h; path = Classes/Constants.h; sourceTree = "<group>"; }; - FA3250BB14BA85E700BF0781 /* ContentView.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; name = ContentView.h; path = Classes/ContentView.h; sourceTree = "<group>"; }; - FA3250BC14BA85E700BF0781 /* ContentView.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; name = ContentView.m; path = Classes/ContentView.m; sourceTree = "<group>"; }; - FA3250BD14BA85E700BF0781 /* Utils.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; name = Utils.h; path = Classes/Utils.h; sourceTree = "<group>"; }; - FA3250BE14BA85E700BF0781 /* Utils.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; name = Utils.m; path = Classes/Utils.m; sourceTree = "<group>"; }; - FA3250BF14BA85E700BF0781 /* WebViewDelegate.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; name = WebViewDelegate.h; path = Classes/WebViewDelegate.h; sourceTree = "<group>"; }; - FA3250C014BA85E700BF0781 /* WebViewDelegate.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; name = WebViewDelegate.m; path = Classes/WebViewDelegate.m; sourceTree = "<group>"; }; - FA3250C814BA860800BF0781 /* App.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; name = App.h; path = Classes/Commands/App.h; sourceTree = "<group>"; }; - FA3250C914BA860800BF0781 /* App.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; name = App.m; path = Classes/Commands/App.m; sourceTree = "<group>"; }; - FA3250CA14BA860800BF0781 /* Dock.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; name = Dock.h; path = Classes/Commands/Dock.h; sourceTree = "<group>"; }; - FA3250CB14BA860800BF0781 /* Dock.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; name = Dock.m; path = Classes/Commands/Dock.m; sourceTree = "<group>"; }; - FA3250CE14BA860800BF0781 /* Path.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; name = Path.h; path = Classes/Commands/Path.h; sourceTree = "<group>"; }; - FA3250CF14BA860800BF0781 /* Path.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; name = Path.m; path = Classes/Commands/Path.m; sourceTree = "<group>"; }; - FA3250D014BA860800BF0781 /* Sound.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; name = Sound.h; path = Classes/Commands/Sound.h; sourceTree = "<group>"; }; - FA3250D114BA860800BF0781 /* Sound.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; name = Sound.m; path = Classes/Commands/Sound.m; sourceTree = "<group>"; }; - FA3F7741168F70780027B324 /* Cocoa.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Cocoa.framework; path = Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.8.sdk/System/Library/Frameworks/Cocoa.framework; sourceTree = DEVELOPER_DIR; }; - FAE451BA14BA79C600190544 /* ZeroTier One.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = "ZeroTier One.app"; sourceTree = BUILT_PRODUCTS_DIR; }; - FAE451BE14BA79C600190544 /* Cocoa.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Cocoa.framework; path = System/Library/Frameworks/Cocoa.framework; sourceTree = SDKROOT; }; - FAE451C114BA79C600190544 /* AppKit.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = AppKit.framework; path = System/Library/Frameworks/AppKit.framework; sourceTree = SDKROOT; }; - FAE451C214BA79C600190544 /* CoreData.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = CoreData.framework; path = System/Library/Frameworks/CoreData.framework; sourceTree = SDKROOT; }; - FAE451C314BA79C600190544 /* Foundation.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Foundation.framework; path = System/Library/Frameworks/Foundation.framework; sourceTree = SDKROOT; }; - FAE451C614BA79C600190544 /* MacGap-Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = "MacGap-Info.plist"; sourceTree = "<group>"; }; - FAE451C814BA79C600190544 /* en */ = {isa = PBXFileReference; lastKnownFileType = text.plist.strings; name = en; path = en.lproj/InfoPlist.strings; sourceTree = "<group>"; }; - FAE451CA14BA79C600190544 /* main.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = main.m; sourceTree = "<group>"; }; - FAE451CC14BA79C600190544 /* MacGap-Prefix.pch */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "MacGap-Prefix.pch"; sourceTree = "<group>"; }; - FAE451CE14BA79C600190544 /* en */ = {isa = PBXFileReference; lastKnownFileType = text.rtf; name = en; path = en.lproj/Credits.rtf; sourceTree = "<group>"; }; - FAE451D014BA79C600190544 /* AppDelegate.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = AppDelegate.h; sourceTree = "<group>"; }; - FAE451D114BA79C600190544 /* AppDelegate.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = AppDelegate.m; sourceTree = "<group>"; }; - FAE451D414BA79C600190544 /* en */ = {isa = PBXFileReference; lastKnownFileType = file.xib; name = en; path = en.lproj/MainMenu.xib; sourceTree = "<group>"; }; -/* End PBXFileReference section */ - -/* Begin PBXFrameworksBuildPhase section */ - FAE451B714BA79C600190544 /* Frameworks */ = { - isa = PBXFrameworksBuildPhase; - buildActionMask = 2147483647; - files = ( - C1C2B9911AFB0CF10060D7C2 /* Security.framework in Frameworks */, - 6F169DAC18CD8A4A005EDDF3 /* JavaScriptCore.framework in Frameworks */, - FA3F7742168F70790027B324 /* Cocoa.framework in Frameworks */, - FA32509D14BA813600BF0781 /* WebKit.framework in Frameworks */, - ); - runOnlyForDeploymentPostprocessing = 0; - }; -/* End PBXFrameworksBuildPhase section */ - -/* Begin PBXGroup section */ - FA3250E014BA87B800BF0781 /* Classes */ = { - isa = PBXGroup; - children = ( - FA3250E114BA87DD00BF0781 /* Commands */, - FA3250BA14BA85E700BF0781 /* Constants.h */, - 6F169DA818CC35FD005EDDF3 /* CallbackDelegate.h */, - 6F169DA918CC35FD005EDDF3 /* CallbackDelegate.m */, - FA3250BB14BA85E700BF0781 /* ContentView.h */, - FA3250BC14BA85E700BF0781 /* ContentView.m */, - FA3250BF14BA85E700BF0781 /* WebViewDelegate.h */, - FA3250C014BA85E700BF0781 /* WebViewDelegate.m */, - 88C0646B14BDF6A600E4BCE2 /* WindowController.h */, - 88C0646C14BDF6A600E4BCE2 /* WindowController.m */, - ); - name = Classes; - sourceTree = "<group>"; - }; - FA3250E114BA87DD00BF0781 /* Commands */ = { - isa = PBXGroup; - children = ( - 6F169DA518CC332E005EDDF3 /* Command.h */, - 6F169DA618CC332E005EDDF3 /* Command.m */, - 1495814D15C15CCC00E1CFE5 /* Notice.h */, - 1495814E15C15CCC00E1CFE5 /* Notice.m */, - FA3250CA14BA860800BF0781 /* Dock.h */, - FA3250CB14BA860800BF0781 /* Dock.m */, - 6FD6E4EB18C2D48200DFFBE6 /* fonts.h */, - 6FD6E4EC18C2D48C00DFFBE6 /* fonts.m */, - FA3250BD14BA85E700BF0781 /* Utils.h */, - FA3250BE14BA85E700BF0781 /* Utils.m */, - 6FD672B418FE618E00C0DAAD /* UserDefaults.h */, - 6FD672B518FE618E00C0DAAD /* UserDefaults.m */, - FA3250CE14BA860800BF0781 /* Path.h */, - FA3250CF14BA860800BF0781 /* Path.m */, - FA3250D014BA860800BF0781 /* Sound.h */, - FA3250D114BA860800BF0781 /* Sound.m */, - FA3250C814BA860800BF0781 /* App.h */, - FA3250C914BA860800BF0781 /* App.m */, - 6F169DAD18CD906F005EDDF3 /* MenuItemProxy.h */, - 6F169DAE18CD906F005EDDF3 /* MenuItemProxy.m */, - 6F169DAF18CD906F005EDDF3 /* MenuProxy.h */, - 6F169DB018CD906F005EDDF3 /* MenuProxy.m */, - 88C0645E14BDE10A00E4BCE2 /* Window.h */, - 88C0645F14BDE10A00E4BCE2 /* Window.m */, - 88746BEC14CCA435001E160E /* JSEventHelper.h */, - 88746BED14CCA435001E160E /* JSEventHelper.m */, - F2B80014179E0FC100B069A8 /* Clipboard.h */, - F2B80015179E0FC100B069A8 /* Clipboard.m */, - ); - name = Commands; - sourceTree = "<group>"; - }; - FAE451AF14BA79C600190544 = { - isa = PBXGroup; - children = ( - FA3F7741168F70780027B324 /* Cocoa.framework */, - FAE451C414BA79C600190544 /* MacGap */, - FAE451BD14BA79C600190544 /* Frameworks */, - FAE451BB14BA79C600190544 /* Products */, - ); - sourceTree = "<group>"; - }; - FAE451BB14BA79C600190544 /* Products */ = { - isa = PBXGroup; - children = ( - FAE451BA14BA79C600190544 /* ZeroTier One.app */, - ); - name = Products; - sourceTree = "<group>"; - }; - FAE451BD14BA79C600190544 /* Frameworks */ = { - isa = PBXGroup; - children = ( - C1C2B9901AFB0CF10060D7C2 /* Security.framework */, - 6F169DAB18CD8A4A005EDDF3 /* JavaScriptCore.framework */, - FA32509C14BA813600BF0781 /* WebKit.framework */, - FAE451BE14BA79C600190544 /* Cocoa.framework */, - FAE451C014BA79C600190544 /* Other Frameworks */, - ); - name = Frameworks; - sourceTree = "<group>"; - }; - FAE451C014BA79C600190544 /* Other Frameworks */ = { - isa = PBXGroup; - children = ( - FAE451C114BA79C600190544 /* AppKit.framework */, - FAE451C214BA79C600190544 /* CoreData.framework */, - FAE451C314BA79C600190544 /* Foundation.framework */, - ); - name = "Other Frameworks"; - sourceTree = "<group>"; - }; - FAE451C414BA79C600190544 /* MacGap */ = { - isa = PBXGroup; - children = ( - FA3250E014BA87B800BF0781 /* Classes */, - FAE451D014BA79C600190544 /* AppDelegate.h */, - FAE451D114BA79C600190544 /* AppDelegate.m */, - C14EFCA61B0986AF00894B5F /* ZeroTierIcon.icns */, - FAE451D314BA79C600190544 /* MainMenu.xib */, - 88C0646414BDEC5800E4BCE2 /* Window.xib */, - FAE451C514BA79C600190544 /* Supporting Files */, - ); - path = MacGap; - sourceTree = "<group>"; - }; - FAE451C514BA79C600190544 /* Supporting Files */ = { - isa = PBXGroup; - children = ( - FAE451C614BA79C600190544 /* MacGap-Info.plist */, - FAE451C714BA79C600190544 /* InfoPlist.strings */, - FAE451CA14BA79C600190544 /* main.m */, - FAE451CC14BA79C600190544 /* MacGap-Prefix.pch */, - FAE451CD14BA79C600190544 /* Credits.rtf */, - ); - name = "Supporting Files"; - sourceTree = "<group>"; - }; -/* End PBXGroup section */ - -/* Begin PBXNativeTarget section */ - FAE451B914BA79C600190544 /* MacGap */ = { - isa = PBXNativeTarget; - buildConfigurationList = FAE451D814BA79C600190544 /* Build configuration list for PBXNativeTarget "MacGap" */; - buildPhases = ( - FAE451B814BA79C600190544 /* Resources */, - FAE451B614BA79C600190544 /* Sources */, - FAE451B714BA79C600190544 /* Frameworks */, - FA3250DD14BA876F00BF0781 /* CopyFiles */, - ); - buildRules = ( - ); - dependencies = ( - ); - name = MacGap; - productName = MacGap; - productReference = FAE451BA14BA79C600190544 /* ZeroTier One.app */; - productType = "com.apple.product-type.application"; - }; -/* End PBXNativeTarget section */ - -/* Begin PBXProject section */ - FAE451B114BA79C600190544 /* Project object */ = { - isa = PBXProject; - attributes = { - LastUpgradeCheck = 0710; - ORGANIZATIONNAME = Twitter; - }; - buildConfigurationList = FAE451B414BA79C600190544 /* Build configuration list for PBXProject "MacGap" */; - compatibilityVersion = "Xcode 3.2"; - developmentRegion = English; - hasScannedForEncodings = 0; - knownRegions = ( - en, - ); - mainGroup = FAE451AF14BA79C600190544; - productRefGroup = FAE451BB14BA79C600190544 /* Products */; - projectDirPath = ""; - projectRoot = ""; - targets = ( - FAE451B914BA79C600190544 /* MacGap */, - ); - }; -/* End PBXProject section */ - -/* Begin PBXResourcesBuildPhase section */ - FAE451B814BA79C600190544 /* Resources */ = { - isa = PBXResourcesBuildPhase; - buildActionMask = 2147483647; - files = ( - C14EFCA71B0986AF00894B5F /* ZeroTierIcon.icns in Resources */, - FAE451C914BA79C600190544 /* InfoPlist.strings in Resources */, - FAE451CF14BA79C600190544 /* Credits.rtf in Resources */, - FAE451D514BA79C600190544 /* MainMenu.xib in Resources */, - 88C0646614BDEC5800E4BCE2 /* Window.xib in Resources */, - ); - runOnlyForDeploymentPostprocessing = 0; - }; -/* End PBXResourcesBuildPhase section */ - -/* Begin PBXSourcesBuildPhase section */ - FAE451B614BA79C600190544 /* Sources */ = { - isa = PBXSourcesBuildPhase; - buildActionMask = 2147483647; - files = ( - 6F169DAA18CC35FD005EDDF3 /* CallbackDelegate.m in Sources */, - FA3250D314BA860800BF0781 /* App.m in Sources */, - FA3250D514BA860800BF0781 /* Dock.m in Sources */, - FA3250D914BA860800BF0781 /* Path.m in Sources */, - FA3250DB14BA860800BF0781 /* Sound.m in Sources */, - FA3250C314BA85E700BF0781 /* ContentView.m in Sources */, - FA3250C514BA85E700BF0781 /* Utils.m in Sources */, - FA3250C714BA85E700BF0781 /* WebViewDelegate.m in Sources */, - FAE451CB14BA79C600190544 /* main.m in Sources */, - 6F169DB118CD906F005EDDF3 /* MenuItemProxy.m in Sources */, - FAE451D214BA79C600190544 /* AppDelegate.m in Sources */, - 6F169DA718CC332E005EDDF3 /* Command.m in Sources */, - 6FD672B618FE618E00C0DAAD /* UserDefaults.m in Sources */, - 88C0646014BDE10A00E4BCE2 /* Window.m in Sources */, - 6F169DB218CD906F005EDDF3 /* MenuProxy.m in Sources */, - 88C0646D14BDF6A600E4BCE2 /* WindowController.m in Sources */, - 6FD6E4ED18C2D48C00DFFBE6 /* fonts.m in Sources */, - 88746BEE14CCA435001E160E /* JSEventHelper.m in Sources */, - 1495814F15C15CCC00E1CFE5 /* Notice.m in Sources */, - F2B80016179E0FC100B069A8 /* Clipboard.m in Sources */, - ); - runOnlyForDeploymentPostprocessing = 0; - }; -/* End PBXSourcesBuildPhase section */ - -/* Begin PBXVariantGroup section */ - 88C0646414BDEC5800E4BCE2 /* Window.xib */ = { - isa = PBXVariantGroup; - children = ( - 88C0646514BDEC5800E4BCE2 /* en */, - ); - name = Window.xib; - sourceTree = "<group>"; - }; - FAE451C714BA79C600190544 /* InfoPlist.strings */ = { - isa = PBXVariantGroup; - children = ( - FAE451C814BA79C600190544 /* en */, - ); - name = InfoPlist.strings; - sourceTree = "<group>"; - }; - FAE451CD14BA79C600190544 /* Credits.rtf */ = { - isa = PBXVariantGroup; - children = ( - FAE451CE14BA79C600190544 /* en */, - ); - name = Credits.rtf; - sourceTree = "<group>"; - }; - FAE451D314BA79C600190544 /* MainMenu.xib */ = { - isa = PBXVariantGroup; - children = ( - FAE451D414BA79C600190544 /* en */, - ); - name = MainMenu.xib; - sourceTree = "<group>"; - }; -/* End PBXVariantGroup section */ - -/* Begin XCBuildConfiguration section */ - FAE451D614BA79C600190544 /* Debug */ = { - isa = XCBuildConfiguration; - buildSettings = { - ALWAYS_SEARCH_USER_PATHS = NO; - CLANG_ENABLE_OBJC_ARC = YES; - COPY_PHASE_STRIP = NO; - ENABLE_TESTABILITY = YES; - GCC_C_LANGUAGE_STANDARD = gnu99; - GCC_DYNAMIC_NO_PIC = NO; - GCC_ENABLE_OBJC_EXCEPTIONS = YES; - GCC_OPTIMIZATION_LEVEL = 0; - GCC_PREPROCESSOR_DEFINITIONS = ( - "DEBUG=1", - "$(inherited)", - ); - GCC_SYMBOLS_PRIVATE_EXTERN = NO; - GCC_VERSION = ""; - GCC_WARN_64_TO_32_BIT_CONVERSION = YES; - GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES; - GCC_WARN_ABOUT_RETURN_TYPE = YES; - GCC_WARN_UNUSED_VARIABLE = YES; - MACOSX_DEPLOYMENT_TARGET = 10.7; - ONLY_ACTIVE_ARCH = YES; - PRODUCT_NAME = "ZeroTier One"; - SDKROOT = ""; - }; - name = Debug; - }; - FAE451D714BA79C600190544 /* Release */ = { - isa = XCBuildConfiguration; - buildSettings = { - ALWAYS_SEARCH_USER_PATHS = NO; - CLANG_ENABLE_OBJC_ARC = YES; - COPY_PHASE_STRIP = YES; - DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; - GCC_C_LANGUAGE_STANDARD = gnu99; - GCC_ENABLE_OBJC_EXCEPTIONS = YES; - GCC_VERSION = ""; - GCC_WARN_64_TO_32_BIT_CONVERSION = YES; - GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES; - GCC_WARN_ABOUT_RETURN_TYPE = YES; - GCC_WARN_UNUSED_VARIABLE = YES; - MACOSX_DEPLOYMENT_TARGET = 10.7; - PRODUCT_NAME = "ZeroTier One"; - SDKROOT = ""; - }; - name = Release; - }; - FAE451D914BA79C600190544 /* Debug */ = { - isa = XCBuildConfiguration; - buildSettings = { - CLANG_CXX_LANGUAGE_STANDARD = "compiler-default"; - CLANG_CXX_LIBRARY = "compiler-default"; - COMBINE_HIDPI_IMAGES = YES; - FRAMEWORK_SEARCH_PATHS = ( - "$(inherited)", - "\"$(SRCROOT)/MacGap\"", - ); - GCC_PRECOMPILE_PREFIX_HEADER = YES; - GCC_PREFIX_HEADER = "MacGap/MacGap-Prefix.pch"; - GCC_VERSION = ""; - INFOPLIST_FILE = "MacGap/MacGap-Info.plist"; - MACOSX_DEPLOYMENT_TARGET = 10.7; - PRODUCT_BUNDLE_IDENTIFIER = "com.zerotier.$(PRODUCT_NAME:rfc1034identifier)"; - PRODUCT_NAME = "ZeroTier One"; - SDKROOT = macosx; - WRAPPER_EXTENSION = app; - }; - name = Debug; - }; - FAE451DA14BA79C600190544 /* Release */ = { - isa = XCBuildConfiguration; - buildSettings = { - CLANG_CXX_LANGUAGE_STANDARD = "compiler-default"; - CLANG_CXX_LIBRARY = "compiler-default"; - COMBINE_HIDPI_IMAGES = YES; - FRAMEWORK_SEARCH_PATHS = ( - "$(inherited)", - "\"$(SRCROOT)/MacGap\"", - ); - GCC_PRECOMPILE_PREFIX_HEADER = YES; - GCC_PREFIX_HEADER = "MacGap/MacGap-Prefix.pch"; - GCC_VERSION = ""; - INFOPLIST_FILE = "MacGap/MacGap-Info.plist"; - MACOSX_DEPLOYMENT_TARGET = 10.7; - PRODUCT_BUNDLE_IDENTIFIER = "com.zerotier.$(PRODUCT_NAME:rfc1034identifier)"; - PRODUCT_NAME = "ZeroTier One"; - SDKROOT = macosx; - WRAPPER_EXTENSION = app; - }; - name = Release; - }; -/* End XCBuildConfiguration section */ - -/* Begin XCConfigurationList section */ - FAE451B414BA79C600190544 /* Build configuration list for PBXProject "MacGap" */ = { - isa = XCConfigurationList; - buildConfigurations = ( - FAE451D614BA79C600190544 /* Debug */, - FAE451D714BA79C600190544 /* Release */, - ); - defaultConfigurationIsVisible = 0; - defaultConfigurationName = Release; - }; - FAE451D814BA79C600190544 /* Build configuration list for PBXNativeTarget "MacGap" */ = { - isa = XCConfigurationList; - buildConfigurations = ( - FAE451D914BA79C600190544 /* Debug */, - FAE451DA14BA79C600190544 /* Release */, - ); - defaultConfigurationIsVisible = 0; - defaultConfigurationName = Release; - }; -/* End XCConfigurationList section */ - }; - rootObject = FAE451B114BA79C600190544 /* Project object */; -} diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.xcworkspace/xcshareddata/MacGap.xccheckout b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.xcworkspace/xcshareddata/MacGap.xccheckout deleted file mode 100644 index 7fdde853..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.xcworkspace/xcshareddata/MacGap.xccheckout +++ /dev/null @@ -1,41 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> -<plist version="1.0"> -<dict> - <key>IDESourceControlProjectFavoriteDictionaryKey</key> - <false/> - <key>IDESourceControlProjectIdentifier</key> - <string>4D486E78-E297-4CC3-AAAE-1A58EDAC87E6</string> - <key>IDESourceControlProjectName</key> - <string>MacGap</string> - <key>IDESourceControlProjectOriginsDictionary</key> - <dict> - <key>ABA3617E9F0148F844A82502F0D808DE6591AA97</key> - <string>http://adam.ierymenko@git.int.zerotier.com/zerotier/zerotierone</string> - </dict> - <key>IDESourceControlProjectPath</key> - <string>ext/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj</string> - <key>IDESourceControlProjectRelativeInstallPathDictionary</key> - <dict> - <key>ABA3617E9F0148F844A82502F0D808DE6591AA97</key> - <string>../../../../..</string> - </dict> - <key>IDESourceControlProjectURL</key> - <string>http://adam.ierymenko@git.int.zerotier.com/zerotier/zerotierone</string> - <key>IDESourceControlProjectVersion</key> - <integer>111</integer> - <key>IDESourceControlProjectWCCIdentifier</key> - <string>ABA3617E9F0148F844A82502F0D808DE6591AA97</string> - <key>IDESourceControlProjectWCConfigurations</key> - <array> - <dict> - <key>IDESourceControlRepositoryExtensionIdentifierKey</key> - <string>public.vcs.git</string> - <key>IDESourceControlWCCIdentifierKey</key> - <string>ABA3617E9F0148F844A82502F0D808DE6591AA97</string> - <key>IDESourceControlWCCName</key> - <string>ZeroTierOne</string> - </dict> - </array> -</dict> -</plist> diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.xcworkspace/xcuserdata/Alex.xcuserdatad/UserInterfaceState.xcuserstate b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.xcworkspace/xcuserdata/Alex.xcuserdatad/UserInterfaceState.xcuserstate Binary files differdeleted file mode 100644 index 20281812..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.xcworkspace/xcuserdata/Alex.xcuserdatad/UserInterfaceState.xcuserstate +++ /dev/null diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.xcworkspace/xcuserdata/api.xcuserdatad/WorkspaceSettings.xcsettings b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.xcworkspace/xcuserdata/api.xcuserdatad/WorkspaceSettings.xcsettings deleted file mode 100644 index 659c8766..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.xcworkspace/xcuserdata/api.xcuserdatad/WorkspaceSettings.xcsettings +++ /dev/null @@ -1,10 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> -<plist version="1.0"> -<dict> - <key>HasAskedToTakeAutomaticSnapshotBeforeSignificantChanges</key> - <true/> - <key>SnapshotAutomaticallyBeforeSignificantChanges</key> - <true/> -</dict> -</plist> diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.xcworkspace/xcuserdata/liamks.xcuserdatad/UserInterfaceState.xcuserstate b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.xcworkspace/xcuserdata/liamks.xcuserdatad/UserInterfaceState.xcuserstate Binary files differdeleted file mode 100644 index 822ed3cb..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.xcworkspace/xcuserdata/liamks.xcuserdatad/UserInterfaceState.xcuserstate +++ /dev/null diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.xcworkspace/xcuserdata/liamks.xcuserdatad/WorkspaceSettings.xcsettings b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.xcworkspace/xcuserdata/liamks.xcuserdatad/WorkspaceSettings.xcsettings deleted file mode 100644 index 6ff33e60..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.xcworkspace/xcuserdata/liamks.xcuserdatad/WorkspaceSettings.xcsettings +++ /dev/null @@ -1,10 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> -<plist version="1.0"> -<dict> - <key>IDEWorkspaceUserSettings_HasAskedToTakeAutomaticSnapshotBeforeSignificantChanges</key> - <true/> - <key>IDEWorkspaceUserSettings_SnapshotAutomaticallyBeforeSignificantChanges</key> - <true/> -</dict> -</plist> diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/AppDelegate.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/AppDelegate.h deleted file mode 100644 index bf7370b5..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/AppDelegate.h +++ /dev/null @@ -1,18 +0,0 @@ -// -// AppDelegate.h -// MacGap -// -// Created by Alex MacCaw on 08/01/2012. -// Copyright (c) 2012 Twitter. All rights reserved. -// - -#import <Cocoa/Cocoa.h> -#import "Classes/ContentView.h" - -#import "WindowController.h" - -@interface AppDelegate : NSObject <NSApplicationDelegate> - -@property (retain, nonatomic) WindowController *windowController; - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/AppDelegate.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/AppDelegate.m deleted file mode 100644 index 45923bb3..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/AppDelegate.m +++ /dev/null @@ -1,159 +0,0 @@ -// -// AppDelegate.m -// MacGap -// -// Created by Alex MacCaw on 08/01/2012. -// Copyright (c) 2012 Twitter. All rights reserved. -// - -#import "AppDelegate.h" -#include <sys/stat.h> -#include <sys/types.h> - -@implementation AppDelegate - -@synthesize windowController; - -- (void) applicationWillFinishLaunching:(NSNotification *)aNotification -{ -} - --(BOOL)applicationShouldHandleReopen:(NSApplication*)application - hasVisibleWindows:(BOOL)visibleWindows{ - if(!visibleWindows){ - [self.windowController.window makeKeyAndOrderFront: nil]; - } - return YES; -} - -- (BOOL)applicationShouldTerminateAfterLastWindowClosed:(NSApplication *)theApplication { - return YES; -} - -- (void) applicationDidFinishLaunching:(NSNotification *)aNotification { - char buf[16384],userAuthTokenPath[4096]; - struct stat systemAuthTokenStat,userAuthTokenStat; - - FILE *pf = fopen("/Library/Application Support/ZeroTier/One/zerotier-one.port","r"); - long port = 9993; // default - if (pf) { - long n = fread(buf,1,sizeof(buf)-1,pf); - if (n > 0) { - buf[n] = (char)0; - port = strtol(buf,(char **)0,10); - } - fclose(pf); - } - - char url[16384]; - memset(url,0,sizeof(url)); - - const char *homeDir = getenv("HOME"); - if (homeDir) { - snprintf(userAuthTokenPath,sizeof(userAuthTokenPath),"%s/Library/Application Support/ZeroTier/One/authtoken.secret",homeDir); - - bool userAuthTokenOutOfDate = false; - memset(&systemAuthTokenStat,0,sizeof(systemAuthTokenStat)); - memset(&userAuthTokenStat,0,sizeof(userAuthTokenStat)); - if (stat("/Library/Application Support/ZeroTier/One/authtoken.secret",&systemAuthTokenStat) == 0) { - if (stat(userAuthTokenPath,&userAuthTokenStat) == 0) { - if (userAuthTokenStat.st_mtimespec.tv_sec < systemAuthTokenStat.st_mtimespec.tv_sec) - userAuthTokenOutOfDate = true; - } - } - - if (!userAuthTokenOutOfDate) { - pf = fopen(userAuthTokenPath,"r"); - if (pf) { - long n = fread(buf,1,sizeof(buf)-1,pf); - if (n > 0) { - buf[n] = (char)0; - snprintf(url,sizeof(url),"http://127.0.0.1:%ld/index.html?authToken=%s",port,buf); - } - fclose(pf); - } - } - } - - if (!url[0]) { - // Create authorization reference - OSStatus status; - AuthorizationRef authorizationRef; - - // AuthorizationCreate and pass NULL as the initial - // AuthorizationRights set so that the AuthorizationRef gets created - // successfully, and then later call AuthorizationCopyRights to - // determine or extend the allowable rights. - // http://developer.apple.com/qa/qa2001/qa1172.html - status = AuthorizationCreate(NULL, kAuthorizationEmptyEnvironment, kAuthorizationFlagDefaults, &authorizationRef); - if (status != errAuthorizationSuccess) - { - NSLog(@"Error Creating Initial Authorization: %d", status); - return; - } - - // kAuthorizationRightExecute == "system.privilege.admin" - AuthorizationItem right = {kAuthorizationRightExecute, 0, NULL, 0}; - AuthorizationRights rights = {1, &right}; - AuthorizationFlags flags = kAuthorizationFlagDefaults | kAuthorizationFlagInteractionAllowed | - kAuthorizationFlagPreAuthorize | kAuthorizationFlagExtendRights; - - // Call AuthorizationCopyRights to determine or extend the allowable rights. - status = AuthorizationCopyRights(authorizationRef, &rights, NULL, flags, NULL); - if (status != errAuthorizationSuccess) - { - NSLog(@"Copy Rights Unsuccessful: %d", status); - return; - } - - // use rm tool with -rf - char *tool = "/bin/cat"; - char *args[] = {"/Library/Application Support/ZeroTier/One/authtoken.secret", NULL}; - FILE *pipe = NULL; - - status = AuthorizationExecuteWithPrivileges(authorizationRef, tool, kAuthorizationFlagDefaults, args, &pipe); - if (status != errAuthorizationSuccess) - { - NSLog(@"Error: %d", status); - } - - if (pipe) { - long n = (long)fread(buf,1,sizeof(buf)-1,pipe); - if (n > 0) { - buf[n] = (char)0; - snprintf(url,sizeof(url),"http://127.0.0.1:%ld/index.html?authToken=%s",port,buf); - - if (homeDir) { - snprintf(userAuthTokenPath,sizeof(userAuthTokenPath),"%s/Library/Application Support/ZeroTier",homeDir); - mkdir(userAuthTokenPath,0755); - snprintf(userAuthTokenPath,sizeof(userAuthTokenPath),"%s/Library/Application Support/ZeroTier/One",homeDir); - mkdir(userAuthTokenPath,0755); - snprintf(userAuthTokenPath,sizeof(userAuthTokenPath),"%s/Library/Application Support/ZeroTier/One/authtoken.secret",homeDir); - pf = fopen(userAuthTokenPath,"w"); - if (pf) { - fwrite(buf,1,strlen(buf),pf); - fclose(pf); - chmod(userAuthTokenPath,0600); - } - } - } - fclose(pipe); - } - - // The only way to guarantee that a credential acquired when you - // request a right is not shared with other authorization instances is - // to destroy the credential. To do so, call the AuthorizationFree - // function with the flag kAuthorizationFlagDestroyRights. - // http://developer.apple.com/documentation/Security/Conceptual/authorization_concepts/02authconcepts/chapter_2_section_7.html - status = AuthorizationFree(authorizationRef, kAuthorizationFlagDestroyRights); - } - - NSString *urlStr = [[NSString alloc] initWithCString:url]; - self.windowController = [[WindowController alloc] initWithURL: urlStr]; - [self.windowController showWindow: [NSApplication sharedApplication].delegate]; - self.windowController.contentView.webView.alphaValue = 1.0; - self.windowController.contentView.alphaValue = 1.0; - [self.windowController showWindow:self]; -} - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/CallbackDelegate.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/CallbackDelegate.h deleted file mode 100755 index 0f31ee41..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/CallbackDelegate.h +++ /dev/null @@ -1,20 +0,0 @@ -// -// CallbackDelegate.h -// MacGap -// -// Created by Joe Hildebrand on 1/10/12. -// Copyright (c) 2012 Twitter. All rights reserved. -// - -#import "Command.h" - -@interface CallbackDelegate : Command { -} - -@property JSObjectRef callback; - -- (id) initWithContext:(JSContextRef)aContext forCallback:(WebScriptObject*)aCallback; -- (id) call; -- (id) callWithParams:(id)firstOrNil, ... NS_REQUIRES_NIL_TERMINATION; - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/CallbackDelegate.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/CallbackDelegate.m deleted file mode 100755 index 5ce8fbe3..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/CallbackDelegate.m +++ /dev/null @@ -1,168 +0,0 @@ -// -// CallbackDelegate.m -// MacGap -// -// Created by Joe Hildebrand on 1/10/12. -// Copyright (c) 2012 Twitter. All rights reserved. -// - -#import "CallbackDelegate.h" -#import <JavaScriptCore/JavaScript.h> - -@implementation CallbackDelegate - -@synthesize callback; - -- (id) initWithContext:(JSContextRef)aContext forCallback:(WebScriptObject*)aCallback -{ - if (!aCallback) - return nil; - if ([aCallback isKindOfClass:[WebUndefined class]]) - return nil; - - self = [super initWithContext:aContext]; - if (!self) - return nil; - - callback = [aCallback JSObject]; - JSValueProtect(context, callback); - return self; -} - -- (void) dealloc -{ - if (callback) - { - JSValueUnprotect(context, callback); - callback = nil; - } -} - -- (id) objectFromValue:(JSValueRef)val -{ - JSStringRef jstr; - NSString *rets; - - switch(JSValueGetType(context, val)) - { - case kJSTypeUndefined: - case kJSTypeNull: - return nil; - case kJSTypeBoolean: - return [NSNumber numberWithBool:JSValueToBoolean(context, val)]; - case kJSTypeNumber: - return [NSNumber numberWithDouble:JSValueToNumber(context, val, NULL)]; - case kJSTypeString: - jstr = JSValueToStringCopy(context, val, NULL); - size_t sz = JSStringGetMaximumUTF8CStringSize(jstr); - char *buf = (char*)malloc(sz); - JSStringGetUTF8CString(jstr, buf, sz); - rets = [NSString stringWithUTF8String:buf]; - free(buf); - return rets; - case kJSTypeObject: - // TODO: dictionary or something - return nil; - default: - NSAssert(false, @"Invalid JavaScript type"); - return nil; - } -} - -- (JSValueRef) valueFromObject:(id)obj -{ - JSValueRef val = nil; - if (!obj) - { - val = JSValueMakeNull(context); - } - else if ([obj isKindOfClass:[NSString class]]) - { - JSStringRef jstr = JSStringCreateWithUTF8CString([obj UTF8String]); - val = JSValueMakeString(context, jstr); - JSStringRelease(jstr); - } - else if ([obj isKindOfClass:[NSNumber class]]) - { - val = JSValueMakeNumber(context, [obj doubleValue]); - } - else if ([obj isKindOfClass:[NSDictionary class]]) - { - JSObjectRef o = JSObjectMake(context, NULL, NULL); - for (NSString *key in obj) - { - JSStringRef kstr = JSStringCreateWithUTF8CString([key UTF8String]); - JSValueRef v = [self valueFromObject:[obj objectForKey:key]]; - - JSObjectSetProperty(context, o, kstr, v, kJSPropertyAttributeNone, NULL); - JSStringRelease(kstr); - } - val = o; - } - else if ([obj isKindOfClass:[NSArray class]]) - { - NSUInteger pcount = [obj count]; - JSValueRef jsArgs[pcount]; - NSUInteger i=0; - for (id v in obj) - { - jsArgs[i++] = [self valueFromObject:v]; - } - val = JSObjectMakeArray(context, pcount, jsArgs, NULL); - } - else if ([obj isKindOfClass:[NSDate class]]) - { - NSTimeInterval secs = [obj timeIntervalSince1970]; - JSValueRef jsArgs[1]; - // call the Date(milliseconds) constructor in JS - jsArgs[0] = JSValueMakeNumber(context, secs * 1000.0); - val = JSObjectMakeDate(context, 1, jsArgs, NULL); - } - else - { - NSLog(@"Warning: unknown object type for: %@", obj); - val = JSValueMakeUndefined(context); - } - return val; -} - -- (id) call -{ - NSAssert(callback, @"Callback required"); - if (!JSObjectIsFunction(context, callback)) - return nil; - - JSValueRef jsArgs[0]; - JSValueRef ret = JSObjectCallAsFunction(context, callback, NULL, 0, jsArgs, NULL); - return [self objectFromValue:ret]; -} - -- (id) callWithParams:(id)firstOrNil, ... -{ - NSAssert(callback, @"Callback required"); - if (!JSObjectIsFunction(context, callback)) - return nil; - NSUInteger pcount = 0; - id p; - va_list args; - va_start(args, firstOrNil); - for (p=firstOrNil; p; p=va_arg(args, id)) - { - pcount++; - } - va_end(args); - - JSValueRef jsArgs[pcount]; - NSUInteger j = 0; - va_start(args, firstOrNil); - for (p=firstOrNil; p; p=va_arg(args, id)) - { - jsArgs[j++] = [self valueFromObject:p]; - } - va_end(args); - - JSValueRef ret = JSObjectCallAsFunction(context, callback, NULL, j, jsArgs, NULL); - return [self objectFromValue:ret]; -} - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/App.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/App.h deleted file mode 100644 index f65ba61e..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/App.h +++ /dev/null @@ -1,21 +0,0 @@ -#import <Foundation/Foundation.h> - -#import "WindowController.h" - -@interface App : NSObject { - -} - -@property (nonatomic, retain) WebView *webView; - -- (id) initWithWebView:(WebView *)view; - -- (void) terminate; -- (void) activate; -- (void) hide; -- (void) unhide; -- (void) beep; -- (void) bounce; -- (void) setCustomUserAgent:(NSString *)userAgentString; -- (NSNumber*) systemIdleTime; -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/App.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/App.m deleted file mode 100644 index 6d47a17e..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/App.m +++ /dev/null @@ -1,128 +0,0 @@ -#import "App.h" - -#import "JSEventHelper.h" - -@implementation App - -@synthesize webView; - -- (id) initWithWebView:(WebView *) view{ - self = [super init]; - - if (self) { - self.webView = view; - [[[NSWorkspace sharedWorkspace] notificationCenter] addObserver: self - selector: @selector(receiveSleepNotification:) - name: NSWorkspaceWillSleepNotification object: NULL]; - [[[NSWorkspace sharedWorkspace] notificationCenter] addObserver: self - selector: @selector(receiveWakeNotification:) - name: NSWorkspaceDidWakeNotification object: NULL]; - [[[NSWorkspace sharedWorkspace] notificationCenter] addObserver: self - selector: @selector(receiveActivateNotification:) - name: NSWorkspaceDidActivateApplicationNotification object: NULL]; - } - - return self; -} - -- (void) terminate { - [NSApp terminate:nil]; -} - -- (void) activate { - [NSApp activateIgnoringOtherApps:YES]; -} - -- (void) hide { - [NSApp hide:nil]; -} - -- (void) unhide { - [NSApp unhide:nil]; -} - -- (void)beep { - NSBeep(); -} - -- (void) bounce { - [NSApp requestUserAttention:NSInformationalRequest]; -} - -- (void)setCustomUserAgent:(NSString *)userAgentString { - [self.webView setCustomUserAgent: userAgentString]; -} - -- (void) open:(NSString*)url { - [[NSWorkspace sharedWorkspace] openURL:[NSURL URLWithString:url]]; -} - -- (void) launch:(NSString *)name { - [[NSWorkspace sharedWorkspace] launchApplication:name]; -} - -- (void)receiveSleepNotification:(NSNotification*)note{ - [JSEventHelper triggerEvent:@"sleep" forWebView:self.webView]; -} - -- (void) receiveWakeNotification:(NSNotification*)note{ - [JSEventHelper triggerEvent:@"wake" forWebView:self.webView]; -} - -- (void) receiveActivateNotification:(NSNotification*)notification{ - NSDictionary* userInfo = [notification userInfo]; - NSRunningApplication* runningApplication = [userInfo objectForKey:NSWorkspaceApplicationKey]; - if (runningApplication) { - NSMutableDictionary* applicationDidGetFocusDict = [[NSMutableDictionary alloc] initWithCapacity:2]; - [applicationDidGetFocusDict setObject:runningApplication.localizedName - forKey:@"localizedName"]; - [applicationDidGetFocusDict setObject:[runningApplication.bundleURL absoluteString] - forKey:@"bundleURL"]; - - [JSEventHelper triggerEvent:@"appActivated" withArgs:applicationDidGetFocusDict forWebView:self.webView]; - } -} - - - - -/* - To get the elapsed time since the previous input event—keyboard, mouse, or tablet—specify kCGAnyInputEventType. - */ -- (NSNumber*)systemIdleTime { - CFTimeInterval timeSinceLastEvent = CGEventSourceSecondsSinceLastEventType(kCGEventSourceStateHIDSystemState, kCGAnyInputEventType); - - return [NSNumber numberWithDouble:timeSinceLastEvent]; -} - - - - -+ (NSString*) webScriptNameForSelector:(SEL)selector -{ - id result = nil; - - if (selector == @selector(open:)) { - result = @"open"; - } else if (selector == @selector(launch:)) { - result = @"launch"; - } else if (selector == @selector(setCustomUserAgent:)) { - result = @"setCustomUserAgent"; - } else if (selector == @selector(systemIdleTime)) { - result = @"systemIdleTime"; - } - - return result; -} - -+ (BOOL) isSelectorExcludedFromWebScript:(SEL)selector -{ - return NO; -} - -+ (BOOL) isKeyExcludedFromWebScript:(const char*)name -{ - return YES; -} - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Command.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Command.h deleted file mode 100755 index 65d6b6d4..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Command.h +++ /dev/null @@ -1,18 +0,0 @@ -// -// Command.h -// MacGap -// -// Created by Joe Hildebrand on 1/10/12. -// Copyright (c) 2012 Twitter. All rights reserved. -// - -#import <Foundation/Foundation.h> -#import <Webkit/WebScriptObject.h> - -@interface Command : NSObject { - JSContextRef context; -} - -- (id) initWithContext:(JSContextRef)aContext; - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Command.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Command.m deleted file mode 100755 index 39b85630..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Command.m +++ /dev/null @@ -1,28 +0,0 @@ -// -// Command.m -// MacGap -// -// Created by Joe Hildebrand on 1/10/12. -// Copyright (c) 2012 Twitter. All rights reserved. -// - -#import "Command.h" -#import <JavaScriptCore/JSContextRef.h> - -@implementation Command - -- (id) initWithContext:(JSContextRef)aContext { - self = [super init]; - if (!self) - return nil; - context = aContext; - JSGlobalContextRetain((JSGlobalContextRef)context); - return self; -} - -- (void)dealloc -{ - if (context) - JSGlobalContextRelease((JSGlobalContextRef)context); -} -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Dock.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Dock.h deleted file mode 100644 index b3c533d7..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Dock.h +++ /dev/null @@ -1,11 +0,0 @@ -#import <Foundation/Foundation.h> - -@interface Dock : NSObject { - -} -- (void) setBadge:(NSString*)value; -- (NSString *) badge; - -@property (readwrite, copy) NSString *badge; - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Dock.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Dock.m deleted file mode 100644 index a4494d16..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Dock.m +++ /dev/null @@ -1,31 +0,0 @@ -#import "Dock.h" - -@implementation Dock - -@synthesize badge; - -- (void) setBadge:(NSString *)value -{ - NSDockTile *tile = [[NSApplication sharedApplication] dockTile]; - [tile setBadgeLabel:value]; -} - -- (NSString *) badge -{ - NSDockTile *tile = [[NSApplication sharedApplication] dockTile]; - return [tile badgeLabel]; -} - -#pragma mark WebScripting Protocol - -+ (BOOL) isSelectorExcludedFromWebScript:(SEL)selector -{ - return NO; -} - -+ (BOOL) isKeyExcludedFromWebScript:(const char*)name -{ - return NO; -} - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/MenuItemProxy.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/MenuItemProxy.h deleted file mode 100755 index d765978f..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/MenuItemProxy.h +++ /dev/null @@ -1,31 +0,0 @@ -// -// MenuItemProxy.h -// MacGap -// -// Created by Joe Hildebrand on 1/15/12. -// Copyright (c) 2012 Twitter. All rights reserved. -// - -#import "Command.h" -#import "CallbackDelegate.h" - -@class MenuProxy; - -@interface MenuItemProxy : Command { - NSMenuItem *item; - CallbackDelegate *callback; -} - -+ (MenuItemProxy*) proxyWithContext:(JSContextRef)aContext andMenuItem:(NSMenuItem*)anItem; - -- (MenuProxy*)addSubmenu; - -- (void) remove; -- (void) setCallback:(WebScriptObject*)aCallback; -- (void) setKey:(NSString*)keyCommand; -- (void) setTitle:(NSString*)title; -- (void) enable; -- (void) disable; -- (MenuProxy*)submenu; - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/MenuItemProxy.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/MenuItemProxy.m deleted file mode 100755 index 7b9702cc..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/MenuItemProxy.m +++ /dev/null @@ -1,150 +0,0 @@ -// -// MenuItemProxy.m -// MacGap -// -// Created by Joe Hildebrand on 1/15/12. -// Copyright (c) 2012 Twitter. All rights reserved. -// - -#import "MenuItemProxy.h" -#import "MenuProxy.h" - -@implementation MenuItemProxy - -- (id) initWithContext:(JSContextRef)aContext andMenuItem:(NSMenuItem*)anItem -{ - NSAssert(anItem, @"anItem required"); - self = [super initWithContext:aContext]; - if (!self) - return nil; - item = anItem; - item.representedObject = self; - - return self; -} - -+ (MenuItemProxy*) proxyWithContext:(JSContextRef)aContext andMenuItem:(NSMenuItem*)anItem -{ - MenuItemProxy *proxy = [anItem representedObject]; - if (proxy) - { - NSLog(@"MIP Cache hit"); - NSAssert([proxy class] == [MenuItemProxy class], @"Bad proxy"); - return proxy; - } - return [[MenuItemProxy alloc] initWithContext:aContext andMenuItem:anItem]; -} - -- (NSString*) description -{ - return [item description]; -} - -- (MenuProxy*)addSubmenu -{ - NSMenu *s = [item submenu]; - if (!s) - { - s = [[NSMenu alloc] initWithTitle:@"FFFFFFOOOOO"]; - [item setSubmenu:s]; - } - return [MenuProxy proxyWithContext:context andMenu:s]; -} - -- (void) remove -{ - NSMenu *menu = [item menu]; - [menu removeItem:item]; -} - -- (void)callCallback:(id)sender -{ - [callback callWithParams:[sender title], nil]; -} - -- (void) setCallback:(WebScriptObject*)aCallback -{ - NSAssert(item, @"item required"); - callback = [[CallbackDelegate alloc] initWithContext:context forCallback:aCallback]; - [item setAction:@selector(callCallback:)]; - [item setTarget:self]; -} - -- (void)setKey:(NSString*)keyCommand -{ - NSString *aKey = [MenuProxy getKeyFromString:keyCommand]; - [item setKeyEquivalent:aKey]; - - NSUInteger modifiers = [MenuProxy getModifiersFromString:keyCommand]; - [item setKeyEquivalentModifierMask:modifiers]; -} - -- (void) setTitle:(NSString*)title -{ - [item setTitle:title]; -} - -- (MenuProxy*)submenu; -{ - // TODO: make this work as a property - NSMenu *s = [item submenu]; - if (!s) - return nil; - return [MenuProxy proxyWithContext:context andMenu:s]; -} - -- (void) enable -{ - [item setEnabled:YES]; -} - -- (void) disable -{ - [item setEnabled:NO]; -} - -#pragma mark WebScripting protocol - -+ (BOOL) isSelectorExcludedFromWebScript:(SEL)selector -{ - return [self webScriptNameForSelector:selector] == nil; -} - -+ (BOOL) isKeyExcludedFromWebScript:(const char*)name -{ - return YES; -} - -+ (NSString*) webScriptNameForSelector:(SEL)selector -{ - id result = nil; - - if (selector == @selector(addSubmenu)) { - result = @"addSubmenu"; - } - else if (selector == @selector(remove)) { - result = @"remove"; - } - else if (selector == @selector(setCallback:)) { - result = @"setCallback"; - } - else if (selector == @selector(setKey:)) { - result = @"setKey"; - } - else if (selector == @selector(setTitle:)) { - result = @"setTitle"; - } - else if (selector == @selector(submenu)) { - result = @"submenu"; - } - else if (selector == @selector(enable)) { - result = @"enable"; - } - else if (selector == @selector(disable)) { - result = @"disable"; - } - - return result; -} - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/MenuProxy.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/MenuProxy.h deleted file mode 100755 index afd6c6ed..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/MenuProxy.h +++ /dev/null @@ -1,31 +0,0 @@ -// -// MenuProxy.h -// MacGap -// -// Created by Joe Hildebrand on 1/14/12. -// Copyright (c) 2012 Twitter. All rights reserved. -// - -#import "Command.h" - -@class MenuItemProxy; - -@interface MenuProxy : Command { - NSMenu *menu; -} - -+ (MenuProxy*)proxyWithContext:(JSContextRef)aContext andMenu:(NSMenu*)aMenu; - -- (MenuItemProxy*)addItemWithTitle:(NSString*)title - keyEquivalent:(NSString*)aKey - callback:(WebScriptObject*)aCallback - atIndex:(NSInteger)index; - -- (MenuItemProxy*)addSeparator; -- (MenuItemProxy*)itemForKey:(id)key; -- (MenuProxy*)removeItem:(id)key; - -+ (NSString*)getKeyFromString:(NSString*)keyCommand; -+ (NSUInteger*)getModifiersFromString:(NSString*)keyCommand; - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/MenuProxy.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/MenuProxy.m deleted file mode 100755 index 5bc10a76..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/MenuProxy.m +++ /dev/null @@ -1,233 +0,0 @@ -// -// MenuProxy.m -// MacGap -// -// Created by Joe Hildebrand on 1/14/12. -// Copyright (c) 2012 Twitter. All rights reserved. -// - -#import <objc/runtime.h> -#import <JavaScriptCore/JavaScript.h> - -#import "MenuProxy.h" -#import "MenuItemProxy.h" - -static char REPRESENTED_OBJECT; - -@interface NSMenu (represented) -@property (strong) id representedObject; -@end - -@implementation NSMenu (represented) - -- (id) representedObject -{ - return objc_getAssociatedObject(self, &REPRESENTED_OBJECT); -} - -- (void) setRepresentedObject:(id)representedObject -{ - objc_setAssociatedObject(self, - &REPRESENTED_OBJECT, - representedObject, - OBJC_ASSOCIATION_RETAIN); -} - -@end - -@implementation MenuProxy - -- (id) initWithContext:(JSContextRef)aContext andMenu:(NSMenu*)aMenu -{ - self = [super initWithContext:aContext]; - if (!self) - return nil; - menu = aMenu; - menu.representedObject = self; - return self; -} - -+ (MenuProxy*)proxyWithContext:(JSContextRef)aContext andMenu:(NSMenu*)aMenu -{ - // singleton-ish. - MenuProxy *ret = [aMenu representedObject]; - if (ret) - { - NSLog(@"MP cache hit"); - return ret; - } - return [[MenuProxy alloc] initWithContext:aContext andMenu:aMenu]; -} - -- (void) dealloc -{ - menu.representedObject = nil; -} - -- (NSString*) description -{ - return [menu description]; -} - -static BOOL isNullish(id o) -{ - if (!o) - return YES; - if ([o isKindOfClass:[WebUndefined class]]) - return YES; - return NO; -} - -- (MenuItemProxy*)addItemWithTitle:(NSString*)title - keyEquivalent:(NSString*)keyCommand - callback:(WebScriptObject*)aCallback - atIndex:(NSInteger)index -{ - if (isNullish(title)) - title = @""; - - NSString *aKey = [MenuProxy getKeyFromString:keyCommand]; - NSMenuItem *item = nil; - - if(index) { - item = [menu insertItemWithTitle:title action:nil keyEquivalent:aKey atIndex:index ]; - } else { - item = [menu addItemWithTitle:title action:nil keyEquivalent:aKey ]; - - } - - // Set the modifiers. - NSUInteger modifiers = [MenuProxy getModifiersFromString:keyCommand]; - [item setKeyEquivalentModifierMask:modifiers]; - - if(!menu.supermenu) { - NSMenu *s = [[NSMenu alloc] initWithTitle:title]; - [item setSubmenu:s]; - } - - MenuItemProxy *mip = [MenuItemProxy proxyWithContext:context andMenuItem:item]; - if (!isNullish(aCallback)) - [mip setCallback:aCallback]; - - - return mip; -} - -+ (NSString*)getKeyFromString:(NSString*)keyCommand { - if (isNullish(keyCommand)) - keyCommand = @""; - - // Obtain the key (if there are modifiers, it will be the last character). - NSString *aKey = @""; - if ([keyCommand length] > 0) { - aKey = [keyCommand substringFromIndex:[keyCommand length] - 1]; - } - - return aKey; -} - -+ (NSUInteger*)getModifiersFromString:(NSString*)keyCommand { - // aKeys may optionally specify one or more modifiers. - NSUInteger modifiers = 0; - - if ([keyCommand rangeOfString:@"caps"].location != NSNotFound) modifiers += NSAlphaShiftKeyMask; - if ([keyCommand rangeOfString:@"shift"].location != NSNotFound) modifiers += NSShiftKeyMask; - if ([keyCommand rangeOfString:@"cmd"].location != NSNotFound) modifiers += NSCommandKeyMask; - if ([keyCommand rangeOfString:@"ctrl"].location != NSNotFound) modifiers += NSControlKeyMask; - if ([keyCommand rangeOfString:@"opt"].location != NSNotFound) modifiers += NSAlternateKeyMask; - if ([keyCommand rangeOfString:@"alt"].location != NSNotFound) modifiers += NSAlternateKeyMask; - - return modifiers; -} - -- (MenuItemProxy*)addSeparator -{ - NSMenuItem *sep = [NSMenuItem separatorItem]; - [menu addItem:sep]; - return [MenuItemProxy proxyWithContext:context andMenuItem:sep]; -} - -- (MenuItemProxy*)itemForKey:(id)key -{ - if (isNullish(key)) - return nil; - NSMenuItem *item = nil; - if ([key isKindOfClass:[NSNumber class]]) - { - item = [menu itemAtIndex:[key intValue]]; - } - else if ([key isKindOfClass:[NSString class]]) - { - item = [menu itemWithTitle:key]; - if (!item) - { - // Try again, with ... appended. e.g. "Save..." - item = [menu itemWithTitle: - [key stringByAppendingString:@"\u2026"]]; - } - } - if (!item) - return nil; - - return [MenuItemProxy proxyWithContext:context andMenuItem:item]; -} - -- (MenuProxy*)removeItem:(id)key -{ - if (isNullish(key)) - return nil; - - NSMenuItem *item = nil; - if ([key isKindOfClass:[NSNumber class]]) - { - item = [menu itemAtIndex:[key intValue]]; - } - else if ([key isKindOfClass:[NSString class]]) - { - item = [menu itemWithTitle:key]; - if (!item) - { - // Try again, with ... appended. e.g. "Save..." - item = [menu itemWithTitle: - [key stringByAppendingString:@"\u2026"]]; - } - } - if (!item) - return nil; - - [menu removeItem:item]; - return [MenuProxy proxyWithContext:context andMenu:menu]; -} - -+ (BOOL) isSelectorExcludedFromWebScript:(SEL)selector -{ - return [self webScriptNameForSelector:selector] == nil; -} - -+ (BOOL) isKeyExcludedFromWebScript:(const char*)name -{ - return YES; -} - -+ (NSString*) webScriptNameForSelector:(SEL)selector -{ - id result = nil; - - if (selector == @selector(addItemWithTitle:keyEquivalent:callback:atIndex:)) { - result = @"addItem"; - } - else if (selector == @selector(addSeparator)) { - result = @"addSeparator"; - } - else if (selector == @selector(itemForKey:)) { - result = @"getItem"; - } - else if (selector == @selector(removeItem:)) { - result = @"removeMenu"; - } - - return result; -} - - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Notice.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Notice.h deleted file mode 100644 index 51077a43..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Notice.h +++ /dev/null @@ -1,26 +0,0 @@ -// -// Notice.h -// MacGap -// -// Created by Christian Sullivan on 7/26/12. -// Copyright (c) 2012 Twitter. All rights reserved. -// - -#import <Foundation/Foundation.h> -#import "WindowController.h" - -#define APP_NOTICE_NOTIFICATION @"Notice" - -@interface Notice : NSObject <NSUserNotificationCenterDelegate> { - -} - -@property (nonatomic, retain) WebView *webView; - -- (id) initWithWebView:(WebView *)view; -- (void) notify:(NSDictionary*)message; -- (void) close:(NSString*)notificationId; -+ (BOOL) available; - -@end - diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Notice.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Notice.m deleted file mode 100644 index a4095f9f..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Notice.m +++ /dev/null @@ -1,108 +0,0 @@ -// -// Notice.m -// MacGap -// -// Created by Christian Sullivan on 7/26/12. -// Copyright (c) 2012 Twitter. All rights reserved. -// - -#import "Notice.h" - -#import "JSEventHelper.h" - -@implementation Notice - -- (id) initWithWebView:(WebView*)view -{ - if(self = [super init]) { - self.webView = view; - [[NSUserNotificationCenter defaultUserNotificationCenter] setDelegate:self]; - } - return self; -} - -- (void) notify:(NSDictionary *)message { - NSUserNotification *notification = [[NSUserNotification alloc] init]; - [notification setTitle:[message valueForKey:@"title"]]; - [notification setInformativeText:[message valueForKey:@"content"]]; - [notification setDeliveryDate:[NSDate dateWithTimeInterval:0 sinceDate:[NSDate date]]]; - BOOL playSound = true; // optional parameter, false only when {sound: false} - @try { - NSNumber *s = [message valueForKey:@"sound"]; - if ([[s className] isEqual: @"__NSCFBoolean"]) { - playSound = [s boolValue]; - } - } - @catch (NSException *exception) { - } - if (playSound) { - [notification setSoundName:NSUserNotificationDefaultSoundName]; - } - NSString *id = @""; // optional, needed for close - @try { - id = [message valueForKey:@"id"]; - } - @catch (NSException *exception) { - } - [notification setUserInfo:[NSDictionary dictionaryWithObjectsAndKeys:id, @"id", nil]]; - NSUserNotificationCenter *center = [NSUserNotificationCenter defaultUserNotificationCenter]; - [center scheduleNotification:notification]; -} - -// close all notifications with id == notificationId or close all notifications if notificationId == "*" -- (void) close:(NSString*)notificationId { - NSUserNotificationCenter *center = [NSUserNotificationCenter defaultUserNotificationCenter]; - for(NSUserNotification * deliveredNote in center.deliveredNotifications) { - if ([notificationId isEqualToString:@"*"] || [deliveredNote.userInfo[@"id"] isEqualToString:notificationId]) { - [center removeDeliveredNotification: deliveredNote]; - } - } -} - -+ (BOOL) available { - if ([NSUserNotificationCenter respondsToSelector:@selector(defaultUserNotificationCenter)]) - return YES; - - return NO; -} - -- (void) userNotificationCenter:(NSUserNotificationCenter *)center didActivateNotification:(NSUserNotification *)notification -{ - NSString *notificationId = [notification.userInfo valueForKey:@"id"]; - [JSEventHelper triggerEvent:@"macgap.notify.activated" forDetail:notificationId forWebView:self.webView]; -} - -#pragma mark WebScripting Protocol - -+ (BOOL) isSelectorExcludedFromWebScript:(SEL)selector -{ - BOOL result = YES; - if (selector == @selector(notify:)) - result = NO; - if (selector == @selector(close:)) - result = NO; - - return result; -} - -+ (NSString*) webScriptNameForSelector:(SEL)selector -{ - id result = nil; - - if (selector == @selector(notify:)) { - result = @"notify"; - } - if (selector == @selector(close:)) { - result = @"close"; - } - - return result; -} - -// right now exclude all properties (eg keys) -+ (BOOL) isKeyExcludedFromWebScript:(const char*)name -{ - return YES; -} - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Path.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Path.h deleted file mode 100644 index f931340d..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Path.h +++ /dev/null @@ -1,21 +0,0 @@ -#import <Foundation/Foundation.h> - -@interface Path : NSObject { - -} - -- (NSString *) application; -- (NSString *) resource; -- (NSString *) documents; -- (NSString *) library; -- (NSString *) home; -- (NSString *) temp; - -@property (readonly,copy) NSString* application; -@property (readonly,copy) NSString* resource; -@property (readonly,copy) NSString* documents; -@property (readonly,copy) NSString* library; -@property (readonly,copy) NSString* home; -@property (readonly,copy) NSString* temp; - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Path.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Path.m deleted file mode 100644 index 8c54100f..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Path.m +++ /dev/null @@ -1,53 +0,0 @@ -#import "Path.h" - -@implementation Path - -@synthesize application; -@synthesize resource; -@synthesize documents; -@synthesize library; -@synthesize home; -@synthesize temp; - -- (NSString *)application { - return [[NSBundle mainBundle] bundlePath]; -} - -- (NSString *)resource { - return [[NSBundle mainBundle] resourcePath]; -} - -- (NSString *)documents { - NSArray *paths = NSSearchPathForDirectoriesInDomains(NSDocumentDirectory, NSUserDomainMask, YES); - return [paths objectAtIndex:0]; -} - -- (NSString *)library { - NSArray *paths = NSSearchPathForDirectoriesInDomains(NSLibraryDirectory, NSUserDomainMask, YES); - NSLog( @"%@", paths ); - return [paths objectAtIndex:0]; -} - -- (NSString *)home { - return NSHomeDirectory(); -} - -- (NSString *)temp { - return NSTemporaryDirectory(); -} - -#pragma mark WebScripting Protocol - -/* checks whether a selector is acceptable to be called from JavaScript */ -+ (BOOL) isSelectorExcludedFromWebScript:(SEL)selector -{ - return NO; -} - -// right now exclude all properties (eg keys) -+ (BOOL) isKeyExcludedFromWebScript:(const char*)name -{ - return NO; -} - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Sound.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Sound.h deleted file mode 100644 index 06707643..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Sound.h +++ /dev/null @@ -1,17 +0,0 @@ -#import <Cocoa/Cocoa.h> -#import "Command.h" -#import "CallbackDelegate.h" - - -@interface Sound : Command { - -} - -// pending callbacks for sounds being played, to keep -// ARC from freeing them too early -@property (nonatomic, strong) NSMutableSet *pending; - -- (void) play:(NSString*)file onComplete:(WebScriptObject*)callback; -- (void) playSystem:(NSString*)name onComplete:(WebScriptObject*)callback; - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Sound.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Sound.m deleted file mode 100644 index 9f4a44db..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/Sound.m +++ /dev/null @@ -1,97 +0,0 @@ -#import "Sound.h" - - -@interface PlayDelegate : CallbackDelegate <NSSoundDelegate> { -} - -@property (nonatomic, weak) Sound *sound; - -- (id) initWithContext:(JSContextRef)aContext - forCallback:(WebScriptObject*)aCallback - withSound:(Sound*)aSound; -@end - -@implementation PlayDelegate - -@synthesize sound; - -- (id) initWithContext:(JSContextRef)aContext - forCallback:(WebScriptObject*)aCallback - withSound:(Sound*)aSound -{ - self = [super initWithContext:aContext forCallback:aCallback]; - if (!self) - return nil; - sound = aSound; - return self; -} - -- (void)sound:(NSSound *)aSound didFinishPlaying:(BOOL)finishedPlaying { - [self callWithParams:[aSound name], nil]; - [sound.pending removeObject:self]; -} - -@end - -@implementation Sound - -@synthesize pending; - -- (id) initWithContext:(JSContextRef)aContext { - self = [super initWithContext:aContext]; - if (!self) { - return nil; - } - - pending = [NSMutableSet new]; - return self; -} - -- (void) playSound:(NSSound*)sound onComplete:(WebScriptObject*)callback { - if (callback != (id)[WebUndefined undefined]) { - PlayDelegate *d = [[PlayDelegate alloc] initWithContext:context - forCallback:callback - withSound:self]; - [pending addObject:d]; - [sound setDelegate:d]; - } - [sound play]; -} - -- (void) play:(NSString*)file onComplete:(WebScriptObject*)callback { - NSURL* fileUrl = [NSURL fileURLWithPath:[[Utils sharedInstance] pathForResource:file]]; - DebugNSLog(@"Sound file:%@", [fileUrl description]); - - NSSound* sound = [[NSSound alloc] initWithContentsOfURL:fileUrl byReference:YES]; - [self playSound:sound onComplete:callback]; -} - -- (void) playSystem:(NSString*)name onComplete:(WebScriptObject*)callback { - NSSound *systemSound = [NSSound soundNamed:name]; - [self playSound:systemSound onComplete:callback]; -} - -#pragma mark WebScripting Protocol - -+ (BOOL) isSelectorExcludedFromWebScript:(SEL)selector { - return [self webScriptNameForSelector:selector] == nil; -} - -+ (BOOL) isKeyExcludedFromWebScript:(const char*)name { - return YES; -} - -+ (NSString*) webScriptNameForSelector:(SEL)selector { - id result = nil; - - if (selector == @selector(play:onComplete:)) { - result = @"play"; - } - else if (selector == @selector(playSystem:onComplete:)) { - result = @"playSystem"; - } - - return result; -} - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/UserDefaults.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/UserDefaults.h deleted file mode 100644 index 269191b3..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/UserDefaults.h +++ /dev/null @@ -1,43 +0,0 @@ -// -// UserDefaults.h -// MacGap -// -// Created by Jeff Hanbury on 16/04/2014. -// Copyright (c) 2014 Twitter. All rights reserved. -// - -#import <Foundation/Foundation.h> - -#import "WindowController.h" - -@interface UserDefaults : NSObject - -@property (nonatomic, retain) WebView *webView; - -- (id) initWithWebView:(WebView *)view; -- (NSString*) getMyDefaults; -- (NSDictionary*) myDefaultsDictionary; -- (void) removeObjectForKey:(NSString*)key; -- (NSArray*) getUserDefaultsKeys; - -- (NSString*) addPrefix:(NSString*)key; - -- (void) setString:(NSString*)key withValue:(NSString*)value; -- (NSString*) getString:(NSString*)key; - -- (void) setInteger:(NSString*)key withValue:(NSString*)value; -- (NSNumber*) getInteger:(NSString*)key; - -- (void) setBool:(NSString*)key withValue:(NSString*)value; -- (NSNumber*) getBool:(NSString*)key; - -- (void) setFloat:(NSString*)key withValue:(NSString*)value; -- (NSNumber*) getFloat:(NSString*)key; - -// Could also be implemented: -//– setObject:forKey: -//– setDouble:forKey: -//– setURL:forKey: - -@end - diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/UserDefaults.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/UserDefaults.m deleted file mode 100644 index 48568710..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/UserDefaults.m +++ /dev/null @@ -1,211 +0,0 @@ -// -// UserDefaults.m -// MacGap -// -// Created by Jeff Hanbury on 16/04/2014. -// Copyright (c) 2014 Twitter. All rights reserved. -// - -#import "UserDefaults.h" -#import "JSEventHelper.h" - -@interface UserDefaults() { - -} - --(void) setupNotificationCenter; - -@end - - -@implementation UserDefaults - -- (id) initWithWebView:(WebView *) view{ - self = [super init]; - - if (self) { - self.webView = view; - [self setupNotificationCenter]; - } - - return self; -} - - --(void) setupNotificationCenter{ - [[NSNotificationCenter defaultCenter] addObserver:self - selector:@selector(defaultsChanged:) - name:NSUserDefaultsDidChangeNotification - object:nil]; -} - -- (void)defaultsChanged:(NSNotification *)notification { - NSDictionary* returnDict = [self myDefaultsDictionary]; - [JSEventHelper triggerEvent:@"userDefaultsChanged" withArgs:returnDict forWebView:self.webView]; -} - -- (NSString*) getMyDefaults { - NSDictionary* myDefaults = [self myDefaultsDictionary]; - - return [[Utils sharedInstance] convertDictionaryToJSON:myDefaults]; -} - -- (NSDictionary*) myDefaultsDictionary { - NSString* prefix = [kWebScriptNamespace stringByAppendingString:@"_"]; - NSMutableDictionary* returnDict = [[NSMutableDictionary alloc] init]; - - // Get the user defaults. - NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults]; - - // Build up a dictionary containing just the items beginning with our - // prefix. - for (NSString* key in [self getUserDefaultsKeys]) { - if ([key hasPrefix:prefix]) { - id val = [defaults valueForKey:key]; - [returnDict setObject:val forKey:key]; - } - } - - return returnDict; -} - -- (NSArray*) getUserDefaultsKeys { - NSUserDefaults *prefs = [NSUserDefaults standardUserDefaults]; - return [[prefs dictionaryRepresentation] allKeys]; -} - -- (void) removeObjectForKey:(NSString*)key { - NSString* prefixedKey; - prefixedKey = [self addPrefix:key]; - - [[NSUserDefaults standardUserDefaults] removeObjectForKey:prefixedKey]; - [[NSUserDefaults standardUserDefaults] synchronize]; -} - -// Check we have a standard prefix for JS-modified keys, for security purposes. -// If not, add it. This stops JavaScript from ever being able to modify keys -// it did not create. -- (NSString*) addPrefix:(NSString*)key { - NSString* prefix; - prefix = [kWebScriptNamespace stringByAppendingString:@"_"]; - - if (![key hasPrefix:prefix]) { - key = [prefix stringByAppendingString:key]; - } - return key; -} - -// String - -- (void) setString:(NSString*)key withValue:(NSString*)value { - NSUserDefaults *prefs = [NSUserDefaults standardUserDefaults]; - NSString* prefixedKey; - prefixedKey = [self addPrefix:key]; - [prefs setObject:value forKey:prefixedKey]; -} - -- (NSString*) getString:(NSString *)key { - NSUserDefaults *prefs = [NSUserDefaults standardUserDefaults]; - return [prefs stringForKey:key]; -} - -// All the following must convert their type to NSNumber for JavaScript. - -// Integer - -- (void) setInteger:(NSString*)key withValue:(NSString*)value { - NSString* prefixedKey; - prefixedKey = [self addPrefix:key]; - - NSUserDefaults *prefs = [NSUserDefaults standardUserDefaults]; - NSInteger myInt = [value intValue]; - [prefs setInteger:myInt forKey:prefixedKey]; -} - -- (NSNumber*) getInteger:(NSString *)key { - NSUserDefaults *prefs = [NSUserDefaults standardUserDefaults]; - return [NSNumber numberWithInteger:[prefs integerForKey:key]]; -} - -// Boolean - -- (void) setBool:(NSString*)key withValue:(NSString*)value { - NSString* prefixedKey; - prefixedKey = [self addPrefix:key]; - - NSUserDefaults *prefs = [NSUserDefaults standardUserDefaults]; - BOOL myBool = [value boolValue]; - [prefs setBool:myBool forKey:prefixedKey]; -} - -- (NSNumber*) getBool:(NSString *)key { - NSUserDefaults *prefs = [NSUserDefaults standardUserDefaults]; - return [NSNumber numberWithBool:[prefs boolForKey:key]]; -} - -// Float - -- (void) setFloat:(NSString*)key withValue:(NSString*)value { - NSString* prefixedKey; - prefixedKey = [self addPrefix:key]; - - NSUserDefaults *prefs = [NSUserDefaults standardUserDefaults]; - float myFloat = [value floatValue]; - [prefs setFloat:myFloat forKey:prefixedKey]; -} - -- (NSNumber*) getFloat:(NSString *)key { - NSUserDefaults *prefs = [NSUserDefaults standardUserDefaults]; - return [NSNumber numberWithFloat:[prefs floatForKey:key]]; -} - - -#pragma mark WebScripting Protocol - -+ (BOOL) isSelectorExcludedFromWebScript:(SEL)selector { - return NO; -} - -+ (NSString*) webScriptNameForSelector:(SEL)selector { - id result = nil; - - if (selector == @selector(getMyDefaults)) { - result = @"getMyDefaults"; - } - - if (selector == @selector(removeObjectForKey:)) { - result = @"removeObjectForKey"; - } - - else if (selector == @selector(setString:withValue:)) { - result = @"setString"; - } else if (selector == @selector(getString:)) { - result = @"getString"; - } - - else if (selector == @selector(setInteger:withValue:)) { - result = @"setInteger"; - } else if (selector == @selector(getInteger:)) { - result = @"getInteger"; - } - - else if (selector == @selector(setBool:withValue:)) { - result = @"setBool"; - } else if (selector == @selector(getBool:)) { - result = @"getBool"; - } - - else if (selector == @selector(setFloat:withValue:)) { - result = @"setFloat"; - } else if (selector == @selector(getFloat:)) { - result = @"getFloat"; - } - - return result; -} - -+ (BOOL) isKeyExcludedFromWebScript:(const char*)name { - return NO; -} - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/fonts.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/fonts.h deleted file mode 100644 index 62c7b7e8..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/fonts.h +++ /dev/null @@ -1,9 +0,0 @@ -@interface Fonts : NSObject { -} - -- (NSArray*) availableFonts; -- (NSArray*) availableFontFamilies; -- (NSArray*) availableMembersOfFontFamily:(NSString*)fontFamily; -- (CGFloat) defaultLineHeightForFont:(NSString *)theFontName ofSize:(CGFloat)theFontSize; - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/fonts.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/fonts.m deleted file mode 100644 index b17818a5..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Commands/fonts.m +++ /dev/null @@ -1,48 +0,0 @@ -#import "fonts.h" - -@implementation Fonts - - -- (NSArray*) availableFonts { - return [[NSFontManager sharedFontManager] availableFonts]; -} - -- (NSArray*) availableFontFamilies { - return [[NSFontManager sharedFontManager] availableFontFamilies]; -} - -- (NSArray*) availableMembersOfFontFamily:(NSString *)fontFamily { - return [[NSFontManager sharedFontManager] availableMembersOfFontFamily:fontFamily]; -} - -- (CGFloat) defaultLineHeightForFont:(NSString*)theFontName ofSize:(CGFloat)theFontSize { - NSFont *theFont = [NSFont fontWithName:theFontName size:theFontSize]; - NSLayoutManager *lm = [[NSLayoutManager alloc] init]; - - return [lm defaultLineHeightForFont:theFont]; -} - - -#pragma mark WebScripting Protocol - -+ (BOOL) isSelectorExcludedFromWebScript:(SEL)selector { - return NO; -} - -+ (NSString*) webScriptNameForSelector:(SEL)selector { - id result = nil; - - if (selector == @selector(availableMembersOfFontFamily:)) { - result = @"availableMembersOfFontFamily"; - } else if (selector == @selector(defaultLineHeightForFont:ofSize:)) { - result = @"defaultLineHeightForFont"; - } - - return result; -} - -+ (BOOL) isKeyExcludedFromWebScript:(const char*)name { - return NO; -} - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Constants.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Constants.h deleted file mode 100644 index 1fe59d6c..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Constants.h +++ /dev/null @@ -1,7 +0,0 @@ -// Application constants - -#define kStartPage @"http://127.0.0.1:9993/" - -#define kStartFolder @"." - -#define kWebScriptNamespace @"macgap"
\ No newline at end of file diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/ContentView.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/ContentView.h deleted file mode 100644 index 65890a5e..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/ContentView.h +++ /dev/null @@ -1,15 +0,0 @@ -#import <Cocoa/Cocoa.h> -#import <WebKit/WebKit.h> - -@class WebViewDelegate; - -@interface ContentView : NSView { - IBOutlet WebView* webView; - WebViewDelegate* delegate; -} - -@property (retain) WebView* webView; -@property (retain) WebViewDelegate* delegate; -@property (strong) IBOutlet NSMenu *mainMenu; - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/ContentView.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/ContentView.m deleted file mode 100644 index 6558a191..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/ContentView.m +++ /dev/null @@ -1,68 +0,0 @@ -#import "ContentView.h" -#import "WebViewDelegate.h" -#import "AppDelegate.h" -#import "JSEventHelper.h" - -@interface WebPreferences (WebPreferencesPrivate) - - (void)_setLocalStorageDatabasePath:(NSString *)path; - - (void) setLocalStorageEnabled: (BOOL) localStorageEnabled; - - (void) setDatabasesEnabled:(BOOL)databasesEnabled; - - (void) setDeveloperExtrasEnabled:(BOOL)developerExtrasEnabled; - - (void) setWebGLEnabled:(BOOL)webGLEnabled; - - (void) setOfflineWebApplicationCacheEnabled:(BOOL)offlineWebApplicationCacheEnabled; -@end - -@implementation ContentView - -@synthesize webView, delegate, mainMenu; - -- (void) awakeFromNib -{ - WebPreferences *webPrefs = [WebPreferences standardPreferences]; - - NSString *cappBundleName = [[[NSBundle mainBundle] infoDictionary] objectForKey:@"CFBundleName"]; - NSString *applicationSupportFile = [@"~/Library/Application Support/" stringByExpandingTildeInPath]; - NSString *savePath = [NSString pathWithComponents:[NSArray arrayWithObjects:applicationSupportFile, cappBundleName, @"LocalStorage", nil]]; - [webPrefs _setLocalStorageDatabasePath:savePath]; - [webPrefs setLocalStorageEnabled:YES]; - [webPrefs setDatabasesEnabled:YES]; - [webPrefs setDeveloperExtrasEnabled:[[NSUserDefaults standardUserDefaults] boolForKey: @"developer"]]; - [webPrefs setOfflineWebApplicationCacheEnabled:YES]; - [webPrefs setWebGLEnabled:YES]; - - [self.webView setPreferences:webPrefs]; - - NSHTTPCookieStorage *cookieStorage = [NSHTTPCookieStorage - sharedHTTPCookieStorage]; - [cookieStorage setCookieAcceptPolicy:NSHTTPCookieAcceptPolicyAlways]; - - [self.webView setApplicationNameForUserAgent: @"MacGap"]; - - self.delegate = [[WebViewDelegate alloc] initWithMenu:[NSApp mainMenu]]; -// [self.webView setFrameLoadDelegate:self.delegate]; -// [self.webView setUIDelegate:self.delegate]; -// [self.webView setResourceLoadDelegate:self.delegate]; -// [self.webView setDownloadDelegate:self.delegate]; -// [self.webView setPolicyDelegate:self.delegate]; - [self.webView setDrawsBackground:NO]; - [self.webView setShouldCloseWithWindow:NO]; - - [self.webView setGroupName:@"MacGap"]; - -} - -- (void) windowResized:(NSNotification*)notification; -{ - NSWindow* window = (NSWindow*)notification.object; - NSSize size = [window frame].size; - - DebugNSLog(@"window width = %f, window height = %f", size.width, size.height); - - bool isFullScreen = (window.styleMask & NSFullScreenWindowMask) == NSFullScreenWindowMask; - int titleBarHeight = isFullScreen ? 0 : [[Utils sharedInstance] titleBarHeight:window]; - - [self.webView setFrame:NSMakeRect(0, 0, size.width, size.height - titleBarHeight)]; - [JSEventHelper triggerEvent:@"orientationchange" forWebView:self.webView]; -} - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/JSEventHelper.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/JSEventHelper.h deleted file mode 100644 index 401f3e39..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/JSEventHelper.h +++ /dev/null @@ -1,20 +0,0 @@ -// -// Helper.h -// MacGap -// -// Created by Liam Kaufman Simpkins on 12-01-22. -// Copyright (c) 2012 Twitter. All rights reserved. -// - -#import <Foundation/Foundation.h> -#import "WindowController.h" - -@interface JSEventHelper : NSObject - -+ (void) triggerEvent:(NSString *)event forWebView:(WebView *)webView; -+ (void) triggerEvent:(NSString *)event withArgs:(NSDictionary *)args forWebView:(WebView *)webView; -+ (void) triggerEvent:(NSString *)event withArgs:(NSDictionary *)args forObject:(NSString *)objName forWebView:(WebView *)webView; -+ (void) triggerEvent:(NSString *)event forDetail:(NSString *)detail forWebView:(WebView *)webView; -+ (void) triggerEvent:(NSString *)event forDetail:(NSString *)detail forObject:(NSString *)objName forWebView:(WebView *)webView; - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/JSEventHelper.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/JSEventHelper.m deleted file mode 100644 index 65406b3c..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/JSEventHelper.m +++ /dev/null @@ -1,41 +0,0 @@ -// -// Helper.m -// MacGap -// -// Created by Liam Kaufman Simpkins on 12-01-22. -// Copyright (c) 2012 Twitter. All rights reserved. -// - -#import "JSEventHelper.h" - -@implementation JSEventHelper - -+ (void) triggerEvent:(NSString *)event forWebView:(WebView *)webView { - [self triggerEvent:event withArgs:[NSMutableDictionary dictionary] forObject:@"document" forWebView:webView]; -} - -+ (void) triggerEvent:(NSString *)event withArgs:(NSDictionary *)args forWebView:(WebView *)webView { - [self triggerEvent:event withArgs:args forObject:@"document" forWebView:webView]; -} - -+ (void) triggerEvent:(NSString *)event withArgs:(NSDictionary *)args forObject:(NSString *)objName forWebView:(WebView *)webView { - - // Convert args Dictionary to JSON. - NSString* jsonString = [[Utils sharedInstance] convertDictionaryToJSON:args]; - - // Create the event JavaScript and run it. - NSString * str = [NSString stringWithFormat:@"var e = document.createEvent('Events'); e.initEvent('%@', true, false); e.data=%@; %@.dispatchEvent(e); ", event, jsonString, objName]; - [webView stringByEvaluatingJavaScriptFromString:str]; -} - -+ (void) triggerEvent:(NSString *)event forDetail:(NSString *)detail forWebView:(WebView *)webView { - [self triggerEvent:event forDetail:detail forObject:@"document" forWebView:webView]; -} - -+ (void) triggerEvent:(NSString *)event forDetail:(NSString *)detail forObject:(NSString *)objName forWebView:(WebView *)webView { - NSString *detailEscaped = [detail stringByAddingPercentEscapesUsingEncoding: NSUTF8StringEncoding]; - NSString *str = [NSString stringWithFormat:@"var e = new CustomEvent('%@', { 'detail': decodeURIComponent(\"%@\") }); %@.dispatchEvent(e); ", event, detailEscaped, objName]; - [webView stringByEvaluatingJavaScriptFromString:str]; -} - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Utils.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Utils.h deleted file mode 100644 index f573d881..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Utils.h +++ /dev/null @@ -1,20 +0,0 @@ -#import <Foundation/Foundation.h> -#import <Webkit/WebScriptObject.h> - -#define DEG_EPS 0.001 -#define fequal(a,b) (fabs((a) - (b)) < DEG_EPS) -#define fequalzero(a) (fabs(a) < DEG_EPS) - -@class LoadingView; - -@interface Utils : NSObject { -} - -- (float) titleBarHeight:(NSWindow*)aWindow; -- (NSString*) pathForResource:(NSString*)resourcepath; -- (NSString*) convertDictionaryToJSON:(NSDictionary*)dict; -- (NSArray*) convertJSarrayToNSArray:(WebScriptObject*)jsArray; - -+ (Utils*) sharedInstance; - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Utils.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Utils.m deleted file mode 100644 index 8d85c294..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Utils.m +++ /dev/null @@ -1,93 +0,0 @@ -#import "Utils.h" -#import <Webkit/WebScriptObject.h> - -static Utils* sharedInstance = nil; - -@implementation Utils - -- (float) titleBarHeight:(NSWindow*)aWindow -{ - NSRect frame = [aWindow frame]; - NSRect contentRect = [NSWindow contentRectForFrameRect: frame - styleMask: NSTitledWindowMask]; - - return (frame.size.height - contentRect.size.height); -} - -- (NSString*) pathForResource:(NSString*)resourcepath -{ - NSBundle * mainBundle = [NSBundle mainBundle]; - NSMutableArray *directoryParts = [NSMutableArray arrayWithArray:[resourcepath componentsSeparatedByString:@"/"]]; - NSString *filename = [directoryParts lastObject]; - [directoryParts removeLastObject]; - - NSString *directoryStr = [NSString stringWithFormat:@"%@/%@", kStartFolder, [directoryParts componentsJoinedByString:@"/"]]; - return [mainBundle pathForResource:filename - ofType:@"" - inDirectory:directoryStr]; -} - -- (NSString*) convertDictionaryToJSON:(NSDictionary*)dict { - // Convert defaults Dictionary to JSON. - NSError *error; - NSData *jsonData = [NSJSONSerialization - dataWithJSONObject:dict - options:NSJSONWritingPrettyPrinted // Pass 0 if you don't care about the readability of the generated string - error:&error]; - - NSString *jsonString; - if (! jsonData) { - NSLog(@"Got an error converting to JSON: %@", error); - } - else { - jsonString = [[NSString alloc] initWithData:jsonData encoding:NSUTF8StringEncoding]; - } - - return jsonString; -} - -// Convert JavaScript array (arrives as a WebScriptObject) into an NSArray of strings. -- (NSArray*) convertJSarrayToNSArray:(WebScriptObject*)jsArray { - NSInteger count = [[jsArray valueForKey:@"length"] integerValue]; - - NSMutableArray *args = [NSMutableArray array]; - for (int i = 0; i < count; i++) { - NSString *item = [jsArray webScriptValueAtIndex:i]; - if ([item isKindOfClass:[NSString class]]) { - [args addObject:item]; - } - } - - return args; -} - -#pragma mark - -#pragma mark Singleton methods - -+ (Utils*) sharedInstance -{ - @synchronized(self) - { - if (sharedInstance == nil){ - sharedInstance = [[Utils alloc] init]; - } - } - return sharedInstance; -} - -+ (id) allocWithZone:(NSZone *)zone { - @synchronized(self) { - if (sharedInstance == nil) { - sharedInstance = [super allocWithZone:zone]; - return sharedInstance; // assignment and return on first allocation - } - } - return nil; // on subsequent allocation attempts return nil -} - -- (id) copyWithZone:(NSZone *)zone -{ - return self; -} - -@end
\ No newline at end of file diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/WebViewDelegate.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/WebViewDelegate.h deleted file mode 100644 index 49c6da6b..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/WebViewDelegate.h +++ /dev/null @@ -1,49 +0,0 @@ -#import <Cocoa/Cocoa.h> -#import <WebKit/WebKit.h> - -@class Sound; -@class Dock; -@class Growl; -@class Notice; -@class Path; -@class App; -@class Window; -@class Clipboard; -@class Fonts; -@class MenuProxy; -@class UserDefaults; - -@class WindowController; - -@interface WebViewDelegate : NSObject { - Sound* sound; - Dock* dock; - Growl* growl; - Notice* notice; - Path* path; - App* app; - Window* window; - Clipboard* clipboard; - Fonts* fonts; - NSMenu *mainMenu; - UserDefaults* userDefaults; -} - - - -@property (nonatomic, retain) Sound* sound; -@property (nonatomic, retain) Dock* dock; -@property (nonatomic, retain) Growl* growl; -@property (nonatomic, retain) Notice* notice; -@property (nonatomic, retain) Path* path; -@property (nonatomic, retain) App* app; -@property (nonatomic, retain) Window* window; -@property (nonatomic, retain) Clipboard* clipboard; -@property (nonatomic, retain) Fonts* fonts; -@property (nonatomic, retain) MenuProxy* menu; -@property (nonatomic, retain) UserDefaults* userDefaults; - -@property (nonatomic, retain) WindowController *requestedWindow; - -- (id) initWithMenu:(NSMenu*)menu; -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/WebViewDelegate.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/WebViewDelegate.m deleted file mode 100644 index 50578018..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/WebViewDelegate.m +++ /dev/null @@ -1,206 +0,0 @@ -#import "WebViewDelegate.h" -#import "Sound.h" -#import "Dock.h" -#import "Notice.h" -#import "Path.h" -#import "App.h" -#import "Window.h" -#import "WindowController.h" -#import "Clipboard.h" -#import "Fonts.h" -#import "MenuProxy.h" -#import "UserDefaults.h" - -@implementation WebViewDelegate - -@synthesize sound; -@synthesize dock; -@synthesize growl; -@synthesize notice; -@synthesize path; -@synthesize app; -@synthesize window; -@synthesize requestedWindow; -@synthesize clipboard; -@synthesize fonts; -@synthesize menu; -@synthesize userDefaults; - -- (id) initWithMenu:(NSMenu*)aMenu -{ - self = [super init]; - if (!self) - return nil; - - mainMenu = aMenu; - return self; -} - -- (void) webView:(WebView*)webView didClearWindowObject:(WebScriptObject*)windowScriptObject forFrame:(WebFrame *)frame -{ - JSContextRef context = [frame globalContext]; - if (self.sound == nil) { self.sound = [[Sound alloc] initWithContext:context]; } - if (self.dock == nil) { self.dock = [Dock new]; } - if (self.path == nil) { self.path = [Path new]; } - if (self.clipboard == nil) { self.clipboard = [Clipboard new]; } - if (self.fonts == nil) { self.fonts = [Fonts new]; } - - if (self.notice == nil && [Notice available] == YES) { - self.notice = [[Notice alloc] initWithWebView:webView]; - } - - if (self.app == nil) { - self.app = [[App alloc] initWithWebView:webView]; - } - - if (self.window == nil) { - self.window = [[Window alloc] initWithWebView:webView]; - } - - if (self.menu == nil) { - self.menu = [MenuProxy proxyWithContext:context andMenu:mainMenu]; - } - - if (self.userDefaults == nil) { - self.userDefaults = [[UserDefaults alloc] initWithWebView:webView]; - } - - [windowScriptObject setValue:self forKey:kWebScriptNamespace]; -} - - -- (void)webView:(WebView *)sender runOpenPanelForFileButtonWithResultListener:(id < WebOpenPanelResultListener >)resultListener allowMultipleFiles:(BOOL)allowMultipleFiles{ - - NSOpenPanel * openDlg = [NSOpenPanel openPanel]; - - [openDlg setCanChooseFiles:YES]; - [openDlg setCanChooseDirectories:NO]; - - [openDlg beginWithCompletionHandler:^(NSInteger result){ - if (result == NSFileHandlingPanelOKButton) { - NSArray * files = [[openDlg URLs] valueForKey: @"relativePath"]; - [resultListener chooseFilenames: files]; - } else { - [resultListener cancel]; - } - }]; -} - -- (void) webView:(WebView*)webView addMessageToConsole:(NSDictionary*)message -{ - if (![message isKindOfClass:[NSDictionary class]]) { - return; - } - - NSLog(@"JavaScript console: %@:%@: %@", - [[message objectForKey:@"sourceURL"] lastPathComponent], // could be nil - [message objectForKey:@"lineNumber"], - [message objectForKey:@"message"]); -} - -- (void)webView:(WebView *)sender runJavaScriptAlertPanelWithMessage:(NSString *)message initiatedByFrame:(WebFrame *)frame -{ - NSAlert *alert = [[NSAlert alloc] init]; - [alert addButtonWithTitle:@"OK"]; - [alert setMessageText:message]; - [alert setAlertStyle:NSWarningAlertStyle]; - [alert runModal]; -} - -- (BOOL)webView:(WebView *)sender runJavaScriptConfirmPanelWithMessage:(NSString *)message initiatedByFrame:(WebFrame *)frame -{ - NSAlert *alert = [[NSAlert alloc] init]; - [alert addButtonWithTitle:@"Yes"]; - [alert addButtonWithTitle:@"No"]; - [alert setMessageText:message]; - [alert setAlertStyle:NSWarningAlertStyle]; - - if ([alert runModal] == NSAlertFirstButtonReturn) - return YES; - else - return NO; -} - -/* - By default the size of a database is set to 0 [1]. When a database is being created - it calls this delegate method to get an increase in quota size - or call an error. - PS this method is defined in WebUIDelegatePrivate and may make it difficult, but - not impossible [2], to get an app accepted into the mac app store. - - Further reading: - [1] http://stackoverflow.com/questions/353808/implementing-a-webview-database-quota-delegate - [2] http://stackoverflow.com/questions/4527905/how-do-i-enable-local-storage-in-my-webkit-based-application/4608549#4608549 - */ -- (void)webView:(WebView *)sender frame:(WebFrame *)frame exceededDatabaseQuotaForSecurityOrigin:(id) origin database:(NSString *)databaseIdentifier -{ - static const unsigned long long defaultQuota = 5 * 1024 * 1024; - if ([origin respondsToSelector: @selector(setQuota:)]) { - [origin performSelector:@selector(setQuota:) withObject:[NSNumber numberWithLongLong: defaultQuota]]; - } else { - NSLog(@"could not increase quota for %lld", defaultQuota); - } -} - -- (NSArray *)webView:(WebView *)sender contextMenuItemsForElement:(NSDictionary *)element defaultMenuItems:(NSArray *)defaultMenuItems -{ - NSMutableArray *webViewMenuItems = [defaultMenuItems mutableCopy]; - - if (webViewMenuItems) - { - NSEnumerator *itemEnumerator = [defaultMenuItems objectEnumerator]; - NSMenuItem *menuItem = nil; - while ((menuItem = [itemEnumerator nextObject])) - { - NSInteger tag = [menuItem tag]; - - switch (tag) - { - case WebMenuItemTagOpenLinkInNewWindow: - case WebMenuItemTagDownloadLinkToDisk: - case WebMenuItemTagCopyLinkToClipboard: - case WebMenuItemTagOpenImageInNewWindow: - case WebMenuItemTagDownloadImageToDisk: - case WebMenuItemTagCopyImageToClipboard: - case WebMenuItemTagOpenFrameInNewWindow: - case WebMenuItemTagGoBack: - case WebMenuItemTagGoForward: - case WebMenuItemTagStop: - case WebMenuItemTagOpenWithDefaultApplication: - case WebMenuItemTagReload: - [webViewMenuItems removeObjectIdenticalTo: menuItem]; - } - } - } - - return webViewMenuItems; -} - -- (WebView *)webView:(WebView *)sender createWebViewWithRequest:(NSURLRequest *)request{ - requestedWindow = [[WindowController alloc] initWithRequest:request]; - return requestedWindow.contentView.webView; -} - -- (void)webViewShow:(WebView *)sender{ - [requestedWindow showWindow:sender]; -} - -- (void)webView:(WebView *)webView decidePolicyForNewWindowAction:(NSDictionary *)actionInformation request:(NSURLRequest *)request newFrameName:(NSString *)frameName decisionListener:(id < WebPolicyDecisionListener >)listener -{ - [[NSWorkspace sharedWorkspace] openURL:[request URL]]; - [listener ignore]; -} - -#pragma mark WebScripting protocol - -+ (BOOL) isSelectorExcludedFromWebScript:(SEL)selector -{ - return YES; -} - -+ (BOOL) isKeyExcludedFromWebScript:(const char*)name -{ - return NO; -} - - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Window.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Window.h deleted file mode 100644 index f721376e..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Window.h +++ /dev/null @@ -1,23 +0,0 @@ -#import <Foundation/Foundation.h> - -#import "WindowController.h" - -@interface Window : NSObject{ - CGRect _oldRestoreFrame; -} - -@property (retain, nonatomic) WindowController *windowController; -@property (nonatomic, retain) WebView *webView; - -- (id) initWithWebView:(WebView *)view; -- (void) open:(NSDictionary *)properties; -- (void) move:(NSDictionary *)properties; -- (void) resize:(NSDictionary *) properties; -- (Boolean) isMaximized; -- (CGFloat) getX; -- (CGFloat) getY; -- (void) maximize; -- (void) restore; -- (void) toggleFullscreen; - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Window.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Window.m deleted file mode 100644 index 2444f62e..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Classes/Window.m +++ /dev/null @@ -1,94 +0,0 @@ -#import "Window.h" - -@implementation Window - -@synthesize windowController, webView; - -- (id) initWithWebView:(WebView*)view -{ - if(self = [super init]) { - self.webView = view; - } - return self; -} - -- (void) open:(NSDictionary *)properties -{ - self.windowController = [[WindowController alloc] initWithURL:[properties valueForKey:@"url"]]; - [self.windowController showWindow: [NSApplication sharedApplication].delegate]; - [self.windowController.window makeKeyWindow]; -} - -- (void) minimize { - [[NSApp mainWindow] miniaturize:[NSApp mainWindow]]; -} - -- (void) toggleFullscreen { - [[NSApp mainWindow] toggleFullScreen:[NSApp mainWindow]]; -} - -- (void) maximize { - CGRect a = [NSApp mainWindow].frame; - _oldRestoreFrame = CGRectMake(a.origin.x, a.origin.y, a.size.width, a.size.height); - [[NSApp mainWindow] setFrame:[[NSScreen mainScreen] visibleFrame] display:YES]; -} - -- (Boolean) isMaximized { - NSRect a = [NSApp mainWindow].frame; - NSRect b = [[NSScreen mainScreen] visibleFrame]; - return a.origin.x == b.origin.x && a.origin.y == b.origin.y && a.size.width == b.size.width && a.size.height == b.size.height; -} - -- (CGFloat) getX { - NSRect frame = [self.webView window].frame; - return frame.origin.x; -} - -- (CGFloat) getY { - NSRect frame = [self.webView window].frame; - return frame.origin.y; -} - -- (void) move:(NSDictionary *)properties -{ - NSRect frame = [self.webView window].frame; - frame.origin.x = [[properties valueForKey:@"x"] doubleValue]; - frame.origin.y = [[properties valueForKey:@"y"] doubleValue]; - [[self.webView window] setFrame:frame display:YES]; - -} - -- (void) resize:(NSDictionary *) properties -{ - NSRect frame = [self.webView window].frame; - frame.size.width = [[properties valueForKey:@"width"] doubleValue]; - frame.size.height = [[properties valueForKey:@"height"] doubleValue]; - [[self.webView window] setFrame:frame display:YES]; -} - - -+ (BOOL) isSelectorExcludedFromWebScript:(SEL)selector -{ - return NO; -} - -+ (NSString*) webScriptNameForSelector:(SEL)selector{ - id result = nil; - - if (selector == @selector(open:)) { - result = @"open"; - }else if (selector == @selector(move:)){ - result = @"move"; - }else if (selector == @selector(resize:)){ - result = @"resize"; - } - - return result; -} - -+ (BOOL) isKeyExcludedFromWebScript:(const char*)name -{ - return YES; -} - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Clipboard.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Clipboard.h deleted file mode 100644 index 6c1a2f51..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Clipboard.h +++ /dev/null @@ -1,10 +0,0 @@ -#import <Foundation/Foundation.h> - -@interface Clipboard : NSObject { - -} - -- (void) copy:(NSString*)text; -- (NSString *) paste; - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Clipboard.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Clipboard.m deleted file mode 100644 index 1c18dea3..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/Clipboard.m +++ /dev/null @@ -1,51 +0,0 @@ -// -// clipboard.m -// MacGap -// -// Created by David Zorychta on 2013-07-22. -// Copyright (c) 2013 Twitter. All rights reserved. -// - -#import "Clipboard.h" - -@implementation Clipboard - -- (void) copy:(NSString*)text { - [[NSPasteboard generalPasteboard] clearContents]; - [[NSPasteboard generalPasteboard] setString:text forType:NSStringPboardType]; -} - -- (NSString *) paste { - NSPasteboard *pasteboard = [NSPasteboard generalPasteboard]; - NSArray *classArray = [NSArray arrayWithObject:[NSString class]]; - NSDictionary *options = [NSDictionary dictionary]; - BOOL ok = [pasteboard canReadObjectForClasses:classArray options:options]; - if (ok) { - NSArray *objectsToPaste = [pasteboard readObjectsForClasses:classArray options:options]; - return (NSString *) [objectsToPaste objectAtIndex:0]; - } - return @""; -} - -+ (NSString*) webScriptNameForSelector:(SEL)selector -{ - id result = nil; - - if (selector == @selector(copy:)) { - result = @"copy"; - } - - return result; -} - -+ (BOOL) isSelectorExcludedFromWebScript:(SEL)selector -{ - return NO; -} - -+ (BOOL) isKeyExcludedFromWebScript:(const char*)name -{ - return YES; -} - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/MacGap-Prefix.pch b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/MacGap-Prefix.pch deleted file mode 100644 index ad05e842..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/MacGap-Prefix.pch +++ /dev/null @@ -1,15 +0,0 @@ -// -// Prefix header for all source files of the 'MacGap' target in the 'MacGap' project -// - -#ifdef __OBJC__ - #ifdef _DEBUG - #define DebugNSLog(format, ...) NSLog(format, ## __VA_ARGS__) - #else - #define DebugNSLog(format, ...) - #endif - - #import <Cocoa/Cocoa.h> - #import "Constants.h" - #import "Utils.h" -#endif diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/WindowController.h b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/WindowController.h deleted file mode 100644 index 72927eff..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/WindowController.h +++ /dev/null @@ -1,13 +0,0 @@ -#import <Cocoa/Cocoa.h> -#import "ContentView.h" - -@interface WindowController : NSWindowController { - -} - -- (id) initWithURL:(NSString *) url; -- (id) initWithRequest: (NSURLRequest *)request; -@property (retain) NSURL * url; -@property (retain) IBOutlet ContentView *contentView; - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/WindowController.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/WindowController.m deleted file mode 100644 index 2765a2e3..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/WindowController.m +++ /dev/null @@ -1,54 +0,0 @@ -#import "WindowController.h" - - -@interface WindowController() { - -} - --(void) notificationCenter; - -@end - -@implementation WindowController - -@synthesize contentView, url; - -- (id) initWithURL:(NSString *) relativeURL{ - self = [super initWithWindowNibName:@"Window"]; - self.url = [NSURL URLWithString:relativeURL relativeToURL:[[NSBundle mainBundle] resourceURL]]; - - [self.window setFrameAutosaveName:@"MacGapWindow"]; - [self notificationCenter]; - - return self; -} - --(id) initWithRequest: (NSURLRequest *)request{ - self = [super initWithWindowNibName:@"Window"]; - [self notificationCenter]; - [[self.contentView.webView mainFrame] loadRequest:request]; - - return self; -} - --(void) notificationCenter{ - [[NSNotificationCenter defaultCenter] addObserver:self.contentView - selector:@selector(windowResized:) - name:NSWindowDidResizeNotification - object:[self window]]; -} - -- (void)windowDidLoad -{ - [super windowDidLoad]; - - if (self.url != nil) { - [self.contentView.webView setMainFrameURL:[self.url absoluteString]]; - } - - - // Implement this method to handle any initialization after your - // window controller's window has been loaded from its nib file. -} - -@end diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/en.lproj/Credits.rtf b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/en.lproj/Credits.rtf deleted file mode 100644 index 6f388f66..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/en.lproj/Credits.rtf +++ /dev/null @@ -1,13 +0,0 @@ -{\rtf1\ansi\ansicpg1252\cocoartf1347\cocoasubrtf570 -{\fonttbl\f0\fswiss\fcharset0 Helvetica;} -{\colortbl;\red255\green255\blue255;} -\vieww9600\viewh8400\viewkind0 -\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720 - -\f0\b\fs24 \cf0 (c)2011-2015 ZeroTier, Inc.\ -Licensed under the GNU GPLv3\ -\ -UI Wrapper MacGap (c) Twitter, Inc.\ -Licensed under the MIT License\ -http://macgap.com/\ -}
\ No newline at end of file diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/en.lproj/InfoPlist.strings b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/en.lproj/InfoPlist.strings deleted file mode 100644 index 477b28ff..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/en.lproj/InfoPlist.strings +++ /dev/null @@ -1,2 +0,0 @@ -/* Localized versions of Info.plist keys */ - diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/en.lproj/MainMenu.xib b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/en.lproj/MainMenu.xib deleted file mode 100644 index dd67a86a..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/en.lproj/MainMenu.xib +++ /dev/null @@ -1,3404 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<archive type="com.apple.InterfaceBuilder3.Cocoa.XIB" version="8.00"> - <data> - <int key="IBDocument.SystemTarget">1070</int> - <string key="IBDocument.SystemVersion">14D136</string> - <string key="IBDocument.InterfaceBuilderVersion">7702</string> - <string key="IBDocument.AppKitVersion">1347.57</string> - <string key="IBDocument.HIToolboxVersion">758.70</string> - <object class="NSMutableDictionary" key="IBDocument.PluginVersions"> - <string key="NS.key.0">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="NS.object.0">7702</string> - </object> - <array key="IBDocument.IntegratedClassDependencies"> - <string>NSCustomObject</string> - <string>NSMenu</string> - <string>NSMenuItem</string> - </array> - <array key="IBDocument.PluginDependencies"> - <string>com.apple.InterfaceBuilder.CocoaPlugin</string> - </array> - <object class="NSMutableDictionary" key="IBDocument.Metadata"> - <string key="NS.key.0">PluginDependencyRecalculationVersion</string> - <integer value="1" key="NS.object.0"/> - </object> - <array class="NSMutableArray" key="IBDocument.RootObjects" id="1048"> - <object class="NSCustomObject" id="1021"> - <string key="NSClassName">NSApplication</string> - </object> - <object class="NSCustomObject" id="1014"> - <string key="NSClassName">FirstResponder</string> - </object> - <object class="NSCustomObject" id="1050"> - <string key="NSClassName">NSApplication</string> - </object> - <object class="NSCustomObject" id="976324537"> - <string key="NSClassName">AppDelegate</string> - </object> - <object class="NSMenu" id="649796088"> - <string key="NSTitle">AMainMenu</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="694149608"> - <reference key="NSMenu" ref="649796088"/> - <string key="NSTitle">ZeroTier One</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <object class="NSCustomResource" key="NSOnImage" id="35465992"> - <string key="NSClassName">NSImage</string> - <string key="NSResourceName">NSMenuCheckmark</string> - </object> - <object class="NSCustomResource" key="NSMixedImage" id="502551668"> - <string key="NSClassName">NSImage</string> - <string key="NSResourceName">NSMenuMixedState</string> - </object> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="110575045"/> - <object class="NSMenu" key="NSSubmenu" id="110575045"> - <string key="NSTitle">ZeroTier One</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="238522557"> - <reference key="NSMenu" ref="110575045"/> - <string key="NSTitle">About ZeroTier One</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="304266470"> - <reference key="NSMenu" ref="110575045"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="609285721"> - <reference key="NSMenu" ref="110575045"/> - <string key="NSTitle">Preferences…</string> - <string key="NSKeyEquiv">,</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="481834944"> - <reference key="NSMenu" ref="110575045"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="1046388886"> - <reference key="NSMenu" ref="110575045"/> - <string key="NSTitle">Services</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="752062318"/> - <object class="NSMenu" key="NSSubmenu" id="752062318"> - <string key="NSTitle">Services</string> - <array class="NSMutableArray" key="NSMenuItems"/> - <string key="NSName">_NSServicesMenu</string> - </object> - </object> - <object class="NSMenuItem" id="646227648"> - <reference key="NSMenu" ref="110575045"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="755159360"> - <reference key="NSMenu" ref="110575045"/> - <string key="NSTitle">Hide ZeroTier One</string> - <string key="NSKeyEquiv">h</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="342932134"> - <reference key="NSMenu" ref="110575045"/> - <string key="NSTitle">Hide Others</string> - <string key="NSKeyEquiv">h</string> - <int key="NSKeyEquivModMask">1572864</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="908899353"> - <reference key="NSMenu" ref="110575045"/> - <string key="NSTitle">Show All</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="1056857174"> - <reference key="NSMenu" ref="110575045"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="632727374"> - <reference key="NSMenu" ref="110575045"/> - <string key="NSTitle">Quit ZeroTier One</string> - <string key="NSKeyEquiv">q</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - </array> - <string key="NSName">_NSAppleMenu</string> - </object> - </object> - <object class="NSMenuItem" id="379814623"> - <reference key="NSMenu" ref="649796088"/> - <string key="NSTitle">File</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="720053764"/> - <object class="NSMenu" key="NSSubmenu" id="720053764"> - <string key="NSTitle">File</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="705341025"> - <reference key="NSMenu" ref="720053764"/> - <string key="NSTitle">New</string> - <string key="NSKeyEquiv">n</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="722745758"> - <reference key="NSMenu" ref="720053764"/> - <string key="NSTitle">Open…</string> - <string key="NSKeyEquiv">o</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="1025936716"> - <reference key="NSMenu" ref="720053764"/> - <string key="NSTitle">Open Recent</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="1065607017"/> - <object class="NSMenu" key="NSSubmenu" id="1065607017"> - <string key="NSTitle">Open Recent</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="759406840"> - <reference key="NSMenu" ref="1065607017"/> - <string key="NSTitle">Clear Menu</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - </array> - <string key="NSName">_NSRecentDocumentsMenu</string> - </object> - </object> - <object class="NSMenuItem" id="425164168"> - <reference key="NSMenu" ref="720053764"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="776162233"> - <reference key="NSMenu" ref="720053764"/> - <string key="NSTitle">Close</string> - <string key="NSKeyEquiv">w</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="1023925487"> - <reference key="NSMenu" ref="720053764"/> - <string key="NSTitle">Save…</string> - <string key="NSKeyEquiv">s</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="579971712"> - <reference key="NSMenu" ref="720053764"/> - <string key="NSTitle">Revert to Saved</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="1010469920"> - <reference key="NSMenu" ref="720053764"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="294629803"> - <reference key="NSMenu" ref="720053764"/> - <string key="NSTitle">Page Setup...</string> - <string key="NSKeyEquiv">P</string> - <int key="NSKeyEquivModMask">1179648</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSToolTip"/> - </object> - <object class="NSMenuItem" id="49223823"> - <reference key="NSMenu" ref="720053764"/> - <string key="NSTitle">Print…</string> - <string key="NSKeyEquiv">p</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - </array> - </object> - </object> - <object class="NSMenuItem" id="952259628"> - <reference key="NSMenu" ref="649796088"/> - <string key="NSTitle">Edit</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="789758025"/> - <object class="NSMenu" key="NSSubmenu" id="789758025"> - <string key="NSTitle">Edit</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="1058277027"> - <reference key="NSMenu" ref="789758025"/> - <string key="NSTitle">Undo</string> - <string key="NSKeyEquiv">z</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="790794224"> - <reference key="NSMenu" ref="789758025"/> - <string key="NSTitle">Redo</string> - <string key="NSKeyEquiv">Z</string> - <int key="NSKeyEquivModMask">1179648</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="1040322652"> - <reference key="NSMenu" ref="789758025"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="296257095"> - <reference key="NSMenu" ref="789758025"/> - <string key="NSTitle">Cut</string> - <string key="NSKeyEquiv">x</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="860595796"> - <reference key="NSMenu" ref="789758025"/> - <string key="NSTitle">Copy</string> - <string key="NSKeyEquiv">c</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="29853731"> - <reference key="NSMenu" ref="789758025"/> - <string key="NSTitle">Paste</string> - <string key="NSKeyEquiv">v</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="82994268"> - <reference key="NSMenu" ref="789758025"/> - <string key="NSTitle">Paste and Match Style</string> - <string key="NSKeyEquiv">V</string> - <int key="NSKeyEquivModMask">1572864</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="437104165"> - <reference key="NSMenu" ref="789758025"/> - <string key="NSTitle">Delete</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="583158037"> - <reference key="NSMenu" ref="789758025"/> - <string key="NSTitle">Select All</string> - <string key="NSKeyEquiv">a</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="212016141"> - <reference key="NSMenu" ref="789758025"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="892235320"> - <reference key="NSMenu" ref="789758025"/> - <string key="NSTitle">Find</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="963351320"/> - <object class="NSMenu" key="NSSubmenu" id="963351320"> - <string key="NSTitle">Find</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="447796847"> - <reference key="NSMenu" ref="963351320"/> - <string key="NSTitle">Find…</string> - <string key="NSKeyEquiv">f</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <int key="NSTag">1</int> - </object> - <object class="NSMenuItem" id="738670835"> - <reference key="NSMenu" ref="963351320"/> - <string key="NSTitle">Find and Replace…</string> - <string key="NSKeyEquiv">f</string> - <int key="NSKeyEquivModMask">1572864</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <int key="NSTag">12</int> - </object> - <object class="NSMenuItem" id="326711663"> - <reference key="NSMenu" ref="963351320"/> - <string key="NSTitle">Find Next</string> - <string key="NSKeyEquiv">g</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <int key="NSTag">2</int> - </object> - <object class="NSMenuItem" id="270902937"> - <reference key="NSMenu" ref="963351320"/> - <string key="NSTitle">Find Previous</string> - <string key="NSKeyEquiv">G</string> - <int key="NSKeyEquivModMask">1179648</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <int key="NSTag">3</int> - </object> - <object class="NSMenuItem" id="159080638"> - <reference key="NSMenu" ref="963351320"/> - <string key="NSTitle">Use Selection for Find</string> - <string key="NSKeyEquiv">e</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <int key="NSTag">7</int> - </object> - <object class="NSMenuItem" id="88285865"> - <reference key="NSMenu" ref="963351320"/> - <string key="NSTitle">Jump to Selection</string> - <string key="NSKeyEquiv">j</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - </array> - </object> - </object> - <object class="NSMenuItem" id="972420730"> - <reference key="NSMenu" ref="789758025"/> - <string key="NSTitle">Spelling and Grammar</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="769623530"/> - <object class="NSMenu" key="NSSubmenu" id="769623530"> - <string key="NSTitle">Spelling and Grammar</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="679648819"> - <reference key="NSMenu" ref="769623530"/> - <string key="NSTitle">Show Spelling and Grammar</string> - <string key="NSKeyEquiv">:</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="96193923"> - <reference key="NSMenu" ref="769623530"/> - <string key="NSTitle">Check Document Now</string> - <string key="NSKeyEquiv">;</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="859480356"> - <reference key="NSMenu" ref="769623530"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="948374510"> - <reference key="NSMenu" ref="769623530"/> - <string key="NSTitle">Check Spelling While Typing</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="967646866"> - <reference key="NSMenu" ref="769623530"/> - <string key="NSTitle">Check Grammar With Spelling</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="795346622"> - <reference key="NSMenu" ref="769623530"/> - <string key="NSTitle">Correct Spelling Automatically</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - </array> - </object> - </object> - <object class="NSMenuItem" id="507821607"> - <reference key="NSMenu" ref="789758025"/> - <string key="NSTitle">Substitutions</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="698887838"/> - <object class="NSMenu" key="NSSubmenu" id="698887838"> - <string key="NSTitle">Substitutions</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="65139061"> - <reference key="NSMenu" ref="698887838"/> - <string key="NSTitle">Show Substitutions</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="19036812"> - <reference key="NSMenu" ref="698887838"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="605118523"> - <reference key="NSMenu" ref="698887838"/> - <string key="NSTitle">Smart Copy/Paste</string> - <string key="NSKeyEquiv">f</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <int key="NSTag">1</int> - </object> - <object class="NSMenuItem" id="197661976"> - <reference key="NSMenu" ref="698887838"/> - <string key="NSTitle">Smart Quotes</string> - <string key="NSKeyEquiv">g</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <int key="NSTag">2</int> - </object> - <object class="NSMenuItem" id="672708820"> - <reference key="NSMenu" ref="698887838"/> - <string key="NSTitle">Smart Dashes</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="708854459"> - <reference key="NSMenu" ref="698887838"/> - <string key="NSTitle">Smart Links</string> - <string key="NSKeyEquiv">G</string> - <int key="NSKeyEquivModMask">1179648</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <int key="NSTag">3</int> - </object> - <object class="NSMenuItem" id="537092702"> - <reference key="NSMenu" ref="698887838"/> - <string key="NSTitle">Text Replacement</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - </array> - </object> - </object> - <object class="NSMenuItem" id="288088188"> - <reference key="NSMenu" ref="789758025"/> - <string key="NSTitle">Transformations</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="579392910"/> - <object class="NSMenu" key="NSSubmenu" id="579392910"> - <string key="NSTitle">Transformations</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="1060694897"> - <reference key="NSMenu" ref="579392910"/> - <string key="NSTitle">Make Upper Case</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="879586729"> - <reference key="NSMenu" ref="579392910"/> - <string key="NSTitle">Make Lower Case</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="56570060"> - <reference key="NSMenu" ref="579392910"/> - <string key="NSTitle">Capitalize</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - </array> - </object> - </object> - <object class="NSMenuItem" id="676164635"> - <reference key="NSMenu" ref="789758025"/> - <string key="NSTitle">Speech</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="785027613"/> - <object class="NSMenu" key="NSSubmenu" id="785027613"> - <string key="NSTitle">Speech</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="731782645"> - <reference key="NSMenu" ref="785027613"/> - <string key="NSTitle">Start Speaking</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="680220178"> - <reference key="NSMenu" ref="785027613"/> - <string key="NSTitle">Stop Speaking</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - </array> - </object> - </object> - </array> - </object> - </object> - <object class="NSMenuItem" id="302598603"> - <reference key="NSMenu" ref="649796088"/> - <string key="NSTitle">Format</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="941447902"/> - <object class="NSMenu" key="NSSubmenu" id="941447902"> - <string key="NSTitle">Format</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="792887677"> - <reference key="NSMenu" ref="941447902"/> - <string key="NSTitle">Font</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="786677654"/> - <object class="NSMenu" key="NSSubmenu" id="786677654"> - <string key="NSTitle">Font</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="159677712"> - <reference key="NSMenu" ref="786677654"/> - <string key="NSTitle">Show Fonts</string> - <string key="NSKeyEquiv">t</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="305399458"> - <reference key="NSMenu" ref="786677654"/> - <string key="NSTitle">Bold</string> - <string key="NSKeyEquiv">b</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <int key="NSTag">2</int> - </object> - <object class="NSMenuItem" id="814362025"> - <reference key="NSMenu" ref="786677654"/> - <string key="NSTitle">Italic</string> - <string key="NSKeyEquiv">i</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <int key="NSTag">1</int> - </object> - <object class="NSMenuItem" id="330926929"> - <reference key="NSMenu" ref="786677654"/> - <string key="NSTitle">Underline</string> - <string key="NSKeyEquiv">u</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="533507878"> - <reference key="NSMenu" ref="786677654"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="158063935"> - <reference key="NSMenu" ref="786677654"/> - <string key="NSTitle">Bigger</string> - <string key="NSKeyEquiv">+</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <int key="NSTag">3</int> - </object> - <object class="NSMenuItem" id="885547335"> - <reference key="NSMenu" ref="786677654"/> - <string key="NSTitle">Smaller</string> - <string key="NSKeyEquiv">-</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <int key="NSTag">4</int> - </object> - <object class="NSMenuItem" id="901062459"> - <reference key="NSMenu" ref="786677654"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="767671776"> - <reference key="NSMenu" ref="786677654"/> - <string key="NSTitle">Kern</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="175441468"/> - <object class="NSMenu" key="NSSubmenu" id="175441468"> - <string key="NSTitle">Kern</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="252969304"> - <reference key="NSMenu" ref="175441468"/> - <string key="NSTitle">Use Default</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="766922938"> - <reference key="NSMenu" ref="175441468"/> - <string key="NSTitle">Use None</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="677519740"> - <reference key="NSMenu" ref="175441468"/> - <string key="NSTitle">Tighten</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="238351151"> - <reference key="NSMenu" ref="175441468"/> - <string key="NSTitle">Loosen</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - </array> - </object> - </object> - <object class="NSMenuItem" id="691570813"> - <reference key="NSMenu" ref="786677654"/> - <string key="NSTitle">Ligature</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="1058217995"/> - <object class="NSMenu" key="NSSubmenu" id="1058217995"> - <string key="NSTitle">Ligature</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="706297211"> - <reference key="NSMenu" ref="1058217995"/> - <string key="NSTitle">Use Default</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="568384683"> - <reference key="NSMenu" ref="1058217995"/> - <string key="NSTitle">Use None</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="663508465"> - <reference key="NSMenu" ref="1058217995"/> - <string key="NSTitle">Use All</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - </array> - </object> - </object> - <object class="NSMenuItem" id="769124883"> - <reference key="NSMenu" ref="786677654"/> - <string key="NSTitle">Baseline</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="18263474"/> - <object class="NSMenu" key="NSSubmenu" id="18263474"> - <string key="NSTitle">Baseline</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="257962622"> - <reference key="NSMenu" ref="18263474"/> - <string key="NSTitle">Use Default</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="644725453"> - <reference key="NSMenu" ref="18263474"/> - <string key="NSTitle">Superscript</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="1037576581"> - <reference key="NSMenu" ref="18263474"/> - <string key="NSTitle">Subscript</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="941806246"> - <reference key="NSMenu" ref="18263474"/> - <string key="NSTitle">Raise</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="1045724900"> - <reference key="NSMenu" ref="18263474"/> - <string key="NSTitle">Lower</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - </array> - </object> - </object> - <object class="NSMenuItem" id="739652853"> - <reference key="NSMenu" ref="786677654"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="1012600125"> - <reference key="NSMenu" ref="786677654"/> - <string key="NSTitle">Show Colors</string> - <string key="NSKeyEquiv">C</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="214559597"> - <reference key="NSMenu" ref="786677654"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="596732606"> - <reference key="NSMenu" ref="786677654"/> - <string key="NSTitle">Copy Style</string> - <string key="NSKeyEquiv">c</string> - <int key="NSKeyEquivModMask">1572864</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="393423671"> - <reference key="NSMenu" ref="786677654"/> - <string key="NSTitle">Paste Style</string> - <string key="NSKeyEquiv">v</string> - <int key="NSKeyEquivModMask">1572864</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - </array> - <string key="NSName">_NSFontMenu</string> - </object> - </object> - <object class="NSMenuItem" id="215659978"> - <reference key="NSMenu" ref="941447902"/> - <string key="NSTitle">Text</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="446991534"/> - <object class="NSMenu" key="NSSubmenu" id="446991534"> - <string key="NSTitle">Text</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="875092757"> - <reference key="NSMenu" ref="446991534"/> - <string key="NSTitle">Align Left</string> - <string key="NSKeyEquiv">{</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="630155264"> - <reference key="NSMenu" ref="446991534"/> - <string key="NSTitle">Center</string> - <string key="NSKeyEquiv">|</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="945678886"> - <reference key="NSMenu" ref="446991534"/> - <string key="NSTitle">Justify</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="512868991"> - <reference key="NSMenu" ref="446991534"/> - <string key="NSTitle">Align Right</string> - <string key="NSKeyEquiv">}</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="163117631"> - <reference key="NSMenu" ref="446991534"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="31516759"> - <reference key="NSMenu" ref="446991534"/> - <string key="NSTitle">Writing Direction</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="956096989"/> - <object class="NSMenu" key="NSSubmenu" id="956096989"> - <string key="NSTitle">Writing Direction</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="257099033"> - <reference key="NSMenu" ref="956096989"/> - <bool key="NSIsDisabled">YES</bool> - <string key="NSTitle">Paragraph</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="551969625"> - <reference key="NSMenu" ref="956096989"/> - <string type="base64-UTF8" key="NSTitle">CURlZmF1bHQ</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="249532473"> - <reference key="NSMenu" ref="956096989"/> - <string type="base64-UTF8" key="NSTitle">CUxlZnQgdG8gUmlnaHQ</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="607364498"> - <reference key="NSMenu" ref="956096989"/> - <string type="base64-UTF8" key="NSTitle">CVJpZ2h0IHRvIExlZnQ</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="508151438"> - <reference key="NSMenu" ref="956096989"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="981751889"> - <reference key="NSMenu" ref="956096989"/> - <bool key="NSIsDisabled">YES</bool> - <string key="NSTitle">Selection</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="380031999"> - <reference key="NSMenu" ref="956096989"/> - <string type="base64-UTF8" key="NSTitle">CURlZmF1bHQ</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="825984362"> - <reference key="NSMenu" ref="956096989"/> - <string type="base64-UTF8" key="NSTitle">CUxlZnQgdG8gUmlnaHQ</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="560145579"> - <reference key="NSMenu" ref="956096989"/> - <string type="base64-UTF8" key="NSTitle">CVJpZ2h0IHRvIExlZnQ</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - </array> - </object> - </object> - <object class="NSMenuItem" id="908105787"> - <reference key="NSMenu" ref="446991534"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="644046920"> - <reference key="NSMenu" ref="446991534"/> - <string key="NSTitle">Show Ruler</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="231811626"> - <reference key="NSMenu" ref="446991534"/> - <string key="NSTitle">Copy Ruler</string> - <string key="NSKeyEquiv">c</string> - <int key="NSKeyEquivModMask">1310720</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="883618387"> - <reference key="NSMenu" ref="446991534"/> - <string key="NSTitle">Paste Ruler</string> - <string key="NSKeyEquiv">v</string> - <int key="NSKeyEquivModMask">1310720</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - </array> - </object> - </object> - </array> - </object> - </object> - <object class="NSMenuItem" id="586577488"> - <reference key="NSMenu" ref="649796088"/> - <string key="NSTitle">View</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="466310130"/> - <object class="NSMenu" key="NSSubmenu" id="466310130"> - <string key="NSTitle">View</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="102151532"> - <reference key="NSMenu" ref="466310130"/> - <string key="NSTitle">Show Toolbar</string> - <string key="NSKeyEquiv">t</string> - <int key="NSKeyEquivModMask">1572864</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="237841660"> - <reference key="NSMenu" ref="466310130"/> - <string key="NSTitle">Customize Toolbar…</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - </array> - </object> - </object> - <object class="NSMenuItem" id="713487014"> - <reference key="NSMenu" ref="649796088"/> - <string key="NSTitle">Window</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="835318025"/> - <object class="NSMenu" key="NSSubmenu" id="835318025"> - <string key="NSTitle">Window</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="1011231497"> - <reference key="NSMenu" ref="835318025"/> - <string key="NSTitle">Minimize</string> - <string key="NSKeyEquiv">m</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="575023229"> - <reference key="NSMenu" ref="835318025"/> - <string key="NSTitle">Zoom</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="299356726"> - <reference key="NSMenu" ref="835318025"/> - <bool key="NSIsDisabled">YES</bool> - <bool key="NSIsSeparator">YES</bool> - <string key="NSTitle"/> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - <object class="NSMenuItem" id="625202149"> - <reference key="NSMenu" ref="835318025"/> - <string key="NSTitle">Bring All to Front</string> - <string key="NSKeyEquiv"/> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - </array> - <string key="NSName">_NSWindowsMenu</string> - </object> - </object> - <object class="NSMenuItem" id="448692316"> - <reference key="NSMenu" ref="649796088"/> - <string key="NSTitle">Help</string> - <string key="NSKeyEquiv"/> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - <string key="NSAction">submenuAction:</string> - <reference key="NSTarget" ref="992780483"/> - <object class="NSMenu" key="NSSubmenu" id="992780483"> - <string key="NSTitle">Help</string> - <array class="NSMutableArray" key="NSMenuItems"> - <object class="NSMenuItem" id="105068016"> - <reference key="NSMenu" ref="992780483"/> - <string key="NSTitle">ZeroTier One Help</string> - <string key="NSKeyEquiv">?</string> - <int key="NSKeyEquivModMask">1048576</int> - <int key="NSMnemonicLoc">2147483647</int> - <reference key="NSOnImage" ref="35465992"/> - <reference key="NSMixedImage" ref="502551668"/> - </object> - </array> - <string key="NSName">_NSHelpMenu</string> - </object> - </object> - </array> - <string key="NSName">_NSMainMenu</string> - </object> - </array> - <object class="IBObjectContainer" key="IBDocument.Objects"> - <array key="connectionRecords"> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">terminate:</string> - <reference key="source" ref="1050"/> - <reference key="destination" ref="632727374"/> - </object> - <int key="connectionID">449</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">orderFrontStandardAboutPanel:</string> - <reference key="source" ref="1021"/> - <reference key="destination" ref="238522557"/> - </object> - <int key="connectionID">142</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">delegate</string> - <reference key="source" ref="1021"/> - <reference key="destination" ref="976324537"/> - </object> - <int key="connectionID">547</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">performMiniaturize:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="1011231497"/> - </object> - <int key="connectionID">37</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">arrangeInFront:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="625202149"/> - </object> - <int key="connectionID">39</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">print:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="49223823"/> - </object> - <int key="connectionID">86</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">runPageLayout:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="294629803"/> - </object> - <int key="connectionID">87</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">clearRecentDocuments:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="759406840"/> - </object> - <int key="connectionID">127</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">performClose:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="776162233"/> - </object> - <int key="connectionID">193</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">toggleContinuousSpellChecking:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="948374510"/> - </object> - <int key="connectionID">222</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">undo:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="1058277027"/> - </object> - <int key="connectionID">223</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">copy:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="860595796"/> - </object> - <int key="connectionID">224</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">checkSpelling:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="96193923"/> - </object> - <int key="connectionID">225</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">paste:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="29853731"/> - </object> - <int key="connectionID">226</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">stopSpeaking:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="680220178"/> - </object> - <int key="connectionID">227</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">cut:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="296257095"/> - </object> - <int key="connectionID">228</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">showGuessPanel:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="679648819"/> - </object> - <int key="connectionID">230</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">redo:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="790794224"/> - </object> - <int key="connectionID">231</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">selectAll:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="583158037"/> - </object> - <int key="connectionID">232</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">startSpeaking:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="731782645"/> - </object> - <int key="connectionID">233</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">delete:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="437104165"/> - </object> - <int key="connectionID">235</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">performZoom:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="575023229"/> - </object> - <int key="connectionID">240</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">performFindPanelAction:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="447796847"/> - </object> - <int key="connectionID">241</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">centerSelectionInVisibleArea:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="88285865"/> - </object> - <int key="connectionID">245</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">toggleGrammarChecking:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="967646866"/> - </object> - <int key="connectionID">347</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">toggleSmartInsertDelete:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="605118523"/> - </object> - <int key="connectionID">355</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">toggleAutomaticQuoteSubstitution:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="197661976"/> - </object> - <int key="connectionID">356</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">toggleAutomaticLinkDetection:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="708854459"/> - </object> - <int key="connectionID">357</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">saveDocument:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="1023925487"/> - </object> - <int key="connectionID">362</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">revertDocumentToSaved:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="579971712"/> - </object> - <int key="connectionID">364</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">runToolbarCustomizationPalette:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="237841660"/> - </object> - <int key="connectionID">365</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">toggleToolbarShown:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="102151532"/> - </object> - <int key="connectionID">366</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">hide:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="755159360"/> - </object> - <int key="connectionID">367</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">hideOtherApplications:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="342932134"/> - </object> - <int key="connectionID">368</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">unhideAllApplications:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="908899353"/> - </object> - <int key="connectionID">370</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">newDocument:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="705341025"/> - </object> - <int key="connectionID">373</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">openDocument:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="722745758"/> - </object> - <int key="connectionID">374</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">raiseBaseline:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="941806246"/> - </object> - <int key="connectionID">426</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">lowerBaseline:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="1045724900"/> - </object> - <int key="connectionID">427</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">copyFont:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="596732606"/> - </object> - <int key="connectionID">428</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">subscript:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="1037576581"/> - </object> - <int key="connectionID">429</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">superscript:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="644725453"/> - </object> - <int key="connectionID">430</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">tightenKerning:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="677519740"/> - </object> - <int key="connectionID">431</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">underline:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="330926929"/> - </object> - <int key="connectionID">432</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">orderFrontColorPanel:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="1012600125"/> - </object> - <int key="connectionID">433</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">useAllLigatures:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="663508465"/> - </object> - <int key="connectionID">434</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">loosenKerning:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="238351151"/> - </object> - <int key="connectionID">435</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">pasteFont:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="393423671"/> - </object> - <int key="connectionID">436</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">unscript:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="257962622"/> - </object> - <int key="connectionID">437</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">useStandardKerning:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="252969304"/> - </object> - <int key="connectionID">438</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">useStandardLigatures:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="706297211"/> - </object> - <int key="connectionID">439</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">turnOffLigatures:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="568384683"/> - </object> - <int key="connectionID">440</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">turnOffKerning:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="766922938"/> - </object> - <int key="connectionID">441</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">toggleAutomaticSpellingCorrection:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="795346622"/> - </object> - <int key="connectionID">456</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">orderFrontSubstitutionsPanel:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="65139061"/> - </object> - <int key="connectionID">458</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">toggleAutomaticDashSubstitution:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="672708820"/> - </object> - <int key="connectionID">461</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">toggleAutomaticTextReplacement:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="537092702"/> - </object> - <int key="connectionID">463</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">uppercaseWord:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="1060694897"/> - </object> - <int key="connectionID">464</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">capitalizeWord:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="56570060"/> - </object> - <int key="connectionID">467</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">lowercaseWord:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="879586729"/> - </object> - <int key="connectionID">468</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">pasteAsPlainText:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="82994268"/> - </object> - <int key="connectionID">486</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">performFindPanelAction:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="326711663"/> - </object> - <int key="connectionID">487</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">performFindPanelAction:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="270902937"/> - </object> - <int key="connectionID">488</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">performFindPanelAction:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="159080638"/> - </object> - <int key="connectionID">489</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">showHelp:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="105068016"/> - </object> - <int key="connectionID">493</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">alignCenter:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="630155264"/> - </object> - <int key="connectionID">518</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">pasteRuler:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="883618387"/> - </object> - <int key="connectionID">519</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">toggleRuler:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="644046920"/> - </object> - <int key="connectionID">520</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">alignRight:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="512868991"/> - </object> - <int key="connectionID">521</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">copyRuler:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="231811626"/> - </object> - <int key="connectionID">522</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">alignJustified:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="945678886"/> - </object> - <int key="connectionID">523</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">alignLeft:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="875092757"/> - </object> - <int key="connectionID">524</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">makeBaseWritingDirectionNatural:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="551969625"/> - </object> - <int key="connectionID">525</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">makeBaseWritingDirectionLeftToRight:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="249532473"/> - </object> - <int key="connectionID">526</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">makeBaseWritingDirectionRightToLeft:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="607364498"/> - </object> - <int key="connectionID">527</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">makeTextWritingDirectionNatural:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="380031999"/> - </object> - <int key="connectionID">528</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">makeTextWritingDirectionLeftToRight:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="825984362"/> - </object> - <int key="connectionID">529</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">makeTextWritingDirectionRightToLeft:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="560145579"/> - </object> - <int key="connectionID">530</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBActionConnection" key="connection"> - <string key="label">performFindPanelAction:</string> - <reference key="source" ref="1014"/> - <reference key="destination" ref="738670835"/> - </object> - <int key="connectionID">535</int> - </object> - <object class="IBConnectionRecord"> - <object class="IBOutletConnection" key="connection"> - <string key="label">delegate</string> - <reference key="source" ref="649796088"/> - <reference key="destination" ref="1021"/> - </object> - <int key="connectionID">545</int> - </object> - </array> - <object class="IBMutableOrderedSet" key="objectRecords"> - <array key="orderedObjects"> - <object class="IBObjectRecord"> - <int key="objectID">0</int> - <array key="object" id="0"/> - <reference key="children" ref="1048"/> - <nil key="parent"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">-2</int> - <reference key="object" ref="1021"/> - <reference key="parent" ref="0"/> - <string key="objectName">File's Owner</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">-1</int> - <reference key="object" ref="1014"/> - <reference key="parent" ref="0"/> - <string key="objectName">First Responder</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">-3</int> - <reference key="object" ref="1050"/> - <reference key="parent" ref="0"/> - <string key="objectName">Application</string> - </object> - <object class="IBObjectRecord"> - <int key="objectID">29</int> - <reference key="object" ref="649796088"/> - <array class="NSMutableArray" key="children"> - <reference ref="713487014"/> - <reference ref="694149608"/> - <reference ref="952259628"/> - <reference ref="379814623"/> - <reference ref="586577488"/> - <reference ref="302598603"/> - <reference ref="448692316"/> - </array> - <reference key="parent" ref="0"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">19</int> - <reference key="object" ref="713487014"/> - <array class="NSMutableArray" key="children"> - <reference ref="835318025"/> - </array> - <reference key="parent" ref="649796088"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">56</int> - <reference key="object" ref="694149608"/> - <array class="NSMutableArray" key="children"> - <reference ref="110575045"/> - </array> - <reference key="parent" ref="649796088"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">217</int> - <reference key="object" ref="952259628"/> - <array class="NSMutableArray" key="children"> - <reference ref="789758025"/> - </array> - <reference key="parent" ref="649796088"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">83</int> - <reference key="object" ref="379814623"/> - <array class="NSMutableArray" key="children"> - <reference ref="720053764"/> - </array> - <reference key="parent" ref="649796088"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">81</int> - <reference key="object" ref="720053764"/> - <array class="NSMutableArray" key="children"> - <reference ref="1023925487"/> - <reference ref="49223823"/> - <reference ref="722745758"/> - <reference ref="705341025"/> - <reference ref="1025936716"/> - <reference ref="294629803"/> - <reference ref="776162233"/> - <reference ref="425164168"/> - <reference ref="579971712"/> - <reference ref="1010469920"/> - </array> - <reference key="parent" ref="379814623"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">75</int> - <reference key="object" ref="1023925487"/> - <reference key="parent" ref="720053764"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">78</int> - <reference key="object" ref="49223823"/> - <reference key="parent" ref="720053764"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">72</int> - <reference key="object" ref="722745758"/> - <reference key="parent" ref="720053764"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">82</int> - <reference key="object" ref="705341025"/> - <reference key="parent" ref="720053764"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">124</int> - <reference key="object" ref="1025936716"/> - <array class="NSMutableArray" key="children"> - <reference ref="1065607017"/> - </array> - <reference key="parent" ref="720053764"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">77</int> - <reference key="object" ref="294629803"/> - <reference key="parent" ref="720053764"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">73</int> - <reference key="object" ref="776162233"/> - <reference key="parent" ref="720053764"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">79</int> - <reference key="object" ref="425164168"/> - <reference key="parent" ref="720053764"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">112</int> - <reference key="object" ref="579971712"/> - <reference key="parent" ref="720053764"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">74</int> - <reference key="object" ref="1010469920"/> - <reference key="parent" ref="720053764"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">125</int> - <reference key="object" ref="1065607017"/> - <array class="NSMutableArray" key="children"> - <reference ref="759406840"/> - </array> - <reference key="parent" ref="1025936716"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">126</int> - <reference key="object" ref="759406840"/> - <reference key="parent" ref="1065607017"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">205</int> - <reference key="object" ref="789758025"/> - <array class="NSMutableArray" key="children"> - <reference ref="437104165"/> - <reference ref="583158037"/> - <reference ref="1058277027"/> - <reference ref="212016141"/> - <reference ref="296257095"/> - <reference ref="29853731"/> - <reference ref="860595796"/> - <reference ref="1040322652"/> - <reference ref="790794224"/> - <reference ref="892235320"/> - <reference ref="972420730"/> - <reference ref="676164635"/> - <reference ref="507821607"/> - <reference ref="288088188"/> - <reference ref="82994268"/> - </array> - <reference key="parent" ref="952259628"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">202</int> - <reference key="object" ref="437104165"/> - <reference key="parent" ref="789758025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">198</int> - <reference key="object" ref="583158037"/> - <reference key="parent" ref="789758025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">207</int> - <reference key="object" ref="1058277027"/> - <reference key="parent" ref="789758025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">214</int> - <reference key="object" ref="212016141"/> - <reference key="parent" ref="789758025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">199</int> - <reference key="object" ref="296257095"/> - <reference key="parent" ref="789758025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">203</int> - <reference key="object" ref="29853731"/> - <reference key="parent" ref="789758025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">197</int> - <reference key="object" ref="860595796"/> - <reference key="parent" ref="789758025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">206</int> - <reference key="object" ref="1040322652"/> - <reference key="parent" ref="789758025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">215</int> - <reference key="object" ref="790794224"/> - <reference key="parent" ref="789758025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">218</int> - <reference key="object" ref="892235320"/> - <array class="NSMutableArray" key="children"> - <reference ref="963351320"/> - </array> - <reference key="parent" ref="789758025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">216</int> - <reference key="object" ref="972420730"/> - <array class="NSMutableArray" key="children"> - <reference ref="769623530"/> - </array> - <reference key="parent" ref="789758025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">200</int> - <reference key="object" ref="769623530"/> - <array class="NSMutableArray" key="children"> - <reference ref="948374510"/> - <reference ref="96193923"/> - <reference ref="679648819"/> - <reference ref="967646866"/> - <reference ref="859480356"/> - <reference ref="795346622"/> - </array> - <reference key="parent" ref="972420730"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">219</int> - <reference key="object" ref="948374510"/> - <reference key="parent" ref="769623530"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">201</int> - <reference key="object" ref="96193923"/> - <reference key="parent" ref="769623530"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">204</int> - <reference key="object" ref="679648819"/> - <reference key="parent" ref="769623530"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">220</int> - <reference key="object" ref="963351320"/> - <array class="NSMutableArray" key="children"> - <reference ref="270902937"/> - <reference ref="88285865"/> - <reference ref="159080638"/> - <reference ref="326711663"/> - <reference ref="447796847"/> - <reference ref="738670835"/> - </array> - <reference key="parent" ref="892235320"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">213</int> - <reference key="object" ref="270902937"/> - <reference key="parent" ref="963351320"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">210</int> - <reference key="object" ref="88285865"/> - <reference key="parent" ref="963351320"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">221</int> - <reference key="object" ref="159080638"/> - <reference key="parent" ref="963351320"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">208</int> - <reference key="object" ref="326711663"/> - <reference key="parent" ref="963351320"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">209</int> - <reference key="object" ref="447796847"/> - <reference key="parent" ref="963351320"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">57</int> - <reference key="object" ref="110575045"/> - <array class="NSMutableArray" key="children"> - <reference ref="238522557"/> - <reference ref="755159360"/> - <reference ref="908899353"/> - <reference ref="632727374"/> - <reference ref="646227648"/> - <reference ref="609285721"/> - <reference ref="481834944"/> - <reference ref="304266470"/> - <reference ref="1046388886"/> - <reference ref="1056857174"/> - <reference ref="342932134"/> - </array> - <reference key="parent" ref="694149608"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">58</int> - <reference key="object" ref="238522557"/> - <reference key="parent" ref="110575045"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">134</int> - <reference key="object" ref="755159360"/> - <reference key="parent" ref="110575045"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">150</int> - <reference key="object" ref="908899353"/> - <reference key="parent" ref="110575045"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">136</int> - <reference key="object" ref="632727374"/> - <reference key="parent" ref="110575045"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">144</int> - <reference key="object" ref="646227648"/> - <reference key="parent" ref="110575045"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">129</int> - <reference key="object" ref="609285721"/> - <reference key="parent" ref="110575045"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">143</int> - <reference key="object" ref="481834944"/> - <reference key="parent" ref="110575045"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">236</int> - <reference key="object" ref="304266470"/> - <reference key="parent" ref="110575045"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">131</int> - <reference key="object" ref="1046388886"/> - <array class="NSMutableArray" key="children"> - <reference ref="752062318"/> - </array> - <reference key="parent" ref="110575045"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">149</int> - <reference key="object" ref="1056857174"/> - <reference key="parent" ref="110575045"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">145</int> - <reference key="object" ref="342932134"/> - <reference key="parent" ref="110575045"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">130</int> - <reference key="object" ref="752062318"/> - <reference key="parent" ref="1046388886"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">24</int> - <reference key="object" ref="835318025"/> - <array class="NSMutableArray" key="children"> - <reference ref="299356726"/> - <reference ref="625202149"/> - <reference ref="575023229"/> - <reference ref="1011231497"/> - </array> - <reference key="parent" ref="713487014"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">92</int> - <reference key="object" ref="299356726"/> - <reference key="parent" ref="835318025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">5</int> - <reference key="object" ref="625202149"/> - <reference key="parent" ref="835318025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">239</int> - <reference key="object" ref="575023229"/> - <reference key="parent" ref="835318025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">23</int> - <reference key="object" ref="1011231497"/> - <reference key="parent" ref="835318025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">295</int> - <reference key="object" ref="586577488"/> - <array class="NSMutableArray" key="children"> - <reference ref="466310130"/> - </array> - <reference key="parent" ref="649796088"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">296</int> - <reference key="object" ref="466310130"/> - <array class="NSMutableArray" key="children"> - <reference ref="102151532"/> - <reference ref="237841660"/> - </array> - <reference key="parent" ref="586577488"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">297</int> - <reference key="object" ref="102151532"/> - <reference key="parent" ref="466310130"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">298</int> - <reference key="object" ref="237841660"/> - <reference key="parent" ref="466310130"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">211</int> - <reference key="object" ref="676164635"/> - <array class="NSMutableArray" key="children"> - <reference ref="785027613"/> - </array> - <reference key="parent" ref="789758025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">212</int> - <reference key="object" ref="785027613"/> - <array class="NSMutableArray" key="children"> - <reference ref="680220178"/> - <reference ref="731782645"/> - </array> - <reference key="parent" ref="676164635"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">195</int> - <reference key="object" ref="680220178"/> - <reference key="parent" ref="785027613"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">196</int> - <reference key="object" ref="731782645"/> - <reference key="parent" ref="785027613"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">346</int> - <reference key="object" ref="967646866"/> - <reference key="parent" ref="769623530"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">348</int> - <reference key="object" ref="507821607"/> - <array class="NSMutableArray" key="children"> - <reference ref="698887838"/> - </array> - <reference key="parent" ref="789758025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">349</int> - <reference key="object" ref="698887838"/> - <array class="NSMutableArray" key="children"> - <reference ref="605118523"/> - <reference ref="197661976"/> - <reference ref="708854459"/> - <reference ref="65139061"/> - <reference ref="19036812"/> - <reference ref="672708820"/> - <reference ref="537092702"/> - </array> - <reference key="parent" ref="507821607"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">350</int> - <reference key="object" ref="605118523"/> - <reference key="parent" ref="698887838"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">351</int> - <reference key="object" ref="197661976"/> - <reference key="parent" ref="698887838"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">354</int> - <reference key="object" ref="708854459"/> - <reference key="parent" ref="698887838"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">375</int> - <reference key="object" ref="302598603"/> - <array class="NSMutableArray" key="children"> - <reference ref="941447902"/> - </array> - <reference key="parent" ref="649796088"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">376</int> - <reference key="object" ref="941447902"/> - <array class="NSMutableArray" key="children"> - <reference ref="792887677"/> - <reference ref="215659978"/> - </array> - <reference key="parent" ref="302598603"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">377</int> - <reference key="object" ref="792887677"/> - <array class="NSMutableArray" key="children"> - <reference ref="786677654"/> - </array> - <reference key="parent" ref="941447902"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">388</int> - <reference key="object" ref="786677654"/> - <array class="NSMutableArray" key="children"> - <reference ref="159677712"/> - <reference ref="305399458"/> - <reference ref="814362025"/> - <reference ref="330926929"/> - <reference ref="533507878"/> - <reference ref="158063935"/> - <reference ref="885547335"/> - <reference ref="901062459"/> - <reference ref="767671776"/> - <reference ref="691570813"/> - <reference ref="769124883"/> - <reference ref="739652853"/> - <reference ref="1012600125"/> - <reference ref="214559597"/> - <reference ref="596732606"/> - <reference ref="393423671"/> - </array> - <reference key="parent" ref="792887677"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">389</int> - <reference key="object" ref="159677712"/> - <reference key="parent" ref="786677654"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">390</int> - <reference key="object" ref="305399458"/> - <reference key="parent" ref="786677654"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">391</int> - <reference key="object" ref="814362025"/> - <reference key="parent" ref="786677654"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">392</int> - <reference key="object" ref="330926929"/> - <reference key="parent" ref="786677654"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">393</int> - <reference key="object" ref="533507878"/> - <reference key="parent" ref="786677654"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">394</int> - <reference key="object" ref="158063935"/> - <reference key="parent" ref="786677654"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">395</int> - <reference key="object" ref="885547335"/> - <reference key="parent" ref="786677654"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">396</int> - <reference key="object" ref="901062459"/> - <reference key="parent" ref="786677654"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">397</int> - <reference key="object" ref="767671776"/> - <array class="NSMutableArray" key="children"> - <reference ref="175441468"/> - </array> - <reference key="parent" ref="786677654"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">398</int> - <reference key="object" ref="691570813"/> - <array class="NSMutableArray" key="children"> - <reference ref="1058217995"/> - </array> - <reference key="parent" ref="786677654"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">399</int> - <reference key="object" ref="769124883"/> - <array class="NSMutableArray" key="children"> - <reference ref="18263474"/> - </array> - <reference key="parent" ref="786677654"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">400</int> - <reference key="object" ref="739652853"/> - <reference key="parent" ref="786677654"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">401</int> - <reference key="object" ref="1012600125"/> - <reference key="parent" ref="786677654"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">402</int> - <reference key="object" ref="214559597"/> - <reference key="parent" ref="786677654"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">403</int> - <reference key="object" ref="596732606"/> - <reference key="parent" ref="786677654"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">404</int> - <reference key="object" ref="393423671"/> - <reference key="parent" ref="786677654"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">405</int> - <reference key="object" ref="18263474"/> - <array class="NSMutableArray" key="children"> - <reference ref="257962622"/> - <reference ref="644725453"/> - <reference ref="1037576581"/> - <reference ref="941806246"/> - <reference ref="1045724900"/> - </array> - <reference key="parent" ref="769124883"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">406</int> - <reference key="object" ref="257962622"/> - <reference key="parent" ref="18263474"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">407</int> - <reference key="object" ref="644725453"/> - <reference key="parent" ref="18263474"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">408</int> - <reference key="object" ref="1037576581"/> - <reference key="parent" ref="18263474"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">409</int> - <reference key="object" ref="941806246"/> - <reference key="parent" ref="18263474"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">410</int> - <reference key="object" ref="1045724900"/> - <reference key="parent" ref="18263474"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">411</int> - <reference key="object" ref="1058217995"/> - <array class="NSMutableArray" key="children"> - <reference ref="706297211"/> - <reference ref="568384683"/> - <reference ref="663508465"/> - </array> - <reference key="parent" ref="691570813"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">412</int> - <reference key="object" ref="706297211"/> - <reference key="parent" ref="1058217995"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">413</int> - <reference key="object" ref="568384683"/> - <reference key="parent" ref="1058217995"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">414</int> - <reference key="object" ref="663508465"/> - <reference key="parent" ref="1058217995"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">415</int> - <reference key="object" ref="175441468"/> - <array class="NSMutableArray" key="children"> - <reference ref="252969304"/> - <reference ref="766922938"/> - <reference ref="677519740"/> - <reference ref="238351151"/> - </array> - <reference key="parent" ref="767671776"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">416</int> - <reference key="object" ref="252969304"/> - <reference key="parent" ref="175441468"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">417</int> - <reference key="object" ref="766922938"/> - <reference key="parent" ref="175441468"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">418</int> - <reference key="object" ref="677519740"/> - <reference key="parent" ref="175441468"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">419</int> - <reference key="object" ref="238351151"/> - <reference key="parent" ref="175441468"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">450</int> - <reference key="object" ref="288088188"/> - <array class="NSMutableArray" key="children"> - <reference ref="579392910"/> - </array> - <reference key="parent" ref="789758025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">451</int> - <reference key="object" ref="579392910"/> - <array class="NSMutableArray" key="children"> - <reference ref="1060694897"/> - <reference ref="879586729"/> - <reference ref="56570060"/> - </array> - <reference key="parent" ref="288088188"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">452</int> - <reference key="object" ref="1060694897"/> - <reference key="parent" ref="579392910"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">453</int> - <reference key="object" ref="859480356"/> - <reference key="parent" ref="769623530"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">454</int> - <reference key="object" ref="795346622"/> - <reference key="parent" ref="769623530"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">457</int> - <reference key="object" ref="65139061"/> - <reference key="parent" ref="698887838"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">459</int> - <reference key="object" ref="19036812"/> - <reference key="parent" ref="698887838"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">460</int> - <reference key="object" ref="672708820"/> - <reference key="parent" ref="698887838"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">462</int> - <reference key="object" ref="537092702"/> - <reference key="parent" ref="698887838"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">465</int> - <reference key="object" ref="879586729"/> - <reference key="parent" ref="579392910"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">466</int> - <reference key="object" ref="56570060"/> - <reference key="parent" ref="579392910"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">485</int> - <reference key="object" ref="82994268"/> - <reference key="parent" ref="789758025"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">490</int> - <reference key="object" ref="448692316"/> - <array class="NSMutableArray" key="children"> - <reference ref="992780483"/> - </array> - <reference key="parent" ref="649796088"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">491</int> - <reference key="object" ref="992780483"/> - <array class="NSMutableArray" key="children"> - <reference ref="105068016"/> - </array> - <reference key="parent" ref="448692316"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">492</int> - <reference key="object" ref="105068016"/> - <reference key="parent" ref="992780483"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">496</int> - <reference key="object" ref="215659978"/> - <array class="NSMutableArray" key="children"> - <reference ref="446991534"/> - </array> - <reference key="parent" ref="941447902"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">497</int> - <reference key="object" ref="446991534"/> - <array class="NSMutableArray" key="children"> - <reference ref="875092757"/> - <reference ref="630155264"/> - <reference ref="945678886"/> - <reference ref="512868991"/> - <reference ref="163117631"/> - <reference ref="31516759"/> - <reference ref="908105787"/> - <reference ref="644046920"/> - <reference ref="231811626"/> - <reference ref="883618387"/> - </array> - <reference key="parent" ref="215659978"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">498</int> - <reference key="object" ref="875092757"/> - <reference key="parent" ref="446991534"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">499</int> - <reference key="object" ref="630155264"/> - <reference key="parent" ref="446991534"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">500</int> - <reference key="object" ref="945678886"/> - <reference key="parent" ref="446991534"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">501</int> - <reference key="object" ref="512868991"/> - <reference key="parent" ref="446991534"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">502</int> - <reference key="object" ref="163117631"/> - <reference key="parent" ref="446991534"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">503</int> - <reference key="object" ref="31516759"/> - <array class="NSMutableArray" key="children"> - <reference ref="956096989"/> - </array> - <reference key="parent" ref="446991534"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">504</int> - <reference key="object" ref="908105787"/> - <reference key="parent" ref="446991534"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">505</int> - <reference key="object" ref="644046920"/> - <reference key="parent" ref="446991534"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">506</int> - <reference key="object" ref="231811626"/> - <reference key="parent" ref="446991534"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">507</int> - <reference key="object" ref="883618387"/> - <reference key="parent" ref="446991534"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">508</int> - <reference key="object" ref="956096989"/> - <array class="NSMutableArray" key="children"> - <reference ref="257099033"/> - <reference ref="551969625"/> - <reference ref="249532473"/> - <reference ref="607364498"/> - <reference ref="508151438"/> - <reference ref="981751889"/> - <reference ref="380031999"/> - <reference ref="825984362"/> - <reference ref="560145579"/> - </array> - <reference key="parent" ref="31516759"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">509</int> - <reference key="object" ref="257099033"/> - <reference key="parent" ref="956096989"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">510</int> - <reference key="object" ref="551969625"/> - <reference key="parent" ref="956096989"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">511</int> - <reference key="object" ref="249532473"/> - <reference key="parent" ref="956096989"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">512</int> - <reference key="object" ref="607364498"/> - <reference key="parent" ref="956096989"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">513</int> - <reference key="object" ref="508151438"/> - <reference key="parent" ref="956096989"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">514</int> - <reference key="object" ref="981751889"/> - <reference key="parent" ref="956096989"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">515</int> - <reference key="object" ref="380031999"/> - <reference key="parent" ref="956096989"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">516</int> - <reference key="object" ref="825984362"/> - <reference key="parent" ref="956096989"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">517</int> - <reference key="object" ref="560145579"/> - <reference key="parent" ref="956096989"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">534</int> - <reference key="object" ref="738670835"/> - <reference key="parent" ref="963351320"/> - </object> - <object class="IBObjectRecord"> - <int key="objectID">546</int> - <reference key="object" ref="976324537"/> - <reference key="parent" ref="0"/> - </object> - </array> - </object> - <dictionary class="NSMutableDictionary" key="flattenedProperties"> - <string key="-1.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="-2.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="-3.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="112.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="124.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="125.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="126.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="129.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="130.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="131.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="134.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="136.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="143.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="144.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="145.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="149.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="150.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="19.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="195.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="196.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="197.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="198.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="199.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="200.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="201.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="202.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="203.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="204.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="205.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="206.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="207.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="208.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="209.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="210.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="211.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="212.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="213.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="214.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="215.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="216.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="217.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="218.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="219.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="220.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="221.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="23.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="236.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="239.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="24.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="29.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="295.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="296.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="297.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="298.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="346.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="348.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="349.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="350.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="351.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="354.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="375.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="376.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="377.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="388.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="389.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="390.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="391.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="392.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="393.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="394.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="395.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="396.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="397.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="398.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="399.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="400.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="401.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="402.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="403.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="404.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="405.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="406.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="407.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="408.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="409.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="410.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="411.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="412.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="413.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="414.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="415.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="416.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="417.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="418.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="419.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="450.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="451.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="452.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="453.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="454.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="457.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="459.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="460.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="462.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="465.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="466.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="485.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="490.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="491.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="492.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="496.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="497.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="498.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="499.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="5.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="500.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="501.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="502.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="503.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="504.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="505.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="506.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="507.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="508.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="509.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="510.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="511.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="512.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="513.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="514.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="515.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="516.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="517.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="534.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="546.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="56.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="57.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="58.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="72.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="73.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="74.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="75.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="77.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="78.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="79.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="81.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="82.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="83.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - <string key="92.IBPluginDependency">com.apple.InterfaceBuilder.CocoaPlugin</string> - </dictionary> - <dictionary class="NSMutableDictionary" key="unlocalizedProperties"/> - <nil key="activeLocalization"/> - <dictionary class="NSMutableDictionary" key="localizations"/> - <nil key="sourceID"/> - <int key="maxID">547</int> - </object> - <object class="IBClassDescriber" key="IBDocument.Classes"> - <array class="NSMutableArray" key="referencedPartialClassDescriptions"> - <object class="IBPartialClassDescription"> - <string key="className">AppDelegate</string> - <string key="superclassName">NSObject</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBProjectSource</string> - <string key="minorKey">../MacGap/AppDelegate.h</string> - </object> - </object> - </array> - <array class="NSMutableArray" key="referencedPartialClassDescriptionsV3.2+"> - <object class="IBPartialClassDescription"> - <string key="className">NSApplication</string> - <string key="superclassName">NSResponder</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">AppKit.framework/Headers/NSApplication.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">NSBrowser</string> - <string key="superclassName">NSControl</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">AppKit.framework/Headers/NSBrowser.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">NSControl</string> - <string key="superclassName">NSView</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">AppKit.framework/Headers/NSControl.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">NSDocument</string> - <string key="superclassName">NSObject</string> - <dictionary class="NSMutableDictionary" key="actions"> - <string key="printDocument:">id</string> - <string key="revertDocumentToSaved:">id</string> - <string key="runPageLayout:">id</string> - <string key="saveDocument:">id</string> - <string key="saveDocumentAs:">id</string> - <string key="saveDocumentTo:">id</string> - </dictionary> - <dictionary class="NSMutableDictionary" key="actionInfosByName"> - <object class="IBActionInfo" key="printDocument:"> - <string key="name">printDocument:</string> - <string key="candidateClassName">id</string> - </object> - <object class="IBActionInfo" key="revertDocumentToSaved:"> - <string key="name">revertDocumentToSaved:</string> - <string key="candidateClassName">id</string> - </object> - <object class="IBActionInfo" key="runPageLayout:"> - <string key="name">runPageLayout:</string> - <string key="candidateClassName">id</string> - </object> - <object class="IBActionInfo" key="saveDocument:"> - <string key="name">saveDocument:</string> - <string key="candidateClassName">id</string> - </object> - <object class="IBActionInfo" key="saveDocumentAs:"> - <string key="name">saveDocumentAs:</string> - <string key="candidateClassName">id</string> - </object> - <object class="IBActionInfo" key="saveDocumentTo:"> - <string key="name">saveDocumentTo:</string> - <string key="candidateClassName">id</string> - </object> - </dictionary> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">AppKit.framework/Headers/NSDocument.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">NSDocumentController</string> - <string key="superclassName">NSObject</string> - <dictionary class="NSMutableDictionary" key="actions"> - <string key="clearRecentDocuments:">id</string> - <string key="newDocument:">id</string> - <string key="openDocument:">id</string> - <string key="saveAllDocuments:">id</string> - </dictionary> - <dictionary class="NSMutableDictionary" key="actionInfosByName"> - <object class="IBActionInfo" key="clearRecentDocuments:"> - <string key="name">clearRecentDocuments:</string> - <string key="candidateClassName">id</string> - </object> - <object class="IBActionInfo" key="newDocument:"> - <string key="name">newDocument:</string> - <string key="candidateClassName">id</string> - </object> - <object class="IBActionInfo" key="openDocument:"> - <string key="name">openDocument:</string> - <string key="candidateClassName">id</string> - </object> - <object class="IBActionInfo" key="saveAllDocuments:"> - <string key="name">saveAllDocuments:</string> - <string key="candidateClassName">id</string> - </object> - </dictionary> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">AppKit.framework/Headers/NSDocumentController.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">NSFormatter</string> - <string key="superclassName">NSObject</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">Foundation.framework/Headers/NSFormatter.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">NSMatrix</string> - <string key="superclassName">NSControl</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">AppKit.framework/Headers/NSMatrix.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">NSMenu</string> - <string key="superclassName">NSObject</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">AppKit.framework/Headers/NSMenu.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">NSMenuItem</string> - <string key="superclassName">NSObject</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">AppKit.framework/Headers/NSMenuItem.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">NSMovieView</string> - <string key="superclassName">NSView</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">AppKit.framework/Headers/NSMovieView.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">NSPopover</string> - <string key="superclassName">NSResponder</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">AppKit.framework/Headers/NSPopover.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">NSResponder</string> - <string key="superclassName">NSObject</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">AppKit.framework/Headers/NSResponder.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">NSTableView</string> - <string key="superclassName">NSControl</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">AppKit.framework/Headers/NSTableView.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">NSText</string> - <string key="superclassName">NSView</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">AppKit.framework/Headers/NSText.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">NSTextView</string> - <string key="superclassName">NSText</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">AppKit.framework/Headers/NSTextView.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">NSView</string> - <string key="superclassName">NSResponder</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">AppKit.framework/Headers/NSView.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">NSViewController</string> - <string key="superclassName">NSResponder</string> - <object class="NSMutableDictionary" key="outlets"> - <string key="NS.key.0">view</string> - <string key="NS.object.0">NSView</string> - </object> - <object class="NSMutableDictionary" key="toOneOutletInfosByName"> - <string key="NS.key.0">view</string> - <object class="IBToOneOutletInfo" key="NS.object.0"> - <string key="name">view</string> - <string key="candidateClassName">NSView</string> - </object> - </object> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">AppKit.framework/Headers/NSViewController.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">NSWindow</string> - <string key="superclassName">NSResponder</string> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">AppKit.framework/Headers/NSWindow.h</string> - </object> - </object> - <object class="IBPartialClassDescription"> - <string key="className">WebView</string> - <string key="superclassName">NSView</string> - <dictionary class="NSMutableDictionary" key="actions"> - <string key="goBack:">id</string> - <string key="goForward:">id</string> - <string key="makeTextLarger:">id</string> - <string key="makeTextSmaller:">id</string> - <string key="makeTextStandardSize:">id</string> - <string key="reload:">id</string> - <string key="reloadFromOrigin:">id</string> - <string key="stopLoading:">id</string> - <string key="takeStringURLFrom:">id</string> - <string key="toggleContinuousSpellChecking:">id</string> - <string key="toggleSmartInsertDelete:">id</string> - </dictionary> - <dictionary class="NSMutableDictionary" key="actionInfosByName"> - <object class="IBActionInfo" key="goBack:"> - <string key="name">goBack:</string> - <string key="candidateClassName">id</string> - </object> - <object class="IBActionInfo" key="goForward:"> - <string key="name">goForward:</string> - <string key="candidateClassName">id</string> - </object> - <object class="IBActionInfo" key="makeTextLarger:"> - <string key="name">makeTextLarger:</string> - <string key="candidateClassName">id</string> - </object> - <object class="IBActionInfo" key="makeTextSmaller:"> - <string key="name">makeTextSmaller:</string> - <string key="candidateClassName">id</string> - </object> - <object class="IBActionInfo" key="makeTextStandardSize:"> - <string key="name">makeTextStandardSize:</string> - <string key="candidateClassName">id</string> - </object> - <object class="IBActionInfo" key="reload:"> - <string key="name">reload:</string> - <string key="candidateClassName">id</string> - </object> - <object class="IBActionInfo" key="reloadFromOrigin:"> - <string key="name">reloadFromOrigin:</string> - <string key="candidateClassName">id</string> - </object> - <object class="IBActionInfo" key="stopLoading:"> - <string key="name">stopLoading:</string> - <string key="candidateClassName">id</string> - </object> - <object class="IBActionInfo" key="takeStringURLFrom:"> - <string key="name">takeStringURLFrom:</string> - <string key="candidateClassName">id</string> - </object> - <object class="IBActionInfo" key="toggleContinuousSpellChecking:"> - <string key="name">toggleContinuousSpellChecking:</string> - <string key="candidateClassName">id</string> - </object> - <object class="IBActionInfo" key="toggleSmartInsertDelete:"> - <string key="name">toggleSmartInsertDelete:</string> - <string key="candidateClassName">id</string> - </object> - </dictionary> - <object class="IBClassDescriptionSource" key="sourceIdentifier"> - <string key="majorKey">IBFrameworkSource</string> - <string key="minorKey">WebKit.framework/Headers/WebView.h</string> - </object> - </object> - </array> - </object> - <int key="IBDocument.localizationMode">0</int> - <string key="IBDocument.TargetRuntimeIdentifier">IBCocoaFramework</string> - <bool key="IBDocument.previouslyAttemptedUpgradeToXcode5">NO</bool> - <object class="NSMutableDictionary" key="IBDocument.PluginDeclaredDevelopmentDependencies"> - <string key="NS.key.0">com.apple.InterfaceBuilder.CocoaPlugin.InterfaceBuilder3</string> - <integer value="4600" key="NS.object.0"/> - </object> - <bool key="IBDocument.PluginDeclaredDependenciesTrackSystemTargetVersion">YES</bool> - <int key="IBDocument.defaultPropertyAccessControl">3</int> - <dictionary class="NSMutableDictionary" key="IBDocument.LastKnownImageSizes"> - <string key="NSMenuCheckmark">{12, 12}</string> - <string key="NSMenuMixedState">{10, 2}</string> - </dictionary> - </data> -</archive> diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/en.lproj/Window.xib b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/en.lproj/Window.xib deleted file mode 100644 index fa70acaa..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/en.lproj/Window.xib +++ /dev/null @@ -1,44 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" standalone="no"?> -<document type="com.apple.InterfaceBuilder3.Cocoa.XIB" version="3.0" toolsVersion="9060" systemVersion="15B42" targetRuntime="MacOSX.Cocoa" propertyAccessControl="none"> - <dependencies> - <deployment identifier="macosx"/> - <plugIn identifier="com.apple.InterfaceBuilder.CocoaPlugin" version="9060"/> - <plugIn identifier="com.apple.WebKitIBPlugin" version="9060"/> - </dependencies> - <objects> - <customObject id="-2" userLabel="File's Owner" customClass="WindowController"> - <connections> - <outlet property="contentView" destination="2" id="23"/> - <outlet property="window" destination="1" id="25"/> - </connections> - </customObject> - <customObject id="-1" userLabel="First Responder" customClass="FirstResponder"/> - <customObject id="-3" userLabel="Application" customClass="NSObject"/> - <window title="Window" allowsToolTipsWhenApplicationIsInactive="NO" autorecalculatesKeyViewLoop="NO" oneShot="NO" animationBehavior="default" id="1"> - <windowStyleMask key="styleMask" titled="YES" closable="YES" miniaturizable="YES" resizable="YES"/> - <rect key="contentRect" x="575" y="564" width="500" height="500"/> - <rect key="screenRect" x="0.0" y="0.0" width="1920" height="1178"/> - <view key="contentView" id="2" customClass="ContentView"> - <rect key="frame" x="0.0" y="0.0" width="500" height="500"/> - <autoresizingMask key="autoresizingMask"/> - <subviews> - <webView id="5"> - <rect key="frame" x="0.0" y="0.0" width="500" height="500"/> - <autoresizingMask key="autoresizingMask" widthSizable="YES" heightSizable="YES"/> - <animations/> - <webPreferences key="preferences" defaultFontSize="12" defaultFixedFontSize="12"> - <nil key="identifier"/> - </webPreferences> - </webView> - </subviews> - <animations/> - <connections> - <outlet property="webView" destination="5" id="19"/> - </connections> - </view> - <connections> - <binding destination="-2" name="title" keyPath="contentView.webView.mainFrameTitle" id="31"/> - </connections> - </window> - </objects> -</document> diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/main.m b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/main.m deleted file mode 100644 index 4ad50ad5..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/main.m +++ /dev/null @@ -1,14 +0,0 @@ -// -// main.m -// MacGap -// -// Created by Alex MacCaw on 08/01/2012. -// Copyright (c) 2012 Twitter. All rights reserved. -// - -#import <Cocoa/Cocoa.h> - -int main(int argc, char *argv[]) -{ - return NSApplicationMain(argc, (const char **)argv); -} diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/README.md b/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/README.md deleted file mode 100644 index daf3eae9..00000000 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/README.md +++ /dev/null @@ -1,6 +0,0 @@ -Mac Web UI Wrapper -====== - -This is a modified version of MacGap1 which launches a WebKit view and accesses the local ZeroTier service at its web URL. It builds the URL from the authtoken.secret file in the system home (or the user home) and the zerotier-one.port file that ZeroTier creates to advertise its control port. - -It's based on the original MacGap1 source by Twitter, Inc. which is licensed under the MIT license. diff --git a/ext/installfiles/mac/postinst.sh b/ext/installfiles/mac/postinst.sh index da15f9c8..2e4f5916 100755 --- a/ext/installfiles/mac/postinst.sh +++ b/ext/installfiles/mac/postinst.sh @@ -22,7 +22,7 @@ if [ "$OSX_RELEASE" = "10.7" ]; then rm -f tap.kext.10_7.tar.gz fi -rm -rf node.log node.log.old root-topology shutdownIfUnreadable autoupdate.log updates.d +rm -rf node.log node.log.old root-topology shutdownIfUnreadable autoupdate.log updates.d ui peers.save chown -R 0 tap.kext chgrp -R 0 tap.kext if [ ! -f authtoken.secret ]; then diff --git a/ext/installfiles/mac/ui/Makefile b/ext/installfiles/mac/ui/Makefile deleted file mode 100644 index 4be03228..00000000 --- a/ext/installfiles/mac/ui/Makefile +++ /dev/null @@ -1,6 +0,0 @@ -all: - mkdir -p build - jsx --target es3 -x jsx . ./build - rm -f ztui.min.js - minify build/*.js >>ztui.min.js - rm -rf build diff --git a/ext/installfiles/mac/ui/README.md b/ext/installfiles/mac/ui/README.md deleted file mode 100644 index bd5eddb6..00000000 --- a/ext/installfiles/mac/ui/README.md +++ /dev/null @@ -1,10 +0,0 @@ -ZeroTier HTML5 UI -====== - -This is the new (as of 1.0.3) ZeroTier One UI. It's implemented in HTML5 and React. - -If you make changes to the .jsx files, type 'make'. You will need NodeJS, react-tools, and minify installed and available in your path. - -For this to work, these files must be installed in the 'ui' subfolder of the ZeroTier home path. For development it's nice to symlink this to the 'ui' folder in your working directory. If the 'ui' subfolder is not present, the UI static files will not be served by the embedded web server. - -Packaging for Mac and Windows is accomplished by way of the wrappers in ext/. For Mac this is done with a modified version of MacGap. Windows uses a custom project that embeds a web view. diff --git a/ext/installfiles/mac/ui/ZeroTierNetwork.jsx b/ext/installfiles/mac/ui/ZeroTierNetwork.jsx deleted file mode 100644 index f842d758..00000000 --- a/ext/installfiles/mac/ui/ZeroTierNetwork.jsx +++ /dev/null @@ -1,74 +0,0 @@ -var ZeroTierNetwork = React.createClass({ - getInitialState: function() { - return {}; - }, - - leaveNetwork: function(event) { - Ajax.call({ - url: 'network/'+this.props.nwid+'?auth='+this.props.authToken, - cache: false, - type: 'DELETE', - success: function(data) { - if (this.props.onNetworkDeleted) - this.props.onNetworkDeleted(this.props.nwid); - }.bind(this), - error: function(error) { - }.bind(this) - }); - event.preventDefault(); - }, - - render: function() { - return ( - <div className="zeroTierNetwork"> - <div className="networkInfo"> - <span className="networkId">{this.props.nwid}</span> - <span className="networkName">{this.props.name}</span> - </div> - <div className="networkProps"> - <div className="row"> - <div className="name">Status</div> - <div className="value">{this.props['status']}</div> - </div> - <div className="row"> - <div className="name">Type</div> - <div className="value">{this.props['type']}</div> - </div> - <div className="row"> - <div className="name">MAC</div> - <div className="value zeroTierAddress">{this.props['mac']}</div> - </div> - <div className="row"> - <div className="name">MTU</div> - <div className="value">{this.props['mtu']}</div> - </div> - <div className="row"> - <div className="name">Broadcast</div> - <div className="value">{(this.props['broadcastEnabled']) ? 'ENABLED' : 'DISABLED'}</div> - </div> - <div className="row"> - <div className="name">Bridging</div> - <div className="value">{(this.props['bridge']) ? 'ACTIVE' : 'DISABLED'}</div> - </div> - <div className="row"> - <div className="name">Device</div> - <div className="value">{(this.props['portDeviceName']) ? this.props['portDeviceName'] : '(none)'}</div> - </div> - <div className="row"> - <div className="name">Managed IPs</div> - <div className="value ipList"> - { - this.props['assignedAddresses'].map(function(ipAssignment) { - return ( - <div key={ipAssignment} className="ipAddress">{ipAssignment}</div> - ); - }) - } - </div> - </div> - </div> - <button type="button" className="leaveNetworkButton" onClick={this.leaveNetwork}>Leave Network</button> - </div> - ); - } -}); diff --git a/ext/installfiles/mac/ui/ZeroTierNode.jsx b/ext/installfiles/mac/ui/ZeroTierNode.jsx deleted file mode 100644 index b4c29220..00000000 --- a/ext/installfiles/mac/ui/ZeroTierNode.jsx +++ /dev/null @@ -1,158 +0,0 @@ -var ZeroTierNode = React.createClass({ - getInitialState: function() { - return { - address: '----------', - online: false, - version: '_._._', - _networks: [], - _peers: [] - }; - }, - - ago: function(ms) { - if (ms > 0) { - var tmp = Math.round((Date.now() - ms) / 1000); - return ((tmp > 0) ? tmp : 0); - } else return 0; - }, - - updatePeers: function() { - Ajax.call({ - url: 'peer?auth='+this.props.authToken, - cache: false, - type: 'GET', - success: function(data) { - if (data) { - var pl = JSON.parse(data); - if (Array.isArray(pl)) { - this.setState({_peers: pl}); - } - } - }.bind(this), - error: function() { - }.bind(this) - }); - }, - updateNetworks: function() { - Ajax.call({ - url: 'network?auth='+this.props.authToken, - cache: false, - type: 'GET', - success: function(data) { - if (data) { - var nwl = JSON.parse(data); - if (Array.isArray(nwl)) { - this.setState({_networks: nwl}); - } - } - }.bind(this), - error: function() { - }.bind(this) - }); - }, - updateAll: function() { - Ajax.call({ - url: 'status?auth='+this.props.authToken, - cache: false, - type: 'GET', - success: function(data) { - this.alertedToFailure = false; - if (data) { - var status = JSON.parse(data); - this.setState(status); - document.title = 'ZeroTier One [' + status.address + ']'; - } - this.updateNetworks(); - this.updatePeers(); - }.bind(this), - error: function() { - this.setState(this.getInitialState()); - if (!this.alertedToFailure) { - this.alertedToFailure = true; - alert('Authorization token invalid or ZeroTier One service not running.'); - } - }.bind(this) - }); - }, - joinNetwork: function(event) { - event.preventDefault(); - if ((this.networkToJoin)&&(this.networkToJoin.length === 16)) { - Ajax.call({ - url: 'network/'+this.networkToJoin+'?auth='+this.props.authToken, - cache: false, - type: 'POST', - success: function(data) { - this.networkToJoin = ''; - if (this.networkInputElement) - this.networkInputElement.value = ''; - this.updateNetworks(); - }.bind(this), - error: function() { - }.bind(this) - }); - } else { - alert('To join a network, enter its 16-digit network ID.'); - } - }, - handleNetworkIdEntry: function(event) { - this.networkInputElement = event.target; - var nid = this.networkInputElement.value; - if (nid) { - nid = nid.toLowerCase(); - var nnid = ''; - for(var i=0;((i<nid.length)&&(i<16));++i) { - if ("0123456789abcdef".indexOf(nid.charAt(i)) >= 0) - nnid += nid.charAt(i); - } - this.networkToJoin = nnid; - this.networkInputElement.value = nnid; - } else { - this.networkToJoin = ''; - this.networkInputElement.value = ''; - } - }, - - handleNetworkDelete: function(nwid) { - var networks = []; - for(var i=0;i<this.state._networks.length;++i) { - if (this.state._networks[i].nwid !== nwid) - networks.push(this.state._networks[i]); - } - this.setState({_networks: networks}); - }, - - componentDidMount: function() { - this.updateAll(); - this.updateIntervalId = setInterval(this.updateAll,2500); - }, - componentWillUnmount: function() { - clearInterval(this.updateIntervalId); - }, - render: function() { - return ( - <div className="zeroTierNode"> - <div className="middle"><div className="middleCell"> - <div className="middleScroll"> - <div className="networks" key="_networks"> - { - this.state._networks.map(function(network) { - network['authToken'] = this.props.authToken; - network['onNetworkDeleted'] = this.handleNetworkDelete; - return React.createElement('div',{className: 'network',key: network.nwid},React.createElement(ZeroTierNetwork,network)); - }.bind(this)) - } - </div> - </div> - </div></div> - <div className="bottom"> - <div className="left"> - <span className="statusLine"><span className="zeroTierAddress">{this.state.address}</span> {this.state.online ? (this.state.tcpFallbackActive ? 'TUNNELED' : 'ONLINE') : 'OFFLINE'} {this.state.version}</span> - </div> - <div className="right"> - <form onSubmit={this.joinNetwork}><input type="text" maxlength="16" placeholder="[ Network ID ]" onChange={this.handleNetworkIdEntry} size="16"/><button type="button" onClick={this.joinNetwork}>Join</button></form> - </div> - </div> - </div> - ); - } -}); diff --git a/ext/installfiles/mac/ui/index.html b/ext/installfiles/mac/ui/index.html deleted file mode 100644 index 44edb399..00000000 --- a/ext/installfiles/mac/ui/index.html +++ /dev/null @@ -1,58 +0,0 @@ -<!DOCTYPE html>
-<html lang="en">
-<head>
- <meta http-equiv="X-UA-Compatible" content="IE=edge">
- <meta charset="utf-8">
- <meta name="viewport" content="width=device-width, initial-scale=1">
- <title>ZeroTier One</title>
- <link rel="stylesheet" href="zerotier.css">
- <script src="simpleajax.min.js"></script>
- <!-- <script src="https://fb.me/react-0.13.2.js"></script> -->
- <script src="react.min.js"></script>
- <script src="ztui.min.js"></script>
-</head>
-<body><div style="width: 100%; height: 100%;" id="main"></div></body>
-<script src="main.js"></script>
-<script>
-/* Windows hacks */
-function isIE() {
- var myNav = navigator.userAgent.toLowerCase();
- return (myNav.indexOf('msie') != -1) ? parseInt(myNav.split('msie')[1]) : false;
-}
-var ieVersion = isIE();
-function resizeMiddleScrollClasses() {
- var elems = document.getElementsByTagName('*'), i;
- for (i in elems) {
- if ((' ' + elems[i].className + ' ').indexOf(' middleScroll ') > -1) {
- elems[i].style.height = (document.body.clientHeight - (elems[i].parentNode.parentNode.previousElementSibling.clientHeight + elems[i].parentNode.parentNode.nextElementSibling.clientHeight)) + "px";
- }
- }
-}
-if (ieVersion !== false) {
- if (ieVersion < 7) {
- alert("Upgrade Internet Explorer on your system to use this interface. (detected version: " + ieVersion + ")");
- } else {
- resizeMiddleScrollClasses();
- window.onresize = resizeMiddleScrollClasses;
- }
-}
-
-/* MacGap hacks */
-if (typeof macgap !== 'undefined') {
- if (macgap.menu) {
- var tmp = macgap.menu.getItem("Help");
- if (tmp)
- tmp.remove();
- tmp = macgap.menu.getItem("Format");
- if (tmp)
- tmp.remove();
- tmp = macgap.menu.getItem("View");
- if (tmp)
- tmp.remove();
- tmp = macgap.menu.getItem("File");
- if (tmp)
- tmp.remove();
- }
-}
-</script>
-</html>
diff --git a/ext/installfiles/mac/ui/main.js b/ext/installfiles/mac/ui/main.js deleted file mode 100644 index a1647127..00000000 --- a/ext/installfiles/mac/ui/main.js +++ /dev/null @@ -1,51 +0,0 @@ -/* - * ZeroTier One - Network Virtualization Everywhere - * Copyright (C) 2011-2015 ZeroTier, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * - * -- - * - * ZeroTier may be used and distributed under the terms of the GPLv3, which - * are available at: http://www.gnu.org/licenses/gpl-3.0.html - * - * If you would like to embed ZeroTier into a commercial application or - * redistribute it in a modified binary form, please contact ZeroTier Networks - * LLC. Start here: http://www.zerotier.com/ - */ - -function getUrlParameter(parameter) -{ - var currLocation = window.location.search; - if (currLocation.indexOf('?') < 0) - return ''; - var parArr = currLocation.split("?")[1].split("&"); - for(var i = 0; i < parArr.length; i++){ - parr = parArr[i].split("="); - if (parr[0] == parameter) { - return decodeURIComponent(parr[1]); - } - } - return ''; -} - -var ztAuthToken = getUrlParameter('authToken'); -if ((!ztAuthToken)||(ztAuthToken.length <= 0)) { - ztAuthToken = prompt('No authToken specified in URL. Enter token from\nauthtoken.secret to authorize.'); -} - -React.render( - React.createElement(ZeroTierNode, {authToken: ztAuthToken}), - document.getElementById('main') -); diff --git a/ext/installfiles/mac/ui/react.min.js b/ext/installfiles/mac/ui/react.min.js deleted file mode 100644 index 9040c970..00000000 --- a/ext/installfiles/mac/ui/react.min.js +++ /dev/null @@ -1,15 +0,0 @@ -/** - * React v0.13.2 - * - * Copyright 2013-2015, Facebook, Inc. - * All rights reserved. - * - * This source code is licensed under the BSD-style license found in the - * LICENSE file in the root directory of this source tree. An additional grant - * of patent rights can be found in the PATENTS file in the same directory. - * - */ -!function(e){if("object"==typeof exports&&"undefined"!=typeof module)module.exports=e();else if("function"==typeof define&&define.amd)define([],e);else{var t;t="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:this,t.React=e()}}(function(){return function e(t,n,r){function o(a,u){if(!n[a]){if(!t[a]){var s="function"==typeof require&&require;if(!u&&s)return s(a,!0);if(i)return i(a,!0);var l=new Error("Cannot find module '"+a+"'");throw l.code="MODULE_NOT_FOUND",l}var c=n[a]={exports:{}};t[a][0].call(c.exports,function(e){var n=t[a][1][e];return o(n?n:e)},c,c.exports,e,t,n,r)}return n[a].exports}for(var i="function"==typeof require&&require,a=0;a<r.length;a++)o(r[a]);return o}({1:[function(e,t,n){"use strict";var r=e(19),o=e(32),i=e(34),a=e(33),u=e(38),s=e(39),l=e(55),c=(e(56),e(40)),p=e(51),d=e(54),f=e(64),h=e(68),m=e(73),v=e(76),g=e(79),y=e(82),C=e(27),E=e(115),b=e(142);d.inject();var _=l.createElement,x=l.createFactory,D=l.cloneElement,M=m.measure("React","render",h.render),N={Children:{map:o.map,forEach:o.forEach,count:o.count,only:b},Component:i,DOM:c,PropTypes:v,initializeTouchEvents:function(e){r.useTouchEvents=e},createClass:a.createClass,createElement:_,cloneElement:D,createFactory:x,createMixin:function(e){return e},constructAndRenderComponent:h.constructAndRenderComponent,constructAndRenderComponentByID:h.constructAndRenderComponentByID,findDOMNode:E,render:M,renderToString:y.renderToString,renderToStaticMarkup:y.renderToStaticMarkup,unmountComponentAtNode:h.unmountComponentAtNode,isValidElement:l.isValidElement,withContext:u.withContext,__spread:C};"undefined"!=typeof __REACT_DEVTOOLS_GLOBAL_HOOK__&&"function"==typeof __REACT_DEVTOOLS_GLOBAL_HOOK__.inject&&__REACT_DEVTOOLS_GLOBAL_HOOK__.inject({CurrentOwner:s,InstanceHandles:f,Mount:h,Reconciler:g,TextComponent:p});N.version="0.13.2",t.exports=N},{115:115,142:142,19:19,27:27,32:32,33:33,34:34,38:38,39:39,40:40,51:51,54:54,55:55,56:56,64:64,68:68,73:73,76:76,79:79,82:82}],2:[function(e,t,n){"use strict";var r=e(117),o={componentDidMount:function(){this.props.autoFocus&&r(this.getDOMNode())}};t.exports=o},{117:117}],3:[function(e,t,n){"use strict";function r(){var e=window.opera;return"object"==typeof e&&"function"==typeof e.version&&parseInt(e.version(),10)<=12}function o(e){return(e.ctrlKey||e.altKey||e.metaKey)&&!(e.ctrlKey&&e.altKey)}function i(e){switch(e){case T.topCompositionStart:return R.compositionStart;case T.topCompositionEnd:return R.compositionEnd;case T.topCompositionUpdate:return R.compositionUpdate}}function a(e,t){return e===T.topKeyDown&&t.keyCode===b}function u(e,t){switch(e){case T.topKeyUp:return-1!==E.indexOf(t.keyCode);case T.topKeyDown:return t.keyCode!==b;case T.topKeyPress:case T.topMouseDown:case T.topBlur:return!0;default:return!1}}function s(e){var t=e.detail;return"object"==typeof t&&"data"in t?t.data:null}function l(e,t,n,r){var o,l;if(_?o=i(e):w?u(e,r)&&(o=R.compositionEnd):a(e,r)&&(o=R.compositionStart),!o)return null;M&&(w||o!==R.compositionStart?o===R.compositionEnd&&w&&(l=w.getData()):w=v.getPooled(t));var c=g.getPooled(o,n,r);if(l)c.data=l;else{var p=s(r);null!==p&&(c.data=p)}return h.accumulateTwoPhaseDispatches(c),c}function c(e,t){switch(e){case T.topCompositionEnd:return s(t);case T.topKeyPress:var n=t.which;return n!==N?null:(P=!0,I);case T.topTextInput:var r=t.data;return r===I&&P?null:r;default:return null}}function p(e,t){if(w){if(e===T.topCompositionEnd||u(e,t)){var n=w.getData();return v.release(w),w=null,n}return null}switch(e){case T.topPaste:return null;case T.topKeyPress:return t.which&&!o(t)?String.fromCharCode(t.which):null;case T.topCompositionEnd:return M?null:t.data;default:return null}}function d(e,t,n,r){var o;if(o=D?c(e,r):p(e,r),!o)return null;var i=y.getPooled(R.beforeInput,n,r);return i.data=o,h.accumulateTwoPhaseDispatches(i),i}var f=e(15),h=e(20),m=e(21),v=e(22),g=e(91),y=e(95),C=e(139),E=[9,13,27,32],b=229,_=m.canUseDOM&&"CompositionEvent"in window,x=null;m.canUseDOM&&"documentMode"in document&&(x=document.documentMode);var D=m.canUseDOM&&"TextEvent"in window&&!x&&!r(),M=m.canUseDOM&&(!_||x&&x>8&&11>=x),N=32,I=String.fromCharCode(N),T=f.topLevelTypes,R={beforeInput:{phasedRegistrationNames:{bubbled:C({onBeforeInput:null}),captured:C({onBeforeInputCapture:null})},dependencies:[T.topCompositionEnd,T.topKeyPress,T.topTextInput,T.topPaste]},compositionEnd:{phasedRegistrationNames:{bubbled:C({onCompositionEnd:null}),captured:C({onCompositionEndCapture:null})},dependencies:[T.topBlur,T.topCompositionEnd,T.topKeyDown,T.topKeyPress,T.topKeyUp,T.topMouseDown]},compositionStart:{phasedRegistrationNames:{bubbled:C({onCompositionStart:null}),captured:C({onCompositionStartCapture:null})},dependencies:[T.topBlur,T.topCompositionStart,T.topKeyDown,T.topKeyPress,T.topKeyUp,T.topMouseDown]},compositionUpdate:{phasedRegistrationNames:{bubbled:C({onCompositionUpdate:null}),captured:C({onCompositionUpdateCapture:null})},dependencies:[T.topBlur,T.topCompositionUpdate,T.topKeyDown,T.topKeyPress,T.topKeyUp,T.topMouseDown]}},P=!1,w=null,O={eventTypes:R,extractEvents:function(e,t,n,r){return[l(e,t,n,r),d(e,t,n,r)]}};t.exports=O},{139:139,15:15,20:20,21:21,22:22,91:91,95:95}],4:[function(e,t,n){"use strict";function r(e,t){return e+t.charAt(0).toUpperCase()+t.substring(1)}var o={boxFlex:!0,boxFlexGroup:!0,columnCount:!0,flex:!0,flexGrow:!0,flexPositive:!0,flexShrink:!0,flexNegative:!0,fontWeight:!0,lineClamp:!0,lineHeight:!0,opacity:!0,order:!0,orphans:!0,widows:!0,zIndex:!0,zoom:!0,fillOpacity:!0,strokeDashoffset:!0,strokeOpacity:!0,strokeWidth:!0},i=["Webkit","ms","Moz","O"];Object.keys(o).forEach(function(e){i.forEach(function(t){o[r(t,e)]=o[e]})});var a={background:{backgroundImage:!0,backgroundPosition:!0,backgroundRepeat:!0,backgroundColor:!0},border:{borderWidth:!0,borderStyle:!0,borderColor:!0},borderBottom:{borderBottomWidth:!0,borderBottomStyle:!0,borderBottomColor:!0},borderLeft:{borderLeftWidth:!0,borderLeftStyle:!0,borderLeftColor:!0},borderRight:{borderRightWidth:!0,borderRightStyle:!0,borderRightColor:!0},borderTop:{borderTopWidth:!0,borderTopStyle:!0,borderTopColor:!0},font:{fontStyle:!0,fontVariant:!0,fontWeight:!0,fontSize:!0,lineHeight:!0,fontFamily:!0}},u={isUnitlessNumber:o,shorthandPropertyExpansions:a};t.exports=u},{}],5:[function(e,t,n){"use strict";var r=e(4),o=e(21),i=(e(106),e(111)),a=e(131),u=e(141),s=(e(150),u(function(e){return a(e)})),l="cssFloat";o.canUseDOM&&void 0===document.documentElement.style.cssFloat&&(l="styleFloat");var c={createMarkupForStyles:function(e){var t="";for(var n in e)if(e.hasOwnProperty(n)){var r=e[n];null!=r&&(t+=s(n)+":",t+=i(n,r)+";")}return t||null},setValueForStyles:function(e,t){var n=e.style;for(var o in t)if(t.hasOwnProperty(o)){var a=i(o,t[o]);if("float"===o&&(o=l),a)n[o]=a;else{var u=r.shorthandPropertyExpansions[o];if(u)for(var s in u)n[s]="";else n[o]=""}}}};t.exports=c},{106:106,111:111,131:131,141:141,150:150,21:21,4:4}],6:[function(e,t,n){"use strict";function r(){this._callbacks=null,this._contexts=null}var o=e(28),i=e(27),a=e(133);i(r.prototype,{enqueue:function(e,t){this._callbacks=this._callbacks||[],this._contexts=this._contexts||[],this._callbacks.push(e),this._contexts.push(t)},notifyAll:function(){var e=this._callbacks,t=this._contexts;if(e){a(e.length===t.length),this._callbacks=null,this._contexts=null;for(var n=0,r=e.length;r>n;n++)e[n].call(t[n]);e.length=0,t.length=0}},reset:function(){this._callbacks=null,this._contexts=null},destructor:function(){this.reset()}}),o.addPoolingTo(r),t.exports=r},{133:133,27:27,28:28}],7:[function(e,t,n){"use strict";function r(e){return"SELECT"===e.nodeName||"INPUT"===e.nodeName&&"file"===e.type}function o(e){var t=x.getPooled(T.change,P,e);E.accumulateTwoPhaseDispatches(t),_.batchedUpdates(i,t)}function i(e){C.enqueueEvents(e),C.processEventQueue()}function a(e,t){R=e,P=t,R.attachEvent("onchange",o)}function u(){R&&(R.detachEvent("onchange",o),R=null,P=null)}function s(e,t,n){return e===I.topChange?n:void 0}function l(e,t,n){e===I.topFocus?(u(),a(t,n)):e===I.topBlur&&u()}function c(e,t){R=e,P=t,w=e.value,O=Object.getOwnPropertyDescriptor(e.constructor.prototype,"value"),Object.defineProperty(R,"value",k),R.attachEvent("onpropertychange",d)}function p(){R&&(delete R.value,R.detachEvent("onpropertychange",d),R=null,P=null,w=null,O=null)}function d(e){if("value"===e.propertyName){var t=e.srcElement.value;t!==w&&(w=t,o(e))}}function f(e,t,n){return e===I.topInput?n:void 0}function h(e,t,n){e===I.topFocus?(p(),c(t,n)):e===I.topBlur&&p()}function m(e,t,n){return e!==I.topSelectionChange&&e!==I.topKeyUp&&e!==I.topKeyDown||!R||R.value===w?void 0:(w=R.value,P)}function v(e){return"INPUT"===e.nodeName&&("checkbox"===e.type||"radio"===e.type)}function g(e,t,n){return e===I.topClick?n:void 0}var y=e(15),C=e(17),E=e(20),b=e(21),_=e(85),x=e(93),D=e(134),M=e(136),N=e(139),I=y.topLevelTypes,T={change:{phasedRegistrationNames:{bubbled:N({onChange:null}),captured:N({onChangeCapture:null})},dependencies:[I.topBlur,I.topChange,I.topClick,I.topFocus,I.topInput,I.topKeyDown,I.topKeyUp,I.topSelectionChange]}},R=null,P=null,w=null,O=null,S=!1;b.canUseDOM&&(S=D("change")&&(!("documentMode"in document)||document.documentMode>8));var A=!1;b.canUseDOM&&(A=D("input")&&(!("documentMode"in document)||document.documentMode>9));var k={get:function(){return O.get.call(this)},set:function(e){w=""+e,O.set.call(this,e)}},L={eventTypes:T,extractEvents:function(e,t,n,o){var i,a;if(r(t)?S?i=s:a=l:M(t)?A?i=f:(i=m,a=h):v(t)&&(i=g),i){var u=i(e,t,n);if(u){var c=x.getPooled(T.change,u,o);return E.accumulateTwoPhaseDispatches(c),c}}a&&a(e,t,n)}};t.exports=L},{134:134,136:136,139:139,15:15,17:17,20:20,21:21,85:85,93:93}],8:[function(e,t,n){"use strict";var r=0,o={createReactRootIndex:function(){return r++}};t.exports=o},{}],9:[function(e,t,n){"use strict";function r(e,t,n){e.insertBefore(t,e.childNodes[n]||null)}var o=e(12),i=e(70),a=e(145),u=e(133),s={dangerouslyReplaceNodeWithMarkup:o.dangerouslyReplaceNodeWithMarkup,updateTextContent:a,processUpdates:function(e,t){for(var n,s=null,l=null,c=0;c<e.length;c++)if(n=e[c],n.type===i.MOVE_EXISTING||n.type===i.REMOVE_NODE){var p=n.fromIndex,d=n.parentNode.childNodes[p],f=n.parentID;u(d),s=s||{},s[f]=s[f]||[],s[f][p]=d,l=l||[],l.push(d)}var h=o.dangerouslyRenderMarkup(t);if(l)for(var m=0;m<l.length;m++)l[m].parentNode.removeChild(l[m]);for(var v=0;v<e.length;v++)switch(n=e[v],n.type){case i.INSERT_MARKUP:r(n.parentNode,h[n.markupIndex],n.toIndex);break;case i.MOVE_EXISTING:r(n.parentNode,s[n.parentID][n.fromIndex],n.toIndex);break;case i.TEXT_CONTENT:a(n.parentNode,n.textContent);break;case i.REMOVE_NODE:}}};t.exports=s},{12:12,133:133,145:145,70:70}],10:[function(e,t,n){"use strict";function r(e,t){return(e&t)===t}var o=e(133),i={MUST_USE_ATTRIBUTE:1,MUST_USE_PROPERTY:2,HAS_SIDE_EFFECTS:4,HAS_BOOLEAN_VALUE:8,HAS_NUMERIC_VALUE:16,HAS_POSITIVE_NUMERIC_VALUE:48,HAS_OVERLOADED_BOOLEAN_VALUE:64,injectDOMPropertyConfig:function(e){var t=e.Properties||{},n=e.DOMAttributeNames||{},a=e.DOMPropertyNames||{},s=e.DOMMutationMethods||{};e.isCustomAttribute&&u._isCustomAttributeFunctions.push(e.isCustomAttribute);for(var l in t){o(!u.isStandardName.hasOwnProperty(l)),u.isStandardName[l]=!0;var c=l.toLowerCase();if(u.getPossibleStandardName[c]=l,n.hasOwnProperty(l)){var p=n[l];u.getPossibleStandardName[p]=l,u.getAttributeName[l]=p}else u.getAttributeName[l]=c;u.getPropertyName[l]=a.hasOwnProperty(l)?a[l]:l,s.hasOwnProperty(l)?u.getMutationMethod[l]=s[l]:u.getMutationMethod[l]=null;var d=t[l];u.mustUseAttribute[l]=r(d,i.MUST_USE_ATTRIBUTE),u.mustUseProperty[l]=r(d,i.MUST_USE_PROPERTY),u.hasSideEffects[l]=r(d,i.HAS_SIDE_EFFECTS),u.hasBooleanValue[l]=r(d,i.HAS_BOOLEAN_VALUE),u.hasNumericValue[l]=r(d,i.HAS_NUMERIC_VALUE),u.hasPositiveNumericValue[l]=r(d,i.HAS_POSITIVE_NUMERIC_VALUE),u.hasOverloadedBooleanValue[l]=r(d,i.HAS_OVERLOADED_BOOLEAN_VALUE),o(!u.mustUseAttribute[l]||!u.mustUseProperty[l]),o(u.mustUseProperty[l]||!u.hasSideEffects[l]),o(!!u.hasBooleanValue[l]+!!u.hasNumericValue[l]+!!u.hasOverloadedBooleanValue[l]<=1)}}},a={},u={ID_ATTRIBUTE_NAME:"data-reactid",isStandardName:{},getPossibleStandardName:{},getAttributeName:{},getPropertyName:{},getMutationMethod:{},mustUseAttribute:{},mustUseProperty:{},hasSideEffects:{},hasBooleanValue:{},hasNumericValue:{},hasPositiveNumericValue:{},hasOverloadedBooleanValue:{},_isCustomAttributeFunctions:[],isCustomAttribute:function(e){for(var t=0;t<u._isCustomAttributeFunctions.length;t++){var n=u._isCustomAttributeFunctions[t];if(n(e))return!0}return!1},getDefaultValueForProperty:function(e,t){var n,r=a[e];return r||(a[e]=r={}),t in r||(n=document.createElement(e),r[t]=n[t]),r[t]},injection:i};t.exports=u},{133:133}],11:[function(e,t,n){"use strict";function r(e,t){return null==t||o.hasBooleanValue[e]&&!t||o.hasNumericValue[e]&&isNaN(t)||o.hasPositiveNumericValue[e]&&1>t||o.hasOverloadedBooleanValue[e]&&t===!1}var o=e(10),i=e(143),a=(e(150),{createMarkupForID:function(e){return o.ID_ATTRIBUTE_NAME+"="+i(e)},createMarkupForProperty:function(e,t){if(o.isStandardName.hasOwnProperty(e)&&o.isStandardName[e]){if(r(e,t))return"";var n=o.getAttributeName[e];return o.hasBooleanValue[e]||o.hasOverloadedBooleanValue[e]&&t===!0?n:n+"="+i(t)}return o.isCustomAttribute(e)?null==t?"":e+"="+i(t):null},setValueForProperty:function(e,t,n){if(o.isStandardName.hasOwnProperty(t)&&o.isStandardName[t]){var i=o.getMutationMethod[t];if(i)i(e,n);else if(r(t,n))this.deleteValueForProperty(e,t);else if(o.mustUseAttribute[t])e.setAttribute(o.getAttributeName[t],""+n);else{var a=o.getPropertyName[t];o.hasSideEffects[t]&&""+e[a]==""+n||(e[a]=n)}}else o.isCustomAttribute(t)&&(null==n?e.removeAttribute(t):e.setAttribute(t,""+n))},deleteValueForProperty:function(e,t){if(o.isStandardName.hasOwnProperty(t)&&o.isStandardName[t]){var n=o.getMutationMethod[t];if(n)n(e,void 0);else if(o.mustUseAttribute[t])e.removeAttribute(o.getAttributeName[t]);else{var r=o.getPropertyName[t],i=o.getDefaultValueForProperty(e.nodeName,r);o.hasSideEffects[t]&&""+e[r]===i||(e[r]=i)}}else o.isCustomAttribute(t)&&e.removeAttribute(t)}});t.exports=a},{10:10,143:143,150:150}],12:[function(e,t,n){"use strict";function r(e){return e.substring(1,e.indexOf(" "))}var o=e(21),i=e(110),a=e(112),u=e(125),s=e(133),l=/^(<[^ \/>]+)/,c="data-danger-index",p={dangerouslyRenderMarkup:function(e){s(o.canUseDOM);for(var t,n={},p=0;p<e.length;p++)s(e[p]),t=r(e[p]),t=u(t)?t:"*",n[t]=n[t]||[],n[t][p]=e[p];var d=[],f=0;for(t in n)if(n.hasOwnProperty(t)){var h,m=n[t];for(h in m)if(m.hasOwnProperty(h)){var v=m[h];m[h]=v.replace(l,"$1 "+c+'="'+h+'" ')}for(var g=i(m.join(""),a),y=0;y<g.length;++y){var C=g[y];C.hasAttribute&&C.hasAttribute(c)&&(h=+C.getAttribute(c),C.removeAttribute(c),s(!d.hasOwnProperty(h)),d[h]=C,f+=1)}}return s(f===d.length),s(d.length===e.length),d},dangerouslyReplaceNodeWithMarkup:function(e,t){s(o.canUseDOM),s(t),s("html"!==e.tagName.toLowerCase());var n=i(t,a)[0];e.parentNode.replaceChild(n,e)}};t.exports=p},{110:110,112:112,125:125,133:133,21:21}],13:[function(e,t,n){"use strict";var r=e(139),o=[r({ResponderEventPlugin:null}),r({SimpleEventPlugin:null}),r({TapEventPlugin:null}),r({EnterLeaveEventPlugin:null}),r({ChangeEventPlugin:null}),r({SelectEventPlugin:null}),r({BeforeInputEventPlugin:null}),r({AnalyticsEventPlugin:null}),r({MobileSafariClickEventPlugin:null})];t.exports=o},{139:139}],14:[function(e,t,n){"use strict";var r=e(15),o=e(20),i=e(97),a=e(68),u=e(139),s=r.topLevelTypes,l=a.getFirstReactDOM,c={mouseEnter:{registrationName:u({onMouseEnter:null}),dependencies:[s.topMouseOut,s.topMouseOver]},mouseLeave:{registrationName:u({onMouseLeave:null}),dependencies:[s.topMouseOut,s.topMouseOver]}},p=[null,null],d={eventTypes:c,extractEvents:function(e,t,n,r){if(e===s.topMouseOver&&(r.relatedTarget||r.fromElement))return null;if(e!==s.topMouseOut&&e!==s.topMouseOver)return null;var u;if(t.window===t)u=t;else{var d=t.ownerDocument;u=d?d.defaultView||d.parentWindow:window}var f,h;if(e===s.topMouseOut?(f=t,h=l(r.relatedTarget||r.toElement)||u):(f=u,h=t),f===h)return null;var m=f?a.getID(f):"",v=h?a.getID(h):"",g=i.getPooled(c.mouseLeave,m,r);g.type="mouseleave",g.target=f,g.relatedTarget=h;var y=i.getPooled(c.mouseEnter,v,r);return y.type="mouseenter",y.target=h,y.relatedTarget=f,o.accumulateEnterLeaveDispatches(g,y,m,v),p[0]=g,p[1]=y,p}};t.exports=d},{139:139,15:15,20:20,68:68,97:97}],15:[function(e,t,n){"use strict";var r=e(138),o=r({bubbled:null,captured:null}),i=r({topBlur:null,topChange:null,topClick:null,topCompositionEnd:null,topCompositionStart:null,topCompositionUpdate:null,topContextMenu:null,topCopy:null,topCut:null,topDoubleClick:null,topDrag:null,topDragEnd:null,topDragEnter:null,topDragExit:null,topDragLeave:null,topDragOver:null,topDragStart:null,topDrop:null,topError:null,topFocus:null,topInput:null,topKeyDown:null,topKeyPress:null,topKeyUp:null,topLoad:null,topMouseDown:null,topMouseMove:null,topMouseOut:null,topMouseOver:null,topMouseUp:null,topPaste:null,topReset:null,topScroll:null,topSelectionChange:null,topSubmit:null,topTextInput:null,topTouchCancel:null,topTouchEnd:null,topTouchMove:null,topTouchStart:null,topWheel:null}),a={topLevelTypes:i,PropagationPhases:o};t.exports=a},{138:138}],16:[function(e,t,n){var r=e(112),o={listen:function(e,t,n){return e.addEventListener?(e.addEventListener(t,n,!1),{remove:function(){e.removeEventListener(t,n,!1)}}):e.attachEvent?(e.attachEvent("on"+t,n),{remove:function(){e.detachEvent("on"+t,n)}}):void 0},capture:function(e,t,n){return e.addEventListener?(e.addEventListener(t,n,!0),{remove:function(){e.removeEventListener(t,n,!0)}}):{remove:r}},registerDefault:function(){}};t.exports=o},{112:112}],17:[function(e,t,n){"use strict";var r=e(18),o=e(19),i=e(103),a=e(118),u=e(133),s={},l=null,c=function(e){if(e){var t=o.executeDispatch,n=r.getPluginModuleForEvent(e);n&&n.executeDispatch&&(t=n.executeDispatch),o.executeDispatchesInOrder(e,t),e.isPersistent()||e.constructor.release(e)}},p=null,d={injection:{injectMount:o.injection.injectMount,injectInstanceHandle:function(e){p=e},getInstanceHandle:function(){return p},injectEventPluginOrder:r.injectEventPluginOrder,injectEventPluginsByName:r.injectEventPluginsByName},eventNameDispatchConfigs:r.eventNameDispatchConfigs,registrationNameModules:r.registrationNameModules,putListener:function(e,t,n){u(!n||"function"==typeof n);var r=s[t]||(s[t]={});r[e]=n},getListener:function(e,t){var n=s[t];return n&&n[e]},deleteListener:function(e,t){var n=s[t];n&&delete n[e]},deleteAllListeners:function(e){for(var t in s)delete s[t][e]},extractEvents:function(e,t,n,o){for(var a,u=r.plugins,s=0,l=u.length;l>s;s++){var c=u[s];if(c){var p=c.extractEvents(e,t,n,o);p&&(a=i(a,p))}}return a},enqueueEvents:function(e){e&&(l=i(l,e))},processEventQueue:function(){var e=l;l=null,a(e,c),u(!l)},__purge:function(){s={}},__getListenerBank:function(){return s}};t.exports=d},{103:103,118:118,133:133,18:18,19:19}],18:[function(e,t,n){"use strict";function r(){if(u)for(var e in s){var t=s[e],n=u.indexOf(e);if(a(n>-1),!l.plugins[n]){a(t.extractEvents),l.plugins[n]=t;var r=t.eventTypes;for(var i in r)a(o(r[i],t,i))}}}function o(e,t,n){a(!l.eventNameDispatchConfigs.hasOwnProperty(n)),l.eventNameDispatchConfigs[n]=e;var r=e.phasedRegistrationNames;if(r){for(var o in r)if(r.hasOwnProperty(o)){var u=r[o];i(u,t,n)}return!0}return e.registrationName?(i(e.registrationName,t,n),!0):!1}function i(e,t,n){a(!l.registrationNameModules[e]),l.registrationNameModules[e]=t,l.registrationNameDependencies[e]=t.eventTypes[n].dependencies}var a=e(133),u=null,s={},l={plugins:[],eventNameDispatchConfigs:{},registrationNameModules:{},registrationNameDependencies:{},injectEventPluginOrder:function(e){a(!u),u=Array.prototype.slice.call(e),r()},injectEventPluginsByName:function(e){var t=!1;for(var n in e)if(e.hasOwnProperty(n)){var o=e[n];s.hasOwnProperty(n)&&s[n]===o||(a(!s[n]),s[n]=o,t=!0)}t&&r()},getPluginModuleForEvent:function(e){var t=e.dispatchConfig;if(t.registrationName)return l.registrationNameModules[t.registrationName]||null;for(var n in t.phasedRegistrationNames)if(t.phasedRegistrationNames.hasOwnProperty(n)){var r=l.registrationNameModules[t.phasedRegistrationNames[n]];if(r)return r}return null},_resetEventPlugins:function(){u=null;for(var e in s)s.hasOwnProperty(e)&&delete s[e];l.plugins.length=0;var t=l.eventNameDispatchConfigs;for(var n in t)t.hasOwnProperty(n)&&delete t[n];var r=l.registrationNameModules;for(var o in r)r.hasOwnProperty(o)&&delete r[o]}};t.exports=l},{133:133}],19:[function(e,t,n){"use strict";function r(e){return e===v.topMouseUp||e===v.topTouchEnd||e===v.topTouchCancel}function o(e){return e===v.topMouseMove||e===v.topTouchMove}function i(e){return e===v.topMouseDown||e===v.topTouchStart}function a(e,t){var n=e._dispatchListeners,r=e._dispatchIDs;if(Array.isArray(n))for(var o=0;o<n.length&&!e.isPropagationStopped();o++)t(e,n[o],r[o]);else n&&t(e,n,r)}function u(e,t,n){e.currentTarget=m.Mount.getNode(n);var r=t(e,n);return e.currentTarget=null,r}function s(e,t){a(e,t),e._dispatchListeners=null,e._dispatchIDs=null}function l(e){var t=e._dispatchListeners,n=e._dispatchIDs;if(Array.isArray(t)){for(var r=0;r<t.length&&!e.isPropagationStopped();r++)if(t[r](e,n[r]))return n[r]}else if(t&&t(e,n))return n;return null}function c(e){var t=l(e);return e._dispatchIDs=null,e._dispatchListeners=null,t}function p(e){var t=e._dispatchListeners,n=e._dispatchIDs;h(!Array.isArray(t));var r=t?t(e,n):null;return e._dispatchListeners=null,e._dispatchIDs=null,r}function d(e){return!!e._dispatchListeners}var f=e(15),h=e(133),m={Mount:null,injectMount:function(e){m.Mount=e}},v=f.topLevelTypes,g={isEndish:r,isMoveish:o,isStartish:i,executeDirectDispatch:p,executeDispatch:u,executeDispatchesInOrder:s,executeDispatchesInOrderStopAtTrue:c,hasDispatches:d,injection:m,useTouchEvents:!1};t.exports=g},{133:133,15:15}],20:[function(e,t,n){"use strict";function r(e,t,n){var r=t.dispatchConfig.phasedRegistrationNames[n];return v(e,r)}function o(e,t,n){var o=t?m.bubbled:m.captured,i=r(e,n,o);i&&(n._dispatchListeners=f(n._dispatchListeners,i),n._dispatchIDs=f(n._dispatchIDs,e))}function i(e){e&&e.dispatchConfig.phasedRegistrationNames&&d.injection.getInstanceHandle().traverseTwoPhase(e.dispatchMarker,o,e)}function a(e,t,n){if(n&&n.dispatchConfig.registrationName){var r=n.dispatchConfig.registrationName,o=v(e,r);o&&(n._dispatchListeners=f(n._dispatchListeners,o),n._dispatchIDs=f(n._dispatchIDs,e))}}function u(e){e&&e.dispatchConfig.registrationName&&a(e.dispatchMarker,null,e)}function s(e){h(e,i)}function l(e,t,n,r){d.injection.getInstanceHandle().traverseEnterLeave(n,r,a,e,t)}function c(e){h(e,u)}var p=e(15),d=e(17),f=e(103),h=e(118),m=p.PropagationPhases,v=d.getListener,g={accumulateTwoPhaseDispatches:s,accumulateDirectDispatches:c,accumulateEnterLeaveDispatches:l};t.exports=g},{103:103,118:118,15:15,17:17}],21:[function(e,t,n){"use strict";var r=!("undefined"==typeof window||!window.document||!window.document.createElement),o={canUseDOM:r,canUseWorkers:"undefined"!=typeof Worker,canUseEventListeners:r&&!(!window.addEventListener&&!window.attachEvent),canUseViewport:r&&!!window.screen,isInWorker:!r};t.exports=o},{}],22:[function(e,t,n){"use strict";function r(e){this._root=e,this._startText=this.getText(),this._fallbackText=null}var o=e(28),i=e(27),a=e(128);i(r.prototype,{getText:function(){return"value"in this._root?this._root.value:this._root[a()]},getData:function(){if(this._fallbackText)return this._fallbackText;var e,t,n=this._startText,r=n.length,o=this.getText(),i=o.length;for(e=0;r>e&&n[e]===o[e];e++);var a=r-e;for(t=1;a>=t&&n[r-t]===o[i-t];t++);var u=t>1?1-t:void 0;return this._fallbackText=o.slice(e,u),this._fallbackText}}),o.addPoolingTo(r),t.exports=r},{128:128,27:27,28:28}],23:[function(e,t,n){"use strict";var r,o=e(10),i=e(21),a=o.injection.MUST_USE_ATTRIBUTE,u=o.injection.MUST_USE_PROPERTY,s=o.injection.HAS_BOOLEAN_VALUE,l=o.injection.HAS_SIDE_EFFECTS,c=o.injection.HAS_NUMERIC_VALUE,p=o.injection.HAS_POSITIVE_NUMERIC_VALUE,d=o.injection.HAS_OVERLOADED_BOOLEAN_VALUE;if(i.canUseDOM){var f=document.implementation;r=f&&f.hasFeature&&f.hasFeature("http://www.w3.org/TR/SVG11/feature#BasicStructure","1.1")}var h={isCustomAttribute:RegExp.prototype.test.bind(/^(data|aria)-[a-z_][a-z\d_.\-]*$/),Properties:{accept:null,acceptCharset:null,accessKey:null,action:null,allowFullScreen:a|s,allowTransparency:a,alt:null,async:s,autoComplete:null,autoPlay:s,cellPadding:null,cellSpacing:null,charSet:a,checked:u|s,classID:a,className:r?a:u,cols:a|p,colSpan:null,content:null,contentEditable:null,contextMenu:a,controls:u|s,coords:null,crossOrigin:null,data:null,dateTime:a,defer:s,dir:null,disabled:a|s,download:d,draggable:null,encType:null,form:a,formAction:a,formEncType:a,formMethod:a,formNoValidate:s,formTarget:a,frameBorder:a,headers:null,height:a,hidden:a|s,high:null,href:null,hrefLang:null,htmlFor:null,httpEquiv:null,icon:null,id:u,label:null,lang:null,list:a,loop:u|s,low:null,manifest:a,marginHeight:null,marginWidth:null,max:null,maxLength:a,media:a,mediaGroup:null,method:null,min:null,multiple:u|s,muted:u|s,name:null,noValidate:s,open:s,optimum:null,pattern:null,placeholder:null,poster:null,preload:null,radioGroup:null,readOnly:u|s,rel:null,required:s,role:a,rows:a|p,rowSpan:null,sandbox:null,scope:null,scoped:s,scrolling:null,seamless:a|s,selected:u|s,shape:null,size:a|p,sizes:a,span:p,spellCheck:null,src:null,srcDoc:u,srcSet:a,start:c,step:null,style:null,tabIndex:null,target:null,title:null,type:null,useMap:null,value:u|l,width:a,wmode:a,autoCapitalize:null,autoCorrect:null,itemProp:a,itemScope:a|s,itemType:a,itemID:a,itemRef:a,property:null,unselectable:a},DOMAttributeNames:{acceptCharset:"accept-charset",className:"class",htmlFor:"for",httpEquiv:"http-equiv"},DOMPropertyNames:{autoCapitalize:"autocapitalize",autoComplete:"autocomplete",autoCorrect:"autocorrect",autoFocus:"autofocus",autoPlay:"autoplay",encType:"encoding",hrefLang:"hreflang",radioGroup:"radiogroup",spellCheck:"spellcheck",srcDoc:"srcdoc",srcSet:"srcset"}};t.exports=h},{10:10,21:21}],24:[function(e,t,n){"use strict";function r(e){l(null==e.props.checkedLink||null==e.props.valueLink)}function o(e){r(e),l(null==e.props.value&&null==e.props.onChange)}function i(e){r(e),l(null==e.props.checked&&null==e.props.onChange)}function a(e){this.props.valueLink.requestChange(e.target.value)}function u(e){this.props.checkedLink.requestChange(e.target.checked)}var s=e(76),l=e(133),c={button:!0,checkbox:!0,image:!0,hidden:!0,radio:!0,reset:!0,submit:!0},p={Mixin:{propTypes:{value:function(e,t,n){return!e[t]||c[e.type]||e.onChange||e.readOnly||e.disabled?null:new Error("You provided a `value` prop to a form field without an `onChange` handler. This will render a read-only field. If the field should be mutable use `defaultValue`. Otherwise, set either `onChange` or `readOnly`.")},checked:function(e,t,n){return!e[t]||e.onChange||e.readOnly||e.disabled?null:new Error("You provided a `checked` prop to a form field without an `onChange` handler. This will render a read-only field. If the field should be mutable use `defaultChecked`. Otherwise, set either `onChange` or `readOnly`.")},onChange:s.func}},getValue:function(e){return e.props.valueLink?(o(e),e.props.valueLink.value):e.props.value},getChecked:function(e){return e.props.checkedLink?(i(e),e.props.checkedLink.value):e.props.checked},getOnChange:function(e){return e.props.valueLink?(o(e),a):e.props.checkedLink?(i(e),u):e.props.onChange}};t.exports=p},{133:133,76:76}],25:[function(e,t,n){"use strict";function r(e){e.remove()}var o=e(30),i=e(103),a=e(118),u=e(133),s={trapBubbledEvent:function(e,t){u(this.isMounted());var n=this.getDOMNode();u(n);var r=o.trapBubbledEvent(e,t,n);this._localEventListeners=i(this._localEventListeners,r)},componentWillUnmount:function(){this._localEventListeners&&a(this._localEventListeners,r)}};t.exports=s},{103:103,118:118,133:133,30:30}],26:[function(e,t,n){"use strict";var r=e(15),o=e(112),i=r.topLevelTypes,a={eventTypes:null,extractEvents:function(e,t,n,r){if(e===i.topTouchStart){var a=r.target;a&&!a.onclick&&(a.onclick=o)}}};t.exports=a},{112:112,15:15}],27:[function(e,t,n){"use strict";function r(e,t){if(null==e)throw new TypeError("Object.assign target cannot be null or undefined");for(var n=Object(e),r=Object.prototype.hasOwnProperty,o=1;o<arguments.length;o++){var i=arguments[o];if(null!=i){var a=Object(i);for(var u in a)r.call(a,u)&&(n[u]=a[u])}}return n}t.exports=r},{}],28:[function(e,t,n){"use strict";var r=e(133),o=function(e){var t=this;if(t.instancePool.length){var n=t.instancePool.pop();return t.call(n,e),n}return new t(e)},i=function(e,t){var n=this;if(n.instancePool.length){var r=n.instancePool.pop();return n.call(r,e,t),r}return new n(e,t)},a=function(e,t,n){var r=this;if(r.instancePool.length){var o=r.instancePool.pop();return r.call(o,e,t,n),o}return new r(e,t,n)},u=function(e,t,n,r,o){var i=this;if(i.instancePool.length){var a=i.instancePool.pop();return i.call(a,e,t,n,r,o),a}return new i(e,t,n,r,o)},s=function(e){var t=this;r(e instanceof t),e.destructor&&e.destructor(),t.instancePool.length<t.poolSize&&t.instancePool.push(e)},l=10,c=o,p=function(e,t){var n=e;return n.instancePool=[],n.getPooled=t||c,n.poolSize||(n.poolSize=l),n.release=s,n},d={addPoolingTo:p,oneArgumentPooler:o,twoArgumentPooler:i,threeArgumentPooler:a,fiveArgumentPooler:u};t.exports=d},{133:133}],29:[function(e,t,n){"use strict";var r=e(115),o={getDOMNode:function(){return r(this)}};t.exports=o},{115:115}],30:[function(e,t,n){"use strict";function r(e){return Object.prototype.hasOwnProperty.call(e,m)||(e[m]=f++,p[e[m]]={}),p[e[m]]}var o=e(15),i=e(17),a=e(18),u=e(59),s=e(102),l=e(27),c=e(134),p={},d=!1,f=0,h={topBlur:"blur",topChange:"change",topClick:"click",topCompositionEnd:"compositionend",topCompositionStart:"compositionstart",topCompositionUpdate:"compositionupdate",topContextMenu:"contextmenu",topCopy:"copy",topCut:"cut",topDoubleClick:"dblclick",topDrag:"drag",topDragEnd:"dragend",topDragEnter:"dragenter",topDragExit:"dragexit",topDragLeave:"dragleave",topDragOver:"dragover",topDragStart:"dragstart",topDrop:"drop",topFocus:"focus",topInput:"input",topKeyDown:"keydown",topKeyPress:"keypress",topKeyUp:"keyup",topMouseDown:"mousedown",topMouseMove:"mousemove",topMouseOut:"mouseout",topMouseOver:"mouseover",topMouseUp:"mouseup",topPaste:"paste",topScroll:"scroll",topSelectionChange:"selectionchange",topTextInput:"textInput",topTouchCancel:"touchcancel",topTouchEnd:"touchend",topTouchMove:"touchmove",topTouchStart:"touchstart",topWheel:"wheel"},m="_reactListenersID"+String(Math.random()).slice(2),v=l({},u,{ReactEventListener:null,injection:{injectReactEventListener:function(e){e.setHandleTopLevel(v.handleTopLevel),v.ReactEventListener=e}},setEnabled:function(e){v.ReactEventListener&&v.ReactEventListener.setEnabled(e)},isEnabled:function(){return!(!v.ReactEventListener||!v.ReactEventListener.isEnabled())},listenTo:function(e,t){for(var n=t,i=r(n),u=a.registrationNameDependencies[e],s=o.topLevelTypes,l=0,p=u.length;p>l;l++){var d=u[l];i.hasOwnProperty(d)&&i[d]||(d===s.topWheel?c("wheel")?v.ReactEventListener.trapBubbledEvent(s.topWheel,"wheel",n):c("mousewheel")?v.ReactEventListener.trapBubbledEvent(s.topWheel,"mousewheel",n):v.ReactEventListener.trapBubbledEvent(s.topWheel,"DOMMouseScroll",n):d===s.topScroll?c("scroll",!0)?v.ReactEventListener.trapCapturedEvent(s.topScroll,"scroll",n):v.ReactEventListener.trapBubbledEvent(s.topScroll,"scroll",v.ReactEventListener.WINDOW_HANDLE):d===s.topFocus||d===s.topBlur?(c("focus",!0)?(v.ReactEventListener.trapCapturedEvent(s.topFocus,"focus",n),v.ReactEventListener.trapCapturedEvent(s.topBlur,"blur",n)):c("focusin")&&(v.ReactEventListener.trapBubbledEvent(s.topFocus,"focusin",n),v.ReactEventListener.trapBubbledEvent(s.topBlur,"focusout",n)),i[s.topBlur]=!0,i[s.topFocus]=!0):h.hasOwnProperty(d)&&v.ReactEventListener.trapBubbledEvent(d,h[d],n),i[d]=!0)}},trapBubbledEvent:function(e,t,n){ -return v.ReactEventListener.trapBubbledEvent(e,t,n)},trapCapturedEvent:function(e,t,n){return v.ReactEventListener.trapCapturedEvent(e,t,n)},ensureScrollValueMonitoring:function(){if(!d){var e=s.refreshScrollValues;v.ReactEventListener.monitorScrollValue(e),d=!0}},eventNameDispatchConfigs:i.eventNameDispatchConfigs,registrationNameModules:i.registrationNameModules,putListener:i.putListener,getListener:i.getListener,deleteListener:i.deleteListener,deleteAllListeners:i.deleteAllListeners});t.exports=v},{102:102,134:134,15:15,17:17,18:18,27:27,59:59}],31:[function(e,t,n){"use strict";var r=e(79),o=e(116),i=e(132),a=e(147),u={instantiateChildren:function(e,t,n){var r=o(e);for(var a in r)if(r.hasOwnProperty(a)){var u=r[a],s=i(u,null);r[a]=s}return r},updateChildren:function(e,t,n,u){var s=o(t);if(!s&&!e)return null;var l;for(l in s)if(s.hasOwnProperty(l)){var c=e&&e[l],p=c&&c._currentElement,d=s[l];if(a(p,d))r.receiveComponent(c,d,n,u),s[l]=c;else{c&&r.unmountComponent(c,l);var f=i(d,null);s[l]=f}}for(l in e)!e.hasOwnProperty(l)||s&&s.hasOwnProperty(l)||r.unmountComponent(e[l]);return s},unmountChildren:function(e){for(var t in e){var n=e[t];r.unmountComponent(n)}}};t.exports=u},{116:116,132:132,147:147,79:79}],32:[function(e,t,n){"use strict";function r(e,t){this.forEachFunction=e,this.forEachContext=t}function o(e,t,n,r){var o=e;o.forEachFunction.call(o.forEachContext,t,r)}function i(e,t,n){if(null==e)return e;var i=r.getPooled(t,n);f(e,o,i),r.release(i)}function a(e,t,n){this.mapResult=e,this.mapFunction=t,this.mapContext=n}function u(e,t,n,r){var o=e,i=o.mapResult,a=!i.hasOwnProperty(n);if(a){var u=o.mapFunction.call(o.mapContext,t,r);i[n]=u}}function s(e,t,n){if(null==e)return e;var r={},o=a.getPooled(r,t,n);return f(e,u,o),a.release(o),d.create(r)}function l(e,t,n,r){return null}function c(e,t){return f(e,l,null)}var p=e(28),d=e(61),f=e(149),h=(e(150),p.twoArgumentPooler),m=p.threeArgumentPooler;p.addPoolingTo(r,h),p.addPoolingTo(a,m);var v={forEach:i,map:s,count:c};t.exports=v},{149:149,150:150,28:28,61:61}],33:[function(e,t,n){"use strict";function r(e,t){var n=D.hasOwnProperty(t)?D[t]:null;N.hasOwnProperty(t)&&y(n===_.OVERRIDE_BASE),e.hasOwnProperty(t)&&y(n===_.DEFINE_MANY||n===_.DEFINE_MANY_MERGED)}function o(e,t){if(t){y("function"!=typeof t),y(!d.isValidElement(t));var n=e.prototype;t.hasOwnProperty(b)&&M.mixins(e,t.mixins);for(var o in t)if(t.hasOwnProperty(o)&&o!==b){var i=t[o];if(r(n,o),M.hasOwnProperty(o))M[o](e,i);else{var a=D.hasOwnProperty(o),l=n.hasOwnProperty(o),c=i&&i.__reactDontBind,p="function"==typeof i,f=p&&!a&&!l&&!c;if(f)n.__reactAutoBindMap||(n.__reactAutoBindMap={}),n.__reactAutoBindMap[o]=i,n[o]=i;else if(l){var h=D[o];y(a&&(h===_.DEFINE_MANY_MERGED||h===_.DEFINE_MANY)),h===_.DEFINE_MANY_MERGED?n[o]=u(n[o],i):h===_.DEFINE_MANY&&(n[o]=s(n[o],i))}else n[o]=i}}}}function i(e,t){if(t)for(var n in t){var r=t[n];if(t.hasOwnProperty(n)){var o=n in M;y(!o);var i=n in e;y(!i),e[n]=r}}}function a(e,t){y(e&&t&&"object"==typeof e&&"object"==typeof t);for(var n in t)t.hasOwnProperty(n)&&(y(void 0===e[n]),e[n]=t[n]);return e}function u(e,t){return function(){var n=e.apply(this,arguments),r=t.apply(this,arguments);if(null==n)return r;if(null==r)return n;var o={};return a(o,n),a(o,r),o}}function s(e,t){return function(){e.apply(this,arguments),t.apply(this,arguments)}}function l(e,t){var n=t.bind(e);return n}function c(e){for(var t in e.__reactAutoBindMap)if(e.__reactAutoBindMap.hasOwnProperty(t)){var n=e.__reactAutoBindMap[t];e[t]=l(e,f.guard(n,e.constructor.displayName+"."+t))}}var p=e(34),d=(e(39),e(55)),f=e(58),h=e(65),m=e(66),v=(e(75),e(74),e(84)),g=e(27),y=e(133),C=e(138),E=e(139),b=(e(150),E({mixins:null})),_=C({DEFINE_ONCE:null,DEFINE_MANY:null,OVERRIDE_BASE:null,DEFINE_MANY_MERGED:null}),x=[],D={mixins:_.DEFINE_MANY,statics:_.DEFINE_MANY,propTypes:_.DEFINE_MANY,contextTypes:_.DEFINE_MANY,childContextTypes:_.DEFINE_MANY,getDefaultProps:_.DEFINE_MANY_MERGED,getInitialState:_.DEFINE_MANY_MERGED,getChildContext:_.DEFINE_MANY_MERGED,render:_.DEFINE_ONCE,componentWillMount:_.DEFINE_MANY,componentDidMount:_.DEFINE_MANY,componentWillReceiveProps:_.DEFINE_MANY,shouldComponentUpdate:_.DEFINE_ONCE,componentWillUpdate:_.DEFINE_MANY,componentDidUpdate:_.DEFINE_MANY,componentWillUnmount:_.DEFINE_MANY,updateComponent:_.OVERRIDE_BASE},M={displayName:function(e,t){e.displayName=t},mixins:function(e,t){if(t)for(var n=0;n<t.length;n++)o(e,t[n])},childContextTypes:function(e,t){e.childContextTypes=g({},e.childContextTypes,t)},contextTypes:function(e,t){e.contextTypes=g({},e.contextTypes,t)},getDefaultProps:function(e,t){e.getDefaultProps?e.getDefaultProps=u(e.getDefaultProps,t):e.getDefaultProps=t},propTypes:function(e,t){e.propTypes=g({},e.propTypes,t)},statics:function(e,t){i(e,t)}},N={replaceState:function(e,t){v.enqueueReplaceState(this,e),t&&v.enqueueCallback(this,t)},isMounted:function(){var e=h.get(this);return e&&e!==m.currentlyMountingInstance},setProps:function(e,t){v.enqueueSetProps(this,e),t&&v.enqueueCallback(this,t)},replaceProps:function(e,t){v.enqueueReplaceProps(this,e),t&&v.enqueueCallback(this,t)}},I=function(){};g(I.prototype,p.prototype,N);var T={createClass:function(e){var t=function(e,t){this.__reactAutoBindMap&&c(this),this.props=e,this.context=t,this.state=null;var n=this.getInitialState?this.getInitialState():null;y("object"==typeof n&&!Array.isArray(n)),this.state=n};t.prototype=new I,t.prototype.constructor=t,x.forEach(o.bind(null,t)),o(t,e),t.getDefaultProps&&(t.defaultProps=t.getDefaultProps()),y(t.prototype.render);for(var n in D)t.prototype[n]||(t.prototype[n]=null);return t.type=t,t},injection:{injectMixin:function(e){x.push(e)}}};t.exports=T},{133:133,138:138,139:139,150:150,27:27,34:34,39:39,55:55,58:58,65:65,66:66,74:74,75:75,84:84}],34:[function(e,t,n){"use strict";function r(e,t){this.props=e,this.context=t}{var o=e(84),i=e(133);e(150)}r.prototype.setState=function(e,t){i("object"==typeof e||"function"==typeof e||null==e),o.enqueueSetState(this,e),t&&o.enqueueCallback(this,t)},r.prototype.forceUpdate=function(e){o.enqueueForceUpdate(this),e&&o.enqueueCallback(this,e)};t.exports=r},{133:133,150:150,84:84}],35:[function(e,t,n){"use strict";var r=e(44),o=e(68),i={processChildrenUpdates:r.dangerouslyProcessChildrenUpdates,replaceNodeWithMarkupByID:r.dangerouslyReplaceNodeWithMarkupByID,unmountIDFromEnvironment:function(e){o.purgeID(e)}};t.exports=i},{44:44,68:68}],36:[function(e,t,n){"use strict";var r=e(133),o=!1,i={unmountIDFromEnvironment:null,replaceNodeWithMarkupByID:null,processChildrenUpdates:null,injection:{injectEnvironment:function(e){r(!o),i.unmountIDFromEnvironment=e.unmountIDFromEnvironment,i.replaceNodeWithMarkupByID=e.replaceNodeWithMarkupByID,i.processChildrenUpdates=e.processChildrenUpdates,o=!0}}};t.exports=i},{133:133}],37:[function(e,t,n){"use strict";function r(e){var t=e._currentElement._owner||null;if(t){var n=t.getName();if(n)return" Check the render method of `"+n+"`."}return""}var o=e(36),i=e(38),a=e(39),u=e(55),s=(e(56),e(65)),l=e(66),c=e(71),p=e(73),d=e(75),f=(e(74),e(79)),h=e(85),m=e(27),v=e(113),g=e(133),y=e(147),C=(e(150),1),E={construct:function(e){this._currentElement=e,this._rootNodeID=null,this._instance=null,this._pendingElement=null,this._pendingStateQueue=null,this._pendingReplaceState=!1,this._pendingForceUpdate=!1,this._renderedComponent=null,this._context=null,this._mountOrder=0,this._isTopLevel=!1,this._pendingCallbacks=null},mountComponent:function(e,t,n){this._context=n,this._mountOrder=C++,this._rootNodeID=e;var r=this._processProps(this._currentElement.props),o=this._processContext(this._currentElement._context),i=c.getComponentClassForElement(this._currentElement),a=new i(r,o);a.props=r,a.context=o,a.refs=v,this._instance=a,s.set(a,this);var u=a.state;void 0===u&&(a.state=u=null),g("object"==typeof u&&!Array.isArray(u)),this._pendingStateQueue=null,this._pendingReplaceState=!1,this._pendingForceUpdate=!1;var p,d=l.currentlyMountingInstance;l.currentlyMountingInstance=this;try{a.componentWillMount&&(a.componentWillMount(),this._pendingStateQueue&&(a.state=this._processPendingState(a.props,a.context))),p=this._renderValidatedComponent()}finally{l.currentlyMountingInstance=d}this._renderedComponent=this._instantiateReactComponent(p,this._currentElement.type);var h=f.mountComponent(this._renderedComponent,e,t,this._processChildContext(n));return a.componentDidMount&&t.getReactMountReady().enqueue(a.componentDidMount,a),h},unmountComponent:function(){var e=this._instance;if(e.componentWillUnmount){var t=l.currentlyUnmountingInstance;l.currentlyUnmountingInstance=this;try{e.componentWillUnmount()}finally{l.currentlyUnmountingInstance=t}}f.unmountComponent(this._renderedComponent),this._renderedComponent=null,this._pendingStateQueue=null,this._pendingReplaceState=!1,this._pendingForceUpdate=!1,this._pendingCallbacks=null,this._pendingElement=null,this._context=null,this._rootNodeID=null,s.remove(e)},_setPropsInternal:function(e,t){var n=this._pendingElement||this._currentElement;this._pendingElement=u.cloneAndReplaceProps(n,m({},n.props,e)),h.enqueueUpdate(this,t)},_maskContext:function(e){var t=null;if("string"==typeof this._currentElement.type)return v;var n=this._currentElement.type.contextTypes;if(!n)return v;t={};for(var r in n)t[r]=e[r];return t},_processContext:function(e){var t=this._maskContext(e);return t},_processChildContext:function(e){var t=this._instance,n=t.getChildContext&&t.getChildContext();if(n){g("object"==typeof t.constructor.childContextTypes);for(var r in n)g(r in t.constructor.childContextTypes);return m({},e,n)}return e},_processProps:function(e){return e},_checkPropTypes:function(e,t,n){var o=this.getName();for(var i in e)if(e.hasOwnProperty(i)){var a;try{g("function"==typeof e[i]),a=e[i](t,i,o,n)}catch(u){a=u}a instanceof Error&&(r(this),n===d.prop)}},receiveComponent:function(e,t,n){var r=this._currentElement,o=this._context;this._pendingElement=null,this.updateComponent(t,r,e,o,n)},performUpdateIfNecessary:function(e){null!=this._pendingElement&&f.receiveComponent(this,this._pendingElement||this._currentElement,e,this._context),(null!==this._pendingStateQueue||this._pendingForceUpdate)&&this.updateComponent(e,this._currentElement,this._currentElement,this._context,this._context)},_warnIfContextsDiffer:function(e,t){e=this._maskContext(e),t=this._maskContext(t);for(var n=Object.keys(t).sort(),r=(this.getName()||"ReactCompositeComponent",0);r<n.length;r++)n[r]},updateComponent:function(e,t,n,r,o){var i=this._instance,a=i.context,u=i.props;t!==n&&(a=this._processContext(n._context),u=this._processProps(n.props),i.componentWillReceiveProps&&i.componentWillReceiveProps(u,a));var s=this._processPendingState(u,a),l=this._pendingForceUpdate||!i.shouldComponentUpdate||i.shouldComponentUpdate(u,s,a);l?(this._pendingForceUpdate=!1,this._performComponentUpdate(n,u,s,a,e,o)):(this._currentElement=n,this._context=o,i.props=u,i.state=s,i.context=a)},_processPendingState:function(e,t){var n=this._instance,r=this._pendingStateQueue,o=this._pendingReplaceState;if(this._pendingReplaceState=!1,this._pendingStateQueue=null,!r)return n.state;for(var i=m({},o?r[0]:n.state),a=o?1:0;a<r.length;a++){var u=r[a];m(i,"function"==typeof u?u.call(n,i,e,t):u)}return i},_performComponentUpdate:function(e,t,n,r,o,i){var a=this._instance,u=a.props,s=a.state,l=a.context;a.componentWillUpdate&&a.componentWillUpdate(t,n,r),this._currentElement=e,this._context=i,a.props=t,a.state=n,a.context=r,this._updateRenderedComponent(o,i),a.componentDidUpdate&&o.getReactMountReady().enqueue(a.componentDidUpdate.bind(a,u,s,l),a)},_updateRenderedComponent:function(e,t){var n=this._renderedComponent,r=n._currentElement,o=this._renderValidatedComponent();if(y(r,o))f.receiveComponent(n,o,e,this._processChildContext(t));else{var i=this._rootNodeID,a=n._rootNodeID;f.unmountComponent(n),this._renderedComponent=this._instantiateReactComponent(o,this._currentElement.type);var u=f.mountComponent(this._renderedComponent,i,e,this._processChildContext(t));this._replaceNodeWithMarkupByID(a,u)}},_replaceNodeWithMarkupByID:function(e,t){o.replaceNodeWithMarkupByID(e,t)},_renderValidatedComponentWithoutOwnerOrContext:function(){var e=this._instance,t=e.render();return t},_renderValidatedComponent:function(){var e,t=i.current;i.current=this._processChildContext(this._currentElement._context),a.current=this;try{e=this._renderValidatedComponentWithoutOwnerOrContext()}finally{i.current=t,a.current=null}return g(null===e||e===!1||u.isValidElement(e)),e},attachRef:function(e,t){var n=this.getPublicInstance(),r=n.refs===v?n.refs={}:n.refs;r[e]=t.getPublicInstance()},detachRef:function(e){var t=this.getPublicInstance().refs;delete t[e]},getName:function(){var e=this._currentElement.type,t=this._instance&&this._instance.constructor;return e.displayName||t&&t.displayName||e.name||t&&t.name||null},getPublicInstance:function(){return this._instance},_instantiateReactComponent:null};p.measureMethods(E,"ReactCompositeComponent",{mountComponent:"mountComponent",updateComponent:"updateComponent",_renderValidatedComponent:"_renderValidatedComponent"});var b={Mixin:E};t.exports=b},{113:113,133:133,147:147,150:150,27:27,36:36,38:38,39:39,55:55,56:56,65:65,66:66,71:71,73:73,74:74,75:75,79:79,85:85}],38:[function(e,t,n){"use strict";var r=e(27),o=e(113),i=(e(150),{current:o,withContext:function(e,t){var n,o=i.current;i.current=r({},o,e);try{n=t()}finally{i.current=o}return n}});t.exports=i},{113:113,150:150,27:27}],39:[function(e,t,n){"use strict";var r={current:null};t.exports=r},{}],40:[function(e,t,n){"use strict";function r(e){return o.createFactory(e)}var o=e(55),i=(e(56),e(140)),a=i({a:"a",abbr:"abbr",address:"address",area:"area",article:"article",aside:"aside",audio:"audio",b:"b",base:"base",bdi:"bdi",bdo:"bdo",big:"big",blockquote:"blockquote",body:"body",br:"br",button:"button",canvas:"canvas",caption:"caption",cite:"cite",code:"code",col:"col",colgroup:"colgroup",data:"data",datalist:"datalist",dd:"dd",del:"del",details:"details",dfn:"dfn",dialog:"dialog",div:"div",dl:"dl",dt:"dt",em:"em",embed:"embed",fieldset:"fieldset",figcaption:"figcaption",figure:"figure",footer:"footer",form:"form",h1:"h1",h2:"h2",h3:"h3",h4:"h4",h5:"h5",h6:"h6",head:"head",header:"header",hr:"hr",html:"html",i:"i",iframe:"iframe",img:"img",input:"input",ins:"ins",kbd:"kbd",keygen:"keygen",label:"label",legend:"legend",li:"li",link:"link",main:"main",map:"map",mark:"mark",menu:"menu",menuitem:"menuitem",meta:"meta",meter:"meter",nav:"nav",noscript:"noscript",object:"object",ol:"ol",optgroup:"optgroup",option:"option",output:"output",p:"p",param:"param",picture:"picture",pre:"pre",progress:"progress",q:"q",rp:"rp",rt:"rt",ruby:"ruby",s:"s",samp:"samp",script:"script",section:"section",select:"select",small:"small",source:"source",span:"span",strong:"strong",style:"style",sub:"sub",summary:"summary",sup:"sup",table:"table",tbody:"tbody",td:"td",textarea:"textarea",tfoot:"tfoot",th:"th",thead:"thead",time:"time",title:"title",tr:"tr",track:"track",u:"u",ul:"ul","var":"var",video:"video",wbr:"wbr",circle:"circle",defs:"defs",ellipse:"ellipse",g:"g",line:"line",linearGradient:"linearGradient",mask:"mask",path:"path",pattern:"pattern",polygon:"polygon",polyline:"polyline",radialGradient:"radialGradient",rect:"rect",stop:"stop",svg:"svg",text:"text",tspan:"tspan"},r);t.exports=a},{140:140,55:55,56:56}],41:[function(e,t,n){"use strict";var r=e(2),o=e(29),i=e(33),a=e(55),u=e(138),s=a.createFactory("button"),l=u({onClick:!0,onDoubleClick:!0,onMouseDown:!0,onMouseMove:!0,onMouseUp:!0,onClickCapture:!0,onDoubleClickCapture:!0,onMouseDownCapture:!0,onMouseMoveCapture:!0,onMouseUpCapture:!0}),c=i.createClass({displayName:"ReactDOMButton",tagName:"BUTTON",mixins:[r,o],render:function(){var e={};for(var t in this.props)!this.props.hasOwnProperty(t)||this.props.disabled&&l[t]||(e[t]=this.props[t]);return s(e,this.props.children)}});t.exports=c},{138:138,2:2,29:29,33:33,55:55}],42:[function(e,t,n){"use strict";function r(e){e&&(null!=e.dangerouslySetInnerHTML&&(g(null==e.children),g(null!=e.dangerouslySetInnerHTML.__html)),g(null==e.style||"object"==typeof e.style))}function o(e,t,n,r){var o=d.findReactContainerForID(e);if(o){var i=o.nodeType===D?o.ownerDocument:o;E(t,i)}r.getPutListenerQueue().enqueuePutListener(e,t,n)}function i(e){R.call(T,e)||(g(I.test(e)),T[e]=!0)}function a(e){i(e),this._tag=e,this._renderedChildren=null,this._previousStyleCopy=null,this._rootNodeID=null}var u=e(5),s=e(10),l=e(11),c=e(30),p=e(35),d=e(68),f=e(69),h=e(73),m=e(27),v=e(114),g=e(133),y=(e(134),e(139)),C=(e(150),c.deleteListener),E=c.listenTo,b=c.registrationNameModules,_={string:!0,number:!0},x=y({style:null}),D=1,M=null,N={area:!0,base:!0,br:!0,col:!0,embed:!0,hr:!0,img:!0,input:!0,keygen:!0,link:!0,meta:!0,param:!0,source:!0,track:!0,wbr:!0},I=/^[a-zA-Z][a-zA-Z:_\.\-\d]*$/,T={},R={}.hasOwnProperty;a.displayName="ReactDOMComponent",a.Mixin={construct:function(e){this._currentElement=e},mountComponent:function(e,t,n){this._rootNodeID=e,r(this._currentElement.props);var o=N[this._tag]?"":"</"+this._tag+">";return this._createOpenTagMarkupAndPutListeners(t)+this._createContentMarkup(t,n)+o},_createOpenTagMarkupAndPutListeners:function(e){var t=this._currentElement.props,n="<"+this._tag;for(var r in t)if(t.hasOwnProperty(r)){var i=t[r];if(null!=i)if(b.hasOwnProperty(r))o(this._rootNodeID,r,i,e);else{r===x&&(i&&(i=this._previousStyleCopy=m({},t.style)),i=u.createMarkupForStyles(i));var a=l.createMarkupForProperty(r,i);a&&(n+=" "+a)}}if(e.renderToStaticMarkup)return n+">";var s=l.createMarkupForID(this._rootNodeID);return n+" "+s+">"},_createContentMarkup:function(e,t){var n="";("listing"===this._tag||"pre"===this._tag||"textarea"===this._tag)&&(n="\n");var r=this._currentElement.props,o=r.dangerouslySetInnerHTML;if(null!=o){if(null!=o.__html)return n+o.__html}else{var i=_[typeof r.children]?r.children:null,a=null!=i?null:r.children;if(null!=i)return n+v(i);if(null!=a){var u=this.mountChildren(a,e,t);return n+u.join("")}}return n},receiveComponent:function(e,t,n){var r=this._currentElement;this._currentElement=e,this.updateComponent(t,r,e,n)},updateComponent:function(e,t,n,o){r(this._currentElement.props),this._updateDOMProperties(t.props,e),this._updateDOMChildren(t.props,e,o)},_updateDOMProperties:function(e,t){var n,r,i,a=this._currentElement.props;for(n in e)if(!a.hasOwnProperty(n)&&e.hasOwnProperty(n))if(n===x){var u=this._previousStyleCopy;for(r in u)u.hasOwnProperty(r)&&(i=i||{},i[r]="");this._previousStyleCopy=null}else b.hasOwnProperty(n)?C(this._rootNodeID,n):(s.isStandardName[n]||s.isCustomAttribute(n))&&M.deletePropertyByID(this._rootNodeID,n);for(n in a){var l=a[n],c=n===x?this._previousStyleCopy:e[n];if(a.hasOwnProperty(n)&&l!==c)if(n===x)if(l?l=this._previousStyleCopy=m({},l):this._previousStyleCopy=null,c){for(r in c)!c.hasOwnProperty(r)||l&&l.hasOwnProperty(r)||(i=i||{},i[r]="");for(r in l)l.hasOwnProperty(r)&&c[r]!==l[r]&&(i=i||{},i[r]=l[r])}else i=l;else b.hasOwnProperty(n)?o(this._rootNodeID,n,l,t):(s.isStandardName[n]||s.isCustomAttribute(n))&&M.updatePropertyByID(this._rootNodeID,n,l)}i&&M.updateStylesByID(this._rootNodeID,i)},_updateDOMChildren:function(e,t,n){var r=this._currentElement.props,o=_[typeof e.children]?e.children:null,i=_[typeof r.children]?r.children:null,a=e.dangerouslySetInnerHTML&&e.dangerouslySetInnerHTML.__html,u=r.dangerouslySetInnerHTML&&r.dangerouslySetInnerHTML.__html,s=null!=o?null:e.children,l=null!=i?null:r.children,c=null!=o||null!=a,p=null!=i||null!=u;null!=s&&null==l?this.updateChildren(null,t,n):c&&!p&&this.updateTextContent(""),null!=i?o!==i&&this.updateTextContent(""+i):null!=u?a!==u&&M.updateInnerHTMLByID(this._rootNodeID,u):null!=l&&this.updateChildren(l,t,n)},unmountComponent:function(){this.unmountChildren(),c.deleteAllListeners(this._rootNodeID),p.unmountIDFromEnvironment(this._rootNodeID),this._rootNodeID=null}},h.measureMethods(a,"ReactDOMComponent",{mountComponent:"mountComponent",updateComponent:"updateComponent"}),m(a.prototype,a.Mixin,f.Mixin),a.injection={injectIDOperations:function(e){a.BackendIDOperations=M=e}},t.exports=a},{10:10,11:11,114:114,133:133,134:134,139:139,150:150,27:27,30:30,35:35,5:5,68:68,69:69,73:73}],43:[function(e,t,n){"use strict";var r=e(15),o=e(25),i=e(29),a=e(33),u=e(55),s=u.createFactory("form"),l=a.createClass({displayName:"ReactDOMForm",tagName:"FORM",mixins:[i,o],render:function(){return s(this.props)},componentDidMount:function(){this.trapBubbledEvent(r.topLevelTypes.topReset,"reset"),this.trapBubbledEvent(r.topLevelTypes.topSubmit,"submit")}});t.exports=l},{15:15,25:25,29:29,33:33,55:55}],44:[function(e,t,n){"use strict";var r=e(5),o=e(9),i=e(11),a=e(68),u=e(73),s=e(133),l=e(144),c={dangerouslySetInnerHTML:"`dangerouslySetInnerHTML` must be set using `updateInnerHTMLByID()`.",style:"`style` must be set using `updateStylesByID()`."},p={updatePropertyByID:function(e,t,n){var r=a.getNode(e);s(!c.hasOwnProperty(t)),null!=n?i.setValueForProperty(r,t,n):i.deleteValueForProperty(r,t)},deletePropertyByID:function(e,t,n){var r=a.getNode(e);s(!c.hasOwnProperty(t)),i.deleteValueForProperty(r,t,n)},updateStylesByID:function(e,t){var n=a.getNode(e);r.setValueForStyles(n,t)},updateInnerHTMLByID:function(e,t){var n=a.getNode(e);l(n,t)},updateTextContentByID:function(e,t){var n=a.getNode(e);o.updateTextContent(n,t)},dangerouslyReplaceNodeWithMarkupByID:function(e,t){var n=a.getNode(e);o.dangerouslyReplaceNodeWithMarkup(n,t)},dangerouslyProcessChildrenUpdates:function(e,t){for(var n=0;n<e.length;n++)e[n].parentNode=a.getNode(e[n].parentID);o.processUpdates(e,t)}};u.measureMethods(p,"ReactDOMIDOperations",{updatePropertyByID:"updatePropertyByID",deletePropertyByID:"deletePropertyByID",updateStylesByID:"updateStylesByID",updateInnerHTMLByID:"updateInnerHTMLByID",updateTextContentByID:"updateTextContentByID",dangerouslyReplaceNodeWithMarkupByID:"dangerouslyReplaceNodeWithMarkupByID",dangerouslyProcessChildrenUpdates:"dangerouslyProcessChildrenUpdates"}),t.exports=p},{11:11,133:133,144:144,5:5,68:68,73:73,9:9}],45:[function(e,t,n){"use strict";var r=e(15),o=e(25),i=e(29),a=e(33),u=e(55),s=u.createFactory("iframe"),l=a.createClass({displayName:"ReactDOMIframe",tagName:"IFRAME",mixins:[i,o],render:function(){return s(this.props)},componentDidMount:function(){this.trapBubbledEvent(r.topLevelTypes.topLoad,"load")}});t.exports=l},{15:15,25:25,29:29,33:33,55:55}],46:[function(e,t,n){"use strict";var r=e(15),o=e(25),i=e(29),a=e(33),u=e(55),s=u.createFactory("img"),l=a.createClass({displayName:"ReactDOMImg",tagName:"IMG",mixins:[i,o],render:function(){return s(this.props)},componentDidMount:function(){this.trapBubbledEvent(r.topLevelTypes.topLoad,"load"),this.trapBubbledEvent(r.topLevelTypes.topError,"error")}});t.exports=l},{15:15,25:25,29:29,33:33,55:55}],47:[function(e,t,n){"use strict";function r(){this.isMounted()&&this.forceUpdate()}var o=e(2),i=e(11),a=e(24),u=e(29),s=e(33),l=e(55),c=e(68),p=e(85),d=e(27),f=e(133),h=l.createFactory("input"),m={},v=s.createClass({displayName:"ReactDOMInput",tagName:"INPUT",mixins:[o,a.Mixin,u],getInitialState:function(){var e=this.props.defaultValue;return{initialChecked:this.props.defaultChecked||!1,initialValue:null!=e?e:null}},render:function(){var e=d({},this.props);e.defaultChecked=null,e.defaultValue=null;var t=a.getValue(this);e.value=null!=t?t:this.state.initialValue;var n=a.getChecked(this);return e.checked=null!=n?n:this.state.initialChecked,e.onChange=this._handleChange,h(e,this.props.children)},componentDidMount:function(){var e=c.getID(this.getDOMNode());m[e]=this},componentWillUnmount:function(){var e=this.getDOMNode(),t=c.getID(e);delete m[t]},componentDidUpdate:function(e,t,n){var r=this.getDOMNode();null!=this.props.checked&&i.setValueForProperty(r,"checked",this.props.checked||!1);var o=a.getValue(this);null!=o&&i.setValueForProperty(r,"value",""+o)},_handleChange:function(e){var t,n=a.getOnChange(this);n&&(t=n.call(this,e)),p.asap(r,this);var o=this.props.name;if("radio"===this.props.type&&null!=o){for(var i=this.getDOMNode(),u=i;u.parentNode;)u=u.parentNode;for(var s=u.querySelectorAll("input[name="+JSON.stringify(""+o)+'][type="radio"]'),l=0,d=s.length;d>l;l++){var h=s[l];if(h!==i&&h.form===i.form){var v=c.getID(h);f(v);var g=m[v];f(g),p.asap(r,g)}}}return t}});t.exports=v},{11:11,133:133,2:2,24:24,27:27,29:29,33:33,55:55,68:68,85:85}],48:[function(e,t,n){"use strict";var r=e(29),o=e(33),i=e(55),a=(e(150),i.createFactory("option")),u=o.createClass({displayName:"ReactDOMOption",tagName:"OPTION",mixins:[r],componentWillMount:function(){},render:function(){return a(this.props,this.props.children)}});t.exports=u},{150:150,29:29,33:33,55:55}],49:[function(e,t,n){"use strict";function r(){if(this._pendingUpdate){this._pendingUpdate=!1;var e=u.getValue(this);null!=e&&this.isMounted()&&i(this,e)}}function o(e,t,n){if(null==e[t])return null;if(e.multiple){if(!Array.isArray(e[t]))return new Error("The `"+t+"` prop supplied to <select> must be an array if `multiple` is true.")}else if(Array.isArray(e[t]))return new Error("The `"+t+"` prop supplied to <select> must be a scalar value if `multiple` is false.")}function i(e,t){var n,r,o,i=e.getDOMNode().options;if(e.props.multiple){for(n={},r=0,o=t.length;o>r;r++)n[""+t[r]]=!0;for(r=0,o=i.length;o>r;r++){var a=n.hasOwnProperty(i[r].value);i[r].selected!==a&&(i[r].selected=a)}}else{for(n=""+t,r=0,o=i.length;o>r;r++)if(i[r].value===n)return void(i[r].selected=!0);i.length&&(i[0].selected=!0)}}var a=e(2),u=e(24),s=e(29),l=e(33),c=e(55),p=e(85),d=e(27),f=c.createFactory("select"),h=l.createClass({displayName:"ReactDOMSelect",tagName:"SELECT",mixins:[a,u.Mixin,s],propTypes:{defaultValue:o,value:o},render:function(){var e=d({},this.props);return e.onChange=this._handleChange,e.value=null,f(e,this.props.children)},componentWillMount:function(){this._pendingUpdate=!1},componentDidMount:function(){var e=u.getValue(this);null!=e?i(this,e):null!=this.props.defaultValue&&i(this,this.props.defaultValue)},componentDidUpdate:function(e){var t=u.getValue(this);null!=t?(this._pendingUpdate=!1,i(this,t)):!e.multiple!=!this.props.multiple&&(null!=this.props.defaultValue?i(this,this.props.defaultValue):i(this,this.props.multiple?[]:""))},_handleChange:function(e){var t,n=u.getOnChange(this);return n&&(t=n.call(this,e)),this._pendingUpdate=!0,p.asap(r,this),t}});t.exports=h},{2:2,24:24,27:27,29:29,33:33,55:55,85:85}],50:[function(e,t,n){"use strict";function r(e,t,n,r){return e===n&&t===r}function o(e){var t=document.selection,n=t.createRange(),r=n.text.length,o=n.duplicate();o.moveToElementText(e),o.setEndPoint("EndToStart",n);var i=o.text.length,a=i+r;return{start:i,end:a}}function i(e){var t=window.getSelection&&window.getSelection();if(!t||0===t.rangeCount)return null;var n=t.anchorNode,o=t.anchorOffset,i=t.focusNode,a=t.focusOffset,u=t.getRangeAt(0),s=r(t.anchorNode,t.anchorOffset,t.focusNode,t.focusOffset),l=s?0:u.toString().length,c=u.cloneRange();c.selectNodeContents(e),c.setEnd(u.startContainer,u.startOffset);var p=r(c.startContainer,c.startOffset,c.endContainer,c.endOffset),d=p?0:c.toString().length,f=d+l,h=document.createRange();h.setStart(n,o),h.setEnd(i,a);var m=h.collapsed;return{start:m?f:d,end:m?d:f}}function a(e,t){var n,r,o=document.selection.createRange().duplicate();"undefined"==typeof t.end?(n=t.start,r=n):t.start>t.end?(n=t.end,r=t.start):(n=t.start,r=t.end),o.moveToElementText(e),o.moveStart("character",n),o.setEndPoint("EndToStart",o),o.moveEnd("character",r-n),o.select()}function u(e,t){if(window.getSelection){var n=window.getSelection(),r=e[c()].length,o=Math.min(t.start,r),i="undefined"==typeof t.end?o:Math.min(t.end,r);if(!n.extend&&o>i){var a=i;i=o,o=a}var u=l(e,o),s=l(e,i);if(u&&s){var p=document.createRange();p.setStart(u.node,u.offset),n.removeAllRanges(),o>i?(n.addRange(p),n.extend(s.node,s.offset)):(p.setEnd(s.node,s.offset),n.addRange(p))}}}var s=e(21),l=e(126),c=e(128),p=s.canUseDOM&&"selection"in document&&!("getSelection"in window),d={getOffsets:p?o:i,setOffsets:p?a:u};t.exports=d},{126:126,128:128,21:21}],51:[function(e,t,n){"use strict";var r=e(11),o=e(35),i=e(42),a=e(27),u=e(114),s=function(e){};a(s.prototype,{construct:function(e){this._currentElement=e,this._stringText=""+e,this._rootNodeID=null,this._mountIndex=0},mountComponent:function(e,t,n){this._rootNodeID=e;var o=u(this._stringText);return t.renderToStaticMarkup?o:"<span "+r.createMarkupForID(e)+">"+o+"</span>"},receiveComponent:function(e,t){if(e!==this._currentElement){this._currentElement=e;var n=""+e;n!==this._stringText&&(this._stringText=n,i.BackendIDOperations.updateTextContentByID(this._rootNodeID,n))}},unmountComponent:function(){o.unmountIDFromEnvironment(this._rootNodeID)}}),t.exports=s},{11:11,114:114,27:27,35:35,42:42}],52:[function(e,t,n){"use strict";function r(){this.isMounted()&&this.forceUpdate()}var o=e(2),i=e(11),a=e(24),u=e(29),s=e(33),l=e(55),c=e(85),p=e(27),d=e(133),f=(e(150),l.createFactory("textarea")),h=s.createClass({displayName:"ReactDOMTextarea",tagName:"TEXTAREA",mixins:[o,a.Mixin,u],getInitialState:function(){var e=this.props.defaultValue,t=this.props.children;null!=t&&(d(null==e),Array.isArray(t)&&(d(t.length<=1),t=t[0]),e=""+t),null==e&&(e="");var n=a.getValue(this);return{initialValue:""+(null!=n?n:e)}},render:function(){var e=p({},this.props);return d(null==e.dangerouslySetInnerHTML),e.defaultValue=null,e.value=null,e.onChange=this._handleChange,f(e,this.state.initialValue)},componentDidUpdate:function(e,t,n){var r=a.getValue(this);if(null!=r){var o=this.getDOMNode();i.setValueForProperty(o,"value",""+r)}},_handleChange:function(e){var t,n=a.getOnChange(this);return n&&(t=n.call(this,e)),c.asap(r,this),t}});t.exports=h},{11:11,133:133,150:150,2:2,24:24,27:27,29:29,33:33,55:55,85:85}],53:[function(e,t,n){"use strict";function r(){this.reinitializeTransaction()}var o=e(85),i=e(101),a=e(27),u=e(112),s={initialize:u,close:function(){d.isBatchingUpdates=!1}},l={initialize:u,close:o.flushBatchedUpdates.bind(o)},c=[l,s];a(r.prototype,i.Mixin,{getTransactionWrappers:function(){return c}});var p=new r,d={isBatchingUpdates:!1,batchedUpdates:function(e,t,n,r,o){var i=d.isBatchingUpdates;d.isBatchingUpdates=!0,i?e(t,n,r,o):p.perform(e,null,t,n,r,o)}};t.exports=d},{101:101,112:112,27:27,85:85}],54:[function(e,t,n){"use strict";function r(e){return h.createClass({tagName:e.toUpperCase(),render:function(){return new T(e,null,null,null,null,this.props)}})}function o(){P.EventEmitter.injectReactEventListener(R),P.EventPluginHub.injectEventPluginOrder(s),P.EventPluginHub.injectInstanceHandle(w),P.EventPluginHub.injectMount(O),P.EventPluginHub.injectEventPluginsByName({SimpleEventPlugin:L,EnterLeaveEventPlugin:l,ChangeEventPlugin:a,MobileSafariClickEventPlugin:d,SelectEventPlugin:A,BeforeInputEventPlugin:i}),P.NativeComponent.injectGenericComponentClass(g),P.NativeComponent.injectTextComponentClass(I),P.NativeComponent.injectAutoWrapper(r),P.Class.injectMixin(f),P.NativeComponent.injectComponentClasses({button:y,form:C,iframe:_,img:E,input:x,option:D,select:M,textarea:N,html:F("html"),head:F("head"),body:F("body")}),P.DOMProperty.injectDOMPropertyConfig(p),P.DOMProperty.injectDOMPropertyConfig(U),P.EmptyComponent.injectEmptyComponent("noscript"),P.Updates.injectReconcileTransaction(S),P.Updates.injectBatchingStrategy(v),P.RootIndex.injectCreateReactRootIndex(c.canUseDOM?u.createReactRootIndex:k.createReactRootIndex),P.Component.injectEnvironment(m),P.DOMComponent.injectIDOperations(b)}var i=e(3),a=e(7),u=e(8),s=e(13),l=e(14),c=e(21),p=e(23),d=e(26),f=e(29),h=e(33),m=e(35),v=e(53),g=e(42),y=e(41),C=e(43),E=e(46),b=e(44),_=e(45),x=e(47),D=e(48),M=e(49),N=e(52),I=e(51),T=e(55),R=e(60),P=e(62),w=e(64),O=e(68),S=e(78),A=e(87),k=e(88),L=e(89),U=e(86),F=e(109);t.exports={inject:o}},{109:109,13:13,14:14,21:21,23:23,26:26,29:29,3:3,33:33,35:35,41:41,42:42,43:43,44:44,45:45,46:46,47:47,48:48,49:49,51:51,52:52,53:53,55:55,60:60,62:62,64:64,68:68,7:7,78:78,8:8,86:86,87:87,88:88, -89:89}],55:[function(e,t,n){"use strict";var r=e(38),o=e(39),i=e(27),a=(e(150),{key:!0,ref:!0}),u=function(e,t,n,r,o,i){this.type=e,this.key=t,this.ref=n,this._owner=r,this._context=o,this.props=i};u.prototype={_isReactElement:!0},u.createElement=function(e,t,n){var i,s={},l=null,c=null;if(null!=t){c=void 0===t.ref?null:t.ref,l=void 0===t.key?null:""+t.key;for(i in t)t.hasOwnProperty(i)&&!a.hasOwnProperty(i)&&(s[i]=t[i])}var p=arguments.length-2;if(1===p)s.children=n;else if(p>1){for(var d=Array(p),f=0;p>f;f++)d[f]=arguments[f+2];s.children=d}if(e&&e.defaultProps){var h=e.defaultProps;for(i in h)"undefined"==typeof s[i]&&(s[i]=h[i])}return new u(e,l,c,o.current,r.current,s)},u.createFactory=function(e){var t=u.createElement.bind(null,e);return t.type=e,t},u.cloneAndReplaceProps=function(e,t){var n=new u(e.type,e.key,e.ref,e._owner,e._context,t);return n},u.cloneElement=function(e,t,n){var r,s=i({},e.props),l=e.key,c=e.ref,p=e._owner;if(null!=t){void 0!==t.ref&&(c=t.ref,p=o.current),void 0!==t.key&&(l=""+t.key);for(r in t)t.hasOwnProperty(r)&&!a.hasOwnProperty(r)&&(s[r]=t[r])}var d=arguments.length-2;if(1===d)s.children=n;else if(d>1){for(var f=Array(d),h=0;d>h;h++)f[h]=arguments[h+2];s.children=f}return new u(e.type,l,c,p,e._context,s)},u.isValidElement=function(e){var t=!(!e||!e._isReactElement);return t},t.exports=u},{150:150,27:27,38:38,39:39}],56:[function(e,t,n){"use strict";function r(){if(y.current){var e=y.current.getName();if(e)return" Check the render method of `"+e+"`."}return""}function o(e){var t=e&&e.getPublicInstance();if(!t)return void 0;var n=t.constructor;return n?n.displayName||n.name||void 0:void 0}function i(){var e=y.current;return e&&o(e)||void 0}function a(e,t){e._store.validated||null!=e.key||(e._store.validated=!0,s('Each child in an array or iterator should have a unique "key" prop.',e,t))}function u(e,t,n){D.test(e)&&s("Child objects should have non-numeric keys so ordering is preserved.",t,n)}function s(e,t,n){var r=i(),a="string"==typeof n?n:n.displayName||n.name,u=r||a,s=_[e]||(_[e]={});if(!s.hasOwnProperty(u)){s[u]=!0;var l="";if(t&&t._owner&&t._owner!==y.current){var c=o(t._owner);l=" It was passed a child from "+c+"."}}}function l(e,t){if(Array.isArray(e))for(var n=0;n<e.length;n++){var r=e[n];m.isValidElement(r)&&a(r,t)}else if(m.isValidElement(e))e._store.validated=!0;else if(e){var o=E(e);if(o){if(o!==e.entries)for(var i,s=o.call(e);!(i=s.next()).done;)m.isValidElement(i.value)&&a(i.value,t)}else if("object"==typeof e){var l=v.extractIfFragment(e);for(var c in l)l.hasOwnProperty(c)&&u(c,l[c],t)}}}function c(e,t,n,o){for(var i in t)if(t.hasOwnProperty(i)){var a;try{b("function"==typeof t[i]),a=t[i](n,i,e,o)}catch(u){a=u}a instanceof Error&&!(a.message in x)&&(x[a.message]=!0,r(this))}}function p(e,t){var n=t.type,r="string"==typeof n?n:n.displayName,o=t._owner?t._owner.getPublicInstance().constructor.displayName:null,i=e+"|"+r+"|"+o;if(!M.hasOwnProperty(i)){M[i]=!0;var a="";r&&(a=" <"+r+" />");var u="";o&&(u=" The element was created by "+o+".")}}function d(e,t){return e!==e?t!==t:0===e&&0===t?1/e===1/t:e===t}function f(e){if(e._store){var t=e._store.originalProps,n=e.props;for(var r in n)n.hasOwnProperty(r)&&(t.hasOwnProperty(r)&&d(t[r],n[r])||(p(r,e),t[r]=n[r]))}}function h(e){if(null!=e.type){var t=C.getComponentClassForElement(e),n=t.displayName||t.name;t.propTypes&&c(n,t.propTypes,e.props,g.prop),"function"==typeof t.getDefaultProps}}var m=e(55),v=e(61),g=e(75),y=(e(74),e(39)),C=e(71),E=e(124),b=e(133),_=(e(150),{}),x={},D=/^\d+$/,M={},N={checkAndWarnForMutatedProps:f,createElement:function(e,t,n){var r=m.createElement.apply(this,arguments);if(null==r)return r;for(var o=2;o<arguments.length;o++)l(arguments[o],e);return h(r),r},createFactory:function(e){var t=N.createElement.bind(null,e);return t.type=e,t},cloneElement:function(e,t,n){for(var r=m.cloneElement.apply(this,arguments),o=2;o<arguments.length;o++)l(arguments[o],r.type);return h(r),r}};t.exports=N},{124:124,133:133,150:150,39:39,55:55,61:61,71:71,74:74,75:75}],57:[function(e,t,n){"use strict";function r(e){c[e]=!0}function o(e){delete c[e]}function i(e){return!!c[e]}var a,u=e(55),s=e(65),l=e(133),c={},p={injectEmptyComponent:function(e){a=u.createFactory(e)}},d=function(){};d.prototype.componentDidMount=function(){var e=s.get(this);e&&r(e._rootNodeID)},d.prototype.componentWillUnmount=function(){var e=s.get(this);e&&o(e._rootNodeID)},d.prototype.render=function(){return l(a),a()};var f=u.createElement(d),h={emptyElement:f,injection:p,isNullComponentID:i};t.exports=h},{133:133,55:55,65:65}],58:[function(e,t,n){"use strict";var r={guard:function(e,t){return e}};t.exports=r},{}],59:[function(e,t,n){"use strict";function r(e){o.enqueueEvents(e),o.processEventQueue()}var o=e(17),i={handleTopLevel:function(e,t,n,i){var a=o.extractEvents(e,t,n,i);r(a)}};t.exports=i},{17:17}],60:[function(e,t,n){"use strict";function r(e){var t=p.getID(e),n=c.getReactRootIDFromNodeID(t),r=p.findReactContainerForID(n),o=p.getFirstReactDOM(r);return o}function o(e,t){this.topLevelType=e,this.nativeEvent=t,this.ancestors=[]}function i(e){for(var t=p.getFirstReactDOM(h(e.nativeEvent))||window,n=t;n;)e.ancestors.push(n),n=r(n);for(var o=0,i=e.ancestors.length;i>o;o++){t=e.ancestors[o];var a=p.getID(t)||"";v._handleTopLevel(e.topLevelType,t,a,e.nativeEvent)}}function a(e){var t=m(window);e(t)}var u=e(16),s=e(21),l=e(28),c=e(64),p=e(68),d=e(85),f=e(27),h=e(123),m=e(129);f(o.prototype,{destructor:function(){this.topLevelType=null,this.nativeEvent=null,this.ancestors.length=0}}),l.addPoolingTo(o,l.twoArgumentPooler);var v={_enabled:!0,_handleTopLevel:null,WINDOW_HANDLE:s.canUseDOM?window:null,setHandleTopLevel:function(e){v._handleTopLevel=e},setEnabled:function(e){v._enabled=!!e},isEnabled:function(){return v._enabled},trapBubbledEvent:function(e,t,n){var r=n;return r?u.listen(r,t,v.dispatchEvent.bind(null,e)):null},trapCapturedEvent:function(e,t,n){var r=n;return r?u.capture(r,t,v.dispatchEvent.bind(null,e)):null},monitorScrollValue:function(e){var t=a.bind(null,e);u.listen(window,"scroll",t)},dispatchEvent:function(e,t){if(v._enabled){var n=o.getPooled(e,t);try{d.batchedUpdates(i,n)}finally{o.release(n)}}}};t.exports=v},{123:123,129:129,16:16,21:21,27:27,28:28,64:64,68:68,85:85}],61:[function(e,t,n){"use strict";var r=(e(55),e(150),{create:function(e){return e},extract:function(e){return e},extractIfFragment:function(e){return e}});t.exports=r},{150:150,55:55}],62:[function(e,t,n){"use strict";var r=e(10),o=e(17),i=e(36),a=e(33),u=e(57),s=e(30),l=e(71),c=e(42),p=e(73),d=e(81),f=e(85),h={Component:i.injection,Class:a.injection,DOMComponent:c.injection,DOMProperty:r.injection,EmptyComponent:u.injection,EventPluginHub:o.injection,EventEmitter:s.injection,NativeComponent:l.injection,Perf:p.injection,RootIndex:d.injection,Updates:f.injection};t.exports=h},{10:10,17:17,30:30,33:33,36:36,42:42,57:57,71:71,73:73,81:81,85:85}],63:[function(e,t,n){"use strict";function r(e){return i(document.documentElement,e)}var o=e(50),i=e(107),a=e(117),u=e(119),s={hasSelectionCapabilities:function(e){return e&&("INPUT"===e.nodeName&&"text"===e.type||"TEXTAREA"===e.nodeName||"true"===e.contentEditable)},getSelectionInformation:function(){var e=u();return{focusedElem:e,selectionRange:s.hasSelectionCapabilities(e)?s.getSelection(e):null}},restoreSelection:function(e){var t=u(),n=e.focusedElem,o=e.selectionRange;t!==n&&r(n)&&(s.hasSelectionCapabilities(n)&&s.setSelection(n,o),a(n))},getSelection:function(e){var t;if("selectionStart"in e)t={start:e.selectionStart,end:e.selectionEnd};else if(document.selection&&"INPUT"===e.nodeName){var n=document.selection.createRange();n.parentElement()===e&&(t={start:-n.moveStart("character",-e.value.length),end:-n.moveEnd("character",-e.value.length)})}else t=o.getOffsets(e);return t||{start:0,end:0}},setSelection:function(e,t){var n=t.start,r=t.end;if("undefined"==typeof r&&(r=n),"selectionStart"in e)e.selectionStart=n,e.selectionEnd=Math.min(r,e.value.length);else if(document.selection&&"INPUT"===e.nodeName){var i=e.createTextRange();i.collapse(!0),i.moveStart("character",n),i.moveEnd("character",r-n),i.select()}else o.setOffsets(e,t)}};t.exports=s},{107:107,117:117,119:119,50:50}],64:[function(e,t,n){"use strict";function r(e){return f+e.toString(36)}function o(e,t){return e.charAt(t)===f||t===e.length}function i(e){return""===e||e.charAt(0)===f&&e.charAt(e.length-1)!==f}function a(e,t){return 0===t.indexOf(e)&&o(t,e.length)}function u(e){return e?e.substr(0,e.lastIndexOf(f)):""}function s(e,t){if(d(i(e)&&i(t)),d(a(e,t)),e===t)return e;var n,r=e.length+h;for(n=r;n<t.length&&!o(t,n);n++);return t.substr(0,n)}function l(e,t){var n=Math.min(e.length,t.length);if(0===n)return"";for(var r=0,a=0;n>=a;a++)if(o(e,a)&&o(t,a))r=a;else if(e.charAt(a)!==t.charAt(a))break;var u=e.substr(0,r);return d(i(u)),u}function c(e,t,n,r,o,i){e=e||"",t=t||"",d(e!==t);var l=a(t,e);d(l||a(e,t));for(var c=0,p=l?u:s,f=e;;f=p(f,t)){var h;if(o&&f===e||i&&f===t||(h=n(f,l,r)),h===!1||f===t)break;d(c++<m)}}var p=e(81),d=e(133),f=".",h=f.length,m=100,v={createReactRootID:function(){return r(p.createReactRootIndex())},createReactID:function(e,t){return e+t},getReactRootIDFromNodeID:function(e){if(e&&e.charAt(0)===f&&e.length>1){var t=e.indexOf(f,1);return t>-1?e.substr(0,t):e}return null},traverseEnterLeave:function(e,t,n,r,o){var i=l(e,t);i!==e&&c(e,i,n,r,!1,!0),i!==t&&c(i,t,n,o,!0,!1)},traverseTwoPhase:function(e,t,n){e&&(c("",e,t,n,!0,!1),c(e,"",t,n,!1,!0))},traverseAncestors:function(e,t,n){c("",e,t,n,!0,!1)},_getFirstCommonAncestorID:l,_getNextDescendantID:s,isAncestorIDOf:a,SEPARATOR:f};t.exports=v},{133:133,81:81}],65:[function(e,t,n){"use strict";var r={remove:function(e){e._reactInternalInstance=void 0},get:function(e){return e._reactInternalInstance},has:function(e){return void 0!==e._reactInternalInstance},set:function(e,t){e._reactInternalInstance=t}};t.exports=r},{}],66:[function(e,t,n){"use strict";var r={currentlyMountingInstance:null,currentlyUnmountingInstance:null};t.exports=r},{}],67:[function(e,t,n){"use strict";var r=e(104),o={CHECKSUM_ATTR_NAME:"data-react-checksum",addChecksumToMarkup:function(e){var t=r(e);return e.replace(">"," "+o.CHECKSUM_ATTR_NAME+'="'+t+'">')},canReuseMarkup:function(e,t){var n=t.getAttribute(o.CHECKSUM_ATTR_NAME);n=n&&parseInt(n,10);var i=r(e);return i===n}};t.exports=o},{104:104}],68:[function(e,t,n){"use strict";function r(e,t){for(var n=Math.min(e.length,t.length),r=0;n>r;r++)if(e.charAt(r)!==t.charAt(r))return r;return e.length===t.length?-1:n}function o(e){var t=R(e);return t&&K.getID(t)}function i(e){var t=a(e);if(t)if(L.hasOwnProperty(t)){var n=L[t];n!==e&&(w(!c(n,t)),L[t]=e)}else L[t]=e;return t}function a(e){return e&&e.getAttribute&&e.getAttribute(k)||""}function u(e,t){var n=a(e);n!==t&&delete L[n],e.setAttribute(k,t),L[t]=e}function s(e){return L.hasOwnProperty(e)&&c(L[e],e)||(L[e]=K.findReactNodeByID(e)),L[e]}function l(e){var t=b.get(e)._rootNodeID;return C.isNullComponentID(t)?null:(L.hasOwnProperty(t)&&c(L[t],t)||(L[t]=K.findReactNodeByID(t)),L[t])}function c(e,t){if(e){w(a(e)===t);var n=K.findReactContainerForID(t);if(n&&T(n,e))return!0}return!1}function p(e){delete L[e]}function d(e){var t=L[e];return t&&c(t,e)?void(W=t):!1}function f(e){W=null,E.traverseAncestors(e,d);var t=W;return W=null,t}function h(e,t,n,r,o){var i=D.mountComponent(e,t,r,I);e._isTopLevel=!0,K._mountImageIntoNode(i,n,o)}function m(e,t,n,r){var o=N.ReactReconcileTransaction.getPooled();o.perform(h,null,e,t,n,o,r),N.ReactReconcileTransaction.release(o)}var v=e(10),g=e(30),y=(e(39),e(55)),C=(e(56),e(57)),E=e(64),b=e(65),_=e(67),x=e(73),D=e(79),M=e(84),N=e(85),I=e(113),T=e(107),R=e(127),P=e(132),w=e(133),O=e(144),S=e(147),A=(e(150),E.SEPARATOR),k=v.ID_ATTRIBUTE_NAME,L={},U=1,F=9,B={},V={},j=[],W=null,K={_instancesByReactRootID:B,scrollMonitor:function(e,t){t()},_updateRootComponent:function(e,t,n,r){return K.scrollMonitor(n,function(){M.enqueueElementInternal(e,t),r&&M.enqueueCallbackInternal(e,r)}),e},_registerComponent:function(e,t){w(t&&(t.nodeType===U||t.nodeType===F)),g.ensureScrollValueMonitoring();var n=K.registerContainer(t);return B[n]=e,n},_renderNewRootComponent:function(e,t,n){var r=P(e,null),o=K._registerComponent(r,t);return N.batchedUpdates(m,r,o,t,n),r},render:function(e,t,n){w(y.isValidElement(e));var r=B[o(t)];if(r){var i=r._currentElement;if(S(i,e))return K._updateRootComponent(r,e,t,n).getPublicInstance();K.unmountComponentAtNode(t)}var a=R(t),u=a&&K.isRenderedByReact(a),s=u&&!r,l=K._renderNewRootComponent(e,t,s).getPublicInstance();return n&&n.call(l),l},constructAndRenderComponent:function(e,t,n){var r=y.createElement(e,t);return K.render(r,n)},constructAndRenderComponentByID:function(e,t,n){var r=document.getElementById(n);return w(r),K.constructAndRenderComponent(e,t,r)},registerContainer:function(e){var t=o(e);return t&&(t=E.getReactRootIDFromNodeID(t)),t||(t=E.createReactRootID()),V[t]=e,t},unmountComponentAtNode:function(e){w(e&&(e.nodeType===U||e.nodeType===F));var t=o(e),n=B[t];return n?(K.unmountComponentFromNode(n,e),delete B[t],delete V[t],!0):!1},unmountComponentFromNode:function(e,t){for(D.unmountComponent(e),t.nodeType===F&&(t=t.documentElement);t.lastChild;)t.removeChild(t.lastChild)},findReactContainerForID:function(e){var t=E.getReactRootIDFromNodeID(e),n=V[t];return n},findReactNodeByID:function(e){var t=K.findReactContainerForID(e);return K.findComponentRoot(t,e)},isRenderedByReact:function(e){if(1!==e.nodeType)return!1;var t=K.getID(e);return t?t.charAt(0)===A:!1},getFirstReactDOM:function(e){for(var t=e;t&&t.parentNode!==t;){if(K.isRenderedByReact(t))return t;t=t.parentNode}return null},findComponentRoot:function(e,t){var n=j,r=0,o=f(t)||e;for(n[0]=o.firstChild,n.length=1;r<n.length;){for(var i,a=n[r++];a;){var u=K.getID(a);u?t===u?i=a:E.isAncestorIDOf(u,t)&&(n.length=r=0,n.push(a.firstChild)):n.push(a.firstChild),a=a.nextSibling}if(i)return n.length=0,i}n.length=0,w(!1)},_mountImageIntoNode:function(e,t,n){if(w(t&&(t.nodeType===U||t.nodeType===F)),n){var o=R(t);if(_.canReuseMarkup(e,o))return;var i=o.getAttribute(_.CHECKSUM_ATTR_NAME);o.removeAttribute(_.CHECKSUM_ATTR_NAME);var a=o.outerHTML;o.setAttribute(_.CHECKSUM_ATTR_NAME,i);var u=r(e,a);" (client) "+e.substring(u-20,u+20)+"\n (server) "+a.substring(u-20,u+20),w(t.nodeType!==F)}w(t.nodeType!==F),O(t,e)},getReactRootID:o,getID:i,setID:u,getNode:s,getNodeFromInstance:l,purgeID:p};x.measureMethods(K,"ReactMount",{_renderNewRootComponent:"_renderNewRootComponent",_mountImageIntoNode:"_mountImageIntoNode"}),t.exports=K},{10:10,107:107,113:113,127:127,132:132,133:133,144:144,147:147,150:150,30:30,39:39,55:55,56:56,57:57,64:64,65:65,67:67,73:73,79:79,84:84,85:85}],69:[function(e,t,n){"use strict";function r(e,t,n){h.push({parentID:e,parentNode:null,type:c.INSERT_MARKUP,markupIndex:m.push(t)-1,textContent:null,fromIndex:null,toIndex:n})}function o(e,t,n){h.push({parentID:e,parentNode:null,type:c.MOVE_EXISTING,markupIndex:null,textContent:null,fromIndex:t,toIndex:n})}function i(e,t){h.push({parentID:e,parentNode:null,type:c.REMOVE_NODE,markupIndex:null,textContent:null,fromIndex:t,toIndex:null})}function a(e,t){h.push({parentID:e,parentNode:null,type:c.TEXT_CONTENT,markupIndex:null,textContent:t,fromIndex:null,toIndex:null})}function u(){h.length&&(l.processChildrenUpdates(h,m),s())}function s(){h.length=0,m.length=0}var l=e(36),c=e(70),p=e(79),d=e(31),f=0,h=[],m=[],v={Mixin:{mountChildren:function(e,t,n){var r=d.instantiateChildren(e,t,n);this._renderedChildren=r;var o=[],i=0;for(var a in r)if(r.hasOwnProperty(a)){var u=r[a],s=this._rootNodeID+a,l=p.mountComponent(u,s,t,n);u._mountIndex=i,o.push(l),i++}return o},updateTextContent:function(e){f++;var t=!0;try{var n=this._renderedChildren;d.unmountChildren(n);for(var r in n)n.hasOwnProperty(r)&&this._unmountChildByName(n[r],r);this.setTextContent(e),t=!1}finally{f--,f||(t?s():u())}},updateChildren:function(e,t,n){f++;var r=!0;try{this._updateChildren(e,t,n),r=!1}finally{f--,f||(r?s():u())}},_updateChildren:function(e,t,n){var r=this._renderedChildren,o=d.updateChildren(r,e,t,n);if(this._renderedChildren=o,o||r){var i,a=0,u=0;for(i in o)if(o.hasOwnProperty(i)){var s=r&&r[i],l=o[i];s===l?(this.moveChild(s,u,a),a=Math.max(s._mountIndex,a),s._mountIndex=u):(s&&(a=Math.max(s._mountIndex,a),this._unmountChildByName(s,i)),this._mountChildByNameAtIndex(l,i,u,t,n)),u++}for(i in r)!r.hasOwnProperty(i)||o&&o.hasOwnProperty(i)||this._unmountChildByName(r[i],i)}},unmountChildren:function(){var e=this._renderedChildren;d.unmountChildren(e),this._renderedChildren=null},moveChild:function(e,t,n){e._mountIndex<n&&o(this._rootNodeID,e._mountIndex,t)},createChild:function(e,t){r(this._rootNodeID,t,e._mountIndex)},removeChild:function(e){i(this._rootNodeID,e._mountIndex)},setTextContent:function(e){a(this._rootNodeID,e)},_mountChildByNameAtIndex:function(e,t,n,r,o){var i=this._rootNodeID+t,a=p.mountComponent(e,i,r,o);e._mountIndex=n,this.createChild(e,a)},_unmountChildByName:function(e,t){this.removeChild(e),e._mountIndex=null}}};t.exports=v},{31:31,36:36,70:70,79:79}],70:[function(e,t,n){"use strict";var r=e(138),o=r({INSERT_MARKUP:null,MOVE_EXISTING:null,REMOVE_NODE:null,TEXT_CONTENT:null});t.exports=o},{138:138}],71:[function(e,t,n){"use strict";function r(e){if("function"==typeof e.type)return e.type;var t=e.type,n=p[t];return null==n&&(p[t]=n=l(t)),n}function o(e){return s(c),new c(e.type,e.props)}function i(e){return new d(e)}function a(e){return e instanceof d}var u=e(27),s=e(133),l=null,c=null,p={},d=null,f={injectGenericComponentClass:function(e){c=e},injectTextComponentClass:function(e){d=e},injectComponentClasses:function(e){u(p,e)},injectAutoWrapper:function(e){l=e}},h={getComponentClassForElement:r,createInternalComponent:o,createInstanceForText:i,isTextComponent:a,injection:f};t.exports=h},{133:133,27:27}],72:[function(e,t,n){"use strict";var r=e(133),o={isValidOwner:function(e){return!(!e||"function"!=typeof e.attachRef||"function"!=typeof e.detachRef)},addComponentAsRefTo:function(e,t,n){r(o.isValidOwner(n)),n.attachRef(t,e)},removeComponentAsRefFrom:function(e,t,n){r(o.isValidOwner(n)),n.getPublicInstance().refs[t]===e.getPublicInstance()&&n.detachRef(t)}};t.exports=o},{133:133}],73:[function(e,t,n){"use strict";function r(e,t,n){return n}var o={enableMeasure:!1,storedMeasure:r,measureMethods:function(e,t,n){},measure:function(e,t,n){return n},injection:{injectMeasure:function(e){o.storedMeasure=e}}};t.exports=o},{}],74:[function(e,t,n){"use strict";var r={};t.exports=r},{}],75:[function(e,t,n){"use strict";var r=e(138),o=r({prop:null,context:null,childContext:null});t.exports=o},{138:138}],76:[function(e,t,n){"use strict";function r(e){function t(t,n,r,o,i){if(o=o||b,null==n[r]){var a=C[i];return t?new Error("Required "+a+" `"+r+"` was not specified in "+("`"+o+"`.")):null}return e(n,r,o,i)}var n=t.bind(null,!1);return n.isRequired=t.bind(null,!0),n}function o(e){function t(t,n,r,o){var i=t[n],a=m(i);if(a!==e){var u=C[o],s=v(i);return new Error("Invalid "+u+" `"+n+"` of type `"+s+"` "+("supplied to `"+r+"`, expected `"+e+"`."))}return null}return r(t)}function i(){return r(E.thatReturns(null))}function a(e){function t(t,n,r,o){var i=t[n];if(!Array.isArray(i)){var a=C[o],u=m(i);return new Error("Invalid "+a+" `"+n+"` of type "+("`"+u+"` supplied to `"+r+"`, expected an array."))}for(var s=0;s<i.length;s++){var l=e(i,s,r,o);if(l instanceof Error)return l}return null}return r(t)}function u(){function e(e,t,n,r){if(!g.isValidElement(e[t])){var o=C[r];return new Error("Invalid "+o+" `"+t+"` supplied to "+("`"+n+"`, expected a ReactElement."))}return null}return r(e)}function s(e){function t(t,n,r,o){if(!(t[n]instanceof e)){var i=C[o],a=e.name||b;return new Error("Invalid "+i+" `"+n+"` supplied to "+("`"+r+"`, expected instance of `"+a+"`."))}return null}return r(t)}function l(e){function t(t,n,r,o){for(var i=t[n],a=0;a<e.length;a++)if(i===e[a])return null;var u=C[o],s=JSON.stringify(e);return new Error("Invalid "+u+" `"+n+"` of value `"+i+"` "+("supplied to `"+r+"`, expected one of "+s+"."))}return r(t)}function c(e){function t(t,n,r,o){var i=t[n],a=m(i);if("object"!==a){var u=C[o];return new Error("Invalid "+u+" `"+n+"` of type "+("`"+a+"` supplied to `"+r+"`, expected an object."))}for(var s in i)if(i.hasOwnProperty(s)){var l=e(i,s,r,o);if(l instanceof Error)return l}return null}return r(t)}function p(e){function t(t,n,r,o){for(var i=0;i<e.length;i++){var a=e[i];if(null==a(t,n,r,o))return null}var u=C[o];return new Error("Invalid "+u+" `"+n+"` supplied to "+("`"+r+"`."))}return r(t)}function d(){function e(e,t,n,r){if(!h(e[t])){var o=C[r];return new Error("Invalid "+o+" `"+t+"` supplied to "+("`"+n+"`, expected a ReactNode."))}return null}return r(e)}function f(e){function t(t,n,r,o){var i=t[n],a=m(i);if("object"!==a){var u=C[o];return new Error("Invalid "+u+" `"+n+"` of type `"+a+"` "+("supplied to `"+r+"`, expected `object`."))}for(var s in e){var l=e[s];if(l){var c=l(i,s,r,o);if(c)return c}}return null}return r(t)}function h(e){switch(typeof e){case"number":case"string":case"undefined":return!0;case"boolean":return!e;case"object":if(Array.isArray(e))return e.every(h);if(null===e||g.isValidElement(e))return!0;e=y.extractIfFragment(e);for(var t in e)if(!h(e[t]))return!1;return!0;default:return!1}}function m(e){var t=typeof e;return Array.isArray(e)?"array":e instanceof RegExp?"object":t}function v(e){var t=m(e);if("object"===t){if(e instanceof Date)return"date";if(e instanceof RegExp)return"regexp"}return t}var g=e(55),y=e(61),C=e(74),E=e(112),b="<<anonymous>>",_=u(),x=d(),D={array:o("array"),bool:o("boolean"),func:o("function"),number:o("number"),object:o("object"),string:o("string"),any:i(),arrayOf:a,element:_,instanceOf:s,node:x,objectOf:c,oneOf:l,oneOfType:p,shape:f};t.exports=D},{112:112,55:55,61:61,74:74}],77:[function(e,t,n){"use strict";function r(){this.listenersToPut=[]}var o=e(28),i=e(30),a=e(27);a(r.prototype,{enqueuePutListener:function(e,t,n){this.listenersToPut.push({rootNodeID:e,propKey:t,propValue:n})},putListeners:function(){for(var e=0;e<this.listenersToPut.length;e++){var t=this.listenersToPut[e];i.putListener(t.rootNodeID,t.propKey,t.propValue)}},reset:function(){this.listenersToPut.length=0},destructor:function(){this.reset()}}),o.addPoolingTo(r),t.exports=r},{27:27,28:28,30:30}],78:[function(e,t,n){"use strict";function r(){this.reinitializeTransaction(),this.renderToStaticMarkup=!1,this.reactMountReady=o.getPooled(null),this.putListenerQueue=s.getPooled()}var o=e(6),i=e(28),a=e(30),u=e(63),s=e(77),l=e(101),c=e(27),p={initialize:u.getSelectionInformation,close:u.restoreSelection},d={initialize:function(){var e=a.isEnabled();return a.setEnabled(!1),e},close:function(e){a.setEnabled(e)}},f={initialize:function(){this.reactMountReady.reset()},close:function(){this.reactMountReady.notifyAll()}},h={initialize:function(){this.putListenerQueue.reset()},close:function(){this.putListenerQueue.putListeners()}},m=[h,p,d,f],v={getTransactionWrappers:function(){return m},getReactMountReady:function(){return this.reactMountReady},getPutListenerQueue:function(){return this.putListenerQueue},destructor:function(){o.release(this.reactMountReady),this.reactMountReady=null,s.release(this.putListenerQueue),this.putListenerQueue=null}};c(r.prototype,l.Mixin,v),i.addPoolingTo(r),t.exports=r},{101:101,27:27,28:28,30:30,6:6,63:63,77:77}],79:[function(e,t,n){"use strict";function r(){o.attachRefs(this,this._currentElement)}var o=e(80),i=(e(56),{mountComponent:function(e,t,n,o){var i=e.mountComponent(t,n,o);return n.getReactMountReady().enqueue(r,e),i},unmountComponent:function(e){o.detachRefs(e,e._currentElement),e.unmountComponent()},receiveComponent:function(e,t,n,i){var a=e._currentElement;if(t!==a||null==t._owner){var u=o.shouldUpdateRefs(a,t);u&&o.detachRefs(e,a),e.receiveComponent(t,n,i),u&&n.getReactMountReady().enqueue(r,e)}},performUpdateIfNecessary:function(e,t){e.performUpdateIfNecessary(t)}});t.exports=i},{56:56,80:80}],80:[function(e,t,n){"use strict";function r(e,t,n){"function"==typeof e?e(t.getPublicInstance()):i.addComponentAsRefTo(t,e,n)}function o(e,t,n){"function"==typeof e?e(null):i.removeComponentAsRefFrom(t,e,n)}var i=e(72),a={};a.attachRefs=function(e,t){var n=t.ref;null!=n&&r(n,e,t._owner)},a.shouldUpdateRefs=function(e,t){return t._owner!==e._owner||t.ref!==e.ref},a.detachRefs=function(e,t){var n=t.ref;null!=n&&o(n,e,t._owner)},t.exports=a},{72:72}],81:[function(e,t,n){"use strict";var r={injectCreateReactRootIndex:function(e){o.createReactRootIndex=e}},o={createReactRootIndex:null,injection:r};t.exports=o},{}],82:[function(e,t,n){"use strict";function r(e){p(i.isValidElement(e));var t;try{var n=a.createReactRootID();return t=s.getPooled(!1),t.perform(function(){var r=c(e,null),o=r.mountComponent(n,t,l);return u.addChecksumToMarkup(o)},null)}finally{s.release(t)}}function o(e){p(i.isValidElement(e));var t;try{var n=a.createReactRootID();return t=s.getPooled(!0),t.perform(function(){var r=c(e,null);return r.mountComponent(n,t,l)},null)}finally{s.release(t)}}var i=e(55),a=e(64),u=e(67),s=e(83),l=e(113),c=e(132),p=e(133);t.exports={renderToString:r,renderToStaticMarkup:o}},{113:113,132:132,133:133,55:55,64:64,67:67,83:83}],83:[function(e,t,n){"use strict";function r(e){this.reinitializeTransaction(),this.renderToStaticMarkup=e,this.reactMountReady=i.getPooled(null),this.putListenerQueue=a.getPooled()}var o=e(28),i=e(6),a=e(77),u=e(101),s=e(27),l=e(112),c={initialize:function(){this.reactMountReady.reset()},close:l},p={initialize:function(){this.putListenerQueue.reset()},close:l},d=[p,c],f={getTransactionWrappers:function(){return d},getReactMountReady:function(){return this.reactMountReady},getPutListenerQueue:function(){return this.putListenerQueue},destructor:function(){i.release(this.reactMountReady),this.reactMountReady=null,a.release(this.putListenerQueue),this.putListenerQueue=null}};s(r.prototype,u.Mixin,f),o.addPoolingTo(r),t.exports=r},{101:101,112:112,27:27,28:28,6:6,77:77}],84:[function(e,t,n){"use strict";function r(e){e!==i.currentlyMountingInstance&&l.enqueueUpdate(e)}function o(e,t){p(null==a.current);var n=s.get(e);return n?n===i.currentlyUnmountingInstance?null:n:null}var i=e(66),a=e(39),u=e(55),s=e(65),l=e(85),c=e(27),p=e(133),d=(e(150),{enqueueCallback:function(e,t){p("function"==typeof t);var n=o(e);return n&&n!==i.currentlyMountingInstance?(n._pendingCallbacks?n._pendingCallbacks.push(t):n._pendingCallbacks=[t],void r(n)):null},enqueueCallbackInternal:function(e,t){p("function"==typeof t),e._pendingCallbacks?e._pendingCallbacks.push(t):e._pendingCallbacks=[t],r(e)},enqueueForceUpdate:function(e){var t=o(e,"forceUpdate");t&&(t._pendingForceUpdate=!0,r(t))},enqueueReplaceState:function(e,t){var n=o(e,"replaceState");n&&(n._pendingStateQueue=[t],n._pendingReplaceState=!0,r(n))},enqueueSetState:function(e,t){var n=o(e,"setState");if(n){var i=n._pendingStateQueue||(n._pendingStateQueue=[]);i.push(t),r(n)}},enqueueSetProps:function(e,t){var n=o(e,"setProps");if(n){p(n._isTopLevel);var i=n._pendingElement||n._currentElement,a=c({},i.props,t);n._pendingElement=u.cloneAndReplaceProps(i,a),r(n)}},enqueueReplaceProps:function(e,t){var n=o(e,"replaceProps");if(n){p(n._isTopLevel);var i=n._pendingElement||n._currentElement;n._pendingElement=u.cloneAndReplaceProps(i,t),r(n)}},enqueueElementInternal:function(e,t){e._pendingElement=t,r(e)}});t.exports=d},{133:133,150:150,27:27,39:39,55:55,65:65,66:66,85:85}],85:[function(e,t,n){"use strict";function r(){v(N.ReactReconcileTransaction&&E)}function o(){this.reinitializeTransaction(),this.dirtyComponentsLength=null,this.callbackQueue=c.getPooled(),this.reconcileTransaction=N.ReactReconcileTransaction.getPooled()}function i(e,t,n,o,i){r(),E.batchedUpdates(e,t,n,o,i)}function a(e,t){return e._mountOrder-t._mountOrder}function u(e){var t=e.dirtyComponentsLength;v(t===g.length),g.sort(a);for(var n=0;t>n;n++){var r=g[n],o=r._pendingCallbacks;if(r._pendingCallbacks=null,f.performUpdateIfNecessary(r,e.reconcileTransaction),o)for(var i=0;i<o.length;i++)e.callbackQueue.enqueue(o[i],r.getPublicInstance())}}function s(e){return r(),E.isBatchingUpdates?void g.push(e):void E.batchedUpdates(s,e)}function l(e,t){v(E.isBatchingUpdates),y.enqueue(e,t),C=!0}var c=e(6),p=e(28),d=(e(39),e(73)),f=e(79),h=e(101),m=e(27),v=e(133),g=(e(150),[]),y=c.getPooled(),C=!1,E=null,b={initialize:function(){this.dirtyComponentsLength=g.length},close:function(){this.dirtyComponentsLength!==g.length?(g.splice(0,this.dirtyComponentsLength),D()):g.length=0}},_={initialize:function(){this.callbackQueue.reset()},close:function(){this.callbackQueue.notifyAll()}},x=[b,_];m(o.prototype,h.Mixin,{getTransactionWrappers:function(){return x},destructor:function(){this.dirtyComponentsLength=null,c.release(this.callbackQueue),this.callbackQueue=null,N.ReactReconcileTransaction.release(this.reconcileTransaction),this.reconcileTransaction=null},perform:function(e,t,n){return h.Mixin.perform.call(this,this.reconcileTransaction.perform,this.reconcileTransaction,e,t,n)}}),p.addPoolingTo(o);var D=function(){for(;g.length||C;){if(g.length){var e=o.getPooled();e.perform(u,null,e),o.release(e)}if(C){C=!1;var t=y;y=c.getPooled(),t.notifyAll(),c.release(t)}}};D=d.measure("ReactUpdates","flushBatchedUpdates",D);var M={injectReconcileTransaction:function(e){v(e),N.ReactReconcileTransaction=e},injectBatchingStrategy:function(e){v(e),v("function"==typeof e.batchedUpdates),v("boolean"==typeof e.isBatchingUpdates),E=e}},N={ReactReconcileTransaction:null,batchedUpdates:i,enqueueUpdate:s,flushBatchedUpdates:D,injection:M,asap:l};t.exports=N},{101:101,133:133,150:150,27:27,28:28,39:39,6:6,73:73,79:79}],86:[function(e,t,n){"use strict";var r=e(10),o=r.injection.MUST_USE_ATTRIBUTE,i={Properties:{cx:o,cy:o,d:o,dx:o,dy:o,fill:o,fillOpacity:o,fontFamily:o,fontSize:o,fx:o,fy:o,gradientTransform:o,gradientUnits:o,markerEnd:o,markerMid:o,markerStart:o,offset:o,opacity:o,patternContentUnits:o,patternUnits:o,points:o,preserveAspectRatio:o,r:o,rx:o,ry:o,spreadMethod:o,stopColor:o,stopOpacity:o,stroke:o,strokeDasharray:o,strokeLinecap:o,strokeOpacity:o,strokeWidth:o,textAnchor:o,transform:o,version:o,viewBox:o,x1:o,x2:o,x:o,y1:o,y2:o,y:o},DOMAttributeNames:{fillOpacity:"fill-opacity",fontFamily:"font-family",fontSize:"font-size",gradientTransform:"gradientTransform",gradientUnits:"gradientUnits",markerEnd:"marker-end",markerMid:"marker-mid",markerStart:"marker-start",patternContentUnits:"patternContentUnits",patternUnits:"patternUnits",preserveAspectRatio:"preserveAspectRatio",spreadMethod:"spreadMethod",stopColor:"stop-color",stopOpacity:"stop-opacity",strokeDasharray:"stroke-dasharray",strokeLinecap:"stroke-linecap",strokeOpacity:"stroke-opacity",strokeWidth:"stroke-width",textAnchor:"text-anchor",viewBox:"viewBox"}};t.exports=i},{10:10}],87:[function(e,t,n){"use strict";function r(e){if("selectionStart"in e&&u.hasSelectionCapabilities(e))return{start:e.selectionStart,end:e.selectionEnd};if(window.getSelection){var t=window.getSelection();return{anchorNode:t.anchorNode,anchorOffset:t.anchorOffset,focusNode:t.focusNode,focusOffset:t.focusOffset}}if(document.selection){var n=document.selection.createRange();return{parentElement:n.parentElement(),text:n.text,top:n.boundingTop,left:n.boundingLeft}}}function o(e){if(y||null==m||m!==l())return null;var t=r(m);if(!g||!d(g,t)){g=t;var n=s.getPooled(h.select,v,e);return n.type="select",n.target=m,a.accumulateTwoPhaseDispatches(n),n}}var i=e(15),a=e(20),u=e(63),s=e(93),l=e(119),c=e(136),p=e(139),d=e(146),f=i.topLevelTypes,h={select:{phasedRegistrationNames:{bubbled:p({onSelect:null}),captured:p({onSelectCapture:null})},dependencies:[f.topBlur,f.topContextMenu,f.topFocus,f.topKeyDown,f.topMouseDown,f.topMouseUp,f.topSelectionChange]}},m=null,v=null,g=null,y=!1,C={eventTypes:h,extractEvents:function(e,t,n,r){switch(e){case f.topFocus:(c(t)||"true"===t.contentEditable)&&(m=t,v=n,g=null);break;case f.topBlur:m=null,v=null,g=null;break;case f.topMouseDown: -y=!0;break;case f.topContextMenu:case f.topMouseUp:return y=!1,o(r);case f.topSelectionChange:case f.topKeyDown:case f.topKeyUp:return o(r)}}};t.exports=C},{119:119,136:136,139:139,146:146,15:15,20:20,63:63,93:93}],88:[function(e,t,n){"use strict";var r=Math.pow(2,53),o={createReactRootIndex:function(){return Math.ceil(Math.random()*r)}};t.exports=o},{}],89:[function(e,t,n){"use strict";var r=e(15),o=e(19),i=e(20),a=e(90),u=e(93),s=e(94),l=e(96),c=e(97),p=e(92),d=e(98),f=e(99),h=e(100),m=e(120),v=e(133),g=e(139),y=(e(150),r.topLevelTypes),C={blur:{phasedRegistrationNames:{bubbled:g({onBlur:!0}),captured:g({onBlurCapture:!0})}},click:{phasedRegistrationNames:{bubbled:g({onClick:!0}),captured:g({onClickCapture:!0})}},contextMenu:{phasedRegistrationNames:{bubbled:g({onContextMenu:!0}),captured:g({onContextMenuCapture:!0})}},copy:{phasedRegistrationNames:{bubbled:g({onCopy:!0}),captured:g({onCopyCapture:!0})}},cut:{phasedRegistrationNames:{bubbled:g({onCut:!0}),captured:g({onCutCapture:!0})}},doubleClick:{phasedRegistrationNames:{bubbled:g({onDoubleClick:!0}),captured:g({onDoubleClickCapture:!0})}},drag:{phasedRegistrationNames:{bubbled:g({onDrag:!0}),captured:g({onDragCapture:!0})}},dragEnd:{phasedRegistrationNames:{bubbled:g({onDragEnd:!0}),captured:g({onDragEndCapture:!0})}},dragEnter:{phasedRegistrationNames:{bubbled:g({onDragEnter:!0}),captured:g({onDragEnterCapture:!0})}},dragExit:{phasedRegistrationNames:{bubbled:g({onDragExit:!0}),captured:g({onDragExitCapture:!0})}},dragLeave:{phasedRegistrationNames:{bubbled:g({onDragLeave:!0}),captured:g({onDragLeaveCapture:!0})}},dragOver:{phasedRegistrationNames:{bubbled:g({onDragOver:!0}),captured:g({onDragOverCapture:!0})}},dragStart:{phasedRegistrationNames:{bubbled:g({onDragStart:!0}),captured:g({onDragStartCapture:!0})}},drop:{phasedRegistrationNames:{bubbled:g({onDrop:!0}),captured:g({onDropCapture:!0})}},focus:{phasedRegistrationNames:{bubbled:g({onFocus:!0}),captured:g({onFocusCapture:!0})}},input:{phasedRegistrationNames:{bubbled:g({onInput:!0}),captured:g({onInputCapture:!0})}},keyDown:{phasedRegistrationNames:{bubbled:g({onKeyDown:!0}),captured:g({onKeyDownCapture:!0})}},keyPress:{phasedRegistrationNames:{bubbled:g({onKeyPress:!0}),captured:g({onKeyPressCapture:!0})}},keyUp:{phasedRegistrationNames:{bubbled:g({onKeyUp:!0}),captured:g({onKeyUpCapture:!0})}},load:{phasedRegistrationNames:{bubbled:g({onLoad:!0}),captured:g({onLoadCapture:!0})}},error:{phasedRegistrationNames:{bubbled:g({onError:!0}),captured:g({onErrorCapture:!0})}},mouseDown:{phasedRegistrationNames:{bubbled:g({onMouseDown:!0}),captured:g({onMouseDownCapture:!0})}},mouseMove:{phasedRegistrationNames:{bubbled:g({onMouseMove:!0}),captured:g({onMouseMoveCapture:!0})}},mouseOut:{phasedRegistrationNames:{bubbled:g({onMouseOut:!0}),captured:g({onMouseOutCapture:!0})}},mouseOver:{phasedRegistrationNames:{bubbled:g({onMouseOver:!0}),captured:g({onMouseOverCapture:!0})}},mouseUp:{phasedRegistrationNames:{bubbled:g({onMouseUp:!0}),captured:g({onMouseUpCapture:!0})}},paste:{phasedRegistrationNames:{bubbled:g({onPaste:!0}),captured:g({onPasteCapture:!0})}},reset:{phasedRegistrationNames:{bubbled:g({onReset:!0}),captured:g({onResetCapture:!0})}},scroll:{phasedRegistrationNames:{bubbled:g({onScroll:!0}),captured:g({onScrollCapture:!0})}},submit:{phasedRegistrationNames:{bubbled:g({onSubmit:!0}),captured:g({onSubmitCapture:!0})}},touchCancel:{phasedRegistrationNames:{bubbled:g({onTouchCancel:!0}),captured:g({onTouchCancelCapture:!0})}},touchEnd:{phasedRegistrationNames:{bubbled:g({onTouchEnd:!0}),captured:g({onTouchEndCapture:!0})}},touchMove:{phasedRegistrationNames:{bubbled:g({onTouchMove:!0}),captured:g({onTouchMoveCapture:!0})}},touchStart:{phasedRegistrationNames:{bubbled:g({onTouchStart:!0}),captured:g({onTouchStartCapture:!0})}},wheel:{phasedRegistrationNames:{bubbled:g({onWheel:!0}),captured:g({onWheelCapture:!0})}}},E={topBlur:C.blur,topClick:C.click,topContextMenu:C.contextMenu,topCopy:C.copy,topCut:C.cut,topDoubleClick:C.doubleClick,topDrag:C.drag,topDragEnd:C.dragEnd,topDragEnter:C.dragEnter,topDragExit:C.dragExit,topDragLeave:C.dragLeave,topDragOver:C.dragOver,topDragStart:C.dragStart,topDrop:C.drop,topError:C.error,topFocus:C.focus,topInput:C.input,topKeyDown:C.keyDown,topKeyPress:C.keyPress,topKeyUp:C.keyUp,topLoad:C.load,topMouseDown:C.mouseDown,topMouseMove:C.mouseMove,topMouseOut:C.mouseOut,topMouseOver:C.mouseOver,topMouseUp:C.mouseUp,topPaste:C.paste,topReset:C.reset,topScroll:C.scroll,topSubmit:C.submit,topTouchCancel:C.touchCancel,topTouchEnd:C.touchEnd,topTouchMove:C.touchMove,topTouchStart:C.touchStart,topWheel:C.wheel};for(var b in E)E[b].dependencies=[b];var _={eventTypes:C,executeDispatch:function(e,t,n){var r=o.executeDispatch(e,t,n);r===!1&&(e.stopPropagation(),e.preventDefault())},extractEvents:function(e,t,n,r){var o=E[e];if(!o)return null;var g;switch(e){case y.topInput:case y.topLoad:case y.topError:case y.topReset:case y.topSubmit:g=u;break;case y.topKeyPress:if(0===m(r))return null;case y.topKeyDown:case y.topKeyUp:g=l;break;case y.topBlur:case y.topFocus:g=s;break;case y.topClick:if(2===r.button)return null;case y.topContextMenu:case y.topDoubleClick:case y.topMouseDown:case y.topMouseMove:case y.topMouseOut:case y.topMouseOver:case y.topMouseUp:g=c;break;case y.topDrag:case y.topDragEnd:case y.topDragEnter:case y.topDragExit:case y.topDragLeave:case y.topDragOver:case y.topDragStart:case y.topDrop:g=p;break;case y.topTouchCancel:case y.topTouchEnd:case y.topTouchMove:case y.topTouchStart:g=d;break;case y.topScroll:g=f;break;case y.topWheel:g=h;break;case y.topCopy:case y.topCut:case y.topPaste:g=a}v(g);var C=g.getPooled(o,n,r);return i.accumulateTwoPhaseDispatches(C),C}};t.exports=_},{100:100,120:120,133:133,139:139,15:15,150:150,19:19,20:20,90:90,92:92,93:93,94:94,96:96,97:97,98:98,99:99}],90:[function(e,t,n){"use strict";function r(e,t,n){o.call(this,e,t,n)}var o=e(93),i={clipboardData:function(e){return"clipboardData"in e?e.clipboardData:window.clipboardData}};o.augmentClass(r,i),t.exports=r},{93:93}],91:[function(e,t,n){"use strict";function r(e,t,n){o.call(this,e,t,n)}var o=e(93),i={data:null};o.augmentClass(r,i),t.exports=r},{93:93}],92:[function(e,t,n){"use strict";function r(e,t,n){o.call(this,e,t,n)}var o=e(97),i={dataTransfer:null};o.augmentClass(r,i),t.exports=r},{97:97}],93:[function(e,t,n){"use strict";function r(e,t,n){this.dispatchConfig=e,this.dispatchMarker=t,this.nativeEvent=n;var r=this.constructor.Interface;for(var o in r)if(r.hasOwnProperty(o)){var i=r[o];i?this[o]=i(n):this[o]=n[o]}var u=null!=n.defaultPrevented?n.defaultPrevented:n.returnValue===!1;u?this.isDefaultPrevented=a.thatReturnsTrue:this.isDefaultPrevented=a.thatReturnsFalse,this.isPropagationStopped=a.thatReturnsFalse}var o=e(28),i=e(27),a=e(112),u=e(123),s={type:null,target:u,currentTarget:a.thatReturnsNull,eventPhase:null,bubbles:null,cancelable:null,timeStamp:function(e){return e.timeStamp||Date.now()},defaultPrevented:null,isTrusted:null};i(r.prototype,{preventDefault:function(){this.defaultPrevented=!0;var e=this.nativeEvent;e.preventDefault?e.preventDefault():e.returnValue=!1,this.isDefaultPrevented=a.thatReturnsTrue},stopPropagation:function(){var e=this.nativeEvent;e.stopPropagation?e.stopPropagation():e.cancelBubble=!0,this.isPropagationStopped=a.thatReturnsTrue},persist:function(){this.isPersistent=a.thatReturnsTrue},isPersistent:a.thatReturnsFalse,destructor:function(){var e=this.constructor.Interface;for(var t in e)this[t]=null;this.dispatchConfig=null,this.dispatchMarker=null,this.nativeEvent=null}}),r.Interface=s,r.augmentClass=function(e,t){var n=this,r=Object.create(n.prototype);i(r,e.prototype),e.prototype=r,e.prototype.constructor=e,e.Interface=i({},n.Interface,t),e.augmentClass=n.augmentClass,o.addPoolingTo(e,o.threeArgumentPooler)},o.addPoolingTo(r,o.threeArgumentPooler),t.exports=r},{112:112,123:123,27:27,28:28}],94:[function(e,t,n){"use strict";function r(e,t,n){o.call(this,e,t,n)}var o=e(99),i={relatedTarget:null};o.augmentClass(r,i),t.exports=r},{99:99}],95:[function(e,t,n){"use strict";function r(e,t,n){o.call(this,e,t,n)}var o=e(93),i={data:null};o.augmentClass(r,i),t.exports=r},{93:93}],96:[function(e,t,n){"use strict";function r(e,t,n){o.call(this,e,t,n)}var o=e(99),i=e(120),a=e(121),u=e(122),s={key:a,location:null,ctrlKey:null,shiftKey:null,altKey:null,metaKey:null,repeat:null,locale:null,getModifierState:u,charCode:function(e){return"keypress"===e.type?i(e):0},keyCode:function(e){return"keydown"===e.type||"keyup"===e.type?e.keyCode:0},which:function(e){return"keypress"===e.type?i(e):"keydown"===e.type||"keyup"===e.type?e.keyCode:0}};o.augmentClass(r,s),t.exports=r},{120:120,121:121,122:122,99:99}],97:[function(e,t,n){"use strict";function r(e,t,n){o.call(this,e,t,n)}var o=e(99),i=e(102),a=e(122),u={screenX:null,screenY:null,clientX:null,clientY:null,ctrlKey:null,shiftKey:null,altKey:null,metaKey:null,getModifierState:a,button:function(e){var t=e.button;return"which"in e?t:2===t?2:4===t?1:0},buttons:null,relatedTarget:function(e){return e.relatedTarget||(e.fromElement===e.srcElement?e.toElement:e.fromElement)},pageX:function(e){return"pageX"in e?e.pageX:e.clientX+i.currentScrollLeft},pageY:function(e){return"pageY"in e?e.pageY:e.clientY+i.currentScrollTop}};o.augmentClass(r,u),t.exports=r},{102:102,122:122,99:99}],98:[function(e,t,n){"use strict";function r(e,t,n){o.call(this,e,t,n)}var o=e(99),i=e(122),a={touches:null,targetTouches:null,changedTouches:null,altKey:null,metaKey:null,ctrlKey:null,shiftKey:null,getModifierState:i};o.augmentClass(r,a),t.exports=r},{122:122,99:99}],99:[function(e,t,n){"use strict";function r(e,t,n){o.call(this,e,t,n)}var o=e(93),i=e(123),a={view:function(e){if(e.view)return e.view;var t=i(e);if(null!=t&&t.window===t)return t;var n=t.ownerDocument;return n?n.defaultView||n.parentWindow:window},detail:function(e){return e.detail||0}};o.augmentClass(r,a),t.exports=r},{123:123,93:93}],100:[function(e,t,n){"use strict";function r(e,t,n){o.call(this,e,t,n)}var o=e(97),i={deltaX:function(e){return"deltaX"in e?e.deltaX:"wheelDeltaX"in e?-e.wheelDeltaX:0},deltaY:function(e){return"deltaY"in e?e.deltaY:"wheelDeltaY"in e?-e.wheelDeltaY:"wheelDelta"in e?-e.wheelDelta:0},deltaZ:null,deltaMode:null};o.augmentClass(r,i),t.exports=r},{97:97}],101:[function(e,t,n){"use strict";var r=e(133),o={reinitializeTransaction:function(){this.transactionWrappers=this.getTransactionWrappers(),this.wrapperInitData?this.wrapperInitData.length=0:this.wrapperInitData=[],this._isInTransaction=!1},_isInTransaction:!1,getTransactionWrappers:null,isInTransaction:function(){return!!this._isInTransaction},perform:function(e,t,n,o,i,a,u,s){r(!this.isInTransaction());var l,c;try{this._isInTransaction=!0,l=!0,this.initializeAll(0),c=e.call(t,n,o,i,a,u,s),l=!1}finally{try{if(l)try{this.closeAll(0)}catch(p){}else this.closeAll(0)}finally{this._isInTransaction=!1}}return c},initializeAll:function(e){for(var t=this.transactionWrappers,n=e;n<t.length;n++){var r=t[n];try{this.wrapperInitData[n]=i.OBSERVED_ERROR,this.wrapperInitData[n]=r.initialize?r.initialize.call(this):null}finally{if(this.wrapperInitData[n]===i.OBSERVED_ERROR)try{this.initializeAll(n+1)}catch(o){}}}},closeAll:function(e){r(this.isInTransaction());for(var t=this.transactionWrappers,n=e;n<t.length;n++){var o,a=t[n],u=this.wrapperInitData[n];try{o=!0,u!==i.OBSERVED_ERROR&&a.close&&a.close.call(this,u),o=!1}finally{if(o)try{this.closeAll(n+1)}catch(s){}}}this.wrapperInitData.length=0}},i={Mixin:o,OBSERVED_ERROR:{}};t.exports=i},{133:133}],102:[function(e,t,n){"use strict";var r={currentScrollLeft:0,currentScrollTop:0,refreshScrollValues:function(e){r.currentScrollLeft=e.x,r.currentScrollTop=e.y}};t.exports=r},{}],103:[function(e,t,n){"use strict";function r(e,t){if(o(null!=t),null==e)return t;var n=Array.isArray(e),r=Array.isArray(t);return n&&r?(e.push.apply(e,t),e):n?(e.push(t),e):r?[e].concat(t):[e,t]}var o=e(133);t.exports=r},{133:133}],104:[function(e,t,n){"use strict";function r(e){for(var t=1,n=0,r=0;r<e.length;r++)t=(t+e.charCodeAt(r))%o,n=(n+t)%o;return t|n<<16}var o=65521;t.exports=r},{}],105:[function(e,t,n){function r(e){return e.replace(o,function(e,t){return t.toUpperCase()})}var o=/-(.)/g;t.exports=r},{}],106:[function(e,t,n){"use strict";function r(e){return o(e.replace(i,"ms-"))}var o=e(105),i=/^-ms-/;t.exports=r},{105:105}],107:[function(e,t,n){function r(e,t){return e&&t?e===t?!0:o(e)?!1:o(t)?r(e,t.parentNode):e.contains?e.contains(t):e.compareDocumentPosition?!!(16&e.compareDocumentPosition(t)):!1:!1}var o=e(137);t.exports=r},{137:137}],108:[function(e,t,n){function r(e){return!!e&&("object"==typeof e||"function"==typeof e)&&"length"in e&&!("setInterval"in e)&&"number"!=typeof e.nodeType&&(Array.isArray(e)||"callee"in e||"item"in e)}function o(e){return r(e)?Array.isArray(e)?e.slice():i(e):[e]}var i=e(148);t.exports=o},{148:148}],109:[function(e,t,n){"use strict";function r(e){var t=i.createFactory(e),n=o.createClass({tagName:e.toUpperCase(),displayName:"ReactFullPageComponent"+e,componentWillUnmount:function(){a(!1)},render:function(){return t(this.props)}});return n}var o=e(33),i=e(55),a=e(133);t.exports=r},{133:133,33:33,55:55}],110:[function(e,t,n){function r(e){var t=e.match(c);return t&&t[1].toLowerCase()}function o(e,t){var n=l;s(!!l);var o=r(e),i=o&&u(o);if(i){n.innerHTML=i[1]+e+i[2];for(var c=i[0];c--;)n=n.lastChild}else n.innerHTML=e;var p=n.getElementsByTagName("script");p.length&&(s(t),a(p).forEach(t));for(var d=a(n.childNodes);n.lastChild;)n.removeChild(n.lastChild);return d}var i=e(21),a=e(108),u=e(125),s=e(133),l=i.canUseDOM?document.createElement("div"):null,c=/^\s*<(\w+)/;t.exports=o},{108:108,125:125,133:133,21:21}],111:[function(e,t,n){"use strict";function r(e,t){var n=null==t||"boolean"==typeof t||""===t;if(n)return"";var r=isNaN(t);return r||0===t||i.hasOwnProperty(e)&&i[e]?""+t:("string"==typeof t&&(t=t.trim()),t+"px")}var o=e(4),i=o.isUnitlessNumber;t.exports=r},{4:4}],112:[function(e,t,n){function r(e){return function(){return e}}function o(){}o.thatReturns=r,o.thatReturnsFalse=r(!1),o.thatReturnsTrue=r(!0),o.thatReturnsNull=r(null),o.thatReturnsThis=function(){return this},o.thatReturnsArgument=function(e){return e},t.exports=o},{}],113:[function(e,t,n){"use strict";var r={};t.exports=r},{}],114:[function(e,t,n){"use strict";function r(e){return i[e]}function o(e){return(""+e).replace(a,r)}var i={"&":"&",">":">","<":"<",'"':""","'":"'"},a=/[&><"']/g;t.exports=o},{}],115:[function(e,t,n){"use strict";function r(e){return null==e?null:u(e)?e:o.has(e)?i.getNodeFromInstance(e):(a(null==e.render||"function"!=typeof e.render),void a(!1))}{var o=(e(39),e(65)),i=e(68),a=e(133),u=e(135);e(150)}t.exports=r},{133:133,135:135,150:150,39:39,65:65,68:68}],116:[function(e,t,n){"use strict";function r(e,t,n){var r=e,o=!r.hasOwnProperty(n);o&&null!=t&&(r[n]=t)}function o(e){if(null==e)return e;var t={};return i(e,r,t),t}{var i=e(149);e(150)}t.exports=o},{149:149,150:150}],117:[function(e,t,n){"use strict";function r(e){try{e.focus()}catch(t){}}t.exports=r},{}],118:[function(e,t,n){"use strict";var r=function(e,t,n){Array.isArray(e)?e.forEach(t,n):e&&t.call(n,e)};t.exports=r},{}],119:[function(e,t,n){function r(){try{return document.activeElement||document.body}catch(e){return document.body}}t.exports=r},{}],120:[function(e,t,n){"use strict";function r(e){var t,n=e.keyCode;return"charCode"in e?(t=e.charCode,0===t&&13===n&&(t=13)):t=n,t>=32||13===t?t:0}t.exports=r},{}],121:[function(e,t,n){"use strict";function r(e){if(e.key){var t=i[e.key]||e.key;if("Unidentified"!==t)return t}if("keypress"===e.type){var n=o(e);return 13===n?"Enter":String.fromCharCode(n)}return"keydown"===e.type||"keyup"===e.type?a[e.keyCode]||"Unidentified":""}var o=e(120),i={Esc:"Escape",Spacebar:" ",Left:"ArrowLeft",Up:"ArrowUp",Right:"ArrowRight",Down:"ArrowDown",Del:"Delete",Win:"OS",Menu:"ContextMenu",Apps:"ContextMenu",Scroll:"ScrollLock",MozPrintableKey:"Unidentified"},a={8:"Backspace",9:"Tab",12:"Clear",13:"Enter",16:"Shift",17:"Control",18:"Alt",19:"Pause",20:"CapsLock",27:"Escape",32:" ",33:"PageUp",34:"PageDown",35:"End",36:"Home",37:"ArrowLeft",38:"ArrowUp",39:"ArrowRight",40:"ArrowDown",45:"Insert",46:"Delete",112:"F1",113:"F2",114:"F3",115:"F4",116:"F5",117:"F6",118:"F7",119:"F8",120:"F9",121:"F10",122:"F11",123:"F12",144:"NumLock",145:"ScrollLock",224:"Meta"};t.exports=r},{120:120}],122:[function(e,t,n){"use strict";function r(e){var t=this,n=t.nativeEvent;if(n.getModifierState)return n.getModifierState(e);var r=i[e];return r?!!n[r]:!1}function o(e){return r}var i={Alt:"altKey",Control:"ctrlKey",Meta:"metaKey",Shift:"shiftKey"};t.exports=o},{}],123:[function(e,t,n){"use strict";function r(e){var t=e.target||e.srcElement||window;return 3===t.nodeType?t.parentNode:t}t.exports=r},{}],124:[function(e,t,n){"use strict";function r(e){var t=e&&(o&&e[o]||e[i]);return"function"==typeof t?t:void 0}var o="function"==typeof Symbol&&Symbol.iterator,i="@@iterator";t.exports=r},{}],125:[function(e,t,n){function r(e){return i(!!a),d.hasOwnProperty(e)||(e="*"),u.hasOwnProperty(e)||("*"===e?a.innerHTML="<link />":a.innerHTML="<"+e+"></"+e+">",u[e]=!a.firstChild),u[e]?d[e]:null}var o=e(21),i=e(133),a=o.canUseDOM?document.createElement("div"):null,u={circle:!0,defs:!0,ellipse:!0,g:!0,line:!0,linearGradient:!0,path:!0,polygon:!0,polyline:!0,radialGradient:!0,rect:!0,stop:!0,text:!0},s=[1,'<select multiple="true">',"</select>"],l=[1,"<table>","</table>"],c=[3,"<table><tbody><tr>","</tr></tbody></table>"],p=[1,"<svg>","</svg>"],d={"*":[1,"?<div>","</div>"],area:[1,"<map>","</map>"],col:[2,"<table><tbody></tbody><colgroup>","</colgroup></table>"],legend:[1,"<fieldset>","</fieldset>"],param:[1,"<object>","</object>"],tr:[2,"<table><tbody>","</tbody></table>"],optgroup:s,option:s,caption:l,colgroup:l,tbody:l,tfoot:l,thead:l,td:c,th:c,circle:p,defs:p,ellipse:p,g:p,line:p,linearGradient:p,path:p,polygon:p,polyline:p,radialGradient:p,rect:p,stop:p,text:p};t.exports=r},{133:133,21:21}],126:[function(e,t,n){"use strict";function r(e){for(;e&&e.firstChild;)e=e.firstChild;return e}function o(e){for(;e;){if(e.nextSibling)return e.nextSibling;e=e.parentNode}}function i(e,t){for(var n=r(e),i=0,a=0;n;){if(3===n.nodeType){if(a=i+n.textContent.length,t>=i&&a>=t)return{node:n,offset:t-i};i=a}n=r(o(n))}}t.exports=i},{}],127:[function(e,t,n){"use strict";function r(e){return e?e.nodeType===o?e.documentElement:e.firstChild:null}var o=9;t.exports=r},{}],128:[function(e,t,n){"use strict";function r(){return!i&&o.canUseDOM&&(i="textContent"in document.documentElement?"textContent":"innerText"),i}var o=e(21),i=null;t.exports=r},{21:21}],129:[function(e,t,n){"use strict";function r(e){return e===window?{x:window.pageXOffset||document.documentElement.scrollLeft,y:window.pageYOffset||document.documentElement.scrollTop}:{x:e.scrollLeft,y:e.scrollTop}}t.exports=r},{}],130:[function(e,t,n){function r(e){return e.replace(o,"-$1").toLowerCase()}var o=/([A-Z])/g;t.exports=r},{}],131:[function(e,t,n){"use strict";function r(e){return o(e).replace(i,"-ms-")}var o=e(130),i=/^ms-/;t.exports=r},{130:130}],132:[function(e,t,n){"use strict";function r(e){return"function"==typeof e&&"undefined"!=typeof e.prototype&&"function"==typeof e.prototype.mountComponent&&"function"==typeof e.prototype.receiveComponent}function o(e,t){var n;if((null===e||e===!1)&&(e=a.emptyElement),"object"==typeof e){var o=e;n=t===o.type&&"string"==typeof o.type?u.createInternalComponent(o):r(o.type)?new o.type(o):new c}else"string"==typeof e||"number"==typeof e?n=u.createInstanceForText(e):l(!1);return n.construct(e),n._mountIndex=0,n._mountImage=null,n}var i=e(37),a=e(57),u=e(71),s=e(27),l=e(133),c=(e(150),function(){});s(c.prototype,i.Mixin,{_instantiateReactComponent:o}),t.exports=o},{133:133,150:150,27:27,37:37,57:57,71:71}],133:[function(e,t,n){"use strict";var r=function(e,t,n,r,o,i,a,u){if(!e){var s;if(void 0===t)s=new Error("Minified exception occurred; use the non-minified dev environment for the full error message and additional helpful warnings.");else{var l=[n,r,o,i,a,u],c=0;s=new Error("Invariant Violation: "+t.replace(/%s/g,function(){return l[c++]}))}throw s.framesToPop=1,s}};t.exports=r},{}],134:[function(e,t,n){"use strict";function r(e,t){if(!i.canUseDOM||t&&!("addEventListener"in document))return!1;var n="on"+e,r=n in document;if(!r){var a=document.createElement("div");a.setAttribute(n,"return;"),r="function"==typeof a[n]}return!r&&o&&"wheel"===e&&(r=document.implementation.hasFeature("Events.wheel","3.0")),r}var o,i=e(21);i.canUseDOM&&(o=document.implementation&&document.implementation.hasFeature&&document.implementation.hasFeature("","")!==!0),t.exports=r},{21:21}],135:[function(e,t,n){function r(e){return!(!e||!("function"==typeof Node?e instanceof Node:"object"==typeof e&&"number"==typeof e.nodeType&&"string"==typeof e.nodeName))}t.exports=r},{}],136:[function(e,t,n){"use strict";function r(e){return e&&("INPUT"===e.nodeName&&o[e.type]||"TEXTAREA"===e.nodeName)}var o={color:!0,date:!0,datetime:!0,"datetime-local":!0,email:!0,month:!0,number:!0,password:!0,range:!0,search:!0,tel:!0,text:!0,time:!0,url:!0,week:!0};t.exports=r},{}],137:[function(e,t,n){function r(e){return o(e)&&3==e.nodeType}var o=e(135);t.exports=r},{135:135}],138:[function(e,t,n){"use strict";var r=e(133),o=function(e){var t,n={};r(e instanceof Object&&!Array.isArray(e));for(t in e)e.hasOwnProperty(t)&&(n[t]=t);return n};t.exports=o},{133:133}],139:[function(e,t,n){var r=function(e){var t;for(t in e)if(e.hasOwnProperty(t))return t;return null};t.exports=r},{}],140:[function(e,t,n){"use strict";function r(e,t,n){if(!e)return null;var r={};for(var i in e)o.call(e,i)&&(r[i]=t.call(n,e[i],i,e));return r}var o=Object.prototype.hasOwnProperty;t.exports=r},{}],141:[function(e,t,n){"use strict";function r(e){var t={};return function(n){return t.hasOwnProperty(n)||(t[n]=e.call(this,n)),t[n]}}t.exports=r},{}],142:[function(e,t,n){"use strict";function r(e){return i(o.isValidElement(e)),e}var o=e(55),i=e(133);t.exports=r},{133:133,55:55}],143:[function(e,t,n){"use strict";function r(e){return'"'+o(e)+'"'}var o=e(114);t.exports=r},{114:114}],144:[function(e,t,n){"use strict";var r=e(21),o=/^[ \r\n\t\f]/,i=/<(!--|link|noscript|meta|script|style)[ \r\n\t\f\/>]/,a=function(e,t){e.innerHTML=t};if("undefined"!=typeof MSApp&&MSApp.execUnsafeLocalFunction&&(a=function(e,t){MSApp.execUnsafeLocalFunction(function(){e.innerHTML=t})}),r.canUseDOM){var u=document.createElement("div");u.innerHTML=" ",""===u.innerHTML&&(a=function(e,t){if(e.parentNode&&e.parentNode.replaceChild(e,e),o.test(t)||"<"===t[0]&&i.test(t)){e.innerHTML="\ufeff"+t;var n=e.firstChild;1===n.data.length?e.removeChild(n):n.deleteData(0,1)}else e.innerHTML=t})}t.exports=a},{21:21}],145:[function(e,t,n){"use strict";var r=e(21),o=e(114),i=e(144),a=function(e,t){e.textContent=t};r.canUseDOM&&("textContent"in document.documentElement||(a=function(e,t){i(e,o(t))})),t.exports=a},{114:114,144:144,21:21}],146:[function(e,t,n){"use strict";function r(e,t){if(e===t)return!0;var n;for(n in e)if(e.hasOwnProperty(n)&&(!t.hasOwnProperty(n)||e[n]!==t[n]))return!1;for(n in t)if(t.hasOwnProperty(n)&&!e.hasOwnProperty(n))return!1;return!0}t.exports=r},{}],147:[function(e,t,n){"use strict";function r(e,t){if(null!=e&&null!=t){var n=typeof e,r=typeof t;if("string"===n||"number"===n)return"string"===r||"number"===r;if("object"===r&&e.type===t.type&&e.key===t.key){var o=e._owner===t._owner;return o}}return!1}e(150);t.exports=r},{150:150}],148:[function(e,t,n){function r(e){var t=e.length;if(o(!Array.isArray(e)&&("object"==typeof e||"function"==typeof e)),o("number"==typeof t),o(0===t||t-1 in e),e.hasOwnProperty)try{return Array.prototype.slice.call(e)}catch(n){}for(var r=Array(t),i=0;t>i;i++)r[i]=e[i];return r}var o=e(133);t.exports=r},{133:133}],149:[function(e,t,n){"use strict";function r(e){return v[e]}function o(e,t){return e&&null!=e.key?a(e.key):t.toString(36)}function i(e){return(""+e).replace(g,r)}function a(e){return"$"+i(e)}function u(e,t,n,r,i){var s=typeof e;if(("undefined"===s||"boolean"===s)&&(e=null),null===e||"string"===s||"number"===s||l.isValidElement(e))return r(i,e,""===t?h+o(e,0):t,n),1;var p,v,g,y=0;if(Array.isArray(e))for(var C=0;C<e.length;C++)p=e[C],v=(""!==t?t+m:h)+o(p,C),g=n+y,y+=u(p,v,g,r,i);else{var E=d(e);if(E){var b,_=E.call(e);if(E!==e.entries)for(var x=0;!(b=_.next()).done;)p=b.value,v=(""!==t?t+m:h)+o(p,x++),g=n+y,y+=u(p,v,g,r,i);else for(;!(b=_.next()).done;){var D=b.value;D&&(p=D[1],v=(""!==t?t+m:h)+a(D[0])+m+o(p,0),g=n+y,y+=u(p,v,g,r,i))}}else if("object"===s){f(1!==e.nodeType);var M=c.extract(e);for(var N in M)M.hasOwnProperty(N)&&(p=M[N],v=(""!==t?t+m:h)+a(N)+m+o(p,0),g=n+y,y+=u(p,v,g,r,i))}}return y}function s(e,t,n){return null==e?0:u(e,"",0,t,n)}var l=e(55),c=e(61),p=e(64),d=e(124),f=e(133),h=(e(150),p.SEPARATOR),m=":",v={"=":"=0",".":"=1",":":"=2"},g=/[=.:]/g;t.exports=s},{124:124,133:133,150:150,55:55,61:61,64:64}],150:[function(e,t,n){"use strict";var r=e(112),o=r;t.exports=o},{112:112}]},{},[1])(1)});
\ No newline at end of file diff --git a/ext/installfiles/mac/ui/simpleajax.min.js b/ext/installfiles/mac/ui/simpleajax.min.js deleted file mode 100644 index bd15dbdd..00000000 --- a/ext/installfiles/mac/ui/simpleajax.min.js +++ /dev/null @@ -1,2 +0,0 @@ -/** SimpleAjax v1.0.1 - MIT license - https://github.com/freelancephp/SimpleAjax */ -(function(window){var SimpleAjax=window.SimpleAjax={xhr:null,settings:{url:"",type:"GET",dataType:"text",async:true,cache:true,data:null,contentType:"application/x-www-form-urlencoded",success:null,error:null,complete:null,accepts:{text:"text/plain",html:"text/html",xml:"application/xml, text/xml",json:"application/json, text/javascript"}},call:function(a){var b=this,c=window.XMLHttpRequest?new XMLHttpRequest:new ActiveXObject("Microsoft.XMLHTTP"),d=function(a,b){var c={};for(var d in a)c[d]=typeof b[d]=="undefined"?a[d]:b[d];return c}(this.settings,a),e=function(){if(c.readyState==4){if(c.status>=200&&c.status<300||c.status===304){var a=d.dataType=="xml"?c.responseXML:c.responseText;if(d.dataType=="json")a=b.parseJSON(a);if(b.isFunction(d.success))d.success.call(d,a,c.status,c)}else{if(b.isFunction(d.error))d.error.call(d,c,c.status)}if(b.isFunction(d.complete))d.complete.call(d,c,c.status)}};this.xhr=c;if(!d.cache)d.url+=(d.url.indexOf("?")>-1?"&":"?")+"_nocache="+(new Date).getTime();if(d.data){if(d.type=="GET"){d.url+=(d.url.indexOf("?")>-1?"&":"?")+this.param(d.data);d.data=null}else{d.data=this.param(d.data)}}c.open(d.type,d.url,d.async);c.setRequestHeader("Content-type",d.contentType);if(d.dataType&&d.accepts[d.dataType])c.setRequestHeader("Accept",d.accepts[d.dataType]);if(d.async){c.onreadystatechange=e;c.send(d.data)}else{c.send(d.data);e()}return this},get:function(a,b,c){if(this.isFunction(b)){c=b;b=null}return this.call({url:a,type:"GET",data:b,success:c})},post:function(a,b,c){if(this.isFunction(b)){c=b;b=null}return this.call({url:a,type:"POST",data:b,success:c})},load:function(a,b,c,d){if(typeof a=="string")a=document.getElementById(a);return this.call({url:b,type:c?"POST":"GET",data:c||null,complete:d||null,success:function(b){try{a.innerHTML=b}catch(c){var d=document.createElement("div");d.innerHTML=b;while(a.firstChild)a.removeChild(a.firstChild);for(var e=0,f=d.childNodes.length;e<f;e++)a.appendChild(d.childNodes[e])}}})},param:function(a){var b=[];for(var c in a){b.push(encodeURIComponent(c)+"="+encodeURIComponent(a[c]))}return b.join("&")},parseJSON:function(data){if(typeof data!=="string"||!data)return null;return eval("("+this.trim(data)+")")},trim:function(a){return a.replace(/^\s+/,"").replace(/\s+$/,"")},isFunction:function(a){return Object.prototype.toString.call(a)==="[object Function]"}};if(!window.Ajax){window.Ajax=SimpleAjax}})(window)
\ No newline at end of file diff --git a/ext/installfiles/mac/ui/zerotier.css b/ext/installfiles/mac/ui/zerotier.css deleted file mode 100644 index 9f72024a..00000000 --- a/ext/installfiles/mac/ui/zerotier.css +++ /dev/null @@ -1,199 +0,0 @@ -/* Dark blue-grey: #234447 - * Light blue-grey: #91a2a3 - * Light yellow: #ffffcc - * Orange: #ffb354 */ - -html,body { - font-family: "Helvetica Neue","Lucida Sans Unicode",sans-serif; - font-size: 12pt; - margin: 0; - padding: 0; - width: 100%; - height: 100%; - overflow: hidden; -} - -.zeroTierAddress { - font-family: monospace; -} - -.zeroTierNode { - width: 100%; - height: 100%; - padding: 0; - margin: 0; - display: table; -} - -.zeroTierNode > .middle { - width: 100%; - height: 100%; - padding: 0; - margin: 0; - overflow: hidden; - display: table-row; -} -.zeroTierNode > .middle > .middleCell { - width: 100%; - height: 100%; - display: table-cell; - border-bottom: 1px solid #cfcfcf; -} -.zeroTierNode > .middle > .middleCell > .middleScroll { - display: block; - width: 100%; - height: 100%; - padding: 0; - margin: 0; - overflow: scroll; - overflow-x: hidden; - overflow-y: scroll; - background: #dddddd; -} -.zeroTierNode > .middle > .middleCell > .middleScroll > .networks { - display: block; - width: 100%; - padding: 0 0 0.25rem 0; - margin: 0; - border: 0; - text-align: left; - border-collapse: collapse; -} -.zeroTierNode > .middle > .middleCell > .middleScroll > .networks > .network { - display: block; - border-top: 0.12rem solid #dddddd; - border-bottom: 0.12rem solid #dddddd; - padding: 0.25rem; - background: #ffffff; -} - -.zeroTierNode > .bottom { - font-size: 12pt; - width: 100%; - overflow: hidden; - display: table-row; - color: #000000; - background: #dfdfdf; -} -.zeroTierNode > .bottom > .left { - text-align: left; - white-space: nowrap; - float: left; - padding: 0 0 0 0.5rem; - font-size: 12pt; - height: 100%; -} -.zeroTierNode > .bottom > .left > .statusLine { - font-family: monospace; - white-space: nowrap; - font-size: 11pt; - height: 100%; -} -.zeroTierNode > .bottom > .right { - text-align: right; - height: 100%; - white-space: nowrap; - float: right; - font-size: 12pt; - background: #ffffff; -} -.zeroTierNode > .bottom > .right form { - height: 100%; -} -.zeroTierNode > .bottom > .right input { - font-family: monospace; - font-size: 12pt; - background: #ffffff; - color: #000000; - outline: none; - outline-style: none; - box-shadow: 0; - border: 0; - margin: 0; - padding: 0 0.25rem 0 0.25rem; - display: inline; - height: 100%; -} -.zeroTierNode > .bottom > .right button { - display: inline-block; - font-size: 12pt; - background: #ffb354; - border: 1px solid #ffb354; - color: #000000; - margin: 0; - padding: 0.05rem 0.75rem 0.05rem 0.75rem; - outline: none; - outline-style: none; - height: 100%; -} -.zeroTierNode > .bottom > .right button:hover { - cursor: pointer; - outline: none; - outline-style: none; - border: 1px solid #000000; -} - -.zeroTierNetwork { - padding: 0; - margin: 0; - display: inline-block; - text-align: right; - width: 100%; - position: relative; -} -.zeroTierNetwork .networkInfo { - padding: 0 0 0.25rem 0; - text-align: left; - font-size: 12pt; -} -.zeroTierNetwork .networkInfo .networkId { - font-size: 11pt; - font-family: monospace; - color: #000000; -} -.zeroTierNetwork .networkInfo .networkName { - padding: 0 0 0 1rem; - float: right; - font-size: 12pt; -} -.zeroTierNetwork .networkProps { - width: 100%; - display: table; - padding: 0; - margin: 0 auto 0 auto; - border-top: 1px solid #999999; - border-bottom: 1px solid #999999; -} -.zeroTierNetwork .networkProps > .row { - display: table-row; -} -.zeroTierNetwork .networkProps > .row > .name { - display: table-cell; - font-size: 10pt; - padding: 0.1rem 0.5rem 0.1rem 0.5rem; -} -.zeroTierNetwork .networkProps > .row > .value { - font-size: 10pt; - display: table-cell; - padding: 0.1rem 0.5rem 0.1rem 0.5rem; - background: #eeeeee; -} -.zeroTierNetwork .ipList { -} -.zeroTierNetwork .ipAddress { - font-family: monospace; - font-size: 10pt; -} -.zeroTierNetwork .leaveNetworkButton { - padding: 0.25rem 0.5rem 0.25rem 0.5rem; - margin: 0.25rem 0 0 0; - font-size: 9pt; - background: #ffffff; - outline: none; - background: #ffb354; - border: 1px solid #ffb354; - cursor: pointer; -} -.zeroTierNetwork .leaveNetworkButton:hover { - border: 1px solid #000000; -} diff --git a/ext/installfiles/mac/ui/ztui.min.js b/ext/installfiles/mac/ui/ztui.min.js deleted file mode 100644 index 17982839..00000000 --- a/ext/installfiles/mac/ui/ztui.min.js +++ /dev/null @@ -1 +0,0 @@ -var ZeroTierNetwork=React.createClass({displayName:"ZeroTierNetwork",getInitialState:function(){return{}},leaveNetwork:function(e){Ajax.call({url:"network/"+this.props.nwid+"?auth="+this.props.authToken,cache:!1,type:"DELETE",success:function(e){this.props.onNetworkDeleted&&this.props.onNetworkDeleted(this.props.nwid)}.bind(this),error:function(e){}.bind(this)}),e.preventDefault()},render:function(){return React.createElement("div",{className:"zeroTierNetwork"},React.createElement("div",{className:"networkInfo"},React.createElement("span",{className:"networkId"},this.props.nwid)," ",React.createElement("span",{className:"networkName"},this.props.name)),React.createElement("div",{className:"networkProps"},React.createElement("div",{className:"row"},React.createElement("div",{className:"name"},"Status"),React.createElement("div",{className:"value"},this.props.status)),React.createElement("div",{className:"row"},React.createElement("div",{className:"name"},"Type"),React.createElement("div",{className:"value"},this.props.type)),React.createElement("div",{className:"row"},React.createElement("div",{className:"name"},"MAC"),React.createElement("div",{className:"value zeroTierAddress"},this.props.mac)),React.createElement("div",{className:"row"},React.createElement("div",{className:"name"},"MTU"),React.createElement("div",{className:"value"},this.props.mtu)),React.createElement("div",{className:"row"},React.createElement("div",{className:"name"},"Broadcast"),React.createElement("div",{className:"value"},this.props.broadcastEnabled?"ENABLED":"DISABLED")),React.createElement("div",{className:"row"},React.createElement("div",{className:"name"},"Bridging"),React.createElement("div",{className:"value"},this.props.bridge?"ACTIVE":"DISABLED")),React.createElement("div",{className:"row"},React.createElement("div",{className:"name"},"Device"),React.createElement("div",{className:"value"},this.props.portDeviceName?this.props.portDeviceName:"(none)")),React.createElement("div",{className:"row"},React.createElement("div",{className:"name"},"Managed IPs"),React.createElement("div",{className:"value ipList"},this.props.assignedAddresses.map(function(e){return React.createElement("div",{key:e,className:"ipAddress"},e)})))),React.createElement("button",{type:"button",className:"leaveNetworkButton",onClick:this.leaveNetwork},"Leave Network"))}}); var ZeroTierNode=React.createClass({displayName:"ZeroTierNode",getInitialState:function(){return{address:"----------",online:!1,version:"_._._",_networks:[],_peers:[]}},ago:function(e){if(e>0){var t=Math.round((Date.now()-e)/1e3);return t>0?t:0}return 0},updatePeers:function(){Ajax.call({url:"peer?auth="+this.props.authToken,cache:!1,type:"GET",success:function(e){if(e){var t=JSON.parse(e);Array.isArray(t)&&this.setState({_peers:t})}}.bind(this),error:function(){}.bind(this)})},updateNetworks:function(){Ajax.call({url:"network?auth="+this.props.authToken,cache:!1,type:"GET",success:function(e){if(e){var t=JSON.parse(e);Array.isArray(t)&&this.setState({_networks:t})}}.bind(this),error:function(){}.bind(this)})},updateAll:function(){Ajax.call({url:"status?auth="+this.props.authToken,cache:!1,type:"GET",success:function(e){if(this.alertedToFailure=!1,e){var t=JSON.parse(e);this.setState(t),document.title="ZeroTier One ["+t.address+"]"}this.updateNetworks(),this.updatePeers()}.bind(this),error:function(){this.setState(this.getInitialState()),this.alertedToFailure||(this.alertedToFailure=!0,alert("Authorization token invalid or ZeroTier One service not running."))}.bind(this)})},joinNetwork:function(e){e.preventDefault(),this.networkToJoin&&16===this.networkToJoin.length?Ajax.call({url:"network/"+this.networkToJoin+"?auth="+this.props.authToken,cache:!1,type:"POST",success:function(e){this.networkToJoin="",this.networkInputElement&&(this.networkInputElement.value=""),this.updateNetworks()}.bind(this),error:function(){}.bind(this)}):alert("To join a network, enter its 16-digit network ID.")},handleNetworkIdEntry:function(e){this.networkInputElement=e.target;var t=this.networkInputElement.value;if(t){t=t.toLowerCase();for(var n="",a=0;a<t.length&&16>a;++a)"0123456789abcdef".indexOf(t.charAt(a))>=0&&(n+=t.charAt(a));this.networkToJoin=n,this.networkInputElement.value=n}else this.networkToJoin="",this.networkInputElement.value=""},handleNetworkDelete:function(e){for(var t=[],n=0;n<this.state._networks.length;++n)this.state._networks[n].nwid!==e&&t.push(this.state._networks[n]);this.setState({_networks:t})},componentDidMount:function(){this.updateAll(),this.updateIntervalId=setInterval(this.updateAll,2500)},componentWillUnmount:function(){clearInterval(this.updateIntervalId)},render:function(){return React.createElement("div",{className:"zeroTierNode"},React.createElement("div",{className:"middle"},React.createElement("div",{className:"middleCell"},React.createElement("div",{className:"middleScroll"},React.createElement("div",{className:"networks",key:"_networks"},this.state._networks.map(function(e){return e.authToken=this.props.authToken,e.onNetworkDeleted=this.handleNetworkDelete,React.createElement("div",{className:"network",key:e.nwid},React.createElement(ZeroTierNetwork,e))}.bind(this)))))),React.createElement("div",{className:"bottom"},React.createElement("div",{className:"left"},React.createElement("span",{className:"statusLine"},React.createElement("span",{className:"zeroTierAddress"},this.state.address)," ",this.state.online?this.state.tcpFallbackActive?"TUNNELED":"ONLINE":"OFFLINE"," ",this.state.version)),React.createElement("div",{className:"right"},React.createElement("form",{onSubmit:this.joinNetwork},React.createElement("input",{type:"text",maxlength:"16",placeholder:"[ Network ID ]",onChange:this.handleNetworkIdEntry,size:"16"}),React.createElement("button",{type:"button",onClick:this.joinNetwork},"Join")))))}}); diff --git a/ext/installfiles/windows/ZeroTier One Virtual Network Port (NDIS6_x64).aip b/ext/installfiles/windows/ZeroTier One Virtual Network Port (NDIS6_x64).aip index a10cb1e5..db8566cd 100644 --- a/ext/installfiles/windows/ZeroTier One Virtual Network Port (NDIS6_x64).aip +++ b/ext/installfiles/windows/ZeroTier One Virtual Network Port (NDIS6_x64).aip @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="UTF-8" standalone="yes"?> -<DOCUMENT Type="Advanced Installer" CreateVersion="12.0" version="12.3.1" Modules="enterprise" RootPath="." Language="en" Id="{4070644B-EC9F-4962-B14A-770B9E309DC3}"> +<DOCUMENT Type="Advanced Installer" CreateVersion="12.0" version="12.5.1" Modules="enterprise" RootPath="." Language="en" Id="{4070644B-EC9F-4962-B14A-770B9E309DC3}"> <COMPONENT cid="caphyon.advinst.msicomp.ProjectOptionsComponent"> <ROW Name="HiddenItems" Value="UpdaterComponent;SerValComponent;AutorunComponent;MultipleInstancesComponent;MsiJavaComponent;MsiRegsComponent;MsiExtComponent;MsiAssemblyComponent;MsiServInstComponent;AnalyticsComponent;ActSyncAppComponent;MsiMergeModsComponent;MsiThemeComponent;BackgroundImagesComponent;DictionaryComponent;MsiEnvComponent;ScheduledTasksComponent;CPLAppletComponent;GameUxComponent;FirewallExceptionComponent;UserAccountsComponent;MsiClassComponent;WebApplicationsComponent;MsiOdbcDataSrcComponent;SqlConnectionComponent;SharePointSlnComponent;SilverlightSlnComponent;MsiAppSearchComponent"/> </COMPONENT> @@ -15,7 +15,7 @@ <ROW Property="LIMITUI" MultiBuildValue="DefaultBuild:1"/> <ROW Property="MSIFASTINSTALL" MultiBuildValue="DefaultBuild:2"/> <ROW Property="Manufacturer" Value="ZeroTier"/> - <ROW Property="ProductCode" Value="1033:{D7093B7A-71BA-484B-A27C-59ACDAD2206F} " Type="16"/> + <ROW Property="ProductCode" Value="1033:{4AFE4740-C680-40FE-B6B0-0C15EB0176F1} " Type="16"/> <ROW Property="ProductLanguage" Value="1033"/> <ROW Property="ProductName" Value="ZeroTier One Virtual Network Port"/> <ROW Property="ProductVersion" Value="1.0.0" Type="32"/> @@ -58,7 +58,7 @@ <ROW Path="<AI_DICTS>ui_en.ail"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.DigCertStoreComponent"> - <ROW TimeStampUrl="http://timestamp.verisign.com/scripts/timstamp.dll" SignerDescription="[|ProductName]" SignOptions="7" SignTool="0" Thumbprint="2ad023dc7aa92bf4265b33852a2ed2406d2bee86 Subject: ZeroTier Networks LLC Issuer: DigiCert High Assurance Code Signing CA-1 Valid from 04/24/2015 to 04/01/2016"/> + <ROW TimeStampUrl="http://timestamp.verisign.com/scripts/timstamp.dll" SignerDescription="[|ProductName]" SignOptions="7" SignTool="0" UseSha256="1" Thumbprint="7f01c3746df9e6c8235ea2ae38d3cdfeb185728b Subject: ZeroTier, Inc. Issuer: DigiCert EV Code Signing CA (SHA2) Valid from 11/30/2016 to 12/05/2019"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.FragmentComponent"> <ROW Fragment="CommonUI.aip" Path="<AI_FRAGS>CommonUI.aip"/> diff --git a/ext/installfiles/windows/ZeroTier One Virtual Network Port (NDIS6_x86).aip b/ext/installfiles/windows/ZeroTier One Virtual Network Port (NDIS6_x86).aip index 831516d9..b83b382c 100644 --- a/ext/installfiles/windows/ZeroTier One Virtual Network Port (NDIS6_x86).aip +++ b/ext/installfiles/windows/ZeroTier One Virtual Network Port (NDIS6_x86).aip @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="UTF-8" standalone="yes"?> -<DOCUMENT Type="Advanced Installer" CreateVersion="12.0" version="12.3.1" Modules="enterprise" RootPath="." Language="en" Id="{4070644B-EC9F-4962-B14A-770B9E309DC3}"> +<DOCUMENT Type="Advanced Installer" CreateVersion="12.0" version="12.5.1" Modules="enterprise" RootPath="." Language="en" Id="{4070644B-EC9F-4962-B14A-770B9E309DC3}"> <COMPONENT cid="caphyon.advinst.msicomp.ProjectOptionsComponent"> <ROW Name="HiddenItems" Value="UpdaterComponent;SerValComponent;AutorunComponent;MultipleInstancesComponent;MsiJavaComponent;MsiRegsComponent;MsiExtComponent;MsiAssemblyComponent;MsiServInstComponent;AnalyticsComponent;ActSyncAppComponent;MsiMergeModsComponent;MsiThemeComponent;BackgroundImagesComponent;DictionaryComponent;MsiEnvComponent;ScheduledTasksComponent;CPLAppletComponent;GameUxComponent;FirewallExceptionComponent;UserAccountsComponent;MsiClassComponent;WebApplicationsComponent;MsiOdbcDataSrcComponent;SqlConnectionComponent;SharePointSlnComponent;SilverlightSlnComponent;MsiAppSearchComponent"/> </COMPONENT> @@ -16,7 +16,7 @@ <ROW Property="LIMITUI" MultiBuildValue="DefaultBuild:1"/> <ROW Property="MSIFASTINSTALL" MultiBuildValue="DefaultBuild:2"/> <ROW Property="Manufacturer" Value="ZeroTier"/> - <ROW Property="ProductCode" Value="1033:{6223AB10-D6CD-4580-B357-91CCD7F355D2} " Type="16"/> + <ROW Property="ProductCode" Value="1033:{75F0AFE9-A004-428A-89DB-9BB9ACC4489E} " Type="16"/> <ROW Property="ProductLanguage" Value="1033"/> <ROW Property="ProductName" Value="ZeroTier One Virtual Network Port"/> <ROW Property="ProductVersion" Value="1.0.0" Type="32"/> @@ -59,7 +59,7 @@ <ROW Path="<AI_DICTS>ui_en.ail"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.DigCertStoreComponent"> - <ROW TimeStampUrl="http://timestamp.verisign.com/scripts/timstamp.dll" SignerDescription="[|ProductName]" SignOptions="7" SignTool="0" Thumbprint="2ad023dc7aa92bf4265b33852a2ed2406d2bee86 Subject: ZeroTier Networks LLC Issuer: DigiCert High Assurance Code Signing CA-1 Valid from 04/24/2015 to 04/01/2016"/> + <ROW TimeStampUrl="http://timestamp.verisign.com/scripts/timstamp.dll" SignerDescription="[|ProductName]" SignOptions="7" SignTool="0" UseSha256="1" Thumbprint="7f01c3746df9e6c8235ea2ae38d3cdfeb185728b Subject: ZeroTier, Inc. Issuer: DigiCert EV Code Signing CA (SHA2) Valid from 11/30/2016 to 12/05/2019"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.FragmentComponent"> <ROW Fragment="CommonUI.aip" Path="<AI_FRAGS>CommonUI.aip"/> diff --git a/ext/installfiles/windows/ZeroTier One.aip b/ext/installfiles/windows/ZeroTier One.aip index 331126e6..e799ffc9 100644 --- a/ext/installfiles/windows/ZeroTier One.aip +++ b/ext/installfiles/windows/ZeroTier One.aip @@ -7,6 +7,7 @@ <ROW Property="AI_BITMAP_DISPLAY_MODE" Value="0"/> <ROW Property="AI_EMBD_MSI_EXTR_PATH" Value="[TempFolder]" ValueLocId="-"/> <ROW Property="AI_EXTERNALUIUNINSTALLERNAME" MultiBuildValue="DefaultBuild:aiui"/> + <ROW Property="AI_FINDEXE_TITLE" Value="Select the installation package for [|ProductName]" ValueLocId="AI.Property.FindExeTitle"/> <ROW Property="AI_PREDEF_LCONDS_PROPS" Value="AI_DETECTED_DOTNET_VERSION"/> <ROW Property="AI_PRODUCTNAME_ARP" Value="ZeroTier One"/> <ROW Property="AI_REQUIRED_DOTNET_DISPLAY" MultiBuildValue="DefaultBuild:4.5" ValueLocId="-"/> @@ -26,19 +27,19 @@ <ROW Property="CTRLS" Value="2"/> <ROW Property="MSIFASTINSTALL" MultiBuildValue="DefaultBuild:2"/> <ROW Property="Manufacturer" Value="ZeroTier, Inc."/> - <ROW Property="ProductCode" Value="1033:{5E48BAF3-4126-452A-884D-ED734D22CD02} " Type="16"/> + <ROW Property="ProductCode" Value="1033:{99A3C357-A412-4230-AFFF-E9205222FDF3} " Type="16"/> <ROW Property="ProductLanguage" Value="1033"/> <ROW Property="ProductName" Value="ZeroTier One"/> - <ROW Property="ProductVersion" Value="1.1.14" Type="32"/> + <ROW Property="ProductVersion" Value="1.1.19" Type="32"/> <ROW Property="REBOOT" MultiBuildValue="DefaultBuild:ReallySuppress"/> <ROW Property="RUNAPPLICATION" Value="1" Type="4"/> - <ROW Property="SecureCustomProperties" Value="OLDPRODUCTS;AI_NEWERPRODUCTFOUND"/> + <ROW Property="SecureCustomProperties" Value="OLDPRODUCTS;AI_NEWERPRODUCTFOUND;AI_SETUPEXEPATH;SETUPEXEDIR"/> <ROW Property="UpgradeCode" Value="{B0E2A5F3-88B6-4E77-B922-CB4739B4C4C8}"/> - <ROW Property="WindowsType9X" MultiBuildValue="DefaultBuild:Windows 9x/ME" ValueLocId="-"/> - <ROW Property="WindowsType9XDisplay" MultiBuildValue="DefaultBuild:Windows 9x/ME" ValueLocId="-"/> + <ROW Property="WindowsType9X" MultiBuildValue="DefaultBuild:Windows 9x/ME#ExeBuild:Windows 9x/ME" ValueLocId="-"/> + <ROW Property="WindowsType9XDisplay" MultiBuildValue="DefaultBuild:Windows 9x/ME#ExeBuild:Windows 9x/ME" ValueLocId="-"/> <ROW Property="WindowsTypeNT" MultiBuildValue="DefaultBuild:Windows 2000, Windows 2000 Service Pack 1, Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP x86, Windows XP x86 Service Pack 1, Windows XP x86 Service Pack 2, Windows XP x86 Service Pack 3, Windows Server 2003 x86, Windows Server 2003 x86 Service Pack 1, Windows Server 2003 x86 Service Pack 2" ValueLocId="-"/> - <ROW Property="WindowsTypeNT40" MultiBuildValue="DefaultBuild:Windows NT 4.0" ValueLocId="-"/> - <ROW Property="WindowsTypeNT40Display" MultiBuildValue="DefaultBuild:Windows NT 4.0" ValueLocId="-"/> + <ROW Property="WindowsTypeNT40" MultiBuildValue="DefaultBuild:Windows NT 4.0#ExeBuild:Windows NT 4.0" ValueLocId="-"/> + <ROW Property="WindowsTypeNT40Display" MultiBuildValue="DefaultBuild:Windows NT 4.0#ExeBuild:Windows NT 4.0" ValueLocId="-"/> <ROW Property="WindowsTypeNT64" MultiBuildValue="DefaultBuild:Windows XP x64, Windows XP x64 Service Pack 1, Windows XP x64 Service Pack 2, Windows Server 2003 x64, Windows Server 2003 x64 Service Pack 1, Windows Server 2003 x64 Service Pack 2" ValueLocId="-"/> <ROW Property="WindowsTypeNT64Display" MultiBuildValue="DefaultBuild:Windows XP x64, Windows Server 2003 x64" ValueLocId="-"/> <ROW Property="WindowsTypeNTDisplay" MultiBuildValue="DefaultBuild:Windows 2000, Windows XP x86, Windows Server 2003 x86" ValueLocId="-"/> @@ -46,6 +47,7 @@ <COMPONENT cid="caphyon.advinst.msicomp.MsiDirsComponent"> <ROW Directory="APPDIR" Directory_Parent="TARGETDIR" DefaultDir="APPDIR:." IsPseudoRoot="1" DirectoryOptions="2"/> <ROW Directory="CommonAppDataFolder" Directory_Parent="TARGETDIR" DefaultDir="COMMON~1|CommonAppDataFolder" IsPseudoRoot="1"/> + <ROW Directory="FontsFolder" Directory_Parent="TARGETDIR" DefaultDir="FONTSF~1|FontsFolder" IsPseudoRoot="1"/> <ROW Directory="One_Dir" Directory_Parent="ZeroTier_Dir" DefaultDir="One"/> <ROW Directory="ProgramFilesFolder" Directory_Parent="TARGETDIR" DefaultDir="PROGRA~1|ProgramFilesFolder" IsPseudoRoot="1"/> <ROW Directory="ProgramMenuFolder" Directory_Parent="TARGETDIR" DefaultDir="PROGRA~2|ProgramMenuFolder" IsPseudoRoot="1"/> @@ -58,25 +60,35 @@ <ROW Directory="x86_Dir" Directory_Parent="tapwindows_Dir" DefaultDir="x86"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.MsiCompsComponent"> - <ROW Component="AI_CustomARPName" ComponentId="{AE82C83F-959D-492C-A1B8-B3F741D22D7E}" Directory_="APPDIR" Attributes="4" KeyPath="DisplayName" Options="1"/> + <ROW Component="AI_CustomARPName" ComponentId="{5E2F0984-B6F7-4037-9407-662F90522113}" Directory_="APPDIR" Attributes="4" KeyPath="DisplayName" Options="1"/> <ROW Component="AI_DisableModify" ComponentId="{020DCABD-5D56-49B9-AF48-F07F0B55E590}" Directory_="APPDIR" Attributes="4" KeyPath="NoModify" Options="1"/> + <ROW Component="AI_ExePath" ComponentId="{8E02B36C-7A19-429B-A93E-77A9261AC918}" Directory_="APPDIR" Attributes="4" KeyPath="AI_ExePath"/> + <ROW Component="Hardcodet.Wpf.TaskbarNotification.dll" ComponentId="{BEA825AF-2555-44AF-BE40-47FFC16DCBA6}" Directory_="APPDIR" Attributes="0" KeyPath="Hardcodet.Wpf.TaskbarNotification.dll"/> <ROW Component="Newtonsoft.Json.dll" ComponentId="{0B2F229D-5425-42FB-9E28-F6D25AB2B4B5}" Directory_="APPDIR" Attributes="0" KeyPath="Newtonsoft.Json.dll"/> <ROW Component="ProductInformation" ComponentId="{DB078D04-EA8E-4A7C-9001-89BAD932F9D9}" Directory_="APPDIR" Attributes="4" KeyPath="Version"/> <ROW Component="ZeroTierOne.exe" ComponentId="{18B51525-77BF-4FD9-9C18-A10D4CFC25BA}" Directory_="APPDIR" Attributes="0" KeyPath="ZeroTierOne.exe"/> + <ROW Component="copyutil.exe" ComponentId="{9B9E89FB-81CB-4500-978B-11E2FA81B5B4}" Directory_="APPDIR" Attributes="0" KeyPath="copyutil.exe"/> <ROW Component="networks.d" ComponentId="{EF54D0DF-889F-41DC-AF5C-4E7F96AB1C8B}" Directory_="networks.d_Dir" Attributes="0"/> <ROW Component="regid.201001.com.zerotier" ComponentId="{A39C80FC-6A8F-454F-9052-10DAC3C3B139}" Directory_="regid.201001.com.zerotier_Dir" Attributes="0"/> + <ROW Component="segoeui.ttf" ComponentId="{9F415308-A118-419F-AD8A-678DEA856B78}" Directory_="FontsFolder" Attributes="144" Type="0"/> <ROW Component="zerotierone_x64.exe" ComponentId="{DFCFB72D-B055-4E60-B6D8-81FF585C2183}" Directory_="One_Dir" Attributes="256" Condition="VersionNT64" KeyPath="zerotierone_x64.exe"/> <ROW Component="zerotierone_x86.exe" ComponentId="{5D2F3366-4FE1-40A4-A81A-66C49FA11F1C}" Directory_="One_Dir" Attributes="0" Condition="NOT VersionNT64" KeyPath="zerotierone_x86.exe"/> <ROW Component="zttap300.cat" ComponentId="{123CD683-FD99-4F0F-8F9B-0222DF409B09}" Directory_="x64_Dir" Attributes="256" Condition="VersionNT64" KeyPath="zttap300.cat_2" Type="0"/> <ROW Component="zttap300.cat_1" ComponentId="{9F913E48-095B-4EA3-98DA-EDAB1593F3E3}" Directory_="x86_Dir" Attributes="0" Condition="NOT VersionNT64" KeyPath="zttap300.cat_3" Type="0"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.MsiFeatsComponent"> - <ROW Feature="ZeroTierOne" Title="MainFeature" Description="ZeroTier One" Display="1" Level="1" Directory_="APPDIR" Attributes="0" Components="AI_CustomARPName AI_DisableModify Newtonsoft.Json.dll ProductInformation ZeroTierOne.exe networks.d regid.201001.com.zerotier zerotierone_x64.exe zerotierone_x86.exe zttap300.cat zttap300.cat_1"/> + <ROW Feature="ZeroTierOne" Title="MainFeature" Description="ZeroTier One" Display="1" Level="1" Directory_="APPDIR" Attributes="0" Components="AI_CustomARPName AI_DisableModify AI_ExePath Hardcodet.Wpf.TaskbarNotification.dll Newtonsoft.Json.dll ProductInformation ZeroTierOne.exe copyutil.exe networks.d regid.201001.com.zerotier segoeui.ttf zerotierone_x64.exe zerotierone_x86.exe zttap300.cat zttap300.cat_1"/> <ATTRIBUTE name="CurrentFeature" value="ZeroTierOne"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.MsiFilesComponent"> - <ROW File="Newtonsoft.Json.dll" Component_="Newtonsoft.Json.dll" FileName="NEWTON~1.DLL|Newtonsoft.Json.dll" Version="65535.65535.65535.65535" Attributes="0" SourcePath="..\..\..\windows\WinUI\bin\Release\Newtonsoft.Json.dll" SelfReg="false" DigSign="true"/> + <ROW File="Hardcodet.Wpf.TaskbarNotification.dll" Component_="Hardcodet.Wpf.TaskbarNotification.dll" FileName="HARDCO~1.DLL|Hardcodet.Wpf.TaskbarNotification.dll" Version="65535.65535.65535.65535" Attributes="0" SourcePath="..\..\..\windows\WinUI\bin\Release\Hardcodet.Wpf.TaskbarNotification.dll" SelfReg="false" NextFile="segoeui.ttf" DigSign="true"/> + <ROW File="Newtonsoft.Json.dll" Component_="Newtonsoft.Json.dll" FileName="NEWTON~1.DLL|Newtonsoft.Json.dll" Version="65535.65535.65535.65535" Attributes="0" SourcePath="..\..\..\windows\WinUI\bin\Release\Newtonsoft.Json.dll" SelfReg="false" NextFile="copyutil.exe" DigSign="true"/> <ROW File="ZeroTierOne.exe" Component_="ZeroTierOne.exe" FileName="ZEROTI~1.EXE|ZeroTier One.exe" Version="65535.65535.65535.65535" Attributes="0" SourcePath="..\..\..\windows\WinUI\bin\Release\ZeroTier One.exe" SelfReg="false" NextFile="zttap300.cat_2" DigSign="true"/> + <ROW File="copyutil.exe" Component_="copyutil.exe" FileName="copyutil.exe" Version="65535.65535.65535.65535" Attributes="0" SourcePath="..\..\..\windows\copyutil\bin\Release\copyutil.exe" SelfReg="false" NextFile="Hardcodet.Wpf.TaskbarNotification.dll" DigSign="true"/> + <ROW File="segoeui.ttf" Component_="segoeui.ttf" FileName="segoeui.ttf" Attributes="0" SourcePath="..\..\..\windows\WinUI\Fonts\segoeui.ttf" SelfReg="false" NextFile="segoeuib.ttf"/> + <ROW File="segoeuib.ttf" Component_="segoeui.ttf" FileName="segoeuib.ttf" Attributes="0" SourcePath="..\..\..\windows\WinUI\Fonts\segoeuib.ttf" SelfReg="false" NextFile="segoeuii.ttf"/> + <ROW File="segoeuii.ttf" Component_="segoeui.ttf" FileName="segoeuii.ttf" Attributes="0" SourcePath="..\..\..\windows\WinUI\Fonts\segoeuii.ttf" SelfReg="false" NextFile="segoeuiz.ttf"/> + <ROW File="segoeuiz.ttf" Component_="segoeui.ttf" FileName="segoeuiz.ttf" Attributes="0" SourcePath="..\..\..\windows\WinUI\Fonts\segoeuiz.ttf" SelfReg="false"/> <ROW File="zerotierone_x64.exe" Component_="zerotierone_x64.exe" FileName="ZEROTI~2.EXE|zerotier-one_x64.exe" Version="65535.65535.65535.65535" Attributes="0" SourcePath="..\..\..\windows\Build\x64\Release\zerotier-one_x64.exe" SelfReg="false" NextFile="ZeroTierOne.exe" DigSign="true"/> <ROW File="zerotierone_x86.exe" Component_="zerotierone_x86.exe" FileName="ZEROTI~1.EXE|zerotier-one_x86.exe" Version="65535.65535.65535.65535" Attributes="0" SourcePath="..\..\..\windows\Build\Win32\Release\zerotier-one_x86.exe" SelfReg="false" NextFile="zerotierone_x64.exe" DigSign="true"/> <ROW File="zttap300.cat_2" Component_="zttap300.cat" FileName="zttap300.cat" Attributes="0" SourcePath="..\..\bin\tap-windows-ndis6\x64\zttap300.cat" SelfReg="false" NextFile="zttap300.sys_2"/> @@ -86,8 +98,15 @@ <ROW File="zttap300.sys_2" Component_="zttap300.cat" FileName="zttap300.sys" Attributes="0" SourcePath="..\..\bin\tap-windows-ndis6\x64\zttap300.sys" SelfReg="false" NextFile="zttap300.inf"/> <ROW File="zttap300.sys_3" Component_="zttap300.cat_1" FileName="zttap300.sys" Attributes="0" SourcePath="..\..\bin\tap-windows-ndis6\x86\zttap300.sys" SelfReg="false" NextFile="zttap300.inf_1"/> </COMPONENT> + <COMPONENT cid="caphyon.advinst.msicomp.AiPersistentDataComponent"> + <ROW PersistentRow="segoeui.ttf" Type="0" Condition="1"/> + <ROW PersistentRow="segoeuib.ttf" Type="0" Condition="1"/> + <ROW PersistentRow="segoeuii.ttf" Type="0" Condition="1"/> + <ROW PersistentRow="segoeuiz.ttf" Type="0" Condition="1"/> + </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.BuildComponent"> <ROW BuildKey="DefaultBuild" BuildName="MSI" BuildOrder="1" BuildType="1" PackageFolder="..\..\.." PackageFileName="ZeroTier One" Languages="en" InstallationType="4" ExtUI="true" UseLargeSchema="true"/> + <ROW BuildKey="ExeBuild" BuildName="update" BuildOrder="2" BuildType="1" PackageFolder="..\..\.." PackageFileName="ZeroTier One" Languages="en" InstallationType="2" CabsLocation="1" CompressCabs="false" UseLzma="true" LzmaMethod="2" LzmaCompressionLevel="4" PackageType="1" FilesInsideExe="true" ExeIconPath="..\..\..\artwork\ZeroTierIcon.ico" ExtractionFolder="[AppDataFolder][|Manufacturer]\[|ProductName] [|ProductVersion]\install" MsiCmdLine="/qn" UseLargeSchema="true" ExeName="zt1_update_2_1,2_[|ProductVersion]_0"/> <ATTRIBUTE name="CurrentBuild" value="DefaultBuild"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.CacheComponent"> @@ -106,9 +125,10 @@ <ROW Path="<AI_DICTS>ui_en.ail"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.DigCertStoreComponent"> - <ROW TimeStampUrl="http://timestamp.verisign.com/scripts/timstamp.dll" SignerDescription="ZeroTier One" DescriptionUrl="https://www.zerotier.com/" SignOptions="7" SignTool="0" UseSha256="1" Thumbprint="45f6b8ef02b543eeaa08d5f0f08ebe72c2a8a2d5 Subject: ZeroTier, Inc. Issuer: DigiCert SHA2 High Assurance Code Signing CA Valid from 03/22/2016 to 05/06/2019"/> + <ROW TimeStampUrl="http://timestamp.verisign.com/scripts/timstamp.dll" SignerDescription="ZeroTier One" DescriptionUrl="https://www.zerotier.com/" SignOptions="7" SignTool="0" UseSha256="1" Thumbprint="7f01c3746df9e6c8235ea2ae38d3cdfeb185728b Subject: ZeroTier, Inc. Issuer: DigiCert EV Code Signing CA (SHA2) Valid from 11/30/2016 to 12/05/2019"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.FirewallExceptionComponent"> + <ROW FirewallException="ZeroTierOneControl" DisplayName="ZeroTier One TCP/9993" GroupName="ZeroTierOne" Enabled="1" Scope="*" Condition="1" Profiles="7" Port="9993" Protocol="TCP"/> <ROW FirewallException="ZeroTierOneUDP9993" DisplayName="ZeroTier One UDP/9993" GroupName="ZeroTierOne" Enabled="1" Scope="*" Condition="1" Profiles="7" Port="9993" Protocol="UDP"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.FragmentComponent"> @@ -125,6 +145,14 @@ <ROW Fragment="WelcomeDlg.aip" Path="<AI_THEMES>classic\fragments\WelcomeDlg.aip"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.MsiActionTextComponent"> + <ROW Action="AI_AiBackupImmediate" Description="Preparing backup operation" Template="Path: [1]" DescriptionLocId="ActionText.Description.AI_AiBackupImmediate" TemplateLocId="ActionText.Template.AI_AiBackupImmediate"/> + <ROW Action="AI_AiBackupRollback" Description="Rollback backup" Template="Path: [1]" DescriptionLocId="ActionText.Description.AI_AiBackupRollback" TemplateLocId="ActionText.Template.AI_AiBackupRollback"/> + <ROW Action="AI_AiRestoreDeferred" Description="Executing restore operation" Template="Path: [1]" DescriptionLocId="ActionText.Description.AI_AiRestoreDeferred" TemplateLocId="ActionText.Template.AI_AiRestoreDeferred"/> + <ROW Action="AI_AiRestoreRollback" Description="Rollback restore" Template="Path: [1]" DescriptionLocId="ActionText.Description.AI_AiRestoreRollback" TemplateLocId="ActionText.Template.AI_AiRestoreRollback"/> + <ROW Action="AI_DeleteLzma" Description="Deleting files extracted from archive" DescriptionLocId="ActionText.Description.AI_DeleteLzma" TemplateLocId="-"/> + <ROW Action="AI_DeleteRLzma" Description="Deleting files extracted from archive" DescriptionLocId="ActionText.Description.AI_DeleteLzma" TemplateLocId="-"/> + <ROW Action="AI_ExtractFiles" Description="Extracting files from archive" DescriptionLocId="ActionText.Description.AI_ExtractLzma" TemplateLocId="-"/> + <ROW Action="AI_ExtractLzma" Description="Extracting files from archive" DescriptionLocId="ActionText.Description.AI_ExtractLzma" TemplateLocId="-"/> <ROW Action="AI_FwConfig" Description="Executing Windows Firewall configurations" Template="Configuring Windows Firewall rule: "[1]"" DescriptionLocId="ActionText.Description.AI_FwConfig" TemplateLocId="ActionText.Template.AI_FwConfig"/> <ROW Action="AI_FwInstall" Description="Generating actions to configure Windows Firewall" DescriptionLocId="ActionText.Description.AI_FwInstall"/> <ROW Action="AI_FwRemove" Description="Executing Windows Firewall configurations" Template="Configuring Windows Firewall rule: "[1]"" DescriptionLocId="ActionText.Description.AI_FwRemove" TemplateLocId="ActionText.Template.AI_FwRemove"/> @@ -141,14 +169,20 @@ <ROW Action="AI_XmlRollback" Description="Rolling back XML file configurations." Template="Rolling back XML file configurations." DescriptionLocId="ActionText.Description.AI_XmlRollback" TemplateLocId="ActionText.Template.AI_XmlRollback"/> <ROW Action="AI_XmlUninstall" Description="Generating actions to configure XML files" DescriptionLocId="ActionText.Description.AI_XmlUninstall"/> </COMPONENT> + <COMPONENT cid="caphyon.advinst.msicomp.MsiAppSearchComponent"> + <ROW Property="AI_SETUPEXEPATH" Signature_="AI_EXE_PATH_CU" Builds="ExeBuild"/> + <ROW Property="AI_SETUPEXEPATH" Signature_="AI_EXE_PATH_LM" Builds="ExeBuild"/> + </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent"> <ROW Name="ExternalUICleaner.dll" SourcePath="<AI_CUSTACTS>ExternalUICleaner.dll"/> <ROW Name="NetFirewall.dll" SourcePath="<AI_CUSTACTS>NetFirewall.dll"/> - <ROW Name="ShortcutFlags.dll" SourcePath="<AI_CUSTACTS>ShortcutFlags.dll"/> + <ROW Name="Prereq.dll" SourcePath="<AI_CUSTACTS>Prereq.dll"/> + <ROW Name="ResourceCleaner.dll" SourcePath="<AI_CUSTACTS>ResourceCleaner.dll"/> <ROW Name="SoftwareDetector.dll" SourcePath="<AI_CUSTACTS>SoftwareDetector.dll"/> <ROW Name="TxtUpdater.dll" SourcePath="<AI_CUSTACTS>TxtUpdater.dll"/> <ROW Name="aicustact.dll" SourcePath="<AI_CUSTACTS>aicustact.dll"/> <ROW Name="chainersupport.dll" SourcePath="<AI_CUSTACTS>chainersupport.dll"/> + <ROW Name="lzmaextractor.dll" SourcePath="<AI_CUSTACTS>lzmaextractor.dll"/> <ROW Name="msichainer.exe" SourcePath="<AI_CUSTACTS>msichainer.exe"/> <ROW Name="xmlCfg.dll" SourcePath="<AI_CUSTACTS>xmlCfg.dll"/> </COMPONENT> @@ -183,23 +217,40 @@ <ROW Dialog_="WelcomeDlg" Control_="WelcomeDlgDialogInitializer" Event="[Text_Next]" Argument="[Text_Install]" Condition="AI_INSTALL" Ordering="3" Options="2"/> <ROW Dialog_="WelcomeDlg" Control_="Back" Event="[ButtonText_Next]" Argument="[AI_ButtonText_Next_Orig]" Condition="AI_INSTALL" Ordering="0" Options="2"/> <ROW Dialog_="WelcomeDlg" Control_="Back" Event="[Text_Next]" Argument="[AI_Text_Next_Orig]" Condition="AI_INSTALL" Ordering="1" Options="2"/> + <ROW Dialog_="FatalError" Control_="Finish" Event="DoAction" Argument="AI_AiBackupCleanup" Condition="1" Ordering="102"/> + <ROW Dialog_="UserExit" Control_="Finish" Event="DoAction" Argument="AI_AiBackupCleanup" Condition="1" Ordering="101"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.MsiCreateFolderComponent"> <ROW Directory_="networks.d_Dir" Component_="networks.d" ManualDelete="false"/> <ROW Directory_="regid.201001.com.zerotier_Dir" Component_="regid.201001.com.zerotier" ManualDelete="false"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.MsiCustActComponent"> - <ROW Action="AI_ApplyShortcutFlags" Type="3073" Source="ShortcutFlags.dll" Target="UpdateShortcutFlags" WithoutSeq="true"/> + <ROW Action="AI_AiBackupCleanup" Type="1" Source="ResourceCleaner.dll" Target="OnAiBackupCleanup" WithoutSeq="true"/> + <ROW Action="AI_AiBackupImmediate" Type="1" Source="ResourceCleaner.dll" Target="OnAiBackupImmediate"/> + <ROW Action="AI_AiBackupRollback" Type="11521" Source="ResourceCleaner.dll" Target="OnAiBackupRollback"/> + <ROW Action="AI_AiRestoreDeferred" Type="11265" Source="ResourceCleaner.dll" Target="OnAiRestoreDeferred"/> + <ROW Action="AI_AiRestoreRollback" Type="11521" Source="ResourceCleaner.dll" Target="OnAiRestoreRollback" WithoutSeq="true"/> <ROW Action="AI_BACKUP_AI_SETUPEXEPATH" Type="51" Source="AI_SETUPEXEPATH_ORIGINAL" Target="[AI_SETUPEXEPATH]"/> <ROW Action="AI_CommitChainers" Type="11841" Source="chainersupport.dll" Target="CommitChainedPackages" WithoutSeq="true"/> <ROW Action="AI_DATA_SETTER" Type="51" Source="CustomActionData" Target="[~]"/> <ROW Action="AI_DATA_SETTER_1" Type="51" Source="CustomActionData" Target="[~]"/> <ROW Action="AI_DATA_SETTER_2" Type="51" Source="CustomActionData" Target="[~]"/> <ROW Action="AI_DATA_SETTER_3" Type="51" Source="CustomActionData" Target="[~]"/> + <ROW Action="AI_DATA_SETTER_4" Type="51" Source="AI_ExtractFiles" Target="[AI_SETUPEXEPATH]"/> + <ROW Action="AI_DATA_SETTER_6" Type="51" Source="CustomActionData" Target="ZeroTier One.exe"/> <ROW Action="AI_DOWNGRADE" Type="19" Target="4010"/> + <ROW Action="AI_DeleteCadLzma" Type="51" Source="AI_DeleteLzma" Target="[AI_SETUPEXEPATH]"/> + <ROW Action="AI_DeleteLzma" Type="1025" Source="lzmaextractor.dll" Target="DeleteLZMAFiles"/> + <ROW Action="AI_DeleteRCadLzma" Type="51" Source="AI_DeleteRLzma" Target="[AI_SETUPEXEPATH]"/> + <ROW Action="AI_DeleteRLzma" Type="1281" Source="lzmaextractor.dll" Target="DeleteLZMAFiles"/> <ROW Action="AI_DetectSoftware" Type="257" Source="SoftwareDetector.dll" Target="OnDetectSoftware"/> <ROW Action="AI_DoRemoveExternalUIStub" Type="3585" Source="ExternalUICleaner.dll" Target="DoRemoveExternalUIStub" WithoutSeq="true"/> <ROW Action="AI_DpiContentScale" Type="1" Source="aicustact.dll" Target="DpiContentScale"/> + <ROW Action="AI_EstimateExtractFiles" Type="1" Source="Prereq.dll" Target="EstimateExtractFiles"/> + <ROW Action="AI_ExtractCadLzma" Type="51" Source="AI_ExtractLzma" Target="[AI_SETUPEXEPATH]"/> + <ROW Action="AI_ExtractFiles" Type="1025" Source="Prereq.dll" Target="ExtractSourceFiles" AdditionalSeq="AI_DATA_SETTER_4"/> + <ROW Action="AI_ExtractLzma" Type="1025" Source="lzmaextractor.dll" Target="ExtractLZMAFiles"/> + <ROW Action="AI_FindExeLzma" Type="1" Source="lzmaextractor.dll" Target="FindEXE"/> <ROW Action="AI_FwConfig" Type="11265" Source="NetFirewall.dll" Target="OnFwConfig" WithoutSeq="true"/> <ROW Action="AI_FwInstall" Type="1" Source="NetFirewall.dll" Target="OnFwInstall" AdditionalSeq="AI_DATA_SETTER_2"/> <ROW Action="AI_FwRemove" Type="11265" Source="NetFirewall.dll" Target="OnFwRemove" WithoutSeq="true"/> @@ -209,10 +260,7 @@ <ROW Action="AI_InstallModeCheck" Type="1" Source="aicustact.dll" Target="UpdateInstallMode" WithoutSeq="true"/> <ROW Action="AI_LaunchApp" Type="1" Source="aicustact.dll" Target="[#ZeroTierOne.exe]"/> <ROW Action="AI_PREPARE_UPGRADE" Type="65" Source="aicustact.dll" Target="PrepareUpgrade"/> - <ROW Action="AI_PinShortcuts" Type="1" Source="ShortcutFlags.dll" Target="PinShortcuts"/> - <ROW Action="AI_PinToTaskbar" Type="1025" Source="ShortcutFlags.dll" Target="PinToTaskbar" WithoutSeq="true"/> <ROW Action="AI_PrepareChainers" Type="1" Source="chainersupport.dll" Target="PrepareChainedPackages"/> - <ROW Action="AI_PrepareShortcutFlags" Type="1" Source="ShortcutFlags.dll" Target="PrepareActionData"/> <ROW Action="AI_RESTORE_AI_SETUPEXEPATH" Type="51" Source="AI_SETUPEXEPATH" Target="[AI_SETUPEXEPATH_ORIGINAL]"/> <ROW Action="AI_RESTORE_LOCATION" Type="65" Source="aicustact.dll" Target="RestoreLocation"/> <ROW Action="AI_RemoveExternalUIStub" Type="1" Source="ExternalUICleaner.dll" Target="RemoveExternalUIStub"/> @@ -224,8 +272,6 @@ <ROW Action="AI_TxtUpdaterConfig" Type="11265" Source="TxtUpdater.dll" Target="OnTxtUpdaterConfig" WithoutSeq="true"/> <ROW Action="AI_TxtUpdaterInstall" Type="1" Source="TxtUpdater.dll" Target="OnTxtUpdaterInstall"/> <ROW Action="AI_TxtUpdaterRollback" Type="11521" Source="TxtUpdater.dll" Target="OnTxtUpdaterRollback" WithoutSeq="true"/> - <ROW Action="AI_UnpinFromTaskbar" Type="1025" Source="ShortcutFlags.dll" Target="UnpinFromTaskbar" WithoutSeq="true"/> - <ROW Action="AI_UnpinShortcuts" Type="1" Source="ShortcutFlags.dll" Target="UnpinShortcuts"/> <ROW Action="AI_XmlCommit" Type="11777" Source="xmlCfg.dll" Target="OnXmlCommit" WithoutSeq="true"/> <ROW Action="AI_XmlConfig" Type="11265" Source="xmlCfg.dll" Target="OnXmlConfig" WithoutSeq="true"/> <ROW Action="AI_XmlInstall" Type="1" Source="xmlCfg.dll" Target="OnXmlInstall" AdditionalSeq="AI_DATA_SETTER"/> @@ -237,6 +283,7 @@ <ROW Action="SET_TARGETDIR_TO_APPDIR" Type="51" Source="TARGETDIR" Target="[APPDIR]"/> <ROW Action="TapDeviceRemove32" Type="3154" Source="zerotierone_x86.exe" Target="-D"/> <ROW Action="TapDeviceRemove64" Type="3154" Source="zerotierone_x64.exe" Target="-D"/> + <ROW Action="TerminateUI" Type="65" Source="aicustact.dll" Target="StopProcess" Options="1" AdditionalSeq="AI_DATA_SETTER_6"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.MsiEmbeddedChainerComponent"> <ROW MsiEmbeddedChainer="msichainer.exe" Condition="VersionMsi >= "4.05"" CommandLine="[AI_CHAINER_CMD_LINE]" Source="msichainer.exe" Type="2"/> @@ -244,34 +291,54 @@ <COMPONENT cid="caphyon.advinst.msicomp.MsiEnvComponent"> <ROW Environment="Path" Name="=-*Path" Value="[~];[APPDIR]" Component_="ZeroTierOne.exe"/> </COMPONENT> + <COMPONENT cid="caphyon.advinst.msicomp.MsiFontsComponent"> + <ROW File_="segoeui.ttf"/> + <ROW File_="segoeuib.ttf"/> + <ROW File_="segoeuii.ttf"/> + <ROW File_="segoeuiz.ttf"/> + </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.MsiIconsComponent"> <ROW Name="ZeroTierIcon.exe" SourcePath="..\..\..\artwork\ZeroTierIcon.ico" Index="0"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.MsiInstExSeqComponent"> <ROW Action="AI_DOWNGRADE" Condition="AI_NEWERPRODUCTFOUND AND (UILevel <> 5)" Sequence="210"/> <ROW Action="AI_RESTORE_LOCATION" Condition="APPDIR=""" Sequence="749"/> - <ROW Action="AI_STORE_LOCATION" Condition="(Not Installed) OR REINSTALL" Sequence="1502"/> + <ROW Action="AI_STORE_LOCATION" Condition="(Not Installed) OR REINSTALL" Sequence="1503"/> <ROW Action="AI_PREPARE_UPGRADE" Condition="AI_UPGRADE="No" AND (Not Installed)" Sequence="1399"/> <ROW Action="AI_ResolveKnownFolders" Sequence="51"/> - <ROW Action="AI_PrepareShortcutFlags" Condition="(VersionNT > 501) AND ((NOT Installed) OR (Installed AND (REMOVE<>"ALL") AND (AI_INSTALL_MODE<>"Remove")))" Sequence="4501"/> <ROW Action="AI_XmlInstall" Condition="(REMOVE <> "ALL")" Sequence="5103"/> <ROW Action="AI_DATA_SETTER" Condition="(REMOVE <> "ALL")" Sequence="5102"/> <ROW Action="AI_XmlUninstall" Condition="(REMOVE)" Sequence="3102"/> <ROW Action="AI_DATA_SETTER_1" Condition="(REMOVE)" Sequence="3101"/> <ROW Action="InstallFinalize" Sequence="6597" SeqType="0" MsiKey="InstallFinalize"/> - <ROW Action="AI_RemoveExternalUIStub" Condition="(REMOVE="ALL") AND ((VersionNT > 500) OR((VersionNT = 500) AND (ServicePackLevel >= 4)))" Sequence="1501"/> + <ROW Action="AI_RemoveExternalUIStub" Condition="(REMOVE="ALL") AND ((VersionNT > 500) OR((VersionNT = 500) AND (ServicePackLevel >= 4)))" Sequence="1502"/> <ROW Action="AI_GetArpIconPath" Sequence="1401"/> - <ROW Action="TapDeviceRemove32" Condition="( Installed AND ( REMOVE = "ALL" OR AI_INSTALL_MODE = "Remove" ) AND NOT UPGRADINGPRODUCTCODE ) AND ( NOT VersionNT64 )" Sequence="1601"/> - <ROW Action="TapDeviceRemove64" Condition="( Installed AND ( REMOVE = "ALL" OR AI_INSTALL_MODE = "Remove" ) AND NOT UPGRADINGPRODUCTCODE ) AND ( VersionNT64 )" Sequence="1602"/> + <ROW Action="TapDeviceRemove32" Condition="( Installed AND ( REMOVE = "ALL" OR AI_INSTALL_MODE = "Remove" ) AND NOT UPGRADINGPRODUCTCODE ) AND ( NOT VersionNT64 )" Sequence="1603"/> + <ROW Action="TapDeviceRemove64" Condition="( Installed AND ( REMOVE = "ALL" OR AI_INSTALL_MODE = "Remove" ) AND NOT UPGRADINGPRODUCTCODE ) AND ( VersionNT64 )" Sequence="1604"/> <ROW Action="AI_PrepareChainers" Condition="VersionMsi >= "4.05"" Sequence="5851"/> <ROW Action="AI_FwInstall" Condition="(VersionNT >= 501) AND (REMOVE <> "ALL")" Sequence="5802"/> <ROW Action="AI_DATA_SETTER_2" Condition="(VersionNT >= 501) AND (REMOVE <> "ALL")" Sequence="5801"/> <ROW Action="AI_FwUninstall" Condition="(VersionNT >= 501) AND (REMOVE="ALL")" Sequence="1702"/> <ROW Action="AI_DATA_SETTER_3" Condition="(VersionNT >= 501) AND (REMOVE="ALL")" Sequence="1701"/> - <ROW Action="AI_DetectSoftware" Sequence="101"/> - <ROW Action="AI_PinShortcuts" Condition="(VersionNT > 600) AND ((NOT Installed) OR (Installed AND (REMOVE<>"ALL") AND (AI_INSTALL_MODE<>"Remove")))" Sequence="4502"/> - <ROW Action="AI_UnpinShortcuts" Condition="(VersionNT > 600) AND (REMOVE = "ALL")" Sequence="3199"/> + <ROW Action="AI_DetectSoftware" Sequence="102"/> <ROW Action="AI_TxtUpdaterInstall" Sequence="5101"/> + <ROW Action="AI_BACKUP_AI_SETUPEXEPATH" Sequence="99" Builds="ExeBuild"/> + <ROW Action="AI_RESTORE_AI_SETUPEXEPATH" Condition="AI_SETUPEXEPATH_ORIGINAL" Sequence="101" Builds="ExeBuild"/> + <ROW Action="AI_DeleteCadLzma" Condition="SETUPEXEDIR="" AND Installed AND (REMOVE<>"ALL") AND (AI_INSTALL_MODE<>"Remove") AND (NOT PATCH)" Sequence="199" Builds="ExeBuild"/> + <ROW Action="AI_DeleteRCadLzma" Condition="SETUPEXEDIR="" AND Installed AND (REMOVE<>"ALL") AND (AI_INSTALL_MODE<>"Remove") AND (NOT PATCH)" Sequence="198" Builds="ExeBuild"/> + <ROW Action="AI_ExtractCadLzma" Condition="SETUPEXEDIR="" AND Installed AND (REMOVE<>"ALL") AND (AI_INSTALL_MODE<>"Remove") AND (NOT PATCH)" Sequence="197" Builds="ExeBuild"/> + <ROW Action="AI_FindExeLzma" Condition="SETUPEXEDIR="" AND Installed AND (REMOVE<>"ALL") AND (AI_INSTALL_MODE<>"Remove") AND (NOT PATCH)" Sequence="196" Builds="ExeBuild"/> + <ROW Action="AI_ExtractLzma" Condition="SETUPEXEDIR="" AND Installed AND (REMOVE<>"ALL") AND (AI_INSTALL_MODE<>"Remove") AND (NOT PATCH)" Sequence="1549" Builds="ExeBuild"/> + <ROW Action="AI_DeleteRLzma" Condition="SETUPEXEDIR="" AND Installed AND (REMOVE<>"ALL") AND (AI_INSTALL_MODE<>"Remove") AND (NOT PATCH)" Sequence="1548" Builds="ExeBuild"/> + <ROW Action="AI_DeleteLzma" Condition="SETUPEXEDIR="" AND Installed AND (REMOVE<>"ALL") AND (AI_INSTALL_MODE<>"Remove") AND (NOT PATCH)" Sequence="6595" Builds="ExeBuild"/> + <ROW Action="AI_ExtractFiles" Sequence="3998" Builds="ExeBuild"/> + <ROW Action="AI_DATA_SETTER_4" Sequence="3997"/> + <ROW Action="AI_EstimateExtractFiles" Sequence="3999" Builds="ExeBuild"/> + <ROW Action="TerminateUI" Sequence="1602"/> + <ROW Action="AI_DATA_SETTER_6" Sequence="1601"/> + <ROW Action="AI_AiBackupImmediate" Sequence="1001"/> + <ROW Action="AI_AiBackupRollback" Sequence="1501"/> + <ROW Action="AI_AiRestoreDeferred" Sequence="6596"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.MsiInstallUISequenceComponent"> <ROW Action="AI_RESTORE_LOCATION" Condition="APPDIR=""" Sequence="749"/> @@ -285,12 +352,18 @@ <COMPONENT cid="caphyon.advinst.msicomp.MsiLaunchConditionsComponent"> <ROW Condition="( Version9X OR ( NOT VersionNT64 ) OR ( VersionNT64 AND ((VersionNT64 <> 502) OR (((VersionNT64 = 502) AND (ServicePackLevel >= 1)) OR (MsiNTProductType <> 1))) AND ((VersionNT64 <> 502) OR (((VersionNT64 = 502) AND (ServicePackLevel <> 1)) OR (MsiNTProductType <> 1))) AND ((VersionNT64 <> 502) OR (((VersionNT64 = 502) AND (ServicePackLevel <> 2)) OR (MsiNTProductType <> 1))) AND ((VersionNT64 <> 502) OR ((VersionNT64 = 502) AND ((MsiNTProductType = 1) OR (ServicePackLevel >= 1)))) AND ((VersionNT64 <> 502) OR ((VersionNT64 = 502) AND ((MsiNTProductType = 1) OR (ServicePackLevel <> 1)))) AND ((VersionNT64 <> 502) OR ((VersionNT64 = 502) AND ((MsiNTProductType = 1) OR (ServicePackLevel <> 2)))) ) )" Description="[ProductName] cannot be installed on the following Windows versions: [WindowsTypeNT64Display]" DescriptionLocId="AI.LaunchCondition.NoSpecificNT64" IsPredefined="true" Builds="DefaultBuild"/> <ROW Condition="( Version9X OR VersionNT64 OR ( VersionNT AND ((VersionNT <> 500) OR ((VersionNT = 500) AND (ServicePackLevel >= 1))) AND ((VersionNT <> 500) OR ((VersionNT = 500) AND (ServicePackLevel <> 1))) AND ((VersionNT <> 500) OR ((VersionNT = 500) AND (ServicePackLevel <> 2))) AND ((VersionNT <> 500) OR ((VersionNT = 500) AND (ServicePackLevel <> 3))) AND ((VersionNT <> 500) OR ((VersionNT = 500) AND (ServicePackLevel <> 4))) AND (((VersionNT <> 501) OR ((VersionNT = 501) AND (ServicePackLevel >= 1))) OR VersionNT64) AND (((VersionNT <> 501) OR ((VersionNT = 501) AND (ServicePackLevel <> 1))) OR VersionNT64) AND (((VersionNT <> 501) OR ((VersionNT = 501) AND (ServicePackLevel <> 2))) OR VersionNT64) AND (((VersionNT <> 501) OR ((VersionNT = 501) AND (ServicePackLevel <> 3))) OR VersionNT64) AND (((VersionNT <> 502) OR ((VersionNT = 502) AND (ServicePackLevel >= 1))) OR VersionNT64) AND (((VersionNT <> 502) OR ((VersionNT = 502) AND (ServicePackLevel <> 1))) OR VersionNT64) AND (((VersionNT <> 502) OR ((VersionNT = 502) AND (ServicePackLevel <> 2))) OR VersionNT64) ) )" Description="[ProductName] cannot be installed on the following Windows versions: [WindowsTypeNTDisplay]" DescriptionLocId="AI.LaunchCondition.NoSpecificNT" IsPredefined="true" Builds="DefaultBuild"/> - <ROW Condition="(VersionNT <> 400)" Description="[ProductName] cannot be installed on the following Windows versions: [WindowsTypeNT40Display]" DescriptionLocId="AI.LaunchCondition.NoNT40" IsPredefined="true" Builds="DefaultBuild"/> + <ROW Condition="(VersionNT <> 400)" Description="[ProductName] cannot be installed on the following Windows versions: [WindowsTypeNT40Display]." DescriptionLocId="AI.LaunchCondition.NoNT40" IsPredefined="true" Builds="DefaultBuild;ExeBuild"/> <ROW Condition="AI_DETECTED_DOTNET_VERSION >= AI_REQUIRED_DOTNET_VERSION" Description="[ProductName] cannot be installed on systems with .NET Framework version lower than [AI_REQUIRED_DOTNET_DISPLAY]." DescriptionLocId="AI.LaunchCondition.DotNET" IsPredefined="true" Builds="DefaultBuild"/> <ROW Condition="Privileged" Description="[ProductName] requires administrative privileges to install." DescriptionLocId="AI.LaunchCondition.Privileged" IsPredefined="true" Builds="DefaultBuild"/> - <ROW Condition="VersionNT" Description="[ProductName] cannot be installed on [WindowsType9XDisplay]" DescriptionLocId="AI.LaunchCondition.No9X" IsPredefined="true" Builds="DefaultBuild"/> + <ROW Condition="SETUPEXEDIR OR (REMOVE="ALL")" Description="This package can only be run from a bootstrapper." DescriptionLocId="AI.LaunchCondition.RequireBootstrapper" IsPredefined="true" Builds="ExeBuild"/> + <ROW Condition="VersionNT" Description="[ProductName] cannot be installed on [WindowsType9XDisplay]." DescriptionLocId="AI.LaunchCondition.No9X" IsPredefined="true" Builds="DefaultBuild;ExeBuild"/> + </COMPONENT> + <COMPONENT cid="caphyon.advinst.msicomp.MsiRegLocatorComponent"> + <ROW Signature_="AI_EXE_PATH_CU" Root="1" Key="Software\Caphyon\Advanced Installer\LZMA\[ProductCode]\[ProductVersion]" Name="AI_ExePath" Type="2"/> + <ROW Signature_="AI_EXE_PATH_LM" Root="2" Key="Software\Caphyon\Advanced Installer\LZMA\[ProductCode]\[ProductVersion]" Name="AI_ExePath" Type="2"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.MsiRegsComponent"> + <ROW Registry="AI_ExePath" Root="-1" Key="Software\Caphyon\Advanced Installer\LZMA\[ProductCode]\[ProductVersion]" Name="AI_ExePath" Value="[AI_SETUPEXEPATH]" Component_="AI_ExePath"/> <ROW Registry="Comments" Root="-1" Key="Software\Microsoft\Windows\CurrentVersion\Uninstall\[ProductName] [ProductVersion]" Name="Comments" Value="[ARPCOMMENTS]" Component_="AI_CustomARPName"/> <ROW Registry="Contact" Root="-1" Key="Software\Microsoft\Windows\CurrentVersion\Uninstall\[ProductName] [ProductVersion]" Name="Contact" Value="[ARPCONTACT]" Component_="AI_CustomARPName"/> <ROW Registry="DisplayIcon" Root="-1" Key="Software\Microsoft\Windows\CurrentVersion\Uninstall\[ProductName] [ProductVersion]" Name="DisplayIcon" Value="[ARP_ICON_PATH]" Component_="AI_CustomARPName"/> @@ -329,7 +402,7 @@ <ROW ServiceInstall="zerotierone_x86.exe" Name="ZeroTierOneService" DisplayName="ZeroTier One" ServiceType="16" StartType="2" ErrorControl="32769" Component_="zerotierone_x86.exe" Description="Ethernet Virtualization Service"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.MsiShortsComponent"> - <ROW Shortcut="ZeroTierOne" Directory_="ProgramMenuFolder" Name="ZEROTI~1|ZeroTier One" Component_="ZeroTierOne.exe" Target="[#ZeroTierOne.exe]" Description="Ethernet Virtualization Control Panel" Hotkey="0" Icon_="ZeroTierIcon.exe" IconIndex="0" ShowCmd="1" WkDir="APPDIR" CustomFlags="1"/> + <ROW Shortcut="ZeroTierOne" Directory_="ProgramMenuFolder" Name="ZEROTI~1|ZeroTier One" Component_="ZeroTierOne.exe" Target="[#ZeroTierOne.exe]" Description="Ethernet Virtualization Control Panel" Hotkey="0" Icon_="ZeroTierIcon.exe" IconIndex="0" ShowCmd="1" WkDir="APPDIR"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.MsiThemeComponent"> <ATTRIBUTE name="UsedTheme" value="classic"/> @@ -356,7 +429,7 @@ <ROW XmlAttribute="xsischemaLocation" XmlElement="swidsoftware_identification_tag" Name="xsi:schemaLocation" Flags="14" Order="3" Value="http://standards.iso.org/iso/19770/-2/2008/schema.xsd software_identification_tag.xsd"/> </COMPONENT> <COMPONENT cid="caphyon.advinst.msicomp.XmlElementComponent"> - <ROW XmlElement="swidbuild" ParentElement="swidnumeric" Name="swid:build" Condition="1" Order="2" Flags="14" Text="14"/> + <ROW XmlElement="swidbuild" ParentElement="swidnumeric" Name="swid:build" Condition="1" Order="2" Flags="14" Text="19"/> <ROW XmlElement="swidentitlement_required_indicator" ParentElement="swidsoftware_identification_tag" Name="swid:entitlement_required_indicator" Condition="1" Order="0" Flags="14" Text="false"/> <ROW XmlElement="swidmajor" ParentElement="swidnumeric" Name="swid:major" Condition="1" Order="0" Flags="14" Text="1"/> <ROW XmlElement="swidminor" ParentElement="swidnumeric" Name="swid:minor" Condition="1" Order="1" Flags="14" Text="1"/> diff --git a/ext/json/README.md b/ext/json/README.md index c0bb61b1..4bcbe97f 100644 --- a/ext/json/README.md +++ b/ext/json/README.md @@ -1,24 +1,24 @@ [](https://github.com/nlohmann/json/releases) [](https://travis-ci.org/nlohmann/json) -[](https://ci.appveyor.com/project/nlohmann/json) +[](https://ci.appveyor.com/project/nlohmann/json) [](https://coveralls.io/r/nlohmann/json) -[](https://scan.coverity.com/projects/nlohmann-json) -[](http://melpon.org/wandbox/permlink/p5o4znPnGHJpDVqN) +[](http://melpon.org/wandbox/permlink/fsf5FqYe6GoX68W6) [](http://nlohmann.github.io/json) [](https://raw.githubusercontent.com/nlohmann/json/master/LICENSE.MIT) [](https://github.com/nlohmann/json/releases) [](http://github.com/nlohmann/json/issues) +[](https://bestpractices.coreinfrastructure.org/projects/289) ## Design goals There are myriads of [JSON](http://json.org) libraries out there, and each may even have its reason to exist. Our class had these design goals: -- **Intuitive syntax**. In languages such as Python, JSON feels like a first class data type. We used all the operator magic of modern C++ to achieve the same feeling in your code. Check out the [examples below](#examples) and you know, what I mean. +- **Intuitive syntax**. In languages such as Python, JSON feels like a first class data type. We used all the operator magic of modern C++ to achieve the same feeling in your code. Check out the [examples below](#examples) and you'll know what I mean. - **Trivial integration**. Our whole code consists of a single header file [`json.hpp`](https://github.com/nlohmann/json/blob/develop/src/json.hpp). That's it. No library, no subproject, no dependencies, no complex build system. The class is written in vanilla C++11. All in all, everything should require no adjustment of your compiler flags or project settings. -- **Serious testing**. Our class is heavily [unit-tested](https://github.com/nlohmann/json/blob/master/test/src/unit.cpp) and covers [100%](https://coveralls.io/r/nlohmann/json) of the code, including all exceptional behavior. Furthermore, we checked with [Valgrind](http://valgrind.org) that there are no memory leaks. +- **Serious testing**. Our class is heavily [unit-tested](https://github.com/nlohmann/json/blob/master/test/src/unit.cpp) and covers [100%](https://coveralls.io/r/nlohmann/json) of the code, including all exceptional behavior. Furthermore, we checked with [Valgrind](http://valgrind.org) that there are no memory leaks. To maintain high quality, the project is following the [Core Infrastructure Initiative (CII) best practices](https://bestpractices.coreinfrastructure.org/projects/289). Other aspects were not so important to us: @@ -283,8 +283,8 @@ json j_uset(c_uset); // only one entry for "one" is used // maybe ["two", "three", "four", "one"] std::multiset<std::string> c_mset {"one", "two", "one", "four"}; -json j_mset(c_mset); // only one entry for "one" is used -// maybe ["one", "two", "four"] +json j_mset(c_mset); // both entries for "one" are used +// maybe ["one", "two", "one", "four"] std::unordered_multiset<std::string> c_umset {"one", "two", "one", "four"}; json j_umset(c_umset); // both entries for "one" are used @@ -416,7 +416,13 @@ The following compilers are currently used in continuous integration at [Travis] | GCC 4.9.3 | Ubuntu 14.04.4 LTS | g++-4.9 (Ubuntu 4.9.3-8ubuntu2~14.04) 4.9.3 | | GCC 5.3.0 | Ubuntu 14.04.4 LTS | g++-5 (Ubuntu 5.3.0-3ubuntu1~14.04) 5.3.0 20151204 | | GCC 6.1.1 | Ubuntu 14.04.4 LTS | g++-6 (Ubuntu 6.1.1-3ubuntu11~14.04.1) 6.1.1 20160511 | +| Clang 3.6.0 | Ubuntu 14.04.4 LTS | clang version 3.6.0 (tags/RELEASE_360/final) | +| Clang 3.6.1 | Ubuntu 14.04.4 LTS | clang version 3.6.1 (tags/RELEASE_361/final) | +| Clang 3.6.2 | Ubuntu 14.04.4 LTS | clang version 3.6.2 (tags/RELEASE_362/final) | +| Clang 3.7.0 | Ubuntu 14.04.4 LTS | clang version 3.7.0 (tags/RELEASE_370/final) | +| Clang 3.7.1 | Ubuntu 14.04.4 LTS | clang version 3.7.1 (tags/RELEASE_371/final) | | Clang 3.8.0 | Ubuntu 14.04.4 LTS | clang version 3.8.0 (tags/RELEASE_380/final) | +| Clang 3.8.1 | Ubuntu 14.04.4 LTS | clang version 3.8.1 (tags/RELEASE_381/final) | | Clang Xcode 6.1 | Darwin Kernel Version 13.4.0 (OSX 10.9.5) | Apple LLVM version 6.0 (clang-600.0.54) (based on LLVM 3.5svn) | | Clang Xcode 6.2 | Darwin Kernel Version 13.4.0 (OSX 10.9.5) | Apple LLVM version 6.0 (clang-600.0.57) (based on LLVM 3.5svn) | | Clang Xcode 6.3 | Darwin Kernel Version 14.3.0 (OSX 10.10.3) | Apple LLVM version 6.1.0 (clang-602.0.49) (based on LLVM 3.6.0svn) | @@ -424,7 +430,7 @@ The following compilers are currently used in continuous integration at [Travis] | Clang Xcode 7.1 | Darwin Kernel Version 14.5.0 (OSX 10.10.5) | Apple LLVM version 7.0.0 (clang-700.1.76) | | Clang Xcode 7.2 | Darwin Kernel Version 15.0.0 (OSX 10.10.5) | Apple LLVM version 7.0.2 (clang-700.1.81) | | Clang Xcode 7.3 | Darwin Kernel Version 15.0.0 (OSX 10.10.5) | Apple LLVM version 7.3.0 (clang-703.0.29) | -| Clang Xcode 8.0 | Darwin Kernel Version 15.5.0 (OSX 10.11.5) | Apple LLVM version 8.0.0 (clang-800.0.24.1) | +| Clang Xcode 8.0 | Darwin Kernel Version 15.6.0 (OSX 10.11.6) | Apple LLVM version 8.0.0 (clang-800.0.38) | | Visual Studio 14 2015 | Windows Server 2012 R2 (x64) | Microsoft (R) Build Engine version 14.0.25123.0 | @@ -486,14 +492,26 @@ I deeply appreciate the help of the following people. - [Mário Feroldi](https://github.com/thelostt) fixed a small typo. - [duncanwerner](https://github.com/duncanwerner) found a really embarrassing performance regression in the 2.0.0 release. - [Damien](https://github.com/dtoma) fixed one of the last conversion warnings. +- [Thomas Braun](https://github.com/t-b) fixed a warning in a test case. +- [Théo DELRIEU](https://github.com/theodelrieu) patiently and constructively oversaw the long way toward [iterator-range parsing](https://github.com/nlohmann/json/issues/290). +- [Stefan](https://github.com/5tefan) fixed a minor issue in the documentation. +- [Vasil Dimov](https://github.com/vasild) fixed the documentation regarding conversions from `std::multiset`. +- [ChristophJud](https://github.com/ChristophJud) overworked the CMake files to ease project inclusion. +- [Vladimir Petrigo](https://github.com/vpetrigo) made a SFINAE hack more readable. +- [Denis Andrejew](https://github.com/seeekr) fixed a grammar issue in the README file. Thanks a lot for helping out! ## Notes -- The code contains numerous debug **assertions** which can be switched off by defining the preprocessor macro `NDEBUG`, see the [documentation of `assert`](http://en.cppreference.com/w/cpp/error/assert). +- The code contains numerous debug **assertions** which can be switched off by defining the preprocessor macro `NDEBUG`, see the [documentation of `assert`](http://en.cppreference.com/w/cpp/error/assert). In particular, note [`operator[]`](https://nlohmann.github.io/json/classnlohmann_1_1basic__json_a2e26bd0b0168abb61f67ad5bcd5b9fa1.html#a2e26bd0b0168abb61f67ad5bcd5b9fa1) implements **unchecked access** for const objects: If the given key is not present, the behavior is undefined (think of a dereferenced null pointer) and yields an [assertion failure](https://github.com/nlohmann/json/issues/289) if assertions are switched on. If you are not sure whether an element in an object exists, use checked access with the [`at()` function](https://nlohmann.github.io/json/classnlohmann_1_1basic__json_a674de1ee73e6bf4843fc5dc1351fb726.html#a674de1ee73e6bf4843fc5dc1351fb726). - As the exact type of a number is not defined in the [JSON specification](http://rfc7159.net/rfc7159), this library tries to choose the best fitting C++ number type automatically. As a result, the type `double` may be used to store numbers which may yield [**floating-point exceptions**](https://github.com/nlohmann/json/issues/181) in certain rare situations if floating-point exceptions have been unmasked in the calling code. These exceptions are not caused by the library and need to be fixed in the calling code, such as by re-masking the exceptions prior to calling library functions. +- The library supports **Unicode input** as follows: + - Only **UTF-8** encoded input is supported which is the default encoding for JSON according to [RFC 7159](http://rfc7159.net/rfc7159#rfc.section.8.1). + - Other encodings such as Latin-1, UTF-16, or UTF-32 are not supported and will yield parse errors. + - [Unicode noncharacters](http://www.unicode.org/faq/private_use.html#nonchar1) will not be replaced by the library. + - Invalid surrogates (e.g., incomplete pairs such as `\uDEAD`) will yield parse errors. ## Execute unit tests @@ -501,11 +519,20 @@ Thanks a lot for helping out! To compile and run the tests, you need to execute ```sh -$ make -$ ./json_unit "*" +$ make check =============================================================================== -All tests passed (8905012 assertions in 32 test cases) +All tests passed (8905491 assertions in 36 test cases) +``` + +Alternatively, you can use [CMake](https://cmake.org) and run + +```sh +$ mkdir build +$ cd build +$ cmake .. +$ make +$ ctest ``` For more information, have a look at the file [.travis.yml](https://github.com/nlohmann/json/blob/master/.travis.yml). diff --git a/ext/json/json.hpp b/ext/json/json.hpp index 878fb899..9d48e7a6 100644 --- a/ext/json/json.hpp +++ b/ext/json/json.hpp @@ -1,11 +1,11 @@ /* __ _____ _____ _____ __| | __| | | | JSON for Modern C++ -| | |__ | | | | | | version 2.0.2 +| | |__ | | | | | | version 2.0.10 |_____|_____|_____|_|___| https://github.com/nlohmann/json Licensed under the MIT License <http://opensource.org/licenses/MIT>. -Copyright (c) 2013-2016 Niels Lohmann <http://nlohmann.me>. +Copyright (c) 2013-2017 Niels Lohmann <http://nlohmann.me>. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal @@ -29,30 +29,32 @@ SOFTWARE. #ifndef NLOHMANN_JSON_HPP #define NLOHMANN_JSON_HPP -#include <algorithm> -#include <array> -#include <cassert> -#include <ciso646> -#include <cmath> -#include <cstddef> -#include <cstdint> -#include <cstdlib> -#include <functional> -#include <initializer_list> -#include <iomanip> -#include <iostream> -#include <iterator> -#include <limits> -#include <locale> -#include <map> -#include <memory> -#include <numeric> -#include <sstream> -#include <stdexcept> -#include <string> -#include <type_traits> -#include <utility> -#include <vector> +#include <algorithm> // all_of, for_each, transform +#include <array> // array +#include <cassert> // assert +#include <cctype> // isdigit +#include <ciso646> // and, not, or +#include <cmath> // isfinite, ldexp, signbit +#include <cstddef> // nullptr_t, ptrdiff_t, size_t +#include <cstdint> // int64_t, uint64_t +#include <cstdlib> // strtod, strtof, strtold, strtoul +#include <cstring> // strlen +#include <functional> // function, hash, less +#include <initializer_list> // initializer_list +#include <iomanip> // setw +#include <iostream> // istream, ostream +#include <iterator> // advance, begin, bidirectional_iterator_tag, distance, end, inserter, iterator, iterator_traits, next, random_access_iterator_tag, reverse_iterator +#include <limits> // numeric_limits +#include <locale> // locale +#include <map> // map +#include <memory> // addressof, allocator, allocator_traits, unique_ptr +#include <numeric> // accumulate +#include <sstream> // stringstream +#include <stdexcept> // domain_error, invalid_argument, out_of_range +#include <string> // getline, stoi, string, to_string +#include <type_traits> // add_pointer, enable_if, is_arithmetic, is_base_of, is_const, is_constructible, is_convertible, is_floating_point, is_integral, is_nothrow_move_assignable, std::is_nothrow_move_constructible, std::is_pointer, std::is_reference, std::is_same, remove_const, remove_pointer, remove_reference +#include <utility> // declval, forward, make_pair, move, pair, swap +#include <vector> // vector // exclude unsupported compilers #if defined(__clang__) @@ -73,6 +75,21 @@ SOFTWARE. #pragma GCC diagnostic ignored "-Wfloat-equal" #endif +// disable documentation warnings on clang +#if defined(__clang__) + #pragma GCC diagnostic push + #pragma GCC diagnostic ignored "-Wdocumentation" +#endif + +// allow for portable deprecation warnings +#if defined(__clang__) || defined(__GNUC__) || defined(__GNUG__) + #define JSON_DEPRECATED __attribute__((deprecated)) +#elif defined(_MSC_VER) + #define JSON_DEPRECATED __declspec(deprecated) +#else + #define JSON_DEPRECATED +#endif + /*! @brief namespace for Niels Lohmann @see https://github.com/nlohmann @@ -96,36 +113,19 @@ such as sequence containers. For instance, `std::map` passes the test as it contains a `mapped_type`, whereas `std::vector` fails the test. @sa http://stackoverflow.com/a/7728728/266378 -@since version 1.0.0 +@since version 1.0.0, overworked in version 2.0.6 */ template<typename T> struct has_mapped_type { private: - template<typename C> static char test(typename C::mapped_type*); - template<typename C> static char (&test(...))[2]; - public: - static constexpr bool value = sizeof(test<T>(0)) == 1; -}; + template <typename U, typename = typename U::mapped_type> + static int detect(U&&); -/*! -@brief helper class to create locales with decimal point - -This struct is used a default locale during the JSON serialization. JSON -requires the decimal point to be `.`, so this function overloads the -`do_decimal_point()` function to return `.`. This function is called by -float-to-string conversions to retrieve the decimal separator between integer -and fractional parts. - -@sa https://github.com/nlohmann/json/issues/51#issuecomment-86869315 -@since version 2.0.0 -*/ -struct DecimalSeparator : std::numpunct<char> -{ - char do_decimal_point() const - { - return '.'; - } + static void detect(...); + public: + static constexpr bool value = + std::is_integral<decltype(detect(std::declval<T>()))>::value; }; } @@ -228,6 +228,7 @@ class basic_json public: // forward declarations + template<typename U> class iter_impl; template<typename Base> class json_reverse_iterator; class json_pointer; @@ -262,9 +263,9 @@ class basic_json using const_pointer = typename std::allocator_traits<allocator_type>::const_pointer; /// an iterator for a basic_json container - class iterator; + using iterator = iter_impl<basic_json>; /// a const iterator for a basic_json container - class const_iterator; + using const_iterator = iter_impl<const basic_json>; /// a reverse iterator for a basic_json container using reverse_iterator = json_reverse_iterator<typename basic_json::iterator>; /// a const reverse iterator for a basic_json container @@ -872,8 +873,17 @@ class basic_json break; } + case value_t::null: + { + break; + } + default: { + if (t == value_t::null) + { + throw std::domain_error("961c151d2e87f2686a955a9be24d316f1362bf21 2.0.10"); // LCOV_EXCL_LINE + } break; } } @@ -950,7 +960,7 @@ class basic_json With a parser callback function, the result of parsing a JSON text can be influenced. When passed to @ref parse(std::istream&, const - parser_callback_t) or @ref parse(const string_t&, const parser_callback_t), + parser_callback_t) or @ref parse(const CharT, const parser_callback_t), it is called on certain events (passed as @ref parse_event_t via parameter @a event) with a set recursion depth @a depth and context JSON value @a parsed. The return value of the callback function is a boolean @@ -993,7 +1003,7 @@ class basic_json skipped completely or replaced by an empty discarded object. @sa @ref parse(std::istream&, parser_callback_t) or - @ref parse(const string_t&, parser_callback_t) for examples + @ref parse(const CharT, const parser_callback_t) for examples @since version 1.0.0 */ @@ -1057,40 +1067,10 @@ class basic_json } /*! - @brief create a null object (implicitly) - - Create a `null` JSON value. This is the implicit version of the `null` - value constructor as it takes no parameters. - - @note The class invariant is satisfied, because it poses no requirements - for null values. - - @complexity Constant. - - @exceptionsafety No-throw guarantee: this constructor never throws - exceptions. - - @requirement This function helps `basic_json` satisfying the - [Container](http://en.cppreference.com/w/cpp/concept/Container) - requirements: - - The complexity is constant. - - As postcondition, it holds: `basic_json().empty() == true`. - - @liveexample{The following code shows the constructor for a `null` JSON - value.,basic_json} - - @sa @ref basic_json(std::nullptr_t) -- create a `null` value - - @since version 1.0.0 - */ - basic_json() = default; - - /*! - @brief create a null object (explicitly) + @brief create a null object - Create a `null` JSON value. This is the explicitly version of the `null` - value constructor as it takes a null pointer as parameter. It allows to - create `null` values by explicitly assigning a `nullptr` to a JSON value. + Create a `null` JSON value. It either takes a null pointer as parameter + (explicitly creating `null`) or no parameter (implicitly creating `null`). The passed null pointer itself is not read -- it is only used to choose the right constructor. @@ -1099,15 +1079,12 @@ class basic_json @exceptionsafety No-throw guarantee: this constructor never throws exceptions. - @liveexample{The following code shows the constructor with null pointer - parameter.,basic_json__nullptr_t} - - @sa @ref basic_json() -- default constructor (implicitly creating a `null` - value) + @liveexample{The following code shows the constructor with and without a + null pointer parameter.,basic_json__nullptr_t} @since version 1.0.0 */ - basic_json(std::nullptr_t) noexcept + basic_json(std::nullptr_t = nullptr) noexcept : basic_json(value_t::null) { assert_invariant(); @@ -1164,11 +1141,9 @@ class basic_json @since version 1.0.0 */ - template <class CompatibleObjectType, typename - std::enable_if< - std::is_constructible<typename object_t::key_type, typename CompatibleObjectType::key_type>::value and - std::is_constructible<basic_json, typename CompatibleObjectType::mapped_type>::value, int>::type - = 0> + template<class CompatibleObjectType, typename std::enable_if< + std::is_constructible<typename object_t::key_type, typename CompatibleObjectType::key_type>::value and + std::is_constructible<basic_json, typename CompatibleObjectType::mapped_type>::value, int>::type = 0> basic_json(const CompatibleObjectType& val) : m_type(value_t::object) { @@ -1229,16 +1204,14 @@ class basic_json @since version 1.0.0 */ - template <class CompatibleArrayType, typename - std::enable_if< - not std::is_same<CompatibleArrayType, typename basic_json_t::iterator>::value and - not std::is_same<CompatibleArrayType, typename basic_json_t::const_iterator>::value and - not std::is_same<CompatibleArrayType, typename basic_json_t::reverse_iterator>::value and - not std::is_same<CompatibleArrayType, typename basic_json_t::const_reverse_iterator>::value and - not std::is_same<CompatibleArrayType, typename array_t::iterator>::value and - not std::is_same<CompatibleArrayType, typename array_t::const_iterator>::value and - std::is_constructible<basic_json, typename CompatibleArrayType::value_type>::value, int>::type - = 0> + template<class CompatibleArrayType, typename std::enable_if< + not std::is_same<CompatibleArrayType, typename basic_json_t::iterator>::value and + not std::is_same<CompatibleArrayType, typename basic_json_t::const_iterator>::value and + not std::is_same<CompatibleArrayType, typename basic_json_t::reverse_iterator>::value and + not std::is_same<CompatibleArrayType, typename basic_json_t::const_reverse_iterator>::value and + not std::is_same<CompatibleArrayType, typename array_t::iterator>::value and + not std::is_same<CompatibleArrayType, typename array_t::const_iterator>::value and + std::is_constructible<basic_json, typename CompatibleArrayType::value_type>::value, int>::type = 0> basic_json(const CompatibleArrayType& val) : m_type(value_t::array) { @@ -1324,10 +1297,8 @@ class basic_json @since version 1.0.0 */ - template <class CompatibleStringType, typename - std::enable_if< - std::is_constructible<string_t, CompatibleStringType>::value, int>::type - = 0> + template<class CompatibleStringType, typename std::enable_if< + std::is_constructible<string_t, CompatibleStringType>::value, int>::type = 0> basic_json(const CompatibleStringType& val) : basic_json(string_t(val)) { @@ -1377,12 +1348,9 @@ class basic_json @since version 1.0.0 */ - template<typename T, - typename std::enable_if< - not (std::is_same<T, int>::value) - and std::is_same<T, number_integer_t>::value - , int>::type - = 0> + template<typename T, typename std::enable_if< + not (std::is_same<T, int>::value) and + std::is_same<T, number_integer_t>::value, int>::type = 0> basic_json(const number_integer_t val) noexcept : m_type(value_t::number_integer), m_value(val) { @@ -1446,13 +1414,11 @@ class basic_json @since version 1.0.0 */ - template<typename CompatibleNumberIntegerType, typename - std::enable_if< + template<typename CompatibleNumberIntegerType, typename std::enable_if< std::is_constructible<number_integer_t, CompatibleNumberIntegerType>::value and std::numeric_limits<CompatibleNumberIntegerType>::is_integer and std::numeric_limits<CompatibleNumberIntegerType>::is_signed, - CompatibleNumberIntegerType>::type - = 0> + CompatibleNumberIntegerType>::type = 0> basic_json(const CompatibleNumberIntegerType val) noexcept : m_type(value_t::number_integer), m_value(static_cast<number_integer_t>(val)) @@ -1477,12 +1443,9 @@ class basic_json @since version 2.0.0 */ - template<typename T, - typename std::enable_if< - not (std::is_same<T, int>::value) - and std::is_same<T, number_unsigned_t>::value - , int>::type - = 0> + template<typename T, typename std::enable_if< + not (std::is_same<T, int>::value) and + std::is_same<T, number_unsigned_t>::value, int>::type = 0> basic_json(const number_unsigned_t val) noexcept : m_type(value_t::number_unsigned), m_value(val) { @@ -1509,13 +1472,11 @@ class basic_json @since version 2.0.0 */ - template <typename CompatibleNumberUnsignedType, typename - std::enable_if < - std::is_constructible<number_unsigned_t, CompatibleNumberUnsignedType>::value and - std::numeric_limits<CompatibleNumberUnsignedType>::is_integer and - not std::numeric_limits<CompatibleNumberUnsignedType>::is_signed, - CompatibleNumberUnsignedType>::type - = 0> + template<typename CompatibleNumberUnsignedType, typename std::enable_if < + std::is_constructible<number_unsigned_t, CompatibleNumberUnsignedType>::value and + std::numeric_limits<CompatibleNumberUnsignedType>::is_integer and + not std::numeric_limits<CompatibleNumberUnsignedType>::is_signed, + CompatibleNumberUnsignedType>::type = 0> basic_json(const CompatibleNumberUnsignedType val) noexcept : m_type(value_t::number_unsigned), m_value(static_cast<number_unsigned_t>(val)) @@ -1591,11 +1552,9 @@ class basic_json @since version 1.0.0 */ - template<typename CompatibleNumberFloatType, typename = typename - std::enable_if< + template<typename CompatibleNumberFloatType, typename = typename std::enable_if< std::is_constructible<number_float_t, CompatibleNumberFloatType>::value and - std::is_floating_point<CompatibleNumberFloatType>::value>::type - > + std::is_floating_point<CompatibleNumberFloatType>::value>::type> basic_json(const CompatibleNumberFloatType val) noexcept : basic_json(number_float_t(val)) { @@ -1843,7 +1802,8 @@ class basic_json @param[in] first begin of the range to copy from (included) @param[in] last end of the range to copy from (excluded) - @pre Iterators @a first and @a last must be initialized. + @pre Iterators @a first and @a last must be initialized. **This + precondition is enforced with an assertion.** @throw std::domain_error if iterators are not compatible; that is, do not belong to the same JSON value; example: `"iterators are not compatible"` @@ -1861,12 +1821,9 @@ class basic_json @since version 1.0.0 */ - template <class InputIT, typename - std::enable_if< - std::is_same<InputIT, typename basic_json_t::iterator>::value or - std::is_same<InputIT, typename basic_json_t::const_iterator>::value - , int>::type - = 0> + template<class InputIT, typename std::enable_if< + std::is_same<InputIT, typename basic_json_t::iterator>::value or + std::is_same<InputIT, typename basic_json_t::const_iterator>::value, int>::type = 0> basic_json(InputIT first, InputIT last) { assert(first.m_object != nullptr); @@ -1970,12 +1927,21 @@ class basic_json @note A UTF-8 byte order mark is silently ignored. + @deprecated This constructor is deprecated and will be removed in version + 3.0.0 to unify the interface of the library. Deserialization will be + done by stream operators or by calling one of the `parse` functions, + e.g. @ref parse(std::istream&, const parser_callback_t). That is, calls + like `json j(i);` for an input stream @a i need to be replaced by + `json j = json::parse(i);`. See the example below. + @liveexample{The example below demonstrates constructing a JSON value from a `std::stringstream` with and without callback function.,basic_json__istream} - @since version 2.0.0 + @since version 2.0.0, deprecated in version 2.0.3, to be removed in + version 3.0.0 */ + JSON_DEPRECATED explicit basic_json(std::istream& i, const parser_callback_t cb = nullptr) { *this = parser(i, cb).parse(); @@ -2231,7 +2197,7 @@ class basic_json { std::stringstream ss; // fix locale problems - ss.imbue(std::locale(std::locale(), new DecimalSeparator)); + ss.imbue(std::locale::classic()); // 6, 15 or 16 digits of precision allows round-trip IEEE 754 // string->float->string, string->double->string or string->long @@ -2614,11 +2580,9 @@ class basic_json ////////////////// /// get an object (explicit) - template <class T, typename - std::enable_if< - std::is_convertible<typename object_t::key_type, typename T::key_type>::value and - std::is_convertible<basic_json_t, typename T::mapped_type>::value - , int>::type = 0> + template<class T, typename std::enable_if< + std::is_convertible<typename object_t::key_type, typename T::key_type>::value and + std::is_convertible<basic_json_t, typename T::mapped_type>::value, int>::type = 0> T get_impl(T*) const { if (is_object()) @@ -2645,14 +2609,12 @@ class basic_json } /// get an array (explicit) - template <class T, typename - std::enable_if< - std::is_convertible<basic_json_t, typename T::value_type>::value and - not std::is_same<basic_json_t, typename T::value_type>::value and - not std::is_arithmetic<T>::value and - not std::is_convertible<std::string, T>::value and - not has_mapped_type<T>::value - , int>::type = 0> + template<class T, typename std::enable_if< + std::is_convertible<basic_json_t, typename T::value_type>::value and + not std::is_same<basic_json_t, typename T::value_type>::value and + not std::is_arithmetic<T>::value and + not std::is_convertible<std::string, T>::value and + not has_mapped_type<T>::value, int>::type = 0> T get_impl(T*) const { if (is_array()) @@ -2672,11 +2634,9 @@ class basic_json } /// get an array (explicit) - template <class T, typename - std::enable_if< - std::is_convertible<basic_json_t, T>::value and - not std::is_same<basic_json_t, T>::value - , int>::type = 0> + template<class T, typename std::enable_if< + std::is_convertible<basic_json_t, T>::value and + not std::is_same<basic_json_t, T>::value, int>::type = 0> std::vector<T> get_impl(std::vector<T>*) const { if (is_array()) @@ -2697,11 +2657,9 @@ class basic_json } /// get an array (explicit) - template <class T, typename - std::enable_if< - std::is_same<basic_json, typename T::value_type>::value and - not has_mapped_type<T>::value - , int>::type = 0> + template<class T, typename std::enable_if< + std::is_same<basic_json, typename T::value_type>::value and + not has_mapped_type<T>::value, int>::type = 0> T get_impl(T*) const { if (is_array()) @@ -2728,10 +2686,8 @@ class basic_json } /// get a string (explicit) - template <typename T, typename - std::enable_if< - std::is_convertible<string_t, T>::value - , int>::type = 0> + template<typename T, typename std::enable_if< + std::is_convertible<string_t, T>::value, int>::type = 0> T get_impl(T*) const { if (is_string()) @@ -2745,10 +2701,8 @@ class basic_json } /// get a number (explicit) - template<typename T, typename - std::enable_if< - std::is_arithmetic<T>::value - , int>::type = 0> + template<typename T, typename std::enable_if< + std::is_arithmetic<T>::value, int>::type = 0> T get_impl(T*) const { switch (m_type) @@ -2937,10 +2891,8 @@ class basic_json @since version 1.0.0 */ - template<typename ValueType, typename - std::enable_if< - not std::is_pointer<ValueType>::value - , int>::type = 0> + template<typename ValueType, typename std::enable_if< + not std::is_pointer<ValueType>::value, int>::type = 0> ValueType get() const { return get_impl(static_cast<ValueType*>(nullptr)); @@ -2973,10 +2925,8 @@ class basic_json @since version 1.0.0 */ - template<typename PointerType, typename - std::enable_if< - std::is_pointer<PointerType>::value - , int>::type = 0> + template<typename PointerType, typename std::enable_if< + std::is_pointer<PointerType>::value, int>::type = 0> PointerType get() noexcept { // delegate the call to get_ptr @@ -2987,10 +2937,8 @@ class basic_json @brief get a pointer value (explicit) @copydoc get() */ - template<typename PointerType, typename - std::enable_if< - std::is_pointer<PointerType>::value - , int>::type = 0> + template<typename PointerType, typename std::enable_if< + std::is_pointer<PointerType>::value, int>::type = 0> constexpr const PointerType get() const noexcept { // delegate the call to get_ptr @@ -3023,10 +2971,8 @@ class basic_json @since version 1.0.0 */ - template<typename PointerType, typename - std::enable_if< - std::is_pointer<PointerType>::value - , int>::type = 0> + template<typename PointerType, typename std::enable_if< + std::is_pointer<PointerType>::value, int>::type = 0> PointerType get_ptr() noexcept { // get the type of the PointerType (remove pointer and const) @@ -3052,11 +2998,9 @@ class basic_json @brief get a pointer value (implicit) @copydoc get_ptr() */ - template<typename PointerType, typename - std::enable_if< - std::is_pointer<PointerType>::value - and std::is_const<typename std::remove_pointer<PointerType>::type>::value - , int>::type = 0> + template<typename PointerType, typename std::enable_if< + std::is_pointer<PointerType>::value and + std::is_const<typename std::remove_pointer<PointerType>::type>::value, int>::type = 0> constexpr const PointerType get_ptr() const noexcept { // get the type of the PointerType (remove pointer and const) @@ -3104,10 +3048,8 @@ class basic_json @since version 1.1.0 */ - template<typename ReferenceType, typename - std::enable_if< - std::is_reference<ReferenceType>::value - , int>::type = 0> + template<typename ReferenceType, typename std::enable_if< + std::is_reference<ReferenceType>::value, int>::type = 0> ReferenceType get_ref() { // delegate call to get_ref_impl @@ -3118,11 +3060,9 @@ class basic_json @brief get a reference value (implicit) @copydoc get_ref() */ - template<typename ReferenceType, typename - std::enable_if< - std::is_reference<ReferenceType>::value - and std::is_const<typename std::remove_reference<ReferenceType>::type>::value - , int>::type = 0> + template<typename ReferenceType, typename std::enable_if< + std::is_reference<ReferenceType>::value and + std::is_const<typename std::remove_reference<ReferenceType>::type>::value, int>::type = 0> ReferenceType get_ref() const { // delegate call to get_ref_impl @@ -3157,10 +3097,9 @@ class basic_json @since version 1.0.0 */ - template < typename ValueType, typename - std::enable_if < - not std::is_pointer<ValueType>::value - and not std::is_same<ValueType, typename string_t::value_type>::value + template < typename ValueType, typename std::enable_if < + not std::is_pointer<ValueType>::value and + not std::is_same<ValueType, typename string_t::value_type>::value #ifndef _MSC_VER // Fix for issue #167 operator<< abiguity under VS2015 and not std::is_same<ValueType, std::initializer_list<typename string_t::value_type>>::value #endif @@ -3509,6 +3448,9 @@ class basic_json @return const reference to the element at key @a key + @pre The element with key @a key must exist. **This precondition is + enforced with an assertion.** + @throw std::domain_error if JSON is not an object; example: `"cannot use operator[] with null"` @@ -3667,6 +3609,9 @@ class basic_json @return const reference to the element at key @a key + @pre The element with key @a key must exist. **This precondition is + enforced with an assertion.** + @throw std::domain_error if JSON is not an object; example: `"cannot use operator[] with null"` @@ -3744,10 +3689,8 @@ class basic_json @since version 1.0.0 */ - template <class ValueType, typename - std::enable_if< - std::is_convertible<basic_json_t, ValueType>::value - , int>::type = 0> + template<class ValueType, typename std::enable_if< + std::is_convertible<basic_json_t, ValueType>::value, int>::type = 0> ValueType value(const typename object_t::key_type& key, ValueType default_value) const { // at only works for objects @@ -3820,10 +3763,8 @@ class basic_json @since version 2.0.2 */ - template <class ValueType, typename - std::enable_if< - std::is_convertible<basic_json_t, ValueType>::value - , int>::type = 0> + template<class ValueType, typename std::enable_if< + std::is_convertible<basic_json_t, ValueType>::value, int>::type = 0> ValueType value(const json_pointer& ptr, ValueType default_value) const { // at only works for objects @@ -3861,13 +3802,14 @@ class basic_json container `c`, the expression `c.front()` is equivalent to `*c.begin()`. @return In case of a structured type (array or object), a reference to the - first element is returned. In cast of number, string, or boolean values, a + first element is returned. In case of number, string, or boolean values, a reference to the value is returned. @complexity Constant. @pre The JSON value must not be `null` (would throw `std::out_of_range`) - or an empty array or object (undefined behavior, guarded by assertions). + or an empty array or object (undefined behavior, **guarded by + assertions**). @post The JSON value remains unchanged. @throw std::out_of_range when called on `null` value @@ -3903,13 +3845,14 @@ class basic_json @endcode @return In case of a structured type (array or object), a reference to the - last element is returned. In cast of number, string, or boolean values, a + last element is returned. In case of number, string, or boolean values, a reference to the value is returned. @complexity Constant. @pre The JSON value must not be `null` (would throw `std::out_of_range`) - or an empty array or object (undefined behavior, guarded by assertions). + or an empty array or object (undefined behavior, **guarded by + assertions**). @post The JSON value remains unchanged. @throw std::out_of_range when called on `null` value. @@ -3951,7 +3894,7 @@ class basic_json @return Iterator following the last removed element. If the iterator @a pos refers to the last element, the `end()` iterator is returned. - @tparam InteratorType an @ref iterator or @ref const_iterator + @tparam IteratorType an @ref iterator or @ref const_iterator @post Invalidates iterators and references at or after the point of the erase, including the `end()` iterator. @@ -3973,7 +3916,7 @@ class basic_json @liveexample{The example shows the result of `erase()` for different JSON types.,erase__IteratorType} - @sa @ref erase(InteratorType, InteratorType) -- removes the elements in + @sa @ref erase(IteratorType, IteratorType) -- removes the elements in the given range @sa @ref erase(const typename object_t::key_type&) -- removes the element from an object at the given key @@ -3982,13 +3925,11 @@ class basic_json @since version 1.0.0 */ - template <class InteratorType, typename - std::enable_if< - std::is_same<InteratorType, typename basic_json_t::iterator>::value or - std::is_same<InteratorType, typename basic_json_t::const_iterator>::value - , int>::type - = 0> - InteratorType erase(InteratorType pos) + template<class IteratorType, typename std::enable_if< + std::is_same<IteratorType, typename basic_json_t::iterator>::value or + std::is_same<IteratorType, typename basic_json_t::const_iterator>::value, int>::type + = 0> + IteratorType erase(IteratorType pos) { // make sure iterator fits the current value if (this != pos.m_object) @@ -3996,7 +3937,7 @@ class basic_json throw std::domain_error("iterator does not fit current value"); } - InteratorType result = end(); + IteratorType result = end(); switch (m_type) { @@ -4060,7 +4001,7 @@ class basic_json @return Iterator following the last removed element. If the iterator @a second refers to the last element, the `end()` iterator is returned. - @tparam InteratorType an @ref iterator or @ref const_iterator + @tparam IteratorType an @ref iterator or @ref const_iterator @post Invalidates iterators and references at or after the point of the erase, including the `end()` iterator. @@ -4083,7 +4024,7 @@ class basic_json @liveexample{The example shows the result of `erase()` for different JSON types.,erase__IteratorType_IteratorType} - @sa @ref erase(InteratorType) -- removes the element at a given position + @sa @ref erase(IteratorType) -- removes the element at a given position @sa @ref erase(const typename object_t::key_type&) -- removes the element from an object at the given key @sa @ref erase(const size_type) -- removes the element from an array at @@ -4091,13 +4032,11 @@ class basic_json @since version 1.0.0 */ - template <class InteratorType, typename - std::enable_if< - std::is_same<InteratorType, typename basic_json_t::iterator>::value or - std::is_same<InteratorType, typename basic_json_t::const_iterator>::value - , int>::type - = 0> - InteratorType erase(InteratorType first, InteratorType last) + template<class IteratorType, typename std::enable_if< + std::is_same<IteratorType, typename basic_json_t::iterator>::value or + std::is_same<IteratorType, typename basic_json_t::const_iterator>::value, int>::type + = 0> + IteratorType erase(IteratorType first, IteratorType last) { // make sure iterator fits the current value if (this != first.m_object or this != last.m_object) @@ -4105,7 +4044,7 @@ class basic_json throw std::domain_error("iterators do not fit current value"); } - InteratorType result = end(); + IteratorType result = end(); switch (m_type) { @@ -4177,8 +4116,8 @@ class basic_json @liveexample{The example shows the effect of `erase()`.,erase__key_type} - @sa @ref erase(InteratorType) -- removes the element at a given position - @sa @ref erase(InteratorType, InteratorType) -- removes the elements in + @sa @ref erase(IteratorType) -- removes the element at a given position + @sa @ref erase(IteratorType, IteratorType) -- removes the elements in the given range @sa @ref erase(const size_type) -- removes the element from an array at the given index @@ -4214,8 +4153,8 @@ class basic_json @liveexample{The example shows the effect of `erase()`.,erase__size_type} - @sa @ref erase(InteratorType) -- removes the element at a given position - @sa @ref erase(InteratorType, InteratorType) -- removes the elements in + @sa @ref erase(IteratorType) -- removes the element at a given position + @sa @ref erase(IteratorType, IteratorType) -- removes the elements in the given range @sa @ref erase(const typename object_t::key_type&) -- removes the element from an object at the given key @@ -4257,10 +4196,14 @@ class basic_json element is not found or the JSON value is not an object, end() is returned. + @note This method always returns @ref end() when executed on a JSON type + that is not an object. + @param[in] key key value of the element to search for @return Iterator to an element with key equivalent to @a key. If no such - element is found, past-the-end (see end()) iterator is returned. + element is found or the JSON value is not an object, past-the-end (see + @ref end()) iterator is returned. @complexity Logarithmic in the size of the JSON object. @@ -4303,6 +4246,9 @@ class basic_json default `std::map` type, the return value will always be `0` (@a key was not found) or `1` (@a key was found). + @note This method always returns `0` when executed on a JSON type that is + not an object. + @param[in] key key value of the element to count @return Number of elements with key @a key. If the JSON value is not an @@ -4862,9 +4808,6 @@ class basic_json object | `{}` array | `[]` - @note Floating-point numbers are set to `0.0` which will be serialized to - `0`. The vale type remains @ref number_float_t. - @complexity Linear in the size of the JSON value. @liveexample{The example below shows the effect of `clear()` to different @@ -5110,6 +5053,102 @@ class basic_json } /*! + @brief add an object to an array + + Creates a JSON value from the passed parameters @a args to the end of the + JSON value. If the function is called on a JSON null value, an empty array + is created before appending the value created from @a args. + + @param[in] args arguments to forward to a constructor of @ref basic_json + @tparam Args compatible types to create a @ref basic_json object + + @throw std::domain_error when called on a type other than JSON array or + null; example: `"cannot use emplace_back() with number"` + + @complexity Amortized constant. + + @liveexample{The example shows how `push_back()` can be used to add + elements to a JSON array. Note how the `null` value was silently converted + to a JSON array.,emplace_back} + + @since version 2.0.8 + */ + template<class... Args> + void emplace_back(Args&& ... args) + { + // emplace_back only works for null objects or arrays + if (not(is_null() or is_array())) + { + throw std::domain_error("cannot use emplace_back() with " + type_name()); + } + + // transform null object into an array + if (is_null()) + { + m_type = value_t::array; + m_value = value_t::array; + assert_invariant(); + } + + // add element to array (perfect forwarding) + m_value.array->emplace_back(std::forward<Args>(args)...); + } + + /*! + @brief add an object to an object if key does not exist + + Inserts a new element into a JSON object constructed in-place with the given + @a args if there is no element with the key in the container. If the + function is called on a JSON null value, an empty object is created before + appending the value created from @a args. + + @param[in] args arguments to forward to a constructor of @ref basic_json + @tparam Args compatible types to create a @ref basic_json object + + @return a pair consisting of an iterator to the inserted element, or the + already-existing element if no insertion happened, and a bool + denoting whether the insertion took place. + + @throw std::domain_error when called on a type other than JSON object or + null; example: `"cannot use emplace() with number"` + + @complexity Logarithmic in the size of the container, O(log(`size()`)). + + @liveexample{The example shows how `emplace()` can be used to add elements + to a JSON object. Note how the `null` value was silently converted to a + JSON object. Further note how no value is added if there was already one + value stored with the same key.,emplace} + + @since version 2.0.8 + */ + template<class... Args> + std::pair<iterator, bool> emplace(Args&& ... args) + { + // emplace only works for null objects or arrays + if (not(is_null() or is_object())) + { + throw std::domain_error("cannot use emplace() with " + type_name()); + } + + // transform null object into an object + if (is_null()) + { + m_type = value_t::object; + m_value = value_t::object; + assert_invariant(); + } + + // add element to array (perfect forwarding) + auto res = m_value.object->emplace(std::forward<Args>(args)...); + // create result iterator and set iterator to the result of emplace + auto it = begin(); + it.m_it.object_iterator = res.first; + + // return pair of iterator and boolean + return {it, res.second}; + } + + /*! @brief inserts element Inserts element @a val before iterator @a pos. @@ -5885,7 +5924,7 @@ class basic_json o.width(0); // fix locale problems - const auto old_locale = o.imbue(std::locale(std::locale(), new DecimalSeparator)); + const auto old_locale = o.imbue(std::locale::classic()); // set precision // 6, 15 or 16 digits of precision allows round-trip IEEE 754 @@ -5923,9 +5962,45 @@ class basic_json /// @{ /*! - @brief deserialize from string + @brief deserialize from an array + + This function reads from an array of 1-byte values. - @param[in] s string to read a serialized JSON value from + @pre Each element of the container has a size of 1 byte. Violating this + precondition yields undefined behavior. **This precondition is enforced + with a static assertion.** + + @param[in] array array to read from + @param[in] cb a parser callback function of type @ref parser_callback_t + which is used to control the deserialization by filtering unwanted values + (optional) + + @return result of the deserialization + + @complexity Linear in the length of the input. The parser is a predictive + LL(1) parser. The complexity can be higher if the parser callback function + @a cb has a super-linear complexity. + + @note A UTF-8 byte order mark is silently ignored. + + @liveexample{The example below demonstrates the `parse()` function reading + from an array.,parse__array__parser_callback_t} + + @since version 2.0.3 + */ + template<class T, std::size_t N> + static basic_json parse(T (&array)[N], + const parser_callback_t cb = nullptr) + { + // delegate the call to the iterator-range parse overload + return parse(std::begin(array), std::end(array), cb); + } + + /*! + @brief deserialize from string literal + + @tparam CharT character/literal type with size of 1 byte + @param[in] s string literal to read a serialized JSON value from @param[in] cb a parser callback function of type @ref parser_callback_t which is used to control the deserialization by filtering unwanted values (optional) @@ -5937,6 +6012,8 @@ class basic_json @a cb has a super-linear complexity. @note A UTF-8 byte order mark is silently ignored. + @note String containers like `std::string` or @ref string_t can be parsed + with @ref parse(const ContiguousContainer&, const parser_callback_t) @liveexample{The example below demonstrates the `parse()` function with and without callback function.,parse__string__parser_callback_t} @@ -5944,12 +6021,16 @@ class basic_json @sa @ref parse(std::istream&, const parser_callback_t) for a version that reads from an input stream - @since version 1.0.0 + @since version 1.0.0 (originally for @ref string_t) */ - static basic_json parse(const string_t& s, + template<typename CharT, typename std::enable_if< + std::is_pointer<CharT>::value and + std::is_integral<typename std::remove_pointer<CharT>::type>::value and + sizeof(typename std::remove_pointer<CharT>::type) == 1, int>::type = 0> + static basic_json parse(const CharT s, const parser_callback_t cb = nullptr) { - return parser(s, cb).parse(); + return parser(reinterpret_cast<const char*>(s), cb).parse(); } /*! @@ -5971,7 +6052,7 @@ class basic_json @liveexample{The example below demonstrates the `parse()` function with and without callback function.,parse__istream__parser_callback_t} - @sa @ref parse(const string_t&, const parser_callback_t) for a version + @sa @ref parse(const CharT, const parser_callback_t) for a version that reads from a string @since version 1.0.0 @@ -5992,6 +6073,130 @@ class basic_json } /*! + @brief deserialize from an iterator range with contiguous storage + + This function reads from an iterator range of a container with contiguous + storage of 1-byte values. Compatible container types include + `std::vector`, `std::string`, `std::array`, `std::valarray`, and + `std::initializer_list`. Furthermore, C-style arrays can be used with + `std::begin()`/`std::end()`. User-defined containers can be used as long + as they implement random-access iterators and a contiguous storage. + + @pre The iterator range is contiguous. Violating this precondition yields + undefined behavior. **This precondition is enforced with an assertion.** + @pre Each element in the range has a size of 1 byte. Violating this + precondition yields undefined behavior. **This precondition is enforced + with a static assertion.** + + @warning There is no way to enforce all preconditions at compile-time. If + the function is called with noncompliant iterators and with + assertions switched off, the behavior is undefined and will most + likely yield segmentation violation. + + @tparam IteratorType iterator of container with contiguous storage + @param[in] first begin of the range to parse (included) + @param[in] last end of the range to parse (excluded) + @param[in] cb a parser callback function of type @ref parser_callback_t + which is used to control the deserialization by filtering unwanted values + (optional) + + @return result of the deserialization + + @complexity Linear in the length of the input. The parser is a predictive + LL(1) parser. The complexity can be higher if the parser callback function + @a cb has a super-linear complexity. + + @note A UTF-8 byte order mark is silently ignored. + + @liveexample{The example below demonstrates the `parse()` function reading + from an iterator range.,parse__iteratortype__parser_callback_t} + + @since version 2.0.3 + */ + template<class IteratorType, typename std::enable_if< + std::is_base_of< + std::random_access_iterator_tag, + typename std::iterator_traits<IteratorType>::iterator_category>::value, int>::type = 0> + static basic_json parse(IteratorType first, IteratorType last, + const parser_callback_t cb = nullptr) + { + // assertion to check that the iterator range is indeed contiguous, + // see http://stackoverflow.com/a/35008842/266378 for more discussion + assert(std::accumulate(first, last, std::make_pair<bool, int>(true, 0), + [&first](std::pair<bool, int> res, decltype(*first) val) + { + res.first &= (val == *(std::next(std::addressof(*first), res.second++))); + return res; + }).first); + + // assertion to check that each element is 1 byte long + static_assert(sizeof(typename std::iterator_traits<IteratorType>::value_type) == 1, + "each element in the iterator range must have the size of 1 byte"); + + // if iterator range is empty, create a parser with an empty string + // to generate "unexpected EOF" error message + if (std::distance(first, last) <= 0) + { + return parser("").parse(); + } + + return parser(first, last, cb).parse(); + } + + /*! + @brief deserialize from a container with contiguous storage + + This function reads from a container with contiguous storage of 1-byte + values. Compatible container types include `std::vector`, `std::string`, + `std::array`, and `std::initializer_list`. User-defined containers can be + used as long as they implement random-access iterators and a contiguous + storage. + + @pre The container storage is contiguous. Violating this precondition + yields undefined behavior. **This precondition is enforced with an + assertion.** + @pre Each element of the container has a size of 1 byte. Violating this + precondition yields undefined behavior. **This precondition is enforced + with a static assertion.** + + @warning There is no way to enforce all preconditions at compile-time. If + the function is called with a noncompliant container and with + assertions switched off, the behavior is undefined and will most + likely yield segmentation violation. + + @tparam ContiguousContainer container type with contiguous storage + @param[in] c container to read from + @param[in] cb a parser callback function of type @ref parser_callback_t + which is used to control the deserialization by filtering unwanted values + (optional) + + @return result of the deserialization + + @complexity Linear in the length of the input. The parser is a predictive + LL(1) parser. The complexity can be higher if the parser callback function + @a cb has a super-linear complexity. + + @note A UTF-8 byte order mark is silently ignored. + + @liveexample{The example below demonstrates the `parse()` function reading + from a contiguous container.,parse__contiguouscontainer__parser_callback_t} + + @since version 2.0.3 + */ + template<class ContiguousContainer, typename std::enable_if< + not std::is_pointer<ContiguousContainer>::value and + std::is_base_of< + std::random_access_iterator_tag, + typename std::iterator_traits<decltype(std::begin(std::declval<ContiguousContainer const>()))>::iterator_category>::value + , int>::type = 0> + static basic_json parse(const ContiguousContainer& c, + const parser_callback_t cb = nullptr) + { + // delegate the call to the iterator-range parse overload + return parse(std::begin(c), std::end(c), cb); + } + + /*! @brief deserialize from stream Deserializes an input stream to a JSON value. @@ -6032,6 +6237,1496 @@ class basic_json /// @} + ////////////////////////////////////////// + // binary serialization/deserialization // + ////////////////////////////////////////// + + /// @name binary serialization/deserialization support + /// @{ + + private: + template<typename T> + static void add_to_vector(std::vector<uint8_t>& vec, size_t bytes, const T number) + { + assert(bytes == 1 or bytes == 2 or bytes == 4 or bytes == 8); + + switch (bytes) + { + case 8: + { + vec.push_back(static_cast<uint8_t>((number >> 070) & 0xff)); + vec.push_back(static_cast<uint8_t>((number >> 060) & 0xff)); + vec.push_back(static_cast<uint8_t>((number >> 050) & 0xff)); + vec.push_back(static_cast<uint8_t>((number >> 040) & 0xff)); + // intentional fall-through + } + + case 4: + { + vec.push_back(static_cast<uint8_t>((number >> 030) & 0xff)); + vec.push_back(static_cast<uint8_t>((number >> 020) & 0xff)); + // intentional fall-through + } + + case 2: + { + vec.push_back(static_cast<uint8_t>((number >> 010) & 0xff)); + // intentional fall-through + } + + case 1: + { + vec.push_back(static_cast<uint8_t>(number & 0xff)); + break; + } + } + } + + /*! + @brief take sufficient bytes from a vector to fill an integer variable + + In the context of binary serialization formats, we need to read several + bytes from a byte vector and combine them to multi-byte integral data + types. + + @param[in] vec byte vector to read from + @param[in] current_index the position in the vector after which to read + + @return the next sizeof(T) bytes from @a vec, in reverse order as T + + @tparam T the integral return type + + @throw std::out_of_range if there are less than sizeof(T)+1 bytes in the + vector @a vec to read + + In the for loop, the bytes from the vector are copied in reverse order into + the return value. In the figures below, let sizeof(T)=4 and `i` be the loop + variable. + + Precondition: + + vec: | | | a | b | c | d | T: | | | | | + ^ ^ ^ ^ + current_index i ptr sizeof(T) + + Postcondition: + + vec: | | | a | b | c | d | T: | d | c | b | a | + ^ ^ ^ + | i ptr + current_index + + @sa Code adapted from <http://stackoverflow.com/a/41031865/266378>. + */ + template<typename T> + static T get_from_vector(const std::vector<uint8_t>& vec, const size_t current_index) + { + if (current_index + sizeof(T) + 1 > vec.size()) + { + throw std::out_of_range("cannot read " + std::to_string(sizeof(T)) + " bytes from vector"); + } + + T result; + uint8_t* ptr = reinterpret_cast<uint8_t*>(&result); + for (size_t i = 0; i < sizeof(T); ++i) + { + *ptr++ = vec[current_index + sizeof(T) - i]; + } + return result; + } + + /*! + @brief create a MessagePack serialization of a given JSON value + + This is a straightforward implementation of the MessagePack specification. + + @param[in] j JSON value to serialize + @param[in,out] v byte vector to write the serialization to + + @sa https://github.com/msgpack/msgpack/blob/master/spec.md + */ + static void to_msgpack_internal(const basic_json& j, std::vector<uint8_t>& v) + { + switch (j.type()) + { + case value_t::null: + { + // nil + v.push_back(0xc0); + break; + } + + case value_t::boolean: + { + // true and false + v.push_back(j.m_value.boolean ? 0xc3 : 0xc2); + break; + } + + case value_t::number_integer: + { + if (j.m_value.number_integer >= 0) + { + // MessagePack does not differentiate between positive + // signed integers and unsigned integers. Therefore, we used + // the code from the value_t::number_unsigned case here. + if (j.m_value.number_unsigned < 128) + { + // positive fixnum + add_to_vector(v, 1, j.m_value.number_unsigned); + } + else if (j.m_value.number_unsigned <= UINT8_MAX) + { + // uint 8 + v.push_back(0xcc); + add_to_vector(v, 1, j.m_value.number_unsigned); + } + else if (j.m_value.number_unsigned <= UINT16_MAX) + { + // uint 16 + v.push_back(0xcd); + add_to_vector(v, 2, j.m_value.number_unsigned); + } + else if (j.m_value.number_unsigned <= UINT32_MAX) + { + // uint 32 + v.push_back(0xce); + add_to_vector(v, 4, j.m_value.number_unsigned); + } + else if (j.m_value.number_unsigned <= UINT64_MAX) + { + // uint 64 + v.push_back(0xcf); + add_to_vector(v, 8, j.m_value.number_unsigned); + } + } + else + { + if (j.m_value.number_integer >= -32) + { + // negative fixnum + add_to_vector(v, 1, j.m_value.number_integer); + } + else if (j.m_value.number_integer >= INT8_MIN and j.m_value.number_integer <= INT8_MAX) + { + // int 8 + v.push_back(0xd0); + add_to_vector(v, 1, j.m_value.number_integer); + } + else if (j.m_value.number_integer >= INT16_MIN and j.m_value.number_integer <= INT16_MAX) + { + // int 16 + v.push_back(0xd1); + add_to_vector(v, 2, j.m_value.number_integer); + } + else if (j.m_value.number_integer >= INT32_MIN and j.m_value.number_integer <= INT32_MAX) + { + // int 32 + v.push_back(0xd2); + add_to_vector(v, 4, j.m_value.number_integer); + } + else if (j.m_value.number_integer >= INT64_MIN and j.m_value.number_integer <= INT64_MAX) + { + // int 64 + v.push_back(0xd3); + add_to_vector(v, 8, j.m_value.number_integer); + } + } + break; + } + + case value_t::number_unsigned: + { + if (j.m_value.number_unsigned < 128) + { + // positive fixnum + add_to_vector(v, 1, j.m_value.number_unsigned); + } + else if (j.m_value.number_unsigned <= UINT8_MAX) + { + // uint 8 + v.push_back(0xcc); + add_to_vector(v, 1, j.m_value.number_unsigned); + } + else if (j.m_value.number_unsigned <= UINT16_MAX) + { + // uint 16 + v.push_back(0xcd); + add_to_vector(v, 2, j.m_value.number_unsigned); + } + else if (j.m_value.number_unsigned <= UINT32_MAX) + { + // uint 32 + v.push_back(0xce); + add_to_vector(v, 4, j.m_value.number_unsigned); + } + else if (j.m_value.number_unsigned <= UINT64_MAX) + { + // uint 64 + v.push_back(0xcf); + add_to_vector(v, 8, j.m_value.number_unsigned); + } + break; + } + + case value_t::number_float: + { + // float 64 + v.push_back(0xcb); + const uint8_t* helper = reinterpret_cast<const uint8_t*>(&(j.m_value.number_float)); + for (size_t i = 0; i < 8; ++i) + { + v.push_back(helper[7 - i]); + } + break; + } + + case value_t::string: + { + const auto N = j.m_value.string->size(); + if (N <= 31) + { + // fixstr + v.push_back(static_cast<uint8_t>(0xa0 | N)); + } + else if (N <= 255) + { + // str 8 + v.push_back(0xd9); + add_to_vector(v, 1, N); + } + else if (N <= 65535) + { + // str 16 + v.push_back(0xda); + add_to_vector(v, 2, N); + } + else if (N <= 4294967295) + { + // str 32 + v.push_back(0xdb); + add_to_vector(v, 4, N); + } + + // append string + std::copy(j.m_value.string->begin(), j.m_value.string->end(), + std::back_inserter(v)); + break; + } + + case value_t::array: + { + const auto N = j.m_value.array->size(); + if (N <= 15) + { + // fixarray + v.push_back(static_cast<uint8_t>(0x90 | N)); + } + else if (N <= 0xffff) + { + // array 16 + v.push_back(0xdc); + add_to_vector(v, 2, N); + } + else if (N <= 0xffffffff) + { + // array 32 + v.push_back(0xdd); + add_to_vector(v, 4, N); + } + + // append each element + for (const auto& el : *j.m_value.array) + { + to_msgpack_internal(el, v); + } + break; + } + + case value_t::object: + { + const auto N = j.m_value.object->size(); + if (N <= 15) + { + // fixmap + v.push_back(static_cast<uint8_t>(0x80 | (N & 0xf))); + } + else if (N <= 65535) + { + // map 16 + v.push_back(0xde); + add_to_vector(v, 2, N); + } + else if (N <= 4294967295) + { + // map 32 + v.push_back(0xdf); + add_to_vector(v, 4, N); + } + + // append each element + for (const auto& el : *j.m_value.object) + { + to_msgpack_internal(el.first, v); + to_msgpack_internal(el.second, v); + } + break; + } + + default: + { + break; + } + } + } + + /*! + @brief create a CBOR serialization of a given JSON value + + This is a straightforward implementation of the CBOR specification. + + @param[in] j JSON value to serialize + @param[in,out] v byte vector to write the serialization to + + @sa https://tools.ietf.org/html/rfc7049 + */ + static void to_cbor_internal(const basic_json& j, std::vector<uint8_t>& v) + { + switch (j.type()) + { + case value_t::null: + { + v.push_back(0xf6); + break; + } + + case value_t::boolean: + { + v.push_back(j.m_value.boolean ? 0xf5 : 0xf4); + break; + } + + case value_t::number_integer: + { + if (j.m_value.number_integer >= 0) + { + // CBOR does not differentiate between positive signed + // integers and unsigned integers. Therefore, we used the + // code from the value_t::number_unsigned case here. + if (j.m_value.number_integer <= 0x17) + { + add_to_vector(v, 1, j.m_value.number_integer); + } + else if (j.m_value.number_integer <= UINT8_MAX) + { + v.push_back(0x18); + // one-byte uint8_t + add_to_vector(v, 1, j.m_value.number_integer); + } + else if (j.m_value.number_integer <= UINT16_MAX) + { + v.push_back(0x19); + // two-byte uint16_t + add_to_vector(v, 2, j.m_value.number_integer); + } + else if (j.m_value.number_integer <= UINT32_MAX) + { + v.push_back(0x1a); + // four-byte uint32_t + add_to_vector(v, 4, j.m_value.number_integer); + } + else + { + v.push_back(0x1b); + // eight-byte uint64_t + add_to_vector(v, 8, j.m_value.number_integer); + } + } + else + { + // The conversions below encode the sign in the first byte, + // and the value is converted to a positive number. + const auto positive_number = -1 - j.m_value.number_integer; + if (j.m_value.number_integer >= -24) + { + v.push_back(static_cast<uint8_t>(0x20 + positive_number)); + } + else if (positive_number <= UINT8_MAX) + { + // int 8 + v.push_back(0x38); + add_to_vector(v, 1, positive_number); + } + else if (positive_number <= UINT16_MAX) + { + // int 16 + v.push_back(0x39); + add_to_vector(v, 2, positive_number); + } + else if (positive_number <= UINT32_MAX) + { + // int 32 + v.push_back(0x3a); + add_to_vector(v, 4, positive_number); + } + else + { + // int 64 + v.push_back(0x3b); + add_to_vector(v, 8, positive_number); + } + } + break; + } + + case value_t::number_unsigned: + { + if (j.m_value.number_unsigned <= 0x17) + { + v.push_back(static_cast<uint8_t>(j.m_value.number_unsigned)); + } + else if (j.m_value.number_unsigned <= 0xff) + { + v.push_back(0x18); + // one-byte uint8_t + add_to_vector(v, 1, j.m_value.number_unsigned); + } + else if (j.m_value.number_unsigned <= 0xffff) + { + v.push_back(0x19); + // two-byte uint16_t + add_to_vector(v, 2, j.m_value.number_unsigned); + } + else if (j.m_value.number_unsigned <= 0xffffffff) + { + v.push_back(0x1a); + // four-byte uint32_t + add_to_vector(v, 4, j.m_value.number_unsigned); + } + else if (j.m_value.number_unsigned <= 0xffffffffffffffff) + { + v.push_back(0x1b); + // eight-byte uint64_t + add_to_vector(v, 8, j.m_value.number_unsigned); + } + break; + } + + case value_t::number_float: + { + // Double-Precision Float + v.push_back(0xfb); + const uint8_t* helper = reinterpret_cast<const uint8_t*>(&(j.m_value.number_float)); + for (size_t i = 0; i < 8; ++i) + { + v.push_back(helper[7 - i]); + } + break; + } + + case value_t::string: + { + const auto N = j.m_value.string->size(); + if (N <= 0x17) + { + v.push_back(0x60 + N); // 1 byte for string + size + } + else if (N <= 0xff) + { + v.push_back(0x78); // one-byte uint8_t for N + add_to_vector(v, 1, N); + } + else if (N <= 0xffff) + { + v.push_back(0x79); // two-byte uint16_t for N + add_to_vector(v, 2, N); + } + else if (N <= 0xffffffff) + { + v.push_back(0x7a); // four-byte uint32_t for N + add_to_vector(v, 4, N); + } + // LCOV_EXCL_START + else if (N <= 0xffffffffffffffff) + { + v.push_back(0x7b); // eight-byte uint64_t for N + add_to_vector(v, 8, N); + } + // LCOV_EXCL_STOP + + // append string + std::copy(j.m_value.string->begin(), j.m_value.string->end(), + std::back_inserter(v)); + break; + } + + case value_t::array: + { + const auto N = j.m_value.array->size(); + if (N <= 0x17) + { + v.push_back(0x80 + N); // 1 byte for array + size + } + else if (N <= 0xff) + { + v.push_back(0x98); // one-byte uint8_t for N + add_to_vector(v, 1, N); + } + else if (N <= 0xffff) + { + v.push_back(0x99); // two-byte uint16_t for N + add_to_vector(v, 2, N); + } + else if (N <= 0xffffffff) + { + v.push_back(0x9a); // four-byte uint32_t for N + add_to_vector(v, 4, N); + } + // LCOV_EXCL_START + else if (N <= 0xffffffffffffffff) + { + v.push_back(0x9b); // eight-byte uint64_t for N + add_to_vector(v, 8, N); + } + // LCOV_EXCL_STOP + + // append each element + for (const auto& el : *j.m_value.array) + { + to_cbor_internal(el, v); + } + break; + } + + case value_t::object: + { + const auto N = j.m_value.object->size(); + if (N <= 0x17) + { + v.push_back(0xa0 + N); // 1 byte for object + size + } + else if (N <= 0xff) + { + v.push_back(0xb8); + add_to_vector(v, 1, N); // one-byte uint8_t for N + } + else if (N <= 0xffff) + { + v.push_back(0xb9); + add_to_vector(v, 2, N); // two-byte uint16_t for N + } + else if (N <= 0xffffffff) + { + v.push_back(0xba); + add_to_vector(v, 4, N); // four-byte uint32_t for N + } + // LCOV_EXCL_START + else if (N <= 0xffffffffffffffff) + { + v.push_back(0xbb); + add_to_vector(v, 8, N); // eight-byte uint64_t for N + } + // LCOV_EXCL_STOP + + // append each element + for (const auto& el : *j.m_value.object) + { + to_cbor_internal(el.first, v); + to_cbor_internal(el.second, v); + } + break; + } + + default: + { + break; + } + } + } + + + /* + @brief checks if given lengths do not exceed the size of a given vector + + To secure the access to the byte vector during CBOR/MessagePack + deserialization, bytes are copied from the vector into buffers. This + function checks if the number of bytes to copy (@a len) does not exceed the + size @s size of the vector. Additionally, an @a offset is given from where + to start reading the bytes. + + This function checks whether reading the bytes is safe; that is, offset is a + valid index in the vector, offset+len + + @param[in] size size of the byte vector + @param[in] len number of bytes to read + @param[in] offset offset where to start reading + + vec: x x x x x X X X X X + ^ ^ ^ + 0 offset len + + @throws out_of_range if `len > v.size()` + */ + static void check_length(const size_t size, const size_t len, const size_t offset) + { + // simple case: requested length is greater than the vector's length + if (len > size or offset > size) + { + throw std::out_of_range("len out of range"); + } + + // second case: adding offset would result in overflow + if ((size > (std::numeric_limits<size_t>::max() - offset))) + { + throw std::out_of_range("len+offset out of range"); + } + + // last case: reading past the end of the vector + if (len + offset > size) + { + throw std::out_of_range("len+offset out of range"); + } + } + + /*! + @brief create a JSON value from a given MessagePack vector + + @param[in] v MessagePack serialization + @param[in] idx byte index to start reading from @a v + + @return deserialized JSON value + + @throw std::invalid_argument if unsupported features from MessagePack were + used in the given vector @a v or if the input is not valid MessagePack + @throw std::out_of_range if the given vector ends prematurely + + @sa https://github.com/msgpack/msgpack/blob/master/spec.md + */ + static basic_json from_msgpack_internal(const std::vector<uint8_t>& v, size_t& idx) + { + // make sure reading 1 byte is safe + check_length(v.size(), 1, idx); + + // store and increment index + const size_t current_idx = idx++; + + if (v[current_idx] <= 0xbf) + { + if (v[current_idx] <= 0x7f) // positive fixint + { + return v[current_idx]; + } + else if (v[current_idx] <= 0x8f) // fixmap + { + basic_json result = value_t::object; + const size_t len = v[current_idx] & 0x0f; + for (size_t i = 0; i < len; ++i) + { + std::string key = from_msgpack_internal(v, idx); + result[key] = from_msgpack_internal(v, idx); + } + return result; + } + else if (v[current_idx] <= 0x9f) // fixarray + { + basic_json result = value_t::array; + const size_t len = v[current_idx] & 0x0f; + for (size_t i = 0; i < len; ++i) + { + result.push_back(from_msgpack_internal(v, idx)); + } + return result; + } + else // fixstr + { + const size_t len = v[current_idx] & 0x1f; + const size_t offset = current_idx + 1; + idx += len; // skip content bytes + check_length(v.size(), len, offset); + return std::string(reinterpret_cast<const char*>(v.data()) + offset, len); + } + } + else if (v[current_idx] >= 0xe0) // negative fixint + { + return static_cast<int8_t>(v[current_idx]); + } + else + { + switch (v[current_idx]) + { + case 0xc0: // nil + { + return value_t::null; + } + + case 0xc2: // false + { + return false; + } + + case 0xc3: // true + { + return true; + } + + case 0xca: // float 32 + { + // copy bytes in reverse order into the double variable + check_length(v.size(), sizeof(float), 1); + float res; + for (size_t byte = 0; byte < sizeof(float); ++byte) + { + reinterpret_cast<uint8_t*>(&res)[sizeof(float) - byte - 1] = v[current_idx + 1 + byte]; + } + idx += sizeof(float); // skip content bytes + return res; + } + + case 0xcb: // float 64 + { + // copy bytes in reverse order into the double variable + check_length(v.size(), sizeof(double), 1); + double res; + for (size_t byte = 0; byte < sizeof(double); ++byte) + { + reinterpret_cast<uint8_t*>(&res)[sizeof(double) - byte - 1] = v[current_idx + 1 + byte]; + } + idx += sizeof(double); // skip content bytes + return res; + } + + case 0xcc: // uint 8 + { + idx += 1; // skip content byte + return get_from_vector<uint8_t>(v, current_idx); + } + + case 0xcd: // uint 16 + { + idx += 2; // skip 2 content bytes + return get_from_vector<uint16_t>(v, current_idx); + } + + case 0xce: // uint 32 + { + idx += 4; // skip 4 content bytes + return get_from_vector<uint32_t>(v, current_idx); + } + + case 0xcf: // uint 64 + { + idx += 8; // skip 8 content bytes + return get_from_vector<uint64_t>(v, current_idx); + } + + case 0xd0: // int 8 + { + idx += 1; // skip content byte + return get_from_vector<int8_t>(v, current_idx); + } + + case 0xd1: // int 16 + { + idx += 2; // skip 2 content bytes + return get_from_vector<int16_t>(v, current_idx); + } + + case 0xd2: // int 32 + { + idx += 4; // skip 4 content bytes + return get_from_vector<int32_t>(v, current_idx); + } + + case 0xd3: // int 64 + { + idx += 8; // skip 8 content bytes + return get_from_vector<int64_t>(v, current_idx); + } + + case 0xd9: // str 8 + { + const auto len = static_cast<size_t>(get_from_vector<uint8_t>(v, current_idx)); + const size_t offset = current_idx + 2; + idx += len + 1; // skip size byte + content bytes + check_length(v.size(), len, offset); + return std::string(reinterpret_cast<const char*>(v.data()) + offset, len); + } + + case 0xda: // str 16 + { + const auto len = static_cast<size_t>(get_from_vector<uint16_t>(v, current_idx)); + const size_t offset = current_idx + 3; + idx += len + 2; // skip 2 size bytes + content bytes + check_length(v.size(), len, offset); + return std::string(reinterpret_cast<const char*>(v.data()) + offset, len); + } + + case 0xdb: // str 32 + { + const auto len = static_cast<size_t>(get_from_vector<uint32_t>(v, current_idx)); + const size_t offset = current_idx + 5; + idx += len + 4; // skip 4 size bytes + content bytes + check_length(v.size(), len, offset); + return std::string(reinterpret_cast<const char*>(v.data()) + offset, len); + } + + case 0xdc: // array 16 + { + basic_json result = value_t::array; + const auto len = static_cast<size_t>(get_from_vector<uint16_t>(v, current_idx)); + idx += 2; // skip 2 size bytes + for (size_t i = 0; i < len; ++i) + { + result.push_back(from_msgpack_internal(v, idx)); + } + return result; + } + + case 0xdd: // array 32 + { + basic_json result = value_t::array; + const auto len = static_cast<size_t>(get_from_vector<uint32_t>(v, current_idx)); + idx += 4; // skip 4 size bytes + for (size_t i = 0; i < len; ++i) + { + result.push_back(from_msgpack_internal(v, idx)); + } + return result; + } + + case 0xde: // map 16 + { + basic_json result = value_t::object; + const auto len = static_cast<size_t>(get_from_vector<uint16_t>(v, current_idx)); + idx += 2; // skip 2 size bytes + for (size_t i = 0; i < len; ++i) + { + std::string key = from_msgpack_internal(v, idx); + result[key] = from_msgpack_internal(v, idx); + } + return result; + } + + case 0xdf: // map 32 + { + basic_json result = value_t::object; + const auto len = static_cast<size_t>(get_from_vector<uint32_t>(v, current_idx)); + idx += 4; // skip 4 size bytes + for (size_t i = 0; i < len; ++i) + { + std::string key = from_msgpack_internal(v, idx); + result[key] = from_msgpack_internal(v, idx); + } + return result; + } + + default: + { + throw std::invalid_argument("error parsing a msgpack @ " + std::to_string(current_idx) + ": " + std::to_string(static_cast<int>(v[current_idx]))); + } + } + } + } + + /*! + @brief create a JSON value from a given CBOR vector + + @param[in] v CBOR serialization + @param[in] idx byte index to start reading from @a v + + @return deserialized JSON value + + @throw std::invalid_argument if unsupported features from CBOR were used in + the given vector @a v or if the input is not valid CBOR + @throw std::out_of_range if the given vector ends prematurely + + @sa https://tools.ietf.org/html/rfc7049 + */ + static basic_json from_cbor_internal(const std::vector<uint8_t>& v, size_t& idx) + { + // store and increment index + const size_t current_idx = idx++; + + switch (v.at(current_idx)) + { + // Integer 0x00..0x17 (0..23) + case 0x00: + case 0x01: + case 0x02: + case 0x03: + case 0x04: + case 0x05: + case 0x06: + case 0x07: + case 0x08: + case 0x09: + case 0x0a: + case 0x0b: + case 0x0c: + case 0x0d: + case 0x0e: + case 0x0f: + case 0x10: + case 0x11: + case 0x12: + case 0x13: + case 0x14: + case 0x15: + case 0x16: + case 0x17: + { + return v[current_idx]; + } + + case 0x18: // Unsigned integer (one-byte uint8_t follows) + { + idx += 1; // skip content byte + return get_from_vector<uint8_t>(v, current_idx); + } + + case 0x19: // Unsigned integer (two-byte uint16_t follows) + { + idx += 2; // skip 2 content bytes + return get_from_vector<uint16_t>(v, current_idx); + } + + case 0x1a: // Unsigned integer (four-byte uint32_t follows) + { + idx += 4; // skip 4 content bytes + return get_from_vector<uint32_t>(v, current_idx); + } + + case 0x1b: // Unsigned integer (eight-byte uint64_t follows) + { + idx += 8; // skip 8 content bytes + return get_from_vector<uint64_t>(v, current_idx); + } + + // Negative integer -1-0x00..-1-0x17 (-1..-24) + case 0x20: + case 0x21: + case 0x22: + case 0x23: + case 0x24: + case 0x25: + case 0x26: + case 0x27: + case 0x28: + case 0x29: + case 0x2a: + case 0x2b: + case 0x2c: + case 0x2d: + case 0x2e: + case 0x2f: + case 0x30: + case 0x31: + case 0x32: + case 0x33: + case 0x34: + case 0x35: + case 0x36: + case 0x37: + { + return static_cast<int8_t>(0x20 - 1 - v[current_idx]); + } + + case 0x38: // Negative integer (one-byte uint8_t follows) + { + idx += 1; // skip content byte + // must be uint8_t ! + return static_cast<number_integer_t>(-1) - get_from_vector<uint8_t>(v, current_idx); + } + + case 0x39: // Negative integer -1-n (two-byte uint16_t follows) + { + idx += 2; // skip 2 content bytes + return static_cast<number_integer_t>(-1) - get_from_vector<uint16_t>(v, current_idx); + } + + case 0x3a: // Negative integer -1-n (four-byte uint32_t follows) + { + idx += 4; // skip 4 content bytes + return static_cast<number_integer_t>(-1) - get_from_vector<uint32_t>(v, current_idx); + } + + case 0x3b: // Negative integer -1-n (eight-byte uint64_t follows) + { + idx += 8; // skip 8 content bytes + return static_cast<number_integer_t>(-1) - static_cast<number_integer_t>(get_from_vector<uint64_t>(v, current_idx)); + } + + // UTF-8 string (0x00..0x17 bytes follow) + case 0x60: + case 0x61: + case 0x62: + case 0x63: + case 0x64: + case 0x65: + case 0x66: + case 0x67: + case 0x68: + case 0x69: + case 0x6a: + case 0x6b: + case 0x6c: + case 0x6d: + case 0x6e: + case 0x6f: + case 0x70: + case 0x71: + case 0x72: + case 0x73: + case 0x74: + case 0x75: + case 0x76: + case 0x77: + { + const auto len = static_cast<size_t>(v[current_idx] - 0x60); + const size_t offset = current_idx + 1; + idx += len; // skip content bytes + check_length(v.size(), len, offset); + return std::string(reinterpret_cast<const char*>(v.data()) + offset, len); + } + + case 0x78: // UTF-8 string (one-byte uint8_t for n follows) + { + const auto len = static_cast<size_t>(get_from_vector<uint8_t>(v, current_idx)); + const size_t offset = current_idx + 2; + idx += len + 1; // skip size byte + content bytes + check_length(v.size(), len, offset); + return std::string(reinterpret_cast<const char*>(v.data()) + offset, len); + } + + case 0x79: // UTF-8 string (two-byte uint16_t for n follow) + { + const auto len = static_cast<size_t>(get_from_vector<uint16_t>(v, current_idx)); + const size_t offset = current_idx + 3; + idx += len + 2; // skip 2 size bytes + content bytes + check_length(v.size(), len, offset); + return std::string(reinterpret_cast<const char*>(v.data()) + offset, len); + } + + case 0x7a: // UTF-8 string (four-byte uint32_t for n follow) + { + const auto len = static_cast<size_t>(get_from_vector<uint32_t>(v, current_idx)); + const size_t offset = current_idx + 5; + idx += len + 4; // skip 4 size bytes + content bytes + check_length(v.size(), len, offset); + return std::string(reinterpret_cast<const char*>(v.data()) + offset, len); + } + + case 0x7b: // UTF-8 string (eight-byte uint64_t for n follow) + { + const auto len = static_cast<size_t>(get_from_vector<uint64_t>(v, current_idx)); + const size_t offset = current_idx + 9; + idx += len + 8; // skip 8 size bytes + content bytes + check_length(v.size(), len, offset); + return std::string(reinterpret_cast<const char*>(v.data()) + offset, len); + } + + case 0x7f: // UTF-8 string (indefinite length) + { + std::string result; + while (v.at(idx) != 0xff) + { + string_t s = from_cbor_internal(v, idx); + result += s; + } + // skip break byte (0xFF) + idx += 1; + return result; + } + + // array (0x00..0x17 data items follow) + case 0x80: + case 0x81: + case 0x82: + case 0x83: + case 0x84: + case 0x85: + case 0x86: + case 0x87: + case 0x88: + case 0x89: + case 0x8a: + case 0x8b: + case 0x8c: + case 0x8d: + case 0x8e: + case 0x8f: + case 0x90: + case 0x91: + case 0x92: + case 0x93: + case 0x94: + case 0x95: + case 0x96: + case 0x97: + { + basic_json result = value_t::array; + const auto len = static_cast<size_t>(v[current_idx] - 0x80); + for (size_t i = 0; i < len; ++i) + { + result.push_back(from_cbor_internal(v, idx)); + } + return result; + } + + case 0x98: // array (one-byte uint8_t for n follows) + { + basic_json result = value_t::array; + const auto len = static_cast<size_t>(get_from_vector<uint8_t>(v, current_idx)); + idx += 1; // skip 1 size byte + for (size_t i = 0; i < len; ++i) + { + result.push_back(from_cbor_internal(v, idx)); + } + return result; + } + + case 0x99: // array (two-byte uint16_t for n follow) + { + basic_json result = value_t::array; + const auto len = static_cast<size_t>(get_from_vector<uint16_t>(v, current_idx)); + idx += 2; // skip 4 size bytes + for (size_t i = 0; i < len; ++i) + { + result.push_back(from_cbor_internal(v, idx)); + } + return result; + } + + case 0x9a: // array (four-byte uint32_t for n follow) + { + basic_json result = value_t::array; + const auto len = static_cast<size_t>(get_from_vector<uint32_t>(v, current_idx)); + idx += 4; // skip 4 size bytes + for (size_t i = 0; i < len; ++i) + { + result.push_back(from_cbor_internal(v, idx)); + } + return result; + } + + case 0x9b: // array (eight-byte uint64_t for n follow) + { + basic_json result = value_t::array; + const auto len = static_cast<size_t>(get_from_vector<uint64_t>(v, current_idx)); + idx += 8; // skip 8 size bytes + for (size_t i = 0; i < len; ++i) + { + result.push_back(from_cbor_internal(v, idx)); + } + return result; + } + + case 0x9f: // array (indefinite length) + { + basic_json result = value_t::array; + while (v.at(idx) != 0xff) + { + result.push_back(from_cbor_internal(v, idx)); + } + // skip break byte (0xFF) + idx += 1; + return result; + } + + // map (0x00..0x17 pairs of data items follow) + case 0xa0: + case 0xa1: + case 0xa2: + case 0xa3: + case 0xa4: + case 0xa5: + case 0xa6: + case 0xa7: + case 0xa8: + case 0xa9: + case 0xaa: + case 0xab: + case 0xac: + case 0xad: + case 0xae: + case 0xaf: + case 0xb0: + case 0xb1: + case 0xb2: + case 0xb3: + case 0xb4: + case 0xb5: + case 0xb6: + case 0xb7: + { + basic_json result = value_t::object; + const auto len = static_cast<size_t>(v[current_idx] - 0xa0); + for (size_t i = 0; i < len; ++i) + { + std::string key = from_cbor_internal(v, idx); + result[key] = from_cbor_internal(v, idx); + } + return result; + } + + case 0xb8: // map (one-byte uint8_t for n follows) + { + basic_json result = value_t::object; + const auto len = static_cast<size_t>(get_from_vector<uint8_t>(v, current_idx)); + idx += 1; // skip 1 size byte + for (size_t i = 0; i < len; ++i) + { + std::string key = from_cbor_internal(v, idx); + result[key] = from_cbor_internal(v, idx); + } + return result; + } + + case 0xb9: // map (two-byte uint16_t for n follow) + { + basic_json result = value_t::object; + const auto len = static_cast<size_t>(get_from_vector<uint16_t>(v, current_idx)); + idx += 2; // skip 2 size bytes + for (size_t i = 0; i < len; ++i) + { + std::string key = from_cbor_internal(v, idx); + result[key] = from_cbor_internal(v, idx); + } + return result; + } + + case 0xba: // map (four-byte uint32_t for n follow) + { + basic_json result = value_t::object; + const auto len = static_cast<size_t>(get_from_vector<uint32_t>(v, current_idx)); + idx += 4; // skip 4 size bytes + for (size_t i = 0; i < len; ++i) + { + std::string key = from_cbor_internal(v, idx); + result[key] = from_cbor_internal(v, idx); + } + return result; + } + + case 0xbb: // map (eight-byte uint64_t for n follow) + { + basic_json result = value_t::object; + const auto len = static_cast<size_t>(get_from_vector<uint64_t>(v, current_idx)); + idx += 8; // skip 8 size bytes + for (size_t i = 0; i < len; ++i) + { + std::string key = from_cbor_internal(v, idx); + result[key] = from_cbor_internal(v, idx); + } + return result; + } + + case 0xbf: // map (indefinite length) + { + basic_json result = value_t::object; + while (v.at(idx) != 0xff) + { + std::string key = from_cbor_internal(v, idx); + result[key] = from_cbor_internal(v, idx); + } + // skip break byte (0xFF) + idx += 1; + return result; + } + + case 0xf4: // false + { + return false; + } + + case 0xf5: // true + { + return true; + } + + case 0xf6: // null + { + return value_t::null; + } + + case 0xf9: // Half-Precision Float (two-byte IEEE 754) + { + check_length(v.size(), 2, 1); + idx += 2; // skip two content bytes + + // code from RFC 7049, Appendix D, Figure 3: + // As half-precision floating-point numbers were only added to + // IEEE 754 in 2008, today's programming platforms often still + // only have limited support for them. It is very easy to + // include at least decoding support for them even without such + // support. An example of a small decoder for half-precision + // floating-point numbers in the C language is shown in Fig. 3. + const int half = (v[current_idx + 1] << 8) + v[current_idx + 2]; + const int exp = (half >> 10) & 0x1f; + const int mant = half & 0x3ff; + double val; + if (exp == 0) + { + val = std::ldexp(mant, -24); + } + else if (exp != 31) + { + val = std::ldexp(mant + 1024, exp - 25); + } + else + { + val = mant == 0 ? INFINITY : NAN; + } + return half & 0x8000 ? -val : val; + } + + case 0xfa: // Single-Precision Float (four-byte IEEE 754) + { + // copy bytes in reverse order into the float variable + check_length(v.size(), sizeof(float), 1); + float res; + for (size_t byte = 0; byte < sizeof(float); ++byte) + { + reinterpret_cast<uint8_t*>(&res)[sizeof(float) - byte - 1] = v[current_idx + 1 + byte]; + } + idx += sizeof(float); // skip content bytes + return res; + } + + case 0xfb: // Double-Precision Float (eight-byte IEEE 754) + { + check_length(v.size(), sizeof(double), 1); + // copy bytes in reverse order into the double variable + double res; + for (size_t byte = 0; byte < sizeof(double); ++byte) + { + reinterpret_cast<uint8_t*>(&res)[sizeof(double) - byte - 1] = v[current_idx + 1 + byte]; + } + idx += sizeof(double); // skip content bytes + return res; + } + + default: // anything else (0xFF is handled inside the other types) + { + throw std::invalid_argument("error parsing a CBOR @ " + std::to_string(current_idx) + ": " + std::to_string(static_cast<int>(v[current_idx]))); + } + } + } + + public: + /*! + @brief create a MessagePack serialization of a given JSON value + + Serializes a given JSON value @a j to a byte vector using the MessagePack + serialization format. MessagePack is a binary serialization format which + aims to be more compact than JSON itself, yet more efficient to parse. + + @param[in] j JSON value to serialize + @return MessagePack serialization as byte vector + + @complexity Linear in the size of the JSON value @a j. + + @liveexample{The example shows the serialization of a JSON value to a byte + vector in MessagePack format.,to_msgpack} + + @sa http://msgpack.org + @sa @ref from_msgpack(const std::vector<uint8_t>&) for the analogous + deserialization + @sa @ref to_cbor(const basic_json& for the related CBOR format + */ + static std::vector<uint8_t> to_msgpack(const basic_json& j) + { + std::vector<uint8_t> result; + to_msgpack_internal(j, result); + return result; + } + + /*! + @brief create a JSON value from a byte vector in MessagePack format + + Deserializes a given byte vector @a v to a JSON value using the MessagePack + serialization format. + + @param[in] v a byte vector in MessagePack format + @return deserialized JSON value + + @throw std::invalid_argument if unsupported features from MessagePack were + used in the given vector @a v or if the input is not valid MessagePack + @throw std::out_of_range if the given vector ends prematurely + + @complexity Linear in the size of the byte vector @a v. + + @liveexample{The example shows the deserialization of a byte vector in + MessagePack format to a JSON value.,from_msgpack} + + @sa http://msgpack.org + @sa @ref to_msgpack(const basic_json&) for the analogous serialization + @sa @ref from_cbor(const std::vector<uint8_t>&) for the related CBOR format + */ + static basic_json from_msgpack(const std::vector<uint8_t>& v) + { + size_t i = 0; + return from_msgpack_internal(v, i); + } + + /*! + @brief create a MessagePack serialization of a given JSON value + + Serializes a given JSON value @a j to a byte vector using the CBOR (Concise + Binary Object Representation) serialization format. CBOR is a binary + serialization format which aims to be more compact than JSON itself, yet + more efficient to parse. + + @param[in] j JSON value to serialize + @return MessagePack serialization as byte vector + + @complexity Linear in the size of the JSON value @a j. + + @liveexample{The example shows the serialization of a JSON value to a byte + vector in CBOR format.,to_cbor} + + @sa http://cbor.io + @sa @ref from_cbor(const std::vector<uint8_t>&) for the analogous + deserialization + @sa @ref to_msgpack(const basic_json& for the related MessagePack format + */ + static std::vector<uint8_t> to_cbor(const basic_json& j) + { + std::vector<uint8_t> result; + to_cbor_internal(j, result); + return result; + } + + /*! + @brief create a JSON value from a byte vector in CBOR format + + Deserializes a given byte vector @a v to a JSON value using the CBOR + (Concise Binary Object Representation) serialization format. + + @param[in] v a byte vector in CBOR format + @return deserialized JSON value + + @throw std::invalid_argument if unsupported features from CBOR were used in + the given vector @a v or if the input is not valid MessagePack + @throw std::out_of_range if the given vector ends prematurely + + @complexity Linear in the size of the byte vector @a v. + + @liveexample{The example shows the deserialization of a byte vector in CBOR + format to a JSON value.,from_cbor} + + @sa http://cbor.io + @sa @ref to_cbor(const basic_json&) for the analogous serialization + @sa @ref from_msgpack(const std::vector<uint8_t>&) for the related + MessagePack format + */ + static basic_json from_cbor(const std::vector<uint8_t>& v) + { + size_t i = 0; + return from_cbor_internal(v, i); + } + + /// @} private: /////////////////////////// @@ -6044,7 +7739,7 @@ class basic_json Returns the type name as string to be used in error messages - usually to indicate that a function was called on a wrong JSON type. - @return basically a string representation of a the @ref m_type member + @return basically a string representation of a the @a m_type member @complexity Constant. @@ -6584,43 +8279,53 @@ class basic_json public: /*! - @brief a const random access iterator for the @ref basic_json class + @brief a template for a random access iterator for the @ref basic_json class - This class implements a const iterator for the @ref basic_json class. From - this class, the @ref iterator class is derived. + This class implements a both iterators (iterator and const_iterator) for the + @ref basic_json class. @note An iterator is called *initialized* when a pointer to a JSON value has been set (e.g., by a constructor or a copy assignment). If the iterator is default-constructed, it is *uninitialized* and most - methods are undefined. The library uses assertions to detect calls - on uninitialized iterators. + methods are undefined. **The library uses assertions to detect calls + on uninitialized iterators.** @requirement The class satisfies the following concept requirements: - [RandomAccessIterator](http://en.cppreference.com/w/cpp/concept/RandomAccessIterator): The iterator that can be moved to point (forward and backward) to any element in constant time. - @since version 1.0.0 + @since version 1.0.0, simplified in version 2.0.9 */ - class const_iterator : public std::iterator<std::random_access_iterator_tag, const basic_json> + template<typename U> + class iter_impl : public std::iterator<std::random_access_iterator_tag, U> { /// allow basic_json to access private members friend class basic_json; + // make sure U is basic_json or const basic_json + static_assert(std::is_same<U, basic_json>::value + or std::is_same<U, const basic_json>::value, + "iter_impl only accepts (const) basic_json"); + public: /// the type of the values when the iterator is dereferenced using value_type = typename basic_json::value_type; /// a type to represent differences between iterators using difference_type = typename basic_json::difference_type; /// defines a pointer to the type iterated over (value_type) - using pointer = typename basic_json::const_pointer; + using pointer = typename std::conditional<std::is_const<U>::value, + typename basic_json::const_pointer, + typename basic_json::pointer>::type; /// defines a reference to the type iterated over (value_type) - using reference = typename basic_json::const_reference; + using reference = typename std::conditional<std::is_const<U>::value, + typename basic_json::const_reference, + typename basic_json::reference>::type; /// the category of the iterator using iterator_category = std::bidirectional_iterator_tag; /// default constructor - const_iterator() = default; + iter_impl() = default; /*! @brief constructor for a given JSON instance @@ -6628,7 +8333,7 @@ class basic_json @pre object != nullptr @post The iterator is initialized; i.e. `m_object != nullptr`. */ - explicit const_iterator(pointer object) noexcept + explicit iter_impl(pointer object) noexcept : m_object(object) { assert(m_object != nullptr); @@ -6655,37 +8360,25 @@ class basic_json } } - /*! - @brief copy constructor given a non-const iterator - @param[in] other iterator to copy from - @note It is not checked whether @a other is initialized. + /* + Use operator `const_iterator` instead of `const_iterator(const iterator& + other) noexcept` to avoid two class definitions for @ref iterator and + @ref const_iterator. + + This function is only called if this class is an @ref iterator. If this + class is a @ref const_iterator this function is not called. */ - explicit const_iterator(const iterator& other) noexcept - : m_object(other.m_object) + operator const_iterator() const { - if (m_object != nullptr) - { - switch (m_object->m_type) - { - case basic_json::value_t::object: - { - m_it.object_iterator = other.m_it.object_iterator; - break; - } + const_iterator ret; - case basic_json::value_t::array: - { - m_it.array_iterator = other.m_it.array_iterator; - break; - } - - default: - { - m_it.primitive_iterator = other.m_it.primitive_iterator; - break; - } - } + if (m_object) + { + ret.m_object = m_object; + ret.m_it = m_it; } + + return ret; } /*! @@ -6693,7 +8386,7 @@ class basic_json @param[in] other iterator to copy from @note It is not checked whether @a other is initialized. */ - const_iterator(const const_iterator& other) noexcept + iter_impl(const iter_impl& other) noexcept : m_object(other.m_object), m_it(other.m_it) {} @@ -6702,7 +8395,7 @@ class basic_json @param[in,out] other iterator to copy from @note It is not checked whether @a other is initialized. */ - const_iterator& operator=(const_iterator other) noexcept( + iter_impl& operator=(iter_impl other) noexcept( std::is_nothrow_move_constructible<pointer>::value and std::is_nothrow_move_assignable<pointer>::value and std::is_nothrow_move_constructible<internal_iterator>::value and @@ -6864,7 +8557,7 @@ class basic_json @brief post-increment (it++) @pre The iterator is initialized; i.e. `m_object != nullptr`. */ - const_iterator operator++(int) + iter_impl operator++(int) { auto result = *this; ++(*this); @@ -6875,7 +8568,7 @@ class basic_json @brief pre-increment (++it) @pre The iterator is initialized; i.e. `m_object != nullptr`. */ - const_iterator& operator++() + iter_impl& operator++() { assert(m_object != nullptr); @@ -6907,7 +8600,7 @@ class basic_json @brief post-decrement (it--) @pre The iterator is initialized; i.e. `m_object != nullptr`. */ - const_iterator operator--(int) + iter_impl operator--(int) { auto result = *this; --(*this); @@ -6918,7 +8611,7 @@ class basic_json @brief pre-decrement (--it) @pre The iterator is initialized; i.e. `m_object != nullptr`. */ - const_iterator& operator--() + iter_impl& operator--() { assert(m_object != nullptr); @@ -6950,7 +8643,7 @@ class basic_json @brief comparison: equal @pre The iterator is initialized; i.e. `m_object != nullptr`. */ - bool operator==(const const_iterator& other) const + bool operator==(const iter_impl& other) const { // if objects are not the same, the comparison is undefined if (m_object != other.m_object) @@ -6983,7 +8676,7 @@ class basic_json @brief comparison: not equal @pre The iterator is initialized; i.e. `m_object != nullptr`. */ - bool operator!=(const const_iterator& other) const + bool operator!=(const iter_impl& other) const { return not operator==(other); } @@ -6992,7 +8685,7 @@ class basic_json @brief comparison: smaller @pre The iterator is initialized; i.e. `m_object != nullptr`. */ - bool operator<(const const_iterator& other) const + bool operator<(const iter_impl& other) const { // if objects are not the same, the comparison is undefined if (m_object != other.m_object) @@ -7025,7 +8718,7 @@ class basic_json @brief comparison: less than or equal @pre The iterator is initialized; i.e. `m_object != nullptr`. */ - bool operator<=(const const_iterator& other) const + bool operator<=(const iter_impl& other) const { return not other.operator < (*this); } @@ -7034,7 +8727,7 @@ class basic_json @brief comparison: greater than @pre The iterator is initialized; i.e. `m_object != nullptr`. */ - bool operator>(const const_iterator& other) const + bool operator>(const iter_impl& other) const { return not operator<=(other); } @@ -7043,7 +8736,7 @@ class basic_json @brief comparison: greater than or equal @pre The iterator is initialized; i.e. `m_object != nullptr`. */ - bool operator>=(const const_iterator& other) const + bool operator>=(const iter_impl& other) const { return not operator<(other); } @@ -7052,7 +8745,7 @@ class basic_json @brief add to iterator @pre The iterator is initialized; i.e. `m_object != nullptr`. */ - const_iterator& operator+=(difference_type i) + iter_impl& operator+=(difference_type i) { assert(m_object != nullptr); @@ -7083,7 +8776,7 @@ class basic_json @brief subtract from iterator @pre The iterator is initialized; i.e. `m_object != nullptr`. */ - const_iterator& operator-=(difference_type i) + iter_impl& operator-=(difference_type i) { return operator+=(-i); } @@ -7092,7 +8785,7 @@ class basic_json @brief add to iterator @pre The iterator is initialized; i.e. `m_object != nullptr`. */ - const_iterator operator+(difference_type i) + iter_impl operator+(difference_type i) { auto result = *this; result += i; @@ -7103,7 +8796,7 @@ class basic_json @brief subtract from iterator @pre The iterator is initialized; i.e. `m_object != nullptr`. */ - const_iterator operator-(difference_type i) + iter_impl operator-(difference_type i) { auto result = *this; result -= i; @@ -7114,7 +8807,7 @@ class basic_json @brief return difference @pre The iterator is initialized; i.e. `m_object != nullptr`. */ - difference_type operator-(const const_iterator& other) const + difference_type operator-(const iter_impl& other) const { assert(m_object != nullptr); @@ -7211,141 +8904,6 @@ class basic_json }; /*! - @brief a mutable random access iterator for the @ref basic_json class - - @requirement The class satisfies the following concept requirements: - - [RandomAccessIterator](http://en.cppreference.com/w/cpp/concept/RandomAccessIterator): - The iterator that can be moved to point (forward and backward) to any - element in constant time. - - [OutputIterator](http://en.cppreference.com/w/cpp/concept/OutputIterator): - It is possible to write to the pointed-to element. - - @since version 1.0.0 - */ - class iterator : public const_iterator - { - public: - using base_iterator = const_iterator; - using pointer = typename basic_json::pointer; - using reference = typename basic_json::reference; - - /// default constructor - iterator() = default; - - /// constructor for a given JSON instance - explicit iterator(pointer object) noexcept - : base_iterator(object) - {} - - /// copy constructor - iterator(const iterator& other) noexcept - : base_iterator(other) - {} - - /// copy assignment - iterator& operator=(iterator other) noexcept( - std::is_nothrow_move_constructible<pointer>::value and - std::is_nothrow_move_assignable<pointer>::value and - std::is_nothrow_move_constructible<internal_iterator>::value and - std::is_nothrow_move_assignable<internal_iterator>::value - ) - { - base_iterator::operator=(other); - return *this; - } - - /// return a reference to the value pointed to by the iterator - reference operator*() const - { - return const_cast<reference>(base_iterator::operator*()); - } - - /// dereference the iterator - pointer operator->() const - { - return const_cast<pointer>(base_iterator::operator->()); - } - - /// post-increment (it++) - iterator operator++(int) - { - iterator result = *this; - base_iterator::operator++(); - return result; - } - - /// pre-increment (++it) - iterator& operator++() - { - base_iterator::operator++(); - return *this; - } - - /// post-decrement (it--) - iterator operator--(int) - { - iterator result = *this; - base_iterator::operator--(); - return result; - } - - /// pre-decrement (--it) - iterator& operator--() - { - base_iterator::operator--(); - return *this; - } - - /// add to iterator - iterator& operator+=(difference_type i) - { - base_iterator::operator+=(i); - return *this; - } - - /// subtract from iterator - iterator& operator-=(difference_type i) - { - base_iterator::operator-=(i); - return *this; - } - - /// add to iterator - iterator operator+(difference_type i) - { - auto result = *this; - result += i; - return result; - } - - /// subtract from iterator - iterator operator-(difference_type i) - { - auto result = *this; - result -= i; - return result; - } - - /// return difference - difference_type operator-(const iterator& other) const - { - return base_iterator::operator-(other); - } - - /// access to successor - reference operator[](difference_type n) const - { - return const_cast<reference>(base_iterator::operator[](n)); - } - - /// return the value of an iterator - reference value() const - { - return const_cast<reference>(base_iterator::value()); - } - }; - - /*! @brief a template for a reverse iterator class @tparam Base the base iterator type to reverse. Valid types are @ref @@ -7495,32 +9053,39 @@ class basic_json /// the char type to use in the lexer using lexer_char_t = unsigned char; - /// constructor with a given buffer - explicit lexer(const string_t& s) noexcept - : m_stream(nullptr), m_buffer(s) + /// a lexer from a buffer with given length + lexer(const lexer_char_t* buff, const size_t len) noexcept + : m_content(buff) { - m_content = reinterpret_cast<const lexer_char_t*>(m_buffer.c_str()); assert(m_content != nullptr); m_start = m_cursor = m_content; - m_limit = m_content + s.size(); + m_limit = m_content + len; } - /// constructor with a given stream - explicit lexer(std::istream* s) noexcept - : m_stream(s), m_buffer() + /// a lexer from an input stream + explicit lexer(std::istream& s) + : m_stream(&s), m_line_buffer() { - assert(m_stream != nullptr); - std::getline(*m_stream, m_buffer); - m_content = reinterpret_cast<const lexer_char_t*>(m_buffer.c_str()); - assert(m_content != nullptr); - m_start = m_cursor = m_content; - m_limit = m_content + m_buffer.size(); - } + // immediately abort if stream is erroneous + if (s.fail()) + { + throw std::invalid_argument("stream error"); + } - /// default constructor - lexer() = default; + // fill buffer + fill_line_buffer(); + + // skip UTF-8 byte-order mark + if (m_line_buffer.size() >= 3 and m_line_buffer.substr(0, 3) == "\xEF\xBB\xBF") + { + m_line_buffer[0] = ' '; + m_line_buffer[1] = ' '; + m_line_buffer[2] = ' '; + } + } - // switch off unwanted functions + // switch off unwanted functions (due to pointer members) + lexer() = delete; lexer(const lexer&) = delete; lexer operator=(const lexer&) = delete; @@ -7673,7 +9238,7 @@ class basic_json infinite sequence of whitespace or byte-order-marks. This contradicts the assumption of finite input, q.e.d. */ - token_type scan() noexcept + token_type scan() { while (true) { @@ -7706,33 +9271,33 @@ class basic_json 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, - 128, 128, 128, 128, 128, 128, 128, 128, - 128, 128, 128, 128, 128, 128, 128, 128, - 128, 128, 128, 128, 128, 128, 128, 128, - 128, 128, 128, 128, 128, 128, 128, 128, - 128, 128, 128, 128, 128, 128, 128, 128, - 128, 128, 128, 128, 128, 128, 128, 128, - 128, 128, 128, 128, 128, 128, 128, 128, - 128, 128, 128, 128, 128, 128, 128, 128, - 128, 128, 128, 128, 128, 128, 128, 128, - 128, 128, 128, 128, 128, 128, 128, 128, - 128, 128, 128, 128, 128, 128, 128, 128, - 128, 128, 128, 128, 128, 128, 128, 128, - 128, 128, 128, 128, 128, 128, 128, 128, - 128, 128, 128, 128, 128, 128, 128, 128, - 128, 128, 128, 128, 128, 128, 128, 128, - 128, 128, 128, 128, 128, 128, 128, 128, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, }; if ((m_limit - m_cursor) < 5) { - yyfill(); // LCOV_EXCL_LINE; + fill_line_buffer(5); // LCOV_EXCL_LINE } yych = *m_cursor; if (yybm[0 + yych] & 32) { goto basic_json_parser_6; } - if (yych <= '\\') + if (yych <= '[') { if (yych <= '-') { @@ -7781,62 +9346,58 @@ class basic_json { goto basic_json_parser_17; } - if (yych == '[') + if (yych <= 'Z') { - goto basic_json_parser_19; + goto basic_json_parser_4; } - goto basic_json_parser_4; + goto basic_json_parser_19; } } } else { - if (yych <= 't') + if (yych <= 'n') { - if (yych <= 'f') + if (yych <= 'e') { - if (yych <= ']') + if (yych == ']') { goto basic_json_parser_21; } - if (yych <= 'e') - { - goto basic_json_parser_4; - } - goto basic_json_parser_23; + goto basic_json_parser_4; } else { - if (yych == 'n') + if (yych <= 'f') { - goto basic_json_parser_24; + goto basic_json_parser_23; } - if (yych <= 's') + if (yych <= 'm') { goto basic_json_parser_4; } - goto basic_json_parser_25; + goto basic_json_parser_24; } } else { - if (yych <= '|') + if (yych <= 'z') { - if (yych == '{') + if (yych == 't') { - goto basic_json_parser_26; + goto basic_json_parser_25; } goto basic_json_parser_4; } else { - if (yych <= '}') + if (yych <= '{') { - goto basic_json_parser_28; + goto basic_json_parser_26; } - if (yych == 0xEF) + if (yych == '}') { - goto basic_json_parser_30; + goto basic_json_parser_28; } goto basic_json_parser_4; } @@ -7859,7 +9420,7 @@ basic_json_parser_6: ++m_cursor; if (m_limit <= m_cursor) { - yyfill(); // LCOV_EXCL_LINE; + fill_line_buffer(1); // LCOV_EXCL_LINE } yych = *m_cursor; if (yybm[0 + yych] & 32) @@ -7876,7 +9437,19 @@ basic_json_parser_9: { goto basic_json_parser_5; } - goto basic_json_parser_32; + if (yych <= 0x7F) + { + goto basic_json_parser_31; + } + if (yych <= 0xC1) + { + goto basic_json_parser_5; + } + if (yych <= 0xF4) + { + goto basic_json_parser_31; + } + goto basic_json_parser_5; basic_json_parser_10: ++m_cursor; { @@ -7905,18 +9478,18 @@ basic_json_parser_13: { if (yych == '.') { - goto basic_json_parser_37; + goto basic_json_parser_43; } } else { if (yych <= 'E') { - goto basic_json_parser_38; + goto basic_json_parser_44; } if (yych == 'e') { - goto basic_json_parser_38; + goto basic_json_parser_44; } } basic_json_parser_14: @@ -7929,7 +9502,7 @@ basic_json_parser_15: m_marker = ++m_cursor; if ((m_limit - m_cursor) < 3) { - yyfill(); // LCOV_EXCL_LINE; + fill_line_buffer(3); // LCOV_EXCL_LINE } yych = *m_cursor; if (yybm[0 + yych] & 64) @@ -7940,7 +9513,7 @@ basic_json_parser_15: { if (yych == '.') { - goto basic_json_parser_37; + goto basic_json_parser_43; } goto basic_json_parser_14; } @@ -7948,11 +9521,11 @@ basic_json_parser_15: { if (yych <= 'E') { - goto basic_json_parser_38; + goto basic_json_parser_44; } if (yych == 'e') { - goto basic_json_parser_38; + goto basic_json_parser_44; } goto basic_json_parser_14; } @@ -7979,7 +9552,7 @@ basic_json_parser_23: yych = *(m_marker = ++m_cursor); if (yych == 'a') { - goto basic_json_parser_39; + goto basic_json_parser_45; } goto basic_json_parser_5; basic_json_parser_24: @@ -7987,7 +9560,7 @@ basic_json_parser_24: yych = *(m_marker = ++m_cursor); if (yych == 'u') { - goto basic_json_parser_40; + goto basic_json_parser_46; } goto basic_json_parser_5; basic_json_parser_25: @@ -7995,7 +9568,7 @@ basic_json_parser_25: yych = *(m_marker = ++m_cursor); if (yych == 'r') { - goto basic_json_parser_41; + goto basic_json_parser_47; } goto basic_json_parser_5; basic_json_parser_26: @@ -8011,35 +9584,71 @@ basic_json_parser_28: break; } basic_json_parser_30: - yyaccept = 0; - yych = *(m_marker = ++m_cursor); - if (yych == 0xBB) - { - goto basic_json_parser_42; - } - goto basic_json_parser_5; -basic_json_parser_31: ++m_cursor; if (m_limit <= m_cursor) { - yyfill(); // LCOV_EXCL_LINE; + fill_line_buffer(1); // LCOV_EXCL_LINE } yych = *m_cursor; -basic_json_parser_32: +basic_json_parser_31: if (yybm[0 + yych] & 128) { - goto basic_json_parser_31; + goto basic_json_parser_30; } - if (yych <= 0x1F) + if (yych <= 0xE0) { - goto basic_json_parser_33; + if (yych <= '\\') + { + if (yych <= 0x1F) + { + goto basic_json_parser_32; + } + if (yych <= '"') + { + goto basic_json_parser_33; + } + goto basic_json_parser_35; + } + else + { + if (yych <= 0xC1) + { + goto basic_json_parser_32; + } + if (yych <= 0xDF) + { + goto basic_json_parser_36; + } + goto basic_json_parser_37; + } } - if (yych <= '"') + else { - goto basic_json_parser_34; + if (yych <= 0xEF) + { + if (yych == 0xED) + { + goto basic_json_parser_39; + } + goto basic_json_parser_38; + } + else + { + if (yych <= 0xF0) + { + goto basic_json_parser_40; + } + if (yych <= 0xF3) + { + goto basic_json_parser_41; + } + if (yych <= 0xF4) + { + goto basic_json_parser_42; + } + } } - goto basic_json_parser_36; -basic_json_parser_33: +basic_json_parser_32: m_cursor = m_marker; if (yyaccept == 0) { @@ -8049,17 +9658,17 @@ basic_json_parser_33: { goto basic_json_parser_14; } -basic_json_parser_34: +basic_json_parser_33: ++m_cursor; { last_token_type = token_type::value_string; break; } -basic_json_parser_36: +basic_json_parser_35: ++m_cursor; if (m_limit <= m_cursor) { - yyfill(); // LCOV_EXCL_LINE; + fill_line_buffer(1); // LCOV_EXCL_LINE } yych = *m_cursor; if (yych <= 'e') @@ -8068,13 +9677,13 @@ basic_json_parser_36: { if (yych == '"') { - goto basic_json_parser_31; + goto basic_json_parser_30; } if (yych <= '.') { - goto basic_json_parser_33; + goto basic_json_parser_32; } - goto basic_json_parser_31; + goto basic_json_parser_30; } else { @@ -8082,17 +9691,17 @@ basic_json_parser_36: { if (yych <= '[') { - goto basic_json_parser_33; + goto basic_json_parser_32; } - goto basic_json_parser_31; + goto basic_json_parser_30; } else { if (yych == 'b') { - goto basic_json_parser_31; + goto basic_json_parser_30; } - goto basic_json_parser_33; + goto basic_json_parser_32; } } } @@ -8102,13 +9711,13 @@ basic_json_parser_36: { if (yych <= 'f') { - goto basic_json_parser_31; + goto basic_json_parser_30; } if (yych == 'n') { - goto basic_json_parser_31; + goto basic_json_parser_30; } - goto basic_json_parser_33; + goto basic_json_parser_32; } else { @@ -8116,130 +9725,235 @@ basic_json_parser_36: { if (yych <= 'r') { - goto basic_json_parser_31; + goto basic_json_parser_30; } - goto basic_json_parser_33; + goto basic_json_parser_32; } else { if (yych <= 't') { - goto basic_json_parser_31; + goto basic_json_parser_30; } if (yych <= 'u') { - goto basic_json_parser_43; + goto basic_json_parser_48; } - goto basic_json_parser_33; + goto basic_json_parser_32; } } } +basic_json_parser_36: + ++m_cursor; + if (m_limit <= m_cursor) + { + fill_line_buffer(1); // LCOV_EXCL_LINE + } + yych = *m_cursor; + if (yych <= 0x7F) + { + goto basic_json_parser_32; + } + if (yych <= 0xBF) + { + goto basic_json_parser_30; + } + goto basic_json_parser_32; basic_json_parser_37: + ++m_cursor; + if (m_limit <= m_cursor) + { + fill_line_buffer(1); // LCOV_EXCL_LINE + } + yych = *m_cursor; + if (yych <= 0x9F) + { + goto basic_json_parser_32; + } + if (yych <= 0xBF) + { + goto basic_json_parser_36; + } + goto basic_json_parser_32; +basic_json_parser_38: + ++m_cursor; + if (m_limit <= m_cursor) + { + fill_line_buffer(1); // LCOV_EXCL_LINE + } + yych = *m_cursor; + if (yych <= 0x7F) + { + goto basic_json_parser_32; + } + if (yych <= 0xBF) + { + goto basic_json_parser_36; + } + goto basic_json_parser_32; +basic_json_parser_39: + ++m_cursor; + if (m_limit <= m_cursor) + { + fill_line_buffer(1); // LCOV_EXCL_LINE + } + yych = *m_cursor; + if (yych <= 0x7F) + { + goto basic_json_parser_32; + } + if (yych <= 0x9F) + { + goto basic_json_parser_36; + } + goto basic_json_parser_32; +basic_json_parser_40: + ++m_cursor; + if (m_limit <= m_cursor) + { + fill_line_buffer(1); // LCOV_EXCL_LINE + } + yych = *m_cursor; + if (yych <= 0x8F) + { + goto basic_json_parser_32; + } + if (yych <= 0xBF) + { + goto basic_json_parser_38; + } + goto basic_json_parser_32; +basic_json_parser_41: + ++m_cursor; + if (m_limit <= m_cursor) + { + fill_line_buffer(1); // LCOV_EXCL_LINE + } + yych = *m_cursor; + if (yych <= 0x7F) + { + goto basic_json_parser_32; + } + if (yych <= 0xBF) + { + goto basic_json_parser_38; + } + goto basic_json_parser_32; +basic_json_parser_42: + ++m_cursor; + if (m_limit <= m_cursor) + { + fill_line_buffer(1); // LCOV_EXCL_LINE + } + yych = *m_cursor; + if (yych <= 0x7F) + { + goto basic_json_parser_32; + } + if (yych <= 0x8F) + { + goto basic_json_parser_38; + } + goto basic_json_parser_32; +basic_json_parser_43: yych = *++m_cursor; if (yych <= '/') { - goto basic_json_parser_33; + goto basic_json_parser_32; } if (yych <= '9') { - goto basic_json_parser_44; + goto basic_json_parser_49; } - goto basic_json_parser_33; -basic_json_parser_38: + goto basic_json_parser_32; +basic_json_parser_44: yych = *++m_cursor; if (yych <= ',') { if (yych == '+') { - goto basic_json_parser_46; + goto basic_json_parser_51; } - goto basic_json_parser_33; + goto basic_json_parser_32; } else { if (yych <= '-') { - goto basic_json_parser_46; + goto basic_json_parser_51; } if (yych <= '/') { - goto basic_json_parser_33; + goto basic_json_parser_32; } if (yych <= '9') { - goto basic_json_parser_47; + goto basic_json_parser_52; } - goto basic_json_parser_33; + goto basic_json_parser_32; } -basic_json_parser_39: +basic_json_parser_45: yych = *++m_cursor; if (yych == 'l') { - goto basic_json_parser_49; + goto basic_json_parser_54; } - goto basic_json_parser_33; -basic_json_parser_40: + goto basic_json_parser_32; +basic_json_parser_46: yych = *++m_cursor; if (yych == 'l') { - goto basic_json_parser_50; + goto basic_json_parser_55; } - goto basic_json_parser_33; -basic_json_parser_41: + goto basic_json_parser_32; +basic_json_parser_47: yych = *++m_cursor; if (yych == 'u') { - goto basic_json_parser_51; - } - goto basic_json_parser_33; -basic_json_parser_42: - yych = *++m_cursor; - if (yych == 0xBF) - { - goto basic_json_parser_52; + goto basic_json_parser_56; } - goto basic_json_parser_33; -basic_json_parser_43: + goto basic_json_parser_32; +basic_json_parser_48: ++m_cursor; if (m_limit <= m_cursor) { - yyfill(); // LCOV_EXCL_LINE; + fill_line_buffer(1); // LCOV_EXCL_LINE } yych = *m_cursor; if (yych <= '@') { if (yych <= '/') { - goto basic_json_parser_33; + goto basic_json_parser_32; } if (yych <= '9') { - goto basic_json_parser_54; + goto basic_json_parser_57; } - goto basic_json_parser_33; + goto basic_json_parser_32; } else { if (yych <= 'F') { - goto basic_json_parser_54; + goto basic_json_parser_57; } if (yych <= '`') { - goto basic_json_parser_33; + goto basic_json_parser_32; } if (yych <= 'f') { - goto basic_json_parser_54; + goto basic_json_parser_57; } - goto basic_json_parser_33; + goto basic_json_parser_32; } -basic_json_parser_44: +basic_json_parser_49: yyaccept = 1; m_marker = ++m_cursor; if ((m_limit - m_cursor) < 3) { - yyfill(); // LCOV_EXCL_LINE; + fill_line_buffer(3); // LCOV_EXCL_LINE } yych = *m_cursor; if (yych <= 'D') @@ -8250,7 +9964,7 @@ basic_json_parser_44: } if (yych <= '9') { - goto basic_json_parser_44; + goto basic_json_parser_49; } goto basic_json_parser_14; } @@ -8258,29 +9972,29 @@ basic_json_parser_44: { if (yych <= 'E') { - goto basic_json_parser_38; + goto basic_json_parser_44; } if (yych == 'e') { - goto basic_json_parser_38; + goto basic_json_parser_44; } goto basic_json_parser_14; } -basic_json_parser_46: +basic_json_parser_51: yych = *++m_cursor; if (yych <= '/') { - goto basic_json_parser_33; + goto basic_json_parser_32; } if (yych >= ':') { - goto basic_json_parser_33; + goto basic_json_parser_32; } -basic_json_parser_47: +basic_json_parser_52: ++m_cursor; if (m_limit <= m_cursor) { - yyfill(); // LCOV_EXCL_LINE; + fill_line_buffer(1); // LCOV_EXCL_LINE } yych = *m_cursor; if (yych <= '/') @@ -8289,164 +10003,159 @@ basic_json_parser_47: } if (yych <= '9') { - goto basic_json_parser_47; + goto basic_json_parser_52; } goto basic_json_parser_14; -basic_json_parser_49: +basic_json_parser_54: yych = *++m_cursor; if (yych == 's') { - goto basic_json_parser_55; + goto basic_json_parser_58; } - goto basic_json_parser_33; -basic_json_parser_50: + goto basic_json_parser_32; +basic_json_parser_55: yych = *++m_cursor; if (yych == 'l') { - goto basic_json_parser_56; + goto basic_json_parser_59; } - goto basic_json_parser_33; -basic_json_parser_51: + goto basic_json_parser_32; +basic_json_parser_56: yych = *++m_cursor; if (yych == 'e') { - goto basic_json_parser_58; - } - goto basic_json_parser_33; -basic_json_parser_52: - ++m_cursor; - { - continue; + goto basic_json_parser_61; } -basic_json_parser_54: + goto basic_json_parser_32; +basic_json_parser_57: ++m_cursor; if (m_limit <= m_cursor) { - yyfill(); // LCOV_EXCL_LINE; + fill_line_buffer(1); // LCOV_EXCL_LINE } yych = *m_cursor; if (yych <= '@') { if (yych <= '/') { - goto basic_json_parser_33; + goto basic_json_parser_32; } if (yych <= '9') { - goto basic_json_parser_60; + goto basic_json_parser_63; } - goto basic_json_parser_33; + goto basic_json_parser_32; } else { if (yych <= 'F') { - goto basic_json_parser_60; + goto basic_json_parser_63; } if (yych <= '`') { - goto basic_json_parser_33; + goto basic_json_parser_32; } if (yych <= 'f') { - goto basic_json_parser_60; + goto basic_json_parser_63; } - goto basic_json_parser_33; + goto basic_json_parser_32; } -basic_json_parser_55: +basic_json_parser_58: yych = *++m_cursor; if (yych == 'e') { - goto basic_json_parser_61; + goto basic_json_parser_64; } - goto basic_json_parser_33; -basic_json_parser_56: + goto basic_json_parser_32; +basic_json_parser_59: ++m_cursor; { last_token_type = token_type::literal_null; break; } -basic_json_parser_58: +basic_json_parser_61: ++m_cursor; { last_token_type = token_type::literal_true; break; } -basic_json_parser_60: +basic_json_parser_63: ++m_cursor; if (m_limit <= m_cursor) { - yyfill(); // LCOV_EXCL_LINE; + fill_line_buffer(1); // LCOV_EXCL_LINE } yych = *m_cursor; if (yych <= '@') { if (yych <= '/') { - goto basic_json_parser_33; + goto basic_json_parser_32; } if (yych <= '9') { - goto basic_json_parser_63; + goto basic_json_parser_66; } - goto basic_json_parser_33; + goto basic_json_parser_32; } else { if (yych <= 'F') { - goto basic_json_parser_63; + goto basic_json_parser_66; } if (yych <= '`') { - goto basic_json_parser_33; + goto basic_json_parser_32; } if (yych <= 'f') { - goto basic_json_parser_63; + goto basic_json_parser_66; } - goto basic_json_parser_33; + goto basic_json_parser_32; } -basic_json_parser_61: +basic_json_parser_64: ++m_cursor; { last_token_type = token_type::literal_false; break; } -basic_json_parser_63: +basic_json_parser_66: ++m_cursor; if (m_limit <= m_cursor) { - yyfill(); // LCOV_EXCL_LINE; + fill_line_buffer(1); // LCOV_EXCL_LINE } yych = *m_cursor; if (yych <= '@') { if (yych <= '/') { - goto basic_json_parser_33; + goto basic_json_parser_32; } if (yych <= '9') { - goto basic_json_parser_31; + goto basic_json_parser_30; } - goto basic_json_parser_33; + goto basic_json_parser_32; } else { if (yych <= 'F') { - goto basic_json_parser_31; + goto basic_json_parser_30; } if (yych <= '`') { - goto basic_json_parser_33; + goto basic_json_parser_32; } if (yych <= 'f') { - goto basic_json_parser_31; + goto basic_json_parser_30; } - goto basic_json_parser_33; + goto basic_json_parser_32; } } @@ -8455,30 +10164,93 @@ basic_json_parser_63: return last_token_type; } - /// append data from the stream to the internal buffer - void yyfill() noexcept - { - if (m_stream == nullptr or not * m_stream) + /*! + @brief append data from the stream to the line buffer + + This function is called by the scan() function when the end of the + buffer (`m_limit`) is reached and the `m_cursor` pointer cannot be + incremented without leaving the limits of the line buffer. Note re2c + decides when to call this function. + + If the lexer reads from contiguous storage, there is no trailing null + byte. Therefore, this function must make sure to add these padding + null bytes. + + If the lexer reads from an input stream, this function reads the next + line of the input. + + @pre + p p p p p p u u u u u x . . . . . . + ^ ^ ^ ^ + m_content m_start | m_limit + m_cursor + + @post + u u u u u x x x x x x x . . . . . . + ^ ^ ^ + | m_cursor m_limit + m_start + m_content + */ + void fill_line_buffer(size_t n = 0) + { + // if line buffer is used, m_content points to its data + assert(m_line_buffer.empty() + or m_content == reinterpret_cast<const lexer_char_t*>(m_line_buffer.data())); + + // if line buffer is used, m_limit is set past the end of its data + assert(m_line_buffer.empty() + or m_limit == m_content + m_line_buffer.size()); + + // pointer relationships + assert(m_content <= m_start); + assert(m_start <= m_cursor); + assert(m_cursor <= m_limit); + assert(m_marker == nullptr or m_marker <= m_limit); + + // number of processed characters (p) + const size_t num_processed_chars = static_cast<size_t>(m_start - m_content); + // offset for m_marker wrt. to m_start + const auto offset_marker = (m_marker == nullptr) ? 0 : m_marker - m_start; + // number of unprocessed characters (u) + const auto offset_cursor = m_cursor - m_start; + + // no stream is used or end of file is reached + if (m_stream == nullptr or m_stream->eof()) { - return; - } + // m_start may or may not be pointing into m_line_buffer at + // this point. We trust the standand library to do the right + // thing. See http://stackoverflow.com/q/28142011/266378 + m_line_buffer.assign(m_start, m_limit); - const auto offset_start = m_start - m_content; - const auto offset_marker = m_marker - m_start; - const auto offset_cursor = m_cursor - m_start; + // append n characters to make sure that there is sufficient + // space between m_cursor and m_limit + m_line_buffer.append(1, '\x00'); + if (n > 0) + { + m_line_buffer.append(n - 1, '\x01'); + } + } + else + { + // delete processed characters from line buffer + m_line_buffer.erase(0, num_processed_chars); + // read next line from input stream + m_line_buffer_tmp.clear(); + std::getline(*m_stream, m_line_buffer_tmp, '\n'); - m_buffer.erase(0, static_cast<size_t>(offset_start)); - std::string line; - assert(m_stream != nullptr); - std::getline(*m_stream, line); - m_buffer += "\n" + line; // add line with newline symbol + // add line with newline symbol to the line buffer + m_line_buffer += m_line_buffer_tmp; + m_line_buffer.push_back('\n'); + } - m_content = reinterpret_cast<const lexer_char_t*>(m_buffer.c_str()); + // set pointers + m_content = reinterpret_cast<const lexer_char_t*>(m_line_buffer.data()); assert(m_content != nullptr); m_start = m_content; m_marker = m_start + offset_marker; m_cursor = m_start + offset_cursor; - m_limit = m_start + m_buffer.size() - 1; + m_limit = m_start + m_line_buffer.size(); } /// return string representation of last read token @@ -8556,9 +10328,20 @@ basic_json_parser_63: // iterate the result between the quotes for (const lexer_char_t* i = m_start + 1; i < m_cursor - 1; ++i) { - // process escaped characters - if (*i == '\\') + // find next escape character + auto e = std::find(i, m_cursor - 1, '\\'); + if (e != i) + { + // see https://github.com/nlohmann/json/issues/365#issuecomment-262874705 + for (auto k = i; k < e; k++) + { + result.push_back(static_cast<typename string_t::value_type>(*k)); + } + i = e - 1; // -1 because of ++i + } + else { + // processing escaped character // read next character ++i; @@ -8629,6 +10412,11 @@ basic_json_parser_63: // skip the next 10 characters (xxxx\uyyyy) i += 10; } + else if (codepoint >= 0xDC00 and codepoint <= 0xDFFF) + { + // we found a lone low surrogate + throw std::invalid_argument("missing high surrogate"); + } else { // add unicode character(s) @@ -8640,12 +10428,6 @@ basic_json_parser_63: } } } - else - { - // all other characters are just copied to the end of the - // string - result.append(1, static_cast<typename string_t::value_type>(*i)); - } } return result; @@ -8659,8 +10441,6 @@ basic_json_parser_63: supplied via the first parameter. Set this to @a static_cast<number_float_t*>(nullptr). - @param[in] type the @ref number_float_t in use - @param[in,out] endptr recieves a pointer to the first character after the number @@ -8679,8 +10459,6 @@ basic_json_parser_63: supplied via the first parameter. Set this to @a static_cast<number_float_t*>(nullptr). - @param[in] type the @ref number_float_t in use - @param[in,out] endptr recieves a pointer to the first character after the number @@ -8699,8 +10477,6 @@ basic_json_parser_63: supplied via the first parameter. Set this to @a static_cast<number_float_t*>(nullptr). - @param[in] type the @ref number_float_t in use - @param[in,out] endptr recieves a pointer to the first character after the number @@ -8781,19 +10557,19 @@ basic_json_parser_63: // skip if definitely not an integer if (type != value_t::number_float) { - // multiply last value by ten and add the new digit - auto temp = value * 10 + *curptr - '0'; + auto digit = static_cast<number_unsigned_t>(*curptr - '0'); - // test for overflow - if (temp < value || temp > max) + // overflow if value * 10 + digit > max, move terms around + // to avoid overflow in intermediate values + if (value > (max - digit) / 10) { // overflow type = value_t::number_float; } else { - // no overflow - save it - value = temp; + // no overflow + value = value * 10 + digit; } } } @@ -8805,12 +10581,34 @@ basic_json_parser_63: } else if (type == value_t::number_integer) { - result.m_value.number_integer = -static_cast<number_integer_t>(value); + // invariant: if we parsed a '-', the absolute value is between + // 0 (we allow -0) and max == -INT64_MIN + assert(value >= 0); + assert(value <= max); + + if (value == max) + { + // we cannot simply negate value (== max == -INT64_MIN), + // see https://github.com/nlohmann/json/issues/389 + result.m_value.number_integer = static_cast<number_integer_t>(INT64_MIN); + } + else + { + // all other values can be negated safely + result.m_value.number_integer = -static_cast<number_integer_t>(value); + } } else { // parse with strtod result.m_value.number_float = str_to_float_t(static_cast<number_float_t*>(nullptr), NULL); + + // replace infinity and NAN by null + if (not std::isfinite(result.m_value.number_float)) + { + type = value_t::null; + result.m_value = basic_json::json_value(); + } } // save the type @@ -8820,8 +10618,10 @@ basic_json_parser_63: private: /// optional input stream std::istream* m_stream = nullptr; - /// the buffer - string_t m_buffer; + /// line buffer buffer for m_stream + string_t m_line_buffer {}; + /// used for filling m_line_buffer + string_t m_line_buffer_tmp {}; /// the buffer pointer const lexer_char_t* m_content = nullptr; /// pointer to the beginning of the current symbol @@ -8844,25 +10644,34 @@ basic_json_parser_63: class parser { public: - /// constructor for strings - parser(const string_t& s, const parser_callback_t cb = nullptr) noexcept - : callback(cb), m_lexer(s) - { - // read first token - get_token(); - } + /// a parser reading from a string literal + parser(const char* buff, const parser_callback_t cb = nullptr) + : callback(cb), + m_lexer(reinterpret_cast<const typename lexer::lexer_char_t*>(buff), std::strlen(buff)) + {} /// a parser reading from an input stream - parser(std::istream& _is, const parser_callback_t cb = nullptr) noexcept - : callback(cb), m_lexer(&_is) - { - // read first token - get_token(); - } + parser(std::istream& is, const parser_callback_t cb = nullptr) + : callback(cb), m_lexer(is) + {} + + /// a parser reading from an iterator range with contiguous storage + template<class IteratorType, typename std::enable_if< + std::is_same<typename std::iterator_traits<IteratorType>::iterator_category, std::random_access_iterator_tag>::value + , int>::type + = 0> + parser(IteratorType first, IteratorType last, const parser_callback_t cb = nullptr) + : callback(cb), + m_lexer(reinterpret_cast<const typename lexer::lexer_char_t*>(&(*first)), + static_cast<size_t>(std::distance(first, last))) + {} /// public parser interface basic_json parse() { + // read first token + get_token(); + basic_json result = parse_internal(true); result.assert_invariant(); @@ -8883,7 +10692,8 @@ basic_json_parser_63: { case lexer::token_type::begin_object: { - if (keep and (not callback or (keep = callback(depth++, parse_event_t::object_start, result)))) + if (keep and (not callback + or ((keep = callback(depth++, parse_event_t::object_start, result)) != 0))) { // explicitly set result to object to cope with {} result.m_type = value_t::object; @@ -8961,7 +10771,8 @@ basic_json_parser_63: case lexer::token_type::begin_array: { - if (keep and (not callback or (keep = callback(depth++, parse_event_t::array_start, result)))) + if (keep and (not callback + or ((keep = callback(depth++, parse_event_t::array_start, result)) != 0))) { // explicitly set result to object to cope with [] result.m_type = value_t::array; @@ -9067,7 +10878,7 @@ basic_json_parser_63: } /// get next token from lexer - typename lexer::token_type get_token() noexcept + typename lexer::token_type get_token() { last_token = m_lexer.scan(); return last_token; @@ -9280,6 +11091,12 @@ basic_json_parser_63: /*! @brief return a reference to the pointed to value + @note This version does not throw if a value is not present, but tries + to create nested values instead. For instance, calling this function + with pointer `"/this/that"` on a null value is equivalent to calling + `operator[]("this").operator[]("that")` on that value, effectively + changing the null value to an object. + @param[in] ptr a JSON value @return reference to the JSON value pointed to by the JSON pointer @@ -9294,6 +11111,29 @@ basic_json_parser_63: { for (const auto& reference_token : reference_tokens) { + // convert null values to arrays or objects before continuing + if (ptr->m_type == value_t::null) + { + // check if reference token is a number + const bool nums = std::all_of(reference_token.begin(), + reference_token.end(), + [](const char x) + { + return std::isdigit(x); + }); + + // change value to array for numbers or "-" or to object + // otherwise + if (nums or reference_token == "-") + { + *ptr = value_t::array; + } + else + { + *ptr = value_t::object; + } + } + switch (ptr->m_type) { case value_t::object: @@ -9475,7 +11315,7 @@ basic_json_parser_63: } /// split the string input to reference tokens - static std::vector<std::string> split(std::string reference_string) + static std::vector<std::string> split(const std::string& reference_string) { std::vector<std::string> result; @@ -9539,13 +11379,11 @@ basic_json_parser_63: /*! @brief replace all occurrences of a substring by another string - @param[in,out] s the string to manipulate + @param[in,out] s the string to manipulate; changed so that all + occurrences of @a f are replaced with @a t @param[in] f the substring to replace with @a t @param[in] t the string to replace @a f - @return The string @a s where all occurrences of @a f are replaced - with @a t. - @pre The search string @a f must not be empty. @since version 2.0.0 @@ -9960,7 +11798,7 @@ basic_json_parser_63: json_pointer top_pointer = ptr.top(); if (top_pointer != ptr) { - basic_json& x = result.at(top_pointer); + result.at(top_pointer); } // get reference to parent of JSON pointer ptr @@ -10203,7 +12041,7 @@ basic_json_parser_63: */ static basic_json diff(const basic_json& source, const basic_json& target, - std::string path = "") + const std::string& path = "") { // the patch basic_json result(value_t::array); @@ -10365,7 +12203,7 @@ namespace std @since version 1.0.0 */ -template <> +template<> inline void swap(nlohmann::json& j1, nlohmann::json& j2) noexcept( is_nothrow_move_constructible<nlohmann::json>::value and @@ -10376,7 +12214,7 @@ inline void swap(nlohmann::json& j1, } /// hash value for JSON objects -template <> +template<> struct hash<nlohmann::json> { /*! @@ -10401,30 +12239,32 @@ can be used by adding `"_json"` to a string literal and returns a JSON object if no parse error occurred. @param[in] s a string representation of a JSON object +@param[in] n the length of string @a s @return a JSON object @since version 1.0.0 */ -inline nlohmann::json operator "" _json(const char* s, std::size_t) +inline nlohmann::json operator "" _json(const char* s, std::size_t n) { - return nlohmann::json::parse(reinterpret_cast<const nlohmann::json::string_t::value_type*>(s)); + return nlohmann::json::parse(s, s + n); } /*! @brief user-defined string literal for JSON pointer This operator implements a user-defined string literal for JSON Pointers. It -can be used by adding `"_json"` to a string literal and returns a JSON pointer +can be used by adding `"_json_pointer"` to a string literal and returns a JSON pointer object if no parse error occurred. @param[in] s a string representation of a JSON Pointer +@param[in] n the length of string @a s @return a JSON pointer object @since version 2.0.0 */ -inline nlohmann::json::json_pointer operator "" _json_pointer(const char* s, std::size_t) +inline nlohmann::json::json_pointer operator "" _json_pointer(const char* s, std::size_t n) { - return nlohmann::json::json_pointer(s); + return nlohmann::json::json_pointer(std::string(s, n)); } // restore GCC/clang diagnostic settings diff --git a/ext/lz4/lz4.c b/ext/lz4/lz4.c deleted file mode 100644 index 08cf6b5c..00000000 --- a/ext/lz4/lz4.c +++ /dev/null @@ -1,1516 +0,0 @@ -/* - LZ4 - Fast LZ compression algorithm - Copyright (C) 2011-2015, Yann Collet. - - BSD 2-Clause License (http://www.opensource.org/licenses/bsd-license.php) - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are - met: - - * Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following disclaimer - in the documentation and/or other materials provided with the - distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR - A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT - OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT - LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - You can contact the author at : - - LZ4 source repository : https://github.com/Cyan4973/lz4 - - LZ4 public forum : https://groups.google.com/forum/#!forum/lz4c -*/ - - -/************************************** -* Tuning parameters -**************************************/ -/* - * HEAPMODE : - * Select how default compression functions will allocate memory for their hash table, - * in memory stack (0:default, fastest), or in memory heap (1:requires malloc()). - */ -#define HEAPMODE 0 - -/* - * ACCELERATION_DEFAULT : - * Select "acceleration" for LZ4_compress_fast() when parameter value <= 0 - */ -#define ACCELERATION_DEFAULT 1 - - -/************************************** -* CPU Feature Detection -**************************************/ -/* - * LZ4_FORCE_SW_BITCOUNT - * Define this parameter if your target system or compiler does not support hardware bit count - */ -#if defined(_MSC_VER) && defined(_WIN32_WCE) /* Visual Studio for Windows CE does not support Hardware bit count */ -# define LZ4_FORCE_SW_BITCOUNT -#endif - - -/************************************** -* Includes -**************************************/ -#include "lz4.h" - - -/************************************** -* Compiler Options -**************************************/ -#ifdef _MSC_VER /* Visual Studio */ -# define FORCE_INLINE static __forceinline -# include <intrin.h> -# pragma warning(disable : 4127) /* disable: C4127: conditional expression is constant */ -# pragma warning(disable : 4293) /* disable: C4293: too large shift (32-bits) */ -#else -# if defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L) /* C99 */ -# if defined(__GNUC__) || defined(__clang__) -# define FORCE_INLINE static inline __attribute__((always_inline)) -# else -# define FORCE_INLINE static inline -# endif -# else -# define FORCE_INLINE static -# endif /* __STDC_VERSION__ */ -#endif /* _MSC_VER */ - -/* LZ4_GCC_VERSION is defined into lz4.h */ -#if (LZ4_GCC_VERSION >= 302) || (__INTEL_COMPILER >= 800) || defined(__clang__) -# define expect(expr,value) (__builtin_expect ((expr),(value)) ) -#else -# define expect(expr,value) (expr) -#endif - -#define likely(expr) expect((expr) != 0, 1) -#define unlikely(expr) expect((expr) != 0, 0) - - -/************************************** -* Memory routines -**************************************/ -#include <stdlib.h> /* malloc, calloc, free */ -#define ALLOCATOR(n,s) calloc(n,s) -#define FREEMEM free -#include <string.h> /* memset, memcpy */ -#define MEM_INIT memset - - -/************************************** -* Basic Types -**************************************/ -#if defined (__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L) /* C99 */ -# include <stdint.h> - typedef uint8_t BYTE; - typedef uint16_t U16; - typedef uint32_t U32; - typedef int32_t S32; - typedef uint64_t U64; -#else - typedef unsigned char BYTE; - typedef unsigned short U16; - typedef unsigned int U32; - typedef signed int S32; - typedef unsigned long long U64; -#endif - - -/************************************** -* Reading and writing into memory -**************************************/ -#define STEPSIZE sizeof(size_t) - -static unsigned LZ4_64bits(void) { return sizeof(void*)==8; } - -static unsigned LZ4_isLittleEndian(void) -{ - const union { U32 i; BYTE c[4]; } one = { 1 }; /* don't use static : performance detrimental */ - return one.c[0]; -} - - -static U16 LZ4_read16(const void* memPtr) -{ - U16 val16; - memcpy(&val16, memPtr, 2); - return val16; -} - -static U16 LZ4_readLE16(const void* memPtr) -{ - if (LZ4_isLittleEndian()) - { - return LZ4_read16(memPtr); - } - else - { - const BYTE* p = (const BYTE*)memPtr; - return (U16)((U16)p[0] + (p[1]<<8)); - } -} - -static void LZ4_writeLE16(void* memPtr, U16 value) -{ - if (LZ4_isLittleEndian()) - { - memcpy(memPtr, &value, 2); - } - else - { - BYTE* p = (BYTE*)memPtr; - p[0] = (BYTE) value; - p[1] = (BYTE)(value>>8); - } -} - -static U32 LZ4_read32(const void* memPtr) -{ - U32 val32; - memcpy(&val32, memPtr, 4); - return val32; -} - -static U64 LZ4_read64(const void* memPtr) -{ - U64 val64; - memcpy(&val64, memPtr, 8); - return val64; -} - -static size_t LZ4_read_ARCH(const void* p) -{ - if (LZ4_64bits()) - return (size_t)LZ4_read64(p); - else - return (size_t)LZ4_read32(p); -} - - -static void LZ4_copy4(void* dstPtr, const void* srcPtr) { memcpy(dstPtr, srcPtr, 4); } - -static void LZ4_copy8(void* dstPtr, const void* srcPtr) { memcpy(dstPtr, srcPtr, 8); } - -/* customized version of memcpy, which may overwrite up to 7 bytes beyond dstEnd */ -static void LZ4_wildCopy(void* dstPtr, const void* srcPtr, void* dstEnd) -{ - BYTE* d = (BYTE*)dstPtr; - const BYTE* s = (const BYTE*)srcPtr; - BYTE* e = (BYTE*)dstEnd; - do { LZ4_copy8(d,s); d+=8; s+=8; } while (d<e); -} - - -/************************************** -* Common Constants -**************************************/ -#define MINMATCH 4 - -#define COPYLENGTH 8 -#define LASTLITERALS 5 -#define MFLIMIT (COPYLENGTH+MINMATCH) -static const int LZ4_minLength = (MFLIMIT+1); - -#define KB *(1 <<10) -#define MB *(1 <<20) -#define GB *(1U<<30) - -#define MAXD_LOG 16 -#define MAX_DISTANCE ((1 << MAXD_LOG) - 1) - -#define ML_BITS 4 -#define ML_MASK ((1U<<ML_BITS)-1) -#define RUN_BITS (8-ML_BITS) -#define RUN_MASK ((1U<<RUN_BITS)-1) - - -/************************************** -* Common Utils -**************************************/ -#define LZ4_STATIC_ASSERT(c) { enum { LZ4_static_assert = 1/(int)(!!(c)) }; } /* use only *after* variable declarations */ - - -/************************************** -* Common functions -**************************************/ -static unsigned LZ4_NbCommonBytes (register size_t val) -{ - if (LZ4_isLittleEndian()) - { - if (LZ4_64bits()) - { -# if defined(_MSC_VER) && defined(_WIN64) && !defined(LZ4_FORCE_SW_BITCOUNT) - unsigned long r = 0; - _BitScanForward64( &r, (U64)val ); - return (int)(r>>3); -# elif (defined(__clang__) || (LZ4_GCC_VERSION >= 304)) && !defined(LZ4_FORCE_SW_BITCOUNT) - return (__builtin_ctzll((U64)val) >> 3); -# else - static const int DeBruijnBytePos[64] = { 0, 0, 0, 0, 0, 1, 1, 2, 0, 3, 1, 3, 1, 4, 2, 7, 0, 2, 3, 6, 1, 5, 3, 5, 1, 3, 4, 4, 2, 5, 6, 7, 7, 0, 1, 2, 3, 3, 4, 6, 2, 6, 5, 5, 3, 4, 5, 6, 7, 1, 2, 4, 6, 4, 4, 5, 7, 2, 6, 5, 7, 6, 7, 7 }; - return DeBruijnBytePos[((U64)((val & -(long long)val) * 0x0218A392CDABBD3FULL)) >> 58]; -# endif - } - else /* 32 bits */ - { -# if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT) - unsigned long r; - _BitScanForward( &r, (U32)val ); - return (int)(r>>3); -# elif (defined(__clang__) || (LZ4_GCC_VERSION >= 304)) && !defined(LZ4_FORCE_SW_BITCOUNT) - return (__builtin_ctz((U32)val) >> 3); -# else - static const int DeBruijnBytePos[32] = { 0, 0, 3, 0, 3, 1, 3, 0, 3, 2, 2, 1, 3, 2, 0, 1, 3, 3, 1, 2, 2, 2, 2, 0, 3, 1, 2, 0, 1, 0, 1, 1 }; - return DeBruijnBytePos[((U32)((val & -(S32)val) * 0x077CB531U)) >> 27]; -# endif - } - } - else /* Big Endian CPU */ - { - if (LZ4_64bits()) - { -# if defined(_MSC_VER) && defined(_WIN64) && !defined(LZ4_FORCE_SW_BITCOUNT) - unsigned long r = 0; - _BitScanReverse64( &r, val ); - return (unsigned)(r>>3); -# elif (defined(__clang__) || (LZ4_GCC_VERSION >= 304)) && !defined(LZ4_FORCE_SW_BITCOUNT) - return (__builtin_clzll((U64)val) >> 3); -# else - unsigned r; - if (!(val>>32)) { r=4; } else { r=0; val>>=32; } - if (!(val>>16)) { r+=2; val>>=8; } else { val>>=24; } - r += (!val); - return r; -# endif - } - else /* 32 bits */ - { -# if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT) - unsigned long r = 0; - _BitScanReverse( &r, (unsigned long)val ); - return (unsigned)(r>>3); -# elif (defined(__clang__) || (LZ4_GCC_VERSION >= 304)) && !defined(LZ4_FORCE_SW_BITCOUNT) - return (__builtin_clz((U32)val) >> 3); -# else - unsigned r; - if (!(val>>16)) { r=2; val>>=8; } else { r=0; val>>=24; } - r += (!val); - return r; -# endif - } - } -} - -static unsigned LZ4_count(const BYTE* pIn, const BYTE* pMatch, const BYTE* pInLimit) -{ - const BYTE* const pStart = pIn; - - while (likely(pIn<pInLimit-(STEPSIZE-1))) - { - size_t diff = LZ4_read_ARCH(pMatch) ^ LZ4_read_ARCH(pIn); - if (!diff) { pIn+=STEPSIZE; pMatch+=STEPSIZE; continue; } - pIn += LZ4_NbCommonBytes(diff); - return (unsigned)(pIn - pStart); - } - - if (LZ4_64bits()) if ((pIn<(pInLimit-3)) && (LZ4_read32(pMatch) == LZ4_read32(pIn))) { pIn+=4; pMatch+=4; } - if ((pIn<(pInLimit-1)) && (LZ4_read16(pMatch) == LZ4_read16(pIn))) { pIn+=2; pMatch+=2; } - if ((pIn<pInLimit) && (*pMatch == *pIn)) pIn++; - return (unsigned)(pIn - pStart); -} - - -#ifndef LZ4_COMMONDEFS_ONLY -/************************************** -* Local Constants -**************************************/ -#define LZ4_HASHLOG (LZ4_MEMORY_USAGE-2) -#define HASHTABLESIZE (1 << LZ4_MEMORY_USAGE) -#define HASH_SIZE_U32 (1 << LZ4_HASHLOG) /* required as macro for static allocation */ - -static const int LZ4_64Klimit = ((64 KB) + (MFLIMIT-1)); -static const U32 LZ4_skipTrigger = 6; /* Increase this value ==> compression run slower on incompressible data */ - - -/************************************** -* Local Structures and types -**************************************/ -typedef struct { - U32 hashTable[HASH_SIZE_U32]; - U32 currentOffset; - U32 initCheck; - const BYTE* dictionary; - BYTE* bufferStart; /* obsolete, used for slideInputBuffer */ - U32 dictSize; -} LZ4_stream_t_internal; - -typedef enum { notLimited = 0, limitedOutput = 1 } limitedOutput_directive; -typedef enum { byPtr, byU32, byU16 } tableType_t; - -typedef enum { noDict = 0, withPrefix64k, usingExtDict } dict_directive; -typedef enum { noDictIssue = 0, dictSmall } dictIssue_directive; - -typedef enum { endOnOutputSize = 0, endOnInputSize = 1 } endCondition_directive; -typedef enum { full = 0, partial = 1 } earlyEnd_directive; - - -/************************************** -* Local Utils -**************************************/ -int LZ4_versionNumber (void) { return LZ4_VERSION_NUMBER; } -int LZ4_compressBound(int isize) { return LZ4_COMPRESSBOUND(isize); } -int LZ4_sizeofState() { return LZ4_STREAMSIZE; } - - - -/******************************** -* Compression functions -********************************/ - -static U32 LZ4_hashSequence(U32 sequence, tableType_t const tableType) -{ - if (tableType == byU16) - return (((sequence) * 2654435761U) >> ((MINMATCH*8)-(LZ4_HASHLOG+1))); - else - return (((sequence) * 2654435761U) >> ((MINMATCH*8)-LZ4_HASHLOG)); -} - -static const U64 prime5bytes = 889523592379ULL; -static U32 LZ4_hashSequence64(size_t sequence, tableType_t const tableType) -{ - const U32 hashLog = (tableType == byU16) ? LZ4_HASHLOG+1 : LZ4_HASHLOG; - const U32 hashMask = (1<<hashLog) - 1; - return ((sequence * prime5bytes) >> (40 - hashLog)) & hashMask; -} - -static U32 LZ4_hashSequenceT(size_t sequence, tableType_t const tableType) -{ - if (LZ4_64bits()) - return LZ4_hashSequence64(sequence, tableType); - return LZ4_hashSequence((U32)sequence, tableType); -} - -static U32 LZ4_hashPosition(const void* p, tableType_t tableType) { return LZ4_hashSequenceT(LZ4_read_ARCH(p), tableType); } - -static void LZ4_putPositionOnHash(const BYTE* p, U32 h, void* tableBase, tableType_t const tableType, const BYTE* srcBase) -{ - switch (tableType) - { - case byPtr: { const BYTE** hashTable = (const BYTE**)tableBase; hashTable[h] = p; return; } - case byU32: { U32* hashTable = (U32*) tableBase; hashTable[h] = (U32)(p-srcBase); return; } - case byU16: { U16* hashTable = (U16*) tableBase; hashTable[h] = (U16)(p-srcBase); return; } - } -} - -static void LZ4_putPosition(const BYTE* p, void* tableBase, tableType_t tableType, const BYTE* srcBase) -{ - U32 h = LZ4_hashPosition(p, tableType); - LZ4_putPositionOnHash(p, h, tableBase, tableType, srcBase); -} - -static const BYTE* LZ4_getPositionOnHash(U32 h, void* tableBase, tableType_t tableType, const BYTE* srcBase) -{ - if (tableType == byPtr) { const BYTE** hashTable = (const BYTE**) tableBase; return hashTable[h]; } - if (tableType == byU32) { U32* hashTable = (U32*) tableBase; return hashTable[h] + srcBase; } - { U16* hashTable = (U16*) tableBase; return hashTable[h] + srcBase; } /* default, to ensure a return */ -} - -static const BYTE* LZ4_getPosition(const BYTE* p, void* tableBase, tableType_t tableType, const BYTE* srcBase) -{ - U32 h = LZ4_hashPosition(p, tableType); - return LZ4_getPositionOnHash(h, tableBase, tableType, srcBase); -} - -FORCE_INLINE int LZ4_compress_generic( - void* const ctx, - const char* const source, - char* const dest, - const int inputSize, - const int maxOutputSize, - const limitedOutput_directive outputLimited, - const tableType_t tableType, - const dict_directive dict, - const dictIssue_directive dictIssue, - const U32 acceleration) -{ - LZ4_stream_t_internal* const dictPtr = (LZ4_stream_t_internal*)ctx; - - const BYTE* ip = (const BYTE*) source; - const BYTE* base; - const BYTE* lowLimit; - const BYTE* const lowRefLimit = ip - dictPtr->dictSize; - const BYTE* const dictionary = dictPtr->dictionary; - const BYTE* const dictEnd = dictionary + dictPtr->dictSize; - const size_t dictDelta = dictEnd - (const BYTE*)source; - const BYTE* anchor = (const BYTE*) source; - const BYTE* const iend = ip + inputSize; - const BYTE* const mflimit = iend - MFLIMIT; - const BYTE* const matchlimit = iend - LASTLITERALS; - - BYTE* op = (BYTE*) dest; - BYTE* const olimit = op + maxOutputSize; - - U32 forwardH; - size_t refDelta=0; - - /* Init conditions */ - if ((U32)inputSize > (U32)LZ4_MAX_INPUT_SIZE) return 0; /* Unsupported input size, too large (or negative) */ - switch(dict) - { - case noDict: - default: - base = (const BYTE*)source; - lowLimit = (const BYTE*)source; - break; - case withPrefix64k: - base = (const BYTE*)source - dictPtr->currentOffset; - lowLimit = (const BYTE*)source - dictPtr->dictSize; - break; - case usingExtDict: - base = (const BYTE*)source - dictPtr->currentOffset; - lowLimit = (const BYTE*)source; - break; - } - if ((tableType == byU16) && (inputSize>=LZ4_64Klimit)) return 0; /* Size too large (not within 64K limit) */ - if (inputSize<LZ4_minLength) goto _last_literals; /* Input too small, no compression (all literals) */ - - /* First Byte */ - LZ4_putPosition(ip, ctx, tableType, base); - ip++; forwardH = LZ4_hashPosition(ip, tableType); - - /* Main Loop */ - for ( ; ; ) - { - const BYTE* match; - BYTE* token; - { - const BYTE* forwardIp = ip; - unsigned step = 1; - unsigned searchMatchNb = acceleration << LZ4_skipTrigger; - - /* Find a match */ - do { - U32 h = forwardH; - ip = forwardIp; - forwardIp += step; - step = (searchMatchNb++ >> LZ4_skipTrigger); - - if (unlikely(forwardIp > mflimit)) goto _last_literals; - - match = LZ4_getPositionOnHash(h, ctx, tableType, base); - if (dict==usingExtDict) - { - if (match<(const BYTE*)source) - { - refDelta = dictDelta; - lowLimit = dictionary; - } - else - { - refDelta = 0; - lowLimit = (const BYTE*)source; - } - } - forwardH = LZ4_hashPosition(forwardIp, tableType); - LZ4_putPositionOnHash(ip, h, ctx, tableType, base); - - } while ( ((dictIssue==dictSmall) ? (match < lowRefLimit) : 0) - || ((tableType==byU16) ? 0 : (match + MAX_DISTANCE < ip)) - || (LZ4_read32(match+refDelta) != LZ4_read32(ip)) ); - } - - /* Catch up */ - while ((ip>anchor) && (match+refDelta > lowLimit) && (unlikely(ip[-1]==match[refDelta-1]))) { ip--; match--; } - - { - /* Encode Literal length */ - unsigned litLength = (unsigned)(ip - anchor); - token = op++; - if ((outputLimited) && (unlikely(op + litLength + (2 + 1 + LASTLITERALS) + (litLength/255) > olimit))) - return 0; /* Check output limit */ - if (litLength>=RUN_MASK) - { - int len = (int)litLength-RUN_MASK; - *token=(RUN_MASK<<ML_BITS); - for(; len >= 255 ; len-=255) *op++ = 255; - *op++ = (BYTE)len; - } - else *token = (BYTE)(litLength<<ML_BITS); - - /* Copy Literals */ - LZ4_wildCopy(op, anchor, op+litLength); - op+=litLength; - } - -_next_match: - /* Encode Offset */ - LZ4_writeLE16(op, (U16)(ip-match)); op+=2; - - /* Encode MatchLength */ - { - unsigned matchLength; - - if ((dict==usingExtDict) && (lowLimit==dictionary)) - { - const BYTE* limit; - match += refDelta; - limit = ip + (dictEnd-match); - if (limit > matchlimit) limit = matchlimit; - matchLength = LZ4_count(ip+MINMATCH, match+MINMATCH, limit); - ip += MINMATCH + matchLength; - if (ip==limit) - { - unsigned more = LZ4_count(ip, (const BYTE*)source, matchlimit); - matchLength += more; - ip += more; - } - } - else - { - matchLength = LZ4_count(ip+MINMATCH, match+MINMATCH, matchlimit); - ip += MINMATCH + matchLength; - } - - if ((outputLimited) && (unlikely(op + (1 + LASTLITERALS) + (matchLength>>8) > olimit))) - return 0; /* Check output limit */ - if (matchLength>=ML_MASK) - { - *token += ML_MASK; - matchLength -= ML_MASK; - for (; matchLength >= 510 ; matchLength-=510) { *op++ = 255; *op++ = 255; } - if (matchLength >= 255) { matchLength-=255; *op++ = 255; } - *op++ = (BYTE)matchLength; - } - else *token += (BYTE)(matchLength); - } - - anchor = ip; - - /* Test end of chunk */ - if (ip > mflimit) break; - - /* Fill table */ - LZ4_putPosition(ip-2, ctx, tableType, base); - - /* Test next position */ - match = LZ4_getPosition(ip, ctx, tableType, base); - if (dict==usingExtDict) - { - if (match<(const BYTE*)source) - { - refDelta = dictDelta; - lowLimit = dictionary; - } - else - { - refDelta = 0; - lowLimit = (const BYTE*)source; - } - } - LZ4_putPosition(ip, ctx, tableType, base); - if ( ((dictIssue==dictSmall) ? (match>=lowRefLimit) : 1) - && (match+MAX_DISTANCE>=ip) - && (LZ4_read32(match+refDelta)==LZ4_read32(ip)) ) - { token=op++; *token=0; goto _next_match; } - - /* Prepare next loop */ - forwardH = LZ4_hashPosition(++ip, tableType); - } - -_last_literals: - /* Encode Last Literals */ - { - const size_t lastRun = (size_t)(iend - anchor); - if ((outputLimited) && ((op - (BYTE*)dest) + lastRun + 1 + ((lastRun+255-RUN_MASK)/255) > (U32)maxOutputSize)) - return 0; /* Check output limit */ - if (lastRun >= RUN_MASK) - { - size_t accumulator = lastRun - RUN_MASK; - *op++ = RUN_MASK << ML_BITS; - for(; accumulator >= 255 ; accumulator-=255) *op++ = 255; - *op++ = (BYTE) accumulator; - } - else - { - *op++ = (BYTE)(lastRun<<ML_BITS); - } - memcpy(op, anchor, lastRun); - op += lastRun; - } - - /* End */ - return (int) (((char*)op)-dest); -} - - -int LZ4_compress_fast_extState(void* state, const char* source, char* dest, int inputSize, int maxOutputSize, int acceleration) -{ - LZ4_resetStream((LZ4_stream_t*)state); - if (acceleration < 1) acceleration = ACCELERATION_DEFAULT; - - if (maxOutputSize >= LZ4_compressBound(inputSize)) - { - if (inputSize < LZ4_64Klimit) - return LZ4_compress_generic(state, source, dest, inputSize, 0, notLimited, byU16, noDict, noDictIssue, acceleration); - else - return LZ4_compress_generic(state, source, dest, inputSize, 0, notLimited, LZ4_64bits() ? byU32 : byPtr, noDict, noDictIssue, acceleration); - } - else - { - if (inputSize < LZ4_64Klimit) - return LZ4_compress_generic(state, source, dest, inputSize, maxOutputSize, limitedOutput, byU16, noDict, noDictIssue, acceleration); - else - return LZ4_compress_generic(state, source, dest, inputSize, maxOutputSize, limitedOutput, LZ4_64bits() ? byU32 : byPtr, noDict, noDictIssue, acceleration); - } -} - - -int LZ4_compress_fast(const char* source, char* dest, int inputSize, int maxOutputSize, int acceleration) -{ -#if (HEAPMODE) - void* ctxPtr = ALLOCATOR(1, sizeof(LZ4_stream_t)); /* malloc-calloc always properly aligned */ -#else - LZ4_stream_t ctx; - void* ctxPtr = &ctx; -#endif - - int result = LZ4_compress_fast_extState(ctxPtr, source, dest, inputSize, maxOutputSize, acceleration); - -#if (HEAPMODE) - FREEMEM(ctxPtr); -#endif - return result; -} - - -int LZ4_compress_default(const char* source, char* dest, int inputSize, int maxOutputSize) -{ - return LZ4_compress_fast(source, dest, inputSize, maxOutputSize, 1); -} - - -/* hidden debug function */ -/* strangely enough, gcc generates faster code when this function is uncommented, even if unused */ -int LZ4_compress_fast_force(const char* source, char* dest, int inputSize, int maxOutputSize, int acceleration) -{ - LZ4_stream_t ctx; - - LZ4_resetStream(&ctx); - - if (inputSize < LZ4_64Klimit) - return LZ4_compress_generic(&ctx, source, dest, inputSize, maxOutputSize, limitedOutput, byU16, noDict, noDictIssue, acceleration); - else - return LZ4_compress_generic(&ctx, source, dest, inputSize, maxOutputSize, limitedOutput, LZ4_64bits() ? byU32 : byPtr, noDict, noDictIssue, acceleration); -} - - -/******************************** -* destSize variant -********************************/ - -static int LZ4_compress_destSize_generic( - void* const ctx, - const char* const src, - char* const dst, - int* const srcSizePtr, - const int targetDstSize, - const tableType_t tableType) -{ - const BYTE* ip = (const BYTE*) src; - const BYTE* base = (const BYTE*) src; - const BYTE* lowLimit = (const BYTE*) src; - const BYTE* anchor = ip; - const BYTE* const iend = ip + *srcSizePtr; - const BYTE* const mflimit = iend - MFLIMIT; - const BYTE* const matchlimit = iend - LASTLITERALS; - - BYTE* op = (BYTE*) dst; - BYTE* const oend = op + targetDstSize; - BYTE* const oMaxLit = op + targetDstSize - 2 /* offset */ - 8 /* because 8+MINMATCH==MFLIMIT */ - 1 /* token */; - BYTE* const oMaxMatch = op + targetDstSize - (LASTLITERALS + 1 /* token */); - BYTE* const oMaxSeq = oMaxLit - 1 /* token */; - - U32 forwardH; - - - /* Init conditions */ - if (targetDstSize < 1) return 0; /* Impossible to store anything */ - if ((U32)*srcSizePtr > (U32)LZ4_MAX_INPUT_SIZE) return 0; /* Unsupported input size, too large (or negative) */ - if ((tableType == byU16) && (*srcSizePtr>=LZ4_64Klimit)) return 0; /* Size too large (not within 64K limit) */ - if (*srcSizePtr<LZ4_minLength) goto _last_literals; /* Input too small, no compression (all literals) */ - - /* First Byte */ - *srcSizePtr = 0; - LZ4_putPosition(ip, ctx, tableType, base); - ip++; forwardH = LZ4_hashPosition(ip, tableType); - - /* Main Loop */ - for ( ; ; ) - { - const BYTE* match; - BYTE* token; - { - const BYTE* forwardIp = ip; - unsigned step = 1; - unsigned searchMatchNb = 1 << LZ4_skipTrigger; - - /* Find a match */ - do { - U32 h = forwardH; - ip = forwardIp; - forwardIp += step; - step = (searchMatchNb++ >> LZ4_skipTrigger); - - if (unlikely(forwardIp > mflimit)) - goto _last_literals; - - match = LZ4_getPositionOnHash(h, ctx, tableType, base); - forwardH = LZ4_hashPosition(forwardIp, tableType); - LZ4_putPositionOnHash(ip, h, ctx, tableType, base); - - } while ( ((tableType==byU16) ? 0 : (match + MAX_DISTANCE < ip)) - || (LZ4_read32(match) != LZ4_read32(ip)) ); - } - - /* Catch up */ - while ((ip>anchor) && (match > lowLimit) && (unlikely(ip[-1]==match[-1]))) { ip--; match--; } - - { - /* Encode Literal length */ - unsigned litLength = (unsigned)(ip - anchor); - token = op++; - if (op + ((litLength+240)/255) + litLength > oMaxLit) - { - /* Not enough space for a last match */ - op--; - goto _last_literals; - } - if (litLength>=RUN_MASK) - { - unsigned len = litLength - RUN_MASK; - *token=(RUN_MASK<<ML_BITS); - for(; len >= 255 ; len-=255) *op++ = 255; - *op++ = (BYTE)len; - } - else *token = (BYTE)(litLength<<ML_BITS); - - /* Copy Literals */ - LZ4_wildCopy(op, anchor, op+litLength); - op += litLength; - } - -_next_match: - /* Encode Offset */ - LZ4_writeLE16(op, (U16)(ip-match)); op+=2; - - /* Encode MatchLength */ - { - size_t matchLength; - - matchLength = LZ4_count(ip+MINMATCH, match+MINMATCH, matchlimit); - - if (op + ((matchLength+240)/255) > oMaxMatch) - { - /* Match description too long : reduce it */ - matchLength = (15-1) + (oMaxMatch-op) * 255; - } - //printf("offset %5i, matchLength%5i \n", (int)(ip-match), matchLength + MINMATCH); - ip += MINMATCH + matchLength; - - if (matchLength>=ML_MASK) - { - *token += ML_MASK; - matchLength -= ML_MASK; - while (matchLength >= 255) { matchLength-=255; *op++ = 255; } - *op++ = (BYTE)matchLength; - } - else *token += (BYTE)(matchLength); - } - - anchor = ip; - - /* Test end of block */ - if (ip > mflimit) break; - if (op > oMaxSeq) break; - - /* Fill table */ - LZ4_putPosition(ip-2, ctx, tableType, base); - - /* Test next position */ - match = LZ4_getPosition(ip, ctx, tableType, base); - LZ4_putPosition(ip, ctx, tableType, base); - if ( (match+MAX_DISTANCE>=ip) - && (LZ4_read32(match)==LZ4_read32(ip)) ) - { token=op++; *token=0; goto _next_match; } - - /* Prepare next loop */ - forwardH = LZ4_hashPosition(++ip, tableType); - } - -_last_literals: - /* Encode Last Literals */ - { - size_t lastRunSize = (size_t)(iend - anchor); - if (op + 1 /* token */ + ((lastRunSize+240)/255) /* litLength */ + lastRunSize /* literals */ > oend) - { - /* adapt lastRunSize to fill 'dst' */ - lastRunSize = (oend-op) - 1; - lastRunSize -= (lastRunSize+240)/255; - } - ip = anchor + lastRunSize; - - if (lastRunSize >= RUN_MASK) - { - size_t accumulator = lastRunSize - RUN_MASK; - *op++ = RUN_MASK << ML_BITS; - for(; accumulator >= 255 ; accumulator-=255) *op++ = 255; - *op++ = (BYTE) accumulator; - } - else - { - *op++ = (BYTE)(lastRunSize<<ML_BITS); - } - memcpy(op, anchor, lastRunSize); - op += lastRunSize; - } - - /* End */ - *srcSizePtr = (int) (((const char*)ip)-src); - return (int) (((char*)op)-dst); -} - - -static int LZ4_compress_destSize_extState (void* state, const char* src, char* dst, int* srcSizePtr, int targetDstSize) -{ - LZ4_resetStream((LZ4_stream_t*)state); - - if (targetDstSize >= LZ4_compressBound(*srcSizePtr)) /* compression success is guaranteed */ - { - return LZ4_compress_fast_extState(state, src, dst, *srcSizePtr, targetDstSize, 1); - } - else - { - if (*srcSizePtr < LZ4_64Klimit) - return LZ4_compress_destSize_generic(state, src, dst, srcSizePtr, targetDstSize, byU16); - else - return LZ4_compress_destSize_generic(state, src, dst, srcSizePtr, targetDstSize, LZ4_64bits() ? byU32 : byPtr); - } -} - - -int LZ4_compress_destSize(const char* src, char* dst, int* srcSizePtr, int targetDstSize) -{ -#if (HEAPMODE) - void* ctx = ALLOCATOR(1, sizeof(LZ4_stream_t)); /* malloc-calloc always properly aligned */ -#else - LZ4_stream_t ctxBody; - void* ctx = &ctxBody; -#endif - - int result = LZ4_compress_destSize_extState(ctx, src, dst, srcSizePtr, targetDstSize); - -#if (HEAPMODE) - FREEMEM(ctx); -#endif - return result; -} - - - -/******************************** -* Streaming functions -********************************/ - -LZ4_stream_t* LZ4_createStream(void) -{ - LZ4_stream_t* lz4s = (LZ4_stream_t*)ALLOCATOR(8, LZ4_STREAMSIZE_U64); - LZ4_STATIC_ASSERT(LZ4_STREAMSIZE >= sizeof(LZ4_stream_t_internal)); /* A compilation error here means LZ4_STREAMSIZE is not large enough */ - LZ4_resetStream(lz4s); - return lz4s; -} - -void LZ4_resetStream (LZ4_stream_t* LZ4_stream) -{ - MEM_INIT(LZ4_stream, 0, sizeof(LZ4_stream_t)); -} - -int LZ4_freeStream (LZ4_stream_t* LZ4_stream) -{ - FREEMEM(LZ4_stream); - return (0); -} - - -#define HASH_UNIT sizeof(size_t) -int LZ4_loadDict (LZ4_stream_t* LZ4_dict, const char* dictionary, int dictSize) -{ - LZ4_stream_t_internal* dict = (LZ4_stream_t_internal*) LZ4_dict; - const BYTE* p = (const BYTE*)dictionary; - const BYTE* const dictEnd = p + dictSize; - const BYTE* base; - - if ((dict->initCheck) || (dict->currentOffset > 1 GB)) /* Uninitialized structure, or reuse overflow */ - LZ4_resetStream(LZ4_dict); - - if (dictSize < (int)HASH_UNIT) - { - dict->dictionary = NULL; - dict->dictSize = 0; - return 0; - } - - if ((dictEnd - p) > 64 KB) p = dictEnd - 64 KB; - dict->currentOffset += 64 KB; - base = p - dict->currentOffset; - dict->dictionary = p; - dict->dictSize = (U32)(dictEnd - p); - dict->currentOffset += dict->dictSize; - - while (p <= dictEnd-HASH_UNIT) - { - LZ4_putPosition(p, dict->hashTable, byU32, base); - p+=3; - } - - return dict->dictSize; -} - - -static void LZ4_renormDictT(LZ4_stream_t_internal* LZ4_dict, const BYTE* src) -{ - if ((LZ4_dict->currentOffset > 0x80000000) || - ((size_t)LZ4_dict->currentOffset > (size_t)src)) /* address space overflow */ - { - /* rescale hash table */ - U32 delta = LZ4_dict->currentOffset - 64 KB; - const BYTE* dictEnd = LZ4_dict->dictionary + LZ4_dict->dictSize; - int i; - for (i=0; i<HASH_SIZE_U32; i++) - { - if (LZ4_dict->hashTable[i] < delta) LZ4_dict->hashTable[i]=0; - else LZ4_dict->hashTable[i] -= delta; - } - LZ4_dict->currentOffset = 64 KB; - if (LZ4_dict->dictSize > 64 KB) LZ4_dict->dictSize = 64 KB; - LZ4_dict->dictionary = dictEnd - LZ4_dict->dictSize; - } -} - - -int LZ4_compress_fast_continue (LZ4_stream_t* LZ4_stream, const char* source, char* dest, int inputSize, int maxOutputSize, int acceleration) -{ - LZ4_stream_t_internal* streamPtr = (LZ4_stream_t_internal*)LZ4_stream; - const BYTE* const dictEnd = streamPtr->dictionary + streamPtr->dictSize; - - const BYTE* smallest = (const BYTE*) source; - if (streamPtr->initCheck) return 0; /* Uninitialized structure detected */ - if ((streamPtr->dictSize>0) && (smallest>dictEnd)) smallest = dictEnd; - LZ4_renormDictT(streamPtr, smallest); - if (acceleration < 1) acceleration = ACCELERATION_DEFAULT; - - /* Check overlapping input/dictionary space */ - { - const BYTE* sourceEnd = (const BYTE*) source + inputSize; - if ((sourceEnd > streamPtr->dictionary) && (sourceEnd < dictEnd)) - { - streamPtr->dictSize = (U32)(dictEnd - sourceEnd); - if (streamPtr->dictSize > 64 KB) streamPtr->dictSize = 64 KB; - if (streamPtr->dictSize < 4) streamPtr->dictSize = 0; - streamPtr->dictionary = dictEnd - streamPtr->dictSize; - } - } - - /* prefix mode : source data follows dictionary */ - if (dictEnd == (const BYTE*)source) - { - int result; - if ((streamPtr->dictSize < 64 KB) && (streamPtr->dictSize < streamPtr->currentOffset)) - result = LZ4_compress_generic(LZ4_stream, source, dest, inputSize, maxOutputSize, limitedOutput, byU32, withPrefix64k, dictSmall, acceleration); - else - result = LZ4_compress_generic(LZ4_stream, source, dest, inputSize, maxOutputSize, limitedOutput, byU32, withPrefix64k, noDictIssue, acceleration); - streamPtr->dictSize += (U32)inputSize; - streamPtr->currentOffset += (U32)inputSize; - return result; - } - - /* external dictionary mode */ - { - int result; - if ((streamPtr->dictSize < 64 KB) && (streamPtr->dictSize < streamPtr->currentOffset)) - result = LZ4_compress_generic(LZ4_stream, source, dest, inputSize, maxOutputSize, limitedOutput, byU32, usingExtDict, dictSmall, acceleration); - else - result = LZ4_compress_generic(LZ4_stream, source, dest, inputSize, maxOutputSize, limitedOutput, byU32, usingExtDict, noDictIssue, acceleration); - streamPtr->dictionary = (const BYTE*)source; - streamPtr->dictSize = (U32)inputSize; - streamPtr->currentOffset += (U32)inputSize; - return result; - } -} - - -/* Hidden debug function, to force external dictionary mode */ -int LZ4_compress_forceExtDict (LZ4_stream_t* LZ4_dict, const char* source, char* dest, int inputSize) -{ - LZ4_stream_t_internal* streamPtr = (LZ4_stream_t_internal*)LZ4_dict; - int result; - const BYTE* const dictEnd = streamPtr->dictionary + streamPtr->dictSize; - - const BYTE* smallest = dictEnd; - if (smallest > (const BYTE*) source) smallest = (const BYTE*) source; - LZ4_renormDictT((LZ4_stream_t_internal*)LZ4_dict, smallest); - - result = LZ4_compress_generic(LZ4_dict, source, dest, inputSize, 0, notLimited, byU32, usingExtDict, noDictIssue, 1); - - streamPtr->dictionary = (const BYTE*)source; - streamPtr->dictSize = (U32)inputSize; - streamPtr->currentOffset += (U32)inputSize; - - return result; -} - - -int LZ4_saveDict (LZ4_stream_t* LZ4_dict, char* safeBuffer, int dictSize) -{ - LZ4_stream_t_internal* dict = (LZ4_stream_t_internal*) LZ4_dict; - const BYTE* previousDictEnd = dict->dictionary + dict->dictSize; - - if ((U32)dictSize > 64 KB) dictSize = 64 KB; /* useless to define a dictionary > 64 KB */ - if ((U32)dictSize > dict->dictSize) dictSize = dict->dictSize; - - memmove(safeBuffer, previousDictEnd - dictSize, dictSize); - - dict->dictionary = (const BYTE*)safeBuffer; - dict->dictSize = (U32)dictSize; - - return dictSize; -} - - - -/******************************* -* Decompression functions -*******************************/ -/* - * This generic decompression function cover all use cases. - * It shall be instantiated several times, using different sets of directives - * Note that it is essential this generic function is really inlined, - * in order to remove useless branches during compilation optimization. - */ -FORCE_INLINE int LZ4_decompress_generic( - const char* const source, - char* const dest, - int inputSize, - int outputSize, /* If endOnInput==endOnInputSize, this value is the max size of Output Buffer. */ - - int endOnInput, /* endOnOutputSize, endOnInputSize */ - int partialDecoding, /* full, partial */ - int targetOutputSize, /* only used if partialDecoding==partial */ - int dict, /* noDict, withPrefix64k, usingExtDict */ - const BYTE* const lowPrefix, /* == dest if dict == noDict */ - const BYTE* const dictStart, /* only if dict==usingExtDict */ - const size_t dictSize /* note : = 0 if noDict */ - ) -{ - /* Local Variables */ - const BYTE* ip = (const BYTE*) source; - const BYTE* const iend = ip + inputSize; - - BYTE* op = (BYTE*) dest; - BYTE* const oend = op + outputSize; - BYTE* cpy; - BYTE* oexit = op + targetOutputSize; - const BYTE* const lowLimit = lowPrefix - dictSize; - - const BYTE* const dictEnd = (const BYTE*)dictStart + dictSize; - const size_t dec32table[] = {4, 1, 2, 1, 4, 4, 4, 4}; - const size_t dec64table[] = {0, 0, 0, (size_t)-1, 0, 1, 2, 3}; - - const int safeDecode = (endOnInput==endOnInputSize); - const int checkOffset = ((safeDecode) && (dictSize < (int)(64 KB))); - - - /* Special cases */ - if ((partialDecoding) && (oexit> oend-MFLIMIT)) oexit = oend-MFLIMIT; /* targetOutputSize too high => decode everything */ - if ((endOnInput) && (unlikely(outputSize==0))) return ((inputSize==1) && (*ip==0)) ? 0 : -1; /* Empty output buffer */ - if ((!endOnInput) && (unlikely(outputSize==0))) return (*ip==0?1:-1); - - - /* Main Loop */ - while (1) - { - unsigned token; - size_t length; - const BYTE* match; - - /* get literal length */ - token = *ip++; - if ((length=(token>>ML_BITS)) == RUN_MASK) - { - unsigned s; - do - { - s = *ip++; - length += s; - } - while (likely((endOnInput)?ip<iend-RUN_MASK:1) && (s==255)); - if ((safeDecode) && unlikely((size_t)(op+length)<(size_t)(op))) goto _output_error; /* overflow detection */ - if ((safeDecode) && unlikely((size_t)(ip+length)<(size_t)(ip))) goto _output_error; /* overflow detection */ - } - - /* copy literals */ - cpy = op+length; - if (((endOnInput) && ((cpy>(partialDecoding?oexit:oend-MFLIMIT)) || (ip+length>iend-(2+1+LASTLITERALS))) ) - || ((!endOnInput) && (cpy>oend-COPYLENGTH))) - { - if (partialDecoding) - { - if (cpy > oend) goto _output_error; /* Error : write attempt beyond end of output buffer */ - if ((endOnInput) && (ip+length > iend)) goto _output_error; /* Error : read attempt beyond end of input buffer */ - } - else - { - if ((!endOnInput) && (cpy != oend)) goto _output_error; /* Error : block decoding must stop exactly there */ - if ((endOnInput) && ((ip+length != iend) || (cpy > oend))) goto _output_error; /* Error : input must be consumed */ - } - memcpy(op, ip, length); - ip += length; - op += length; - break; /* Necessarily EOF, due to parsing restrictions */ - } - LZ4_wildCopy(op, ip, cpy); - ip += length; op = cpy; - - /* get offset */ - match = cpy - LZ4_readLE16(ip); ip+=2; - if ((checkOffset) && (unlikely(match < lowLimit))) goto _output_error; /* Error : offset outside destination buffer */ - - /* get matchlength */ - length = token & ML_MASK; - if (length == ML_MASK) - { - unsigned s; - do - { - if ((endOnInput) && (ip > iend-LASTLITERALS)) goto _output_error; - s = *ip++; - length += s; - } while (s==255); - if ((safeDecode) && unlikely((size_t)(op+length)<(size_t)op)) goto _output_error; /* overflow detection */ - } - length += MINMATCH; - - /* check external dictionary */ - if ((dict==usingExtDict) && (match < lowPrefix)) - { - if (unlikely(op+length > oend-LASTLITERALS)) goto _output_error; /* doesn't respect parsing restriction */ - - if (length <= (size_t)(lowPrefix-match)) - { - /* match can be copied as a single segment from external dictionary */ - match = dictEnd - (lowPrefix-match); - memmove(op, match, length); op += length; - } - else - { - /* match encompass external dictionary and current segment */ - size_t copySize = (size_t)(lowPrefix-match); - memcpy(op, dictEnd - copySize, copySize); - op += copySize; - copySize = length - copySize; - if (copySize > (size_t)(op-lowPrefix)) /* overlap within current segment */ - { - BYTE* const endOfMatch = op + copySize; - const BYTE* copyFrom = lowPrefix; - while (op < endOfMatch) *op++ = *copyFrom++; - } - else - { - memcpy(op, lowPrefix, copySize); - op += copySize; - } - } - continue; - } - - /* copy repeated sequence */ - cpy = op + length; - if (unlikely((op-match)<8)) - { - const size_t dec64 = dec64table[op-match]; - op[0] = match[0]; - op[1] = match[1]; - op[2] = match[2]; - op[3] = match[3]; - match += dec32table[op-match]; - LZ4_copy4(op+4, match); - op += 8; match -= dec64; - } else { LZ4_copy8(op, match); op+=8; match+=8; } - - if (unlikely(cpy>oend-12)) - { - if (cpy > oend-LASTLITERALS) goto _output_error; /* Error : last LASTLITERALS bytes must be literals */ - if (op < oend-8) - { - LZ4_wildCopy(op, match, oend-8); - match += (oend-8) - op; - op = oend-8; - } - while (op<cpy) *op++ = *match++; - } - else - LZ4_wildCopy(op, match, cpy); - op=cpy; /* correction */ - } - - /* end of decoding */ - if (endOnInput) - return (int) (((char*)op)-dest); /* Nb of output bytes decoded */ - else - return (int) (((const char*)ip)-source); /* Nb of input bytes read */ - - /* Overflow error detected */ -_output_error: - return (int) (-(((const char*)ip)-source))-1; -} - - -int LZ4_decompress_safe(const char* source, char* dest, int compressedSize, int maxDecompressedSize) -{ - return LZ4_decompress_generic(source, dest, compressedSize, maxDecompressedSize, endOnInputSize, full, 0, noDict, (BYTE*)dest, NULL, 0); -} - -int LZ4_decompress_safe_partial(const char* source, char* dest, int compressedSize, int targetOutputSize, int maxDecompressedSize) -{ - return LZ4_decompress_generic(source, dest, compressedSize, maxDecompressedSize, endOnInputSize, partial, targetOutputSize, noDict, (BYTE*)dest, NULL, 0); -} - -int LZ4_decompress_fast(const char* source, char* dest, int originalSize) -{ - return LZ4_decompress_generic(source, dest, 0, originalSize, endOnOutputSize, full, 0, withPrefix64k, (BYTE*)(dest - 64 KB), NULL, 64 KB); -} - - -/* streaming decompression functions */ - -typedef struct -{ - const BYTE* externalDict; - size_t extDictSize; - const BYTE* prefixEnd; - size_t prefixSize; -} LZ4_streamDecode_t_internal; - -/* - * If you prefer dynamic allocation methods, - * LZ4_createStreamDecode() - * provides a pointer (void*) towards an initialized LZ4_streamDecode_t structure. - */ -LZ4_streamDecode_t* LZ4_createStreamDecode(void) -{ - LZ4_streamDecode_t* lz4s = (LZ4_streamDecode_t*) ALLOCATOR(1, sizeof(LZ4_streamDecode_t)); - return lz4s; -} - -int LZ4_freeStreamDecode (LZ4_streamDecode_t* LZ4_stream) -{ - FREEMEM(LZ4_stream); - return 0; -} - -/* - * LZ4_setStreamDecode - * Use this function to instruct where to find the dictionary - * This function is not necessary if previous data is still available where it was decoded. - * Loading a size of 0 is allowed (same effect as no dictionary). - * Return : 1 if OK, 0 if error - */ -int LZ4_setStreamDecode (LZ4_streamDecode_t* LZ4_streamDecode, const char* dictionary, int dictSize) -{ - LZ4_streamDecode_t_internal* lz4sd = (LZ4_streamDecode_t_internal*) LZ4_streamDecode; - lz4sd->prefixSize = (size_t) dictSize; - lz4sd->prefixEnd = (const BYTE*) dictionary + dictSize; - lz4sd->externalDict = NULL; - lz4sd->extDictSize = 0; - return 1; -} - -/* -*_continue() : - These decoding functions allow decompression of multiple blocks in "streaming" mode. - Previously decoded blocks must still be available at the memory position where they were decoded. - If it's not possible, save the relevant part of decoded data into a safe buffer, - and indicate where it stands using LZ4_setStreamDecode() -*/ -int LZ4_decompress_safe_continue (LZ4_streamDecode_t* LZ4_streamDecode, const char* source, char* dest, int compressedSize, int maxOutputSize) -{ - LZ4_streamDecode_t_internal* lz4sd = (LZ4_streamDecode_t_internal*) LZ4_streamDecode; - int result; - - if (lz4sd->prefixEnd == (BYTE*)dest) - { - result = LZ4_decompress_generic(source, dest, compressedSize, maxOutputSize, - endOnInputSize, full, 0, - usingExtDict, lz4sd->prefixEnd - lz4sd->prefixSize, lz4sd->externalDict, lz4sd->extDictSize); - if (result <= 0) return result; - lz4sd->prefixSize += result; - lz4sd->prefixEnd += result; - } - else - { - lz4sd->extDictSize = lz4sd->prefixSize; - lz4sd->externalDict = lz4sd->prefixEnd - lz4sd->extDictSize; - result = LZ4_decompress_generic(source, dest, compressedSize, maxOutputSize, - endOnInputSize, full, 0, - usingExtDict, (BYTE*)dest, lz4sd->externalDict, lz4sd->extDictSize); - if (result <= 0) return result; - lz4sd->prefixSize = result; - lz4sd->prefixEnd = (BYTE*)dest + result; - } - - return result; -} - -int LZ4_decompress_fast_continue (LZ4_streamDecode_t* LZ4_streamDecode, const char* source, char* dest, int originalSize) -{ - LZ4_streamDecode_t_internal* lz4sd = (LZ4_streamDecode_t_internal*) LZ4_streamDecode; - int result; - - if (lz4sd->prefixEnd == (BYTE*)dest) - { - result = LZ4_decompress_generic(source, dest, 0, originalSize, - endOnOutputSize, full, 0, - usingExtDict, lz4sd->prefixEnd - lz4sd->prefixSize, lz4sd->externalDict, lz4sd->extDictSize); - if (result <= 0) return result; - lz4sd->prefixSize += originalSize; - lz4sd->prefixEnd += originalSize; - } - else - { - lz4sd->extDictSize = lz4sd->prefixSize; - lz4sd->externalDict = (BYTE*)dest - lz4sd->extDictSize; - result = LZ4_decompress_generic(source, dest, 0, originalSize, - endOnOutputSize, full, 0, - usingExtDict, (BYTE*)dest, lz4sd->externalDict, lz4sd->extDictSize); - if (result <= 0) return result; - lz4sd->prefixSize = originalSize; - lz4sd->prefixEnd = (BYTE*)dest + originalSize; - } - - return result; -} - - -/* -Advanced decoding functions : -*_usingDict() : - These decoding functions work the same as "_continue" ones, - the dictionary must be explicitly provided within parameters -*/ - -FORCE_INLINE int LZ4_decompress_usingDict_generic(const char* source, char* dest, int compressedSize, int maxOutputSize, int safe, const char* dictStart, int dictSize) -{ - if (dictSize==0) - return LZ4_decompress_generic(source, dest, compressedSize, maxOutputSize, safe, full, 0, noDict, (BYTE*)dest, NULL, 0); - if (dictStart+dictSize == dest) - { - if (dictSize >= (int)(64 KB - 1)) - return LZ4_decompress_generic(source, dest, compressedSize, maxOutputSize, safe, full, 0, withPrefix64k, (BYTE*)dest-64 KB, NULL, 0); - return LZ4_decompress_generic(source, dest, compressedSize, maxOutputSize, safe, full, 0, noDict, (BYTE*)dest-dictSize, NULL, 0); - } - return LZ4_decompress_generic(source, dest, compressedSize, maxOutputSize, safe, full, 0, usingExtDict, (BYTE*)dest, (const BYTE*)dictStart, dictSize); -} - -int LZ4_decompress_safe_usingDict(const char* source, char* dest, int compressedSize, int maxOutputSize, const char* dictStart, int dictSize) -{ - return LZ4_decompress_usingDict_generic(source, dest, compressedSize, maxOutputSize, 1, dictStart, dictSize); -} - -int LZ4_decompress_fast_usingDict(const char* source, char* dest, int originalSize, const char* dictStart, int dictSize) -{ - return LZ4_decompress_usingDict_generic(source, dest, 0, originalSize, 0, dictStart, dictSize); -} - -/* debug function */ -int LZ4_decompress_safe_forceExtDict(const char* source, char* dest, int compressedSize, int maxOutputSize, const char* dictStart, int dictSize) -{ - return LZ4_decompress_generic(source, dest, compressedSize, maxOutputSize, endOnInputSize, full, 0, usingExtDict, (BYTE*)dest, (const BYTE*)dictStart, dictSize); -} - - -/*************************************************** -* Obsolete Functions -***************************************************/ -/* obsolete compression functions */ -int LZ4_compress_limitedOutput(const char* source, char* dest, int inputSize, int maxOutputSize) { return LZ4_compress_default(source, dest, inputSize, maxOutputSize); } -int LZ4_compress(const char* source, char* dest, int inputSize) { return LZ4_compress_default(source, dest, inputSize, LZ4_compressBound(inputSize)); } -int LZ4_compress_limitedOutput_withState (void* state, const char* src, char* dst, int srcSize, int dstSize) { return LZ4_compress_fast_extState(state, src, dst, srcSize, dstSize, 1); } -int LZ4_compress_withState (void* state, const char* src, char* dst, int srcSize) { return LZ4_compress_fast_extState(state, src, dst, srcSize, LZ4_compressBound(srcSize), 1); } -int LZ4_compress_limitedOutput_continue (LZ4_stream_t* LZ4_stream, const char* src, char* dst, int srcSize, int maxDstSize) { return LZ4_compress_fast_continue(LZ4_stream, src, dst, srcSize, maxDstSize, 1); } -int LZ4_compress_continue (LZ4_stream_t* LZ4_stream, const char* source, char* dest, int inputSize) { return LZ4_compress_fast_continue(LZ4_stream, source, dest, inputSize, LZ4_compressBound(inputSize), 1); } - -/* -These function names are deprecated and should no longer be used. -They are only provided here for compatibility with older user programs. -- LZ4_uncompress is totally equivalent to LZ4_decompress_fast -- LZ4_uncompress_unknownOutputSize is totally equivalent to LZ4_decompress_safe -*/ -int LZ4_uncompress (const char* source, char* dest, int outputSize) { return LZ4_decompress_fast(source, dest, outputSize); } -int LZ4_uncompress_unknownOutputSize (const char* source, char* dest, int isize, int maxOutputSize) { return LZ4_decompress_safe(source, dest, isize, maxOutputSize); } - - -/* Obsolete Streaming functions */ - -int LZ4_sizeofStreamState() { return LZ4_STREAMSIZE; } - -static void LZ4_init(LZ4_stream_t_internal* lz4ds, BYTE* base) -{ - MEM_INIT(lz4ds, 0, LZ4_STREAMSIZE); - lz4ds->bufferStart = base; -} - -int LZ4_resetStreamState(void* state, char* inputBuffer) -{ - if ((((size_t)state) & 3) != 0) return 1; /* Error : pointer is not aligned on 4-bytes boundary */ - LZ4_init((LZ4_stream_t_internal*)state, (BYTE*)inputBuffer); - return 0; -} - -void* LZ4_create (char* inputBuffer) -{ - void* lz4ds = ALLOCATOR(8, LZ4_STREAMSIZE_U64); - LZ4_init ((LZ4_stream_t_internal*)lz4ds, (BYTE*)inputBuffer); - return lz4ds; -} - -char* LZ4_slideInputBuffer (void* LZ4_Data) -{ - LZ4_stream_t_internal* ctx = (LZ4_stream_t_internal*)LZ4_Data; - int dictSize = LZ4_saveDict((LZ4_stream_t*)LZ4_Data, (char*)ctx->bufferStart, 64 KB); - return (char*)(ctx->bufferStart + dictSize); -} - -/* Obsolete streaming decompression functions */ - -int LZ4_decompress_safe_withPrefix64k(const char* source, char* dest, int compressedSize, int maxOutputSize) -{ - return LZ4_decompress_generic(source, dest, compressedSize, maxOutputSize, endOnInputSize, full, 0, withPrefix64k, (BYTE*)dest - 64 KB, NULL, 64 KB); -} - -int LZ4_decompress_fast_withPrefix64k(const char* source, char* dest, int originalSize) -{ - return LZ4_decompress_generic(source, dest, 0, originalSize, endOnOutputSize, full, 0, withPrefix64k, (BYTE*)dest - 64 KB, NULL, 64 KB); -} - -#endif /* LZ4_COMMONDEFS_ONLY */ - diff --git a/ext/lz4/lz4.h b/ext/lz4/lz4.h deleted file mode 100644 index 3e740022..00000000 --- a/ext/lz4/lz4.h +++ /dev/null @@ -1,360 +0,0 @@ -/* - LZ4 - Fast LZ compression algorithm - Header File - Copyright (C) 2011-2015, Yann Collet. - - BSD 2-Clause License (http://www.opensource.org/licenses/bsd-license.php) - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are - met: - - * Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following disclaimer - in the documentation and/or other materials provided with the - distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR - A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT - OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT - LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - You can contact the author at : - - LZ4 source repository : https://github.com/Cyan4973/lz4 - - LZ4 public forum : https://groups.google.com/forum/#!forum/lz4c -*/ -#pragma once - -#if defined (__cplusplus) -extern "C" { -#endif - -/* - * lz4.h provides block compression functions, and gives full buffer control to programmer. - * If you need to generate inter-operable compressed data (respecting LZ4 frame specification), - * and can let the library handle its own memory, please use lz4frame.h instead. -*/ - -/************************************** -* Version -**************************************/ -#define LZ4_VERSION_MAJOR 1 /* for breaking interface changes */ -#define LZ4_VERSION_MINOR 7 /* for new (non-breaking) interface capabilities */ -#define LZ4_VERSION_RELEASE 1 /* for tweaks, bug-fixes, or development */ -#define LZ4_VERSION_NUMBER (LZ4_VERSION_MAJOR *100*100 + LZ4_VERSION_MINOR *100 + LZ4_VERSION_RELEASE) -int LZ4_versionNumber (void); - -/************************************** -* Tuning parameter -**************************************/ -/* - * LZ4_MEMORY_USAGE : - * Memory usage formula : N->2^N Bytes (examples : 10 -> 1KB; 12 -> 4KB ; 16 -> 64KB; 20 -> 1MB; etc.) - * Increasing memory usage improves compression ratio - * Reduced memory usage can improve speed, due to cache effect - * Default value is 14, for 16KB, which nicely fits into Intel x86 L1 cache - */ -#define LZ4_MEMORY_USAGE 14 - - -/************************************** -* Simple Functions -**************************************/ - -int LZ4_compress_default(const char* source, char* dest, int sourceSize, int maxDestSize); -int LZ4_decompress_safe (const char* source, char* dest, int compressedSize, int maxDecompressedSize); - -/* -LZ4_compress_default() : - Compresses 'sourceSize' bytes from buffer 'source' - into already allocated 'dest' buffer of size 'maxDestSize'. - Compression is guaranteed to succeed if 'maxDestSize' >= LZ4_compressBound(sourceSize). - It also runs faster, so it's a recommended setting. - If the function cannot compress 'source' into a more limited 'dest' budget, - compression stops *immediately*, and the function result is zero. - As a consequence, 'dest' content is not valid. - This function never writes outside 'dest' buffer, nor read outside 'source' buffer. - sourceSize : Max supported value is LZ4_MAX_INPUT_VALUE - maxDestSize : full or partial size of buffer 'dest' (which must be already allocated) - return : the number of bytes written into buffer 'dest' (necessarily <= maxOutputSize) - or 0 if compression fails - -LZ4_decompress_safe() : - compressedSize : is the precise full size of the compressed block. - maxDecompressedSize : is the size of destination buffer, which must be already allocated. - return : the number of bytes decompressed into destination buffer (necessarily <= maxDecompressedSize) - If destination buffer is not large enough, decoding will stop and output an error code (<0). - If the source stream is detected malformed, the function will stop decoding and return a negative result. - This function is protected against buffer overflow exploits, including malicious data packets. - It never writes outside output buffer, nor reads outside input buffer. -*/ - - -/************************************** -* Advanced Functions -**************************************/ -#define LZ4_MAX_INPUT_SIZE 0x7E000000 /* 2 113 929 216 bytes */ -#define LZ4_COMPRESSBOUND(isize) ((unsigned)(isize) > (unsigned)LZ4_MAX_INPUT_SIZE ? 0 : (isize) + ((isize)/255) + 16) - -/* -LZ4_compressBound() : - Provides the maximum size that LZ4 compression may output in a "worst case" scenario (input data not compressible) - This function is primarily useful for memory allocation purposes (destination buffer size). - Macro LZ4_COMPRESSBOUND() is also provided for compilation-time evaluation (stack memory allocation for example). - Note that LZ4_compress_default() compress faster when dest buffer size is >= LZ4_compressBound(srcSize) - inputSize : max supported value is LZ4_MAX_INPUT_SIZE - return : maximum output size in a "worst case" scenario - or 0, if input size is too large ( > LZ4_MAX_INPUT_SIZE) -*/ -int LZ4_compressBound(int inputSize); - -/* -LZ4_compress_fast() : - Same as LZ4_compress_default(), but allows to select an "acceleration" factor. - The larger the acceleration value, the faster the algorithm, but also the lesser the compression. - It's a trade-off. It can be fine tuned, with each successive value providing roughly +~3% to speed. - An acceleration value of "1" is the same as regular LZ4_compress_default() - Values <= 0 will be replaced by ACCELERATION_DEFAULT (see lz4.c), which is 1. -*/ -int LZ4_compress_fast (const char* source, char* dest, int sourceSize, int maxDestSize, int acceleration); - - -/* -LZ4_compress_fast_extState() : - Same compression function, just using an externally allocated memory space to store compression state. - Use LZ4_sizeofState() to know how much memory must be allocated, - and allocate it on 8-bytes boundaries (using malloc() typically). - Then, provide it as 'void* state' to compression function. -*/ -int LZ4_sizeofState(void); -int LZ4_compress_fast_extState (void* state, const char* source, char* dest, int inputSize, int maxDestSize, int acceleration); - - -/* -LZ4_compress_destSize() : - Reverse the logic, by compressing as much data as possible from 'source' buffer - into already allocated buffer 'dest' of size 'targetDestSize'. - This function either compresses the entire 'source' content into 'dest' if it's large enough, - or fill 'dest' buffer completely with as much data as possible from 'source'. - *sourceSizePtr : will be modified to indicate how many bytes where read from 'source' to fill 'dest'. - New value is necessarily <= old value. - return : Nb bytes written into 'dest' (necessarily <= targetDestSize) - or 0 if compression fails -*/ -int LZ4_compress_destSize (const char* source, char* dest, int* sourceSizePtr, int targetDestSize); - - -/* -LZ4_decompress_fast() : - originalSize : is the original and therefore uncompressed size - return : the number of bytes read from the source buffer (in other words, the compressed size) - If the source stream is detected malformed, the function will stop decoding and return a negative result. - Destination buffer must be already allocated. Its size must be a minimum of 'originalSize' bytes. - note : This function fully respect memory boundaries for properly formed compressed data. - It is a bit faster than LZ4_decompress_safe(). - However, it does not provide any protection against intentionally modified data stream (malicious input). - Use this function in trusted environment only (data to decode comes from a trusted source). -*/ -int LZ4_decompress_fast (const char* source, char* dest, int originalSize); - -/* -LZ4_decompress_safe_partial() : - This function decompress a compressed block of size 'compressedSize' at position 'source' - into destination buffer 'dest' of size 'maxDecompressedSize'. - The function tries to stop decompressing operation as soon as 'targetOutputSize' has been reached, - reducing decompression time. - return : the number of bytes decoded in the destination buffer (necessarily <= maxDecompressedSize) - Note : this number can be < 'targetOutputSize' should the compressed block to decode be smaller. - Always control how many bytes were decoded. - If the source stream is detected malformed, the function will stop decoding and return a negative result. - This function never writes outside of output buffer, and never reads outside of input buffer. It is therefore protected against malicious data packets -*/ -int LZ4_decompress_safe_partial (const char* source, char* dest, int compressedSize, int targetOutputSize, int maxDecompressedSize); - - -/*********************************************** -* Streaming Compression Functions -***********************************************/ -#define LZ4_STREAMSIZE_U64 ((1 << (LZ4_MEMORY_USAGE-3)) + 4) -#define LZ4_STREAMSIZE (LZ4_STREAMSIZE_U64 * sizeof(long long)) -/* - * LZ4_stream_t - * information structure to track an LZ4 stream. - * important : init this structure content before first use ! - * note : only allocated directly the structure if you are statically linking LZ4 - * If you are using liblz4 as a DLL, please use below construction methods instead. - */ -typedef struct { long long table[LZ4_STREAMSIZE_U64]; } LZ4_stream_t; - -/* - * LZ4_resetStream - * Use this function to init an allocated LZ4_stream_t structure - */ -void LZ4_resetStream (LZ4_stream_t* streamPtr); - -/* - * LZ4_createStream will allocate and initialize an LZ4_stream_t structure - * LZ4_freeStream releases its memory. - * In the context of a DLL (liblz4), please use these methods rather than the static struct. - * They are more future proof, in case of a change of LZ4_stream_t size. - */ -LZ4_stream_t* LZ4_createStream(void); -int LZ4_freeStream (LZ4_stream_t* streamPtr); - -/* - * LZ4_loadDict - * Use this function to load a static dictionary into LZ4_stream. - * Any previous data will be forgotten, only 'dictionary' will remain in memory. - * Loading a size of 0 is allowed. - * Return : dictionary size, in bytes (necessarily <= 64 KB) - */ -int LZ4_loadDict (LZ4_stream_t* streamPtr, const char* dictionary, int dictSize); - -/* - * LZ4_compress_fast_continue - * Compress buffer content 'src', using data from previously compressed blocks as dictionary to improve compression ratio. - * Important : Previous data blocks are assumed to still be present and unmodified ! - * 'dst' buffer must be already allocated. - * If maxDstSize >= LZ4_compressBound(srcSize), compression is guaranteed to succeed, and runs faster. - * If not, and if compressed data cannot fit into 'dst' buffer size, compression stops, and function returns a zero. - */ -int LZ4_compress_fast_continue (LZ4_stream_t* streamPtr, const char* src, char* dst, int srcSize, int maxDstSize, int acceleration); - -/* - * LZ4_saveDict - * If previously compressed data block is not guaranteed to remain available at its memory location - * save it into a safer place (char* safeBuffer) - * Note : you don't need to call LZ4_loadDict() afterwards, - * dictionary is immediately usable, you can therefore call LZ4_compress_fast_continue() - * Return : saved dictionary size in bytes (necessarily <= dictSize), or 0 if error - */ -int LZ4_saveDict (LZ4_stream_t* streamPtr, char* safeBuffer, int dictSize); - - -/************************************************ -* Streaming Decompression Functions -************************************************/ - -#define LZ4_STREAMDECODESIZE_U64 4 -#define LZ4_STREAMDECODESIZE (LZ4_STREAMDECODESIZE_U64 * sizeof(unsigned long long)) -typedef struct { unsigned long long table[LZ4_STREAMDECODESIZE_U64]; } LZ4_streamDecode_t; -/* - * LZ4_streamDecode_t - * information structure to track an LZ4 stream. - * init this structure content using LZ4_setStreamDecode or memset() before first use ! - * - * In the context of a DLL (liblz4) please prefer usage of construction methods below. - * They are more future proof, in case of a change of LZ4_streamDecode_t size in the future. - * LZ4_createStreamDecode will allocate and initialize an LZ4_streamDecode_t structure - * LZ4_freeStreamDecode releases its memory. - */ -LZ4_streamDecode_t* LZ4_createStreamDecode(void); -int LZ4_freeStreamDecode (LZ4_streamDecode_t* LZ4_stream); - -/* - * LZ4_setStreamDecode - * Use this function to instruct where to find the dictionary. - * Setting a size of 0 is allowed (same effect as reset). - * Return : 1 if OK, 0 if error - */ -int LZ4_setStreamDecode (LZ4_streamDecode_t* LZ4_streamDecode, const char* dictionary, int dictSize); - -/* -*_continue() : - These decoding functions allow decompression of multiple blocks in "streaming" mode. - Previously decoded blocks *must* remain available at the memory position where they were decoded (up to 64 KB) - In the case of a ring buffers, decoding buffer must be either : - - Exactly same size as encoding buffer, with same update rule (block boundaries at same positions) - In which case, the decoding & encoding ring buffer can have any size, including very small ones ( < 64 KB). - - Larger than encoding buffer, by a minimum of maxBlockSize more bytes. - maxBlockSize is implementation dependent. It's the maximum size you intend to compress into a single block. - In which case, encoding and decoding buffers do not need to be synchronized, - and encoding ring buffer can have any size, including small ones ( < 64 KB). - - _At least_ 64 KB + 8 bytes + maxBlockSize. - In which case, encoding and decoding buffers do not need to be synchronized, - and encoding ring buffer can have any size, including larger than decoding buffer. - Whenever these conditions are not possible, save the last 64KB of decoded data into a safe buffer, - and indicate where it is saved using LZ4_setStreamDecode() -*/ -int LZ4_decompress_safe_continue (LZ4_streamDecode_t* LZ4_streamDecode, const char* source, char* dest, int compressedSize, int maxDecompressedSize); -int LZ4_decompress_fast_continue (LZ4_streamDecode_t* LZ4_streamDecode, const char* source, char* dest, int originalSize); - - -/* -Advanced decoding functions : -*_usingDict() : - These decoding functions work the same as - a combination of LZ4_setStreamDecode() followed by LZ4_decompress_x_continue() - They are stand-alone. They don't need nor update an LZ4_streamDecode_t structure. -*/ -int LZ4_decompress_safe_usingDict (const char* source, char* dest, int compressedSize, int maxDecompressedSize, const char* dictStart, int dictSize); -int LZ4_decompress_fast_usingDict (const char* source, char* dest, int originalSize, const char* dictStart, int dictSize); - - - -/************************************** -* Obsolete Functions -**************************************/ -/* Deprecate Warnings */ -/* Should these warnings messages be a problem, - it is generally possible to disable them, - with -Wno-deprecated-declarations for gcc - or _CRT_SECURE_NO_WARNINGS in Visual for example. - You can also define LZ4_DEPRECATE_WARNING_DEFBLOCK. */ -#ifndef LZ4_DEPRECATE_WARNING_DEFBLOCK -# define LZ4_DEPRECATE_WARNING_DEFBLOCK -# define LZ4_GCC_VERSION (__GNUC__ * 100 + __GNUC_MINOR__) -# if (LZ4_GCC_VERSION >= 405) || defined(__clang__) -# define LZ4_DEPRECATED(message) __attribute__((deprecated(message))) -# elif (LZ4_GCC_VERSION >= 301) -# define LZ4_DEPRECATED(message) __attribute__((deprecated)) -# elif defined(_MSC_VER) -# define LZ4_DEPRECATED(message) __declspec(deprecated(message)) -# else -# pragma message("WARNING: You need to implement LZ4_DEPRECATED for this compiler") -# define LZ4_DEPRECATED(message) -# endif -#endif /* LZ4_DEPRECATE_WARNING_DEFBLOCK */ - -/* Obsolete compression functions */ -/* These functions are planned to start generate warnings by r131 approximately */ -int LZ4_compress (const char* source, char* dest, int sourceSize); -int LZ4_compress_limitedOutput (const char* source, char* dest, int sourceSize, int maxOutputSize); -int LZ4_compress_withState (void* state, const char* source, char* dest, int inputSize); -int LZ4_compress_limitedOutput_withState (void* state, const char* source, char* dest, int inputSize, int maxOutputSize); -int LZ4_compress_continue (LZ4_stream_t* LZ4_streamPtr, const char* source, char* dest, int inputSize); -int LZ4_compress_limitedOutput_continue (LZ4_stream_t* LZ4_streamPtr, const char* source, char* dest, int inputSize, int maxOutputSize); - -/* Obsolete decompression functions */ -/* These function names are completely deprecated and must no longer be used. - They are only provided here for compatibility with older programs. - - LZ4_uncompress is the same as LZ4_decompress_fast - - LZ4_uncompress_unknownOutputSize is the same as LZ4_decompress_safe - These function prototypes are now disabled; uncomment them only if you really need them. - It is highly recommended to stop using these prototypes and migrate to maintained ones */ -/* int LZ4_uncompress (const char* source, char* dest, int outputSize); */ -/* int LZ4_uncompress_unknownOutputSize (const char* source, char* dest, int isize, int maxOutputSize); */ - -/* Obsolete streaming functions; use new streaming interface whenever possible */ -LZ4_DEPRECATED("use LZ4_createStream() instead") void* LZ4_create (char* inputBuffer); -LZ4_DEPRECATED("use LZ4_createStream() instead") int LZ4_sizeofStreamState(void); -LZ4_DEPRECATED("use LZ4_resetStream() instead") int LZ4_resetStreamState(void* state, char* inputBuffer); -LZ4_DEPRECATED("use LZ4_saveDict() instead") char* LZ4_slideInputBuffer (void* state); - -/* Obsolete streaming decoding functions */ -LZ4_DEPRECATED("use LZ4_decompress_safe_usingDict() instead") int LZ4_decompress_safe_withPrefix64k (const char* src, char* dst, int compressedSize, int maxDstSize); -LZ4_DEPRECATED("use LZ4_decompress_fast_usingDict() instead") int LZ4_decompress_fast_withPrefix64k (const char* src, char* dst, int originalSize); - - -#if defined (__cplusplus) -} -#endif diff --git a/ext/miniupnpc/connecthostport.c b/ext/miniupnpc/connecthostport.c index 854203e0..c12d7bdd 100644 --- a/ext/miniupnpc/connecthostport.c +++ b/ext/miniupnpc/connecthostport.c @@ -1,12 +1,10 @@ -/* $Id: connecthostport.c,v 1.15 2015/10/09 16:26:19 nanard Exp $ */ +/* $Id: connecthostport.c,v 1.16 2016/12/16 08:57:53 nanard Exp $ */ /* Project : miniupnp * Author : Thomas Bernard - * Copyright (c) 2010-2015 Thomas Bernard + * Copyright (c) 2010-2016 Thomas Bernard * This software is subject to the conditions detailed in the * LICENCE file provided in this distribution. */ -#define _CRT_SECURE_NO_WARNINGS - /* use getaddrinfo() or gethostbyname() * uncomment the following line in order to use gethostbyname() */ #ifdef NO_GETADDRINFO @@ -102,13 +100,13 @@ int connecthostport(const char * host, unsigned short port, timeout.tv_usec = 0; if(setsockopt(s, SOL_SOCKET, SO_RCVTIMEO, &timeout, sizeof(struct timeval)) < 0) { - PRINT_SOCKET_ERROR("setsockopt"); + PRINT_SOCKET_ERROR("setsockopt SO_RCVTIMEO"); } timeout.tv_sec = 3; timeout.tv_usec = 0; if(setsockopt(s, SOL_SOCKET, SO_SNDTIMEO, &timeout, sizeof(struct timeval)) < 0) { - PRINT_SOCKET_ERROR("setsockopt"); + PRINT_SOCKET_ERROR("setsockopt SO_SNDTIMEO"); } #endif /* #ifdef MINIUPNPC_SET_SOCKET_TIMEOUT */ dest.sin_family = AF_INET; diff --git a/ext/miniupnpc/minihttptestserver.c b/ext/miniupnpc/minihttptestserver.c index 6663bc08..d95dd7c9 100644 --- a/ext/miniupnpc/minihttptestserver.c +++ b/ext/miniupnpc/minihttptestserver.c @@ -1,7 +1,7 @@ -/* $Id: minihttptestserver.c,v 1.19 2015/11/17 09:07:17 nanard Exp $ */ +/* $Id: minihttptestserver.c,v 1.20 2016/12/16 08:54:55 nanard Exp $ */ /* Project : miniUPnP * Author : Thomas Bernard - * Copyright (c) 2011-2015 Thomas Bernard + * Copyright (c) 2011-2016 Thomas Bernard * This software is subject to the conditions detailed in the * LICENCE file provided in this distribution. * */ @@ -611,7 +611,7 @@ int main(int argc, char * * argv) { if(pid < 0) { perror("wait"); } else { - printf("child(%d) terminated with status %d\n", pid, status); + printf("child(%d) terminated with status %d\n", (int)pid, status); } --child_to_wait_for; } @@ -648,7 +648,7 @@ int main(int argc, char * * argv) { if(pid < 0) { perror("wait"); } else { - printf("child(%d) terminated with status %d\n", pid, status); + printf("child(%d) terminated with status %d\n", (int)pid, status); } --child_to_wait_for; } diff --git a/ext/miniupnpc/minisoap.c b/ext/miniupnpc/minisoap.c index e2efd8f8..7aa0213e 100644 --- a/ext/miniupnpc/minisoap.c +++ b/ext/miniupnpc/minisoap.c @@ -1,4 +1,3 @@ -#define _CRT_SECURE_NO_WARNINGS /* $Id: minisoap.c,v 1.24 2015/10/26 17:05:07 nanard Exp $ */ /* Project : miniupnp * Author : Thomas Bernard @@ -20,6 +19,7 @@ #include <sys/socket.h> #endif #include "minisoap.h" + #ifdef _WIN32 #define OS_STRING "Win32" #define MINIUPNPC_VERSION_STRING "2.0" @@ -124,3 +124,5 @@ int soapPostSubmit(int fd, #endif return httpWrite(fd, body, bodysize, headerbuf, headerssize); } + + diff --git a/ext/miniupnpc/minissdpc.c b/ext/miniupnpc/minissdpc.c index 0f7271e2..06b11e80 100644 --- a/ext/miniupnpc/minissdpc.c +++ b/ext/miniupnpc/minissdpc.c @@ -1,11 +1,9 @@ -#define _CRT_SECURE_NO_WARNINGS - -/* $Id: minissdpc.c,v 1.31 2016/01/19 09:56:46 nanard Exp $ */ +/* $Id: minissdpc.c,v 1.33 2016/12/16 08:57:20 nanard Exp $ */ /* vim: tabstop=4 shiftwidth=4 noexpandtab * Project : miniupnp * Web : http://miniupnp.free.fr/ * Author : Thomas BERNARD - * copyright (c) 2005-2015 Thomas Bernard + * copyright (c) 2005-2016 Thomas Bernard * This software is subjet to the conditions detailed in the * provided LICENCE file. */ /*#include <syslog.h>*/ @@ -13,6 +11,9 @@ #include <string.h> #include <stdlib.h> #include <sys/types.h> +#if defined (__NetBSD__) +#include <net/if.h> +#endif #if defined(_WIN32) || defined(__amigaos__) || defined(__amigaos4__) #ifdef _WIN32 #include <winsock2.h> @@ -72,6 +73,9 @@ struct sockaddr_un { #if !defined(HAS_IP_MREQN) && !defined(_WIN32) #include <sys/ioctl.h> +#if defined(__sun) +#include <sys/sockio.h> +#endif #endif #if defined(HAS_IP_MREQN) && defined(NEED_STRUCT_IP_MREQN) @@ -168,7 +172,7 @@ connectToMiniSSDPD(const char * socketpath) { int s; struct sockaddr_un addr; -#ifdef MINIUPNPC_SET_SOCKET_TIMEOUT +#if defined(MINIUPNPC_SET_SOCKET_TIMEOUT) && !defined(__sun) struct timeval timeout; #endif /* #ifdef MINIUPNPC_SET_SOCKET_TIMEOUT */ @@ -179,19 +183,20 @@ connectToMiniSSDPD(const char * socketpath) perror("socket(unix)"); return MINISSDPC_SOCKET_ERROR; } -#ifdef MINIUPNPC_SET_SOCKET_TIMEOUT +#if defined(MINIUPNPC_SET_SOCKET_TIMEOUT) && !defined(__sun) /* setting a 3 seconds timeout */ + /* not supported for AF_UNIX sockets under Solaris */ timeout.tv_sec = 3; timeout.tv_usec = 0; if(setsockopt(s, SOL_SOCKET, SO_RCVTIMEO, &timeout, sizeof(struct timeval)) < 0) { - perror("setsockopt"); + perror("setsockopt SO_RCVTIMEO unix"); } timeout.tv_sec = 3; timeout.tv_usec = 0; if(setsockopt(s, SOL_SOCKET, SO_SNDTIMEO, &timeout, sizeof(struct timeval)) < 0) { - perror("setsockopt"); + perror("setsockopt SO_SNDTIMEO unix"); } #endif /* #ifdef MINIUPNPC_SET_SOCKET_TIMEOUT */ if(!socketpath) @@ -627,7 +632,7 @@ ssdpDiscoverDevices(const char * const deviceTypes[], unsigned int ifindex = if_nametoindex(multicastif); /* eth0, etc. */ if(setsockopt(sudp, IPPROTO_IPV6, IPV6_MULTICAST_IF, &ifindex, sizeof(ifindex)) < 0) { - PRINT_SOCKET_ERROR("setsockopt"); + PRINT_SOCKET_ERROR("setsockopt IPV6_MULTICAST_IF"); } #else #ifdef DEBUG @@ -642,7 +647,7 @@ ssdpDiscoverDevices(const char * const deviceTypes[], ((struct sockaddr_in *)&sockudp_r)->sin_addr.s_addr = mc_if.s_addr; if(setsockopt(sudp, IPPROTO_IP, IP_MULTICAST_IF, (const char *)&mc_if, sizeof(mc_if)) < 0) { - PRINT_SOCKET_ERROR("setsockopt"); + PRINT_SOCKET_ERROR("setsockopt IP_MULTICAST_IF"); } } else { #ifdef HAS_IP_MREQN @@ -652,7 +657,7 @@ ssdpDiscoverDevices(const char * const deviceTypes[], reqn.imr_ifindex = if_nametoindex(multicastif); if(setsockopt(sudp, IPPROTO_IP, IP_MULTICAST_IF, (const char *)&reqn, sizeof(reqn)) < 0) { - PRINT_SOCKET_ERROR("setsockopt"); + PRINT_SOCKET_ERROR("setsockopt IP_MULTICAST_IF"); } #elif !defined(_WIN32) struct ifreq ifr; @@ -666,7 +671,7 @@ ssdpDiscoverDevices(const char * const deviceTypes[], mc_if.s_addr = ((struct sockaddr_in *)&ifr.ifr_addr)->sin_addr.s_addr; if(setsockopt(sudp, IPPROTO_IP, IP_MULTICAST_IF, (const char *)&mc_if, sizeof(mc_if)) < 0) { - PRINT_SOCKET_ERROR("setsockopt"); + PRINT_SOCKET_ERROR("setsockopt IP_MULTICAST_IF"); } #else /* _WIN32 */ #ifdef DEBUG diff --git a/ext/miniupnpc/miniupnpc.c b/ext/miniupnpc/miniupnpc.c index 68d562fa..2dc5c95c 100644 --- a/ext/miniupnpc/miniupnpc.c +++ b/ext/miniupnpc/miniupnpc.c @@ -1,5 +1,3 @@ -#define _CRT_SECURE_NO_WARNINGS - /* $Id: miniupnpc.c,v 1.149 2016/02/09 09:50:46 nanard Exp $ */ /* vim: tabstop=4 shiftwidth=4 noexpandtab * Project : miniupnp diff --git a/ext/miniupnpc/miniupnpc.h b/ext/miniupnpc/miniupnpc.h index 0b5b4732..4cc45f73 100644 --- a/ext/miniupnpc/miniupnpc.h +++ b/ext/miniupnpc/miniupnpc.h @@ -19,7 +19,7 @@ #define UPNPDISCOVER_MEMORY_ERROR (-102) /* versions : */ -#define MINIUPNPC_VERSION "2.0" +#define MINIUPNPC_VERSION "2.0.20161216" #define MINIUPNPC_API_VERSION 16 /* Source port: diff --git a/ext/miniupnpc/miniwget.c b/ext/miniupnpc/miniwget.c index 1af106d0..93c8aa6b 100644 --- a/ext/miniupnpc/miniwget.c +++ b/ext/miniupnpc/miniwget.c @@ -1,6 +1,4 @@ -#define _CRT_SECURE_NO_WARNINGS - -/* $Id: miniwget.c,v 1.75 2016/01/24 17:24:36 nanard Exp $ */ +/* $Id: miniwget.c,v 1.76 2016/12/16 08:54:04 nanard Exp $ */ /* Project : miniupnp * Website : http://miniupnp.free.fr/ * Author : Thomas Bernard @@ -50,6 +48,7 @@ #define MIN(x,y) (((x)<(y))?(x):(y)) #endif /* MIN */ + #ifdef _WIN32 #define OS_STRING "Win32" #define MINIUPNPC_VERSION_STRING "2.0" @@ -89,8 +88,10 @@ getHTTPResponse(int s, int * size, int * status_code) unsigned int content_buf_used = 0; char chunksize_buf[32]; unsigned int chunksize_buf_index; +#ifdef DEBUG char * reason_phrase = NULL; int reason_phrase_len = 0; +#endif if(status_code) *status_code = -1; header_buf = malloc(header_buf_len); @@ -187,8 +188,10 @@ getHTTPResponse(int s, int * size, int * status_code) *status_code = atoi(header_buf + sp + 1); else { +#ifdef DEBUG reason_phrase = header_buf + sp + 1; reason_phrase_len = i - sp - 1; +#endif break; } } diff --git a/ext/miniupnpc/minixml.c b/ext/miniupnpc/minixml.c index 5c79b3c9..3e201ec2 100644 --- a/ext/miniupnpc/minixml.c +++ b/ext/miniupnpc/minixml.c @@ -1,4 +1,3 @@ -#define _CRT_SECURE_NO_WARNINGS /* $Id: minixml.c,v 1.11 2014/02/03 15:54:12 nanard Exp $ */ /* minixml.c : the minimum size a xml parser can be ! */ /* Project : miniupnp diff --git a/ext/miniupnpc/minixmlvalid.c b/ext/miniupnpc/minixmlvalid.c index a86beba8..dad14881 100644 --- a/ext/miniupnpc/minixmlvalid.c +++ b/ext/miniupnpc/minixmlvalid.c @@ -1,4 +1,3 @@ -#define _CRT_SECURE_NO_WARNINGS /* $Id: minixmlvalid.c,v 1.7 2015/07/15 12:41:15 nanard Exp $ */ /* MiniUPnP Project * http://miniupnp.tuxfamily.org/ or http://miniupnp.free.fr/ diff --git a/ext/miniupnpc/portlistingparse.c b/ext/miniupnpc/portlistingparse.c index 0e092780..d1954f59 100644 --- a/ext/miniupnpc/portlistingparse.c +++ b/ext/miniupnpc/portlistingparse.c @@ -1,7 +1,7 @@ -/* $Id: portlistingparse.c,v 1.9 2015/07/15 12:41:13 nanard Exp $ */ +/* $Id: portlistingparse.c,v 1.10 2016/12/16 08:53:21 nanard Exp $ */ /* MiniUPnP project * http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/ - * (c) 2011-2015 Thomas Bernard + * (c) 2011-2016 Thomas Bernard * This software is subject to the conditions detailed * in the LICENCE file provided within the distribution */ #include <string.h> @@ -55,7 +55,7 @@ startelt(void * d, const char * name, int l) pdata->curelt = PortMappingEltNone; for(i = 0; elements[i].str; i++) { - if(memcmp(name, elements[i].str, l) == 0) + if(strlen(elements[i].str) == (size_t)l && memcmp(name, elements[i].str, l) == 0) { pdata->curelt = elements[i].code; break; diff --git a/ext/miniupnpc/upnpc.c b/ext/miniupnpc/upnpc.c index 94f131c8..8e7edadd 100644 --- a/ext/miniupnpc/upnpc.c +++ b/ext/miniupnpc/upnpc.c @@ -1,4 +1,4 @@ -/* $Id: upnpc.c,v 1.114 2016/01/22 15:04:23 nanard Exp $ */ +/* $Id: upnpc.c,v 1.115 2016/10/07 09:04:01 nanard Exp $ */ /* Project : miniupnp * Author : Thomas Bernard * Copyright (c) 2005-2016 Thomas Bernard @@ -242,7 +242,7 @@ static void NewListRedirections(struct UPNPUrls * urls, * 2 - get extenal ip address * 3 - Add port mapping * 4 - get this port mapping from the IGD */ -static void SetRedirectAndTest(struct UPNPUrls * urls, +static int SetRedirectAndTest(struct UPNPUrls * urls, struct IGDdatas * data, const char * iaddr, const char * iport, @@ -262,13 +262,13 @@ static void SetRedirectAndTest(struct UPNPUrls * urls, if(!iaddr || !iport || !eport || !proto) { fprintf(stderr, "Wrong arguments\n"); - return; + return -1; } proto = protofix(proto); if(!proto) { fprintf(stderr, "invalid protocol\n"); - return; + return -1; } r = UPNP_GetExternalIPAddress(urls->controlURL, @@ -302,17 +302,19 @@ static void SetRedirectAndTest(struct UPNPUrls * urls, eport, proto, NULL/*remoteHost*/, intClient, intPort, NULL/*desc*/, NULL/*enabled*/, duration); - if(r!=UPNPCOMMAND_SUCCESS) + if(r!=UPNPCOMMAND_SUCCESS) { printf("GetSpecificPortMappingEntry() failed with code %d (%s)\n", r, strupnperror(r)); - else { + return -2; + } else { printf("InternalIP:Port = %s:%s\n", intClient, intPort); printf("external %s:%s %s is redirected to internal %s:%s (duration=%s)\n", externalIPAddress, eport, proto, intClient, intPort, duration); } + return 0; } -static void +static int RemoveRedirect(struct UPNPUrls * urls, struct IGDdatas * data, const char * eport, @@ -323,19 +325,25 @@ RemoveRedirect(struct UPNPUrls * urls, if(!proto || !eport) { fprintf(stderr, "invalid arguments\n"); - return; + return -1; } proto = protofix(proto); if(!proto) { fprintf(stderr, "protocol invalid\n"); - return; + return -1; } r = UPNP_DeletePortMapping(urls->controlURL, data->first.servicetype, eport, proto, remoteHost); - printf("UPNP_DeletePortMapping() returned : %d\n", r); + if(r!=UPNPCOMMAND_SUCCESS) { + printf("UPNP_DeletePortMapping() failed with code : %d\n", r); + return -2; + }else { + printf("UPNP_DeletePortMapping() returned : %d\n", r); + } + return 0; } -static void +static int RemoveRedirectRange(struct UPNPUrls * urls, struct IGDdatas * data, const char * ePortStart, char const * ePortEnd, @@ -349,16 +357,22 @@ RemoveRedirectRange(struct UPNPUrls * urls, if(!proto || !ePortStart || !ePortEnd) { fprintf(stderr, "invalid arguments\n"); - return; + return -1; } proto = protofix(proto); if(!proto) { fprintf(stderr, "protocol invalid\n"); - return; + return -1; } r = UPNP_DeletePortMappingRange(urls->controlURL, data->first.servicetype, ePortStart, ePortEnd, proto, manage); - printf("UPNP_DeletePortMappingRange() returned : %d\n", r); + if(r!=UPNPCOMMAND_SUCCESS) { + printf("UPNP_DeletePortMappingRange() failed with code : %d\n", r); + return -2; + }else { + printf("UPNP_DeletePortMappingRange() returned : %d\n", r); + } + return 0; } /* IGD:2, functions for service WANIPv6FirewallControl:1 */ @@ -711,29 +725,33 @@ int main(int argc, char ** argv) NewListRedirections(&urls, &data); break; case 'a': - SetRedirectAndTest(&urls, &data, + if (SetRedirectAndTest(&urls, &data, commandargv[0], commandargv[1], commandargv[2], commandargv[3], (commandargc > 4)?commandargv[4]:"0", - description, 0); + description, 0) < 0) + retcode = 2; break; case 'd': - RemoveRedirect(&urls, &data, commandargv[0], commandargv[1], - commandargc > 2 ? commandargv[2] : NULL); + if (RemoveRedirect(&urls, &data, commandargv[0], commandargv[1], + commandargc > 2 ? commandargv[2] : NULL) < 0) + retcode = 2; break; case 'n': /* aNy */ - SetRedirectAndTest(&urls, &data, + if (SetRedirectAndTest(&urls, &data, commandargv[0], commandargv[1], commandargv[2], commandargv[3], (commandargc > 4)?commandargv[4]:"0", - description, 1); + description, 1) < 0) + retcode = 2; break; case 'N': if (commandargc < 3) fprintf(stderr, "too few arguments\n"); - RemoveRedirectRange(&urls, &data, commandargv[0], commandargv[1], commandargv[2], - commandargc > 3 ? commandargv[3] : NULL); + if (RemoveRedirectRange(&urls, &data, commandargv[0], commandargv[1], commandargv[2], + commandargc > 3 ? commandargv[3] : NULL) < 0) + retcode = 2; break; case 's': GetConnectionStatus(&urls, &data); @@ -749,17 +767,19 @@ int main(int argc, char ** argv) break; } else if(is_int(commandargv[i+1])){ /* 2nd parameter is an integer : <port> <external_port> <protocol> */ - SetRedirectAndTest(&urls, &data, + if (SetRedirectAndTest(&urls, &data, lanaddr, commandargv[i], commandargv[i+1], commandargv[i+2], "0", - description, 0); + description, 0) < 0) + retcode = 2; i+=3; /* 3 parameters parsed */ } else { /* 2nd parameter not an integer : <port> <protocol> */ - SetRedirectAndTest(&urls, &data, + if (SetRedirectAndTest(&urls, &data, lanaddr, commandargv[i], commandargv[i], commandargv[i+1], "0", - description, 0); + description, 0) < 0) + retcode = 2; i+=2; /* 2 parameters parsed */ } } diff --git a/ext/miniupnpc/upnpcommands.c b/ext/miniupnpc/upnpcommands.c index 2b65651b..3988e499 100644 --- a/ext/miniupnpc/upnpcommands.c +++ b/ext/miniupnpc/upnpcommands.c @@ -1,5 +1,3 @@ -#define _CRT_SECURE_NO_WARNINGS - /* $Id: upnpcommands.c,v 1.47 2016/03/07 12:26:48 nanard Exp $ */ /* Project : miniupnp * Author : Thomas Bernard diff --git a/ext/miniupnpc/upnpreplyparse.c b/ext/miniupnpc/upnpreplyparse.c index 88d77a66..5de5796a 100644 --- a/ext/miniupnpc/upnpreplyparse.c +++ b/ext/miniupnpc/upnpreplyparse.c @@ -1,4 +1,3 @@ -#define _CRT_SECURE_NO_WARNINGS /* $Id: upnpreplyparse.c,v 1.19 2015/07/15 10:29:11 nanard Exp $ */ /* MiniUPnP project * http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/ diff --git a/include/ZeroTierOne.h b/include/ZeroTierOne.h index 8d7b0cd4..98413a21 100644 --- a/include/ZeroTierOne.h +++ b/include/ZeroTierOne.h @@ -137,6 +137,11 @@ extern "C" { #define ZT_MAX_CAPABILITY_RULES 64 /** + * Maximum number of certificates of ownership to assign to a single network member + */ +#define ZT_MAX_CERTIFICATES_OF_OWNERSHIP 4 + +/** * Global maximum length for capability chain of custody (including initial issue) */ #define ZT_MAX_CAPABILITY_CUSTODY_CHAIN_LENGTH 7 @@ -175,6 +180,11 @@ extern "C" { #define ZT_CLUSTER_MAX_MESSAGE_LENGTH (1500 - 48) /** + * Maximum value for link quality (min is 0) + */ +#define ZT_PATH_LINK_QUALITY_MAX 0xff + +/** * Packet characteristics flag: packet direction, 1 if inbound 0 if outbound */ #define ZT_RULE_PACKET_CHARACTERISTICS_INBOUND 0x8000000000000000ULL @@ -190,6 +200,16 @@ extern "C" { #define ZT_RULE_PACKET_CHARACTERISTICS_BROADCAST 0x2000000000000000ULL /** + * Packet characteristics flag: sending IP address has a certificate of ownership + */ +#define ZT_RULE_PACKET_CHARACTERISTICS_SENDER_IP_AUTHENTICATED 0x1000000000000000ULL + +/** + * Packet characteristics flag: sending MAC address has a certificate of ownership + */ +#define ZT_RULE_PACKET_CHARACTERISTICS_SENDER_MAC_AUTHENTICATED 0x0800000000000000ULL + +/** * Packet characteristics flag: TCP left-most reserved bit */ #define ZT_RULE_PACKET_CHARACTERISTICS_TCP_RESERVED_0 0x0000000000000800ULL @@ -393,28 +413,54 @@ enum ZT_Event * * Meta-data: C string, TRACE message */ - ZT_EVENT_TRACE = 5 + ZT_EVENT_TRACE = 5, + + /** + * VERB_USER_MESSAGE received + * + * These are generated when a VERB_USER_MESSAGE packet is received via + * ZeroTier VL1. + * + * Meta-data: ZT_UserMessage structure + */ + ZT_EVENT_USER_MESSAGE = 6 }; /** - * Current node status + * User message used with ZT_EVENT_USER_MESSAGE */ typedef struct { /** - * 40-bit ZeroTier address of this node + * ZeroTier address of sender (least significant 40 bits) */ - uint64_t address; + uint64_t origin; + + /** + * User message type ID + */ + uint64_t typeId; + + /** + * User message data (not including type ID) + */ + const void *data; /** - * Current world ID + * Length of data in bytes */ - uint64_t worldId; + unsigned int length; +} ZT_UserMessage; +/** + * Current node status + */ +typedef struct +{ /** - * Current world revision/timestamp + * 40-bit ZeroTier address of this node */ - uint64_t worldTimestamp; + uint64_t address; /** * Public identity in string-serialized form (safe to send to others) @@ -491,15 +537,15 @@ enum ZT_VirtualNetworkType /** * The type of a virtual network rules table entry * - * These must range from 0 to 127 (0x7f) because the most significant bit - * is reserved as a NOT flag. + * These must be from 0 to 63 since the most significant two bits of each + * rule type are NOT (MSB) and AND/OR. * * Each rule is composed of zero or more MATCHes followed by an ACTION. * An ACTION with no MATCHes is always taken. */ enum ZT_VirtualNetworkRuleType { - // 0 to 31 reserved for actions + // 0 to 15 reserved for actions /** * Drop frame @@ -527,146 +573,49 @@ enum ZT_VirtualNetworkRuleType ZT_NETWORK_RULE_ACTION_REDIRECT = 4, /** - * Log if match and if rule debugging is enabled in the build, otherwise does nothing (for developers) + * Stop evaluating rule set (drops unless there are capabilities, etc.) */ - ZT_NETWORK_RULE_ACTION_DEBUG_LOG = 5, + ZT_NETWORK_RULE_ACTION_BREAK = 5, /** * Maximum ID for an ACTION, anything higher is a MATCH */ - ZT_NETWORK_RULE_ACTION__MAX_ID = 31, - - // 32 to 127 reserved for match criteria - - /** - * Source ZeroTier address -- analogous to an Ethernet port ID on a switch - */ - ZT_NETWORK_RULE_MATCH_SOURCE_ZEROTIER_ADDRESS = 32, - - /** - * Destination ZeroTier address -- analogous to an Ethernet port ID on a switch - */ - ZT_NETWORK_RULE_MATCH_DEST_ZEROTIER_ADDRESS = 33, - - /** - * Ethernet VLAN ID - */ - ZT_NETWORK_RULE_MATCH_VLAN_ID = 34, - - /** - * Ethernet VLAN PCP - */ - ZT_NETWORK_RULE_MATCH_VLAN_PCP = 35, - - /** - * Ethernet VLAN DEI - */ - ZT_NETWORK_RULE_MATCH_VLAN_DEI = 36, - - /** - * Ethernet frame type - */ + ZT_NETWORK_RULE_ACTION__MAX_ID = 15, + + // 16 to 63 reserved for match criteria + + ZT_NETWORK_RULE_MATCH_SOURCE_ZEROTIER_ADDRESS = 24, + ZT_NETWORK_RULE_MATCH_DEST_ZEROTIER_ADDRESS = 25, + ZT_NETWORK_RULE_MATCH_VLAN_ID = 26, + ZT_NETWORK_RULE_MATCH_VLAN_PCP = 27, + ZT_NETWORK_RULE_MATCH_VLAN_DEI = 28, + ZT_NETWORK_RULE_MATCH_MAC_SOURCE = 29, + ZT_NETWORK_RULE_MATCH_MAC_DEST = 30, + ZT_NETWORK_RULE_MATCH_IPV4_SOURCE = 31, + ZT_NETWORK_RULE_MATCH_IPV4_DEST = 32, + ZT_NETWORK_RULE_MATCH_IPV6_SOURCE = 33, + ZT_NETWORK_RULE_MATCH_IPV6_DEST = 34, + ZT_NETWORK_RULE_MATCH_IP_TOS = 35, + ZT_NETWORK_RULE_MATCH_IP_PROTOCOL = 36, ZT_NETWORK_RULE_MATCH_ETHERTYPE = 37, - - /** - * Source Ethernet MAC address - */ - ZT_NETWORK_RULE_MATCH_MAC_SOURCE = 38, - - /** - * Destination Ethernet MAC address - */ - ZT_NETWORK_RULE_MATCH_MAC_DEST = 39, - - /** - * Source IPv4 address - */ - ZT_NETWORK_RULE_MATCH_IPV4_SOURCE = 40, - - /** - * Destination IPv4 address - */ - ZT_NETWORK_RULE_MATCH_IPV4_DEST = 41, - - /** - * Source IPv6 address - */ - ZT_NETWORK_RULE_MATCH_IPV6_SOURCE = 42, - - /** - * Destination IPv6 address - */ - ZT_NETWORK_RULE_MATCH_IPV6_DEST = 43, - - /** - * IP TOS (type of service) - */ - ZT_NETWORK_RULE_MATCH_IP_TOS = 44, - - /** - * IP protocol - */ - ZT_NETWORK_RULE_MATCH_IP_PROTOCOL = 45, - - /** - * ICMP type and possibly code (does not match if not ICMP) - */ - ZT_NETWORK_RULE_MATCH_ICMP = 46, - - /** - * IP source port range (start-end, inclusive) - */ - ZT_NETWORK_RULE_MATCH_IP_SOURCE_PORT_RANGE = 47, - - /** - * IP destination port range (start-end, inclusive) - */ - ZT_NETWORK_RULE_MATCH_IP_DEST_PORT_RANGE = 48, - - /** - * Packet characteristics (set of flags) - */ - ZT_NETWORK_RULE_MATCH_CHARACTERISTICS = 49, - - /** - * Frame size range (start-end, inclusive) - */ - ZT_NETWORK_RULE_MATCH_FRAME_SIZE_RANGE = 50, - - /** - * Random match with selectable probability - */ - ZT_NETWORK_RULE_MATCH_RANDOM = 51, - - /** - * Match if local and remote tags differ by no more than value, use 0 to check for equality - */ - ZT_NETWORK_RULE_MATCH_TAGS_DIFFERENCE = 52, - - /** - * Match if local and remote tags ANDed together equal value. - */ - ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_AND = 53, - - /** - * Match if local and remote tags ANDed together equal value. - */ - ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_OR = 54, - - /** - * Match if local and remote tags XORed together equal value. - */ - ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_XOR = 55, - - /** - * Match if local and remote tags both equal a value - */ - ZT_NETWORK_RULE_MATCH_TAGS_EQUAL = 56, + ZT_NETWORK_RULE_MATCH_ICMP = 38, + ZT_NETWORK_RULE_MATCH_IP_SOURCE_PORT_RANGE = 39, + ZT_NETWORK_RULE_MATCH_IP_DEST_PORT_RANGE = 40, + ZT_NETWORK_RULE_MATCH_CHARACTERISTICS = 41, + ZT_NETWORK_RULE_MATCH_FRAME_SIZE_RANGE = 42, + ZT_NETWORK_RULE_MATCH_RANDOM = 43, + ZT_NETWORK_RULE_MATCH_TAGS_DIFFERENCE = 44, + ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_AND = 45, + ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_OR = 46, + ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_XOR = 47, + ZT_NETWORK_RULE_MATCH_TAGS_EQUAL = 48, + ZT_NETWORK_RULE_MATCH_TAG_SENDER = 49, + ZT_NETWORK_RULE_MATCH_TAG_RECEIVER = 50, /** * Maximum ID allowed for a MATCH entry in the rules table */ - ZT_NETWORK_RULE_MATCH__MAX_ID = 127 + ZT_NETWORK_RULE_MATCH__MAX_ID = 63 }; /** @@ -683,15 +632,15 @@ enum ZT_VirtualNetworkRuleType typedef struct { /** - * Least significant 7 bits: ZT_VirtualNetworkRuleType, most significant 1 bit is NOT bit + * Type and flags * - * If the NOT bit is set, then matches will be interpreted as "does not - * match." The NOT bit has no effect on actions. + * Bits are: NOTTTTTT * - * Use "& 0x7f" to get the enum and "& 0x80" to get the NOT flag. + * N - If true, sense of match is inverted (no effect on actions) + * O - If true, result is ORed with previous instead of ANDed (no effect on actions) + * T - Rule or action type * - * The union 'v' is a variant type, and this selects which field in 'v' is - * actually used and valid. + * AND with 0x3f to get type, 0x80 to get NOT bit, and 0x40 to get OR bit. */ uint8_t t; @@ -768,7 +717,10 @@ typedef struct /** * IP type of service a.k.a. DSCP field */ - uint8_t ipTos; + struct { + uint8_t mask; + uint8_t value[2]; + } ipTos; /** * Ethernet packet size in host byte order (start-end, inclusive) @@ -890,21 +842,14 @@ enum ZT_VirtualNetworkConfigOperation ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_DESTROY = 4 }; -enum ZT_RelayPolicy -{ - ZT_RELAY_POLICY_NEVER = 0, - ZT_RELAY_POLICY_TRUSTED = 1, - ZT_RELAY_POLICY_ALWAYS = 2 -}; - /** * What trust hierarchy role does this peer have? */ enum ZT_PeerRole { - ZT_PEER_ROLE_LEAF = 0, // ordinary node - ZT_PEER_ROLE_UPSTREAM = 1, // upstream node - ZT_PEER_ROLE_ROOT = 2 // global root + ZT_PEER_ROLE_LEAF = 0, // ordinary node + ZT_PEER_ROLE_MOON = 1, // moon root + ZT_PEER_ROLE_PLANET = 2 // planetary root }; /** @@ -1097,6 +1042,11 @@ typedef struct uint64_t trustedPathId; /** + * Path link quality from 0 to 255 (always 255 if peer does not support) + */ + int linkQuality; + + /** * Is path expired? */ int expired; @@ -1118,16 +1068,6 @@ typedef struct uint64_t address; /** - * Time we last received a unicast frame from this peer - */ - uint64_t lastUnicastFrame; - - /** - * Time we last received a multicast rame from this peer - */ - uint64_t lastMulticastFrame; - - /** * Remote major version or -1 if not known */ int versionMajor; @@ -1331,6 +1271,11 @@ typedef struct { struct sockaddr_storage receivedFromRemoteAddress; /** + * Path link quality of physical path over which test was received + */ + int receivedFromLinkQuality; + + /** * Next hops to which packets are being or will be sent by the reporter * * In addition to reporting back, the reporter may send the test on if @@ -1596,8 +1541,9 @@ typedef int (*ZT_WirePacketSendFunction)( * Paramters: * (1) Node * (2) User pointer - * (3) Local interface address - * (4) Remote address + * (3) ZeroTier address or 0 for none/any + * (4) Local interface address + * (5) Remote address * * This function must return nonzero (true) if the path should be used. * @@ -1616,14 +1562,88 @@ typedef int (*ZT_WirePacketSendFunction)( typedef int (*ZT_PathCheckFunction)( ZT_Node *, /* Node */ void *, /* User ptr */ + uint64_t, /* ZeroTier address */ const struct sockaddr_storage *, /* Local address */ const struct sockaddr_storage *); /* Remote address */ +/** + * Function to get physical addresses for ZeroTier peers + * + * Parameters: + * (1) Node + * (2) User pointer + * (3) ZeroTier address (least significant 40 bits) + * (4) Desried address family or -1 for any + * (5) Buffer to fill with result + * + * If provided this function will be occasionally called to get physical + * addresses that might be tried to reach a ZeroTier address. It must + * return a nonzero (true) value if the result buffer has been filled + * with an address. + */ +typedef int (*ZT_PathLookupFunction)( + ZT_Node *, /* Node */ + void *, /* User ptr */ + uint64_t, /* ZeroTier address (40 bits) */ + int, /* Desired ss_family or -1 for any */ + struct sockaddr_storage *); /* Result buffer */ + /****************************************************************************/ /* C Node API */ /****************************************************************************/ /** + * Structure for configuring ZeroTier core callback functions + */ +struct ZT_Node_Callbacks +{ + /** + * Struct version -- must currently be 0 + */ + long version; + + /** + * REQUIRED: Function to get objects from persistent storage + */ + ZT_DataStoreGetFunction dataStoreGetFunction; + + /** + * REQUIRED: Function to store objects in persistent storage + */ + ZT_DataStorePutFunction dataStorePutFunction; + + /** + * REQUIRED: Function to send packets over the physical wire + */ + ZT_WirePacketSendFunction wirePacketSendFunction; + + /** + * REQUIRED: Function to inject frames into a virtual network's TAP + */ + ZT_VirtualNetworkFrameFunction virtualNetworkFrameFunction; + + /** + * REQUIRED: Function to be called when virtual networks are configured or changed + */ + ZT_VirtualNetworkConfigFunction virtualNetworkConfigFunction; + + /** + * REQUIRED: Function to be called to notify external code of important events + */ + ZT_EventCallback eventCallback; + + /** + * OPTIONAL: Function to check whether a given physical path should be used + */ + ZT_PathCheckFunction pathCheckFunction; + + /** + * OPTIONAL: Function to get hints to physical paths to ZeroTier addresses + */ + ZT_PathLookupFunction pathLookupFunction; +}; + +/** * Create a new ZeroTier One node * * Note that this can take a few seconds the first time it's called, as it @@ -1634,25 +1654,11 @@ typedef int (*ZT_PathCheckFunction)( * * @param node Result: pointer is set to new node instance on success * @param uptr User pointer to pass to functions/callbacks + * @param callbacks Callback function configuration * @param now Current clock in milliseconds - * @param dataStoreGetFunction Function called to get objects from persistent storage - * @param dataStorePutFunction Function called to put objects in persistent storage - * @param virtualNetworkConfigFunction Function to be called when virtual LANs are created, deleted, or their config parameters change - * @param pathCheckFunction A function to check whether a path should be used for ZeroTier traffic, or NULL to allow any path - * @param eventCallback Function to receive status updates and non-fatal error notices * @return OK (0) or error code if a fatal error condition has occurred */ -enum ZT_ResultCode ZT_Node_new( - ZT_Node **node, - void *uptr, - uint64_t now, - ZT_DataStoreGetFunction dataStoreGetFunction, - ZT_DataStorePutFunction dataStorePutFunction, - ZT_WirePacketSendFunction wirePacketSendFunction, - ZT_VirtualNetworkFrameFunction virtualNetworkFrameFunction, - ZT_VirtualNetworkConfigFunction virtualNetworkConfigFunction, - ZT_PathCheckFunction pathCheckFunction, - ZT_EventCallback eventCallback); +enum ZT_ResultCode ZT_Node_new(ZT_Node **node,void *uptr,const struct ZT_Node_Callbacks *callbacks,uint64_t now); /** * Delete a node and free all resources it consumes @@ -1723,15 +1729,6 @@ enum ZT_ResultCode ZT_Node_processVirtualNetworkFrame( enum ZT_ResultCode ZT_Node_processBackgroundTasks(ZT_Node *node,uint64_t now,volatile uint64_t *nextBackgroundTaskDeadline); /** - * Set node's relay policy - * - * @param node Node instance - * @param rp New relay policy - * @return OK(0) or error code - */ -enum ZT_ResultCode ZT_Node_setRelayPolicy(ZT_Node *node,enum ZT_RelayPolicy rp); - -/** * Join a network * * This may generate calls to the port config callback before it returns, @@ -1808,6 +1805,29 @@ enum ZT_ResultCode ZT_Node_multicastSubscribe(ZT_Node *node,uint64_t nwid,uint64 enum ZT_ResultCode ZT_Node_multicastUnsubscribe(ZT_Node *node,uint64_t nwid,uint64_t multicastGroup,unsigned long multicastAdi); /** + * Add or update a moon + * + * Moons are persisted in the data store in moons.d/, so this can persist + * across invocations if the contents of moon.d are scanned and orbit is + * called for each on startup. + * + * @param moonWorldId Moon's world ID + * @param moonSeed If non-zero, the ZeroTier address of any member of the moon to query for moon definition + * @param len Length of moonWorld in bytes + * @return Error if moon was invalid or failed to be added + */ +enum ZT_ResultCode ZT_Node_orbit(ZT_Node *node,uint64_t moonWorldId,uint64_t moonSeed); + +/** + * Remove a moon (does nothing if not present) + * + * @param node Node instance + * @param moonWorldId World ID of moon to remove + * @return Error if anything bad happened + */ +enum ZT_ResultCode ZT_Node_deorbit(ZT_Node *node,uint64_t moonWorldId); + +/** * Get this node's 40-bit ZeroTier address * * @param node Node instance @@ -1894,6 +1914,20 @@ int ZT_Node_addLocalInterfaceAddress(ZT_Node *node,const struct sockaddr_storage void ZT_Node_clearLocalInterfaceAddresses(ZT_Node *node); /** + * Send a VERB_USER_MESSAGE to another ZeroTier node + * + * There is no delivery guarantee here. Failure can occur if the message is + * too large or if dest is not a valid ZeroTier address. + * + * @param dest Destination ZeroTier address + * @param typeId VERB_USER_MESSAGE type ID + * @param data Payload data to attach to user message + * @param len Length of data in bytes + * @return Boolean: non-zero on success, zero on failure + */ +int ZT_Node_sendUserMessage(ZT_Node *node,uint64_t dest,uint64_t typeId,const void *data,unsigned int len); + +/** * Set a network configuration master instance for this node * * Normal nodes should not need to use this. This is for nodes with diff --git a/java/jni/Android.mk b/java/jni/Android.mk index 6b5d4a4b..ebd89376 100644 --- a/java/jni/Android.mk +++ b/java/jni/Android.mk @@ -5,16 +5,15 @@ include $(CLEAR_VARS) LOCAL_MODULE := ZeroTierOneJNI LOCAL_C_INCLUDES := $(ZT1)/include LOCAL_C_INCLUDES += $(ZT1)/node -LOCAL_LDLIBS := -llog +LOCAL_LDLIBS := -llog -latomic # LOCAL_CFLAGS := -g # ZeroTierOne SDK source files LOCAL_SRC_FILES := \ - $(ZT1)/ext/lz4/lz4.c \ - $(ZT1)/ext/http-parser/http_parser.c \ $(ZT1)/node/C25519.cpp \ $(ZT1)/node/Capability.cpp \ $(ZT1)/node/CertificateOfMembership.cpp \ + $(ZT1)/node/CertificateOfOwnership.cpp \ $(ZT1)/node/Identity.cpp \ $(ZT1)/node/IncomingPacket.cpp \ $(ZT1)/node/InetAddress.cpp \ @@ -28,15 +27,15 @@ LOCAL_SRC_FILES := \ $(ZT1)/node/Path.cpp \ $(ZT1)/node/Peer.cpp \ $(ZT1)/node/Poly1305.cpp \ + $(ZT1)/node/Revocation.cpp \ $(ZT1)/node/Salsa20.cpp \ $(ZT1)/node/SelfAwareness.cpp \ $(ZT1)/node/SHA512.cpp \ $(ZT1)/node/Switch.cpp \ $(ZT1)/node/Tag.cpp \ $(ZT1)/node/Topology.cpp \ - $(ZT1)/node/Utils.cpp \ - $(ZT1)/osdep/Http.cpp \ - $(ZT1)/osdep/OSUtils.cpp + $(ZT1)/node/Utils.cpp + # JNI Files LOCAL_SRC_FILES += \ diff --git a/java/jni/Application.mk b/java/jni/Application.mk index 6950c0e6..19891cc8 100644 --- a/java/jni/Application.mk +++ b/java/jni/Application.mk @@ -1,5 +1,5 @@ # NDK_TOOLCHAIN_VERSION := clang3.5 -APP_STL := gnustl_static -APP_CPPFLAGS := -O3 -fPIC -fPIE -Wall -fstack-protector -fexceptions -fno-strict-aliasing -Wno-deprecated-register -DZT_NO_TYPE_PUNNING=1 +APP_STL := c++_static +APP_CPPFLAGS := -O3 -Wall -fstack-protector -fexceptions -fno-strict-aliasing -Wno-deprecated-register -DZT_NO_TYPE_PUNNING=1 APP_PLATFORM := android-14 APP_ABI := all diff --git a/java/jni/ZT_jniutils.cpp b/java/jni/ZT_jniutils.cpp index 27ca7374..7bdc7611 100644 --- a/java/jni/ZT_jniutils.cpp +++ b/java/jni/ZT_jniutils.cpp @@ -15,7 +15,7 @@ * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ - + #include "ZT_jniutils.h" #include "ZT_jnilookup.h" #include <string> @@ -30,7 +30,7 @@ extern "C" { jobject createResultObject(JNIEnv *env, ZT_ResultCode code) { jclass resultClass = NULL; - + jobject resultObject = NULL; resultClass = lookup.findClass("com/zerotier/sdk/ResultCode"); @@ -67,14 +67,14 @@ jobject createResultObject(JNIEnv *env, ZT_ResultCode code) } jfieldID enumField = lookup.findStaticField(resultClass, fieldName.c_str(), "Lcom/zerotier/sdk/ResultCode;"); - if(env->ExceptionCheck() || enumField == NULL) + if(env->ExceptionCheck() || enumField == NULL) { LOGE("Error on FindStaticField"); return NULL; } resultObject = env->GetStaticObjectField(resultClass, enumField); - if(env->ExceptionCheck() || resultObject == NULL) + if(env->ExceptionCheck() || resultObject == NULL) { LOGE("Error on GetStaticObjectField"); } @@ -154,6 +154,8 @@ jobject createEvent(JNIEnv *env, ZT_Event event) case ZT_EVENT_TRACE: fieldName = "EVENT_TRACE"; break; + case ZT_EVENT_USER_MESSAGE: + break; } jfieldID enumField = lookup.findStaticField(eventClass, fieldName.c_str(), "Lcom/zerotier/sdk/Event;"); @@ -180,11 +182,11 @@ jobject createPeerRole(JNIEnv *env, ZT_PeerRole role) case ZT_PEER_ROLE_LEAF: fieldName = "PEER_ROLE_LEAF"; break; - case ZT_PEER_ROLE_UPSTREAM: - fieldName = "PEER_ROLE_UPSTREAM"; + case ZT_PEER_ROLE_MOON: + fieldName = "PEER_ROLE_MOON"; break; - case ZT_PEER_ROLE_ROOT: - fieldName = "PEER_ROLE_ROOTS"; + case ZT_PEER_ROLE_PLANET: + fieldName = "PEER_ROLE_PLANET"; break; } @@ -332,7 +334,7 @@ jobject newInetSocketAddress(JNIEnv *env, const sockaddr_storage &addr) } jobject inetAddressObject = NULL; - + if(addr.ss_family != 0) { inetAddressObject = newInetAddress(env, addr); @@ -468,15 +470,13 @@ jobject newPeerPhysicalPath(JNIEnv *env, const ZT_PeerPhysicalPath &ppp) return pppObject; } -jobject newPeer(JNIEnv *env, const ZT_Peer &peer) +jobject newPeer(JNIEnv *env, const ZT_Peer &peer) { LOGV("newPeer called"); jclass peerClass = NULL; jfieldID addressField = NULL; - jfieldID lastUnicastFrameField = NULL; - jfieldID lastMulticastFrameField = NULL; jfieldID versionMajorField = NULL; jfieldID versionMinorField = NULL; jfieldID versionRevField = NULL; @@ -500,20 +500,6 @@ jobject newPeer(JNIEnv *env, const ZT_Peer &peer) return NULL; } - lastUnicastFrameField = lookup.findField(peerClass, "lastUnicastFrame", "J"); - if(env->ExceptionCheck() || lastUnicastFrameField == NULL) - { - LOGE("Error finding lastUnicastFrame field of Peer object"); - return NULL; - } - - lastMulticastFrameField = lookup.findField(peerClass, "lastMulticastFrame", "J"); - if(env->ExceptionCheck() || lastMulticastFrameField == NULL) - { - LOGE("Error finding lastMulticastFrame field of Peer object"); - return NULL; - } - versionMajorField = lookup.findField(peerClass, "versionMajor", "I"); if(env->ExceptionCheck() || versionMajorField == NULL) { @@ -571,8 +557,6 @@ jobject newPeer(JNIEnv *env, const ZT_Peer &peer) } env->SetLongField(peerObject, addressField, (jlong)peer.address); - env->SetLongField(peerObject, lastUnicastFrameField, (jlong)peer.lastUnicastFrame); - env->SetLongField(peerObject, lastMulticastFrameField, (jlong)peer.lastMulticastFrame); env->SetIntField(peerObject, versionMajorField, peer.versionMajor); env->SetIntField(peerObject, versionMinorField, peer.versionMinor); env->SetIntField(peerObject, versionRevField, peer.versionRev); @@ -588,7 +572,7 @@ jobject newPeer(JNIEnv *env, const ZT_Peer &peer) jobjectArray arrayObject = env->NewObjectArray( peer.pathCount, peerPhysicalPathClass, NULL); - if(env->ExceptionCheck() || arrayObject == NULL) + if(env->ExceptionCheck() || arrayObject == NULL) { LOGE("Error creating PeerPhysicalPath[] array"); return NULL; @@ -727,7 +711,7 @@ jobject newNetworkConfig(JNIEnv *env, const ZT_VirtualNetworkConfig &vnetConfig) return NULL; } - assignedAddressesField = lookup.findField(vnetConfigClass, "assignedAddresses", + assignedAddressesField = lookup.findField(vnetConfigClass, "assignedAddresses", "[Ljava/net/InetSocketAddress;"); if(env->ExceptionCheck() || assignedAddressesField == NULL) { @@ -735,7 +719,7 @@ jobject newNetworkConfig(JNIEnv *env, const ZT_VirtualNetworkConfig &vnetConfig) return NULL; } - routesField = lookup.findField(vnetConfigClass, "routes", + routesField = lookup.findField(vnetConfigClass, "routes", "[Lcom/zerotier/sdk/VirtualNetworkRoute;"); if(env->ExceptionCheck() || routesField == NULL) { diff --git a/java/jni/com_zerotierone_sdk_Node.cpp b/java/jni/com_zerotierone_sdk_Node.cpp index 4d9a2102..eb62d985 100644 --- a/java/jni/com_zerotierone_sdk_Node.cpp +++ b/java/jni/com_zerotierone_sdk_Node.cpp @@ -56,7 +56,11 @@ namespace { , eventListener(NULL) , frameListener(NULL) , configListener(NULL) - {} + , callbacks(NULL) + { + callbacks = (ZT_Node_Callbacks*)malloc(sizeof(ZT_Node_Callbacks)); + memset(callbacks, 0, sizeof(ZT_Node_Callbacks)); + } ~JniRef() { @@ -69,6 +73,9 @@ namespace { env->DeleteGlobalRef(eventListener); env->DeleteGlobalRef(frameListener); env->DeleteGlobalRef(configListener); + + free(callbacks); + callbacks = NULL; } uint64_t id; @@ -83,6 +90,8 @@ namespace { jobject eventListener; jobject frameListener; jobject configListener; + + ZT_Node_Callbacks *callbacks; }; @@ -130,8 +139,8 @@ namespace { } return env->CallIntMethod( - ref->configListener, - configListenerCallbackMethod, + ref->configListener, + configListenerCallbackMethod, (jlong)nwid, operationObject, networkConfigObject); } @@ -194,7 +203,7 @@ namespace { void EventCallback(ZT_Node *node, void *userData, - enum ZT_Event event, + enum ZT_Event event, const void *data) { LOGV("EventCallback"); @@ -282,6 +291,8 @@ namespace { } } break; + case ZT_EVENT_USER_MESSAGE: + break; } } @@ -339,7 +350,7 @@ namespace { objectName, buffer, bufferIndex, objectSizeObj); long retval = (long)env->CallLongMethod( - ref->dataStoreGetListener, dataStoreGetCallbackMethod, + ref->dataStoreGetListener, dataStoreGetCallbackMethod, nameStr, bufferObj, (jlong)bufferIndex, objectSizeObj); if(retval > 0) @@ -454,7 +465,7 @@ namespace { LOGE("Couldn't find onSendPacketRequested method"); return -2; } - + jobject localAddressObj = NULL; if(memcmp(localAddress, &ZT_SOCKADDR_NULL, sizeof(sockaddr_storage)) != 0) { @@ -487,7 +498,7 @@ namespace { } } -JNIEXPORT jint JNICALL JNI_OnLoad(JavaVM *vm, void *reserved) +JNIEXPORT jint JNICALL JNI_OnLoad(JavaVM *vm, void *reserved) { lookup.setJavaVM(vm); return JNI_VERSION_1_6; @@ -602,17 +613,18 @@ JNIEXPORT jobject JNICALL Java_com_zerotier_sdk_Node_node_1init( } ref->eventListener = env->NewGlobalRef(tmp); + ref->callbacks->dataStoreGetFunction = &DataStoreGetFunction; + ref->callbacks->dataStorePutFunction = &DataStorePutFunction; + ref->callbacks->wirePacketSendFunction = &WirePacketSendFunction; + ref->callbacks->virtualNetworkFrameFunction = &VirtualNetworkFrameFunctionCallback; + ref->callbacks->virtualNetworkConfigFunction = &VirtualNetworkConfigFunctionCallback; + ref->callbacks->eventCallback = &EventCallback; + ZT_ResultCode rc = ZT_Node_new( &node, ref, - (uint64_t)now, - &DataStoreGetFunction, - &DataStorePutFunction, - &WirePacketSendFunction, - &VirtualNetworkFrameFunctionCallback, - &VirtualNetworkConfigFunctionCallback, - NULL, - &EventCallback); + ref->callbacks, + (uint64_t)now); if(rc != ZT_RESULT_OK) { @@ -631,7 +643,7 @@ JNIEXPORT jobject JNICALL Java_com_zerotier_sdk_Node_node_1init( ZeroTier::Mutex::Lock lock(nodeMapMutex); ref->node = node; nodeMap.insert(std::make_pair(ref->id, ref)); - + return resultObject; } @@ -649,7 +661,7 @@ JNIEXPORT void JNICALL Java_com_zerotier_sdk_Node_node_1delete( NodeMap::iterator found; { - ZeroTier::Mutex::Lock lock(nodeMapMutex); + ZeroTier::Mutex::Lock lock(nodeMapMutex); found = nodeMap.find(nodeId); } @@ -675,9 +687,9 @@ JNIEXPORT void JNICALL Java_com_zerotier_sdk_Node_node_1delete( * Signature: (JJJJJII[B[J)Lcom/zerotier/sdk/ResultCode; */ JNIEXPORT jobject JNICALL Java_com_zerotier_sdk_Node_processVirtualNetworkFrame( - JNIEnv *env, jobject obj, - jlong id, - jlong in_now, + JNIEnv *env, jobject obj, + jlong id, + jlong in_now, jlong in_nwid, jlong in_sourceMac, jlong in_destMac, @@ -687,7 +699,7 @@ JNIEXPORT jobject JNICALL Java_com_zerotier_sdk_Node_processVirtualNetworkFrame( jlongArray out_nextBackgroundTaskDeadline) { uint64_t nodeId = (uint64_t) id; - + ZT_Node *node = findNode(nodeId); if(node == NULL) { @@ -742,9 +754,9 @@ JNIEXPORT jobject JNICALL Java_com_zerotier_sdk_Node_processVirtualNetworkFrame( * Signature: (JJLjava/net/InetSocketAddress;I[B[J)Lcom/zerotier/sdk/ResultCode; */ JNIEXPORT jobject JNICALL Java_com_zerotier_sdk_Node_processWirePacket( - JNIEnv *env, jobject obj, + JNIEnv *env, jobject obj, jlong id, - jlong in_now, + jlong in_now, jobject in_localAddress, jobject in_remoteAddress, jbyteArray in_packetData, @@ -810,7 +822,7 @@ JNIEXPORT jobject JNICALL Java_com_zerotier_sdk_Node_processWirePacket( jmethodID inetSock_getPort = lookup.findMethod( InetSocketAddressClass, "getPort", "()I"); - if(env->ExceptionCheck() || inetSock_getPort == NULL) + if(env->ExceptionCheck() || inetSock_getPort == NULL) { LOGE("Couldn't find getPort method on InetSocketAddress"); return createResultObject(env, ZT_RESULT_FATAL_ERROR_INTERNAL); @@ -834,10 +846,10 @@ JNIEXPORT jobject JNICALL Java_com_zerotier_sdk_Node_processWirePacket( } unsigned int addrSize = env->GetArrayLength(remoteAddressArray); - + sockaddr_storage localAddress = {}; - + if(localAddrObj == NULL) { localAddress = ZT_SOCKADDR_NULL; @@ -929,7 +941,7 @@ JNIEXPORT jobject JNICALL Java_com_zerotier_sdk_Node_processWirePacket( localData, packetLength, &nextBackgroundTaskDeadline); - if(rc != ZT_RESULT_OK) + if(rc != ZT_RESULT_OK) { LOGE("ZT_Node_processWirePacket returned: %d", rc); } @@ -949,7 +961,7 @@ JNIEXPORT jobject JNICALL Java_com_zerotier_sdk_Node_processWirePacket( * Signature: (JJ[J)Lcom/zerotier/sdk/ResultCode; */ JNIEXPORT jobject JNICALL Java_com_zerotier_sdk_Node_processBackgroundTasks( - JNIEnv *env, jobject obj, + JNIEnv *env, jobject obj, jlong id, jlong in_now, jlongArray out_nextBackgroundTaskDeadline) @@ -1022,7 +1034,7 @@ JNIEXPORT jobject JNICALL Java_com_zerotier_sdk_Node_leave( uint64_t nwid = (uint64_t)in_nwid; ZT_ResultCode rc = ZT_Node_leave(node, nwid, NULL); - + return createResultObject(env, rc); } @@ -1032,8 +1044,8 @@ JNIEXPORT jobject JNICALL Java_com_zerotier_sdk_Node_leave( * Signature: (JJJJ)Lcom/zerotier/sdk/ResultCode; */ JNIEXPORT jobject JNICALL Java_com_zerotier_sdk_Node_multicastSubscribe( - JNIEnv *env, jobject obj, - jlong id, + JNIEnv *env, jobject obj, + jlong id, jlong in_nwid, jlong in_multicastGroup, jlong in_multicastAdi) @@ -1062,8 +1074,8 @@ JNIEXPORT jobject JNICALL Java_com_zerotier_sdk_Node_multicastSubscribe( * Signature: (JJJJ)Lcom/zerotier/sdk/ResultCode; */ JNIEXPORT jobject JNICALL Java_com_zerotier_sdk_Node_multicastUnsubscribe( - JNIEnv *env, jobject obj, - jlong id, + JNIEnv *env, jobject obj, + jlong id, jlong in_nwid, jlong in_multicastGroup, jlong in_multicastAdi) @@ -1131,7 +1143,7 @@ JNIEXPORT jobject JNICALL Java_com_zerotier_sdk_Node_status { return NULL; } - + nodeStatusConstructor = lookup.findMethod( nodeStatusClass, "<init>", "()V"); if(nodeStatusConstructor == NULL) @@ -1215,7 +1227,7 @@ JNIEXPORT jobject JNICALL Java_com_zerotier_sdk_Node_networkConfig( } ZT_VirtualNetworkConfig *vnetConfig = ZT_Node_networkConfig(node, nwid); - + jobject vnetConfigObject = newNetworkConfig(env, *vnetConfig); ZT_Node_freeQueryResult(node, vnetConfig); @@ -1257,7 +1269,7 @@ JNIEXPORT jobjectArray JNICALL Java_com_zerotier_sdk_Node_peers( } ZT_PeerList *peerList = ZT_Node_peers(node); - + if(peerList == NULL) { LOGE("ZT_Node_peers returned NULL"); @@ -1296,7 +1308,7 @@ JNIEXPORT jobjectArray JNICALL Java_com_zerotier_sdk_Node_peers( { jobject peerObj = newPeer(env, peerList->peers[i]); env->SetObjectArrayElement(peerArrayObj, i, peerObj); - if(env->ExceptionCheck()) + if(env->ExceptionCheck()) { LOGE("Error assigning Peer object to array"); break; diff --git a/java/src/com/zerotier/sdk/Peer.java b/java/src/com/zerotier/sdk/Peer.java index fb2d1065..eb3d7130 100644 --- a/java/src/com/zerotier/sdk/Peer.java +++ b/java/src/com/zerotier/sdk/Peer.java @@ -34,8 +34,6 @@ import java.util.ArrayList; */ public final class Peer { private long address; - private long lastUnicastFrame; - private long lastMulticastFrame; private int versionMajor; private int versionMinor; private int versionRev; @@ -53,20 +51,6 @@ public final class Peer { } /** - * Time we last received a unicast frame from this peer - */ - public final long lastUnicastFrame() { - return lastUnicastFrame; - } - - /** - * Time we last received a multicast rame from this peer - */ - public final long lastMulticastFrame() { - return lastMulticastFrame; - } - - /** * Remote major version or -1 if not known */ public final int versionMajor() { diff --git a/java/src/com/zerotier/sdk/PeerRole.java b/java/src/com/zerotier/sdk/PeerRole.java index f281c1b6..fce183d9 100644 --- a/java/src/com/zerotier/sdk/PeerRole.java +++ b/java/src/com/zerotier/sdk/PeerRole.java @@ -34,12 +34,12 @@ public enum PeerRole { PEER_ROLE_LEAF, /** - * upstream node + * moon root */ - PEER_ROLE_UPSTREAM, + PEER_ROLE_MOON, /** - * root server + * planetary root */ - PEER_ROLE_ROOT + PEER_ROLE_PLANET }
\ No newline at end of file diff --git a/java/src/com/zerotier/sdk/VirtualNetworkRoute.java b/java/src/com/zerotier/sdk/VirtualNetworkRoute.java index 738c4158..b89dce7b 100644 --- a/java/src/com/zerotier/sdk/VirtualNetworkRoute.java +++ b/java/src/com/zerotier/sdk/VirtualNetworkRoute.java @@ -29,9 +29,14 @@ package com.zerotier.sdk; import java.net.InetSocketAddress; -public final class VirtualNetworkRoute +public final class VirtualNetworkRoute implements Comparable<VirtualNetworkRoute> { - private VirtualNetworkRoute() {} + private VirtualNetworkRoute() { + target = null; + via = null; + flags = 0; + metric = 0; + } /** * Target network / netmask bits (in port field) or NULL or 0.0.0.0/0 for default @@ -52,4 +57,46 @@ public final class VirtualNetworkRoute * Route metric (not currently used) */ public int metric; + + + @Override + public int compareTo(VirtualNetworkRoute other) { + return target.toString().compareTo(other.target.toString()); + } + + public boolean equals(VirtualNetworkRoute other) { + boolean targetEquals; + if (target == null && other.target == null) { + targetEquals = true; + } + else if (target == null && other.target != null) { + targetEquals = false; + } + else if (target != null && other.target == null) { + targetEquals = false; + } + else { + targetEquals = target.equals(other.target); + } + + + boolean viaEquals; + if (via == null && other.via == null) { + viaEquals = true; + } + else if (via == null && other.via != null) { + viaEquals = false; + } + else if (via != null && other.via == null) { + viaEquals = false; + } + else { + viaEquals = via.equals(other.via); + } + + return viaEquals && + viaEquals && + flags == other.flags && + metric == other.metric; + } } diff --git a/macui/ZeroTier One.xcodeproj/project.pbxproj b/macui/ZeroTier One.xcodeproj/project.pbxproj new file mode 100644 index 00000000..900daacb --- /dev/null +++ b/macui/ZeroTier One.xcodeproj/project.pbxproj @@ -0,0 +1,382 @@ +// !$*UTF8*$! +{ + archiveVersion = 1; + classes = { + }; + objectVersion = 46; + objects = { + +/* Begin PBXBuildFile section */ + 932D472F1D1CD499004BCFE2 /* ZeroTierIcon.icns in Resources */ = {isa = PBXBuildFile; fileRef = 932D472E1D1CD499004BCFE2 /* ZeroTierIcon.icns */; }; + 932D47331D1CD861004BCFE2 /* PreferencesViewController.xib in Resources */ = {isa = PBXBuildFile; fileRef = 932D47311D1CD861004BCFE2 /* PreferencesViewController.xib */; }; + 932D47371D1CDC9B004BCFE2 /* AboutViewController.xib in Resources */ = {isa = PBXBuildFile; fileRef = 932D47351D1CDC9B004BCFE2 /* AboutViewController.xib */; }; + 93326BDE1CE7C816005CA2AC /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 93326BDD1CE7C816005CA2AC /* Assets.xcassets */; }; + 93326BE11CE7C816005CA2AC /* MainMenu.xib in Resources */ = {isa = PBXBuildFile; fileRef = 93326BDF1CE7C816005CA2AC /* MainMenu.xib */; }; + 93326BEB1CE7D9B9005CA2AC /* JoinNetworkViewController.xib in Resources */ = {isa = PBXBuildFile; fileRef = 93326BE91CE7D9B9005CA2AC /* JoinNetworkViewController.xib */; }; + 93326BEF1CE7DA30005CA2AC /* ShowNetworksViewController.xib in Resources */ = {isa = PBXBuildFile; fileRef = 93326BED1CE7DA30005CA2AC /* ShowNetworksViewController.xib */; }; + 93D1675F1D54191C00330C99 /* NodeStatus.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D1675E1D54191C00330C99 /* NodeStatus.m */; }; + 93D167621D541BC200330C99 /* ServiceCom.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D167611D541BC200330C99 /* ServiceCom.m */; }; + 93D167661D54308200330C99 /* Network.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D167651D54308200330C99 /* Network.m */; }; + 93D167691D57E7EA00330C99 /* AboutViewController.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D167681D57E7EA00330C99 /* AboutViewController.m */; }; + 93D1676D1D57EB8400330C99 /* PreferencesViewController.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D1676C1D57EB8400330C99 /* PreferencesViewController.m */; }; + 93D167701D57FD3800330C99 /* NetworkMonitor.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D1676F1D57FD3800330C99 /* NetworkMonitor.m */; }; + 93D167731D58093C00330C99 /* NetworkInfoCell.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D167721D58093C00330C99 /* NetworkInfoCell.m */; }; + 93D167761D580C3500330C99 /* ShowNetworksViewController.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D167751D580C3500330C99 /* ShowNetworksViewController.m */; }; + 93D167791D5815E600330C99 /* JoinNetworkViewController.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D167781D5815E600330C99 /* JoinNetworkViewController.m */; }; + 93D1677C1D58228A00330C99 /* AppDelegate.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D1677B1D58228A00330C99 /* AppDelegate.m */; }; + 93D1679B1D58300F00330C99 /* main.m in Sources */ = {isa = PBXBuildFile; fileRef = 93D1679A1D58300F00330C99 /* main.m */; }; + 93D1679D1D595F0000330C99 /* WebKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 93D1679C1D595F0000330C99 /* WebKit.framework */; }; + 93DAFB271D3F0BEE004D5417 /* about.html in Resources */ = {isa = PBXBuildFile; fileRef = 93DAFB261D3F0BEE004D5417 /* about.html */; }; + 93DAFE4B1CFE53CA00547CC4 /* AuthtokenCopy.m in Sources */ = {isa = PBXBuildFile; fileRef = 93DAFE4A1CFE53CA00547CC4 /* AuthtokenCopy.m */; }; +/* End PBXBuildFile section */ + +/* Begin PBXFileReference section */ + 932D472E1D1CD499004BCFE2 /* ZeroTierIcon.icns */ = {isa = PBXFileReference; lastKnownFileType = image.icns; path = ZeroTierIcon.icns; sourceTree = "<group>"; }; + 932D47311D1CD861004BCFE2 /* PreferencesViewController.xib */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = file.xib; path = PreferencesViewController.xib; sourceTree = "<group>"; }; + 932D47351D1CDC9B004BCFE2 /* AboutViewController.xib */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = file.xib; path = AboutViewController.xib; sourceTree = "<group>"; }; + 93326BD81CE7C816005CA2AC /* ZeroTier One.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = "ZeroTier One.app"; sourceTree = BUILT_PRODUCTS_DIR; }; + 93326BDD1CE7C816005CA2AC /* Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = Assets.xcassets; sourceTree = "<group>"; }; + 93326BE01CE7C816005CA2AC /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.xib; name = Base; path = Base.lproj/MainMenu.xib; sourceTree = "<group>"; }; + 93326BE21CE7C816005CA2AC /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; }; + 93326BE91CE7D9B9005CA2AC /* JoinNetworkViewController.xib */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = file.xib; path = JoinNetworkViewController.xib; sourceTree = "<group>"; }; + 93326BED1CE7DA30005CA2AC /* ShowNetworksViewController.xib */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = file.xib; path = ShowNetworksViewController.xib; sourceTree = "<group>"; }; + 93D1675D1D54191C00330C99 /* NodeStatus.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = NodeStatus.h; sourceTree = "<group>"; }; + 93D1675E1D54191C00330C99 /* NodeStatus.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = NodeStatus.m; sourceTree = "<group>"; }; + 93D167601D541BC200330C99 /* ServiceCom.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ServiceCom.h; sourceTree = "<group>"; }; + 93D167611D541BC200330C99 /* ServiceCom.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = ServiceCom.m; sourceTree = "<group>"; }; + 93D167641D54308200330C99 /* Network.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = Network.h; sourceTree = "<group>"; }; + 93D167651D54308200330C99 /* Network.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = Network.m; sourceTree = "<group>"; }; + 93D167671D57E7EA00330C99 /* AboutViewController.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = AboutViewController.h; sourceTree = "<group>"; }; + 93D167681D57E7EA00330C99 /* AboutViewController.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = AboutViewController.m; sourceTree = "<group>"; }; + 93D1676B1D57EB8400330C99 /* PreferencesViewController.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PreferencesViewController.h; sourceTree = "<group>"; }; + 93D1676C1D57EB8400330C99 /* PreferencesViewController.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = PreferencesViewController.m; sourceTree = "<group>"; }; + 93D1676E1D57FD3800330C99 /* NetworkMonitor.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = NetworkMonitor.h; sourceTree = "<group>"; }; + 93D1676F1D57FD3800330C99 /* NetworkMonitor.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = NetworkMonitor.m; sourceTree = "<group>"; }; + 93D167711D58093C00330C99 /* NetworkInfoCell.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = NetworkInfoCell.h; sourceTree = "<group>"; }; + 93D167721D58093C00330C99 /* NetworkInfoCell.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = NetworkInfoCell.m; sourceTree = "<group>"; }; + 93D167741D580C3500330C99 /* ShowNetworksViewController.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ShowNetworksViewController.h; sourceTree = "<group>"; }; + 93D167751D580C3500330C99 /* ShowNetworksViewController.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = ShowNetworksViewController.m; sourceTree = "<group>"; }; + 93D167771D5815E600330C99 /* JoinNetworkViewController.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JoinNetworkViewController.h; sourceTree = "<group>"; }; + 93D167781D5815E600330C99 /* JoinNetworkViewController.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = JoinNetworkViewController.m; sourceTree = "<group>"; }; + 93D1677A1D58228A00330C99 /* AppDelegate.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = AppDelegate.h; sourceTree = "<group>"; }; + 93D1677B1D58228A00330C99 /* AppDelegate.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = AppDelegate.m; sourceTree = "<group>"; }; + 93D1679A1D58300F00330C99 /* main.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = main.m; sourceTree = "<group>"; }; + 93D1679C1D595F0000330C99 /* WebKit.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = WebKit.framework; path = System/Library/Frameworks/WebKit.framework; sourceTree = SDKROOT; }; + 93DAFB261D3F0BEE004D5417 /* about.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = about.html; sourceTree = "<group>"; }; + 93DAFE4A1CFE53CA00547CC4 /* AuthtokenCopy.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = AuthtokenCopy.m; sourceTree = "<group>"; }; + 93DAFE4C1CFE53DA00547CC4 /* AuthtokenCopy.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = AuthtokenCopy.h; sourceTree = "<group>"; }; +/* End PBXFileReference section */ + +/* Begin PBXFrameworksBuildPhase section */ + 93326BD51CE7C816005CA2AC /* Frameworks */ = { + isa = PBXFrameworksBuildPhase; + buildActionMask = 2147483647; + files = ( + 93D1679D1D595F0000330C99 /* WebKit.framework in Frameworks */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXFrameworksBuildPhase section */ + +/* Begin PBXGroup section */ + 93326BCF1CE7C816005CA2AC = { + isa = PBXGroup; + children = ( + 93D1679C1D595F0000330C99 /* WebKit.framework */, + 93326BDA1CE7C816005CA2AC /* ZeroTier One */, + 93326BD91CE7C816005CA2AC /* Products */, + ); + sourceTree = "<group>"; + }; + 93326BD91CE7C816005CA2AC /* Products */ = { + isa = PBXGroup; + children = ( + 93326BD81CE7C816005CA2AC /* ZeroTier One.app */, + ); + name = Products; + sourceTree = "<group>"; + }; + 93326BDA1CE7C816005CA2AC /* ZeroTier One */ = { + isa = PBXGroup; + children = ( + 932D472E1D1CD499004BCFE2 /* ZeroTierIcon.icns */, + 93326BDD1CE7C816005CA2AC /* Assets.xcassets */, + 93326BDF1CE7C816005CA2AC /* MainMenu.xib */, + 93326BE21CE7C816005CA2AC /* Info.plist */, + 93DAFE4A1CFE53CA00547CC4 /* AuthtokenCopy.m */, + 93DAFE4C1CFE53DA00547CC4 /* AuthtokenCopy.h */, + 93D1676E1D57FD3800330C99 /* NetworkMonitor.h */, + 93D1676F1D57FD3800330C99 /* NetworkMonitor.m */, + 93DAFB261D3F0BEE004D5417 /* about.html */, + 93D1675D1D54191C00330C99 /* NodeStatus.h */, + 93D1675E1D54191C00330C99 /* NodeStatus.m */, + 93D167601D541BC200330C99 /* ServiceCom.h */, + 93D167611D541BC200330C99 /* ServiceCom.m */, + 93D167641D54308200330C99 /* Network.h */, + 93D167651D54308200330C99 /* Network.m */, + 93D167671D57E7EA00330C99 /* AboutViewController.h */, + 93D167681D57E7EA00330C99 /* AboutViewController.m */, + 932D47351D1CDC9B004BCFE2 /* AboutViewController.xib */, + 93D1676B1D57EB8400330C99 /* PreferencesViewController.h */, + 93D1676C1D57EB8400330C99 /* PreferencesViewController.m */, + 932D47311D1CD861004BCFE2 /* PreferencesViewController.xib */, + 93D167711D58093C00330C99 /* NetworkInfoCell.h */, + 93D167721D58093C00330C99 /* NetworkInfoCell.m */, + 93D167741D580C3500330C99 /* ShowNetworksViewController.h */, + 93D167751D580C3500330C99 /* ShowNetworksViewController.m */, + 93326BED1CE7DA30005CA2AC /* ShowNetworksViewController.xib */, + 93D167771D5815E600330C99 /* JoinNetworkViewController.h */, + 93D167781D5815E600330C99 /* JoinNetworkViewController.m */, + 93326BE91CE7D9B9005CA2AC /* JoinNetworkViewController.xib */, + 93D1677A1D58228A00330C99 /* AppDelegate.h */, + 93D1677B1D58228A00330C99 /* AppDelegate.m */, + 93D1679A1D58300F00330C99 /* main.m */, + ); + path = "ZeroTier One"; + sourceTree = "<group>"; + }; +/* End PBXGroup section */ + +/* Begin PBXNativeTarget section */ + 93326BD71CE7C816005CA2AC /* ZeroTier One */ = { + isa = PBXNativeTarget; + buildConfigurationList = 93326BE51CE7C816005CA2AC /* Build configuration list for PBXNativeTarget "ZeroTier One" */; + buildPhases = ( + 93326BD41CE7C816005CA2AC /* Sources */, + 93326BD51CE7C816005CA2AC /* Frameworks */, + 93326BD61CE7C816005CA2AC /* Resources */, + ); + buildRules = ( + ); + dependencies = ( + ); + name = "ZeroTier One"; + productName = "ZeroTier One"; + productReference = 93326BD81CE7C816005CA2AC /* ZeroTier One.app */; + productType = "com.apple.product-type.application"; + }; +/* End PBXNativeTarget section */ + +/* Begin PBXProject section */ + 93326BD01CE7C816005CA2AC /* Project object */ = { + isa = PBXProject; + attributes = { + LastSwiftUpdateCheck = 0730; + LastUpgradeCheck = 0800; + ORGANIZATIONNAME = "ZeroTier, Inc"; + TargetAttributes = { + 93326BD71CE7C816005CA2AC = { + CreatedOnToolsVersion = 7.3; + }; + }; + }; + buildConfigurationList = 93326BD31CE7C816005CA2AC /* Build configuration list for PBXProject "ZeroTier One" */; + compatibilityVersion = "Xcode 3.2"; + developmentRegion = English; + hasScannedForEncodings = 0; + knownRegions = ( + en, + Base, + ); + mainGroup = 93326BCF1CE7C816005CA2AC; + productRefGroup = 93326BD91CE7C816005CA2AC /* Products */; + projectDirPath = ""; + projectRoot = ""; + targets = ( + 93326BD71CE7C816005CA2AC /* ZeroTier One */, + ); + }; +/* End PBXProject section */ + +/* Begin PBXResourcesBuildPhase section */ + 93326BD61CE7C816005CA2AC /* Resources */ = { + isa = PBXResourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + 93DAFB271D3F0BEE004D5417 /* about.html in Resources */, + 93326BEF1CE7DA30005CA2AC /* ShowNetworksViewController.xib in Resources */, + 932D47371D1CDC9B004BCFE2 /* AboutViewController.xib in Resources */, + 93326BEB1CE7D9B9005CA2AC /* JoinNetworkViewController.xib in Resources */, + 93326BDE1CE7C816005CA2AC /* Assets.xcassets in Resources */, + 93326BE11CE7C816005CA2AC /* MainMenu.xib in Resources */, + 932D472F1D1CD499004BCFE2 /* ZeroTierIcon.icns in Resources */, + 932D47331D1CD861004BCFE2 /* PreferencesViewController.xib in Resources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXResourcesBuildPhase section */ + +/* Begin PBXSourcesBuildPhase section */ + 93326BD41CE7C816005CA2AC /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + 93D1679B1D58300F00330C99 /* main.m in Sources */, + 93D167621D541BC200330C99 /* ServiceCom.m in Sources */, + 93D167761D580C3500330C99 /* ShowNetworksViewController.m in Sources */, + 93DAFE4B1CFE53CA00547CC4 /* AuthtokenCopy.m in Sources */, + 93D167701D57FD3800330C99 /* NetworkMonitor.m in Sources */, + 93D1675F1D54191C00330C99 /* NodeStatus.m in Sources */, + 93D167691D57E7EA00330C99 /* AboutViewController.m in Sources */, + 93D1676D1D57EB8400330C99 /* PreferencesViewController.m in Sources */, + 93D1677C1D58228A00330C99 /* AppDelegate.m in Sources */, + 93D167731D58093C00330C99 /* NetworkInfoCell.m in Sources */, + 93D167661D54308200330C99 /* Network.m in Sources */, + 93D167791D5815E600330C99 /* JoinNetworkViewController.m in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXSourcesBuildPhase section */ + +/* Begin PBXVariantGroup section */ + 93326BDF1CE7C816005CA2AC /* MainMenu.xib */ = { + isa = PBXVariantGroup; + children = ( + 93326BE01CE7C816005CA2AC /* Base */, + ); + name = MainMenu.xib; + sourceTree = "<group>"; + }; +/* End PBXVariantGroup section */ + +/* Begin XCBuildConfiguration section */ + 93326BE31CE7C816005CA2AC /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + ALWAYS_SEARCH_USER_PATHS = NO; + CLANG_ANALYZER_NONNULL = YES; + CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x"; + CLANG_CXX_LIBRARY = "libc++"; + CLANG_ENABLE_MODULES = YES; + CLANG_ENABLE_OBJC_ARC = YES; + CLANG_WARN_BOOL_CONVERSION = YES; + CLANG_WARN_CONSTANT_CONVERSION = YES; + CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; + CLANG_WARN_EMPTY_BODY = YES; + CLANG_WARN_ENUM_CONVERSION = YES; + CLANG_WARN_INFINITE_RECURSION = YES; + CLANG_WARN_INT_CONVERSION = YES; + CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; + CLANG_WARN_SUSPICIOUS_MOVE = YES; + CLANG_WARN_UNREACHABLE_CODE = YES; + CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; + CODE_SIGN_IDENTITY = "-"; + COPY_PHASE_STRIP = NO; + DEBUG_INFORMATION_FORMAT = dwarf; + ENABLE_STRICT_OBJC_MSGSEND = YES; + ENABLE_TESTABILITY = YES; + GCC_C_LANGUAGE_STANDARD = gnu99; + GCC_DYNAMIC_NO_PIC = NO; + GCC_NO_COMMON_BLOCKS = YES; + GCC_OPTIMIZATION_LEVEL = 0; + GCC_PREPROCESSOR_DEFINITIONS = ( + "DEBUG=1", + "$(inherited)", + ); + GCC_WARN_64_TO_32_BIT_CONVERSION = YES; + GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; + GCC_WARN_UNDECLARED_SELECTOR = YES; + GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; + GCC_WARN_UNUSED_FUNCTION = YES; + GCC_WARN_UNUSED_VARIABLE = YES; + MACOSX_DEPLOYMENT_TARGET = 10.11; + MTL_ENABLE_DEBUG_INFO = YES; + ONLY_ACTIVE_ARCH = YES; + SDKROOT = macosx; + SWIFT_OPTIMIZATION_LEVEL = "-Onone"; + }; + name = Debug; + }; + 93326BE41CE7C816005CA2AC /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + ALWAYS_SEARCH_USER_PATHS = NO; + CLANG_ANALYZER_NONNULL = YES; + CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x"; + CLANG_CXX_LIBRARY = "libc++"; + CLANG_ENABLE_MODULES = YES; + CLANG_ENABLE_OBJC_ARC = YES; + CLANG_WARN_BOOL_CONVERSION = YES; + CLANG_WARN_CONSTANT_CONVERSION = YES; + CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; + CLANG_WARN_EMPTY_BODY = YES; + CLANG_WARN_ENUM_CONVERSION = YES; + CLANG_WARN_INFINITE_RECURSION = YES; + CLANG_WARN_INT_CONVERSION = YES; + CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; + CLANG_WARN_SUSPICIOUS_MOVE = YES; + CLANG_WARN_UNREACHABLE_CODE = YES; + CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; + CODE_SIGN_IDENTITY = "-"; + COPY_PHASE_STRIP = NO; + DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; + ENABLE_NS_ASSERTIONS = NO; + ENABLE_STRICT_OBJC_MSGSEND = YES; + GCC_C_LANGUAGE_STANDARD = gnu99; + GCC_NO_COMMON_BLOCKS = YES; + GCC_WARN_64_TO_32_BIT_CONVERSION = YES; + GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; + GCC_WARN_UNDECLARED_SELECTOR = YES; + GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; + GCC_WARN_UNUSED_FUNCTION = YES; + GCC_WARN_UNUSED_VARIABLE = YES; + MACOSX_DEPLOYMENT_TARGET = 10.11; + MTL_ENABLE_DEBUG_INFO = NO; + SDKROOT = macosx; + }; + name = Release; + }; + 93326BE61CE7C816005CA2AC /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + CLANG_ENABLE_MODULES = YES; + COMBINE_HIDPI_IMAGES = YES; + INFOPLIST_FILE = "ZeroTier One/Info.plist"; + LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/../Frameworks"; + MACOSX_DEPLOYMENT_TARGET = 10.7; + PRODUCT_BUNDLE_IDENTIFIER = "com.zerotier.ZeroTier-One"; + PRODUCT_NAME = "$(TARGET_NAME)"; + SWIFT_OBJC_BRIDGING_HEADER = "ZeroTier One/ZeroTier One-Bridging-Header.h"; + SWIFT_OPTIMIZATION_LEVEL = "-Onone"; + }; + name = Debug; + }; + 93326BE71CE7C816005CA2AC /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + CLANG_ENABLE_MODULES = YES; + COMBINE_HIDPI_IMAGES = YES; + INFOPLIST_FILE = "ZeroTier One/Info.plist"; + LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/../Frameworks"; + MACOSX_DEPLOYMENT_TARGET = 10.7; + PRODUCT_BUNDLE_IDENTIFIER = "com.zerotier.ZeroTier-One"; + PRODUCT_NAME = "$(TARGET_NAME)"; + SWIFT_OBJC_BRIDGING_HEADER = "ZeroTier One/ZeroTier One-Bridging-Header.h"; + }; + name = Release; + }; +/* End XCBuildConfiguration section */ + +/* Begin XCConfigurationList section */ + 93326BD31CE7C816005CA2AC /* Build configuration list for PBXProject "ZeroTier One" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + 93326BE31CE7C816005CA2AC /* Debug */, + 93326BE41CE7C816005CA2AC /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; + 93326BE51CE7C816005CA2AC /* Build configuration list for PBXNativeTarget "ZeroTier One" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + 93326BE61CE7C816005CA2AC /* Debug */, + 93326BE71CE7C816005CA2AC /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; +/* End XCConfigurationList section */ + }; + rootObject = 93326BD01CE7C816005CA2AC /* Project object */; +} diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.xcworkspace/contents.xcworkspacedata b/macui/ZeroTier One.xcodeproj/project.xcworkspace/contents.xcworkspacedata index 88f36fc7..fd60338e 100644 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap.xcodeproj/project.xcworkspace/contents.xcworkspacedata +++ b/macui/ZeroTier One.xcodeproj/project.xcworkspace/contents.xcworkspacedata @@ -2,6 +2,6 @@ <Workspace version = "1.0"> <FileRef - location = "self:MacGap.xcodeproj"> + location = "self:ZeroTier One.xcodeproj"> </FileRef> </Workspace> diff --git a/macui/ZeroTier One/AboutViewController.h b/macui/ZeroTier One/AboutViewController.h new file mode 100644 index 00000000..d3d5bc14 --- /dev/null +++ b/macui/ZeroTier One/AboutViewController.h @@ -0,0 +1,33 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import <Cocoa/Cocoa.h> +#import <WebKit/WebKit.h> + +@interface AboutViewController : NSViewController <WebPolicyDelegate> + +@property (nonatomic, weak) IBOutlet WebView *webView; + +- (void)viewDidLoad; + +- (void)webView:(WebView *)webView decidePolicyForNavigationAction:(NSDictionary *)actionInformation + request:(NSURLRequest *)request + frame:(WebFrame *)frame +decisionListener:(id<WebPolicyDecisionListener>)listener; + +@end diff --git a/macui/ZeroTier One/AboutViewController.m b/macui/ZeroTier One/AboutViewController.m new file mode 100644 index 00000000..7f92977d --- /dev/null +++ b/macui/ZeroTier One/AboutViewController.m @@ -0,0 +1,57 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import "AboutViewController.h" + +@interface AboutViewController () + +@end + +@implementation AboutViewController + +- (void)viewDidLoad { + [super viewDidLoad]; + + [self.webView setWantsLayer:YES]; + self.webView.layer.borderWidth = 1.0f; + [self.webView.layer setCornerRadius:1.0f]; + self.webView.layer.masksToBounds = YES; + [self.webView.layer setBorderColor:[[NSColor darkGrayColor] CGColor]]; + self.webView.policyDelegate = self; + + NSBundle *bundle = [NSBundle mainBundle]; + NSURL *path = [bundle URLForResource:@"about" withExtension:@"html"]; + if(path) { + [self.webView.mainFrame loadRequest:[NSURLRequest requestWithURL:path]]; + } +} + +- (void)webView:(WebView *)webView decidePolicyForNavigationAction:(NSDictionary *)actionInformation + request:(NSURLRequest *)request + frame:(WebFrame *)frame +decisionListener:(id<WebPolicyDecisionListener>)listener +{ + if(request.URL != nil && request.URL.host != nil) { + [[NSWorkspace sharedWorkspace] openURL:request.URL]; + } + else { + [listener use]; + } +} + +@end diff --git a/macui/ZeroTier One/AboutViewController.xib b/macui/ZeroTier One/AboutViewController.xib new file mode 100644 index 00000000..a0df0fcf --- /dev/null +++ b/macui/ZeroTier One/AboutViewController.xib @@ -0,0 +1,31 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<document type="com.apple.InterfaceBuilder3.Cocoa.XIB" version="3.0" toolsVersion="10116" systemVersion="15G31" targetRuntime="MacOSX.Cocoa" propertyAccessControl="none" useAutolayout="YES" customObjectInstantitationMethod="direct"> + <dependencies> + <deployment identifier="macosx"/> + <plugIn identifier="com.apple.InterfaceBuilder.CocoaPlugin" version="10116"/> + <plugIn identifier="com.apple.WebKitIBPlugin" version="10116"/> + </dependencies> + <objects> + <customObject id="-2" userLabel="File's Owner" customClass="AboutViewController" customModule="ZeroTier_One" customModuleProvider="target"> + <connections> + <outlet property="view" destination="Hz6-mo-xeY" id="0bl-1N-x8E"/> + <outlet property="webView" destination="3BS-QW-rZO" id="ucY-A9-7p7"/> + </connections> + </customObject> + <customObject id="-1" userLabel="First Responder" customClass="FirstResponder"/> + <customObject id="-3" userLabel="Application" customClass="NSObject"/> + <customView id="Hz6-mo-xeY"> + <rect key="frame" x="0.0" y="0.0" width="480" height="480"/> + <autoresizingMask key="autoresizingMask" flexibleMaxX="YES" flexibleMinY="YES"/> + <subviews> + <webView fixedFrame="YES" translatesAutoresizingMaskIntoConstraints="NO" id="3BS-QW-rZO"> + <rect key="frame" x="20" y="20" width="440" height="440"/> + <webPreferences key="preferences" defaultFontSize="16" defaultFixedFontSize="13" minimumFontSize="0"> + <nil key="identifier"/> + </webPreferences> + </webView> + </subviews> + <point key="canvasLocation" x="463" y="570"/> + </customView> + </objects> +</document> diff --git a/macui/ZeroTier One/AppDelegate.h b/macui/ZeroTier One/AppDelegate.h new file mode 100644 index 00000000..a00cfba9 --- /dev/null +++ b/macui/ZeroTier One/AppDelegate.h @@ -0,0 +1,61 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import <Cocoa/Cocoa.h> + +@class NetworkMonitor; +@class Network; +@class NodeStatus; + +@interface AppDelegate : NSObject <NSApplicationDelegate> + +@property (weak, nonatomic) IBOutlet NSWindow *window; + +@property (nonatomic) NSStatusItem *statusItem; + +@property (nonatomic) NSPopover *networkListPopover; +@property (nonatomic) NSPopover *joinNetworkPopover; +@property (nonatomic) NSPopover *preferencesPopover; +@property (nonatomic) NSPopover *aboutPopover; + +@property (nonatomic) id transientMonitor; + +@property (nonatomic) NetworkMonitor *monitor; + +@property (nonatomic) NSMutableArray<Network*> *networks; + +@property (nonatomic) NodeStatus *status; + +- (void)buildMenu; + +- (void)onNetworkListUpdated:(NSNotification*)note; +- (void)onNodeStatusUpdated:(NSNotification*)note; + +- (void)showNetworks; +- (void)joinNetwork; +- (void)showPreferences; +- (void)showAbout; +- (void)quit; +- (void)toggleNetwork:(NSMenuItem*)sender; +- (void)copyNodeID; + +- (void)closeJoinNetworkPopover; + +- (void)darkModeChanged:(NSNotification*)note; + +@end diff --git a/macui/ZeroTier One/AppDelegate.m b/macui/ZeroTier One/AppDelegate.m new file mode 100644 index 00000000..5da6b354 --- /dev/null +++ b/macui/ZeroTier One/AppDelegate.m @@ -0,0 +1,339 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import "AppDelegate.h" +#import "NetworkMonitor.h" +#import "Network.h" +#import "NodeStatus.h" +#import "JoinNetworkViewController.h" +#import "ShowNetworksViewController.h" +#import "PreferencesViewController.h" +#import "AboutViewController.h" +#import "ServiceCom.h" + +@implementation AppDelegate + +- (void)applicationDidFinishLaunching:(NSNotification *)aNotification { + self.statusItem = [[NSStatusBar systemStatusBar] statusItemWithLength:-2.0f]; + self.networkListPopover = [[NSPopover alloc] init]; + self.joinNetworkPopover = [[NSPopover alloc] init]; + self.preferencesPopover = [[NSPopover alloc] init]; + self.aboutPopover = [[NSPopover alloc] init]; + self.transientMonitor = nil; + self.monitor = [[NetworkMonitor alloc] init]; + self.networks = [NSMutableArray<Network*> array]; + self.status = nil; + + NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults]; + NSDictionary *defaultsDict = [NSDictionary dictionaryWithObject:[NSNumber numberWithBool:YES] forKey:@"firstRun"]; + [defaults registerDefaults:defaultsDict]; + + NSNotificationCenter *nc = [NSNotificationCenter defaultCenter]; + + [nc addObserver:self + selector:@selector(onNetworkListUpdated:) + name:NetworkUpdateKey + object:nil]; + [nc addObserver:self + selector:@selector(onNodeStatusUpdated:) + name:StatusUpdateKey + object:nil]; + + NSString *osxMode = [defaults stringForKey:@"AppleInterfaceStyle"]; + + if(osxMode != nil && [osxMode isEqualToString:@"Dark"]) { + self.statusItem.image = [NSImage imageNamed:@"MenuBarIconMacWhite"]; + } + else { + self.statusItem.image = [NSImage imageNamed:@"MenuBarIconMac"]; + } + + [[NSDistributedNotificationCenter defaultCenter] addObserver:self + selector:@selector(darkModeChanged:) + name:@"AppleInterfaceThemeChangedNotification" + object:nil]; + + [self buildMenu]; + JoinNetworkViewController *jnvc = [[JoinNetworkViewController alloc] initWithNibName:@"JoinNetworkViewController" bundle:nil]; + jnvc.appDelegate = self; + self.joinNetworkPopover.contentViewController = jnvc; + self.joinNetworkPopover.behavior = NSPopoverBehaviorTransient; + + ShowNetworksViewController *showNetworksView = [[ShowNetworksViewController alloc] initWithNibName:@"ShowNetworksViewController" bundle:nil]; + showNetworksView.netMonitor = self.monitor; + self.networkListPopover.contentViewController = showNetworksView; + self.networkListPopover.behavior = NSPopoverBehaviorTransient; + + PreferencesViewController *prefsView = [[PreferencesViewController alloc] initWithNibName:@"PreferencesViewController" bundle:nil]; + self.preferencesPopover.contentViewController = prefsView; + self.preferencesPopover.behavior = NSPopoverBehaviorTransient; + + self.aboutPopover.contentViewController = [[AboutViewController alloc] initWithNibName:@"AboutViewController" bundle:nil]; + self.aboutPopover.behavior = NSPopoverBehaviorTransient; + + BOOL firstRun = [defaults boolForKey:@"firstRun"]; + + if(firstRun) { + [defaults setBool:NO forKey:@"firstRun"]; + [defaults synchronize]; + + [prefsView setLaunchAtLoginEnabled:YES]; + + dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), ^{ + sleep(2); + [[NSOperationQueue mainQueue] addOperationWithBlock:^{ + [self showAbout]; + }]; + }); + } + + [self.monitor updateNetworkInfo]; + [self.monitor start]; +} + +- (void)applicationWillTerminate:(NSNotification *)aNotification { + [[NSNotificationCenter defaultCenter] removeObserver:self]; + [[NSDistributedNotificationCenter defaultCenter] removeObserver:self + name:@"AppleInterfaceThemeChangedNotification" + object:nil]; +} + +- (void)showNetworks { + if(self.statusItem.button != nil) { + NSStatusBarButton *button = self.statusItem.button; + [self.networkListPopover showRelativeToRect:button.bounds + ofView:button + preferredEdge:NSMinYEdge]; + + if(self.transientMonitor == nil) { + self.transientMonitor = + [NSEvent addGlobalMonitorForEventsMatchingMask:(NSLeftMouseDown|NSRightMouseDown|NSOtherMouseDown) + handler:^(NSEvent * _Nonnull e) { + [NSEvent removeMonitor:self.transientMonitor]; + self.transientMonitor = nil; + [self.networkListPopover close]; + }]; + } + } +} + +- (void)joinNetwork { + if(self.statusItem.button != nil) { + NSStatusBarButton *button = self.statusItem.button; + [self.joinNetworkPopover showRelativeToRect:button.bounds + ofView:button + preferredEdge:NSMinYEdge]; + if(self.transientMonitor == nil) { + self.transientMonitor = + [NSEvent addGlobalMonitorForEventsMatchingMask:(NSLeftMouseDown|NSRightMouseDown|NSOtherMouseDown) + handler:^(NSEvent * _Nonnull e) { + [NSEvent removeMonitor:self.transientMonitor]; + self.transientMonitor = nil; + [self.joinNetworkPopover close]; + }]; + } + } +} + +- (void)showPreferences { + if(self.statusItem.button != nil) { + NSStatusBarButton *button = self.statusItem.button; + [self.preferencesPopover showRelativeToRect:button.bounds + ofView:button + preferredEdge:NSMinYEdge]; + if(self.transientMonitor == nil) { + [NSEvent addGlobalMonitorForEventsMatchingMask:(NSLeftMouseDown|NSRightMouseDown|NSOtherMouseDown) + handler:^(NSEvent * _Nonnull e) { + [NSEvent removeMonitor:self.transientMonitor]; + self.transientMonitor = nil; + [self.preferencesPopover close]; + }]; + } + } +} + +- (void)showAbout { + if(self.statusItem.button != nil) { + NSStatusBarButton *button = self.statusItem.button; + [self.aboutPopover showRelativeToRect:button.bounds + ofView:button + preferredEdge:NSMinYEdge]; + if(self.transientMonitor == nil) { + [NSEvent addGlobalMonitorForEventsMatchingMask:(NSLeftMouseDown|NSRightMouseDown|NSOtherMouseDown) + handler:^(NSEvent * _Nonnull e) { + [NSEvent removeMonitor:self.transientMonitor]; + self.transientMonitor = nil; + [self.aboutPopover close]; + }]; + } + } + +} + +- (void)quit { + [NSApp performSelector:@selector(terminate:) withObject:nil afterDelay:0.0]; +} + +- (void)onNetworkListUpdated:(NSNotification*)note { + NSArray<Network*> *netList = [note.userInfo objectForKey:@"networks"]; + [(ShowNetworksViewController*)self.networkListPopover.contentViewController setNetworks:netList]; + self.networks = [netList mutableCopy]; + + [self buildMenu]; +} + +- (void)onNodeStatusUpdated:(NSNotification*)note { + NodeStatus *status = [note.userInfo objectForKey:@"status"]; + self.status = status; + + [self buildMenu]; +} + +- (void)buildMenu { + NSMenu *menu = [[NSMenu alloc] init]; + + if(self.status != nil) { + NSString *nodeId = @"Node ID: "; + nodeId = [nodeId stringByAppendingString:self.status.address]; + [menu addItem:[[NSMenuItem alloc] initWithTitle:nodeId + action:@selector(copyNodeID) + keyEquivalent:@""]]; + [menu addItem:[NSMenuItem separatorItem]]; + } + + [menu addItem:[[NSMenuItem alloc] initWithTitle:@"Network Details..." + action:@selector(showNetworks) + keyEquivalent:@"n"]]; + [menu addItem:[[NSMenuItem alloc] initWithTitle:@"Join Network..." + action:@selector(joinNetwork) + keyEquivalent:@"j"]]; + + [menu addItem:[NSMenuItem separatorItem]]; + + if([self.networks count] > 0) { + for(Network *net in self.networks) { + NSString *nwid = [NSString stringWithFormat:@"%10llx", net.nwid]; + NSString *networkName = @""; + if([net.name lengthOfBytesUsingEncoding:NSUTF8StringEncoding] == 0) { + networkName = nwid; + } + else { + networkName = [NSString stringWithFormat:@"%@ (%@)", nwid, net.name]; + } + + if(net.allowDefault && net.connected) { + networkName = [networkName stringByAppendingString:@" [default]"]; + } + + NSMenuItem *item = [[NSMenuItem alloc] initWithTitle:networkName + action:@selector(toggleNetwork:) + keyEquivalent:@""]; + if(net.connected) { + item.state = NSOnState; + } + else { + item.state = NSOffState; + } + + item.representedObject = net; + + [menu addItem:item]; + } + + [menu addItem:[NSMenuItem separatorItem]]; + } + + [menu addItem:[[NSMenuItem alloc] initWithTitle:@"About ZeroTier One..." + action:@selector(showAbout) + keyEquivalent:@""]]; + [menu addItem:[[NSMenuItem alloc] initWithTitle:@"Preferences..." + action:@selector(showPreferences) + keyEquivalent:@""]]; + + [menu addItem:[NSMenuItem separatorItem]]; + + [menu addItem:[[NSMenuItem alloc] initWithTitle:@"Quit" + action:@selector(quit) + keyEquivalent:@"q"]]; + + self.statusItem.menu = menu; +} + +- (void)toggleNetwork:(NSMenuItem*)sender { + Network *network = sender.representedObject; + NSString *nwid = [NSString stringWithFormat:@"%10llx", network.nwid]; + + if(network.connected) { + NSError *error = nil; + + [[ServiceCom sharedInstance] leaveNetwork:nwid error:&error]; + + if (error) { + NSAlert *alert = [NSAlert alertWithError:error]; + alert.alertStyle = NSCriticalAlertStyle; + [alert addButtonWithTitle:@"Ok"]; + + [alert runModal]; + } + } + else { + NSError *error = nil; + [[ServiceCom sharedInstance] joinNetwork:nwid + allowManaged:network.allowManaged + allowGlobal:network.allowGlobal + allowDefault:(network.allowDefault && ![Network defaultRouteExists:self.networks]) + error:&error]; + + if (error) { + NSAlert *alert = [NSAlert alertWithError:error]; + alert.alertStyle = NSCriticalAlertStyle; + [alert addButtonWithTitle:@"Ok"]; + + [alert runModal]; + } + } +} + +- (void)copyNodeID { + if(self.status != nil) { + NSPasteboard *pasteboard = [NSPasteboard generalPasteboard]; + [pasteboard declareTypes:[NSArray arrayWithObject:NSPasteboardTypeString] owner:nil]; + [pasteboard setString:self.status.address forType:NSPasteboardTypeString]; + } +} + +- (void)darkModeChanged:(NSNotification*)note { + NSString *osxMode = [[NSUserDefaults standardUserDefaults] stringForKey:@"AppleInterfaceStyle"]; + + if(osxMode != nil && [osxMode isEqualToString:@"Dark"]) { + self.statusItem.image = [NSImage imageNamed:@"MenuBarIconMacWhite"]; + } + else { + self.statusItem.image = [NSImage imageNamed:@"MenuBarIconMac"]; + } +} + +- (void)closeJoinNetworkPopover { + if (self.transientMonitor) { + [NSEvent removeMonitor:self.transientMonitor]; + self.transientMonitor = nil; + } + [self.joinNetworkPopover close]; +} + +@end diff --git a/macui/ZeroTier One/Assets.xcassets/AppIcon.appiconset/Contents.json b/macui/ZeroTier One/Assets.xcassets/AppIcon.appiconset/Contents.json new file mode 100644 index 00000000..24c81d35 --- /dev/null +++ b/macui/ZeroTier One/Assets.xcassets/AppIcon.appiconset/Contents.json @@ -0,0 +1,59 @@ +{ + "images" : [ + { + "idiom" : "mac", + "size" : "16x16", + "scale" : "1x" + }, + { + "idiom" : "mac", + "size" : "16x16", + "scale" : "2x" + }, + { + "idiom" : "mac", + "size" : "32x32", + "scale" : "1x" + }, + { + "idiom" : "mac", + "size" : "32x32", + "scale" : "2x" + }, + { + "idiom" : "mac", + "size" : "128x128", + "scale" : "1x" + }, + { + "idiom" : "mac", + "size" : "128x128", + "scale" : "2x" + }, + { + "idiom" : "mac", + "size" : "256x256", + "scale" : "1x" + }, + { + "idiom" : "mac", + "size" : "256x256", + "scale" : "2x" + }, + { + "size" : "512x512", + "idiom" : "mac", + "filename" : "ZeroTierIcon512x512.png", + "scale" : "1x" + }, + { + "idiom" : "mac", + "size" : "512x512", + "scale" : "2x" + } + ], + "info" : { + "version" : 1, + "author" : "xcode" + } +}
\ No newline at end of file diff --git a/macui/ZeroTier One/Assets.xcassets/AppIcon.appiconset/ZeroTierIcon512x512.png b/macui/ZeroTier One/Assets.xcassets/AppIcon.appiconset/ZeroTierIcon512x512.png Binary files differnew file mode 100644 index 00000000..d225c2e3 --- /dev/null +++ b/macui/ZeroTier One/Assets.xcassets/AppIcon.appiconset/ZeroTierIcon512x512.png diff --git a/macui/ZeroTier One/Assets.xcassets/Contents.json b/macui/ZeroTier One/Assets.xcassets/Contents.json new file mode 100644 index 00000000..da4a164c --- /dev/null +++ b/macui/ZeroTier One/Assets.xcassets/Contents.json @@ -0,0 +1,6 @@ +{ + "info" : { + "version" : 1, + "author" : "xcode" + } +}
\ No newline at end of file diff --git a/macui/ZeroTier One/Assets.xcassets/MenuBarIconMac.imageset/Contents.json b/macui/ZeroTier One/Assets.xcassets/MenuBarIconMac.imageset/Contents.json new file mode 100644 index 00000000..a680b58b --- /dev/null +++ b/macui/ZeroTier One/Assets.xcassets/MenuBarIconMac.imageset/Contents.json @@ -0,0 +1,21 @@ +{ + "images" : [ + { + "idiom" : "mac", + "filename" : "Menubar.png", + "scale" : "1x" + }, + { + "idiom" : "mac", + "filename" : "MenuBar@2x.png", + "scale" : "2x" + } + ], + "info" : { + "version" : 1, + "author" : "xcode" + }, + "properties" : { + "template-rendering-intent" : "template" + } +}
\ No newline at end of file diff --git a/macui/ZeroTier One/Assets.xcassets/MenuBarIconMac.imageset/MenuBar@2x.png b/macui/ZeroTier One/Assets.xcassets/MenuBarIconMac.imageset/MenuBar@2x.png Binary files differnew file mode 100644 index 00000000..9fd3d3de --- /dev/null +++ b/macui/ZeroTier One/Assets.xcassets/MenuBarIconMac.imageset/MenuBar@2x.png diff --git a/macui/ZeroTier One/Assets.xcassets/MenuBarIconMac.imageset/Menubar.png b/macui/ZeroTier One/Assets.xcassets/MenuBarIconMac.imageset/Menubar.png Binary files differnew file mode 100644 index 00000000..ee0d7e3f --- /dev/null +++ b/macui/ZeroTier One/Assets.xcassets/MenuBarIconMac.imageset/Menubar.png diff --git a/macui/ZeroTier One/Assets.xcassets/MenuBarIconMacWhite.imageset/Contents.json b/macui/ZeroTier One/Assets.xcassets/MenuBarIconMacWhite.imageset/Contents.json new file mode 100644 index 00000000..61737760 --- /dev/null +++ b/macui/ZeroTier One/Assets.xcassets/MenuBarIconMacWhite.imageset/Contents.json @@ -0,0 +1,21 @@ +{ + "images" : [ + { + "idiom" : "mac", + "filename" : "MenubarWhite.png", + "scale" : "1x" + }, + { + "idiom" : "mac", + "filename" : "MenubarWhite@2x.png", + "scale" : "2x" + } + ], + "info" : { + "version" : 1, + "author" : "xcode" + }, + "properties" : { + "template-rendering-intent" : "template" + } +}
\ No newline at end of file diff --git a/macui/ZeroTier One/Assets.xcassets/MenuBarIconMacWhite.imageset/MenubarWhite.png b/macui/ZeroTier One/Assets.xcassets/MenuBarIconMacWhite.imageset/MenubarWhite.png Binary files differnew file mode 100644 index 00000000..7049ae55 --- /dev/null +++ b/macui/ZeroTier One/Assets.xcassets/MenuBarIconMacWhite.imageset/MenubarWhite.png diff --git a/macui/ZeroTier One/Assets.xcassets/MenuBarIconMacWhite.imageset/MenubarWhite@2x.png b/macui/ZeroTier One/Assets.xcassets/MenuBarIconMacWhite.imageset/MenubarWhite@2x.png Binary files differnew file mode 100644 index 00000000..8c20e36f --- /dev/null +++ b/macui/ZeroTier One/Assets.xcassets/MenuBarIconMacWhite.imageset/MenubarWhite@2x.png diff --git a/macui/ZeroTier One/AuthtokenCopy.h b/macui/ZeroTier One/AuthtokenCopy.h new file mode 100644 index 00000000..f0497cc6 --- /dev/null +++ b/macui/ZeroTier One/AuthtokenCopy.h @@ -0,0 +1,26 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef AuthtokenCopy_h +#define AuthtokenCopy_h + +#import <Foundation/Foundation.h> + +NSString* getAdminAuthToken(AuthorizationRef authRef); + +#endif /* AuthtokenCopy_h */ diff --git a/macui/ZeroTier One/AuthtokenCopy.m b/macui/ZeroTier One/AuthtokenCopy.m new file mode 100644 index 00000000..a10350f7 --- /dev/null +++ b/macui/ZeroTier One/AuthtokenCopy.m @@ -0,0 +1,97 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import <Foundation/Foundation.h> + +#import "AuthtokenCopy.h" + + +NSString* getAdminAuthToken(AuthorizationRef authRef) { + char *tool = "/bin/cat"; + char *args[] = { "/Library/Application Support/ZeroTier/One/authtoken.secret", NULL}; + FILE *pipe = nil; + char token[25]; + memset(token, 0, sizeof(char)*25); + + + OSStatus status = AuthorizationExecuteWithPrivileges(authRef, tool, kAuthorizationFlagDefaults, args, &pipe); + + if (status != errAuthorizationSuccess) { + NSLog(@"Reading authtoken failed!"); + + + switch(status) { + case errAuthorizationDenied: + NSLog(@"Autorization Denied"); + break; + case errAuthorizationCanceled: + NSLog(@"Authorization Canceled"); + break; + case errAuthorizationInternal: + NSLog(@"Authorization Internal"); + break; + case errAuthorizationBadAddress: + NSLog(@"Bad Address"); + break; + case errAuthorizationInvalidRef: + NSLog(@"Invalid Ref"); + break; + case errAuthorizationInvalidSet: + NSLog(@"Invalid Set"); + break; + case errAuthorizationInvalidTag: + NSLog(@"Invalid Tag"); + break; + case errAuthorizationInvalidFlags: + NSLog(@"Invalid Flags"); + break; + case errAuthorizationInvalidPointer: + NSLog(@"Invalid Pointer"); + break; + case errAuthorizationToolExecuteFailure: + NSLog(@"Tool Execute Failure"); + break; + case errAuthorizationToolEnvironmentError: + NSLog(@"Tool Environment Failure"); + break; + case errAuthorizationExternalizeNotAllowed: + NSLog(@"Externalize Not Allowed"); + break; + case errAuthorizationInteractionNotAllowed: + NSLog(@"Interaction Not Allowed"); + break; + case errAuthorizationInternalizeNotAllowed: + NSLog(@"Internalize Not Allowed"); + break; + default: + NSLog(@"Unknown Error"); + break; + } + + return @""; + } + + if(pipe != nil) { + fread(&token, sizeof(char), 24, pipe); + fclose(pipe); + + return [NSString stringWithUTF8String:token]; + } + + return @""; +} diff --git a/macui/ZeroTier One/Base.lproj/MainMenu.xib b/macui/ZeroTier One/Base.lproj/MainMenu.xib new file mode 100644 index 00000000..6b6da2a6 --- /dev/null +++ b/macui/ZeroTier One/Base.lproj/MainMenu.xib @@ -0,0 +1,680 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<document type="com.apple.InterfaceBuilder3.Cocoa.XIB" version="3.0" toolsVersion="10116" systemVersion="15G31" targetRuntime="MacOSX.Cocoa" propertyAccessControl="none" useAutolayout="YES" customObjectInstantitationMethod="direct"> + <dependencies> + <plugIn identifier="com.apple.InterfaceBuilder.CocoaPlugin" version="10116"/> + </dependencies> + <objects> + <customObject id="-2" userLabel="File's Owner" customClass="NSApplication"> + <connections> + <outlet property="delegate" destination="Voe-Tx-rLC" id="GzC-gU-4Uq"/> + </connections> + </customObject> + <customObject id="-1" userLabel="First Responder" customClass="FirstResponder"/> + <customObject id="-3" userLabel="Application" customClass="NSObject"/> + <customObject id="Voe-Tx-rLC" customClass="AppDelegate"> + <connections> + <outlet property="window" destination="QvC-M9-y7g" id="gIp-Ho-8D9"/> + </connections> + </customObject> + <customObject id="YLy-65-1bz" customClass="NSFontManager"/> + <menu title="Main Menu" systemMenu="main" id="AYu-sK-qS6"> + <items> + <menuItem title="ZeroTier One" id="1Xt-HY-uBw"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="ZeroTier One" systemMenu="apple" id="uQy-DD-JDr"> + <items> + <menuItem title="About ZeroTier One" id="5kV-Vb-QxS"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="orderFrontStandardAboutPanel:" target="-1" id="Exp-CZ-Vem"/> + </connections> + </menuItem> + <menuItem isSeparatorItem="YES" id="VOq-y0-SEH"/> + <menuItem title="Preferences…" keyEquivalent="," id="BOF-NM-1cW"/> + <menuItem isSeparatorItem="YES" id="wFC-TO-SCJ"/> + <menuItem title="Services" id="NMo-om-nkz"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="Services" systemMenu="services" id="hz9-B4-Xy5"/> + </menuItem> + <menuItem isSeparatorItem="YES" id="4je-JR-u6R"/> + <menuItem title="Hide ZeroTier One" keyEquivalent="h" id="Olw-nP-bQN"> + <connections> + <action selector="hide:" target="-1" id="PnN-Uc-m68"/> + </connections> + </menuItem> + <menuItem title="Hide Others" keyEquivalent="h" id="Vdr-fp-XzO"> + <modifierMask key="keyEquivalentModifierMask" option="YES" command="YES"/> + <connections> + <action selector="hideOtherApplications:" target="-1" id="VT4-aY-XCT"/> + </connections> + </menuItem> + <menuItem title="Show All" id="Kd2-mp-pUS"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="unhideAllApplications:" target="-1" id="Dhg-Le-xox"/> + </connections> + </menuItem> + <menuItem isSeparatorItem="YES" id="kCx-OE-vgT"/> + <menuItem title="Quit ZeroTier One" keyEquivalent="q" id="4sb-4s-VLi"> + <connections> + <action selector="terminate:" target="-1" id="Te7-pn-YzF"/> + </connections> + </menuItem> + </items> + </menu> + </menuItem> + <menuItem title="File" id="dMs-cI-mzQ"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="File" id="bib-Uj-vzu"> + <items> + <menuItem title="New" keyEquivalent="n" id="Was-JA-tGl"> + <connections> + <action selector="newDocument:" target="-1" id="4Si-XN-c54"/> + </connections> + </menuItem> + <menuItem title="Open…" keyEquivalent="o" id="IAo-SY-fd9"> + <connections> + <action selector="openDocument:" target="-1" id="bVn-NM-KNZ"/> + </connections> + </menuItem> + <menuItem title="Open Recent" id="tXI-mr-wws"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="Open Recent" systemMenu="recentDocuments" id="oas-Oc-fiZ"> + <items> + <menuItem title="Clear Menu" id="vNY-rz-j42"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="clearRecentDocuments:" target="-1" id="Daa-9d-B3U"/> + </connections> + </menuItem> + </items> + </menu> + </menuItem> + <menuItem isSeparatorItem="YES" id="m54-Is-iLE"/> + <menuItem title="Close" keyEquivalent="w" id="DVo-aG-piG"> + <connections> + <action selector="performClose:" target="-1" id="HmO-Ls-i7Q"/> + </connections> + </menuItem> + <menuItem title="Save…" keyEquivalent="s" id="pxx-59-PXV"> + <connections> + <action selector="saveDocument:" target="-1" id="teZ-XB-qJY"/> + </connections> + </menuItem> + <menuItem title="Save As…" keyEquivalent="S" id="Bw7-FT-i3A"> + <connections> + <action selector="saveDocumentAs:" target="-1" id="mDf-zr-I0C"/> + </connections> + </menuItem> + <menuItem title="Revert to Saved" id="KaW-ft-85H"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="revertDocumentToSaved:" target="-1" id="iJ3-Pv-kwq"/> + </connections> + </menuItem> + <menuItem isSeparatorItem="YES" id="aJh-i4-bef"/> + <menuItem title="Page Setup…" keyEquivalent="P" id="qIS-W8-SiK"> + <modifierMask key="keyEquivalentModifierMask" shift="YES" command="YES"/> + <connections> + <action selector="runPageLayout:" target="-1" id="Din-rz-gC5"/> + </connections> + </menuItem> + <menuItem title="Print…" keyEquivalent="p" id="aTl-1u-JFS"> + <connections> + <action selector="print:" target="-1" id="qaZ-4w-aoO"/> + </connections> + </menuItem> + </items> + </menu> + </menuItem> + <menuItem title="Edit" id="5QF-Oa-p0T"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="Edit" id="W48-6f-4Dl"> + <items> + <menuItem title="Undo" keyEquivalent="z" id="dRJ-4n-Yzg"> + <connections> + <action selector="undo:" target="-1" id="M6e-cu-g7V"/> + </connections> + </menuItem> + <menuItem title="Redo" keyEquivalent="Z" id="6dh-zS-Vam"> + <connections> + <action selector="redo:" target="-1" id="oIA-Rs-6OD"/> + </connections> + </menuItem> + <menuItem isSeparatorItem="YES" id="WRV-NI-Exz"/> + <menuItem title="Cut" keyEquivalent="x" id="uRl-iY-unG"> + <connections> + <action selector="cut:" target="-1" id="YJe-68-I9s"/> + </connections> + </menuItem> + <menuItem title="Copy" keyEquivalent="c" id="x3v-GG-iWU"> + <connections> + <action selector="copy:" target="-1" id="G1f-GL-Joy"/> + </connections> + </menuItem> + <menuItem title="Paste" keyEquivalent="v" id="gVA-U4-sdL"> + <connections> + <action selector="paste:" target="-1" id="UvS-8e-Qdg"/> + </connections> + </menuItem> + <menuItem title="Paste and Match Style" keyEquivalent="V" id="WeT-3V-zwk"> + <modifierMask key="keyEquivalentModifierMask" option="YES" command="YES"/> + <connections> + <action selector="pasteAsPlainText:" target="-1" id="cEh-KX-wJQ"/> + </connections> + </menuItem> + <menuItem title="Delete" id="pa3-QI-u2k"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="delete:" target="-1" id="0Mk-Ml-PaM"/> + </connections> + </menuItem> + <menuItem title="Select All" keyEquivalent="a" id="Ruw-6m-B2m"> + <connections> + <action selector="selectAll:" target="-1" id="VNm-Mi-diN"/> + </connections> + </menuItem> + <menuItem isSeparatorItem="YES" id="uyl-h8-XO2"/> + <menuItem title="Find" id="4EN-yA-p0u"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="Find" id="1b7-l0-nxx"> + <items> + <menuItem title="Find…" tag="1" keyEquivalent="f" id="Xz5-n4-O0W"> + <connections> + <action selector="performFindPanelAction:" target="-1" id="cD7-Qs-BN4"/> + </connections> + </menuItem> + <menuItem title="Find and Replace…" tag="12" keyEquivalent="f" id="YEy-JH-Tfz"> + <modifierMask key="keyEquivalentModifierMask" option="YES" command="YES"/> + <connections> + <action selector="performFindPanelAction:" target="-1" id="WD3-Gg-5AJ"/> + </connections> + </menuItem> + <menuItem title="Find Next" tag="2" keyEquivalent="g" id="q09-fT-Sye"> + <connections> + <action selector="performFindPanelAction:" target="-1" id="NDo-RZ-v9R"/> + </connections> + </menuItem> + <menuItem title="Find Previous" tag="3" keyEquivalent="G" id="OwM-mh-QMV"> + <connections> + <action selector="performFindPanelAction:" target="-1" id="HOh-sY-3ay"/> + </connections> + </menuItem> + <menuItem title="Use Selection for Find" tag="7" keyEquivalent="e" id="buJ-ug-pKt"> + <connections> + <action selector="performFindPanelAction:" target="-1" id="U76-nv-p5D"/> + </connections> + </menuItem> + <menuItem title="Jump to Selection" keyEquivalent="j" id="S0p-oC-mLd"> + <connections> + <action selector="centerSelectionInVisibleArea:" target="-1" id="IOG-6D-g5B"/> + </connections> + </menuItem> + </items> + </menu> + </menuItem> + <menuItem title="Spelling and Grammar" id="Dv1-io-Yv7"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="Spelling" id="3IN-sU-3Bg"> + <items> + <menuItem title="Show Spelling and Grammar" keyEquivalent=":" id="HFo-cy-zxI"> + <connections> + <action selector="showGuessPanel:" target="-1" id="vFj-Ks-hy3"/> + </connections> + </menuItem> + <menuItem title="Check Document Now" keyEquivalent=";" id="hz2-CU-CR7"> + <connections> + <action selector="checkSpelling:" target="-1" id="fz7-VC-reM"/> + </connections> + </menuItem> + <menuItem isSeparatorItem="YES" id="bNw-od-mp5"/> + <menuItem title="Check Spelling While Typing" id="rbD-Rh-wIN"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="toggleContinuousSpellChecking:" target="-1" id="7w6-Qz-0kB"/> + </connections> + </menuItem> + <menuItem title="Check Grammar With Spelling" id="mK6-2p-4JG"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="toggleGrammarChecking:" target="-1" id="muD-Qn-j4w"/> + </connections> + </menuItem> + <menuItem title="Correct Spelling Automatically" id="78Y-hA-62v"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="toggleAutomaticSpellingCorrection:" target="-1" id="2lM-Qi-WAP"/> + </connections> + </menuItem> + </items> + </menu> + </menuItem> + <menuItem title="Substitutions" id="9ic-FL-obx"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="Substitutions" id="FeM-D8-WVr"> + <items> + <menuItem title="Show Substitutions" id="z6F-FW-3nz"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="orderFrontSubstitutionsPanel:" target="-1" id="oku-mr-iSq"/> + </connections> + </menuItem> + <menuItem isSeparatorItem="YES" id="gPx-C9-uUO"/> + <menuItem title="Smart Copy/Paste" id="9yt-4B-nSM"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="toggleSmartInsertDelete:" target="-1" id="3IJ-Se-DZD"/> + </connections> + </menuItem> + <menuItem title="Smart Quotes" id="hQb-2v-fYv"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="toggleAutomaticQuoteSubstitution:" target="-1" id="ptq-xd-QOA"/> + </connections> + </menuItem> + <menuItem title="Smart Dashes" id="rgM-f4-ycn"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="toggleAutomaticDashSubstitution:" target="-1" id="oCt-pO-9gS"/> + </connections> + </menuItem> + <menuItem title="Smart Links" id="cwL-P1-jid"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="toggleAutomaticLinkDetection:" target="-1" id="Gip-E3-Fov"/> + </connections> + </menuItem> + <menuItem title="Data Detectors" id="tRr-pd-1PS"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="toggleAutomaticDataDetection:" target="-1" id="R1I-Nq-Kbl"/> + </connections> + </menuItem> + <menuItem title="Text Replacement" id="HFQ-gK-NFA"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="toggleAutomaticTextReplacement:" target="-1" id="DvP-Fe-Py6"/> + </connections> + </menuItem> + </items> + </menu> + </menuItem> + <menuItem title="Transformations" id="2oI-Rn-ZJC"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="Transformations" id="c8a-y6-VQd"> + <items> + <menuItem title="Make Upper Case" id="vmV-6d-7jI"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="uppercaseWord:" target="-1" id="sPh-Tk-edu"/> + </connections> + </menuItem> + <menuItem title="Make Lower Case" id="d9M-CD-aMd"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="lowercaseWord:" target="-1" id="iUZ-b5-hil"/> + </connections> + </menuItem> + <menuItem title="Capitalize" id="UEZ-Bs-lqG"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="capitalizeWord:" target="-1" id="26H-TL-nsh"/> + </connections> + </menuItem> + </items> + </menu> + </menuItem> + <menuItem title="Speech" id="xrE-MZ-jX0"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="Speech" id="3rS-ZA-NoH"> + <items> + <menuItem title="Start Speaking" id="Ynk-f8-cLZ"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="startSpeaking:" target="-1" id="654-Ng-kyl"/> + </connections> + </menuItem> + <menuItem title="Stop Speaking" id="Oyz-dy-DGm"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="stopSpeaking:" target="-1" id="dX8-6p-jy9"/> + </connections> + </menuItem> + </items> + </menu> + </menuItem> + </items> + </menu> + </menuItem> + <menuItem title="Format" id="jxT-CU-nIS"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="Format" id="GEO-Iw-cKr"> + <items> + <menuItem title="Font" id="Gi5-1S-RQB"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="Font" systemMenu="font" id="aXa-aM-Jaq"> + <items> + <menuItem title="Show Fonts" keyEquivalent="t" id="Q5e-8K-NDq"> + <connections> + <action selector="orderFrontFontPanel:" target="YLy-65-1bz" id="WHr-nq-2xA"/> + </connections> + </menuItem> + <menuItem title="Bold" tag="2" keyEquivalent="b" id="GB9-OM-e27"> + <connections> + <action selector="addFontTrait:" target="YLy-65-1bz" id="hqk-hr-sYV"/> + </connections> + </menuItem> + <menuItem title="Italic" tag="1" keyEquivalent="i" id="Vjx-xi-njq"> + <connections> + <action selector="addFontTrait:" target="YLy-65-1bz" id="IHV-OB-c03"/> + </connections> + </menuItem> + <menuItem title="Underline" keyEquivalent="u" id="WRG-CD-K1S"> + <connections> + <action selector="underline:" target="-1" id="FYS-2b-JAY"/> + </connections> + </menuItem> + <menuItem isSeparatorItem="YES" id="5gT-KC-WSO"/> + <menuItem title="Bigger" tag="3" keyEquivalent="+" id="Ptp-SP-VEL"> + <connections> + <action selector="modifyFont:" target="YLy-65-1bz" id="Uc7-di-UnL"/> + </connections> + </menuItem> + <menuItem title="Smaller" tag="4" keyEquivalent="-" id="i1d-Er-qST"> + <connections> + <action selector="modifyFont:" target="YLy-65-1bz" id="HcX-Lf-eNd"/> + </connections> + </menuItem> + <menuItem isSeparatorItem="YES" id="kx3-Dk-x3B"/> + <menuItem title="Kern" id="jBQ-r6-VK2"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="Kern" id="tlD-Oa-oAM"> + <items> + <menuItem title="Use Default" id="GUa-eO-cwY"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="useStandardKerning:" target="-1" id="6dk-9l-Ckg"/> + </connections> + </menuItem> + <menuItem title="Use None" id="cDB-IK-hbR"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="turnOffKerning:" target="-1" id="U8a-gz-Maa"/> + </connections> + </menuItem> + <menuItem title="Tighten" id="46P-cB-AYj"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="tightenKerning:" target="-1" id="hr7-Nz-8ro"/> + </connections> + </menuItem> + <menuItem title="Loosen" id="ogc-rX-tC1"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="loosenKerning:" target="-1" id="8i4-f9-FKE"/> + </connections> + </menuItem> + </items> + </menu> + </menuItem> + <menuItem title="Ligatures" id="o6e-r0-MWq"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="Ligatures" id="w0m-vy-SC9"> + <items> + <menuItem title="Use Default" id="agt-UL-0e3"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="useStandardLigatures:" target="-1" id="7uR-wd-Dx6"/> + </connections> + </menuItem> + <menuItem title="Use None" id="J7y-lM-qPV"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="turnOffLigatures:" target="-1" id="iX2-gA-Ilz"/> + </connections> + </menuItem> + <menuItem title="Use All" id="xQD-1f-W4t"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="useAllLigatures:" target="-1" id="KcB-kA-TuK"/> + </connections> + </menuItem> + </items> + </menu> + </menuItem> + <menuItem title="Baseline" id="OaQ-X3-Vso"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="Baseline" id="ijk-EB-dga"> + <items> + <menuItem title="Use Default" id="3Om-Ey-2VK"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="unscript:" target="-1" id="0vZ-95-Ywn"/> + </connections> + </menuItem> + <menuItem title="Superscript" id="Rqc-34-cIF"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="superscript:" target="-1" id="3qV-fo-wpU"/> + </connections> + </menuItem> + <menuItem title="Subscript" id="I0S-gh-46l"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="subscript:" target="-1" id="Q6W-4W-IGz"/> + </connections> + </menuItem> + <menuItem title="Raise" id="2h7-ER-AoG"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="raiseBaseline:" target="-1" id="4sk-31-7Q9"/> + </connections> + </menuItem> + <menuItem title="Lower" id="1tx-W0-xDw"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="lowerBaseline:" target="-1" id="OF1-bc-KW4"/> + </connections> + </menuItem> + </items> + </menu> + </menuItem> + <menuItem isSeparatorItem="YES" id="Ndw-q3-faq"/> + <menuItem title="Show Colors" keyEquivalent="C" id="bgn-CT-cEk"> + <connections> + <action selector="orderFrontColorPanel:" target="-1" id="mSX-Xz-DV3"/> + </connections> + </menuItem> + <menuItem isSeparatorItem="YES" id="iMs-zA-UFJ"/> + <menuItem title="Copy Style" keyEquivalent="c" id="5Vv-lz-BsD"> + <modifierMask key="keyEquivalentModifierMask" option="YES" command="YES"/> + <connections> + <action selector="copyFont:" target="-1" id="GJO-xA-L4q"/> + </connections> + </menuItem> + <menuItem title="Paste Style" keyEquivalent="v" id="vKC-jM-MkH"> + <modifierMask key="keyEquivalentModifierMask" option="YES" command="YES"/> + <connections> + <action selector="pasteFont:" target="-1" id="JfD-CL-leO"/> + </connections> + </menuItem> + </items> + </menu> + </menuItem> + <menuItem title="Text" id="Fal-I4-PZk"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="Text" id="d9c-me-L2H"> + <items> + <menuItem title="Align Left" keyEquivalent="{" id="ZM1-6Q-yy1"> + <connections> + <action selector="alignLeft:" target="-1" id="zUv-R1-uAa"/> + </connections> + </menuItem> + <menuItem title="Center" keyEquivalent="|" id="VIY-Ag-zcb"> + <connections> + <action selector="alignCenter:" target="-1" id="spX-mk-kcS"/> + </connections> + </menuItem> + <menuItem title="Justify" id="J5U-5w-g23"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="alignJustified:" target="-1" id="ljL-7U-jND"/> + </connections> + </menuItem> + <menuItem title="Align Right" keyEquivalent="}" id="wb2-vD-lq4"> + <connections> + <action selector="alignRight:" target="-1" id="r48-bG-YeY"/> + </connections> + </menuItem> + <menuItem isSeparatorItem="YES" id="4s2-GY-VfK"/> + <menuItem title="Writing Direction" id="H1b-Si-o9J"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="Writing Direction" id="8mr-sm-Yjd"> + <items> + <menuItem title="Paragraph" enabled="NO" id="ZvO-Gk-QUH"> + <modifierMask key="keyEquivalentModifierMask"/> + </menuItem> + <menuItem id="YGs-j5-SAR"> + <string key="title"> Default</string> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="makeBaseWritingDirectionNatural:" target="-1" id="qtV-5e-UBP"/> + </connections> + </menuItem> + <menuItem id="Lbh-J2-qVU"> + <string key="title"> Left to Right</string> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="makeBaseWritingDirectionLeftToRight:" target="-1" id="S0X-9S-QSf"/> + </connections> + </menuItem> + <menuItem id="jFq-tB-4Kx"> + <string key="title"> Right to Left</string> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="makeBaseWritingDirectionRightToLeft:" target="-1" id="5fk-qB-AqJ"/> + </connections> + </menuItem> + <menuItem isSeparatorItem="YES" id="swp-gr-a21"/> + <menuItem title="Selection" enabled="NO" id="cqv-fj-IhA"> + <modifierMask key="keyEquivalentModifierMask"/> + </menuItem> + <menuItem id="Nop-cj-93Q"> + <string key="title"> Default</string> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="makeTextWritingDirectionNatural:" target="-1" id="lPI-Se-ZHp"/> + </connections> + </menuItem> + <menuItem id="BgM-ve-c93"> + <string key="title"> Left to Right</string> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="makeTextWritingDirectionLeftToRight:" target="-1" id="caW-Bv-w94"/> + </connections> + </menuItem> + <menuItem id="RB4-Sm-HuC"> + <string key="title"> Right to Left</string> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="makeTextWritingDirectionRightToLeft:" target="-1" id="EXD-6r-ZUu"/> + </connections> + </menuItem> + </items> + </menu> + </menuItem> + <menuItem isSeparatorItem="YES" id="fKy-g9-1gm"/> + <menuItem title="Show Ruler" id="vLm-3I-IUL"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="toggleRuler:" target="-1" id="FOx-HJ-KwY"/> + </connections> + </menuItem> + <menuItem title="Copy Ruler" keyEquivalent="c" id="MkV-Pr-PK5"> + <modifierMask key="keyEquivalentModifierMask" control="YES" command="YES"/> + <connections> + <action selector="copyRuler:" target="-1" id="71i-fW-3W2"/> + </connections> + </menuItem> + <menuItem title="Paste Ruler" keyEquivalent="v" id="LVM-kO-fVI"> + <modifierMask key="keyEquivalentModifierMask" control="YES" command="YES"/> + <connections> + <action selector="pasteRuler:" target="-1" id="cSh-wd-qM2"/> + </connections> + </menuItem> + </items> + </menu> + </menuItem> + </items> + </menu> + </menuItem> + <menuItem title="View" id="H8h-7b-M4v"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="View" id="HyV-fh-RgO"> + <items> + <menuItem title="Show Toolbar" keyEquivalent="t" id="snW-S8-Cw5"> + <modifierMask key="keyEquivalentModifierMask" option="YES" command="YES"/> + <connections> + <action selector="toggleToolbarShown:" target="-1" id="BXY-wc-z0C"/> + </connections> + </menuItem> + <menuItem title="Customize Toolbar…" id="1UK-8n-QPP"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="runToolbarCustomizationPalette:" target="-1" id="pQI-g3-MTW"/> + </connections> + </menuItem> + </items> + </menu> + </menuItem> + <menuItem title="Window" id="aUF-d1-5bR"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="Window" systemMenu="window" id="Td7-aD-5lo"> + <items> + <menuItem title="Minimize" keyEquivalent="m" id="OY7-WF-poV"> + <connections> + <action selector="performMiniaturize:" target="-1" id="VwT-WD-YPe"/> + </connections> + </menuItem> + <menuItem title="Zoom" id="R4o-n2-Eq4"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="performZoom:" target="-1" id="DIl-cC-cCs"/> + </connections> + </menuItem> + <menuItem isSeparatorItem="YES" id="eu3-7i-yIM"/> + <menuItem title="Bring All to Front" id="LE2-aR-0XJ"> + <modifierMask key="keyEquivalentModifierMask"/> + <connections> + <action selector="arrangeInFront:" target="-1" id="DRN-fu-gQh"/> + </connections> + </menuItem> + </items> + </menu> + </menuItem> + <menuItem title="Help" id="wpr-3q-Mcd"> + <modifierMask key="keyEquivalentModifierMask"/> + <menu key="submenu" title="Help" systemMenu="help" id="F2S-fz-NVQ"> + <items> + <menuItem title="ZeroTier One Help" keyEquivalent="?" id="FKE-Sm-Kum"> + <connections> + <action selector="showHelp:" target="-1" id="y7X-2Q-9no"/> + </connections> + </menuItem> + </items> + </menu> + </menuItem> + </items> + </menu> + <window title="ZeroTier One" allowsToolTipsWhenApplicationIsInactive="NO" autorecalculatesKeyViewLoop="NO" releasedWhenClosed="NO" visibleAtLaunch="NO" animationBehavior="default" id="QvC-M9-y7g"> + <windowStyleMask key="styleMask" titled="YES" closable="YES" miniaturizable="YES" resizable="YES"/> + <windowPositionMask key="initialPositionMask" leftStrut="YES" rightStrut="YES" topStrut="YES" bottomStrut="YES"/> + <rect key="contentRect" x="335" y="390" width="480" height="360"/> + <rect key="screenRect" x="0.0" y="0.0" width="1716" height="1024"/> + <view key="contentView" wantsLayer="YES" id="EiT-Mj-1SZ"> + <rect key="frame" x="0.0" y="0.0" width="480" height="360"/> + <autoresizingMask key="autoresizingMask"/> + </view> + </window> + </objects> +</document> diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/MacGap-Info.plist b/macui/ZeroTier One/Info.plist index 7f71ea22..e04b5f28 100644 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/src/MacGap/MacGap-Info.plist +++ b/macui/ZeroTier One/Info.plist @@ -5,15 +5,15 @@ <key>CFBundleDevelopmentRegion</key> <string>en</string> <key>CFBundleExecutable</key> - <string>ZeroTier One</string> + <string>$(EXECUTABLE_NAME)</string> <key>CFBundleIconFile</key> - <string>ZeroTierIcon</string> + <string>ZeroTierIcon.icns</string> <key>CFBundleIdentifier</key> <string>$(PRODUCT_BUNDLE_IDENTIFIER)</string> <key>CFBundleInfoDictionaryVersion</key> <string>6.0</string> <key>CFBundleName</key> - <string>ZeroTier One</string> + <string>$(PRODUCT_NAME)</string> <key>CFBundlePackageType</key> <string>APPL</string> <key>CFBundleShortVersionString</key> @@ -21,19 +21,21 @@ <key>CFBundleSignature</key> <string>????</string> <key>CFBundleVersion</key> - <string>1</string> - <key>LSApplicationCategoryType</key> - <string>public.app-category.utilities</string> + <string>15</string> <key>LSMinimumSystemVersion</key> - <string>${MACOSX_DEPLOYMENT_TARGET}</string> - <key>NSMainNibFile</key> - <string>MainMenu</string> - <key>NSPrincipalClass</key> - <string>NSApplication</string> + <string>$(MACOSX_DEPLOYMENT_TARGET)</string> + <key>LSUIElement</key> + <true/> <key>NSAppTransportSecurity</key> <dict> <key>NSAllowsArbitraryLoads</key> <true/> </dict> + <key>NSHumanReadableCopyright</key> + <string>Copyright © 2016 ZeroTier, Inc. All rights reserved.</string> + <key>NSMainNibFile</key> + <string>MainMenu</string> + <key>NSPrincipalClass</key> + <string>NSApplication</string> </dict> </plist> diff --git a/macui/ZeroTier One/JoinNetworkViewController.h b/macui/ZeroTier One/JoinNetworkViewController.h new file mode 100644 index 00000000..428959fb --- /dev/null +++ b/macui/ZeroTier One/JoinNetworkViewController.h @@ -0,0 +1,40 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import <Cocoa/Cocoa.h> + + +extern NSString * const JoinedNetworksKey; + +@class AppDelegate; + +@interface JoinNetworkViewController : NSViewController <NSComboBoxDelegate, NSComboBoxDataSource> + +@property (nonatomic, weak) IBOutlet NSComboBox *network; +@property (nonatomic, weak) IBOutlet NSButton *joinButton; +@property (nonatomic, weak) IBOutlet NSButton *allowManagedCheckBox; +@property (nonatomic, weak) IBOutlet NSButton *allowGlobalCheckBox; +@property (nonatomic, weak) IBOutlet NSButton *allowDefaultCheckBox; +@property (nonatomic, weak) IBOutlet AppDelegate *appDelegate; + +@property (nonatomic) NSMutableArray<NSString*> *values; + +- (IBAction)onJoinClicked:(id)sender; + + +@end diff --git a/macui/ZeroTier One/JoinNetworkViewController.m b/macui/ZeroTier One/JoinNetworkViewController.m new file mode 100644 index 00000000..cae26541 --- /dev/null +++ b/macui/ZeroTier One/JoinNetworkViewController.m @@ -0,0 +1,184 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import "JoinNetworkViewController.h" +#import "ServiceCom.h" +#import "AppDelegate.h" + + +NSString * const JoinedNetworksKey = @"com.zerotier.one.joined-networks"; + +@interface NSString (extra) + +- (BOOL)contains:(NSString*)find; + +@end + +@implementation NSString (extra) + +- (BOOL)contains:(NSString*)find { + NSRange range = [self rangeOfString:find]; + return range.location != NSNotFound; +} + +@end + + +@implementation JoinNetworkViewController + +- (void)viewDidLoad { + [super viewDidLoad]; + // Do view setup here. + [self.network setDelegate:self]; + [self.network setDataSource:self]; +} + +- (void)viewWillAppear { + [super viewWillAppear]; + + self.allowManagedCheckBox.state = NSOnState; + self.allowGlobalCheckBox.state = NSOffState; + self.allowDefaultCheckBox.state = NSOffState; + + self.network.stringValue = @""; + + NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults]; + + NSMutableArray<NSString*> *vals = [[defaults stringArrayForKey:JoinedNetworksKey] mutableCopy]; + + if(vals) { + self.values = vals; + } +} + +- (void)viewWillDisappear { + [super viewWillDisappear]; + + NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults]; + + [defaults setObject:self.values forKey:JoinedNetworksKey]; +} + +- (IBAction)onJoinClicked:(id)sender { + NSString *networkId = self.network.stringValue; + + NSError *error = nil; + [[ServiceCom sharedInstance] joinNetwork:networkId + allowManaged:(self.allowManagedCheckBox.state == NSOnState) + allowGlobal:(self.allowGlobalCheckBox.state == NSOnState) + allowDefault:(self.allowDefaultCheckBox.state == NSOnState) + error:&error]; + + if(error) { + NSAlert *alert = [NSAlert alertWithError:error]; + alert.alertStyle = NSCriticalAlertStyle; + [alert addButtonWithTitle:@"Ok"]; + + [alert runModal]; + return; + } + + self.network.stringValue = @""; + + if(![self.values containsObject:networkId]) { + [self.values insertObject:networkId atIndex:0]; + + while([self.values count] > 20) { + [self.values removeLastObject]; + } + } + + [self.appDelegate closeJoinNetworkPopover]; +} + +// NSComboBoxDelegate methods + +- (void)controlTextDidChange:(NSNotification *)obj { + NSComboBox *cb = (NSComboBox*)obj.object; + NSString *value = cb.stringValue; + + NSString *allowedCharacters = @"abcdefABCDEF0123456789"; + + NSString *outValue = @""; + + for(int i = 0; i < [value length]; ++i) { + if(![allowedCharacters contains:[NSString stringWithFormat:@"%C", [value characterAtIndex:i]]]) { + NSBeep(); + } + else { + outValue = [outValue stringByAppendingString:[NSString stringWithFormat:@"%C", [value characterAtIndex:i]]]; + } + } + + if([outValue lengthOfBytesUsingEncoding:NSUTF8StringEncoding] == 16) { + self.joinButton.enabled = YES; + } + else { + if([outValue lengthOfBytesUsingEncoding:NSUTF8StringEncoding] > 16) { + NSRange range = {0, 16}; + range = [outValue rangeOfComposedCharacterSequencesForRange:range]; + outValue = [outValue substringWithRange:range]; + NSBeep(); + self.joinButton.enabled = YES; + } + else { + self.joinButton.enabled = NO; + } + } + + cb.stringValue = outValue; +} + +// end NSComboBoxDelegate methods + +// NSComboBoxDataSource methods + +- (NSInteger)numberOfItemsInComboBox:(NSComboBox *)aComboBox { + return [self.values count]; +} + +- (id)comboBox:(NSComboBox *)aComboBox objectValueForItemAtIndex:(NSInteger)index { + return [self.values objectAtIndex:index]; +} + +- (NSUInteger)comboBox:(NSComboBox *)aComboBox indexOfItemWithStringValue:(NSString *)string { + NSUInteger counter = 0; + + for(NSString *val in self.values) { + if([val isEqualToString:string]) { + return counter; + } + + counter += 1; + } + + return NSNotFound; +} + +- (NSString*)comboBox:(NSComboBox *)aComboBox completedString:(NSString *)string { + for(NSString *val in self.values) { + if([val hasPrefix:string]) { + return val; + } + } + return nil; +} + +// end NSComboBoxDataSource methods + +@end diff --git a/macui/ZeroTier One/JoinNetworkViewController.xib b/macui/ZeroTier One/JoinNetworkViewController.xib new file mode 100644 index 00000000..2ef43442 --- /dev/null +++ b/macui/ZeroTier One/JoinNetworkViewController.xib @@ -0,0 +1,74 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<document type="com.apple.InterfaceBuilder3.Cocoa.XIB" version="3.0" toolsVersion="10116" systemVersion="15G31" targetRuntime="MacOSX.Cocoa" propertyAccessControl="none" useAutolayout="YES" customObjectInstantitationMethod="direct"> + <dependencies> + <plugIn identifier="com.apple.InterfaceBuilder.CocoaPlugin" version="10116"/> + </dependencies> + <objects> + <customObject id="-2" userLabel="File's Owner" customClass="JoinNetworkViewController" customModule="ZeroTier_One" customModuleProvider="target"> + <connections> + <outlet property="allowDefaultCheckBox" destination="rz3-0a-oNA" id="mYu-Wq-MHW"/> + <outlet property="allowGlobalCheckBox" destination="BH2-2O-Qeu" id="alx-Je-q9I"/> + <outlet property="allowManagedCheckBox" destination="OQS-QZ-zcY" id="7pz-vO-3IC"/> + <outlet property="joinButton" destination="BGy-vd-NQX" id="LGE-2G-7ND"/> + <outlet property="network" destination="BQy-d9-BNg" id="Yf7-BG-c84"/> + <outlet property="view" destination="Hz6-mo-xeY" id="0bl-1N-x8E"/> + </connections> + </customObject> + <customObject id="-1" userLabel="First Responder" customClass="FirstResponder"/> + <customObject id="-3" userLabel="Application" customClass="NSObject"/> + <customView id="Hz6-mo-xeY"> + <rect key="frame" x="0.0" y="0.0" width="397" height="123"/> + <autoresizingMask key="autoresizingMask" flexibleMaxX="YES" flexibleMinY="YES"/> + <subviews> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" fixedFrame="YES" translatesAutoresizingMaskIntoConstraints="NO" id="puT-Yk-CWC"> + <rect key="frame" x="18" y="83" width="107" height="17"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" title="Enter Network ID" id="oYH-gS-BX5"> + <font key="font" metaFont="system"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <button verticalHuggingPriority="750" fixedFrame="YES" translatesAutoresizingMaskIntoConstraints="NO" id="BGy-vd-NQX"> + <rect key="frame" x="302" y="13" width="81" height="32"/> + <buttonCell key="cell" type="push" title="Join" bezelStyle="rounded" alignment="center" enabled="NO" borderStyle="border" imageScaling="proportionallyDown" inset="2" id="6Rp-TA-XLl"> + <behavior key="behavior" pushIn="YES" lightByBackground="YES" lightByGray="YES"/> + <font key="font" metaFont="system"/> + </buttonCell> + <connections> + <action selector="onJoinClicked:" target="-2" id="kzC-GT-JKb"/> + </connections> + </button> + <comboBox verticalHuggingPriority="750" fixedFrame="YES" translatesAutoresizingMaskIntoConstraints="NO" id="BQy-d9-BNg"> + <rect key="frame" x="131" y="79" width="249" height="26"/> + <comboBoxCell key="cell" scrollable="YES" lineBreakMode="clipping" selectable="YES" editable="YES" sendsActionOnEndEditing="YES" borderStyle="bezel" drawsBackground="YES" usesDataSource="YES" numberOfVisibleItems="5" id="n71-4S-AaI"> + <font key="font" metaFont="system"/> + <color key="textColor" name="controlTextColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="textBackgroundColor" catalog="System" colorSpace="catalog"/> + </comboBoxCell> + </comboBox> + <button fixedFrame="YES" translatesAutoresizingMaskIntoConstraints="NO" id="OQS-QZ-zcY"> + <rect key="frame" x="18" y="59" width="115" height="18"/> + <buttonCell key="cell" type="check" title="Allow Managed" bezelStyle="regularSquare" imagePosition="left" state="on" inset="2" id="QEN-MJ-xaj"> + <behavior key="behavior" changeContents="YES" doesNotDimImage="YES" lightByContents="YES"/> + <font key="font" metaFont="system"/> + </buttonCell> + </button> + <button fixedFrame="YES" translatesAutoresizingMaskIntoConstraints="NO" id="BH2-2O-Qeu"> + <rect key="frame" x="137" y="59" width="97" height="18"/> + <buttonCell key="cell" type="check" title="Allow Global" bezelStyle="regularSquare" imagePosition="left" inset="2" id="epO-Uh-aHN"> + <behavior key="behavior" changeContents="YES" doesNotDimImage="YES" lightByContents="YES"/> + <font key="font" metaFont="system"/> + </buttonCell> + </button> + <button fixedFrame="YES" translatesAutoresizingMaskIntoConstraints="NO" id="rz3-0a-oNA"> + <rect key="frame" x="238" y="59" width="141" height="18"/> + <buttonCell key="cell" type="check" title="Allow Default Route" bezelStyle="regularSquare" imagePosition="left" inset="2" id="Lkd-XI-Kcu"> + <behavior key="behavior" changeContents="YES" doesNotDimImage="YES" lightByContents="YES"/> + <font key="font" metaFont="system"/> + </buttonCell> + </button> + </subviews> + <point key="canvasLocation" x="263.5" y="372.5"/> + </customView> + </objects> +</document> diff --git a/macui/ZeroTier One/Network.h b/macui/ZeroTier One/Network.h new file mode 100644 index 00000000..957ff8d5 --- /dev/null +++ b/macui/ZeroTier One/Network.h @@ -0,0 +1,68 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import <Foundation/Foundation.h> + +enum NetworkStatus { + REQUESTING_CONFIGURATION, + OK, + ACCESS_DENIED, + NOT_FOUND, + PORT_ERROR, + CLIENT_TOO_OLD, +}; + +enum NetworkType { + PUBLIC, + PRIVATE, +}; + +@interface Network : NSObject <NSCoding> + +@property (readonly) NSArray<NSString*> *assignedAddresses; +@property (readonly) BOOL bridge; +@property (readonly) BOOL broadcastEnabled; +@property (readonly) BOOL dhcp; +@property (readonly) NSString *mac; +@property (readonly) int mtu; +@property (readonly) int netconfRevision; +@property (readonly) NSString *name; +@property (readonly) UInt64 nwid; +@property (readonly) NSString *portDeviceName; +@property (readonly) int portError; +@property (readonly) enum NetworkStatus status; +@property (readonly) enum NetworkType type; +@property (readonly) BOOL allowManaged; +@property (readonly) BOOL allowGlobal; +@property (readonly) BOOL allowDefault; +@property (readonly) BOOL connected; // not persisted. set to YES if loaded via json + +- (id)initWithJsonData:(NSDictionary*)jsonData; +- (id)initWithCoder:(NSCoder *)aDecoder; +- (void)encodeWithCoder:(NSCoder *)aCoder; ++ (BOOL)defaultRouteExists:(NSArray<Network *>*)netList; +- (NSString*)statusString; +- (NSString*)typeString; + +- (BOOL)hasSameNetworkId:(UInt64)networkId; + +- (BOOL)isEqualToNetwork:(Network*)network; +- (BOOL)isEqual:(id)object; +- (NSUInteger)hash; + +@end diff --git a/macui/ZeroTier One/Network.m b/macui/ZeroTier One/Network.m new file mode 100644 index 00000000..8474acaa --- /dev/null +++ b/macui/ZeroTier One/Network.m @@ -0,0 +1,337 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import "Network.h" + +NSString *NetworkAddressesKey = @"addresses"; +NSString *NetworkBridgeKey = @"bridge"; +NSString *NetworkBroadcastKey = @"broadcast"; +NSString *NetworkDhcpKey = @"dhcp"; +NSString *NetworkMacKey = @"mac"; +NSString *NetworkMtuKey = @"mtu"; +NSString *NetworkMulticastKey = @"multicast"; +NSString *NetworkNameKey = @"name"; +NSString *NetworkNetconfKey = @"netconf"; +NSString *NetworkNwidKey = @"nwid"; +NSString *NetworkPortNameKey = @"port"; +NSString *NetworkPortErrorKey = @"portError"; +NSString *NetworkStatusKey = @"status"; +NSString *NetworkTypeKey = @"type"; +NSString *NetworkAllowManagedKey = @"allowManaged"; +NSString *NetworkAllowGlobalKey = @"allowGlobal"; +NSString *NetworkAllowDefaultKey = @"allowDefault"; + +@implementation Network + +- (id)initWithJsonData:(NSDictionary*)jsonData +{ + self = [super init]; + + if(self) { + if([jsonData objectForKey:@"assignedAddresses"]) { + _assignedAddresses = (NSArray<NSString*>*)[jsonData objectForKey:@"assignedAddresses"]; + } + + if([jsonData objectForKey:@"bridge"]) { + _bridge = [(NSNumber*)[jsonData objectForKey:@"bridge"] boolValue]; + } + + if([jsonData objectForKey:@"broadcastEnabled"]) { + _broadcastEnabled = [(NSNumber*)[jsonData objectForKey:@"broadcastEnabled"] boolValue]; + } + + if([jsonData objectForKey:@"dhcp"]) { + _dhcp = [(NSNumber*)[jsonData objectForKey:@"dhcp"] boolValue]; + } + + if([jsonData objectForKey:@"mac"]) { + _mac = (NSString*)[jsonData objectForKey:@"mac"]; + } + + if([jsonData objectForKey:@"mtu"]) { + _mtu = [(NSNumber*)[jsonData objectForKey:@"mtu"] intValue]; + } + + if([jsonData objectForKey:@"name"]) { + _name = (NSString*)[jsonData objectForKey:@"name"]; + } + + if([jsonData objectForKey:@"netconfRevision"]) { + _netconfRevision = [(NSNumber*)[jsonData objectForKey:@"netconfRevision"] intValue]; + } + + if([jsonData objectForKey:@"nwid"]) { + NSString *networkid = (NSString*)[jsonData objectForKey:@"nwid"]; + + NSScanner *scanner = [NSScanner scannerWithString:networkid]; + [scanner scanHexLongLong:&_nwid]; + } + + if([jsonData objectForKey:@"portDeviceName"]) { + _portDeviceName = (NSString*)[jsonData objectForKey:@"portDeviceName"]; + } + + if([jsonData objectForKey:@"portError"]) { + _portError = [(NSNumber*)[jsonData objectForKey:@"portError"] intValue]; + } + + if([jsonData objectForKey:@"allowManaged"]) { + _allowManaged = [(NSNumber*)[jsonData objectForKey:@"allowManaged"] boolValue]; + } + + if([jsonData objectForKey:@"allowGlobal"]) { + _allowGlobal = [(NSNumber*)[jsonData objectForKey:@"allowGlobal"] boolValue]; + } + + if([jsonData objectForKey:@"allowDefault"]) { + _allowDefault = [(NSNumber*)[jsonData objectForKey:@"allowDefault"] boolValue]; + } + + if([jsonData objectForKey:@"status"]) { + NSString *statusStr = (NSString*)[jsonData objectForKey:@"status"]; + if([statusStr isEqualToString:@"REQUESTING_CONFIGURATION"]) { + _status = REQUESTING_CONFIGURATION; + } + else if([statusStr isEqualToString:@"OK"]) { + _status = OK; + } + else if([statusStr isEqualToString:@"ACCESS_DENIED"]) { + _status = ACCESS_DENIED; + } + else if([statusStr isEqualToString:@"NOT_FOUND"]) { + _status = NOT_FOUND; + } + else if([statusStr isEqualToString:@"PORT_ERROR"]) { + _status = PORT_ERROR; + } + else if([statusStr isEqualToString:@"CLIENT_TOO_OLD"]) { + _status = CLIENT_TOO_OLD; + } + } + + if([jsonData objectForKey:@"type"]) { + NSString *typeStr = (NSString*)[jsonData objectForKey:@"type"]; + if([typeStr isEqualToString:@"PRIVATE"]) { + _type = PRIVATE; + } + else if([typeStr isEqualToString:@"PUBLIC"]) { + _type = PUBLIC; + } + } + + _connected = YES; + } + + return self; +} +- (id)initWithCoder:(NSCoder *)aDecoder +{ + self = [super init]; + + if(self) { + if([aDecoder containsValueForKey:NetworkAddressesKey]) { + _assignedAddresses = (NSArray<NSString*>*)[aDecoder decodeObjectForKey:NetworkAddressesKey]; + } + + if([aDecoder containsValueForKey:NetworkBridgeKey]) { + _bridge = [aDecoder decodeBoolForKey:NetworkBridgeKey]; + } + + if([aDecoder containsValueForKey:NetworkBroadcastKey]) { + _broadcastEnabled = [aDecoder decodeBoolForKey:NetworkBroadcastKey]; + } + + if([aDecoder containsValueForKey:NetworkDhcpKey]) { + _dhcp = [aDecoder decodeBoolForKey:NetworkDhcpKey]; + } + + if([aDecoder containsValueForKey:NetworkMacKey]) { + _mac = (NSString*)[aDecoder decodeObjectForKey:NetworkMacKey]; + } + + if([aDecoder containsValueForKey:NetworkMtuKey]) { + _mtu = (int)[aDecoder decodeIntegerForKey:NetworkMtuKey]; + } + + if([aDecoder containsValueForKey:NetworkNameKey]) { + _name = (NSString*)[aDecoder decodeObjectForKey:NetworkNameKey]; + } + + if([aDecoder containsValueForKey:NetworkNetconfKey]) { + _netconfRevision = (int)[aDecoder decodeIntegerForKey:NetworkNetconfKey]; + } + + if([aDecoder containsValueForKey:NetworkNwidKey]) { + _nwid = [(NSNumber*)[aDecoder decodeObjectForKey:NetworkNwidKey] unsignedLongLongValue]; + } + + if([aDecoder containsValueForKey:NetworkPortNameKey]) { + _portDeviceName = (NSString*)[aDecoder decodeObjectForKey:NetworkPortNameKey]; + } + + if([aDecoder containsValueForKey:NetworkPortErrorKey]) { + _portError = (int)[aDecoder decodeIntegerForKey:NetworkPortErrorKey]; + } + + if([aDecoder containsValueForKey:NetworkStatusKey]) { + _status = (enum NetworkStatus)[aDecoder decodeIntegerForKey:NetworkStatusKey]; + } + + if([aDecoder containsValueForKey:NetworkTypeKey]) { + _type = (enum NetworkType)[aDecoder decodeIntegerForKey:NetworkTypeKey]; + } + + if([aDecoder containsValueForKey:NetworkAllowManagedKey]) { + _allowManaged = [aDecoder decodeBoolForKey:NetworkAllowManagedKey]; + } + + if([aDecoder containsValueForKey:NetworkAllowGlobalKey]) { + _allowGlobal = [aDecoder decodeBoolForKey:NetworkAllowGlobalKey]; + } + + if([aDecoder containsValueForKey:NetworkAllowDefaultKey]) { + _allowDefault = [aDecoder decodeBoolForKey:NetworkAllowDefaultKey]; + } + + _connected = NO; + } + + return self; +} + +- (void)encodeWithCoder:(NSCoder *)aCoder +{ + [aCoder encodeObject:_assignedAddresses forKey:NetworkAddressesKey]; + [aCoder encodeBool:_bridge forKey:NetworkBridgeKey]; + [aCoder encodeBool:_broadcastEnabled forKey:NetworkBroadcastKey]; + [aCoder encodeBool:_dhcp forKey:NetworkDhcpKey]; + [aCoder encodeObject:_mac forKey:NetworkMacKey]; + [aCoder encodeInteger:_mtu forKey:NetworkMtuKey]; + [aCoder encodeObject:_name forKey:NetworkNameKey]; + [aCoder encodeInteger:_netconfRevision forKey:NetworkNetconfKey]; + [aCoder encodeObject:[NSNumber numberWithUnsignedLongLong:_nwid] + forKey:NetworkNwidKey]; + [aCoder encodeObject:_portDeviceName forKey:NetworkPortNameKey]; + [aCoder encodeInteger:_portError forKey:NetworkPortErrorKey]; + [aCoder encodeInteger:_status forKey:NetworkStatusKey]; + [aCoder encodeInteger:_type forKey:NetworkTypeKey]; + [aCoder encodeBool:_allowManaged forKey:NetworkAllowManagedKey]; + [aCoder encodeBool:_allowGlobal forKey:NetworkAllowGlobalKey]; + [aCoder encodeBool:_allowDefault forKey:NetworkAllowDefaultKey]; +} + ++ (BOOL)defaultRouteExists:(NSArray<Network *>*)netList +{ + for(Network *net in netList) { + if (net.allowDefault && net.connected) { + return YES; + } + } + return NO; +} + +- (NSString*)statusString { + switch(_status) { + case REQUESTING_CONFIGURATION: + return @"REQUESTING_CONFIGURATION"; + case OK: + return @"OK"; + case ACCESS_DENIED: + return @"ACCESS_DENIED"; + case NOT_FOUND: + return @"NOT_FOUND"; + case PORT_ERROR: + return @"PORT_ERROR"; + case CLIENT_TOO_OLD: + return @"CLIENT_TOO_OLD"; + default: + return @""; + } +} + +- (NSString*)typeString { + switch(_type) { + case PUBLIC: + return @"PUBLIC"; + case PRIVATE: + return @"PRIVATE"; + default: + return @""; + } +} + +- (BOOL)hasSameNetworkId:(UInt64)networkId +{ + return self.nwid == networkId; +} + +- (BOOL)isEqualToNetwork:(Network*)network +{ + return [self.assignedAddresses isEqualToArray:network.assignedAddresses] && + self.bridge == network.bridge && + self.broadcastEnabled == network.broadcastEnabled && + self.dhcp == network.dhcp && + [self.mac isEqualToString:network.mac] && + self.mtu == network.mtu && + self.netconfRevision == network.netconfRevision && + [self.name isEqualToString:network.name] && + self.nwid == network.nwid && + [self.portDeviceName isEqualToString:network.portDeviceName] && + self.status == network.status && + self.type == network.type && + self.allowManaged == network.allowManaged && + self.allowGlobal == network.allowGlobal && + self.allowDefault == network.allowDefault && + self.connected == network.connected; +} + +- (BOOL)isEqual:(id)object +{ + if (self == object) { + return YES; + } + + if (![object isKindOfClass:[Network class]]) { + return NO; + } + + return [self isEqualToNetwork:object]; +} + +- (NSUInteger)hash +{ + return [self.assignedAddresses hash] ^ + self.bridge ^ + self.broadcastEnabled ^ + self.dhcp ^ + [self.mac hash] ^ + self.mtu ^ + self.netconfRevision ^ + [self.name hash] ^ + self.nwid ^ + [self.portDeviceName hash] ^ + self.portError ^ + self.status ^ + self.type ^ + self.allowManaged ^ + self.allowGlobal ^ + self.allowDefault ^ + self.connected; +} + +@end diff --git a/macui/ZeroTier One/NetworkInfoCell.h b/macui/ZeroTier One/NetworkInfoCell.h new file mode 100644 index 00000000..be9345d7 --- /dev/null +++ b/macui/ZeroTier One/NetworkInfoCell.h @@ -0,0 +1,50 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import <Cocoa/Cocoa.h> + +@class ShowNetworksViewController; + +@interface NetworkInfoCell : NSTableCellView + +@property (weak, nonatomic) ShowNetworksViewController *parent; + +@property (weak, nonatomic) IBOutlet NSTextField *networkIdField; +@property (weak, nonatomic) IBOutlet NSTextField *networkNameField; +@property (weak, nonatomic) IBOutlet NSTextField *statusField; +@property (weak, nonatomic) IBOutlet NSTextField *typeField; +@property (weak, nonatomic) IBOutlet NSTextField *macField; +@property (weak, nonatomic) IBOutlet NSTextField *mtuField; +@property (weak, nonatomic) IBOutlet NSTextField *broadcastField; +@property (weak, nonatomic) IBOutlet NSTextField *bridgingField; +@property (weak, nonatomic) IBOutlet NSTextField *deviceField; +@property (weak, nonatomic) IBOutlet NSTextField *addressesField; +@property (weak, nonatomic) IBOutlet NSButton *allowManaged; +@property (weak, nonatomic) IBOutlet NSButton *allowGlobal; +@property (weak, nonatomic) IBOutlet NSButton *allowDefault; +@property (weak, nonatomic) IBOutlet NSButton *connectedCheckbox; +@property (weak, nonatomic) IBOutlet NSButton *deleteButton; + +- (IBAction)onConnectCheckStateChanged:(NSButton*)sender; +- (IBAction)deleteNetwork:(NSButton*)sender; +- (IBAction)onAllowStatusChanged:(NSButton*)sender; + +- (void)joinNetwork:(NSString*)nwid; +- (void)leaveNetwork:(NSString*)nwid; + +@end diff --git a/macui/ZeroTier One/NetworkInfoCell.m b/macui/ZeroTier One/NetworkInfoCell.m new file mode 100644 index 00000000..dc75cab3 --- /dev/null +++ b/macui/ZeroTier One/NetworkInfoCell.m @@ -0,0 +1,85 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import "NetworkInfoCell.h" +#import "ServiceCom.h" +#import "ShowNetworksViewController.h" +#import "Network.h" + +@implementation NetworkInfoCell + +- (void)drawRect:(NSRect)dirtyRect { + [super drawRect:dirtyRect]; + + // Drawing code here. +} + +- (IBAction)onConnectCheckStateChanged:(NSButton*)sender +{ + if(sender.state == NSOnState) { + [self joinNetwork:self.networkIdField.stringValue]; + } + else { + [self leaveNetwork:self.networkIdField.stringValue]; + } +} + +- (IBAction)deleteNetwork:(NSButton*)sender; +{ + [self leaveNetwork:self.networkIdField.stringValue]; + [self.parent deleteNetworkFromList:self.networkIdField.stringValue]; +} + +- (IBAction)onAllowStatusChanged:(NSButton*)sender +{ + [self joinNetwork:self.networkIdField.stringValue]; +} + +- (void)joinNetwork:(NSString*)nwid +{ + NSError *error = nil; + [[ServiceCom sharedInstance] joinNetwork:nwid + allowManaged:(self.allowManaged.state == NSOnState) + allowGlobal:(self.allowGlobal.state == NSOnState) + allowDefault:![Network defaultRouteExists:_parent.networkList] && (self.allowDefault.state == NSOnState) + error:&error]; + + if (error) { + NSAlert *alert = [NSAlert alertWithError:error]; + alert.alertStyle = NSCriticalAlertStyle; + [alert addButtonWithTitle:@"Ok"]; + + [alert runModal]; + } +} + +- (void)leaveNetwork:(NSString*)nwid +{ + NSError *error = nil; + [[ServiceCom sharedInstance] leaveNetwork:nwid error:&error]; + + if (error) { + NSAlert *alert = [NSAlert alertWithError:error]; + alert.alertStyle = NSCriticalAlertStyle; + [alert addButtonWithTitle:@"Ok"]; + + [alert runModal]; + } +} + +@end diff --git a/macui/ZeroTier One/NetworkMonitor.h b/macui/ZeroTier One/NetworkMonitor.h new file mode 100644 index 00000000..8cdec4ed --- /dev/null +++ b/macui/ZeroTier One/NetworkMonitor.h @@ -0,0 +1,45 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import <Foundation/Foundation.h> + +extern NSString * const NetworkUpdateKey; +extern NSString * const StatusUpdateKey; + +@class Network; + +@interface NetworkMonitor : NSObject +{ + NSMutableArray<Network*> *_savedNetworks; + NSArray<Network*> *_receivedNetworks; + NSMutableArray<Network*> *_allNetworks; + + NSTimer *_timer; +} + +- (id)init; +- (void)dealloc; + +- (void)start; +- (void)stop; + +- (void)updateNetworkInfo; + +- (void)deleteSavedNetwork:(NSString*)networkId; + +@end diff --git a/macui/ZeroTier One/NetworkMonitor.m b/macui/ZeroTier One/NetworkMonitor.m new file mode 100644 index 00000000..7ed22c4a --- /dev/null +++ b/macui/ZeroTier One/NetworkMonitor.m @@ -0,0 +1,253 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import "NetworkMonitor.h" +#import "Network.h" +#import "ServiceCom.h" +#import "NodeStatus.h" + +@import AppKit; + + +NSString * const NetworkUpdateKey = @"com.zerotier.one.network-list"; +NSString * const StatusUpdateKey = @"com.zerotier.one.status"; + +@interface NetworkMonitor (private) + +- (NSString*)dataFile; +- (void)internal_updateNetworkInfo; +- (NSInteger)findNetworkWithID:(UInt64)networkId; +- (NSInteger)findSavedNetworkWithID:(UInt64)networkId; +- (void)saveNetworks; + +@end + +@implementation NetworkMonitor + +- (id)init +{ + self = [super init]; + if(self) + { + _savedNetworks = [NSMutableArray<Network*> array]; + _receivedNetworks = [NSArray<Network*> array]; + _allNetworks = [NSMutableArray<Network*> array]; + _timer = nil; + } + + return self; +} + +- (void)dealloc +{ + [_timer invalidate]; +} + +- (void)start +{ + NSLog(@"ZeroTier monitor started"); + _timer = [NSTimer scheduledTimerWithTimeInterval:1.0f + target:self + selector:@selector(updateNetworkInfo) + userInfo:nil + repeats:YES]; +} + +- (void)stop +{ + NSLog(@"ZeroTier monitor stopped"); + [_timer invalidate]; + _timer = nil; +} + +- (void)updateNetworkInfo +{ + NSString *filePath = [self dataFile]; + + if([[NSFileManager defaultManager] fileExistsAtPath:filePath]) { + NSArray<Network*> *networks = [NSKeyedUnarchiver unarchiveObjectWithFile:filePath]; + + if(networks != nil) { + _savedNetworks = [networks mutableCopy]; + } + } + + NSError *error = nil; + + [[ServiceCom sharedInstance] getNetworklist:^(NSArray<Network *> *networkList) { + _receivedNetworks = networkList; + + [[NSOperationQueue mainQueue] addOperationWithBlock:^{ + [self internal_updateNetworkInfo]; + } ]; + } error:&error]; + + if(error) { + [self stop]; + + NSAlert *alert = [NSAlert alertWithError:error]; + alert.alertStyle = NSCriticalAlertStyle; + [alert addButtonWithTitle:@"Quit"]; + [alert addButtonWithTitle:@"Retry"]; + + NSModalResponse res = [alert runModal]; + + if(res == NSAlertFirstButtonReturn) { + [NSApp performSelector:@selector(terminate:) withObject:nil afterDelay:0.0]; + } + else if(res == NSAlertSecondButtonReturn) { + [self start]; + return; + } + } + + [[ServiceCom sharedInstance] getNodeStatus:^(NodeStatus *status) { + NSDictionary *userInfo = [NSDictionary dictionaryWithObject:status forKey:@"status"]; + + [[NSOperationQueue mainQueue] addOperationWithBlock:^{ + [[NSNotificationCenter defaultCenter] postNotificationName:StatusUpdateKey + object:nil + userInfo:userInfo]; + }]; + } error:&error]; + + if (error) { + [self stop]; + + NSAlert *alert = [NSAlert alertWithError:error]; + alert.alertStyle = NSCriticalAlertStyle; + [alert addButtonWithTitle:@"Quit"]; + [alert addButtonWithTitle:@"Retry"]; + + NSModalResponse res = [alert runModal]; + + if(res == NSAlertFirstButtonReturn) { + [NSApp performSelector:@selector(terminate:) withObject:nil afterDelay:0.0]; + } + else if(res == NSAlertSecondButtonReturn) { + [self start]; + return; + } + } +} + +- (void)deleteSavedNetwork:(NSString*)networkId +{ + UInt64 nwid = 0; + NSScanner *scanner = [NSScanner scannerWithString:networkId]; + [scanner scanHexLongLong:&nwid]; + + NSInteger index = [self findNetworkWithID:nwid]; + + if(index != NSNotFound) { + [_allNetworks removeObjectAtIndex:index]; + } + + index = [self findSavedNetworkWithID:nwid]; + + if(index != NSNotFound) { + [_savedNetworks removeObjectAtIndex:index]; + } + + [self saveNetworks]; +} + +@end + +@implementation NetworkMonitor (private) +- (NSString*)dataFile +{ + NSURL *appSupport = [[[NSFileManager defaultManager] URLsForDirectory:NSApplicationSupportDirectory + inDomains:NSUserDomainMask] objectAtIndex:0]; + + appSupport = [[[appSupport URLByAppendingPathComponent:@"ZeroTier"] URLByAppendingPathComponent:@"One"] URLByAppendingPathComponent:@"networkinfo.dat"]; + return appSupport.path; +} + +- (void)internal_updateNetworkInfo +{ + NSMutableArray<Network*> *networks = [_savedNetworks mutableCopy]; + + for(Network *nw in _receivedNetworks) { + NSInteger index = [self findSavedNetworkWithID:nw.nwid]; + + if(index != NSNotFound) { + [networks setObject:nw atIndexedSubscript:index]; + } + else { + [networks addObject:nw]; + } + } + + [networks sortUsingComparator:^NSComparisonResult(Network *obj1, Network *obj2) { + if(obj1.nwid > obj2.nwid) { + return true; + } + return false; + }]; + + @synchronized(_allNetworks) { + _allNetworks = networks; + } + + [self saveNetworks]; + + NSDictionary *userInfo = [NSDictionary dictionaryWithObject:networks forKey:@"networks"]; + + [[NSNotificationCenter defaultCenter] postNotificationName:NetworkUpdateKey + object:nil + userInfo:userInfo]; +} + +- (NSInteger)findNetworkWithID:(UInt64)networkId +{ + for(int i = 0; i < [_allNetworks count]; ++i) { + Network *nw = [_allNetworks objectAtIndex:i]; + + if(nw.nwid == networkId) { + return i; + } + } + + return NSNotFound; +} + + +- (NSInteger)findSavedNetworkWithID:(UInt64)networkId +{ + for(int i = 0; i < [_savedNetworks count]; ++i) { + Network *nw = [_savedNetworks objectAtIndex:i]; + + if(nw.nwid == networkId) { + return i; + } + } + + return NSNotFound; +} + +- (void)saveNetworks +{ + NSString *filePath = [self dataFile]; + + @synchronized(_allNetworks) { + [NSKeyedArchiver archiveRootObject:_allNetworks toFile:filePath]; + } +} + +@end diff --git a/macui/ZeroTier One/NodeStatus.h b/macui/ZeroTier One/NodeStatus.h new file mode 100644 index 00000000..eab5bfe4 --- /dev/null +++ b/macui/ZeroTier One/NodeStatus.h @@ -0,0 +1,35 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import <Foundation/Foundation.h> + +@interface NodeStatus : NSObject + +@property (readonly) NSString *address; +@property (readonly) NSString *publicIdentity; +@property (readonly) BOOL online; +@property (readonly) BOOL tcpFallbackActive; +@property (readonly) int versionMajor; +@property (readonly) int versionMinor; +@property (readonly) int versionRev; +@property (readonly) NSString *version; +@property (readonly) UInt64 clock; + +- (id)initWithJsonData:(NSDictionary*)jsonData; + +@end diff --git a/macui/ZeroTier One/NodeStatus.m b/macui/ZeroTier One/NodeStatus.m new file mode 100644 index 00000000..3bae3c7d --- /dev/null +++ b/macui/ZeroTier One/NodeStatus.m @@ -0,0 +1,40 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +#import "NodeStatus.h" + +@implementation NodeStatus + +- (id)initWithJsonData:(NSDictionary*)jsonData +{ + self = [super init]; + + if(self) { + _address = (NSString*)[jsonData objectForKey:@"address"]; + _publicIdentity = (NSString*)[jsonData objectForKey:@"publicIdentity"]; + _online = [(NSNumber*)[jsonData objectForKey:@"online"] boolValue]; + _tcpFallbackActive = [(NSNumber*)[jsonData objectForKey:@"tcpFallbackActive"] boolValue]; + _versionMajor = [(NSNumber*)[jsonData objectForKey:@"versionMajor"] intValue]; + _versionMinor = [(NSNumber*)[jsonData objectForKey:@"versionMinor"] intValue]; + _versionRev = [(NSNumber*)[jsonData objectForKey:@"versionRev"] intValue]; + _version = (NSString*)[jsonData objectForKey:@"version"]; + _clock = [(NSNumber*)[jsonData objectForKey:@"clock"] unsignedLongLongValue]; + } + + return self; +} +@end diff --git a/macui/ZeroTier One/PreferencesViewController.h b/macui/ZeroTier One/PreferencesViewController.h new file mode 100644 index 00000000..56d0fdb8 --- /dev/null +++ b/macui/ZeroTier One/PreferencesViewController.h @@ -0,0 +1,31 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import <Cocoa/Cocoa.h> + +@interface PreferencesViewController : NSViewController + +@property (nonatomic, weak) IBOutlet NSButton *startupCheckBox; + +- (IBAction)onStartupCheckBoxChanged:(NSButton*)sender; + +- (BOOL)isLaunchAtStartup; +- (LSSharedFileListItemRef)itemRefInLoginItems; +- (void)setLaunchAtLoginEnabled:(BOOL)enabled; + +@end diff --git a/macui/ZeroTier One/PreferencesViewController.m b/macui/ZeroTier One/PreferencesViewController.m new file mode 100644 index 00000000..13927fba --- /dev/null +++ b/macui/ZeroTier One/PreferencesViewController.m @@ -0,0 +1,112 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import "PreferencesViewController.h" + +@interface PreferencesViewController () + +@end + +@implementation PreferencesViewController + +- (void)viewDidLoad { + [super viewDidLoad]; + + if([self isLaunchAtStartup]) { + self.startupCheckBox.state = NSOnState; + } + else { + self.startupCheckBox.state = NSOffState; + } +} + +- (IBAction)onStartupCheckBoxChanged:(NSButton *)sender +{ + if(sender.state == NSOnState) { + [self setLaunchAtLoginEnabled:YES]; + } + else { + [self setLaunchAtLoginEnabled:NO]; + } + +} + +- (void)setLaunchAtLoginEnabled:(BOOL)enabled +{ + LSSharedFileListRef loginItemsRef = LSSharedFileListCreate(NULL, kLSSharedFileListSessionLoginItems, NULL); + + if (enabled) { + // Add the app to the LoginItems list. + CFURLRef appUrl = (__bridge CFURLRef)[NSURL fileURLWithPath:[[NSBundle mainBundle] bundlePath]]; + LSSharedFileListItemRef itemRef = LSSharedFileListInsertItemURL(loginItemsRef, kLSSharedFileListItemLast, NULL, NULL, appUrl, NULL, NULL); + if (itemRef) CFRelease(itemRef); + } + else { + // Remove the app from the LoginItems list. + LSSharedFileListItemRef itemRef = [self itemRefInLoginItems]; + LSSharedFileListItemRemove(loginItemsRef,itemRef); + if (itemRef != nil) CFRelease(itemRef); + } +} + + +- (BOOL)isLaunchAtStartup { + // See if the app is currently in LoginItems. + LSSharedFileListItemRef itemRef = [self itemRefInLoginItems]; + // Store away that boolean. + BOOL isInList = itemRef != nil; + // Release the reference if it exists. + if (itemRef != nil) CFRelease(itemRef); + + return isInList; +} + +- (LSSharedFileListItemRef)itemRefInLoginItems { + LSSharedFileListItemRef itemRef = nil; + + NSString * appPath = [[NSBundle mainBundle] bundlePath]; + + // This will retrieve the path for the application + // For example, /Applications/test.app + CFURLRef url = (__bridge CFURLRef)[NSURL fileURLWithPath:appPath]; + + // Create a reference to the shared file list. + LSSharedFileListRef loginItems = LSSharedFileListCreate(NULL, kLSSharedFileListSessionLoginItems, NULL); + + if (loginItems) { + UInt32 seedValue; + //Retrieve the list of Login Items and cast them to + // a NSArray so that it will be easier to iterate. + NSArray *loginItemsArray = (__bridge NSArray *)LSSharedFileListCopySnapshot(loginItems, &seedValue); + for(int i = 0; i< [loginItemsArray count]; i++){ + LSSharedFileListItemRef currentItemRef = (__bridge LSSharedFileListItemRef)[loginItemsArray + objectAtIndex:i]; + //Resolve the item with URL + if (LSSharedFileListItemResolve(currentItemRef, 0, (CFURLRef*) &url, NULL) == noErr) { + NSString * urlPath = [(__bridge NSURL*)url path]; + if ([urlPath compare:appPath] == NSOrderedSame){ + itemRef = currentItemRef; + } + } + } + } + CFRelease(loginItems); + return itemRef; +} + +@end diff --git a/macui/ZeroTier One/PreferencesViewController.xib b/macui/ZeroTier One/PreferencesViewController.xib new file mode 100644 index 00000000..62aef4c0 --- /dev/null +++ b/macui/ZeroTier One/PreferencesViewController.xib @@ -0,0 +1,33 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<document type="com.apple.InterfaceBuilder3.Cocoa.XIB" version="3.0" toolsVersion="10116" systemVersion="15F34" targetRuntime="MacOSX.Cocoa" propertyAccessControl="none" useAutolayout="YES" customObjectInstantitationMethod="direct"> + <dependencies> + <plugIn identifier="com.apple.InterfaceBuilder.CocoaPlugin" version="10116"/> + </dependencies> + <objects> + <customObject id="-2" userLabel="File's Owner" customClass="PreferencesViewController" customModule="ZeroTier_One" customModuleProvider="target"> + <connections> + <outlet property="startupCheckBox" destination="XSk-jN-ner" id="nvL-b1-gza"/> + <outlet property="view" destination="Hz6-mo-xeY" id="0bl-1N-x8E"/> + </connections> + </customObject> + <customObject id="-1" userLabel="First Responder" customClass="FirstResponder"/> + <customObject id="-3" userLabel="Application" customClass="NSObject"/> + <customView id="Hz6-mo-xeY"> + <rect key="frame" x="0.0" y="0.0" width="284" height="54"/> + <autoresizingMask key="autoresizingMask" flexibleMaxX="YES" flexibleMinY="YES"/> + <subviews> + <button fixedFrame="YES" translatesAutoresizingMaskIntoConstraints="NO" id="XSk-jN-ner"> + <rect key="frame" x="18" y="18" width="248" height="18"/> + <buttonCell key="cell" type="check" title="Start ZeroTier One on system startup" bezelStyle="regularSquare" imagePosition="left" state="on" inset="2" id="VkJ-h4-tHf"> + <behavior key="behavior" changeContents="YES" doesNotDimImage="YES" lightByContents="YES"/> + <font key="font" metaFont="system"/> + </buttonCell> + <connections> + <action selector="onStartupCheckBoxChanged:" target="-2" id="zAQ-DJ-c3w"/> + </connections> + </button> + </subviews> + <point key="canvasLocation" x="365" y="208"/> + </customView> + </objects> +</document> diff --git a/macui/ZeroTier One/ServiceCom.h b/macui/ZeroTier One/ServiceCom.h new file mode 100644 index 00000000..74ab2b35 --- /dev/null +++ b/macui/ZeroTier One/ServiceCom.h @@ -0,0 +1,39 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import <Foundation/Foundation.h> + +@class NodeStatus; +@class Network; + +@interface ServiceCom : NSObject +{ + NSString *baseURL; + NSURLSession *session; + BOOL _isQuitting; +} ++ (ServiceCom*)sharedInstance; + +- (id)init; + +- (void)getNetworklist:(void (^)(NSArray<Network*>*))completionHandler error:(NSError* __autoreleasing *)error; +- (void)getNodeStatus:(void (^)(NodeStatus*))completionHandler error:(NSError*__autoreleasing*)error; +- (void)joinNetwork:(NSString*)networkId allowManaged:(BOOL)allowManaged allowGlobal:(BOOL)allowGlobal allowDefault:(BOOL)allowDefault error:(NSError*__autoreleasing*)error; +- (void)leaveNetwork:(NSString*)networkId error:(NSError*__autoreleasing*)error; + +@end diff --git a/macui/ZeroTier One/ServiceCom.m b/macui/ZeroTier One/ServiceCom.m new file mode 100644 index 00000000..dd03b3f7 --- /dev/null +++ b/macui/ZeroTier One/ServiceCom.m @@ -0,0 +1,464 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import "ServiceCom.h" +#import "AuthtokenCopy.h" +#import "Network.h" +#import "NodeStatus.h" +@import AppKit; + +@interface ServiceCom (Private) + +- (NSString*)key; + +@end + +@implementation ServiceCom + ++ (ServiceCom*)sharedInstance { + static ServiceCom *sc = nil; + static dispatch_once_t onceToken; + dispatch_once(&onceToken, ^{ + sc = [[ServiceCom alloc] init]; + }); + return sc; +} + +- (id)init +{ + self = [super init]; + if(self) { + baseURL = @"http://127.0.0.1:9993"; + session = [NSURLSession sessionWithConfiguration:[NSURLSessionConfiguration ephemeralSessionConfiguration]]; + _isQuitting = NO; + } + + return self; +} + +- (NSString*)key:(NSError* __autoreleasing *)err +{ + static NSString *k = nil; + + if (k == nil) { + NSError *error = nil; + NSURL *appSupportDir = [[NSFileManager defaultManager] URLForDirectory:NSApplicationSupportDirectory inDomain:NSUserDomainMask appropriateForURL:nil create:false error:&error]; + + if (error) { + NSLog(@"Error: %@", error); + return @""; + } + + appSupportDir = [[appSupportDir URLByAppendingPathComponent:@"ZeroTier"] URLByAppendingPathComponent:@"One"]; + NSURL *authtokenURL = [appSupportDir URLByAppendingPathComponent:@"authtoken.secret"]; + + if ([[NSFileManager defaultManager] fileExistsAtPath:[authtokenURL path]]) { + k = [NSString stringWithContentsOfURL:authtokenURL + encoding:NSUTF8StringEncoding + error:&error]; + + if (error) { + NSLog(@"Error: %@", error); + k = nil; + *err = error; + return @""; + } + } + else { + NSURL *sysAppSupportDir = [[NSFileManager defaultManager] URLForDirectory:NSApplicationSupportDirectory inDomain:NSSystemDomainMask appropriateForURL:nil create:false error:nil]; + + sysAppSupportDir = [[sysAppSupportDir URLByAppendingPathComponent:@"ZeroTier"] URLByAppendingPathComponent:@"One"]; + NSURL *sysAuthtokenURL = [sysAppSupportDir URLByAppendingPathComponent:@"authtoken.secret"]; + + if(![[NSFileManager defaultManager] fileExistsAtPath:[sysAuthtokenURL path]]) { + + } + + [[NSFileManager defaultManager] createDirectoryAtURL:appSupportDir + withIntermediateDirectories:YES + attributes:nil + error:&error]; + + if (error) { + NSLog(@"Error: %@", error); + *err = error; + k = nil; + return @""; + } + + AuthorizationRef authRef; + OSStatus status = AuthorizationCreate(nil, nil, kAuthorizationFlagDefaults, &authRef); + + if (status != errAuthorizationSuccess) { + NSLog(@"Authorization Failed! %d", status); + + NSDictionary *userInfo = @{ + NSLocalizedDescriptionKey: NSLocalizedString(@"Couldn't create AuthorizationRef", nil), + }; + *err = [NSError errorWithDomain:@"com.zerotier.one" code:-1 userInfo:userInfo]; + + return @""; + } + + AuthorizationItem authItem; + authItem.name = kAuthorizationRightExecute; + authItem.valueLength = 0; + authItem.flags = 0; + + AuthorizationRights authRights; + authRights.count = 1; + authRights.items = &authItem; + + AuthorizationFlags authFlags = kAuthorizationFlagDefaults | + kAuthorizationFlagInteractionAllowed | + kAuthorizationFlagPreAuthorize | + kAuthorizationFlagExtendRights; + + status = AuthorizationCopyRights(authRef, &authRights, nil, authFlags, nil); + + if (status != errAuthorizationSuccess) { + NSLog(@"Authorization Failed! %d", status); + NSDictionary *userInfo = @{ + NSLocalizedDescriptionKey: NSLocalizedString(@"Couldn't copy authorization rights", nil), + }; + *err = [NSError errorWithDomain:@"com.zerotier.one" code:-1 userInfo:userInfo]; + return @""; + } + + NSString *localKey = getAdminAuthToken(authRef); + AuthorizationFree(authRef, kAuthorizationFlagDestroyRights); + + if (localKey != nil && [localKey lengthOfBytesUsingEncoding:NSUTF8StringEncoding] > 0) { + k = localKey; + + [localKey writeToURL:authtokenURL + atomically:YES + encoding:NSUTF8StringEncoding + error:&error]; + + if (error) { + NSLog(@"Error writing token to disk: %@", error); + *err = error; + } + } + } + } + + if (k == nil) { + NSDictionary *userInfo = @{ + NSLocalizedDescriptionKey: NSLocalizedString(@"Unknown error finding authorization key", nil), + }; + *err = [NSError errorWithDomain:@"com.zerotier.one" code:-1 userInfo:userInfo]; + + return @""; + } + + return k; +} + +- (void)getNetworklist:(void (^)(NSArray<Network *> *))completionHandler error:(NSError *__autoreleasing*)error +{ + NSString* key = [self key:error]; + if(*error) { + return; + } + + NSString *urlString = [[baseURL stringByAppendingString:@"/network?auth="] stringByAppendingString:key]; + + NSURL *url = [NSURL URLWithString:urlString]; + NSURLSessionDataTask *task = + [session dataTaskWithURL:url + completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable err) { + + if (err) { + [[NSOperationQueue mainQueue] addOperationWithBlock:^{ + NSAlert *alert = [NSAlert alertWithError:err]; + alert.alertStyle = NSCriticalAlertStyle; + [alert addButtonWithTitle:@"Quit"]; + [alert addButtonWithTitle:@"Retry"]; + + NSModalResponse res; + if (!_isQuitting) { + res = [alert runModal]; + } + else { + return; + } + + if(res == NSAlertFirstButtonReturn) { + [NSApp performSelector:@selector(terminate:) withObject:nil afterDelay:0.0]; + _isQuitting = YES; + } + }]; + return; + } + + NSHTTPURLResponse *httpResponse = (NSHTTPURLResponse*)response; + NSInteger status = [httpResponse statusCode]; + + NSError *err2; + + if (status == 200) { + NSArray *json = [NSJSONSerialization JSONObjectWithData:data + options:0 + error:&err2]; + if (err) { + NSLog(@"Error fetching network list: %@", err2); + + [[NSOperationQueue mainQueue] addOperationWithBlock:^{ + NSAlert *alert = [NSAlert alertWithError:err2]; + alert.alertStyle = NSCriticalAlertStyle; + [alert addButtonWithTitle:@"Quit"]; + [alert addButtonWithTitle:@"Retry"]; + + NSModalResponse res; + if (!_isQuitting) { + res = [alert runModal]; + } + else { + return; + } + + if(res == NSAlertFirstButtonReturn) { + _isQuitting = YES; + [NSApp performSelector:@selector(terminate:) withObject:nil afterDelay:0.0]; + } + }]; + return; + } + + NSMutableArray<Network*> *networks = [[NSMutableArray<Network*> alloc] init]; + for(NSDictionary *dict in json) { + [networks addObject:[[Network alloc] initWithJsonData:dict]]; + } + + completionHandler(networks); + } + }]; + [task resume]; +} + +- (void)getNodeStatus:(void (^)(NodeStatus*))completionHandler error:(NSError*__autoreleasing*)error +{ + NSString *key = [self key:error]; + if(*error) { + return; + } + + NSString *urlString = [[baseURL stringByAppendingString:@"/status?auth="] stringByAppendingString:key]; + + NSURL *url = [NSURL URLWithString:urlString]; + NSURLSessionDataTask *task = + [session dataTaskWithURL:url + completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable err) { + + if(err) { + [[NSOperationQueue mainQueue] addOperationWithBlock:^{ + NSAlert *alert = [NSAlert alertWithError:err]; + alert.alertStyle = NSCriticalAlertStyle; + [alert addButtonWithTitle:@"Quit"]; + [alert addButtonWithTitle:@"Retry"]; + + NSModalResponse res; + if (!_isQuitting) { + res = [alert runModal]; + } + else { + return; + } + + if(res == NSAlertFirstButtonReturn) { + [NSApp performSelector:@selector(terminate:) withObject:nil afterDelay:0.0]; + _isQuitting = YES; + } + }]; + return; + } + + NSHTTPURLResponse *httpResponse = (NSHTTPURLResponse*)response; + NSInteger status = [httpResponse statusCode]; + + NSError *err2; + if(status == 200) { + NSDictionary *json = [NSJSONSerialization JSONObjectWithData:data + options:0 + error:&err2]; + + if(err2) { + NSLog(@"Error fetching node status: %@", err2); + [[NSOperationQueue mainQueue] addOperationWithBlock:^{ + NSAlert *alert = [NSAlert alertWithError:err2]; + alert.alertStyle = NSCriticalAlertStyle; + [alert addButtonWithTitle:@"Quit"]; + [alert addButtonWithTitle:@"Retry"]; + + NSModalResponse res; + if (!_isQuitting) { + res = [alert runModal]; + } + else { + return; + } + + if(res == NSAlertFirstButtonReturn) { + [NSApp performSelector:@selector(terminate:) withObject:nil afterDelay:0.0]; + _isQuitting = YES; + } + }]; + return; + } + + NodeStatus *status = [[NodeStatus alloc] initWithJsonData:json]; + + completionHandler(status); + } + }]; + [task resume]; +} + +- (void)joinNetwork:(NSString*)networkId allowManaged:(BOOL)allowManaged allowGlobal:(BOOL)allowGlobal allowDefault:(BOOL)allowDefault error:(NSError *__autoreleasing*)error +{ + NSString *key = [self key:error]; + if(*error) { + return; + } + + NSString *urlString = [[[[baseURL stringByAppendingString:@"/network/"] + stringByAppendingString:networkId] + stringByAppendingString:@"?auth="] + stringByAppendingString:key]; + + NSURL *url = [NSURL URLWithString:urlString]; + + NSMutableDictionary *jsonDict = [NSMutableDictionary dictionary]; + [jsonDict setObject:[NSNumber numberWithBool:allowManaged] forKey:@"allowManaged"]; + [jsonDict setObject:[NSNumber numberWithBool:allowGlobal] forKey:@"allowGlobal"]; + [jsonDict setObject:[NSNumber numberWithBool:allowDefault] forKey:@"allowDefault"]; + + NSError *err = nil; + + NSData *json = [NSJSONSerialization dataWithJSONObject:jsonDict + options:0 + error:&err]; + + if(err) { + NSLog(@"Error creating json data: %@", err); + *error = err; + return; + } + + NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url]; + request.HTTPMethod = @"POST"; + request.HTTPBody = json; + [request setValue:@"application/json" forHTTPHeaderField:@"Content-Type"]; + + NSURLSessionDataTask *task = + [session dataTaskWithRequest:request completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable err) { + if(err) { + NSLog(@"Error posting join request: %@", err); + [[NSOperationQueue mainQueue] addOperationWithBlock:^{ + NSAlert *alert = [NSAlert alertWithError:err]; + alert.alertStyle = NSCriticalAlertStyle; + [alert addButtonWithTitle:@"Quit"]; + [alert addButtonWithTitle:@"Retry"]; + + NSModalResponse res; + if (!_isQuitting) { + res = [alert runModal]; + } + else { + return; + } + + if(res == NSAlertFirstButtonReturn) { + [NSApp performSelector:@selector(terminate:) withObject:nil afterDelay:0.0]; + _isQuitting = YES; + } + }]; + } + + NSHTTPURLResponse *httpResponse = (NSHTTPURLResponse*)response; + NSInteger status = [httpResponse statusCode]; + + if(status == 200) { + NSLog(@"join ok"); + } + else { + NSLog(@"join error: %ld", (long)status); + } + }]; + [task resume]; +} + +- (void)leaveNetwork:(NSString*)networkId error:(NSError*__autoreleasing*)error +{ + NSString *key = [self key:error]; + if(*error) { + return; + } + + NSString *urlString = [[[[baseURL stringByAppendingString:@"/network/"] + stringByAppendingString:networkId] + stringByAppendingString:@"?auth="] + stringByAppendingString:key]; + + NSURL *url = [NSURL URLWithString:urlString]; + + NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url]; + request.HTTPMethod = @"DELETE"; + + NSURLSessionDataTask *task = + [session dataTaskWithRequest:request completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable err) { + if(err) { + NSLog(@"Error posting delete request: %@", err); + [[NSOperationQueue mainQueue] addOperationWithBlock:^{ + NSAlert *alert = [NSAlert alertWithError:err]; + alert.alertStyle = NSCriticalAlertStyle; + [alert addButtonWithTitle:@"Quit"]; + [alert addButtonWithTitle:@"Retry"]; + + NSModalResponse res; + if (!_isQuitting) { + res = [alert runModal]; + } + else { + return; + } + + if(res == NSAlertFirstButtonReturn) { + [NSApp performSelector:@selector(terminate:) withObject:nil afterDelay:0.0]; + _isQuitting = YES; + } + }]; + return; + } + + NSHTTPURLResponse *httpResponse = (NSHTTPURLResponse*)response; + NSInteger status = httpResponse.statusCode; + + if(status == 200) { + NSLog(@"leave ok"); + } + else { + NSLog(@"leave error: %ld", status); + } + }]; + [task resume]; +} + +@end diff --git a/macui/ZeroTier One/ShowNetworksViewController.h b/macui/ZeroTier One/ShowNetworksViewController.h new file mode 100644 index 00000000..6138958d --- /dev/null +++ b/macui/ZeroTier One/ShowNetworksViewController.h @@ -0,0 +1,36 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import <Cocoa/Cocoa.h> + +@class NetworkMonitor; +@class Network; + +@interface ShowNetworksViewController : NSViewController<NSTableViewDelegate, NSTableViewDataSource> + +@property (nonatomic) NSMutableArray<Network*> *networkList; +@property (nonatomic) NetworkMonitor *netMonitor; +@property (nonatomic) BOOL visible; + +@property (weak, nonatomic) IBOutlet NSTableView *tableView; + +- (void)deleteNetworkFromList:(NSString*)nwid; +- (void)setNetworks:(NSArray<Network*>*)list; + + +@end diff --git a/macui/ZeroTier One/ShowNetworksViewController.m b/macui/ZeroTier One/ShowNetworksViewController.m new file mode 100644 index 00000000..903a4b44 --- /dev/null +++ b/macui/ZeroTier One/ShowNetworksViewController.m @@ -0,0 +1,181 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import "ShowNetworksViewController.h" +#import "NetworkMonitor.h" +#import "NetworkInfoCell.h" +#import "Network.h" + +BOOL hasNetworkWithID(NSArray<Network*> *list, UInt64 nwid) +{ + for(Network *n in list) { + if(n.nwid == nwid) { + return YES; + } + } + + return NO; +} + +@interface ShowNetworksViewController () + +@end + +@implementation ShowNetworksViewController + +- (void)viewDidLoad { + [super viewDidLoad]; + + self.networkList = [NSMutableArray array]; + + [self.tableView setDelegate:self]; + [self.tableView setDataSource:self]; + [self.tableView setBackgroundColor:[NSColor clearColor]]; +} + +- (void)viewWillAppear { + [super viewWillAppear]; + self.visible = YES; +} + +- (void)viewWillDisappear { + [super viewWillDisappear]; + self.visible = NO; +} + +- (NSInteger)findNetworkWithID:(UInt64)networkId +{ + for(int i = 0; i < [_networkList count]; ++i) { + Network *nw = [_networkList objectAtIndex:i]; + + if(nw.nwid == networkId) { + return i; + } + } + + return NSNotFound; +} + + +- (void)deleteNetworkFromList:(NSString *)nwid { + [self.netMonitor deleteSavedNetwork:nwid]; + + UInt64 netid = 0; + NSScanner *scanner = [NSScanner scannerWithString:nwid]; + [scanner scanHexLongLong:&netid]; + for (Network *n in _networkList) { + if (n.nwid == netid) { + NSInteger index = [self findNetworkWithID:netid]; + + if (index != NSNotFound) { + [_networkList removeObjectAtIndex:index]; + [_tableView reloadData]; + } + } + } +} + +- (void)setNetworks:(NSArray<Network *> *)list { + for (Network *n in list) { + if ([_networkList containsObject:n]) { + // don't need to do anything here. Already an identical object in the list + continue; + } + else { + // network not in the list based on equality. Did an object change? or is it a new item? + if (hasNetworkWithID(_networkList, n.nwid)) { + + for (int i = 0; i < [_networkList count]; ++i) { + Network *n2 = [_networkList objectAtIndex:i]; + if (n.nwid == n2.nwid) + { + [_networkList replaceObjectAtIndex:i withObject:n]; + [_tableView reloadDataForRowIndexes:[NSIndexSet indexSetWithIndex:i] + columnIndexes:[NSIndexSet indexSetWithIndex:0]]; + } + } + } + else { + [_networkList addObject:n]; + [_tableView reloadData]; + } + } + } +} + +- (NSInteger)numberOfRowsInTableView:(NSTableView *)tableView { + return [_networkList count]; +} + +- (NSView*)tableView:(NSTableView *)tableView viewForTableColumn:(NSTableColumn *)tableColumn row:(NSInteger)row +{ + NetworkInfoCell *cell = (NetworkInfoCell*)[tableView makeViewWithIdentifier:@"NetworkInfoCell" + owner:nil]; + Network *network = [_networkList objectAtIndex:row]; + cell.parent = self; + cell.networkIdField.stringValue = [NSString stringWithFormat:@"%10llx", network.nwid]; + cell.networkNameField.stringValue = network.name; + cell.statusField.stringValue = [network statusString]; + cell.typeField.stringValue = [network typeString]; + cell.mtuField.stringValue = [NSString stringWithFormat:@"%d", network.mtu]; + cell.macField.stringValue = network.mac; + cell.broadcastField.stringValue = network.broadcastEnabled ? @"ENABLED" : @"DISABLED"; + cell.bridgingField.stringValue = network.bridge ? @"ENABLED" : @"DISABLED"; + cell.deviceField.stringValue = network.portDeviceName; + + if(network.connected) { + cell.connectedCheckbox.state = NSOnState; + + if(network.allowDefault) { + cell.allowDefault.enabled = YES; + cell.allowDefault.state = NSOnState; + } + else { + cell.allowDefault.state = NSOffState; + + if([Network defaultRouteExists:_networkList]) { + cell.allowDefault.enabled = NO; + } + else { + cell.allowDefault.enabled = YES; + } + } + + cell.allowGlobal.enabled = YES; + cell.allowManaged.enabled = YES; + } + else { + cell.connectedCheckbox.state = NSOffState; + cell.allowDefault.enabled = NO; + cell.allowGlobal.enabled = NO; + cell.allowManaged.enabled = NO; + } + + cell.allowGlobal.state = network.allowGlobal ? NSOnState : NSOffState; + cell.allowManaged.state = network.allowManaged ? NSOnState : NSOffState; + + cell.addressesField.stringValue = @""; + + for(NSString *addr in network.assignedAddresses) { + cell.addressesField.stringValue = [[cell.addressesField.stringValue stringByAppendingString:addr] stringByAppendingString:@"\n"]; + } + + return cell; +} + +@end diff --git a/macui/ZeroTier One/ShowNetworksViewController.xib b/macui/ZeroTier One/ShowNetworksViewController.xib new file mode 100644 index 00000000..f210d721 --- /dev/null +++ b/macui/ZeroTier One/ShowNetworksViewController.xib @@ -0,0 +1,371 @@ +<?xml version="1.0" encoding="UTF-8"?> +<document type="com.apple.InterfaceBuilder3.Cocoa.XIB" version="3.0" toolsVersion="11542" systemVersion="16B2555" targetRuntime="MacOSX.Cocoa" propertyAccessControl="none" useAutolayout="YES" customObjectInstantitationMethod="direct"> + <dependencies> + <deployment identifier="macosx"/> + <plugIn identifier="com.apple.InterfaceBuilder.CocoaPlugin" version="11542"/> + <capability name="documents saved in the Xcode 8 format" minToolsVersion="8.0"/> + </dependencies> + <objects> + <customObject id="-2" userLabel="File's Owner" customClass="ShowNetworksViewController" customModule="ZeroTier_One" customModuleProvider="target"> + <connections> + <outlet property="tableView" destination="w5O-vn-cYB" id="Ud6-Bs-UFB"/> + <outlet property="view" destination="Hz6-mo-xeY" id="0bl-1N-x8E"/> + </connections> + </customObject> + <customObject id="-1" userLabel="First Responder" customClass="FirstResponder"/> + <customObject id="-3" userLabel="Application" customClass="NSObject"/> + <customView id="Hz6-mo-xeY"> + <rect key="frame" x="0.0" y="0.0" width="570" height="521"/> + <autoresizingMask key="autoresizingMask" flexibleMaxX="YES" flexibleMinY="YES"/> + <subviews> + <scrollView borderType="none" autohidesScrollers="YES" horizontalLineScroll="388" horizontalPageScroll="10" verticalLineScroll="388" verticalPageScroll="10" usesPredominantAxisScrolling="NO" translatesAutoresizingMaskIntoConstraints="NO" id="miH-DQ-i4L"> + <rect key="frame" x="20" y="20" width="530" height="481"/> + <clipView key="contentView" drawsBackground="NO" copiesOnScroll="NO" id="KXW-dX-mx6"> + <rect key="frame" x="0.0" y="0.0" width="530" height="481"/> + <autoresizingMask key="autoresizingMask" widthSizable="YES" heightSizable="YES"/> + <subviews> + <tableView focusRingType="none" verticalHuggingPriority="750" allowsExpansionToolTips="YES" columnAutoresizingStyle="lastColumnOnly" selectionHighlightStyle="none" columnReordering="NO" multipleSelection="NO" autosaveColumns="NO" rowHeight="386" rowSizeStyle="automatic" viewBased="YES" id="w5O-vn-cYB"> + <rect key="frame" x="0.0" y="0.0" width="530" height="481"/> + <autoresizingMask key="autoresizingMask"/> + <size key="intercellSpacing" width="3" height="2"/> + <color key="backgroundColor" red="1" green="1" blue="1" alpha="0.59999999999999998" colorSpace="calibratedRGB"/> + <tableViewGridLines key="gridStyleMask" horizontal="YES"/> + <color key="gridColor" white="0.33333333333333331" alpha="1" colorSpace="calibratedWhite"/> + <tableColumns> + <tableColumn width="527" minWidth="40" maxWidth="1000" id="ztK-JB-A6Q"> + <tableHeaderCell key="headerCell" lineBreakMode="truncatingTail" borderStyle="border"> + <font key="font" metaFont="smallSystem"/> + <color key="textColor" name="headerTextColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="headerColor" catalog="System" colorSpace="catalog"/> + </tableHeaderCell> + <textFieldCell key="dataCell" lineBreakMode="truncatingTail" selectable="YES" editable="YES" title="Text Cell" id="WAX-7a-M9n"> + <font key="font" metaFont="system"/> + <color key="textColor" name="controlTextColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlBackgroundColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + <tableColumnResizingMask key="resizingMask" resizeWithTable="YES" userResizable="YES"/> + <prototypeCellViews> + <tableCellView identifier="NetworkInfoCell" focusRingType="none" id="rmb-il-W5I" customClass="NetworkInfoCell"> + <rect key="frame" x="1" y="1" width="527" height="386"/> + <autoresizingMask key="autoresizingMask" widthSizable="YES" heightSizable="YES"/> + <subviews> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="EUT-1A-lgY"> + <rect key="frame" x="480" y="364" width="44" height="19"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" selectable="YES" sendsActionOnEndEditing="YES" title="Label" id="bf8-gi-tpp"> + <font key="font" size="13" name="AndaleMono"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="UAC-7B-K8Y"> + <rect key="frame" x="55" y="339" width="43" height="17"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" title="Status" id="KgQ-AO-0Us"> + <font key="font" metaFont="system"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="FeX-UV-AFG"> + <rect key="frame" x="64" y="314" width="34" height="17"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" title="Type" id="8OM-iG-575"> + <font key="font" metaFont="system"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="LIA-GW-caM"> + <rect key="frame" x="65" y="289" width="33" height="17"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" title="MAC" id="UK0-f8-L0U"> + <font key="font" metaFont="system"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="EWq-81-Y6j"> + <rect key="frame" x="64" y="264" width="34" height="17"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" title="MTU" id="5Wi-02-yNW"> + <font key="font" metaFont="system"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="Mi3-aV-yWg"> + <rect key="frame" x="32" y="239" width="66" height="17"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" title="Broadcast" id="b7V-FV-HH7"> + <font key="font" metaFont="system"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="EKG-la-snQ"> + <rect key="frame" x="43" y="214" width="55" height="17"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" title="Bridging" id="bkm-pp-3tu"> + <font key="font" metaFont="system"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="syI-eg-Zka"> + <rect key="frame" x="52" y="114" width="46" height="17"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" title="Device" id="3tY-hy-qbu"> + <font key="font" metaFont="system"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="6Af-7O-CaP"> + <rect key="frame" x="16" y="89" width="82" height="17"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" title="Managed IPs" id="wHt-u2-7XG"> + <font key="font" metaFont="system"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="wl2-R8-KQO"> + <rect key="frame" x="480" y="338" width="44" height="19"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" alignment="right" title="Label" id="fkd-z8-2sv"> + <font key="font" size="13" name="AndaleMono"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <button verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="AiO-ZR-9A3"> + <rect key="frame" x="-3" y="13" width="134" height="32"/> + <buttonCell key="cell" type="push" title="Delete Network" bezelStyle="rounded" alignment="center" borderStyle="border" imageScaling="proportionallyDown" inset="2" id="7Dg-VG-hjC"> + <behavior key="behavior" pushIn="YES" lightByBackground="YES" lightByGray="YES"/> + <font key="font" metaFont="system"/> + </buttonCell> + <connections> + <action selector="deleteNetwork:" target="rmb-il-W5I" id="gBI-fk-OoF"/> + </connections> + </button> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="6rE-7R-shM"> + <rect key="frame" x="1" y="189" width="97" height="17"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" alignment="right" title="Allow Managed" id="AOv-4I-rQj"> + <font key="font" metaFont="system"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="dke-gy-mG0"> + <rect key="frame" x="14" y="139" width="84" height="17"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" title="Allow Default" id="SIi-Uu-Uzw"> + <font key="font" metaFont="system"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <button translatesAutoresizingMaskIntoConstraints="NO" id="ulU-Mk-uV9"> + <rect key="frame" x="504" y="188" width="22" height="18"/> + <buttonCell key="cell" type="check" bezelStyle="regularSquare" imagePosition="left" state="on" inset="2" id="Zhe-BT-cXO"> + <behavior key="behavior" changeContents="YES" doesNotDimImage="YES" lightByContents="YES"/> + <font key="font" metaFont="system"/> + </buttonCell> + <connections> + <action selector="onAllowStatusChanged:" target="rmb-il-W5I" id="FW8-5N-vt1"/> + </connections> + </button> + <button translatesAutoresizingMaskIntoConstraints="NO" id="8CS-6g-NFI"> + <rect key="frame" x="504" y="139" width="22" height="18"/> + <buttonCell key="cell" type="check" bezelStyle="regularSquare" imagePosition="left" inset="2" id="S2d-lU-JhT"> + <behavior key="behavior" changeContents="YES" doesNotDimImage="YES" lightByContents="YES"/> + <font key="font" metaFont="system"/> + </buttonCell> + <connections> + <action selector="onAllowStatusChanged:" target="rmb-il-W5I" id="ahh-N8-nhW"/> + </connections> + </button> + <button translatesAutoresizingMaskIntoConstraints="NO" id="URn-qw-7jG"> + <rect key="frame" x="504" y="163" width="22" height="18"/> + <buttonCell key="cell" type="check" bezelStyle="regularSquare" imagePosition="left" inset="2" id="yBQ-2g-3t5"> + <behavior key="behavior" changeContents="YES" doesNotDimImage="YES" lightByContents="YES"/> + <font key="font" metaFont="system"/> + </buttonCell> + <connections> + <action selector="onAllowStatusChanged:" target="rmb-il-W5I" id="XGy-pE-Dzf"/> + </connections> + </button> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="jdz-W3-UwS"> + <rect key="frame" x="19" y="164" width="79" height="17"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" title="Allow Global" id="PLj-4F-ROh"> + <font key="font" metaFont="system"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="dou-E5-8PF"> + <rect key="frame" x="480" y="313" width="44" height="19"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" alignment="right" title="Label" id="3Dq-d7-Gt3"> + <font key="font" size="13" name="AndaleMono"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="oD0-Qh-7L4"> + <rect key="frame" x="480" y="288" width="44" height="19"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" alignment="right" title="Label" id="35o-HJ-KYh"> + <font key="font" size="13" name="AndaleMono"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="98C-J0-Y03"> + <rect key="frame" x="480" y="263" width="44" height="19"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" alignment="right" title="Label" id="63c-hy-MHZ"> + <font key="font" size="13" name="AndaleMono"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="la4-uE-ffj"> + <rect key="frame" x="480" y="238" width="44" height="19"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" alignment="right" title="Label" id="rtd-6E-MsN"> + <font key="font" size="13" name="AndaleMono"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="qHh-oP-Tdb"> + <rect key="frame" x="480" y="213" width="44" height="19"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" alignment="right" title="Label" id="Hex-iJ-2by"> + <font key="font" size="13" name="AndaleMono"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="C0q-lJ-5dX"> + <rect key="frame" x="480" y="113" width="44" height="19"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" sendsActionOnEndEditing="YES" alignment="right" title="Label" id="5Ms-FS-k0W"> + <font key="font" size="13" name="AndaleMono"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <textField verticalHuggingPriority="750" horizontalCompressionResistancePriority="250" translatesAutoresizingMaskIntoConstraints="NO" id="GEJ-6D-gWU"> + <rect key="frame" x="102" y="86" width="424" height="19"/> + <textFieldCell key="cell" selectable="YES" sendsActionOnEndEditing="YES" alignment="right" title="Multiline Label" id="A3M-ZZ-6h7"> + <font key="font" size="13" name="AndaleMono"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <textField horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="lO9-Jg-9f8"> + <rect key="frame" x="1" y="364" width="44" height="19"/> + <textFieldCell key="cell" scrollable="YES" lineBreakMode="clipping" selectable="YES" sendsActionOnEndEditing="YES" title="Label" id="p7O-rs-RvR"> + <font key="font" size="13" name="AndaleMono"/> + <color key="textColor" name="labelColor" catalog="System" colorSpace="catalog"/> + <color key="backgroundColor" name="controlColor" catalog="System" colorSpace="catalog"/> + </textFieldCell> + </textField> + <button translatesAutoresizingMaskIntoConstraints="NO" id="KRe-B1-51k"> + <rect key="frame" x="437" y="22" width="89" height="18"/> + <buttonCell key="cell" type="check" title="Connected" bezelStyle="regularSquare" imagePosition="left" state="on" inset="2" id="DWJ-ZT-UIa"> + <behavior key="behavior" changeContents="YES" doesNotDimImage="YES" lightByContents="YES"/> + <font key="font" metaFont="system"/> + </buttonCell> + <connections> + <action selector="onConnectCheckStateChanged:" target="rmb-il-W5I" id="Ov2-bq-67i"/> + </connections> + </button> + </subviews> + <constraints> + <constraint firstItem="LIA-GW-caM" firstAttribute="trailing" secondItem="EWq-81-Y6j" secondAttribute="trailing" id="0vU-gw-esB"/> + <constraint firstItem="FeX-UV-AFG" firstAttribute="trailing" secondItem="LIA-GW-caM" secondAttribute="trailing" id="1xy-N5-B6U"/> + <constraint firstItem="FeX-UV-AFG" firstAttribute="top" secondItem="UAC-7B-K8Y" secondAttribute="bottom" constant="8" id="2Vh-D6-T45"/> + <constraint firstItem="qHh-oP-Tdb" firstAttribute="centerY" secondItem="EKG-la-snQ" secondAttribute="centerY" id="4xy-tk-eA7"/> + <constraint firstItem="LIA-GW-caM" firstAttribute="top" secondItem="FeX-UV-AFG" secondAttribute="bottom" constant="8" id="5Vd-2M-2yv"/> + <constraint firstItem="dou-E5-8PF" firstAttribute="centerY" secondItem="FeX-UV-AFG" secondAttribute="centerY" id="7iQ-Vx-9AJ"/> + <constraint firstAttribute="trailing" secondItem="wl2-R8-KQO" secondAttribute="trailing" constant="5" id="CaI-uw-8uL"/> + <constraint firstItem="Mi3-aV-yWg" firstAttribute="top" secondItem="EWq-81-Y6j" secondAttribute="bottom" constant="8" id="Cen-A6-Hdr"/> + <constraint firstItem="URn-qw-7jG" firstAttribute="centerY" secondItem="jdz-W3-UwS" secondAttribute="centerY" id="DEW-3F-MXB"/> + <constraint firstAttribute="trailing" secondItem="GEJ-6D-gWU" secondAttribute="trailing" constant="3" id="FC0-J7-2QF"/> + <constraint firstItem="EWq-81-Y6j" firstAttribute="trailing" secondItem="Mi3-aV-yWg" secondAttribute="trailing" id="FDe-x8-ERi"/> + <constraint firstAttribute="trailing" secondItem="qHh-oP-Tdb" secondAttribute="trailing" constant="5" id="Fcy-KL-LsD"/> + <constraint firstAttribute="trailing" secondItem="C0q-lJ-5dX" secondAttribute="trailing" constant="5" id="I3g-Oy-geM"/> + <constraint firstItem="EUT-1A-lgY" firstAttribute="top" secondItem="rmb-il-W5I" secondAttribute="top" constant="3" id="II4-Ta-EeQ"/> + <constraint firstItem="98C-J0-Y03" firstAttribute="centerY" secondItem="EWq-81-Y6j" secondAttribute="centerY" id="Ibd-3u-9fm"/> + <constraint firstAttribute="trailing" secondItem="8CS-6g-NFI" secondAttribute="trailing" constant="3" id="Jqv-Kb-lOT"/> + <constraint firstAttribute="trailing" secondItem="dou-E5-8PF" secondAttribute="trailing" constant="5" id="LPR-aD-BAP"/> + <constraint firstItem="jdz-W3-UwS" firstAttribute="top" secondItem="6rE-7R-shM" secondAttribute="bottom" constant="8" id="Lit-Zb-6pq"/> + <constraint firstItem="UAC-7B-K8Y" firstAttribute="top" secondItem="lO9-Jg-9f8" secondAttribute="bottom" constant="8" id="Mn0-LO-gSb"/> + <constraint firstItem="la4-uE-ffj" firstAttribute="centerY" secondItem="Mi3-aV-yWg" secondAttribute="centerY" id="Nhp-8t-OoR"/> + <constraint firstItem="lO9-Jg-9f8" firstAttribute="leading" secondItem="rmb-il-W5I" secondAttribute="leading" constant="3" id="Rzw-sT-s3c"/> + <constraint firstAttribute="trailing" secondItem="la4-uE-ffj" secondAttribute="trailing" constant="5" id="SQo-oO-lbs"/> + <constraint firstItem="AiO-ZR-9A3" firstAttribute="top" secondItem="6Af-7O-CaP" secondAttribute="bottom" constant="48" id="SbW-ma-xhO"/> + <constraint firstItem="wl2-R8-KQO" firstAttribute="centerY" secondItem="UAC-7B-K8Y" secondAttribute="centerY" id="TIS-fV-H3y"/> + <constraint firstItem="C0q-lJ-5dX" firstAttribute="centerY" secondItem="syI-eg-Zka" secondAttribute="centerY" id="TXe-Dr-AUr"/> + <constraint firstItem="lO9-Jg-9f8" firstAttribute="top" secondItem="rmb-il-W5I" secondAttribute="top" constant="3" id="TqS-9j-AZ2"/> + <constraint firstAttribute="trailing" secondItem="oD0-Qh-7L4" secondAttribute="trailing" constant="5" id="U1G-04-Zjb"/> + <constraint firstItem="jdz-W3-UwS" firstAttribute="trailing" secondItem="6rE-7R-shM" secondAttribute="trailing" id="UWD-yZ-0gu"/> + <constraint firstItem="EWq-81-Y6j" firstAttribute="top" secondItem="LIA-GW-caM" secondAttribute="bottom" constant="8" id="WS4-Xr-Uvt"/> + <constraint firstItem="GEJ-6D-gWU" firstAttribute="top" secondItem="C0q-lJ-5dX" secondAttribute="bottom" constant="8" id="WhD-XW-q7s"/> + <constraint firstAttribute="trailing" secondItem="KRe-B1-51k" secondAttribute="trailing" constant="3" id="WsQ-kS-Luf"/> + <constraint firstItem="8CS-6g-NFI" firstAttribute="centerY" secondItem="dke-gy-mG0" secondAttribute="centerY" id="X1u-9J-gLq"/> + <constraint firstItem="EKG-la-snQ" firstAttribute="top" secondItem="Mi3-aV-yWg" secondAttribute="bottom" constant="8" id="XEZ-4d-Yl9"/> + <constraint firstItem="6Af-7O-CaP" firstAttribute="top" secondItem="syI-eg-Zka" secondAttribute="bottom" constant="8" id="Xi3-aV-ZPe"/> + <constraint firstAttribute="trailing" secondItem="EUT-1A-lgY" secondAttribute="trailing" constant="5" id="cDU-PD-iMu"/> + <constraint firstItem="6rE-7R-shM" firstAttribute="leading" secondItem="rmb-il-W5I" secondAttribute="leading" constant="3" id="cIK-gU-COR"/> + <constraint firstItem="6Af-7O-CaP" firstAttribute="trailing" secondItem="syI-eg-Zka" secondAttribute="trailing" id="gP2-re-FqN"/> + <constraint firstItem="syI-eg-Zka" firstAttribute="trailing" secondItem="dke-gy-mG0" secondAttribute="trailing" id="gdf-bR-0Qk"/> + <constraint firstAttribute="trailing" secondItem="98C-J0-Y03" secondAttribute="trailing" constant="5" id="ghX-kA-tEa"/> + <constraint firstItem="UAC-7B-K8Y" firstAttribute="trailing" secondItem="FeX-UV-AFG" secondAttribute="trailing" id="hOJ-rF-Xn8"/> + <constraint firstItem="GEJ-6D-gWU" firstAttribute="leading" secondItem="6Af-7O-CaP" secondAttribute="trailing" constant="8" id="iBi-dY-iZi"/> + <constraint firstItem="KRe-B1-51k" firstAttribute="baseline" secondItem="AiO-ZR-9A3" secondAttribute="baseline" id="jBe-rC-QAF"/> + <constraint firstItem="ulU-Mk-uV9" firstAttribute="centerY" secondItem="6rE-7R-shM" secondAttribute="centerY" id="l5g-Dr-Bht"/> + <constraint firstItem="6rE-7R-shM" firstAttribute="top" secondItem="EKG-la-snQ" secondAttribute="bottom" constant="8" id="lvp-Dn-1m0"/> + <constraint firstItem="syI-eg-Zka" firstAttribute="top" secondItem="dke-gy-mG0" secondAttribute="bottom" constant="8" id="pSb-5E-l16"/> + <constraint firstAttribute="trailing" secondItem="KRe-B1-51k" secondAttribute="trailing" constant="3" id="pZ7-4k-n3s"/> + <constraint firstItem="AiO-ZR-9A3" firstAttribute="leading" secondItem="rmb-il-W5I" secondAttribute="leading" constant="3" id="pau-hs-aaF"/> + <constraint firstItem="dke-gy-mG0" firstAttribute="trailing" secondItem="jdz-W3-UwS" secondAttribute="trailing" id="qd7-UW-evp"/> + <constraint firstItem="dke-gy-mG0" firstAttribute="top" secondItem="jdz-W3-UwS" secondAttribute="bottom" constant="8" id="sHm-Jz-ko8"/> + <constraint firstItem="EKG-la-snQ" firstAttribute="trailing" secondItem="6rE-7R-shM" secondAttribute="trailing" id="tNY-Wb-Aig"/> + <constraint firstAttribute="trailing" secondItem="URn-qw-7jG" secondAttribute="trailing" constant="3" id="tb8-cb-vhf"/> + <constraint firstAttribute="trailing" secondItem="ulU-Mk-uV9" secondAttribute="trailing" constant="3" id="vCN-jZ-bH7"/> + <constraint firstItem="oD0-Qh-7L4" firstAttribute="centerY" secondItem="LIA-GW-caM" secondAttribute="centerY" id="vol-qx-psh"/> + <constraint firstItem="Mi3-aV-yWg" firstAttribute="trailing" secondItem="EKG-la-snQ" secondAttribute="trailing" id="yWV-G4-bDS"/> + </constraints> + <connections> + <outlet property="addressesField" destination="GEJ-6D-gWU" id="MDn-cx-TNx"/> + <outlet property="allowDefault" destination="8CS-6g-NFI" id="YLt-Gp-HNa"/> + <outlet property="allowGlobal" destination="URn-qw-7jG" id="VUy-Mh-nK4"/> + <outlet property="allowManaged" destination="ulU-Mk-uV9" id="poZ-5E-m0m"/> + <outlet property="bridgingField" destination="qHh-oP-Tdb" id="eSw-Dw-QoN"/> + <outlet property="broadcastField" destination="la4-uE-ffj" id="A89-yC-MhR"/> + <outlet property="connectedCheckbox" destination="KRe-B1-51k" id="Sz5-Fq-jWL"/> + <outlet property="deleteButton" destination="AiO-ZR-9A3" id="rYp-Vt-gHl"/> + <outlet property="deviceField" destination="C0q-lJ-5dX" id="bc1-Fh-zT8"/> + <outlet property="macField" destination="oD0-Qh-7L4" id="4TS-1J-vRK"/> + <outlet property="mtuField" destination="98C-J0-Y03" id="KTM-C4-bEQ"/> + <outlet property="networkIdField" destination="lO9-Jg-9f8" id="UlQ-yf-ZYk"/> + <outlet property="networkNameField" destination="EUT-1A-lgY" id="Kwa-OJ-LTB"/> + <outlet property="statusField" destination="wl2-R8-KQO" id="fH2-Wl-DtW"/> + <outlet property="typeField" destination="dou-E5-8PF" id="v6U-sw-kzs"/> + </connections> + </tableCellView> + </prototypeCellViews> + </tableColumn> + </tableColumns> + </tableView> + </subviews> + <color key="backgroundColor" red="1" green="1" blue="1" alpha="0.59999999999999998" colorSpace="calibratedRGB"/> + </clipView> + <scroller key="horizontalScroller" hidden="YES" verticalHuggingPriority="750" horizontal="YES" id="ySn-XX-fde"> + <rect key="frame" x="1" y="256" width="478" height="15"/> + <autoresizingMask key="autoresizingMask"/> + </scroller> + <scroller key="verticalScroller" hidden="YES" verticalHuggingPriority="750" horizontal="NO" id="be6-Ft-7fo"> + <rect key="frame" x="224" y="17" width="15" height="102"/> + <autoresizingMask key="autoresizingMask"/> + </scroller> + </scrollView> + </subviews> + <constraints> + <constraint firstAttribute="trailing" secondItem="miH-DQ-i4L" secondAttribute="trailing" constant="20" id="453-vf-nVL"/> + <constraint firstItem="miH-DQ-i4L" firstAttribute="leading" secondItem="Hz6-mo-xeY" secondAttribute="leading" constant="20" id="IS6-3U-KHq"/> + <constraint firstAttribute="bottom" secondItem="miH-DQ-i4L" secondAttribute="bottom" constant="20" id="YIB-OP-keG"/> + <constraint firstItem="miH-DQ-i4L" firstAttribute="top" secondItem="Hz6-mo-xeY" secondAttribute="top" constant="20" id="ceZ-7I-uoc"/> + </constraints> + <point key="canvasLocation" x="220" y="323.5"/> + </customView> + </objects> +</document> diff --git a/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/Resources/ZeroTierIcon.icns b/macui/ZeroTier One/ZeroTierIcon.icns Binary files differindex 17e60d58..17e60d58 100644 --- a/ext/installfiles/mac/mac-ui-macgap1-wrapper/bin/ZeroTier One.app/Contents/Resources/ZeroTierIcon.icns +++ b/macui/ZeroTier One/ZeroTierIcon.icns diff --git a/macui/ZeroTier One/about.html b/macui/ZeroTier One/about.html new file mode 100644 index 00000000..4fa41d7b --- /dev/null +++ b/macui/ZeroTier One/about.html @@ -0,0 +1,65 @@ +<html> + <head> + <style type="text/css"> + html,body { + background: #ffffff; + margin: 0; + padding: 0; + font-family: "Helvetica"; + font-size: 12pt; + height: 100%; + width: 100%; + } + div.icon { + background: #ffb354; + color: #000000; + font-size: 100pt; + border-radius: 2.5rem; + display: inline-block; + width: 1.3em; + height: 1.3em; + padding: 0; + margin: 0; + line-height: 1.4em; + vertical-align: middle; + text-align: center; + } + div.icon_container { + font-weight: bold; + } + a,p,h1,h2,h3,h4,span,div,strong,center,lead,nav,ol,ul,li,img,button,input,textarea,form { + font-family: "Clear Sans Light","Helvetica Neue","Helvetica",sans-serif !important; + -webkit-font-smoothing: antialiased; + } + .code { + font-family: "Menlo","Consolas","Lucida Console","Bitstream Vera Sans Mono","Courier",monospace !important; + } + a:link { + text-decoration: none; + } + div.text { + padding: 5px; + } + </style> + + </head> + <body> + <center> + <div class="icon_container"> + <div class="icon">⏁</div> + </div> + </center> + + <div class="text"> + <h2>Getting Started</h2> + + <p>Getting started is simple. Simply click <font class="code">Join Network</font> from the ZeroTier status bar menu. To join the public network "Earth", enter <font class="code">8056c2e21c000001</font> and click the Join button. Once connected, you'll be able to navigate to <a href="http://earth.zerotier.net">earth.zerotier.net</a>.</p> + + <h3>Create a Network</h3> + <p>Visit <a href="http://my.zerotier.com">my.zerotier.com</a> to create and manage your own virtual networks.</p> + + <p>For more information, visit <a href="http://www.zerotier.com">zerotier.com</a>.</p> + + </div> + </body> +</html>
\ No newline at end of file diff --git a/macui/ZeroTier One/main.m b/macui/ZeroTier One/main.m new file mode 100644 index 00000000..108a6bd1 --- /dev/null +++ b/macui/ZeroTier One/main.m @@ -0,0 +1,23 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#import <Cocoa/Cocoa.h> + +int main(int argc, const char * argv[]) { + return NSApplicationMain(argc, argv); +} diff --git a/make-bsd.mk b/make-bsd.mk new file mode 100644 index 00000000..b038d13e --- /dev/null +++ b/make-bsd.mk @@ -0,0 +1,84 @@ +INCLUDES= +DEFS= +LIBS= + +include objects.mk +OBJS+=osdep/BSDEthernetTap.o ext/http-parser/http_parser.o + +# Build with ZT_ENABLE_CLUSTER=1 to build with cluster support +ifeq ($(ZT_ENABLE_CLUSTER),1) + DEFS+=-DZT_ENABLE_CLUSTER +endif + +# "make debug" is a shortcut for this +ifeq ($(ZT_DEBUG),1) + DEFS+=-DZT_TRACE + CFLAGS+=-Wall -g -pthread $(INCLUDES) $(DEFS) + LDFLAGS+= + STRIP=echo + # The following line enables optimization for the crypto code, since + # C25519 in particular is almost UNUSABLE in heavy testing without it. +node/Salsa20.o node/SHA512.o node/C25519.o node/Poly1305.o: CFLAGS = -Wall -O2 -g -pthread $(INCLUDES) $(DEFS) +else + CFLAGS?=-O3 -fstack-protector + CFLAGS+=-Wall -fPIE -fvisibility=hidden -fstack-protector -pthread $(INCLUDES) -DNDEBUG $(DEFS) + LDFLAGS+=-pie -Wl,-z,relro,-z,now + STRIP=strip --strip-all +endif + +# Determine system build architecture from compiler target +CC_MACH=$(shell $(CC) -dumpmachine | cut -d '-' -f 1) +ZT_ARCHITECTURE=0 +ifeq ($(CC_MACH),x86_64) + ZT_ARCHITECTURE=2 +endif +ifeq ($(CC_MACH),amd64) + ZT_ARCHITECTURE=2 +endif +ifeq ($(CC_MACH),i386) + ZT_ARCHITECTURE=1 +endif +ifeq ($(CC_MACH),i686) + ZT_ARCHITECTURE=1 +endif +ifeq ($(CC_MACH),arm) + ZT_ARCHITECTURE=3 +endif +ifeq ($(CC_MACH),arm64) + ZT_ARCHITECTURE=4 +endif +ifeq ($(CC_MACH),aarch64) + ZT_ARCHITECTURE=4 +endif +DEFS+=-DZT_BUILD_PLATFORM=$(ZT_BUILD_PLATFORM) -DZT_BUILD_ARCHITECTURE=$(ZT_ARCHITECTURE) -DZT_SOFTWARE_UPDATE_DEFAULT="\"disable\"" + +CXXFLAGS+=$(CFLAGS) -fno-rtti -std=c++11 -D_GLIBCXX_USE_C99 -D_GLIBCXX_USE_C99_MATH -D_GLIBCXX_USE_C99_MATH_TR1 + +all: one + +one: $(OBJS) service/OneService.o one.o + $(CXX) $(CXXFLAGS) $(LDFLAGS) -o zerotier-one $(OBJS) service/OneService.o one.o $(LIBS) + $(STRIP) zerotier-one + ln -sf zerotier-one zerotier-idtool + ln -sf zerotier-one zerotier-cli + +selftest: $(OBJS) selftest.o + $(CXX) $(CXXFLAGS) $(LDFLAGS) -o zerotier-selftest selftest.o $(OBJS) $(LIBS) + $(STRIP) zerotier-selftest + +clean: + rm -rf *.o node/*.o controller/*.o osdep/*.o service/*.o ext/http-parser/*.o build-* zerotier-one zerotier-idtool zerotier-selftest zerotier-cli ZeroTierOneInstaller-* + +debug: FORCE + make -j 4 ZT_DEBUG=1 + +install: one + rm -f /usr/local/sbin/zerotier-one + cp zerotier-one /usr/local/sbin + ln -sf /usr/local/sbin/zerotier-one /usr/local/sbin/zerotier-cli + ln -sf /usr/local/sbin/zerotier-one /usr/local/bin/zerotier-idtool + +uninstall: FORCE + rm -rf /usr/local/sbin/zerotier-one /usr/local/sbin/zerotier-cli /usr/local/bin/zerotier-idtool /var/db/zerotier-one/zerotier-one.port /var/db/zerotier-one/zerotier-one.pid /var/db/zerotier-one/iddb.d + +FORCE: diff --git a/make-freebsd.mk b/make-freebsd.mk deleted file mode 100644 index cb9a2e6d..00000000 --- a/make-freebsd.mk +++ /dev/null @@ -1,65 +0,0 @@ -CC=cc -CXX=c++ - -INCLUDES= -DEFS= -LIBS= - -include objects.mk -OBJS+=osdep/BSDEthernetTap.o ext/lz4/lz4.o ext/http-parser/http_parser.o - -# "make official" is a shortcut for this -ifeq ($(ZT_OFFICIAL_RELEASE),1) - DEFS+=-DZT_OFFICIAL_RELEASE -endif - -# Build with ZT_ENABLE_CLUSTER=1 to build with cluster support -ifeq ($(ZT_ENABLE_CLUSTER),1) - DEFS+=-DZT_ENABLE_CLUSTER -endif - -# "make debug" is a shortcut for this -ifeq ($(ZT_DEBUG),1) - DEFS+=-DZT_TRACE - CFLAGS+=-Wall -g -pthread $(INCLUDES) $(DEFS) - LDFLAGS+= - STRIP=echo - # The following line enables optimization for the crypto code, since - # C25519 in particular is almost UNUSABLE in heavy testing without it. -ext/lz4/lz4.o node/Salsa20.o node/SHA512.o node/C25519.o node/Poly1305.o: CFLAGS = -Wall -O2 -g -pthread $(INCLUDES) $(DEFS) -else - CFLAGS?=-O3 -fstack-protector - CFLAGS+=-Wall -fPIE -fvisibility=hidden -fstack-protector -pthread $(INCLUDES) -DNDEBUG $(DEFS) - LDFLAGS+=-pie -Wl,-z,relro,-z,now - STRIP=strip --strip-all -endif - -CXXFLAGS+=$(CFLAGS) -fno-rtti - -all: one - -one: $(OBJS) service/OneService.o one.o - $(CXX) $(CXXFLAGS) $(LDFLAGS) -o zerotier-one $(OBJS) service/OneService.o one.o $(LIBS) - $(STRIP) zerotier-one - ln -sf zerotier-one zerotier-idtool - ln -sf zerotier-one zerotier-cli - -selftest: $(OBJS) selftest.o - $(CXX) $(CXXFLAGS) $(LDFLAGS) -o zerotier-selftest selftest.o $(OBJS) $(LIBS) - $(STRIP) zerotier-selftest - -# No installer on FreeBSD yet -#installer: one FORCE -# ./buildinstaller.sh - -clean: - rm -rf *.o node/*.o controller/*.o osdep/*.o service/*.o ext/http-parser/*.o ext/lz4/*.o ext/json-parser/*.o build-* zerotier-one zerotier-idtool zerotier-selftest zerotier-cli ZeroTierOneInstaller-* - -debug: FORCE - make -j 4 ZT_DEBUG=1 - -#official: FORCE -# make -j 4 ZT_OFFICIAL_RELEASE=1 -# ./buildinstaller.sh - -FORCE: diff --git a/make-linux.mk b/make-linux.mk index dff30de6..1bb62852 100644 --- a/make-linux.mk +++ b/make-linux.mk @@ -1,24 +1,3 @@ -# -# Makefile for ZeroTier One on Linux -# -# This is confirmed to work on distributions newer than CentOS 6 (the -# one used for reference builds) and on 32 and 64 bit x86 and ARM -# machines. It should also work on other 'normal' machines and recent -# distributions. Editing might be required for tiny devices or weird -# distros. -# -# Targets -# one: zerotier-one and symlinks (cli and idtool) -# manpages: builds manpages, requires 'ronn' or nodeJS (will use either) -# all: builds 'one' and 'manpages' -# selftest: zerotier-selftest -# debug: builds 'one' and 'selftest' with tracing and debug flags -# clean: removes all built files, objects, other trash -# distclean: removes a few other things that might be present -# debian: build DEB packages; deb dev tools must be present -# redhat: build RPM packages; rpm dev tools must be present -# - # Automagically pick clang or gcc, with preference for clang # This is only done if we have not overridden these with an environment or CLI variable ifeq ($(origin CC),default) @@ -28,8 +7,6 @@ ifeq ($(origin CXX),default) CXX=$(shell if [ -e /usr/bin/clang++ ]; then echo clang++; else echo g++; fi) endif -#UNAME_M=$(shell $(CC) -dumpmachine | cut -d '-' -f 1) - INCLUDES?= DEFS?=-D_FORTIFY_SOURCE=2 LDLIBS?= @@ -37,43 +14,27 @@ DESTDIR?= include objects.mk -# On Linux we auto-detect the presence of some libraries and if present we -# link against the system version. This works with our package build images. -ifeq ($(wildcard /usr/include/lz4.h),) - OBJS+=ext/lz4/lz4.o +# Use bundled http-parser since distribution versions are NOT API-stable or compatible! +# Trying to use dynamically linked libhttp-parser causes tons of compatibility problems. +OBJS+=ext/http-parser/http_parser.o + +# Auto-detect miniupnpc and nat-pmp as well and use system libs if present, +# otherwise build into binary as done on Mac and Windows. +OBJS+=osdep/PortMapper.o +DEFS+=-DZT_USE_MINIUPNPC +MINIUPNPC_IS_NEW_ENOUGH=$(shell grep -sqr '.*define.*MINIUPNPC_VERSION.*"2.."' /usr/include/miniupnpc/miniupnpc.h && echo 1) +ifeq ($(MINIUPNPC_IS_NEW_ENOUGH),1) + DEFS+=-DZT_USE_SYSTEM_MINIUPNPC + LDLIBS+=-lminiupnpc else - LDLIBS+=-llz4 - DEFS+=-DZT_USE_SYSTEM_LZ4 + DEFS+=-DMINIUPNP_STATICLIB -DMINIUPNPC_SET_SOCKET_TIMEOUT -DMINIUPNPC_GET_SRC_ADDR -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_XOPEN_SOURCE=600 -DOS_STRING=\"Linux\" -DMINIUPNPC_VERSION_STRING=\"2.0\" -DUPNP_VERSION_STRING=\"UPnP/1.1\" -DENABLE_STRNATPMPERR + OBJS+=ext/miniupnpc/connecthostport.o ext/miniupnpc/igd_desc_parse.o ext/miniupnpc/minisoap.o ext/miniupnpc/minissdpc.o ext/miniupnpc/miniupnpc.o ext/miniupnpc/miniwget.o ext/miniupnpc/minixml.o ext/miniupnpc/portlistingparse.o ext/miniupnpc/receivedata.o ext/miniupnpc/upnpcommands.o ext/miniupnpc/upnpdev.o ext/miniupnpc/upnperrors.o ext/miniupnpc/upnpreplyparse.o endif -ifeq ($(wildcard /usr/include/http_parser.h),) - OBJS+=ext/http-parser/http_parser.o +ifeq ($(wildcard /usr/include/natpmp.h),) + OBJS+=ext/libnatpmp/natpmp.o ext/libnatpmp/getgateway.o else - LDLIBS+=-lhttp_parser - DEFS+=-DZT_USE_SYSTEM_HTTP_PARSER -endif - -ifeq ($(ZT_USE_MINIUPNPC),1) - OBJS+=osdep/PortMapper.o - - DEFS+=-DZT_USE_MINIUPNPC - - # Auto-detect libminiupnpc at least v2.0 - MINIUPNPC_IS_NEW_ENOUGH=$(shell grep -sqr '.*define.*MINIUPNPC_VERSION.*"2.."' /usr/include/miniupnpc/miniupnpc.h && echo 1) - ifeq ($(MINIUPNPC_IS_NEW_ENOUGH),1) - DEFS+=-DZT_USE_SYSTEM_MINIUPNPC - LDLIBS+=-lminiupnpc - else - DEFS+=-DMINIUPNP_STATICLIB -DMINIUPNPC_SET_SOCKET_TIMEOUT -DMINIUPNPC_GET_SRC_ADDR -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_XOPEN_SOURCE=600 -DOS_STRING=\"Linux\" -DMINIUPNPC_VERSION_STRING=\"2.0\" -DUPNP_VERSION_STRING=\"UPnP/1.1\" -DENABLE_STRNATPMPERR - OBJS+=ext/miniupnpc/connecthostport.o ext/miniupnpc/igd_desc_parse.o ext/miniupnpc/minisoap.o ext/miniupnpc/minissdpc.o ext/miniupnpc/miniupnpc.o ext/miniupnpc/miniwget.o ext/miniupnpc/minixml.o ext/miniupnpc/portlistingparse.o ext/miniupnpc/receivedata.o ext/miniupnpc/upnpcommands.o ext/miniupnpc/upnpdev.o ext/miniupnpc/upnperrors.o ext/miniupnpc/upnpreplyparse.o - endif - - # Auto-detect libnatpmp - ifeq ($(wildcard /usr/include/natpmp.h),) - OBJS+=ext/libnatpmp/natpmp.o ext/libnatpmp/getgateway.o - else - LDLIBS+=-lnatpmp - DEFS+=-DZT_USE_SYSTEM_NATPMP - endif + LDLIBS+=-lnatpmp + DEFS+=-DZT_USE_SYSTEM_NATPMP endif ifeq ($(ZT_ENABLE_CLUSTER),1) @@ -88,6 +49,10 @@ ifeq ($(ZT_TRACE),1) DEFS+=-DZT_TRACE endif +ifeq ($(ZT_RULES_ENGINE_DEBUGGING),1) + DEFS+=-DZT_RULES_ENGINE_DEBUGGING +endif + ifeq ($(ZT_DEBUG),1) DEFS+=-DZT_TRACE override CFLAGS+=-Wall -g -O -pthread $(INCLUDES) $(DEFS) @@ -96,7 +61,7 @@ ifeq ($(ZT_DEBUG),1) STRIP?=echo # The following line enables optimization for the crypto code, since # C25519 in particular is almost UNUSABLE in -O0 even on a 3ghz box! -ext/lz4/lz4.o node/Salsa20.o node/SHA512.o node/C25519.o node/Poly1305.o: CFLAGS = -Wall -O2 -g -pthread $(INCLUDES) $(DEFS) +node/Salsa20.o node/SHA512.o node/C25519.o node/Poly1305.o: CFLAGS = -Wall -O2 -g -pthread $(INCLUDES) $(DEFS) else CFLAGS?=-O3 -fstack-protector override CFLAGS+=-Wall -fPIE -pthread $(INCLUDES) -DNDEBUG $(DEFS) @@ -113,7 +78,38 @@ endif #LDFLAGS= #STRIP=echo -all: one manpages +# Determine system build architecture from compiler target +CC_MACH=$(shell $(CC) -dumpmachine | cut -d '-' -f 1) +ZT_ARCHITECTURE=0 +ifeq ($(CC_MACH),x86_64) + ZT_ARCHITECTURE=2 +endif +ifeq ($(CC_MACH),amd64) + ZT_ARCHITECTURE=2 +endif +ifeq ($(CC_MACH),i386) + ZT_ARCHITECTURE=1 +endif +ifeq ($(CC_MACH),i686) + ZT_ARCHITECTURE=1 +endif +ifeq ($(CC_MACH),arm) + ZT_ARCHITECTURE=3 +endif +ifeq ($(CC_MACH),arm64) + ZT_ARCHITECTURE=4 +endif +ifeq ($(CC_MACH),aarch64) + ZT_ARCHITECTURE=4 +endif +DEFS+=-DZT_BUILD_PLATFORM=1 -DZT_BUILD_ARCHITECTURE=$(ZT_ARCHITECTURE) -DZT_SOFTWARE_UPDATE_DEFAULT="\"disable\"" + +# Define this to build a static binary, which is needed to make this runnable on a few ancient Linux distros +ifeq ($(ZT_STATIC),1) + override LDFLAGS+=-static +endif + +all: one one: $(OBJS) service/OneService.o one.o osdep/LinuxEthernetTap.o $(CXX) $(CXXFLAGS) $(LDFLAGS) -o zerotier-one $(OBJS) service/OneService.o one.o osdep/LinuxEthernetTap.o $(LDLIBS) @@ -131,13 +127,9 @@ manpages: FORCE doc: manpages clean: FORCE - rm -rf *.so *.o node/*.o controller/*.o osdep/*.o service/*.o ext/http-parser/*.o ext/lz4/*.o ext/json-parser/*.o ext/miniupnpc/*.o ext/libnatpmp/*.o $(OBJS) zerotier-one zerotier-idtool zerotier-cli zerotier-selftest build-* ZeroTierOneInstaller-* *.deb *.rpm .depend doc/*.1 doc/*.2 doc/*.8 debian/files debian/zerotier-one*.debhelper debian/zerotier-one.substvars debian/*.log debian/zerotier-one + rm -rf *.so *.o node/*.o controller/*.o osdep/*.o service/*.o ext/http-parser/*.o ext/miniupnpc/*.o ext/libnatpmp/*.o $(OBJS) zerotier-one zerotier-idtool zerotier-cli zerotier-selftest build-* ZeroTierOneInstaller-* *.deb *.rpm .depend debian/files debian/zerotier-one*.debhelper debian/zerotier-one.substvars debian/*.log debian/zerotier-one doc/node_modules distclean: clean - rm -rf doc/node_modules - find linux-build-farm -type f -name '*.deb' -print0 | xargs -0 rm -fv - find linux-build-farm -type f -name '*.rpm' -print0 | xargs -0 rm -fv - find linux-build-farm -type f -name 'zt1-src.tar.gz' | xargs rm -fv realclean: distclean @@ -193,10 +185,10 @@ uninstall: FORCE # These are just for convenience for building Linux packages -debian: distclean - debuild -I -i -us -uc +debian: FORCE + debuild -I -i -us -uc -nc -b -redhat: distclean +redhat: FORCE rpmbuild -ba zerotier-one.spec FORCE: diff --git a/make-mac.mk b/make-mac.mk index ee90ae4c..8ff1b772 100644 --- a/make-mac.mk +++ b/make-mac.mk @@ -1,49 +1,45 @@ -ifeq ($(origin CC),default) - CC=$(shell if [ -e /usr/bin/clang ]; then echo clang; else echo gcc; fi) -endif -ifeq ($(origin CXX),default) - CXX=$(shell if [ -e /usr/bin/clang++ ]; then echo clang++; else echo g++; fi) -endif - +CC=clang +CXX=clang++ INCLUDES= DEFS= LIBS= -ARCH_FLAGS=-arch x86_64 - -include objects.mk -OBJS+=osdep/OSXEthernetTap.o ext/lz4/lz4.o ext/http-parser/http_parser.o - -# Disable codesign since open source users will not have ZeroTier's certs +ARCH_FLAGS= CODESIGN=echo PRODUCTSIGN=echo CODESIGN_APP_CERT= CODESIGN_INSTALLER_CERT= -# Build with libminiupnpc by default for Mac -- desktops/laptops almost always want this -ZT_USE_MINIUPNPC?=1 +ZT_BUILD_PLATFORM=3 +ZT_BUILD_ARCHITECTURE=2 +ZT_VERSION_MAJOR=$(shell cat version.h | grep -F VERSION_MAJOR | cut -d ' ' -f 3) +ZT_VERSION_MINOR=$(shell cat version.h | grep -F VERSION_MINOR | cut -d ' ' -f 3) +ZT_VERSION_REV=$(shell cat version.h | grep -F VERSION_REVISION | cut -d ' ' -f 3) +ZT_VERSION_BUILD=$(shell cat version.h | grep -F VERSION_BUILD | cut -d ' ' -f 3) -# For internal use only -- signs everything with ZeroTier's developer cert +DEFS+=-DZT_BUILD_PLATFORM=$(ZT_BUILD_PLATFORM) -DZT_BUILD_ARCHITECTURE=$(ZT_BUILD_ARCHITECTURE) + +include objects.mk +OBJS+=osdep/OSXEthernetTap.o ext/http-parser/http_parser.o + +# Official releases are signed with our Apple cert and apply software updates by default ifeq ($(ZT_OFFICIAL_RELEASE),1) - DEFS+=-DZT_OFFICIAL_RELEASE -DZT_AUTO_UPDATE + DEFS+=-DZT_SOFTWARE_UPDATE_DEFAULT="\"apply\"" ZT_USE_MINIUPNPC=1 CODESIGN=codesign PRODUCTSIGN=productsign - CODESIGN_APP_CERT="Developer ID Application: ZeroTier Networks LLC (8ZD9JUCZ4V)" - CODESIGN_INSTALLER_CERT="Developer ID Installer: ZeroTier Networks LLC (8ZD9JUCZ4V)" + CODESIGN_APP_CERT="Developer ID Application: ZeroTier, Inc (8ZD9JUCZ4V)" + CODESIGN_INSTALLER_CERT="Developer ID Installer: ZeroTier, Inc (8ZD9JUCZ4V)" +else + DEFS+=-DZT_SOFTWARE_UPDATE_DEFAULT="\"download\"" endif ifeq ($(ZT_ENABLE_CLUSTER),1) DEFS+=-DZT_ENABLE_CLUSTER endif -ifeq ($(ZT_AUTO_UPDATE),1) - DEFS+=-DZT_AUTO_UPDATE -endif - -ifeq ($(ZT_USE_MINIUPNPC),1) - DEFS+=-DMACOSX -DZT_USE_MINIUPNPC -DMINIUPNP_STATICLIB -D_DARWIN_C_SOURCE -DMINIUPNPC_SET_SOCKET_TIMEOUT -DMINIUPNPC_GET_SRC_ADDR -D_BSD_SOURCE -D_DEFAULT_SOURCE -DOS_STRING=\"Darwin/15.0.0\" -DMINIUPNPC_VERSION_STRING=\"2.0\" -DUPNP_VERSION_STRING=\"UPnP/1.1\" -DENABLE_STRNATPMPERR - OBJS+=ext/libnatpmp/natpmp.o ext/libnatpmp/getgateway.o ext/miniupnpc/connecthostport.o ext/miniupnpc/igd_desc_parse.o ext/miniupnpc/minisoap.o ext/miniupnpc/minissdpc.o ext/miniupnpc/miniupnpc.o ext/miniupnpc/miniwget.o ext/miniupnpc/minixml.o ext/miniupnpc/portlistingparse.o ext/miniupnpc/receivedata.o ext/miniupnpc/upnpcommands.o ext/miniupnpc/upnpdev.o ext/miniupnpc/upnperrors.o ext/miniupnpc/upnpreplyparse.o osdep/PortMapper.o -endif +# Build miniupnpc and nat-pmp as included libraries -- extra defs are required for these sources +DEFS+=-DMACOSX -DZT_USE_MINIUPNPC -DMINIUPNP_STATICLIB -D_DARWIN_C_SOURCE -DMINIUPNPC_SET_SOCKET_TIMEOUT -DMINIUPNPC_GET_SRC_ADDR -D_BSD_SOURCE -D_DEFAULT_SOURCE -DOS_STRING=\"Darwin/15.0.0\" -DMINIUPNPC_VERSION_STRING=\"2.0\" -DUPNP_VERSION_STRING=\"UPnP/1.1\" -DENABLE_STRNATPMPERR +OBJS+=ext/libnatpmp/natpmp.o ext/libnatpmp/getgateway.o ext/miniupnpc/connecthostport.o ext/miniupnpc/igd_desc_parse.o ext/miniupnpc/minisoap.o ext/miniupnpc/minissdpc.o ext/miniupnpc/miniupnpc.o ext/miniupnpc/miniwget.o ext/miniupnpc/minixml.o ext/miniupnpc/portlistingparse.o ext/miniupnpc/receivedata.o ext/miniupnpc/upnpcommands.o ext/miniupnpc/upnpdev.o ext/miniupnpc/upnperrors.o ext/miniupnpc/upnpreplyparse.o osdep/PortMapper.o # Debug mode -- dump trace output, build binary with -g ifeq ($(ZT_DEBUG),1) @@ -52,16 +48,16 @@ ifeq ($(ZT_DEBUG),1) STRIP=echo # The following line enables optimization for the crypto code, since # C25519 in particular is almost UNUSABLE in heavy testing without it. -ext/lz4/lz4.o node/Salsa20.o node/SHA512.o node/C25519.o node/Poly1305.o: CFLAGS = -Wall -O2 -g -pthread $(INCLUDES) $(DEFS) +node/Salsa20.o node/SHA512.o node/C25519.o node/Poly1305.o: CFLAGS = -Wall -O2 -g -pthread $(INCLUDES) $(DEFS) else CFLAGS?=-Ofast -fstack-protector-strong CFLAGS+=$(ARCH_FLAGS) -Wall -flto -fPIE -pthread -mmacosx-version-min=10.7 -DNDEBUG -Wno-unused-private-field $(INCLUDES) $(DEFS) STRIP=strip endif -CXXFLAGS=$(CFLAGS) -mmacosx-version-min=10.7 -std=c++11 -stdlib=libc++ +CXXFLAGS=$(CFLAGS) -std=c++11 -stdlib=libc++ -all: one +all: one macui one: $(OBJS) service/OneService.o one.o $(CXX) $(CXXFLAGS) -o zerotier-one $(OBJS) service/OneService.o one.o $(LIBS) @@ -69,11 +65,14 @@ one: $(OBJS) service/OneService.o one.o ln -sf zerotier-one zerotier-idtool ln -sf zerotier-one zerotier-cli $(CODESIGN) -f -s $(CODESIGN_APP_CERT) zerotier-one - $(CODESIGN) -vvv zerotier-one -cli: FORCE - $(CXX) $(CXXFLAGS) -o zerotier cli/zerotier.cpp osdep/OSUtils.cpp node/InetAddress.cpp node/Utils.cpp node/Salsa20.cpp node/Identity.cpp node/SHA512.cpp node/C25519.cpp -lcurl - $(STRIP) zerotier +macui: FORCE + cd macui && xcodebuild -target "ZeroTier One" -configuration Release + $(CODESIGN) -f -s $(CODESIGN_APP_CERT) "macui/build/Release/ZeroTier One.app" + +#cli: FORCE +# $(CXX) $(CXXFLAGS) -o zerotier cli/zerotier.cpp osdep/OSUtils.cpp node/InetAddress.cpp node/Utils.cpp node/Salsa20.cpp node/Identity.cpp node/SHA512.cpp node/C25519.cpp -lcurl +# $(STRIP) zerotier selftest: $(OBJS) selftest.o $(CXX) $(CXXFLAGS) -o zerotier-selftest selftest.o $(OBJS) $(LIBS) @@ -85,18 +84,22 @@ mac-dist-pkg: FORCE rm -f "ZeroTier One Signed.pkg" $(PRODUCTSIGN) --sign $(CODESIGN_INSTALLER_CERT) "ZeroTier One.pkg" "ZeroTier One Signed.pkg" if [ -f "ZeroTier One Signed.pkg" ]; then mv -f "ZeroTier One Signed.pkg" "ZeroTier One.pkg"; fi + rm -f zt1_update_$(ZT_BUILD_PLATFORM)_$(ZT_BUILD_ARCHITECTURE)_* + cat ext/installfiles/mac-update/updater.tmpl.sh "ZeroTier One.pkg" >zt1_update_$(ZT_BUILD_PLATFORM)_$(ZT_BUILD_ARCHITECTURE)_$(ZT_VERSION_MAJOR).$(ZT_VERSION_MINOR).$(ZT_VERSION_REV)_$(ZT_VERSION_BUILD).exe # For ZeroTier, Inc. to build official signed packages official: FORCE make clean make ZT_OFFICIAL_RELEASE=1 -j 4 one + make ZT_OFFICIAL_RELEASE=1 macui make ZT_OFFICIAL_RELEASE=1 mac-dist-pkg clean: - rm -rf *.dSYM build-* *.pkg *.dmg *.o node/*.o controller/*.o service/*.o osdep/*.o ext/http-parser/*.o ext/lz4/*.o ext/json-parser/*.o $(OBJS) zerotier-one zerotier-idtool zerotier-selftest zerotier-cli zerotier ZeroTierOneInstaller-* mkworld doc/node_modules + rm -rf *.dSYM build-* *.pkg *.dmg *.o node/*.o controller/*.o service/*.o osdep/*.o ext/http-parser/*.o $(OBJS) zerotier-one zerotier-idtool zerotier-selftest zerotier-cli zerotier mkworld doc/node_modules macui/build zt1_update_$(ZT_BUILD_PLATFORM)_$(ZT_BUILD_ARCHITECTURE)_* distclean: clean - rm -rf doc/node_modules + +realclean: clean # For those building from source -- installs signed binary tap driver in system ZT home install-mac-tap: FORCE diff --git a/node/Address.hpp b/node/Address.hpp index 9bf5605a..4a5883b0 100644 --- a/node/Address.hpp +++ b/node/Address.hpp @@ -38,57 +38,26 @@ namespace ZeroTier { class Address { public: - Address() - throw() : - _a(0) - { - } - - Address(const Address &a) - throw() : - _a(a._a) - { - } - - Address(uint64_t a) - throw() : - _a(a & 0xffffffffffULL) - { - } - - Address(const char *s) - throw() - { - unsigned char foo[ZT_ADDRESS_LENGTH]; - setTo(foo,Utils::unhex(s,foo,ZT_ADDRESS_LENGTH)); - } - - Address(const std::string &s) - throw() - { - unsigned char foo[ZT_ADDRESS_LENGTH]; - setTo(foo,Utils::unhex(s.c_str(),foo,ZT_ADDRESS_LENGTH)); - } + Address() : _a(0) {} + Address(const Address &a) : _a(a._a) {} + Address(uint64_t a) : _a(a & 0xffffffffffULL) {} /** * @param bits Raw address -- 5 bytes, big-endian byte order * @param len Length of array */ Address(const void *bits,unsigned int len) - throw() { setTo(bits,len); } inline Address &operator=(const Address &a) - throw() { _a = a._a; return *this; } inline Address &operator=(const uint64_t a) - throw() { _a = (a & 0xffffffffffULL); return *this; @@ -99,7 +68,6 @@ public: * @param len Length of array */ inline void setTo(const void *bits,unsigned int len) - throw() { if (len < ZT_ADDRESS_LENGTH) { _a = 0; @@ -119,7 +87,6 @@ public: * @param len Length of array */ inline void copyTo(void *bits,unsigned int len) const - throw() { if (len < ZT_ADDRESS_LENGTH) return; @@ -138,7 +105,6 @@ public: */ template<unsigned int C> inline void appendTo(Buffer<C> &b) const - throw(std::out_of_range) { unsigned char *p = (unsigned char *)b.appendField(ZT_ADDRESS_LENGTH); *(p++) = (unsigned char)((_a >> 32) & 0xff); @@ -152,7 +118,6 @@ public: * @return Integer containing address (0 to 2^40) */ inline uint64_t toInt() const - throw() { return _a; } @@ -161,7 +126,6 @@ public: * @return Hash code for use with Hashtable */ inline unsigned long hashCode() const - throw() { return (unsigned long)_a; } @@ -188,12 +152,12 @@ public: /** * @return True if this address is not zero */ - inline operator bool() const throw() { return (_a != 0); } + inline operator bool() const { return (_a != 0); } /** * Set to null/zero */ - inline void zero() throw() { _a = 0; } + inline void zero() { _a = 0; } /** * Check if this address is reserved @@ -205,7 +169,6 @@ public: * @return True if address is reserved and may not be used */ inline bool isReserved() const - throw() { return ((!_a)||((_a >> 32) == ZT_ADDRESS_RESERVED_PREFIX)); } @@ -214,21 +177,21 @@ public: * @param i Value from 0 to 4 (inclusive) * @return Byte at said position (address interpreted in big-endian order) */ - inline unsigned char operator[](unsigned int i) const throw() { return (unsigned char)((_a >> (32 - (i * 8))) & 0xff); } - - inline bool operator==(const uint64_t &a) const throw() { return (_a == (a & 0xffffffffffULL)); } - inline bool operator!=(const uint64_t &a) const throw() { return (_a != (a & 0xffffffffffULL)); } - inline bool operator>(const uint64_t &a) const throw() { return (_a > (a & 0xffffffffffULL)); } - inline bool operator<(const uint64_t &a) const throw() { return (_a < (a & 0xffffffffffULL)); } - inline bool operator>=(const uint64_t &a) const throw() { return (_a >= (a & 0xffffffffffULL)); } - inline bool operator<=(const uint64_t &a) const throw() { return (_a <= (a & 0xffffffffffULL)); } - - inline bool operator==(const Address &a) const throw() { return (_a == a._a); } - inline bool operator!=(const Address &a) const throw() { return (_a != a._a); } - inline bool operator>(const Address &a) const throw() { return (_a > a._a); } - inline bool operator<(const Address &a) const throw() { return (_a < a._a); } - inline bool operator>=(const Address &a) const throw() { return (_a >= a._a); } - inline bool operator<=(const Address &a) const throw() { return (_a <= a._a); } + inline unsigned char operator[](unsigned int i) const { return (unsigned char)((_a >> (32 - (i * 8))) & 0xff); } + + inline bool operator==(const uint64_t &a) const { return (_a == (a & 0xffffffffffULL)); } + inline bool operator!=(const uint64_t &a) const { return (_a != (a & 0xffffffffffULL)); } + inline bool operator>(const uint64_t &a) const { return (_a > (a & 0xffffffffffULL)); } + inline bool operator<(const uint64_t &a) const { return (_a < (a & 0xffffffffffULL)); } + inline bool operator>=(const uint64_t &a) const { return (_a >= (a & 0xffffffffffULL)); } + inline bool operator<=(const uint64_t &a) const { return (_a <= (a & 0xffffffffffULL)); } + + inline bool operator==(const Address &a) const { return (_a == a._a); } + inline bool operator!=(const Address &a) const { return (_a != a._a); } + inline bool operator>(const Address &a) const { return (_a > a._a); } + inline bool operator<(const Address &a) const { return (_a < a._a); } + inline bool operator>=(const Address &a) const { return (_a >= a._a); } + inline bool operator<=(const Address &a) const { return (_a <= a._a); } private: uint64_t _a; diff --git a/node/Buffer.hpp b/node/Buffer.hpp index 0b171592..37f39e7b 100644 --- a/node/Buffer.hpp +++ b/node/Buffer.hpp @@ -61,11 +61,11 @@ public: // STL container idioms typedef unsigned char value_type; typedef unsigned char * pointer; - typedef const unsigned char * const_pointer; - typedef unsigned char & reference; - typedef const unsigned char & const_reference; - typedef unsigned char * iterator; - typedef const unsigned char * const_iterator; + typedef const char * const_pointer; + typedef char & reference; + typedef const char & const_reference; + typedef char * iterator; + typedef const char * const_iterator; typedef unsigned int size_type; typedef int difference_type; typedef std::reverse_iterator<iterator> reverse_iterator; @@ -79,8 +79,7 @@ public: inline const_reverse_iterator rbegin() const { return const_reverse_iterator(begin()); } inline const_reverse_iterator rend() const { return const_reverse_iterator(end()); } - Buffer() - throw() : + Buffer() : _l(0) { } @@ -419,87 +418,70 @@ public: /** * Set buffer data length to zero */ - inline void clear() - throw() - { - _l = 0; - } + inline void clear() { _l = 0; } /** * Zero buffer up to size() */ - inline void zero() - throw() - { - memset(_b,0,_l); - } + inline void zero() { memset(_b,0,_l); } /** * Zero unused capacity area */ - inline void zeroUnused() - throw() - { - memset(_b + _l,0,C - _l); - } + inline void zeroUnused() { memset(_b + _l,0,C - _l); } /** * Unconditionally and securely zero buffer's underlying memory */ - inline void burn() - throw() - { - Utils::burn(_b,sizeof(_b)); - } + inline void burn() { Utils::burn(_b,sizeof(_b)); } /** * @return Constant pointer to data in buffer */ - inline const void *data() const throw() { return _b; } + inline const void *data() const { return _b; } + + /** + * @return Non-constant pointer to data in buffer + */ + inline void *unsafeData() { return _b; } /** * @return Size of data in buffer */ - inline unsigned int size() const throw() { return _l; } + inline unsigned int size() const { return _l; } /** * @return Capacity of buffer */ - inline unsigned int capacity() const throw() { return C; } + inline unsigned int capacity() const { return C; } template<unsigned int C2> inline bool operator==(const Buffer<C2> &b) const - throw() { return ((_l == b._l)&&(!memcmp(_b,b._b,_l))); } template<unsigned int C2> inline bool operator!=(const Buffer<C2> &b) const - throw() { return ((_l != b._l)||(memcmp(_b,b._b,_l))); } template<unsigned int C2> inline bool operator<(const Buffer<C2> &b) const - throw() { return (memcmp(_b,b._b,std::min(_l,b._l)) < 0); } template<unsigned int C2> inline bool operator>(const Buffer<C2> &b) const - throw() { return (b < *this); } template<unsigned int C2> inline bool operator<=(const Buffer<C2> &b) const - throw() { return !(b < *this); } template<unsigned int C2> inline bool operator>=(const Buffer<C2> &b) const - throw() { return !(*this < b); } diff --git a/node/Capability.hpp b/node/Capability.hpp index 99980ce7..1ad6ea42 100644 --- a/node/Capability.hpp +++ b/node/Capability.hpp @@ -166,10 +166,7 @@ public: // field followed by field data. The inclusion of the size will allow non-supported // rules to be ignored but still parsed. b.append((uint8_t)rules[i].t); - switch((ZT_VirtualNetworkRuleType)(rules[i].t & 0x7f)) { - //case ZT_NETWORK_RULE_ACTION_DROP: - //case ZT_NETWORK_RULE_ACTION_ACCEPT: - //case ZT_NETWORK_RULE_ACTION_DEBUG_LOG: + switch((ZT_VirtualNetworkRuleType)(rules[i].t & 0x3f)) { default: b.append((uint8_t)0); break; @@ -198,10 +195,6 @@ public: b.append((uint8_t)1); b.append((uint8_t)rules[i].v.vlanDei); break; - case ZT_NETWORK_RULE_MATCH_ETHERTYPE: - b.append((uint8_t)2); - b.append((uint16_t)rules[i].v.etherType); - break; case ZT_NETWORK_RULE_MATCH_MAC_SOURCE: case ZT_NETWORK_RULE_MATCH_MAC_DEST: b.append((uint8_t)6); @@ -220,13 +213,19 @@ public: b.append((uint8_t)rules[i].v.ipv6.mask); break; case ZT_NETWORK_RULE_MATCH_IP_TOS: - b.append((uint8_t)1); - b.append((uint8_t)rules[i].v.ipTos); + b.append((uint8_t)3); + b.append((uint8_t)rules[i].v.ipTos.mask); + b.append((uint8_t)rules[i].v.ipTos.value[0]); + b.append((uint8_t)rules[i].v.ipTos.value[1]); break; case ZT_NETWORK_RULE_MATCH_IP_PROTOCOL: b.append((uint8_t)1); b.append((uint8_t)rules[i].v.ipProtocol); break; + case ZT_NETWORK_RULE_MATCH_ETHERTYPE: + b.append((uint8_t)2); + b.append((uint16_t)rules[i].v.etherType); + break; case ZT_NETWORK_RULE_MATCH_ICMP: b.append((uint8_t)3); b.append((uint8_t)rules[i].v.icmp.type); @@ -256,6 +255,9 @@ public: case ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_AND: case ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_OR: case ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_XOR: + case ZT_NETWORK_RULE_MATCH_TAGS_EQUAL: + case ZT_NETWORK_RULE_MATCH_TAG_SENDER: + case ZT_NETWORK_RULE_MATCH_TAG_RECEIVER: b.append((uint8_t)8); b.append((uint32_t)rules[i].v.tag.id); b.append((uint32_t)rules[i].v.tag.value); @@ -270,7 +272,7 @@ public: while ((ruleCount < maxRuleCount)&&(p < b.size())) { rules[ruleCount].t = (uint8_t)b[p++]; const unsigned int fieldLen = (unsigned int)b[p++]; - switch((ZT_VirtualNetworkRuleType)(rules[ruleCount].t & 0x7f)) { + switch((ZT_VirtualNetworkRuleType)(rules[ruleCount].t & 0x3f)) { default: break; case ZT_NETWORK_RULE_ACTION_TEE: @@ -293,9 +295,6 @@ public: case ZT_NETWORK_RULE_MATCH_VLAN_DEI: rules[ruleCount].v.vlanDei = (uint8_t)b[p]; break; - case ZT_NETWORK_RULE_MATCH_ETHERTYPE: - rules[ruleCount].v.etherType = b.template at<uint16_t>(p); - break; case ZT_NETWORK_RULE_MATCH_MAC_SOURCE: case ZT_NETWORK_RULE_MATCH_MAC_DEST: memcpy(rules[ruleCount].v.mac,b.field(p,6),6); @@ -311,11 +310,16 @@ public: rules[ruleCount].v.ipv6.mask = (uint8_t)b[p + 16]; break; case ZT_NETWORK_RULE_MATCH_IP_TOS: - rules[ruleCount].v.ipTos = (uint8_t)b[p]; + rules[ruleCount].v.ipTos.mask = (uint8_t)b[p]; + rules[ruleCount].v.ipTos.value[0] = (uint8_t)b[p+1]; + rules[ruleCount].v.ipTos.value[1] = (uint8_t)b[p+2]; break; case ZT_NETWORK_RULE_MATCH_IP_PROTOCOL: rules[ruleCount].v.ipProtocol = (uint8_t)b[p]; break; + case ZT_NETWORK_RULE_MATCH_ETHERTYPE: + rules[ruleCount].v.etherType = b.template at<uint16_t>(p); + break; case ZT_NETWORK_RULE_MATCH_ICMP: rules[ruleCount].v.icmp.type = (uint8_t)b[p]; rules[ruleCount].v.icmp.code = (uint8_t)b[p+1]; @@ -341,6 +345,8 @@ public: case ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_OR: case ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_XOR: case ZT_NETWORK_RULE_MATCH_TAGS_EQUAL: + case ZT_NETWORK_RULE_MATCH_TAG_SENDER: + case ZT_NETWORK_RULE_MATCH_TAG_RECEIVER: rules[ruleCount].v.tag.id = b.template at<uint32_t>(p); rules[ruleCount].v.tag.value = b.template at<uint32_t>(p + 4); break; @@ -392,7 +398,6 @@ public: unsigned int p = startAt; - // These are the same between Tag and Capability _nwid = b.template at<uint64_t>(p); p += 8; _ts = b.template at<uint64_t>(p); p += 8; _id = b.template at<uint32_t>(p); p += 4; @@ -414,7 +419,14 @@ public: throw std::runtime_error("unterminated custody chain"); _custody[i].to = to; _custody[i].from.setTo(b.field(p,ZT_ADDRESS_LENGTH),ZT_ADDRESS_LENGTH); p += ZT_ADDRESS_LENGTH; - memcpy(_custody[i].signature.data,b.field(p,ZT_C25519_SIGNATURE_LEN),ZT_C25519_SIGNATURE_LEN); p += ZT_C25519_SIGNATURE_LEN; + if (b[p++] == 1) { + if (b.template at<uint16_t>(p) != ZT_C25519_SIGNATURE_LEN) + throw std::runtime_error("invalid signature"); + p += 2; + memcpy(_custody[i].signature.data,b.field(p,ZT_C25519_SIGNATURE_LEN),ZT_C25519_SIGNATURE_LEN); p += ZT_C25519_SIGNATURE_LEN; + } else { + p += 2 + b.template at<uint16_t>(p); + } } p += 2 + b.template at<uint16_t>(p); diff --git a/node/CertificateOfOwnership.cpp b/node/CertificateOfOwnership.cpp new file mode 100644 index 00000000..6fc59ad1 --- /dev/null +++ b/node/CertificateOfOwnership.cpp @@ -0,0 +1,63 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#include "CertificateOfOwnership.hpp" +#include "RuntimeEnvironment.hpp" +#include "Identity.hpp" +#include "Topology.hpp" +#include "Switch.hpp" +#include "Network.hpp" + +namespace ZeroTier { + +int CertificateOfOwnership::verify(const RuntimeEnvironment *RR) const +{ + if ((!_signedBy)||(_signedBy != Network::controllerFor(_networkId))) + return -1; + const Identity id(RR->topology->getIdentity(_signedBy)); + if (!id) { + RR->sw->requestWhois(_signedBy); + return 1; + } + try { + Buffer<(sizeof(CertificateOfOwnership) + 64)> tmp; + this->serialize(tmp,true); + return (id.verify(tmp.data(),tmp.size(),_signature) ? 0 : -1); + } catch ( ... ) { + return -1; + } +} + +bool CertificateOfOwnership::_owns(const CertificateOfOwnership::Thing &t,const void *v,unsigned int l) const +{ + for(unsigned int i=0,j=_thingCount;i<j;++i) { + if (_thingTypes[i] == (uint8_t)t) { + unsigned int k = 0; + while (k < l) { + if (reinterpret_cast<const uint8_t *>(v)[k] != _thingValues[i][k]) + break; + ++k; + } + if (k == l) + return true; + } + } + return false; +} + +} // namespace ZeroTier diff --git a/node/CertificateOfOwnership.hpp b/node/CertificateOfOwnership.hpp new file mode 100644 index 00000000..7e71c9b2 --- /dev/null +++ b/node/CertificateOfOwnership.hpp @@ -0,0 +1,236 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef ZT_CERTIFICATEOFOWNERSHIP_HPP +#define ZT_CERTIFICATEOFOWNERSHIP_HPP + +#include <stdint.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include "Constants.hpp" +#include "C25519.hpp" +#include "Address.hpp" +#include "Identity.hpp" +#include "Buffer.hpp" +#include "InetAddress.hpp" +#include "MAC.hpp" + +// Max things per CertificateOfOwnership +#define ZT_CERTIFICATEOFOWNERSHIP_MAX_THINGS 16 + +// Maximum size of a thing's value field in bytes +#define ZT_CERTIFICATEOFOWNERSHIP_MAX_THING_VALUE_SIZE 16 + +namespace ZeroTier { + +class RuntimeEnvironment; + +/** + * Certificate indicating ownership of a network identifier + */ +class CertificateOfOwnership +{ +public: + enum Thing + { + THING_NULL = 0, + THING_MAC_ADDRESS = 1, + THING_IPV4_ADDRESS = 2, + THING_IPV6_ADDRESS = 3 + }; + + CertificateOfOwnership() : + _networkId(0), + _ts(0), + _id(0), + _thingCount(0) + { + } + + CertificateOfOwnership(const uint64_t nwid,const uint64_t ts,const Address &issuedTo,const uint32_t id) : + _networkId(nwid), + _ts(ts), + _flags(0), + _id(id), + _thingCount(0), + _issuedTo(issuedTo) + { + } + + inline uint64_t networkId() const { return _networkId; } + inline uint64_t timestamp() const { return _ts; } + inline uint32_t id() const { return _id; } + inline unsigned int thingCount() const { return (unsigned int)_thingCount; } + + inline Thing thingType(const unsigned int i) const { return (Thing)_thingTypes[i]; } + inline const uint8_t *thingValue(const unsigned int i) const { return _thingValues[i]; } + + inline const Address &issuedTo() const { return _issuedTo; } + + inline bool owns(const InetAddress &ip) const + { + if (ip.ss_family == AF_INET) + return this->_owns(THING_IPV4_ADDRESS,&(reinterpret_cast<const struct sockaddr_in *>(&ip)->sin_addr.s_addr),4); + if (ip.ss_family == AF_INET6) + return this->_owns(THING_IPV6_ADDRESS,reinterpret_cast<const struct sockaddr_in6 *>(&ip)->sin6_addr.s6_addr,16); + return false; + } + + inline bool owns(const MAC &mac) const + { + uint8_t tmp[6]; + mac.copyTo(tmp,6); + return this->_owns(THING_MAC_ADDRESS,tmp,6); + } + + inline void addThing(const InetAddress &ip) + { + if (_thingCount >= ZT_CERTIFICATEOFOWNERSHIP_MAX_THINGS) return; + if (ip.ss_family == AF_INET) { + _thingTypes[_thingCount] = THING_IPV4_ADDRESS; + memcpy(_thingValues[_thingCount],&(reinterpret_cast<const struct sockaddr_in *>(&ip)->sin_addr.s_addr),4); + ++_thingCount; + } else if (ip.ss_family == AF_INET6) { + _thingTypes[_thingCount] = THING_IPV6_ADDRESS; + memcpy(_thingValues[_thingCount],reinterpret_cast<const struct sockaddr_in6 *>(&ip)->sin6_addr.s6_addr,16); + ++_thingCount; + } + } + + inline void addThing(const MAC &mac) + { + if (_thingCount >= ZT_CERTIFICATEOFOWNERSHIP_MAX_THINGS) return; + _thingTypes[_thingCount] = THING_MAC_ADDRESS; + mac.copyTo(_thingValues[_thingCount],6); + ++_thingCount; + } + + /** + * @param signer Signing identity, must have private key + * @return True if signature was successful + */ + inline bool sign(const Identity &signer) + { + if (signer.hasPrivate()) { + Buffer<sizeof(CertificateOfOwnership) + 64> tmp; + _signedBy = signer.address(); + this->serialize(tmp,true); + _signature = signer.sign(tmp.data(),tmp.size()); + return true; + } + return false; + } + + /** + * @param RR Runtime environment to allow identity lookup for signedBy + * @return 0 == OK, 1 == waiting for WHOIS, -1 == BAD signature + */ + int verify(const RuntimeEnvironment *RR) const; + + template<unsigned int C> + inline void serialize(Buffer<C> &b,const bool forSign = false) const + { + if (forSign) b.append((uint64_t)0x7f7f7f7f7f7f7f7fULL); + + b.append(_networkId); + b.append(_ts); + b.append(_flags); + b.append(_id); + b.append((uint16_t)_thingCount); + for(unsigned int i=0,j=_thingCount;i<j;++i) { + b.append((uint8_t)_thingTypes[i]); + b.append(_thingValues[i],ZT_CERTIFICATEOFOWNERSHIP_MAX_THING_VALUE_SIZE); + } + + _issuedTo.appendTo(b); + _signedBy.appendTo(b); + if (!forSign) { + b.append((uint8_t)1); // 1 == Ed25519 + b.append((uint16_t)ZT_C25519_SIGNATURE_LEN); // length of signature + b.append(_signature.data,ZT_C25519_SIGNATURE_LEN); + } + + b.append((uint16_t)0); // length of additional fields, currently 0 + + if (forSign) b.append((uint64_t)0x7f7f7f7f7f7f7f7fULL); + } + + template<unsigned int C> + inline unsigned int deserialize(const Buffer<C> &b,unsigned int startAt = 0) + { + unsigned int p = startAt; + + memset(this,0,sizeof(CertificateOfOwnership)); + + _networkId = b.template at<uint64_t>(p); p += 8; + _ts = b.template at<uint64_t>(p); p += 8; + _flags = b.template at<uint64_t>(p); p += 8; + _id = b.template at<uint32_t>(p); p += 4; + _thingCount = b.template at<uint16_t>(p); p += 2; + for(unsigned int i=0,j=_thingCount;i<j;++i) { + if (i < ZT_CERTIFICATEOFOWNERSHIP_MAX_THINGS) { + _thingTypes[i] = (uint8_t)b[p++]; + memcpy(_thingValues[i],b.field(p,ZT_CERTIFICATEOFOWNERSHIP_MAX_THING_VALUE_SIZE),ZT_CERTIFICATEOFOWNERSHIP_MAX_THING_VALUE_SIZE); + p += ZT_CERTIFICATEOFOWNERSHIP_MAX_THING_VALUE_SIZE; + } + } + + _issuedTo.setTo(b.field(p,ZT_ADDRESS_LENGTH),ZT_ADDRESS_LENGTH); p += ZT_ADDRESS_LENGTH; + _signedBy.setTo(b.field(p,ZT_ADDRESS_LENGTH),ZT_ADDRESS_LENGTH); p += ZT_ADDRESS_LENGTH; + if (b[p++] == 1) { + if (b.template at<uint16_t>(p) != ZT_C25519_SIGNATURE_LEN) + throw std::runtime_error("invalid signature length"); + p += 2; + memcpy(_signature.data,b.field(p,ZT_C25519_SIGNATURE_LEN),ZT_C25519_SIGNATURE_LEN); p += ZT_C25519_SIGNATURE_LEN; + } else { + p += 2 + b.template at<uint16_t>(p); + } + + p += 2 + b.template at<uint16_t>(p); + if (p > b.size()) + throw std::runtime_error("extended field overflow"); + + return (p - startAt); + } + + // Provides natural sort order by ID + inline bool operator<(const CertificateOfOwnership &coo) const { return (_id < coo._id); } + + inline bool operator==(const CertificateOfOwnership &coo) const { return (memcmp(this,&coo,sizeof(CertificateOfOwnership)) == 0); } + inline bool operator!=(const CertificateOfOwnership &coo) const { return (memcmp(this,&coo,sizeof(CertificateOfOwnership)) != 0); } + +private: + bool _owns(const Thing &t,const void *v,unsigned int l) const; + + uint64_t _networkId; + uint64_t _ts; + uint64_t _flags; + uint32_t _id; + uint16_t _thingCount; + uint8_t _thingTypes[ZT_CERTIFICATEOFOWNERSHIP_MAX_THINGS]; + uint8_t _thingValues[ZT_CERTIFICATEOFOWNERSHIP_MAX_THINGS][ZT_CERTIFICATEOFOWNERSHIP_MAX_THING_VALUE_SIZE]; + Address _issuedTo; + Address _signedBy; + C25519::Signature _signature; +}; + +} // namespace ZeroTier + +#endif diff --git a/node/CertificateOfRepresentation.hpp b/node/CertificateOfRepresentation.hpp new file mode 100644 index 00000000..7c239a96 --- /dev/null +++ b/node/CertificateOfRepresentation.hpp @@ -0,0 +1,161 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef ZT_CERTIFICATEOFREPRESENTATION_HPP +#define ZT_CERTIFICATEOFREPRESENTATION_HPP + +#include "Constants.hpp" +#include "Address.hpp" +#include "C25519.hpp" +#include "Identity.hpp" +#include "Buffer.hpp" + +/** + * Maximum number of addresses allowed in a COR + */ +#define ZT_CERTIFICATEOFREPRESENTATION_MAX_ADDRESSES ZT_MAX_UPSTREAMS + +namespace ZeroTier { + +class CertificateOfRepresentation +{ +public: + CertificateOfRepresentation() + { + memset(this,0,sizeof(CertificateOfRepresentation)); + } + + inline uint64_t timestamp() const { return _timestamp; } + inline const Address &representative(const unsigned int i) const { return _reps[i]; } + inline unsigned int repCount() const { return _repCount; } + + inline void clear() + { + memset(this,0,sizeof(CertificateOfRepresentation)); + } + + /** + * Add a representative if space remains + * + * @param r Representative to add + * @return True if representative was added + */ + inline bool addRepresentative(const Address &r) + { + if (_repCount < ZT_CERTIFICATEOFREPRESENTATION_MAX_ADDRESSES) { + _reps[_repCount++] = r; + return true; + } + return false; + } + + /** + * Sign this COR with my identity + * + * @param myIdentity This node's identity + * @param ts COR timestamp for establishing new vs. old + */ + inline void sign(const Identity &myIdentity,const uint64_t ts) + { + _timestamp = ts; + Buffer<sizeof(CertificateOfRepresentation) + 32> tmp; + this->serialize(tmp,true); + _signature = myIdentity.sign(tmp.data(),tmp.size()); + } + + /** + * Verify this COR's signature + * + * @param senderIdentity Identity of sender of COR + * @return True if COR is valid + */ + inline bool verify(const Identity &senderIdentity) + { + try { + Buffer<sizeof(CertificateOfRepresentation) + 32> tmp; + this->serialize(tmp,true); + return senderIdentity.verify(tmp.data(),tmp.size(),_signature.data,ZT_C25519_SIGNATURE_LEN); + } catch ( ... ) { + return false; + } + } + + template<unsigned int C> + inline void serialize(Buffer<C> &b,const bool forSign = false) const + { + if (forSign) b.append((uint64_t)0x7f7f7f7f7f7f7f7fULL); + + b.append((uint64_t)_timestamp); + b.append((uint16_t)_repCount); + for(unsigned int i=0;i<_repCount;++i) + _reps[i].appendTo(b); + + if (!forSign) { + b.append((uint8_t)1); // 1 == Ed25519 signature + b.append((uint16_t)ZT_C25519_SIGNATURE_LEN); + b.append(_signature.data,ZT_C25519_SIGNATURE_LEN); + } + + b.append((uint16_t)0); // size of any additional fields, currently 0 + + if (forSign) b.append((uint64_t)0x7f7f7f7f7f7f7f7fULL); + } + + template<unsigned int C> + inline unsigned int deserialize(const Buffer<C> &b,unsigned int startAt = 0) + { + clear(); + + unsigned int p = startAt; + + _timestamp = b.template at<uint64_t>(p); p += 8; + const unsigned int rc = b.template at<uint16_t>(p); p += 2; + for(unsigned int i=0;i<rc;++i) { + if (i < ZT_CERTIFICATEOFREPRESENTATION_MAX_ADDRESSES) + _reps[i].setTo(b.field(p,ZT_ADDRESS_LENGTH),ZT_ADDRESS_LENGTH); + p += ZT_ADDRESS_LENGTH; + } + _repCount = (rc > ZT_CERTIFICATEOFREPRESENTATION_MAX_ADDRESSES) ? ZT_CERTIFICATEOFREPRESENTATION_MAX_ADDRESSES : rc; + + if (b[p++] == 1) { + if (b.template at<uint16_t>(p) == ZT_C25519_SIGNATURE_LEN) { + p += 2; + memcpy(_signature.data,b.field(p,ZT_C25519_SIGNATURE_LEN),ZT_C25519_SIGNATURE_LEN); + p += ZT_C25519_SIGNATURE_LEN; + } else throw std::runtime_error("invalid signature"); + } else { + p += 2 + b.template at<uint16_t>(p); + } + + p += 2 + b.template at<uint16_t>(p); + if (p > b.size()) + throw std::runtime_error("extended field overflow"); + + return (p - startAt); + } + +private: + uint64_t _timestamp; + Address _reps[ZT_CERTIFICATEOFREPRESENTATION_MAX_ADDRESSES]; + unsigned int _repCount; + C25519::Signature _signature; +}; + +} // namespace ZeroTier + +#endif diff --git a/node/Cluster.cpp b/node/Cluster.cpp index 2a261e51..52e03ffe 100644 --- a/node/Cluster.cpp +++ b/node/Cluster.cpp @@ -44,6 +44,7 @@ #include "Packet.hpp" #include "Switch.hpp" #include "Node.hpp" +#include "Network.hpp" #include "Array.hpp" namespace ZeroTier { @@ -254,7 +255,7 @@ void Cluster::handleIncomingStateMessage(const void *msg,unsigned int len) // One-time-use Poly1305 key from first 32 bytes of Salsa20 keystream (as per DJB/NaCl "standard") char polykey[ZT_POLY1305_KEY_LEN]; memset(polykey,0,sizeof(polykey)); - s20.encrypt12(polykey,polykey,sizeof(polykey)); + s20.crypt12(polykey,polykey,sizeof(polykey)); // Compute 16-byte MAC char mac[ZT_POLY1305_MAC_LEN]; @@ -266,7 +267,7 @@ void Cluster::handleIncomingStateMessage(const void *msg,unsigned int len) // Decrypt! dmsg.setSize(len - 24); - s20.decrypt12(reinterpret_cast<const char *>(msg) + 24,const_cast<void *>(dmsg.data()),dmsg.size()); + s20.crypt12(reinterpret_cast<const char *>(msg) + 24,const_cast<void *>(dmsg.data()),dmsg.size()); } if (dmsg.size() < 4) @@ -341,17 +342,20 @@ void Cluster::handleIncomingStateMessage(const void *msg,unsigned int len) Identity id; ptr += id.deserialize(dmsg,ptr); if (id) { - RR->topology->saveIdentity(id); - { Mutex::Lock _l(_remotePeers_m); - _remotePeers[std::pair<Address,unsigned int>(id.address(),(unsigned int)fromMemberId)] = RR->node->now(); + _RemotePeer &rp = _remotePeers[std::pair<Address,unsigned int>(id.address(),(unsigned int)fromMemberId)]; + if (!rp.lastHavePeerReceived) { + RR->topology->saveIdentity(id); + RR->identity.agree(id,rp.key,ZT_PEER_SECRET_KEY_LENGTH); + } + rp.lastHavePeerReceived = RR->node->now(); } _ClusterSendQueueEntry *q[16384]; // 16384 is "tons" unsigned int qc = _sendQueue->getByDest(id.address(),q,16384); for(unsigned int i=0;i<qc;++i) - this->sendViaCluster(q[i]->fromPeerAddress,q[i]->toPeerAddress,q[i]->data,q[i]->len,q[i]->unite); + this->relayViaCluster(q[i]->fromPeerAddress,q[i]->toPeerAddress,q[i]->data,q[i]->len,q[i]->unite); _sendQueue->returnToPool(q,qc); TRACE("[%u] has %s (retried %u queued sends)",(unsigned int)fromMemberId,id.address().toString().c_str(),qc); @@ -396,7 +400,7 @@ void Cluster::handleIncomingStateMessage(const void *msg,unsigned int len) SharedPtr<Peer> localPeer(RR->topology->getPeerNoCache(localPeerAddress)); if ((localPeer)&&(numRemotePeerPaths > 0)) { InetAddress bestLocalV4,bestLocalV6; - localPeer->getBestActiveAddresses(now,bestLocalV4,bestLocalV6); + localPeer->getRendezvousAddresses(now,bestLocalV4,bestLocalV6); InetAddress bestRemoteV4,bestRemoteV6; for(unsigned int i=0;i<numRemotePeerPaths;++i) { @@ -469,6 +473,15 @@ void Cluster::handleIncomingStateMessage(const void *msg,unsigned int len) RR->sw->send(outp,true); //TRACE("[%u] proxy send %s to %s length %u",(unsigned int)fromMemberId,Packet::verbString(verb),rcpt.toString().c_str(),len); } break; + + case CLUSTER_MESSAGE_NETWORK_CONFIG: { + const SharedPtr<Network> network(RR->node->network(dmsg.at<uint64_t>(ptr))); + if (network) { + // Copy into a Packet just to conform to Network API. Eventually + // will want to refactor. + network->handleConfigChunk(0,Address(),Buffer<ZT_PROTO_MAX_PACKET_LENGTH>(dmsg),ptr); + } + } break; } } catch ( ... ) { TRACE("invalid message of size %u type %d (inner decode), discarding",mlen,mtype); @@ -494,7 +507,84 @@ void Cluster::broadcastHavePeer(const Identity &id) } } -void Cluster::sendViaCluster(const Address &fromPeerAddress,const Address &toPeerAddress,const void *data,unsigned int len,bool unite) +void Cluster::broadcastNetworkConfigChunk(const void *chunk,unsigned int len) +{ + Mutex::Lock _l(_memberIds_m); + for(std::vector<uint16_t>::const_iterator mid(_memberIds.begin());mid!=_memberIds.end();++mid) { + Mutex::Lock _l2(_members[*mid].lock); + _send(*mid,CLUSTER_MESSAGE_NETWORK_CONFIG,chunk,len); + } +} + +int Cluster::checkSendViaCluster(const Address &toPeerAddress,uint64_t &mostRecentTs,void *peerSecret) +{ + const uint64_t now = RR->node->now(); + mostRecentTs = 0; + int mostRecentMemberId = -1; + { + Mutex::Lock _l2(_remotePeers_m); + std::map< std::pair<Address,unsigned int>,_RemotePeer >::const_iterator rpe(_remotePeers.lower_bound(std::pair<Address,unsigned int>(toPeerAddress,0))); + for(;;) { + if ((rpe == _remotePeers.end())||(rpe->first.first != toPeerAddress)) + break; + else if (rpe->second.lastHavePeerReceived > mostRecentTs) { + mostRecentTs = rpe->second.lastHavePeerReceived; + memcpy(peerSecret,rpe->second.key,ZT_PEER_SECRET_KEY_LENGTH); + mostRecentMemberId = (int)rpe->first.second; + } + ++rpe; + } + } + + const uint64_t ageOfMostRecentHavePeerAnnouncement = now - mostRecentTs; + if (ageOfMostRecentHavePeerAnnouncement >= (ZT_PEER_ACTIVITY_TIMEOUT / 3)) { + if (ageOfMostRecentHavePeerAnnouncement >= ZT_PEER_ACTIVITY_TIMEOUT) + mostRecentMemberId = -1; + + bool sendWantPeer = true; + { + Mutex::Lock _l(_remotePeers_m); + _RemotePeer &rp = _remotePeers[std::pair<Address,unsigned int>(toPeerAddress,(unsigned int)_id)]; + if ((now - rp.lastSentWantPeer) >= ZT_CLUSTER_WANT_PEER_EVERY) { + rp.lastSentWantPeer = now; + } else { + sendWantPeer = false; // don't flood WANT_PEER + } + } + if (sendWantPeer) { + char tmp[ZT_ADDRESS_LENGTH]; + toPeerAddress.copyTo(tmp,ZT_ADDRESS_LENGTH); + { + Mutex::Lock _l(_memberIds_m); + for(std::vector<uint16_t>::const_iterator mid(_memberIds.begin());mid!=_memberIds.end();++mid) { + Mutex::Lock _l2(_members[*mid].lock); + _send(*mid,CLUSTER_MESSAGE_WANT_PEER,tmp,ZT_ADDRESS_LENGTH); + } + } + } + } + + return mostRecentMemberId; +} + +bool Cluster::sendViaCluster(int mostRecentMemberId,const Address &toPeerAddress,const void *data,unsigned int len) +{ + if ((mostRecentMemberId < 0)||(mostRecentMemberId >= ZT_CLUSTER_MAX_MEMBERS)) // sanity check + return false; + Mutex::Lock _l2(_members[mostRecentMemberId].lock); + for(std::vector<InetAddress>::const_iterator i1(_zeroTierPhysicalEndpoints.begin());i1!=_zeroTierPhysicalEndpoints.end();++i1) { + for(std::vector<InetAddress>::const_iterator i2(_members[mostRecentMemberId].zeroTierPhysicalEndpoints.begin());i2!=_members[mostRecentMemberId].zeroTierPhysicalEndpoints.end();++i2) { + if (i1->ss_family == i2->ss_family) { + TRACE("sendViaCluster sending %u bytes to %s by way of %u (%s->%s)",len,toPeerAddress.toString().c_str(),(unsigned int)mostRecentMemberId,i1->toString().c_str(),i2->toString().c_str()); + RR->node->putPacket(*i1,*i2,data,len); + return true; + } + } + } + return false; +} + +void Cluster::relayViaCluster(const Address &fromPeerAddress,const Address &toPeerAddress,const void *data,unsigned int len,bool unite) { if (len > ZT_PROTO_MAX_PACKET_LENGTH) // sanity check return; @@ -502,87 +592,101 @@ void Cluster::sendViaCluster(const Address &fromPeerAddress,const Address &toPee const uint64_t now = RR->node->now(); uint64_t mostRecentTs = 0; - unsigned int mostRecentMemberId = 0xffffffff; + int mostRecentMemberId = -1; { Mutex::Lock _l2(_remotePeers_m); - std::map< std::pair<Address,unsigned int>,uint64_t >::const_iterator rpe(_remotePeers.lower_bound(std::pair<Address,unsigned int>(toPeerAddress,0))); + std::map< std::pair<Address,unsigned int>,_RemotePeer >::const_iterator rpe(_remotePeers.lower_bound(std::pair<Address,unsigned int>(toPeerAddress,0))); for(;;) { if ((rpe == _remotePeers.end())||(rpe->first.first != toPeerAddress)) break; - else if (rpe->second > mostRecentTs) { - mostRecentTs = rpe->second; - mostRecentMemberId = rpe->first.second; + else if (rpe->second.lastHavePeerReceived > mostRecentTs) { + mostRecentTs = rpe->second.lastHavePeerReceived; + mostRecentMemberId = (int)rpe->first.second; } ++rpe; } } - const uint64_t age = now - mostRecentTs; - if (age >= (ZT_PEER_ACTIVITY_TIMEOUT / 3)) { - const bool enqueueAndWait = ((age >= ZT_PEER_ACTIVITY_TIMEOUT)||(mostRecentMemberId > 0xffff)); + const uint64_t ageOfMostRecentHavePeerAnnouncement = now - mostRecentTs; + if (ageOfMostRecentHavePeerAnnouncement >= (ZT_PEER_ACTIVITY_TIMEOUT / 3)) { + // Enqueue and wait if peer seems alive, but do WANT_PEER to refresh homing + const bool enqueueAndWait = ((ageOfMostRecentHavePeerAnnouncement >= ZT_PEER_ACTIVITY_TIMEOUT)||(mostRecentMemberId < 0)); // Poll everyone with WANT_PEER if the age of our most recent entry is // approaching expiration (or has expired, or does not exist). - char tmp[ZT_ADDRESS_LENGTH]; - toPeerAddress.copyTo(tmp,ZT_ADDRESS_LENGTH); + bool sendWantPeer = true; { - Mutex::Lock _l(_memberIds_m); - for(std::vector<uint16_t>::const_iterator mid(_memberIds.begin());mid!=_memberIds.end();++mid) { - Mutex::Lock _l2(_members[*mid].lock); - _send(*mid,CLUSTER_MESSAGE_WANT_PEER,tmp,ZT_ADDRESS_LENGTH); + Mutex::Lock _l(_remotePeers_m); + _RemotePeer &rp = _remotePeers[std::pair<Address,unsigned int>(toPeerAddress,(unsigned int)_id)]; + if ((now - rp.lastSentWantPeer) >= ZT_CLUSTER_WANT_PEER_EVERY) { + rp.lastSentWantPeer = now; + } else { + sendWantPeer = false; // don't flood WANT_PEER + } + } + if (sendWantPeer) { + char tmp[ZT_ADDRESS_LENGTH]; + toPeerAddress.copyTo(tmp,ZT_ADDRESS_LENGTH); + { + Mutex::Lock _l(_memberIds_m); + for(std::vector<uint16_t>::const_iterator mid(_memberIds.begin());mid!=_memberIds.end();++mid) { + Mutex::Lock _l2(_members[*mid].lock); + _send(*mid,CLUSTER_MESSAGE_WANT_PEER,tmp,ZT_ADDRESS_LENGTH); + } } } // If there isn't a good place to send via, then enqueue this for retrying // later and return after having broadcasted a WANT_PEER. if (enqueueAndWait) { - TRACE("sendViaCluster %s -> %s enqueueing to wait for HAVE_PEER",fromPeerAddress.toString().c_str(),toPeerAddress.toString().c_str()); + TRACE("relayViaCluster %s -> %s enqueueing to wait for HAVE_PEER",fromPeerAddress.toString().c_str(),toPeerAddress.toString().c_str()); _sendQueue->enqueue(now,fromPeerAddress,toPeerAddress,data,len,unite); return; } } - Buffer<1024> buf; - if (unite) { - InetAddress v4,v6; - if (fromPeerAddress) { - SharedPtr<Peer> fromPeer(RR->topology->getPeerNoCache(fromPeerAddress)); - if (fromPeer) - fromPeer->getBestActiveAddresses(now,v4,v6); - } - uint8_t addrCount = 0; - if (v4) - ++addrCount; - if (v6) - ++addrCount; - if (addrCount) { - toPeerAddress.appendTo(buf); - fromPeerAddress.appendTo(buf); - buf.append(addrCount); + if (mostRecentMemberId >= 0) { + Buffer<1024> buf; + if (unite) { + InetAddress v4,v6; + if (fromPeerAddress) { + SharedPtr<Peer> fromPeer(RR->topology->getPeerNoCache(fromPeerAddress)); + if (fromPeer) + fromPeer->getRendezvousAddresses(now,v4,v6); + } + uint8_t addrCount = 0; if (v4) - v4.serialize(buf); + ++addrCount; if (v6) - v6.serialize(buf); + ++addrCount; + if (addrCount) { + toPeerAddress.appendTo(buf); + fromPeerAddress.appendTo(buf); + buf.append(addrCount); + if (v4) + v4.serialize(buf); + if (v6) + v6.serialize(buf); + } } - } - { - Mutex::Lock _l2(_members[mostRecentMemberId].lock); - if (buf.size() > 0) - _send(mostRecentMemberId,CLUSTER_MESSAGE_PROXY_UNITE,buf.data(),buf.size()); - - for(std::vector<InetAddress>::const_iterator i1(_zeroTierPhysicalEndpoints.begin());i1!=_zeroTierPhysicalEndpoints.end();++i1) { - for(std::vector<InetAddress>::const_iterator i2(_members[mostRecentMemberId].zeroTierPhysicalEndpoints.begin());i2!=_members[mostRecentMemberId].zeroTierPhysicalEndpoints.end();++i2) { - if (i1->ss_family == i2->ss_family) { - TRACE("sendViaCluster relaying %u bytes from %s to %s by way of %u (%s->%s)",len,fromPeerAddress.toString().c_str(),toPeerAddress.toString().c_str(),(unsigned int)mostRecentMemberId,i1->toString().c_str(),i2->toString().c_str()); - RR->node->putPacket(*i1,*i2,data,len); - return; + { + Mutex::Lock _l2(_members[mostRecentMemberId].lock); + if (buf.size() > 0) + _send(mostRecentMemberId,CLUSTER_MESSAGE_PROXY_UNITE,buf.data(),buf.size()); + + for(std::vector<InetAddress>::const_iterator i1(_zeroTierPhysicalEndpoints.begin());i1!=_zeroTierPhysicalEndpoints.end();++i1) { + for(std::vector<InetAddress>::const_iterator i2(_members[mostRecentMemberId].zeroTierPhysicalEndpoints.begin());i2!=_members[mostRecentMemberId].zeroTierPhysicalEndpoints.end();++i2) { + if (i1->ss_family == i2->ss_family) { + TRACE("relayViaCluster relaying %u bytes from %s to %s by way of %u (%s->%s)",len,fromPeerAddress.toString().c_str(),toPeerAddress.toString().c_str(),(unsigned int)mostRecentMemberId,i1->toString().c_str(),i2->toString().c_str()); + RR->node->putPacket(*i1,*i2,data,len); + return; + } } } - } - TRACE("sendViaCluster relaying %u bytes from %s to %s by way of %u failed: no common endpoints with the same address family!",len,fromPeerAddress.toString().c_str(),toPeerAddress.toString().c_str(),(unsigned int)mostRecentMemberId); - return; + TRACE("relayViaCluster relaying %u bytes from %s to %s by way of %u failed: no common endpoints with the same address family!",len,fromPeerAddress.toString().c_str(),toPeerAddress.toString().c_str(),(unsigned int)mostRecentMemberId); + } } } @@ -644,8 +748,8 @@ void Cluster::doPeriodicTasks() _lastCleanedRemotePeers = now; Mutex::Lock _l(_remotePeers_m); - for(std::map< std::pair<Address,unsigned int>,uint64_t >::iterator rp(_remotePeers.begin());rp!=_remotePeers.end();) { - if ((now - rp->second) >= ZT_PEER_ACTIVITY_TIMEOUT) + for(std::map< std::pair<Address,unsigned int>,_RemotePeer >::iterator rp(_remotePeers.begin());rp!=_remotePeers.end();) { + if ((now - rp->second.lastHavePeerReceived) >= ZT_PEER_ACTIVITY_TIMEOUT) _remotePeers.erase(rp++); else ++rp; } @@ -758,6 +862,19 @@ bool Cluster::findBetterEndpoint(InetAddress &redirectTo,const Address &peerAddr } } +bool Cluster::isClusterPeerFrontplane(const InetAddress &ip) const +{ + Mutex::Lock _l(_memberIds_m); + for(std::vector<uint16_t>::const_iterator mid(_memberIds.begin());mid!=_memberIds.end();++mid) { + Mutex::Lock _l2(_members[*mid].lock); + for(std::vector<InetAddress>::const_iterator i2(_members[*mid].zeroTierPhysicalEndpoints.begin());i2!=_members[*mid].zeroTierPhysicalEndpoints.end();++i2) { + if (ip == *i2) + return true; + } + } + return false; +} + void Cluster::status(ZT_ClusterStatus &status) const { const uint64_t now = RR->node->now(); @@ -837,10 +954,10 @@ void Cluster::_flush(uint16_t memberId) // One-time-use Poly1305 key from first 32 bytes of Salsa20 keystream (as per DJB/NaCl "standard") char polykey[ZT_POLY1305_KEY_LEN]; memset(polykey,0,sizeof(polykey)); - s20.encrypt12(polykey,polykey,sizeof(polykey)); + s20.crypt12(polykey,polykey,sizeof(polykey)); // Encrypt m.q in place - s20.encrypt12(reinterpret_cast<const char *>(m.q.data()) + 24,const_cast<char *>(reinterpret_cast<const char *>(m.q.data())) + 24,m.q.size() - 24); + s20.crypt12(reinterpret_cast<const char *>(m.q.data()) + 24,const_cast<char *>(reinterpret_cast<const char *>(m.q.data())) + 24,m.q.size() - 24); // Add MAC for authentication (encrypt-then-MAC) char mac[ZT_POLY1305_MAC_LEN]; diff --git a/node/Cluster.hpp b/node/Cluster.hpp index dafbf425..08e32a99 100644 --- a/node/Cluster.hpp +++ b/node/Cluster.hpp @@ -88,6 +88,11 @@ */ #define ZT_CLUSTER_SEND_QUEUE_DATA_MAX 1500 +/** + * We won't send WANT_PEER to other members more than every (ms) per recipient + */ +#define ZT_CLUSTER_WANT_PEER_EVERY 1000 + namespace ZeroTier { class RuntimeEnvironment; @@ -216,14 +221,13 @@ public: /** * Replicate a network config for a network we belong to: - * <[8] 64-bit network ID> - * <[2] 16-bit length of network config> - * <[...] serialized network config> + * <[...] network config chunk> * * This is used by clusters to avoid every member having to query * for the same netconf for networks all members belong to. * - * TODO: not implemented yet! + * The first field of a network config chunk is the network ID, + * so this can be checked to look up the network on receipt. */ CLUSTER_MESSAGE_NETWORK_CONFIG = 7 }; @@ -268,7 +272,38 @@ public: void broadcastHavePeer(const Identity &id); /** - * Send this packet via another node in this cluster if another node has this peer + * Broadcast a network config chunk to other members of cluster + * + * @param chunk Chunk data + * @param len Length of chunk + */ + void broadcastNetworkConfigChunk(const void *chunk,unsigned int len); + + /** + * If the cluster has this peer, prepare the packet to send via cluster + * + * Note that outp is only armored (or modified at all) if the return value is a member ID. + * + * @param toPeerAddress Value of outp.destination(), simply to save additional lookup + * @param ts Result: set to time of last HAVE_PEER from the cluster + * @param peerSecret Result: Buffer to fill with peer secret on valid return value, must be at least ZT_PEER_SECRET_KEY_LENGTH bytes + * @return -1 if cluster does not know this peer, or a member ID to pass to sendViaCluster() + */ + int checkSendViaCluster(const Address &toPeerAddress,uint64_t &mostRecentTs,void *peerSecret); + + /** + * Send data via cluster front plane (packet head or fragment) + * + * @param haveMemberId Member ID that has this peer as returned by prepSendviaCluster() + * @param toPeerAddress Destination peer address + * @param data Packet or packet fragment data + * @param len Length of packet or fragment + * @return True if packet was sent (and outp was modified via armoring) + */ + bool sendViaCluster(int haveMemberId,const Address &toPeerAddress,const void *data,unsigned int len); + + /** + * Relay a packet via the cluster * * This is used in the outgoing packet and relaying logic in Switch to * relay packets to other cluster members. It isn't PROXY_SEND-- that is @@ -280,7 +315,7 @@ public: * @param len Length of packet or fragment * @param unite If true, also request proxy unite across cluster */ - void sendViaCluster(const Address &fromPeerAddress,const Address &toPeerAddress,const void *data,unsigned int len,bool unite); + void relayViaCluster(const Address &fromPeerAddress,const Address &toPeerAddress,const void *data,unsigned int len,bool unite); /** * Send a distributed query to other cluster members @@ -324,6 +359,12 @@ public: bool findBetterEndpoint(InetAddress &redirectTo,const Address &peerAddress,const InetAddress &peerPhysicalAddress,bool offload); /** + * @param ip Address to check + * @return True if this is a cluster frontplane address (excluding our addresses) + */ + bool isClusterPeerFrontplane(const InetAddress &ip) const; + + /** * Fill out ZT_ClusterStatus structure (from core API) * * @param status Reference to structure to hold result (anything there is replaced) @@ -391,7 +432,15 @@ private: std::vector<uint16_t> _memberIds; Mutex _memberIds_m; - std::map< std::pair<Address,unsigned int>,uint64_t > _remotePeers; // we need ordered behavior and lower_bound here + struct _RemotePeer + { + _RemotePeer() : lastHavePeerReceived(0),lastSentWantPeer(0) {} + ~_RemotePeer() { Utils::burn(key,ZT_PEER_SECRET_KEY_LENGTH); } + uint64_t lastHavePeerReceived; + uint64_t lastSentWantPeer; + uint8_t key[ZT_PEER_SECRET_KEY_LENGTH]; // secret key from identity agreement + }; + std::map< std::pair<Address,unsigned int>,_RemotePeer > _remotePeers; // we need ordered behavior and lower_bound here Mutex _remotePeers_m; uint64_t _lastFlushed; diff --git a/node/Constants.hpp b/node/Constants.hpp index b7042d5d..3bda3805 100644 --- a/node/Constants.hpp +++ b/node/Constants.hpp @@ -215,6 +215,11 @@ #define ZT_RECEIVE_QUEUE_TIMEOUT (ZT_WHOIS_RETRY_DELAY * (ZT_MAX_WHOIS_RETRIES + 1)) /** + * Maximum latency to allow for OK(HELLO) before packet is discarded + */ +#define ZT_HELLO_MAX_ALLOWABLE_LATENCY 60000 + +/** * Maximum number of ZT hops allowed (this is not IP hops/TTL) * * The protocol allows up to 7, but we limit it to something smaller. @@ -222,6 +227,11 @@ #define ZT_RELAY_MAX_HOPS 3 /** + * Maximum number of upstreams to use (far more than we should ever need) + */ +#define ZT_MAX_UPSTREAMS 64 + +/** * Expire time for multicast 'likes' and indirect multicast memberships in ms */ #define ZT_MULTICAST_LIKE_EXPIRE 600000 @@ -256,12 +266,12 @@ /** * How frequently to send heartbeats over in-use paths */ -#define ZT_PATH_HEARTBEAT_PERIOD 10000 +#define ZT_PATH_HEARTBEAT_PERIOD 14000 /** * Paths are considered inactive if they have not received traffic in this long */ -#define ZT_PATH_ALIVE_TIMEOUT 25000 +#define ZT_PATH_ALIVE_TIMEOUT 45000 /** * Minimum time between attempts to check dead paths to see if they can be re-awakened @@ -284,6 +294,11 @@ #define ZT_PEER_PATH_EXPIRATION ((ZT_PEER_PING_PERIOD * 4) + 3000) /** + * Send a full HELLO every this often (ms) + */ +#define ZT_PEER_SEND_FULL_HELLO_EVERY (ZT_PEER_PING_PERIOD * 2) + +/** * How often to retry expired paths that we're still remembering */ #define ZT_PEER_EXPIRED_PATH_TRIAL_PERIOD (ZT_PEER_PING_PERIOD * 10) @@ -321,6 +336,11 @@ #define ZT_MIN_UNITE_INTERVAL 30000 /** + * How often should peers try memorized or statically defined paths? + */ +#define ZT_TRY_MEMORIZED_PATH_INTERVAL 30000 + +/** * Sanity limit on maximum bridge routes * * If the number of bridge routes exceeds this, we cull routes from the @@ -376,6 +396,26 @@ #define ZT_PEER_GENERAL_RATE_LIMIT 1000 /** + * Don't do expensive identity validation more often than this + * + * IPv4 and IPv6 address prefixes are hashed down to 14-bit (0-16383) integers + * using the first 24 bits for IPv4 or the first 48 bits for IPv6. These are + * then rate limited to one identity validation per this often milliseconds. + */ +#if (defined(__amd64) || defined(__amd64__) || defined(__x86_64) || defined(__x86_64__) || defined(__AMD64) || defined(__AMD64__) || defined(_M_X64) || defined(_M_AMD64)) +// AMD64 machines can do anywhere from one every 50ms to one every 10ms. This provides plenty of margin. +#define ZT_IDENTITY_VALIDATION_SOURCE_RATE_LIMIT 2000 +#else +#if (defined(__i386__) || defined(__i486__) || defined(__i586__) || defined(__i686__) || defined(_M_IX86) || defined(_X86_) || defined(__I86__)) +// 32-bit Intel machines usually average about one every 100ms +#define ZT_IDENTITY_VALIDATION_SOURCE_RATE_LIMIT 5000 +#else +// This provides a safe margin for ARM, MIPS, etc. that usually average one every 250-400ms +#define ZT_IDENTITY_VALIDATION_SOURCE_RATE_LIMIT 10000 +#endif +#endif + +/** * How long is a path or peer considered to have a trust relationship with us (for e.g. relay policy) since last trusted established packet? */ #define ZT_TRUST_EXPIRATION 600000 @@ -394,6 +434,11 @@ #define ZT_UDP_DESIRED_BUF_SIZE 131072 #endif +/** + * Desired / recommended min stack size for threads (used on some platforms to reset thread stack size) + */ +#define ZT_THREAD_MIN_STACK_SIZE 1048576 + /* Ethernet frame types that might be relevant to us */ #define ZT_ETHERTYPE_IPV4 0x0800 #define ZT_ETHERTYPE_ARP 0x0806 diff --git a/node/Identity.cpp b/node/Identity.cpp index c47805d9..89fdb836 100644 --- a/node/Identity.cpp +++ b/node/Identity.cpp @@ -46,7 +46,7 @@ static inline void _computeMemoryHardHash(const void *publicKey,unsigned int pub // but is not what we want for sequential memory-harndess. memset(genmem,0,ZT_IDENTITY_GEN_MEMORY); Salsa20 s20(digest,256,(char *)digest + 32); - s20.encrypt20((char *)genmem,(char *)genmem,64); + s20.crypt20((char *)genmem,(char *)genmem,64); for(unsigned long i=64;i<ZT_IDENTITY_GEN_MEMORY;i+=64) { unsigned long k = i - 64; *((uint64_t *)((char *)genmem + i)) = *((uint64_t *)((char *)genmem + k)); @@ -57,7 +57,7 @@ static inline void _computeMemoryHardHash(const void *publicKey,unsigned int pub *((uint64_t *)((char *)genmem + i + 40)) = *((uint64_t *)((char *)genmem + k + 40)); *((uint64_t *)((char *)genmem + i + 48)) = *((uint64_t *)((char *)genmem + k + 48)); *((uint64_t *)((char *)genmem + i + 56)) = *((uint64_t *)((char *)genmem + k + 56)); - s20.encrypt20((char *)genmem + i,(char *)genmem + i,64); + s20.crypt20((char *)genmem + i,(char *)genmem + i,64); } // Render final digest using genmem as a lookup table @@ -67,7 +67,7 @@ static inline void _computeMemoryHardHash(const void *publicKey,unsigned int pub uint64_t tmp = ((uint64_t *)genmem)[idx2]; ((uint64_t *)genmem)[idx2] = ((uint64_t *)digest)[idx1]; ((uint64_t *)digest)[idx1] = tmp; - s20.encrypt20(digest,digest,64); + s20.crypt20(digest,digest,64); } } @@ -160,7 +160,7 @@ bool Identity::fromString(const char *str) for(char *f=Utils::stok(tmp,":",&saveptr);(f);f=Utils::stok((char *)0,":",&saveptr)) { switch(fno++) { case 0: - _address = Address(f); + _address = Address(Utils::hexStrToU64(f)); if (_address.isReserved()) return false; break; diff --git a/node/IncomingPacket.cpp b/node/IncomingPacket.cpp index e0fa3bf1..856538b4 100644 --- a/node/IncomingPacket.cpp +++ b/node/IncomingPacket.cpp @@ -37,6 +37,7 @@ #include "Cluster.hpp" #include "Node.hpp" #include "CertificateOfMembership.hpp" +#include "CertificateOfRepresentation.hpp" #include "Capability.hpp" #include "Tag.hpp" #include "Revocation.hpp" @@ -77,7 +78,7 @@ bool IncomingPacket::tryDecode(const RuntimeEnvironment *RR) } if (!uncompress()) { - TRACE("dropped packet from %s(%s), compressed data invalid",sourceAddress.toString().c_str(),_path->address().toString().c_str()); + TRACE("dropped packet from %s(%s), compressed data invalid (verb may be %u)",sourceAddress.toString().c_str(),_path->address().toString().c_str(),(unsigned int)verb()); return true; } @@ -106,9 +107,7 @@ bool IncomingPacket::tryDecode(const RuntimeEnvironment *RR) case Packet::VERB_PUSH_DIRECT_PATHS: return _doPUSH_DIRECT_PATHS(RR,peer); case Packet::VERB_CIRCUIT_TEST: return _doCIRCUIT_TEST(RR,peer); case Packet::VERB_CIRCUIT_TEST_REPORT: return _doCIRCUIT_TEST_REPORT(RR,peer); - case Packet::VERB_REQUEST_PROOF_OF_WORK: return _doREQUEST_PROOF_OF_WORK(RR,peer); - case Packet::VERB_USER_MESSAGE: - return true; + case Packet::VERB_USER_MESSAGE: return _doUSER_MESSAGE(RR,peer); } } else { RR->sw->requestWhois(sourceAddress); @@ -161,7 +160,7 @@ bool IncomingPacket::_doERROR(const RuntimeEnvironment *RR,const SharedPtr<Peer> case Packet::ERROR_IDENTITY_COLLISION: // FIXME: for federation this will need a payload with a signature or something. - if (RR->topology->isRoot(peer->identity())) + if (RR->topology->isUpstream(peer->identity())) RR->node->postEvent(ZT_EVENT_FATAL_ERROR_IDENTITY_COLLISION); break; @@ -213,33 +212,17 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,const bool alreadyAut const unsigned int vMinor = (*this)[ZT_PROTO_VERB_HELLO_IDX_MINOR_VERSION]; const unsigned int vRevision = at<uint16_t>(ZT_PROTO_VERB_HELLO_IDX_REVISION); const uint64_t timestamp = at<uint64_t>(ZT_PROTO_VERB_HELLO_IDX_TIMESTAMP); - Identity id; - InetAddress externalSurfaceAddress; - uint64_t worldId = ZT_WORLD_ID_NULL; - uint64_t worldTimestamp = 0; - { - unsigned int ptr = ZT_PROTO_VERB_HELLO_IDX_IDENTITY + id.deserialize(*this,ZT_PROTO_VERB_HELLO_IDX_IDENTITY); - - // Get external surface address if present (was not in old versions) - if (ptr < size()) - ptr += externalSurfaceAddress.deserialize(*this,ptr); - - // Get world ID and world timestamp if present (was not in old versions) - if ((ptr + 16) <= size()) { - worldId = at<uint64_t>(ptr); ptr += 8; - worldTimestamp = at<uint64_t>(ptr); - } - } + unsigned int ptr = ZT_PROTO_VERB_HELLO_IDX_IDENTITY + id.deserialize(*this,ZT_PROTO_VERB_HELLO_IDX_IDENTITY); - if (fromAddress != id.address()) { - TRACE("dropped HELLO from %s(%s): identity not for sending address",fromAddress.toString().c_str(),_path->address().toString().c_str()); - return true; - } if (protoVersion < ZT_PROTO_VERSION_MIN) { TRACE("dropped HELLO from %s(%s): protocol version too old",id.address().toString().c_str(),_path->address().toString().c_str()); return true; } + if (fromAddress != id.address()) { + TRACE("dropped HELLO from %s(%s): identity does not match packet source address",fromAddress.toString().c_str(),_path->address().toString().c_str()); + return true; + } SharedPtr<Peer> peer(RR->topology->getPeer(id.address())); if (peer) { @@ -248,6 +231,10 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,const bool alreadyAut if (peer->identity() != id) { // Identity is different from the one we already have -- address collision + // Check rate limits + if (!RR->node->rateGateIdentityVerification(now,_path->address())) + return true; + uint8_t key[ZT_PEER_SECRET_KEY_LENGTH]; if (RR->identity.agree(id,key,ZT_PEER_SECRET_KEY_LENGTH)) { if (dearmor(key)) { // ensure packet is authentic, otherwise drop @@ -256,7 +243,7 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,const bool alreadyAut outp.append((uint8_t)Packet::VERB_HELLO); outp.append((uint64_t)pid); outp.append((uint8_t)Packet::ERROR_IDENTITY_COLLISION); - outp.armor(key,true); + outp.armor(key,true,_path->nextOutgoingCounter()); _path->send(RR,outp.data(),outp.size(),RR->node->now()); } else { TRACE("rejected HELLO from %s(%s): packet failed authentication",id.address().toString().c_str(),_path->address().toString().c_str()); @@ -276,7 +263,7 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,const bool alreadyAut // Continue at // VALID } - } // else continue at // VALID + } // else if alreadyAuthenticated then continue at // VALID } else { // We don't already have an identity with this address -- validate and learn it @@ -286,18 +273,23 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,const bool alreadyAut return true; } - // Check that identity's address is valid as per the derivation function - if (!id.locallyValidate()) { - TRACE("dropped HELLO from %s(%s): identity invalid",id.address().toString().c_str(),_path->address().toString().c_str()); + // Check rate limits + if (!RR->node->rateGateIdentityVerification(now,_path->address())) return true; - } - // Check packet integrity and authentication + // Check packet integrity and MAC (this is faster than locallyValidate() so do it first to filter out total crap) SharedPtr<Peer> newPeer(new Peer(RR,RR->identity,id)); if (!dearmor(newPeer->key())) { TRACE("rejected HELLO from %s(%s): packet failed authentication",id.address().toString().c_str(),_path->address().toString().c_str()); return true; } + + // Check that identity's address is valid as per the derivation function + if (!id.locallyValidate()) { + TRACE("dropped HELLO from %s(%s): identity invalid",id.address().toString().c_str(),_path->address().toString().c_str()); + return true; + } + peer = RR->topology->addPeer(newPeer); // Continue at // VALID @@ -305,10 +297,49 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,const bool alreadyAut // VALID -- if we made it here, packet passed identity and authenticity checks! - // Learn our external surface address from other peers to help us negotiate symmetric NATs - // and detect changes to our global IP that can trigger path renegotiation. - if ((externalSurfaceAddress)&&(hops() == 0)) - RR->sa->iam(id.address(),_path->localAddress(),_path->address(),externalSurfaceAddress,RR->topology->isUpstream(id),now); + // Get external surface address if present (was not in old versions) + InetAddress externalSurfaceAddress; + if (ptr < size()) { + ptr += externalSurfaceAddress.deserialize(*this,ptr); + if ((externalSurfaceAddress)&&(hops() == 0)) + RR->sa->iam(id.address(),_path->localAddress(),_path->address(),externalSurfaceAddress,RR->topology->isUpstream(id),now); + } + + // Get primary planet world ID and world timestamp if present + uint64_t planetWorldId = 0; + uint64_t planetWorldTimestamp = 0; + if ((ptr + 16) <= size()) { + planetWorldId = at<uint64_t>(ptr); ptr += 8; + planetWorldTimestamp = at<uint64_t>(ptr); ptr += 8; + } + + std::vector< std::pair<uint64_t,uint64_t> > moonIdsAndTimestamps; + if (ptr < size()) { + // Remainder of packet, if present, is encrypted + cryptField(peer->key(),ptr,size() - ptr); + + // Get moon IDs and timestamps if present + if ((ptr + 2) <= size()) { + unsigned int numMoons = at<uint16_t>(ptr); ptr += 2; + for(unsigned int i=0;i<numMoons;++i) { + if ((World::Type)(*this)[ptr++] == World::TYPE_MOON) + moonIdsAndTimestamps.push_back(std::pair<uint64_t,uint64_t>(at<uint64_t>(ptr),at<uint64_t>(ptr + 8))); + ptr += 16; + } + } + + // Handle COR if present (older versions don't send this) + if ((ptr + 2) <= size()) { + if (at<uint16_t>(ptr) > 0) { + CertificateOfRepresentation cor; + ptr += 2; + ptr += cor.deserialize(*this,ptr); + } else ptr += 2; + } + } + + // Send OK(HELLO) with an echo of the packet's timestamp and some of the same + // information about us: version, sent-to address, etc. Packet outp(id.address(),RR->identity.address(),Packet::VERB_OK); outp.append((unsigned char)Packet::VERB_HELLO); @@ -318,6 +349,7 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,const bool alreadyAut outp.append((unsigned char)ZEROTIER_ONE_VERSION_MAJOR); outp.append((unsigned char)ZEROTIER_ONE_VERSION_MINOR); outp.append((uint16_t)ZEROTIER_ONE_VERSION_REVISION); + if (protoVersion >= 5) { _path->address().serialize(outp); } else { @@ -349,17 +381,31 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,const bool alreadyAut tmpa.serialize(outp); } - if ((worldId != ZT_WORLD_ID_NULL)&&(RR->topology->worldTimestamp() > worldTimestamp)&&(worldId == RR->topology->worldId())) { - World w(RR->topology->world()); - const unsigned int sizeAt = outp.size(); - outp.addSize(2); // make room for 16-bit size field - w.serialize(outp,false); - outp.setAt<uint16_t>(sizeAt,(uint16_t)(outp.size() - (sizeAt + 2))); - } else { - outp.append((uint16_t)0); // no world update needed + const unsigned int worldUpdateSizeAt = outp.size(); + outp.addSize(2); // make room for 16-bit size field + if ((planetWorldId)&&(RR->topology->planetWorldTimestamp() > planetWorldTimestamp)&&(planetWorldId == RR->topology->planetWorldId())) { + RR->topology->planet().serialize(outp,false); + } + if (moonIdsAndTimestamps.size() > 0) { + std::vector<World> moons(RR->topology->moons()); + for(std::vector<World>::const_iterator m(moons.begin());m!=moons.end();++m) { + for(std::vector< std::pair<uint64_t,uint64_t> >::const_iterator i(moonIdsAndTimestamps.begin());i!=moonIdsAndTimestamps.end();++i) { + if (i->first == m->id()) { + if (m->timestamp() > i->second) + m->serialize(outp,false); + break; + } + } + } } + outp.setAt<uint16_t>(worldUpdateSizeAt,(uint16_t)(outp.size() - (worldUpdateSizeAt + 2))); - outp.armor(peer->key(),true); + const unsigned int corSizeAt = outp.size(); + outp.addSize(2); + RR->topology->appendCertificateOfRepresentation(outp); + outp.setAt(corSizeAt,(uint16_t)(outp.size() - (corSizeAt + 2))); + + outp.armor(peer->key(),true,_path->nextOutgoingCounter()); _path->send(RR,outp.data(),outp.size(),now); peer->setRemoteVersion(protoVersion,vMajor,vMinor,vRevision); // important for this to go first so received() knows the version @@ -386,7 +432,10 @@ bool IncomingPacket::_doOK(const RuntimeEnvironment *RR,const SharedPtr<Peer> &p switch(inReVerb) { case Packet::VERB_HELLO: { - const unsigned int latency = std::min((unsigned int)(RR->node->now() - at<uint64_t>(ZT_PROTO_VERB_HELLO__OK__IDX_TIMESTAMP)),(unsigned int)0xffff); + const uint64_t latency = RR->node->now() - at<uint64_t>(ZT_PROTO_VERB_HELLO__OK__IDX_TIMESTAMP); + if (latency > ZT_HELLO_MAX_ALLOWABLE_LATENCY) + return true; + const unsigned int vProto = (*this)[ZT_PROTO_VERB_HELLO__OK__IDX_PROTOCOL_VERSION]; const unsigned int vMajor = (*this)[ZT_PROTO_VERB_HELLO__OK__IDX_MAJOR_VERSION]; const unsigned int vMinor = (*this)[ZT_PROTO_VERB_HELLO__OK__IDX_MINOR_VERSION]; @@ -400,24 +449,38 @@ bool IncomingPacket::_doOK(const RuntimeEnvironment *RR,const SharedPtr<Peer> &p InetAddress externalSurfaceAddress; unsigned int ptr = ZT_PROTO_VERB_HELLO__OK__IDX_REVISION + 2; - // Get reported external surface address if present (was not on old versions) + // Get reported external surface address if present if (ptr < size()) ptr += externalSurfaceAddress.deserialize(*this,ptr); - // Handle world updates from root servers if present (was not on old versions) - if (((ptr + 2) <= size())&&(RR->topology->isRoot(peer->identity()))) { - World worldUpdate; - const unsigned int worldLen = at<uint16_t>(ptr); ptr += 2; - if (worldLen > 0) { - World w; - w.deserialize(*this,ptr); - RR->topology->worldUpdateIfValid(w); + // Handle planet or moon updates if present + if ((ptr + 2) <= size()) { + const unsigned int worldsLen = at<uint16_t>(ptr); ptr += 2; + if (RR->topology->shouldAcceptWorldUpdateFrom(peer->address())) { + const unsigned int endOfWorlds = ptr + worldsLen; + while (ptr < endOfWorlds) { + World w; + ptr += w.deserialize(*this,ptr); + RR->topology->addWorld(w,false); + } + } else { + ptr += worldsLen; } } + // Handle certificate of representation if present + if ((ptr + 2) <= size()) { + if (at<uint16_t>(ptr) > 0) { + CertificateOfRepresentation cor; + ptr += 2; + ptr += cor.deserialize(*this,ptr); + } else ptr += 2; + } + TRACE("%s(%s): OK(HELLO), version %u.%u.%u, latency %u, reported external address %s",source().toString().c_str(),_path->address().toString().c_str(),vMajor,vMinor,vRevision,latency,((externalSurfaceAddress) ? externalSurfaceAddress.toString().c_str() : "(none)")); - peer->addDirectLatencyMeasurment(latency); + if (!hops()) + peer->addDirectLatencyMeasurment((unsigned int)latency); peer->setRemoteVersion(vProto,vMajor,vMinor,vRevision); if ((externalSurfaceAddress)&&(hops() == 0)) @@ -434,7 +497,7 @@ bool IncomingPacket::_doOK(const RuntimeEnvironment *RR,const SharedPtr<Peer> &p case Packet::VERB_NETWORK_CONFIG_REQUEST: { const SharedPtr<Network> network(RR->node->network(at<uint64_t>(ZT_PROTO_VERB_OK_IDX_PAYLOAD))); if (network) - network->handleConfigChunk(*this,ZT_PROTO_VERB_OK_IDX_PAYLOAD); + network->handleConfigChunk(packetId(),source(),*this,ZT_PROTO_VERB_OK_IDX_PAYLOAD); } break; case Packet::VERB_MULTICAST_GATHER: { @@ -509,11 +572,8 @@ bool IncomingPacket::_doWHOIS(const RuntimeEnvironment *RR,const SharedPtr<Peer> id.serialize(outp,false); ++count; } else { - // If I am not the root and don't know this identity, ask upstream. Downstream - // peer may re-request in the future and if so we will be able to provide it. - if (!RR->topology->amRoot()) - RR->sw->requestWhois(addr); - + // Request unknown WHOIS from upstream from us (if we have one) + RR->sw->requestWhois(addr); #ifdef ZT_ENABLE_CLUSTER // Distribute WHOIS queries across a cluster if we do not know the ID. // This may result in duplicate OKs to the querying peer, which is fine. @@ -524,7 +584,7 @@ bool IncomingPacket::_doWHOIS(const RuntimeEnvironment *RR,const SharedPtr<Peer> } if (count > 0) { - outp.armor(peer->key(),true); + outp.armor(peer->key(),true,_path->nextOutgoingCounter()); _path->send(RR,outp.data(),outp.size(),RR->node->now()); } @@ -548,9 +608,9 @@ bool IncomingPacket::_doRENDEZVOUS(const RuntimeEnvironment *RR,const SharedPtr< const unsigned int addrlen = (*this)[ZT_PROTO_VERB_RENDEZVOUS_IDX_ADDRLEN]; if ((port > 0)&&((addrlen == 4)||(addrlen == 16))) { const InetAddress atAddr(field(ZT_PROTO_VERB_RENDEZVOUS_IDX_ADDRESS,addrlen),addrlen,port); - if (RR->node->shouldUsePathForZeroTierTraffic(_path->localAddress(),atAddr)) { + if (RR->node->shouldUsePathForZeroTierTraffic(with,_path->localAddress(),atAddr)) { RR->node->putPacket(_path->localAddress(),atAddr,"ABRE",4,2); // send low-TTL junk packet to 'open' local NAT(s) and stateful firewalls - rendezvousWith->attemptToContactAt(_path->localAddress(),atAddr,RR->node->now()); + rendezvousWith->attemptToContactAt(_path->localAddress(),atAddr,RR->node->now(),false,0); TRACE("RENDEZVOUS from %s says %s might be at %s, sent verification attempt",peer->address().toString().c_str(),with.toString().c_str(),atAddr.toString().c_str()); } else { TRACE("RENDEZVOUS from %s says %s might be at %s, ignoring since path is not suitable",peer->address().toString().c_str(),with.toString().c_str(),atAddr.toString().c_str()); @@ -667,12 +727,12 @@ bool IncomingPacket::_doEXT_FRAME(const RuntimeEnvironment *RR,const SharedPtr<P } } - if ((flags & 0x10) != 0) { + if ((flags & 0x10) != 0) { // ACK requested Packet outp(peer->address(),RR->identity.address(),Packet::VERB_OK); outp.append((uint8_t)Packet::VERB_EXT_FRAME); outp.append((uint64_t)packetId()); outp.append((uint64_t)nwid); - outp.armor(peer->key(),true); + outp.armor(peer->key(),true,_path->nextOutgoingCounter()); _path->send(RR,outp.data(),outp.size(),RR->node->now()); } @@ -702,7 +762,7 @@ bool IncomingPacket::_doECHO(const RuntimeEnvironment *RR,const SharedPtr<Peer> outp.append((uint64_t)pid); if (size() > ZT_PACKET_IDX_PAYLOAD) outp.append(reinterpret_cast<const unsigned char *>(data()) + ZT_PACKET_IDX_PAYLOAD,size() - ZT_PACKET_IDX_PAYLOAD); - outp.armor(peer->key(),true); + outp.armor(peer->key(),true,_path->nextOutgoingCounter()); _path->send(RR,outp.data(),outp.size(),RR->node->now()); peer->received(_path,hops(),pid,Packet::VERB_ECHO,0,Packet::VERB_NOP,false); @@ -772,6 +832,7 @@ bool IncomingPacket::_doNETWORK_CREDENTIALS(const RuntimeEnvironment *RR,const S Capability cap; Tag tag; Revocation revocation; + CertificateOfOwnership coo; bool trustEstablished = false; unsigned int p = ZT_PACKET_IDX_PAYLOAD; @@ -814,6 +875,8 @@ bool IncomingPacket::_doNETWORK_CREDENTIALS(const RuntimeEnvironment *RR,const S } } + if (p >= size()) return true; + const unsigned int numTags = at<uint16_t>(p); p += 2; for(unsigned int i=0;i<numTags;++i) { p += tag.deserialize(*this,p); @@ -832,6 +895,8 @@ bool IncomingPacket::_doNETWORK_CREDENTIALS(const RuntimeEnvironment *RR,const S } } + if (p >= size()) return true; + const unsigned int numRevocations = at<uint16_t>(p); p += 2; for(unsigned int i=0;i<numRevocations;++i) { p += revocation.deserialize(*this,p); @@ -849,6 +914,26 @@ bool IncomingPacket::_doNETWORK_CREDENTIALS(const RuntimeEnvironment *RR,const S } } } + + if (p >= size()) return true; + + const unsigned int numCoos = at<uint16_t>(p); p += 2; + for(unsigned int i=0;i<numCoos;++i) { + p += coo.deserialize(*this,p); + const SharedPtr<Network> network(RR->node->network(coo.networkId())); + if (network) { + switch(network->addCredential(coo)) { + case Membership::ADD_REJECTED: + break; + case Membership::ADD_ACCEPTED_NEW: + case Membership::ADD_ACCEPTED_REDUNDANT: + trustEstablished = true; + break; + case Membership::ADD_DEFERRED_FOR_WHOIS: + return false; + } + } + } } peer->received(_path,hops(),packetId(),Packet::VERB_NETWORK_CREDENTIALS,0,Packet::VERB_NOP,trustEstablished); @@ -866,103 +951,23 @@ bool IncomingPacket::_doNETWORK_CONFIG_REQUEST(const RuntimeEnvironment *RR,cons const uint64_t nwid = at<uint64_t>(ZT_PROTO_VERB_NETWORK_CONFIG_REQUEST_IDX_NETWORK_ID); const unsigned int hopCount = hops(); const uint64_t requestPacketId = packetId(); - bool trustEstablished = false; if (RR->localNetworkController) { const unsigned int metaDataLength = at<uint16_t>(ZT_PROTO_VERB_NETWORK_CONFIG_REQUEST_IDX_DICT_LEN); const char *metaDataBytes = (const char *)field(ZT_PROTO_VERB_NETWORK_CONFIG_REQUEST_IDX_DICT,metaDataLength); const Dictionary<ZT_NETWORKCONFIG_METADATA_DICT_CAPACITY> metaData(metaDataBytes,metaDataLength); - - NetworkConfig *netconf = new NetworkConfig(); - try { - switch(RR->localNetworkController->doNetworkConfigRequest((hopCount > 0) ? InetAddress() : _path->address(),RR->identity,peer->identity(),nwid,metaData,*netconf)) { - - case NetworkController::NETCONF_QUERY_OK: { - trustEstablished = true; - Dictionary<ZT_NETWORKCONFIG_DICT_CAPACITY> *dconf = new Dictionary<ZT_NETWORKCONFIG_DICT_CAPACITY>(); - try { - if (netconf->toDictionary(*dconf,metaData.getUI(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_VERSION,0) < 6)) { - uint64_t configUpdateId = RR->node->prng(); - if (!configUpdateId) ++configUpdateId; - const unsigned int totalSize = dconf->sizeBytes(); - unsigned int chunkIndex = 0; - while (chunkIndex < totalSize) { - const unsigned int chunkLen = std::min(totalSize - chunkIndex,(unsigned int)(ZT_UDP_DEFAULT_PAYLOAD_MTU - (ZT_PACKET_IDX_PAYLOAD + 256))); - Packet outp(peer->address(),RR->identity.address(),Packet::VERB_OK); - outp.append((unsigned char)Packet::VERB_NETWORK_CONFIG_REQUEST); - outp.append(requestPacketId); - - const unsigned int sigStart = outp.size(); - outp.append(nwid); - outp.append((uint16_t)chunkLen); - outp.append((const void *)(dconf->data() + chunkIndex),chunkLen); - - outp.append((uint8_t)0); // no flags - outp.append((uint64_t)configUpdateId); - outp.append((uint32_t)totalSize); - outp.append((uint32_t)chunkIndex); - - C25519::Signature sig(RR->identity.sign(reinterpret_cast<const uint8_t *>(outp.data()) + sigStart,outp.size() - sigStart)); - outp.append((uint8_t)1); - outp.append((uint16_t)ZT_C25519_SIGNATURE_LEN); - outp.append(sig.data,ZT_C25519_SIGNATURE_LEN); - - outp.compress(); - RR->sw->send(outp,true); - chunkIndex += chunkLen; - } - } - delete dconf; - } catch ( ... ) { - delete dconf; - throw; - } - } break; - - case NetworkController::NETCONF_QUERY_OBJECT_NOT_FOUND: { - Packet outp(peer->address(),RR->identity.address(),Packet::VERB_ERROR); - outp.append((unsigned char)Packet::VERB_NETWORK_CONFIG_REQUEST); - outp.append(requestPacketId); - outp.append((unsigned char)Packet::ERROR_OBJ_NOT_FOUND); - outp.append(nwid); - outp.armor(peer->key(),true); - _path->send(RR,outp.data(),outp.size(),RR->node->now()); - } break; - - case NetworkController::NETCONF_QUERY_ACCESS_DENIED: { - Packet outp(peer->address(),RR->identity.address(),Packet::VERB_ERROR); - outp.append((unsigned char)Packet::VERB_NETWORK_CONFIG_REQUEST); - outp.append(requestPacketId); - outp.append((unsigned char)Packet::ERROR_NETWORK_ACCESS_DENIED_); - outp.append(nwid); - outp.armor(peer->key(),true); - _path->send(RR,outp.data(),outp.size(),RR->node->now()); - } break; - - case NetworkController::NETCONF_QUERY_INTERNAL_SERVER_ERROR: - break; - case NetworkController::NETCONF_QUERY_IGNORE: - break; - default: - TRACE("NETWORK_CONFIG_REQUEST failed: invalid return value from NetworkController::doNetworkConfigRequest()"); - break; - } - delete netconf; - } catch ( ... ) { - delete netconf; - throw; - } + RR->localNetworkController->request(nwid,(hopCount > 0) ? InetAddress() : _path->address(),requestPacketId,peer->identity(),metaData); } else { Packet outp(peer->address(),RR->identity.address(),Packet::VERB_ERROR); outp.append((unsigned char)Packet::VERB_NETWORK_CONFIG_REQUEST); outp.append(requestPacketId); outp.append((unsigned char)Packet::ERROR_UNSUPPORTED_OPERATION); outp.append(nwid); - outp.armor(peer->key(),true); + outp.armor(peer->key(),true,_path->nextOutgoingCounter()); _path->send(RR,outp.data(),outp.size(),RR->node->now()); } - peer->received(_path,hopCount,requestPacketId,Packet::VERB_NETWORK_CONFIG_REQUEST,0,Packet::VERB_NOP,trustEstablished); + peer->received(_path,hopCount,requestPacketId,Packet::VERB_NETWORK_CONFIG_REQUEST,0,Packet::VERB_NOP,false); } catch (std::exception &exc) { fprintf(stderr,"WARNING: network config request failed with exception: %s" ZT_EOL_S,exc.what()); TRACE("dropped NETWORK_CONFIG_REQUEST from %s(%s): %s",source().toString().c_str(),_path->address().toString().c_str(),exc.what()); @@ -978,14 +983,14 @@ bool IncomingPacket::_doNETWORK_CONFIG(const RuntimeEnvironment *RR,const Shared try { const SharedPtr<Network> network(RR->node->network(at<uint64_t>(ZT_PACKET_IDX_PAYLOAD))); if (network) { - const uint64_t configUpdateId = network->handleConfigChunk(*this,ZT_PACKET_IDX_PAYLOAD); + const uint64_t configUpdateId = network->handleConfigChunk(packetId(),source(),*this,ZT_PACKET_IDX_PAYLOAD); if (configUpdateId) { Packet outp(peer->address(),RR->identity.address(),Packet::VERB_OK); outp.append((uint8_t)Packet::VERB_ECHO); outp.append((uint64_t)packetId()); outp.append((uint64_t)network->id()); outp.append((uint64_t)configUpdateId); - outp.armor(peer->key(),true); + outp.armor(peer->key(),true,_path->nextOutgoingCounter()); _path->send(RR,outp.data(),outp.size(),RR->node->now()); } } @@ -1034,7 +1039,7 @@ bool IncomingPacket::_doMULTICAST_GATHER(const RuntimeEnvironment *RR,const Shar outp.append((uint32_t)mg.adi()); const unsigned int gatheredLocally = RR->mc->gather(peer->address(),nwid,mg,outp,gatherLimit); if (gatheredLocally > 0) { - outp.armor(peer->key(),true); + outp.armor(peer->key(),true,_path->nextOutgoingCounter()); _path->send(RR,outp.data(),outp.size(),RR->node->now()); } @@ -1141,7 +1146,7 @@ bool IncomingPacket::_doMULTICAST_FRAME(const RuntimeEnvironment *RR,const Share outp.append((uint32_t)to.adi()); outp.append((unsigned char)0x02); // flag 0x02 = contains gather results if (RR->mc->gather(peer->address(),nwid,to,outp,gatherLimit)) { - outp.armor(peer->key(),true); + outp.armor(peer->key(),true,_path->nextOutgoingCounter()); _path->send(RR,outp.data(),outp.size(),RR->node->now()); } } @@ -1196,10 +1201,10 @@ bool IncomingPacket::_doPUSH_DIRECT_PATHS(const RuntimeEnvironment *RR,const Sha redundant = peer->hasActivePathTo(now,a); } - if ( ((flags & ZT_PUSH_DIRECT_PATHS_FLAG_FORGET_PATH) == 0) && (!redundant) && (RR->node->shouldUsePathForZeroTierTraffic(_path->localAddress(),a)) ) { + if ( ((flags & ZT_PUSH_DIRECT_PATHS_FLAG_FORGET_PATH) == 0) && (!redundant) && (RR->node->shouldUsePathForZeroTierTraffic(peer->address(),_path->localAddress(),a)) ) { if (++countPerScope[(int)a.ipScope()][0] <= ZT_PUSH_DIRECT_PATHS_MAX_PER_SCOPE_AND_FAMILY) { TRACE("attempting to contact %s at pushed direct path %s",peer->address().toString().c_str(),a.toString().c_str()); - peer->attemptToContactAt(InetAddress(),a,now); + peer->attemptToContactAt(InetAddress(),a,now,false,0); } else { TRACE("ignoring contact for %s at %s -- too many per scope",peer->address().toString().c_str(),a.toString().c_str()); } @@ -1215,10 +1220,10 @@ bool IncomingPacket::_doPUSH_DIRECT_PATHS(const RuntimeEnvironment *RR,const Sha redundant = peer->hasActivePathTo(now,a); } - if ( ((flags & ZT_PUSH_DIRECT_PATHS_FLAG_FORGET_PATH) == 0) && (!redundant) && (RR->node->shouldUsePathForZeroTierTraffic(_path->localAddress(),a)) ) { + if ( ((flags & ZT_PUSH_DIRECT_PATHS_FLAG_FORGET_PATH) == 0) && (!redundant) && (RR->node->shouldUsePathForZeroTierTraffic(peer->address(),_path->localAddress(),a)) ) { if (++countPerScope[(int)a.ipScope()][1] <= ZT_PUSH_DIRECT_PATHS_MAX_PER_SCOPE_AND_FAMILY) { TRACE("attempting to contact %s at pushed direct path %s",peer->address().toString().c_str(),a.toString().c_str()); - peer->attemptToContactAt(InetAddress(),a,now); + peer->attemptToContactAt(InetAddress(),a,now,false,0); } else { TRACE("ignoring contact for %s at %s -- too many per scope",peer->address().toString().c_str(),a.toString().c_str()); } @@ -1343,7 +1348,7 @@ bool IncomingPacket::_doCIRCUIT_TEST(const RuntimeEnvironment *RR,const SharedPt outp.append((uint8_t)hops()); _path->localAddress().serialize(outp); _path->address().serialize(outp); - outp.append((uint16_t)0); // no additional fields + outp.append((uint16_t)_path->linkQuality()); outp.append((uint8_t)breadth); for(unsigned int h=0;h<breadth;++h) { nextHop[h].appendTo(outp); @@ -1400,16 +1405,20 @@ bool IncomingPacket::_doCIRCUIT_TEST_REPORT(const RuntimeEnvironment *RR,const S const unsigned int receivedOnLocalAddressLen = reinterpret_cast<InetAddress *>(&(report.receivedOnLocalAddress))->deserialize(*this,ZT_PACKET_IDX_PAYLOAD + 58); const unsigned int receivedFromRemoteAddressLen = reinterpret_cast<InetAddress *>(&(report.receivedFromRemoteAddress))->deserialize(*this,ZT_PACKET_IDX_PAYLOAD + 58 + receivedOnLocalAddressLen); + unsigned int ptr = ZT_PACKET_IDX_PAYLOAD + 58 + receivedOnLocalAddressLen + receivedFromRemoteAddressLen; + if (report.protocolVersion >= 9) { + report.receivedFromLinkQuality = at<uint16_t>(ptr); ptr += 2; + } else { + report.receivedFromLinkQuality = ZT_PATH_LINK_QUALITY_MAX; + ptr += at<uint16_t>(ptr) + 2; // this field was once an 'extended field length' reserved field, which was always set to 0 + } - unsigned int nhptr = ZT_PACKET_IDX_PAYLOAD + 58 + receivedOnLocalAddressLen + receivedFromRemoteAddressLen; - nhptr += at<uint16_t>(nhptr) + 2; // add "additional field" length, which right now will be zero - - report.nextHopCount = (*this)[nhptr++]; + report.nextHopCount = (*this)[ptr++]; if (report.nextHopCount > ZT_CIRCUIT_TEST_MAX_HOP_BREADTH) // sanity check, shouldn't be possible report.nextHopCount = ZT_CIRCUIT_TEST_MAX_HOP_BREADTH; for(unsigned int h=0;h<report.nextHopCount;++h) { - report.nextHops[h].address = Address(field(nhptr,ZT_ADDRESS_LENGTH),ZT_ADDRESS_LENGTH).toInt(); nhptr += ZT_ADDRESS_LENGTH; - nhptr += reinterpret_cast<InetAddress *>(&(report.nextHops[h].physicalAddress))->deserialize(*this,nhptr); + report.nextHops[h].address = Address(field(ptr,ZT_ADDRESS_LENGTH),ZT_ADDRESS_LENGTH).toInt(); ptr += ZT_ADDRESS_LENGTH; + ptr += reinterpret_cast<InetAddress *>(&(report.nextHops[h].physicalAddress))->deserialize(*this,ptr); } RR->node->postCircuitTestReport(&report); @@ -1421,66 +1430,20 @@ bool IncomingPacket::_doCIRCUIT_TEST_REPORT(const RuntimeEnvironment *RR,const S return true; } -bool IncomingPacket::_doREQUEST_PROOF_OF_WORK(const RuntimeEnvironment *RR,const SharedPtr<Peer> &peer) +bool IncomingPacket::_doUSER_MESSAGE(const RuntimeEnvironment *RR,const SharedPtr<Peer> &peer) { try { - // If this were allowed from anyone, it would itself be a DOS vector. Right - // now we only allow it from roots and controllers of networks you have joined. - bool allowed = RR->topology->isUpstream(peer->identity()); - if (!allowed) { - std::vector< SharedPtr<Network> > allNetworks(RR->node->allNetworks()); - for(std::vector< SharedPtr<Network> >::const_iterator n(allNetworks.begin());n!=allNetworks.end();++n) { - if (peer->address() == (*n)->controller()) { - allowed = true; - break; - } - } - } - - if (allowed) { - const uint64_t pid = packetId(); - const unsigned int difficulty = (*this)[ZT_PACKET_IDX_PAYLOAD + 1]; - const unsigned int challengeLength = at<uint16_t>(ZT_PACKET_IDX_PAYLOAD + 2); - if (challengeLength > ZT_PROTO_MAX_PACKET_LENGTH) - return true; // sanity check, drop invalid size - const unsigned char *challenge = field(ZT_PACKET_IDX_PAYLOAD + 4,challengeLength); - - switch((*this)[ZT_PACKET_IDX_PAYLOAD]) { - - // Salsa20/12+SHA512 hashcash - case 0x01: { - if (difficulty <= 14) { - unsigned char result[16]; - computeSalsa2012Sha512ProofOfWork(difficulty,challenge,challengeLength,result); - TRACE("PROOF_OF_WORK computed for %s: difficulty==%u, challengeLength==%u, result: %.16llx%.16llx",peer->address().toString().c_str(),difficulty,challengeLength,Utils::ntoh(*(reinterpret_cast<const uint64_t *>(result))),Utils::ntoh(*(reinterpret_cast<const uint64_t *>(result + 8)))); - Packet outp(peer->address(),RR->identity.address(),Packet::VERB_OK); - outp.append((unsigned char)Packet::VERB_REQUEST_PROOF_OF_WORK); - outp.append(pid); - outp.append((uint16_t)sizeof(result)); - outp.append(result,sizeof(result)); - outp.armor(peer->key(),true); - _path->send(RR,outp.data(),outp.size(),RR->node->now()); - } else { - Packet outp(peer->address(),RR->identity.address(),Packet::VERB_ERROR); - outp.append((unsigned char)Packet::VERB_REQUEST_PROOF_OF_WORK); - outp.append(pid); - outp.append((unsigned char)Packet::ERROR_INVALID_REQUEST); - outp.armor(peer->key(),true); - _path->send(RR,outp.data(),outp.size(),RR->node->now()); - } - } break; - - default: - TRACE("dropped REQUEST_PROOF_OF_WORK from %s(%s): unrecognized proof of work type",peer->address().toString().c_str(),_path->address().toString().c_str()); - break; - } - - peer->received(_path,hops(),pid,Packet::VERB_REQUEST_PROOF_OF_WORK,0,Packet::VERB_NOP,false); - } else { - TRACE("dropped REQUEST_PROOF_OF_WORK from %s(%s): not trusted enough",peer->address().toString().c_str(),_path->address().toString().c_str()); + if (size() >= (ZT_PACKET_IDX_PAYLOAD + 8)) { + ZT_UserMessage um; + um.origin = peer->address().toInt(); + um.typeId = at<uint64_t>(ZT_PACKET_IDX_PAYLOAD); + um.data = reinterpret_cast<const void *>(reinterpret_cast<const uint8_t *>(data()) + ZT_PACKET_IDX_PAYLOAD + 8); + um.length = size() - (ZT_PACKET_IDX_PAYLOAD + 8); + RR->node->postEvent(ZT_EVENT_USER_MESSAGE,reinterpret_cast<const void *>(&um)); } + peer->received(_path,hops(),packetId(),Packet::VERB_CIRCUIT_TEST_REPORT,0,Packet::VERB_NOP,false); } catch ( ... ) { - TRACE("dropped REQUEST_PROOF_OF_WORK from %s(%s): unexpected exception",peer->address().toString().c_str(),_path->address().toString().c_str()); + TRACE("dropped CIRCUIT_TEST_REPORT from %s(%s): unexpected exception",source().toString().c_str(),_path->address().toString().c_str()); } return true; } @@ -1494,87 +1457,9 @@ void IncomingPacket::_sendErrorNeedCredentials(const RuntimeEnvironment *RR,cons outp.append(packetId()); outp.append((uint8_t)Packet::ERROR_NEED_MEMBERSHIP_CERTIFICATE); outp.append(nwid); - outp.armor(peer->key(),true); + outp.armor(peer->key(),true,_path->nextOutgoingCounter()); _path->send(RR,outp.data(),outp.size(),now); } } -void IncomingPacket::computeSalsa2012Sha512ProofOfWork(unsigned int difficulty,const void *challenge,unsigned int challengeLength,unsigned char result[16]) -{ - unsigned char salsabuf[131072]; // 131072 == protocol constant, size of memory buffer for this proof of work function - char candidatebuf[ZT_PROTO_MAX_PACKET_LENGTH + 256]; - unsigned char shabuf[ZT_SHA512_DIGEST_LEN]; - const uint64_t s20iv = 0; // zero IV for Salsa20 - char *const candidate = (char *)(( ((uintptr_t)&(candidatebuf[0])) | 0xf ) + 1); // align to 16-byte boundary to ensure that uint64_t type punning of initial nonce is okay - Salsa20 s20; - unsigned int d; - unsigned char *p; - - Utils::getSecureRandom(candidate,16); - memcpy(candidate + 16,challenge,challengeLength); - - if (difficulty > 512) - difficulty = 512; // sanity check - -try_salsa2012sha512_again: - ++*(reinterpret_cast<volatile uint64_t *>(candidate)); - - SHA512::hash(shabuf,candidate,16 + challengeLength); - s20.init(shabuf,256,&s20iv); - memset(salsabuf,0,sizeof(salsabuf)); - s20.encrypt12(salsabuf,salsabuf,sizeof(salsabuf)); - SHA512::hash(shabuf,salsabuf,sizeof(salsabuf)); - - d = difficulty; - p = shabuf; - while (d >= 8) { - if (*(p++)) - goto try_salsa2012sha512_again; - d -= 8; - } - if (d > 0) { - if ( ((((unsigned int)*p) << d) & 0xff00) != 0 ) - goto try_salsa2012sha512_again; - } - - memcpy(result,candidate,16); -} - -bool IncomingPacket::testSalsa2012Sha512ProofOfWorkResult(unsigned int difficulty,const void *challenge,unsigned int challengeLength,const unsigned char proposedResult[16]) -{ - unsigned char salsabuf[131072]; // 131072 == protocol constant, size of memory buffer for this proof of work function - char candidate[ZT_PROTO_MAX_PACKET_LENGTH + 256]; - unsigned char shabuf[ZT_SHA512_DIGEST_LEN]; - const uint64_t s20iv = 0; // zero IV for Salsa20 - Salsa20 s20; - unsigned int d; - unsigned char *p; - - if (difficulty > 512) - difficulty = 512; // sanity check - - memcpy(candidate,proposedResult,16); - memcpy(candidate + 16,challenge,challengeLength); - - SHA512::hash(shabuf,candidate,16 + challengeLength); - s20.init(shabuf,256,&s20iv); - memset(salsabuf,0,sizeof(salsabuf)); - s20.encrypt12(salsabuf,salsabuf,sizeof(salsabuf)); - SHA512::hash(shabuf,salsabuf,sizeof(salsabuf)); - - d = difficulty; - p = shabuf; - while (d >= 8) { - if (*(p++)) - return false; - d -= 8; - } - if (d > 0) { - if ( ((((unsigned int)*p) << d) & 0xff00) != 0 ) - return false; - } - - return true; -} - } // namespace ZeroTier diff --git a/node/IncomingPacket.hpp b/node/IncomingPacket.hpp index c3632216..febff28a 100644 --- a/node/IncomingPacket.hpp +++ b/node/IncomingPacket.hpp @@ -111,27 +111,6 @@ public: */ inline uint64_t receiveTime() const throw() { return _receiveTime; } - /** - * Compute the Salsa20/12+SHA512 proof of work function - * - * @param difficulty Difficulty in bits (max: 64) - * @param challenge Challenge string - * @param challengeLength Length of challenge in bytes (max allowed: ZT_PROTO_MAX_PACKET_LENGTH) - * @param result Buffer to fill with 16-byte result - */ - static void computeSalsa2012Sha512ProofOfWork(unsigned int difficulty,const void *challenge,unsigned int challengeLength,unsigned char result[16]); - - /** - * Verify the result of Salsa20/12+SHA512 proof of work - * - * @param difficulty Difficulty in bits (max: 64) - * @param challenge Challenge bytes - * @param challengeLength Length of challenge in bytes (max allowed: ZT_PROTO_MAX_PACKET_LENGTH) - * @param proposedResult Result supplied by client - * @return True if result is valid - */ - static bool testSalsa2012Sha512ProofOfWorkResult(unsigned int difficulty,const void *challenge,unsigned int challengeLength,const unsigned char proposedResult[16]); - private: // These are called internally to handle packet contents once it has // been authenticated, decrypted, decompressed, and classified. @@ -152,7 +131,7 @@ private: bool _doPUSH_DIRECT_PATHS(const RuntimeEnvironment *RR,const SharedPtr<Peer> &peer); bool _doCIRCUIT_TEST(const RuntimeEnvironment *RR,const SharedPtr<Peer> &peer); bool _doCIRCUIT_TEST_REPORT(const RuntimeEnvironment *RR,const SharedPtr<Peer> &peer); - bool _doREQUEST_PROOF_OF_WORK(const RuntimeEnvironment *RR,const SharedPtr<Peer> &peer); + bool _doUSER_MESSAGE(const RuntimeEnvironment *RR,const SharedPtr<Peer> &peer); void _sendErrorNeedCredentials(const RuntimeEnvironment *RR,const SharedPtr<Peer> &peer,const uint64_t nwid); diff --git a/node/InetAddress.cpp b/node/InetAddress.cpp index 12446909..7d22eeae 100644 --- a/node/InetAddress.cpp +++ b/node/InetAddress.cpp @@ -236,8 +236,14 @@ InetAddress InetAddress::netmask() const case AF_INET6: { uint64_t nm[2]; const unsigned int bits = netmaskBits(); - nm[0] = Utils::hton((uint64_t)((bits >= 64) ? 0xffffffffffffffffULL : (0xffffffffffffffffULL << (64 - bits)))); - nm[1] = Utils::hton((uint64_t)((bits <= 64) ? 0ULL : (0xffffffffffffffffULL << (128 - bits)))); + if(bits) { + nm[0] = Utils::hton((uint64_t)((bits >= 64) ? 0xffffffffffffffffULL : (0xffffffffffffffffULL << (64 - bits)))); + nm[1] = Utils::hton((uint64_t)((bits <= 64) ? 0ULL : (0xffffffffffffffffULL << (128 - bits)))); + } + else { + nm[0] = 0; + nm[1] = 0; + } memcpy(reinterpret_cast<struct sockaddr_in6 *>(&r)->sin6_addr.s6_addr,nm,16); } break; } diff --git a/node/InetAddress.hpp b/node/InetAddress.hpp index 6f070fbf..c37fa621 100644 --- a/node/InetAddress.hpp +++ b/node/InetAddress.hpp @@ -427,7 +427,7 @@ struct InetAddress : public sockaddr_storage } else { unsigned long tmp = reinterpret_cast<const struct sockaddr_in6 *>(this)->sin6_port; const uint8_t *a = reinterpret_cast<const uint8_t *>(this); - for(long i=0;i<sizeof(InetAddress);++i) + for(long i=0;i<(long)sizeof(InetAddress);++i) reinterpret_cast<uint8_t *>(&tmp)[i % sizeof(tmp)] ^= a[i]; return tmp; } @@ -450,6 +450,30 @@ struct InetAddress : public sockaddr_storage throw(); /** + * @return 14-bit (0-16383) hash of this IP's first 24 or 48 bits (for V4 or V6) for rate limiting code, or 0 if non-IP + */ + inline unsigned long rateGateHash() const + { + unsigned long h = 0; + switch(ss_family) { + case AF_INET: + h = (Utils::ntoh((uint32_t)reinterpret_cast<const struct sockaddr_in *>(this)->sin_addr.s_addr) & 0xffffff00) >> 8; + h ^= (h >> 14); + break; + case AF_INET6: { + const uint8_t *ip = reinterpret_cast<const uint8_t *>(reinterpret_cast<const struct sockaddr_in6 *>(this)->sin6_addr.s6_addr); + h = ((unsigned long)ip[0]); h <<= 1; + h += ((unsigned long)ip[1]); h <<= 1; + h += ((unsigned long)ip[2]); h <<= 1; + h += ((unsigned long)ip[3]); h <<= 1; + h += ((unsigned long)ip[4]); h <<= 1; + h += ((unsigned long)ip[5]); + } break; + } + return (h & 0x3fff); + } + + /** * @return True if address family is non-zero */ inline operator bool() const throw() { return (ss_family != 0); } diff --git a/node/Membership.cpp b/node/Membership.cpp index c8fb8e4e..a60b86be 100644 --- a/node/Membership.cpp +++ b/node/Membership.cpp @@ -32,87 +32,95 @@ namespace ZeroTier { Membership::Membership() : _lastUpdatedMulticast(0), - _lastPushAttempt(0), _lastPushedCom(0), _comRevocationThreshold(0) { for(unsigned int i=0;i<ZT_MAX_NETWORK_TAGS;++i) _remoteTags[i] = &(_tagMem[i]); for(unsigned int i=0;i<ZT_MAX_NETWORK_CAPABILITIES;++i) _remoteCaps[i] = &(_capMem[i]); + for(unsigned int i=0;i<ZT_MAX_CERTIFICATES_OF_OWNERSHIP;++i) _remoteCoos[i] = &(_cooMem[i]); } void Membership::pushCredentials(const RuntimeEnvironment *RR,const uint64_t now,const Address &peerAddress,const NetworkConfig &nconf,int localCapabilityIndex,const bool force) { - // This limits how often we go through this logic, which prevents us from - // doing all this for every single packet or other event. - if ( ((now - _lastPushAttempt) < 1000ULL) && (!force) ) - return; - _lastPushAttempt = now; - - try { - unsigned int localTagPtr = 0; - bool needCom = ( (nconf.com) && ( ((now - _lastPushedCom) >= ZT_CREDENTIAL_PUSH_EVERY) || (force) ) ); - do { - Buffer<ZT_PROTO_MAX_PACKET_LENGTH> capsAndTags; - - unsigned int appendedCaps = 0; - if (localCapabilityIndex >= 0) { - capsAndTags.addSize(2); - - if ( (_localCaps[localCapabilityIndex].id != nconf.capabilities[localCapabilityIndex].id()) || ((now - _localCaps[localCapabilityIndex].lastPushed) >= ZT_CREDENTIAL_PUSH_EVERY) || (force) ) { - _localCaps[localCapabilityIndex].lastPushed = now; - _localCaps[localCapabilityIndex].id = nconf.capabilities[localCapabilityIndex].id(); - nconf.capabilities[localCapabilityIndex].serialize(capsAndTags); - ++appendedCaps; - } - - capsAndTags.setAt<uint16_t>(0,(uint16_t)appendedCaps); - localCapabilityIndex = -1; // don't send this cap again on subsequent loops if force is true - } else { - capsAndTags.append((uint16_t)0); - } + bool sendCom = ( (nconf.com) && ( ((now - _lastPushedCom) >= ZT_CREDENTIAL_PUSH_EVERY) || (force) ) ); - unsigned int appendedTags = 0; - const unsigned int tagCountPos = capsAndTags.size(); - capsAndTags.addSize(2); - for(;localTagPtr<nconf.tagCount;++localTagPtr) { - if ( (_localTags[localTagPtr].id != nconf.tags[localTagPtr].id()) || ((now - _localTags[localTagPtr].lastPushed) >= ZT_CREDENTIAL_PUSH_EVERY) || (force) ) { - if ((capsAndTags.size() + sizeof(Tag)) >= (ZT_PROTO_MAX_PACKET_LENGTH - sizeof(CertificateOfMembership))) - break; - nconf.tags[localTagPtr].serialize(capsAndTags); - ++appendedTags; - } - } - capsAndTags.setAt<uint16_t>(tagCountPos,(uint16_t)appendedTags); - - if (needCom||appendedCaps||appendedTags) { - Packet outp(peerAddress,RR->identity.address(),Packet::VERB_NETWORK_CREDENTIALS); - if (needCom) { - nconf.com.serialize(outp); - _lastPushedCom = now; - } - outp.append((uint8_t)0x00); - outp.append(capsAndTags.data(),capsAndTags.size()); - outp.append((uint16_t)0); // no revocations, these propagate differently - outp.compress(); - RR->sw->send(outp,true); - needCom = false; // don't send COM again on subsequent loops if force is true - } - } while (localTagPtr < nconf.tagCount); - } catch ( ... ) { - TRACE("unable to send credentials due to unexpected exception"); + const Capability *sendCap; + if (localCapabilityIndex >= 0) { + sendCap = &(nconf.capabilities[localCapabilityIndex]); + if ( (_localCaps[localCapabilityIndex].id != sendCap->id()) || ((now - _localCaps[localCapabilityIndex].lastPushed) >= ZT_CREDENTIAL_PUSH_EVERY) || (force) ) { + _localCaps[localCapabilityIndex].lastPushed = now; + _localCaps[localCapabilityIndex].id = sendCap->id(); + } else sendCap = (const Capability *)0; + } else sendCap = (const Capability *)0; + + const Tag *sendTags[ZT_MAX_NETWORK_TAGS]; + unsigned int sendTagCount = 0; + for(unsigned int t=0;t<nconf.tagCount;++t) { + if ( (_localTags[t].id != nconf.tags[t].id()) || ((now - _localTags[t].lastPushed) >= ZT_CREDENTIAL_PUSH_EVERY) || (force) ) { + _localTags[t].lastPushed = now; + _localTags[t].id = nconf.tags[t].id(); + sendTags[sendTagCount++] = &(nconf.tags[t]); + } } -} -const Capability *Membership::getCapability(const NetworkConfig &nconf,const uint32_t id) const -{ - const _RemoteCapability *const *c = std::lower_bound(&(_remoteCaps[0]),&(_remoteCaps[ZT_MAX_NETWORK_CAPABILITIES]),(uint64_t)id,_RemoteCredentialSorter<_RemoteCapability>()); - return ( ((c != &(_remoteCaps[ZT_MAX_NETWORK_CAPABILITIES]))&&((*c)->id == (uint64_t)id)) ? ((((*c)->lastReceived)&&(_isCredentialTimestampValid(nconf,(*c)->cap,**c))) ? &((*c)->cap) : (const Capability *)0) : (const Capability *)0); + const CertificateOfOwnership *sendCoos[ZT_MAX_CERTIFICATES_OF_OWNERSHIP]; + unsigned int sendCooCount = 0; + for(unsigned int c=0;c<nconf.certificateOfOwnershipCount;++c) { + if ( (_localCoos[c].id != nconf.certificatesOfOwnership[c].id()) || ((now - _localCoos[c].lastPushed) >= ZT_CREDENTIAL_PUSH_EVERY) || (force) ) { + _localCoos[c].lastPushed = now; + _localCoos[c].id = nconf.certificatesOfOwnership[c].id(); + sendCoos[sendCooCount++] = &(nconf.certificatesOfOwnership[c]); + } + } + + unsigned int tagPtr = 0; + unsigned int cooPtr = 0; + while ((tagPtr < sendTagCount)||(cooPtr < sendCooCount)||(sendCom)||(sendCap)) { + Packet outp(peerAddress,RR->identity.address(),Packet::VERB_NETWORK_CREDENTIALS); + + if (sendCom) { + sendCom = false; + nconf.com.serialize(outp); + _lastPushedCom = now; + } + outp.append((uint8_t)0x00); + + if (sendCap) { + outp.append((uint16_t)1); + sendCap->serialize(outp); + sendCap = (const Capability *)0; + } else outp.append((uint16_t)0); + + const unsigned int tagCountAt = outp.size(); + outp.addSize(2); + unsigned int thisPacketTagCount = 0; + while ((tagPtr < sendTagCount)&&((outp.size() + sizeof(Tag) + 16) < ZT_PROTO_MAX_PACKET_LENGTH)) { + sendTags[tagPtr++]->serialize(outp); + ++thisPacketTagCount; + } + outp.setAt(tagCountAt,(uint16_t)thisPacketTagCount); + + // No revocations, these propagate differently + outp.append((uint16_t)0); + + const unsigned int cooCountAt = outp.size(); + outp.addSize(2); + unsigned int thisPacketCooCount = 0; + while ((cooPtr < sendCooCount)&&((outp.size() + sizeof(CertificateOfOwnership) + 16) < ZT_PROTO_MAX_PACKET_LENGTH)) { + sendCoos[cooPtr++]->serialize(outp); + ++thisPacketCooCount; + } + outp.setAt(cooCountAt,(uint16_t)thisPacketCooCount); + + outp.compress(); + RR->sw->send(outp,true); + } } const Tag *Membership::getTag(const NetworkConfig &nconf,const uint32_t id) const { - const _RemoteTag *const *t = std::lower_bound(&(_remoteTags[0]),&(_remoteTags[ZT_MAX_NETWORK_TAGS]),(uint64_t)id,_RemoteCredentialSorter<_RemoteTag>()); - return ( ((t != &(_remoteTags[ZT_MAX_NETWORK_CAPABILITIES]))&&((*t)->id == (uint64_t)id)) ? ((((*t)->lastReceived)&&(_isCredentialTimestampValid(nconf,(*t)->tag,**t))) ? &((*t)->tag) : (const Tag *)0) : (const Tag *)0); + const _RemoteCredential<Tag> *const *t = std::lower_bound(&(_remoteTags[0]),&(_remoteTags[ZT_MAX_NETWORK_TAGS]),(uint64_t)id,_RemoteCredentialComp<Tag>()); + return ( ((t != &(_remoteTags[ZT_MAX_NETWORK_CAPABILITIES]))&&((*t)->id == (uint64_t)id)) ? ((((*t)->lastReceived)&&(_isCredentialTimestampValid(nconf,**t))) ? &((*t)->credential) : (const Tag *)0) : (const Tag *)0); } Membership::AddCredentialResult Membership::addCredential(const RuntimeEnvironment *RR,const NetworkConfig &nconf,const CertificateOfMembership &com) @@ -148,14 +156,14 @@ Membership::AddCredentialResult Membership::addCredential(const RuntimeEnvironme Membership::AddCredentialResult Membership::addCredential(const RuntimeEnvironment *RR,const NetworkConfig &nconf,const Tag &tag) { - _RemoteTag *const *htmp = std::lower_bound(&(_remoteTags[0]),&(_remoteTags[ZT_MAX_NETWORK_TAGS]),(uint64_t)tag.id(),_RemoteCredentialSorter<_RemoteTag>()); - _RemoteTag *have = ((htmp != &(_remoteTags[ZT_MAX_NETWORK_TAGS]))&&((*htmp)->id == (uint64_t)tag.id())) ? *htmp : (_RemoteTag *)0; + _RemoteCredential<Tag> *const *htmp = std::lower_bound(&(_remoteTags[0]),&(_remoteTags[ZT_MAX_NETWORK_TAGS]),(uint64_t)tag.id(),_RemoteCredentialComp<Tag>()); + _RemoteCredential<Tag> *have = ((htmp != &(_remoteTags[ZT_MAX_NETWORK_TAGS]))&&((*htmp)->id == (uint64_t)tag.id())) ? *htmp : (_RemoteCredential<Tag> *)0; if (have) { - if ( (!_isCredentialTimestampValid(nconf,tag,*have)) || (have->tag.timestamp() > tag.timestamp()) ) { + if ( (!_isCredentialTimestampValid(nconf,*have)) || (have->credential.timestamp() > tag.timestamp()) ) { TRACE("addCredential(Tag) for %s on %.16llx REJECTED (revoked or too old)",tag.issuedTo().toString().c_str(),tag.networkId()); return ADD_REJECTED; } - if (have->tag == tag) { + if (have->credential == tag) { TRACE("addCredential(Tag) for %s on %.16llx ACCEPTED (redundant)",tag.issuedTo().toString().c_str(),tag.networkId()); return ADD_ACCEPTED_REDUNDANT; } @@ -169,7 +177,7 @@ Membership::AddCredentialResult Membership::addCredential(const RuntimeEnvironme TRACE("addCredential(Tag) for %s on %.16llx ACCEPTED (new)",tag.issuedTo().toString().c_str(),tag.networkId()); if (!have) have = _newTag(tag.id()); have->lastReceived = RR->node->now(); - have->tag = tag; + have->credential = tag; return ADD_ACCEPTED_NEW; case 1: return ADD_DEFERRED_FOR_WHOIS; @@ -178,28 +186,28 @@ Membership::AddCredentialResult Membership::addCredential(const RuntimeEnvironme Membership::AddCredentialResult Membership::addCredential(const RuntimeEnvironment *RR,const NetworkConfig &nconf,const Capability &cap) { - _RemoteCapability *const *htmp = std::lower_bound(&(_remoteCaps[0]),&(_remoteCaps[ZT_MAX_NETWORK_CAPABILITIES]),(uint64_t)cap.id(),_RemoteCredentialSorter<_RemoteCapability>()); - _RemoteCapability *have = ((htmp != &(_remoteCaps[ZT_MAX_NETWORK_CAPABILITIES]))&&((*htmp)->id == (uint64_t)cap.id())) ? *htmp : (_RemoteCapability *)0; + _RemoteCredential<Capability> *const *htmp = std::lower_bound(&(_remoteCaps[0]),&(_remoteCaps[ZT_MAX_NETWORK_CAPABILITIES]),(uint64_t)cap.id(),_RemoteCredentialComp<Capability>()); + _RemoteCredential<Capability> *have = ((htmp != &(_remoteCaps[ZT_MAX_NETWORK_CAPABILITIES]))&&((*htmp)->id == (uint64_t)cap.id())) ? *htmp : (_RemoteCredential<Capability> *)0; if (have) { - if ( (!_isCredentialTimestampValid(nconf,cap,*have)) || (have->cap.timestamp() > cap.timestamp()) ) { - TRACE("addCredential(Tag) for %s on %.16llx REJECTED (revoked or too old)",cap.issuedTo().toString().c_str(),cap.networkId()); + if ( (!_isCredentialTimestampValid(nconf,*have)) || (have->credential.timestamp() > cap.timestamp()) ) { + TRACE("addCredential(Capability) for %s on %.16llx REJECTED (revoked or too old)",cap.issuedTo().toString().c_str(),cap.networkId()); return ADD_REJECTED; } - if (have->cap == cap) { - TRACE("addCredential(Tag) for %s on %.16llx ACCEPTED (redundant)",cap.issuedTo().toString().c_str(),cap.networkId()); + if (have->credential == cap) { + TRACE("addCredential(Capability) for %s on %.16llx ACCEPTED (redundant)",cap.issuedTo().toString().c_str(),cap.networkId()); return ADD_ACCEPTED_REDUNDANT; } } switch(cap.verify(RR)) { default: - TRACE("addCredential(Tag) for %s on %.16llx REJECTED (invalid)",cap.issuedTo().toString().c_str(),cap.networkId()); + TRACE("addCredential(Capability) for %s on %.16llx REJECTED (invalid)",cap.issuedTo().toString().c_str(),cap.networkId()); return ADD_REJECTED; case 0: - TRACE("addCredential(Tag) for %s on %.16llx ACCEPTED (new)",cap.issuedTo().toString().c_str(),cap.networkId()); + TRACE("addCredential(Capability) for %s on %.16llx ACCEPTED (new)",cap.issuedTo().toString().c_str(),cap.networkId()); if (!have) have = _newCapability(cap.id()); have->lastReceived = RR->node->now(); - have->cap = cap; + have->credential = cap; return ADD_ACCEPTED_NEW; case 1: return ADD_DEFERRED_FOR_WHOIS; @@ -216,13 +224,15 @@ Membership::AddCredentialResult Membership::addCredential(const RuntimeEnvironme switch(rev.type()) { default: //case Revocation::CREDENTIAL_TYPE_ALL: - return ( (_revokeCom(rev)||_revokeCap(rev,now)||_revokeTag(rev,now)) ? ADD_ACCEPTED_NEW : ADD_ACCEPTED_REDUNDANT ); + return ( (_revokeCom(rev)||_revokeCap(rev,now)||_revokeTag(rev,now)||_revokeCoo(rev,now)) ? ADD_ACCEPTED_NEW : ADD_ACCEPTED_REDUNDANT ); case Revocation::CREDENTIAL_TYPE_COM: return (_revokeCom(rev) ? ADD_ACCEPTED_NEW : ADD_ACCEPTED_REDUNDANT); case Revocation::CREDENTIAL_TYPE_CAPABILITY: return (_revokeCap(rev,now) ? ADD_ACCEPTED_NEW : ADD_ACCEPTED_REDUNDANT); case Revocation::CREDENTIAL_TYPE_TAG: return (_revokeTag(rev,now) ? ADD_ACCEPTED_NEW : ADD_ACCEPTED_REDUNDANT); + case Revocation::CREDENTIAL_TYPE_COO: + return (_revokeCoo(rev,now) ? ADD_ACCEPTED_NEW : ADD_ACCEPTED_REDUNDANT); } } case 1: @@ -230,9 +240,39 @@ Membership::AddCredentialResult Membership::addCredential(const RuntimeEnvironme } } -Membership::_RemoteTag *Membership::_newTag(const uint64_t id) +Membership::AddCredentialResult Membership::addCredential(const RuntimeEnvironment *RR,const NetworkConfig &nconf,const CertificateOfOwnership &coo) +{ + _RemoteCredential<CertificateOfOwnership> *const *htmp = std::lower_bound(&(_remoteCoos[0]),&(_remoteCoos[ZT_MAX_CERTIFICATES_OF_OWNERSHIP]),(uint64_t)coo.id(),_RemoteCredentialComp<CertificateOfOwnership>()); + _RemoteCredential<CertificateOfOwnership> *have = ((htmp != &(_remoteCoos[ZT_MAX_CERTIFICATES_OF_OWNERSHIP]))&&((*htmp)->id == (uint64_t)coo.id())) ? *htmp : (_RemoteCredential<CertificateOfOwnership> *)0; + if (have) { + if ( (!_isCredentialTimestampValid(nconf,*have)) || (have->credential.timestamp() > coo.timestamp()) ) { + TRACE("addCredential(CertificateOfOwnership) for %s on %.16llx REJECTED (revoked or too old)",coo.issuedTo().toString().c_str(),coo.networkId()); + return ADD_REJECTED; + } + if (have->credential == coo) { + TRACE("addCredential(CertificateOfOwnership) for %s on %.16llx ACCEPTED (redundant)",coo.issuedTo().toString().c_str(),coo.networkId()); + return ADD_ACCEPTED_REDUNDANT; + } + } + + switch(coo.verify(RR)) { + default: + TRACE("addCredential(CertificateOfOwnership) for %s on %.16llx REJECTED (invalid)",coo.issuedTo().toString().c_str(),coo.networkId()); + return ADD_REJECTED; + case 0: + TRACE("addCredential(CertificateOfOwnership) for %s on %.16llx ACCEPTED (new)",coo.issuedTo().toString().c_str(),coo.networkId()); + if (!have) have = _newCoo(coo.id()); + have->lastReceived = RR->node->now(); + have->credential = coo; + return ADD_ACCEPTED_NEW; + case 1: + return ADD_DEFERRED_FOR_WHOIS; + } +} + +Membership::_RemoteCredential<Tag> *Membership::_newTag(const uint64_t id) { - _RemoteTag *t; + _RemoteCredential<Tag> *t = NULL; uint64_t minlr = 0xffffffffffffffffULL; for(unsigned int i=0;i<ZT_MAX_NETWORK_TAGS;++i) { if (_remoteTags[i]->id == ZT_MEMBERSHIP_CRED_ID_UNUSED) { @@ -243,17 +283,21 @@ Membership::_RemoteTag *Membership::_newTag(const uint64_t id) minlr = _remoteTags[i]->lastReceived; } } - t->id = id; - t->lastReceived = 0; - t->revocationThreshold = 0; - t->tag = Tag(); - std::sort(&(_remoteTags[0]),&(_remoteTags[ZT_MAX_NETWORK_TAGS]),_RemoteCredentialSorter<_RemoteTag>()); + + if (t) { + t->id = id; + t->lastReceived = 0; + t->revocationThreshold = 0; + t->credential = Tag(); + } + + std::sort(&(_remoteTags[0]),&(_remoteTags[ZT_MAX_NETWORK_TAGS]),_RemoteCredentialComp<Tag>()); return t; } -Membership::_RemoteCapability *Membership::_newCapability(const uint64_t id) +Membership::_RemoteCredential<Capability> *Membership::_newCapability(const uint64_t id) { - _RemoteCapability *c; + _RemoteCredential<Capability> *c = NULL; uint64_t minlr = 0xffffffffffffffffULL; for(unsigned int i=0;i<ZT_MAX_NETWORK_CAPABILITIES;++i) { if (_remoteCaps[i]->id == ZT_MEMBERSHIP_CRED_ID_UNUSED) { @@ -264,11 +308,40 @@ Membership::_RemoteCapability *Membership::_newCapability(const uint64_t id) minlr = _remoteCaps[i]->lastReceived; } } - c->id = id; - c->lastReceived = 0; - c->revocationThreshold = 0; - c->cap = Capability(); - std::sort(&(_remoteCaps[0]),&(_remoteCaps[ZT_MAX_NETWORK_CAPABILITIES]),_RemoteCredentialSorter<_RemoteCapability>()); + + if (c) { + c->id = id; + c->lastReceived = 0; + c->revocationThreshold = 0; + c->credential = Capability(); + } + + std::sort(&(_remoteCaps[0]),&(_remoteCaps[ZT_MAX_NETWORK_CAPABILITIES]),_RemoteCredentialComp<Capability>()); + return c; +} + +Membership::_RemoteCredential<CertificateOfOwnership> *Membership::_newCoo(const uint64_t id) +{ + _RemoteCredential<CertificateOfOwnership> *c = NULL; + uint64_t minlr = 0xffffffffffffffffULL; + for(unsigned int i=0;i<ZT_MAX_CERTIFICATES_OF_OWNERSHIP;++i) { + if (_remoteCoos[i]->id == ZT_MEMBERSHIP_CRED_ID_UNUSED) { + c = _remoteCoos[i]; + break; + } else if (_remoteCoos[i]->lastReceived <= minlr) { + c = _remoteCoos[i]; + minlr = _remoteCoos[i]->lastReceived; + } + } + + if (c) { + c->id = id; + c->lastReceived = 0; + c->revocationThreshold = 0; + c->credential = CertificateOfOwnership(); + } + + std::sort(&(_remoteCoos[0]),&(_remoteCoos[ZT_MAX_CERTIFICATES_OF_OWNERSHIP]),_RemoteCredentialComp<CertificateOfOwnership>()); return c; } @@ -283,8 +356,8 @@ bool Membership::_revokeCom(const Revocation &rev) bool Membership::_revokeCap(const Revocation &rev,const uint64_t now) { - _RemoteCapability *const *htmp = std::lower_bound(&(_remoteCaps[0]),&(_remoteCaps[ZT_MAX_NETWORK_CAPABILITIES]),(uint64_t)rev.credentialId(),_RemoteCredentialSorter<_RemoteCapability>()); - _RemoteCapability *have = ((htmp != &(_remoteCaps[ZT_MAX_NETWORK_CAPABILITIES]))&&((*htmp)->id == (uint64_t)rev.credentialId())) ? *htmp : (_RemoteCapability *)0; + _RemoteCredential<Capability> *const *htmp = std::lower_bound(&(_remoteCaps[0]),&(_remoteCaps[ZT_MAX_NETWORK_CAPABILITIES]),(uint64_t)rev.credentialId(),_RemoteCredentialComp<Capability>()); + _RemoteCredential<Capability> *have = ((htmp != &(_remoteCaps[ZT_MAX_NETWORK_CAPABILITIES]))&&((*htmp)->id == (uint64_t)rev.credentialId())) ? *htmp : (_RemoteCredential<Capability> *)0; if (!have) have = _newCapability(rev.credentialId()); if (rev.threshold() > have->revocationThreshold) { have->lastReceived = now; @@ -296,8 +369,8 @@ bool Membership::_revokeCap(const Revocation &rev,const uint64_t now) bool Membership::_revokeTag(const Revocation &rev,const uint64_t now) { - _RemoteTag *const *htmp = std::lower_bound(&(_remoteTags[0]),&(_remoteTags[ZT_MAX_NETWORK_TAGS]),(uint64_t)rev.credentialId(),_RemoteCredentialSorter<_RemoteTag>()); - _RemoteTag *have = ((htmp != &(_remoteTags[ZT_MAX_NETWORK_TAGS]))&&((*htmp)->id == (uint64_t)rev.credentialId())) ? *htmp : (_RemoteTag *)0; + _RemoteCredential<Tag> *const *htmp = std::lower_bound(&(_remoteTags[0]),&(_remoteTags[ZT_MAX_NETWORK_TAGS]),(uint64_t)rev.credentialId(),_RemoteCredentialComp<Tag>()); + _RemoteCredential<Tag> *have = ((htmp != &(_remoteTags[ZT_MAX_NETWORK_TAGS]))&&((*htmp)->id == (uint64_t)rev.credentialId())) ? *htmp : (_RemoteCredential<Tag> *)0; if (!have) have = _newTag(rev.credentialId()); if (rev.threshold() > have->revocationThreshold) { have->lastReceived = now; @@ -307,4 +380,17 @@ bool Membership::_revokeTag(const Revocation &rev,const uint64_t now) return false; } +bool Membership::_revokeCoo(const Revocation &rev,const uint64_t now) +{ + _RemoteCredential<CertificateOfOwnership> *const *htmp = std::lower_bound(&(_remoteCoos[0]),&(_remoteCoos[ZT_MAX_CERTIFICATES_OF_OWNERSHIP]),(uint64_t)rev.credentialId(),_RemoteCredentialComp<CertificateOfOwnership>()); + _RemoteCredential<CertificateOfOwnership> *have = ((htmp != &(_remoteCoos[ZT_MAX_CERTIFICATES_OF_OWNERSHIP]))&&((*htmp)->id == (uint64_t)rev.credentialId())) ? *htmp : (_RemoteCredential<CertificateOfOwnership> *)0; + if (!have) have = _newCoo(rev.credentialId()); + if (rev.threshold() > have->revocationThreshold) { + have->lastReceived = now; + have->revocationThreshold = rev.threshold(); + return true; + } + return false; +} + } // namespace ZeroTier diff --git a/node/Membership.hpp b/node/Membership.hpp index c54aec9b..97510b57 100644 --- a/node/Membership.hpp +++ b/node/Membership.hpp @@ -39,49 +39,30 @@ class Network; /** * A container for certificates of membership and other network credentials * - * This is kind of analogous to a join table between Peer and Network. It is - * held by the Network object for each participating Peer. + * This is essentially a relational join between Peer and Network. * * This class is not thread safe. It must be locked externally. */ class Membership { private: - // Tags and related state - struct _RemoteTag - { - _RemoteTag() : id(ZT_MEMBERSHIP_CRED_ID_UNUSED),lastReceived(0),revocationThreshold(0) {} - // Tag ID (last 32 bits, first 32 bits are set in unused entries to sort them to end) - uint64_t id; - // Last time we received THEIR tag (with this ID) - uint64_t lastReceived; - // Revocation blacklist threshold or 0 if none - uint64_t revocationThreshold; - // THEIR tag - Tag tag; - }; - - // Credentials and related state - struct _RemoteCapability + template<typename T> + struct _RemoteCredential { - _RemoteCapability() : id(ZT_MEMBERSHIP_CRED_ID_UNUSED),lastReceived(0),revocationThreshold(0) {} - // Capability ID (last 32 bits, first 32 bits are set in unused entries to sort them to end) + _RemoteCredential() : id(ZT_MEMBERSHIP_CRED_ID_UNUSED),lastReceived(0),revocationThreshold(0) {} uint64_t id; - // Last time we received THEIR capability (with this ID) - uint64_t lastReceived; - // Revocation blacklist threshold or 0 if none - uint64_t revocationThreshold; - // THEIR capability - Capability cap; + uint64_t lastReceived; // last time we got this credential + uint64_t revocationThreshold; // credentials before this time are invalid + T credential; + inline bool operator<(const _RemoteCredential &c) const { return (id < c.id); } }; - // Comparison operator for remote credential entries template<typename T> - struct _RemoteCredentialSorter + struct _RemoteCredentialComp { - inline bool operator()(const T *a,const T *b) const { return (a->id < b->id); } - inline bool operator()(const uint64_t a,const T *b) const { return (a < b->id); } - inline bool operator()(const T *a,const uint64_t b) const { return (a->id < b); } + inline bool operator()(const _RemoteCredential<T> *a,const _RemoteCredential<T> *b) const { return (a->id < b->id); } + inline bool operator()(const uint64_t a,const _RemoteCredential<T> *b) const { return (a < b->id); } + inline bool operator()(const _RemoteCredential<T> *a,const uint64_t b) const { return (a->id < b); } inline bool operator()(const uint64_t a,const uint64_t b) const { return (a < b); } }; @@ -89,8 +70,8 @@ private: struct _LocalCredentialPushState { _LocalCredentialPushState() : lastPushed(0),id(0) {} - uint64_t lastPushed; - uint32_t id; + uint64_t lastPushed; // last time we sent our own copy of this credential + uint64_t id; }; public: @@ -117,8 +98,8 @@ public: { for(;;) { if ((_i != &(_m->_remoteCaps[ZT_MAX_NETWORK_CAPABILITIES]))&&((*_i)->id != ZT_MEMBERSHIP_CRED_ID_UNUSED)) { - const Capability *tmp = &((*_i)->cap); - if (_m->_isCredentialTimestampValid(*_c,*tmp,**_i)) { + const Capability *tmp = &((*_i)->credential); + if (_m->_isCredentialTimestampValid(*_c,**_i)) { ++_i; return tmp; } else ++_i; @@ -131,7 +112,7 @@ public: private: const Membership *_m; const NetworkConfig *_c; - const _RemoteCapability *const *_i; + const _RemoteCredential<Capability> *const *_i; }; friend class CapabilityIterator; @@ -150,8 +131,8 @@ public: { for(;;) { if ((_i != &(_m->_remoteTags[ZT_MAX_NETWORK_TAGS]))&&((*_i)->id != ZT_MEMBERSHIP_CRED_ID_UNUSED)) { - const Tag *tmp = &((*_i)->tag); - if (_m->_isCredentialTimestampValid(*_c,*tmp,**_i)) { + const Tag *tmp = &((*_i)->credential); + if (_m->_isCredentialTimestampValid(*_c,**_i)) { ++_i; return tmp; } else ++_i; @@ -164,7 +145,7 @@ public: private: const Membership *_m; const NetworkConfig *_c; - const _RemoteTag *const *_i; + const _RemoteCredential<Tag> *const *_i; }; friend class TagIterator; @@ -210,17 +191,30 @@ public: { if (nconf.isPublic()) return true; - if ((_comRevocationThreshold)&&(_com.timestamp().first <= _comRevocationThreshold)) + if (_com.timestamp().first <= _comRevocationThreshold) return false; return nconf.com.agreesWith(_com); } /** - * @param nconf Network configuration - * @param id Capablity ID - * @return Pointer to capability or NULL if not found + * Check whether the peer represented by this Membership owns a given resource + * + * @tparam Type of resource: InetAddress or MAC + * @param nconf Our network config + * @param r Resource to check + * @return True if this peer has a certificate of ownership for the given resource */ - const Capability *getCapability(const NetworkConfig &nconf,const uint32_t id) const; + template<typename T> + inline bool hasCertificateOfOwnershipFor(const NetworkConfig &nconf,const T &r) const + { + for(unsigned int i=0;i<ZT_MAX_CERTIFICATES_OF_OWNERSHIP;++i) { + if (_remoteCoos[i]->id == ZT_MEMBERSHIP_CRED_ID_UNUSED) + break; + if ((_isCredentialTimestampValid(nconf,*_remoteCoos[i]))&&(_remoteCoos[i]->credential.owns(r))) + return true; + } + return false; + } /** * @param nconf Network configuration @@ -249,26 +243,32 @@ public: */ AddCredentialResult addCredential(const RuntimeEnvironment *RR,const NetworkConfig &nconf,const Revocation &rev); + /** + * Validate and add a credential if signature is okay and it's otherwise good + */ + AddCredentialResult addCredential(const RuntimeEnvironment *RR,const NetworkConfig &nconf,const CertificateOfOwnership &coo); + private: - _RemoteTag *_newTag(const uint64_t id); - _RemoteCapability *_newCapability(const uint64_t id); + _RemoteCredential<Tag> *_newTag(const uint64_t id); + _RemoteCredential<Capability> *_newCapability(const uint64_t id); + _RemoteCredential<CertificateOfOwnership> *_newCoo(const uint64_t id); bool _revokeCom(const Revocation &rev); bool _revokeCap(const Revocation &rev,const uint64_t now); bool _revokeTag(const Revocation &rev,const uint64_t now); + bool _revokeCoo(const Revocation &rev,const uint64_t now); - template<typename C,typename CS> - inline bool _isCredentialTimestampValid(const NetworkConfig &nconf,const C &cred,const CS &state) const + template<typename C> + inline bool _isCredentialTimestampValid(const NetworkConfig &nconf,const _RemoteCredential<C> &remoteCredential) const { - const uint64_t ts = cred.timestamp(); - return ( (((ts >= nconf.timestamp) ? (ts - nconf.timestamp) : (nconf.timestamp - ts)) <= nconf.credentialTimeMaxDelta) && (ts > state.revocationThreshold) ); + if (!remoteCredential.lastReceived) + return false; + const uint64_t ts = remoteCredential.credential.timestamp(); + return ( (((ts >= nconf.timestamp) ? (ts - nconf.timestamp) : (nconf.timestamp - ts)) <= nconf.credentialTimeMaxDelta) && (ts > remoteCredential.revocationThreshold) ); } // Last time we pushed MULTICAST_LIKE(s) uint64_t _lastUpdatedMulticast; - // Last time we checked if credential push was needed - uint64_t _lastPushAttempt; - // Last time we pushed our COM to this peer uint64_t _lastPushedCom; @@ -278,17 +278,20 @@ private: // Remote member's latest network COM CertificateOfMembership _com; - // Sorted (in ascending order of ID) arrays of pointers to remote tags and capabilities - _RemoteTag *_remoteTags[ZT_MAX_NETWORK_TAGS]; - _RemoteCapability *_remoteCaps[ZT_MAX_NETWORK_CAPABILITIES]; + // Sorted (in ascending order of ID) arrays of pointers to remote credentials + _RemoteCredential<Tag> *_remoteTags[ZT_MAX_NETWORK_TAGS]; + _RemoteCredential<Capability> *_remoteCaps[ZT_MAX_NETWORK_CAPABILITIES]; + _RemoteCredential<CertificateOfOwnership> *_remoteCoos[ZT_MAX_CERTIFICATES_OF_OWNERSHIP]; - // This is the RAM allocated for remote tags and capabilities from which the sorted arrays are populated - _RemoteTag _tagMem[ZT_MAX_NETWORK_TAGS]; - _RemoteCapability _capMem[ZT_MAX_NETWORK_CAPABILITIES]; + // This is the RAM allocated for remote credential cache objects + _RemoteCredential<Tag> _tagMem[ZT_MAX_NETWORK_TAGS]; + _RemoteCredential<Capability> _capMem[ZT_MAX_NETWORK_CAPABILITIES]; + _RemoteCredential<CertificateOfOwnership> _cooMem[ZT_MAX_CERTIFICATES_OF_OWNERSHIP]; // Local credential push state tracking _LocalCredentialPushState _localTags[ZT_MAX_NETWORK_TAGS]; _LocalCredentialPushState _localCaps[ZT_MAX_NETWORK_CAPABILITIES]; + _LocalCredentialPushState _localCoos[ZT_MAX_CERTIFICATES_OF_OWNERSHIP]; }; } // namespace ZeroTier diff --git a/node/Multicaster.cpp b/node/Multicaster.cpp index 8743e8f8..f8d58501 100644 --- a/node/Multicaster.cpp +++ b/node/Multicaster.cpp @@ -229,7 +229,7 @@ void Multicaster::send( Address explicitGatherPeers[16]; unsigned int numExplicitGatherPeers = 0; - SharedPtr<Peer> bestRoot(RR->topology->getBestRoot()); + SharedPtr<Peer> bestRoot(RR->topology->getUpstreamPeer()); if (bestRoot) explicitGatherPeers[numExplicitGatherPeers++] = bestRoot->address(); explicitGatherPeers[numExplicitGatherPeers++] = Network::controllerFor(nwid); @@ -343,7 +343,7 @@ void Multicaster::clean(uint64_t now) { Mutex::Lock _l(_gatherAuth_m); _GatherAuthKey *k = (_GatherAuthKey *)0; - uint64_t *ts = (uint64_t *)ts; + uint64_t *ts = NULL; Hashtable<_GatherAuthKey,uint64_t>::Iterator i(_gatherAuth); while (i.next(k,ts)) { if ((now - *ts) >= ZT_MULTICAST_CREDENTIAL_EXPIRATON) diff --git a/node/Multicaster.hpp b/node/Multicaster.hpp index 5c94cd3a..32dec9cf 100644 --- a/node/Multicaster.hpp +++ b/node/Multicaster.hpp @@ -220,7 +220,7 @@ private: { _GatherAuthKey() : member(0),networkId(0) {} _GatherAuthKey(const uint64_t nwid,const Address &a) : member(a.toInt()),networkId(nwid) {} - inline unsigned long hashCode() const { return (member ^ networkId); } + inline unsigned long hashCode() const { return (unsigned long)(member ^ networkId); } inline bool operator==(const _GatherAuthKey &k) const { return ((member == k.member)&&(networkId == k.networkId)); } uint64_t member; uint64_t networkId; diff --git a/node/Network.cpp b/node/Network.cpp index 00c201ba..dd812cab 100644 --- a/node/Network.cpp +++ b/node/Network.cpp @@ -34,6 +34,7 @@ #include "NetworkController.hpp" #include "Node.hpp" #include "Peer.hpp" +#include "Cluster.hpp" // Uncomment to make the rules engine dump trace info to stdout //#define ZT_RULES_ENGINE_DEBUGGING 1 @@ -52,13 +53,12 @@ static const char *_rtn(const ZT_VirtualNetworkRuleType rt) case ZT_NETWORK_RULE_ACTION_TEE: return "ACTION_TEE"; case ZT_NETWORK_RULE_ACTION_WATCH: return "ACTION_WATCH"; case ZT_NETWORK_RULE_ACTION_REDIRECT: return "ACTION_REDIRECT"; - case ZT_NETWORK_RULE_ACTION_DEBUG_LOG: return "ACTION_DEBUG_LOG"; + case ZT_NETWORK_RULE_ACTION_BREAK: return "ACTION_BREAK"; case ZT_NETWORK_RULE_MATCH_SOURCE_ZEROTIER_ADDRESS: return "MATCH_SOURCE_ZEROTIER_ADDRESS"; case ZT_NETWORK_RULE_MATCH_DEST_ZEROTIER_ADDRESS: return "MATCH_DEST_ZEROTIER_ADDRESS"; case ZT_NETWORK_RULE_MATCH_VLAN_ID: return "MATCH_VLAN_ID"; case ZT_NETWORK_RULE_MATCH_VLAN_PCP: return "MATCH_VLAN_PCP"; case ZT_NETWORK_RULE_MATCH_VLAN_DEI: return "MATCH_VLAN_DEI"; - case ZT_NETWORK_RULE_MATCH_ETHERTYPE: return "MATCH_ETHERTYPE"; case ZT_NETWORK_RULE_MATCH_MAC_SOURCE: return "MATCH_MAC_SOURCE"; case ZT_NETWORK_RULE_MATCH_MAC_DEST: return "MATCH_MAC_DEST"; case ZT_NETWORK_RULE_MATCH_IPV4_SOURCE: return "MATCH_IPV4_SOURCE"; @@ -67,6 +67,7 @@ static const char *_rtn(const ZT_VirtualNetworkRuleType rt) case ZT_NETWORK_RULE_MATCH_IPV6_DEST: return "MATCH_IPV6_DEST"; case ZT_NETWORK_RULE_MATCH_IP_TOS: return "MATCH_IP_TOS"; case ZT_NETWORK_RULE_MATCH_IP_PROTOCOL: return "MATCH_IP_PROTOCOL"; + case ZT_NETWORK_RULE_MATCH_ETHERTYPE: return "MATCH_ETHERTYPE"; case ZT_NETWORK_RULE_MATCH_ICMP: return "MATCH_ICMP"; case ZT_NETWORK_RULE_MATCH_IP_SOURCE_PORT_RANGE: return "MATCH_IP_SOURCE_PORT_RANGE"; case ZT_NETWORK_RULE_MATCH_IP_DEST_PORT_RANGE: return "MATCH_IP_DEST_PORT_RANGE"; @@ -111,6 +112,7 @@ static const void _dumpFilterTrace(const char *ruleName,uint8_t thisSetMatches,b ); if (msg) printf(" + (%s)" ZT_EOL_S,msg); + fflush(stdout); } #else #define FILTER_TRACE(f,...) {} @@ -177,12 +179,15 @@ static _doZtFilterResult _doZtFilter( std::vector<std::string> dlog; #endif // ZT_RULES_ENGINE_DEBUGGING + // Set to true if we are a TEE/REDIRECT/WATCH target + bool superAccept = false; + // The default match state for each set of entries starts as 'true' since an // ACTION with no MATCH entries preceding it is always taken. uint8_t thisSetMatches = 1; for(unsigned int rn=0;rn<ruleCount;++rn) { - const ZT_VirtualNetworkRuleType rt = (ZT_VirtualNetworkRuleType)(rules[rn].t & 0x7f); + const ZT_VirtualNetworkRuleType rt = (ZT_VirtualNetworkRuleType)(rules[rn].t & 0x3f); // First check if this is an ACTION if ((unsigned int)rt <= (unsigned int)ZT_NETWORK_RULE_ACTION__MAX_ID) { @@ -198,7 +203,7 @@ static _doZtFilterResult _doZtFilter( #ifdef ZT_RULES_ENGINE_DEBUGGING _dumpFilterTrace("ACTION_ACCEPT",thisSetMatches,inbound,ztSource,ztDest,macSource,macDest,dlog,frameLen,etherType,(const char *)0); #endif // ZT_RULES_ENGINE_DEBUGGING - return DOZTFILTER_ACCEPT; // match, accept packet + return (superAccept ? DOZTFILTER_SUPER_ACCEPT : DOZTFILTER_ACCEPT); // match, accept packet // These are initially handled together since preliminary logic is common case ZT_NETWORK_RULE_ACTION_TEE: @@ -236,7 +241,7 @@ static _doZtFilterResult _doZtFilter( return DOZTFILTER_REDIRECT; } else { #ifdef ZT_RULES_ENGINE_DEBUGGING - _dumpFilterTrace("ACTION_TEE",thisSetMatches,inbound,ztSource,ztDest,macSource,macDest,dlog,frameLen,etherType,(const char *)0); + _dumpFilterTrace(_rtn(rt),thisSetMatches,inbound,ztSource,ztDest,macSource,macDest,dlog,frameLen,etherType,(const char *)0); dlog.clear(); #endif // ZT_RULES_ENGINE_DEBUGGING cc = fwdAddr; @@ -246,13 +251,12 @@ static _doZtFilterResult _doZtFilter( } } continue; - // This is a no-op that exists for use with rules engine tracing and isn't for use in production - case ZT_NETWORK_RULE_ACTION_DEBUG_LOG: // a no-op target specifically for debugging purposes + case ZT_NETWORK_RULE_ACTION_BREAK: #ifdef ZT_RULES_ENGINE_DEBUGGING - _dumpFilterTrace("ACTION_DEBUG_LOG",thisSetMatches,inbound,ztSource,ztDest,macSource,macDest,dlog,frameLen,etherType,(const char *)0); + _dumpFilterTrace("ACTION_BREAK",thisSetMatches,inbound,ztSource,ztDest,macSource,macDest,dlog,frameLen,etherType,(const char *)0); dlog.clear(); #endif // ZT_RULES_ENGINE_DEBUGGING - continue; + return DOZTFILTER_NO_MATCH; // Unrecognized ACTIONs are ignored as no-ops default: @@ -263,6 +267,22 @@ static _doZtFilterResult _doZtFilter( continue; } } else { + // If this is an incoming packet and we are a TEE or REDIRECT target, we should + // super-accept if we accept at all. This will cause us to accept redirected or + // tee'd packets in spite of MAC and ZT addressing checks. + if (inbound) { + switch(rt) { + case ZT_NETWORK_RULE_ACTION_TEE: + case ZT_NETWORK_RULE_ACTION_WATCH: + case ZT_NETWORK_RULE_ACTION_REDIRECT: + if (RR->identity.address() == rules[rn].v.fwd.address) + superAccept = true; + break; + default: + break; + } + } + #ifdef ZT_RULES_ENGINE_DEBUGGING _dumpFilterTrace(_rtn(rt),thisSetMatches,inbound,ztSource,ztDest,macSource,macDest,dlog,frameLen,etherType,(const char *)0); dlog.clear(); @@ -272,12 +292,14 @@ static _doZtFilterResult _doZtFilter( } } - // Circuit breaker: skip further MATCH entries up to next ACTION if match state is false - if (!thisSetMatches) + // Circuit breaker: no need to evaluate an AND if the set's match state + // is currently false since anything AND false is false. + if ((!thisSetMatches)&&(!(rules[rn].t & 0x40))) continue; // If this was not an ACTION evaluate next MATCH and update thisSetMatches with (AND [result]) uint8_t thisRuleMatches = 0; + uint64_t ownershipVerificationMask = 1; // this magic value means it hasn't been computed yet -- this is done lazily the first time it's needed switch(rt) { case ZT_NETWORK_RULE_MATCH_SOURCE_ZEROTIER_ADDRESS: thisRuleMatches = (uint8_t)(rules[rn].v.zt == ztSource.toInt()); @@ -301,10 +323,6 @@ static _doZtFilterResult _doZtFilter( thisRuleMatches = (uint8_t)(rules[rn].v.vlanDei == 0); FILTER_TRACE("%u %s %c %u==%u -> %u",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),(unsigned int)rules[rn].v.vlanDei,0,(unsigned int)thisRuleMatches); break; - case ZT_NETWORK_RULE_MATCH_ETHERTYPE: - thisRuleMatches = (uint8_t)(rules[rn].v.etherType == (uint16_t)etherType); - FILTER_TRACE("%u %s %c %u==%u -> %u",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),(unsigned int)rules[rn].v.etherType,etherType,(unsigned int)thisRuleMatches); - break; case ZT_NETWORK_RULE_MATCH_MAC_SOURCE: thisRuleMatches = (uint8_t)(MAC(rules[rn].v.mac,6) == macSource); FILTER_TRACE("%u %s %c %.12llx=%.12llx -> %u",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),rules[rn].v.mac,macSource.toInt(),(unsigned int)thisRuleMatches); @@ -351,12 +369,14 @@ static _doZtFilterResult _doZtFilter( break; case ZT_NETWORK_RULE_MATCH_IP_TOS: if ((etherType == ZT_ETHERTYPE_IPV4)&&(frameLen >= 20)) { - thisRuleMatches = (uint8_t)(rules[rn].v.ipTos == ((frameData[1] & 0xfc) >> 2)); - FILTER_TRACE("%u %s %c (IPv4) %u==%u -> %u",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),(unsigned int)rules[rn].v.ipTos,(unsigned int)((frameData[1] & 0xfc) >> 2),(unsigned int)thisRuleMatches); + //thisRuleMatches = (uint8_t)(rules[rn].v.ipTos == ((frameData[1] & 0xfc) >> 2)); + const uint8_t tosMasked = frameData[1] & rules[rn].v.ipTos.mask; + thisRuleMatches = (uint8_t)((tosMasked >= rules[rn].v.ipTos.value[0])&&(tosMasked <= rules[rn].v.ipTos.value[1])); + FILTER_TRACE("%u %s %c (IPv4) %u&%u==%u-%u -> %u",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),(unsigned int)tosMasked,(unsigned int)rules[rn].v.ipTos.mask,(unsigned int)rules[rn].v.ipTos.value[0],(unsigned int)rules[rn].v.ipTos.value[1],(unsigned int)thisRuleMatches); } else if ((etherType == ZT_ETHERTYPE_IPV6)&&(frameLen >= 40)) { - const uint8_t trafficClass = ((frameData[0] << 4) & 0xf0) | ((frameData[1] >> 4) & 0x0f); - thisRuleMatches = (uint8_t)(rules[rn].v.ipTos == ((trafficClass & 0xfc) >> 2)); - FILTER_TRACE("%u %s %c (IPv6) %u==%u -> %u",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),(unsigned int)rules[rn].v.ipTos,(unsigned int)((trafficClass & 0xfc) >> 2),(unsigned int)thisRuleMatches); + const uint8_t tosMasked = (((frameData[0] << 4) & 0xf0) | ((frameData[1] >> 4) & 0x0f)) & rules[rn].v.ipTos.mask; + thisRuleMatches = (uint8_t)((tosMasked >= rules[rn].v.ipTos.value[0])&&(tosMasked <= rules[rn].v.ipTos.value[1])); + FILTER_TRACE("%u %s %c (IPv4) %u&%u==%u-%u -> %u",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),(unsigned int)tosMasked,(unsigned int)rules[rn].v.ipTos.mask,(unsigned int)rules[rn].v.ipTos.value[0],(unsigned int)rules[rn].v.ipTos.value[1],(unsigned int)thisRuleMatches); } else { thisRuleMatches = 0; FILTER_TRACE("%u %s %c [frame not IP] -> 0",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '=')); @@ -380,10 +400,14 @@ static _doZtFilterResult _doZtFilter( FILTER_TRACE("%u %s %c [frame not IP] -> 0",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '=')); } break; + case ZT_NETWORK_RULE_MATCH_ETHERTYPE: + thisRuleMatches = (uint8_t)(rules[rn].v.etherType == (uint16_t)etherType); + FILTER_TRACE("%u %s %c %u==%u -> %u",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),(unsigned int)rules[rn].v.etherType,etherType,(unsigned int)thisRuleMatches); + break; case ZT_NETWORK_RULE_MATCH_ICMP: if ((etherType == ZT_ETHERTYPE_IPV4)&&(frameLen >= 20)) { - if (frameData[9] == 0x01) { - const unsigned int ihl = (frameData[0] & 0xf) * 32; + if (frameData[9] == 0x01) { // IP protocol == ICMP + const unsigned int ihl = (frameData[0] & 0xf) * 4; if (frameLen >= (ihl + 2)) { if (rules[rn].v.icmp.type == frameData[ihl]) { if ((rules[rn].v.icmp.flags & 0x01) != 0) { @@ -416,7 +440,7 @@ static _doZtFilterResult _doZtFilter( } else { thisRuleMatches = 0; } - FILTER_TRACE("%u %s %c (IPv4) icmp-type:%d==%d icmp-code:%d==%d -> %u",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),(int)frameData[pos],(int)rules[rn].v.icmp.type,(int)frameData[pos+1],(((rules[rn].v.icmp.flags & 0x01) != 0) ? (int)rules[rn].v.icmp.code : -1),(unsigned int)thisRuleMatches); + FILTER_TRACE("%u %s %c (IPv6) icmp-type:%d==%d icmp-code:%d==%d -> %u",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),(int)frameData[pos],(int)rules[rn].v.icmp.type,(int)frameData[pos+1],(((rules[rn].v.icmp.flags & 0x01) != 0) ? (int)rules[rn].v.icmp.code : -1),(unsigned int)thisRuleMatches); } else { thisRuleMatches = 0; FILTER_TRACE("%u %s %c [frame not ICMPv6] -> 0",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '=')); @@ -484,6 +508,47 @@ static _doZtFilterResult _doZtFilter( uint64_t cf = (inbound) ? ZT_RULE_PACKET_CHARACTERISTICS_INBOUND : 0ULL; if (macDest.isMulticast()) cf |= ZT_RULE_PACKET_CHARACTERISTICS_MULTICAST; if (macDest.isBroadcast()) cf |= ZT_RULE_PACKET_CHARACTERISTICS_BROADCAST; + if (ownershipVerificationMask == 1) { + ownershipVerificationMask = 0; + InetAddress src; + if ((etherType == ZT_ETHERTYPE_IPV4)&&(frameLen >= 20)) { + src.set((const void *)(frameData + 12),4,0); + } else if ((etherType == ZT_ETHERTYPE_IPV6)&&(frameLen >= 40)) { + // IPv6 NDP requires special handling, since the src and dest IPs in the packet are empty or link-local. + if ( (frameLen >= (40 + 8 + 16)) && (frameData[6] == 0x3a) && ((frameData[40] == 0x87)||(frameData[40] == 0x88)) ) { + if (frameData[40] == 0x87) { + // Neighbor solicitations contain no reliable source address, so we implement a small + // hack by considering them authenticated. Otherwise you would pretty much have to do + // this manually in the rule set for IPv6 to work at all. + ownershipVerificationMask |= ZT_RULE_PACKET_CHARACTERISTICS_SENDER_IP_AUTHENTICATED; + } else { + // Neighbor advertisements on the other hand can absolutely be authenticated. + src.set((const void *)(frameData + 40 + 8),16,0); + } + } else { + // Other IPv6 packets can be handled normally + src.set((const void *)(frameData + 8),16,0); + } + } else if ((etherType == ZT_ETHERTYPE_ARP)&&(frameLen >= 28)) { + src.set((const void *)(frameData + 14),4,0); + } + if (inbound) { + if (membership) { + if ((src)&&(membership->hasCertificateOfOwnershipFor(nconf,src))) + ownershipVerificationMask |= ZT_RULE_PACKET_CHARACTERISTICS_SENDER_IP_AUTHENTICATED; + if (membership->hasCertificateOfOwnershipFor(nconf,macSource)) + ownershipVerificationMask |= ZT_RULE_PACKET_CHARACTERISTICS_SENDER_MAC_AUTHENTICATED; + } + } else { + for(unsigned int i=0;i<nconf.certificateOfOwnershipCount;++i) { + if ((src)&&(nconf.certificatesOfOwnership[i].owns(src))) + ownershipVerificationMask |= ZT_RULE_PACKET_CHARACTERISTICS_SENDER_IP_AUTHENTICATED; + if (nconf.certificatesOfOwnership[i].owns(macSource)) + ownershipVerificationMask |= ZT_RULE_PACKET_CHARACTERISTICS_SENDER_MAC_AUTHENTICATED; + } + } + } + cf |= ownershipVerificationMask; if ((etherType == ZT_ETHERTYPE_IPV4)&&(frameLen >= 20)&&(frameData[9] == 0x06)) { const unsigned int headerLen = 4 * (frameData[0] & 0xf); cf |= (uint64_t)frameData[headerLen + 13]; @@ -497,8 +562,8 @@ static _doZtFilterResult _doZtFilter( } } } - thisRuleMatches = (uint8_t)((cf | rules[rn].v.characteristics) != 0); - FILTER_TRACE("%u %s %c (%.16llx & %.16llx)==%.16llx -> %u",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),cf,rules[rn].v.characteristics[0],rules[rn].v.characteristics[1],(unsigned int)thisRuleMatches); + thisRuleMatches = (uint8_t)((cf & rules[rn].v.characteristics) != 0); + FILTER_TRACE("%u %s %c (%.16llx | %.16llx)!=0 -> %u",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),cf,rules[rn].v.characteristics,(unsigned int)thisRuleMatches); } break; case ZT_NETWORK_RULE_MATCH_FRAME_SIZE_RANGE: thisRuleMatches = (uint8_t)((frameLen >= (unsigned int)rules[rn].v.frameSize[0])&&(frameLen <= (unsigned int)rules[rn].v.frameSize[1])); @@ -539,12 +604,17 @@ static _doZtFilterResult _doZtFilter( thisRuleMatches = 0; } } else { - if (inbound) { + if ((inbound)&&(!superAccept)) { thisRuleMatches = 0; FILTER_TRACE("%u %s %c remote tag %u not found -> 0 (inbound side is strict)",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),(unsigned int)rules[rn].v.tag.id); } else { + // Outbound side is not strict since if we have to match both tags and + // we are sending a first packet to a recipient, we probably do not know + // about their tags yet. They will filter on inbound and we will filter + // once we get their tag. If we are a tee/redirect target we are also + // not strict since we likely do not have these tags. thisRuleMatches = 1; - FILTER_TRACE("%u %s %c remote tag %u not found -> 1 (outbound side is not strict)",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),(unsigned int)rules[rn].v.tag.id); + FILTER_TRACE("%u %s %c remote tag %u not found -> 1 (outbound side and TEE/REDIRECT targets are not strict)",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),(unsigned int)rules[rn].v.tag.id); } } } else { @@ -552,6 +622,38 @@ static _doZtFilterResult _doZtFilter( FILTER_TRACE("%u %s %c local tag %u not found -> 0",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),(unsigned int)rules[rn].v.tag.id); } } break; + case ZT_NETWORK_RULE_MATCH_TAG_SENDER: + case ZT_NETWORK_RULE_MATCH_TAG_RECEIVER: { + if (superAccept) { + thisRuleMatches = 1; + FILTER_TRACE("%u %s %c we are a TEE/REDIRECT target -> 1",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '=')); + } else if ( ((rt == ZT_NETWORK_RULE_MATCH_TAG_SENDER)&&(inbound)) || ((rt == ZT_NETWORK_RULE_MATCH_TAG_RECEIVER)&&(!inbound)) ) { + const Tag *const remoteTag = ((membership) ? membership->getTag(nconf,rules[rn].v.tag.id) : (const Tag *)0); + if (remoteTag) { + thisRuleMatches = (uint8_t)(remoteTag->value() == rules[rn].v.tag.value); + FILTER_TRACE("%u %s %c TAG %u %.8x == %.8x -> %u",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),(unsigned int)rules[rn].v.tag.id,remoteTag->value(),(unsigned int)rules[rn].v.tag.value,(unsigned int)thisRuleMatches); + } else { + if (rt == ZT_NETWORK_RULE_MATCH_TAG_RECEIVER) { + // If we are checking the receiver and this is an outbound packet, we + // can't be strict since we may not yet know the receiver's tag. + thisRuleMatches = 1; + FILTER_TRACE("%u %s %c (inbound) remote tag %u not found -> 1 (outbound receiver match is not strict)",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),(unsigned int)rules[rn].v.tag.id); + } else { + thisRuleMatches = 0; + FILTER_TRACE("%u %s %c (inbound) remote tag %u not found -> 0",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),(unsigned int)rules[rn].v.tag.id); + } + } + } else { // sender and outbound or receiver and inbound + const Tag *const localTag = std::lower_bound(&(nconf.tags[0]),&(nconf.tags[nconf.tagCount]),rules[rn].v.tag.id,Tag::IdComparePredicate()); + if ((localTag != &(nconf.tags[nconf.tagCount]))&&(localTag->id() == rules[rn].v.tag.id)) { + thisRuleMatches = (uint8_t)(localTag->value() == rules[rn].v.tag.value); + FILTER_TRACE("%u %s %c TAG %u %.8x == %.8x -> %u",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),(unsigned int)rules[rn].v.tag.id,localTag->value(),(unsigned int)rules[rn].v.tag.value,(unsigned int)thisRuleMatches); + } else { + thisRuleMatches = 0; + FILTER_TRACE("%u %s %c local tag %u not found -> 0",rn,_rtn(rt),(((rules[rn].t & 0x80) != 0) ? '!' : '='),(unsigned int)rules[rn].v.tag.id); + } + } + } break; // The result of an unsupported MATCH is configurable at the network // level via a flag. @@ -560,8 +662,9 @@ static _doZtFilterResult _doZtFilter( break; } - // State of equals state AND result of last MATCH (possibly NOTed depending on bit 0x80) - thisSetMatches &= (thisRuleMatches ^ ((rules[rn].t >> 7) & 1)); + if ((rules[rn].t & 0x40)) + thisSetMatches |= (thisRuleMatches ^ ((rules[rn].t >> 7) & 1)); + else thisSetMatches &= (thisRuleMatches ^ ((rules[rn].t >> 7) & 1)); } return DOZTFILTER_NO_MATCH; @@ -597,7 +700,7 @@ Network::Network(const RuntimeEnvironment *renv,uint64_t nwid,void *uptr) : if (conf.length()) { dconf->load(conf.c_str()); if (nconf->fromDictionary(*dconf)) { - this->_setConfiguration(*nconf,false); + this->setConfiguration(*nconf,false); _lastConfigUpdate = 0; // we still want to re-request a new config from the network gotConf = true; } @@ -886,7 +989,7 @@ void Network::multicastUnsubscribe(const MulticastGroup &mg) _myMulticastGroups.erase(i); } -uint64_t Network::handleConfigChunk(const Packet &chunk,unsigned int ptr) +uint64_t Network::handleConfigChunk(const uint64_t packetId,const Address &source,const Buffer<ZT_PROTO_MAX_PACKET_LENGTH> &chunk,unsigned int ptr) { const unsigned int start = ptr; @@ -909,12 +1012,12 @@ uint64_t Network::handleConfigChunk(const Packet &chunk,unsigned int ptr) chunkIndex = chunk.at<uint32_t>(ptr); ptr += 4; if (((chunkIndex + chunkLen) > totalLength)||(totalLength >= ZT_NETWORKCONFIG_DICT_CAPACITY)) { // >= since we need room for a null at the end - TRACE("discarded chunk from %s: invalid length or length overflow",chunk.source().toString().c_str()); + TRACE("discarded chunk from %s: invalid length or length overflow",source.toString().c_str()); return 0; } if ((chunk[ptr] != 1)||(chunk.at<uint16_t>(ptr + 1) != ZT_C25519_SIGNATURE_LEN)) { - TRACE("discarded chunk from %s: unrecognized signature type",chunk.source().toString().c_str()); + TRACE("discarded chunk from %s: unrecognized signature type",source.toString().c_str()); return 0; } const uint8_t *sig = reinterpret_cast<const uint8_t *>(chunk.field(ptr + 3,ZT_C25519_SIGNATURE_LEN)); @@ -942,30 +1045,35 @@ uint64_t Network::handleConfigChunk(const Packet &chunk,unsigned int ptr) // If it's not a duplicate, check chunk signature const Identity controllerId(RR->topology->getIdentity(controller())); if (!controllerId) { // we should always have the controller identity by now, otherwise how would we have queried it the first time? - TRACE("unable to verify chunk from %s: don't have controller identity",chunk.source().toString().c_str()); + TRACE("unable to verify chunk from %s: don't have controller identity",source.toString().c_str()); return 0; } if (!controllerId.verify(chunk.field(start,ptr - start),ptr - start,sig,ZT_C25519_SIGNATURE_LEN)) { - TRACE("discarded chunk from %s: signature check failed",chunk.source().toString().c_str()); + TRACE("discarded chunk from %s: signature check failed",source.toString().c_str()); return 0; } +#ifdef ZT_ENABLE_CLUSTER + if ((source)&&(RR->cluster)) + RR->cluster->broadcastNetworkConfigChunk(chunk.field(start,chunk.size() - start),chunk.size() - start); +#endif + // New properly verified chunks can be flooded "virally" through the network if (fastPropagate) { Address *a = (Address *)0; Membership *m = (Membership *)0; Hashtable<Address,Membership>::Iterator i(_memberships); while (i.next(a,m)) { - if ((*a != chunk.source())&&(*a != controller())) { + if ((*a != source)&&(*a != controller())) { Packet outp(*a,RR->identity.address(),Packet::VERB_NETWORK_CONFIG); outp.append(reinterpret_cast<const uint8_t *>(chunk.data()) + start,chunk.size() - start); RR->sw->send(outp,true); } } } - } else if (chunk.source() == controller()) { + } else if ((source == controller())||(!source)) { // since old chunks aren't signed, only accept from controller itself (or via cluster backplane) // Legacy support for OK(NETWORK_CONFIG_REQUEST) from older controllers - chunkId = chunk.packetId(); + chunkId = packetId; configUpdateId = chunkId; totalLength = chunkLen; chunkIndex = 0; @@ -977,6 +1085,11 @@ uint64_t Network::handleConfigChunk(const Packet &chunk,unsigned int ptr) if ((!c)||(_incomingConfigChunks[i].ts < c->ts)) c = &(_incomingConfigChunks[i]); } + +#ifdef ZT_ENABLE_CLUSTER + if ((source)&&(RR->cluster)) + RR->cluster->broadcastNetworkConfigChunk(chunk.field(start,chunk.size() - start),chunk.size() - start); +#endif } else { TRACE("discarded single-chunk unsigned legacy config: this is only allowed if the sender is the controller itself"); return 0; @@ -1013,7 +1126,7 @@ uint64_t Network::handleConfigChunk(const Packet &chunk,unsigned int ptr) } if (nc) { - this->_setConfiguration(*nc,true); + this->setConfiguration(*nc,true); delete nc; return configUpdateId; } else { @@ -1023,8 +1136,114 @@ uint64_t Network::handleConfigChunk(const Packet &chunk,unsigned int ptr) return 0; } +int Network::setConfiguration(const NetworkConfig &nconf,bool saveToDisk) +{ + // _lock is NOT locked when this is called + try { + if ((nconf.issuedTo != RR->identity.address())||(nconf.networkId != _id)) + return 0; + if (_config == nconf) + return 1; // OK config, but duplicate of what we already have + + ZT_VirtualNetworkConfig ctmp; + bool oldPortInitialized; + { + Mutex::Lock _l(_lock); + _config = nconf; + _lastConfigUpdate = RR->node->now(); + _netconfFailure = NETCONF_FAILURE_NONE; + oldPortInitialized = _portInitialized; + _portInitialized = true; + _externalConfig(&ctmp); + } + _portError = RR->node->configureVirtualNetworkPort(_id,&_uPtr,(oldPortInitialized) ? ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_CONFIG_UPDATE : ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_UP,&ctmp); + + if (saveToDisk) { + Dictionary<ZT_NETWORKCONFIG_DICT_CAPACITY> *d = new Dictionary<ZT_NETWORKCONFIG_DICT_CAPACITY>(); + try { + char n[64]; + Utils::snprintf(n,sizeof(n),"networks.d/%.16llx.conf",_id); + if (nconf.toDictionary(*d,false)) + RR->node->dataStorePut(n,(const void *)d->data(),d->sizeBytes(),true); + } catch ( ... ) {} + delete d; + } + + return 2; // OK and configuration has changed + } catch ( ... ) { + TRACE("ignored invalid configuration for network %.16llx",(unsigned long long)_id); + } + return 0; +} + void Network::requestConfiguration() { + /* ZeroTier addresses can't begin with 0xff, so this is used to mark controllerless + * network IDs. Controllerless network IDs only support unicast IPv6 using the 6plane + * addressing scheme and have the following format: 0xffSSSSEEEE000000 where SSSS + * is the 16-bit starting IP port range allowed and EEEE is the 16-bit ending IP port + * range allowed. Remaining digits are reserved for future use and must be zero. */ + if ((_id >> 56) == 0xff) { + const uint16_t startPortRange = (uint16_t)((_id >> 40) & 0xffff); + const uint16_t endPortRange = (uint16_t)((_id >> 24) & 0xffff); + if (((_id & 0xffffff) == 0)&&(endPortRange >= startPortRange)) { + NetworkConfig *const nconf = new NetworkConfig(); + + nconf->networkId = _id; + nconf->timestamp = RR->node->now(); + nconf->credentialTimeMaxDelta = ZT_NETWORKCONFIG_DEFAULT_CREDENTIAL_TIME_MAX_MAX_DELTA; + nconf->revision = 1; + nconf->issuedTo = RR->identity.address(); + nconf->flags = ZT_NETWORKCONFIG_FLAG_ENABLE_IPV6_NDP_EMULATION; + nconf->staticIpCount = 1; + nconf->ruleCount = 14; + nconf->staticIps[0] = InetAddress::makeIpv66plane(_id,RR->identity.address().toInt()); + + // Drop everything but IPv6 + nconf->rules[0].t = (uint8_t)ZT_NETWORK_RULE_MATCH_ETHERTYPE | 0x80; // NOT + nconf->rules[0].v.etherType = 0x86dd; // IPv6 + nconf->rules[1].t = (uint8_t)ZT_NETWORK_RULE_ACTION_DROP; + + // Allow ICMPv6 + nconf->rules[2].t = (uint8_t)ZT_NETWORK_RULE_MATCH_IP_PROTOCOL; + nconf->rules[2].v.ipProtocol = 0x3a; // ICMPv6 + nconf->rules[3].t = (uint8_t)ZT_NETWORK_RULE_ACTION_ACCEPT; + + // Allow destination ports within range + nconf->rules[4].t = (uint8_t)ZT_NETWORK_RULE_MATCH_IP_PROTOCOL; + nconf->rules[4].v.ipProtocol = 0x11; // UDP + nconf->rules[5].t = (uint8_t)ZT_NETWORK_RULE_MATCH_IP_PROTOCOL | 0x40; // OR + nconf->rules[5].v.ipProtocol = 0x06; // TCP + nconf->rules[6].t = (uint8_t)ZT_NETWORK_RULE_MATCH_IP_DEST_PORT_RANGE; + nconf->rules[6].v.port[0] = startPortRange; + nconf->rules[6].v.port[1] = endPortRange; + nconf->rules[7].t = (uint8_t)ZT_NETWORK_RULE_ACTION_ACCEPT; + + // Allow non-SYN TCP packets to permit non-connection-initiating traffic + nconf->rules[8].t = (uint8_t)ZT_NETWORK_RULE_MATCH_CHARACTERISTICS | 0x80; // NOT + nconf->rules[8].v.characteristics = ZT_RULE_PACKET_CHARACTERISTICS_TCP_SYN; + nconf->rules[9].t = (uint8_t)ZT_NETWORK_RULE_ACTION_ACCEPT; + + // Also allow SYN+ACK which are replies to SYN + nconf->rules[10].t = (uint8_t)ZT_NETWORK_RULE_MATCH_CHARACTERISTICS; + nconf->rules[10].v.characteristics = ZT_RULE_PACKET_CHARACTERISTICS_TCP_SYN; + nconf->rules[11].t = (uint8_t)ZT_NETWORK_RULE_MATCH_CHARACTERISTICS; + nconf->rules[11].v.characteristics = ZT_RULE_PACKET_CHARACTERISTICS_TCP_ACK; + nconf->rules[12].t = (uint8_t)ZT_NETWORK_RULE_ACTION_ACCEPT; + + nconf->rules[13].t = (uint8_t)ZT_NETWORK_RULE_ACTION_DROP; + + nconf->type = ZT_NETWORK_TYPE_PUBLIC; + Utils::snprintf(nconf->name,sizeof(nconf->name),"adhoc-%.04x-%.04x",(int)startPortRange,(int)endPortRange); + + this->setConfiguration(*nconf,false); + delete nconf; + } else { + this->setNotFound(); + } + return; + } + const Address ctrl(controller()); Dictionary<ZT_NETWORKCONFIG_METADATA_DICT_CAPACITY> rmd; @@ -1040,30 +1259,10 @@ void Network::requestConfiguration() rmd.add(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_MAX_NETWORK_TAGS,(uint64_t)ZT_MAX_NETWORK_TAGS); rmd.add(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_FLAGS,(uint64_t)0); rmd.add(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_RULES_ENGINE_REV,(uint64_t)ZT_RULES_ENGINE_REVISION); - rmd.add(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_NODE_RELAY_POLICY,(uint64_t)RR->node->relayPolicy()); if (ctrl == RR->identity.address()) { if (RR->localNetworkController) { - NetworkConfig *nconf = new NetworkConfig(); - try { - switch(RR->localNetworkController->doNetworkConfigRequest(InetAddress(),RR->identity,RR->identity,_id,rmd,*nconf)) { - case NetworkController::NETCONF_QUERY_OK: - this->_setConfiguration(*nconf,true); - break; - case NetworkController::NETCONF_QUERY_OBJECT_NOT_FOUND: - this->setNotFound(); - break; - case NetworkController::NETCONF_QUERY_ACCESS_DENIED: - this->setAccessDenied(); - break; - default: - this->setNotFound(); - break; - } - } catch ( ... ) { - this->setNotFound(); - } - delete nconf; + RR->localNetworkController->request(_id,InetAddress(),0xffffffffffffffffULL,RR->identity,rmd); } else { this->setNotFound(); } @@ -1098,8 +1297,8 @@ bool Network::gate(const SharedPtr<Peer> &peer) if ( (_config.isPublic()) || ((m)&&(m->isAllowedOnNetwork(_config))) ) { if (!m) m = &(_membership(peer->address())); - m->pushCredentials(RR,now,peer->address(),_config,-1,false); if (m->shouldLikeMulticasts(now)) { + m->pushCredentials(RR,now,peer->address(),_config,-1,false); _announceMulticastGroupsTo(peer->address(),_allMulticastGroups()); m->likingMulticasts(now); } @@ -1224,6 +1423,7 @@ Membership::AddCredentialResult Network::addCredential(const Address &sentFrom,c outp.append((uint16_t)0); // no tags outp.append((uint16_t)1); // one revocation! rev.serialize(outp); + outp.append((uint16_t)0); // no certificates of ownership RR->sw->send(outp,true); } } @@ -1255,46 +1455,6 @@ ZT_VirtualNetworkStatus Network::_status() const } } -int Network::_setConfiguration(const NetworkConfig &nconf,bool saveToDisk) -{ - // _lock is NOT locked when this is called - try { - if ((nconf.issuedTo != RR->identity.address())||(nconf.networkId != _id)) - return 0; - if (_config == nconf) - return 1; // OK config, but duplicate of what we already have - - ZT_VirtualNetworkConfig ctmp; - bool oldPortInitialized; - { - Mutex::Lock _l(_lock); - _config = nconf; - _lastConfigUpdate = RR->node->now(); - _netconfFailure = NETCONF_FAILURE_NONE; - oldPortInitialized = _portInitialized; - _portInitialized = true; - _externalConfig(&ctmp); - } - _portError = RR->node->configureVirtualNetworkPort(_id,&_uPtr,(oldPortInitialized) ? ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_CONFIG_UPDATE : ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_UP,&ctmp); - - if (saveToDisk) { - Dictionary<ZT_NETWORKCONFIG_DICT_CAPACITY> *d = new Dictionary<ZT_NETWORKCONFIG_DICT_CAPACITY>(); - try { - char n[64]; - Utils::snprintf(n,sizeof(n),"networks.d/%.16llx.conf",_id); - if (nconf.toDictionary(*d,false)) - RR->node->dataStorePut(n,(const void *)d->data(),d->sizeBytes(),true); - } catch ( ... ) {} - delete d; - } - - return 2; // OK and configuration has changed - } catch ( ... ) { - TRACE("ignored invalid configuration for network %.16llx",(unsigned long long)_id); - } - return 0; -} - void Network::_externalConfig(ZT_VirtualNetworkConfig *ec) const { // assumes _lock is locked diff --git a/node/Network.hpp b/node/Network.hpp index 527d3048..56c7fc60 100644 --- a/node/Network.hpp +++ b/node/Network.hpp @@ -181,11 +181,22 @@ public: * chunks via OK(NETWORK_CONFIG_REQUEST) or NETWORK_CONFIG. It verifies * each chunk and once assembled applies the configuration. * - * @param chunk Packet containing chunk + * @param packetId Packet ID or 0 if none (e.g. via cluster path) + * @param source Address of sender of chunk or NULL if none (e.g. via cluster path) + * @param chunk Buffer containing chunk * @param ptr Index of chunk and related fields in packet * @return Update ID if update was fully assembled and accepted or 0 otherwise */ - uint64_t handleConfigChunk(const Packet &chunk,unsigned int ptr); + uint64_t handleConfigChunk(const uint64_t packetId,const Address &source,const Buffer<ZT_PROTO_MAX_PACKET_LENGTH> &chunk,unsigned int ptr); + + /** + * Set network configuration + * + * @param nconf Network configuration + * @param saveToDisk Save to disk? Used during loading, should usually be true otherwise. + * @return 0 == bad, 1 == accepted but duplicate/unchanged, 2 == accepted and new + */ + int setConfiguration(const NetworkConfig &nconf,bool saveToDisk); /** * Set netconf failure to 'access denied' -- called in IncomingPacket when controller reports this @@ -291,6 +302,17 @@ public: Membership::AddCredentialResult addCredential(const Address &sentFrom,const Revocation &rev); /** + * Validate a credential and learn it if it passes certificate and other checks + */ + inline Membership::AddCredentialResult addCredential(const CertificateOfOwnership &coo) + { + if (coo.networkId() != _id) + return Membership::ADD_REJECTED; + Mutex::Lock _l(_lock); + return _membership(coo.issuedTo()).addCredential(RR,_config,coo); + } + + /** * Force push credentials (COM, etc.) to a peer now * * @param to Destination peer address @@ -328,7 +350,6 @@ public: inline void **userPtr() throw() { return &_uPtr; } private: - int _setConfiguration(const NetworkConfig &nconf,bool saveToDisk); ZT_VirtualNetworkStatus _status() const; void _externalConfig(ZT_VirtualNetworkConfig *ec) const; // assumes _lock is locked bool _gate(const SharedPtr<Peer> &peer); diff --git a/node/NetworkConfig.cpp b/node/NetworkConfig.cpp index 6acc48ea..fe7393e8 100644 --- a/node/NetworkConfig.cpp +++ b/node/NetworkConfig.cpp @@ -21,7 +21,6 @@ #include <algorithm> #include "NetworkConfig.hpp" -#include "Utils.hpp" namespace ZeroTier { @@ -138,6 +137,13 @@ bool NetworkConfig::toDictionary(Dictionary<ZT_NETWORKCONFIG_DICT_CAPACITY> &d,b } tmp->clear(); + for(unsigned int i=0;i<this->certificateOfOwnershipCount;++i) + this->certificatesOfOwnership[i].serialize(*tmp); + if (tmp->size()) { + if (!d.add(ZT_NETWORKCONFIG_DICT_KEY_CERTIFICATES_OF_OWNERSHIP,*tmp)) return false; + } + + tmp->clear(); for(unsigned int i=0;i<this->specialistCount;++i) tmp->append((uint64_t)this->specialists[i]); if (tmp->size()) { @@ -258,7 +264,7 @@ bool NetworkConfig::fromDictionary(const Dictionary<ZT_NETWORKCONFIG_DICT_CAPACI if (d.get(ZT_NETWORKCONFIG_DICT_KEY_ACTIVE_BRIDGES_OLD,tmp2,sizeof(tmp2)) > 0) { char *saveptr = (char *)0; for(char *f=Utils::stok(tmp2,",",&saveptr);(f);f=Utils::stok((char *)0,",",&saveptr)) { - this->addSpecialist(Address(f),ZT_NETWORKCONFIG_SPECIALIST_TYPE_ACTIVE_BRIDGE); + this->addSpecialist(Address(Utils::hexStrToU64(f)),ZT_NETWORKCONFIG_SPECIALIST_TYPE_ACTIVE_BRIDGE); } } #else @@ -297,10 +303,23 @@ bool NetworkConfig::fromDictionary(const Dictionary<ZT_NETWORKCONFIG_DICT_CAPACI std::sort(&(this->tags[0]),&(this->tags[this->tagCount])); } + if (d.get(ZT_NETWORKCONFIG_DICT_KEY_CERTIFICATES_OF_OWNERSHIP,*tmp)) { + unsigned int p = 0; + while (p < tmp->size()) { + if (certificateOfOwnershipCount < ZT_MAX_CERTIFICATES_OF_OWNERSHIP) + p += certificatesOfOwnership[certificateOfOwnershipCount++].deserialize(*tmp,p); + else { + CertificateOfOwnership foo; + p += foo.deserialize(*tmp,p); + } + } + } + if (d.get(ZT_NETWORKCONFIG_DICT_KEY_SPECIALISTS,*tmp)) { unsigned int p = 0; - while (((p + 8) <= tmp->size())&&(specialistCount < ZT_MAX_NETWORK_SPECIALISTS)) { - this->specialists[this->specialistCount++] = tmp->at<uint64_t>(p); + while ((p + 8) <= tmp->size()) { + if (specialistCount < ZT_MAX_NETWORK_SPECIALISTS) + this->specialists[this->specialistCount++] = tmp->at<uint64_t>(p); p += 8; } } diff --git a/node/NetworkConfig.hpp b/node/NetworkConfig.hpp index a548e866..85c24090 100644 --- a/node/NetworkConfig.hpp +++ b/node/NetworkConfig.hpp @@ -35,10 +35,12 @@ #include "MulticastGroup.hpp" #include "Address.hpp" #include "CertificateOfMembership.hpp" +#include "CertificateOfOwnership.hpp" #include "Capability.hpp" #include "Tag.hpp" #include "Dictionary.hpp" #include "Identity.hpp" +#include "Utils.hpp" /** * Default maximum time delta for COMs, tags, and capabilities @@ -99,7 +101,7 @@ namespace ZeroTier { // Dictionary capacity needed for max size network config -#define ZT_NETWORKCONFIG_DICT_CAPACITY (4096 + (sizeof(ZT_VirtualNetworkRule) * ZT_MAX_NETWORK_RULES) + (sizeof(Capability) * ZT_MAX_NETWORK_CAPABILITIES) + (sizeof(Tag) * ZT_MAX_NETWORK_TAGS)) +#define ZT_NETWORKCONFIG_DICT_CAPACITY (1024 + (sizeof(ZT_VirtualNetworkRule) * ZT_MAX_NETWORK_RULES) + (sizeof(Capability) * ZT_MAX_NETWORK_CAPABILITIES) + (sizeof(Tag) * ZT_MAX_NETWORK_TAGS) + (sizeof(CertificateOfOwnership) * ZT_MAX_CERTIFICATES_OF_OWNERSHIP)) // Dictionary capacity needed for max size network meta-data #define ZT_NETWORKCONFIG_METADATA_DICT_CAPACITY 1024 @@ -135,8 +137,6 @@ namespace ZeroTier { #define ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_AUTH "a" // Network configuration meta-data flags #define ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_FLAGS "f" -// Relay policy for this node -#define ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_NODE_RELAY_POLICY "rp" // These dictionary keys are short so they don't take up much room. // By convention we use upper case for binary blobs, but it doesn't really matter. @@ -175,6 +175,8 @@ namespace ZeroTier { #define ZT_NETWORKCONFIG_DICT_KEY_CAPABILITIES "CAP" // tags (binary blobs) #define ZT_NETWORKCONFIG_DICT_KEY_TAGS "TAG" +// tags (binary blobs) +#define ZT_NETWORKCONFIG_DICT_KEY_CERTIFICATES_OF_OWNERSHIP "COO" // curve25519 signature #define ZT_NETWORKCONFIG_DICT_KEY_SIGNATURE "C25519" @@ -476,11 +478,6 @@ public: unsigned int staticIpCount; /** - * Number of pinned devices (devices with physical address hints) - */ - unsigned int pinnedCount; - - /** * Number of rule table entries */ unsigned int ruleCount; @@ -496,6 +493,11 @@ public: unsigned int tagCount; /** + * Number of certificates of ownership + */ + unsigned int certificateOfOwnershipCount; + + /** * Specialist devices * * For each entry the least significant 40 bits are the device's ZeroTier @@ -529,6 +531,11 @@ public: Tag tags[ZT_MAX_NETWORK_TAGS]; /** + * Certificates of ownership for this network member + */ + CertificateOfOwnership certificatesOfOwnership[ZT_MAX_CERTIFICATES_OF_OWNERSHIP]; + + /** * Network type (currently just public or private) */ ZT_VirtualNetworkType type; diff --git a/node/NetworkController.hpp b/node/NetworkController.hpp index db95dd14..0634f435 100644 --- a/node/NetworkController.hpp +++ b/node/NetworkController.hpp @@ -24,12 +24,12 @@ #include "Constants.hpp" #include "Dictionary.hpp" #include "NetworkConfig.hpp" +#include "Revocation.hpp" +#include "Address.hpp" namespace ZeroTier { -class RuntimeEnvironment; class Identity; -class Address; struct InetAddress; /** @@ -38,45 +38,77 @@ struct InetAddress; class NetworkController { public: + enum ErrorCode + { + NC_ERROR_NONE = 0, + NC_ERROR_OBJECT_NOT_FOUND = 1, + NC_ERROR_ACCESS_DENIED = 2, + NC_ERROR_INTERNAL_SERVER_ERROR = 3 + }; + /** - * Return value of doNetworkConfigRequest + * Interface for sender used to send pushes and replies */ - enum ResultCode + class Sender { - NETCONF_QUERY_OK = 0, - NETCONF_QUERY_OBJECT_NOT_FOUND = 1, - NETCONF_QUERY_ACCESS_DENIED = 2, - NETCONF_QUERY_INTERNAL_SERVER_ERROR = 3, - NETCONF_QUERY_IGNORE = 4 + public: + /** + * Send a configuration to a remote peer + * + * @param nwid Network ID + * @param requestPacketId Request packet ID to send OK(NETWORK_CONFIG_REQUEST) or 0 to send NETWORK_CONFIG (push) + * @param destination Destination peer Address + * @param nc Network configuration to send + * @param sendLegacyFormatConfig If true, send an old-format network config + */ + virtual void ncSendConfig(uint64_t nwid,uint64_t requestPacketId,const Address &destination,const NetworkConfig &nc,bool sendLegacyFormatConfig) = 0; + + /** + * Send revocation to a node + * + * @param destination Destination node address + * @param rev Revocation to send + */ + virtual void ncSendRevocation(const Address &destination,const Revocation &rev) = 0; + + /** + * Send a network configuration request error + * + * @param nwid Network ID + * @param requestPacketId Request packet ID or 0 if none + * @param destination Destination peer Address + * @param errorCode Error code + */ + virtual void ncSendError(uint64_t nwid,uint64_t requestPacketId,const Address &destination,NetworkController::ErrorCode errorCode) = 0; }; NetworkController() {} virtual ~NetworkController() {} /** - * Handle a network config request, sending replies if necessary - * - * This call is permitted to block, and may be called concurrently from more - * than one thread. Implementations must use locks if needed. + * Called when this is added to a Node to initialize and supply info * - * On internal server errors, the 'error' field in result can be filled in - * to indicate the error. + * @param signingId Identity for signing of network configurations, certs, etc. + * @param sender Sender implementation for sending replies or config pushes + */ + virtual void init(const Identity &signingId,Sender *sender) = 0; + + /** + * Handle a network configuration request * - * @param fromAddr Originating wire address or null address if packet is not direct (or from self) - * @param signingId Identity that should be used to sign results -- must include private key - * @param identity Originating peer ZeroTier identity * @param nwid 64-bit network ID + * @param fromAddr Originating wire address or null address if packet is not direct (or from self) + * @param requestPacketId Packet ID of request packet or 0 if not initiated by remote request + * @param identity ZeroTier identity of originating peer * @param metaData Meta-data bundled with request (if any) - * @param nc NetworkConfig to fill with results * @return Returns NETCONF_QUERY_OK if result 'nc' is valid, or an error code on error */ - virtual NetworkController::ResultCode doNetworkConfigRequest( + virtual void request( + uint64_t nwid, const InetAddress &fromAddr, - const Identity &signingId, + uint64_t requestPacketId, const Identity &identity, - uint64_t nwid, - const Dictionary<ZT_NETWORKCONFIG_METADATA_DICT_CAPACITY> &metaData, - NetworkConfig &nc) = 0; + const Dictionary<ZT_NETWORKCONFIG_METADATA_DICT_CAPACITY> &metaData) = 0; }; } // namespace ZeroTier diff --git a/node/Node.cpp b/node/Node.cpp index db9b8ea0..1125ca7a 100644 --- a/node/Node.cpp +++ b/node/Node.cpp @@ -46,64 +46,46 @@ namespace ZeroTier { /* Public Node interface (C++, exposed via CAPI bindings) */ /****************************************************************************/ -Node::Node( - uint64_t now, - void *uptr, - ZT_DataStoreGetFunction dataStoreGetFunction, - ZT_DataStorePutFunction dataStorePutFunction, - ZT_WirePacketSendFunction wirePacketSendFunction, - ZT_VirtualNetworkFrameFunction virtualNetworkFrameFunction, - ZT_VirtualNetworkConfigFunction virtualNetworkConfigFunction, - ZT_PathCheckFunction pathCheckFunction, - ZT_EventCallback eventCallback) : +Node::Node(void *uptr,const struct ZT_Node_Callbacks *callbacks,uint64_t now) : _RR(this), RR(&_RR), _uPtr(uptr), - _dataStoreGetFunction(dataStoreGetFunction), - _dataStorePutFunction(dataStorePutFunction), - _wirePacketSendFunction(wirePacketSendFunction), - _virtualNetworkFrameFunction(virtualNetworkFrameFunction), - _virtualNetworkConfigFunction(virtualNetworkConfigFunction), - _pathCheckFunction(pathCheckFunction), - _eventCallback(eventCallback), - _networks(), - _networks_m(), _prngStreamPtr(0), _now(now), _lastPingCheck(0), - _lastHousekeepingRun(0), - _relayPolicy(ZT_RELAY_POLICY_TRUSTED) + _lastHousekeepingRun(0) { + if (callbacks->version != 0) + throw std::runtime_error("callbacks struct version mismatch"); + memcpy(&_cb,callbacks,sizeof(ZT_Node_Callbacks)); + _online = false; memset(_expectingRepliesToBucketPtr,0,sizeof(_expectingRepliesToBucketPtr)); memset(_expectingRepliesTo,0,sizeof(_expectingRepliesTo)); + memset(_lastIdentityVerification,0,sizeof(_lastIdentityVerification)); // Use Salsa20 alone as a high-quality non-crypto PRNG - { - char foo[32]; - Utils::getSecureRandom(foo,32); - _prng.init(foo,256,foo); - memset(_prngStream,0,sizeof(_prngStream)); - _prng.encrypt12(_prngStream,_prngStream,sizeof(_prngStream)); + char foo[32]; + Utils::getSecureRandom(foo,32); + _prng.init(foo,256,foo); + memset(_prngStream,0,sizeof(_prngStream)); + _prng.crypt12(_prngStream,_prngStream,sizeof(_prngStream)); + + std::string idtmp(dataStoreGet("identity.secret")); + if ((!idtmp.length())||(!RR->identity.fromString(idtmp))||(!RR->identity.hasPrivate())) { + TRACE("identity.secret not found, generating..."); + RR->identity.generate(); + idtmp = RR->identity.toString(true); + if (!dataStorePut("identity.secret",idtmp,true)) + throw std::runtime_error("unable to write identity.secret"); } - - { - std::string idtmp(dataStoreGet("identity.secret")); - if ((!idtmp.length())||(!RR->identity.fromString(idtmp))||(!RR->identity.hasPrivate())) { - TRACE("identity.secret not found, generating..."); - RR->identity.generate(); - idtmp = RR->identity.toString(true); - if (!dataStorePut("identity.secret",idtmp,true)) - throw std::runtime_error("unable to write identity.secret"); - } - RR->publicIdentityStr = RR->identity.toString(false); - RR->secretIdentityStr = RR->identity.toString(true); - idtmp = dataStoreGet("identity.public"); - if (idtmp != RR->publicIdentityStr) { - if (!dataStorePut("identity.public",RR->publicIdentityStr,false)) - throw std::runtime_error("unable to write identity.public"); - } + RR->publicIdentityStr = RR->identity.toString(false); + RR->secretIdentityStr = RR->identity.toString(true); + idtmp = dataStoreGet("identity.public"); + if (idtmp != RR->publicIdentityStr) { + if (!dataStorePut("identity.public",RR->publicIdentityStr,false)) + throw std::runtime_error("unable to write identity.public"); } try { @@ -119,9 +101,6 @@ Node::Node( throw; } - if (RR->topology->amRoot()) - _relayPolicy = ZT_RELAY_POLICY_ALWAYS; - postEvent(ZT_EVENT_UP); } @@ -173,14 +152,16 @@ ZT_ResultCode Node::processVirtualNetworkFrame( } else return ZT_RESULT_ERROR_NETWORK_NOT_FOUND; } +// Closure used to ping upstream and active/online peers class _PingPeersThatNeedPing { public: - _PingPeersThatNeedPing(const RuntimeEnvironment *renv,uint64_t now) : + _PingPeersThatNeedPing(const RuntimeEnvironment *renv,Hashtable< Address,std::vector<InetAddress> > &upstreamsToContact,uint64_t now) : lastReceiveFromUpstream(0), RR(renv), + _upstreamsToContact(upstreamsToContact), _now(now), - _world(RR->topology->world()) + _bestCurrentUpstream(RR->topology->getUpstreamPeer()) { } @@ -188,69 +169,52 @@ public: inline void operator()(Topology &t,const SharedPtr<Peer> &p) { - bool upstream = false; - InetAddress stableEndpoint4,stableEndpoint6; - - // If this is a world root, pick (if possible) both an IPv4 and an IPv6 stable endpoint to use if link isn't currently alive. - for(std::vector<World::Root>::const_iterator r(_world.roots().begin());r!=_world.roots().end();++r) { - if (r->identity == p->identity()) { - upstream = true; - for(unsigned long k=0,ptr=(unsigned long)RR->node->prng();k<(unsigned long)r->stableEndpoints.size();++k) { - const InetAddress &addr = r->stableEndpoints[ptr++ % r->stableEndpoints.size()]; - if (!stableEndpoint4) { - if (addr.ss_family == AF_INET) - stableEndpoint4 = addr; - } - if (!stableEndpoint6) { - if (addr.ss_family == AF_INET6) - stableEndpoint6 = addr; + const std::vector<InetAddress> *const upstreamStableEndpoints = _upstreamsToContact.get(p->address()); + if (upstreamStableEndpoints) { + bool contacted = false; + + // Upstreams must be pinged constantly over both IPv4 and IPv6 to allow + // them to perform three way handshake introductions for both stacks. + + if (!p->doPingAndKeepalive(_now,AF_INET)) { + for(unsigned long k=0,ptr=(unsigned long)RR->node->prng();k<(unsigned long)upstreamStableEndpoints->size();++k) { + const InetAddress &addr = (*upstreamStableEndpoints)[ptr++ % upstreamStableEndpoints->size()]; + if (addr.ss_family == AF_INET) { + p->sendHELLO(InetAddress(),addr,_now,0); + contacted = true; + break; } } - break; - } - } - - if (upstream) { - // "Upstream" devices are roots and relays and get special treatment -- they stay alive - // forever and we try to keep (if available) both IPv4 and IPv6 channels open to them. - bool needToContactIndirect = true; - if (p->doPingAndKeepalive(_now,AF_INET)) { - needToContactIndirect = false; - } else { - if (stableEndpoint4) { - needToContactIndirect = false; - p->sendHELLO(InetAddress(),stableEndpoint4,_now); - } - } - if (p->doPingAndKeepalive(_now,AF_INET6)) { - needToContactIndirect = false; - } else { - if (stableEndpoint6) { - needToContactIndirect = false; - p->sendHELLO(InetAddress(),stableEndpoint6,_now); + } else contacted = true; + if (!p->doPingAndKeepalive(_now,AF_INET6)) { + for(unsigned long k=0,ptr=(unsigned long)RR->node->prng();k<(unsigned long)upstreamStableEndpoints->size();++k) { + const InetAddress &addr = (*upstreamStableEndpoints)[ptr++ % upstreamStableEndpoints->size()]; + if (addr.ss_family == AF_INET6) { + p->sendHELLO(InetAddress(),addr,_now,0); + contacted = true; + break; + } } - } + } else contacted = true; - if (needToContactIndirect) { - // If this is an upstream and we have no stable endpoint for either IPv4 or IPv6, - // send a NOP indirectly if possible to see if we can get to this peer in any - // way whatsoever. This will e.g. find network preferred relays that lack - // stable endpoints by using root servers. - Packet outp(p->address(),RR->identity.address(),Packet::VERB_NOP); - RR->sw->send(outp,true); + if ((!contacted)&&(_bestCurrentUpstream)) { + const SharedPtr<Path> up(_bestCurrentUpstream->getBestPath(_now,true)); + if (up) + p->sendHELLO(up->localAddress(),up->address(),_now,up->nextOutgoingCounter()); } lastReceiveFromUpstream = std::max(p->lastReceive(),lastReceiveFromUpstream); + _upstreamsToContact.erase(p->address()); // erase from upstreams to contact so that we can WHOIS those that remain } else if (p->isActive(_now)) { - // Normal nodes get their preferred link kept alive if the node has generated frame traffic recently p->doPingAndKeepalive(_now,-1); } } private: const RuntimeEnvironment *RR; - uint64_t _now; - World _world; + Hashtable< Address,std::vector<InetAddress> > &_upstreamsToContact; + const uint64_t _now; + const SharedPtr<Peer> _bestCurrentUpstream; }; ZT_ResultCode Node::processBackgroundTasks(uint64_t now,volatile uint64_t *nextBackgroundTaskDeadline) @@ -264,7 +228,7 @@ ZT_ResultCode Node::processBackgroundTasks(uint64_t now,volatile uint64_t *nextB try { _lastPingCheck = now; - // Get relays and networks that need config without leaving the mutex locked + // Get networks that need config without leaving mutex locked std::vector< SharedPtr<Network> > needConfig; { Mutex::Lock _l(_networks_m); @@ -278,9 +242,18 @@ ZT_ResultCode Node::processBackgroundTasks(uint64_t now,volatile uint64_t *nextB (*n)->requestConfiguration(); // Do pings and keepalives - _PingPeersThatNeedPing pfunc(RR,now); + Hashtable< Address,std::vector<InetAddress> > upstreamsToContact; + RR->topology->getUpstreamsToContact(upstreamsToContact); + _PingPeersThatNeedPing pfunc(RR,upstreamsToContact,now); RR->topology->eachPeer<_PingPeersThatNeedPing &>(pfunc); + // Run WHOIS to create Peer for any upstreams we could not contact (including pending moon seeds) + Hashtable< Address,std::vector<InetAddress> >::Iterator i(upstreamsToContact); + Address *upstreamAddress = (Address *)0; + std::vector<InetAddress> *upstreamStableEndpoints = (std::vector<InetAddress> *)0; + while (i.next(upstreamAddress,upstreamStableEndpoints)) + RR->sw->requestWhois(*upstreamAddress); + // Update online status, post status change as event const bool oldOnline = _online; _online = (((now - pfunc.lastReceiveFromUpstream) < ZT_PEER_ACTIVITY_TIMEOUT)||(RR->topology->amRoot())); @@ -324,12 +297,6 @@ ZT_ResultCode Node::processBackgroundTasks(uint64_t now,volatile uint64_t *nextB return ZT_RESULT_OK; } -ZT_ResultCode Node::setRelayPolicy(enum ZT_RelayPolicy rp) -{ - _relayPolicy = rp; - return ZT_RESULT_OK; -} - ZT_ResultCode Node::join(uint64_t nwid,void *uptr) { Mutex::Lock _l(_networks_m); @@ -375,6 +342,18 @@ ZT_ResultCode Node::multicastUnsubscribe(uint64_t nwid,uint64_t multicastGroup,u } else return ZT_RESULT_ERROR_NETWORK_NOT_FOUND; } +ZT_ResultCode Node::orbit(uint64_t moonWorldId,uint64_t moonSeed) +{ + RR->topology->addMoon(moonWorldId,Address(moonSeed)); + return ZT_RESULT_OK; +} + +ZT_ResultCode Node::deorbit(uint64_t moonWorldId) +{ + RR->topology->removeMoon(moonWorldId); + return ZT_RESULT_OK; +} + uint64_t Node::address() const { return RR->identity.address().toInt(); @@ -383,8 +362,6 @@ uint64_t Node::address() const void Node::status(ZT_NodeStatus *status) const { status->address = RR->identity.address().toInt(); - status->worldId = RR->topology->worldId(); - status->worldTimestamp = RR->topology->worldTimestamp(); status->publicIdentity = RR->publicIdentityStr.c_str(); status->secretIdentity = RR->secretIdentityStr.c_str(); status->online = _online ? 1 : 0; @@ -405,8 +382,6 @@ ZT_PeerList *Node::peers() const for(std::vector< std::pair< Address,SharedPtr<Peer> > >::iterator pi(peers.begin());pi!=peers.end();++pi) { ZT_Peer *p = &(pl->peers[pl->peerCount++]); p->address = pi->second->address().toInt(); - p->lastUnicastFrame = pi->second->lastUnicastFrame(); - p->lastMulticastFrame = pi->second->lastMulticastFrame(); if (pi->second->remoteVersionKnown()) { p->versionMajor = pi->second->remoteVersionMajor(); p->versionMinor = pi->second->remoteVersionMinor(); @@ -417,7 +392,7 @@ ZT_PeerList *Node::peers() const p->versionRev = -1; } p->latency = pi->second->latency(); - p->role = RR->topology->isRoot(pi->second->identity()) ? ZT_PEER_ROLE_ROOT : ZT_PEER_ROLE_LEAF; + p->role = RR->topology->role(pi->second->identity().address()); std::vector< std::pair< SharedPtr<Path>,bool > > paths(pi->second->paths(_now)); SharedPtr<Path> bestp(pi->second->getBestPath(_now,false)); @@ -426,9 +401,10 @@ ZT_PeerList *Node::peers() const memcpy(&(p->paths[p->pathCount].address),&(path->first->address()),sizeof(struct sockaddr_storage)); p->paths[p->pathCount].lastSend = path->first->lastOut(); p->paths[p->pathCount].lastReceive = path->first->lastIn(); + p->paths[p->pathCount].trustedPathId = RR->topology->getOutboundPathTrust(path->first->address()); + p->paths[p->pathCount].linkQuality = (int)path->first->linkQuality(); p->paths[p->pathCount].expired = path->second; p->paths[p->pathCount].preferred = (path->first == bestp) ? 1 : 0; - p->paths[p->pathCount].trustedPathId = RR->topology->getOutboundPathTrust(path->first->address()); ++p->pathCount; } } @@ -489,9 +465,25 @@ void Node::clearLocalInterfaceAddresses() _directPaths.clear(); } +int Node::sendUserMessage(uint64_t dest,uint64_t typeId,const void *data,unsigned int len) +{ + try { + if (RR->identity.address().toInt() != dest) { + Packet outp(Address(dest),RR->identity.address(),Packet::VERB_USER_MESSAGE); + outp.append(typeId); + outp.append(data,len); + outp.compress(); + RR->sw->send(outp,true); + return 1; + } + } catch ( ... ) {} + return 0; +} + void Node::setNetconfMaster(void *networkControllerInstance) { RR->localNetworkController = reinterpret_cast<NetworkController *>(networkControllerInstance); + RR->localNetworkController->init(RR->identity,this); } ZT_ResultCode Node::circuitTestBegin(ZT_CircuitTest *test,void (*reportCallback)(ZT_Node *,ZT_CircuitTest *,const ZT_CircuitTestReport *)) @@ -630,7 +622,7 @@ std::string Node::dataStoreGet(const char *name) std::string r; unsigned long olen = 0; do { - long n = _dataStoreGetFunction(reinterpret_cast<ZT_Node *>(this),_uPtr,name,buf,sizeof(buf),(unsigned long)r.length(),&olen); + long n = _cb.dataStoreGetFunction(reinterpret_cast<ZT_Node *>(this),_uPtr,name,buf,sizeof(buf),(unsigned long)r.length(),&olen); if (n <= 0) return std::string(); r.append(buf,n); @@ -638,11 +630,14 @@ std::string Node::dataStoreGet(const char *name) return r; } -bool Node::shouldUsePathForZeroTierTraffic(const InetAddress &localAddress,const InetAddress &remoteAddress) +bool Node::shouldUsePathForZeroTierTraffic(const Address &ztaddr,const InetAddress &localAddress,const InetAddress &remoteAddress) { if (!Path::isAddressValidForPath(remoteAddress)) return false; + if (RR->topology->isProhibitedEndpoint(ztaddr,remoteAddress)) + return false; + { Mutex::Lock _l(_networks_m); for(std::vector< std::pair< uint64_t, SharedPtr<Network> > >::const_iterator i=_networks.begin();i!=_networks.end();++i) { @@ -655,9 +650,7 @@ bool Node::shouldUsePathForZeroTierTraffic(const InetAddress &localAddress,const } } - if (_pathCheckFunction) - return (_pathCheckFunction(reinterpret_cast<ZT_Node *>(this),_uPtr,reinterpret_cast<const struct sockaddr_storage *>(&localAddress),reinterpret_cast<const struct sockaddr_storage *>(&remoteAddress)) != 0); - else return true; + return ( (_cb.pathCheckFunction) ? (_cb.pathCheckFunction(reinterpret_cast<ZT_Node *>(this),_uPtr,ztaddr.toInt(),reinterpret_cast<const struct sockaddr_storage *>(&localAddress),reinterpret_cast<const struct sockaddr_storage *>(&remoteAddress)) != 0) : true); } #ifdef ZT_TRACE @@ -695,9 +688,9 @@ void Node::postTrace(const char *module,unsigned int line,const char *fmt,...) uint64_t Node::prng() { - unsigned int p = (++_prngStreamPtr % (sizeof(_prngStream) / sizeof(uint64_t))); + unsigned int p = (++_prngStreamPtr % ZT_NODE_PRNG_BUF_SIZE); if (!p) - _prng.encrypt12(_prngStream,_prngStream,sizeof(_prngStream)); + _prng.crypt12(_prngStream,_prngStream,sizeof(_prngStream)); return _prngStream[p]; } @@ -720,6 +713,120 @@ void Node::setTrustedPaths(const struct sockaddr_storage *networks,const uint64_ RR->topology->setTrustedPaths(reinterpret_cast<const InetAddress *>(networks),ids,count); } +World Node::planet() const +{ + return RR->topology->planet(); +} + +std::vector<World> Node::moons() const +{ + return RR->topology->moons(); +} + +void Node::ncSendConfig(uint64_t nwid,uint64_t requestPacketId,const Address &destination,const NetworkConfig &nc,bool sendLegacyFormatConfig) +{ + if (destination == RR->identity.address()) { + SharedPtr<Network> n(network(nwid)); + if (!n) return; + n->setConfiguration(nc,true); + } else { + Dictionary<ZT_NETWORKCONFIG_DICT_CAPACITY> *dconf = new Dictionary<ZT_NETWORKCONFIG_DICT_CAPACITY>(); + try { + if (nc.toDictionary(*dconf,sendLegacyFormatConfig)) { + uint64_t configUpdateId = prng(); + if (!configUpdateId) ++configUpdateId; + + const unsigned int totalSize = dconf->sizeBytes(); + unsigned int chunkIndex = 0; + while (chunkIndex < totalSize) { + const unsigned int chunkLen = std::min(totalSize - chunkIndex,(unsigned int)(ZT_UDP_DEFAULT_PAYLOAD_MTU - (ZT_PACKET_IDX_PAYLOAD + 256))); + Packet outp(destination,RR->identity.address(),(requestPacketId) ? Packet::VERB_OK : Packet::VERB_NETWORK_CONFIG); + if (requestPacketId) { + outp.append((unsigned char)Packet::VERB_NETWORK_CONFIG_REQUEST); + outp.append(requestPacketId); + } + + const unsigned int sigStart = outp.size(); + outp.append(nwid); + outp.append((uint16_t)chunkLen); + outp.append((const void *)(dconf->data() + chunkIndex),chunkLen); + + outp.append((uint8_t)0); // no flags + outp.append((uint64_t)configUpdateId); + outp.append((uint32_t)totalSize); + outp.append((uint32_t)chunkIndex); + + C25519::Signature sig(RR->identity.sign(reinterpret_cast<const uint8_t *>(outp.data()) + sigStart,outp.size() - sigStart)); + outp.append((uint8_t)1); + outp.append((uint16_t)ZT_C25519_SIGNATURE_LEN); + outp.append(sig.data,ZT_C25519_SIGNATURE_LEN); + + outp.compress(); + RR->sw->send(outp,true); + chunkIndex += chunkLen; + } + } + delete dconf; + } catch ( ... ) { + delete dconf; + throw; + } + } +} + +void Node::ncSendRevocation(const Address &destination,const Revocation &rev) +{ + if (destination == RR->identity.address()) { + SharedPtr<Network> n(network(rev.networkId())); + if (!n) return; + n->addCredential(RR->identity.address(),rev); + } else { + Packet outp(destination,RR->identity.address(),Packet::VERB_NETWORK_CREDENTIALS); + outp.append((uint8_t)0x00); + outp.append((uint16_t)0); + outp.append((uint16_t)0); + outp.append((uint16_t)1); + rev.serialize(outp); + outp.append((uint16_t)0); + RR->sw->send(outp,true); + } +} + +void Node::ncSendError(uint64_t nwid,uint64_t requestPacketId,const Address &destination,NetworkController::ErrorCode errorCode) +{ + if (destination == RR->identity.address()) { + SharedPtr<Network> n(network(nwid)); + if (!n) return; + switch(errorCode) { + case NetworkController::NC_ERROR_OBJECT_NOT_FOUND: + case NetworkController::NC_ERROR_INTERNAL_SERVER_ERROR: + n->setNotFound(); + break; + case NetworkController::NC_ERROR_ACCESS_DENIED: + n->setAccessDenied(); + break; + + default: break; + } + } else if (requestPacketId) { + Packet outp(destination,RR->identity.address(),Packet::VERB_ERROR); + outp.append((unsigned char)Packet::VERB_NETWORK_CONFIG_REQUEST); + outp.append(requestPacketId); + switch(errorCode) { + //case NetworkController::NC_ERROR_OBJECT_NOT_FOUND: + //case NetworkController::NC_ERROR_INTERNAL_SERVER_ERROR: + default: + outp.append((unsigned char)Packet::ERROR_OBJ_NOT_FOUND); + break; + case NetworkController::NC_ERROR_ACCESS_DENIED: + outp.append((unsigned char)Packet::ERROR_NETWORK_ACCESS_DENIED_); + break; + } + outp.append(nwid); + RR->sw->send(outp,true); + } // else we can't send an ERROR() in response to nothing, so discard +} + } // namespace ZeroTier /****************************************************************************/ @@ -728,21 +835,11 @@ void Node::setTrustedPaths(const struct sockaddr_storage *networks,const uint64_ extern "C" { -enum ZT_ResultCode ZT_Node_new( - ZT_Node **node, - void *uptr, - uint64_t now, - ZT_DataStoreGetFunction dataStoreGetFunction, - ZT_DataStorePutFunction dataStorePutFunction, - ZT_WirePacketSendFunction wirePacketSendFunction, - ZT_VirtualNetworkFrameFunction virtualNetworkFrameFunction, - ZT_VirtualNetworkConfigFunction virtualNetworkConfigFunction, - ZT_PathCheckFunction pathCheckFunction, - ZT_EventCallback eventCallback) +enum ZT_ResultCode ZT_Node_new(ZT_Node **node,void *uptr,const struct ZT_Node_Callbacks *callbacks,uint64_t now) { *node = (ZT_Node *)0; try { - *node = reinterpret_cast<ZT_Node *>(new ZeroTier::Node(now,uptr,dataStoreGetFunction,dataStorePutFunction,wirePacketSendFunction,virtualNetworkFrameFunction,virtualNetworkConfigFunction,pathCheckFunction,eventCallback)); + *node = reinterpret_cast<ZT_Node *>(new ZeroTier::Node(uptr,callbacks,now)); return ZT_RESULT_OK; } catch (std::bad_alloc &exc) { return ZT_RESULT_FATAL_ERROR_OUT_OF_MEMORY; @@ -810,15 +907,6 @@ enum ZT_ResultCode ZT_Node_processBackgroundTasks(ZT_Node *node,uint64_t now,vol } } -enum ZT_ResultCode ZT_Node_setRelayPolicy(ZT_Node *node,enum ZT_RelayPolicy rp) -{ - try { - return reinterpret_cast<ZeroTier::Node *>(node)->setRelayPolicy(rp); - } catch ( ... ) { - return ZT_RESULT_FATAL_ERROR_INTERNAL; - } -} - enum ZT_ResultCode ZT_Node_join(ZT_Node *node,uint64_t nwid,void *uptr) { try { @@ -863,6 +951,24 @@ enum ZT_ResultCode ZT_Node_multicastUnsubscribe(ZT_Node *node,uint64_t nwid,uint } } +enum ZT_ResultCode ZT_Node_orbit(ZT_Node *node,uint64_t moonWorldId,uint64_t moonSeed) +{ + try { + return reinterpret_cast<ZeroTier::Node *>(node)->orbit(moonWorldId,moonSeed); + } catch ( ... ) { + return ZT_RESULT_FATAL_ERROR_INTERNAL; + } +} + +ZT_ResultCode ZT_Node_deorbit(ZT_Node *node,uint64_t moonWorldId) +{ + try { + return reinterpret_cast<ZeroTier::Node *>(node)->deorbit(moonWorldId); + } catch ( ... ) { + return ZT_RESULT_FATAL_ERROR_INTERNAL; + } +} + uint64_t ZT_Node_address(ZT_Node *node) { return reinterpret_cast<ZeroTier::Node *>(node)->address(); @@ -925,6 +1031,15 @@ void ZT_Node_clearLocalInterfaceAddresses(ZT_Node *node) } catch ( ... ) {} } +int ZT_Node_sendUserMessage(ZT_Node *node,uint64_t dest,uint64_t typeId,const void *data,unsigned int len) +{ + try { + return reinterpret_cast<ZeroTier::Node *>(node)->sendUserMessage(dest,typeId,data,len); + } catch ( ... ) { + return 0; + } +} + void ZT_Node_setNetconfMaster(ZT_Node *node,void *networkControllerInstance) { try { diff --git a/node/Node.hpp b/node/Node.hpp index 11462531..21eac617 100644 --- a/node/Node.hpp +++ b/node/Node.hpp @@ -24,6 +24,7 @@ #include <string.h> #include <map> +#include <vector> #include "Constants.hpp" @@ -36,6 +37,7 @@ #include "Network.hpp" #include "Path.hpp" #include "Salsa20.hpp" +#include "NetworkController.hpp" #undef TRACE #ifdef ZT_TRACE @@ -48,28 +50,29 @@ #define ZT_EXPECTING_REPLIES_BUCKET_MASK1 255 #define ZT_EXPECTING_REPLIES_BUCKET_MASK2 31 +// Size of PRNG stream buffer +#define ZT_NODE_PRNG_BUF_SIZE 64 + namespace ZeroTier { +class World; + /** * Implementation of Node object as defined in CAPI * * The pointer returned by ZT_Node_new() is an instance of this class. */ -class Node +class Node : public NetworkController::Sender { public: - Node( - uint64_t now, - void *uptr, - ZT_DataStoreGetFunction dataStoreGetFunction, - ZT_DataStorePutFunction dataStorePutFunction, - ZT_WirePacketSendFunction wirePacketSendFunction, - ZT_VirtualNetworkFrameFunction virtualNetworkFrameFunction, - ZT_VirtualNetworkConfigFunction virtualNetworkConfigFunction, - ZT_PathCheckFunction pathCheckFunction, - ZT_EventCallback eventCallback); + Node(void *uptr,const struct ZT_Node_Callbacks *callbacks,uint64_t now); + virtual ~Node(); - ~Node(); + // Get rid of alignment warnings on 32-bit Windows and possibly improve performance +#ifdef __WINDOWS__ + void * operator new(size_t i) { return _mm_malloc(i,16); } + void operator delete(void* p) { _mm_free(p); } +#endif // Public API Functions ---------------------------------------------------- @@ -91,11 +94,12 @@ public: unsigned int frameLength, volatile uint64_t *nextBackgroundTaskDeadline); ZT_ResultCode processBackgroundTasks(uint64_t now,volatile uint64_t *nextBackgroundTaskDeadline); - ZT_ResultCode setRelayPolicy(enum ZT_RelayPolicy rp); ZT_ResultCode join(uint64_t nwid,void *uptr); ZT_ResultCode leave(uint64_t nwid,void **uptr); ZT_ResultCode multicastSubscribe(uint64_t nwid,uint64_t multicastGroup,unsigned long multicastAdi); ZT_ResultCode multicastUnsubscribe(uint64_t nwid,uint64_t multicastGroup,unsigned long multicastAdi); + ZT_ResultCode orbit(uint64_t moonWorldId,uint64_t moonSeed); + ZT_ResultCode deorbit(uint64_t moonWorldId); uint64_t address() const; void status(ZT_NodeStatus *status) const; ZT_PeerList *peers() const; @@ -104,6 +108,7 @@ public: void freeQueryResult(void *qr); int addLocalInterfaceAddress(const struct sockaddr_storage *addr); void clearLocalInterfaceAddresses(); + int sendUserMessage(uint64_t dest,uint64_t typeId,const void *data,unsigned int len); void setNetconfMaster(void *networkControllerInstance); ZT_ResultCode circuitTestBegin(ZT_CircuitTest *test,void (*reportCallback)(ZT_Node *,ZT_CircuitTest *,const ZT_CircuitTestReport *)); void circuitTestEnd(ZT_CircuitTest *test); @@ -125,24 +130,11 @@ public: // Internal functions ------------------------------------------------------ - /** - * @return Time as of last call to run() - */ inline uint64_t now() const throw() { return _now; } - /** - * Enqueue a ZeroTier message to be sent - * - * @param localAddress Local address - * @param addr Destination address - * @param data Packet data - * @param len Packet length - * @param ttl Desired TTL (default: 0 for unchanged/default TTL) - * @return True if packet appears to have been sent - */ inline bool putPacket(const InetAddress &localAddress,const InetAddress &addr,const void *data,unsigned int len,unsigned int ttl = 0) { - return (_wirePacketSendFunction( + return (_cb.wirePacketSendFunction( reinterpret_cast<ZT_Node *>(this), _uPtr, reinterpret_cast<const struct sockaddr_storage *>(&localAddress), @@ -152,21 +144,9 @@ public: ttl) == 0); } - /** - * Enqueue a frame to be injected into a tap device (port) - * - * @param nwid Network ID - * @param nuptr Network user ptr - * @param source Source MAC - * @param dest Destination MAC - * @param etherType 16-bit ethernet type - * @param vlanId VLAN ID or 0 if none - * @param data Frame data - * @param len Frame length - */ inline void putFrame(uint64_t nwid,void **nuptr,const MAC &source,const MAC &dest,unsigned int etherType,unsigned int vlanId,const void *data,unsigned int len) { - _virtualNetworkFrameFunction( + _cb.virtualNetworkFrameFunction( reinterpret_cast<ZT_Node *>(this), _uPtr, nwid, @@ -179,13 +159,6 @@ public: len); } - /** - * @param localAddress Local address - * @param remoteAddress Remote address - * @return True if path should be used - */ - bool shouldUsePathForZeroTierTraffic(const InetAddress &localAddress,const InetAddress &remoteAddress); - inline SharedPtr<Network> network(uint64_t nwid) const { Mutex::Lock _l(_networks_m); @@ -212,76 +185,95 @@ public: return nw; } - /** - * @return Potential direct paths to me a.k.a. local interface addresses - */ inline std::vector<InetAddress> directPaths() const { Mutex::Lock _l(_directPaths_m); return _directPaths; } - inline bool dataStorePut(const char *name,const void *data,unsigned int len,bool secure) { return (_dataStorePutFunction(reinterpret_cast<ZT_Node *>(this),_uPtr,name,data,len,(int)secure) == 0); } + inline bool dataStorePut(const char *name,const void *data,unsigned int len,bool secure) { return (_cb.dataStorePutFunction(reinterpret_cast<ZT_Node *>(this),_uPtr,name,data,len,(int)secure) == 0); } inline bool dataStorePut(const char *name,const std::string &data,bool secure) { return dataStorePut(name,(const void *)data.data(),(unsigned int)data.length(),secure); } - inline void dataStoreDelete(const char *name) { _dataStorePutFunction(reinterpret_cast<ZT_Node *>(this),_uPtr,name,(const void *)0,0,0); } + inline void dataStoreDelete(const char *name) { _cb.dataStorePutFunction(reinterpret_cast<ZT_Node *>(this),_uPtr,name,(const void *)0,0,0); } std::string dataStoreGet(const char *name); - /** - * Post an event to the external user - * - * @param ev Event type - * @param md Meta-data (default: NULL/none) - */ - inline void postEvent(ZT_Event ev,const void *md = (const void *)0) { _eventCallback(reinterpret_cast<ZT_Node *>(this),_uPtr,ev,md); } + inline void postEvent(ZT_Event ev,const void *md = (const void *)0) { _cb.eventCallback(reinterpret_cast<ZT_Node *>(this),_uPtr,ev,md); } - /** - * Update virtual network port configuration - * - * @param nwid Network ID - * @param nuptr Network user ptr - * @param op Configuration operation - * @param nc Network configuration - */ - inline int configureVirtualNetworkPort(uint64_t nwid,void **nuptr,ZT_VirtualNetworkConfigOperation op,const ZT_VirtualNetworkConfig *nc) { return _virtualNetworkConfigFunction(reinterpret_cast<ZT_Node *>(this),_uPtr,nwid,nuptr,op,nc); } + inline int configureVirtualNetworkPort(uint64_t nwid,void **nuptr,ZT_VirtualNetworkConfigOperation op,const ZT_VirtualNetworkConfig *nc) { return _cb.virtualNetworkConfigFunction(reinterpret_cast<ZT_Node *>(this),_uPtr,nwid,nuptr,op,nc); } inline bool online() const throw() { return _online; } - inline ZT_RelayPolicy relayPolicy() const { return _relayPolicy; } #ifdef ZT_TRACE void postTrace(const char *module,unsigned int line,const char *fmt,...); #endif + bool shouldUsePathForZeroTierTraffic(const Address &ztaddr,const InetAddress &localAddress,const InetAddress &remoteAddress); + inline bool externalPathLookup(const Address &ztaddr,int family,InetAddress &addr) { return ( (_cb.pathLookupFunction) ? (_cb.pathLookupFunction(reinterpret_cast<ZT_Node *>(this),_uPtr,ztaddr.toInt(),family,reinterpret_cast<struct sockaddr_storage *>(&addr)) != 0) : false ); } + uint64_t prng(); void postCircuitTestReport(const ZT_CircuitTestReport *report); void setTrustedPaths(const struct sockaddr_storage *networks,const uint64_t *ids,unsigned int count); + World planet() const; + std::vector<World> moons() const; + /** * Register that we are expecting a reply to a packet ID * + * This only uses the most significant bits of the packet ID, both to save space + * and to avoid using the higher bits that can be modified during armor() to + * mask against the packet send counter used for QoS detection. + * * @param packetId Packet ID to expect reply to */ inline void expectReplyTo(const uint64_t packetId) { - const unsigned long bucket = (unsigned long)(packetId & ZT_EXPECTING_REPLIES_BUCKET_MASK1); - _expectingRepliesTo[bucket][_expectingRepliesToBucketPtr[bucket]++ & ZT_EXPECTING_REPLIES_BUCKET_MASK2] = packetId; + const unsigned long pid2 = (unsigned long)(packetId >> 32); + const unsigned long bucket = (unsigned long)(pid2 & ZT_EXPECTING_REPLIES_BUCKET_MASK1); + _expectingRepliesTo[bucket][_expectingRepliesToBucketPtr[bucket]++ & ZT_EXPECTING_REPLIES_BUCKET_MASK2] = (uint32_t)pid2; } /** * Check whether a given packet ID is something we are expecting a reply to * + * This only uses the most significant bits of the packet ID, both to save space + * and to avoid using the higher bits that can be modified during armor() to + * mask against the packet send counter used for QoS detection. + * * @param packetId Packet ID to check * @return True if we're expecting a reply */ inline bool expectingReplyTo(const uint64_t packetId) const { - const unsigned long bucket = (unsigned long)(packetId & ZT_EXPECTING_REPLIES_BUCKET_MASK1); + const uint32_t pid2 = (uint32_t)(packetId >> 32); + const unsigned long bucket = (unsigned long)(pid2 & ZT_EXPECTING_REPLIES_BUCKET_MASK1); for(unsigned long i=0;i<=ZT_EXPECTING_REPLIES_BUCKET_MASK2;++i) { - if (_expectingRepliesTo[bucket][i] == packetId) + if (_expectingRepliesTo[bucket][i] == pid2) return true; } return false; } + /** + * Check whether we should do potentially expensive identity verification (rate limit) + * + * @param now Current time + * @param from Source address of packet + * @return True if within rate limits + */ + inline bool rateGateIdentityVerification(const uint64_t now,const InetAddress &from) + { + unsigned long iph = from.rateGateHash(); + if ((now - _lastIdentityVerification[iph]) >= ZT_IDENTITY_VALIDATION_SOURCE_RATE_LIMIT) { + _lastIdentityVerification[iph] = now; + return true; + } + return false; + } + + virtual void ncSendConfig(uint64_t nwid,uint64_t requestPacketId,const Address &destination,const NetworkConfig &nc,bool sendLegacyFormatConfig); + virtual void ncSendRevocation(const Address &destination,const Revocation &rev); + virtual void ncSendError(uint64_t nwid,uint64_t requestPacketId,const Address &destination,NetworkController::ErrorCode errorCode); + private: inline SharedPtr<Network> _network(uint64_t nwid) const { @@ -295,19 +287,15 @@ private: RuntimeEnvironment _RR; RuntimeEnvironment *RR; - void *_uPtr; // _uptr (lower case) is reserved in Visual Studio :P + ZT_Node_Callbacks _cb; + // For tracking packet IDs to filter out OK/ERROR replies to packets we did not send uint8_t _expectingRepliesToBucketPtr[ZT_EXPECTING_REPLIES_BUCKET_MASK1 + 1]; - uint64_t _expectingRepliesTo[ZT_EXPECTING_REPLIES_BUCKET_MASK1 + 1][ZT_EXPECTING_REPLIES_BUCKET_MASK2 + 1]; + uint32_t _expectingRepliesTo[ZT_EXPECTING_REPLIES_BUCKET_MASK1 + 1][ZT_EXPECTING_REPLIES_BUCKET_MASK2 + 1]; - ZT_DataStoreGetFunction _dataStoreGetFunction; - ZT_DataStorePutFunction _dataStorePutFunction; - ZT_WirePacketSendFunction _wirePacketSendFunction; - ZT_VirtualNetworkFrameFunction _virtualNetworkFrameFunction; - ZT_VirtualNetworkConfigFunction _virtualNetworkConfigFunction; - ZT_PathCheckFunction _pathCheckFunction; - ZT_EventCallback _eventCallback; + // Time of last identity verification indexed by InetAddress.rateGateHash() -- used in IncomingPacket::_doHELLO() via rateGateIdentityVerification() + uint64_t _lastIdentityVerification[16384]; std::vector< std::pair< uint64_t, SharedPtr<Network> > > _networks; Mutex _networks_m; @@ -322,12 +310,11 @@ private: unsigned int _prngStreamPtr; Salsa20 _prng; - uint64_t _prngStream[16]; // repeatedly encrypted with _prng to yield a high-quality non-crypto PRNG stream + uint64_t _prngStream[ZT_NODE_PRNG_BUF_SIZE]; // repeatedly encrypted with _prng to yield a high-quality non-crypto PRNG stream uint64_t _now; uint64_t _lastPingCheck; uint64_t _lastHousekeepingRun; - ZT_RelayPolicy _relayPolicy; bool _online; }; diff --git a/node/OutboundMulticast.cpp b/node/OutboundMulticast.cpp index 2f6bf986..36dc41f4 100644 --- a/node/OutboundMulticast.cpp +++ b/node/OutboundMulticast.cpp @@ -88,7 +88,7 @@ void OutboundMulticast::init( void OutboundMulticast::sendOnly(const RuntimeEnvironment *RR,const Address &toAddr) { const SharedPtr<Network> nw(RR->node->network(_nwid)); - Address toAddr2(toAddr); + const Address toAddr2(toAddr); if ((nw)&&(nw->filterOutgoingPacket(true,RR->identity.address(),toAddr2,_macSrc,_macDest,_frameData,_frameLen,_etherType,0))) { //TRACE(">>MC %.16llx -> %s",(unsigned long long)this,toAddr.toString().c_str()); _packet.newInitializationVector(); diff --git a/node/Packet.cpp b/node/Packet.cpp index 3b8e1387..82a5d7ea 100644 --- a/node/Packet.cpp +++ b/node/Packet.cpp @@ -16,16 +16,1918 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ +#include <stdint.h> +#include <stddef.h> +#include <string.h> +#include <stdlib.h> +#include <stdio.h> + #include "Packet.hpp" +#ifdef _MSC_VER +#define FORCE_INLINE static __forceinline +#include <intrin.h> +#pragma warning(disable : 4127) /* disable: C4127: conditional expression is constant */ +#pragma warning(disable : 4293) /* disable: C4293: too large shift (32-bits) */ +#else +#define FORCE_INLINE static inline +#endif + namespace ZeroTier { +/************************************************************************** */ +/************************************************************************** */ + +/* LZ4 is shipped encapsulated into Packet in an anonymous namespace. + * + * We're doing this as a deliberate workaround for various Linux distribution + * policies that forbid static linking of support libraries. + * + * The reason is that relying on distribution versions of LZ4 has been too + * big a source of bugs and compatibility issues. The LZ4 API is not stable + * enough across versions, and dependency hell ensues. So fark it. */ + +/* Needless to say the code in this anonymous namespace should be considered + * BSD 2-clause licensed. */ + +namespace { + +/* lz4.h ------------------------------------------------------------------ */ + +/* + * LZ4 - Fast LZ compression algorithm + * Header File + * Copyright (C) 2011-2016, Yann Collet. + + BSD 2-Clause License (http://www.opensource.org/licenses/bsd-license.php) + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are + met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above + copyright notice, this list of conditions and the following disclaimer + in the documentation and/or other materials provided with the + distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + You can contact the author at : + - LZ4 homepage : http://www.lz4.org + - LZ4 source repository : https://github.com/lz4/lz4 +*/ + +/* --- Dependency --- */ +//#include <stddef.h> /* size_t */ + +/** + Introduction + + LZ4 is lossless compression algorithm, providing compression speed at 400 MB/s per core, + scalable with multi-cores CPU. It features an extremely fast decoder, with speed in + multiple GB/s per core, typically reaching RAM speed limits on multi-core systems. + + The LZ4 compression library provides in-memory compression and decompression functions. + Compression can be done in: + - a single step (described as Simple Functions) + - a single step, reusing a context (described in Advanced Functions) + - unbounded multiple steps (described as Streaming compression) + + lz4.h provides block compression functions. It gives full buffer control to user. + Decompressing an lz4-compressed block also requires metadata (such as compressed size). + Each application is free to encode such metadata in whichever way it wants. + + An additional format, called LZ4 frame specification (doc/lz4_Frame_format.md), + take care of encoding standard metadata alongside LZ4-compressed blocks. + If your application requires interoperability, it's recommended to use it. + A library is provided to take care of it, see lz4frame.h. +*/ + +/*^*************************************************************** +* Export parameters +*****************************************************************/ +/* +* LZ4_DLL_EXPORT : +* Enable exporting of functions when building a Windows DLL +*/ +#if defined(LZ4_DLL_EXPORT) && (LZ4_DLL_EXPORT==1) +# define LZ4LIB_API __declspec(dllexport) +#elif defined(LZ4_DLL_IMPORT) && (LZ4_DLL_IMPORT==1) +# define LZ4LIB_API __declspec(dllimport) /* It isn't required but allows to generate better code, saving a function pointer load from the IAT and an indirect jump.*/ +#else +# define LZ4LIB_API +#endif + + +/*========== Version =========== */ +#define LZ4_VERSION_MAJOR 1 /* for breaking interface changes */ +#define LZ4_VERSION_MINOR 7 /* for new (non-breaking) interface capabilities */ +#define LZ4_VERSION_RELEASE 5 /* for tweaks, bug-fixes, or development */ + +#define LZ4_VERSION_NUMBER (LZ4_VERSION_MAJOR *100*100 + LZ4_VERSION_MINOR *100 + LZ4_VERSION_RELEASE) + +#define LZ4_LIB_VERSION LZ4_VERSION_MAJOR.LZ4_VERSION_MINOR.LZ4_VERSION_RELEASE +#define LZ4_QUOTE(str) #str +#define LZ4_EXPAND_AND_QUOTE(str) LZ4_QUOTE(str) +#define LZ4_VERSION_STRING LZ4_EXPAND_AND_QUOTE(LZ4_LIB_VERSION) + +//LZ4LIB_API int LZ4_versionNumber (void); +//LZ4LIB_API const char* LZ4_versionString (void); + + +/*-************************************ +* Tuning parameter +**************************************/ +/*! + * LZ4_MEMORY_USAGE : + * Memory usage formula : N->2^N Bytes (examples : 10 -> 1KB; 12 -> 4KB ; 16 -> 64KB; 20 -> 1MB; etc.) + * Increasing memory usage improves compression ratio + * Reduced memory usage can improve speed, due to cache effect + * Default value is 14, for 16KB, which nicely fits into Intel x86 L1 cache + */ +#define LZ4_MEMORY_USAGE 14 + + +/*-************************************ +* Simple Functions +**************************************/ +/*! LZ4_compress_default() : + Compresses 'sourceSize' bytes from buffer 'source' + into already allocated 'dest' buffer of size 'maxDestSize'. + Compression is guaranteed to succeed if 'maxDestSize' >= LZ4_compressBound(sourceSize). + It also runs faster, so it's a recommended setting. + If the function cannot compress 'source' into a more limited 'dest' budget, + compression stops *immediately*, and the function result is zero. + As a consequence, 'dest' content is not valid. + This function never writes outside 'dest' buffer, nor read outside 'source' buffer. + sourceSize : Max supported value is LZ4_MAX_INPUT_VALUE + maxDestSize : full or partial size of buffer 'dest' (which must be already allocated) + return : the number of bytes written into buffer 'dest' (necessarily <= maxOutputSize) + or 0 if compression fails */ +//LZ4LIB_API int LZ4_compress_default(const char* source, char* dest, int sourceSize, int maxDestSize); + +/*! LZ4_decompress_safe() : + compressedSize : is the precise full size of the compressed block. + maxDecompressedSize : is the size of destination buffer, which must be already allocated. + return : the number of bytes decompressed into destination buffer (necessarily <= maxDecompressedSize) + If destination buffer is not large enough, decoding will stop and output an error code (<0). + If the source stream is detected malformed, the function will stop decoding and return a negative result. + This function is protected against buffer overflow exploits, including malicious data packets. + It never writes outside output buffer, nor reads outside input buffer. +*/ +LZ4LIB_API int LZ4_decompress_safe (const char* source, char* dest, int compressedSize, int maxDecompressedSize); + + +/*-************************************ +* Advanced Functions +**************************************/ +#define LZ4_MAX_INPUT_SIZE 0x7E000000 /* 2 113 929 216 bytes */ +#define LZ4_COMPRESSBOUND(isize) ((unsigned)(isize) > (unsigned)LZ4_MAX_INPUT_SIZE ? 0 : (isize) + ((isize)/255) + 16) + +/*! +LZ4_compressBound() : + Provides the maximum size that LZ4 compression may output in a "worst case" scenario (input data not compressible) + This function is primarily useful for memory allocation purposes (destination buffer size). + Macro LZ4_COMPRESSBOUND() is also provided for compilation-time evaluation (stack memory allocation for example). + Note that LZ4_compress_default() compress faster when dest buffer size is >= LZ4_compressBound(srcSize) + inputSize : max supported value is LZ4_MAX_INPUT_SIZE + return : maximum output size in a "worst case" scenario + or 0, if input size is too large ( > LZ4_MAX_INPUT_SIZE) +*/ +LZ4LIB_API int LZ4_compressBound(int inputSize); + +/*! +LZ4_compress_fast() : + Same as LZ4_compress_default(), but allows to select an "acceleration" factor. + The larger the acceleration value, the faster the algorithm, but also the lesser the compression. + It's a trade-off. It can be fine tuned, with each successive value providing roughly +~3% to speed. + An acceleration value of "1" is the same as regular LZ4_compress_default() + Values <= 0 will be replaced by ACCELERATION_DEFAULT (see lz4.c), which is 1. +*/ +LZ4LIB_API int LZ4_compress_fast (const char* source, char* dest, int sourceSize, int maxDestSize, int acceleration); + + +/*! +LZ4_compress_fast_extState() : + Same compression function, just using an externally allocated memory space to store compression state. + Use LZ4_sizeofState() to know how much memory must be allocated, + and allocate it on 8-bytes boundaries (using malloc() typically). + Then, provide it as 'void* state' to compression function. +*/ +//LZ4LIB_API int LZ4_sizeofState(void); +LZ4LIB_API int LZ4_compress_fast_extState (void* state, const char* source, char* dest, int inputSize, int maxDestSize, int acceleration); + + +/*! +LZ4_compress_destSize() : + Reverse the logic, by compressing as much data as possible from 'source' buffer + into already allocated buffer 'dest' of size 'targetDestSize'. + This function either compresses the entire 'source' content into 'dest' if it's large enough, + or fill 'dest' buffer completely with as much data as possible from 'source'. + *sourceSizePtr : will be modified to indicate how many bytes where read from 'source' to fill 'dest'. + New value is necessarily <= old value. + return : Nb bytes written into 'dest' (necessarily <= targetDestSize) + or 0 if compression fails +*/ +//LZ4LIB_API int LZ4_compress_destSize (const char* source, char* dest, int* sourceSizePtr, int targetDestSize); + + +/*! +LZ4_decompress_fast() : + originalSize : is the original and therefore uncompressed size + return : the number of bytes read from the source buffer (in other words, the compressed size) + If the source stream is detected malformed, the function will stop decoding and return a negative result. + Destination buffer must be already allocated. Its size must be a minimum of 'originalSize' bytes. + note : This function fully respect memory boundaries for properly formed compressed data. + It is a bit faster than LZ4_decompress_safe(). + However, it does not provide any protection against intentionally modified data stream (malicious input). + Use this function in trusted environment only (data to decode comes from a trusted source). +*/ +//LZ4LIB_API int LZ4_decompress_fast (const char* source, char* dest, int originalSize); + +/*! +LZ4_decompress_safe_partial() : + This function decompress a compressed block of size 'compressedSize' at position 'source' + into destination buffer 'dest' of size 'maxDecompressedSize'. + The function tries to stop decompressing operation as soon as 'targetOutputSize' has been reached, + reducing decompression time. + return : the number of bytes decoded in the destination buffer (necessarily <= maxDecompressedSize) + Note : this number can be < 'targetOutputSize' should the compressed block to decode be smaller. + Always control how many bytes were decoded. + If the source stream is detected malformed, the function will stop decoding and return a negative result. + This function never writes outside of output buffer, and never reads outside of input buffer. It is therefore protected against malicious data packets +*/ +//LZ4LIB_API int LZ4_decompress_safe_partial (const char* source, char* dest, int compressedSize, int targetOutputSize, int maxDecompressedSize); + + +/*-********************************************* +* Streaming Compression Functions +***********************************************/ +typedef union LZ4_stream_u LZ4_stream_t; /* incomplete type (defined later) */ + +/*! LZ4_createStream() and LZ4_freeStream() : + * LZ4_createStream() will allocate and initialize an `LZ4_stream_t` structure. + * LZ4_freeStream() releases its memory. + */ +//LZ4LIB_API LZ4_stream_t* LZ4_createStream(void); +//LZ4LIB_API int LZ4_freeStream (LZ4_stream_t* streamPtr); + +/*! LZ4_resetStream() : + * An LZ4_stream_t structure can be allocated once and re-used multiple times. + * Use this function to init an allocated `LZ4_stream_t` structure and start a new compression. + */ +LZ4LIB_API void LZ4_resetStream (LZ4_stream_t* streamPtr); + +/*! LZ4_loadDict() : + * Use this function to load a static dictionary into LZ4_stream. + * Any previous data will be forgotten, only 'dictionary' will remain in memory. + * Loading a size of 0 is allowed. + * Return : dictionary size, in bytes (necessarily <= 64 KB) + */ +//LZ4LIB_API int LZ4_loadDict (LZ4_stream_t* streamPtr, const char* dictionary, int dictSize); + +/*! LZ4_compress_fast_continue() : + * Compress buffer content 'src', using data from previously compressed blocks as dictionary to improve compression ratio. + * Important : Previous data blocks are assumed to still be present and unmodified ! + * 'dst' buffer must be already allocated. + * If maxDstSize >= LZ4_compressBound(srcSize), compression is guaranteed to succeed, and runs faster. + * If not, and if compressed data cannot fit into 'dst' buffer size, compression stops, and function returns a zero. + */ +//LZ4LIB_API int LZ4_compress_fast_continue (LZ4_stream_t* streamPtr, const char* src, char* dst, int srcSize, int maxDstSize, int acceleration); + +/*! LZ4_saveDict() : + * If previously compressed data block is not guaranteed to remain available at its memory location, + * save it into a safer place (char* safeBuffer). + * Note : you don't need to call LZ4_loadDict() afterwards, + * dictionary is immediately usable, you can therefore call LZ4_compress_fast_continue(). + * Return : saved dictionary size in bytes (necessarily <= dictSize), or 0 if error. + */ +//LZ4LIB_API int LZ4_saveDict (LZ4_stream_t* streamPtr, char* safeBuffer, int dictSize); + + +/*-********************************************** +* Streaming Decompression Functions +* Bufferless synchronous API +************************************************/ +typedef union LZ4_streamDecode_u LZ4_streamDecode_t; /* incomplete type (defined later) */ + +/* creation / destruction of streaming decompression tracking structure */ +//LZ4LIB_API LZ4_streamDecode_t* LZ4_createStreamDecode(void); +//LZ4LIB_API int LZ4_freeStreamDecode (LZ4_streamDecode_t* LZ4_stream); + +/*! LZ4_setStreamDecode() : + * Use this function to instruct where to find the dictionary. + * Setting a size of 0 is allowed (same effect as reset). + * @return : 1 if OK, 0 if error + */ +//LZ4LIB_API int LZ4_setStreamDecode (LZ4_streamDecode_t* LZ4_streamDecode, const char* dictionary, int dictSize); + +/*! +LZ4_decompress_*_continue() : + These decoding functions allow decompression of multiple blocks in "streaming" mode. + Previously decoded blocks *must* remain available at the memory position where they were decoded (up to 64 KB) + In the case of a ring buffers, decoding buffer must be either : + - Exactly same size as encoding buffer, with same update rule (block boundaries at same positions) + In which case, the decoding & encoding ring buffer can have any size, including very small ones ( < 64 KB). + - Larger than encoding buffer, by a minimum of maxBlockSize more bytes. + maxBlockSize is implementation dependent. It's the maximum size you intend to compress into a single block. + In which case, encoding and decoding buffers do not need to be synchronized, + and encoding ring buffer can have any size, including small ones ( < 64 KB). + - _At least_ 64 KB + 8 bytes + maxBlockSize. + In which case, encoding and decoding buffers do not need to be synchronized, + and encoding ring buffer can have any size, including larger than decoding buffer. + Whenever these conditions are not possible, save the last 64KB of decoded data into a safe buffer, + and indicate where it is saved using LZ4_setStreamDecode() +*/ +//LZ4LIB_API int LZ4_decompress_safe_continue (LZ4_streamDecode_t* LZ4_streamDecode, const char* source, char* dest, int compressedSize, int maxDecompressedSize); +//LZ4LIB_API int LZ4_decompress_fast_continue (LZ4_streamDecode_t* LZ4_streamDecode, const char* source, char* dest, int originalSize); + + +/*! LZ4_decompress_*_usingDict() : + * These decoding functions work the same as + * a combination of LZ4_setStreamDecode() followed by LZ4_decompress_*_continue() + * They are stand-alone, and don't need an LZ4_streamDecode_t structure. + */ +//LZ4LIB_API int LZ4_decompress_safe_usingDict (const char* source, char* dest, int compressedSize, int maxDecompressedSize, const char* dictStart, int dictSize); +//LZ4LIB_API int LZ4_decompress_fast_usingDict (const char* source, char* dest, int originalSize, const char* dictStart, int dictSize); + + +/*^********************************************** + * !!!!!! STATIC LINKING ONLY !!!!!! + ***********************************************/ +/*-************************************ + * Private definitions + ************************************** + * Do not use these definitions. + * They are exposed to allow static allocation of `LZ4_stream_t` and `LZ4_streamDecode_t`. + * Using these definitions will expose code to API and/or ABI break in future versions of the library. + **************************************/ +#define LZ4_HASHLOG (LZ4_MEMORY_USAGE-2) +#define LZ4_HASHTABLESIZE (1 << LZ4_MEMORY_USAGE) +#define LZ4_HASH_SIZE_U32 (1 << LZ4_HASHLOG) /* required as macro for static allocation */ + +#if defined(__cplusplus) || (defined (__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L) /* C99 */) +//#include <stdint.h> + +typedef struct { + uint32_t hashTable[LZ4_HASH_SIZE_U32]; + uint32_t currentOffset; + uint32_t initCheck; + const uint8_t* dictionary; + uint8_t* bufferStart; /* obsolete, used for slideInputBuffer */ + uint32_t dictSize; +} LZ4_stream_t_internal; + +typedef struct { + const uint8_t* externalDict; + size_t extDictSize; + const uint8_t* prefixEnd; + size_t prefixSize; +} LZ4_streamDecode_t_internal; + +#else + +typedef struct { + unsigned int hashTable[LZ4_HASH_SIZE_U32]; + unsigned int currentOffset; + unsigned int initCheck; + const unsigned char* dictionary; + unsigned char* bufferStart; /* obsolete, used for slideInputBuffer */ + unsigned int dictSize; +} LZ4_stream_t_internal; + +typedef struct { + const unsigned char* externalDict; + size_t extDictSize; + const unsigned char* prefixEnd; + size_t prefixSize; +} LZ4_streamDecode_t_internal; + +#endif + +/*! + * LZ4_stream_t : + * information structure to track an LZ4 stream. + * init this structure before first use. + * note : only use in association with static linking ! + * this definition is not API/ABI safe, + * and may change in a future version ! + */ +#define LZ4_STREAMSIZE_U64 ((1 << (LZ4_MEMORY_USAGE-3)) + 4) +#define LZ4_STREAMSIZE (LZ4_STREAMSIZE_U64 * sizeof(unsigned long long)) +union LZ4_stream_u { + unsigned long long table[LZ4_STREAMSIZE_U64]; + LZ4_stream_t_internal internal_donotuse; +} ; /* previously typedef'd to LZ4_stream_t */ + + +/*! + * LZ4_streamDecode_t : + * information structure to track an LZ4 stream during decompression. + * init this structure using LZ4_setStreamDecode (or memset()) before first use + * note : only use in association with static linking ! + * this definition is not API/ABI safe, + * and may change in a future version ! + */ +#define LZ4_STREAMDECODESIZE_U64 4 +#define LZ4_STREAMDECODESIZE (LZ4_STREAMDECODESIZE_U64 * sizeof(unsigned long long)) +union LZ4_streamDecode_u { + unsigned long long table[LZ4_STREAMDECODESIZE_U64]; + LZ4_streamDecode_t_internal internal_donotuse; +} ; /* previously typedef'd to LZ4_streamDecode_t */ + +/* lz4.c ------------------------------------------------------------------ */ + +/* + LZ4 - Fast LZ compression algorithm + Copyright (C) 2011-2016, Yann Collet. + + BSD 2-Clause License (http://www.opensource.org/licenses/bsd-license.php) + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are + met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above + copyright notice, this list of conditions and the following disclaimer + in the documentation and/or other materials provided with the + distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + You can contact the author at : + - LZ4 homepage : http://www.lz4.org + - LZ4 source repository : https://github.com/lz4/lz4 +*/ + + +/*-************************************ +* Tuning parameters +**************************************/ +/* + * HEAPMODE : + * Select how default compression functions will allocate memory for their hash table, + * in memory stack (0:default, fastest), or in memory heap (1:requires malloc()). + */ +#ifndef HEAPMODE +# define HEAPMODE 0 +#endif + +/* + * ACCELERATION_DEFAULT : + * Select "acceleration" for LZ4_compress_fast() when parameter value <= 0 + */ +#define ACCELERATION_DEFAULT 1 + + +/*-************************************ +* CPU Feature Detection +**************************************/ +/* LZ4_FORCE_MEMORY_ACCESS + * By default, access to unaligned memory is controlled by `memcpy()`, which is safe and portable. + * Unfortunately, on some target/compiler combinations, the generated assembly is sub-optimal. + * The below switch allow to select different access method for improved performance. + * Method 0 (default) : use `memcpy()`. Safe and portable. + * Method 1 : `__packed` statement. It depends on compiler extension (ie, not portable). + * This method is safe if your compiler supports it, and *generally* as fast or faster than `memcpy`. + * Method 2 : direct access. This method is portable but violate C standard. + * It can generate buggy code on targets which generate assembly depending on alignment. + * But in some circumstances, it's the only known way to get the most performance (ie GCC + ARMv6) + * See https://fastcompression.blogspot.fr/2015/08/accessing-unaligned-memory.html for details. + * Prefer these methods in priority order (0 > 1 > 2) + */ +#ifndef LZ4_FORCE_MEMORY_ACCESS /* can be defined externally, on command line for example */ +# if defined(__GNUC__) && ( defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__) || defined(__ARM_ARCH_6K__) || defined(__ARM_ARCH_6Z__) || defined(__ARM_ARCH_6ZK__) || defined(__ARM_ARCH_6T2__) ) +# define LZ4_FORCE_MEMORY_ACCESS 2 +# elif defined(__INTEL_COMPILER) || \ + (defined(__GNUC__) && ( defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) || defined(__ARM_ARCH_7R__) || defined(__ARM_ARCH_7M__) || defined(__ARM_ARCH_7S__) )) +# define LZ4_FORCE_MEMORY_ACCESS 1 +# endif +#endif + +/* + * LZ4_FORCE_SW_BITCOUNT + * Define this parameter if your target system or compiler does not support hardware bit count + */ +#if defined(_MSC_VER) && defined(_WIN32_WCE) /* Visual Studio for Windows CE does not support Hardware bit count */ +# define LZ4_FORCE_SW_BITCOUNT +#endif + + +/*-************************************ +* Dependency +**************************************/ +//#include "lz4.h" +/* see also "memory routines" below */ + + +/*-************************************ +* Compiler Options +**************************************/ +#if 0 +#ifdef _MSC_VER /* Visual Studio */ +# define FORCE_INLINE static __forceinline +# include <intrin.h> +# pragma warning(disable : 4127) /* disable: C4127: conditional expression is constant */ +# pragma warning(disable : 4293) /* disable: C4293: too large shift (32-bits) */ +#else +# if defined(__GNUC__) || defined(__clang__) +# define FORCE_INLINE static inline __attribute__((always_inline)) +# elif defined(__cplusplus) || (defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L) /* C99 */) +# define FORCE_INLINE static inline +# else +# define FORCE_INLINE static +# endif +#endif /* _MSC_VER */ +#endif + +#if (defined(__GNUC__) && (__GNUC__ >= 3)) || (defined(__INTEL_COMPILER) && (__INTEL_COMPILER >= 800)) || defined(__clang__) +# define expect(expr,value) (__builtin_expect ((expr),(value)) ) +#else +# define expect(expr,value) (expr) +#endif + +#define likely(expr) expect((expr) != 0, 1) +#define unlikely(expr) expect((expr) != 0, 0) + + +/*-************************************ +* Memory routines +**************************************/ +//#include <stdlib.h> /* malloc, calloc, free */ +#define ALLOCATOR(n,s) calloc(n,s) +#define FREEMEM free +//#include <string.h> /* memset, memcpy */ +#define MEM_INIT memset + + +/*-************************************ +* Basic Types +**************************************/ +//#if defined(__cplusplus) || (defined (__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L) /* C99 */) +//# include <stdint.h> + typedef uint8_t BYTE; + typedef uint16_t U16; + typedef uint32_t U32; + typedef int32_t S32; + typedef uint64_t U64; + typedef uintptr_t uptrval; +/*#else + typedef unsigned char BYTE; + typedef unsigned short U16; + typedef unsigned int U32; + typedef signed int S32; + typedef unsigned long long U64; + typedef size_t uptrval; +#endif */ + +typedef uintptr_t reg_t; +//#if defined(__x86_64__) +// typedef U64 reg_t; /* 64-bits in x32 mode */ +//#else +// typedef size_t reg_t; /* 32-bits in x32 mode */ +//#endif + +/*-************************************ +* Reading and writing into memory +**************************************/ +static unsigned LZ4_isLittleEndian(void) +{ + const union { U32 u; BYTE c[4]; } one = { 1 }; /* don't use static : performance detrimental */ + return one.c[0]; +} + +#if defined(LZ4_FORCE_MEMORY_ACCESS) && (LZ4_FORCE_MEMORY_ACCESS==2) +/* lie to the compiler about data alignment; use with caution */ + +static U16 LZ4_read16(const void* memPtr) { return *(const U16*) memPtr; } +static U32 LZ4_read32(const void* memPtr) { return *(const U32*) memPtr; } +static reg_t LZ4_read_ARCH(const void* memPtr) { return *(const reg_t*) memPtr; } + +static void LZ4_write16(void* memPtr, U16 value) { *(U16*)memPtr = value; } +static void LZ4_write32(void* memPtr, U32 value) { *(U32*)memPtr = value; } + +#elif defined(LZ4_FORCE_MEMORY_ACCESS) && (LZ4_FORCE_MEMORY_ACCESS==1) + +/* __pack instructions are safer, but compiler specific, hence potentially problematic for some compilers */ +/* currently only defined for gcc and icc */ +typedef union { U16 u16; U32 u32; reg_t uArch; } __attribute__((packed)) unalign; + +static U16 LZ4_read16(const void* ptr) { return ((const unalign*)ptr)->u16; } +static U32 LZ4_read32(const void* ptr) { return ((const unalign*)ptr)->u32; } +static reg_t LZ4_read_ARCH(const void* ptr) { return ((const unalign*)ptr)->uArch; } + +static void LZ4_write16(void* memPtr, U16 value) { ((unalign*)memPtr)->u16 = value; } +static void LZ4_write32(void* memPtr, U32 value) { ((unalign*)memPtr)->u32 = value; } + +#else /* safe and portable access through memcpy() */ + +static U16 LZ4_read16(const void* memPtr) +{ + U16 val; memcpy(&val, memPtr, sizeof(val)); return val; +} + +static U32 LZ4_read32(const void* memPtr) +{ + U32 val; memcpy(&val, memPtr, sizeof(val)); return val; +} + +static reg_t LZ4_read_ARCH(const void* memPtr) +{ + reg_t val; memcpy(&val, memPtr, sizeof(val)); return val; +} + +static void LZ4_write16(void* memPtr, U16 value) +{ + memcpy(memPtr, &value, sizeof(value)); +} + +static void LZ4_write32(void* memPtr, U32 value) +{ + memcpy(memPtr, &value, sizeof(value)); +} + +#endif /* LZ4_FORCE_MEMORY_ACCESS */ + + +static U16 LZ4_readLE16(const void* memPtr) +{ + if (LZ4_isLittleEndian()) { + return LZ4_read16(memPtr); + } else { + const BYTE* p = (const BYTE*)memPtr; + return (U16)((U16)p[0] + (p[1]<<8)); + } +} + +static void LZ4_writeLE16(void* memPtr, U16 value) +{ + if (LZ4_isLittleEndian()) { + LZ4_write16(memPtr, value); + } else { + BYTE* p = (BYTE*)memPtr; + p[0] = (BYTE) value; + p[1] = (BYTE)(value>>8); + } +} + +static void LZ4_copy8(void* dst, const void* src) +{ + memcpy(dst,src,8); +} + +/* customized variant of memcpy, which can overwrite up to 8 bytes beyond dstEnd */ +static void LZ4_wildCopy(void* dstPtr, const void* srcPtr, void* dstEnd) +{ + BYTE* d = (BYTE*)dstPtr; + const BYTE* s = (const BYTE*)srcPtr; + BYTE* const e = (BYTE*)dstEnd; + + do { LZ4_copy8(d,s); d+=8; s+=8; } while (d<e); +} + + +/*-************************************ +* Common Constants +**************************************/ +#define MINMATCH 4 + +#define WILDCOPYLENGTH 8 +#define LASTLITERALS 5 +#define MFLIMIT (WILDCOPYLENGTH+MINMATCH) +static const int LZ4_minLength = (MFLIMIT+1); + +#define KB *(1 <<10) +#define MB *(1 <<20) +#define GB *(1U<<30) + +#define MAXD_LOG 16 +#define MAX_DISTANCE ((1 << MAXD_LOG) - 1) + +#define ML_BITS 4 +#define ML_MASK ((1U<<ML_BITS)-1) +#define RUN_BITS (8-ML_BITS) +#define RUN_MASK ((1U<<RUN_BITS)-1) + + +/*-************************************ +* Common Utils +**************************************/ +#define LZ4_STATIC_ASSERT(c) { enum { LZ4_static_assert = 1/(int)(!!(c)) }; } /* use only *after* variable declarations */ + + +/*-************************************ +* Common functions +**************************************/ +static unsigned LZ4_NbCommonBytes (register reg_t val) +{ + if (LZ4_isLittleEndian()) { + if (sizeof(val)==8) { +# if defined(_MSC_VER) && defined(_WIN64) && !defined(LZ4_FORCE_SW_BITCOUNT) + unsigned long r = 0; + _BitScanForward64( &r, (U64)val ); + return (int)(r>>3); +# elif (defined(__clang__) || (defined(__GNUC__) && (__GNUC__>=3))) && !defined(LZ4_FORCE_SW_BITCOUNT) + return (__builtin_ctzll((U64)val) >> 3); +# else + static const int DeBruijnBytePos[64] = { 0, 0, 0, 0, 0, 1, 1, 2, 0, 3, 1, 3, 1, 4, 2, 7, 0, 2, 3, 6, 1, 5, 3, 5, 1, 3, 4, 4, 2, 5, 6, 7, 7, 0, 1, 2, 3, 3, 4, 6, 2, 6, 5, 5, 3, 4, 5, 6, 7, 1, 2, 4, 6, 4, 4, 5, 7, 2, 6, 5, 7, 6, 7, 7 }; + return DeBruijnBytePos[((U64)((val & -(long long)val) * 0x0218A392CDABBD3FULL)) >> 58]; +# endif + } else /* 32 bits */ { +# if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT) + unsigned long r; + _BitScanForward( &r, (U32)val ); + return (int)(r>>3); +# elif (defined(__clang__) || (defined(__GNUC__) && (__GNUC__>=3))) && !defined(LZ4_FORCE_SW_BITCOUNT) + return (__builtin_ctz((U32)val) >> 3); +# else + static const int DeBruijnBytePos[32] = { 0, 0, 3, 0, 3, 1, 3, 0, 3, 2, 2, 1, 3, 2, 0, 1, 3, 3, 1, 2, 2, 2, 2, 0, 3, 1, 2, 0, 1, 0, 1, 1 }; + return DeBruijnBytePos[((U32)((val & -(S32)val) * 0x077CB531U)) >> 27]; +# endif + } + } else /* Big Endian CPU */ { + if (sizeof(val)==8) { +# if defined(_MSC_VER) && defined(_WIN64) && !defined(LZ4_FORCE_SW_BITCOUNT) + unsigned long r = 0; + _BitScanReverse64( &r, val ); + return (unsigned)(r>>3); +# elif (defined(__clang__) || (defined(__GNUC__) && (__GNUC__>=3))) && !defined(LZ4_FORCE_SW_BITCOUNT) + return (__builtin_clzll((U64)val) >> 3); +# else + unsigned r; + if (!(val>>32)) { r=4; } else { r=0; val>>=32; } + if (!(val>>16)) { r+=2; val>>=8; } else { val>>=24; } + r += (!val); + return r; +# endif + } else /* 32 bits */ { +# if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT) + unsigned long r = 0; + _BitScanReverse( &r, (unsigned long)val ); + return (unsigned)(r>>3); +# elif (defined(__clang__) || (defined(__GNUC__) && (__GNUC__>=3))) && !defined(LZ4_FORCE_SW_BITCOUNT) + return (__builtin_clz((U32)val) >> 3); +# else + unsigned r; + if (!(val>>16)) { r=2; val>>=8; } else { r=0; val>>=24; } + r += (!val); + return r; +# endif + } + } +} + +#define STEPSIZE sizeof(reg_t) +static unsigned LZ4_count(const BYTE* pIn, const BYTE* pMatch, const BYTE* pInLimit) +{ + const BYTE* const pStart = pIn; + + while (likely(pIn<pInLimit-(STEPSIZE-1))) { + reg_t const diff = LZ4_read_ARCH(pMatch) ^ LZ4_read_ARCH(pIn); + if (!diff) { pIn+=STEPSIZE; pMatch+=STEPSIZE; continue; } + pIn += LZ4_NbCommonBytes(diff); + return (unsigned)(pIn - pStart); + } + + if ((STEPSIZE==8) && (pIn<(pInLimit-3)) && (LZ4_read32(pMatch) == LZ4_read32(pIn))) { pIn+=4; pMatch+=4; } + if ((pIn<(pInLimit-1)) && (LZ4_read16(pMatch) == LZ4_read16(pIn))) { pIn+=2; pMatch+=2; } + if ((pIn<pInLimit) && (*pMatch == *pIn)) pIn++; + return (unsigned)(pIn - pStart); +} + + +#ifndef LZ4_COMMONDEFS_ONLY +/*-************************************ +* Local Constants +**************************************/ +static const int LZ4_64Klimit = ((64 KB) + (MFLIMIT-1)); +static const U32 LZ4_skipTrigger = 6; /* Increase this value ==> compression run slower on incompressible data */ + + +/*-************************************ +* Local Structures and types +**************************************/ +typedef enum { notLimited = 0, limitedOutput = 1 } limitedOutput_directive; +typedef enum { byPtr, byU32, byU16 } tableType_t; + +typedef enum { noDict = 0, withPrefix64k, usingExtDict } dict_directive; +typedef enum { noDictIssue = 0, dictSmall } dictIssue_directive; + +typedef enum { endOnOutputSize = 0, endOnInputSize = 1 } endCondition_directive; +typedef enum { full = 0, partial = 1 } earlyEnd_directive; + + +/*-************************************ +* Local Utils +**************************************/ +//int LZ4_versionNumber (void) { return LZ4_VERSION_NUMBER; } +//const char* LZ4_versionString(void) { return LZ4_VERSION_STRING; } +int LZ4_compressBound(int isize) { return LZ4_COMPRESSBOUND(isize); } +//int LZ4_sizeofState() { return LZ4_STREAMSIZE; } + + +/*-****************************** +* Compression functions +********************************/ +static U32 LZ4_hash4(U32 sequence, tableType_t const tableType) +{ + if (tableType == byU16) + return ((sequence * 2654435761U) >> ((MINMATCH*8)-(LZ4_HASHLOG+1))); + else + return ((sequence * 2654435761U) >> ((MINMATCH*8)-LZ4_HASHLOG)); +} + +static U32 LZ4_hash5(U64 sequence, tableType_t const tableType) +{ + static const U64 prime5bytes = 889523592379ULL; + static const U64 prime8bytes = 11400714785074694791ULL; + const U32 hashLog = (tableType == byU16) ? LZ4_HASHLOG+1 : LZ4_HASHLOG; + if (LZ4_isLittleEndian()) + return (U32)(((sequence << 24) * prime5bytes) >> (64 - hashLog)); + else + return (U32)(((sequence >> 24) * prime8bytes) >> (64 - hashLog)); +} + +FORCE_INLINE U32 LZ4_hashPosition(const void* const p, tableType_t const tableType) +{ + if ((sizeof(reg_t)==8) && (tableType != byU16)) return LZ4_hash5(LZ4_read_ARCH(p), tableType); + return LZ4_hash4(LZ4_read32(p), tableType); +} + +static void LZ4_putPositionOnHash(const BYTE* p, U32 h, void* tableBase, tableType_t const tableType, const BYTE* srcBase) +{ + switch (tableType) + { + case byPtr: { const BYTE** hashTable = (const BYTE**)tableBase; hashTable[h] = p; return; } + case byU32: { U32* hashTable = (U32*) tableBase; hashTable[h] = (U32)(p-srcBase); return; } + case byU16: { U16* hashTable = (U16*) tableBase; hashTable[h] = (U16)(p-srcBase); return; } + } +} + +FORCE_INLINE void LZ4_putPosition(const BYTE* p, void* tableBase, tableType_t tableType, const BYTE* srcBase) +{ + U32 const h = LZ4_hashPosition(p, tableType); + LZ4_putPositionOnHash(p, h, tableBase, tableType, srcBase); +} + +static const BYTE* LZ4_getPositionOnHash(U32 h, void* tableBase, tableType_t tableType, const BYTE* srcBase) +{ + if (tableType == byPtr) { const BYTE** hashTable = (const BYTE**) tableBase; return hashTable[h]; } + if (tableType == byU32) { const U32* const hashTable = (U32*) tableBase; return hashTable[h] + srcBase; } + { const U16* const hashTable = (U16*) tableBase; return hashTable[h] + srcBase; } /* default, to ensure a return */ +} + +FORCE_INLINE const BYTE* LZ4_getPosition(const BYTE* p, void* tableBase, tableType_t tableType, const BYTE* srcBase) +{ + U32 const h = LZ4_hashPosition(p, tableType); + return LZ4_getPositionOnHash(h, tableBase, tableType, srcBase); +} + + +/** LZ4_compress_generic() : + inlined, to ensure branches are decided at compilation time */ +FORCE_INLINE int LZ4_compress_generic( + LZ4_stream_t_internal* const cctx, + const char* const source, + char* const dest, + const int inputSize, + const int maxOutputSize, + const limitedOutput_directive outputLimited, + const tableType_t tableType, + const dict_directive dict, + const dictIssue_directive dictIssue, + const U32 acceleration) +{ + const BYTE* ip = (const BYTE*) source; + const BYTE* base; + const BYTE* lowLimit; + const BYTE* const lowRefLimit = ip - cctx->dictSize; + const BYTE* const dictionary = cctx->dictionary; + const BYTE* const dictEnd = dictionary + cctx->dictSize; + const ptrdiff_t dictDelta = dictEnd - (const BYTE*)source; + const BYTE* anchor = (const BYTE*) source; + const BYTE* const iend = ip + inputSize; + const BYTE* const mflimit = iend - MFLIMIT; + const BYTE* const matchlimit = iend - LASTLITERALS; + + BYTE* op = (BYTE*) dest; + BYTE* const olimit = op + maxOutputSize; + + U32 forwardH; + + /* Init conditions */ + if ((U32)inputSize > (U32)LZ4_MAX_INPUT_SIZE) return 0; /* Unsupported inputSize, too large (or negative) */ + switch(dict) + { + case noDict: + default: + base = (const BYTE*)source; + lowLimit = (const BYTE*)source; + break; + case withPrefix64k: + base = (const BYTE*)source - cctx->currentOffset; + lowLimit = (const BYTE*)source - cctx->dictSize; + break; + case usingExtDict: + base = (const BYTE*)source - cctx->currentOffset; + lowLimit = (const BYTE*)source; + break; + } + if ((tableType == byU16) && (inputSize>=LZ4_64Klimit)) return 0; /* Size too large (not within 64K limit) */ + if (inputSize<LZ4_minLength) goto _last_literals; /* Input too small, no compression (all literals) */ + + /* First Byte */ + LZ4_putPosition(ip, cctx->hashTable, tableType, base); + ip++; forwardH = LZ4_hashPosition(ip, tableType); + + /* Main Loop */ + for ( ; ; ) { + ptrdiff_t refDelta = 0; + const BYTE* match; + BYTE* token; + + /* Find a match */ + { const BYTE* forwardIp = ip; + unsigned step = 1; + unsigned searchMatchNb = acceleration << LZ4_skipTrigger; + do { + U32 const h = forwardH; + ip = forwardIp; + forwardIp += step; + step = (searchMatchNb++ >> LZ4_skipTrigger); + + if (unlikely(forwardIp > mflimit)) goto _last_literals; + + match = LZ4_getPositionOnHash(h, cctx->hashTable, tableType, base); + if (dict==usingExtDict) { + if (match < (const BYTE*)source) { + refDelta = dictDelta; + lowLimit = dictionary; + } else { + refDelta = 0; + lowLimit = (const BYTE*)source; + } } + forwardH = LZ4_hashPosition(forwardIp, tableType); + LZ4_putPositionOnHash(ip, h, cctx->hashTable, tableType, base); + + } while ( ((dictIssue==dictSmall) ? (match < lowRefLimit) : 0) + || ((tableType==byU16) ? 0 : (match + MAX_DISTANCE < ip)) + || (LZ4_read32(match+refDelta) != LZ4_read32(ip)) ); + } + + /* Catch up */ + while (((ip>anchor) & (match+refDelta > lowLimit)) && (unlikely(ip[-1]==match[refDelta-1]))) { ip--; match--; } + + /* Encode Literals */ + { unsigned const litLength = (unsigned)(ip - anchor); + token = op++; + if ((outputLimited) && /* Check output buffer overflow */ + (unlikely(op + litLength + (2 + 1 + LASTLITERALS) + (litLength/255) > olimit))) + return 0; + if (litLength >= RUN_MASK) { + int len = (int)litLength-RUN_MASK; + *token = (RUN_MASK<<ML_BITS); + for(; len >= 255 ; len-=255) *op++ = 255; + *op++ = (BYTE)len; + } + else *token = (BYTE)(litLength<<ML_BITS); + + /* Copy Literals */ + LZ4_wildCopy(op, anchor, op+litLength); + op+=litLength; + } + +_next_match: + /* Encode Offset */ + LZ4_writeLE16(op, (U16)(ip-match)); op+=2; + + /* Encode MatchLength */ + { unsigned matchCode; + + if ((dict==usingExtDict) && (lowLimit==dictionary)) { + const BYTE* limit; + match += refDelta; + limit = ip + (dictEnd-match); + if (limit > matchlimit) limit = matchlimit; + matchCode = LZ4_count(ip+MINMATCH, match+MINMATCH, limit); + ip += MINMATCH + matchCode; + if (ip==limit) { + unsigned const more = LZ4_count(ip, (const BYTE*)source, matchlimit); + matchCode += more; + ip += more; + } + } else { + matchCode = LZ4_count(ip+MINMATCH, match+MINMATCH, matchlimit); + ip += MINMATCH + matchCode; + } + + if ( outputLimited && /* Check output buffer overflow */ + (unlikely(op + (1 + LASTLITERALS) + (matchCode>>8) > olimit)) ) + return 0; + if (matchCode >= ML_MASK) { + *token += ML_MASK; + matchCode -= ML_MASK; + LZ4_write32(op, 0xFFFFFFFF); + while (matchCode >= 4*255) op+=4, LZ4_write32(op, 0xFFFFFFFF), matchCode -= 4*255; + op += matchCode / 255; + *op++ = (BYTE)(matchCode % 255); + } else + *token += (BYTE)(matchCode); + } + + anchor = ip; + + /* Test end of chunk */ + if (ip > mflimit) break; + + /* Fill table */ + LZ4_putPosition(ip-2, cctx->hashTable, tableType, base); + + /* Test next position */ + match = LZ4_getPosition(ip, cctx->hashTable, tableType, base); + if (dict==usingExtDict) { + if (match < (const BYTE*)source) { + refDelta = dictDelta; + lowLimit = dictionary; + } else { + refDelta = 0; + lowLimit = (const BYTE*)source; + } } + LZ4_putPosition(ip, cctx->hashTable, tableType, base); + if ( ((dictIssue==dictSmall) ? (match>=lowRefLimit) : 1) + && (match+MAX_DISTANCE>=ip) + && (LZ4_read32(match+refDelta)==LZ4_read32(ip)) ) + { token=op++; *token=0; goto _next_match; } + + /* Prepare next loop */ + forwardH = LZ4_hashPosition(++ip, tableType); + } + +_last_literals: + /* Encode Last Literals */ + { size_t const lastRun = (size_t)(iend - anchor); + if ( (outputLimited) && /* Check output buffer overflow */ + ((op - (BYTE*)dest) + lastRun + 1 + ((lastRun+255-RUN_MASK)/255) > (U32)maxOutputSize) ) + return 0; + if (lastRun >= RUN_MASK) { + size_t accumulator = lastRun - RUN_MASK; + *op++ = RUN_MASK << ML_BITS; + for(; accumulator >= 255 ; accumulator-=255) *op++ = 255; + *op++ = (BYTE) accumulator; + } else { + *op++ = (BYTE)(lastRun<<ML_BITS); + } + memcpy(op, anchor, lastRun); + op += lastRun; + } + + /* End */ + return (int) (((char*)op)-dest); +} + + +int LZ4_compress_fast_extState(void* state, const char* source, char* dest, int inputSize, int maxOutputSize, int acceleration) +{ + LZ4_stream_t_internal* ctx = &((LZ4_stream_t*)state)->internal_donotuse; + LZ4_resetStream((LZ4_stream_t*)state); + if (acceleration < 1) acceleration = ACCELERATION_DEFAULT; + + if (maxOutputSize >= LZ4_compressBound(inputSize)) { + if (inputSize < LZ4_64Klimit) + return LZ4_compress_generic(ctx, source, dest, inputSize, 0, notLimited, byU16, noDict, noDictIssue, acceleration); + else + return LZ4_compress_generic(ctx, source, dest, inputSize, 0, notLimited, (sizeof(void*)==8) ? byU32 : byPtr, noDict, noDictIssue, acceleration); + } else { + if (inputSize < LZ4_64Klimit) + return LZ4_compress_generic(ctx, source, dest, inputSize, maxOutputSize, limitedOutput, byU16, noDict, noDictIssue, acceleration); + else + return LZ4_compress_generic(ctx, source, dest, inputSize, maxOutputSize, limitedOutput, (sizeof(void*)==8) ? byU32 : byPtr, noDict, noDictIssue, acceleration); + } +} + + +int LZ4_compress_fast(const char* source, char* dest, int inputSize, int maxOutputSize, int acceleration) +{ +#if (HEAPMODE) + void* ctxPtr = ALLOCATOR(1, sizeof(LZ4_stream_t)); /* malloc-calloc always properly aligned */ +#else + LZ4_stream_t ctx; + void* const ctxPtr = &ctx; +#endif + + int const result = LZ4_compress_fast_extState(ctxPtr, source, dest, inputSize, maxOutputSize, acceleration); + +#if (HEAPMODE) + FREEMEM(ctxPtr); +#endif + return result; +} + +#if 0 +int LZ4_compress_default(const char* source, char* dest, int inputSize, int maxOutputSize) +{ + return LZ4_compress_fast(source, dest, inputSize, maxOutputSize, 1); +} + +/* hidden debug function */ +/* strangely enough, gcc generates faster code when this function is uncommented, even if unused */ +int LZ4_compress_fast_force(const char* source, char* dest, int inputSize, int maxOutputSize, int acceleration) +{ + LZ4_stream_t ctx; + LZ4_resetStream(&ctx); + + if (inputSize < LZ4_64Klimit) + return LZ4_compress_generic(&ctx.internal_donotuse, source, dest, inputSize, maxOutputSize, limitedOutput, byU16, noDict, noDictIssue, acceleration); + else + return LZ4_compress_generic(&ctx.internal_donotuse, source, dest, inputSize, maxOutputSize, limitedOutput, sizeof(void*)==8 ? byU32 : byPtr, noDict, noDictIssue, acceleration); +} +#endif + +/*-****************************** +* *_destSize() variant +********************************/ + +#if 0 +static int LZ4_compress_destSize_generic( + LZ4_stream_t_internal* const ctx, + const char* const src, + char* const dst, + int* const srcSizePtr, + const int targetDstSize, + const tableType_t tableType) +{ + const BYTE* ip = (const BYTE*) src; + const BYTE* base = (const BYTE*) src; + const BYTE* lowLimit = (const BYTE*) src; + const BYTE* anchor = ip; + const BYTE* const iend = ip + *srcSizePtr; + const BYTE* const mflimit = iend - MFLIMIT; + const BYTE* const matchlimit = iend - LASTLITERALS; + + BYTE* op = (BYTE*) dst; + BYTE* const oend = op + targetDstSize; + BYTE* const oMaxLit = op + targetDstSize - 2 /* offset */ - 8 /* because 8+MINMATCH==MFLIMIT */ - 1 /* token */; + BYTE* const oMaxMatch = op + targetDstSize - (LASTLITERALS + 1 /* token */); + BYTE* const oMaxSeq = oMaxLit - 1 /* token */; + + U32 forwardH; + + + /* Init conditions */ + if (targetDstSize < 1) return 0; /* Impossible to store anything */ + if ((U32)*srcSizePtr > (U32)LZ4_MAX_INPUT_SIZE) return 0; /* Unsupported input size, too large (or negative) */ + if ((tableType == byU16) && (*srcSizePtr>=LZ4_64Klimit)) return 0; /* Size too large (not within 64K limit) */ + if (*srcSizePtr<LZ4_minLength) goto _last_literals; /* Input too small, no compression (all literals) */ + + /* First Byte */ + *srcSizePtr = 0; + LZ4_putPosition(ip, ctx->hashTable, tableType, base); + ip++; forwardH = LZ4_hashPosition(ip, tableType); + + /* Main Loop */ + for ( ; ; ) { + const BYTE* match; + BYTE* token; + + /* Find a match */ + { const BYTE* forwardIp = ip; + unsigned step = 1; + unsigned searchMatchNb = 1 << LZ4_skipTrigger; + + do { + U32 h = forwardH; + ip = forwardIp; + forwardIp += step; + step = (searchMatchNb++ >> LZ4_skipTrigger); + + if (unlikely(forwardIp > mflimit)) goto _last_literals; + + match = LZ4_getPositionOnHash(h, ctx->hashTable, tableType, base); + forwardH = LZ4_hashPosition(forwardIp, tableType); + LZ4_putPositionOnHash(ip, h, ctx->hashTable, tableType, base); + + } while ( ((tableType==byU16) ? 0 : (match + MAX_DISTANCE < ip)) + || (LZ4_read32(match) != LZ4_read32(ip)) ); + } + + /* Catch up */ + while ((ip>anchor) && (match > lowLimit) && (unlikely(ip[-1]==match[-1]))) { ip--; match--; } + + /* Encode Literal length */ + { unsigned litLength = (unsigned)(ip - anchor); + token = op++; + if (op + ((litLength+240)/255) + litLength > oMaxLit) { + /* Not enough space for a last match */ + op--; + goto _last_literals; + } + if (litLength>=RUN_MASK) { + unsigned len = litLength - RUN_MASK; + *token=(RUN_MASK<<ML_BITS); + for(; len >= 255 ; len-=255) *op++ = 255; + *op++ = (BYTE)len; + } + else *token = (BYTE)(litLength<<ML_BITS); + + /* Copy Literals */ + LZ4_wildCopy(op, anchor, op+litLength); + op += litLength; + } + +_next_match: + /* Encode Offset */ + LZ4_writeLE16(op, (U16)(ip-match)); op+=2; + + /* Encode MatchLength */ + { size_t matchLength = LZ4_count(ip+MINMATCH, match+MINMATCH, matchlimit); + + if (op + ((matchLength+240)/255) > oMaxMatch) { + /* Match description too long : reduce it */ + matchLength = (15-1) + (oMaxMatch-op) * 255; + } + ip += MINMATCH + matchLength; + + if (matchLength>=ML_MASK) { + *token += ML_MASK; + matchLength -= ML_MASK; + while (matchLength >= 255) { matchLength-=255; *op++ = 255; } + *op++ = (BYTE)matchLength; + } + else *token += (BYTE)(matchLength); + } + + anchor = ip; + + /* Test end of block */ + if (ip > mflimit) break; + if (op > oMaxSeq) break; + + /* Fill table */ + LZ4_putPosition(ip-2, ctx->hashTable, tableType, base); + + /* Test next position */ + match = LZ4_getPosition(ip, ctx->hashTable, tableType, base); + LZ4_putPosition(ip, ctx->hashTable, tableType, base); + if ( (match+MAX_DISTANCE>=ip) + && (LZ4_read32(match)==LZ4_read32(ip)) ) + { token=op++; *token=0; goto _next_match; } + + /* Prepare next loop */ + forwardH = LZ4_hashPosition(++ip, tableType); + } + +_last_literals: + /* Encode Last Literals */ + { size_t lastRunSize = (size_t)(iend - anchor); + if (op + 1 /* token */ + ((lastRunSize+240)/255) /* litLength */ + lastRunSize /* literals */ > oend) { + /* adapt lastRunSize to fill 'dst' */ + lastRunSize = (oend-op) - 1; + lastRunSize -= (lastRunSize+240)/255; + } + ip = anchor + lastRunSize; + + if (lastRunSize >= RUN_MASK) { + size_t accumulator = lastRunSize - RUN_MASK; + *op++ = RUN_MASK << ML_BITS; + for(; accumulator >= 255 ; accumulator-=255) *op++ = 255; + *op++ = (BYTE) accumulator; + } else { + *op++ = (BYTE)(lastRunSize<<ML_BITS); + } + memcpy(op, anchor, lastRunSize); + op += lastRunSize; + } + + /* End */ + *srcSizePtr = (int) (((const char*)ip)-src); + return (int) (((char*)op)-dst); +} + +static int LZ4_compress_destSize_extState (LZ4_stream_t* state, const char* src, char* dst, int* srcSizePtr, int targetDstSize) +{ + LZ4_resetStream(state); + + if (targetDstSize >= LZ4_compressBound(*srcSizePtr)) { /* compression success is guaranteed */ + return LZ4_compress_fast_extState(state, src, dst, *srcSizePtr, targetDstSize, 1); + } else { + if (*srcSizePtr < LZ4_64Klimit) + return LZ4_compress_destSize_generic(&state->internal_donotuse, src, dst, srcSizePtr, targetDstSize, byU16); + else + return LZ4_compress_destSize_generic(&state->internal_donotuse, src, dst, srcSizePtr, targetDstSize, sizeof(void*)==8 ? byU32 : byPtr); + } +} + +int LZ4_compress_destSize(const char* src, char* dst, int* srcSizePtr, int targetDstSize) +{ +#if (HEAPMODE) + LZ4_stream_t* ctx = (LZ4_stream_t*)ALLOCATOR(1, sizeof(LZ4_stream_t)); /* malloc-calloc always properly aligned */ +#else + LZ4_stream_t ctxBody; + LZ4_stream_t* ctx = &ctxBody; +#endif + + int result = LZ4_compress_destSize_extState(ctx, src, dst, srcSizePtr, targetDstSize); + +#if (HEAPMODE) + FREEMEM(ctx); +#endif + return result; +} +#endif + +/*-****************************** +* Streaming functions +********************************/ + +#if 0 +LZ4_stream_t* LZ4_createStream(void) +{ + LZ4_stream_t* lz4s = (LZ4_stream_t*)ALLOCATOR(8, LZ4_STREAMSIZE_U64); + LZ4_STATIC_ASSERT(LZ4_STREAMSIZE >= sizeof(LZ4_stream_t_internal)); /* A compilation error here means LZ4_STREAMSIZE is not large enough */ + LZ4_resetStream(lz4s); + return lz4s; +} +#endif + +void LZ4_resetStream (LZ4_stream_t* LZ4_stream) +{ + MEM_INIT(LZ4_stream, 0, sizeof(LZ4_stream_t)); +} + +#if 0 +int LZ4_freeStream (LZ4_stream_t* LZ4_stream) +{ + FREEMEM(LZ4_stream); + return (0); +} +#endif + +#if 0 +#define HASH_UNIT sizeof(reg_t) +int LZ4_loadDict (LZ4_stream_t* LZ4_dict, const char* dictionary, int dictSize) +{ + LZ4_stream_t_internal* dict = &LZ4_dict->internal_donotuse; + const BYTE* p = (const BYTE*)dictionary; + const BYTE* const dictEnd = p + dictSize; + const BYTE* base; + + if ((dict->initCheck) || (dict->currentOffset > 1 GB)) /* Uninitialized structure, or reuse overflow */ + LZ4_resetStream(LZ4_dict); + + if (dictSize < (int)HASH_UNIT) { + dict->dictionary = NULL; + dict->dictSize = 0; + return 0; + } + + if ((dictEnd - p) > 64 KB) p = dictEnd - 64 KB; + dict->currentOffset += 64 KB; + base = p - dict->currentOffset; + dict->dictionary = p; + dict->dictSize = (U32)(dictEnd - p); + dict->currentOffset += dict->dictSize; + + while (p <= dictEnd-HASH_UNIT) { + LZ4_putPosition(p, dict->hashTable, byU32, base); + p+=3; + } + + return dict->dictSize; +} + +static void LZ4_renormDictT(LZ4_stream_t_internal* LZ4_dict, const BYTE* src) +{ + if ((LZ4_dict->currentOffset > 0x80000000) || + ((uptrval)LZ4_dict->currentOffset > (uptrval)src)) { /* address space overflow */ + /* rescale hash table */ + U32 const delta = LZ4_dict->currentOffset - 64 KB; + const BYTE* dictEnd = LZ4_dict->dictionary + LZ4_dict->dictSize; + int i; + for (i=0; i<LZ4_HASH_SIZE_U32; i++) { + if (LZ4_dict->hashTable[i] < delta) LZ4_dict->hashTable[i]=0; + else LZ4_dict->hashTable[i] -= delta; + } + LZ4_dict->currentOffset = 64 KB; + if (LZ4_dict->dictSize > 64 KB) LZ4_dict->dictSize = 64 KB; + LZ4_dict->dictionary = dictEnd - LZ4_dict->dictSize; + } +} + +int LZ4_compress_fast_continue (LZ4_stream_t* LZ4_stream, const char* source, char* dest, int inputSize, int maxOutputSize, int acceleration) +{ + LZ4_stream_t_internal* streamPtr = &LZ4_stream->internal_donotuse; + const BYTE* const dictEnd = streamPtr->dictionary + streamPtr->dictSize; + + const BYTE* smallest = (const BYTE*) source; + if (streamPtr->initCheck) return 0; /* Uninitialized structure detected */ + if ((streamPtr->dictSize>0) && (smallest>dictEnd)) smallest = dictEnd; + LZ4_renormDictT(streamPtr, smallest); + if (acceleration < 1) acceleration = ACCELERATION_DEFAULT; + + /* Check overlapping input/dictionary space */ + { const BYTE* sourceEnd = (const BYTE*) source + inputSize; + if ((sourceEnd > streamPtr->dictionary) && (sourceEnd < dictEnd)) { + streamPtr->dictSize = (U32)(dictEnd - sourceEnd); + if (streamPtr->dictSize > 64 KB) streamPtr->dictSize = 64 KB; + if (streamPtr->dictSize < 4) streamPtr->dictSize = 0; + streamPtr->dictionary = dictEnd - streamPtr->dictSize; + } + } + + /* prefix mode : source data follows dictionary */ + if (dictEnd == (const BYTE*)source) { + int result; + if ((streamPtr->dictSize < 64 KB) && (streamPtr->dictSize < streamPtr->currentOffset)) + result = LZ4_compress_generic(streamPtr, source, dest, inputSize, maxOutputSize, limitedOutput, byU32, withPrefix64k, dictSmall, acceleration); + else + result = LZ4_compress_generic(streamPtr, source, dest, inputSize, maxOutputSize, limitedOutput, byU32, withPrefix64k, noDictIssue, acceleration); + streamPtr->dictSize += (U32)inputSize; + streamPtr->currentOffset += (U32)inputSize; + return result; + } + + /* external dictionary mode */ + { int result; + if ((streamPtr->dictSize < 64 KB) && (streamPtr->dictSize < streamPtr->currentOffset)) + result = LZ4_compress_generic(streamPtr, source, dest, inputSize, maxOutputSize, limitedOutput, byU32, usingExtDict, dictSmall, acceleration); + else + result = LZ4_compress_generic(streamPtr, source, dest, inputSize, maxOutputSize, limitedOutput, byU32, usingExtDict, noDictIssue, acceleration); + streamPtr->dictionary = (const BYTE*)source; + streamPtr->dictSize = (U32)inputSize; + streamPtr->currentOffset += (U32)inputSize; + return result; + } +} + +/* Hidden debug function, to force external dictionary mode */ +int LZ4_compress_forceExtDict (LZ4_stream_t* LZ4_dict, const char* source, char* dest, int inputSize) +{ + LZ4_stream_t_internal* streamPtr = &LZ4_dict->internal_donotuse; + int result; + const BYTE* const dictEnd = streamPtr->dictionary + streamPtr->dictSize; + + const BYTE* smallest = dictEnd; + if (smallest > (const BYTE*) source) smallest = (const BYTE*) source; + LZ4_renormDictT(streamPtr, smallest); + + result = LZ4_compress_generic(streamPtr, source, dest, inputSize, 0, notLimited, byU32, usingExtDict, noDictIssue, 1); + + streamPtr->dictionary = (const BYTE*)source; + streamPtr->dictSize = (U32)inputSize; + streamPtr->currentOffset += (U32)inputSize; + + return result; +} + +/*! LZ4_saveDict() : + * If previously compressed data block is not guaranteed to remain available at its memory location, + * save it into a safer place (char* safeBuffer). + * Note : you don't need to call LZ4_loadDict() afterwards, + * dictionary is immediately usable, you can therefore call LZ4_compress_fast_continue(). + * Return : saved dictionary size in bytes (necessarily <= dictSize), or 0 if error. + */ +int LZ4_saveDict (LZ4_stream_t* LZ4_dict, char* safeBuffer, int dictSize) +{ + LZ4_stream_t_internal* const dict = &LZ4_dict->internal_donotuse; + const BYTE* const previousDictEnd = dict->dictionary + dict->dictSize; + + if ((U32)dictSize > 64 KB) dictSize = 64 KB; /* useless to define a dictionary > 64 KB */ + if ((U32)dictSize > dict->dictSize) dictSize = dict->dictSize; + + memmove(safeBuffer, previousDictEnd - dictSize, dictSize); + + dict->dictionary = (const BYTE*)safeBuffer; + dict->dictSize = (U32)dictSize; + + return dictSize; +} + +#endif + +/*-***************************** +* Decompression functions +*******************************/ +/*! LZ4_decompress_generic() : + * This generic decompression function cover all use cases. + * It shall be instantiated several times, using different sets of directives + * Note that it is important this generic function is really inlined, + * in order to remove useless branches during compilation optimization. + */ +FORCE_INLINE int LZ4_decompress_generic( + const char* const source, + char* const dest, + int inputSize, + int outputSize, /* If endOnInput==endOnInputSize, this value is the max size of Output Buffer. */ + + int endOnInput, /* endOnOutputSize, endOnInputSize */ + int partialDecoding, /* full, partial */ + int targetOutputSize, /* only used if partialDecoding==partial */ + int dict, /* noDict, withPrefix64k, usingExtDict */ + const BYTE* const lowPrefix, /* == dest when no prefix */ + const BYTE* const dictStart, /* only if dict==usingExtDict */ + const size_t dictSize /* note : = 0 if noDict */ + ) +{ + /* Local Variables */ + const BYTE* ip = (const BYTE*) source; + const BYTE* const iend = ip + inputSize; + + BYTE* op = (BYTE*) dest; + BYTE* const oend = op + outputSize; + BYTE* cpy; + BYTE* oexit = op + targetOutputSize; + const BYTE* const lowLimit = lowPrefix - dictSize; + + const BYTE* const dictEnd = (const BYTE*)dictStart + dictSize; + const unsigned dec32table[] = {0, 1, 2, 1, 4, 4, 4, 4}; + const int dec64table[] = {0, 0, 0, -1, 0, 1, 2, 3}; + + const int safeDecode = (endOnInput==endOnInputSize); + const int checkOffset = ((safeDecode) && (dictSize < (int)(64 KB))); + + + /* Special cases */ + if ((partialDecoding) && (oexit > oend-MFLIMIT)) oexit = oend-MFLIMIT; /* targetOutputSize too high => decode everything */ + if ((endOnInput) && (unlikely(outputSize==0))) return ((inputSize==1) && (*ip==0)) ? 0 : -1; /* Empty output buffer */ + if ((!endOnInput) && (unlikely(outputSize==0))) return (*ip==0?1:-1); + + /* Main Loop : decode sequences */ + while (1) { + size_t length; + const BYTE* match; + size_t offset; + + /* get literal length */ + unsigned const token = *ip++; + if ((length=(token>>ML_BITS)) == RUN_MASK) { + unsigned s; + do { + s = *ip++; + length += s; + } while ( likely(endOnInput ? ip<iend-RUN_MASK : 1) & (s==255) ); + if ((safeDecode) && unlikely((uptrval)(op)+length<(uptrval)(op))) goto _output_error; /* overflow detection */ + if ((safeDecode) && unlikely((uptrval)(ip)+length<(uptrval)(ip))) goto _output_error; /* overflow detection */ + } + + /* copy literals */ + cpy = op+length; + if ( ((endOnInput) && ((cpy>(partialDecoding?oexit:oend-MFLIMIT)) || (ip+length>iend-(2+1+LASTLITERALS))) ) + || ((!endOnInput) && (cpy>oend-WILDCOPYLENGTH)) ) + { + if (partialDecoding) { + if (cpy > oend) goto _output_error; /* Error : write attempt beyond end of output buffer */ + if ((endOnInput) && (ip+length > iend)) goto _output_error; /* Error : read attempt beyond end of input buffer */ + } else { + if ((!endOnInput) && (cpy != oend)) goto _output_error; /* Error : block decoding must stop exactly there */ + if ((endOnInput) && ((ip+length != iend) || (cpy > oend))) goto _output_error; /* Error : input must be consumed */ + } + memcpy(op, ip, length); + ip += length; + op += length; + break; /* Necessarily EOF, due to parsing restrictions */ + } + LZ4_wildCopy(op, ip, cpy); + ip += length; op = cpy; + + /* get offset */ + offset = LZ4_readLE16(ip); ip+=2; + match = op - offset; + if ((checkOffset) && (unlikely(match < lowLimit))) goto _output_error; /* Error : offset outside buffers */ + LZ4_write32(op, (U32)offset); /* costs ~1%; silence an msan warning when offset==0 */ + + /* get matchlength */ + length = token & ML_MASK; + if (length == ML_MASK) { + unsigned s; + do { + s = *ip++; + if ((endOnInput) && (ip > iend-LASTLITERALS)) goto _output_error; + length += s; + } while (s==255); + if ((safeDecode) && unlikely((uptrval)(op)+length<(uptrval)op)) goto _output_error; /* overflow detection */ + } + length += MINMATCH; + + /* check external dictionary */ + if ((dict==usingExtDict) && (match < lowPrefix)) { + if (unlikely(op+length > oend-LASTLITERALS)) goto _output_error; /* doesn't respect parsing restriction */ + + if (length <= (size_t)(lowPrefix-match)) { + /* match can be copied as a single segment from external dictionary */ + memmove(op, dictEnd - (lowPrefix-match), length); + op += length; + } else { + /* match encompass external dictionary and current block */ + size_t const copySize = (size_t)(lowPrefix-match); + size_t const restSize = length - copySize; + memcpy(op, dictEnd - copySize, copySize); + op += copySize; + if (restSize > (size_t)(op-lowPrefix)) { /* overlap copy */ + BYTE* const endOfMatch = op + restSize; + const BYTE* copyFrom = lowPrefix; + while (op < endOfMatch) *op++ = *copyFrom++; + } else { + memcpy(op, lowPrefix, restSize); + op += restSize; + } } + continue; + } + + /* copy match within block */ + cpy = op + length; + if (unlikely(offset<8)) { + const int dec64 = dec64table[offset]; + op[0] = match[0]; + op[1] = match[1]; + op[2] = match[2]; + op[3] = match[3]; + match += dec32table[offset]; + memcpy(op+4, match, 4); + match -= dec64; + } else { LZ4_copy8(op, match); match+=8; } + op += 8; + + if (unlikely(cpy>oend-12)) { + BYTE* const oCopyLimit = oend-(WILDCOPYLENGTH-1); + if (cpy > oend-LASTLITERALS) goto _output_error; /* Error : last LASTLITERALS bytes must be literals (uncompressed) */ + if (op < oCopyLimit) { + LZ4_wildCopy(op, match, oCopyLimit); + match += oCopyLimit - op; + op = oCopyLimit; + } + while (op<cpy) *op++ = *match++; + } else { + LZ4_copy8(op, match); + if (length>16) LZ4_wildCopy(op+8, match+8, cpy); + } + op=cpy; /* correction */ + } + + /* end of decoding */ + if (endOnInput) + return (int) (((char*)op)-dest); /* Nb of output bytes decoded */ + else + return (int) (((const char*)ip)-source); /* Nb of input bytes read */ + + /* Overflow error detected */ +_output_error: + return (int) (-(((const char*)ip)-source))-1; +} + + +int LZ4_decompress_safe(const char* source, char* dest, int compressedSize, int maxDecompressedSize) +{ + return LZ4_decompress_generic(source, dest, compressedSize, maxDecompressedSize, endOnInputSize, full, 0, noDict, (BYTE*)dest, NULL, 0); +} + +#if 0 +int LZ4_decompress_safe_partial(const char* source, char* dest, int compressedSize, int targetOutputSize, int maxDecompressedSize) +{ + return LZ4_decompress_generic(source, dest, compressedSize, maxDecompressedSize, endOnInputSize, partial, targetOutputSize, noDict, (BYTE*)dest, NULL, 0); +} + +int LZ4_decompress_fast(const char* source, char* dest, int originalSize) +{ + return LZ4_decompress_generic(source, dest, 0, originalSize, endOnOutputSize, full, 0, withPrefix64k, (BYTE*)(dest - 64 KB), NULL, 64 KB); +} +#endif + +/*===== streaming decompression functions =====*/ + +#if 0 +/* + * If you prefer dynamic allocation methods, + * LZ4_createStreamDecode() + * provides a pointer (void*) towards an initialized LZ4_streamDecode_t structure. + */ +LZ4_streamDecode_t* LZ4_createStreamDecode(void) +{ + LZ4_streamDecode_t* lz4s = (LZ4_streamDecode_t*) ALLOCATOR(1, sizeof(LZ4_streamDecode_t)); + return lz4s; +} + +int LZ4_freeStreamDecode (LZ4_streamDecode_t* LZ4_stream) +{ + FREEMEM(LZ4_stream); + return 0; +} + +/*! + * LZ4_setStreamDecode() : + * Use this function to instruct where to find the dictionary. + * This function is not necessary if previous data is still available where it was decoded. + * Loading a size of 0 is allowed (same effect as no dictionary). + * Return : 1 if OK, 0 if error + */ +int LZ4_setStreamDecode (LZ4_streamDecode_t* LZ4_streamDecode, const char* dictionary, int dictSize) +{ + LZ4_streamDecode_t_internal* lz4sd = &LZ4_streamDecode->internal_donotuse; + lz4sd->prefixSize = (size_t) dictSize; + lz4sd->prefixEnd = (const BYTE*) dictionary + dictSize; + lz4sd->externalDict = NULL; + lz4sd->extDictSize = 0; + return 1; +} + +/* +*_continue() : + These decoding functions allow decompression of multiple blocks in "streaming" mode. + Previously decoded blocks must still be available at the memory position where they were decoded. + If it's not possible, save the relevant part of decoded data into a safe buffer, + and indicate where it stands using LZ4_setStreamDecode() +*/ +int LZ4_decompress_safe_continue (LZ4_streamDecode_t* LZ4_streamDecode, const char* source, char* dest, int compressedSize, int maxOutputSize) +{ + LZ4_streamDecode_t_internal* lz4sd = &LZ4_streamDecode->internal_donotuse; + int result; + + if (lz4sd->prefixEnd == (BYTE*)dest) { + result = LZ4_decompress_generic(source, dest, compressedSize, maxOutputSize, + endOnInputSize, full, 0, + usingExtDict, lz4sd->prefixEnd - lz4sd->prefixSize, lz4sd->externalDict, lz4sd->extDictSize); + if (result <= 0) return result; + lz4sd->prefixSize += result; + lz4sd->prefixEnd += result; + } else { + lz4sd->extDictSize = lz4sd->prefixSize; + lz4sd->externalDict = lz4sd->prefixEnd - lz4sd->extDictSize; + result = LZ4_decompress_generic(source, dest, compressedSize, maxOutputSize, + endOnInputSize, full, 0, + usingExtDict, (BYTE*)dest, lz4sd->externalDict, lz4sd->extDictSize); + if (result <= 0) return result; + lz4sd->prefixSize = result; + lz4sd->prefixEnd = (BYTE*)dest + result; + } + + return result; +} + +int LZ4_decompress_fast_continue (LZ4_streamDecode_t* LZ4_streamDecode, const char* source, char* dest, int originalSize) +{ + LZ4_streamDecode_t_internal* lz4sd = &LZ4_streamDecode->internal_donotuse; + int result; + + if (lz4sd->prefixEnd == (BYTE*)dest) { + result = LZ4_decompress_generic(source, dest, 0, originalSize, + endOnOutputSize, full, 0, + usingExtDict, lz4sd->prefixEnd - lz4sd->prefixSize, lz4sd->externalDict, lz4sd->extDictSize); + if (result <= 0) return result; + lz4sd->prefixSize += originalSize; + lz4sd->prefixEnd += originalSize; + } else { + lz4sd->extDictSize = lz4sd->prefixSize; + lz4sd->externalDict = lz4sd->prefixEnd - lz4sd->extDictSize; + result = LZ4_decompress_generic(source, dest, 0, originalSize, + endOnOutputSize, full, 0, + usingExtDict, (BYTE*)dest, lz4sd->externalDict, lz4sd->extDictSize); + if (result <= 0) return result; + lz4sd->prefixSize = originalSize; + lz4sd->prefixEnd = (BYTE*)dest + originalSize; + } + + return result; +} + + +/* +Advanced decoding functions : +*_usingDict() : + These decoding functions work the same as "_continue" ones, + the dictionary must be explicitly provided within parameters +*/ + +FORCE_INLINE int LZ4_decompress_usingDict_generic(const char* source, char* dest, int compressedSize, int maxOutputSize, int safe, const char* dictStart, int dictSize) +{ + if (dictSize==0) + return LZ4_decompress_generic(source, dest, compressedSize, maxOutputSize, safe, full, 0, noDict, (BYTE*)dest, NULL, 0); + if (dictStart+dictSize == dest) { + if (dictSize >= (int)(64 KB - 1)) + return LZ4_decompress_generic(source, dest, compressedSize, maxOutputSize, safe, full, 0, withPrefix64k, (BYTE*)dest-64 KB, NULL, 0); + return LZ4_decompress_generic(source, dest, compressedSize, maxOutputSize, safe, full, 0, noDict, (BYTE*)dest-dictSize, NULL, 0); + } + return LZ4_decompress_generic(source, dest, compressedSize, maxOutputSize, safe, full, 0, usingExtDict, (BYTE*)dest, (const BYTE*)dictStart, dictSize); +} + +int LZ4_decompress_safe_usingDict(const char* source, char* dest, int compressedSize, int maxOutputSize, const char* dictStart, int dictSize) +{ + return LZ4_decompress_usingDict_generic(source, dest, compressedSize, maxOutputSize, 1, dictStart, dictSize); +} + +int LZ4_decompress_fast_usingDict(const char* source, char* dest, int originalSize, const char* dictStart, int dictSize) +{ + return LZ4_decompress_usingDict_generic(source, dest, 0, originalSize, 0, dictStart, dictSize); +} + +/* debug function */ +int LZ4_decompress_safe_forceExtDict(const char* source, char* dest, int compressedSize, int maxOutputSize, const char* dictStart, int dictSize) +{ + return LZ4_decompress_generic(source, dest, compressedSize, maxOutputSize, endOnInputSize, full, 0, usingExtDict, (BYTE*)dest, (const BYTE*)dictStart, dictSize); +} + +#endif + +#if 0 +/*=************************************************* +* Obsolete Functions +***************************************************/ +/* obsolete compression functions */ +int LZ4_compress_limitedOutput(const char* source, char* dest, int inputSize, int maxOutputSize) { return LZ4_compress_default(source, dest, inputSize, maxOutputSize); } +int LZ4_compress(const char* source, char* dest, int inputSize) { return LZ4_compress_default(source, dest, inputSize, LZ4_compressBound(inputSize)); } +int LZ4_compress_limitedOutput_withState (void* state, const char* src, char* dst, int srcSize, int dstSize) { return LZ4_compress_fast_extState(state, src, dst, srcSize, dstSize, 1); } +int LZ4_compress_withState (void* state, const char* src, char* dst, int srcSize) { return LZ4_compress_fast_extState(state, src, dst, srcSize, LZ4_compressBound(srcSize), 1); } +int LZ4_compress_limitedOutput_continue (LZ4_stream_t* LZ4_stream, const char* src, char* dst, int srcSize, int maxDstSize) { return LZ4_compress_fast_continue(LZ4_stream, src, dst, srcSize, maxDstSize, 1); } +int LZ4_compress_continue (LZ4_stream_t* LZ4_stream, const char* source, char* dest, int inputSize) { return LZ4_compress_fast_continue(LZ4_stream, source, dest, inputSize, LZ4_compressBound(inputSize), 1); } + +/* +These function names are deprecated and should no longer be used. +They are only provided here for compatibility with older user programs. +- LZ4_uncompress is totally equivalent to LZ4_decompress_fast +- LZ4_uncompress_unknownOutputSize is totally equivalent to LZ4_decompress_safe +*/ +int LZ4_uncompress (const char* source, char* dest, int outputSize) { return LZ4_decompress_fast(source, dest, outputSize); } +int LZ4_uncompress_unknownOutputSize (const char* source, char* dest, int isize, int maxOutputSize) { return LZ4_decompress_safe(source, dest, isize, maxOutputSize); } + + +/* Obsolete Streaming functions */ + +int LZ4_sizeofStreamState() { return LZ4_STREAMSIZE; } + +static void LZ4_init(LZ4_stream_t* lz4ds, BYTE* base) +{ + MEM_INIT(lz4ds, 0, sizeof(LZ4_stream_t)); + lz4ds->internal_donotuse.bufferStart = base; +} + +int LZ4_resetStreamState(void* state, char* inputBuffer) +{ + if ((((uptrval)state) & 3) != 0) return 1; /* Error : pointer is not aligned on 4-bytes boundary */ + LZ4_init((LZ4_stream_t*)state, (BYTE*)inputBuffer); + return 0; +} + +void* LZ4_create (char* inputBuffer) +{ + LZ4_stream_t* lz4ds = (LZ4_stream_t*)ALLOCATOR(8, sizeof(LZ4_stream_t)); + LZ4_init (lz4ds, (BYTE*)inputBuffer); + return lz4ds; +} + +char* LZ4_slideInputBuffer (void* LZ4_Data) +{ + LZ4_stream_t_internal* ctx = &((LZ4_stream_t*)LZ4_Data)->internal_donotuse; + int dictSize = LZ4_saveDict((LZ4_stream_t*)LZ4_Data, (char*)ctx->bufferStart, 64 KB); + return (char*)(ctx->bufferStart + dictSize); +} + +/* Obsolete streaming decompression functions */ + +int LZ4_decompress_safe_withPrefix64k(const char* source, char* dest, int compressedSize, int maxOutputSize) +{ + return LZ4_decompress_generic(source, dest, compressedSize, maxOutputSize, endOnInputSize, full, 0, withPrefix64k, (BYTE*)dest - 64 KB, NULL, 64 KB); +} + +int LZ4_decompress_fast_withPrefix64k(const char* source, char* dest, int originalSize) +{ + return LZ4_decompress_generic(source, dest, 0, originalSize, endOnOutputSize, full, 0, withPrefix64k, (BYTE*)dest - 64 KB, NULL, 64 KB); +} +#endif + +#endif /* LZ4_COMMONDEFS_ONLY */ + +} // anonymous namespace + +/************************************************************************** */ +/************************************************************************** */ + const unsigned char Packet::ZERO_KEY[32] = { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 }; #ifdef ZT_TRACE const char *Packet::verbString(Verb v) - throw() { switch(v) { case VERB_NOP: return "NOP"; @@ -40,20 +1942,18 @@ const char *Packet::verbString(Verb v) case VERB_MULTICAST_LIKE: return "MULTICAST_LIKE"; case VERB_NETWORK_CREDENTIALS: return "NETWORK_CREDENTIALS"; case VERB_NETWORK_CONFIG_REQUEST: return "NETWORK_CONFIG_REQUEST"; - case VERB_NETWORK_CONFIG: return "NETWORK_CONFIG_REFRESH"; + case VERB_NETWORK_CONFIG: return "NETWORK_CONFIG"; case VERB_MULTICAST_GATHER: return "MULTICAST_GATHER"; case VERB_MULTICAST_FRAME: return "MULTICAST_FRAME"; case VERB_PUSH_DIRECT_PATHS: return "PUSH_DIRECT_PATHS"; case VERB_CIRCUIT_TEST: return "CIRCUIT_TEST"; case VERB_CIRCUIT_TEST_REPORT: return "CIRCUIT_TEST_REPORT"; - case VERB_REQUEST_PROOF_OF_WORK: return "REQUEST_PROOF_OF_WORK"; case VERB_USER_MESSAGE: return "USER_MESSAGE"; } return "(unknown)"; } const char *Packet::errorString(ErrorCode e) - throw() { switch(e) { case ERROR_NONE: return "NONE"; @@ -71,54 +1971,70 @@ const char *Packet::errorString(ErrorCode e) #endif // ZT_TRACE -void Packet::armor(const void *key,bool encryptPayload) +void Packet::armor(const void *key,bool encryptPayload,unsigned int counter) { - unsigned char mangledKey[32]; - unsigned char macKey[32]; - unsigned char mac[16]; - const unsigned int payloadLen = size() - ZT_PACKET_IDX_VERB; - unsigned char *const payload = field(ZT_PACKET_IDX_VERB,payloadLen); + uint8_t mangledKey[32],macKey[32],mac[16]; + uint8_t *const data = reinterpret_cast<uint8_t *>(unsafeData()); + + // Mask least significant 3 bits of packet ID with counter to embed packet send counter for QoS use + data[7] = (data[7] & 0xf8) | ((uint8_t)counter & 0x07); // Set flag now, since it affects key mangle function setCipher(encryptPayload ? ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012 : ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_NONE); _salsa20MangleKey((const unsigned char *)key,mangledKey); - Salsa20 s20(mangledKey,256,field(ZT_PACKET_IDX_IV,8)/*,ZT_PROTO_SALSA20_ROUNDS*/); + Salsa20 s20(mangledKey,256,data + ZT_PACKET_IDX_IV); // MAC key is always the first 32 bytes of the Salsa20 key stream // This is the same construction DJB's NaCl library uses - s20.encrypt12(ZERO_KEY,macKey,sizeof(macKey)); + s20.crypt12(ZERO_KEY,macKey,sizeof(macKey)); + uint8_t *const payload = data + ZT_PACKET_IDX_VERB; + const unsigned int payloadLen = size() - ZT_PACKET_IDX_VERB; if (encryptPayload) - s20.encrypt12(payload,payload,payloadLen); - + s20.crypt12(payload,payload,payloadLen); Poly1305::compute(mac,payload,payloadLen,macKey); - memcpy(field(ZT_PACKET_IDX_MAC,8),mac,8); + memcpy(data + ZT_PACKET_IDX_MAC,mac,8); } bool Packet::dearmor(const void *key) { - unsigned char mangledKey[32]; - unsigned char macKey[32]; - unsigned char mac[16]; + uint8_t mangledKey[32],macKey[32],mac[16]; + uint8_t *const data = reinterpret_cast<uint8_t *>(unsafeData()); const unsigned int payloadLen = size() - ZT_PACKET_IDX_VERB; - unsigned char *const payload = field(ZT_PACKET_IDX_VERB,payloadLen); - unsigned int cs = cipher(); + unsigned char *const payload = data + ZT_PACKET_IDX_VERB; + const unsigned int cs = cipher(); if ((cs == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_NONE)||(cs == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012)) { _salsa20MangleKey((const unsigned char *)key,mangledKey); - Salsa20 s20(mangledKey,256,field(ZT_PACKET_IDX_IV,8)/*,ZT_PROTO_SALSA20_ROUNDS*/); + Salsa20 s20(mangledKey,256,data + ZT_PACKET_IDX_IV); - s20.encrypt12(ZERO_KEY,macKey,sizeof(macKey)); + s20.crypt12(ZERO_KEY,macKey,sizeof(macKey)); Poly1305::compute(mac,payload,payloadLen,macKey); - if (!Utils::secureEq(mac,field(ZT_PACKET_IDX_MAC,8),8)) - return false; + if (!Utils::secureEq(mac,data + ZT_PACKET_IDX_MAC,8)) + return false; // MAC failed, packet is corrupt, modified, or is not from the sender if (cs == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012) - s20.decrypt12(payload,payload,payloadLen); + s20.crypt12(payload,payload,payloadLen); return true; - } else return false; // unrecognized cipher suite + } else { + return false; // unrecognized cipher suite + } +} + +void Packet::cryptField(const void *key,unsigned int start,unsigned int len) +{ + unsigned char mangledKey[32]; + unsigned char macKey[32]; + _salsa20MangleKey((const unsigned char *)key,mangledKey); + mangledKey[0] ^= 0x7f; + mangledKey[1] ^= ((start >> 8) & 0xff); + mangledKey[2] ^= (start & 0xff); // slightly alter key for this use case as an added guard against key stream reuse + Salsa20 s20(mangledKey,256,field(ZT_PACKET_IDX_IV,8)); + s20.crypt12(ZERO_KEY,macKey,sizeof(macKey)); // discard the first 32 bytes of key stream (the ones use for MAC in armor()) as a precaution + unsigned char *const ptr = field(start,len); + s20.crypt12(ptr,ptr,len); } bool Packet::compress() @@ -126,7 +2042,7 @@ bool Packet::compress() unsigned char buf[ZT_PROTO_MAX_PACKET_LENGTH * 2]; if ((!compressed())&&(size() > (ZT_PACKET_IDX_PAYLOAD + 32))) { int pl = (int)(size() - ZT_PACKET_IDX_PAYLOAD); - int cl = LZ4_compress((const char *)field(ZT_PACKET_IDX_PAYLOAD,(unsigned int)pl),(char *)buf,pl); + int cl = LZ4_compress_fast((const char *)field(ZT_PACKET_IDX_PAYLOAD,(unsigned int)pl),(char *)buf,pl,ZT_PROTO_MAX_PACKET_LENGTH * 2,2); if ((cl > 0)&&(cl < pl)) { (*this)[ZT_PACKET_IDX_VERB] |= (char)ZT_PROTO_VERB_FLAG_COMPRESSED; setSize((unsigned int)cl + ZT_PACKET_IDX_PAYLOAD); diff --git a/node/Packet.hpp b/node/Packet.hpp index cc3d323b..fb332b7d 100644 --- a/node/Packet.hpp +++ b/node/Packet.hpp @@ -34,11 +34,11 @@ #include "Utils.hpp" #include "Buffer.hpp" -#ifdef ZT_USE_SYSTEM_LZ4 -#include <lz4.h> -#else -#include "../ext/lz4/lz4.h" -#endif +//#ifdef ZT_USE_SYSTEM_LZ4 +//#include <lz4.h> +//#else +//#include "../ext/lz4/lz4.h" +//#endif /** * Protocol version -- incremented only for major changes @@ -59,15 +59,17 @@ * + Otherwise backward compatible with protocol v4 * 6 - 1.1.5 ... 1.1.10 * + Network configuration format revisions including binary values - * 7 - 1.1.10 -- 1.2.0 + * 7 - 1.1.10 ... 1.1.17 * + Introduce trusted paths for local SDN use - * 8 - 1.2.0 -- CURRENT + * 8 - 1.1.17 ... 1.2.0 * + Multipart network configurations for large network configs * + Tags and Capabilities * + Inline push of CertificateOfMembership deprecated * + Certificates of representation for federation and mesh + * 9 - 1.2.0 ... CURRENT + * + In-band encoding of packet counter for link quality measurement */ -#define ZT_PROTO_VERSION 8 +#define ZT_PROTO_VERSION 9 /** * Minimum supported protocol version @@ -351,7 +353,7 @@ namespace ZeroTier { * ZeroTier packet * * Packet format: - * <[8] 64-bit random packet ID and crypto initialization vector> + * <[8] 64-bit packet ID / crypto IV / packet counter> * <[5] destination ZT address> * <[5] source ZT address> * <[1] flags/cipher/hops> @@ -362,6 +364,14 @@ namespace ZeroTier { * * Packets smaller than 28 bytes are invalid and silently discarded. * + * The 64-bit packet ID is a strongly random value used as a crypto IV. + * Its least significant 3 bits are also used as a monotonically increasing + * (and looping) counter for sending packets to a particular recipient. This + * can be used for link quality monitoring and reporting and has no crypto + * impact as it does not increase the likelihood of an IV collision. (The + * crypto we use is not sensitive to the nature of the IV, only that it does + * not repeat.) + * * The flags/cipher/hops bit field is: FFCCCHHH where C is a 3-bit cipher * selection allowing up to 7 cipher suites, F is outside-envelope flags, * and H is hop count. @@ -531,43 +541,53 @@ public: VERB_NOP = 0x00, /** - * Announcement of a node's existence: + * Announcement of a node's existence and vitals: * <[1] protocol version> * <[1] software major version> * <[1] software minor version> * <[2] software revision> - * <[8] timestamp (ms since epoch)> + * <[8] timestamp for determining latency> * <[...] binary serialized identity (see Identity)> - * <[1] destination address type> - * [<[...] destination address to which packet was sent>] - * <[8] 64-bit world ID of current world> - * <[8] 64-bit timestamp of current world> - * - * This is the only message that ever must be sent in the clear, since it - * is used to push an identity to a new peer. - * - * The destination address is the wire address to which this packet is - * being sent, and in OK is *also* the destination address of the OK - * packet. This can be used by the receiver to detect NAT, learn its real - * external address if behind NAT, and detect changes to its external - * address that require re-establishing connectivity. - * - * Destination address types and formats (not all of these are used now): - * 0x00 - None -- no destination address data present - * 0x01 - Ethernet address -- format: <[6] Ethernet MAC> - * 0x04 - 6-byte IPv4 UDP address/port -- format: <[4] IP>, <[2] port> - * 0x06 - 18-byte IPv6 UDP address/port -- format: <[16] IP>, <[2] port> + * <[...] physical destination address of packet> + * <[8] 64-bit world ID of current planet> + * <[8] 64-bit timestamp of current planet> + * [... remainder if packet is encrypted using cryptField() ...] + * <[2] 16-bit number of moons> + * [<[1] 8-bit type ID of moon>] + * [<[8] 64-bit world ID of moon>] + * [<[8] 64-bit timestamp of moon>] + * [... additional moon type/ID/timestamp tuples ...] + * <[2] 16-bit length of certificate of representation> + * [... certificate of representation ...] + * + * HELLO is sent in the clear as it is how peers share their identity + * public keys. A few additional fields are sent in the clear too, but + * these are things that are public info or are easy to determine. As + * of 1.2.0 we have added a few more fields, but since these could have + * the potential to be sensitive we introduced the encryption of the + * remainder of the packet. See cryptField(). Packet MAC is still + * performed of course, so authentication occurs as normal. + * + * Destination address is the actual wire address to which the packet + * was sent. See InetAddress::serialize() for format. * * OK payload: - * <[8] timestamp (echoed from original HELLO)> - * <[1] protocol version (of responder)> - * <[1] software major version (of responder)> - * <[1] software minor version (of responder)> - * <[2] software revision (of responder)> - * <[1] destination address type (for this OK, not copied from HELLO)> - * [<[...] destination address>] - * <[2] 16-bit length of world update or 0 if none> - * [[...] world update] + * <[8] HELLO timestamp field echo> + * <[1] protocol version> + * <[1] software major version> + * <[1] software minor version> + * <[2] software revision> + * <[...] physical destination address of packet> + * <[2] 16-bit length of world update(s) or 0 if none> + * [[...] updates to planets and/or moons] + * <[2] 16-bit length of certificate of representation> + * [... certificate of representation ...] + * + * With the exception of the timestamp, the other fields pertain to the + * respondent who is sending OK and are not echoes. + * + * Note that OK is fully encrypted so no selective cryptField() of + * potentially sensitive fields is needed. * * ERROR has no payload. */ @@ -617,10 +637,8 @@ public: * <[1] protocol address length (4 for IPv4, 16 for IPv6)> * <[...] protocol address (network byte order)> * - * This is sent by a relaying node to initiate NAT traversal between two - * peers that are communicating by way of indirect relay. The relay will - * send this to both peers at the same time on a periodic basis, telling - * each where it might find the other on the network. + * An upstream node can send this to inform both sides of a relay of + * information they might use to establish a direct connection. * * Upon receipt a peer sends HELLO to establish a direct link. * @@ -713,8 +731,7 @@ public: /** * Network credentials push: - * <[...] serialized certificate of membership> - * [<[...] additional certificates of membership>] + * [<[...] one or more certificates of membership>] * <[1] 0x00, null byte marking end of COM array> * <[2] 16-bit number of capabilities> * <[...] one or more serialized Capability> @@ -722,6 +739,8 @@ public: * <[...] one or more serialized Tags> * <[2] 16-bit number of revocations> * <[...] one or more serialized Revocations> + * <[2] 16-bit number of certificates of ownership> + * <[...] one or more serialized CertificateOfOwnership> * * This can be sent by anyone at any time to push network credentials. * These will of course only be accepted if they are properly signed. @@ -891,8 +910,6 @@ public: */ VERB_MULTICAST_FRAME = 0x0e, - // 0x0f is reserved for an old deprecated message - /** * Push of potential endpoints for direct communication: * <[2] 16-bit number of paths> @@ -1023,8 +1040,7 @@ public: * <[1] 8-bit packet hop count of received CIRCUIT_TEST> * <[...] local wire address on which packet was received> * <[...] remote wire address from which packet was received> - * <[2] 16-bit length of additional fields> - * <[...] additional fields> + * <[2] 16-bit path link quality of path over which packet was received> * <[1] 8-bit number of next hops (breadth)> * <[...] next hop information> * @@ -1045,49 +1061,6 @@ public: VERB_CIRCUIT_TEST_REPORT = 0x12, /** - * Request proof of work: - * <[1] 8-bit proof of work type> - * <[1] 8-bit proof of work difficulty> - * <[2] 16-bit length of proof of work challenge> - * <[...] proof of work challenge> - * - * This requests that a peer perform a proof of work calucation. It can be - * sent by highly trusted peers (e.g. root servers, network controllers) - * under suspected denial of service conditions in an attempt to filter - * out "non-serious" peers and remain responsive to those proving their - * intent to actually communicate. - * - * If the peer obliges to perform the work, it does so and responds with - * an OK containing the result. Otherwise it may ignore the message or - * response with an ERROR_INVALID_REQUEST or ERROR_UNSUPPORTED_OPERATION. - * - * Proof of work type IDs: - * 0x01 - Salsa20/12+SHA512 hashcash function - * - * Salsa20/12+SHA512 is based on the following composite hash function: - * - * (1) Compute SHA512(candidate) - * (2) Use the first 256 bits of the result of #1 as a key to encrypt - * 131072 zero bytes with Salsa20/12 (with a zero IV). - * (3) Compute SHA512(the result of step #2) - * (4) Accept this candiate if the first [difficulty] bits of the result - * from step #3 are zero. Otherwise generate a new candidate and try - * again. - * - * This is performed repeatedly on candidates generated by appending the - * supplied challenge to an arbitrary nonce until a valid candidate - * is found. This chosen prepended nonce is then returned as the result - * in OK. - * - * OK payload: - * <[2] 16-bit length of result> - * <[...] computed proof of work> - * - * ERROR has no payload. - */ - VERB_REQUEST_PROOF_OF_WORK = 0x13, - - /** * A message with arbitrary user-definable content: * <[8] 64-bit arbitrary message type ID> * [<[...] message payload>] @@ -1095,6 +1068,10 @@ public: * This can be used to send arbitrary messages over VL1. It generates no * OK or ERROR and has no special semantics outside of whatever the user * (via the ZeroTier core API) chooses to give it. + * + * Message type IDs less than or equal to 65535 are reserved for use by + * ZeroTier, Inc. itself. We recommend making up random ones for your own + * implementations. */ VERB_USER_MESSAGE = 0x14 }; @@ -1133,10 +1110,8 @@ public: }; #ifdef ZT_TRACE - static const char *verbString(Verb v) - throw(); - static const char *errorString(ErrorCode e) - throw(); + static const char *verbString(Verb v); + static const char *errorString(ErrorCode e); #endif template<unsigned int C2> @@ -1334,11 +1309,22 @@ public: /** * Get this packet's unique ID (the IV field interpreted as uint64_t) * + * Note that the least significant 3 bits of this ID will change when armor() + * is called to armor the packet for transport. This is because armor() will + * mask the last 3 bits against the send counter for QoS monitoring use prior + * to actually using the IV to encrypt and MAC the packet. Be aware of this + * when grabbing the packetId of a new packet prior to armor/send. + * * @return Packet ID */ inline uint64_t packetId() const { return at<uint64_t>(ZT_PACKET_IDX_IV); } /** + * @return Value of link quality counter extracted from this packet's ID, range 0 to 7 (3 bits) + */ + inline unsigned int linkQualityCounter() const { return (unsigned int)(reinterpret_cast<const uint8_t *>(data())[7] & 7); } + + /** * Set packet verb * * This also has the side-effect of clearing any verb flags, such as @@ -1368,8 +1354,9 @@ public: * * @param key 32-byte key * @param encryptPayload If true, encrypt packet payload, else just MAC + * @param counter Packet send counter for destination peer -- only least significant 3 bits are used */ - void armor(const void *key,bool encryptPayload); + void armor(const void *key,bool encryptPayload,unsigned int counter); /** * Verify and (if encrypted) decrypt packet @@ -1384,6 +1371,27 @@ public: bool dearmor(const void *key); /** + * Encrypt/decrypt a separately armored portion of a packet + * + * This currently uses Salsa20/12, but any message that uses this should + * incorporate a cipher selector to permit this to be changed later. To + * ensure that key stream is not reused, the key is slightly altered for + * this use case and the same initial 32 keystream bytes that are taken + * for MAC in ordinary armor() are also skipped here. + * + * This is currently only used to mask portions of HELLO as an extra + * security precation since most of that message is sent in the clear. + * + * This must NEVER be used more than once in the same packet, as doing + * so will result in re-use of the same key stream. + * + * @param key 32-byte key + * @param start Start of encrypted portion + * @param len Length of encrypted portion + */ + void cryptField(const void *key,unsigned int start,unsigned int len); + + /** * Attempt to compress payload if not already (must be unencrypted) * * This requires that the payload at least contain the verb byte already diff --git a/node/Path.hpp b/node/Path.hpp index 5993be69..62f29c22 100644 --- a/node/Path.hpp +++ b/node/Path.hpp @@ -21,6 +21,7 @@ #include <stdint.h> #include <string.h> +#include <stdlib.h> #include <stdexcept> #include <algorithm> @@ -30,6 +31,7 @@ #include "SharedPtr.hpp" #include "AtomicCounter.hpp" #include "NonCopyable.hpp" +#include "Utils.hpp" /** * Maximum return value of preferenceRank() @@ -105,20 +107,34 @@ public: _lastOut(0), _lastIn(0), _lastTrustEstablishedPacketReceived(0), + _incomingLinkQualityFastLog(0xffffffffffffffffULL), + _incomingLinkQualitySlowLogPtr(0), + _incomingLinkQualitySlowLogCounter(-64), // discard first fast log + _incomingLinkQualityPreviousPacketCounter(0), + _outgoingPacketCounter(0), _addr(), _localAddress(), _ipScope(InetAddress::IP_SCOPE_NONE) { + for(int i=0;i<(int)sizeof(_incomingLinkQualitySlowLog);++i) + _incomingLinkQualitySlowLog[i] = ZT_PATH_LINK_QUALITY_MAX; } Path(const InetAddress &localAddress,const InetAddress &addr) : _lastOut(0), _lastIn(0), _lastTrustEstablishedPacketReceived(0), + _incomingLinkQualityFastLog(0xffffffffffffffffULL), + _incomingLinkQualitySlowLogPtr(0), + _incomingLinkQualitySlowLogCounter(-64), // discard first fast log + _incomingLinkQualityPreviousPacketCounter(0), + _outgoingPacketCounter(0), _addr(addr), _localAddress(localAddress), _ipScope(addr.ipScope()) { + for(int i=0;i<(int)sizeof(_incomingLinkQualitySlowLog);++i) + _incomingLinkQualitySlowLog[i] = ZT_PATH_LINK_QUALITY_MAX; } /** @@ -129,6 +145,39 @@ public: inline void received(const uint64_t t) { _lastIn = t; } /** + * Update link quality using a counter from an incoming packet (or packet head in fragmented case) + * + * @param counter Packet link quality counter (range 0 to 7, must not have other bits set) + */ + inline void updateLinkQuality(const unsigned int counter) + { + const unsigned int prev = _incomingLinkQualityPreviousPacketCounter; + _incomingLinkQualityPreviousPacketCounter = counter; + const uint64_t fl = (_incomingLinkQualityFastLog = ((_incomingLinkQualityFastLog << 1) | (uint64_t)(prev == ((counter - 1) & 0x7)))); + if (++_incomingLinkQualitySlowLogCounter >= 64) { + _incomingLinkQualitySlowLogCounter = 0; + _incomingLinkQualitySlowLog[_incomingLinkQualitySlowLogPtr++ % sizeof(_incomingLinkQualitySlowLog)] = (uint8_t)Utils::countBits(fl); + } + } + + /** + * @return Link quality from 0 (min) to 255 (max) + */ + inline unsigned int linkQuality() const + { + unsigned long slsize = _incomingLinkQualitySlowLogPtr; + if (slsize > (unsigned long)sizeof(_incomingLinkQualitySlowLog)) + slsize = (unsigned long)sizeof(_incomingLinkQualitySlowLog); + else if (!slsize) + return 255; // ZT_PATH_LINK_QUALITY_MAX + unsigned long lq = 0; + for(unsigned long i=0;i<slsize;++i) + lq += (unsigned long)_incomingLinkQualitySlowLog[i] * 4; + lq /= slsize; + return (unsigned int)((lq >= 255) ? 255 : lq); + } + + /** * Set time last trusted packet was received (done in Peer::received()) */ inline void trustedPacketReceived(const uint64_t t) { _lastTrustEstablishedPacketReceived = t; } @@ -241,13 +290,26 @@ public: */ inline uint64_t lastIn() const { return _lastIn; } + /** + * Return and increment outgoing packet counter (used with Packet::armor()) + * + * @return Next value that should be used for outgoing packet counter (only least significant 3 bits are used) + */ + inline unsigned int nextOutgoingCounter() { return _outgoingPacketCounter++; } + private: - uint64_t _lastOut; - uint64_t _lastIn; - uint64_t _lastTrustEstablishedPacketReceived; + volatile uint64_t _lastOut; + volatile uint64_t _lastIn; + volatile uint64_t _lastTrustEstablishedPacketReceived; + volatile uint64_t _incomingLinkQualityFastLog; + volatile unsigned long _incomingLinkQualitySlowLogPtr; + volatile signed int _incomingLinkQualitySlowLogCounter; + volatile unsigned int _incomingLinkQualityPreviousPacketCounter; + volatile unsigned int _outgoingPacketCounter; InetAddress _addr; InetAddress _localAddress; InetAddress::IpScope _ipScope; // memoize this since it's a computed value checked often + volatile uint8_t _incomingLinkQualitySlowLog[32]; AtomicCounter __refCount; }; diff --git a/node/Peer.cpp b/node/Peer.cpp index 87882dad..fa3ce6c8 100644 --- a/node/Peer.cpp +++ b/node/Peer.cpp @@ -37,13 +37,11 @@ namespace ZeroTier { -// Used to send varying values for NAT keepalive -static uint32_t _natKeepaliveBuf = 0; - Peer::Peer(const RuntimeEnvironment *renv,const Identity &myIdentity,const Identity &peerIdentity) : + RR(renv), _lastReceive(0), - _lastUnicastFrame(0), - _lastMulticastFrame(0), + _lastNontrivialReceive(0), + _lastTriedMemorizedPath(0), _lastDirectPathPushSent(0), _lastDirectPathPushReceive(0), _lastCredentialRequestSent(0), @@ -53,7 +51,6 @@ Peer::Peer(const RuntimeEnvironment *renv,const Identity &myIdentity,const Ident _lastComRequestSent(0), _lastCredentialsReceived(0), _lastTrustEstablishedPacketReceived(0), - RR(renv), _remoteClusterOptimal4(0), _vProto(0), _vMajor(0), @@ -104,7 +101,7 @@ void Peer::received( outp.append(redirectTo.rawIpData(),16); } outp.append((uint16_t)redirectTo.port()); - outp.armor(_key,true); + outp.armor(_key,true,path->nextOutgoingCounter()); path->send(RR,outp.data(),outp.size(),now); } else { // For older peers we use RENDEZVOUS to coax them into contacting us elsewhere. @@ -119,7 +116,7 @@ void Peer::received( outp.append((uint8_t)16); outp.append(redirectTo.rawIpData(),16); } - outp.armor(_key,true); + outp.armor(_key,true,path->nextOutgoingCounter()); path->send(RR,outp.data(),outp.size(),now); } suboptimalPath = true; @@ -128,16 +125,25 @@ void Peer::received( #endif _lastReceive = now; - if ((verb == Packet::VERB_FRAME)||(verb == Packet::VERB_EXT_FRAME)) - _lastUnicastFrame = now; - else if (verb == Packet::VERB_MULTICAST_FRAME) - _lastMulticastFrame = now; + switch (verb) { + case Packet::VERB_FRAME: + case Packet::VERB_EXT_FRAME: + case Packet::VERB_NETWORK_CONFIG_REQUEST: + case Packet::VERB_NETWORK_CONFIG: + case Packet::VERB_MULTICAST_FRAME: + _lastNontrivialReceive = now; + break; + default: break; + } if (trustEstablished) { _lastTrustEstablishedPacketReceived = now; path->trustedPacketReceived(now); } + if (_vProto >= 9) + path->updateLinkQuality((unsigned int)(packetId & 7)); + if (hops == 0) { bool pathIsConfirmed = false; { @@ -155,7 +161,7 @@ void Peer::received( } } - if ( (!pathIsConfirmed) && (RR->node->shouldUsePathForZeroTierTraffic(path->localAddress(),path->address())) ) { + if ( (!pathIsConfirmed) && (RR->node->shouldUsePathForZeroTierTraffic(_id.address(),path->localAddress(),path->address())) ) { if (verb == Packet::VERB_OK) { Mutex::Lock _l(_paths_m); @@ -200,11 +206,11 @@ void Peer::received( #endif } else { TRACE("got %s via unknown path %s(%s), confirming...",Packet::verbString(verb),_id.address().toString().c_str(),path->address().toString().c_str()); - attemptToContactAt(path->localAddress(),path->address(),now); + attemptToContactAt(path->localAddress(),path->address(),now,true,path->nextOutgoingCounter()); path->sent(now); } } - } else if (trustEstablished) { + } else if (this->trustEstablished(now)) { // Send PUSH_DIRECT_PATHS if hops>0 (relayed) and we have a trust relationship (common network membership) #ifdef ZT_ENABLE_CLUSTER // Cluster mode disables normal PUSH_DIRECT_PATHS in favor of cluster-based peer redirection @@ -274,7 +280,7 @@ void Peer::received( if (count) { outp.setAt(ZT_PACKET_IDX_PAYLOAD,(uint16_t)count); - outp.armor(_key,true); + outp.armor(_key,true,path->nextOutgoingCounter()); path->send(RR,outp.data(),outp.size(),now); } } @@ -339,9 +345,10 @@ SharedPtr<Path> Peer::getBestPath(uint64_t now,bool includeExpired) } } -void Peer::sendHELLO(const InetAddress &localAddr,const InetAddress &atAddress,uint64_t now) +void Peer::sendHELLO(const InetAddress &localAddr,const InetAddress &atAddress,uint64_t now,unsigned int counter) { Packet outp(_id.address(),RR->identity.address(),Packet::VERB_HELLO); + outp.append((unsigned char)ZT_PROTO_VERSION); outp.append((unsigned char)ZEROTIER_ONE_VERSION_MAJOR); outp.append((unsigned char)ZEROTIER_ONE_VERSION_MINOR); @@ -349,22 +356,62 @@ void Peer::sendHELLO(const InetAddress &localAddr,const InetAddress &atAddress,u outp.append(now); RR->identity.serialize(outp,false); atAddress.serialize(outp); - outp.append((uint64_t)RR->topology->worldId()); - outp.append((uint64_t)RR->topology->worldTimestamp()); + + outp.append((uint64_t)RR->topology->planetWorldId()); + outp.append((uint64_t)RR->topology->planetWorldTimestamp()); + + const unsigned int startCryptedPortionAt = outp.size(); + + std::vector<World> moons(RR->topology->moons()); + std::vector<uint64_t> moonsWanted(RR->topology->moonsWanted()); + outp.append((uint16_t)(moons.size() + moonsWanted.size())); + for(std::vector<World>::const_iterator m(moons.begin());m!=moons.end();++m) { + outp.append((uint8_t)m->type()); + outp.append((uint64_t)m->id()); + outp.append((uint64_t)m->timestamp()); + } + for(std::vector<uint64_t>::const_iterator m(moonsWanted.begin());m!=moonsWanted.end();++m) { + outp.append((uint8_t)World::TYPE_MOON); + outp.append(*m); + outp.append((uint64_t)0); + } + + const unsigned int corSizeAt = outp.size(); + outp.addSize(2); + RR->topology->appendCertificateOfRepresentation(outp); + outp.setAt(corSizeAt,(uint16_t)(outp.size() - (corSizeAt + 2))); + + outp.cryptField(_key,startCryptedPortionAt,outp.size() - startCryptedPortionAt); + RR->node->expectReplyTo(outp.packetId()); - outp.armor(_key,false); // HELLO is sent in the clear - RR->node->putPacket(localAddr,atAddress,outp.data(),outp.size()); + + if (atAddress) { + outp.armor(_key,false,counter); // false == don't encrypt full payload, but add MAC + RR->node->putPacket(localAddr,atAddress,outp.data(),outp.size()); + } else { + RR->sw->send(outp,false); // false == don't encrypt full payload, but add MAC + } } -void Peer::attemptToContactAt(const InetAddress &localAddr,const InetAddress &atAddress,uint64_t now) +void Peer::attemptToContactAt(const InetAddress &localAddr,const InetAddress &atAddress,uint64_t now,bool sendFullHello,unsigned int counter) { - if ( (_vProto >= 5) && ( !((_vMajor == 1)&&(_vMinor == 1)&&(_vRevision == 0)) ) ) { + if ( (!sendFullHello) && (_vProto >= 5) && (!((_vMajor == 1)&&(_vMinor == 1)&&(_vRevision == 0))) ) { Packet outp(_id.address(),RR->identity.address(),Packet::VERB_ECHO); RR->node->expectReplyTo(outp.packetId()); - outp.armor(_key,true); + outp.armor(_key,true,counter); RR->node->putPacket(localAddr,atAddress,outp.data(),outp.size()); } else { - sendHELLO(localAddr,atAddress,now); + sendHELLO(localAddr,atAddress,now,counter); + } +} + +void Peer::tryMemorizedPath(uint64_t now) +{ + if ((now - _lastTriedMemorizedPath) >= ZT_TRY_MEMORIZED_PATH_INTERVAL) { + _lastTriedMemorizedPath = now; + InetAddress mp; + if (RR->node->externalPathLookup(_id.address(),-1,mp)) + attemptToContactAt(InetAddress(),mp,now,true,0); } } @@ -385,12 +432,9 @@ bool Peer::doPingAndKeepalive(uint64_t now,int inetAddressFamily) } if (bestp >= 0) { - if ((now - _paths[bestp].lastReceive) >= ZT_PEER_PING_PERIOD) { - attemptToContactAt(_paths[bestp].path->localAddress(),_paths[bestp].path->address(),now); + if ( ((now - _paths[bestp].lastReceive) >= ZT_PEER_PING_PERIOD) || (_paths[bestp].path->needsHeartbeat(now)) ) { + attemptToContactAt(_paths[bestp].path->localAddress(),_paths[bestp].path->address(),now,false,_paths[bestp].path->nextOutgoingCounter()); _paths[bestp].path->sent(now); - } else if (_paths[bestp].path->needsHeartbeat(now)) { - _natKeepaliveBuf += (uint32_t)((now * 0x9e3779b1) >> 1); // tumble this around to send constantly varying (meaningless) payloads - _paths[bestp].path->send(RR,&_natKeepaliveBuf,sizeof(_natKeepaliveBuf),now); } return true; } else { @@ -413,14 +457,14 @@ void Peer::resetWithinScope(InetAddress::IpScope scope,int inetAddressFamily,uin Mutex::Lock _l(_paths_m); for(unsigned int p=0;p<_numPaths;++p) { if ( (_paths[p].path->address().ss_family == inetAddressFamily) && (_paths[p].path->address().ipScope() == scope) ) { - attemptToContactAt(_paths[p].path->localAddress(),_paths[p].path->address(),now); + attemptToContactAt(_paths[p].path->localAddress(),_paths[p].path->address(),now,false,_paths[p].path->nextOutgoingCounter()); _paths[p].path->sent(now); _paths[p].lastReceive = 0; // path will not be used unless it speaks again } } } -void Peer::getBestActiveAddresses(uint64_t now,InetAddress &v4,InetAddress &v6) const +void Peer::getRendezvousAddresses(uint64_t now,InetAddress &v4,InetAddress &v6) const { Mutex::Lock _l(_paths_m); diff --git a/node/Peer.hpp b/node/Peer.hpp index d0589ccf..783f48b8 100644 --- a/node/Peer.hpp +++ b/node/Peer.hpp @@ -137,7 +137,7 @@ public: * Get the best current direct path * * @param now Current time - * @param includeDead If true, include even expired paths + * @param includeExpired If true, include even expired paths * @return Best current path or NULL if none */ SharedPtr<Path> getBestPath(uint64_t now,bool includeExpired); @@ -150,8 +150,9 @@ public: * @param localAddr Local address * @param atAddress Destination address * @param now Current time + * @param counter Outgoing packet counter */ - void sendHELLO(const InetAddress &localAddr,const InetAddress &atAddress,uint64_t now); + void sendHELLO(const InetAddress &localAddr,const InetAddress &atAddress,uint64_t now,unsigned int counter); /** * Send ECHO (or HELLO for older peers) to this peer at the given address @@ -161,8 +162,17 @@ public: * @param localAddr Local address * @param atAddress Destination address * @param now Current time + * @param sendFullHello If true, always send a full HELLO instead of just an ECHO + * @param counter Outgoing packet counter */ - void attemptToContactAt(const InetAddress &localAddr,const InetAddress &atAddress,uint64_t now); + void attemptToContactAt(const InetAddress &localAddr,const InetAddress &atAddress,uint64_t now,bool sendFullHello,unsigned int counter); + + /** + * Try a memorized or statically defined path if any are known + * + * Under the hood this is done periodically based on ZT_TRY_MEMORIZED_PATH_INTERVAL. + */ + void tryMemorizedPath(uint64_t now); /** * Send pings or keepalives depending on configured timeouts @@ -201,7 +211,7 @@ public: * @param v4 Result parameter to receive active IPv4 address, if any * @param v6 Result parameter to receive active IPv6 address, if any */ - void getBestActiveAddresses(uint64_t now,InetAddress &v4,InetAddress &v6) const; + void getRendezvousAddresses(uint64_t now,InetAddress &v4,InetAddress &v6) const; /** * @param now Current time @@ -227,24 +237,9 @@ public: inline bool isAlive(const uint64_t now) const { return ((now - _lastReceive) < ZT_PEER_ACTIVITY_TIMEOUT); } /** - * @return Time of most recent unicast frame received - */ - inline uint64_t lastUnicastFrame() const { return _lastUnicastFrame; } - - /** - * @return Time of most recent multicast frame received - */ - inline uint64_t lastMulticastFrame() const { return _lastMulticastFrame; } - - /** - * @return Time of most recent frame of any kind (unicast or multicast) - */ - inline uint64_t lastFrame() const { return std::max(_lastUnicastFrame,_lastMulticastFrame); } - - /** * @return True if this peer has sent us real network traffic recently */ - inline uint64_t isActive(uint64_t now) const { return ((now - lastFrame()) < ZT_PEER_ACTIVITY_TIMEOUT); } + inline uint64_t isActive(uint64_t now) const { return ((now - _lastNontrivialReceive) < ZT_PEER_ACTIVITY_TIMEOUT); } /** * @return Latency in milliseconds or 0 if unknown @@ -418,26 +413,6 @@ public: return false; } - /** - * Find a common set of addresses by which two peers can link, if any - * - * @param a Peer A - * @param b Peer B - * @param now Current time - * @return Pair: B's address (to send to A), A's address (to send to B) - */ - static inline std::pair<InetAddress,InetAddress> findCommonGround(const Peer &a,const Peer &b,uint64_t now) - { - std::pair<InetAddress,InetAddress> v4,v6; - b.getBestActiveAddresses(now,v4.first,v6.first); - a.getBestActiveAddresses(now,v4.second,v6.second); - if ((v6.first)&&(v6.second)) // prefer IPv6 if both have it since NAT-t is (almost) unnecessary - return v6; - else if ((v4.first)&&(v4.second)) - return v4; - else return std::pair<InetAddress,InetAddress>(); - } - private: inline uint64_t _pathScore(const unsigned int p,const uint64_t now) const { @@ -467,10 +442,12 @@ private: } uint8_t _key[ZT_PEER_SECRET_KEY_LENGTH]; - uint8_t _remoteClusterOptimal6[16]; + + const RuntimeEnvironment *RR; + uint64_t _lastReceive; // direct or indirect - uint64_t _lastUnicastFrame; - uint64_t _lastMulticastFrame; + uint64_t _lastNontrivialReceive; // frames, things like netconf, etc. + uint64_t _lastTriedMemorizedPath; uint64_t _lastDirectPathPushSent; uint64_t _lastDirectPathPushReceive; uint64_t _lastCredentialRequestSent; @@ -480,13 +457,17 @@ private: uint64_t _lastComRequestSent; uint64_t _lastCredentialsReceived; uint64_t _lastTrustEstablishedPacketReceived; - const RuntimeEnvironment *RR; + + uint8_t _remoteClusterOptimal6[16]; uint32_t _remoteClusterOptimal4; + uint16_t _vProto; uint16_t _vMajor; uint16_t _vMinor; uint16_t _vRevision; + Identity _id; + struct { uint64_t lastReceive; SharedPtr<Path> path; @@ -495,6 +476,7 @@ private: #endif } _paths[ZT_MAX_PEER_NETWORK_PATHS]; Mutex _paths_m; + unsigned int _numPaths; unsigned int _latency; unsigned int _directPathPushCutoffCount; diff --git a/node/README.md b/node/README.md index 01378c75..1728400c 100644 --- a/node/README.md +++ b/node/README.md @@ -1,4 +1,4 @@ -ZeroTier Virtual Switch Core +ZeroTier Network Hypervisor Core ====== This directory contains the *real* ZeroTier: a completely OS-independent global virtual Ethernet switch engine. This is where the magic happens. diff --git a/node/Revocation.hpp b/node/Revocation.hpp index 18916985..1697b52f 100644 --- a/node/Revocation.hpp +++ b/node/Revocation.hpp @@ -50,9 +50,10 @@ public: enum CredentialType { CREDENTIAL_TYPE_ALL = 0, - CREDENTIAL_TYPE_COM = 1, + CREDENTIAL_TYPE_COM = 1, // CertificateOfMembership CREDENTIAL_TYPE_CAPABILITY = 2, - CREDENTIAL_TYPE_TAG = 3 + CREDENTIAL_TYPE_TAG = 3, + CREDENTIAL_TYPE_COO = 4 // CertificateOfOwnership }; Revocation() @@ -88,8 +89,8 @@ public: { if (signer.hasPrivate()) { Buffer<sizeof(Revocation) + 64> tmp; - this->serialize(tmp,true); _signedBy = signer.address(); + this->serialize(tmp,true); _signature = signer.sign(tmp.data(),tmp.size()); return true; } @@ -152,6 +153,8 @@ public: memcpy(_signature.data,b.field(p,ZT_C25519_SIGNATURE_LEN),ZT_C25519_SIGNATURE_LEN); p += ZT_C25519_SIGNATURE_LEN; } else throw std::runtime_error("invalid signature"); + } else { + p += 2 + b.template at<uint16_t>(p); } p += 2 + b.template at<uint16_t>(p); diff --git a/node/Salsa20.cpp b/node/Salsa20.cpp index 3aa19ac6..1a4641f7 100644 --- a/node/Salsa20.cpp +++ b/node/Salsa20.cpp @@ -123,7 +123,7 @@ void Salsa20::init(const void *key,unsigned int kbits,const void *iv) #endif } -void Salsa20::encrypt12(const void *in,void *out,unsigned int bytes) +void Salsa20::crypt12(const void *in,void *out,unsigned int bytes) throw() { uint8_t tmp[64]; @@ -623,7 +623,7 @@ void Salsa20::encrypt12(const void *in,void *out,unsigned int bytes) } } -void Salsa20::encrypt20(const void *in,void *out,unsigned int bytes) +void Salsa20::crypt20(const void *in,void *out,unsigned int bytes) throw() { uint8_t tmp[64]; diff --git a/node/Salsa20.hpp b/node/Salsa20.hpp index 7e4c1e53..6405d450 100644 --- a/node/Salsa20.hpp +++ b/node/Salsa20.hpp @@ -56,51 +56,25 @@ public: throw(); /** - * Encrypt data using Salsa20/12 + * Encrypt/decrypt data using Salsa20/12 * * @param in Input data * @param out Output buffer * @param bytes Length of data */ - void encrypt12(const void *in,void *out,unsigned int bytes) + void crypt12(const void *in,void *out,unsigned int bytes) throw(); /** - * Encrypt data using Salsa20/20 + * Encrypt/decrypt data using Salsa20/20 * * @param in Input data * @param out Output buffer * @param bytes Length of data */ - void encrypt20(const void *in,void *out,unsigned int bytes) + void crypt20(const void *in,void *out,unsigned int bytes) throw(); - /** - * Decrypt data - * - * @param in Input data - * @param out Output buffer - * @param bytes Length of data - */ - inline void decrypt12(const void *in,void *out,unsigned int bytes) - throw() - { - encrypt12(in,out,bytes); - } - - /** - * Decrypt data - * - * @param in Input data - * @param out Output buffer - * @param bytes Length of data - */ - inline void decrypt20(const void *in,void *out,unsigned int bytes) - throw() - { - encrypt20(in,out,bytes); - } - private: union { #ifdef ZT_SALSA20_SSE diff --git a/node/Switch.cpp b/node/Switch.cpp index 82b13483..0392aec1 100644 --- a/node/Switch.cpp +++ b/node/Switch.cpp @@ -64,10 +64,6 @@ Switch::Switch(const RuntimeEnvironment *renv) : { } -Switch::~Switch() -{ -} - void Switch::onRemotePacket(const InetAddress &localAddr,const InetAddress &fromAddr,const void *data,unsigned int len) { try { @@ -82,17 +78,17 @@ void Switch::onRemotePacket(const InetAddress &localAddr,const InetAddress &from * no longer send these, but we'll listen for them for a while to * locate peers with versions <1.0.4. */ - Address beaconAddr(reinterpret_cast<const char *>(data) + 8,5); + const Address beaconAddr(reinterpret_cast<const char *>(data) + 8,5); if (beaconAddr == RR->identity.address()) return; - if (!RR->node->shouldUsePathForZeroTierTraffic(localAddr,fromAddr)) + if (!RR->node->shouldUsePathForZeroTierTraffic(beaconAddr,localAddr,fromAddr)) return; - SharedPtr<Peer> peer(RR->topology->getPeer(beaconAddr)); + const SharedPtr<Peer> peer(RR->topology->getPeer(beaconAddr)); if (peer) { // we'll only respond to beacons from known peers if ((now - _lastBeaconResponse) >= 2500) { // limit rate of responses _lastBeaconResponse = now; Packet outp(peer->address(),RR->identity.address(),Packet::VERB_NOP); - outp.armor(peer->key(),true); + outp.armor(peer->key(),true,path->nextOutgoingCounter()); path->send(RR,outp.data(),outp.size(),now); } } @@ -105,17 +101,14 @@ void Switch::onRemotePacket(const InetAddress &localAddr,const InetAddress &from const Address destination(fragment.destination()); if (destination != RR->identity.address()) { - switch(RR->node->relayPolicy()) { - case ZT_RELAY_POLICY_ALWAYS: - break; - case ZT_RELAY_POLICY_TRUSTED: - if (!path->trustEstablished(now)) - return; - break; - // case ZT_RELAY_POLICY_NEVER: - default: - return; - } +#ifdef ZT_ENABLE_CLUSTER + const bool isClusterFrontplane = ((RR->cluster)&&(RR->cluster->isClusterPeerFrontplane(fromAddr))); +#else + const bool isClusterFrontplane = false; +#endif + + if ( (!RR->topology->amRoot()) && (!path->trustEstablished(now)) && (!isClusterFrontplane) ) + return; if (fragment.hops() < ZT_RELAY_MAX_HOPS) { fragment.incrementHops(); @@ -125,14 +118,14 @@ void Switch::onRemotePacket(const InetAddress &localAddr,const InetAddress &from SharedPtr<Peer> relayTo = RR->topology->getPeer(destination); if ((!relayTo)||(!relayTo->sendDirect(fragment.data(),fragment.size(),now,false))) { #ifdef ZT_ENABLE_CLUSTER - if (RR->cluster) { - RR->cluster->sendViaCluster(Address(),destination,fragment.data(),fragment.size(),false); + if ((RR->cluster)&&(!isClusterFrontplane)) { + RR->cluster->relayViaCluster(Address(),destination,fragment.data(),fragment.size(),false); return; } #endif - // Don't know peer or no direct path -- so relay via root server - relayTo = RR->topology->getBestRoot(); + // Don't know peer or no direct path -- so relay via someone upstream + relayTo = RR->topology->getUpstreamPeer(); if (relayTo) relayTo->sendDirect(fragment.data(),fragment.size(),now,true); } @@ -192,69 +185,98 @@ void Switch::onRemotePacket(const InetAddress &localAddr,const InetAddress &from } else if (len >= ZT_PROTO_MIN_PACKET_LENGTH) { // min length check is important! // Handle packet head ------------------------------------------------- - // See packet format in Packet.hpp to understand this - const uint64_t packetId = ( - (((uint64_t)reinterpret_cast<const uint8_t *>(data)[0]) << 56) | - (((uint64_t)reinterpret_cast<const uint8_t *>(data)[1]) << 48) | - (((uint64_t)reinterpret_cast<const uint8_t *>(data)[2]) << 40) | - (((uint64_t)reinterpret_cast<const uint8_t *>(data)[3]) << 32) | - (((uint64_t)reinterpret_cast<const uint8_t *>(data)[4]) << 24) | - (((uint64_t)reinterpret_cast<const uint8_t *>(data)[5]) << 16) | - (((uint64_t)reinterpret_cast<const uint8_t *>(data)[6]) << 8) | - ((uint64_t)reinterpret_cast<const uint8_t *>(data)[7]) - ); const Address destination(reinterpret_cast<const uint8_t *>(data) + 8,ZT_ADDRESS_LENGTH); const Address source(reinterpret_cast<const uint8_t *>(data) + 13,ZT_ADDRESS_LENGTH); - // Catch this and toss it -- it would never work, but it could happen if we somehow - // mistakenly guessed an address we're bound to as a destination for another peer. + //TRACE("<< %.16llx %s -> %s (size: %u)",(unsigned long long)packet->packetId(),source.toString().c_str(),destination.toString().c_str(),packet->size()); + +#ifdef ZT_ENABLE_CLUSTER + if ( (source == RR->identity.address()) && ((!RR->cluster)||(!RR->cluster->isClusterPeerFrontplane(fromAddr))) ) + return; +#else if (source == RR->identity.address()) return; - - //TRACE("<< %.16llx %s -> %s (size: %u)",(unsigned long long)packet->packetId(),source.toString().c_str(),destination.toString().c_str(),packet->size()); +#endif if (destination != RR->identity.address()) { - switch(RR->node->relayPolicy()) { - case ZT_RELAY_POLICY_ALWAYS: - break; - case ZT_RELAY_POLICY_TRUSTED: - if (!path->trustEstablished(now)) - return; - break; - // case ZT_RELAY_POLICY_NEVER: - default: - return; - } + if ( (!RR->topology->amRoot()) && (!path->trustEstablished(now)) && (source != RR->identity.address()) ) + return; Packet packet(data,len); if (packet.hops() < ZT_RELAY_MAX_HOPS) { +#ifdef ZT_ENABLE_CLUSTER + if (source != RR->identity.address()) // don't increment hops for cluster frontplane relays + packet.incrementHops(); +#else packet.incrementHops(); +#endif SharedPtr<Peer> relayTo = RR->topology->getPeer(destination); - if ((relayTo)&&((relayTo->sendDirect(packet.data(),packet.size(),now,false)))) { - Mutex::Lock _l(_lastUniteAttempt_m); - uint64_t &luts = _lastUniteAttempt[_LastUniteKey(source,destination)]; - if ((now - luts) >= ZT_MIN_UNITE_INTERVAL) { - luts = now; - unite(source,destination); + if ((relayTo)&&(relayTo->sendDirect(packet.data(),packet.size(),now,false))) { + if ((source != RR->identity.address())&&(_shouldUnite(now,source,destination))) { // don't send RENDEZVOUS for cluster frontplane relays + const InetAddress *hintToSource = (InetAddress *)0; + const InetAddress *hintToDest = (InetAddress *)0; + + InetAddress destV4,destV6; + InetAddress sourceV4,sourceV6; + relayTo->getRendezvousAddresses(now,destV4,destV6); + + const SharedPtr<Peer> sourcePeer(RR->topology->getPeer(source)); + if (sourcePeer) { + sourcePeer->getRendezvousAddresses(now,sourceV4,sourceV6); + if ((destV6)&&(sourceV6)) { + hintToSource = &destV6; + hintToDest = &sourceV6; + } else if ((destV4)&&(sourceV4)) { + hintToSource = &destV4; + hintToDest = &sourceV4; + } + + if ((hintToSource)&&(hintToDest)) { + unsigned int alt = (unsigned int)RR->node->prng() & 1; // randomize which hint we send first for obscure NAT-t reasons + const unsigned int completed = alt + 2; + while (alt != completed) { + if ((alt & 1) == 0) { + Packet outp(source,RR->identity.address(),Packet::VERB_RENDEZVOUS); + outp.append((uint8_t)0); + destination.appendTo(outp); + outp.append((uint16_t)hintToSource->port()); + if (hintToSource->ss_family == AF_INET6) { + outp.append((uint8_t)16); + outp.append(hintToSource->rawIpData(),16); + } else { + outp.append((uint8_t)4); + outp.append(hintToSource->rawIpData(),4); + } + send(outp,true); + } else { + Packet outp(destination,RR->identity.address(),Packet::VERB_RENDEZVOUS); + outp.append((uint8_t)0); + source.appendTo(outp); + outp.append((uint16_t)hintToDest->port()); + if (hintToDest->ss_family == AF_INET6) { + outp.append((uint8_t)16); + outp.append(hintToDest->rawIpData(),16); + } else { + outp.append((uint8_t)4); + outp.append(hintToDest->rawIpData(),4); + } + send(outp,true); + } + ++alt; + } + } + } } } else { #ifdef ZT_ENABLE_CLUSTER - if (RR->cluster) { - bool shouldUnite; - { - Mutex::Lock _l(_lastUniteAttempt_m); - uint64_t &luts = _lastUniteAttempt[_LastUniteKey(source,destination)]; - shouldUnite = ((now - luts) >= ZT_MIN_UNITE_INTERVAL); - if (shouldUnite) - luts = now; - } - RR->cluster->sendViaCluster(source,destination,packet.data(),packet.size(),shouldUnite); + if ((RR->cluster)&&(source != RR->identity.address())) { + RR->cluster->relayViaCluster(source,destination,packet.data(),packet.size(),_shouldUnite(now,source,destination)); return; } #endif - relayTo = RR->topology->getBestRoot(&source,1,true); + relayTo = RR->topology->getUpstreamPeer(&source,1,true); if (relayTo) relayTo->sendDirect(packet.data(),packet.size(),now,true); } @@ -264,6 +286,17 @@ void Switch::onRemotePacket(const InetAddress &localAddr,const InetAddress &from } else if ((reinterpret_cast<const uint8_t *>(data)[ZT_PACKET_IDX_FLAGS] & ZT_PROTO_FLAG_FRAGMENTED) != 0) { // Packet is the head of a fragmented packet series + const uint64_t packetId = ( + (((uint64_t)reinterpret_cast<const uint8_t *>(data)[0]) << 56) | + (((uint64_t)reinterpret_cast<const uint8_t *>(data)[1]) << 48) | + (((uint64_t)reinterpret_cast<const uint8_t *>(data)[2]) << 40) | + (((uint64_t)reinterpret_cast<const uint8_t *>(data)[3]) << 32) | + (((uint64_t)reinterpret_cast<const uint8_t *>(data)[4]) << 24) | + (((uint64_t)reinterpret_cast<const uint8_t *>(data)[5]) << 16) | + (((uint64_t)reinterpret_cast<const uint8_t *>(data)[6]) << 8) | + ((uint64_t)reinterpret_cast<const uint8_t *>(data)[7]) + ); + Mutex::Lock _l(_rxQueue_m); RXQueueEntry *const rq = _findRXQueueEntry(now,packetId); @@ -311,7 +344,7 @@ void Switch::onRemotePacket(const InetAddress &localAddr,const InetAddress &from rq = tmp; } rq->timestamp = now; - rq->packetId = packetId; + rq->packetId = packet.packetId(); rq->frag0 = packet; rq->totalFragments = 1; rq->haveFragments = 1; @@ -577,7 +610,7 @@ void Switch::onLocalEthernet(const SharedPtr<Network> &network,const MAC &from,c } } -void Switch::send(const Packet &packet,bool encrypt) +void Switch::send(Packet &packet,bool encrypt) { if (packet.destination() == RR->identity.address()) { TRACE("BUG: caught attempt to send() to self, ignored"); @@ -590,75 +623,6 @@ void Switch::send(const Packet &packet,bool encrypt) } } -bool Switch::unite(const Address &p1,const Address &p2) -{ - if ((p1 == RR->identity.address())||(p2 == RR->identity.address())) - return false; - SharedPtr<Peer> p1p = RR->topology->getPeer(p1); - if (!p1p) - return false; - SharedPtr<Peer> p2p = RR->topology->getPeer(p2); - if (!p2p) - return false; - - const uint64_t now = RR->node->now(); - - std::pair<InetAddress,InetAddress> cg(Peer::findCommonGround(*p1p,*p2p,now)); - if ((!(cg.first))||(cg.first.ipScope() != cg.second.ipScope())) - return false; - - TRACE("unite: %s(%s) <> %s(%s)",p1.toString().c_str(),cg.second.toString().c_str(),p2.toString().c_str(),cg.first.toString().c_str()); - - /* Tell P1 where to find P2 and vice versa, sending the packets to P1 and - * P2 in randomized order in terms of which gets sent first. This is done - * since in a few cases NAT-t can be sensitive to slight timing differences - * in terms of when the two peers initiate. Normally this is accounted for - * by the nearly-simultaneous RENDEZVOUS kickoff from the relay, but - * given that relay are hosted on cloud providers this can in some - * cases have a few ms of latency between packet departures. By randomizing - * the order we make each attempted NAT-t favor one or the other going - * first, meaning if it doesn't succeed the first time it might the second - * and so forth. */ - unsigned int alt = (unsigned int)RR->node->prng() & 1; - unsigned int completed = alt + 2; - while (alt != completed) { - if ((alt & 1) == 0) { - // Tell p1 where to find p2. - Packet outp(p1,RR->identity.address(),Packet::VERB_RENDEZVOUS); - outp.append((unsigned char)0); - p2.appendTo(outp); - outp.append((uint16_t)cg.first.port()); - if (cg.first.isV6()) { - outp.append((unsigned char)16); - outp.append(cg.first.rawIpData(),16); - } else { - outp.append((unsigned char)4); - outp.append(cg.first.rawIpData(),4); - } - outp.armor(p1p->key(),true); - p1p->sendDirect(outp.data(),outp.size(),now,true); - } else { - // Tell p2 where to find p1. - Packet outp(p2,RR->identity.address(),Packet::VERB_RENDEZVOUS); - outp.append((unsigned char)0); - p1.appendTo(outp); - outp.append((uint16_t)cg.second.port()); - if (cg.second.isV6()) { - outp.append((unsigned char)16); - outp.append(cg.second.rawIpData(),16); - } else { - outp.append((unsigned char)4); - outp.append(cg.second.rawIpData(),4); - } - outp.armor(p2p->key(),true); - p2p->sendDirect(outp.data(),outp.size(),now,true); - } - ++alt; // counts up and also flips LSB - } - - return true; -} - void Switch::requestWhois(const Address &addr) { bool inserted = false; @@ -761,9 +725,20 @@ unsigned long Switch::doTimerTasks(uint64_t now) return nextDelay; } +bool Switch::_shouldUnite(const uint64_t now,const Address &source,const Address &destination) +{ + Mutex::Lock _l(_lastUniteAttempt_m); + uint64_t &ts = _lastUniteAttempt[_LastUniteKey(source,destination)]; + if ((now - ts) >= ZT_MIN_UNITE_INTERVAL) { + ts = now; + return true; + } + return false; +} + Address Switch::_sendWhoisRequest(const Address &addr,const Address *peersAlreadyConsulted,unsigned int numPeersAlreadyConsulted) { - SharedPtr<Peer> upstream(RR->topology->getBestRoot(peersAlreadyConsulted,numPeersAlreadyConsulted,false)); + SharedPtr<Peer> upstream(RR->topology->getUpstreamPeer(peersAlreadyConsulted,numPeersAlreadyConsulted,false)); if (upstream) { Packet outp(upstream->address(),RR->identity.address(),Packet::VERB_WHOIS); addr.appendTo(outp); @@ -773,70 +748,126 @@ Address Switch::_sendWhoisRequest(const Address &addr,const Address *peersAlread return Address(); } -bool Switch::_trySend(const Packet &packet,bool encrypt) +bool Switch::_trySend(Packet &packet,bool encrypt) { - const SharedPtr<Peer> peer(RR->topology->getPeer(packet.destination())); - if (peer) { - const uint64_t now = RR->node->now(); + SharedPtr<Path> viaPath; + const uint64_t now = RR->node->now(); + const Address destination(packet.destination()); + +#ifdef ZT_ENABLE_CLUSTER + uint64_t clusterMostRecentTs = 0; + int clusterMostRecentMemberId = -1; + uint8_t clusterPeerSecret[ZT_PEER_SECRET_KEY_LENGTH]; + if (RR->cluster) + clusterMostRecentMemberId = RR->cluster->checkSendViaCluster(destination,clusterMostRecentTs,clusterPeerSecret); +#endif - // First get the best path, and if it's dead (and this is not a root) - // we attempt to re-activate that path but this packet will flow - // upstream. If the path comes back alive, it will be used in the future. - // For roots we don't do the alive check since roots are not required - // to send heartbeats "down" and because we have to at least try to - // go somewhere. - - SharedPtr<Path> viaPath(peer->getBestPath(now,false)); - if ( (viaPath) && (!viaPath->alive(now)) && (!RR->topology->isRoot(peer->identity())) ) { - if ((now - viaPath->lastOut()) > std::max((now - viaPath->lastIn()) * 4,(uint64_t)ZT_PATH_MIN_REACTIVATE_INTERVAL)) - peer->attemptToContactAt(viaPath->localAddress(),viaPath->address(),now); + const SharedPtr<Peer> peer(RR->topology->getPeer(destination)); + if (peer) { + /* First get the best path, and if it's dead (and this is not a root) + * we attempt to re-activate that path but this packet will flow + * upstream. If the path comes back alive, it will be used in the future. + * For roots we don't do the alive check since roots are not required + * to send heartbeats "down" and because we have to at least try to + * go somewhere. */ + + viaPath = peer->getBestPath(now,false); + if ( (viaPath) && (!viaPath->alive(now)) && (!RR->topology->isUpstream(peer->identity())) ) { +#ifdef ZT_ENABLE_CLUSTER + if ((clusterMostRecentMemberId < 0)||(viaPath->lastIn() > clusterMostRecentTs)) { +#endif + if ((now - viaPath->lastOut()) > std::max((now - viaPath->lastIn()) * 4,(uint64_t)ZT_PATH_MIN_REACTIVATE_INTERVAL)) { + peer->attemptToContactAt(viaPath->localAddress(),viaPath->address(),now,false,viaPath->nextOutgoingCounter()); + viaPath->sent(now); + } +#ifdef ZT_ENABLE_CLUSTER + } +#endif viaPath.zero(); } + +#ifdef ZT_ENABLE_CLUSTER + if (clusterMostRecentMemberId >= 0) { + if ((viaPath)&&(viaPath->lastIn() < clusterMostRecentTs)) + viaPath.zero(); + } else if (!viaPath) { +#else if (!viaPath) { - SharedPtr<Peer> relay(RR->topology->getBestRoot()); +#endif + peer->tryMemorizedPath(now); // periodically attempt memorized or statically defined paths, if any are known + const SharedPtr<Peer> relay(RR->topology->getUpstreamPeer()); if ( (!relay) || (!(viaPath = relay->getBestPath(now,false))) ) { if (!(viaPath = peer->getBestPath(now,true))) return false; } +#ifdef ZT_ENABLE_CLUSTER } +#else + } +#endif + } else { +#ifdef ZT_ENABLE_CLUSTER + if (clusterMostRecentMemberId < 0) { +#else + requestWhois(destination); + return false; // if we are not in cluster mode, there is no way we can send without knowing the peer directly +#endif +#ifdef ZT_ENABLE_CLUSTER + } +#endif + } - Packet tmp(packet); - - unsigned int chunkSize = std::min(tmp.size(),(unsigned int)ZT_UDP_DEFAULT_PAYLOAD_MTU); - tmp.setFragmented(chunkSize < tmp.size()); + unsigned int chunkSize = std::min(packet.size(),(unsigned int)ZT_UDP_DEFAULT_PAYLOAD_MTU); + packet.setFragmented(chunkSize < packet.size()); - const uint64_t trustedPathId = RR->topology->getOutboundPathTrust(viaPath->address()); - if (trustedPathId) { - tmp.setTrusted(trustedPathId); - } else { - tmp.armor(peer->key(),encrypt); - } +#ifdef ZT_ENABLE_CLUSTER + const uint64_t trustedPathId = (viaPath) ? RR->topology->getOutboundPathTrust(viaPath->address()) : 0; + if (trustedPathId) { + packet.setTrusted(trustedPathId); + } else { + packet.armor((clusterMostRecentMemberId >= 0) ? clusterPeerSecret : peer->key(),encrypt,(viaPath) ? viaPath->nextOutgoingCounter() : 0); + } +#else + const uint64_t trustedPathId = RR->topology->getOutboundPathTrust(viaPath->address()); + if (trustedPathId) { + packet.setTrusted(trustedPathId); + } else { + packet.armor(peer->key(),encrypt,viaPath->nextOutgoingCounter()); + } +#endif - if (viaPath->send(RR,tmp.data(),chunkSize,now)) { - if (chunkSize < tmp.size()) { - // Too big for one packet, fragment the rest - unsigned int fragStart = chunkSize; - unsigned int remaining = tmp.size() - chunkSize; - unsigned int fragsRemaining = (remaining / (ZT_UDP_DEFAULT_PAYLOAD_MTU - ZT_PROTO_MIN_FRAGMENT_LENGTH)); - if ((fragsRemaining * (ZT_UDP_DEFAULT_PAYLOAD_MTU - ZT_PROTO_MIN_FRAGMENT_LENGTH)) < remaining) - ++fragsRemaining; - const unsigned int totalFragments = fragsRemaining + 1; - - for(unsigned int fno=1;fno<totalFragments;++fno) { - chunkSize = std::min(remaining,(unsigned int)(ZT_UDP_DEFAULT_PAYLOAD_MTU - ZT_PROTO_MIN_FRAGMENT_LENGTH)); - Packet::Fragment frag(tmp,fragStart,chunkSize,fno,totalFragments); +#ifdef ZT_ENABLE_CLUSTER + if ( ((viaPath)&&(viaPath->send(RR,packet.data(),chunkSize,now))) || ((clusterMostRecentMemberId >= 0)&&(RR->cluster->sendViaCluster(clusterMostRecentMemberId,destination,packet.data(),chunkSize))) ) { +#else + if (viaPath->send(RR,packet.data(),chunkSize,now)) { +#endif + if (chunkSize < packet.size()) { + // Too big for one packet, fragment the rest + unsigned int fragStart = chunkSize; + unsigned int remaining = packet.size() - chunkSize; + unsigned int fragsRemaining = (remaining / (ZT_UDP_DEFAULT_PAYLOAD_MTU - ZT_PROTO_MIN_FRAGMENT_LENGTH)); + if ((fragsRemaining * (ZT_UDP_DEFAULT_PAYLOAD_MTU - ZT_PROTO_MIN_FRAGMENT_LENGTH)) < remaining) + ++fragsRemaining; + const unsigned int totalFragments = fragsRemaining + 1; + + for(unsigned int fno=1;fno<totalFragments;++fno) { + chunkSize = std::min(remaining,(unsigned int)(ZT_UDP_DEFAULT_PAYLOAD_MTU - ZT_PROTO_MIN_FRAGMENT_LENGTH)); + Packet::Fragment frag(packet,fragStart,chunkSize,fno,totalFragments); +#ifdef ZT_ENABLE_CLUSTER + if (viaPath) viaPath->send(RR,frag.data(),frag.size(),now); - fragStart += chunkSize; - remaining -= chunkSize; - } + else if (clusterMostRecentMemberId >= 0) + RR->cluster->sendViaCluster(clusterMostRecentMemberId,destination,frag.data(),frag.size()); +#else + viaPath->send(RR,frag.data(),frag.size(),now); +#endif + fragStart += chunkSize; + remaining -= chunkSize; } - - return true; } - } else { - requestWhois(packet.destination()); } - return false; + + return true; } } // namespace ZeroTier diff --git a/node/Switch.hpp b/node/Switch.hpp index 7c903ef9..9245c036 100644 --- a/node/Switch.hpp +++ b/node/Switch.hpp @@ -55,7 +55,6 @@ class Switch : NonCopyable { public: Switch(const RuntimeEnvironment *renv); - ~Switch(); /** * Called when a packet is received from the real network @@ -92,21 +91,10 @@ public: * Needless to say, the packet's source must be this node. Otherwise it * won't be encrypted right. (This is not used for relaying.) * - * @param packet Packet to send + * @param packet Packet to send (buffer may be modified) * @param encrypt Encrypt packet payload? (always true except for HELLO) */ - void send(const Packet &packet,bool encrypt); - - /** - * Send RENDEZVOUS to two peers to permit them to directly connect - * - * This only works if both peers are known, with known working direct - * links to this peer. The best link for each peer is sent to the other. - * - * @param p1 One of two peers (order doesn't matter) - * @param p2 Second of pair - */ - bool unite(const Address &p1,const Address &p2); + void send(Packet &packet,bool encrypt); /** * Request WHOIS on a given address @@ -136,8 +124,9 @@ public: unsigned long doTimerTasks(uint64_t now); private: + bool _shouldUnite(const uint64_t now,const Address &source,const Address &destination); Address _sendWhoisRequest(const Address &addr,const Address *peersAlreadyConsulted,unsigned int numPeersAlreadyConsulted); - bool _trySend(const Packet &packet,bool encrypt); + bool _trySend(Packet &packet,bool encrypt); // packet is modified if return is true const RuntimeEnvironment *const RR; uint64_t _lastBeaconResponse; diff --git a/node/Tag.hpp b/node/Tag.hpp index 97228157..146e8da9 100644 --- a/node/Tag.hpp +++ b/node/Tag.hpp @@ -139,7 +139,8 @@ public: { unsigned int p = startAt; - // These are the same between Tag and Capability + memset(this,0,sizeof(Tag)); + _networkId = b.template at<uint64_t>(p); p += 8; _ts = b.template at<uint64_t>(p); p += 8; _id = b.template at<uint32_t>(p); p += 4; @@ -148,12 +149,14 @@ public: _issuedTo.setTo(b.field(p,ZT_ADDRESS_LENGTH),ZT_ADDRESS_LENGTH); p += ZT_ADDRESS_LENGTH; _signedBy.setTo(b.field(p,ZT_ADDRESS_LENGTH),ZT_ADDRESS_LENGTH); p += ZT_ADDRESS_LENGTH; - if (b[p++] != 1) - throw std::runtime_error("unrecognized signature type"); - if (b.template at<uint16_t>(p) != ZT_C25519_SIGNATURE_LEN) - throw std::runtime_error("invalid signature length"); - p += 2; - memcpy(_signature.data,b.field(p,ZT_C25519_SIGNATURE_LEN),ZT_C25519_SIGNATURE_LEN); p += ZT_C25519_SIGNATURE_LEN; + if (b[p++] == 1) { + if (b.template at<uint16_t>(p) != ZT_C25519_SIGNATURE_LEN) + throw std::runtime_error("invalid signature length"); + p += 2; + memcpy(_signature.data,b.field(p,ZT_C25519_SIGNATURE_LEN),ZT_C25519_SIGNATURE_LEN); p += ZT_C25519_SIGNATURE_LEN; + } else { + p += 2 + b.template at<uint16_t>(p); + } p += 2 + b.template at<uint16_t>(p); if (p > b.size()) diff --git a/node/Topology.cpp b/node/Topology.cpp index 12a7cc0b..5abc4df0 100644 --- a/node/Topology.cpp +++ b/node/Topology.cpp @@ -23,22 +23,35 @@ #include "Network.hpp" #include "NetworkConfig.hpp" #include "Buffer.hpp" +#include "Switch.hpp" namespace ZeroTier { -// 2015-11-16 -- The Fabulous Four (should have named them after Beatles!) -//#define ZT_DEFAULT_WORLD_LENGTH 494 -//static const unsigned char ZT_DEFAULT_WORLD[ZT_DEFAULT_WORLD_LENGTH] = {0x01,0x00,0x00,0x00,0x00,0x08,0xea,0xc9,0x0a,0x00,0x00,0x01,0x51,0x11,0x70,0xb2,0xfb,0xb8,0xb3,0x88,0xa4,0x69,0x22,0x14,0x91,0xaa,0x9a,0xcd,0x66,0xcc,0x76,0x4c,0xde,0xfd,0x56,0x03,0x9f,0x10,0x67,0xae,0x15,0xe6,0x9c,0x6f,0xb4,0x2d,0x7b,0x55,0x33,0x0e,0x3f,0xda,0xac,0x52,0x9c,0x07,0x92,0xfd,0x73,0x40,0xa6,0xaa,0x21,0xab,0xa8,0xa4,0x89,0xfd,0xae,0xa4,0x4a,0x39,0xbf,0x2d,0x00,0x65,0x9a,0xc9,0xc8,0x18,0xeb,0x80,0x31,0xa4,0x65,0x95,0x45,0x06,0x1c,0xfb,0xc2,0x4e,0x5d,0xe7,0x0a,0x40,0x7a,0x97,0xce,0x36,0xa2,0x3d,0x05,0xca,0x87,0xc7,0x59,0x27,0x5c,0x8b,0x0d,0x4c,0xb4,0xbb,0x26,0x2f,0x77,0x17,0x5e,0xb7,0x4d,0xb8,0xd3,0xb4,0xe9,0x23,0x5d,0xcc,0xa2,0x71,0xa8,0xdf,0xf1,0x23,0xa3,0xb2,0x66,0x74,0xea,0xe5,0xdc,0x8d,0xef,0xd3,0x0a,0xa9,0xac,0xcb,0xda,0x93,0xbd,0x6c,0xcd,0x43,0x1d,0xa7,0x98,0x6a,0xde,0x70,0xc0,0xc6,0x1c,0xaf,0xf0,0xfd,0x7f,0x8a,0xb9,0x76,0x13,0xe1,0xde,0x4f,0xf3,0xd6,0x13,0x04,0x7e,0x19,0x87,0x6a,0xba,0x00,0x2a,0x6e,0x2b,0x23,0x18,0x93,0x0f,0x60,0xeb,0x09,0x7f,0x70,0xd0,0xf4,0xb0,0x28,0xb2,0xcd,0x6d,0x3d,0x0c,0x63,0xc0,0x14,0xb9,0x03,0x9f,0xf3,0x53,0x90,0xe4,0x11,0x81,0xf2,0x16,0xfb,0x2e,0x6f,0xa8,0xd9,0x5c,0x1e,0xe9,0x66,0x71,0x56,0x41,0x19,0x05,0xc3,0xdc,0xcf,0xea,0x78,0xd8,0xc6,0xdf,0xaf,0xba,0x68,0x81,0x70,0xb3,0xfa,0x00,0x01,0x04,0xc6,0xc7,0x61,0xdc,0x27,0x09,0x88,0x41,0x40,0x8a,0x2e,0x00,0xbb,0x1d,0x31,0xf2,0xc3,0x23,0xe2,0x64,0xe9,0xe6,0x41,0x72,0xc1,0xa7,0x4f,0x77,0x89,0x95,0x55,0xed,0x10,0x75,0x1c,0xd5,0x6e,0x86,0x40,0x5c,0xde,0x11,0x8d,0x02,0xdf,0xfe,0x55,0x5d,0x46,0x2c,0xcf,0x6a,0x85,0xb5,0x63,0x1c,0x12,0x35,0x0c,0x8d,0x5d,0xc4,0x09,0xba,0x10,0xb9,0x02,0x5d,0x0f,0x44,0x5c,0xf4,0x49,0xd9,0x2b,0x1c,0x00,0x01,0x04,0x6b,0xbf,0x2e,0xd2,0x27,0x09,0x8a,0xcf,0x05,0x9f,0xe3,0x00,0x48,0x2f,0x6e,0xe5,0xdf,0xe9,0x02,0x31,0x9b,0x41,0x9d,0xe5,0xbd,0xc7,0x65,0x20,0x9c,0x0e,0xcd,0xa3,0x8c,0x4d,0x6e,0x4f,0xcf,0x0d,0x33,0x65,0x83,0x98,0xb4,0x52,0x7d,0xcd,0x22,0xf9,0x31,0x12,0xfb,0x9b,0xef,0xd0,0x2f,0xd7,0x8b,0xf7,0x26,0x1b,0x33,0x3f,0xc1,0x05,0xd1,0x92,0xa6,0x23,0xca,0x9e,0x50,0xfc,0x60,0xb3,0x74,0xa5,0x00,0x01,0x04,0xa2,0xf3,0x4d,0x6f,0x27,0x09,0x9d,0x21,0x90,0x39,0xf3,0x00,0x01,0xf0,0x92,0x2a,0x98,0xe3,0xb3,0x4e,0xbc,0xbf,0xf3,0x33,0x26,0x9d,0xc2,0x65,0xd7,0xa0,0x20,0xaa,0xb6,0x9d,0x72,0xbe,0x4d,0x4a,0xcc,0x9c,0x8c,0x92,0x94,0x78,0x57,0x71,0x25,0x6c,0xd1,0xd9,0x42,0xa9,0x0d,0x1b,0xd1,0xd2,0xdc,0xa3,0xea,0x84,0xef,0x7d,0x85,0xaf,0xe6,0x61,0x1f,0xb4,0x3f,0xf0,0xb7,0x41,0x26,0xd9,0x0a,0x6e,0x00,0x01,0x04,0x80,0xc7,0xc5,0xd9,0x27,0x09}; - -// 2015-11-20 -- Alice and Bob are live, and we're now IPv6 dual-stack! -//#define ZT_DEFAULT_WORLD_LENGTH 792 -//static const unsigned char ZT_DEFAULT_WORLD[ZT_DEFAULT_WORLD_LENGTH] = {0x01,0x00,0x00,0x00,0x00,0x08,0xea,0xc9,0x0a,0x00,0x00,0x01,0x51,0x26,0x6f,0x7c,0x8a,0xb8,0xb3,0x88,0xa4,0x69,0x22,0x14,0x91,0xaa,0x9a,0xcd,0x66,0xcc,0x76,0x4c,0xde,0xfd,0x56,0x03,0x9f,0x10,0x67,0xae,0x15,0xe6,0x9c,0x6f,0xb4,0x2d,0x7b,0x55,0x33,0x0e,0x3f,0xda,0xac,0x52,0x9c,0x07,0x92,0xfd,0x73,0x40,0xa6,0xaa,0x21,0xab,0xa8,0xa4,0x89,0xfd,0xae,0xa4,0x4a,0x39,0xbf,0x2d,0x00,0x65,0x9a,0xc9,0xc8,0x18,0xeb,0xe8,0x0a,0xf5,0xbc,0xf8,0x3d,0x97,0xcd,0xc3,0xf8,0xe2,0x41,0x16,0x42,0x0f,0xc7,0x76,0x8e,0x07,0xf3,0x7e,0x9e,0x7d,0x1b,0xb3,0x23,0x21,0x79,0xce,0xb9,0xd0,0xcb,0xb5,0x94,0x7b,0x89,0x21,0x57,0x72,0xf6,0x70,0xa1,0xdd,0x67,0x38,0xcf,0x45,0x45,0xc2,0x8d,0x46,0xec,0x00,0x2c,0xe0,0x2a,0x63,0x3f,0x63,0x8d,0x33,0x08,0x51,0x07,0x77,0x81,0x5b,0x32,0x49,0xae,0x87,0x89,0xcf,0x31,0xaa,0x41,0xf1,0x52,0x97,0xdc,0xa2,0x55,0xe1,0x4a,0x6e,0x3c,0x04,0xf0,0x4f,0x8a,0x0e,0xe9,0xca,0xec,0x24,0x30,0x04,0x9d,0x21,0x90,0x39,0xf3,0x00,0x01,0xf0,0x92,0x2a,0x98,0xe3,0xb3,0x4e,0xbc,0xbf,0xf3,0x33,0x26,0x9d,0xc2,0x65,0xd7,0xa0,0x20,0xaa,0xb6,0x9d,0x72,0xbe,0x4d,0x4a,0xcc,0x9c,0x8c,0x92,0x94,0x78,0x57,0x71,0x25,0x6c,0xd1,0xd9,0x42,0xa9,0x0d,0x1b,0xd1,0xd2,0xdc,0xa3,0xea,0x84,0xef,0x7d,0x85,0xaf,0xe6,0x61,0x1f,0xb4,0x3f,0xf0,0xb7,0x41,0x26,0xd9,0x0a,0x6e,0x00,0x0c,0x04,0xbc,0xa6,0x5e,0xb1,0x27,0x09,0x06,0x2a,0x03,0xb0,0xc0,0x00,0x02,0x00,0xd0,0x00,0x00,0x00,0x00,0x00,0x7d,0x00,0x01,0x27,0x09,0x04,0x9a,0x42,0xc5,0x21,0x27,0x09,0x06,0x2c,0x0f,0xf8,0x50,0x01,0x54,0x01,0x97,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x33,0x27,0x09,0x04,0x9f,0xcb,0x61,0xab,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x08,0x00,0x00,0xa1,0x00,0x00,0x00,0x00,0x00,0x54,0x60,0x01,0x27,0x09,0x04,0xa9,0x39,0x8f,0x68,0x27,0x09,0x06,0x26,0x07,0xf0,0xd0,0x1d,0x01,0x00,0x57,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x02,0x27,0x09,0x04,0x6b,0xaa,0xc5,0x0e,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x00,0x01,0x00,0x20,0x00,0x00,0x00,0x00,0x02,0x00,0xe0,0x01,0x27,0x09,0x04,0x80,0xc7,0xc5,0xd9,0x27,0x09,0x06,0x24,0x00,0x61,0x80,0x00,0x00,0x00,0xd0,0x00,0x00,0x00,0x00,0x00,0xb7,0x40,0x01,0x27,0x09,0x88,0x41,0x40,0x8a,0x2e,0x00,0xbb,0x1d,0x31,0xf2,0xc3,0x23,0xe2,0x64,0xe9,0xe6,0x41,0x72,0xc1,0xa7,0x4f,0x77,0x89,0x95,0x55,0xed,0x10,0x75,0x1c,0xd5,0x6e,0x86,0x40,0x5c,0xde,0x11,0x8d,0x02,0xdf,0xfe,0x55,0x5d,0x46,0x2c,0xcf,0x6a,0x85,0xb5,0x63,0x1c,0x12,0x35,0x0c,0x8d,0x5d,0xc4,0x09,0xba,0x10,0xb9,0x02,0x5d,0x0f,0x44,0x5c,0xf4,0x49,0xd9,0x2b,0x1c,0x00,0x0c,0x04,0x2d,0x20,0xc6,0x82,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x64,0x00,0x81,0xc3,0x54,0x00,0x00,0xff,0xfe,0x18,0x1d,0x61,0x27,0x09,0x04,0x2e,0x65,0xa0,0xf9,0x27,0x09,0x06,0x2a,0x03,0xb0,0xc0,0x00,0x03,0x00,0xd0,0x00,0x00,0x00,0x00,0x00,0x6a,0x30,0x01,0x27,0x09,0x04,0x6b,0xbf,0x2e,0xd2,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x68,0x00,0x83,0xa4,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x64,0x27,0x09,0x04,0x2d,0x20,0xf6,0xb3,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x58,0x00,0x8b,0xf8,0x54,0x00,0x00,0xff,0xfe,0x15,0xb3,0x9a,0x27,0x09,0x04,0x2d,0x20,0xf8,0x57,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x70,0x00,0x9b,0xc9,0x54,0x00,0x00,0xff,0xfe,0x15,0xc4,0xf5,0x27,0x09,0x04,0x9f,0xcb,0x02,0x9a,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x0c,0xad,0x00,0xd0,0x00,0x00,0x00,0x00,0x00,0x26,0x70,0x01,0x27,0x09,0x7e,0x19,0x87,0x6a,0xba,0x00,0x2a,0x6e,0x2b,0x23,0x18,0x93,0x0f,0x60,0xeb,0x09,0x7f,0x70,0xd0,0xf4,0xb0,0x28,0xb2,0xcd,0x6d,0x3d,0x0c,0x63,0xc0,0x14,0xb9,0x03,0x9f,0xf3,0x53,0x90,0xe4,0x11,0x81,0xf2,0x16,0xfb,0x2e,0x6f,0xa8,0xd9,0x5c,0x1e,0xe9,0x66,0x71,0x56,0x41,0x19,0x05,0xc3,0xdc,0xcf,0xea,0x78,0xd8,0xc6,0xdf,0xaf,0xba,0x68,0x81,0x70,0xb3,0xfa,0x00,0x01,0x04,0xc6,0xc7,0x61,0xdc,0x27,0x09,0x8a,0xcf,0x05,0x9f,0xe3,0x00,0x48,0x2f,0x6e,0xe5,0xdf,0xe9,0x02,0x31,0x9b,0x41,0x9d,0xe5,0xbd,0xc7,0x65,0x20,0x9c,0x0e,0xcd,0xa3,0x8c,0x4d,0x6e,0x4f,0xcf,0x0d,0x33,0x65,0x83,0x98,0xb4,0x52,0x7d,0xcd,0x22,0xf9,0x31,0x12,0xfb,0x9b,0xef,0xd0,0x2f,0xd7,0x8b,0xf7,0x26,0x1b,0x33,0x3f,0xc1,0x05,0xd1,0x92,0xa6,0x23,0xca,0x9e,0x50,0xfc,0x60,0xb3,0x74,0xa5,0x00,0x01,0x04,0xa2,0xf3,0x4d,0x6f,0x27,0x09}; - -// 2015-12-17 -- Old New York root is dead, old SF still alive -//#define ZT_DEFAULT_WORLD_LENGTH 732 -//static const unsigned char ZT_DEFAULT_WORLD[ZT_DEFAULT_WORLD_LENGTH] = {0x01,0x00,0x00,0x00,0x00,0x08,0xea,0xc9,0x0a,0x00,0x00,0x01,0x51,0xb1,0x7e,0x39,0x9d,0xb8,0xb3,0x88,0xa4,0x69,0x22,0x14,0x91,0xaa,0x9a,0xcd,0x66,0xcc,0x76,0x4c,0xde,0xfd,0x56,0x03,0x9f,0x10,0x67,0xae,0x15,0xe6,0x9c,0x6f,0xb4,0x2d,0x7b,0x55,0x33,0x0e,0x3f,0xda,0xac,0x52,0x9c,0x07,0x92,0xfd,0x73,0x40,0xa6,0xaa,0x21,0xab,0xa8,0xa4,0x89,0xfd,0xae,0xa4,0x4a,0x39,0xbf,0x2d,0x00,0x65,0x9a,0xc9,0xc8,0x18,0xeb,0x8a,0xca,0xf2,0x3d,0x71,0x2e,0xc2,0x39,0x45,0x66,0xb3,0xe9,0x39,0x79,0xb1,0x55,0xc4,0xa9,0xfc,0xbc,0xfc,0x55,0xaf,0x8a,0x2f,0x38,0xc8,0xcd,0xe9,0x02,0x5b,0x86,0xa9,0x72,0xf7,0x16,0x00,0x35,0xb7,0x84,0xc9,0xfc,0xe4,0xfa,0x96,0x8b,0xf4,0x1e,0xba,0x60,0x9f,0x85,0x14,0xc2,0x07,0x4b,0xfd,0xd1,0x6c,0x19,0x69,0xd3,0xf9,0x09,0x9c,0x9d,0xe3,0xb9,0x8f,0x11,0x78,0x71,0xa7,0x4a,0x05,0xd8,0xcc,0x60,0xa2,0x06,0x66,0x9f,0x47,0xc2,0x71,0xb8,0x54,0x80,0x9c,0x45,0x16,0x10,0xa9,0xd0,0xbd,0xf7,0x03,0x9d,0x21,0x90,0x39,0xf3,0x00,0x01,0xf0,0x92,0x2a,0x98,0xe3,0xb3,0x4e,0xbc,0xbf,0xf3,0x33,0x26,0x9d,0xc2,0x65,0xd7,0xa0,0x20,0xaa,0xb6,0x9d,0x72,0xbe,0x4d,0x4a,0xcc,0x9c,0x8c,0x92,0x94,0x78,0x57,0x71,0x25,0x6c,0xd1,0xd9,0x42,0xa9,0x0d,0x1b,0xd1,0xd2,0xdc,0xa3,0xea,0x84,0xef,0x7d,0x85,0xaf,0xe6,0x61,0x1f,0xb4,0x3f,0xf0,0xb7,0x41,0x26,0xd9,0x0a,0x6e,0x00,0x0c,0x04,0xbc,0xa6,0x5e,0xb1,0x27,0x09,0x06,0x2a,0x03,0xb0,0xc0,0x00,0x02,0x00,0xd0,0x00,0x00,0x00,0x00,0x00,0x7d,0x00,0x01,0x27,0x09,0x04,0x9a,0x42,0xc5,0x21,0x27,0x09,0x06,0x2c,0x0f,0xf8,0x50,0x01,0x54,0x01,0x97,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x33,0x27,0x09,0x04,0x9f,0xcb,0x61,0xab,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x08,0x00,0x00,0xa1,0x00,0x00,0x00,0x00,0x00,0x54,0x60,0x01,0x27,0x09,0x04,0xa9,0x39,0x8f,0x68,0x27,0x09,0x06,0x26,0x07,0xf0,0xd0,0x1d,0x01,0x00,0x57,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x02,0x27,0x09,0x04,0x6b,0xaa,0xc5,0x0e,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x00,0x01,0x00,0x20,0x00,0x00,0x00,0x00,0x02,0x00,0xe0,0x01,0x27,0x09,0x04,0x80,0xc7,0xc5,0xd9,0x27,0x09,0x06,0x24,0x00,0x61,0x80,0x00,0x00,0x00,0xd0,0x00,0x00,0x00,0x00,0x00,0xb7,0x40,0x01,0x27,0x09,0x88,0x41,0x40,0x8a,0x2e,0x00,0xbb,0x1d,0x31,0xf2,0xc3,0x23,0xe2,0x64,0xe9,0xe6,0x41,0x72,0xc1,0xa7,0x4f,0x77,0x89,0x95,0x55,0xed,0x10,0x75,0x1c,0xd5,0x6e,0x86,0x40,0x5c,0xde,0x11,0x8d,0x02,0xdf,0xfe,0x55,0x5d,0x46,0x2c,0xcf,0x6a,0x85,0xb5,0x63,0x1c,0x12,0x35,0x0c,0x8d,0x5d,0xc4,0x09,0xba,0x10,0xb9,0x02,0x5d,0x0f,0x44,0x5c,0xf4,0x49,0xd9,0x2b,0x1c,0x00,0x0c,0x04,0x2d,0x20,0xc6,0x82,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x64,0x00,0x81,0xc3,0x54,0x00,0x00,0xff,0xfe,0x18,0x1d,0x61,0x27,0x09,0x04,0x2e,0x65,0xa0,0xf9,0x27,0x09,0x06,0x2a,0x03,0xb0,0xc0,0x00,0x03,0x00,0xd0,0x00,0x00,0x00,0x00,0x00,0x6a,0x30,0x01,0x27,0x09,0x04,0x6b,0xbf,0x2e,0xd2,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x68,0x00,0x83,0xa4,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x64,0x27,0x09,0x04,0x2d,0x20,0xf6,0xb3,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x58,0x00,0x8b,0xf8,0x54,0x00,0x00,0xff,0xfe,0x15,0xb3,0x9a,0x27,0x09,0x04,0x2d,0x20,0xf8,0x57,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x70,0x00,0x9b,0xc9,0x54,0x00,0x00,0xff,0xfe,0x15,0xc4,0xf5,0x27,0x09,0x04,0x9f,0xcb,0x02,0x9a,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x0c,0xad,0x00,0xd0,0x00,0x00,0x00,0x00,0x00,0x26,0x70,0x01,0x27,0x09,0x7e,0x19,0x87,0x6a,0xba,0x00,0x2a,0x6e,0x2b,0x23,0x18,0x93,0x0f,0x60,0xeb,0x09,0x7f,0x70,0xd0,0xf4,0xb0,0x28,0xb2,0xcd,0x6d,0x3d,0x0c,0x63,0xc0,0x14,0xb9,0x03,0x9f,0xf3,0x53,0x90,0xe4,0x11,0x81,0xf2,0x16,0xfb,0x2e,0x6f,0xa8,0xd9,0x5c,0x1e,0xe9,0x66,0x71,0x56,0x41,0x19,0x05,0xc3,0xdc,0xcf,0xea,0x78,0xd8,0xc6,0xdf,0xaf,0xba,0x68,0x81,0x70,0xb3,0xfa,0x00,0x02,0x04,0xc6,0xc7,0x61,0xdc,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x00,0x01,0x00,0x20,0x00,0x00,0x00,0x00,0x00,0xc5,0xf0,0x01,0x27,0x09}; - -// 2016-01-13 -- Old San Francisco 1.0.1 root is dead, now we're just on Alice and Bob! +/* + * 2016-01-13 ZeroTier planet definition for the third planet of Sol: + * + * There are two roots, each of which is a cluster spread across multiple + * continents and providers. They are named Alice and Bob after the + * canonical example names used in cryptography. + * + * Alice: + * + * root-alice-ams-01: Amsterdam, Netherlands + * root-alice-joh-01: Johannesburg, South Africa + * root-alice-nyc-01: New York, New York, USA + * root-alice-sao-01: Sao Paolo, Brazil + * root-alice-sfo-01: San Francisco, California, USA + * root-alice-sgp-01: Singapore + * + * Bob: + * + * root-bob-dfw-01: Dallas, Texas, USA + * root-bob-fra-01: Frankfurt, Germany + * root-bob-par-01: Paris, France + * root-bob-syd-01: Sydney, Australia + * root-bob-tok-01: Tokyo, Japan + * root-bob-tor-01: Toronto, Canada + */ #define ZT_DEFAULT_WORLD_LENGTH 634 static const unsigned char ZT_DEFAULT_WORLD[ZT_DEFAULT_WORLD_LENGTH] = {0x01,0x00,0x00,0x00,0x00,0x08,0xea,0xc9,0x0a,0x00,0x00,0x01,0x52,0x3c,0x32,0x50,0x1a,0xb8,0xb3,0x88,0xa4,0x69,0x22,0x14,0x91,0xaa,0x9a,0xcd,0x66,0xcc,0x76,0x4c,0xde,0xfd,0x56,0x03,0x9f,0x10,0x67,0xae,0x15,0xe6,0x9c,0x6f,0xb4,0x2d,0x7b,0x55,0x33,0x0e,0x3f,0xda,0xac,0x52,0x9c,0x07,0x92,0xfd,0x73,0x40,0xa6,0xaa,0x21,0xab,0xa8,0xa4,0x89,0xfd,0xae,0xa4,0x4a,0x39,0xbf,0x2d,0x00,0x65,0x9a,0xc9,0xc8,0x18,0xeb,0x4a,0xf7,0x86,0xa8,0x40,0xd6,0x52,0xea,0xae,0x9e,0x7a,0xbf,0x4c,0x97,0x66,0xab,0x2d,0x6f,0xaf,0xc9,0x2b,0x3a,0xff,0xed,0xd6,0x30,0x3e,0xc4,0x6a,0x65,0xf2,0xbd,0x83,0x52,0xf5,0x40,0xe9,0xcc,0x0d,0x6e,0x89,0x3f,0x9a,0xa0,0xb8,0xdf,0x42,0xd2,0x2f,0x84,0xe6,0x03,0x26,0x0f,0xa8,0xe3,0xcc,0x05,0x05,0x03,0xef,0x12,0x80,0x0d,0xce,0x3e,0xb6,0x58,0x3b,0x1f,0xa8,0xad,0xc7,0x25,0xf9,0x43,0x71,0xa7,0x5c,0x9a,0xc7,0xe1,0xa3,0xb8,0x88,0xd0,0x71,0x6c,0x94,0x99,0x73,0x41,0x0b,0x1b,0x48,0x84,0x02,0x9d,0x21,0x90,0x39,0xf3,0x00,0x01,0xf0,0x92,0x2a,0x98,0xe3,0xb3,0x4e,0xbc,0xbf,0xf3,0x33,0x26,0x9d,0xc2,0x65,0xd7,0xa0,0x20,0xaa,0xb6,0x9d,0x72,0xbe,0x4d,0x4a,0xcc,0x9c,0x8c,0x92,0x94,0x78,0x57,0x71,0x25,0x6c,0xd1,0xd9,0x42,0xa9,0x0d,0x1b,0xd1,0xd2,0xdc,0xa3,0xea,0x84,0xef,0x7d,0x85,0xaf,0xe6,0x61,0x1f,0xb4,0x3f,0xf0,0xb7,0x41,0x26,0xd9,0x0a,0x6e,0x00,0x0c,0x04,0xbc,0xa6,0x5e,0xb1,0x27,0x09,0x06,0x2a,0x03,0xb0,0xc0,0x00,0x02,0x00,0xd0,0x00,0x00,0x00,0x00,0x00,0x7d,0x00,0x01,0x27,0x09,0x04,0x9a,0x42,0xc5,0x21,0x27,0x09,0x06,0x2c,0x0f,0xf8,0x50,0x01,0x54,0x01,0x97,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x33,0x27,0x09,0x04,0x9f,0xcb,0x61,0xab,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x08,0x00,0x00,0xa1,0x00,0x00,0x00,0x00,0x00,0x54,0x60,0x01,0x27,0x09,0x04,0xa9,0x39,0x8f,0x68,0x27,0x09,0x06,0x26,0x07,0xf0,0xd0,0x1d,0x01,0x00,0x57,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x02,0x27,0x09,0x04,0x6b,0xaa,0xc5,0x0e,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x00,0x01,0x00,0x20,0x00,0x00,0x00,0x00,0x02,0x00,0xe0,0x01,0x27,0x09,0x04,0x80,0xc7,0xc5,0xd9,0x27,0x09,0x06,0x24,0x00,0x61,0x80,0x00,0x00,0x00,0xd0,0x00,0x00,0x00,0x00,0x00,0xb7,0x40,0x01,0x27,0x09,0x88,0x41,0x40,0x8a,0x2e,0x00,0xbb,0x1d,0x31,0xf2,0xc3,0x23,0xe2,0x64,0xe9,0xe6,0x41,0x72,0xc1,0xa7,0x4f,0x77,0x89,0x95,0x55,0xed,0x10,0x75,0x1c,0xd5,0x6e,0x86,0x40,0x5c,0xde,0x11,0x8d,0x02,0xdf,0xfe,0x55,0x5d,0x46,0x2c,0xcf,0x6a,0x85,0xb5,0x63,0x1c,0x12,0x35,0x0c,0x8d,0x5d,0xc4,0x09,0xba,0x10,0xb9,0x02,0x5d,0x0f,0x44,0x5c,0xf4,0x49,0xd9,0x2b,0x1c,0x00,0x0c,0x04,0x2d,0x20,0xc6,0x82,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x64,0x00,0x81,0xc3,0x54,0x00,0x00,0xff,0xfe,0x18,0x1d,0x61,0x27,0x09,0x04,0x2e,0x65,0xa0,0xf9,0x27,0x09,0x06,0x2a,0x03,0xb0,0xc0,0x00,0x03,0x00,0xd0,0x00,0x00,0x00,0x00,0x00,0x6a,0x30,0x01,0x27,0x09,0x04,0x6b,0xbf,0x2e,0xd2,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x68,0x00,0x83,0xa4,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x64,0x27,0x09,0x04,0x2d,0x20,0xf6,0xb3,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x58,0x00,0x8b,0xf8,0x54,0x00,0x00,0xff,0xfe,0x15,0xb3,0x9a,0x27,0x09,0x04,0x2d,0x20,0xf8,0x57,0x27,0x09,0x06,0x20,0x01,0x19,0xf0,0x70,0x00,0x9b,0xc9,0x54,0x00,0x00,0xff,0xfe,0x15,0xc4,0xf5,0x27,0x09,0x04,0x9f,0xcb,0x02,0x9a,0x27,0x09,0x06,0x26,0x04,0xa8,0x80,0x0c,0xad,0x00,0xd0,0x00,0x00,0x00,0x00,0x00,0x26,0x70,0x01,0x27,0x09}; @@ -47,33 +60,22 @@ Topology::Topology(const RuntimeEnvironment *renv) : _trustedPathCount(0), _amRoot(false) { - // Get cached world if present - std::string dsWorld(RR->node->dataStoreGet("world")); - World cachedWorld; - if (dsWorld.length() > 0) { - try { - Buffer<ZT_WORLD_MAX_SERIALIZED_LENGTH> dswtmp(dsWorld.data(),(unsigned int)dsWorld.length()); - cachedWorld.deserialize(dswtmp,0); - } catch ( ... ) { - cachedWorld = World(); // clear if cached world is invalid + try { + World cachedPlanet; + std::string buf(RR->node->dataStoreGet("planet")); + if (buf.length() > 0) { + Buffer<ZT_WORLD_MAX_SERIALIZED_LENGTH> dswtmp(buf.data(),(unsigned int)buf.length()); + cachedPlanet.deserialize(dswtmp,0); } - } + addWorld(cachedPlanet,false); + } catch ( ... ) {} - // Use default or cached world depending on which is shinier - World defaultWorld; + World defaultPlanet; { Buffer<ZT_DEFAULT_WORLD_LENGTH> wtmp(ZT_DEFAULT_WORLD,ZT_DEFAULT_WORLD_LENGTH); - defaultWorld.deserialize(wtmp,0); // throws on error, which would indicate a bad static variable up top + defaultPlanet.deserialize(wtmp,0); // throws on error, which would indicate a bad static variable up top } - if (cachedWorld.shouldBeReplacedBy(defaultWorld,false)) { - _setWorld(defaultWorld); - if (dsWorld.length() > 0) - RR->node->dataStoreDelete("world"); - } else _setWorld(cachedWorld); -} - -Topology::~Topology() -{ + addWorld(defaultPlanet,false); } SharedPtr<Peer> Topology::addPeer(const SharedPtr<Peer> &peer) @@ -89,7 +91,7 @@ SharedPtr<Peer> Topology::addPeer(const SharedPtr<Peer> &peer) SharedPtr<Peer> np; { - Mutex::Lock _l(_lock); + Mutex::Lock _l(_peers_m); SharedPtr<Peer> &hp = _peers[peer->address()]; if (!hp) hp = peer; @@ -109,11 +111,10 @@ SharedPtr<Peer> Topology::getPeer(const Address &zta) } { - Mutex::Lock _l(_lock); + Mutex::Lock _l(_peers_m); const SharedPtr<Peer> *const ap = _peers.get(zta); - if (ap) { + if (ap) return *ap; - } } try { @@ -121,17 +122,14 @@ SharedPtr<Peer> Topology::getPeer(const Address &zta) if (id) { SharedPtr<Peer> np(new Peer(RR,RR->identity,id)); { - Mutex::Lock _l(_lock); + Mutex::Lock _l(_peers_m); SharedPtr<Peer> &ap = _peers[zta]; if (!ap) ap.swap(np); return ap; } } - } catch ( ... ) { - fprintf(stderr,"EXCEPTION in getPeer() part 2\n"); - abort(); - } // invalid identity on disk? + } catch ( ... ) {} // invalid identity on disk? return SharedPtr<Peer>(); } @@ -141,7 +139,7 @@ Identity Topology::getIdentity(const Address &zta) if (zta == RR->identity.address()) { return RR->identity; } else { - Mutex::Lock _l(_lock); + Mutex::Lock _l(_peers_m); const SharedPtr<Peer> *const ap = _peers.get(zta); if (ap) return (*ap)->identity(); @@ -158,21 +156,21 @@ void Topology::saveIdentity(const Identity &id) } } -SharedPtr<Peer> Topology::getBestRoot(const Address *avoid,unsigned int avoidCount,bool strictAvoid) +SharedPtr<Peer> Topology::getUpstreamPeer(const Address *avoid,unsigned int avoidCount,bool strictAvoid) { const uint64_t now = RR->node->now(); - Mutex::Lock _l(_lock); + Mutex::Lock _l1(_peers_m); + Mutex::Lock _l2(_upstreams_m); if (_amRoot) { - /* If I am a root server, the "best" root server is the one whose address - * is numerically greater than mine (with wrap at top of list). This - * causes packets searching for a route to pretty much literally - * circumnavigate the globe rather than bouncing between just two. */ - - for(unsigned long p=0;p<_rootAddresses.size();++p) { - if (_rootAddresses[p] == RR->identity.address()) { - for(unsigned long q=1;q<_rootAddresses.size();++q) { - const SharedPtr<Peer> *const nextsn = _peers.get(_rootAddresses[(p + q) % _rootAddresses.size()]); + /* If I am a root, pick another root that isn't mine and that + * has a numerically greater ID. This causes packets to roam + * around the top rather than bouncing between just two. */ + + for(unsigned long p=0;p<_upstreamAddresses.size();++p) { + if (_upstreamAddresses[p] == RR->identity.address()) { + for(unsigned long q=1;q<_upstreamAddresses.size();++q) { + const SharedPtr<Peer> *const nextsn = _peers.get(_upstreamAddresses[(p + q) % _upstreamAddresses.size()]); if ((nextsn)&&((*nextsn)->hasActiveDirectPath(now))) return *nextsn; } @@ -181,30 +179,32 @@ SharedPtr<Peer> Topology::getBestRoot(const Address *avoid,unsigned int avoidCou } } else { - /* If I am not a root server, the best root server is the active one with - * the lowest quality score. (lower == better) */ + /* Otherwise pick the bestest looking upstream */ unsigned int bestQualityOverall = ~((unsigned int)0); unsigned int bestQualityNotAvoid = ~((unsigned int)0); const SharedPtr<Peer> *bestOverall = (const SharedPtr<Peer> *)0; const SharedPtr<Peer> *bestNotAvoid = (const SharedPtr<Peer> *)0; - for(std::vector< SharedPtr<Peer> >::const_iterator r(_rootPeers.begin());r!=_rootPeers.end();++r) { - bool avoiding = false; - for(unsigned int i=0;i<avoidCount;++i) { - if (avoid[i] == (*r)->address()) { - avoiding = true; - break; + for(std::vector<Address>::const_iterator a(_upstreamAddresses.begin());a!=_upstreamAddresses.end();++a) { + const SharedPtr<Peer> *p = _peers.get(*a); + if (p) { + bool avoiding = false; + for(unsigned int i=0;i<avoidCount;++i) { + if (avoid[i] == (*p)->address()) { + avoiding = true; + break; + } + } + const unsigned int q = (*p)->relayQuality(now); + if (q <= bestQualityOverall) { + bestQualityOverall = q; + bestOverall = &(*p); + } + if ((!avoiding)&&(q <= bestQualityNotAvoid)) { + bestQualityNotAvoid = q; + bestNotAvoid = &(*p); } - } - const unsigned int q = (*r)->relayQuality(now); - if (q <= bestQualityOverall) { - bestQualityOverall = q; - bestOverall = &(*r); - } - if ((!avoiding)&&(q <= bestQualityNotAvoid)) { - bestQualityNotAvoid = q; - bestNotAvoid = &(*r); } } @@ -221,39 +221,211 @@ SharedPtr<Peer> Topology::getBestRoot(const Address *avoid,unsigned int avoidCou bool Topology::isUpstream(const Identity &id) const { - return isRoot(id); + Mutex::Lock _l(_upstreams_m); + return (std::find(_upstreamAddresses.begin(),_upstreamAddresses.end(),id.address()) != _upstreamAddresses.end()); } -bool Topology::worldUpdateIfValid(const World &newWorld) +bool Topology::shouldAcceptWorldUpdateFrom(const Address &addr) const { - Mutex::Lock _l(_lock); - if (_world.shouldBeReplacedBy(newWorld,true)) { - _setWorld(newWorld); - try { - Buffer<ZT_WORLD_MAX_SERIALIZED_LENGTH> dswtmp; - newWorld.serialize(dswtmp,false); - RR->node->dataStorePut("world",dswtmp.data(),dswtmp.size(),false); - } catch ( ... ) { - RR->node->dataStoreDelete("world"); + Mutex::Lock _l(_upstreams_m); + if (std::find(_upstreamAddresses.begin(),_upstreamAddresses.end(),addr) != _upstreamAddresses.end()) + return true; + for(std::vector< std::pair< uint64_t,Address> >::const_iterator s(_moonSeeds.begin());s!=_moonSeeds.end();++s) { + if (s->second == addr) + return true; + } + return false; +} + +ZT_PeerRole Topology::role(const Address &ztaddr) const +{ + Mutex::Lock _l(_upstreams_m); + if (std::find(_upstreamAddresses.begin(),_upstreamAddresses.end(),ztaddr) != _upstreamAddresses.end()) { + for(std::vector<World::Root>::const_iterator i(_planet.roots().begin());i!=_planet.roots().end();++i) { + if (i->identity.address() == ztaddr) + return ZT_PEER_ROLE_PLANET; + } + return ZT_PEER_ROLE_MOON; + } + return ZT_PEER_ROLE_LEAF; +} + +bool Topology::isProhibitedEndpoint(const Address &ztaddr,const InetAddress &ipaddr) const +{ + Mutex::Lock _l(_upstreams_m); + + // For roots the only permitted addresses are those defined. This adds just a little + // bit of extra security against spoofing, replaying, etc. + if (std::find(_upstreamAddresses.begin(),_upstreamAddresses.end(),ztaddr) != _upstreamAddresses.end()) { + for(std::vector<World::Root>::const_iterator r(_planet.roots().begin());r!=_planet.roots().end();++r) { + if (r->identity.address() == ztaddr) { + if (r->stableEndpoints.size() == 0) + return false; // no stable endpoints specified, so allow dynamic paths + for(std::vector<InetAddress>::const_iterator e(r->stableEndpoints.begin());e!=r->stableEndpoints.end();++e) { + if (ipaddr.ipsEqual(*e)) + return false; + } + } + } + for(std::vector<World>::const_iterator m(_moons.begin());m!=_moons.end();++m) { + for(std::vector<World::Root>::const_iterator r(m->roots().begin());r!=m->roots().end();++r) { + if (r->identity.address() == ztaddr) { + if (r->stableEndpoints.size() == 0) + return false; // no stable endpoints specified, so allow dynamic paths + for(std::vector<InetAddress>::const_iterator e(r->stableEndpoints.begin());e!=r->stableEndpoints.end();++e) { + if (ipaddr.ipsEqual(*e)) + return false; + } + } + } } return true; } + return false; } +bool Topology::addWorld(const World &newWorld,bool alwaysAcceptNew) +{ + if ((newWorld.type() != World::TYPE_PLANET)&&(newWorld.type() != World::TYPE_MOON)) + return false; + + Mutex::Lock _l1(_upstreams_m); + Mutex::Lock _l2(_peers_m); + + World *existing = (World *)0; + switch(newWorld.type()) { + case World::TYPE_PLANET: + existing = &_planet; + break; + case World::TYPE_MOON: + for(std::vector< World >::iterator m(_moons.begin());m!=_moons.end();++m) { + if (m->id() == newWorld.id()) { + existing = &(*m); + break; + } + } + break; + default: + return false; + } + + if (existing) { + if (existing->shouldBeReplacedBy(newWorld)) + *existing = newWorld; + else return false; + } else if (newWorld.type() == World::TYPE_MOON) { + if (alwaysAcceptNew) { + _moons.push_back(newWorld); + existing = &(_moons.back()); + } else { + for(std::vector< std::pair<uint64_t,Address> >::iterator m(_moonSeeds.begin());m!=_moonSeeds.end();++m) { + if (m->first == newWorld.id()) { + for(std::vector<World::Root>::const_iterator r(newWorld.roots().begin());r!=newWorld.roots().end();++r) { + if (r->identity.address() == m->second) { + _moonSeeds.erase(m); + _moons.push_back(newWorld); + existing = &(_moons.back()); + break; + } + } + if (existing) + break; + } + } + } + if (!existing) + return false; + } else { + return false; + } + + char savePath[64]; + if (existing->type() == World::TYPE_MOON) { + Utils::snprintf(savePath,sizeof(savePath),"moons.d/%.16llx.moon",existing->id()); + } else { + Utils::scopy(savePath,sizeof(savePath),"planet"); + } + try { + Buffer<ZT_WORLD_MAX_SERIALIZED_LENGTH> dswtmp; + existing->serialize(dswtmp,false); + RR->node->dataStorePut(savePath,dswtmp.data(),dswtmp.size(),false); + } catch ( ... ) { + RR->node->dataStoreDelete(savePath); + } + + _memoizeUpstreams(); + + return true; +} + +void Topology::addMoon(const uint64_t id,const Address &seed) +{ + char savePath[64]; + Utils::snprintf(savePath,sizeof(savePath),"moons.d/%.16llx.moon",id); + + try { + std::string moonBin(RR->node->dataStoreGet(savePath)); + if (moonBin.length() > 1) { + Buffer<ZT_WORLD_MAX_SERIALIZED_LENGTH> wtmp(moonBin.data(),(unsigned int)moonBin.length()); + World w; + w.deserialize(wtmp); + if ((w.type() == World::TYPE_MOON)&&(w.id() == id)) { + addWorld(w,true); + return; + } + } + } catch ( ... ) {} + + if (seed) { + Mutex::Lock _l(_upstreams_m); + if (std::find(_moonSeeds.begin(),_moonSeeds.end(),std::pair<uint64_t,Address>(id,seed)) == _moonSeeds.end()) + _moonSeeds.push_back(std::pair<uint64_t,Address>(id,seed)); + } +} + +void Topology::removeMoon(const uint64_t id) +{ + Mutex::Lock _l1(_upstreams_m); + Mutex::Lock _l2(_peers_m); + + std::vector<World> nm; + for(std::vector<World>::const_iterator m(_moons.begin());m!=_moons.end();++m) { + if (m->id() != id) { + nm.push_back(*m); + } else { + char savePath[64]; + Utils::snprintf(savePath,sizeof(savePath),"moons.d/%.16llx.moon",id); + RR->node->dataStoreDelete(savePath); + } + } + _moons.swap(nm); + + std::vector< std::pair<uint64_t,Address> > cm; + for(std::vector< std::pair<uint64_t,Address> >::const_iterator m(_moonSeeds.begin());m!=_moonSeeds.end();++m) { + if (m->first != id) + cm.push_back(*m); + } + _moonSeeds.swap(cm); + + _memoizeUpstreams(); +} + void Topology::clean(uint64_t now) { - Mutex::Lock _l(_lock); { + Mutex::Lock _l1(_peers_m); + Mutex::Lock _l2(_upstreams_m); Hashtable< Address,SharedPtr<Peer> >::Iterator i(_peers); Address *a = (Address *)0; SharedPtr<Peer> *p = (SharedPtr<Peer> *)0; while (i.next(a,p)) { - if ( (!(*p)->isAlive(now)) && (std::find(_rootAddresses.begin(),_rootAddresses.end(),*a) == _rootAddresses.end()) ) + if ( (!(*p)->isAlive(now)) && (std::find(_upstreamAddresses.begin(),_upstreamAddresses.end(),*a) == _upstreamAddresses.end()) ) _peers.erase(*a); } } { + Mutex::Lock _l(_paths_m); Hashtable< Path::HashKey,SharedPtr<Path> >::Iterator i(_paths); Path::HashKey *k = (Path::HashKey *)0; SharedPtr<Path> *p = (SharedPtr<Path> *)0; @@ -277,28 +449,48 @@ Identity Topology::_getIdentity(const Address &zta) return Identity(); } -void Topology::_setWorld(const World &newWorld) +void Topology::_memoizeUpstreams() { - // assumed _lock is locked (or in constructor) - _world = newWorld; + // assumes _upstreams_m and _peers_m are locked + _upstreamAddresses.clear(); _amRoot = false; - _rootAddresses.clear(); - _rootPeers.clear(); - for(std::vector<World::Root>::const_iterator r(_world.roots().begin());r!=_world.roots().end();++r) { - _rootAddresses.push_back(r->identity.address()); - if (r->identity.address() == RR->identity.address()) { + + for(std::vector<World::Root>::const_iterator i(_planet.roots().begin());i!=_planet.roots().end();++i) { + if (i->identity == RR->identity) { _amRoot = true; - } else { - SharedPtr<Peer> *rp = _peers.get(r->identity.address()); - if (rp) { - _rootPeers.push_back(*rp); - } else { - SharedPtr<Peer> newrp(new Peer(RR,RR->identity,r->identity)); - _peers.set(r->identity.address(),newrp); - _rootPeers.push_back(newrp); + } else if (std::find(_upstreamAddresses.begin(),_upstreamAddresses.end(),i->identity.address()) == _upstreamAddresses.end()) { + _upstreamAddresses.push_back(i->identity.address()); + SharedPtr<Peer> &hp = _peers[i->identity.address()]; + if (!hp) { + hp = new Peer(RR,RR->identity,i->identity); + saveIdentity(i->identity); } } } + + for(std::vector<World>::const_iterator m(_moons.begin());m!=_moons.end();++m) { + for(std::vector<World::Root>::const_iterator i(m->roots().begin());i!=m->roots().end();++i) { + if (i->identity == RR->identity) { + _amRoot = true; + } else if (std::find(_upstreamAddresses.begin(),_upstreamAddresses.end(),i->identity.address()) == _upstreamAddresses.end()) { + _upstreamAddresses.push_back(i->identity.address()); + SharedPtr<Peer> &hp = _peers[i->identity.address()]; + if (!hp) { + hp = new Peer(RR,RR->identity,i->identity); + saveIdentity(i->identity); + } + } + } + } + + std::sort(_upstreamAddresses.begin(),_upstreamAddresses.end()); + + _cor.clear(); + for(std::vector<Address>::const_iterator a(_upstreamAddresses.begin());a!=_upstreamAddresses.end();++a) { + if (!_cor.addRepresentative(*a)) + break; + } + _cor.sign(RR->identity,RR->node->now()); } } // namespace ZeroTier diff --git a/node/Topology.hpp b/node/Topology.hpp index e63766cb..37615b49 100644 --- a/node/Topology.hpp +++ b/node/Topology.hpp @@ -38,6 +38,7 @@ #include "InetAddress.hpp" #include "Hashtable.hpp" #include "World.hpp" +#include "CertificateOfRepresentation.hpp" namespace ZeroTier { @@ -50,7 +51,6 @@ class Topology { public: Topology(const RuntimeEnvironment *renv); - ~Topology(); /** * Add a peer to database @@ -83,7 +83,7 @@ public: */ inline SharedPtr<Peer> getPeerNoCache(const Address &zta) { - Mutex::Lock _l(_lock); + Mutex::Lock _l(_peers_m); const SharedPtr<Peer> *const ap = _peers.get(zta); if (ap) return *ap; @@ -99,7 +99,7 @@ public: */ inline SharedPtr<Path> getPath(const InetAddress &l,const InetAddress &r) { - Mutex::Lock _l(_lock); + Mutex::Lock _l(_paths_m); SharedPtr<Path> &p = _paths[Path::HashKey(l,r)]; if (!p) p.setToUnsafe(new Path(l,r)); @@ -125,49 +125,82 @@ public: void saveIdentity(const Identity &id); /** - * Get the current favorite root server + * Get the current best upstream peer * * @return Root server with lowest latency or NULL if none */ - inline SharedPtr<Peer> getBestRoot() { return getBestRoot((const Address *)0,0,false); } + inline SharedPtr<Peer> getUpstreamPeer() { return getUpstreamPeer((const Address *)0,0,false); } /** - * Get the best root server, avoiding root servers listed in an array - * - * This will get the best root server (lowest latency, etc.) but will - * try to avoid the listed root servers, only using them if no others - * are available. + * Get the current best upstream peer, avoiding those in the supplied avoid list * * @param avoid Nodes to avoid * @param avoidCount Number of nodes to avoid * @param strictAvoid If false, consider avoided root servers anyway if no non-avoid root servers are available * @return Root server or NULL if none available */ - SharedPtr<Peer> getBestRoot(const Address *avoid,unsigned int avoidCount,bool strictAvoid); + SharedPtr<Peer> getUpstreamPeer(const Address *avoid,unsigned int avoidCount,bool strictAvoid); /** * @param id Identity to check - * @return True if this is a designated root server in this world + * @return True if this is a root server or a network preferred relay from one of our networks */ - inline bool isRoot(const Identity &id) const - { - Mutex::Lock _l(_lock); - return (std::find(_rootAddresses.begin(),_rootAddresses.end(),id.address()) != _rootAddresses.end()); - } + bool isUpstream(const Identity &id) const; /** - * @param id Identity to check - * @return True if this is a root server or a network preferred relay from one of our networks + * @param addr Address to check + * @return True if we should accept a world update from this address */ - bool isUpstream(const Identity &id) const; + bool shouldAcceptWorldUpdateFrom(const Address &addr) const; /** - * @return Vector of root server addresses + * @param ztaddr ZeroTier address + * @return Peer role for this device */ - inline std::vector<Address> rootAddresses() const + ZT_PeerRole role(const Address &ztaddr) const; + + /** + * Check for prohibited endpoints + * + * Right now this returns true if the designated ZT address is a root and if + * the IP (IP only, not port) does not equal any of the IPs defined in the + * current World. This is an extra little security feature in case root keys + * get appropriated or something. + * + * Otherwise it returns false. + * + * @param ztaddr ZeroTier address + * @param ipaddr IP address + * @return True if this ZT/IP pair should not be allowed to be used + */ + bool isProhibitedEndpoint(const Address &ztaddr,const InetAddress &ipaddr) const; + + /** + * Gets upstreams to contact and their stable endpoints (if known) + * + * @param eps Hash table to fill with addresses and their stable endpoints + */ + inline void getUpstreamsToContact(Hashtable< Address,std::vector<InetAddress> > &eps) const { - Mutex::Lock _l(_lock); - return _rootAddresses; + Mutex::Lock _l(_upstreams_m); + for(std::vector<World::Root>::const_iterator i(_planet.roots().begin());i!=_planet.roots().end();++i) { + std::vector<InetAddress> &ips = eps[i->identity.address()]; + for(std::vector<InetAddress>::const_iterator j(i->stableEndpoints.begin());j!=i->stableEndpoints.end();++j) { + if (std::find(ips.begin(),ips.end(),*j) == ips.end()) + ips.push_back(*j); + } + } + for(std::vector<World>::const_iterator m(_moons.begin());m!=_moons.end();++m) { + for(std::vector<World::Root>::const_iterator i(m->roots().begin());i!=m->roots().end();++i) { + std::vector<InetAddress> &ips = eps[i->identity.address()]; + for(std::vector<InetAddress>::const_iterator j(i->stableEndpoints.begin());j!=i->stableEndpoints.end();++j) { + if (std::find(ips.begin(),ips.end(),*j) == ips.end()) + ips.push_back(*j); + } + } + } + for(std::vector< std::pair<uint64_t,Address> >::const_iterator m(_moonSeeds.begin());m!=_moonSeeds.end();++m) + eps[m->second]; } /** @@ -175,41 +208,84 @@ public: */ inline std::vector<Address> upstreamAddresses() const { - return rootAddresses(); + Mutex::Lock _l(_upstreams_m); + return _upstreamAddresses; } /** - * @return Current World (copy) + * @return Current moons */ - inline World world() const + inline std::vector<World> moons() const { - Mutex::Lock _l(_lock); - return _world; + Mutex::Lock _l(_upstreams_m); + return _moons; } /** - * @return Current world ID + * @return Moon IDs we are waiting for from seeds */ - inline uint64_t worldId() const + inline std::vector<uint64_t> moonsWanted() const { - return _world.id(); // safe to read without lock, and used from within eachPeer() so don't lock + Mutex::Lock _l(_upstreams_m); + std::vector<uint64_t> mw; + for(std::vector< std::pair<uint64_t,Address> >::const_iterator s(_moonSeeds.begin());s!=_moonSeeds.end();++s) { + if (std::find(mw.begin(),mw.end(),s->first) == mw.end()) + mw.push_back(s->first); + } + return mw; } /** - * @return Current world timestamp + * @return Current planet */ - inline uint64_t worldTimestamp() const + inline World planet() const { - return _world.timestamp(); // safe to read without lock, and used from within eachPeer() so don't lock + Mutex::Lock _l(_upstreams_m); + return _planet; + } + + /** + * @return Current planet's world ID + */ + inline uint64_t planetWorldId() const + { + return _planet.id(); // safe to read without lock, and used from within eachPeer() so don't lock + } + + /** + * @return Current planet's world timestamp + */ + inline uint64_t planetWorldTimestamp() const + { + return _planet.timestamp(); // safe to read without lock, and used from within eachPeer() so don't lock } /** * Validate new world and update if newer and signature is okay * - * @param newWorld Potential new world definition revision - * @return True if an update actually occurred + * @param newWorld A new or updated planet or moon to learn + * @param alwaysAcceptNew If true, always accept new moons even if we're not waiting for one + * @return True if it was valid and newer than current (or totally new for moons) + */ + bool addWorld(const World &newWorld,bool alwaysAcceptNew); + + /** + * Add a moon + * + * This loads it from moons.d if present, and if not adds it to + * a list of moons that we want to contact. + * + * @param id Moon ID + * @param seed If non-NULL, an address of any member of the moon to contact */ - bool worldUpdateIfValid(const World &newWorld); + void addMoon(const uint64_t id,const Address &seed); + + /** + * Remove a moon + * + * @param id Moon's world ID + */ + void removeMoon(const uint64_t id); /** * Clean and flush database @@ -223,7 +299,7 @@ public: inline unsigned long countActive(uint64_t now) const { unsigned long cnt = 0; - Mutex::Lock _l(_lock); + Mutex::Lock _l(_peers_m); Hashtable< Address,SharedPtr<Peer> >::Iterator i(const_cast<Topology *>(this)->_peers); Address *a = (Address *)0; SharedPtr<Peer> *p = (SharedPtr<Peer> *)0; @@ -236,20 +312,13 @@ public: /** * Apply a function or function object to all peers * - * Note: explicitly template this by reference if you want the object - * passed by reference instead of copied. - * - * Warning: be careful not to use features in these that call any other - * methods of Topology that may lock _lock, otherwise a recursive lock - * and deadlock or lock corruption may occur. - * * @param f Function to apply * @tparam F Function or function object type */ template<typename F> inline void eachPeer(F f) { - Mutex::Lock _l(_lock); + Mutex::Lock _l(_peers_m); Hashtable< Address,SharedPtr<Peer> >::Iterator i(_peers); Address *a = (Address *)0; SharedPtr<Peer> *p = (SharedPtr<Peer> *)0; @@ -269,14 +338,14 @@ public: */ inline std::vector< std::pair< Address,SharedPtr<Peer> > > allPeers() const { - Mutex::Lock _l(_lock); + Mutex::Lock _l(_peers_m); return _peers.entries(); } /** - * @return True if I am a root server in the current World + * @return True if I am a root server in a planet or moon */ - inline bool amRoot() const throw() { return _amRoot; } + inline bool amRoot() const { return _amRoot; } /** * Get the outbound trusted path ID for a physical address, or 0 if none @@ -319,7 +388,7 @@ public: { if (count > ZT_MAX_TRUSTED_PATHS) count = ZT_MAX_TRUSTED_PATHS; - Mutex::Lock _l(_lock); + Mutex::Lock _l(_trustedPaths_m); for(unsigned int i=0;i<count;++i) { _trustedPathIds[i] = ids[i]; _trustedPathNetworks[i] = networks[i]; @@ -327,26 +396,49 @@ public: _trustedPathCount = count; } + /** + * @return Current certificate of representation (copy) + */ + inline CertificateOfRepresentation certificateOfRepresentation() const + { + Mutex::Lock _l(_upstreams_m); + return _cor; + } + + /** + * @param buf Buffer to receive COR + */ + template<unsigned int C> + void appendCertificateOfRepresentation(Buffer<C> &buf) + { + Mutex::Lock _l(_upstreams_m); + _cor.serialize(buf); + } + private: Identity _getIdentity(const Address &zta); - void _setWorld(const World &newWorld); + void _memoizeUpstreams(); const RuntimeEnvironment *const RR; uint64_t _trustedPathIds[ZT_MAX_TRUSTED_PATHS]; InetAddress _trustedPathNetworks[ZT_MAX_TRUSTED_PATHS]; unsigned int _trustedPathCount; - - World _world; + Mutex _trustedPaths_m; Hashtable< Address,SharedPtr<Peer> > _peers; + Mutex _peers_m; + Hashtable< Path::HashKey,SharedPtr<Path> > _paths; + Mutex _paths_m; - std::vector< Address > _rootAddresses; - std::vector< SharedPtr<Peer> > _rootPeers; + World _planet; + std::vector<World> _moons; + std::vector< std::pair<uint64_t,Address> > _moonSeeds; + std::vector<Address> _upstreamAddresses; + CertificateOfRepresentation _cor; bool _amRoot; - - Mutex _lock; + Mutex _upstreams_m; // locks worlds, upstream info, moon info, etc. }; } // namespace ZeroTier diff --git a/node/Utils.cpp b/node/Utils.cpp index 9d67fc22..fb448dd6 100644 --- a/node/Utils.cpp +++ b/node/Utils.cpp @@ -47,21 +47,14 @@ namespace ZeroTier { const char Utils::HEXCHARS[16] = { '0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f' }; -static void _Utils_doBurn(char *ptr,unsigned int len) +// Crazy hack to force memory to be securely zeroed in spite of the best efforts of optimizing compilers. +static void _Utils_doBurn(volatile uint8_t *ptr,unsigned int len) { - for(unsigned int i=0;i<len;++i) - ptr[i] = (char)0; -} -void (*volatile _Utils_doBurn_ptr)(char *,unsigned int) = _Utils_doBurn; -void Utils::burn(void *ptr,unsigned int len) - throw() -{ - // Ridiculous hack: call _doBurn() via a volatile function pointer to - // hold down compiler optimizers and beat them mercilessly until they - // cry and mumble something about never eliding secure memory zeroing - // again. - (_Utils_doBurn_ptr)((char *)ptr,len); + volatile uint8_t *const end = ptr + len; + while (ptr != end) *(ptr++) = (uint8_t)0; } +static void (*volatile _Utils_doBurn_ptr)(volatile uint8_t *,unsigned int) = _Utils_doBurn; +void Utils::burn(void *ptr,unsigned int len) { (_Utils_doBurn_ptr)((volatile uint8_t *)ptr,len); } std::string Utils::hex(const void *data,unsigned int len) { @@ -144,6 +137,8 @@ void Utils::getSecureRandom(void *buf,unsigned int bytes) static Mutex globalLock; static Salsa20 s20; static bool s20Initialized = false; + static uint8_t randomBuf[65536]; + static unsigned int randomPtr = sizeof(randomBuf); Mutex::Lock _l(globalLock); @@ -168,27 +163,31 @@ void Utils::getSecureRandom(void *buf,unsigned int bytes) static HCRYPTPROV cryptProvider = NULL; - if (cryptProvider == NULL) { - if (!CryptAcquireContextA(&cryptProvider,NULL,NULL,PROV_RSA_FULL,CRYPT_VERIFYCONTEXT|CRYPT_SILENT)) { - fprintf(stderr,"FATAL ERROR: Utils::getSecureRandom() unable to obtain WinCrypt context!\r\n"); - exit(1); - return; + for(unsigned int i=0;i<bytes;++i) { + if (randomPtr >= sizeof(randomBuf)) { + if (cryptProvider == NULL) { + if (!CryptAcquireContextA(&cryptProvider,NULL,NULL,PROV_RSA_FULL,CRYPT_VERIFYCONTEXT|CRYPT_SILENT)) { + fprintf(stderr,"FATAL ERROR: Utils::getSecureRandom() unable to obtain WinCrypt context!\r\n"); + exit(1); + } + } + if (!CryptGenRandom(cryptProvider,(DWORD)sizeof(randomBuf),(BYTE *)randomBuf)) { + fprintf(stderr,"FATAL ERROR: Utils::getSecureRandom() CryptGenRandom failed!\r\n"); + exit(1); + } + randomPtr = 0; + s20.crypt12(randomBuf,randomBuf,sizeof(randomBuf)); } - } - if (!CryptGenRandom(cryptProvider,(DWORD)bytes,(BYTE *)buf)) { - fprintf(stderr,"FATAL ERROR: Utils::getSecureRandom() CryptGenRandom failed!\r\n"); - exit(1); + ((uint8_t *)buf)[i] = randomBuf[randomPtr++]; } #else // not __WINDOWS__ - static char randomBuf[131072]; - static unsigned int randomPtr = sizeof(randomBuf); static int devURandomFd = -1; - if (devURandomFd <= 0) { + if (devURandomFd < 0) { devURandomFd = ::open("/dev/urandom",O_RDONLY); - if (devURandomFd <= 0) { + if (devURandomFd < 0) { fprintf(stderr,"FATAL ERROR: Utils::getSecureRandom() unable to open /dev/urandom\n"); exit(1); return; @@ -201,7 +200,7 @@ void Utils::getSecureRandom(void *buf,unsigned int bytes) if ((int)::read(devURandomFd,randomBuf,sizeof(randomBuf)) != (int)sizeof(randomBuf)) { ::close(devURandomFd); devURandomFd = ::open("/dev/urandom",O_RDONLY); - if (devURandomFd <= 0) { + if (devURandomFd < 0) { fprintf(stderr,"FATAL ERROR: Utils::getSecureRandom() unable to open /dev/urandom\n"); exit(1); return; @@ -209,57 +208,12 @@ void Utils::getSecureRandom(void *buf,unsigned int bytes) } else break; } randomPtr = 0; + s20.crypt12(randomBuf,randomBuf,sizeof(randomBuf)); } - ((char *)buf)[i] = randomBuf[randomPtr++]; + ((uint8_t *)buf)[i] = randomBuf[randomPtr++]; } #endif // __WINDOWS__ or not - - s20.encrypt12(buf,buf,bytes); -} - -std::vector<std::string> Utils::split(const char *s,const char *const sep,const char *esc,const char *quot) -{ - std::vector<std::string> fields; - std::string buf; - - if (!esc) - esc = ""; - if (!quot) - quot = ""; - - bool escapeState = false; - char quoteState = 0; - while (*s) { - if (escapeState) { - escapeState = false; - buf.push_back(*s); - } else if (quoteState) { - if (*s == quoteState) { - quoteState = 0; - fields.push_back(buf); - buf.clear(); - } else buf.push_back(*s); - } else { - const char *quotTmp; - if (strchr(esc,*s)) - escapeState = true; - else if ((buf.size() <= 0)&&((quotTmp = strchr(quot,*s)))) - quoteState = *quotTmp; - else if (strchr(sep,*s)) { - if (buf.size() > 0) { - fields.push_back(buf); - buf.clear(); - } // else skip runs of seperators - } else buf.push_back(*s); - } - ++s; - } - - if (buf.size()) - fields.push_back(buf); - - return fields; } bool Utils::scopy(char *dest,unsigned int len,const char *src) @@ -292,7 +246,6 @@ unsigned int Utils::snprintf(char *buf,unsigned int len,const char *fmt,...) if ((n >= (int)len)||(n < 0)) { if (len) buf[len - 1] = (char)0; - abort(); throw std::length_error("buf[] overflow in Utils::snprintf"); } diff --git a/node/Utils.hpp b/node/Utils.hpp index cfe56501..ceb29d7e 100644 --- a/node/Utils.hpp +++ b/node/Utils.hpp @@ -59,8 +59,7 @@ public: /** * Securely zero memory, avoiding compiler optimizations and such */ - static void burn(void *ptr,unsigned int len) - throw(); + static void burn(void *ptr,unsigned int len); /** * Convert binary data to hexadecimal @@ -112,17 +111,6 @@ public: static void getSecureRandom(void *buf,unsigned int bytes); /** - * Split a string by delimiter, with optional escape and quote characters - * - * @param s String to split - * @param sep One or more separators - * @param esc Zero or more escape characters - * @param quot Zero or more quote characters - * @return Vector of tokens - */ - static std::vector<std::string> split(const char *s,const char *const sep,const char *esc,const char *quot); - - /** * Tokenize a string (alias for strtok_r or strtok_s depending on platform) * * @param str String to split @@ -265,6 +253,20 @@ public: } /** + * Count the number of bits set in an integer + * + * @param v 64-bit integer + * @return Number of bits set in this integer (0-64) + */ + static inline uint64_t countBits(uint64_t v) + { + v = v - ((v >> 1) & (uint64_t)~(uint64_t)0/3); + v = (v & (uint64_t)~(uint64_t)0/15*3) + ((v >> 2) & (uint64_t)~(uint64_t)0/15*3); + v = (v + (v >> 4)) & (uint64_t)~(uint64_t)0/255*15; + return (uint64_t)(v * ((uint64_t)~(uint64_t)0/255)) >> 56; + } + + /** * Check if a memory buffer is all-zero * * @param p Memory to scan @@ -346,8 +348,7 @@ public: * * @return -1, 0, or 1 based on whether first tuple is less than, equal to, or greater than second */ - static inline int compareVersion(unsigned int maj1,unsigned int min1,unsigned int rev1,unsigned int maj2,unsigned int min2,unsigned int rev2) - throw() + static inline int compareVersion(unsigned int maj1,unsigned int min1,unsigned int rev1,unsigned int b1,unsigned int maj2,unsigned int min2,unsigned int rev2,unsigned int b2) { if (maj1 > maj2) return 1; @@ -363,7 +364,13 @@ public: return 1; else if (rev1 < rev2) return -1; - else return 0; + else { + if (b1 > b2) + return 1; + else if (b1 < b2) + return -1; + else return 0; + } } } } diff --git a/node/World.hpp b/node/World.hpp index 2f1edb00..6e835bec 100644 --- a/node/World.hpp +++ b/node/World.hpp @@ -49,16 +49,6 @@ #define ZT_WORLD_MAX_SERIALIZED_LENGTH (((1024 + (32 * ZT_WORLD_MAX_STABLE_ENDPOINTS_PER_ROOT)) * ZT_WORLD_MAX_ROOTS) + ZT_C25519_PUBLIC_KEY_LEN + ZT_C25519_SIGNATURE_LEN + 128) /** - * World ID indicating null / empty World object - */ -#define ZT_WORLD_ID_NULL 0 - -/** - * World ID for a test network with ephemeral or temporary roots - */ -#define ZT_WORLD_ID_TESTNET 1 - -/** * World ID for Earth * * This is the ID for the ZeroTier World used on planet Earth. It is unrelated @@ -90,15 +80,23 @@ namespace ZeroTier { * orbits, the Moon (about 1.3 light seconds), and nearby Lagrange points. A * world ID for Mars and nearby space is defined but not yet used, and a test * world ID is provided for testing purposes. - * - * If you absolutely must run your own "unofficial" ZeroTier network, please - * define your world IDs above 0xffffffff (4294967295). Code to make a World - * is in mkworld.cpp in the parent directory and must be edited to change - * settings. */ class World { public: + /** + * World type -- do not change IDs + */ + enum Type + { + TYPE_NULL = 0, + TYPE_PLANET = 1, // Planets, of which there is currently one (Earth) + TYPE_MOON = 127 // Moons, which are user-created and many + }; + + /** + * Upstream server definition in world/moon + */ struct Root { Identity identity; @@ -113,45 +111,54 @@ public: * Construct an empty / null World */ World() : - _id(ZT_WORLD_ID_NULL), - _ts(0) {} + _id(0), + _ts(0), + _type(TYPE_NULL) {} /** * @return Root servers for this world and their stable endpoints */ - inline const std::vector<World::Root> &roots() const throw() { return _roots; } + inline const std::vector<World::Root> &roots() const { return _roots; } + + /** + * @return World type: planet or moon + */ + inline Type type() const { return _type; } /** * @return World unique identifier */ - inline uint64_t id() const throw() { return _id; } + inline uint64_t id() const { return _id; } /** * @return World definition timestamp */ - inline uint64_t timestamp() const throw() { return _ts; } + inline uint64_t timestamp() const { return _ts; } + + /** + * @return C25519 signature + */ + inline const C25519::Signature &signature() const { return _signature; } + + /** + * @return Public key that must sign next update + */ + inline const C25519::Public &updatesMustBeSignedBy() const { return _updatesMustBeSignedBy; } /** * Check whether a world update should replace this one * - * A new world update is valid if it is for the same world ID, is newer, - * and is signed by the current world's signing key. If this world object - * is null, it can always be updated. - * * @param update Candidate update - * @param fullSignatureCheck Perform full cryptographic signature check (true == yes, false == skip) - * @return True if update is newer than current and is properly signed + * @return True if update is newer than current, matches its ID and type, and is properly signed (or if current is NULL) */ - inline bool shouldBeReplacedBy(const World &update,bool fullSignatureCheck) + inline bool shouldBeReplacedBy(const World &update) { - if (_id == ZT_WORLD_ID_NULL) + if ((_id == 0)||(_type == TYPE_NULL)) return true; - if ((_id == update._id)&&(_ts < update._ts)) { - if (fullSignatureCheck) { - Buffer<ZT_WORLD_MAX_SERIALIZED_LENGTH> tmp; - update.serialize(tmp,true); - return C25519::verify(_updatesMustBeSignedBy,tmp.data(),tmp.size(),update._signature); - } else return true; + if ((_id == update._id)&&(_ts < update._ts)&&(_type == update._type)) { + Buffer<ZT_WORLD_MAX_SERIALIZED_LENGTH> tmp; + update.serialize(tmp,true); + return C25519::verify(_updatesMustBeSignedBy,tmp.data(),tmp.size(),update._signature); } return false; } @@ -159,14 +166,14 @@ public: /** * @return True if this World is non-empty */ - inline operator bool() const throw() { return (_id != ZT_WORLD_ID_NULL); } + inline operator bool() const { return (_type != TYPE_NULL); } template<unsigned int C> inline void serialize(Buffer<C> &b,bool forSign = false) const { if (forSign) b.append((uint64_t)0x7f7f7f7f7f7f7f7fULL); - b.append((uint8_t)0x01); + b.append((uint8_t)_type); b.append((uint64_t)_id); b.append((uint64_t)_ts); b.append(_updatesMustBeSignedBy.data,ZT_C25519_PUBLIC_KEY_LEN); @@ -179,6 +186,8 @@ public: for(std::vector<InetAddress>::const_iterator ep(r->stableEndpoints.begin());ep!=r->stableEndpoints.end();++ep) ep->serialize(b); } + if (_type == TYPE_MOON) + b.append((uint16_t)0); // no attached dictionary (for future use) if (forSign) b.append((uint64_t)0xf7f7f7f7f7f7f7f7ULL); } @@ -190,14 +199,19 @@ public: _roots.clear(); - if (b[p++] != 0x01) - throw std::invalid_argument("invalid object type"); + switch((Type)b[p++]) { + case TYPE_NULL: _type = TYPE_NULL; break; // shouldn't ever really happen in serialized data but it's not invalid + case TYPE_PLANET: _type = TYPE_PLANET; break; + case TYPE_MOON: _type = TYPE_MOON; break; + default: + throw std::invalid_argument("invalid world type"); + } _id = b.template at<uint64_t>(p); p += 8; _ts = b.template at<uint64_t>(p); p += 8; memcpy(_updatesMustBeSignedBy.data,b.field(p,ZT_C25519_PUBLIC_KEY_LEN),ZT_C25519_PUBLIC_KEY_LEN); p += ZT_C25519_PUBLIC_KEY_LEN; memcpy(_signature.data,b.field(p,ZT_C25519_SIGNATURE_LEN),ZT_C25519_SIGNATURE_LEN); p += ZT_C25519_SIGNATURE_LEN; - unsigned int numRoots = b[p++]; + const unsigned int numRoots = (unsigned int)b[p++]; if (numRoots > ZT_WORLD_MAX_ROOTS) throw std::invalid_argument("too many roots in World"); for(unsigned int k=0;k<numRoots;++k) { @@ -212,16 +226,48 @@ public: p += r.stableEndpoints.back().deserialize(b,p); } } + if (_type == TYPE_MOON) + p += b.template at<uint16_t>(p) + 2; return (p - startAt); } - inline bool operator==(const World &w) const throw() { return ((_id == w._id)&&(_ts == w._ts)&&(_updatesMustBeSignedBy == w._updatesMustBeSignedBy)&&(_signature == w._signature)&&(_roots == w._roots)); } - inline bool operator!=(const World &w) const throw() { return (!(*this == w)); } + inline bool operator==(const World &w) const { return ((_id == w._id)&&(_ts == w._ts)&&(_updatesMustBeSignedBy == w._updatesMustBeSignedBy)&&(_signature == w._signature)&&(_roots == w._roots)&&(_type == w._type)); } + inline bool operator!=(const World &w) const { return (!(*this == w)); } + + inline bool operator<(const World &w) const { return (((int)_type < (int)w._type) ? true : ((_type == w._type) ? (_id < w._id) : false)); } + + /** + * Create a World object signed with a key pair + * + * @param t World type + * @param id World ID + * @param ts World timestamp / revision + * @param sk Key that must be used to sign the next future update to this world + * @param roots Roots and their stable endpoints + * @param signWith Key to sign this World with (can have the same public as the next-update signing key, but doesn't have to) + * @return Signed World object + */ + static inline World make(World::Type t,uint64_t id,uint64_t ts,const C25519::Public &sk,const std::vector<World::Root> &roots,const C25519::Pair &signWith) + { + World w; + w._id = id; + w._ts = ts; + w._type = t; + w._updatesMustBeSignedBy = sk; + w._roots = roots; + + Buffer<ZT_WORLD_MAX_SERIALIZED_LENGTH> tmp; + w.serialize(tmp,true); + w._signature = C25519::sign(signWith,tmp.data(),tmp.size()); + + return w; + } protected: uint64_t _id; uint64_t _ts; + Type _type; C25519::Public _updatesMustBeSignedBy; C25519::Signature _signature; std::vector<Root> _roots; @@ -1,8 +1,10 @@ OBJS=\ controller/EmbeddedNetworkController.o \ + controller/JSONDB.o \ node/C25519.o \ node/Capability.o \ node/CertificateOfMembership.o \ + node/CertificateOfOwnership.o \ node/Cluster.o \ node/Identity.o \ node/IncomingPacket.o \ @@ -25,9 +27,8 @@ OBJS=\ node/Tag.o \ node/Topology.o \ node/Utils.o \ - osdep/BackgroundResolver.o \ osdep/ManagedRoute.o \ osdep/Http.o \ osdep/OSUtils.o \ service/ClusterGeoIpService.o \ - service/ControlPlane.o + service/SoftwareUpdater.o @@ -43,7 +43,16 @@ #include <fcntl.h> #include <sys/types.h> #include <sys/stat.h> +#include <sys/uio.h> +#include <dirent.h> #include <signal.h> +#ifdef __LINUX__ +#include <sys/prctl.h> +#include <sys/syscall.h> +#include <sys/wait.h> +#include <linux/capability.h> +#include <linux/securebits.h> +#endif #endif #include <string> @@ -58,6 +67,8 @@ #include "node/CertificateOfMembership.hpp" #include "node/Utils.hpp" #include "node/NetworkController.hpp" +#include "node/Buffer.hpp" +#include "node/World.hpp" #include "osdep/OSUtils.hpp" #include "osdep/Http.hpp" @@ -110,6 +121,9 @@ static void cliPrintHelp(const char *pn,FILE *out) fprintf(out," join <network> - Join a network" ZT_EOL_S); fprintf(out," leave <network> - Leave a network" ZT_EOL_S); fprintf(out," set <network> <setting> - Set a network setting" ZT_EOL_S); + fprintf(out," listmoons - List moons (federated root sets)" ZT_EOL_S); + fprintf(out," orbit <world ID> <seed> - Join a moon via any member root" ZT_EOL_S); + fprintf(out," deorbit <world ID> - Leave a moon" ZT_EOL_S); } static std::string cliFixJsonCRs(const std::string &s) @@ -285,7 +299,7 @@ static int cli(int argc,char **argv) nlohmann::json j; try { - j = nlohmann::json::parse(responseBody); + j = OSUtils::jsonParse(responseBody); } catch (std::exception &exc) { printf("%u %s invalid JSON response (%s)" ZT_EOL_S,scode,command.c_str(),exc.what()); return 1; @@ -295,14 +309,16 @@ static int cli(int argc,char **argv) } if (scode == 200) { - std::ostringstream out; if (json) { - out << j.dump(2) << ZT_EOL_S; + printf("%s" ZT_EOL_S,OSUtils::jsonDump(j).c_str()); } else { - if (j.is_object()) - out << "200 info " << j["address"].get<std::string>() << " " << j["version"].get<std::string>() << " " << ((j["tcpFallbackActive"]) ? "TUNNELED" : ((j["online"]) ? "ONLINE" : "OFFLINE")) << ZT_EOL_S; + if (j.is_object()) { + printf("200 info %s %s %s" ZT_EOL_S, + OSUtils::jsonString(j["address"],"-").c_str(), + OSUtils::jsonString(j["version"],"-").c_str(), + ((j["tcpFallbackActive"]) ? "TUNNELED" : ((j["online"]) ? "ONLINE" : "OFFLINE"))); + } } - printf("%s",out.str().c_str()); return 0; } else { printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); @@ -313,7 +329,7 @@ static int cli(int argc,char **argv) nlohmann::json j; try { - j = nlohmann::json::parse(responseBody); + j = OSUtils::jsonParse(responseBody); } catch (std::exception &exc) { printf("%u %s invalid JSON response (%s)" ZT_EOL_S,scode,command.c_str(),exc.what()); return 1; @@ -323,24 +339,24 @@ static int cli(int argc,char **argv) } if (scode == 200) { - std::ostringstream out; if (json) { - out << j.dump(2) << ZT_EOL_S; + printf("%s" ZT_EOL_S,OSUtils::jsonDump(j).c_str()); } else { - out << "200 listpeers <ztaddr> <path> <latency> <version> <role>" << ZT_EOL_S; + printf("200 listpeers <ztaddr> <path> <latency> <version> <role>" ZT_EOL_S); if (j.is_array()) { for(unsigned long k=0;k<j.size();++k) { - auto &p = j[k]; + nlohmann::json &p = j[k]; std::string bestPath; - auto paths = p["paths"]; + nlohmann::json &paths = p["paths"]; if (paths.is_array()) { for(unsigned long i=0;i<paths.size();++i) { - auto &path = paths[i]; + nlohmann::json &path = paths[i]; if (path["preferred"]) { char tmp[256]; std::string addr = path["address"]; const uint64_t now = OSUtils::now(); - Utils::snprintf(tmp,sizeof(tmp),"%s;%llu;%llu",addr.c_str(),now - (uint64_t)path["lastSend"],now - (uint64_t)path["lastReceive"]); + const double lq = (path.count("linkQuality")) ? (double)path["linkQuality"] : -1.0; + Utils::snprintf(tmp,sizeof(tmp),"%s;%llu;%llu;%1.2f",addr.c_str(),now - (uint64_t)path["lastSend"],now - (uint64_t)path["lastReceive"],lq); bestPath = tmp; break; } @@ -357,11 +373,15 @@ static int cli(int argc,char **argv) ver[0] = '-'; ver[1] = (char)0; } - out << "200 listpeers " << p["address"].get<std::string>() << " " << bestPath << " " << p["latency"] << " " << ver << " " << p["role"].get<std::string>() << ZT_EOL_S; + printf("200 listpeers %s %s %d %s %s" ZT_EOL_S, + OSUtils::jsonString(p["address"],"-").c_str(), + bestPath.c_str(), + (int)OSUtils::jsonInt(p["latency"],0), + ver, + OSUtils::jsonString(p["role"],"-").c_str()); } } } - printf("%s",out.str().c_str()); return 0; } else { printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); @@ -372,7 +392,7 @@ static int cli(int argc,char **argv) nlohmann::json j; try { - j = nlohmann::json::parse(responseBody); + j = OSUtils::jsonParse(responseBody); } catch (std::exception &exc) { printf("%u %s invalid JSON response (%s)" ZT_EOL_S,scode,command.c_str(),exc.what()); return 1; @@ -382,35 +402,38 @@ static int cli(int argc,char **argv) } if (scode == 200) { - std::ostringstream out; if (json) { - out << j.dump(2) << ZT_EOL_S; + printf("%s" ZT_EOL_S,OSUtils::jsonDump(j).c_str()); } else { - out << "200 listnetworks <nwid> <name> <mac> <status> <type> <dev> <ZT assigned ips>" << ZT_EOL_S; + printf("200 listnetworks <nwid> <name> <mac> <status> <type> <dev> <ZT assigned ips>" ZT_EOL_S); if (j.is_array()) { for(unsigned long i=0;i<j.size();++i) { - auto &n = j[i]; + nlohmann::json &n = j[i]; if (n.is_object()) { std::string aa; - auto &assignedAddresses = n["assignedAddresses"]; + nlohmann::json &assignedAddresses = n["assignedAddresses"]; if (assignedAddresses.is_array()) { for(unsigned long j=0;j<assignedAddresses.size();++j) { - auto &addr = assignedAddresses[j]; + nlohmann::json &addr = assignedAddresses[j]; if (addr.is_string()) { if (aa.length() > 0) aa.push_back(','); - aa.append(addr); + aa.append(addr.get<std::string>()); } } } if (aa.length() == 0) aa = "-"; - std::string name = n["name"]; - if (name.length() == 0) name = "-"; - out << "200 listnetworks " << n["nwid"].get<std::string>() << " " << name << " " << n["mac"].get<std::string>() << " " << n["status"].get<std::string>() << " " << n["type"].get<std::string>() << " " << n["portDeviceName"].get<std::string>() << " " << aa << ZT_EOL_S; + printf("200 listnetworks %s %s %s %s %s %s %s" ZT_EOL_S, + OSUtils::jsonString(n["nwid"],"-").c_str(), + OSUtils::jsonString(n["name"],"-").c_str(), + OSUtils::jsonString(n["mac"],"-").c_str(), + OSUtils::jsonString(n["status"],"-").c_str(), + OSUtils::jsonString(n["type"],"-").c_str(), + OSUtils::jsonString(n["portDeviceName"],"-").c_str(), + aa.c_str()); } } } } - printf("%s",out.str().c_str()); return 0; } else { printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); @@ -468,6 +491,75 @@ static int cli(int argc,char **argv) printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); return 1; } + } else if (command == "listmoons") { + const unsigned int scode = Http::GET(1024 * 1024 * 16,60000,(const struct sockaddr *)&addr,"/moon",requestHeaders,responseHeaders,responseBody); + + nlohmann::json j; + try { + j = OSUtils::jsonParse(responseBody); + } catch (std::exception &exc) { + printf("%u %s invalid JSON response (%s)" ZT_EOL_S,scode,command.c_str(),exc.what()); + return 1; + } catch ( ... ) { + printf("%u %s invalid JSON response (unknown exception)" ZT_EOL_S,scode,command.c_str()); + return 1; + } + + if (scode == 200) { + printf("%s" ZT_EOL_S,OSUtils::jsonDump(j).c_str()); + return 0; + } else { + printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); + return 1; + } + } else if (command == "orbit") { + const uint64_t worldId = Utils::hexStrToU64(arg1.c_str()); + const uint64_t seed = Utils::hexStrToU64(arg2.c_str()); + if ((worldId)&&(seed)) { + char jsons[1024]; + Utils::snprintf(jsons,sizeof(jsons),"{\"seed\":\"%s\"}",arg2.c_str()); + char cl[128]; + Utils::snprintf(cl,sizeof(cl),"%u",(unsigned int)strlen(jsons)); + requestHeaders["Content-Type"] = "application/json"; + requestHeaders["Content-Length"] = cl; + unsigned int scode = Http::POST( + 1024 * 1024 * 16, + 60000, + (const struct sockaddr *)&addr, + (std::string("/moon/") + arg1).c_str(), + requestHeaders, + jsons, + (unsigned long)strlen(jsons), + responseHeaders, + responseBody); + if (scode == 200) { + printf("200 orbit OK" ZT_EOL_S); + return 0; + } else { + printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); + return 1; + } + } + } else if (command == "deorbit") { + unsigned int scode = Http::DEL( + 1024 * 1024 * 16, + 60000, + (const struct sockaddr *)&addr, + (std::string("/moon/") + arg1).c_str(), + requestHeaders, + responseHeaders, + responseBody); + if (scode == 200) { + if (json) { + printf("%s",cliFixJsonCRs(responseBody).c_str()); + } else { + printf("200 deorbit OK" ZT_EOL_S); + } + return 0; + } else { + printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); + return 1; + } } else if (command == "set") { if (arg1.length() != 16) { cliPrintHelp(argv[0],stderr); @@ -491,7 +583,7 @@ static int cli(int argc,char **argv) (std::string("/network/") + arg1).c_str(), requestHeaders, jsons, - strlen(jsons), + (unsigned long)strlen(jsons), responseHeaders, responseBody); if (scode == 200) { @@ -533,7 +625,8 @@ static void idtoolPrintHelp(FILE *out,const char *pn) fprintf(out," getpublic <identity.secret>" ZT_EOL_S); fprintf(out," sign <identity.secret> <file>" ZT_EOL_S); fprintf(out," verify <identity.secret/public> <file> <signature>" ZT_EOL_S); - fprintf(out," mkcom <identity.secret> [<id,value,maxDelta> ...] (hexadecimal integers)" ZT_EOL_S); + fprintf(out," initmoon <identity.public of first seed>" ZT_EOL_S); + fprintf(out," genmoon <moon json>" ZT_EOL_S); } static Identity getIdFromArg(char *arg) @@ -568,7 +661,7 @@ static int idtool(int argc,char **argv) int vanityBits = 0; if (argc >= 5) { vanity = Utils::hexStrToU64(argv[4]) & 0xffffffffffULL; - vanityBits = 4 * strlen(argv[4]); + vanityBits = 4 * (int)strlen(argv[4]); if (vanityBits > 40) vanityBits = 40; } @@ -678,34 +771,93 @@ static int idtool(int argc,char **argv) fprintf(stderr,"%s signature check FAILED" ZT_EOL_S,argv[3]); return 1; } - } else if (!strcmp(argv[1],"mkcom")) { + } else if (!strcmp(argv[1],"initmoon")) { if (argc < 3) { idtoolPrintHelp(stdout,argv[0]); - return 1; - } + } else { + const Identity id = getIdFromArg(argv[2]); + if (!id) { + fprintf(stderr,"%s is not a valid identity" ZT_EOL_S,argv[2]); + return 1; + } - Identity id = getIdFromArg(argv[2]); - if ((!id)||(!id.hasPrivate())) { - fprintf(stderr,"Identity argument invalid, does not include private key, or file unreadable: %s" ZT_EOL_S,argv[2]); - return 1; + C25519::Pair kp(C25519::generate()); + + nlohmann::json mj; + mj["objtype"] = "world"; + mj["worldType"] = "moon"; + mj["updatesMustBeSignedBy"] = mj["signingKey"] = Utils::hex(kp.pub.data,(unsigned int)kp.pub.size()); + mj["signingKey_SECRET"] = Utils::hex(kp.priv.data,(unsigned int)kp.priv.size()); + mj["id"] = id.address().toString(); + nlohmann::json seedj; + seedj["identity"] = id.toString(false); + seedj["stableEndpoints"] = nlohmann::json::array(); + (mj["roots"] = nlohmann::json::array()).push_back(seedj); + std::string mjd(OSUtils::jsonDump(mj)); + + printf("%s" ZT_EOL_S,mjd.c_str()); } + } else if (!strcmp(argv[1],"genmoon")) { + if (argc < 3) { + idtoolPrintHelp(stdout,argv[0]); + } else { + std::string buf; + if (!OSUtils::readFile(argv[2],buf)) { + fprintf(stderr,"cannot read %s" ZT_EOL_S,argv[2]); + return 1; + } + nlohmann::json mj(OSUtils::jsonParse(buf)); + + const uint64_t id = Utils::hexStrToU64(OSUtils::jsonString(mj["id"],"0").c_str()); + if (!id) { + fprintf(stderr,"ID in %s is invalid" ZT_EOL_S,argv[2]); + return 1; + } - CertificateOfMembership com; - for(int a=3;a<argc;++a) { - std::vector<std::string> params(Utils::split(argv[a],",","","")); - if (params.size() == 3) { - uint64_t qId = Utils::hexStrToU64(params[0].c_str()); - uint64_t qValue = Utils::hexStrToU64(params[1].c_str()); - uint64_t qMaxDelta = Utils::hexStrToU64(params[2].c_str()); - com.setQualifier(qId,qValue,qMaxDelta); + World::Type t; + if (mj["worldType"] == "moon") { + t = World::TYPE_MOON; + } else if (mj["worldType"] == "planet") { + t = World::TYPE_PLANET; + } else { + fprintf(stderr,"invalid worldType" ZT_EOL_S); + return 1; } - } - if (!com.sign(id)) { - fprintf(stderr,"Signature of certificate of membership failed." ZT_EOL_S); - return 1; - } - printf("%s",com.toString().c_str()); + C25519::Pair signingKey; + C25519::Public updatesMustBeSignedBy; + Utils::unhex(OSUtils::jsonString(mj["signingKey"],""),signingKey.pub.data,(unsigned int)signingKey.pub.size()); + Utils::unhex(OSUtils::jsonString(mj["signingKey_SECRET"],""),signingKey.priv.data,(unsigned int)signingKey.priv.size()); + Utils::unhex(OSUtils::jsonString(mj["updatesMustBeSignedBy"],""),updatesMustBeSignedBy.data,(unsigned int)updatesMustBeSignedBy.size()); + + std::vector<World::Root> roots; + nlohmann::json &rootsj = mj["roots"]; + if (rootsj.is_array()) { + for(unsigned long i=0;i<(unsigned long)rootsj.size();++i) { + nlohmann::json &r = rootsj[i]; + if (r.is_object()) { + roots.push_back(World::Root()); + roots.back().identity = Identity(OSUtils::jsonString(r["identity"],"")); + nlohmann::json &stableEndpointsj = r["stableEndpoints"]; + if (stableEndpointsj.is_array()) { + for(unsigned long k=0;k<(unsigned long)stableEndpointsj.size();++k) + roots.back().stableEndpoints.push_back(InetAddress(OSUtils::jsonString(stableEndpointsj[k],""))); + std::sort(roots.back().stableEndpoints.begin(),roots.back().stableEndpoints.end()); + } + } + } + } + std::sort(roots.begin(),roots.end()); + + const uint64_t now = OSUtils::now(); + World w(World::make(t,id,now,updatesMustBeSignedBy,roots,signingKey)); + Buffer<ZT_WORLD_MAX_SERIALIZED_LENGTH> wbuf; + w.serialize(wbuf); + char fn[128]; + Utils::snprintf(fn,sizeof(fn),"%.16llx.moon",w.id()); + OSUtils::writeFile(fn,wbuf.data(),wbuf.size()); + printf("wrote %s (signed world with timestamp %llu)" ZT_EOL_S,fn,(unsigned long long)now); + } } else { idtoolPrintHelp(stdout,argv[0]); return 1; @@ -731,6 +883,147 @@ static void _sighandlerQuit(int sig) } #endif +// Drop privileges on Linux, if supported by libc etc. and "zerotier-one" user exists on system +#ifdef __LINUX__ +#ifndef PR_CAP_AMBIENT +#define PR_CAP_AMBIENT 47 +#define PR_CAP_AMBIENT_IS_SET 1 +#define PR_CAP_AMBIENT_RAISE 2 +#define PR_CAP_AMBIENT_LOWER 3 +#define PR_CAP_AMBIENT_CLEAR_ALL 4 +#endif +#define ZT_LINUX_USER "zerotier-one" +#define ZT_HAVE_DROP_PRIVILEGES 1 +namespace { + +// libc doesn't export capset, it is instead located in libcap +// We ignore libcap and call it manually. +struct cap_header_struct { + __u32 version; + int pid; +}; +struct cap_data_struct { + __u32 effective; + __u32 permitted; + __u32 inheritable; +}; +static inline int _zt_capset(cap_header_struct* hdrp, cap_data_struct* datap) { return syscall(SYS_capset, hdrp, datap); } + +static void _notDropping(const char *procName,const std::string &homeDir) +{ + struct stat buf; + if (lstat(homeDir.c_str(),&buf) < 0) { + if (buf.st_uid != 0 || buf.st_gid != 0) { + fprintf(stderr, "%s: FATAL: failed to drop privileges and can't run as root since privileges were previously dropped (home directory not owned by root)" ZT_EOL_S,procName); + exit(1); + } + } + fprintf(stderr, "%s: WARNING: failed to drop privileges (kernel may not support required prctl features), running as root" ZT_EOL_S,procName); +} + +static int _setCapabilities(int flags) +{ + cap_header_struct capheader = {_LINUX_CAPABILITY_VERSION_1, 0}; + cap_data_struct capdata; + capdata.inheritable = capdata.permitted = capdata.effective = flags; + return _zt_capset(&capheader, &capdata); +} + +static void _recursiveChown(const char *path,uid_t uid,gid_t gid) +{ + struct dirent de; + struct dirent *dptr; + lchown(path,uid,gid); + DIR *d = opendir(path); + if (!d) + return; + dptr = (struct dirent *)0; + for(;;) { + if (readdir_r(d,&de,&dptr) != 0) + break; + if (!dptr) + break; + if ((strcmp(dptr->d_name,".") != 0)&&(strcmp(dptr->d_name,"..") != 0)&&(strlen(dptr->d_name) > 0)) { + std::string p(path); + p.push_back(ZT_PATH_SEPARATOR); + p.append(dptr->d_name); + _recursiveChown(p.c_str(),uid,gid); // will just fail and return on regular files + } + } + closedir(d); +} + +static void dropPrivileges(const char *procName,const std::string &homeDir) +{ + if (getuid() != 0) + return; + + // dropPrivileges switches to zerotier-one user while retaining CAP_NET_ADMIN + // and CAP_NET_RAW capabilities. + struct passwd *targetUser = getpwnam(ZT_LINUX_USER); + if (!targetUser) + return; + + if (prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_IS_SET, CAP_NET_RAW, 0, 0) < 0) { + // Kernel has no support for ambient capabilities. + _notDropping(procName,homeDir); + return; + } + if (prctl(PR_SET_SECUREBITS, SECBIT_KEEP_CAPS | SECBIT_NOROOT) < 0) { + _notDropping(procName,homeDir); + return; + } + + // Change ownership of our home directory if everything looks good (does nothing if already chown'd) + _recursiveChown(homeDir.c_str(),targetUser->pw_uid,targetUser->pw_gid); + + if (_setCapabilities((1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_SETUID) | (1 << CAP_SETGID)) < 0) { + _notDropping(procName,homeDir); + return; + } + + int oldDumpable = prctl(PR_GET_DUMPABLE); + if (prctl(PR_SET_DUMPABLE, 0) < 0) { + // Disable ptracing. Otherwise there is a small window when previous + // compromised ZeroTier process could ptrace us, when we still have CAP_SETUID. + // (this is mitigated anyway on most distros by ptrace_scope=1) + fprintf(stderr,"%s: FATAL: prctl(PR_SET_DUMPABLE) failed while attempting to relinquish root permissions" ZT_EOL_S,procName); + exit(1); + } + + // Relinquish root + if (setgid(targetUser->pw_gid) < 0) { + perror("setgid"); + exit(1); + } + if (setuid(targetUser->pw_uid) < 0) { + perror("setuid"); + exit(1); + } + + if (_setCapabilities((1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW)) < 0) { + fprintf(stderr,"%s: FATAL: unable to drop capabilities after relinquishing root" ZT_EOL_S,procName); + exit(1); + } + + if (prctl(PR_SET_DUMPABLE, oldDumpable) < 0) { + fprintf(stderr,"%s: FATAL: prctl(PR_SET_DUMPABLE) failed while attempting to relinquish root permissions" ZT_EOL_S,procName); + exit(1); + } + + if (prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, CAP_NET_ADMIN, 0, 0) < 0) { + fprintf(stderr,"%s: FATAL: prctl(PR_CAP_AMBIENT,PR_CAP_AMBIENT_RAISE,CAP_NET_ADMIN) failed while attempting to relinquish root permissions" ZT_EOL_S,procName); + exit(1); + } + if (prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, CAP_NET_RAW, 0, 0) < 0) { + fprintf(stderr,"%s: FATAL: prctl(PR_CAP_AMBIENT,PR_CAP_AMBIENT_RAISE,CAP_NET_RAW) failed while attempting to relinquish root permissions" ZT_EOL_S,procName); + exit(1); + } +} + +} // anonymous namespace +#endif // __LINUX__ + /****************************************************************************/ /* Windows helper functions and signal handlers */ /****************************************************************************/ @@ -893,14 +1186,11 @@ static void printHelp(const char *cn,FILE *out) fprintf(out, COPYRIGHT_NOTICE ZT_EOL_S LICENSE_GRANT ZT_EOL_S); - std::string updateUrl(OneService::autoUpdateUrl()); - if (updateUrl.length()) - fprintf(out,"Automatic updates enabled:" ZT_EOL_S" %s" ZT_EOL_S" (all updates are securely authenticated by 256-bit ECDSA signature)" ZT_EOL_S"" ZT_EOL_S,updateUrl.c_str()); fprintf(out,"Usage: %s [-switches] [home directory]" ZT_EOL_S"" ZT_EOL_S,cn); fprintf(out,"Available switches:" ZT_EOL_S); fprintf(out," -h - Display this help" ZT_EOL_S); fprintf(out," -v - Show version" ZT_EOL_S); - fprintf(out," -U - Run as unprivileged user (skip privilege check)" ZT_EOL_S); + fprintf(out," -U - Skip privilege check and do not attempt to drop privileges" ZT_EOL_S); fprintf(out," -p<port> - Port for UDP and TCP/HTTP (default: 9993, 0 for random)" ZT_EOL_S); #ifdef __UNIX_LIKE__ @@ -1071,7 +1361,7 @@ int main(int argc,char **argv) fprintf(stderr,"%s: no home path specified and no platform default available" ZT_EOL_S,argv[0]); return 1; } else { - std::vector<std::string> hpsp(Utils::split(homeDir.c_str(),ZT_PATH_SEPARATOR_S,"","")); + std::vector<std::string> hpsp(OSUtils::split(homeDir.c_str(),ZT_PATH_SEPARATOR_S,"","")); std::string ptmp; if (homeDir[0] == ZT_PATH_SEPARATOR) ptmp.push_back(ZT_PATH_SEPARATOR); @@ -1141,6 +1431,11 @@ int main(int argc,char **argv) #endif // __WINDOWS__ #ifdef __UNIX_LIKE__ + +#ifdef ZT_HAVE_DROP_PRIVILEGES + dropPrivileges(argv[0],homeDir); +#endif + std::string pidPath(homeDir + ZT_PATH_SEPARATOR_S + ZT_PID_PATH); { // Write .pid file to home folder @@ -1182,9 +1477,5 @@ int main(int argc,char **argv) delete zt1Service; zt1Service = (OneService *)0; -#ifdef __UNIX_LIKE__ - OSUtils::rm(pidPath.c_str()); -#endif - return returnValue; } diff --git a/osdep/BSDEthernetTap.cpp b/osdep/BSDEthernetTap.cpp index e8d36c9c..0e1ada6b 100644 --- a/osdep/BSDEthernetTap.cpp +++ b/osdep/BSDEthernetTap.cpp @@ -83,10 +83,15 @@ BSDEthernetTap::BSDEthernetTap( { static Mutex globalTapCreateLock; char devpath[64],ethaddr[64],mtustr[32],metstr[32],tmpdevname[32]; - struct stat stattmp; - // On FreeBSD at least we can rename, so use nwid to generate a deterministic unique zt#### name using base32 - // As a result we don't use desiredDevice + Mutex::Lock _gl(globalTapCreateLock); + + if (mtu > 2800) + throw std::runtime_error("max tap MTU is 2800"); + +#ifdef __FreeBSD__ + /* FreeBSD allows long interface names and interface renaming */ + _dev = "zt"; _dev.push_back(ZT_BASE32_CHARS[(unsigned long)((nwid >> 60) & 0x1f)]); _dev.push_back(ZT_BASE32_CHARS[(unsigned long)((nwid >> 55) & 0x1f)]); @@ -102,13 +107,6 @@ BSDEthernetTap::BSDEthernetTap( _dev.push_back(ZT_BASE32_CHARS[(unsigned long)((nwid >> 5) & 0x1f)]); _dev.push_back(ZT_BASE32_CHARS[(unsigned long)(nwid & 0x1f)]); - Mutex::Lock _gl(globalTapCreateLock); - - if (mtu > 2800) - throw std::runtime_error("max tap MTU is 2800"); - - // On BSD we create taps and they can have high numbers, so use ones starting - // at 9993 to not conflict with other stuff. Then we rename it to zt<base32 of nwid> std::vector<std::string> devFiles(OSUtils::listDirectory("/dev")); for(int i=9993;i<(9993+128);++i) { Utils::snprintf(tmpdevname,sizeof(tmpdevname),"tap%d",i); @@ -123,6 +121,7 @@ BSDEthernetTap::BSDEthernetTap( ::waitpid(cpid,&exitcode,0); } else throw std::runtime_error("fork() failed"); + struct stat stattmp; if (!stat(devpath,&stattmp)) { cpid = (long)vfork(); if (cpid == 0) { @@ -144,6 +143,19 @@ BSDEthernetTap::BSDEthernetTap( } } } +#else + /* Other BSDs like OpenBSD only have a limited number of tap devices that cannot be renamed */ + + for(int i=0;i<64;++i) { + Utils::snprintf(tmpdevname,sizeof(tmpdevname),"tap%d",i); + Utils::snprintf(devpath,sizeof(devpath),"/dev/%s",tmpdevname); + _fd = ::open(devpath,O_RDWR); + if (_fd > 0) { + _dev = tmpdevname; + break; + } + } +#endif if (_fd <= 0) throw std::runtime_error("unable to open TAP device or no more devices available"); @@ -325,6 +337,7 @@ void BSDEthernetTap::scanMulticastGroups(std::vector<MulticastGroup> &added,std: { std::vector<MulticastGroup> newGroups; +#ifndef __OpenBSD__ struct ifmaddrs *ifmap = (struct ifmaddrs *)0; if (!getifmaddrs(&ifmap)) { struct ifmaddrs *p = ifmap; @@ -339,6 +352,7 @@ void BSDEthernetTap::scanMulticastGroups(std::vector<MulticastGroup> &added,std: } freeifmaddrs(ifmap); } +#endif // __OpenBSD__ std::vector<InetAddress> allIps(ips()); for(std::vector<InetAddress>::iterator ip(allIps.begin());ip!=allIps.end();++ip) diff --git a/osdep/BackgroundResolver.cpp b/osdep/BackgroundResolver.cpp deleted file mode 100644 index ffcfdbae..00000000 --- a/osdep/BackgroundResolver.cpp +++ /dev/null @@ -1,121 +0,0 @@ -/* - * ZeroTier One - Network Virtualization Everywhere - * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -#include "OSUtils.hpp" -#include "Thread.hpp" -#include "BackgroundResolver.hpp" - -namespace ZeroTier { - -/* - * We can't actually abort a job. This is a legacy characteristic of the - * ancient synchronous resolver APIs. So to abort jobs, we just abandon - * them by setting their parent to null. - */ -class BackgroundResolverJob -{ -public: - std::string name; - BackgroundResolver *volatile parent; - Mutex lock; - - void threadMain() - throw() - { - std::vector<InetAddress> ips; - try { - ips = OSUtils::resolve(name.c_str()); - } catch ( ... ) {} - { - Mutex::Lock _l(lock); - BackgroundResolver *p = parent; - if (p) - p->_postResult(ips); - } - delete this; - } -}; - -BackgroundResolver::BackgroundResolver(const char *name) : - _name(name), - _job((BackgroundResolverJob *)0), - _callback(0), - _arg((void *)0), - _ips(), - _lock() -{ -} - -BackgroundResolver::~BackgroundResolver() -{ - abort(); -} - -std::vector<InetAddress> BackgroundResolver::get() const -{ - Mutex::Lock _l(_lock); - return _ips; -} - -void BackgroundResolver::resolveNow(void (*callback)(BackgroundResolver *,void *),void *arg) -{ - Mutex::Lock _l(_lock); - - if (_job) { - Mutex::Lock _l2(_job->lock); - _job->parent = (BackgroundResolver *)0; - _job = (BackgroundResolverJob *)0; - } - - BackgroundResolverJob *j = new BackgroundResolverJob(); - j->name = _name; - j->parent = this; - - _job = j; - _callback = callback; - _arg = arg; - - _jobThread = Thread::start(j); -} - -void BackgroundResolver::abort() -{ - Mutex::Lock _l(_lock); - if (_job) { - Mutex::Lock _l2(_job->lock); - _job->parent = (BackgroundResolver *)0; - _job = (BackgroundResolverJob *)0; - } -} - -void BackgroundResolver::_postResult(const std::vector<InetAddress> &ips) -{ - void (*cb)(BackgroundResolver *,void *); - void *a; - { - Mutex::Lock _l(_lock); - _job = (BackgroundResolverJob *)0; - cb = _callback; - a = _arg; - _ips = ips; - } - if (cb) - cb(this,a); -} - -} // namespace ZeroTier diff --git a/osdep/BackgroundResolver.hpp b/osdep/BackgroundResolver.hpp deleted file mode 100644 index ba895487..00000000 --- a/osdep/BackgroundResolver.hpp +++ /dev/null @@ -1,118 +0,0 @@ -/* - * ZeroTier One - Network Virtualization Everywhere - * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -#ifndef ZT_BACKGROUNDRESOLVER_HPP -#define ZT_BACKGROUNDRESOLVER_HPP - -#include <vector> -#include <string> - -#include "../node/Constants.hpp" -#include "../node/Mutex.hpp" -#include "../node/InetAddress.hpp" -#include "../node/NonCopyable.hpp" -#include "Thread.hpp" - -namespace ZeroTier { - -class BackgroundResolverJob; - -/** - * A simple background resolver - */ -class BackgroundResolver : NonCopyable -{ - friend class BackgroundResolverJob; - -public: - /** - * Construct a new resolver - * - * resolveNow() must be called to actually initiate background resolution. - * - * @param name Name to resolve - */ - BackgroundResolver(const char *name); - - ~BackgroundResolver(); - - /** - * @return Most recent resolver results or empty vector if none - */ - std::vector<InetAddress> get() const; - - /** - * Launch a background resolve job now - * - * If a resolve job is currently in progress, it is aborted and another - * job is started. - * - * Note that jobs can't actually be aborted due to the limitations of the - * ancient synchronous OS resolver APIs. As a result, in progress jobs - * that are aborted are simply abandoned. Don't call this too frequently - * or background threads might pile up. - * - * @param callback Callback function to receive notification or NULL if none - * @praam arg Second argument to callback function - */ - void resolveNow(void (*callback)(BackgroundResolver *,void *) = 0,void *arg = 0); - - /** - * Abort (abandon) any current resolve jobs - */ - void abort(); - - /** - * @return True if a background job is in progress - */ - inline bool running() const - { - Mutex::Lock _l(_lock); - return (_job != (BackgroundResolverJob *)0); - } - - /** - * Wait for pending job to complete (if any) - */ - inline void wait() const - { - Thread t; - { - Mutex::Lock _l(_lock); - if (!_job) - return; - t = _jobThread; - } - Thread::join(t); - } - -private: - void _postResult(const std::vector<InetAddress> &ips); - - std::string _name; - BackgroundResolverJob *_job; - Thread _jobThread; - void (*_callback)(BackgroundResolver *,void *); - void *_arg; - std::vector<InetAddress> _ips; - Mutex _lock; -}; - -} // namespace ZeroTier - -#endif diff --git a/osdep/Binder.hpp b/osdep/Binder.hpp index 72456d38..9829f170 100644 --- a/osdep/Binder.hpp +++ b/osdep/Binder.hpp @@ -53,8 +53,10 @@ #include "../node/NonCopyable.hpp" #include "../node/InetAddress.hpp" #include "../node/Mutex.hpp" +#include "../node/Utils.hpp" #include "Phy.hpp" +#include "OSUtils.hpp" /** * Period between binder rescans/refreshes @@ -164,14 +166,57 @@ public: #else // not __WINDOWS__ - struct ifaddrs *ifatbl = (struct ifaddrs *)0; - struct ifaddrs *ifa; - if ((getifaddrs(&ifatbl) == 0)&&(ifatbl)) { - ifa = ifatbl; - while (ifa) { - if ((ifa->ifa_name)&&(ifa->ifa_addr)) { - InetAddress ip = *(ifa->ifa_addr); - if (ifChecker.shouldBindInterface(ifa->ifa_name,ip)) { + /* On Linux we use an alternative method if available since getifaddrs() + * gets very slow when there are lots of network namespaces. This won't + * work unless /proc/PID/net/if_inet6 exists and it may not on some + * embedded systems, so revert to getifaddrs() there. */ + +#ifdef __LINUX__ + char fn[256],tmp[256]; + std::set<std::string> ifnames; + const unsigned long pid = (unsigned long)getpid(); + + // Get all device names + Utils::snprintf(fn,sizeof(fn),"/proc/%lu/net/dev",pid); + FILE *procf = fopen(fn,"r"); + if (procf) { + while (fgets(tmp,sizeof(tmp),procf)) { + tmp[255] = 0; + char *saveptr = (char *)0; + for(char *f=Utils::stok(tmp," \t\r\n:|",&saveptr);(f);f=Utils::stok((char *)0," \t\r\n:|",&saveptr)) { + if ((strcmp(f,"Inter-") != 0)&&(strcmp(f,"face") != 0)&&(f[0] != 0)) + ifnames.insert(f); + break; // we only want the first field + } + } + fclose(procf); + } + + // Get IPv6 addresses (and any device names we don't already know) + Utils::snprintf(fn,sizeof(fn),"/proc/%lu/net/if_inet6",pid); + procf = fopen(fn,"r"); + if (procf) { + while (fgets(tmp,sizeof(tmp),procf)) { + tmp[255] = 0; + char *saveptr = (char *)0; + unsigned char ipbits[16]; + memset(ipbits,0,sizeof(ipbits)); + char *devname = (char *)0; + int n = 0; + for(char *f=Utils::stok(tmp," \t\r\n",&saveptr);(f);f=Utils::stok((char *)0," \t\r\n",&saveptr)) { + switch(n++) { + case 0: // IP in hex + Utils::unhex(f,32,ipbits,16); + break; + case 5: // device name + devname = f; + break; + } + } + if (devname) { + ifnames.insert(devname); + InetAddress ip(ipbits,16,0); + if (ifChecker.shouldBindInterface(devname,ip)) { switch(ip.ipScope()) { default: break; case InetAddress::IP_SCOPE_PSEUDOPRIVATE: @@ -179,14 +224,90 @@ public: case InetAddress::IP_SCOPE_SHARED: case InetAddress::IP_SCOPE_PRIVATE: ip.setPort(port); - localIfAddrs.insert(std::pair<InetAddress,std::string>(ip,std::string(ifa->ifa_name))); + localIfAddrs.insert(std::pair<InetAddress,std::string>(ip,std::string(devname))); break; } } } - ifa = ifa->ifa_next; } - freeifaddrs(ifatbl); + fclose(procf); + } + + // Get IPv4 addresses for each device + if (ifnames.size() > 0) { + const int controlfd = (int)socket(AF_INET,SOCK_DGRAM,0); + struct ifconf configuration; + configuration.ifc_len = 0; + configuration.ifc_buf = nullptr; + + if (controlfd < 0) goto ip4_address_error; + + if (ioctl(controlfd, SIOCGIFCONF, &configuration) < 0) goto ip4_address_error; + + configuration.ifc_buf = (char*)malloc(configuration.ifc_len); + + if (ioctl(controlfd, SIOCGIFCONF, &configuration) < 0) goto ip4_address_error; + + for (int i=0; i < (int)(configuration.ifc_len / sizeof(ifreq)); i ++) { + struct ifreq& request = configuration.ifc_req[i]; + struct sockaddr* addr = &request.ifr_ifru.ifru_addr; + if (addr->sa_family != AF_INET) continue; + std::string ifname = request.ifr_ifrn.ifrn_name; + // name can either be just interface name or interface name followed by ':' and arbitrary label + if (ifname.find(':') != std::string::npos) { + ifname = ifname.substr(0, ifname.find(':')); + } + + InetAddress ip(&(((struct sockaddr_in *)addr)->sin_addr),4,0); + if (ifChecker.shouldBindInterface(ifname.c_str(), ip)) { + switch(ip.ipScope()) { + default: break; + case InetAddress::IP_SCOPE_PSEUDOPRIVATE: + case InetAddress::IP_SCOPE_GLOBAL: + case InetAddress::IP_SCOPE_SHARED: + case InetAddress::IP_SCOPE_PRIVATE: + ip.setPort(port); + localIfAddrs.insert(std::pair<InetAddress,std::string>(ip, ifname)); + break; + } + } + } + + ip4_address_error: + free(configuration.ifc_buf); + if (controlfd > 0) close(controlfd); + } + + const bool gotViaProc = (localIfAddrs.size() > 0); +#else + const bool gotViaProc = false; +#endif + + if (!gotViaProc) { + struct ifaddrs *ifatbl = (struct ifaddrs *)0; + struct ifaddrs *ifa; + if ((getifaddrs(&ifatbl) == 0)&&(ifatbl)) { + ifa = ifatbl; + while (ifa) { + if ((ifa->ifa_name)&&(ifa->ifa_addr)) { + InetAddress ip = *(ifa->ifa_addr); + if (ifChecker.shouldBindInterface(ifa->ifa_name,ip)) { + switch(ip.ipScope()) { + default: break; + case InetAddress::IP_SCOPE_PSEUDOPRIVATE: + case InetAddress::IP_SCOPE_GLOBAL: + case InetAddress::IP_SCOPE_SHARED: + case InetAddress::IP_SCOPE_PRIVATE: + ip.setPort(port); + localIfAddrs.insert(std::pair<InetAddress,std::string>(ip,std::string(ifa->ifa_name))); + break; + } + } + } + ifa = ifa->ifa_next; + } + freeifaddrs(ifatbl); + } } #endif diff --git a/osdep/BlockingQueue.hpp b/osdep/BlockingQueue.hpp new file mode 100644 index 00000000..6172f4da --- /dev/null +++ b/osdep/BlockingQueue.hpp @@ -0,0 +1,64 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef ZT_BLOCKINGQUEUE_HPP +#define ZT_BLOCKINGQUEUE_HPP + +#include <queue> +#include <mutex> +#include <condition_variable> + +namespace ZeroTier { + +/** + * Simple C++11 thread-safe queue + * + * Do not use in node/ since we have not gone C++11 there yet. + */ +template <class T> +class BlockingQueue +{ +public: + BlockingQueue(void) {} + + inline void post(T t) + { + std::lock_guard<std::mutex> lock(m); + q.push(t); + c.notify_one(); + } + + inline T get(void) + { + std::unique_lock<std::mutex> lock(m); + while(q.empty()) + c.wait(lock); + T val = q.front(); + q.pop(); + return val; + } + +private: + std::queue<T> q; + mutable std::mutex m; + std::condition_variable c; +}; + +} // namespace ZeroTier + +#endif diff --git a/osdep/LinuxEthernetTap.cpp b/osdep/LinuxEthernetTap.cpp index 55a6d9f6..e7fe657f 100644 --- a/osdep/LinuxEthernetTap.cpp +++ b/osdep/LinuxEthernetTap.cpp @@ -109,7 +109,12 @@ LinuxEthernetTap::LinuxEthernetTap( if (!recalledDevice) { int devno = 0; do { +#ifdef __SYNOLOGY__ + devno+=50; // Arbitrary number to prevent interface name conflicts + Utils::snprintf(ifr.ifr_name,sizeof(ifr.ifr_name),"eth%d",devno++); +#else Utils::snprintf(ifr.ifr_name,sizeof(ifr.ifr_name),"zt%d",devno++); +#endif Utils::snprintf(procpath,sizeof(procpath),"/proc/sys/net/ipv4/conf/%s",ifr.ifr_name); } while (stat(procpath,&sbuf) == 0); // try zt#++ until we find one that does not exist } @@ -215,16 +220,67 @@ static bool ___removeIp(const std::string &_dev,const InetAddress &ip) } } +#ifdef __SYNOLOGY__ +bool LinuxEthernetTap::addIpSyn(std::vector<InetAddress> ips) +{ + // Here we fill out interface config (ifcfg-dev) to prevent it from being killed + std::string filepath = "/etc/sysconfig/network-scripts/ifcfg-"+_dev; + std::string cfg_contents = "DEVICE="+_dev+"\nBOOTPROTO=static"; + int ip4=0,ip6=0,ip4_tot=0,ip6_tot=0; + + long cpid = (long)vfork(); + if (cpid == 0) { + OSUtils::redirectUnixOutputs("/dev/null",(const char *)0); + setenv("PATH", "/sbin:/bin:/usr/sbin:/usr/bin", 1); + // We must know if there is at least (one) of each protocol version so we + // can properly enumerate address/netmask combinations in the ifcfg-dev file + for(int i=0; i<(int)ips.size(); i++) { + if (ips[i].isV4()) + ip4_tot++; + else + ip6_tot++; + } + // Assemble and write contents of ifcfg-dev file + for(int i=0; i<(int)ips.size(); i++) { + if (ips[i].isV4()) { + std::string numstr4 = ip4_tot > 1 ? std::to_string(ip4) : ""; + cfg_contents += "\nIPADDR"+numstr4+"="+ips[i].toIpString() + + "\nNETMASK"+numstr4+"="+ips[i].netmask().toIpString()+"\n"; + ip4++; + } + else { + std::string numstr6 = ip6_tot > 1 ? std::to_string(ip6) : ""; + cfg_contents += "\nIPV6ADDR"+numstr6+"="+ips[i].toIpString() + + "\nNETMASK"+numstr6+"="+ips[i].netmask().toIpString()+"\n"; + ip6++; + } + } + OSUtils::writeFile(filepath.c_str(), cfg_contents.c_str(), cfg_contents.length()); + // Finaly, add IPs + for(int i=0; i<(int)ips.size(); i++){ + if (ips[i].isV4()) + ::execlp("ip","ip","addr","add",ips[i].toString().c_str(),"broadcast",ips[i].broadcast().toIpString().c_str(),"dev",_dev.c_str(),(const char *)0); + else + ::execlp("ip","ip","addr","add",ips[i].toString().c_str(),"dev",_dev.c_str(),(const char *)0); + } + ::_exit(-1); + } else if (cpid > 0) { + int exitcode = -1; + ::waitpid(cpid,&exitcode,0); + return (exitcode == 0); + } + return true; +} +#endif // __SYNOLOGY__ + bool LinuxEthernetTap::addIp(const InetAddress &ip) { if (!ip) return false; std::vector<InetAddress> allIps(ips()); -#ifndef __SYNOLOGY__ if (std::binary_search(allIps.begin(),allIps.end(),ip)) return true; -#endif // Remove and reconfigure if address is the same but netmask is different for(std::vector<InetAddress>::iterator i(allIps.begin());i!=allIps.end();++i) { diff --git a/osdep/LinuxEthernetTap.hpp b/osdep/LinuxEthernetTap.hpp index cbb58efb..7dd7e01d 100644 --- a/osdep/LinuxEthernetTap.hpp +++ b/osdep/LinuxEthernetTap.hpp @@ -52,6 +52,9 @@ public: void setEnabled(bool en); bool enabled() const; bool addIp(const InetAddress &ip); +#ifdef __SYNOLOGY__ + bool addIpSyn(std::vector<InetAddress> ips); +#endif bool removeIp(const InetAddress &ip); std::vector<InetAddress> ips() const; void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len); diff --git a/osdep/NeighborDiscovery.cpp b/osdep/NeighborDiscovery.cpp index ee4cb5b1..4f636310 100644 --- a/osdep/NeighborDiscovery.cpp +++ b/osdep/NeighborDiscovery.cpp @@ -28,7 +28,7 @@ namespace ZeroTier { uint16_t calc_checksum (uint16_t *addr, int len) { int count = len; - register uint32_t sum = 0; + uint32_t sum = 0; uint16_t answer = 0; // Sum up 2-byte values until none or only one byte left. @@ -83,6 +83,7 @@ struct _neighbor_solicitation { , checksum(0) , option(1) { + memset(&reserved, 0, sizeof(reserved)); memset(target, 0, sizeof(target)); } @@ -102,7 +103,7 @@ struct _neighbor_solicitation { memcpy(tmp, &ph, sizeof(_pseudo_header)); memcpy(tmp+sizeof(_pseudo_header), this, sizeof(_neighbor_solicitation)); - checksum = calc_checksum((uint16_t*)tmp, len); + checksum = calc_checksum((uint16_t*)tmp, (int)len); free(tmp); tmp = NULL; @@ -111,6 +112,7 @@ struct _neighbor_solicitation { uint8_t type; // 135 uint8_t code; // 0 uint16_t checksum; + uint32_t reserved; uint8_t target[16]; _option option; }; @@ -143,7 +145,7 @@ struct _neighbor_advertisement { memcpy(tmp, &ph, sizeof(_pseudo_header)); memcpy(tmp+sizeof(_pseudo_header), this, sizeof(_neighbor_advertisement)); - checksum = calc_checksum((uint16_t*)tmp, len); + checksum = calc_checksum((uint16_t*)tmp, (int)len); free(tmp); tmp = NULL; diff --git a/osdep/OSUtils.cpp b/osdep/OSUtils.cpp index c652e272..6b95258c 100644 --- a/osdep/OSUtils.cpp +++ b/osdep/OSUtils.cpp @@ -23,6 +23,7 @@ #include <sys/stat.h> #include "../node/Constants.hpp" +#include "../node/Utils.hpp" #ifdef __UNIX_LIKE__ #include <unistd.h> @@ -107,17 +108,18 @@ std::vector<std::string> OSUtils::listDirectory(const char *path) return r; } -std::vector<std::string> OSUtils::listSubdirectories(const char *path) +std::map<std::string,char> OSUtils::listDirectoryFull(const char *path) { - std::vector<std::string> r; + std::map<std::string,char> r; #ifdef __WINDOWS__ HANDLE hFind; WIN32_FIND_DATAA ffd; if ((hFind = FindFirstFileA((std::string(path) + "\\*").c_str(),&ffd)) != INVALID_HANDLE_VALUE) { do { - if ((strcmp(ffd.cFileName,"."))&&(strcmp(ffd.cFileName,".."))&&((ffd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) != 0)) - r.push_back(std::string(ffd.cFileName)); + if ((strcmp(ffd.cFileName,"."))&&(strcmp(ffd.cFileName,".."))) { + r[ffd.cFileName] = ((ffd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) != 0) ? 'd' : 'f'; + } } while (FindNextFileA(hFind,&ffd)); FindClose(hFind); } @@ -132,8 +134,9 @@ std::vector<std::string> OSUtils::listSubdirectories(const char *path) if (readdir_r(d,&de,&dptr)) break; if (dptr) { - if ((strcmp(dptr->d_name,"."))&&(strcmp(dptr->d_name,".."))&&(dptr->d_type == DT_DIR)) - r.push_back(std::string(dptr->d_name)); + if ((strcmp(dptr->d_name,"."))&&(strcmp(dptr->d_name,".."))) { + r[dptr->d_name] = (dptr->d_type == DT_DIR) ? 'd' : 'f'; + } } else break; } closedir(d); @@ -142,6 +145,64 @@ std::vector<std::string> OSUtils::listSubdirectories(const char *path) return r; } +long OSUtils::cleanDirectory(const char *path,const uint64_t olderThan) +{ + long cleaned = 0; + +#ifdef __WINDOWS__ + HANDLE hFind; + WIN32_FIND_DATAA ffd; + LARGE_INTEGER date,adjust; + adjust.QuadPart = 11644473600000 * 10000; + char tmp[4096]; + if ((hFind = FindFirstFileA((std::string(path) + "\\*").c_str(),&ffd)) != INVALID_HANDLE_VALUE) { + do { + if ((strcmp(ffd.cFileName,"."))&&(strcmp(ffd.cFileName,".."))&&((ffd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) == 0)) { + date.HighPart = ffd.ftLastWriteTime.dwHighDateTime; + date.LowPart = ffd.ftLastWriteTime.dwLowDateTime; + if (date.QuadPart > 0) { + date.QuadPart -= adjust.QuadPart; + if (((date.QuadPart / 10000000) * 1000) < olderThan) { + Utils::snprintf(tmp, sizeof(tmp), "%s\\%s", path, ffd.cFileName); + if (DeleteFileA(tmp)) + ++cleaned; + } + } + } + } while (FindNextFileA(hFind,&ffd)); + FindClose(hFind); + } +#else + struct dirent de; + struct dirent *dptr; + struct stat st; + char tmp[4096]; + DIR *d = opendir(path); + if (!d) + return -1; + dptr = (struct dirent *)0; + for(;;) { + if (readdir_r(d,&de,&dptr)) + break; + if (dptr) { + if ((strcmp(dptr->d_name,"."))&&(strcmp(dptr->d_name,".."))&&(dptr->d_type == DT_REG)) { + Utils::snprintf(tmp,sizeof(tmp),"%s/%s",path,dptr->d_name); + if (stat(tmp,&st) == 0) { + uint64_t mt = (uint64_t)(st.st_mtime); + if ((mt > 0)&&((mt * 1000) < olderThan)) { + if (unlink(tmp) == 0) + ++cleaned; + } + } + } + } else break; + } + closedir(d); +#endif + + return cleaned; +} + bool OSUtils::rmDashRf(const char *path) { #ifdef __WINDOWS__ @@ -178,7 +239,7 @@ bool OSUtils::rmDashRf(const char *path) std::string p(path); p.push_back(ZT_PATH_SEPARATOR); p.append(dptr->d_name); - if (unlink(p.c_str()) != 0) { + if (unlink(p.c_str()) != 0) { // unlink first will remove symlinks instead of recursing them if (!rmDashRf(p.c_str())) return false; } @@ -253,34 +314,6 @@ int64_t OSUtils::getFileSize(const char *path) return -1; } -std::vector<InetAddress> OSUtils::resolve(const char *name) -{ - std::vector<InetAddress> r; - std::vector<InetAddress>::iterator i; - InetAddress tmp; - struct addrinfo *ai = (struct addrinfo *)0,*p; - if (!getaddrinfo(name,(const char *)0,(const struct addrinfo *)0,&ai)) { - try { - p = ai; - while (p) { - if ((p->ai_addr)&&((p->ai_addr->sa_family == AF_INET)||(p->ai_addr->sa_family == AF_INET6))) { - tmp = *(p->ai_addr); - for(i=r.begin();i!=r.end();++i) { - if (i->ipsEqual(tmp)) - goto skip_add_inetaddr; - } - r.push_back(tmp); - } -skip_add_inetaddr: - p = p->ai_next; - } - } catch ( ... ) {} - freeaddrinfo(ai); - } - std::sort(r.begin(),r.end()); - return r; -} - bool OSUtils::readFile(const char *path,std::string &buf) { char tmp[1024]; @@ -313,6 +346,50 @@ bool OSUtils::writeFile(const char *path,const void *buf,unsigned int len) return false; } +std::vector<std::string> OSUtils::split(const char *s,const char *const sep,const char *esc,const char *quot) +{ + std::vector<std::string> fields; + std::string buf; + + if (!esc) + esc = ""; + if (!quot) + quot = ""; + + bool escapeState = false; + char quoteState = 0; + while (*s) { + if (escapeState) { + escapeState = false; + buf.push_back(*s); + } else if (quoteState) { + if (*s == quoteState) { + quoteState = 0; + fields.push_back(buf); + buf.clear(); + } else buf.push_back(*s); + } else { + const char *quotTmp; + if (strchr(esc,*s)) + escapeState = true; + else if ((buf.size() <= 0)&&((quotTmp = strchr(quot,*s)))) + quoteState = *quotTmp; + else if (strchr(sep,*s)) { + if (buf.size() > 0) { + fields.push_back(buf); + buf.clear(); + } // else skip runs of seperators + } else buf.push_back(*s); + } + ++s; + } + + if (buf.size()) + fields.push_back(buf); + + return fields; +} + std::string OSUtils::platformDefaultHomePath() { #ifdef __UNIX_LIKE__ @@ -349,6 +426,81 @@ std::string OSUtils::platformDefaultHomePath() #endif // __UNIX_LIKE__ or not... } +// Inline these massive JSON operations in one place only to reduce binary footprint and compile time +nlohmann::json OSUtils::jsonParse(const std::string &buf) { return nlohmann::json::parse(buf.c_str()); } +std::string OSUtils::jsonDump(const nlohmann::json &j) { return j.dump(1); } + +uint64_t OSUtils::jsonInt(const nlohmann::json &jv,const uint64_t dfl) +{ + try { + if (jv.is_number()) { + return (uint64_t)jv; + } else if (jv.is_string()) { + std::string s = jv; + return Utils::strToU64(s.c_str()); + } else if (jv.is_boolean()) { + return ((bool)jv ? 1ULL : 0ULL); + } + } catch ( ... ) {} + return dfl; +} + +bool OSUtils::jsonBool(const nlohmann::json &jv,const bool dfl) +{ + try { + if (jv.is_boolean()) { + return (bool)jv; + } else if (jv.is_number()) { + return ((uint64_t)jv > 0ULL); + } else if (jv.is_string()) { + std::string s = jv; + if (s.length() > 0) { + switch(s[0]) { + case 't': + case 'T': + case '1': + return true; + } + } + return false; + } + } catch ( ... ) {} + return dfl; +} + +std::string OSUtils::jsonString(const nlohmann::json &jv,const char *dfl) +{ + try { + if (jv.is_string()) { + return jv; + } else if (jv.is_number()) { + char tmp[64]; + Utils::snprintf(tmp,sizeof(tmp),"%llu",(uint64_t)jv); + return tmp; + } else if (jv.is_boolean()) { + return ((bool)jv ? std::string("1") : std::string("0")); + } + } catch ( ... ) {} + return std::string((dfl) ? dfl : ""); +} + +std::string OSUtils::jsonBinFromHex(const nlohmann::json &jv) +{ + std::string s(jsonString(jv,"")); + if (s.length() > 0) { + char *buf = new char[(s.length() / 2) + 1]; + try { + unsigned int l = Utils::unhex(s,buf,(unsigned int)s.length()); + std::string b(buf,l); + delete [] buf; + return b; + } catch ( ... ) { + delete [] buf; + } + } + return std::string(); +} + // Used to convert HTTP header names to ASCII lower case const unsigned char OSUtils::TOLOWER_TABLE[256] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, ' ', '!', '"', '#', '$', '%', '&', 0x27, '(', ')', '*', '+', ',', '-', '.', '/', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', ':', ';', '<', '=', '>', '?', '@', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '{', '|', '}', '~', '_', '`', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '{', '|', '}', '~', 0x7f, 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff }; diff --git a/osdep/OSUtils.hpp b/osdep/OSUtils.hpp index 4f74344f..adf1488e 100644 --- a/osdep/OSUtils.hpp +++ b/osdep/OSUtils.hpp @@ -45,6 +45,8 @@ #include <arpa/inet.h> #endif +#include "../ext/json/json.hpp" + namespace ZeroTier { /** @@ -110,12 +112,22 @@ public: static std::vector<std::string> listDirectory(const char *path); /** - * List a directory's subdirectories + * List all contents in a directory * * @param path Path to list - * @return Names of subdirectories (without path prepended) + * @return Names of things and types, currently just 'f' and 'd' + */ + static std::map<std::string,char> listDirectoryFull(const char *path); + + /** + * Clean a directory of files whose last modified time is older than this + * + * This ignores directories, symbolic links, and other special files. + * + * @param olderThan Last modified older than timestamp (ms since epoch) + * @return Number of cleaned files or negative on fatal error */ - static std::vector<std::string> listSubdirectories(const char *path); + static long cleanDirectory(const char *path,const uint64_t olderThan); /** * Delete a directory and all its files and subdirectories recursively @@ -237,6 +249,17 @@ public: static bool writeFile(const char *path,const void *buf,unsigned int len); /** + * Split a string by delimiter, with optional escape and quote characters + * + * @param s String to split + * @param sep One or more separators + * @param esc Zero or more escape characters + * @param quot Zero or more quote characters + * @return Vector of tokens + */ + static std::vector<std::string> split(const char *s,const char *const sep,const char *esc,const char *quot); + + /** * Write a block of data to disk, replacing any current file contents * * @param path Path to write @@ -256,6 +279,13 @@ public: */ static std::string platformDefaultHomePath(); + static nlohmann::json jsonParse(const std::string &buf); + static std::string jsonDump(const nlohmann::json &j); + static uint64_t jsonInt(const nlohmann::json &jv,const uint64_t dfl); + static bool jsonBool(const nlohmann::json &jv,const bool dfl); + static std::string jsonString(const nlohmann::json &jv,const char *dfl); + static std::string jsonBinFromHex(const nlohmann::json &jv); + private: static const unsigned char TOLOWER_TABLE[256]; }; diff --git a/osdep/Thread.hpp b/osdep/Thread.hpp index 9f6fb5a8..227c2cfe 100644 --- a/osdep/Thread.hpp +++ b/osdep/Thread.hpp @@ -28,6 +28,7 @@ #include <WinSock2.h>
#include <Windows.h>
#include <string.h>
+
#include "../node/Mutex.hpp"
namespace ZeroTier {
@@ -128,7 +129,7 @@ public: pthread_attr_init(&_tattr);
// This corrects for systems with abnormally small defaults (musl) and also
// shrinks the stack on systems with large defaults to save a bit of memory.
- pthread_attr_setstacksize(&_tattr,524288);
+ pthread_attr_setstacksize(&_tattr,ZT_THREAD_MIN_STACK_SIZE);
_started = false;
}
diff --git a/osdep/WindowsEthernetTap.cpp b/osdep/WindowsEthernetTap.cpp index 7e1a5a19..8ee088bb 100644 --- a/osdep/WindowsEthernetTap.cpp +++ b/osdep/WindowsEthernetTap.cpp @@ -599,10 +599,10 @@ WindowsEthernetTap::WindowsEthernetTap( unsigned int tmpsl = Utils::snprintf(tmps,sizeof(tmps),"%.2X-%.2X-%.2X-%.2X-%.2X-%.2X",(unsigned int)mac[0],(unsigned int)mac[1],(unsigned int)mac[2],(unsigned int)mac[3],(unsigned int)mac[4],(unsigned int)mac[5]) + 1; RegSetKeyValueA(nwAdapters,mySubkeyName.c_str(),"NetworkAddress",REG_SZ,tmps,tmpsl); RegSetKeyValueA(nwAdapters,mySubkeyName.c_str(),"MAC",REG_SZ,tmps,tmpsl); - DWORD tmp = mtu; - RegSetKeyValueA(nwAdapters,mySubkeyName.c_str(),"MTU",REG_DWORD,(LPCVOID)&tmp,sizeof(tmp)); + tmpsl = Utils::snprintf(tmps, sizeof(tmps), "%d", mtu); + RegSetKeyValueA(nwAdapters,mySubkeyName.c_str(),"MTU",REG_SZ,tmps,tmpsl); - tmp = 0; + DWORD tmp = 0; RegSetKeyValueA(nwAdapters,mySubkeyName.c_str(),"*NdisDeviceType",REG_DWORD,(LPCVOID)&tmp,sizeof(tmp)); tmp = IF_TYPE_ETHERNET_CSMACD; RegSetKeyValueA(nwAdapters,mySubkeyName.c_str(),"*IfType",REG_DWORD,(LPCVOID)&tmp,sizeof(tmp)); @@ -640,7 +640,7 @@ WindowsEthernetTap::WindowsEthernetTap( if (ConvertInterfaceGuidToLuid(&_deviceGuid,&_deviceLuid) != NO_ERROR) throw std::runtime_error("unable to convert device interface GUID to LUID"); - _initialized = true; + //_initialized = true; if (friendlyName) setFriendlyName(friendlyName); @@ -672,6 +672,7 @@ bool WindowsEthernetTap::addIp(const InetAddress &ip) { if (!ip.netmaskBits()) // sanity check... netmask of 0.0.0.0 is WUT? return false; + Mutex::Lock _l(_assignedIps_m); if (std::find(_assignedIps.begin(),_assignedIps.end(),ip) != _assignedIps.end()) return true; @@ -682,6 +683,9 @@ bool WindowsEthernetTap::addIp(const InetAddress &ip) bool WindowsEthernetTap::removeIp(const InetAddress &ip) { + if (ip.isV6()) + return true; + { Mutex::Lock _l(_assignedIps_m); std::vector<InetAddress>::iterator aip(std::find(_assignedIps.begin(),_assignedIps.end(),ip)); @@ -713,18 +717,20 @@ bool WindowsEthernetTap::removeIp(const InetAddress &ip) DeleteUnicastIpAddressEntry(&(ipt->Table[i])); FreeMibTable(ipt); - std::vector<std::string> regIps(_getRegistryIPv4Value("IPAddress")); - std::vector<std::string> regSubnetMasks(_getRegistryIPv4Value("SubnetMask")); - std::string ipstr(ip.toIpString()); - for(std::vector<std::string>::iterator rip(regIps.begin()),rm(regSubnetMasks.begin());((rip!=regIps.end())&&(rm!=regSubnetMasks.end()));++rip,++rm) { - if (*rip == ipstr) { - regIps.erase(rip); - regSubnetMasks.erase(rm); - _setRegistryIPv4Value("IPAddress",regIps); - _setRegistryIPv4Value("SubnetMask",regSubnetMasks); - break; - } - } + if (ip.isV4()) { + std::vector<std::string> regIps(_getRegistryIPv4Value("IPAddress")); + std::vector<std::string> regSubnetMasks(_getRegistryIPv4Value("SubnetMask")); + std::string ipstr(ip.toIpString()); + for (std::vector<std::string>::iterator rip(regIps.begin()), rm(regSubnetMasks.begin()); ((rip != regIps.end()) && (rm != regSubnetMasks.end())); ++rip, ++rm) { + if (*rip == ipstr) { + regIps.erase(rip); + regSubnetMasks.erase(rm); + _setRegistryIPv4Value("IPAddress", regIps); + _setRegistryIPv4Value("SubnetMask", regSubnetMasks); + break; + } + } + } return true; } @@ -1001,6 +1007,10 @@ void WindowsEthernetTap::threadMain() ReadFile(_tap,tapReadBuf,sizeof(tapReadBuf),NULL,&tapOvlRead); bool writeInProgress = false; ULONGLONG timeOfLastBorkCheck = GetTickCount64(); + + + _initialized = true; + while (_run) { DWORD waitResult = WaitForMultipleObjectsEx(writeInProgress ? 3 : 2,wait4,FALSE,2500,TRUE); if (!_run) break; // will also break outer while(_run) @@ -1195,15 +1205,18 @@ void WindowsEthernetTap::_syncIps() CreateUnicastIpAddressEntry(&ipr); } - std::string ipStr(aip->toString()); - std::vector<std::string> regIps(_getRegistryIPv4Value("IPAddress")); - if (std::find(regIps.begin(),regIps.end(),ipStr) == regIps.end()) { - std::vector<std::string> regSubnetMasks(_getRegistryIPv4Value("SubnetMask")); - regIps.push_back(ipStr); - regSubnetMasks.push_back(aip->netmask().toIpString()); - _setRegistryIPv4Value("IPAddress",regIps); - _setRegistryIPv4Value("SubnetMask",regSubnetMasks); - } + if (aip->isV4()) + { + std::string ipStr(aip->toIpString()); + std::vector<std::string> regIps(_getRegistryIPv4Value("IPAddress")); + if (std::find(regIps.begin(), regIps.end(), ipStr) == regIps.end()) { + std::vector<std::string> regSubnetMasks(_getRegistryIPv4Value("SubnetMask")); + regIps.push_back(ipStr); + regSubnetMasks.push_back(aip->netmask().toIpString()); + _setRegistryIPv4Value("IPAddress", regIps); + _setRegistryIPv4Value("SubnetMask", regSubnetMasks); + } + } } } diff --git a/osdep/WindowsEthernetTap.hpp b/osdep/WindowsEthernetTap.hpp index 0bbb17d8..53bba3e9 100644 --- a/osdep/WindowsEthernetTap.hpp +++ b/osdep/WindowsEthernetTap.hpp @@ -110,6 +110,8 @@ public: void threadMain() throw(); + bool isInitialized() const { return _initialized; }; + private: NET_IFINDEX _getDeviceIndex(); // throws on failure std::vector<std::string> _getRegistryIPv4Value(const char *regKey); diff --git a/rule-compiler/README.md b/rule-compiler/README.md new file mode 100644 index 00000000..e3aa2615 --- /dev/null +++ b/rule-compiler/README.md @@ -0,0 +1,5 @@ +ZeroTier Rules Compiler +====== + +This script converts ZeroTier rules in human-readable format into rules suitable for import into a ZeroTier network controller. It's the script that is used in the rules editor on [ZeroTier Central](https://my.zerotier.com/). + diff --git a/rule-compiler/cli.js b/rule-compiler/cli.js new file mode 100644 index 00000000..c4a3b291 --- /dev/null +++ b/rule-compiler/cli.js @@ -0,0 +1,29 @@ +'use strict'; + +var fs = require('fs'); + +var RuleCompiler = require('./rule-compiler.js'); + +if (process.argv.length < 3) { + console.log('Usage: node cli.js <rules script>'); + process.exit(1); +} + +var src = fs.readFileSync(process.argv[2]).toString(); + +var rules = []; +var caps = {}; +var tags = {}; +var err = RuleCompiler.compile(src,rules,caps,tags); + +if (err) { + console.log('ERROR parsing '+process.argv[2]+' line '+err[0]+' column '+err[1]+': '+err[2]); + process.exit(1); +} else { + console.log(JSON.stringify({ + rules: rules, + caps: caps, + tags: tags + },null,2)); + process.exit(0); +} diff --git a/rule-compiler/examples/capabilities-and-tags.ztrules b/rule-compiler/examples/capabilities-and-tags.ztrules new file mode 100644 index 00000000..9b35f28d --- /dev/null +++ b/rule-compiler/examples/capabilities-and-tags.ztrules @@ -0,0 +1,40 @@ +# This is a default rule set that allows IPv4 and IPv6 traffic. +# You can edit as needed. If your rule set gets large we recommend +# cutting and pasting it somewhere to keep a backup. + +# Drop all Ethernet frame types that are not IPv4 or IPv6 +drop + not ethertype 0x0800 # IPv4 + not ethertype 0x0806 # IPv4 ARP + not ethertype 0x86dd # IPv6 +; + +# Capability: outgoing SSH +cap ssh + id 1000 + accept + ipprotocol tcp + dport 22 + ; +; + +# A tag indicating which department people belong to +tag department + id 1000 + enum 100 sales + enum 200 marketing + enum 300 accounting + enum 400 engineering +; + +# Accept all traffic between members of the same department +accept + tdiff department 0 +; + +# You can insert other drop, tee, etc. rules here. This rule +# set ends with a blanket accept, making it permissive by +# default. + +accept; + diff --git a/rule-compiler/package.json b/rule-compiler/package.json new file mode 100644 index 00000000..451295a4 --- /dev/null +++ b/rule-compiler/package.json @@ -0,0 +1,18 @@ +{ + "name": "zerotier-rule-compiler", + "version": "1.1.17-3", + "description": "ZeroTier Rule Script Compiler", + "main": "cli.js", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "repository": { + "type": "git", + "url": "https://github.com/zerotier/ZeroTierOne/rule-compiler" + }, + "keywords": [ + "ZeroTier" + ], + "author": "ZeroTier, Inc. <contact@zerotier.com>", + "license": "GPL-2.0" +} diff --git a/rule-compiler/rule-compiler.js b/rule-compiler/rule-compiler.js new file mode 100644 index 00000000..feb30f90 --- /dev/null +++ b/rule-compiler/rule-compiler.js @@ -0,0 +1,905 @@ +'use strict'; + +// Names for bits in characteristics -- 0==LSB, 63==MSB +const CHARACTERISTIC_BITS = { + 'inbound': 63, + 'multicast': 62, + 'broadcast': 61, + 'ipauth': 60, + 'macauth': 59, + 'tcp_fin': 0, + 'tcp_syn': 1, + 'tcp_rst': 2, + 'tcp_psh': 3, + 'tcp_ack': 4, + 'tcp_urg': 5, + 'tcp_ece': 6, + 'tcp_cwr': 7, + 'tcp_ns': 8, + 'tcp_rs2': 9, + 'tcp_rs1': 10, + 'tcp_rs0': 11 +}; + +// Shorthand names for common ethernet types +const ETHERTYPES = { + 'ipv4': 0x0800, + 'arp': 0x0806, + 'wol': 0x0842, + 'rarp': 0x8035, + 'ipv6': 0x86dd, + 'atalk': 0x809b, + 'aarp': 0x80f3, + 'ipx_a': 0x8137, + 'ipx_b': 0x8138 +}; + +// Shorthand names for common IP protocols +const IP_PROTOCOLS = { + 'icmp': 0x01, + 'icmp4': 0x01, + 'icmpv4': 0x01, + 'igmp': 0x02, + 'ipip': 0x04, + 'tcp': 0x06, + 'egp': 0x08, + 'igp': 0x09, + 'udp': 0x11, + 'rdp': 0x1b, + 'esp': 0x32, + 'ah': 0x33, + 'icmp6': 0x3a, + 'icmpv6': 0x3a, + 'l2tp': 0x73, + 'sctp': 0x84, + 'udplite': 0x88 +}; + +// Keywords that open new blocks that must be terminated by a semicolon +const OPEN_BLOCK_KEYWORDS = { + 'macro': true, + 'tag': true, + 'cap': true, + 'drop': true, + 'accept': true, + 'tee': true, + 'watch': true, + 'redirect': true, + 'break': true +}; + +// Reserved words that can't be used as tag, capability, or rule set names +const RESERVED_WORDS = { + 'macro': true, + 'tag': true, + 'cap': true, + 'default': true, + + 'drop': true, + 'accept': true, + 'tee': true, + 'watch': true, + 'redirect': true, + 'break': true, + + 'ztsrc': true, + 'ztdest': true, + 'vlan': true, + 'vlanpcp': true, + 'vlandei': true, + 'ethertype': true, + 'macsrc': true, + 'macdest': true, + 'ipsrc': true, + 'ipdest': true, + 'iptos': true, + 'ipprotocol': true, + 'icmp': true, + 'sport': true, + 'dport': true, + 'chr': true, + 'framesize': true, + 'random': true, + 'tand': true, + 'tor': true, + 'txor': true, + 'tdiff': true, + 'teq': true, + 'tseq': true, + 'treq': true, + + 'type': true, + 'enum': true, + 'class': true, + 'define': true, + 'import': true, + 'include': true, + 'log': true, + 'not': true, + 'xor': true, + 'or': true, + 'and': true, + 'set': true, + 'var': true, + 'let': true +}; + +const KEYWORD_TO_API_MAP = { + 'drop': 'ACTION_DROP', + 'accept': 'ACTION_ACCEPT', + 'tee': 'ACTION_TEE', + 'watch': 'ACTION_WATCH', + 'redirect': 'ACTION_REDIRECT', + 'break': 'ACTION_BREAK', + + 'ztsrc': 'MATCH_SOURCE_ZEROTIER_ADDRESS', + 'ztdest': 'MATCH_DEST_ZEROTIER_ADDRESS', + 'vlan': 'MATCH_VLAN_ID', + 'vlanpcp': 'MATCH_VLAN_PCP', + 'vlandei': 'MATCH_VLAN_DEI', + 'ethertype': 'MATCH_ETHERTYPE', + 'macsrc': 'MATCH_MAC_SOURCE', + 'macdest': 'MATCH_MAC_DEST', + //'ipsrc': '', // special handling since we programmatically differentiate between V4 and V6 + //'ipdest': '', // special handling + 'iptos': 'MATCH_IP_TOS', + 'ipprotocol': 'MATCH_IP_PROTOCOL', + 'icmp': 'MATCH_ICMP', + 'sport': 'MATCH_IP_SOURCE_PORT_RANGE', + 'dport': 'MATCH_IP_DEST_PORT_RANGE', + 'chr': 'MATCH_CHARACTERISTICS', + 'framesize': 'MATCH_FRAME_SIZE_RANGE', + 'random': 'MATCH_RANDOM', + 'tand': 'MATCH_TAGS_BITWISE_AND', + 'tor': 'MATCH_TAGS_BITWISE_OR', + 'txor': 'MATCH_TAGS_BITWISE_XOR', + 'tdiff': 'MATCH_TAGS_DIFFERENCE', + 'teq': 'MATCH_TAGS_EQUAL', + 'tseq': 'MATCH_TAG_SENDER', + 'treq': 'MATCH_TAG_RECEIVER' +}; + +// Number of args for each match +const MATCH_ARG_COUNTS = { + 'ztsrc': 1, + 'ztdest': 1, + 'vlan': 1, + 'vlanpcp': 1, + 'vlandei': 1, + 'ethertype': 1, + 'macsrc': 1, + 'macdest': 1, + 'ipsrc': 1, + 'ipdest': 1, + 'iptos': 2, + 'ipprotocol': 1, + 'icmp': 2, + 'sport': 1, + 'dport': 1, + 'chr': 1, + 'framesize': 1, + 'random': 1, + 'tand': 2, + 'tor': 2, + 'txor': 2, + 'tdiff': 2, + 'teq': 2, + 'tseq': 2, + 'treq': 2 +}; + +// Regex of all alphanumeric characters in Unicode +const INTL_ALPHANUM_REGEX = new RegExp('[0-9A-Za-z\xAA\xB5\xBA\xC0-\xD6\xD8-\xF6\xF8-\u02C1\u02C6-\u02D1\u02E0-\u02E4\u02EC\u02EE\u0370-\u0374\u0376\u0377\u037A-\u037D\u0386\u0388-\u038A\u038C\u038E-\u03A1\u03A3-\u03F5\u03F7-\u0481\u048A-\u0527\u0531-\u0556\u0559\u0561-\u0587\u05D0-\u05EA\u05F0-\u05F2\u0620-\u064A\u066E\u066F\u0671-\u06D3\u06D5\u06E5\u06E6\u06EE\u06EF\u06FA-\u06FC\u06FF\u0710\u0712-\u072F\u074D-\u07A5\u07B1\u07CA-\u07EA\u07F4\u07F5\u07FA\u0800-\u0815\u081A\u0824\u0828\u0840-\u0858\u08A0\u08A2-\u08AC\u0904-\u0939\u093D\u0950\u0958-\u0961\u0971-\u0977\u0979-\u097F\u0985-\u098C\u098F\u0990\u0993-\u09A8\u09AA-\u09B0\u09B2\u09B6-\u09B9\u09BD\u09CE\u09DC\u09DD\u09DF-\u09E1\u09F0\u09F1\u0A05-\u0A0A\u0A0F\u0A10\u0A13-\u0A28\u0A2A-\u0A30\u0A32\u0A33\u0A35\u0A36\u0A38\u0A39\u0A59-\u0A5C\u0A5E\u0A72-\u0A74\u0A85-\u0A8D\u0A8F-\u0A91\u0A93-\u0AA8\u0AAA-\u0AB0\u0AB2\u0AB3\u0AB5-\u0AB9\u0ABD\u0AD0\u0AE0\u0AE1\u0B05-\u0B0C\u0B0F\u0B10\u0B13-\u0B28\u0B2A-\u0B30\u0B32\u0B33\u0B35-\u0B39\u0B3D\u0B5C\u0B5D\u0B5F-\u0B61\u0B71\u0B83\u0B85-\u0B8A\u0B8E-\u0B90\u0B92-\u0B95\u0B99\u0B9A\u0B9C\u0B9E\u0B9F\u0BA3\u0BA4\u0BA8-\u0BAA\u0BAE-\u0BB9\u0BD0\u0C05-\u0C0C\u0C0E-\u0C10\u0C12-\u0C28\u0C2A-\u0C33\u0C35-\u0C39\u0C3D\u0C58\u0C59\u0C60\u0C61\u0C85-\u0C8C\u0C8E-\u0C90\u0C92-\u0CA8\u0CAA-\u0CB3\u0CB5-\u0CB9\u0CBD\u0CDE\u0CE0\u0CE1\u0CF1\u0CF2\u0D05-\u0D0C\u0D0E-\u0D10\u0D12-\u0D3A\u0D3D\u0D4E\u0D60\u0D61\u0D7A-\u0D7F\u0D85-\u0D96\u0D9A-\u0DB1\u0DB3-\u0DBB\u0DBD\u0DC0-\u0DC6\u0E01-\u0E30\u0E32\u0E33\u0E40-\u0E46\u0E81\u0E82\u0E84\u0E87\u0E88\u0E8A\u0E8D\u0E94-\u0E97\u0E99-\u0E9F\u0EA1-\u0EA3\u0EA5\u0EA7\u0EAA\u0EAB\u0EAD-\u0EB0\u0EB2\u0EB3\u0EBD\u0EC0-\u0EC4\u0EC6\u0EDC-\u0EDF\u0F00\u0F40-\u0F47\u0F49-\u0F6C\u0F88-\u0F8C\u1000-\u102A\u103F\u1050-\u1055\u105A-\u105D\u1061\u1065\u1066\u106E-\u1070\u1075-\u1081\u108E\u10A0-\u10C5\u10C7\u10CD\u10D0-\u10FA\u10FC-\u1248\u124A-\u124D\u1250-\u1256\u1258\u125A-\u125D\u1260-\u1288\u128A-\u128D\u1290-\u12B0\u12B2-\u12B5\u12B8-\u12BE\u12C0\u12C2-\u12C5\u12C8-\u12D6\u12D8-\u1310\u1312-\u1315\u1318-\u135A\u1380-\u138F\u13A0-\u13F4\u1401-\u166C\u166F-\u167F\u1681-\u169A\u16A0-\u16EA\u1700-\u170C\u170E-\u1711\u1720-\u1731\u1740-\u1751\u1760-\u176C\u176E-\u1770\u1780-\u17B3\u17D7\u17DC\u1820-\u1877\u1880-\u18A8\u18AA\u18B0-\u18F5\u1900-\u191C\u1950-\u196D\u1970-\u1974\u1980-\u19AB\u19C1-\u19C7\u1A00-\u1A16\u1A20-\u1A54\u1AA7\u1B05-\u1B33\u1B45-\u1B4B\u1B83-\u1BA0\u1BAE\u1BAF\u1BBA-\u1BE5\u1C00-\u1C23\u1C4D-\u1C4F\u1C5A-\u1C7D\u1CE9-\u1CEC\u1CEE-\u1CF1\u1CF5\u1CF6\u1D00-\u1DBF\u1E00-\u1F15\u1F18-\u1F1D\u1F20-\u1F45\u1F48-\u1F4D\u1F50-\u1F57\u1F59\u1F5B\u1F5D\u1F5F-\u1F7D\u1F80-\u1FB4\u1FB6-\u1FBC\u1FBE\u1FC2-\u1FC4\u1FC6-\u1FCC\u1FD0-\u1FD3\u1FD6-\u1FDB\u1FE0-\u1FEC\u1FF2-\u1FF4\u1FF6-\u1FFC\u2071\u207F\u2090-\u209C\u2102\u2107\u210A-\u2113\u2115\u2119-\u211D\u2124\u2126\u2128\u212A-\u212D\u212F-\u2139\u213C-\u213F\u2145-\u2149\u214E\u2183\u2184\u2C00-\u2C2E\u2C30-\u2C5E\u2C60-\u2CE4\u2CEB-\u2CEE\u2CF2\u2CF3\u2D00-\u2D25\u2D27\u2D2D\u2D30-\u2D67\u2D6F\u2D80-\u2D96\u2DA0-\u2DA6\u2DA8-\u2DAE\u2DB0-\u2DB6\u2DB8-\u2DBE\u2DC0-\u2DC6\u2DC8-\u2DCE\u2DD0-\u2DD6\u2DD8-\u2DDE\u2E2F\u3005\u3006\u3031-\u3035\u303B\u303C\u3041-\u3096\u309D-\u309F\u30A1-\u30FA\u30FC-\u30FF\u3105-\u312D\u3131-\u318E\u31A0-\u31BA\u31F0-\u31FF\u3400-\u4DB5\u4E00-\u9FCC\uA000-\uA48C\uA4D0-\uA4FD\uA500-\uA60C\uA610-\uA61F\uA62A\uA62B\uA640-\uA66E\uA67F-\uA697\uA6A0-\uA6E5\uA717-\uA71F\uA722-\uA788\uA78B-\uA78E\uA790-\uA793\uA7A0-\uA7AA\uA7F8-\uA801\uA803-\uA805\uA807-\uA80A\uA80C-\uA822\uA840-\uA873\uA882-\uA8B3\uA8F2-\uA8F7\uA8FB\uA90A-\uA925\uA930-\uA946\uA960-\uA97C\uA984-\uA9B2\uA9CF\uAA00-\uAA28\uAA40-\uAA42\uAA44-\uAA4B\uAA60-\uAA76\uAA7A\uAA80-\uAAAF\uAAB1\uAAB5\uAAB6\uAAB9-\uAABD\uAAC0\uAAC2\uAADB-\uAADD\uAAE0-\uAAEA\uAAF2-\uAAF4\uAB01-\uAB06\uAB09-\uAB0E\uAB11-\uAB16\uAB20-\uAB26\uAB28-\uAB2E\uABC0-\uABE2\uAC00-\uD7A3\uD7B0-\uD7C6\uD7CB-\uD7FB\uF900-\uFA6D\uFA70-\uFAD9\uFB00-\uFB06\uFB13-\uFB17\uFB1D\uFB1F-\uFB28\uFB2A-\uFB36\uFB38-\uFB3C\uFB3E\uFB40\uFB41\uFB43\uFB44\uFB46-\uFBB1\uFBD3-\uFD3D\uFD50-\uFD8F\uFD92-\uFDC7\uFDF0-\uFDFB\uFE70-\uFE74\uFE76-\uFEFC\uFF21-\uFF3A\uFF41-\uFF5A\uFF66-\uFFBE\uFFC2-\uFFC7\uFFCA-\uFFCF\uFFD2-\uFFD7\uFFDA-\uFFDC]'); + +// Checks whether something is a valid capability, tag, or macro name +function _isValidName(n) +{ + if ((typeof n !== 'string')||(n.length === 0)) return false; + if ("0123456789".indexOf(n.charAt(0)) >= 0) return false; + for(let i=0;i<n.length;++i) { + let c = n.charAt(i); + if ((c !== '_')&&(!INTL_ALPHANUM_REGEX.test(c))) return false; + } + return true; +} + +// Regexes for checking the basic syntactic validity of IP addresses +const IPV6_REGEX = new RegExp('(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))'); +const IPV4_REGEX = new RegExp('((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])'); + +function _parseNum(n) +{ + try { + if ((typeof n !== 'string')||(n.length === 0)) + return -1; + n = n.toLowerCase(); + if ((n.length > 2)&&(n.substr(0,2) === '0x')) + n = parseInt(n.substr(2),16); + else n = parseInt(n,10); + return (((typeof n === 'number')&&(n !== null)&&(!isNaN(n))) ? n : -1); + } catch (e) { + return -1; + } +} + +function _cleanMac(m) +{ + m = m.toLowerCase(); + var m2 = ''; + for(let i=0;((i<m.length)&&(m2.length<17));++i) { + let c = m.charAt(i); + if ("0123456789abcdef".indexOf(c) >= 0) { + m2 += c; + if ((m2.length > 0)&&(m2.length !== 17)&&((m2.length & 1) === 0)) + m2 += ':'; + } + } + return m2; +} + +function _cleanHex(m) +{ + m = m.toLowerCase(); + var m2 = ''; + for(let i=0;i<m.length;++i) { + let c = m.charAt(i); + if ("0123456789abcdef".indexOf(c) >= 0) + m2 += c; + } + return m2; +} + +function _renderMatches(mtree,rules,macros,caps,tags,params) +{ + let not = false; + let or = false; + for(let k=0;k<mtree.length;++k) { + let match = (typeof mtree[k][0] === 'string') ? mtree[k][0].toLowerCase() : ''; + if ((match.length === 0)||(match === 'and')) { // AND is the default + continue; + } else if (match === 'not') { + not = true; + } else if (match === 'or') { + or = true; + } else { + let args = []; + let argCount = MATCH_ARG_COUNTS[match]; + if (!argCount) + return [ mtree[k][1],mtree[k][2],'Unrecognized match type "'+match+'".' ]; + for(let i=0;i<argCount;++i) { + if (++k >= mtree.length) + return [ mtree[k - 1][1],mtree[k - 1][2],'Missing argument(s) to match.' ]; + let arg = mtree[k][0]; + if ((typeof arg !== 'string')||(arg in RESERVED_WORDS)||(arg.length === 0)) + return [ mtree[k - 1][1],mtree[k - 1][2],'Missing argument(s) to match (invalid argument or argument is reserved word).' ]; + if (arg.charAt(0) === '$') { + let tmp = params[arg]; + if (typeof tmp === 'undefined') + return [ mtree[k][1],mtree[k][2],'Undefined variable name.' ]; + args.push([ tmp,mtree[k][1],mtree[k][2] ]); + } else { + args.push(mtree[k]); + } + } + + switch(match) { + case 'ztsrc': + case 'ztdest': { + let zt = _cleanHex(args[0][0]); + if (zt.length !== 10) + return [ args[0][1],args[0][2],'Invalid ZeroTier address.' ]; + rules.push({ + 'type': KEYWORD_TO_API_MAP[match], + 'not': not, + 'or': or, + 'zt': zt + }); + } break; + + case 'vlan': + case 'vlanpcp': + case 'vlandei': + case 'ethertype': + case 'ipprotocol': { + let num = null; + switch (match) { + case 'ethertype': num = ETHERTYPES[args[0][0]]; break; + case 'ipprotocol': num = IP_PROTOCOLS[args[0][0]]; break; + } + if (typeof num !== 'number') + num = _parseNum(args[0][0]); + if ((typeof num !== 'number')||(num < 0)||(num > 0xffffffff)||(num === null)) + return [ args[0][1],args[0][2],'Invalid numeric value.' ]; + let r = { + 'type': KEYWORD_TO_API_MAP[match], + 'not': not, + 'or': or + }; + switch(match) { + case 'vlan': r['vlanId'] = num; break; + case 'vlanpcp': r['vlanPcp'] = num; break; + case 'vlandei': r['vlanDei'] = num; break; + case 'ethertype': r['etherType'] = num; break; + case 'ipprotocol': r['ipProtocol'] = num; break; + } + rules.push(r); + } break; + + case 'random': { + let num = parseFloat(args[0][0])||0.0; + if (num < 0.0) num = 0.0; + if (num > 1.0) num = 1.0; + rules.push({ + 'type': KEYWORD_TO_API_MAP[match], + 'not': not, + 'or': or, + 'probability': Math.floor(4294967295 * num) + }); + } break; + + case 'macsrc': + case 'macdest': { + let mac = _cleanMac(args[0][0]); + if (mac.length !== 17) + return [ args[0][1],args[0][2],'Invalid MAC address.' ]; + rules.push({ + 'type': KEYWORD_TO_API_MAP[match], + 'not': not, + 'or': or, + 'mac': mac + }); + } break; + + case 'ipsrc': + case 'ipdest': { + let ip = args[0][0]; + let slashIdx = ip.indexOf('/'); + if (slashIdx <= 0) + return [ args[0][1],args[0][2],'Missing /bits netmask length designation in IP.' ]; + let ipOnly = ip.substr(0,slashIdx); + if (IPV6_REGEX.test(ipOnly)) { + rules.push({ + 'type': ((match === 'ipsrc') ? 'MATCH_IPV6_SOURCE' : 'MATCH_IPV6_DEST'), + 'not': not, + 'or': or, + 'ip': ip + }); + } else if (IPV4_REGEX.test(ipOnly)) { + rules.push({ + 'type': ((match === 'ipsrc') ? 'MATCH_IPV4_SOURCE' : 'MATCH_IPV4_DEST'), + 'not': not, + 'or': or, + 'ip': ip + }); + } else { + return [ args[0][1],args[0][2],'Invalid IP address (not valid IPv4 or IPv6).' ]; + } + } break; + + case 'icmp': { + let icmpType = _parseNum(args[0][0]); + if ((icmpType < 0)||(icmpType > 0xff)) + return [ args[0][1],args[0][2],'Missing or invalid ICMP type.' ]; + let icmpCode = _parseNum(args[1][0]); // -1 okay, indicates don't match code + if (icmpCode > 0xff) + return [ args[1][1],args[1][2],'Invalid ICMP code (use -1 for none).' ]; + rules.push({ + 'type': 'MATCH_ICMP', + 'not': not, + 'or': or, + 'icmpType': icmpType, + 'icmpCode': ((icmpCode < 0) ? null : icmpCode) + }); + } break; + + case 'sport': + case 'dport': + case 'framesize': { + let arg = args[0][0]; + let fn = null; + let tn = null; + if (arg.indexOf('-') > 0) { + let asplit = arg.split('-'); + if (asplit.length !== 2) { + return [ args[0][1],args[0][2],'Invalid numeric range.' ]; + } else { + fn = _parseNum(asplit[0]); + tn = _parseNum(asplit[1]); + } + } else { + fn = _parseNum(arg); + tn = fn; + } + if ((fn < 0)||(fn > 0xffff)||(tn < 0)||(tn > 0xffff)||(tn < fn)) + return [ args[0][1],args[0][2],'Invalid numeric range.' ]; + rules.push({ + 'type': KEYWORD_TO_API_MAP[match], + 'not': not, + 'or': or, + 'start': fn, + 'end': tn + }); + } break; + + case 'iptos': { + let mask = _parseNum(args[0][0]); + if ((typeof mask !== 'number')||(mask < 0)||(mask > 0xff)||(mask === null)) + return [ args[0][1],args[0][2],'Invalid mask.' ]; + let arg = args[1][0]; + let fn = null; + let tn = null; + if (arg.indexOf('-') > 0) { + let asplit = arg.split('-'); + if (asplit.length !== 2) { + return [ args[1][1],args[1][2],'Invalid value range.' ]; + } else { + fn = _parseNum(asplit[0]); + tn = _parseNum(asplit[1]); + } + } else { + fn = _parseNum(arg); + tn = fn; + } + if ((fn < 0)||(fn > 0xff)||(tn < 0)||(tn > 0xff)||(tn < fn)) + return [ args[1][1],args[1][2],'Invalid value range.' ]; + rules.push({ + 'type': 'MATCH_IP_TOS', + 'not': not, + 'or': or, + 'mask': mask, + 'start': fn, + 'end': tn + }); + } break; + + case 'chr': { + let chrb = args[0][0].split(/[,]+/); + let maskhi = 0; + let masklo = 0; + for(let i=0;i<chrb.length;++i) { + if (chrb[i].length > 0) { + let tmp = CHARACTERISTIC_BITS[chrb[i]]; + let bit = (typeof tmp === 'number') ? tmp : _parseNum(chrb[i]); + if ((bit < 0)||(bit > 63)) + return [ args[0][1],args[0][2],'Invalid bit index (range 0-63) or unrecognized name.' ]; + if (bit >= 32) + maskhi |= Math.abs(1 << (bit - 32)); + else masklo |= Math.abs(1 << bit); + } + } + maskhi = Math.abs(maskhi).toString(16); + while (maskhi.length < 8) maskhi = '0' + maskhi; + masklo = Math.abs(masklo).toString(16); + while (masklo.length < 8) masklo = '0' + masklo; + rules.push({ + 'type': 'MATCH_CHARACTERISTICS', + 'not': not, + 'or': or, + 'mask': (maskhi + masklo) + }); + } break; + + case 'tand': + case 'tor': + case 'txor': + case 'tdiff': + case 'teq': + case 'tseq': + case 'treq': { + let tag = tags[args[0][0]]; + let tagId = -1; + let tagValue = -1; + if (tag) { + tagId = tag.id; + tagValue = args[1][0]; + if (tagValue in tag.flags) + tagValue = tag.flags[tagValue]; + else if (tagValue in tag.enums) + tagValue = tag.enums[tagValue]; + else tagValue = _parseNum(tagValue); + } else { + tagId = _parseNum(args[0][0]); + tagValue = _parseNum(args[1][0]); + } + if ((tagId < 0)||(tagId > 0xffffffff)) + return [ args[0][1],args[0][2],'Undefined tag name and invalid tag value.' ]; + if ((tagValue < 0)||(tagValue > 0xffffffff)) + return [ args[1][1],args[1][2],'Invalid tag value or unrecognized flag/enum name.' ]; + rules.push({ + 'type': KEYWORD_TO_API_MAP[match], + 'not': not, + 'or': or, + 'id': tagId, + 'value': tagValue + }); + } break; + } + + not = false; + or = false; + } + } + return null; +} + +function _renderActions(rtree,rules,macros,caps,tags,params) +{ + for(let k=0;k<rtree.length;++k) { + let action = (typeof rtree[k][0] === 'string') ? rtree[k][0].toLowerCase() : ''; + if (action.length === 0) { + continue; + } else if (action === 'include') { + if ((k + 1) >= rtree.length) + return [ rtree[k][1],rtree[k][2],'Include directive is missing a macro name.' ]; + let macroName = rtree[k + 1][0]; + ++k; + + let macroParamArray = []; + let parenIdx = macroName.indexOf('('); + if (parenIdx > 0) { + let pns = macroName.substr(parenIdx + 1).split(/[,)]+/); + for(let k=0;k<pns.length;++k) { + if (pns[k].length > 0) + macroParamArray.push(pns[k]); + } + macroName = macroName.substr(0,parenIdx); + } + + let macro = macros[macroName]; + if (!macro) + return [ rtree[k][1],rtree[k][2],'Macro name not found.' ]; + let macroParams = {}; + for(let param in macro.params) { + let pidx = macro.params[param]; + if (pidx >= macroParamArray.length) + return [ rtree[k][1],rtree[k][2],'Missing one or more required macro parameter.' ]; + macroParams[param] = macroParamArray[pidx]; + } + + let err = _renderActions(macro.rules,rules,macros,caps,tags,macroParams); + if (err !== null) + return err; + } else if ((action === 'drop')||(action === 'accept')||(action === 'break')) { // actions without arguments + if (((k + 1) < rtree.length)&&(Array.isArray(rtree[k + 1][0]))) { + let mtree = rtree[k + 1]; ++k; + let err = _renderMatches(mtree,rules,macros,caps,tags,params); + if (err !== null) + return err; + } + rules.push({ + 'type': KEYWORD_TO_API_MAP[action] + }); + } else if ((action === 'tee')||(action === 'watch')) { // actions with arguments (ZeroTier address) + if (((k + 1) < rtree.length)&&(Array.isArray(rtree[k + 1][0]))&&(rtree[k + 1][0].length >= 2)) { + let mtree = rtree[k + 1]; ++k; + let maxLength = _parseNum(mtree[0][0]); + if ((maxLength < -1)||(maxLength > 0xffff)) + return [ mtree[0][1],mtree[1][2],'Tee/watch max packet length to forward invalid or out of range.' ]; + let target = mtree[1][0]; + if ((typeof target !== 'string')||(target.length !== 10)) + return [ mtree[1][1],mtree[1][2],'Missing or invalid ZeroTier address target for tee/watch.' ]; + let err = _renderMatches(mtree.slice(2),rules,macros,caps,tags,params); + if (err !== null) + return err; + rules.push({ + 'type': KEYWORD_TO_API_MAP[action], + 'address': target, + 'length': maxLength + }); + } else { + return [ rtree[k][1],rtree[k][2],'The tee and watch actions require two paremters (max length or 0 for all, target).' ]; + } + } else if (action === 'redirect') { + if (((k + 1) < rtree.length)&&(Array.isArray(rtree[k + 1][0]))&&(rtree[k + 1][0].length >= 1)) { + let mtree = rtree[k + 1]; ++k; + let target = mtree[0][0]; + if ((typeof target !== 'string')||(target.length !== 10)) + return [ mtree[0][1],mtree[0][2],'Missing or invalid ZeroTier address target for redirect.' ]; + let err = _renderMatches(mtree.slice(1),rules,macros,caps,tags,params); + if (err !== null) + return err; + rules.push({ + 'type': KEYWORD_TO_API_MAP[action], + 'address': target + }); + } else { + return [ rtree[k][1],rtree[k][2],'The redirect action requires a target parameter.' ]; + } + } else { + return [ rtree[k][1],rtree[k][2],'Unrecognized action or directive in rule set.' ]; + } + } + + return null; +} + +function compile(src,rules,caps,tags) +{ + try { + if (typeof src !== 'string') + return [ 0,0,'"src" parameter must be a string.' ]; + + // Pass 1: parse source into a tree of arrays of elements. Each element is a 3-item + // tuple consisting of string, line number, and character index in line to enable + // informative error messages to be returned. + + var blockStack = [ [] ]; + var curr = [ '',-1,-1 ]; + var skipRestOfLine = false; + for(let idx=0,lineNo=1,lineIdx=0;idx<src.length;++idx,++lineIdx) { + let ch = src.charAt(idx); + if (skipRestOfLine) { + if ((ch === '\r')||(ch === '\n')) { + skipRestOfLine = false; + ++lineNo; + lineIdx = 0; + } + } else { + switch(ch) { + case '\n': + ++lineNo; + lineIdx = 0; + case '\r': + case '\t': + case ' ': + if (curr[0].length > 0) { + let endOfBlock = false; + if (curr[0].charAt(curr[0].length - 1) === ';') { + endOfBlock = true; + curr[0] = curr[0].substr(0,curr[0].length - 1); + } + + if (curr[0].length > 0) { + blockStack[blockStack.length - 1].push(curr); + } + if ((endOfBlock)&&(blockStack.length > 1)&&(blockStack[blockStack.length - 1].length > 0)) { + blockStack[blockStack.length - 2].push(blockStack[blockStack.length - 1]); + blockStack.pop(); + } else if (curr[0] in OPEN_BLOCK_KEYWORDS) { + blockStack.push([]); + } + + curr = [ '',-1,-1 ]; + } + break; + default: + if (curr[0].length === 0) { + if (ch === '#') { + skipRestOfLine = true; + continue; + } else { + curr[1] = lineNo; + curr[2] = lineIdx; + } + } + curr[0] += ch; + break; + } + } + } + + if (curr[0].length > 0) { + if (curr[0].charAt(curr[0].length - 1) === ';') + curr[0] = curr[0].substr(0,curr[0].length - 1); + if (curr[0].length > 0) + blockStack[blockStack.length - 1].push(curr); + } + while ((blockStack.length > 1)&&(blockStack[blockStack.length - 1].length > 0)) { + blockStack[blockStack.length - 2].push(blockStack[blockStack.length - 1]); + blockStack.pop(); + } + var parsed = blockStack[0]; + + // Pass 2: parse tree into capabilities, tags, rule sets, and document-level rules. + + let baseRuleTree = []; + let macros = {}; + for(let i=0;i<parsed.length;++i) { + let keyword = (typeof parsed[i][0] === 'string') ? parsed[i][0].toLowerCase() : null; + if (keyword === 'macro') { + // Define macros + + if ( ((i + 1) >= parsed.length) || (!Array.isArray(parsed[i + 1])) || (parsed[i + 1].length < 1) || (!Array.isArray(parsed[i + 1][0])) ) + return [ parsed[i][1],parsed[i][2],'Macro definition is missing name.' ]; + let macro = parsed[++i]; + let macroName = macro[0][0].toLowerCase(); + + let params = {}; + let parenIdx = macroName.indexOf('('); + if (parenIdx > 0) { + let pns = macroName.substr(parenIdx + 1).split(/[,)]+/); + for(let k=0;k<pns.length;++k) { + if (pns[k].length > 0) + params[pns[k]] = k; + } + macroName = macroName.substr(0,parenIdx); + } + + if (!_isValidName(macroName)) + return [ macro[0][1],macro[0][2],'Invalid macro name.' ]; + if (macroName in RESERVED_WORDS) + return [ macro[0][1],macro[0][2],'Macro name is a reserved word.' ]; + + if (macroName in macros) + return [ macro[0][1],macro[0][2],'Multiple definition of macro name.' ]; + + macros[macroName] = { + params: params, + rules: macro.slice(1) + }; + } else if (keyword === 'tag') { + // Define tags + + if ( ((i + 1) >= parsed.length) || (!Array.isArray(parsed[i + 1])) || (parsed[i + 1].length < 1) || (!Array.isArray(parsed[i + 1][0])) ) + return [ parsed[i][1],parsed[i][2],'Tag definition is missing name.' ]; + let tag = parsed[++i]; + let tagName = tag[0][0].toLowerCase(); + + if (!_isValidName(tagName)) + return [ tag[0][1],tag[0][2],'Invalid tag name.' ]; + if (tagName in RESERVED_WORDS) + return [ tag[0][1],tag[0][2],'Tag name is a reserved word.' ]; + + if (tagName in tags) + return [ tag[0][1],tag[0][2],'Multiple definition of tag name.' ]; + + let flags = {}; + let enums = {}; + let id = -1; + let dfl = null; + for(let k=1;k<tag.length;++k) { + let tkeyword = tag[k][0].toLowerCase(); + if (tkeyword === 'id') { + if (id >= 0) + return [ tag[k][1],tag[k][2],'Duplicate tag id definition.' ]; + if ((k + 1) >= tag.length) + return [ tag[k][1],tag[k][2],'Missing numeric value for ID.' ]; + id = _parseNum(tag[++k][0]); + if ((id < 0)||(id > 0xffffffff)) + return [ tag[k][1],tag[k][2],'Invalid or out of range tag ID.' ]; + } else if (tkeyword === 'default') { + if (dfl !== null) + return [ tag[k][1],tag[k][2],'Duplicate tag default directive.' ]; + if ((k + 1) >= tag.length) + return [ tag[k][1],tag[k][2],'Missing value for default.' ]; + dfl = tag[++k][0]||null; + } else if (tkeyword === 'flag') { + if ((k + 2) >= tag.length) + return [ tag[k][1],tag[k][2],'Missing tag flag name or bit index.' ]; + ++k; + let bits = tag[k][0].split(/[,]+/); + let mask = 0; + for(let j=0;j<bits.length;++j) { + let b = bits[j].toLowerCase(); + if (b in flags) { + mask |= flags[b]; + } else { + b = _parseNum(b); + if ((b < 0)||(b > 31)) + return [ tag[k][1],tag[k][2],'Bit index invalid, out of range, or references an undefined flag name.' ]; + mask |= (1 << b); + } + } + let flagName = tag[++k][0].toLowerCase(); + if (!_isValidName(flagName)) + return [ tag[k][1],tag[k][2],'Invalid or reserved flag name.' ]; + if (flagName in flags) + return [ tag[k][1],tag[k][2],'Duplicate flag name in tag definition.' ]; + flags[flagName] = mask; + } else if (tkeyword === 'enum') { + if ((k + 2) >= tag.length) + return [ tag[k][1],tag[k][2],'Missing tag enum name or value.' ]; + ++k; + let value = _parseNum(tag[k][0]); + if ((value < 0)||(value > 0xffffffff)) + return [ tag[k][1],tag[k][2],'Tag enum value invalid or out of range.' ]; + let enumName = tag[++k][0].toLowerCase(); + if (!_isValidName(enumName)) + return [ tag[k][1],tag[k][2],'Invalid or reserved tag enum name.' ]; + if (enumName in enums) + return [ tag[k][1],tag[k][2],'Duplicate enum name in tag definition.' ]; + enums[enumName] = value; + } else { + return [ tag[k][1],tag[k][2],'Unrecognized keyword in tag definition.' ]; + } + } + if (id < 0) + return [ tag[0][1],tag[0][2],'Tag definition is missing a numeric ID.' ]; + + if (dfl) { + let dfl2 = enums[dfl]; + if (typeof dfl2 === 'number') { + dfl = dfl2; + } else { + dfl2 = flags[dfl]; + if (typeof dfl2 === 'number') { + dfl = dfl2; + } else { + dfl = _parseNum(dfl)||0; + if (dfl < 0) + dfl = 0; + else dfl &= 0xffffffff; + } + } + } + + tags[tagName] = { + 'id': id, + 'default': dfl, + 'enums': enums, + 'flags': flags + }; + } else if (keyword === 'cap') { + // Define capabilities + + if ( ((i + 1) >= parsed.length) || (!Array.isArray(parsed[i + 1])) || (parsed[i + 1].length < 1) || (!Array.isArray(parsed[i + 1][0])) ) + return [ parsed[i][1],parsed[i][2],'Capability definition is missing name.' ]; + let cap = parsed[++i]; + let capName = cap[0][0].toLowerCase(); + + if (!_isValidName(capName)) + return [ cap[0][1],cap[0][2],'Invalid capability name.' ]; + if (capName in RESERVED_WORDS) + return [ cap[0][1],cap[0][2],'Capability name is a reserved word.' ]; + + if (capName in caps) + return [ cap[0][1],cap[0][2],'Multiple definition of capability name.' ]; + + let capRules = []; + let id = -1; + let dfl = false; + for(let k=1;k<cap.length;++k) { + let dn = (typeof cap[k][0] === 'string') ? cap[k][0].toLowerCase() : null; + if (dn === 'id') { + if (id >= 0) + return [ cap[k][1],cap[k][2],'Duplicate id directive in capability definition.' ]; + if ((k + 1) >= cap.length) + return [ cap[k][1],cap[k][2],'Missing value for ID.' ]; + id = _parseNum(cap[++k][0]); + if ((id < 0)||(id > 0xffffffff)) + return [ cap[k - 1][1],cap[k - 1][2],'Invalid or out of range capability ID.' ]; + for(let cn in caps) { + if (caps[cn].id === id) + return [ cap[k - 1][1],cap[k - 1][2],'Duplicate capability ID.' ]; + } + } else if (dn === 'default') { + dfl = true; + } else { + capRules.push(cap[k]); + } + } + if (id < 0) + return [ cap[0][1],cap[0][2],'Capability definition is missing a numeric ID.' ]; + + caps[capName] = { + 'id': id, + 'default': dfl, + 'rules': capRules + }; + } else { + baseRuleTree.push(parsed[i]); + } + } + + // Pass 3: render low-level ZeroTier rules arrays for capabilities and base. + + for(let capName in caps) { + let r = []; + let err = _renderActions(caps[capName].rules,r,macros,caps,tags,{}); + if (err !== null) + return err; + caps[capName].rules = r; + } + + let err = _renderActions(baseRuleTree,rules,macros,caps,tags,{}); + if (err !== null) + return err; + + return null; + } catch (e) { + console.log(e.stack); + return [ 0,0,'Unexpected exception: '+e.toString() ]; + } +} + +exports.compile = compile; diff --git a/selftest.cpp b/selftest.cpp index aecccd21..8a450796 100644 --- a/selftest.cpp +++ b/selftest.cpp @@ -49,10 +49,11 @@ #include "osdep/OSUtils.hpp" #include "osdep/Phy.hpp" #include "osdep/Http.hpp" -#include "osdep/BackgroundResolver.hpp" #include "osdep/PortMapper.hpp" #include "osdep/Thread.hpp" +#include "controller/JSONDB.hpp" + #ifdef __WINDOWS__ #include <tchar.h> #endif @@ -153,9 +154,9 @@ static int testCrypto() memset(buf3,0,sizeof(buf3)); Salsa20 s20; s20.init("12345678123456781234567812345678",256,"12345678"); - s20.encrypt20(buf1,buf2,sizeof(buf1)); + s20.crypt20(buf1,buf2,sizeof(buf1)); s20.init("12345678123456781234567812345678",256,"12345678"); - s20.decrypt20(buf2,buf3,sizeof(buf2)); + s20.crypt20(buf2,buf3,sizeof(buf2)); if (memcmp(buf1,buf3,sizeof(buf1))) { std::cout << "FAIL (encrypt/decrypt test)" << std::endl; return -1; @@ -164,7 +165,7 @@ static int testCrypto() Salsa20 s20(s20TV0Key,256,s20TV0Iv); memset(buf1,0,sizeof(buf1)); memset(buf2,0,sizeof(buf2)); - s20.encrypt20(buf1,buf2,64); + s20.crypt20(buf1,buf2,64); if (memcmp(buf2,s20TV0Ks,64)) { std::cout << "FAIL (test vector 0)" << std::endl; return -1; @@ -172,7 +173,7 @@ static int testCrypto() s20.init(s2012TV0Key,256,s2012TV0Iv); memset(buf1,0,sizeof(buf1)); memset(buf2,0,sizeof(buf2)); - s20.encrypt12(buf1,buf2,64); + s20.crypt12(buf1,buf2,64); if (memcmp(buf2,s2012TV0Ks,64)) { std::cout << "FAIL (test vector 1)" << std::endl; return -1; @@ -194,7 +195,7 @@ static int testCrypto() double bytes = 0.0; uint64_t start = OSUtils::now(); for(unsigned int i=0;i<200;++i) { - s20.encrypt12(bb,bb,1234567); + s20.crypt12(bb,bb,1234567); bytes += 1234567.0; } uint64_t end = OSUtils::now(); @@ -212,7 +213,7 @@ static int testCrypto() double bytes = 0.0; uint64_t start = OSUtils::now(); for(unsigned int i=0;i<200;++i) { - s20.encrypt20(bb,bb,1234567); + s20.crypt20(bb,bb,1234567); bytes += 1234567.0; } uint64_t end = OSUtils::now(); @@ -325,6 +326,17 @@ static int testCrypto() } std::cout << "PASS" << std::endl; + std::cout << "[crypto] Benchmarking C25519 ECC key agreement... "; std::cout.flush(); + C25519::Pair bp[8]; + for(int k=0;k<8;++k) + bp[k] = C25519::generate(); + const uint64_t st = OSUtils::now(); + for(unsigned int k=0;k<50;++k) { + C25519::agree(bp[~k & 7],bp[k & 7].pub,buf1,64); + } + const uint64_t et = OSUtils::now(); + std::cout << ((double)(et - st) / 50.0) << "ms per agreement." << std::endl; + std::cout << "[crypto] Testing Ed25519 ECC signatures... "; std::cout.flush(); C25519::Pair didntSign = C25519::generate(); for(unsigned int i=0;i<10;++i) { @@ -374,11 +386,15 @@ static int testIdentity() std::cout << "FAIL (1)" << std::endl; return -1; } - if (!id.locallyValidate()) { - std::cout << "FAIL (2)" << std::endl; - return -1; + const uint64_t vst = OSUtils::now(); + for(int k=0;k<10;++k) { + if (!id.locallyValidate()) { + std::cout << "FAIL (2)" << std::endl; + return -1; + } } - std::cout << "PASS" << std::endl; + const uint64_t vet = OSUtils::now(); + std::cout << "PASS (" << ((double)(vet - vst) / 10.0) << "ms per validation)" << std::endl; std::cout << "[identity] Validate known-bad identity... "; std::cout.flush(); if (!id.fromString(KNOWN_BAD_IDENTITY)) { @@ -556,7 +572,7 @@ static int testPacket() return -1; } - a.armor(salsaKey,true); + a.armor(salsaKey,true,0); if (!a.dearmor(salsaKey)) { std::cout << "FAIL (encrypt-decrypt/verify)" << std::endl; return -1; @@ -807,6 +823,43 @@ static int testOther() } std::cout << "PASS (junk value to prevent optimization-out of test: " << foo << ")" << std::endl; + /* + std::cout << "[other] Testing controller/JSONDB..."; std::cout.flush(); + { + std::map<std::string,nlohmann::json> db1data; + JSONDB db1("jsondb-test"); + for(unsigned int i=0;i<256;++i) { + std::string n; + for(unsigned int j=0,k=rand() % 4;j<=k;++j) { + if (j > 0) n.push_back('/'); + char foo[24]; + Utils::snprintf(foo,sizeof(foo),"%lx",rand()); + n.append(foo); + } + db1data[n] = {{"i",i}}; + db1.put(n,db1data[n]); + } + for(std::map<std::string,nlohmann::json>::iterator i(db1data.begin());i!=db1data.end();++i) { + i->second["foo"] = "bar"; + db1.put(i->first,i->second); + } + JSONDB db2("jsondb-test"); + if (db1 != db2) { + std::cout << " FAILED (db1!=db2 #1)" << std::endl; + return -1; + } + for(std::map<std::string,nlohmann::json>::iterator i(db1data.begin());i!=db1data.end();++i) { + db1.erase(i->first); + } + db2.reload(); + if (db1 != db2) { + std::cout << " FAILED (db1!=db2 #2)" << std::endl; + return -1; + } + } + std::cout << " PASS" << std::endl; + */ + return 0; } @@ -958,23 +1011,6 @@ static int testPhy() return 0; } -static int testResolver() -{ - std::cout << "[resolver] Testing BackgroundResolver..."; std::cout.flush(); - - BackgroundResolver r("tcp-fallback.zerotier.com"); - r.resolveNow(); - r.wait(); - - std::vector<InetAddress> ips(r.get()); - for(std::vector<InetAddress>::const_iterator ip(ips.begin());ip!=ips.end();++ip) { - std::cout << ' ' << ip->toString(); - } - std::cout << std::endl; - - return 0; -} - /* static int testHttp() { @@ -1082,7 +1118,6 @@ int main(int argc,char **argv) r |= testIdentity(); r |= testCertificate(); r |= testPhy(); - r |= testResolver(); //r |= testHttp(); //*/ diff --git a/service/ClusterDefinition.hpp b/service/ClusterDefinition.hpp index 441cc04d..dda1a8c8 100644 --- a/service/ClusterDefinition.hpp +++ b/service/ClusterDefinition.hpp @@ -66,9 +66,9 @@ public: char myAddressStr[64]; Utils::snprintf(myAddressStr,sizeof(myAddressStr),"%.10llx",myAddress); - std::vector<std::string> lines(Utils::split(cf.c_str(),"\r\n","","")); + std::vector<std::string> lines(OSUtils::split(cf.c_str(),"\r\n","","")); for(std::vector<std::string>::iterator l(lines.begin());l!=lines.end();++l) { - std::vector<std::string> fields(Utils::split(l->c_str()," \t","","")); + std::vector<std::string> fields(OSUtils::split(l->c_str()," \t","","")); if ((fields.size() < 5)||(fields[0][0] == '#')||(fields[0] != myAddressStr)) continue; @@ -93,7 +93,7 @@ public: md.id = (unsigned int)id; if (fields.size() >= 6) { - std::vector<std::string> xyz(Utils::split(fields[5].c_str(),",","","")); + std::vector<std::string> xyz(OSUtils::split(fields[5].c_str(),",","","")); md.x = (xyz.size() > 0) ? Utils::strToInt(xyz[0].c_str()) : 0; md.y = (xyz.size() > 1) ? Utils::strToInt(xyz[1].c_str()) : 0; md.z = (xyz.size() > 2) ? Utils::strToInt(xyz[2].c_str()) : 0; @@ -102,7 +102,7 @@ public: md.clusterEndpoint.fromString(fields[3]); if (!md.clusterEndpoint) continue; - std::vector<std::string> zips(Utils::split(fields[4].c_str(),",","","")); + std::vector<std::string> zips(OSUtils::split(fields[4].c_str(),",","","")); for(std::vector<std::string>::iterator zip(zips.begin());zip!=zips.end();++zip) { InetAddress i; i.fromString(*zip); diff --git a/service/ClusterGeoIpService.cpp b/service/ClusterGeoIpService.cpp index 3ad69753..89015c51 100644 --- a/service/ClusterGeoIpService.cpp +++ b/service/ClusterGeoIpService.cpp @@ -101,7 +101,7 @@ bool ClusterGeoIpService::locate(const InetAddress &ip,int &x,int &y,int &z) void ClusterGeoIpService::_parseLine(const char *line,std::vector<_V4E> &v4db,std::vector<_V6E> &v6db,int ipStartColumn,int ipEndColumn,int latitudeColumn,int longitudeColumn) { - std::vector<std::string> ls(Utils::split(line,",\t","\\","\"'")); + std::vector<std::string> ls(OSUtils::split(line,",\t","\\","\"'")); if ( ((ipStartColumn >= 0)&&(ipStartColumn < (int)ls.size()))&& ((ipEndColumn >= 0)&&(ipEndColumn < (int)ls.size()))&& ((latitudeColumn >= 0)&&(latitudeColumn < (int)ls.size()))&& diff --git a/service/ControlPlane.cpp b/service/ControlPlane.cpp deleted file mode 100644 index 5c135636..00000000 --- a/service/ControlPlane.cpp +++ /dev/null @@ -1,605 +0,0 @@ -/* - * ZeroTier One - Network Virtualization Everywhere - * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -#include "ControlPlane.hpp" -#include "OneService.hpp" - -#include "../version.h" -#include "../include/ZeroTierOne.h" - -#ifdef ZT_USE_SYSTEM_HTTP_PARSER -#include <http_parser.h> -#else -#include "../ext/http-parser/http_parser.h" -#endif - -#include "../ext/json/json.hpp" - -#include "../controller/EmbeddedNetworkController.hpp" - -#include "../node/InetAddress.hpp" -#include "../node/Node.hpp" -#include "../node/Utils.hpp" -#include "../osdep/OSUtils.hpp" - -namespace ZeroTier { - -static std::string _jsonEscape(const char *s) -{ - std::string buf; - for(const char *p=s;(*p);++p) { - switch(*p) { - case '\t': buf.append("\\t"); break; - case '\b': buf.append("\\b"); break; - case '\r': buf.append("\\r"); break; - case '\n': buf.append("\\n"); break; - case '\f': buf.append("\\f"); break; - case '"': buf.append("\\\""); break; - case '\\': buf.append("\\\\"); break; - case '/': buf.append("\\/"); break; - default: buf.push_back(*p); break; - } - } - return buf; -} -static std::string _jsonEscape(const std::string &s) { return _jsonEscape(s.c_str()); } - -static std::string _jsonEnumerate(const struct sockaddr_storage *ss,unsigned int count) -{ - std::string buf; - buf.push_back('['); - for(unsigned int i=0;i<count;++i) { - if (i > 0) - buf.push_back(','); - buf.push_back('"'); - buf.append(_jsonEscape(reinterpret_cast<const InetAddress *>(&(ss[i]))->toString())); - buf.push_back('"'); - } - buf.push_back(']'); - return buf; -} -static std::string _jsonEnumerate(const ZT_VirtualNetworkRoute *routes,unsigned int count) -{ - std::string buf; - buf.push_back('['); - for(unsigned int i=0;i<count;++i) { - if (i > 0) - buf.push_back(','); - buf.append("{\"target\":\""); - buf.append(_jsonEscape(reinterpret_cast<const InetAddress *>(&(routes[i].target))->toString())); - buf.append("\",\"via\":"); - if (routes[i].via.ss_family == routes[i].target.ss_family) { - buf.push_back('"'); - buf.append(_jsonEscape(reinterpret_cast<const InetAddress *>(&(routes[i].via))->toIpString())); - buf.append("\","); - } else buf.append("null,"); - char tmp[1024]; - Utils::snprintf(tmp,sizeof(tmp),"\"flags\":%u,\"metric\":%u}",(unsigned int)routes[i].flags,(unsigned int)routes[i].metric); - buf.append(tmp); - } - buf.push_back(']'); - return buf; -} - -static void _jsonAppend(unsigned int depth,std::string &buf,const ZT_VirtualNetworkConfig *nc,const std::string &portDeviceName,const OneService::NetworkSettings &localSettings) -{ - char json[4096]; - char prefix[32]; - - if (depth >= sizeof(prefix)) // sanity check -- shouldn't be possible - return; - for(unsigned int i=0;i<depth;++i) - prefix[i] = '\t'; - prefix[depth] = '\0'; - - const char *nstatus = "",*ntype = ""; - switch(nc->status) { - case ZT_NETWORK_STATUS_REQUESTING_CONFIGURATION: nstatus = "REQUESTING_CONFIGURATION"; break; - case ZT_NETWORK_STATUS_OK: nstatus = "OK"; break; - case ZT_NETWORK_STATUS_ACCESS_DENIED: nstatus = "ACCESS_DENIED"; break; - case ZT_NETWORK_STATUS_NOT_FOUND: nstatus = "NOT_FOUND"; break; - case ZT_NETWORK_STATUS_PORT_ERROR: nstatus = "PORT_ERROR"; break; - case ZT_NETWORK_STATUS_CLIENT_TOO_OLD: nstatus = "CLIENT_TOO_OLD"; break; - } - switch(nc->type) { - case ZT_NETWORK_TYPE_PRIVATE: ntype = "PRIVATE"; break; - case ZT_NETWORK_TYPE_PUBLIC: ntype = "PUBLIC"; break; - } - - Utils::snprintf(json,sizeof(json), - "%s{\n" - "%s\t\"nwid\": \"%.16llx\",\n" - "%s\t\"mac\": \"%.2x:%.2x:%.2x:%.2x:%.2x:%.2x\",\n" - "%s\t\"name\": \"%s\",\n" - "%s\t\"status\": \"%s\",\n" - "%s\t\"type\": \"%s\",\n" - "%s\t\"mtu\": %u,\n" - "%s\t\"dhcp\": %s,\n" - "%s\t\"bridge\": %s,\n" - "%s\t\"broadcastEnabled\": %s,\n" - "%s\t\"portError\": %d,\n" - "%s\t\"netconfRevision\": %lu,\n" - "%s\t\"assignedAddresses\": %s,\n" - "%s\t\"routes\": %s,\n" - "%s\t\"portDeviceName\": \"%s\",\n" - "%s\t\"allowManaged\": %s,\n" - "%s\t\"allowGlobal\": %s,\n" - "%s\t\"allowDefault\": %s\n" - "%s}", - prefix, - prefix,nc->nwid, - prefix,(unsigned int)((nc->mac >> 40) & 0xff),(unsigned int)((nc->mac >> 32) & 0xff),(unsigned int)((nc->mac >> 24) & 0xff),(unsigned int)((nc->mac >> 16) & 0xff),(unsigned int)((nc->mac >> 8) & 0xff),(unsigned int)(nc->mac & 0xff), - prefix,_jsonEscape(nc->name).c_str(), - prefix,nstatus, - prefix,ntype, - prefix,nc->mtu, - prefix,(nc->dhcp == 0) ? "false" : "true", - prefix,(nc->bridge == 0) ? "false" : "true", - prefix,(nc->broadcastEnabled == 0) ? "false" : "true", - prefix,nc->portError, - prefix,nc->netconfRevision, - prefix,_jsonEnumerate(nc->assignedAddresses,nc->assignedAddressCount).c_str(), - prefix,_jsonEnumerate(nc->routes,nc->routeCount).c_str(), - prefix,_jsonEscape(portDeviceName).c_str(), - prefix,(localSettings.allowManaged) ? "true" : "false", - prefix,(localSettings.allowGlobal) ? "true" : "false", - prefix,(localSettings.allowDefault) ? "true" : "false", - prefix); - buf.append(json); -} - -static std::string _jsonEnumerate(unsigned int depth,const ZT_PeerPhysicalPath *pp,unsigned int count) -{ - char json[2048]; - char prefix[32]; - - if (depth >= sizeof(prefix)) // sanity check -- shouldn't be possible - return std::string(); - for(unsigned int i=0;i<depth;++i) - prefix[i] = '\t'; - prefix[depth] = '\0'; - - std::string buf; - for(unsigned int i=0;i<count;++i) { - if (i > 0) - buf.push_back(','); - Utils::snprintf(json,sizeof(json), - "{\n" - "%s\t\"address\": \"%s\",\n" - "%s\t\"lastSend\": %llu,\n" - "%s\t\"lastReceive\": %llu,\n" - "%s\t\"active\": %s,\n" - "%s\t\"expired\": %s,\n" - "%s\t\"preferred\": %s,\n" - "%s\t\"trustedPathId\": %llu\n" - "%s}", - prefix,_jsonEscape(reinterpret_cast<const InetAddress *>(&(pp[i].address))->toString()).c_str(), - prefix,pp[i].lastSend, - prefix,pp[i].lastReceive, - prefix,(pp[i].expired != 0) ? "false" : "true", - prefix,(pp[i].expired == 0) ? "false" : "true", - prefix,(pp[i].preferred == 0) ? "false" : "true", - prefix,pp[i].trustedPathId, - prefix); - buf.append(json); - } - return buf; -} - -static void _jsonAppend(unsigned int depth,std::string &buf,const ZT_Peer *peer) -{ - char json[2048]; - char prefix[32]; - - if (depth >= sizeof(prefix)) // sanity check -- shouldn't be possible - return; - for(unsigned int i=0;i<depth;++i) - prefix[i] = '\t'; - prefix[depth] = '\0'; - - const char *prole = ""; - switch(peer->role) { - case ZT_PEER_ROLE_LEAF: prole = "LEAF"; break; - case ZT_PEER_ROLE_UPSTREAM: prole = "UPSTREAM"; break; - case ZT_PEER_ROLE_ROOT: prole = "ROOT"; break; - } - - Utils::snprintf(json,sizeof(json), - "%s{\n" - "%s\t\"address\": \"%.10llx\",\n" - "%s\t\"lastUnicastFrame\": %llu,\n" - "%s\t\"lastMulticastFrame\": %llu,\n" - "%s\t\"versionMajor\": %d,\n" - "%s\t\"versionMinor\": %d,\n" - "%s\t\"versionRev\": %d,\n" - "%s\t\"version\": \"%d.%d.%d\",\n" - "%s\t\"latency\": %u,\n" - "%s\t\"role\": \"%s\",\n" - "%s\t\"paths\": [%s]\n" - "%s}", - prefix, - prefix,peer->address, - prefix,peer->lastUnicastFrame, - prefix,peer->lastMulticastFrame, - prefix,peer->versionMajor, - prefix,peer->versionMinor, - prefix,peer->versionRev, - prefix,peer->versionMajor,peer->versionMinor,peer->versionRev, - prefix,peer->latency, - prefix,prole, - prefix,_jsonEnumerate(depth+1,peer->paths,peer->pathCount).c_str(), - prefix); - buf.append(json); -} - -ControlPlane::ControlPlane(OneService *svc,Node *n,const char *uiStaticPath) : - _svc(svc), - _node(n), - _controller((EmbeddedNetworkController *)0), - _uiStaticPath((uiStaticPath) ? uiStaticPath : "") -{ -} - -ControlPlane::~ControlPlane() -{ -} - -unsigned int ControlPlane::handleRequest( - const InetAddress &fromAddress, - unsigned int httpMethod, - const std::string &path, - const std::map<std::string,std::string> &headers, - const std::string &body, - std::string &responseBody, - std::string &responseContentType) -{ - char json[8194]; - unsigned int scode = 404; - std::vector<std::string> ps(Utils::split(path.c_str(),"/","","")); - std::map<std::string,std::string> urlArgs; - Mutex::Lock _l(_lock); - - if (!((fromAddress.ipsEqual(InetAddress::LO4))||(fromAddress.ipsEqual(InetAddress::LO6)))) - return 403; // Forbidden: we only allow access from localhost right now - - /* Note: this is kind of restricted in what it'll take. It does not support - * URL encoding, and /'s in URL args will screw it up. But the only URL args - * it really uses in ?jsonp=funcionName, and otherwise it just takes simple - * paths to simply-named resources. */ - if (ps.size() > 0) { - std::size_t qpos = ps[ps.size() - 1].find('?'); - if (qpos != std::string::npos) { - std::string args(ps[ps.size() - 1].substr(qpos + 1)); - ps[ps.size() - 1] = ps[ps.size() - 1].substr(0,qpos); - std::vector<std::string> asplit(Utils::split(args.c_str(),"&","","")); - for(std::vector<std::string>::iterator a(asplit.begin());a!=asplit.end();++a) { - std::size_t eqpos = a->find('='); - if (eqpos == std::string::npos) - urlArgs[*a] = ""; - else urlArgs[a->substr(0,eqpos)] = a->substr(eqpos + 1); - } - } - } else { - ps.push_back(std::string("index.html")); - } - - bool isAuth = false; - { - std::map<std::string,std::string>::const_iterator ah(headers.find("x-zt1-auth")); - if ((ah != headers.end())&&(_authTokens.count(ah->second) > 0)) { - isAuth = true; - } else { - ah = urlArgs.find("auth"); - if ((ah != urlArgs.end())&&(_authTokens.count(ah->second) > 0)) - isAuth = true; - } - } - - if (httpMethod == HTTP_GET) { - - std::string ext; - std::size_t dotIdx = ps[0].find_last_of('.'); - if (dotIdx != std::string::npos) - ext = ps[0].substr(dotIdx); - - if ((ps.size() == 1)&&(ext.length() >= 2)&&(ext[0] == '.')) { - /* Static web pages can be served without authentication to enable a simple web - * UI. This is still only allowed from approved IP addresses. Anything with a - * dot in the first path element (e.g. foo.html) is considered a static page, - * as nothing in the API is so named. */ - - if (_uiStaticPath.length() > 0) { - if (ext == ".html") - responseContentType = "text/html"; - else if (ext == ".js") - responseContentType = "application/javascript"; - else if (ext == ".jsx") - responseContentType = "text/jsx"; - else if (ext == ".json") - responseContentType = "application/json"; - else if (ext == ".css") - responseContentType = "text/css"; - else if (ext == ".png") - responseContentType = "image/png"; - else if (ext == ".jpg") - responseContentType = "image/jpeg"; - else if (ext == ".gif") - responseContentType = "image/gif"; - else if (ext == ".txt") - responseContentType = "text/plain"; - else if (ext == ".xml") - responseContentType = "text/xml"; - else if (ext == ".svg") - responseContentType = "image/svg+xml"; - else responseContentType = "application/octet-stream"; - scode = OSUtils::readFile((_uiStaticPath + ZT_PATH_SEPARATOR_S + ps[0]).c_str(),responseBody) ? 200 : 404; - } else { - scode = 404; - } - - } else if (isAuth) { - /* Things that require authentication -- a.k.a. everything but static web app pages. */ - - if (ps[0] == "status") { - responseContentType = "application/json"; - - ZT_NodeStatus status; - _node->status(&status); - - std::string clusterJson; -#ifdef ZT_ENABLE_CLUSTER - { - ZT_ClusterStatus cs; - _node->clusterStatus(&cs); - - if (cs.clusterSize >= 1) { - char t[1024]; - Utils::snprintf(t,sizeof(t),"{\n\t\t\"myId\": %u,\n\t\t\"clusterSize\": %u,\n\t\t\"members\": [",cs.myId,cs.clusterSize); - clusterJson.append(t); - for(unsigned int i=0;i<cs.clusterSize;++i) { - Utils::snprintf(t,sizeof(t),"%s\t\t\t{\n\t\t\t\t\"id\": %u,\n\t\t\t\t\"msSinceLastHeartbeat\": %u,\n\t\t\t\t\"alive\": %s,\n\t\t\t\t\"x\": %d,\n\t\t\t\t\"y\": %d,\n\t\t\t\t\"z\": %d,\n\t\t\t\t\"load\": %llu,\n\t\t\t\t\"peers\": %llu\n\t\t\t}", - ((i == 0) ? "\n" : ",\n"), - cs.members[i].id, - cs.members[i].msSinceLastHeartbeat, - (cs.members[i].alive != 0) ? "true" : "false", - cs.members[i].x, - cs.members[i].y, - cs.members[i].z, - cs.members[i].load, - cs.members[i].peers); - clusterJson.append(t); - } - clusterJson.append(" ]\n\t\t}"); - } - } -#endif - - Utils::snprintf(json,sizeof(json), - "{\n" - "\t\"address\": \"%.10llx\",\n" - "\t\"publicIdentity\": \"%s\",\n" - "\t\"worldId\": %llu,\n" - "\t\"worldTimestamp\": %llu,\n" - "\t\"online\": %s,\n" - "\t\"tcpFallbackActive\": %s,\n" - "\t\"versionMajor\": %d,\n" - "\t\"versionMinor\": %d,\n" - "\t\"versionRev\": %d,\n" - "\t\"version\": \"%d.%d.%d\",\n" - "\t\"clock\": %llu,\n" - "\t\"cluster\": %s\n" - "}\n", - status.address, - status.publicIdentity, - status.worldId, - status.worldTimestamp, - (status.online) ? "true" : "false", - (_svc->tcpFallbackActive()) ? "true" : "false", - ZEROTIER_ONE_VERSION_MAJOR, - ZEROTIER_ONE_VERSION_MINOR, - ZEROTIER_ONE_VERSION_REVISION, - ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION, - (unsigned long long)OSUtils::now(), - ((clusterJson.length() > 0) ? clusterJson.c_str() : "null")); - responseBody = json; - scode = 200; - } else if (ps[0] == "config") { - responseContentType = "application/json"; - responseBody = "{}"; // TODO - scode = 200; - } else if (ps[0] == "network") { - ZT_VirtualNetworkList *nws = _node->networks(); - if (nws) { - if (ps.size() == 1) { - // Return [array] of all networks - responseContentType = "application/json"; - responseBody = "[\n"; - for(unsigned long i=0;i<nws->networkCount;++i) { - if (i > 0) - responseBody.append(","); - OneService::NetworkSettings localSettings; - _svc->getNetworkSettings(nws->networks[i].nwid,localSettings); - _jsonAppend(1,responseBody,&(nws->networks[i]),_svc->portDeviceName(nws->networks[i].nwid),localSettings); - } - responseBody.append("\n]\n"); - scode = 200; - } else if (ps.size() == 2) { - // Return a single network by ID or 404 if not found - uint64_t wantnw = Utils::hexStrToU64(ps[1].c_str()); - for(unsigned long i=0;i<nws->networkCount;++i) { - if (nws->networks[i].nwid == wantnw) { - responseContentType = "application/json"; - OneService::NetworkSettings localSettings; - _svc->getNetworkSettings(nws->networks[i].nwid,localSettings); - _jsonAppend(0,responseBody,&(nws->networks[i]),_svc->portDeviceName(nws->networks[i].nwid),localSettings); - responseBody.push_back('\n'); - scode = 200; - break; - } - } - } // else 404 - _node->freeQueryResult((void *)nws); - } else scode = 500; - } else if (ps[0] == "peer") { - ZT_PeerList *pl = _node->peers(); - if (pl) { - if (ps.size() == 1) { - // Return [array] of all peers - responseContentType = "application/json"; - responseBody = "[\n"; - for(unsigned long i=0;i<pl->peerCount;++i) { - if (i > 0) - responseBody.append(",\n"); - _jsonAppend(1,responseBody,&(pl->peers[i])); - } - responseBody.append("\n]\n"); - scode = 200; - } else if (ps.size() == 2) { - // Return a single peer by ID or 404 if not found - uint64_t wantp = Utils::hexStrToU64(ps[1].c_str()); - for(unsigned long i=0;i<pl->peerCount;++i) { - if (pl->peers[i].address == wantp) { - responseContentType = "application/json"; - _jsonAppend(0,responseBody,&(pl->peers[i])); - responseBody.push_back('\n'); - scode = 200; - break; - } - } - } // else 404 - _node->freeQueryResult((void *)pl); - } else scode = 500; - } else if (ps[0] == "newIdentity") { - // Return a newly generated ZeroTier identity -- this is primarily for debugging - // and testing to make it easy for automated test scripts to generate test IDs. - Identity newid; - newid.generate(); - responseBody = newid.toString(true); - responseContentType = "text/plain"; - scode = 200; - } else { - if (_controller) - scode = _controller->handleControlPlaneHttpGET(std::vector<std::string>(ps.begin()+1,ps.end()),urlArgs,headers,body,responseBody,responseContentType); - else scode = 404; - } - - } else scode = 401; // isAuth == false - - } else if ((httpMethod == HTTP_POST)||(httpMethod == HTTP_PUT)) { - - if (isAuth) { - - if (ps[0] == "config") { - // TODO - } else if (ps[0] == "network") { - if (ps.size() == 2) { - uint64_t wantnw = Utils::hexStrToU64(ps[1].c_str()); - _node->join(wantnw,(void *)0); // does nothing if we are a member - ZT_VirtualNetworkList *nws = _node->networks(); - if (nws) { - for(unsigned long i=0;i<nws->networkCount;++i) { - if (nws->networks[i].nwid == wantnw) { - OneService::NetworkSettings localSettings; - _svc->getNetworkSettings(nws->networks[i].nwid,localSettings); - - try { - nlohmann::json j(nlohmann::json::parse(body)); - if (j.is_object()) { - auto allowManaged = j["allowManaged"]; - if (allowManaged.is_boolean()) localSettings.allowManaged = (bool)allowManaged; - auto allowGlobal = j["allowGlobal"]; - if (allowGlobal.is_boolean()) localSettings.allowGlobal = (bool)allowGlobal; - auto allowDefault = j["allowDefault"]; - if (allowDefault.is_boolean()) localSettings.allowDefault = (bool)allowDefault; - } - } catch ( ... ) { - // discard invalid JSON - } - - _svc->setNetworkSettings(nws->networks[i].nwid,localSettings); - - responseContentType = "application/json"; - _jsonAppend(0,responseBody,&(nws->networks[i]),_svc->portDeviceName(nws->networks[i].nwid),localSettings); - responseBody.push_back('\n'); - scode = 200; - break; - } - } - _node->freeQueryResult((void *)nws); - } else scode = 500; - } - } else { - if (_controller) - scode = _controller->handleControlPlaneHttpPOST(std::vector<std::string>(ps.begin()+1,ps.end()),urlArgs,headers,body,responseBody,responseContentType); - else scode = 404; - } - - } else scode = 401; // isAuth == false - - } else if (httpMethod == HTTP_DELETE) { - - if (isAuth) { - - if (ps[0] == "config") { - // TODO - } else if (ps[0] == "network") { - ZT_VirtualNetworkList *nws = _node->networks(); - if (nws) { - if (ps.size() == 2) { - uint64_t wantnw = Utils::hexStrToU64(ps[1].c_str()); - for(unsigned long i=0;i<nws->networkCount;++i) { - if (nws->networks[i].nwid == wantnw) { - _node->leave(wantnw,(void **)0); - responseBody = "true"; - responseContentType = "application/json"; - scode = 200; - break; - } - } - } // else 404 - _node->freeQueryResult((void *)nws); - } else scode = 500; - } else { - if (_controller) - scode = _controller->handleControlPlaneHttpDELETE(std::vector<std::string>(ps.begin()+1,ps.end()),urlArgs,headers,body,responseBody,responseContentType); - else scode = 404; - } - - } else { - scode = 401; // isAuth = false - } - - } else { - scode = 400; - responseBody = "Method not supported."; - } - - // Wrap result in jsonp function call if the user included a jsonp= url argument. - // Also double-check isAuth since forbidding this without auth feels safer. - std::map<std::string,std::string>::const_iterator jsonp(urlArgs.find("jsonp")); - if ((isAuth)&&(jsonp != urlArgs.end())&&(responseContentType == "application/json")) { - if (responseBody.length() > 0) - responseBody = jsonp->second + "(" + responseBody + ");"; - else responseBody = jsonp->second + "(null);"; - responseContentType = "application/javascript"; - } - - return scode; -} - -} // namespace ZeroTier diff --git a/service/ControlPlane.hpp b/service/ControlPlane.hpp deleted file mode 100644 index ec9b94d7..00000000 --- a/service/ControlPlane.hpp +++ /dev/null @@ -1,98 +0,0 @@ -/* - * ZeroTier One - Network Virtualization Everywhere - * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -#ifndef ZT_ONE_CONTROLPLANE_HPP -#define ZT_ONE_CONTROLPLANE_HPP - -#include <string> -#include <map> -#include <set> - -#include "../include/ZeroTierOne.h" - -#include "../node/Mutex.hpp" - -namespace ZeroTier { - -class OneService; -class Node; -class EmbeddedNetworkController; -struct InetAddress; - -/** - * HTTP control plane and static web server - */ -class ControlPlane -{ -public: - ControlPlane(OneService *svc,Node *n,const char *uiStaticPath); - ~ControlPlane(); - - /** - * Set controller, which will be available under /controller - * - * @param c Network controller instance - */ - inline void setController(EmbeddedNetworkController *c) - { - Mutex::Lock _l(_lock); - _controller = c; - } - - /** - * Add an authentication token for API access - */ - inline void addAuthToken(const char *tok) - { - Mutex::Lock _l(_lock); - _authTokens.insert(std::string(tok)); - } - - /** - * Handle HTTP request - * - * @param fromAddress Originating IP address of request - * @param httpMethod HTTP method (as defined in ext/http-parser/http_parser.h) - * @param path Request path - * @param headers Request headers - * @param body Request body - * @param responseBody Result parameter: fill with response data - * @param responseContentType Result parameter: fill with content type - * @return HTTP response code - */ - unsigned int handleRequest( - const InetAddress &fromAddress, - unsigned int httpMethod, - const std::string &path, - const std::map<std::string,std::string> &headers, - const std::string &body, - std::string &responseBody, - std::string &responseContentType); - -private: - OneService *const _svc; - Node *const _node; - EmbeddedNetworkController *_controller; - std::string _uiStaticPath; - std::set<std::string> _authTokens; - Mutex _lock; -}; - -} // namespace ZeroTier - -#endif diff --git a/service/OneService.cpp b/service/OneService.cpp index 381709f8..b9ea32af 100644 --- a/service/OneService.cpp +++ b/service/OneService.cpp @@ -31,12 +31,6 @@ #include "../version.h" #include "../include/ZeroTierOne.h" -#ifdef ZT_USE_SYSTEM_HTTP_PARSER -#include <http_parser.h> -#else -#include "../ext/http-parser/http_parser.h" -#endif - #include "../node/Constants.hpp" #include "../node/Mutex.hpp" #include "../node/Node.hpp" @@ -44,32 +38,20 @@ #include "../node/InetAddress.hpp" #include "../node/MAC.hpp" #include "../node/Identity.hpp" +#include "../node/World.hpp" #include "../osdep/Phy.hpp" #include "../osdep/Thread.hpp" #include "../osdep/OSUtils.hpp" #include "../osdep/Http.hpp" -#include "../osdep/BackgroundResolver.hpp" #include "../osdep/PortMapper.hpp" #include "../osdep/Binder.hpp" #include "../osdep/ManagedRoute.hpp" #include "OneService.hpp" -#include "ControlPlane.hpp" #include "ClusterGeoIpService.hpp" #include "ClusterDefinition.hpp" - -/** - * Uncomment to enable UDP breakage switch - * - * If this is defined, the presence of a file called /tmp/ZT_BREAK_UDP - * will cause direct UDP TX/RX to stop working. This can be used to - * test TCP tunneling fallback and other robustness features. Deleting - * this file will cause it to start working again. - */ -//#define ZT_BREAK_UDP - -#include "../controller/EmbeddedNetworkController.hpp" +#include "SoftwareUpdater.hpp" #ifdef __WINDOWS__ #include <WinSock2.h> @@ -85,6 +67,28 @@ #include <ifaddrs.h> #endif +#ifdef ZT_USE_SYSTEM_HTTP_PARSER +#include <http_parser.h> +#else +#include "../ext/http-parser/http_parser.h" +#endif + +#include "../ext/json/json.hpp" + +using json = nlohmann::json; + +/** + * Uncomment to enable UDP breakage switch + * + * If this is defined, the presence of a file called /tmp/ZT_BREAK_UDP + * will cause direct UDP TX/RX to stop working. This can be used to + * test TCP tunneling fallback and other robustness features. Deleting + * this file will cause it to start working again. + */ +//#define ZT_BREAK_UDP + +#include "../controller/EmbeddedNetworkController.hpp" + // Include the right tap device driver for this platform -- add new platforms here #ifdef ZT_SERVICE_NETCON @@ -110,6 +114,10 @@ namespace ZeroTier { typedef WindowsEthernetTap EthernetTap; } #include "../osdep/BSDEthernetTap.hpp" namespace ZeroTier { typedef BSDEthernetTap EthernetTap; } #endif // __FreeBSD__ +#ifdef __OpenBSD__ +#include "../osdep/BSDEthernetTap.hpp" +namespace ZeroTier { typedef BSDEthernetTap EthernetTap; } +#endif // __OpenBSD__ #endif // ZT_SERVICE_NETCON @@ -127,9 +135,8 @@ namespace ZeroTier { typedef BSDEthernetTap EthernetTap; } // Path under ZT1 home for controller database if controller is enabled #define ZT_CONTROLLER_DB_PATH "controller.d" -// TCP fallback relay host -- geo-distributed using Amazon Route53 geo-aware DNS -#define ZT_TCP_FALLBACK_RELAY "tcp-fallback.zerotier.com" -#define ZT_TCP_FALLBACK_RELAY_PORT 443 +// TCP fallback relay (run by ZeroTier, Inc. -- this will eventually go away) +#define ZT_TCP_FALLBACK_RELAY "204.80.128.1/443" // Frequency at which we re-resolve the TCP fallback relay #define ZT_TCP_FALLBACK_RERESOLVE_DELAY 86400000 @@ -140,239 +147,13 @@ namespace ZeroTier { typedef BSDEthernetTap EthernetTap; } // How often to check for local interface addresses #define ZT_LOCAL_INTERFACE_CHECK_INTERVAL 60000 +// Clean files from iddb.d that are older than this (60 days) +#define ZT_IDDB_CLEANUP_AGE 5184000000ULL + namespace ZeroTier { namespace { -#ifdef ZT_AUTO_UPDATE -#define ZT_AUTO_UPDATE_MAX_HTTP_RESPONSE_SIZE (1024 * 1024 * 64) -#define ZT_AUTO_UPDATE_CHECK_PERIOD 21600000 -class BackgroundSoftwareUpdateChecker -{ -public: - bool isValidSigningIdentity(const Identity &id) - { - return ( - /* 0001 - 0004 : obsolete, used in old versions */ - /* 0005 */ (id == Identity("ba57ea350e:0:9d4be6d7f86c5660d5ee1951a3d759aa6e12a84fc0c0b74639500f1dbc1a8c566622e7d1c531967ebceb1e9d1761342f88324a8ba520c93c35f92f35080fa23f")) - /* 0006 */ ||(id == Identity("5067b21b83:0:8af477730f5055c48135b84bed6720a35bca4c0e34be4060a4c636288b1ec22217eb22709d610c66ed464c643130c51411bbb0294eef12fbe8ecc1a1e2c63a7a")) - /* 0007 */ ||(id == Identity("4f5e97a8f1:0:57880d056d7baeb04bbc057d6f16e6cb41388570e87f01492fce882485f65a798648595610a3ad49885604e7fb1db2dd3c2c534b75e42c3c0b110ad07b4bb138")) - /* 0008 */ ||(id == Identity("580bbb8e15:0:ad5ef31155bebc6bc413991992387e083fed26d699997ef76e7c947781edd47d1997161fa56ba337b1a2b44b129fd7c7197ce5185382f06011bc88d1363b4ddd")) - ); - } - - void doUpdateCheck() - { - std::string url(OneService::autoUpdateUrl()); - if ((url.length() <= 7)||(url.substr(0,7) != "http://")) - return; - - std::string httpHost; - std::string httpPath; - { - std::size_t slashIdx = url.substr(7).find_first_of('/'); - if (slashIdx == std::string::npos) { - httpHost = url.substr(7); - httpPath = "/"; - } else { - httpHost = url.substr(7,slashIdx); - httpPath = url.substr(slashIdx + 7); - } - } - if (httpHost.length() == 0) - return; - - std::vector<InetAddress> ips(OSUtils::resolve(httpHost.c_str())); - for(std::vector<InetAddress>::iterator ip(ips.begin());ip!=ips.end();++ip) { - if (!ip->port()) - ip->setPort(80); - std::string nfoPath = httpPath + "LATEST.nfo"; - std::map<std::string,std::string> requestHeaders,responseHeaders; - std::string body; - requestHeaders["Host"] = httpHost; - unsigned int scode = Http::GET(ZT_AUTO_UPDATE_MAX_HTTP_RESPONSE_SIZE,60000,reinterpret_cast<const struct sockaddr *>(&(*ip)),nfoPath.c_str(),requestHeaders,responseHeaders,body); - //fprintf(stderr,"UPDATE %s %s %u %lu\n",ip->toString().c_str(),nfoPath.c_str(),scode,body.length()); - if ((scode == 200)&&(body.length() > 0)) { - /* NFO fields: - * - * file=<filename> - * signedBy=<signing identity> - * ed25519=<ed25519 ECC signature of archive in hex> - * vMajor=<major version> - * vMinor=<minor version> - * vRevision=<revision> */ - Dictionary<4096> nfo(body.c_str()); - char tmp[2048]; - - if (nfo.get("vMajor",tmp,sizeof(tmp)) <= 0) return; - const unsigned int vMajor = Utils::strToUInt(tmp); - if (nfo.get("vMinor",tmp,sizeof(tmp)) <= 0) return; - const unsigned int vMinor = Utils::strToUInt(tmp); - if (nfo.get("vRevision",tmp,sizeof(tmp)) <= 0) return; - const unsigned int vRevision = Utils::strToUInt(tmp); - if (Utils::compareVersion(vMajor,vMinor,vRevision,ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION) <= 0) { - //fprintf(stderr,"UPDATE %u.%u.%u is not newer than our version\n",vMajor,vMinor,vRevision); - return; - } - - if (nfo.get("signedBy",tmp,sizeof(tmp)) <= 0) return; - Identity signedBy; - if ((!signedBy.fromString(tmp))||(!isValidSigningIdentity(signedBy))) { - //fprintf(stderr,"UPDATE invalid signedBy or not authorized signing identity.\n"); - return; - } - - if (nfo.get("file",tmp,sizeof(tmp)) <= 0) return; - std::string filePath(tmp); - if ((!filePath.length())||(filePath.find("..") != std::string::npos)) - return; - filePath = httpPath + filePath; - - std::string fileData; - if (Http::GET(ZT_AUTO_UPDATE_MAX_HTTP_RESPONSE_SIZE,60000,reinterpret_cast<const struct sockaddr *>(&(*ip)),filePath.c_str(),requestHeaders,responseHeaders,fileData) != 200) { - //fprintf(stderr,"UPDATE GET %s failed\n",filePath.c_str()); - return; - } - - if (nfo.get("ed25519",tmp,sizeof(tmp)) <= 0) return; - std::string ed25519(Utils::unhex(tmp)); - if ((ed25519.length() == 0)||(!signedBy.verify(fileData.data(),(unsigned int)fileData.length(),ed25519.data(),(unsigned int)ed25519.length()))) { - //fprintf(stderr,"UPDATE %s failed signature check!\n",filePath.c_str()); - return; - } - - /* --------------------------------------------------------------- */ - /* We made it! Begin OS-specific installation code. */ - -#ifdef __APPLE__ - /* OSX version is in the form of a MacOSX .pkg file, so we will - * launch installer (normally in /usr/sbin) to install it. It will - * then turn around and shut down the service, update files, and - * relaunch. */ - { - char bashp[128],pkgp[128]; - Utils::snprintf(bashp,sizeof(bashp),"/tmp/ZeroTierOne-update-%u.%u.%u.sh",vMajor,vMinor,vRevision); - Utils::snprintf(pkgp,sizeof(pkgp),"/tmp/ZeroTierOne-update-%u.%u.%u.pkg",vMajor,vMinor,vRevision); - FILE *pkg = fopen(pkgp,"w"); - if ((!pkg)||(fwrite(fileData.data(),fileData.length(),1,pkg) != 1)) { - fclose(pkg); - unlink(bashp); - unlink(pkgp); - fprintf(stderr,"UPDATE error writing %s\n",pkgp); - return; - } - fclose(pkg); - FILE *bash = fopen(bashp,"w"); - if (!bash) { - fclose(pkg); - unlink(bashp); - unlink(pkgp); - fprintf(stderr,"UPDATE error writing %s\n",bashp); - return; - } - fprintf(bash, - "#!/bin/bash\n" - "export PATH=/bin:/usr/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/local/sbin\n" - "sleep 1\n" - "installer -pkg \"%s\" -target /\n" - "sleep 1\n" - "rm -f \"%s\" \"%s\"\n" - "exit 0\n", - pkgp, - pkgp, - bashp); - fclose(bash); - long pid = (long)vfork(); - if (pid == 0) { - setsid(); // detach from parent so that shell isn't killed when parent is killed - signal(SIGHUP,SIG_IGN); - signal(SIGTERM,SIG_IGN); - signal(SIGQUIT,SIG_IGN); - execl("/bin/bash","/bin/bash",bashp,(char *)0); - exit(0); - } - } -#endif // __APPLE__ - -#ifdef __WINDOWS__ - /* Windows version comes in the form of .MSI package that - * takes care of everything. */ - { - char tempp[512],batp[512],msip[512],cmdline[512]; - if (GetTempPathA(sizeof(tempp),tempp) <= 0) - return; - CreateDirectoryA(tempp,(LPSECURITY_ATTRIBUTES)0); - Utils::snprintf(batp,sizeof(batp),"%s\\ZeroTierOne-update-%u.%u.%u.bat",tempp,vMajor,vMinor,vRevision); - Utils::snprintf(msip,sizeof(msip),"%s\\ZeroTierOne-update-%u.%u.%u.msi",tempp,vMajor,vMinor,vRevision); - FILE *msi = fopen(msip,"wb"); - if ((!msi)||(fwrite(fileData.data(),(size_t)fileData.length(),1,msi) != 1)) { - fclose(msi); - return; - } - fclose(msi); - FILE *bat = fopen(batp,"wb"); - if (!bat) - return; - fprintf(bat, - "TIMEOUT.EXE /T 1 /NOBREAK\r\n" - "NET.EXE STOP \"ZeroTierOneService\"\r\n" - "TIMEOUT.EXE /T 1 /NOBREAK\r\n" - "MSIEXEC.EXE /i \"%s\" /qn\r\n" - "TIMEOUT.EXE /T 1 /NOBREAK\r\n" - "NET.EXE START \"ZeroTierOneService\"\r\n" - "DEL \"%s\"\r\n" - "DEL \"%s\"\r\n", - msip, - msip, - batp); - fclose(bat); - STARTUPINFOA si; - PROCESS_INFORMATION pi; - memset(&si,0,sizeof(si)); - memset(&pi,0,sizeof(pi)); - Utils::snprintf(cmdline,sizeof(cmdline),"CMD.EXE /c \"%s\"",batp); - CreateProcessA(NULL,cmdline,NULL,NULL,FALSE,CREATE_NO_WINDOW|CREATE_NEW_PROCESS_GROUP,NULL,NULL,&si,&pi); - } -#endif // __WINDOWS__ - - /* --------------------------------------------------------------- */ - - return; - } // else try to fetch from next IP address - } - } - - void threadMain() - throw() - { - try { - this->doUpdateCheck(); - } catch ( ... ) {} - } -}; -static BackgroundSoftwareUpdateChecker backgroundSoftwareUpdateChecker; -#endif // ZT_AUTO_UPDATE - -static bool isBlacklistedLocalInterfaceForZeroTierTraffic(const char *ifn) -{ -#if defined(__linux__) || defined(linux) || defined(__LINUX__) || defined(__linux) - if ((ifn[0] == 'l')&&(ifn[1] == 'o')) return true; // loopback - if ((ifn[0] == 'z')&&(ifn[1] == 't')) return true; // sanity check: zt# - if ((ifn[0] == 't')&&(ifn[1] == 'u')&&(ifn[2] == 'n')) return true; // tun# is probably an OpenVPN tunnel or similar - if ((ifn[0] == 't')&&(ifn[1] == 'a')&&(ifn[2] == 'p')) return true; // tap# is probably an OpenVPN tunnel or similar -#endif - -#ifdef __APPLE__ - if ((ifn[0] == 'l')&&(ifn[1] == 'o')) return true; // loopback - if ((ifn[0] == 'z')&&(ifn[1] == 't')) return true; // sanity check: zt# - if ((ifn[0] == 't')&&(ifn[1] == 'u')&&(ifn[2] == 'n')) return true; // tun# is probably an OpenVPN tunnel or similar - if ((ifn[0] == 't')&&(ifn[1] == 'a')&&(ifn[2] == 'p')) return true; // tap# is probably an OpenVPN tunnel or similar - if ((ifn[0] == 'u')&&(ifn[1] == 't')&&(ifn[2] == 'u')&&(ifn[3] == 'n')) return true; // ... as is utun# -#endif - - return false; -} - static std::string _trimString(const std::string &s) { unsigned long end = (unsigned long)s.length(); @@ -392,6 +173,122 @@ static std::string _trimString(const std::string &s) return s.substr(start,end - start); } +static void _networkToJson(nlohmann::json &nj,const ZT_VirtualNetworkConfig *nc,const std::string &portDeviceName,const OneService::NetworkSettings &localSettings) +{ + char tmp[256]; + + const char *nstatus = "",*ntype = ""; + switch(nc->status) { + case ZT_NETWORK_STATUS_REQUESTING_CONFIGURATION: nstatus = "REQUESTING_CONFIGURATION"; break; + case ZT_NETWORK_STATUS_OK: nstatus = "OK"; break; + case ZT_NETWORK_STATUS_ACCESS_DENIED: nstatus = "ACCESS_DENIED"; break; + case ZT_NETWORK_STATUS_NOT_FOUND: nstatus = "NOT_FOUND"; break; + case ZT_NETWORK_STATUS_PORT_ERROR: nstatus = "PORT_ERROR"; break; + case ZT_NETWORK_STATUS_CLIENT_TOO_OLD: nstatus = "CLIENT_TOO_OLD"; break; + } + switch(nc->type) { + case ZT_NETWORK_TYPE_PRIVATE: ntype = "PRIVATE"; break; + case ZT_NETWORK_TYPE_PUBLIC: ntype = "PUBLIC"; break; + } + + Utils::snprintf(tmp,sizeof(tmp),"%.16llx",nc->nwid); + nj["id"] = tmp; + nj["nwid"] = tmp; + Utils::snprintf(tmp,sizeof(tmp),"%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",(unsigned int)((nc->mac >> 40) & 0xff),(unsigned int)((nc->mac >> 32) & 0xff),(unsigned int)((nc->mac >> 24) & 0xff),(unsigned int)((nc->mac >> 16) & 0xff),(unsigned int)((nc->mac >> 8) & 0xff),(unsigned int)(nc->mac & 0xff)); + nj["mac"] = tmp; + nj["name"] = nc->name; + nj["status"] = nstatus; + nj["type"] = ntype; + nj["mtu"] = nc->mtu; + nj["dhcp"] = (bool)(nc->dhcp != 0); + nj["bridge"] = (bool)(nc->bridge != 0); + nj["broadcastEnabled"] = (bool)(nc->broadcastEnabled != 0); + nj["portError"] = nc->portError; + nj["netconfRevision"] = nc->netconfRevision; + nj["portDeviceName"] = portDeviceName; + nj["allowManaged"] = localSettings.allowManaged; + nj["allowGlobal"] = localSettings.allowGlobal; + nj["allowDefault"] = localSettings.allowDefault; + + nlohmann::json aa = nlohmann::json::array(); + for(unsigned int i=0;i<nc->assignedAddressCount;++i) { + aa.push_back(reinterpret_cast<const InetAddress *>(&(nc->assignedAddresses[i]))->toString()); + } + nj["assignedAddresses"] = aa; + + nlohmann::json ra = nlohmann::json::array(); + for(unsigned int i=0;i<nc->routeCount;++i) { + nlohmann::json rj; + rj["target"] = reinterpret_cast<const InetAddress *>(&(nc->routes[i].target))->toString(); + if (nc->routes[i].via.ss_family == nc->routes[i].target.ss_family) + rj["via"] = reinterpret_cast<const InetAddress *>(&(nc->routes[i].via))->toIpString(); + else rj["via"] = nlohmann::json(); + rj["flags"] = (int)nc->routes[i].flags; + rj["metric"] = (int)nc->routes[i].metric; + ra.push_back(rj); + } + nj["routes"] = ra; +} + +static void _peerToJson(nlohmann::json &pj,const ZT_Peer *peer) +{ + char tmp[256]; + + const char *prole = ""; + switch(peer->role) { + case ZT_PEER_ROLE_LEAF: prole = "LEAF"; break; + case ZT_PEER_ROLE_MOON: prole = "MOON"; break; + case ZT_PEER_ROLE_PLANET: prole = "PLANET"; break; + } + + Utils::snprintf(tmp,sizeof(tmp),"%.10llx",peer->address); + pj["address"] = tmp; + pj["versionMajor"] = peer->versionMajor; + pj["versionMinor"] = peer->versionMinor; + pj["versionRev"] = peer->versionRev; + Utils::snprintf(tmp,sizeof(tmp),"%d.%d.%d",peer->versionMajor,peer->versionMinor,peer->versionRev); + pj["version"] = tmp; + pj["latency"] = peer->latency; + pj["role"] = prole; + + nlohmann::json pa = nlohmann::json::array(); + for(unsigned int i=0;i<peer->pathCount;++i) { + nlohmann::json j; + j["address"] = reinterpret_cast<const InetAddress *>(&(peer->paths[i].address))->toString(); + j["lastSend"] = peer->paths[i].lastSend; + j["lastReceive"] = peer->paths[i].lastReceive; + j["trustedPathId"] = peer->paths[i].trustedPathId; + j["linkQuality"] = (double)peer->paths[i].linkQuality / (double)ZT_PATH_LINK_QUALITY_MAX; + j["active"] = (bool)(peer->paths[i].expired == 0); + j["expired"] = (bool)(peer->paths[i].expired != 0); + j["preferred"] = (bool)(peer->paths[i].preferred != 0); + pa.push_back(j); + } + pj["paths"] = pa; +} + +static void _moonToJson(nlohmann::json &mj,const World &world) +{ + char tmp[64]; + Utils::snprintf(tmp,sizeof(tmp),"%.16llx",world.id()); + mj["id"] = tmp; + mj["timestamp"] = world.timestamp(); + mj["signature"] = Utils::hex(world.signature().data,(unsigned int)world.signature().size()); + mj["updatesMustBeSignedBy"] = Utils::hex(world.updatesMustBeSignedBy().data,(unsigned int)world.updatesMustBeSignedBy().size()); + nlohmann::json ra = nlohmann::json::array(); + for(std::vector<World::Root>::const_iterator r(world.roots().begin());r!=world.roots().end();++r) { + nlohmann::json rj; + rj["identity"] = r->identity.toString(false); + nlohmann::json eps = nlohmann::json::array(); + for(std::vector<InetAddress>::const_iterator a(r->stableEndpoints.begin());a!=r->stableEndpoints.end();++a) + eps.push_back(a->toString()); + rj["stableEndpoints"] = eps; + ra.push_back(rj); + } + mj["roots"] = ra; + mj["waiting"] = false; +} + class OneServiceImpl; static int SnodeVirtualNetworkConfigFunction(ZT_Node *node,void *uptr,uint64_t nwid,void **nuptr,enum ZT_VirtualNetworkConfigOperation op,const ZT_VirtualNetworkConfig *nwconf); @@ -400,7 +297,8 @@ static long SnodeDataStoreGetFunction(ZT_Node *node,void *uptr,const char *name, static int SnodeDataStorePutFunction(ZT_Node *node,void *uptr,const char *name,const void *data,unsigned long len,int secure); static int SnodeWirePacketSendFunction(ZT_Node *node,void *uptr,const struct sockaddr_storage *localAddr,const struct sockaddr_storage *addr,const void *data,unsigned int len,unsigned int ttl); static void SnodeVirtualNetworkFrameFunction(ZT_Node *node,void *uptr,uint64_t nwid,void **nuptr,uint64_t sourceMac,uint64_t destMac,unsigned int etherType,unsigned int vlanId,const void *data,unsigned int len); -static int SnodePathCheckFunction(ZT_Node *node,void *uptr,const struct sockaddr_storage *localAddr,const struct sockaddr_storage *remoteAddr); +static int SnodePathCheckFunction(ZT_Node *node,void *uptr,uint64_t ztaddr,const struct sockaddr_storage *localAddr,const struct sockaddr_storage *remoteAddr); +static int SnodePathLookupFunction(ZT_Node *node,void *uptr,uint64_t ztaddr,int family,struct sockaddr_storage *result); #ifdef ZT_ENABLE_CLUSTER static void SclusterSendFunction(void *uptr,unsigned int toMemberId,const void *data,unsigned int len); @@ -482,10 +380,25 @@ public: // begin member variables -------------------------------------------------- const std::string _homePath; - BackgroundResolver _tcpFallbackResolver; + std::string _authToken; EmbeddedNetworkController *_controller; Phy<OneServiceImpl *> _phy; Node *_node; + SoftwareUpdater *_updater; + bool _updateAutoApply; + unsigned int _primaryPort; + + // Local configuration and memo-ized static path definitions + json _localConfig; + Hashtable< uint64_t,std::vector<InetAddress> > _v4Hints; + Hashtable< uint64_t,std::vector<InetAddress> > _v6Hints; + Hashtable< uint64_t,std::vector<InetAddress> > _v4Blacklists; + Hashtable< uint64_t,std::vector<InetAddress> > _v6Blacklists; + std::vector< InetAddress > _globalV4Blacklist; + std::vector< InetAddress > _globalV6Blacklist; + std::vector< InetAddress > _allowManagementFrom; + std::vector< std::string > _interfacePrefixBlacklist; + Mutex _localConfig_m; /* * To attempt to handle NAT/gateway craziness we use three local UDP ports: @@ -498,7 +411,6 @@ public: * destructively with uPnP port mapping behavior in very weird buggy ways. * It's only used if uPnP/NAT-PMP is enabled in this build. */ - Binder _bindings[3]; unsigned int _ports[3]; uint16_t _portsBE[3]; // ports in big-endian network byte order as in sockaddr @@ -507,9 +419,6 @@ public: PhySocket *_v4TcpControlSocket; PhySocket *_v6TcpControlSocket; - // JSON API handler - ControlPlane *_controlPlane; - // Time we last received a packet from a global address uint64_t _lastDirectReceiveFromGlobal; #ifdef ZT_TCP_FALLBACK_RELAY @@ -553,6 +462,7 @@ public: Mutex _termReason_m; // uPnP/NAT-PMP port mapper if enabled + bool _portMappingEnabled; // local.conf settings #ifdef ZT_USE_MINIUPNPC PortMapper *_portMapper; #endif @@ -572,11 +482,12 @@ public: OneServiceImpl(const char *hp,unsigned int port) : _homePath((hp) ? hp : ".") - ,_tcpFallbackResolver(ZT_TCP_FALLBACK_RELAY) ,_controller((EmbeddedNetworkController *)0) ,_phy(this,false,true) ,_node((Node *)0) - ,_controlPlane((ControlPlane *)0) + ,_updater((SoftwareUpdater *)0) + ,_updateAutoApply(false) + ,_primaryPort(port) ,_lastDirectReceiveFromGlobal(0) #ifdef ZT_TCP_FALLBACK_RELAY ,_lastSendToGlobalV4(0) @@ -585,6 +496,7 @@ public: ,_nextBackgroundTaskDeadline(0) ,_tcpFallbackTunnel((TcpConnection *)0) ,_termReason(ONE_STILL_RUNNING) + ,_portMappingEnabled(true) #ifdef ZT_USE_MINIUPNPC ,_portMapper((PortMapper *)0) #endif @@ -598,56 +510,6 @@ public: _ports[0] = 0; _ports[1] = 0; _ports[2] = 0; - - // The control socket is bound to the default/static port on localhost. If we - // can do this, we have successfully allocated a port. The binders will take - // care of binding non-local addresses for ZeroTier traffic. - const int portTrials = (port == 0) ? 256 : 1; // if port is 0, pick random - for(int k=0;k<portTrials;++k) { - if (port == 0) { - unsigned int randp = 0; - Utils::getSecureRandom(&randp,sizeof(randp)); - port = 20000 + (randp % 45500); - } - - if (_trialBind(port)) { - struct sockaddr_in in4; - memset(&in4,0,sizeof(in4)); - in4.sin_family = AF_INET; - in4.sin_addr.s_addr = Utils::hton((uint32_t)0x7f000001); // right now we just listen for TCP @127.0.0.1 - in4.sin_port = Utils::hton((uint16_t)port); - _v4TcpControlSocket = _phy.tcpListen((const struct sockaddr *)&in4,this); - - struct sockaddr_in6 in6; - memset((void *)&in6,0,sizeof(in6)); - in6.sin6_family = AF_INET6; - in6.sin6_port = in4.sin_port; - in6.sin6_addr.s6_addr[15] = 1; // IPv6 localhost == ::1 - _v6TcpControlSocket = _phy.tcpListen((const struct sockaddr *)&in6,this); - - // We must bind one of IPv4 or IPv6 -- support either failing to support hosts that - // have only IPv4 or only IPv6 stacks. - if ((_v4TcpControlSocket)||(_v6TcpControlSocket)) { - _ports[0] = port; - break; - } else { - if (_v4TcpControlSocket) - _phy.close(_v4TcpControlSocket,false); - if (_v6TcpControlSocket) - _phy.close(_v6TcpControlSocket,false); - port = 0; - } - } else { - port = 0; - } - } - - if (_ports[0] == 0) - throw std::runtime_error("cannot bind to local control interface port"); - - char portstr[64]; - Utils::snprintf(portstr,sizeof(portstr),"%u",_ports[0]); - OSUtils::writeFile((_homePath + ZT_PATH_SEPARATOR_S + "zerotier-one.port").c_str(),std::string(portstr)); } virtual ~OneServiceImpl() @@ -674,16 +536,15 @@ public: virtual ReasonForTermination run() { try { - std::string authToken; { - std::string authTokenPath(_homePath + ZT_PATH_SEPARATOR_S + "authtoken.secret"); - if (!OSUtils::readFile(authTokenPath.c_str(),authToken)) { + const std::string authTokenPath(_homePath + ZT_PATH_SEPARATOR_S "authtoken.secret"); + if (!OSUtils::readFile(authTokenPath.c_str(),_authToken)) { unsigned char foo[24]; Utils::getSecureRandom(foo,sizeof(foo)); - authToken = ""; + _authToken = ""; for(unsigned int i=0;i<sizeof(foo);++i) - authToken.push_back("abcdefghijklmnopqrstuvwxyz0123456789"[(unsigned long)foo[i] % 36]); - if (!OSUtils::writeFile(authTokenPath.c_str(),authToken)) { + _authToken.push_back("abcdefghijklmnopqrstuvwxyz0123456789"[(unsigned long)foo[i] % 36]); + if (!OSUtils::writeFile(authTokenPath.c_str(),_authToken)) { Mutex::Lock _l(_termReason_m); _termReason = ONE_UNRECOVERABLE_ERROR; _fatalErrorMessage = "authtoken.secret could not be written"; @@ -692,22 +553,151 @@ public: OSUtils::lockDownFile(authTokenPath.c_str(),false); } } + _authToken = _trimString(_authToken); } - authToken = _trimString(authToken); // Clean up any legacy files if present - OSUtils::rm((_homePath + ZT_PATH_SEPARATOR_S + "peers.save").c_str()); - - _node = new Node( - OSUtils::now(), - this, - SnodeDataStoreGetFunction, - SnodeDataStorePutFunction, - SnodeWirePacketSendFunction, - SnodeVirtualNetworkFrameFunction, - SnodeVirtualNetworkConfigFunction, - SnodePathCheckFunction, - SnodeEventCallback); + OSUtils::rm((_homePath + ZT_PATH_SEPARATOR_S "peers.save").c_str()); + OSUtils::rm((_homePath + ZT_PATH_SEPARATOR_S "world").c_str()); + + { + struct ZT_Node_Callbacks cb; + cb.version = 0; + cb.dataStoreGetFunction = SnodeDataStoreGetFunction; + cb.dataStorePutFunction = SnodeDataStorePutFunction; + cb.wirePacketSendFunction = SnodeWirePacketSendFunction; + cb.virtualNetworkFrameFunction = SnodeVirtualNetworkFrameFunction; + cb.virtualNetworkConfigFunction = SnodeVirtualNetworkConfigFunction; + cb.eventCallback = SnodeEventCallback; + cb.pathCheckFunction = SnodePathCheckFunction; + cb.pathLookupFunction = SnodePathLookupFunction; + _node = new Node(this,&cb,OSUtils::now()); + } + + // Read local configuration + { + uint64_t trustedPathIds[ZT_MAX_TRUSTED_PATHS]; + InetAddress trustedPathNetworks[ZT_MAX_TRUSTED_PATHS]; + unsigned int trustedPathCount = 0; + + // Old style "trustedpaths" flat file -- will eventually go away + FILE *trustpaths = fopen((_homePath + ZT_PATH_SEPARATOR_S "trustedpaths").c_str(),"r"); + if (trustpaths) { + char buf[1024]; + while ((fgets(buf,sizeof(buf),trustpaths))&&(trustedPathCount < ZT_MAX_TRUSTED_PATHS)) { + int fno = 0; + char *saveptr = (char *)0; + uint64_t trustedPathId = 0; + InetAddress trustedPathNetwork; + for(char *f=Utils::stok(buf,"=\r\n \t",&saveptr);(f);f=Utils::stok((char *)0,"=\r\n \t",&saveptr)) { + if (fno == 0) { + trustedPathId = Utils::hexStrToU64(f); + } else if (fno == 1) { + trustedPathNetwork = InetAddress(f); + } else break; + ++fno; + } + if ( (trustedPathId != 0) && ((trustedPathNetwork.ss_family == AF_INET)||(trustedPathNetwork.ss_family == AF_INET6)) && (trustedPathNetwork.ipScope() != InetAddress::IP_SCOPE_GLOBAL) && (trustedPathNetwork.netmaskBits() > 0) ) { + trustedPathIds[trustedPathCount] = trustedPathId; + trustedPathNetworks[trustedPathCount] = trustedPathNetwork; + ++trustedPathCount; + } + } + fclose(trustpaths); + } + + // Read local config file + Mutex::Lock _l2(_localConfig_m); + std::string lcbuf; + if (OSUtils::readFile((_homePath + ZT_PATH_SEPARATOR_S "local.conf").c_str(),lcbuf)) { + try { + _localConfig = OSUtils::jsonParse(lcbuf); + if (!_localConfig.is_object()) { + fprintf(stderr,"WARNING: unable to parse local.conf (root element is not a JSON object)" ZT_EOL_S); + } + } catch ( ... ) { + fprintf(stderr,"WARNING: unable to parse local.conf (invalid JSON)" ZT_EOL_S); + } + } + + // Get any trusted paths in local.conf (we'll parse the rest of physical[] elsewhere) + json &physical = _localConfig["physical"]; + if (physical.is_object()) { + for(json::iterator phy(physical.begin());phy!=physical.end();++phy) { + InetAddress net(OSUtils::jsonString(phy.key(),"")); + if (net) { + if (phy.value().is_object()) { + uint64_t tpid; + if ((tpid = OSUtils::jsonInt(phy.value()["trustedPathId"],0ULL)) != 0ULL) { + if ( ((net.ss_family == AF_INET)||(net.ss_family == AF_INET6)) && (trustedPathCount < ZT_MAX_TRUSTED_PATHS) && (net.ipScope() != InetAddress::IP_SCOPE_GLOBAL) && (net.netmaskBits() > 0) ) { + trustedPathIds[trustedPathCount] = tpid; + trustedPathNetworks[trustedPathCount] = net; + ++trustedPathCount; + } + } + } + } + } + } + + // Set trusted paths if there are any + if (trustedPathCount) + _node->setTrustedPaths(reinterpret_cast<const struct sockaddr_storage *>(trustedPathNetworks),trustedPathIds,trustedPathCount); + } + applyLocalConfig(); + + // Bind TCP control socket + const int portTrials = (_primaryPort == 0) ? 256 : 1; // if port is 0, pick random + for(int k=0;k<portTrials;++k) { + if (_primaryPort == 0) { + unsigned int randp = 0; + Utils::getSecureRandom(&randp,sizeof(randp)); + _primaryPort = 20000 + (randp % 45500); + } + + if (_trialBind(_primaryPort)) { + struct sockaddr_in in4; + memset(&in4,0,sizeof(in4)); + in4.sin_family = AF_INET; + in4.sin_addr.s_addr = Utils::hton((uint32_t)((_allowManagementFrom.size() > 0) ? 0 : 0x7f000001)); // right now we just listen for TCP @127.0.0.1 + in4.sin_port = Utils::hton((uint16_t)_primaryPort); + _v4TcpControlSocket = _phy.tcpListen((const struct sockaddr *)&in4,this); + + struct sockaddr_in6 in6; + memset((void *)&in6,0,sizeof(in6)); + in6.sin6_family = AF_INET6; + in6.sin6_port = in4.sin_port; + if (_allowManagementFrom.size() == 0) + in6.sin6_addr.s6_addr[15] = 1; // IPv6 localhost == ::1 + _v6TcpControlSocket = _phy.tcpListen((const struct sockaddr *)&in6,this); + + // We must bind one of IPv4 or IPv6 -- support either failing to support hosts that + // have only IPv4 or only IPv6 stacks. + if ((_v4TcpControlSocket)||(_v6TcpControlSocket)) { + _ports[0] = _primaryPort; + break; + } else { + if (_v4TcpControlSocket) + _phy.close(_v4TcpControlSocket,false); + if (_v6TcpControlSocket) + _phy.close(_v6TcpControlSocket,false); + _primaryPort = 0; + } + } else { + _primaryPort = 0; + } + } + if (_ports[0] == 0) { + Mutex::Lock _l(_termReason_m); + _termReason = ONE_UNRECOVERABLE_ERROR; + _fatalErrorMessage = "cannot bind to local control interface port"; + return _termReason; + } + + // Write file containing primary port to be read by CLIs, etc. + char portstr[64]; + Utils::snprintf(portstr,sizeof(portstr),"%u",_ports[0]); + OSUtils::writeFile((_homePath + ZT_PATH_SEPARATOR_S "zerotier-one.port").c_str(),std::string(portstr)); // Attempt to bind to a secondary port chosen from our ZeroTier address. // This exists because there are buggy NATs out there that fail if more @@ -726,70 +716,49 @@ public: } #ifdef ZT_USE_MINIUPNPC - // If we're running uPnP/NAT-PMP, bind a *third* port for that. We can't - // use the other two ports for that because some NATs do really funky - // stuff with ports that are explicitly mapped that breaks things. - if (_ports[1]) { - _ports[2] = _ports[1]; - for(int i=0;;++i) { - if (i > 1000) { - _ports[2] = 0; - break; - } else if (++_ports[2] >= 65536) { - _ports[2] = 20000; + if (_portMappingEnabled) { + // If we're running uPnP/NAT-PMP, bind a *third* port for that. We can't + // use the other two ports for that because some NATs do really funky + // stuff with ports that are explicitly mapped that breaks things. + if (_ports[1]) { + _ports[2] = _ports[1]; + for(int i=0;;++i) { + if (i > 1000) { + _ports[2] = 0; + break; + } else if (++_ports[2] >= 65536) { + _ports[2] = 20000; + } + if (_trialBind(_ports[2])) + break; + } + if (_ports[2]) { + char uniqueName[64]; + Utils::snprintf(uniqueName,sizeof(uniqueName),"ZeroTier/%.10llx@%u",_node->address(),_ports[2]); + _portMapper = new PortMapper(_ports[2],uniqueName); } - if (_trialBind(_ports[2])) - break; - } - if (_ports[2]) { - char uniqueName[64]; - Utils::snprintf(uniqueName,sizeof(uniqueName),"ZeroTier/%.10llx@%u",_node->address(),_ports[2]); - _portMapper = new PortMapper(_ports[2],uniqueName); } } #endif + // Populate ports in big-endian format for quick compare for(int i=0;i<3;++i) _portsBE[i] = Utils::hton((uint16_t)_ports[i]); - { - FILE *trustpaths = fopen((_homePath + ZT_PATH_SEPARATOR_S + "trustedpaths").c_str(),"r"); - uint64_t ids[ZT_MAX_TRUSTED_PATHS]; - InetAddress addresses[ZT_MAX_TRUSTED_PATHS]; - if (trustpaths) { - char buf[1024]; - unsigned int count = 0; - while ((fgets(buf,sizeof(buf),trustpaths))&&(count < ZT_MAX_TRUSTED_PATHS)) { - int fno = 0; - char *saveptr = (char *)0; - uint64_t trustedPathId = 0; - InetAddress trustedPathNetwork; - for(char *f=Utils::stok(buf,"=\r\n \t",&saveptr);(f);f=Utils::stok((char *)0,"=\r\n \t",&saveptr)) { - if (fno == 0) { - trustedPathId = Utils::hexStrToU64(f); - } else if (fno == 1) { - trustedPathNetwork = InetAddress(f); - } else break; - ++fno; - } - if ( (trustedPathId != 0) && ((trustedPathNetwork.ss_family == AF_INET)||(trustedPathNetwork.ss_family == AF_INET6)) && (trustedPathNetwork.ipScope() != InetAddress::IP_SCOPE_GLOBAL) && (trustedPathNetwork.netmaskBits() > 0) ) { - ids[count] = trustedPathId; - addresses[count] = trustedPathNetwork; - ++count; - } - } - fclose(trustpaths); - if (count) - _node->setTrustedPaths(reinterpret_cast<const struct sockaddr_storage *>(addresses),ids,count); - } + // Check for legacy controller.db and terminate if present to prevent nasty surprises for DIY controller folks + if (OSUtils::fileExists((_homePath + ZT_PATH_SEPARATOR_S "controller.db").c_str())) { + Mutex::Lock _l(_termReason_m); + _termReason = ONE_UNRECOVERABLE_ERROR; + _fatalErrorMessage = "controller.db is present in our home path! run migrate-sqlite to migrate to new controller.d format."; + return _termReason; } - _controller = new EmbeddedNetworkController(_node,(_homePath + ZT_PATH_SEPARATOR_S + ZT_CONTROLLER_DB_PATH).c_str()); + _controller = new EmbeddedNetworkController(_node,(_homePath + ZT_PATH_SEPARATOR_S ZT_CONTROLLER_DB_PATH).c_str()); _node->setNetconfMaster((void *)_controller); #ifdef ZT_ENABLE_CLUSTER - if (OSUtils::fileExists((_homePath + ZT_PATH_SEPARATOR_S + "cluster").c_str())) { - _clusterDefinition = new ClusterDefinition(_node->address(),(_homePath + ZT_PATH_SEPARATOR_S + "cluster").c_str()); + if (OSUtils::fileExists((_homePath + ZT_PATH_SEPARATOR_S "cluster").c_str())) { + _clusterDefinition = new ClusterDefinition(_node->address(),(_homePath + ZT_PATH_SEPARATOR_S "cluster").c_str()); if (_clusterDefinition->size() > 0) { std::vector<ClusterDefinition::MemberDefinition> members(_clusterDefinition->members()); for(std::vector<ClusterDefinition::MemberDefinition>::iterator m(members.begin());m!=members.end();++m) { @@ -801,7 +770,7 @@ public: Mutex::Lock _l(_termReason_m); _termReason = ONE_UNRECOVERABLE_ERROR; - _fatalErrorMessage = "Cluster: can't determine my cluster member ID: able to bind more than one cluster message socket IP/port!"; + _fatalErrorMessage = "cluster: can't determine my cluster member ID: able to bind more than one cluster message socket IP/port!"; return _termReason; } _clusterMessageSocket = cs; @@ -812,7 +781,7 @@ public: if (!_clusterMessageSocket) { Mutex::Lock _l(_termReason_m); _termReason = ONE_UNRECOVERABLE_ERROR; - _fatalErrorMessage = "Cluster: can't determine my cluster member ID: unable to bind to any cluster message socket IP/port."; + _fatalErrorMessage = "cluster: can't determine my cluster member ID: unable to bind to any cluster message socket IP/port."; return _termReason; } @@ -836,29 +805,31 @@ public: } #endif - _controlPlane = new ControlPlane(this,_node,(_homePath + ZT_PATH_SEPARATOR_S + "ui").c_str()); - _controlPlane->addAuthToken(authToken.c_str()); - _controlPlane->setController(_controller); - - { // Remember networks from previous session - std::vector<std::string> networksDotD(OSUtils::listDirectory((_homePath + ZT_PATH_SEPARATOR_S + "networks.d").c_str())); + { // Load existing networks + std::vector<std::string> networksDotD(OSUtils::listDirectory((_homePath + ZT_PATH_SEPARATOR_S "networks.d").c_str())); for(std::vector<std::string>::iterator f(networksDotD.begin());f!=networksDotD.end();++f) { std::size_t dot = f->find_last_of('.'); if ((dot == 16)&&(f->substr(16) == ".conf")) _node->join(Utils::hexStrToU64(f->substr(0,dot).c_str()),(void *)0); } } + { // Load existing moons + std::vector<std::string> moonsDotD(OSUtils::listDirectory((_homePath + ZT_PATH_SEPARATOR_S "moons.d").c_str())); + for(std::vector<std::string>::iterator f(moonsDotD.begin());f!=moonsDotD.end();++f) { + std::size_t dot = f->find_last_of('.'); + if ((dot == 16)&&(f->substr(16) == ".moon")) + _node->orbit(Utils::hexStrToU64(f->substr(0,dot).c_str()),0); + } + } _nextBackgroundTaskDeadline = 0; uint64_t clockShouldBe = OSUtils::now(); _lastRestart = clockShouldBe; uint64_t lastTapMulticastGroupCheck = 0; - uint64_t lastTcpFallbackResolve = 0; uint64_t lastBindRefresh = 0; - uint64_t lastLocalInterfaceAddressCheck = (OSUtils::now() - ZT_LOCAL_INTERFACE_CHECK_INTERVAL) + 15000; // do this in 15s to give portmapper time to configure and other things time to settle -#ifdef ZT_AUTO_UPDATE - uint64_t lastSoftwareUpdateCheck = 0; -#endif // ZT_AUTO_UPDATE + uint64_t lastUpdateCheck = clockShouldBe; + uint64_t lastLocalInterfaceAddressCheck = (clockShouldBe - ZT_LOCAL_INTERFACE_CHECK_INTERVAL) + 15000; // do this in 15s to give portmapper time to configure and other things time to settle + uint64_t lastCleanedIddb = 0; for(;;) { _run_m.lock(); if (!_run) { @@ -873,6 +844,12 @@ public: const uint64_t now = OSUtils::now(); + // Clean iddb.d on start and every 24 hours + if ((now - lastCleanedIddb) > 86400000) { + lastCleanedIddb = now; + OSUtils::cleanDirectory((_homePath + ZT_PATH_SEPARATOR_S "iddb.d").c_str(),now - ZT_IDDB_CLEANUP_AGE); + } + // Attempt to detect sleep/wake events by detecting delay overruns bool restarted = false; if ((now > clockShouldBe)&&((now - clockShouldBe) > 10000)) { @@ -880,6 +857,13 @@ public: restarted = true; } + // Check for updates (if enabled) + if ((_updater)&&((now - lastUpdateCheck) > 10000)) { + lastUpdateCheck = now; + if (_updater->check(now) && _updateAutoApply) + _updater->apply(); + } + // Refresh bindings in case device's interfaces have changed, and also sync routes to update any shadow routes (e.g. shadow default) if (((now - lastBindRefresh) >= ZT_BINDER_REFRESH_PERIOD)||(restarted)) { lastBindRefresh = now; @@ -903,18 +887,6 @@ public: dl = _nextBackgroundTaskDeadline; } -#ifdef ZT_AUTO_UPDATE - if ((now - lastSoftwareUpdateCheck) >= ZT_AUTO_UPDATE_CHECK_PERIOD) { - lastSoftwareUpdateCheck = now; - Thread::start(&backgroundSoftwareUpdateChecker); - } -#endif // ZT_AUTO_UPDATE - - if ((now - lastTcpFallbackResolve) >= ZT_TCP_FALLBACK_RERESOLVE_DELAY) { - lastTcpFallbackResolve = now; - _tcpFallbackResolver.resolveNow(); - } - if ((_tcpFallbackTunnel)&&((now - _lastDirectReceiveFromGlobal) < (ZT_TCP_FALLBACK_AFTER / 2))) _phy.close(_tcpFallbackTunnel->sock); @@ -977,8 +949,8 @@ public: _nets.clear(); } - delete _controlPlane; - _controlPlane = (ControlPlane *)0; + delete _updater; + _updater = (SoftwareUpdater *)0; delete _node; _node = (Node *)0; @@ -1006,11 +978,6 @@ public: else return std::string(); } - virtual bool tcpFallbackActive() const - { - return (_tcpFallbackTunnel != (TcpConnection *)0); - } - virtual void terminate() { _run_m.lock(); @@ -1054,13 +1021,529 @@ public: return true; } - // Begin private implementation methods + // Internal implementation methods ----------------------------------------- + + inline unsigned int handleControlPlaneHttpRequest( + const InetAddress &fromAddress, + unsigned int httpMethod, + const std::string &path, + const std::map<std::string,std::string> &headers, + const std::string &body, + std::string &responseBody, + std::string &responseContentType) + { + char tmp[256]; + unsigned int scode = 404; + json res; + std::vector<std::string> ps(OSUtils::split(path.c_str(),"/","","")); + std::map<std::string,std::string> urlArgs; + + /* Note: this is kind of restricted in what it'll take. It does not support + * URL encoding, and /'s in URL args will screw it up. But the only URL args + * it really uses in ?jsonp=funcionName, and otherwise it just takes simple + * paths to simply-named resources. */ + if (ps.size() > 0) { + std::size_t qpos = ps[ps.size() - 1].find('?'); + if (qpos != std::string::npos) { + std::string args(ps[ps.size() - 1].substr(qpos + 1)); + ps[ps.size() - 1] = ps[ps.size() - 1].substr(0,qpos); + std::vector<std::string> asplit(OSUtils::split(args.c_str(),"&","","")); + for(std::vector<std::string>::iterator a(asplit.begin());a!=asplit.end();++a) { + std::size_t eqpos = a->find('='); + if (eqpos == std::string::npos) + urlArgs[*a] = ""; + else urlArgs[a->substr(0,eqpos)] = a->substr(eqpos + 1); + } + } + } + + bool isAuth = false; + { + std::map<std::string,std::string>::const_iterator ah(headers.find("x-zt1-auth")); + if ((ah != headers.end())&&(_authToken == ah->second)) { + isAuth = true; + } else { + ah = urlArgs.find("auth"); + if ((ah != urlArgs.end())&&(_authToken == ah->second)) + isAuth = true; + } + } + +#ifdef __SYNOLOGY__ + // Authenticate via Synology's built-in cgi script + if (!isAuth) { + /* + fprintf(stderr, "path = %s\n", path.c_str()); + fprintf(stderr, "headers.size=%d\n", headers.size()); + std::map<std::string, std::string>::const_iterator it(headers.begin()); + while(it != headers.end()) { + fprintf(stderr,"header[%s] = %s\n", (it->first).c_str(), (it->second).c_str()); + it++; + } + */ + // parse out url args + int synotoken_pos = path.find("SynoToken"); + int argpos = path.find("?"); + if(synotoken_pos != std::string::npos && argpos != std::string::npos) { + std::string cookie = path.substr(argpos+1, synotoken_pos-(argpos+1)); + std::string synotoken = path.substr(synotoken_pos); + std::string cookie_val = cookie.substr(cookie.find("=")+1); + std::string synotoken_val = synotoken.substr(synotoken.find("=")+1); + // Set necessary env for auth script + std::map<std::string,std::string>::const_iterator ah2(headers.find("x-forwarded-for")); + setenv("HTTP_COOKIE", cookie_val.c_str(), true); + setenv("HTTP_X_SYNO_TOKEN", synotoken_val.c_str(), true); + setenv("REMOTE_ADDR", ah2->second.c_str(),true); + //fprintf(stderr, "HTTP_COOKIE: %s\n",std::getenv ("HTTP_COOKIE")); + //fprintf(stderr, "HTTP_X_SYNO_TOKEN: %s\n",std::getenv ("HTTP_X_SYNO_TOKEN")); + //fprintf(stderr, "REMOTE_ADDR: %s\n",std::getenv ("REMOTE_ADDR")); + // check synology web auth + char user[256], buf[1024]; + FILE *fp = NULL; + bzero(user, 256); + fp = popen("/usr/syno/synoman/webman/modules/authenticate.cgi", "r"); + if(!fp) + isAuth = false; + else { + bzero(buf, sizeof(buf)); + fread(buf, 1024, 1, fp); + if(strlen(buf) > 0) { + snprintf(user, 256, "%s", buf); + isAuth = true; + } + } + pclose(fp); + } + } +#endif + + if (httpMethod == HTTP_GET) { + if (isAuth) { + if (ps[0] == "status") { + ZT_NodeStatus status; + _node->status(&status); + + Utils::snprintf(tmp,sizeof(tmp),"%.10llx",status.address); + res["address"] = tmp; + res["publicIdentity"] = status.publicIdentity; + res["online"] = (bool)(status.online != 0); + res["tcpFallbackActive"] = (_tcpFallbackTunnel != (TcpConnection *)0); + res["versionMajor"] = ZEROTIER_ONE_VERSION_MAJOR; + res["versionMinor"] = ZEROTIER_ONE_VERSION_MINOR; + res["versionRev"] = ZEROTIER_ONE_VERSION_REVISION; + res["versionBuild"] = ZEROTIER_ONE_VERSION_BUILD; + Utils::snprintf(tmp,sizeof(tmp),"%d.%d.%d",ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION); + res["version"] = tmp; + res["clock"] = OSUtils::now(); + + { + Mutex::Lock _l(_localConfig_m); + res["config"] = _localConfig; + } + json &settings = res["config"]["settings"]; + settings["primaryPort"] = OSUtils::jsonInt(settings["primaryPort"],(uint64_t)_primaryPort) & 0xffff; +#ifdef ZT_USE_MINIUPNPC + settings["portMappingEnabled"] = OSUtils::jsonBool(settings["portMappingEnabled"],true); +#else + settings["portMappingEnabled"] = false; // not supported in build +#endif + settings["softwareUpdate"] = OSUtils::jsonString(settings["softwareUpdate"],ZT_SOFTWARE_UPDATE_DEFAULT); + + const World planet(_node->planet()); + res["planetWorldId"] = planet.id(); + res["planetWorldTimestamp"] = planet.timestamp(); + +#ifdef ZT_ENABLE_CLUSTER + json cj; + ZT_ClusterStatus cs; + _node->clusterStatus(&cs); + if (cs.clusterSize >= 1) { + json cja = json::array(); + for(unsigned int i=0;i<cs.clusterSize;++i) { + json cjm; + cjm["id"] = (int)cs.members[i].id; + cjm["msSinceLastHeartbeat"] = cs.members[i].msSinceLastHeartbeat; + cjm["alive"] = (bool)(cs.members[i].alive != 0); + cjm["x"] = cs.members[i].x; + cjm["y"] = cs.members[i].y; + cjm["z"] = cs.members[i].z; + cjm["load"] = cs.members[i].load; + cjm["peers"] = cs.members[i].peers; + cja.push_back(cjm); + } + cj["members"] = cja; + cj["myId"] = (int)cs.myId; + cj["clusterSize"] = cs.clusterSize; + } + res["cluster"] = cj; +#else + res["cluster"] = json(); +#endif + + scode = 200; + } else if (ps[0] == "moon") { + std::vector<World> moons(_node->moons()); + if (ps.size() == 1) { + // Return [array] of all moons + + res = json::array(); + for(std::vector<World>::const_iterator m(moons.begin());m!=moons.end();++m) { + json mj; + _moonToJson(mj,*m); + res.push_back(mj); + } + + scode = 200; + } else { + // Return a single moon by ID + + const uint64_t id = Utils::hexStrToU64(ps[1].c_str()); + for(std::vector<World>::const_iterator m(moons.begin());m!=moons.end();++m) { + if (m->id() == id) { + _moonToJson(res,*m); + scode = 200; + break; + } + } + + } + } else if (ps[0] == "network") { + ZT_VirtualNetworkList *nws = _node->networks(); + if (nws) { + if (ps.size() == 1) { + // Return [array] of all networks + + res = nlohmann::json::array(); + for(unsigned long i=0;i<nws->networkCount;++i) { + OneService::NetworkSettings localSettings; + getNetworkSettings(nws->networks[i].nwid,localSettings); + nlohmann::json nj; + _networkToJson(nj,&(nws->networks[i]),portDeviceName(nws->networks[i].nwid),localSettings); + res.push_back(nj); + } + + scode = 200; + } else if (ps.size() == 2) { + // Return a single network by ID or 404 if not found + + const uint64_t wantnw = Utils::hexStrToU64(ps[1].c_str()); + for(unsigned long i=0;i<nws->networkCount;++i) { + if (nws->networks[i].nwid == wantnw) { + OneService::NetworkSettings localSettings; + getNetworkSettings(nws->networks[i].nwid,localSettings); + _networkToJson(res,&(nws->networks[i]),portDeviceName(nws->networks[i].nwid),localSettings); + scode = 200; + break; + } + } + + } else scode = 404; + _node->freeQueryResult((void *)nws); + } else scode = 500; + } else if (ps[0] == "peer") { + ZT_PeerList *pl = _node->peers(); + if (pl) { + if (ps.size() == 1) { + // Return [array] of all peers + + res = nlohmann::json::array(); + for(unsigned long i=0;i<pl->peerCount;++i) { + nlohmann::json pj; + _peerToJson(pj,&(pl->peers[i])); + res.push_back(pj); + } + + scode = 200; + } else if (ps.size() == 2) { + // Return a single peer by ID or 404 if not found + + uint64_t wantp = Utils::hexStrToU64(ps[1].c_str()); + for(unsigned long i=0;i<pl->peerCount;++i) { + if (pl->peers[i].address == wantp) { + _peerToJson(res,&(pl->peers[i])); + scode = 200; + break; + } + } + + } else scode = 404; + _node->freeQueryResult((void *)pl); + } else scode = 500; + } else { + if (_controller) { + scode = _controller->handleControlPlaneHttpGET(std::vector<std::string>(ps.begin()+1,ps.end()),urlArgs,headers,body,responseBody,responseContentType); + } else scode = 404; + } + + } else scode = 401; // isAuth == false + } else if ((httpMethod == HTTP_POST)||(httpMethod == HTTP_PUT)) { + if (isAuth) { + + if (ps[0] == "moon") { + if (ps.size() == 2) { + + uint64_t seed = 0; + try { + json j(OSUtils::jsonParse(body)); + if (j.is_object()) { + seed = Utils::hexStrToU64(OSUtils::jsonString(j["seed"],"0").c_str()); + } + } catch ( ... ) { + // discard invalid JSON + } + + std::vector<World> moons(_node->moons()); + const uint64_t id = Utils::hexStrToU64(ps[1].c_str()); + for(std::vector<World>::const_iterator m(moons.begin());m!=moons.end();++m) { + if (m->id() == id) { + _moonToJson(res,*m); + scode = 200; + break; + } + } + + if ((scode != 200)&&(seed != 0)) { + char tmp[64]; + Utils::snprintf(tmp,sizeof(tmp),"%.16llx",id); + res["id"] = tmp; + res["roots"] = json::array(); + res["timestamp"] = 0; + res["signature"] = json(); + res["updatesMustBeSignedBy"] = json(); + res["waiting"] = true; + _node->orbit(id,seed); + } + + } else scode = 404; + } else if (ps[0] == "network") { + if (ps.size() == 2) { + + uint64_t wantnw = Utils::hexStrToU64(ps[1].c_str()); + _node->join(wantnw,(void *)0); // does nothing if we are a member + ZT_VirtualNetworkList *nws = _node->networks(); + if (nws) { + for(unsigned long i=0;i<nws->networkCount;++i) { + if (nws->networks[i].nwid == wantnw) { + OneService::NetworkSettings localSettings; + getNetworkSettings(nws->networks[i].nwid,localSettings); + + try { + json j(OSUtils::jsonParse(body)); + if (j.is_object()) { + json &allowManaged = j["allowManaged"]; + if (allowManaged.is_boolean()) localSettings.allowManaged = (bool)allowManaged; + json &allowGlobal = j["allowGlobal"]; + if (allowGlobal.is_boolean()) localSettings.allowGlobal = (bool)allowGlobal; + json &allowDefault = j["allowDefault"]; + if (allowDefault.is_boolean()) localSettings.allowDefault = (bool)allowDefault; + } + } catch ( ... ) { + // discard invalid JSON + } + + setNetworkSettings(nws->networks[i].nwid,localSettings); + _networkToJson(res,&(nws->networks[i]),portDeviceName(nws->networks[i].nwid),localSettings); + + scode = 200; + break; + } + } + _node->freeQueryResult((void *)nws); + } else scode = 500; + + } else scode = 404; + } else { + if (_controller) + scode = _controller->handleControlPlaneHttpPOST(std::vector<std::string>(ps.begin()+1,ps.end()),urlArgs,headers,body,responseBody,responseContentType); + else scode = 404; + } + + } else scode = 401; // isAuth == false + } else if (httpMethod == HTTP_DELETE) { + if (isAuth) { + + if (ps[0] == "moon") { + if (ps.size() == 2) { + _node->deorbit(Utils::hexStrToU64(ps[1].c_str())); + res["result"] = true; + scode = 200; + } // else 404 + } else if (ps[0] == "network") { + ZT_VirtualNetworkList *nws = _node->networks(); + if (nws) { + if (ps.size() == 2) { + uint64_t wantnw = Utils::hexStrToU64(ps[1].c_str()); + for(unsigned long i=0;i<nws->networkCount;++i) { + if (nws->networks[i].nwid == wantnw) { + _node->leave(wantnw,(void **)0); + res["result"] = true; + scode = 200; + break; + } + } + } // else 404 + _node->freeQueryResult((void *)nws); + } else scode = 500; + } else { + if (_controller) + scode = _controller->handleControlPlaneHttpDELETE(std::vector<std::string>(ps.begin()+1,ps.end()),urlArgs,headers,body,responseBody,responseContentType); + else scode = 404; + } + + } else scode = 401; // isAuth = false + } else { + scode = 400; + } + + if (responseBody.length() == 0) { + if ((res.is_object())||(res.is_array())) + responseBody = OSUtils::jsonDump(res); + else responseBody = "{}"; + responseContentType = "application/json"; + } + + // Wrap result in jsonp function call if the user included a jsonp= url argument. + // Also double-check isAuth since forbidding this without auth feels safer. + std::map<std::string,std::string>::const_iterator jsonp(urlArgs.find("jsonp")); + if ((isAuth)&&(jsonp != urlArgs.end())&&(responseContentType == "application/json")) { + if (responseBody.length() > 0) + responseBody = jsonp->second + "(" + responseBody + ");"; + else responseBody = jsonp->second + "(null);"; + responseContentType = "application/javascript"; + } + + return scode; + } + + // Must be called after _localConfig is read or modified + void applyLocalConfig() + { + Mutex::Lock _l(_localConfig_m); + + _v4Hints.clear(); + _v6Hints.clear(); + _v4Blacklists.clear(); + _v6Blacklists.clear(); + json &virt = _localConfig["virtual"]; + if (virt.is_object()) { + for(json::iterator v(virt.begin());v!=virt.end();++v) { + const std::string nstr = v.key(); + if ((nstr.length() == ZT_ADDRESS_LENGTH_HEX)&&(v.value().is_object())) { + const Address ztaddr(Utils::hexStrToU64(nstr.c_str())); + if (ztaddr) { + const uint64_t ztaddr2 = ztaddr.toInt(); + std::vector<InetAddress> &v4h = _v4Hints[ztaddr2]; + std::vector<InetAddress> &v6h = _v6Hints[ztaddr2]; + std::vector<InetAddress> &v4b = _v4Blacklists[ztaddr2]; + std::vector<InetAddress> &v6b = _v6Blacklists[ztaddr2]; + + json &tryAddrs = v.value()["try"]; + if (tryAddrs.is_array()) { + for(unsigned long i=0;i<tryAddrs.size();++i) { + const InetAddress ip(OSUtils::jsonString(tryAddrs[i],"")); + if (ip.ss_family == AF_INET) + v4h.push_back(ip); + else if (ip.ss_family == AF_INET6) + v6h.push_back(ip); + } + } + json &blAddrs = v.value()["blacklist"]; + if (blAddrs.is_array()) { + for(unsigned long i=0;i<blAddrs.size();++i) { + const InetAddress ip(OSUtils::jsonString(tryAddrs[i],"")); + if (ip.ss_family == AF_INET) + v4b.push_back(ip); + else if (ip.ss_family == AF_INET6) + v6b.push_back(ip); + } + } + + if (v4h.empty()) _v4Hints.erase(ztaddr2); + if (v6h.empty()) _v6Hints.erase(ztaddr2); + if (v4b.empty()) _v4Blacklists.erase(ztaddr2); + if (v6b.empty()) _v6Blacklists.erase(ztaddr2); + } + } + } + } + + _globalV4Blacklist.clear(); + _globalV6Blacklist.clear(); + json &physical = _localConfig["physical"]; + if (physical.is_object()) { + for(json::iterator phy(physical.begin());phy!=physical.end();++phy) { + const InetAddress net(OSUtils::jsonString(phy.key(),"")); + if ((net)&&(net.netmaskBits() > 0)) { + if (phy.value().is_object()) { + if (OSUtils::jsonBool(phy.value()["blacklist"],false)) { + if (net.ss_family == AF_INET) + _globalV4Blacklist.push_back(net); + else if (net.ss_family == AF_INET6) + _globalV6Blacklist.push_back(net); + } + } + } + } + } + + _allowManagementFrom.clear(); + _interfacePrefixBlacklist.clear(); + json &settings = _localConfig["settings"]; + if (settings.is_object()) { + _primaryPort = (unsigned int)OSUtils::jsonInt(settings["primaryPort"],(uint64_t)_primaryPort) & 0xffff; + _portMappingEnabled = OSUtils::jsonBool(settings["portMappingEnabled"],true); + + const std::string up(OSUtils::jsonString(settings["softwareUpdate"],ZT_SOFTWARE_UPDATE_DEFAULT)); + const bool udist = OSUtils::jsonBool(settings["softwareUpdateDist"],false); + if (((up == "apply")||(up == "download"))||(udist)) { + if (!_updater) + _updater = new SoftwareUpdater(*_node,_homePath); + _updateAutoApply = (up == "apply"); + _updater->setUpdateDistribution(udist); + _updater->setChannel(OSUtils::jsonString(settings["softwareUpdateChannel"],ZT_SOFTWARE_UPDATE_DEFAULT_CHANNEL)); + } else { + delete _updater; + _updater = (SoftwareUpdater *)0; + _updateAutoApply = false; + } + + json &ignoreIfs = settings["interfacePrefixBlacklist"]; + if (ignoreIfs.is_array()) { + for(unsigned long i=0;i<ignoreIfs.size();++i) { + const std::string tmp(OSUtils::jsonString(ignoreIfs[i],"")); + if (tmp.length() > 0) + _interfacePrefixBlacklist.push_back(tmp); + } + } + + json &amf = settings["allowManagementFrom"]; + if (amf.is_array()) { + for(unsigned long i=0;i<amf.size();++i) { + const InetAddress nw(OSUtils::jsonString(amf[i],"")); + if (nw) + _allowManagementFrom.push_back(nw); + } + } + } + } // Checks if a managed IP or route target is allowed bool checkIfManagedIsAllowed(const NetworkState &n,const InetAddress &target) { if (!n.settings.allowManaged) return false; + + if (n.settings.allowManagedWhitelist.size() > 0) { + bool allowed = false; + for (InetAddress addr : n.settings.allowManagedWhitelist) { + if (addr.containsAddress(target) && addr.netmaskBits() <= target.netmaskBits()) { + allowed = true; + break; + } + } + if (!allowed) return false; + } + if (target.isDefaultRoute()) return n.settings.allowDefault; switch(target.ipScope()) { @@ -1107,18 +1590,17 @@ public: fprintf(stderr,"ERROR: unable to remove ip address %s" ZT_EOL_S, ip->toString().c_str()); } } - for(std::vector<InetAddress>::iterator ip(newManagedIps.begin());ip!=newManagedIps.end();++ip) { #ifdef __SYNOLOGY__ - if (!n.tap->addIp(*ip)) - fprintf(stderr,"ERROR: unable to add ip address %s" ZT_EOL_S, ip->toString().c_str()); + if (!n.tap->addIpSyn(newManagedIps)) + fprintf(stderr,"ERROR: unable to add ip addresses to ifcfg" ZT_EOL_S); #else + for(std::vector<InetAddress>::iterator ip(newManagedIps.begin());ip!=newManagedIps.end();++ip) { if (std::find(n.managedIps.begin(),n.managedIps.end(),*ip) == n.managedIps.end()) { - if (!n.tap->addIp(*ip)) fprintf(stderr,"ERROR: unable to add ip address %s" ZT_EOL_S, ip->toString().c_str()); - } -#endif + } } +#endif n.managedIps.swap(newManagedIps); } @@ -1191,6 +1673,10 @@ public: } } + // ========================================================================= + // Handlers for Node and Phy<> callbacks + // ========================================================================= + inline void phyOnDatagram(PhySocket *sock,void **uptr,const struct sockaddr *localAddr,const struct sockaddr *from,void *data,unsigned long len) { #ifdef ZT_ENABLE_CLUSTER @@ -1264,12 +1750,10 @@ public: inline void phyOnTcpAccept(PhySocket *sockL,PhySocket *sockN,void **uptrL,void **uptrN,const struct sockaddr *from) { - if ((!from)||(reinterpret_cast<const InetAddress *>(from)->ipScope() != InetAddress::IP_SCOPE_LOOPBACK)) { - // Non-Loopback: deny (for now) + if (!from) { _phy.close(sockN,false); return; } else { - // Loopback == HTTP JSON API request TcpConnection *tc = new TcpConnection(); _tcpConnections.insert(tc); tc->type = TcpConnection::TCP_HTTP_INCOMING; @@ -1450,9 +1934,32 @@ public: if (OSUtils::readFile(nlcpath,nlcbuf)) { Dictionary<4096> nc; nc.load(nlcbuf.c_str()); - n.settings.allowManaged = nc.getB("allowManaged",true); - n.settings.allowGlobal = nc.getB("allowGlobal",false); - n.settings.allowDefault = nc.getB("allowDefault",false); + Buffer<1024> allowManaged; + if (nc.get("allowManaged", allowManaged) && allowManaged.size() != 0) { + std::string addresses (allowManaged.begin(), allowManaged.size()); + if (allowManaged.size() <= 5) { // untidy parsing for backward compatibility + if (allowManaged[0] == '1' || allowManaged[0] == 't' || allowManaged[0] == 'T') { + n.settings.allowManaged = true; + } else { + n.settings.allowManaged = false; + } + } else { + // this should be a list of IP addresses + n.settings.allowManaged = true; + size_t pos = 0; + while (true) { + size_t nextPos = addresses.find(',', pos); + std::string address = addresses.substr(pos, (nextPos == std::string::npos ? addresses.size() : nextPos) - pos); + n.settings.allowManagedWhitelist.push_back(InetAddress(address)); + if (nextPos == std::string::npos) break; + pos = nextPos + 1; + } + } + } else { + n.settings.allowManaged = true; + } + n.settings.allowGlobal = nc.getB("allowGlobal", false); + n.settings.allowDefault = nc.getB("allowDefault", false); } } catch (std::exception &exc) { #ifdef __WINDOWS__ @@ -1475,6 +1982,16 @@ public: case ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_CONFIG_UPDATE: memcpy(&(n.config),nwc,sizeof(ZT_VirtualNetworkConfig)); if (n.tap) { // sanity check +#ifdef __WINDOWS__ + // wait for up to 5 seconds for the WindowsEthernetTap to actually be initialized + // + // without WindowsEthernetTap::isInitialized() returning true, the won't actually + // be online yet and setting managed routes on it will fail. + const int MAX_SLEEP_COUNT = 500; + for (int i = 0; !n.tap->isInitialized() && i < MAX_SLEEP_COUNT; i++) { + Sleep(10); + } +#endif syncManagedStuff(n,true,true); } else { _nets.erase(nwid); @@ -1526,6 +2043,13 @@ public: } } break; + case ZT_EVENT_USER_MESSAGE: { + const ZT_UserMessage *um = reinterpret_cast<const ZT_UserMessage *>(metaData); + if ((um->typeId == ZT_SOFTWARE_UPDATE_USER_MESSAGE_TYPE)&&(_updater)) { + _updater->handleSoftwareUpdateUserMessage(um->origin,um->data,um->length); + } + } break; + default: break; } @@ -1627,16 +2151,9 @@ public: _tcpFallbackTunnel->writeBuf.append(reinterpret_cast<const char *>(reinterpret_cast<const void *>(&(reinterpret_cast<const struct sockaddr_in *>(addr)->sin_port))),2); _tcpFallbackTunnel->writeBuf.append((const char *)data,len); } else if (((now - _lastSendToGlobalV4) < ZT_TCP_FALLBACK_AFTER)&&((now - _lastSendToGlobalV4) > (ZT_PING_CHECK_INVERVAL / 2))) { - std::vector<InetAddress> tunnelIps(_tcpFallbackResolver.get()); - if (tunnelIps.empty()) { - if (!_tcpFallbackResolver.running()) - _tcpFallbackResolver.resolveNow(); - } else { - bool connected = false; - InetAddress addr(tunnelIps[(unsigned long)now % tunnelIps.size()]); - addr.setPort(ZT_TCP_FALLBACK_RELAY_PORT); - _phy.tcpConnect(reinterpret_cast<const struct sockaddr *>(&addr),connected); - } + bool connected = false; + const InetAddress addr(ZT_TCP_FALLBACK_RELAY); + _phy.tcpConnect(reinterpret_cast<const struct sockaddr *>(&addr),connected); } } _lastSendToGlobalV4 = now; @@ -1670,30 +2187,74 @@ public: n->tap->put(MAC(sourceMac),MAC(destMac),etherType,data,len); } - inline int nodePathCheckFunction(const struct sockaddr_storage *localAddr,const struct sockaddr_storage *remoteAddr) + inline int nodePathCheckFunction(uint64_t ztaddr,const struct sockaddr_storage *localAddr,const struct sockaddr_storage *remoteAddr) { - Mutex::Lock _l(_nets_m); - - for(std::map<uint64_t,NetworkState>::const_iterator n(_nets.begin());n!=_nets.end();++n) { - if (n->second.tap) { - std::vector<InetAddress> ips(n->second.tap->ips()); - for(std::vector<InetAddress>::const_iterator i(ips.begin());i!=ips.end();++i) { - if (i->containsAddress(*(reinterpret_cast<const InetAddress *>(remoteAddr)))) { - return 0; + // Make sure we're not trying to do ZeroTier-over-ZeroTier + { + Mutex::Lock _l(_nets_m); + for(std::map<uint64_t,NetworkState>::const_iterator n(_nets.begin());n!=_nets.end();++n) { + if (n->second.tap) { + std::vector<InetAddress> ips(n->second.tap->ips()); + for(std::vector<InetAddress>::const_iterator i(ips.begin());i!=ips.end();++i) { + if (i->containsAddress(*(reinterpret_cast<const InetAddress *>(remoteAddr)))) { + return 0; + } } } } } - + /* Note: I do not think we need to scan for overlap with managed routes * because of the "route forking" and interface binding that we do. This * ensures (we hope) that ZeroTier traffic will still take the physical * path even if its managed routes override this for other traffic. Will - * revisit if we see problems with this. */ + * revisit if we see recursion problems. */ + + // Check blacklists + const Hashtable< uint64_t,std::vector<InetAddress> > *blh = (const Hashtable< uint64_t,std::vector<InetAddress> > *)0; + const std::vector<InetAddress> *gbl = (const std::vector<InetAddress> *)0; + if (remoteAddr->ss_family == AF_INET) { + blh = &_v4Blacklists; + gbl = &_globalV4Blacklist; + } else if (remoteAddr->ss_family == AF_INET6) { + blh = &_v6Blacklists; + gbl = &_globalV6Blacklist; + } + if (blh) { + Mutex::Lock _l(_localConfig_m); + const std::vector<InetAddress> *l = blh->get(ztaddr); + if (l) { + for(std::vector<InetAddress>::const_iterator a(l->begin());a!=l->end();++a) { + if (a->containsAddress(*reinterpret_cast<const InetAddress *>(remoteAddr))) + return 0; + } + } + for(std::vector<InetAddress>::const_iterator a(gbl->begin());a!=gbl->end();++a) { + if (a->containsAddress(*reinterpret_cast<const InetAddress *>(remoteAddr))) + return 0; + } + } return 1; } + inline int nodePathLookupFunction(uint64_t ztaddr,int family,struct sockaddr_storage *result) + { + const Hashtable< uint64_t,std::vector<InetAddress> > *lh = (const Hashtable< uint64_t,std::vector<InetAddress> > *)0; + if (family < 0) + lh = (_node->prng() & 1) ? &_v4Hints : &_v6Hints; + else if (family == AF_INET) + lh = &_v4Hints; + else if (family == AF_INET6) + lh = &_v6Hints; + else return 0; + const std::vector<InetAddress> *l = lh->get(ztaddr); + if ((l)&&(l->size() > 0)) { + memcpy(result,&((*l)[(unsigned long)_node->prng() % l->size()]),sizeof(struct sockaddr_storage)); + return 1; + } else return 0; + } + inline void tapFrameHandler(uint64_t nwid,const MAC &from,const MAC &to,unsigned int etherType,unsigned int vlanId,const void *data,unsigned int len) { _node->processVirtualNetworkFrame(OSUtils::now(),nwid,from.toInt(),to.toInt(),etherType,vlanId,data,len,&_nextBackgroundTaskDeadline); @@ -1706,16 +2267,34 @@ public: std::string contentType("text/plain"); // default if not changed in handleRequest() unsigned int scode = 404; - try { - if (_controlPlane) - scode = _controlPlane->handleRequest(tc->from,tc->parser.method,tc->url,tc->headers,tc->body,data,contentType); - else scode = 500; - } catch (std::exception &exc) { - fprintf(stderr,"WARNING: unexpected exception processing control HTTP request: %s" ZT_EOL_S,exc.what()); - scode = 500; - } catch ( ... ) { - fprintf(stderr,"WARNING: unexpected exception processing control HTTP request: unknown exceptino" ZT_EOL_S); - scode = 500; + bool allow; + { + Mutex::Lock _l(_localConfig_m); + if (_allowManagementFrom.size() == 0) { + allow = (tc->from.ipScope() == InetAddress::IP_SCOPE_LOOPBACK); + } else { + allow = false; + for(std::vector<InetAddress>::const_iterator i(_allowManagementFrom.begin());i!=_allowManagementFrom.end();++i) { + if (i->containsAddress(tc->from)) { + allow = true; + break; + } + } + } + } + + if (allow) { + try { + scode = handleControlPlaneHttpRequest(tc->from,tc->parser.method,tc->url,tc->headers,tc->body,data,contentType); + } catch (std::exception &exc) { + fprintf(stderr,"WARNING: unexpected exception processing control HTTP request: %s" ZT_EOL_S,exc.what()); + scode = 500; + } catch ( ... ) { + fprintf(stderr,"WARNING: unexpected exception processing control HTTP request: unknown exceptino" ZT_EOL_S); + scode = 500; + } + } else { + scode = 401; } const char *scodestr; @@ -1757,16 +2336,38 @@ public: bool shouldBindInterface(const char *ifname,const InetAddress &ifaddr) { - if (isBlacklistedLocalInterfaceForZeroTierTraffic(ifname)) - return false; +#if defined(__linux__) || defined(linux) || defined(__LINUX__) || defined(__linux) + if ((ifname[0] == 'l')&&(ifname[1] == 'o')) return false; // loopback + if ((ifname[0] == 'z')&&(ifname[1] == 't')) return false; // sanity check: zt# + if ((ifname[0] == 't')&&(ifname[1] == 'u')&&(ifname[2] == 'n')) return false; // tun# is probably an OpenVPN tunnel or similar + if ((ifname[0] == 't')&&(ifname[1] == 'a')&&(ifname[2] == 'p')) return false; // tap# is probably an OpenVPN tunnel or similar +#endif - Mutex::Lock _l(_nets_m); - for(std::map<uint64_t,NetworkState>::const_iterator n(_nets.begin());n!=_nets.end();++n) { - if (n->second.tap) { - std::vector<InetAddress> ips(n->second.tap->ips()); - for(std::vector<InetAddress>::const_iterator i(ips.begin());i!=ips.end();++i) { - if (i->ipsEqual(ifaddr)) - return false; +#ifdef __APPLE__ + if ((ifname[0] == 'l')&&(ifname[1] == 'o')) return false; // loopback + if ((ifname[0] == 'z')&&(ifname[1] == 't')) return false; // sanity check: zt# + if ((ifname[0] == 't')&&(ifname[1] == 'u')&&(ifname[2] == 'n')) return false; // tun# is probably an OpenVPN tunnel or similar + if ((ifname[0] == 't')&&(ifname[1] == 'a')&&(ifname[2] == 'p')) return false; // tap# is probably an OpenVPN tunnel or similar + if ((ifname[0] == 'u')&&(ifname[1] == 't')&&(ifname[2] == 'u')&&(ifname[3] == 'n')) return false; // ... as is utun# +#endif + + { + Mutex::Lock _l(_localConfig_m); + for(std::vector<std::string>::const_iterator p(_interfacePrefixBlacklist.begin());p!=_interfacePrefixBlacklist.end();++p) { + if (!strncmp(p->c_str(),ifname,p->length())) + return false; + } + } + + { + Mutex::Lock _l(_nets_m); + for(std::map<uint64_t,NetworkState>::const_iterator n(_nets.begin());n!=_nets.end();++n) { + if (n->second.tap) { + std::vector<InetAddress> ips(n->second.tap->ips()); + for(std::vector<InetAddress>::const_iterator i(ips.begin());i!=ips.end();++i) { + if (i->ipsEqual(ifaddr)) + return false; + } } } } @@ -1839,8 +2440,10 @@ static int SnodeWirePacketSendFunction(ZT_Node *node,void *uptr,const struct soc { return reinterpret_cast<OneServiceImpl *>(uptr)->nodeWirePacketSendFunction(localAddr,addr,data,len,ttl); } static void SnodeVirtualNetworkFrameFunction(ZT_Node *node,void *uptr,uint64_t nwid,void **nuptr,uint64_t sourceMac,uint64_t destMac,unsigned int etherType,unsigned int vlanId,const void *data,unsigned int len) { reinterpret_cast<OneServiceImpl *>(uptr)->nodeVirtualNetworkFrameFunction(nwid,nuptr,sourceMac,destMac,etherType,vlanId,data,len); } -static int SnodePathCheckFunction(ZT_Node *node,void *uptr,const struct sockaddr_storage *localAddr,const struct sockaddr_storage *remoteAddr) -{ return reinterpret_cast<OneServiceImpl *>(uptr)->nodePathCheckFunction(localAddr,remoteAddr); } +static int SnodePathCheckFunction(ZT_Node *node,void *uptr,uint64_t ztaddr,const struct sockaddr_storage *localAddr,const struct sockaddr_storage *remoteAddr) +{ return reinterpret_cast<OneServiceImpl *>(uptr)->nodePathCheckFunction(ztaddr,localAddr,remoteAddr); } +static int SnodePathLookupFunction(ZT_Node *node,void *uptr,uint64_t ztaddr,int family,struct sockaddr_storage *result) +{ return reinterpret_cast<OneServiceImpl *>(uptr)->nodePathLookupFunction(ztaddr,family,result); } #ifdef ZT_ENABLE_CLUSTER static void SclusterSendFunction(void *uptr,unsigned int toMemberId,const void *data,unsigned int len) @@ -1956,30 +2559,6 @@ std::string OneService::platformDefaultHomePath() return OSUtils::platformDefaultHomePath(); } -std::string OneService::autoUpdateUrl() -{ -#ifdef ZT_AUTO_UPDATE - -/* -#if defined(__LINUX__) && ( defined(__i386__) || defined(__x86_64) || defined(__x86_64__) || defined(__amd64) || defined(__i386) ) - if (sizeof(void *) == 8) - return "http://download.zerotier.com/ZeroTierOneInstaller-linux-x64-LATEST.nfo"; - else return "http://download.zerotier.com/ZeroTierOneInstaller-linux-x86-LATEST.nfo"; -#endif -*/ - -#if defined(__APPLE__) && ( defined(__i386__) || defined(__x86_64) || defined(__x86_64__) || defined(__amd64) || defined(__i386) ) - return "http://download.zerotier.com/update/mac_intel/"; -#endif - -#ifdef __WINDOWS__ - return "http://download.zerotier.com/update/win_intel/"; -#endif - -#endif // ZT_AUTO_UPDATE - return std::string(); -} - OneService *OneService::newInstance(const char *hp,unsigned int port) { return new OneServiceImpl(hp,port); } OneService::~OneService() {} diff --git a/service/OneService.hpp b/service/OneService.hpp index 72ff7d84..3390f2ac 100644 --- a/service/OneService.hpp +++ b/service/OneService.hpp @@ -20,6 +20,9 @@ #define ZT_ONESERVICE_HPP #include <string> +#include <vector> + +#include "../node/InetAddress.hpp" namespace ZeroTier { @@ -66,6 +69,12 @@ public: bool allowManaged; /** + * Whitelist of addresses that can be configured by this network. + * If empty and allowManaged is true, allow all private/pseudoprivate addresses. + */ + std::vector<InetAddress> allowManagedWhitelist; + + /** * Allow configuration of IPs and routes within global (Internet) IP space? */ bool allowGlobal; @@ -82,11 +91,6 @@ public: static std::string platformDefaultHomePath(); /** - * @return Auto-update URL or empty string if auto-updates unsupported or not enabled - */ - static std::string autoUpdateUrl(); - - /** * Create a new instance of the service * * Once created, you must call the run() method to actually start @@ -99,9 +103,7 @@ public: * @param hp Home path * @param port TCP and UDP port for packets and HTTP control (if 0, pick random port) */ - static OneService *newInstance( - const char *hp, - unsigned int port); + static OneService *newInstance(const char *hp,unsigned int port); virtual ~OneService(); @@ -130,11 +132,6 @@ public: virtual std::string portDeviceName(uint64_t nwid) const = 0; /** - * @return True if TCP fallback is currently active - */ - virtual bool tcpFallbackActive() const = 0; - - /** * Terminate background service (can be called from other threads) */ virtual void terminate() = 0; diff --git a/service/README.md b/service/README.md index 75c437dd..bdf713c1 100644 --- a/service/README.md +++ b/service/README.md @@ -1,9 +1,66 @@ ZeroTier One Network Virtualization Service ====== -This is the common background service implementation for ZeroTier One, the VPN-like OS-level network virtualization service. - -It provides a ready-made core I/O loop and a local HTTP-based JSON control bus for controlling the service. This control bus HTTP server can also serve the files in ui/ if this folder's contents are installed in the ZeroTier home folder. The ui/ implements a React-based HTML5 user interface which is then wrappered for various platforms via MacGap, Windows .NET WebControl, etc. It can also be used locally from scripts or via *curl*. +This is the actual implementation of ZeroTier One, a service providing connectivity to ZeroTier virtual networks for desktops, laptops, servers, VMs, etc. (Mobile versions for iOS and Android have their own implementations in native Java and Objective C that leverage only the ZeroTier core engine.) + +### Local Configuration File + +A file called `local.conf` in the ZeroTier home folder contains configuration options that apply to the local node. It can be used to set up trusted paths, blacklist physical paths, set up physical path hints for certain nodes, and define trusted upstream devices (federated roots). In a large deployment it can be deployed using a tool like Puppet, Chef, SaltStack, etc. to set a uniform configuration across systems. It's a JSON format file that can also be edited and rewritten by ZeroTier One itself, so ensure that proper JSON formatting is used. + +Settings available in `local.conf` (this is not valid JSON, and JSON does not allow comments): + +```javascript +{ + "physical": { /* Settings that apply to physical L2/L3 network paths. */ + "NETWORK/bits": { /* Network e.g. 10.0.0.0/24 or fd00::/32 */ + "blacklist": true|false, /* If true, blacklist this path for all ZeroTier traffic */ + "trustedPathId": 0|!0 /* If present and nonzero, define this as a trusted path (see below) */ + } /* ,... additional networks */ + }, + "virtual": { /* Settings applied to ZeroTier virtual network devices (VL1) */ + "##########": { /* 10-digit ZeroTier address */ + "try": [ "IP/port"/*,...*/ ], /* Hints on where to reach this peer if no upstreams/roots are online */ + "blacklist": [ "NETWORK/bits"/*,...*/ ] /* Blacklist a physical path for only this peer. */ + } + }, + "settings": { /* Other global settings */ + "primaryPort": 0-65535, /* If set, override default port of 9993 and any command line port */ + "portMappingEnabled": true|false, /* If true (the default), try to use uPnP or NAT-PMP to map ports */ + "softwareUpdate": "apply"|"download"|"disable", /* Automatically apply updates, just download, or disable built-in software updates */ + "softwareUpdateDist": true|false, /* If true, distribute software updates (only really useful to ZeroTier, Inc. itself, default is false) */ + "interfacePrefixBlacklist": [ "XXX",... ], /* Array of interface name prefixes (e.g. eth for eth#) to blacklist for ZT traffic */ + "allowManagementFrom": "NETWORK/bits"|null /* If non-NULL, allow JSON/HTTP management from this IP network. Default is 127.0.0.1 only. */ + } +} +``` + + * **trustedPathId**: A trusted path is a physical network over which encryption and authentication are not required. This provides a performance boost but sacrifices all ZeroTier's security features when communicating over this path. Only use this if you know what you are doing and really need the performance! To set up a trusted path, all devices using it *MUST* have the *same trusted path ID* for the same network. Trusted path IDs are arbitrary positive non-zero integers. For example a group of devices on a LAN with IPs in 10.0.0.0/24 could use it as a fast trusted path if they all had the same trusted path ID of "25" defined for that network. + * **relayPolicy**: Under what circumstances should this device relay traffic for other devices? The default is TRUSTED, meaning that we'll only relay for devices we know to be members of a network we have joined. NEVER is the default on mobile devices (iOS/Android) and tells us to never relay traffic. ALWAYS is usually only set for upstreams and roots, allowing them to act as promiscuous relays for anyone who desires it. + +An example `local.conf`: + +```javascript +{ + "physical": { + "10.0.0.0/24": { + "blacklist": true + }, + "10.10.10.0/24": { + "trustedPathId": 101010024 + }, + }, + "virtual": { + "feedbeef12": { + "role": "UPSTREAM", + "try": [ "10.10.20.1/9993" ], + "blacklist": [ "192.168.0.0/24" ] + } + }, + "settings": { + "relayPolicy": "ALWAYS" + } +} +``` ### Network Virtualization Service API @@ -21,30 +78,20 @@ A *jsonp* URL argument may be supplied to request JSONP encapsulation. A JSONP r * Methods: GET * Returns: { object } -<table> -<tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Description</b></td><td><b>Writable</b></td></tr> -<tr><td>address</td><td>string</td><td>10-digit hexadecimal ZeroTier address of this node</td><td>no</td></tr> -<tr><td>publicIdentity</td><td>string</td><td>Full public ZeroTier identity of this node</td><td>no</td></tr> -<tr><td>online</td><td>boolean</td><td>Does this node appear to have upstream network access?</td><td>no</td></tr> -<tr><td>tcpFallbackActive</td><td>boolean</td><td>Is TCP fallback mode active?</td><td>no</td></tr> -<tr><td>versionMajor</td><td>integer</td><td>ZeroTier major version</td><td>no</td></tr> -<tr><td>versionMinor</td><td>integer</td><td>ZeroTier minor version</td><td>no</td></tr> -<tr><td>versionRev</td><td>integer</td><td>ZeroTier revision</td><td>no</td></tr> -<tr><td>version</td><td>string</td><td>Version in major.minor.rev format</td><td>no</td></tr> -<tr><td>clock</td><td>integer</td><td>Node system clock in ms since epoch</td><td>no</td></tr> -</table> - -#### /config - - * Purpose: Get or set local configuration - * Methods: GET, POST - * Returns: { object } - -No local configuration options are exposed yet. - -<table> -<tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Description</b></td><td><b>Writable</b></td></tr> -</table> +| Field | Type | Description | Writable | +| --------------------- | ------------- | ------------------------------------------------- | -------- | +| address | string | 10-digit hex ZeroTier address of this node | no | +| publicIdentity | string | This node's ZeroTier identity.public | no | +| worldId | integer | ZeroTier world ID (never changes except for test) | no | +| worldTimestamp | integer | Timestamp of most recent world definition | no | +| online | boolean | If true at least one upstream peer is reachable | no | +| tcpFallbackActive | boolean | If true we are using slow TCP fallback | no | +| relayPolicy | string | Relay policy: ALWAYS, TRUSTED, or NEVER | no | +| versionMajor | integer | Software major version | no | +| versionMinor | integer | Software minor version | no | +| versionRev | integer | Software revision | no | +| version | string | major.minor.revision | no | +| clock | integer | Current system clock at node (ms since epoch) | no | #### /network @@ -64,23 +111,35 @@ To join a network, POST to it. Since networks have no mandatory writable paramet Most network settings are not writable, as they are defined by the network controller. -<table> -<tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Description</b></td><td><b>Writable</b></td></tr> -<tr><td>nwid</td><td>string</td><td>16-digit hex network ID</td><td>no</td></tr> -<tr><td>mac</td><td>string</td><td>Ethernet MAC address of virtual network port</td><td>no</td></tr> -<tr><td>name</td><td>string</td><td>Network short name as configured on network controller</td><td>no</td></tr> -<tr><td>status</td><td>string</td><td>Network status: OK, ACCESS_DENIED, PORT_ERROR, etc.</td><td>no</td></tr> -<tr><td>type</td><td>string</td><td>Network type, currently PUBLIC or PRIVATE</td><td>no</td></tr> -<tr><td>mtu</td><td>integer</td><td>Ethernet MTU</td><td>no</td></tr> -<tr><td>dhcp</td><td>boolean</td><td>If true, DHCP may be used to obtain an IP address</td><td>no</td></tr> -<tr><td>bridge</td><td>boolean</td><td>If true, this node may bridge in other Ethernet devices</td><td>no</td></tr> -<tr><td>broadcastEnabled</td><td>boolean</td><td>Is Ethernet broadcast (ff:ff:ff:ff:ff:ff) allowed?</td><td>no</td></tr> -<tr><td>portError</td><td>integer</td><td>Error code (if any) returned by underlying OS "tap" driver</td><td>no</td></tr> -<tr><td>netconfRevision</td><td>integer</td><td>Network configuration revision ID</td><td>no</td></tr> -<tr><td>multicastSubscriptions</td><td>[string]</td><td>Multicast memberships as array of MAC/ADI tuples</td><td>no</td></tr> -<tr><td>assignedAddresses</td><td>[string]</td><td>ZeroTier-managed IP address assignments as array of IP/netmask bits tuples</td><td>no</td></tr> -<tr><td>portDeviceName</td><td>string</td><td>OS-specific network device name (if available)</td><td>no</td></tr> -</table> +| Field | Type | Description | Writable | +| --------------------- | ------------- | ------------------------------------------------- | -------- | +| id | string | 16-digit hex network ID | no | +| nwid | string | 16-digit hex network ID (legacy field) | no | +| mac | string | MAC address of network device for this network | no | +| name | string | Short name of this network (from controller) | no | +| status | string | Network status (OK, ACCESS_DENIED, etc.) | no | +| type | string | Network type (PUBLIC or PRIVATE) | no | +| mtu | integer | Ethernet MTU | no | +| dhcp | boolean | If true, DHCP should be used to get IP info | no | +| bridge | boolean | If true, this device can bridge others | no | +| broadcastEnabled | boolean | If true ff:ff:ff:ff:ff:ff broadcasts work | no | +| portError | integer | Error code returned by underlying tap driver | no | +| netconfRevision | integer | Network configuration revision ID | no | +| assignedAddresses | [string] | Array of ZeroTier-assigned IP addresses (/bits) | no | +| routes | [object] | Array of ZeroTier-assigned routes (see below) | no | +| portDeviceName | string | Name of virtual network device (if any) | no | +| allowManaged | boolean | Allow IP and route management | yes | +| allowGlobal | boolean | Allow IPs and routes that overlap with global IPs | yes | +| allowDefault | boolean | Allow overriding of system default route | yes | + +Route objects: + +| Field | Type | Description | Writable | +| --------------------- | ------------- | ------------------------------------------------- | -------- | +| target | string | Target network / netmask bits | no | +| via | string | Gateway IP address (next hop) or null for LAN | no | +| flags | integer | Flags, currently always 0 | no | +| metric | integer | Route metric (not currently used) | no | #### /peer @@ -92,31 +151,29 @@ Getting /peer returns an array of peer objects for all current peers. See below #### /peer/\<address\> - * Purpose: Get information about a peer - * Methods: GET + * Purpose: Get or set information about a peer + * Methods: GET, POST * Returns: { object } -<table> -<tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Description</b></td><td><b>Writable</b></td></tr> -<tr><td>address</td><td>string</td><td>10-digit hex ZeroTier address</td><td>no</td></tr> -<tr><td>lastUnicastFrame</td><td>integer</td><td>Time of last unicast frame in ms since epoch</td><td>no</td></tr> -<tr><td>lastMulticastFrame</td><td>integer</td><td>Time of last multicast frame in ms since epoch</td><td>no</td></tr> -<tr><td>versionMajor</td><td>integer</td><td>Major version of remote if known</td><td>no</td></tr> -<tr><td>versionMinor</td><td>integer</td><td>Minor version of remote if known</td><td>no</td></tr> -<tr><td>versionRev</td><td>integer</td><td>Revision of remote if known</td><td>no</td></tr> -<tr><td>version</td><td>string</td><td>Version in major.minor.rev format</td><td>no</td></tr> -<tr><td>latency</td><td>integer</td><td>Latency in milliseconds if known</td><td>no</td></tr> -<tr><td>role</td><td>string</td><td>LEAF, HUB, or ROOTSERVER</td><td>no</td></tr> -<tr><td>paths</td><td>[object]</td><td>Array of path objects (see below)</td><td>no</td></tr> -</table> - -Path objects describe direct physical paths to peer. If no path objects are listed, peer is only reachable via indirect relay fallback. Path object format is: - -<table> -<tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Description</b></td><td><b>Writable</b></td></tr> -<tr><td>address</td><td>string</td><td>Physical socket address e.g. IP/port for UDP</td><td>no</td></tr> -<tr><td>lastSend</td><td>integer</td><td>Last send via this path in ms since epoch</td><td>no</td></tr> -<tr><td>lastReceive</td><td>integer</td><td>Last receive via this path in ms since epoch</td><td>no</td></tr> -<tr><td>fixed</td><td>boolean</td><td>If true, this is a statically-defined "fixed" path</td><td>no</td></tr> -<tr><td>preferred</td><td>boolean</td><td>If true, this is the current preferred path</td><td>no</td></tr> -</table> +| Field | Type | Description | Writable | +| --------------------- | ------------- | ------------------------------------------------- | -------- | +| address | string | 10-digit hex ZeroTier address of peer | no | +| versionMajor | integer | Major version of remote (if known) | no | +| versionMinor | integer | Minor version of remote (if known) | no | +| versionRev | integer | Software revision of remote (if known) | no | +| version | string | major.minor.revision | no | +| latency | integer | Latency in milliseconds if known | no | +| role | string | LEAF, UPSTREAM, or ROOT | no | +| paths | [object] | Currently active physical paths (see below) | no | + +Path objects: + +| Field | Type | Description | Writable | +| --------------------- | ------------- | ------------------------------------------------- | -------- | +| address | string | Physical socket address e.g. IP/port | no | +| lastSend | integer | Time of last send through this path | no | +| lastReceive | integer | Time of last receive through this path | no | +| active | boolean | Is this path in use? | no | +| expired | boolean | Is this path expired? | no | +| preferred | boolean | Is this a current preferred path? | no | +| trustedPathId | integer | If nonzero this is a trusted path (unencrypted) | no | diff --git a/service/SoftwareUpdater.cpp b/service/SoftwareUpdater.cpp new file mode 100644 index 00000000..c1d77f98 --- /dev/null +++ b/service/SoftwareUpdater.cpp @@ -0,0 +1,432 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <stdint.h> + +#include "../node/Constants.hpp" +#include "../version.h" + +#ifdef __WINDOWS__ +#include <WinSock2.h> +#include <Windows.h> +#include <ShlObj.h> +#include <netioapi.h> +#include <iphlpapi.h> +#else +#include <sys/types.h> +#include <sys/socket.h> +#include <sys/wait.h> +#include <unistd.h> +#include <ifaddrs.h> +#endif + +#include "SoftwareUpdater.hpp" + +#include "../node/Utils.hpp" +#include "../node/SHA512.hpp" +#include "../node/Buffer.hpp" +#include "../node/Node.hpp" + +#include "../osdep/OSUtils.hpp" + +#ifndef ZT_BUILD_ARCHITECTURE +#define ZT_BUILD_ARCHITECTURE 0 +#endif +#ifndef ZT_BUILD_PLATFORM +#define ZT_BUILD_PLATFORM 0 +#endif + +namespace ZeroTier { + +SoftwareUpdater::SoftwareUpdater(Node &node,const std::string &homePath) : + _node(node), + _lastCheckTime(0), + _homePath(homePath), + _channel(ZT_SOFTWARE_UPDATE_DEFAULT_CHANNEL), + _distLog((FILE *)0), + _latestValid(false), + _downloadLength(0) +{ + // Check for a cached newer update. If there's a cached update that is not newer or looks bad, delete. + try { + std::string buf; + if (OSUtils::readFile((_homePath + ZT_PATH_SEPARATOR_S ZT_SOFTWARE_UPDATE_META_FILENAME).c_str(),buf)) { + nlohmann::json meta = OSUtils::jsonParse(buf); + buf = std::string(); + const unsigned int rvMaj = (unsigned int)OSUtils::jsonInt(meta[ZT_SOFTWARE_UPDATE_JSON_VERSION_MAJOR],0); + const unsigned int rvMin = (unsigned int)OSUtils::jsonInt(meta[ZT_SOFTWARE_UPDATE_JSON_VERSION_MINOR],0); + const unsigned int rvRev = (unsigned int)OSUtils::jsonInt(meta[ZT_SOFTWARE_UPDATE_JSON_VERSION_REVISION],0); + const unsigned int rvBld = (unsigned int)OSUtils::jsonInt(meta[ZT_SOFTWARE_UPDATE_JSON_VERSION_BUILD],0); + if ((Utils::compareVersion(rvMaj,rvMin,rvRev,rvBld,ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION,ZEROTIER_ONE_VERSION_BUILD) > 0)&& + (OSUtils::readFile((_homePath + ZT_PATH_SEPARATOR_S ZT_SOFTWARE_UPDATE_BIN_FILENAME).c_str(),buf))) { + if ((uint64_t)buf.length() == OSUtils::jsonInt(meta[ZT_SOFTWARE_UPDATE_JSON_UPDATE_SIZE],0)) { + _latestMeta = meta; + _latestValid = true; + //printf("CACHED UPDATE IS NEWER AND LOOKS GOOD\n"); + } + } + } + } catch ( ... ) {} // exceptions indicate invalid cached update + if (!_latestValid) { + OSUtils::rm((_homePath + ZT_PATH_SEPARATOR_S ZT_SOFTWARE_UPDATE_META_FILENAME).c_str()); + OSUtils::rm((_homePath + ZT_PATH_SEPARATOR_S ZT_SOFTWARE_UPDATE_BIN_FILENAME).c_str()); + } +} + +SoftwareUpdater::~SoftwareUpdater() +{ + if (_distLog) + fclose(_distLog); +} + +void SoftwareUpdater::setUpdateDistribution(bool distribute) +{ + _dist.clear(); + if (distribute) { + _distLog = fopen((_homePath + ZT_PATH_SEPARATOR_S "update-dist.log").c_str(),"a"); + + const std::string udd(_homePath + ZT_PATH_SEPARATOR_S "update-dist.d"); + const std::vector<std::string> ud(OSUtils::listDirectory(udd.c_str())); + for(std::vector<std::string>::const_iterator u(ud.begin());u!=ud.end();++u) { + // Each update has a companion .json file describing it. Other files are ignored. + if ((u->length() > 5)&&(u->substr(u->length() - 5,5) == ".json")) { + + std::string buf; + if (OSUtils::readFile((udd + ZT_PATH_SEPARATOR_S + *u).c_str(),buf)) { + try { + _D d; + d.meta = OSUtils::jsonParse(buf); // throws on invalid JSON + + // If update meta is called e.g. foo.exe.json, then foo.exe is the update itself + const std::string binPath(udd + ZT_PATH_SEPARATOR_S + u->substr(0,u->length() - 5)); + const std::string metaHash(OSUtils::jsonBinFromHex(d.meta[ZT_SOFTWARE_UPDATE_JSON_UPDATE_HASH])); + if ((metaHash.length() == ZT_SHA512_DIGEST_LEN)&&(OSUtils::readFile(binPath.c_str(),d.bin))) { + uint8_t sha512[ZT_SHA512_DIGEST_LEN]; + SHA512::hash(sha512,d.bin.data(),(unsigned int)d.bin.length()); + if (!memcmp(sha512,metaHash.data(),ZT_SHA512_DIGEST_LEN)) { // double check that hash in JSON is correct + d.meta[ZT_SOFTWARE_UPDATE_JSON_UPDATE_SIZE] = d.bin.length(); // override with correct value -- setting this in meta json is optional + _dist[Array<uint8_t,16>(sha512)] = d; + if (_distLog) { + fprintf(_distLog,".......... INIT: DISTRIBUTING %s (%u bytes)" ZT_EOL_S,binPath.c_str(),(unsigned int)d.bin.length()); + fflush(_distLog); + } + } + } + } catch ( ... ) {} // ignore bad meta JSON, etc. + } + + } + } + } else { + if (_distLog) { + fclose(_distLog); + _distLog = (FILE *)0; + } + } +} + +void SoftwareUpdater::handleSoftwareUpdateUserMessage(uint64_t origin,const void *data,unsigned int len) +{ + if (!len) return; + const MessageVerb v = (MessageVerb)reinterpret_cast<const uint8_t *>(data)[0]; + try { + switch(v) { + + case VERB_GET_LATEST: + case VERB_LATEST: { + nlohmann::json req = OSUtils::jsonParse(std::string(reinterpret_cast<const char *>(data) + 1,len - 1)); // throws on invalid JSON + if (req.is_object()) { + const unsigned int rvMaj = (unsigned int)OSUtils::jsonInt(req[ZT_SOFTWARE_UPDATE_JSON_VERSION_MAJOR],0); + const unsigned int rvMin = (unsigned int)OSUtils::jsonInt(req[ZT_SOFTWARE_UPDATE_JSON_VERSION_MINOR],0); + const unsigned int rvRev = (unsigned int)OSUtils::jsonInt(req[ZT_SOFTWARE_UPDATE_JSON_VERSION_REVISION],0); + const unsigned int rvBld = (unsigned int)OSUtils::jsonInt(req[ZT_SOFTWARE_UPDATE_JSON_VERSION_BUILD],0); + const unsigned int rvPlatform = (unsigned int)OSUtils::jsonInt(req[ZT_SOFTWARE_UPDATE_JSON_PLATFORM],0); + const unsigned int rvArch = (unsigned int)OSUtils::jsonInt(req[ZT_SOFTWARE_UPDATE_JSON_ARCHITECTURE],0); + const unsigned int rvVendor = (unsigned int)OSUtils::jsonInt(req[ZT_SOFTWARE_UPDATE_JSON_VENDOR],0); + const std::string rvChannel(OSUtils::jsonString(req[ZT_SOFTWARE_UPDATE_JSON_CHANNEL],"")); + + if (v == VERB_GET_LATEST) { + + if (_dist.size() > 0) { + const nlohmann::json *latest = (const nlohmann::json *)0; + const std::string expectedSigner = OSUtils::jsonString(req[ZT_SOFTWARE_UPDATE_JSON_EXPECT_SIGNED_BY],""); + unsigned int bestVMaj = rvMaj; + unsigned int bestVMin = rvMin; + unsigned int bestVRev = rvRev; + unsigned int bestVBld = rvBld; + for(std::map< Array<uint8_t,16>,_D >::const_iterator d(_dist.begin());d!=_dist.end();++d) { + if ((OSUtils::jsonInt(d->second.meta[ZT_SOFTWARE_UPDATE_JSON_PLATFORM],0) == rvPlatform)&& + (OSUtils::jsonInt(d->second.meta[ZT_SOFTWARE_UPDATE_JSON_ARCHITECTURE],0) == rvArch)&& + (OSUtils::jsonInt(d->second.meta[ZT_SOFTWARE_UPDATE_JSON_VENDOR],0) == rvVendor)&& + (OSUtils::jsonString(d->second.meta[ZT_SOFTWARE_UPDATE_JSON_CHANNEL],"") == rvChannel)&& + (OSUtils::jsonString(d->second.meta[ZT_SOFTWARE_UPDATE_JSON_UPDATE_SIGNED_BY],"") == expectedSigner)) { + const unsigned int dvMaj = (unsigned int)OSUtils::jsonInt(d->second.meta[ZT_SOFTWARE_UPDATE_JSON_VERSION_MAJOR],0); + const unsigned int dvMin = (unsigned int)OSUtils::jsonInt(d->second.meta[ZT_SOFTWARE_UPDATE_JSON_VERSION_MINOR],0); + const unsigned int dvRev = (unsigned int)OSUtils::jsonInt(d->second.meta[ZT_SOFTWARE_UPDATE_JSON_VERSION_REVISION],0); + const unsigned int dvBld = (unsigned int)OSUtils::jsonInt(d->second.meta[ZT_SOFTWARE_UPDATE_JSON_VERSION_BUILD],0); + if (Utils::compareVersion(dvMaj,dvMin,dvRev,dvBld,bestVMaj,bestVMin,bestVRev,bestVBld) > 0) { + latest = &(d->second.meta); + bestVMaj = dvMaj; + bestVMin = dvMin; + bestVRev = dvRev; + bestVBld = dvBld; + } + } + } + if (latest) { + std::string lj; + lj.push_back((char)VERB_LATEST); + lj.append(OSUtils::jsonDump(*latest)); + _node.sendUserMessage(origin,ZT_SOFTWARE_UPDATE_USER_MESSAGE_TYPE,lj.data(),(unsigned int)lj.length()); + if (_distLog) { + fprintf(_distLog,"%.10llx GET_LATEST %u.%u.%u_%u platform %u arch %u vendor %u channel %s -> LATEST %u.%u.%u_%u" ZT_EOL_S,(unsigned long long)origin,rvMaj,rvMin,rvRev,rvBld,rvPlatform,rvArch,rvVendor,rvChannel.c_str(),bestVMaj,bestVMin,bestVRev,bestVBld); + fflush(_distLog); + } + } + } // else no reply, since we have nothing to distribute + + } else { // VERB_LATEST + + if ((origin == ZT_SOFTWARE_UPDATE_SERVICE)&& + (Utils::compareVersion(rvMaj,rvMin,rvRev,rvBld,ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION,ZEROTIER_ONE_VERSION_BUILD) > 0)&& + (OSUtils::jsonString(req[ZT_SOFTWARE_UPDATE_JSON_UPDATE_SIGNED_BY],"") == ZT_SOFTWARE_UPDATE_SIGNING_AUTHORITY)) { + const unsigned long len = (unsigned long)OSUtils::jsonInt(req[ZT_SOFTWARE_UPDATE_JSON_UPDATE_SIZE],0); + const std::string hash = OSUtils::jsonBinFromHex(req[ZT_SOFTWARE_UPDATE_JSON_UPDATE_HASH]); + if ((len <= ZT_SOFTWARE_UPDATE_MAX_SIZE)&&(hash.length() >= 16)) { + if (_latestMeta != req) { + _latestMeta = req; + _latestValid = false; + + OSUtils::rm((_homePath + ZT_PATH_SEPARATOR_S ZT_SOFTWARE_UPDATE_META_FILENAME).c_str()); + OSUtils::rm((_homePath + ZT_PATH_SEPARATOR_S ZT_SOFTWARE_UPDATE_BIN_FILENAME).c_str()); + + _download = std::string(); + memcpy(_downloadHashPrefix.data,hash.data(),16); + _downloadLength = len; + } + + if ((_downloadLength > 0)&&(_download.length() < _downloadLength)) { + Buffer<128> gd; + gd.append((uint8_t)VERB_GET_DATA); + gd.append(_downloadHashPrefix.data,16); + gd.append((uint32_t)_download.length()); + _node.sendUserMessage(ZT_SOFTWARE_UPDATE_SERVICE,ZT_SOFTWARE_UPDATE_USER_MESSAGE_TYPE,gd.data(),gd.size()); + //printf(">> GET_DATA @%u\n",(unsigned int)_download.length()); + } + } + } + } + + } + } break; + + case VERB_GET_DATA: + if ((len >= 21)&&(_dist.size() > 0)) { + unsigned long idx = (unsigned long)*(reinterpret_cast<const uint8_t *>(data) + 17) << 24; + idx |= (unsigned long)*(reinterpret_cast<const uint8_t *>(data) + 18) << 16; + idx |= (unsigned long)*(reinterpret_cast<const uint8_t *>(data) + 19) << 8; + idx |= (unsigned long)*(reinterpret_cast<const uint8_t *>(data) + 20); + //printf("<< GET_DATA @%u from %.10llx for %s\n",(unsigned int)idx,origin,Utils::hex(reinterpret_cast<const uint8_t *>(data) + 1,16).c_str()); + std::map< Array<uint8_t,16>,_D >::iterator d(_dist.find(Array<uint8_t,16>(reinterpret_cast<const uint8_t *>(data) + 1))); + if ((d != _dist.end())&&(idx < (unsigned long)d->second.bin.length())) { + Buffer<ZT_SOFTWARE_UPDATE_CHUNK_SIZE + 128> buf; + buf.append((uint8_t)VERB_DATA); + buf.append(reinterpret_cast<const uint8_t *>(data) + 1,16); + buf.append((uint32_t)idx); + buf.append(d->second.bin.data() + idx,std::min((unsigned long)ZT_SOFTWARE_UPDATE_CHUNK_SIZE,(unsigned long)(d->second.bin.length() - idx))); + _node.sendUserMessage(origin,ZT_SOFTWARE_UPDATE_USER_MESSAGE_TYPE,buf.data(),buf.size()); + //printf(">> DATA @%u\n",(unsigned int)idx); + } + } + break; + + case VERB_DATA: + if ((len >= 21)&&(_downloadLength > 0)&&(!memcmp(_downloadHashPrefix.data,reinterpret_cast<const uint8_t *>(data) + 1,16))) { + unsigned long idx = (unsigned long)*(reinterpret_cast<const uint8_t *>(data) + 17) << 24; + idx |= (unsigned long)*(reinterpret_cast<const uint8_t *>(data) + 18) << 16; + idx |= (unsigned long)*(reinterpret_cast<const uint8_t *>(data) + 19) << 8; + idx |= (unsigned long)*(reinterpret_cast<const uint8_t *>(data) + 20); + //printf("<< DATA @%u / %u bytes (we now have %u bytes)\n",(unsigned int)idx,(unsigned int)(len - 21),(unsigned int)_download.length()); + if (idx == (unsigned long)_download.length()) { + _download.append(reinterpret_cast<const char *>(data) + 21,len - 21); + if (_download.length() < _downloadLength) { + Buffer<128> gd; + gd.append((uint8_t)VERB_GET_DATA); + gd.append(_downloadHashPrefix.data,16); + gd.append((uint32_t)_download.length()); + _node.sendUserMessage(ZT_SOFTWARE_UPDATE_SERVICE,ZT_SOFTWARE_UPDATE_USER_MESSAGE_TYPE,gd.data(),gd.size()); + //printf(">> GET_DATA @%u\n",(unsigned int)_download.length()); + } + } + } + break; + + default: + if (_distLog) { + fprintf(_distLog,"%.10llx WARNING: bad update message verb==%u length==%u (unrecognized verb)" ZT_EOL_S,origin,(unsigned int)v,len); + fflush(_distLog); + } + break; + } + } catch ( ... ) { + if (_distLog) { + fprintf(_distLog,"%.10llx WARNING: bad update message verb==%u length==%u (unexpected exception, likely invalid JSON)" ZT_EOL_S,origin,(unsigned int)v,len); + fflush(_distLog); + } + } +} + +bool SoftwareUpdater::check(const uint64_t now) +{ + if ((now - _lastCheckTime) >= ZT_SOFTWARE_UPDATE_CHECK_PERIOD) { + _lastCheckTime = now; + char tmp[512]; + const unsigned int len = Utils::snprintf(tmp,sizeof(tmp), + "%c{\"" ZT_SOFTWARE_UPDATE_JSON_VERSION_MAJOR "\":%d," + "\"" ZT_SOFTWARE_UPDATE_JSON_VERSION_MINOR "\":%d," + "\"" ZT_SOFTWARE_UPDATE_JSON_VERSION_REVISION "\":%d," + "\"" ZT_SOFTWARE_UPDATE_JSON_VERSION_BUILD "\":%d," + "\"" ZT_SOFTWARE_UPDATE_JSON_EXPECT_SIGNED_BY "\":\"%s\"," + "\"" ZT_SOFTWARE_UPDATE_JSON_PLATFORM "\":%d," + "\"" ZT_SOFTWARE_UPDATE_JSON_ARCHITECTURE "\":%d," + "\"" ZT_SOFTWARE_UPDATE_JSON_VENDOR "\":%d," + "\"" ZT_SOFTWARE_UPDATE_JSON_CHANNEL "\":\"%s\"}", + (char)VERB_GET_LATEST, + ZEROTIER_ONE_VERSION_MAJOR, + ZEROTIER_ONE_VERSION_MINOR, + ZEROTIER_ONE_VERSION_REVISION, + ZEROTIER_ONE_VERSION_BUILD, + ZT_SOFTWARE_UPDATE_SIGNING_AUTHORITY, + ZT_BUILD_PLATFORM, + ZT_BUILD_ARCHITECTURE, + (int)ZT_VENDOR_ZEROTIER, + _channel.c_str()); + _node.sendUserMessage(ZT_SOFTWARE_UPDATE_SERVICE,ZT_SOFTWARE_UPDATE_USER_MESSAGE_TYPE,tmp,len); + //printf(">> GET_LATEST\n"); + } + + if (_latestValid) + return true; + + if (_downloadLength > 0) { + if (_download.length() >= _downloadLength) { + // This is the very important security validation part that makes sure + // this software update doesn't have cooties. + + const std::string metaPath(_homePath + ZT_PATH_SEPARATOR_S ZT_SOFTWARE_UPDATE_META_FILENAME); + const std::string binPath(_homePath + ZT_PATH_SEPARATOR_S ZT_SOFTWARE_UPDATE_BIN_FILENAME); + + try { + // (1) Check the hash itself to make sure the image is basically okay + uint8_t sha512[ZT_SHA512_DIGEST_LEN]; + SHA512::hash(sha512,_download.data(),(unsigned int)_download.length()); + if (Utils::hex(sha512,ZT_SHA512_DIGEST_LEN) == OSUtils::jsonString(_latestMeta[ZT_SOFTWARE_UPDATE_JSON_UPDATE_HASH],"")) { + // (2) Check signature by signing authority + const std::string sig(OSUtils::jsonBinFromHex(_latestMeta[ZT_SOFTWARE_UPDATE_JSON_UPDATE_SIGNATURE])); + if (Identity(ZT_SOFTWARE_UPDATE_SIGNING_AUTHORITY).verify(_download.data(),(unsigned int)_download.length(),sig.data(),(unsigned int)sig.length())) { + // (3) Try to save file, and if so we are good. + if (OSUtils::writeFile(metaPath.c_str(),OSUtils::jsonDump(_latestMeta)) && OSUtils::writeFile(binPath.c_str(),_download)) { + OSUtils::lockDownFile(metaPath.c_str(),false); + OSUtils::lockDownFile(binPath.c_str(),false); + _latestValid = true; + //printf("VALID UPDATE\n%s\n",OSUtils::jsonDump(_latestMeta).c_str()); + _download = std::string(); + _downloadLength = 0; + return true; + } + } + } + } catch ( ... ) {} // any exception equals verification failure + + // If we get here, checks failed. + //printf("INVALID UPDATE (!!!)\n%s\n",OSUtils::jsonDump(_latestMeta).c_str()); + OSUtils::rm(metaPath.c_str()); + OSUtils::rm(binPath.c_str()); + _latestMeta = nlohmann::json(); + _latestValid = false; + _download = std::string(); + _downloadLength = 0; + } else { + Buffer<128> gd; + gd.append((uint8_t)VERB_GET_DATA); + gd.append(_downloadHashPrefix.data,16); + gd.append((uint32_t)_download.length()); + _node.sendUserMessage(ZT_SOFTWARE_UPDATE_SERVICE,ZT_SOFTWARE_UPDATE_USER_MESSAGE_TYPE,gd.data(),gd.size()); + //printf(">> GET_DATA @%u\n",(unsigned int)_download.length()); + } + } + + return false; +} + +void SoftwareUpdater::apply() +{ + std::string updatePath(_homePath + ZT_PATH_SEPARATOR_S ZT_SOFTWARE_UPDATE_BIN_FILENAME); + if ((_latestMeta.is_object())&&(_latestValid)&&(OSUtils::fileExists(updatePath.c_str(),false))) { +#ifdef __WINDOWS__ + std::string cmdArgs(OSUtils::jsonString(_latestMeta[ZT_SOFTWARE_UPDATE_JSON_UPDATE_EXEC_ARGS],"")); + if (cmdArgs.length() > 0) { + updatePath.push_back(' '); + updatePath.append(cmdArgs); + } + STARTUPINFOA si; + PROCESS_INFORMATION pi; + memset(&si,0,sizeof(si)); + memset(&pi,0,sizeof(pi)); + CreateProcessA(NULL,const_cast<LPSTR>(updatePath.c_str()),NULL,NULL,FALSE,CREATE_NO_WINDOW|CREATE_NEW_PROCESS_GROUP,NULL,NULL,&si,&pi); + // Windows doesn't exit here -- updater will stop the service during update, etc. -- but we do want to stop multiple runs from happening + _latestMeta = nlohmann::json(); + _latestValid = false; +#else + char *argv[256]; + unsigned long ac = 0; + argv[ac++] = const_cast<char *>(updatePath.c_str()); + const std::vector<std::string> argsSplit(OSUtils::split(OSUtils::jsonString(_latestMeta[ZT_SOFTWARE_UPDATE_JSON_UPDATE_EXEC_ARGS],"").c_str()," ","\\","\"")); + for(std::vector<std::string>::const_iterator a(argsSplit.begin());a!=argsSplit.end();++a) { + argv[ac] = const_cast<char *>(a->c_str()); + if (++ac == 255) break; + } + argv[ac] = (char *)0; + chmod(updatePath.c_str(),0700); + + // Close all open file descriptors except stdout/stderr/etc. + int minMyFd = STDIN_FILENO; + if (STDOUT_FILENO > minMyFd) minMyFd = STDOUT_FILENO; + if (STDERR_FILENO > minMyFd) minMyFd = STDERR_FILENO; + ++minMyFd; +#ifdef _SC_OPEN_MAX + int maxMyFd = (int)sysconf(_SC_OPEN_MAX); + if (maxMyFd <= minMyFd) + maxMyFd = 65536; +#else + int maxMyFd = 65536; +#endif + while (minMyFd < maxMyFd) + close(minMyFd++); + + execv(updatePath.c_str(),argv); + fprintf(stderr,"FATAL: unable to execute software update binary at %s\n",updatePath.c_str()); + exit(1); +#endif + } +} + +} // namespace ZeroTier diff --git a/service/SoftwareUpdater.hpp b/service/SoftwareUpdater.hpp new file mode 100644 index 00000000..dc9d4a66 --- /dev/null +++ b/service/SoftwareUpdater.hpp @@ -0,0 +1,215 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef ZT_SOFTWAREUPDATER_HPP +#define ZT_SOFTWAREUPDATER_HPP + +#include <stdint.h> +#include <stdio.h> + +#include <vector> +#include <map> +#include <string> + +#include "../include/ZeroTierOne.h" + +#include "../node/Identity.hpp" +#include "../node/Array.hpp" +#include "../node/Packet.hpp" + +#include "../ext/json/json.hpp" + +/** + * VERB_USER_MESSAGE type ID for software update messages + */ +#define ZT_SOFTWARE_UPDATE_USER_MESSAGE_TYPE 100 + +/** + * ZeroTier address of node that provides software updates + */ +#define ZT_SOFTWARE_UPDATE_SERVICE 0xb1d366e81fULL + +/** + * ZeroTier identity that must be used to sign software updates + * + * df24360f3e - update-signing-key-0010 generated Fri Jan 13th, 2017 at 4:05pm PST + */ +#define ZT_SOFTWARE_UPDATE_SIGNING_AUTHORITY "df24360f3e:0:06072642959c8dfb68312904d74d90197c8a7692697caa1b3fd769eca714f4370fab462fcee6ebcb5fffb63bc5af81f28a2514b2cd68daabb42f7352c06f21db" + +/** + * Chunk size for in-band downloads (can be changed, designed to always fit in one UDP packet easily) + */ +#define ZT_SOFTWARE_UPDATE_CHUNK_SIZE (ZT_PROTO_MAX_PACKET_LENGTH - 128) + +/** + * Sanity limit for the size of an update binary image + */ +#define ZT_SOFTWARE_UPDATE_MAX_SIZE (1024 * 1024 * 256) + +/** + * How often (ms) do we check? + */ +//#define ZT_SOFTWARE_UPDATE_CHECK_PERIOD (60 * 60 * 1000) +#define ZT_SOFTWARE_UPDATE_CHECK_PERIOD 5000 + +/** + * Default update channel + */ +#define ZT_SOFTWARE_UPDATE_DEFAULT_CHANNEL "release" + +/** + * Filename for latest update's meta JSON + */ +#define ZT_SOFTWARE_UPDATE_META_FILENAME "latest-update.json" + +/** + * Filename for latest update's binary image + */ +#define ZT_SOFTWARE_UPDATE_BIN_FILENAME "latest-update.exe" + +#define ZT_SOFTWARE_UPDATE_JSON_VERSION_MAJOR "vMajor" +#define ZT_SOFTWARE_UPDATE_JSON_VERSION_MINOR "vMinor" +#define ZT_SOFTWARE_UPDATE_JSON_VERSION_REVISION "vRev" +#define ZT_SOFTWARE_UPDATE_JSON_VERSION_BUILD "vBuild" +#define ZT_SOFTWARE_UPDATE_JSON_PLATFORM "platform" +#define ZT_SOFTWARE_UPDATE_JSON_ARCHITECTURE "arch" +#define ZT_SOFTWARE_UPDATE_JSON_VENDOR "vendor" +#define ZT_SOFTWARE_UPDATE_JSON_CHANNEL "channel" +#define ZT_SOFTWARE_UPDATE_JSON_EXPECT_SIGNED_BY "expectedSigner" +#define ZT_SOFTWARE_UPDATE_JSON_UPDATE_SIGNED_BY "signer" +#define ZT_SOFTWARE_UPDATE_JSON_UPDATE_SIGNATURE "signature" +#define ZT_SOFTWARE_UPDATE_JSON_UPDATE_HASH "hash" +#define ZT_SOFTWARE_UPDATE_JSON_UPDATE_SIZE "size" +#define ZT_SOFTWARE_UPDATE_JSON_UPDATE_EXEC_ARGS "execArgs" +#define ZT_SOFTWARE_UPDATE_JSON_UPDATE_URL "url" + +namespace ZeroTier { + +class Node; + +/** + * This class handles retrieving and executing updates, or serving them + */ +class SoftwareUpdater +{ +public: + /** + * Each message begins with an 8-bit message verb + */ + enum MessageVerb + { + /** + * Payload: JSON containing current system platform, version, etc. + */ + VERB_GET_LATEST = 1, + + /** + * Payload: JSON describing latest update for this target. (No response is sent if there is none.) + */ + VERB_LATEST = 2, + + /** + * Payload: + * <[16] first 128 bits of hash of data object> + * <[4] 32-bit index of chunk to get> + */ + VERB_GET_DATA = 3, + + /** + * Payload: + * <[16] first 128 bits of hash of data object> + * <[4] 32-bit index of chunk> + * <[...] chunk data> + */ + VERB_DATA = 4 + }; + + SoftwareUpdater(Node &node,const std::string &homePath); + ~SoftwareUpdater(); + + /** + * Set whether or not we will distribute updates + * + * @param distribute If true, scan update-dist.d now and distribute updates found there -- if false, clear and stop distributing + */ + void setUpdateDistribution(bool distribute); + + /** + * Handle a software update user message + * + * @param origin ZeroTier address of message origin + * @param data Message payload + * @param len Length of message + */ + void handleSoftwareUpdateUserMessage(uint64_t origin,const void *data,unsigned int len); + + /** + * Check for updates and do other update-related housekeeping + * + * It should be called about every 10 seconds. + * + * @return True if we've downloaded and verified an update + */ + bool check(const uint64_t now); + + /** + * @return Meta-data for downloaded update or NULL if none + */ + inline const nlohmann::json &pending() const { return _latestMeta; } + + /** + * Apply any ready update now + * + * Depending on the platform this function may never return and may forcibly + * exit the process. It does nothing if no update is ready. + */ + void apply(); + + /** + * Set software update channel + * + * @param channel 'release', 'beta', etc. + */ + inline void setChannel(const std::string &channel) { _channel = channel; } + +private: + Node &_node; + uint64_t _lastCheckTime; + std::string _homePath; + std::string _channel; + FILE *_distLog; + + // Offered software updates if we are an update host (we have update-dist.d and update hosting is enabled) + struct _D + { + nlohmann::json meta; + std::string bin; + }; + std::map< Array<uint8_t,16>,_D > _dist; // key is first 16 bytes of hash + + nlohmann::json _latestMeta; + bool _latestValid; + + std::string _download; + Array<uint8_t,16> _downloadHashPrefix; + unsigned long _downloadLength; +}; + +} // namespace ZeroTier + +#endif diff --git a/tcp-proxy/tcp-proxy.cpp b/tcp-proxy/tcp-proxy.cpp index 2fe500d1..a7906aae 100644 --- a/tcp-proxy/tcp-proxy.cpp +++ b/tcp-proxy/tcp-proxy.cpp @@ -120,7 +120,7 @@ struct TcpProxyService return (PhySocket *)0; } - void phyOnDatagram(PhySocket *sock,void **uptr,const struct sockaddr *from,void *data,unsigned long len) + void phyOnDatagram(PhySocket *sock,void **uptr,const struct sockaddr *localAddr,const struct sockaddr *from,void *data,unsigned long len) { if (!*uptr) return; @@ -134,7 +134,7 @@ struct TcpProxyService if ((c.tcpWritePtr + 5 + mlen) <= sizeof(c.tcpWriteBuf)) { if (!c.tcpWritePtr) - phy->tcpSetNotifyWritable(c.tcp,true); + phy->setNotifyWritable(c.tcp,true); c.tcpWriteBuf[c.tcpWritePtr++] = 0x17; // look like TLS data c.tcpWriteBuf[c.tcpWritePtr++] = 0x03; // look like TLS 1.2 @@ -257,13 +257,13 @@ struct TcpProxyService { Client &c = *((Client *)*uptr); if (c.tcpWritePtr) { - long n = phy->tcpSend(sock,c.tcpWriteBuf,c.tcpWritePtr); + long n = phy->streamSend(sock,c.tcpWriteBuf,c.tcpWritePtr); if (n > 0) { memmove(c.tcpWriteBuf,c.tcpWriteBuf + n,c.tcpWritePtr -= (unsigned long)n); if (!c.tcpWritePtr) - phy->tcpSetNotifyWritable(sock,false); + phy->setNotifyWritable(sock,false); } - } else phy->tcpSetNotifyWritable(sock,false); + } else phy->setNotifyWritable(sock,false); } void doHousekeeping() @@ -32,6 +32,15 @@ /** * Revision */ -#define ZEROTIER_ONE_VERSION_REVISION 15 +#define ZEROTIER_ONE_VERSION_REVISION 19 + +/** + * Build version + * + * This starts at 0 for each major.minor.rev tuple and can be incremented + * to force a minor update without an actual version number change. It's + * not part of the actual release version number. + */ +#define ZEROTIER_ONE_VERSION_BUILD 0 #endif diff --git a/windows/TapDriver6/TapDriver6.vcxproj b/windows/TapDriver6/TapDriver6.vcxproj index b1f9ae18..cf6b1500 100644 --- a/windows/TapDriver6/TapDriver6.vcxproj +++ b/windows/TapDriver6/TapDriver6.vcxproj @@ -63,7 +63,6 @@ <VCTargetsPath Condition="'$(VCTargetsPath11)' != '' and '$(VisualStudioVersion)' == '11.0'">$(VCTargetsPath11)</VCTargetsPath> </PropertyGroup> <PropertyGroup Label="PropertySheets"> - <PlatformToolset>WindowsKernelModeDriver8.0</PlatformToolset> <ConfigurationType>Driver</ConfigurationType> <DriverType>KMDF</DriverType> </PropertyGroup> @@ -71,54 +70,66 @@ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Win8 Debug|Win32'" Label="Configuration"> <TargetVersion>Windows8</TargetVersion> <UseDebugLibraries>true</UseDebugLibraries> + <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset> </PropertyGroup> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Win8 Release|Win32'" Label="Configuration"> <TargetVersion>Windows8</TargetVersion> <UseDebugLibraries>false</UseDebugLibraries> + <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset> </PropertyGroup> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|Win32'" Label="Configuration"> <TargetVersion>Windows7</TargetVersion> <UseDebugLibraries>true</UseDebugLibraries> + <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset> </PropertyGroup> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Win7 Release|Win32'" Label="Configuration"> <TargetVersion>Windows7</TargetVersion> <UseDebugLibraries>false</UseDebugLibraries> + <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset> </PropertyGroup> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Vista Debug|Win32'" Label="Configuration"> <TargetVersion>Vista</TargetVersion> <UseDebugLibraries>true</UseDebugLibraries> + <PlatformToolset>WindowsKernelModeDriver8.0</PlatformToolset> </PropertyGroup> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Vista Release|Win32'" Label="Configuration"> <TargetVersion>Vista</TargetVersion> <UseDebugLibraries>false</UseDebugLibraries> <KMDF_VERSION_MAJOR>1</KMDF_VERSION_MAJOR> <KMDF_VERSION_MINOR>7</KMDF_VERSION_MINOR> + <PlatformToolset>WindowsKernelModeDriver8.0</PlatformToolset> </PropertyGroup> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Win8 Debug|x64'" Label="Configuration"> <TargetVersion>Windows8</TargetVersion> <UseDebugLibraries>true</UseDebugLibraries> + <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset> </PropertyGroup> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Win8 Release|x64'" Label="Configuration"> <TargetVersion>Windows8</TargetVersion> <UseDebugLibraries>false</UseDebugLibraries> + <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset> </PropertyGroup> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|x64'" Label="Configuration"> <TargetVersion>Windows7</TargetVersion> <UseDebugLibraries>true</UseDebugLibraries> + <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset> </PropertyGroup> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Win7 Release|x64'" Label="Configuration"> <TargetVersion>Windows7</TargetVersion> <UseDebugLibraries>false</UseDebugLibraries> + <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset> </PropertyGroup> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Vista Debug|x64'" Label="Configuration"> <TargetVersion>Vista</TargetVersion> <UseDebugLibraries>true</UseDebugLibraries> + <PlatformToolset>WindowsKernelModeDriver8.0</PlatformToolset> </PropertyGroup> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Vista Release|x64'" Label="Configuration"> <TargetVersion>Vista</TargetVersion> <UseDebugLibraries>false</UseDebugLibraries> <KMDF_VERSION_MAJOR>1</KMDF_VERSION_MAJOR> <KMDF_VERSION_MINOR>7</KMDF_VERSION_MINOR> + <PlatformToolset>WindowsKernelModeDriver8.0</PlatformToolset> </PropertyGroup> <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" /> <ImportGroup Label="ExtensionSettings"> @@ -218,10 +229,10 @@ <AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Vista Release|x64'">C:\WinDDK\7600.16385.1\lib\win7\amd64\ndis.lib;C:\WinDDK\7600.16385.1\lib\win7\amd64\ntstrsafe.lib;C:\WinDDK\7600.16385.1\lib\win7\amd64\wdmsec.lib;%(AdditionalDependencies)</AdditionalDependencies> </Link> <Link> - <AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|x64'">C:\WinDDK\7600.16385.1\lib\win7\amd64\ndis.lib;C:\WinDDK\7600.16385.1\lib\win7\amd64\ntstrsafe.lib;C:\WinDDK\7600.16385.1\lib\win7\amd64\wdmsec.lib;%(AdditionalDependencies)</AdditionalDependencies> + <AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|x64'">$(DDK_LIB_PATH)ndis.lib;$(DDK_LIB_PATH)ntstrsafe.lib;$(DDK_LIB_PATH)wdmsec.lib;%(AdditionalDependencies)</AdditionalDependencies> </Link> <Link> - <AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Win7 Release|x64'">C:\WinDDK\7600.16385.1\lib\win7\amd64\ndis.lib;C:\WinDDK\7600.16385.1\lib\win7\amd64\ntstrsafe.lib;C:\WinDDK\7600.16385.1\lib\win7\amd64\wdmsec.lib;%(AdditionalDependencies)</AdditionalDependencies> + <AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Win7 Release|x64'">$(DDK_LIB_PATH)ndis.lib;$(DDK_LIB_PATH)ntstrsafe.lib;$(DDK_LIB_PATH)wdmsec.lib;%(AdditionalDependencies)</AdditionalDependencies> </Link> <Link> <AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Win8 Release|x64'">C:\WinDDK\7600.16385.1\lib\win7\amd64\ndis.lib;C:\WinDDK\7600.16385.1\lib\win7\amd64\ntstrsafe.lib;C:\WinDDK\7600.16385.1\lib\win7\amd64\wdmsec.lib;%(AdditionalDependencies)</AdditionalDependencies> @@ -236,10 +247,10 @@ <AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Vista Release|Win32'">C:\WinDDK\7600.16385.1\lib\win7\i386\ndis.lib;C:\WinDDK\7600.16385.1\lib\win7\i386\ntstrsafe.lib;C:\WinDDK\7600.16385.1\lib\win7\i386\wdmsec.lib;%(AdditionalDependencies)</AdditionalDependencies> </Link> <Link> - <AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|Win32'">C:\WinDDK\7600.16385.1\lib\win7\i386\ndis.lib;C:\WinDDK\7600.16385.1\lib\win7\i386\ntstrsafe.lib;C:\WinDDK\7600.16385.1\lib\win7\i386\wdmsec.lib;%(AdditionalDependencies)</AdditionalDependencies> + <AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|Win32'">$(DDK_LIB_PATH)ndis.lib;$(DDK_LIB_PATH)ntstrsafe.lib;$(DDK_LIB_PATH)wdmsec.lib;%(AdditionalDependencies)</AdditionalDependencies> </Link> <Link> - <AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Win7 Release|Win32'">C:\WinDDK\7600.16385.1\lib\win7\i386\ndis.lib;C:\WinDDK\7600.16385.1\lib\win7\i386\ntstrsafe.lib;C:\WinDDK\7600.16385.1\lib\win7\i386\wdmsec.lib;%(AdditionalDependencies)</AdditionalDependencies> + <AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Win7 Release|Win32'">$(DDK_LIB_PATH)ndis.lib;$(DDK_LIB_PATH)ntstrsafe.lib;$(DDK_LIB_PATH)wdmsec.lib;%(AdditionalDependencies)</AdditionalDependencies> </Link> <Link> <AdditionalDependencies Condition="'$(Configuration)|$(Platform)'=='Win8 Release|Win32'">C:\WinDDK\7600.16385.1\lib\win7\i386\ndis.lib;C:\WinDDK\7600.16385.1\lib\win7\i386\ntstrsafe.lib;C:\WinDDK\7600.16385.1\lib\win7\i386\wdmsec.lib;%(AdditionalDependencies)</AdditionalDependencies> @@ -261,13 +272,18 @@ </Inf> <Inf> <TimeStamp Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|Win32'">3.00.00.0</TimeStamp> - <SpecifyDriverVerDirectiveVersion Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|Win32'">false</SpecifyDriverVerDirectiveVersion> - <SpecifyDriverVerDirectiveDate Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|Win32'">false</SpecifyDriverVerDirectiveDate> + <SpecifyDriverVerDirectiveVersion Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|Win32'">true</SpecifyDriverVerDirectiveVersion> + <SpecifyDriverVerDirectiveDate Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|Win32'">true</SpecifyDriverVerDirectiveDate> + <VersionHeaderPath Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|Win32'"> + </VersionHeaderPath> + <CatalogFileName Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|Win32'">zttap300.cat</CatalogFileName> </Inf> <Inf> - <TimeStamp Condition="'$(Configuration)|$(Platform)'=='Win7 Release|Win32'">3.00.00.0</TimeStamp> + <TimeStamp Condition="'$(Configuration)|$(Platform)'=='Win7 Release|Win32'"> + </TimeStamp> <SpecifyDriverVerDirectiveVersion Condition="'$(Configuration)|$(Platform)'=='Win7 Release|Win32'">false</SpecifyDriverVerDirectiveVersion> <SpecifyDriverVerDirectiveDate Condition="'$(Configuration)|$(Platform)'=='Win7 Release|Win32'">false</SpecifyDriverVerDirectiveDate> + <DateStamp Condition="'$(Configuration)|$(Platform)'=='Win7 Release|Win32'" /> </Inf> <Inf> <TimeStamp Condition="'$(Configuration)|$(Platform)'=='Win8 Release|Win32'">3.00.00.0</TimeStamp> @@ -291,13 +307,18 @@ </Inf> <Inf> <TimeStamp Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|x64'">3.00.00.0</TimeStamp> - <SpecifyDriverVerDirectiveVersion Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|x64'">false</SpecifyDriverVerDirectiveVersion> - <SpecifyDriverVerDirectiveDate Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|x64'">false</SpecifyDriverVerDirectiveDate> + <SpecifyDriverVerDirectiveVersion Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|x64'">true</SpecifyDriverVerDirectiveVersion> + <SpecifyDriverVerDirectiveDate Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|x64'">true</SpecifyDriverVerDirectiveDate> + <VersionHeaderPath Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|x64'"> + </VersionHeaderPath> + <CatalogFileName Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|x64'">zttap300.cat</CatalogFileName> + <AdditionalOptions Condition="'$(Configuration)|$(Platform)'=='Win7 Debug|x64'">-v "3.00.00.0" %(AdditionalOptions)</AdditionalOptions> </Inf> <Inf> <TimeStamp Condition="'$(Configuration)|$(Platform)'=='Win7 Release|x64'">3.00.00.0</TimeStamp> - <SpecifyDriverVerDirectiveVersion Condition="'$(Configuration)|$(Platform)'=='Win7 Release|x64'">false</SpecifyDriverVerDirectiveVersion> - <SpecifyDriverVerDirectiveDate Condition="'$(Configuration)|$(Platform)'=='Win7 Release|x64'">false</SpecifyDriverVerDirectiveDate> + <SpecifyDriverVerDirectiveVersion Condition="'$(Configuration)|$(Platform)'=='Win7 Release|x64'">true</SpecifyDriverVerDirectiveVersion> + <SpecifyDriverVerDirectiveDate Condition="'$(Configuration)|$(Platform)'=='Win7 Release|x64'">true</SpecifyDriverVerDirectiveDate> + <AdditionalOptions Condition="'$(Configuration)|$(Platform)'=='Win7 Release|x64'">-v "3.00.00.0" %(AdditionalOptions)</AdditionalOptions> </Inf> <Inf> <TimeStamp Condition="'$(Configuration)|$(Platform)'=='Win8 Release|x64'">3.00.00.0</TimeStamp> diff --git a/windows/TapDriver6/tap-windows.h b/windows/TapDriver6/tap-windows.h index 7e01846d..fd41a798 100644 --- a/windows/TapDriver6/tap-windows.h +++ b/windows/TapDriver6/tap-windows.h @@ -42,7 +42,9 @@ //#define TAP_WIN_IOCTL_CONFIG_POINT_TO_POINT TAP_WIN_CONTROL_CODE (5, METHOD_BUFFERED) #define TAP_WIN_IOCTL_SET_MEDIA_STATUS TAP_WIN_CONTROL_CODE (6, METHOD_BUFFERED) //#define TAP_WIN_IOCTL_CONFIG_DHCP_MASQ TAP_WIN_CONTROL_CODE (7, METHOD_BUFFERED) -//#define TAP_WIN_IOCTL_GET_LOG_LINE TAP_WIN_CONTROL_CODE (8, METHOD_BUFFERED) +#if DBG +#define TAP_WIN_IOCTL_GET_LOG_LINE TAP_WIN_CONTROL_CODE (8, METHOD_BUFFERED) +#endif //#define TAP_WIN_IOCTL_CONFIG_DHCP_SET_OPT TAP_WIN_CONTROL_CODE (9, METHOD_BUFFERED) /* Added in 8.2 */ diff --git a/windows/WinUI/APIHandler.cs b/windows/WinUI/APIHandler.cs index 92b83021..81c5b775 100644 --- a/windows/WinUI/APIHandler.cs +++ b/windows/WinUI/APIHandler.cs @@ -7,6 +7,7 @@ using System.Net; using System.IO; using System.Windows; using Newtonsoft.Json; +using System.Diagnostics; namespace WinUI { @@ -18,7 +19,108 @@ namespace WinUI private string url = null; - public APIHandler() + private static volatile APIHandler instance; + private static object syncRoot = new Object(); + + public delegate void NetworkListCallback(List<ZeroTierNetwork> networks); + public delegate void StatusCallback(ZeroTierStatus status); + + public static APIHandler Instance + { + get + { + if (instance == null) + { + lock (syncRoot) + { + if (instance == null) + { + if (!initHandler()) + { + return null; + } + } + } + } + + return instance; + } + } + + private static bool initHandler() + { + String localZtDir = Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData) + "\\ZeroTier\\One"; + String globalZtDir = Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData) + "\\ZeroTier\\One"; + + String authToken = ""; + Int32 port = 9993; + + if (!File.Exists(localZtDir + "\\authtoken.secret") || !File.Exists(localZtDir + "\\zerotier-one.port")) + { + // launch external process to copy file into place + String curPath = System.Reflection.Assembly.GetEntryAssembly().Location; + int index = curPath.LastIndexOf("\\"); + curPath = curPath.Substring(0, index); + ProcessStartInfo startInfo = new ProcessStartInfo(curPath + "\\copyutil.exe", "\""+globalZtDir+"\"" + " " + "\""+localZtDir+"\""); + startInfo.Verb = "runas"; + + + var process = Process.Start(startInfo); + process.WaitForExit(); + } + + authToken = readAuthToken(localZtDir + "\\authtoken.secret"); + + if ((authToken == null) || (authToken.Length <= 0)) + { + MessageBox.Show("Unable to read ZeroTier One authtoken", "ZeroTier One"); + return false; + } + + port = readPort(localZtDir + "\\zerotier-one.port"); + instance = new APIHandler(port, authToken); + return true; + } + + private static String readAuthToken(String path) + { + String authToken = ""; + + if (File.Exists(path)) + { + try + { + byte[] tmp = File.ReadAllBytes(path); + authToken = System.Text.Encoding.UTF8.GetString(tmp).Trim(); + } + catch + { + MessageBox.Show("Unable to read ZeroTier One Auth Token from:\r\n" + path, "ZeroTier One"); + } + } + + return authToken; + } + + private static Int32 readPort(String path) + { + Int32 port = 9993; + + try + { + byte[] tmp = File.ReadAllBytes(path); + port = Int32.Parse(System.Text.Encoding.ASCII.GetString(tmp).Trim()); + if ((port <= 0) || (port > 65535)) + port = 9993; + } + catch + { + } + + return port; + } + + private APIHandler() { url = "http://127.0.0.1:9993"; } @@ -29,7 +131,9 @@ namespace WinUI this.authtoken = authtoken; } - public ZeroTierStatus GetStatus() + + + public void GetStatus(StatusCallback cb) { var request = WebRequest.Create(url + "/status" + "?auth=" + authtoken) as HttpWebRequest; if (request != null) @@ -54,29 +158,32 @@ namespace WinUI { Console.WriteLine(e.ToString()); } - return status; + cb(status); } } catch (System.Net.Sockets.SocketException) { - return null; + cb(null); } catch (System.Net.WebException) { - return null; + cb(null); } } - public List<ZeroTierNetwork> GetNetworks() + + + public void GetNetworks(NetworkListCallback cb) { var request = WebRequest.Create(url + "/network" + "?auth=" + authtoken) as HttpWebRequest; if (request == null) { - return null; + cb(null); } request.Method = "GET"; request.ContentType = "application/json"; + request.Timeout = 10000; try { @@ -89,25 +196,30 @@ namespace WinUI try { networkList = JsonConvert.DeserializeObject<List<ZeroTierNetwork>>(responseText); + foreach (ZeroTierNetwork n in networkList) + { + // all networks received via JSON are connected by definition + n.IsConnected = true; + } } catch (JsonReaderException e) { Console.WriteLine(e.ToString()); } - return networkList; + cb(networkList); } } catch (System.Net.Sockets.SocketException) { - return null; + cb(null); } catch (System.Net.WebException) { - return null; + cb(null); } } - public void JoinNetwork(string nwid) + public void JoinNetwork(string nwid, bool allowManaged = true, bool allowGlobal = false, bool allowDefault = false) { var request = WebRequest.Create(url + "/network/" + nwid + "?auth=" + authtoken) as HttpWebRequest; if (request == null) @@ -116,6 +228,25 @@ namespace WinUI } request.Method = "POST"; + request.ContentType = "applicaiton/json"; + request.Timeout = 10000; + try + { + using (var streamWriter = new StreamWriter(((HttpWebRequest)request).GetRequestStream())) + { + string json = "{\"allowManaged\":" + (allowManaged ? "true" : "false") + "," + + "\"allowGlobal\":" + (allowGlobal ? "true" : "false") + "," + + "\"allowDefault\":" + (allowDefault ? "true" : "false") + "}"; + streamWriter.Write(json); + streamWriter.Flush(); + streamWriter.Close(); + } + } + catch (System.Net.WebException) + { + MessageBox.Show("Error Joining Network: Cannot connect to ZeroTier service."); + return; + } try { @@ -145,6 +276,7 @@ namespace WinUI } request.Method = "DELETE"; + request.Timeout = 10000; try { @@ -163,14 +295,20 @@ namespace WinUI { MessageBox.Show("Error Leaving Network: Cannot connect to ZeroTier service."); } + catch + { + Console.WriteLine("Error leaving network: Unknown error"); + } } - public List<ZeroTierPeer> GetPeers() + public delegate void PeersCallback(List<ZeroTierPeer> peers); + + public void GetPeers(PeersCallback cb) { var request = WebRequest.Create(url + "/peer" + "?auth=" + authtoken) as HttpWebRequest; if (request == null) { - return null; + cb(null); } request.Method = "GET"; @@ -192,16 +330,16 @@ namespace WinUI { Console.WriteLine(e.ToString()); } - return peerList; + cb(peerList); } } catch (System.Net.Sockets.SocketException) { - return null; + cb(null); } catch (System.Net.WebException) { - return null; + cb(null); } } } diff --git a/windows/WinUI/AboutView.xaml b/windows/WinUI/AboutView.xaml new file mode 100644 index 00000000..5def46a6 --- /dev/null +++ b/windows/WinUI/AboutView.xaml @@ -0,0 +1,103 @@ +<Window x:Class="WinUI.AboutView" + xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation" + xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" + xmlns:d="http://schemas.microsoft.com/expression/blend/2008" + xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" + xmlns:local="clr-namespace:WinUI" + mc:Ignorable="d" + Title="AboutView" Height="460" Width="300" Icon="ZeroTierIcon.ico"> + <Grid> + <Image x:Name="image" HorizontalAlignment="Center" Height="100" Margin="0,10,0,0" VerticalAlignment="Top" Width="100" Source="ZeroTierIcon.ico"/> + <RichTextBox x:Name="richTextBox" HorizontalAlignment="Left" Height="307" Margin="10,115,0,0" VerticalAlignment="Top" Width="275" IsReadOnly="True" IsDocumentEnabled="True" BorderThickness="0"> + <RichTextBox.Resources> + <Style TargetType="Hyperlink"> + <Setter Property="Cursor" Value="Hand" /> + </Style> + </RichTextBox.Resources> + <FlowDocument> + <Paragraph> + <Span FontWeight="Bold" FontSize="18" FontFamily="HelveticaNeue"> + <Run Text="Getting Started"/> + </Span> + <Span FontWeight="Bold" FontSize="12" FontFamily="HelveticaNeue"> + <LineBreak/> + </Span> + <Span FontSize="12" FontFamily="HelveticaNeue"> + <Run/> + </Span> + </Paragraph> + <Paragraph> + <Span FontSize="12" FontFamily="HelveticaNeue"> + <Run Text="Getting started is simple. Simply click "/> + </Span> + <Span FontSize="12" FontFamily="Menlo-Regular"> + <Run Text="Join Network"/> + </Span> + <Span FontSize="12" FontFamily="HelveticaNeue"> + <Run Text=" from the ZeroTier status bar menu. To join the public network "Earth", enter "/> + </Span> + <Span FontSize="12" FontFamily="Menlo-Regular"> + <Run Text="8056c2e21c000001"/> + </Span> + <Span FontSize="12" FontFamily="HelveticaNeue"> + <Run Text=" and click the Join button. Once connected, you'll be able to navigate to "/> + </Span> + <Hyperlink NavigateUri="http://earth.zerotier.net/" RequestNavigate="Hyperlink_MouseLeftButtonDown"> + <Span Foreground="#FF0000E9" FontSize="12" FontFamily="HelveticaNeue"> + <Run Text="earth.zerotier.net"/> + </Span> + </Hyperlink> + <Span FontSize="12" FontFamily="HelveticaNeue"> + <Run Text="."/> + </Span> + </Paragraph> + <Paragraph> + <Span FontSize="12" FontFamily="HelveticaNeue"> + <Run/> + <LineBreak/> + </Span> + <Span FontWeight="Bold" FontSize="18" FontFamily="HelveticaNeue"> + <Run Text="Create a Network"/> + </Span> + <Span FontWeight="Bold" FontSize="12" FontFamily="HelveticaNeue"> + <LineBreak/> + </Span> + <Span FontSize="12" FontFamily="HelveticaNeue"> + <Run/> + </Span> + </Paragraph> + <Paragraph> + <Span FontSize="12" FontFamily="HelveticaNeue"> + <Run Text="Visit "/> + </Span> + <Hyperlink NavigateUri="http://my.zerotier.com/" RequestNavigate="Hyperlink_MouseLeftButtonDown"> + <Span Foreground="#FF0000E9" FontSize="12" FontFamily="HelveticaNeue"> + <Run Text="my.zerotier.com"/> + </Span> + </Hyperlink> + <Span FontSize="12" FontFamily="HelveticaNeue"> + <Run Text=" to create and manage your own virtual networks."/> + </Span> + <Span FontSize="12" FontFamily="HelveticaNeue"> + <LineBreak/> + <Run/> + </Span> + </Paragraph> + <Paragraph> + <Span FontSize="12" FontFamily="HelveticaNeue"> + <Run Text="For more information, visit "/> + </Span> + <Hyperlink NavigateUri="http://www.zerotier.com/" RequestNavigate="Hyperlink_MouseLeftButtonDown"> + <Span Foreground="#FF0000E9" FontSize="12" FontFamily="HelveticaNeue"> + <Run Text="zerotier.com"/> + </Span> + </Hyperlink> + <Span FontSize="12" FontFamily="HelveticaNeue"> + <Run Text="."/> + </Span> + </Paragraph> + </FlowDocument> + </RichTextBox> + + </Grid> +</Window> diff --git a/windows/WinUI/AboutView.xaml.cs b/windows/WinUI/AboutView.xaml.cs new file mode 100644 index 00000000..9c48493d --- /dev/null +++ b/windows/WinUI/AboutView.xaml.cs @@ -0,0 +1,35 @@ +using System; +using System.Collections.Generic; +using System.Diagnostics; +using System.Linq; +using System.Text; +using System.Threading.Tasks; +using System.Windows; +using System.Windows.Controls; +using System.Windows.Data; +using System.Windows.Documents; +using System.Windows.Input; +using System.Windows.Media; +using System.Windows.Media.Imaging; +using System.Windows.Navigation; +using System.Windows.Shapes; + +namespace WinUI +{ + /// <summary> + /// Interaction logic for AboutView.xaml + /// </summary> + public partial class AboutView : Window + { + public AboutView() + { + InitializeComponent(); + } + + private void Hyperlink_MouseLeftButtonDown(object sender, RequestNavigateEventArgs e) + { + var hyperlink = (Hyperlink)sender; + Process.Start(hyperlink.NavigateUri.ToString()); + } + } +} diff --git a/windows/WinUI/App.xaml b/windows/WinUI/App.xaml index 08b9b792..12ed85f9 100644 --- a/windows/WinUI/App.xaml +++ b/windows/WinUI/App.xaml @@ -1,7 +1,7 @@ <Application x:Class="WinUI.App" xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" - StartupUri="MainWindow.xaml"> + StartupUri="ToolbarItem.xaml"> <Application.Resources> <ResourceDictionary> diff --git a/windows/WinUI/App.xaml.cs b/windows/WinUI/App.xaml.cs index a97edde7..53ef2f67 100644 --- a/windows/WinUI/App.xaml.cs +++ b/windows/WinUI/App.xaml.cs @@ -5,6 +5,7 @@ using System.Data; using System.Linq; using System.Threading.Tasks; using System.Windows; +using Hardcodet.Wpf.TaskbarNotification; namespace WinUI { @@ -13,5 +14,12 @@ namespace WinUI /// </summary> public partial class App : Application { + private TaskbarIcon tb; + + private void InitApplication() + { + tb = (TaskbarIcon)FindResource("NotifyIcon"); + tb.Visibility = Visibility.Visible; + } } } diff --git a/windows/WinUI/JoinNetworkView.xaml b/windows/WinUI/JoinNetworkView.xaml new file mode 100644 index 00000000..1cd1e98d --- /dev/null +++ b/windows/WinUI/JoinNetworkView.xaml @@ -0,0 +1,16 @@ +<Window x:Class="WinUI.JoinNetworkView" + xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation" + xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" + xmlns:d="http://schemas.microsoft.com/expression/blend/2008" + xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" + xmlns:local="clr-namespace:WinUI" + mc:Ignorable="d" + Title="Join a Network" SizeToContent="WidthAndHeight" Height="Auto" Width="Auto" Icon="ZeroTierIcon.ico"> + <Grid HorizontalAlignment="Left" Margin="0,0,0,0" Width="315"> + <TextBox x:Name="joinNetworkBox" HorizontalAlignment="Left" Height="23" Margin="10,10,0,0" TextWrapping="Wrap" VerticalAlignment="Top" Width="291" PreviewTextInput="joinNetworkBox_OnTextEntered" PreviewKeyDown="joinNetworkBox_OnKeyDown"/> + <CheckBox x:Name="allowManagedCheckbox" Content="Allow Managed" HorizontalAlignment="Left" Margin="10,38,0,0" VerticalAlignment="Top" IsChecked="True"/> + <CheckBox x:Name="allowGlobalCheckbox" Content="Allow Global" HorizontalAlignment="Left" Margin="118,38,0,0" VerticalAlignment="Top"/> + <CheckBox x:Name="allowDefaultCheckbox" Content="Allow Default" HorizontalAlignment="Left" Margin="210,38,-6,0" VerticalAlignment="Top"/> + <Button x:Name="joinButton" Content="Join" HorizontalAlignment="Left" Margin="226,58,0,10" Background="#FFFFB354" VerticalAlignment="Top" Width="75" Click="joinButton_Click" IsEnabled="False"/> + </Grid> +</Window> diff --git a/windows/WinUI/JoinNetworkView.xaml.cs b/windows/WinUI/JoinNetworkView.xaml.cs new file mode 100644 index 00000000..548a51e6 --- /dev/null +++ b/windows/WinUI/JoinNetworkView.xaml.cs @@ -0,0 +1,126 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Text.RegularExpressions; +using System.Threading.Tasks; +using System.Windows; +using System.Windows.Controls; +using System.Windows.Data; +using System.Windows.Documents; +using System.Windows.Input; +using System.Windows.Media; +using System.Windows.Media.Imaging; +using System.Windows.Shapes; + +namespace WinUI +{ + /// <summary> + /// Interaction logic for JoinNetworkView.xaml + /// </summary> + public partial class JoinNetworkView : Window + { + Regex charRegex = new Regex("[0-9a-fxA-FX]"); + Regex wholeStringRegex = new Regex("^[0-9a-fxA-FX]+$"); + + public JoinNetworkView() + { + InitializeComponent(); + + DataObject.AddPastingHandler(joinNetworkBox, onPaste); + DataObject.AddCopyingHandler(joinNetworkBox, onCopyCut); + } + + private void joinNetworkBox_OnTextEntered(object sender, TextCompositionEventArgs e) + { + e.Handled = !charRegex.IsMatch(e.Text); + + if ( (joinNetworkBox.Text.Length + e.Text.Length) == 16) + { + joinButton.IsEnabled = true; + } + else + { + joinButton.IsEnabled = false; + } + } + + private void joinNetworkBox_OnKeyDown(object sender, KeyEventArgs e) + { + if (Keyboard.IsKeyDown(Key.LeftCtrl) || Keyboard.IsKeyDown(Key.RightCtrl)) + { + if (e.Key == Key.X && joinNetworkBox.IsSelectionActive) + { + // handle ctrl-x removing characters + joinButton.IsEnabled = false; + } + } + else if (e.Key == Key.Delete || e.Key == Key.Back) + { + if ((joinNetworkBox.Text.Length - 1) == 16) + { + joinButton.IsEnabled = true; + } + else + { + joinButton.IsEnabled = false; + } + } + else + { + if ((joinNetworkBox.Text.Length + 1) > 16) + { + e.Handled = true; + } + } + } + + private void onPaste(object sender, DataObjectPastingEventArgs e) + { + var isText = e.SourceDataObject.GetDataPresent(DataFormats.UnicodeText, true); + if (!isText) + { + joinButton.IsEnabled = false; + return; + } + + var text = e.SourceDataObject.GetData(DataFormats.UnicodeText) as string; + + if (!wholeStringRegex.IsMatch(text)) + { + e.Handled = true; + e.CancelCommand(); + } + + if (text.Length == 16 || (joinNetworkBox.Text.Length + text.Length) == 16) + { + joinButton.IsEnabled = true; + } + else if (text.Length > 16 || (joinNetworkBox.Text.Length + text.Length) > 16) + { + e.Handled = true; + e.CancelCommand(); + } + else + { + joinButton.IsEnabled = false; + } + } + + private void onCopyCut(object sender, DataObjectCopyingEventArgs e) + { + + } + + private void joinButton_Click(object sender, RoutedEventArgs e) + { + bool allowDefault = allowDefaultCheckbox.IsChecked.Value; + bool allowGlobal = allowGlobalCheckbox.IsChecked.Value; + bool allowManaged = allowManagedCheckbox.IsChecked.Value; + + APIHandler.Instance.JoinNetwork(joinNetworkBox.Text, allowManaged, allowGlobal, allowDefault); + + Close(); + } + } +} diff --git a/windows/WinUI/MainWindow.xaml.cs b/windows/WinUI/MainWindow.xaml.cs index 47f00bfe..e4a82f96 100644 --- a/windows/WinUI/MainWindow.xaml.cs +++ b/windows/WinUI/MainWindow.xaml.cs @@ -1,5 +1,6 @@ using System; using System.Collections.Generic; +using System.Diagnostics; using System.IO; using System.Linq; using System.Text; @@ -57,40 +58,77 @@ namespace WinUI } } - private bool InitAPIHandler() + + private String readAuthToken(String path) { - String ztDir = Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData) + "\\ZeroTier\\One"; String authToken = ""; + + if (File.Exists(path)) + { + try + { + byte[] tmp = File.ReadAllBytes(path); + authToken = System.Text.Encoding.UTF8.GetString(tmp).Trim(); + } + catch + { + MessageBox.Show("Unable to read ZeroTier One Auth Token from:\r\n" + path, "ZeroTier One"); + } + } + + return authToken; + } + + private Int32 readPort(String path) + { Int32 port = 9993; + try { - byte[] tmp = File.ReadAllBytes(ztDir + "\\authtoken.secret"); - authToken = System.Text.Encoding.ASCII.GetString(tmp).Trim(); + byte[] tmp = File.ReadAllBytes(path); + port = Int32.Parse(System.Text.Encoding.ASCII.GetString(tmp).Trim()); + if ((port <= 0) || (port > 65535)) + port = 9993; } catch { - MessageBox.Show("Unable to read ZeroTier One authtoken.secret from:\r\n" + ztDir, "ZeroTier One"); - this.Close(); - return false; } + return port; + } + + private bool InitAPIHandler() + { + String localZtDir = Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData) + "\\ZeroTier\\One"; + String globalZtDir = Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData) + "\\ZeroTier\\One"; + + String authToken = ""; + Int32 port = 9993; + + if (!File.Exists(localZtDir + "\\authtoken.secret") || !File.Exists(localZtDir + "\\zerotier-one.port")) + { + // launch external process to copy file into place + String curPath = System.Reflection.Assembly.GetEntryAssembly().Location; + int index = curPath.LastIndexOf("\\"); + curPath = curPath.Substring(0, index); + ProcessStartInfo startInfo = new ProcessStartInfo(curPath + "\\copyutil.exe", globalZtDir + " " + localZtDir); + startInfo.Verb = "runas"; + + + var process = Process.Start(startInfo); + process.WaitForExit(); + } + + authToken = readAuthToken(localZtDir + "\\authtoken.secret"); + if ((authToken == null) || (authToken.Length <= 0)) { - MessageBox.Show("Unable to read ZeroTier One authtoken.secret from:\r\n" + ztDir, "ZeroTier One"); + MessageBox.Show("Unable to read ZeroTier One authtoken", "ZeroTier One"); this.Close(); return false; } - try - { - byte[] tmp = File.ReadAllBytes(ztDir + "\\zerotier-one.port"); - port = Int32.Parse(System.Text.Encoding.ASCII.GetString(tmp).Trim()); - if ((port <= 0) || (port > 65535)) - port = 9993; - } - catch - { - } + port = readPort(localZtDir + "\\zerotier-one.port"); handler = new APIHandler(port, authToken); return true; } @@ -105,7 +143,7 @@ namespace WinUI networkId.Dispatcher.BeginInvoke(DispatcherPriority.Normal, new Action(() => { - this.networkId.Content = status.Address; + this.networkId.Text = status.Address; })); versionString.Dispatcher.BeginInvoke(DispatcherPriority.Normal, new Action(() => { @@ -122,7 +160,7 @@ namespace WinUI networkId.Dispatcher.BeginInvoke(DispatcherPriority.Normal, new Action(() => { - this.networkId.Content = ""; + this.networkId.Text = ""; })); versionString.Dispatcher.BeginInvoke(DispatcherPriority.Normal, new Action(() => { diff --git a/windows/WinUI/NetworkInfoView.xaml b/windows/WinUI/NetworkInfoView.xaml index 54ff0375..6b32569e 100644 --- a/windows/WinUI/NetworkInfoView.xaml +++ b/windows/WinUI/NetworkInfoView.xaml @@ -26,6 +26,9 @@ <RowDefinition Height="auto"/> <RowDefinition Height="auto"/> <RowDefinition Height="auto"/> + <RowDefinition Height="auto"/> + <RowDefinition Height="auto"/> + <RowDefinition Height="auto"/> </Grid.RowDefinitions> <Grid Grid.Column="0" Grid.Row="0" Grid.ColumnSpan="3"> @@ -48,8 +51,11 @@ <TextBlock TextWrapping="Wrap" Text="Bridging" HorizontalAlignment="Right" Grid.Column="0" Grid.Row="7" Foreground="#FF000000"/> <TextBlock TextWrapping="Wrap" Text="Device" HorizontalAlignment="Right" Grid.Column="0" Grid.Row="8" Foreground="#FF000000"/> <TextBlock TextWrapping="Wrap" Text="Managed IPs" HorizontalAlignment="Right" Grid.Column="0" Grid.Row="9" Foreground="#FF000000"/> + <TextBlock TextWrapping="Wrap" Text="Allow Global IP" HorizontalAlignment="Right" Grid.Column="0" Grid.Row="10" Foreground="#FF000000"/> + <TextBlock TextWrapping="Wrap" Text="Allow Managed IP" HorizontalAlignment="Right" Grid.Column="0" Grid.Row="11" Foreground="#FF000000"/> + <TextBlock TextWrapping="Wrap" Text="Allow Default Route" HorizontalAlignment="Right" Grid.Column="0" Grid.Row="12" Foreground="#FF000000"/> - <Rectangle Grid.Column="2" Grid.Row="2" Grid.RowSpan="8" Fill="#FFEEEEEE"/> + <Rectangle Grid.Column="2" Grid.Row="2" Grid.RowSpan="11" Fill="#FFEEEEEE"/> <TextBlock x:Name="networkStatus" FontFamily="Lucida Console" TextWrapping="Wrap" HorizontalAlignment="Right" Text="OK" TextAlignment="Right" Grid.Column="2" Grid.Row="2" Foreground="#FF000000"/> <TextBlock x:Name="networkType" FontFamily="Lucida Console" TextWrapping="Wrap" Text="PUBLIC" HorizontalAlignment="Right" Grid.Column="2" Grid.Row="3" Foreground="#FF000000"/> @@ -58,15 +64,21 @@ <TextBlock x:Name="broadcastEnabled" FontFamily="Lucida Console" TextWrapping="Wrap" Text="ENABLED" HorizontalAlignment="Right" Grid.Column="2" Grid.Row="6" Foreground="#FF000000"/> <TextBlock x:Name="bridgingEnabled" FontFamily="Lucida Console" TextWrapping="Wrap" Text="DISABLED" HorizontalAlignment="Right" Grid.Column="2" Grid.Row="7" Background="#FFEEEEEE" Foreground="#FF000000"/> <TextBlock x:Name="deviceName" FontFamily="Lucida Console" TextWrapping="Wrap" HorizontalAlignment="Right" Grid.Column="2" Grid.Row="8" Foreground="#FF000000"><Span><Run Text="ethernet_32771"/></Span></TextBlock> - <TextBlock x:Name="managedIps" TextWrapping="Wrap" FontFamily="Lucida Console" HorizontalAlignment="Right" TextAlignment="Right" Grid.Column="2" Grid.Row="9" Foreground="#FF000000"><Span><Run Text="28.2.169.248/7 "/></Span><LineBreak/><Span><Run Text="fd80:56c2:e21c:0000:0199:9383:4a02:a9f8/88"/></Span></TextBlock> - - <Separator Grid.Column="0" Grid.Row="10" Grid.ColumnSpan="3"/> + <TextBox x:Name="managedIps" TextWrapping="Wrap" FontFamily="Lucida Console" HorizontalAlignment="Right" TextAlignment="Right" Grid.Column="2" Grid.Row="9" Foreground="#FF000000" IsReadOnly="True" BorderThickness="0" Background="#FFEEEEEE" Text="28.2.169.248/7
fd80:56c2:e21c:0000:0199:9383:4a02:a9f8/88"/> + <CheckBox x:Name="allowGlobal" HorizontalAlignment="Right" Grid.Column="2" Grid.Row="10" /> + <CheckBox x:Name="allowManaged" HorizontalAlignment="Right" Grid.Column="2" Grid.Row="11" /> + <CheckBox x:Name="allowDefault" HorizontalAlignment="Right" Grid.Column="2" Grid.Row="12" /> - <Grid Grid.Column="0" Grid.Row="11" Grid.ColumnSpan="3" Background="GhostWhite"> + <Separator Grid.Column="0" Grid.Row="13" Grid.ColumnSpan="3"/> + + <Grid Grid.Column="0" Grid.Row="14" Grid.ColumnSpan="3" Background="GhostWhite"> <Grid.ColumnDefinitions> + <ColumnDefinition Width="auto"/> <ColumnDefinition Width="*"/> + <ColumnDefinition Width="auto"/> </Grid.ColumnDefinitions> - <Button x:Name="leaveButton" Content="Leave" HorizontalAlignment="Right" VerticalAlignment="Bottom" Width="75" Background="#FFFFB354" Click="leaveButton_Click"/> + <Button x:Name="deleteButton" Grid.Column="0" Content="Delete" HorizontalAlignment="Left" VerticalAlignment="Center" Width="75" Background="#FFFFB354" Click="deleteButton_Click"/> + <CheckBox x:Name="connectedCheckBox" Grid.Column="2" Content="Connected" HorizontalAlignment="Right" VerticalAlignment="Center" Checked="connectedCheckBox_Checked" Unchecked="connectedCheckbox_Unchecked"/> </Grid> </Grid> </Border> diff --git a/windows/WinUI/NetworkInfoView.xaml.cs b/windows/WinUI/NetworkInfoView.xaml.cs index ccdec288..1f99a1fe 100644 --- a/windows/WinUI/NetworkInfoView.xaml.cs +++ b/windows/WinUI/NetworkInfoView.xaml.cs @@ -20,30 +20,50 @@ namespace WinUI /// </summary> public partial class NetworkInfoView : UserControl { - private APIHandler handler; - private ZeroTierNetwork network; + public ZeroTierNetwork network; - public NetworkInfoView(APIHandler handler, ZeroTierNetwork network) + public NetworkInfoView(ZeroTierNetwork network) { InitializeComponent(); - this.handler = handler; this.network = network; UpdateNetworkData(); + + allowDefault.Checked += AllowDefault_CheckStateChanged; + allowDefault.Unchecked += AllowDefault_CheckStateChanged; + allowGlobal.Checked += AllowGlobal_CheckStateChanged; + allowGlobal.Unchecked += AllowGlobal_CheckStateChanged; + allowManaged.Checked += AllowManaged_CheckStateChanged; + allowManaged.Unchecked += AllowManaged_CheckStateChanged; } private void UpdateNetworkData() { - this.networkId.Text = network.NetworkId; - this.networkName.Text = network.NetworkName; - this.networkStatus.Text = network.NetworkStatus; - this.networkType.Text = network.NetworkType; - this.macAddress.Text = network.MacAddress; - this.mtu.Text = network.MTU.ToString(); + + if (this.networkId.Text != network.NetworkId) + this.networkId.Text = network.NetworkId; + + if (this.networkName.Text != network.NetworkName) + this.networkName.Text = network.NetworkName; + + if (this.networkStatus.Text != network.NetworkStatus) + this.networkStatus.Text = network.NetworkStatus; + + if (this.networkType.Text != network.NetworkType) + this.networkType.Text = network.NetworkType; + + if (this.macAddress.Text != network.MacAddress) + this.macAddress.Text = network.MacAddress; + + if (this.mtu.Text != network.MTU.ToString()) + this.mtu.Text = network.MTU.ToString(); + this.broadcastEnabled.Text = (network.BroadcastEnabled ? "ENABLED" : "DISABLED"); this.bridgingEnabled.Text = (network.Bridge ? "ENABLED" : "DISABLED"); - this.deviceName.Text = network.DeviceName; + + if (this.deviceName.Text != network.DeviceName) + this.deviceName.Text = network.DeviceName; string iplist = ""; for (int i = 0; i < network.AssignedAddresses.Length; ++i) @@ -53,8 +73,21 @@ namespace WinUI iplist += "\n"; } - this.managedIps.Text = iplist; - } + if (this.managedIps.Text != iplist) + this.managedIps.Text = iplist; + + this.allowDefault.IsChecked = network.AllowDefault; + this.allowGlobal.IsChecked = network.AllowGlobal; + this.allowManaged.IsChecked = network.AllowManaged; + + this.connectedCheckBox.Checked -= connectedCheckBox_Checked; + this.connectedCheckBox.Unchecked -= connectedCheckbox_Unchecked; + + this.connectedCheckBox.IsChecked = network.IsConnected; + + this.connectedCheckBox.Checked += connectedCheckBox_Checked; + this.connectedCheckBox.Unchecked += connectedCheckbox_Unchecked; + } public bool HasNetwork(ZeroTierNetwork network) { @@ -64,9 +97,70 @@ namespace WinUI return false; } - private void leaveButton_Click(object sender, RoutedEventArgs e) + public void SetNetworkInfo(ZeroTierNetwork network) { - handler.LeaveNetwork(network.NetworkId); + this.network = network; + + UpdateNetworkData(); + } + + private void deleteButton_Click(object sender, RoutedEventArgs e) + { + APIHandler.Instance.LeaveNetwork(network.NetworkId); + NetworkMonitor.Instance.RemoveNetwork(network.NetworkId); + } + + private void AllowManaged_CheckStateChanged(object sender, RoutedEventArgs e) + { + CheckBox cb = sender as CheckBox; + APIHandler.Instance.JoinNetwork(network.NetworkId, + allowManaged.IsChecked ?? false, + allowGlobal.IsChecked ?? false, + allowDefault.IsChecked ?? false); + } + + private void AllowGlobal_CheckStateChanged(object sender, RoutedEventArgs e) + { + CheckBox cb = sender as CheckBox; + APIHandler.Instance.JoinNetwork(network.NetworkId, + allowManaged.IsChecked ?? false, + allowGlobal.IsChecked ?? false, + allowDefault.IsChecked ?? false); + } + + private void AllowDefault_CheckStateChanged(object sender, RoutedEventArgs e) + { + CheckBox cb = sender as CheckBox; + APIHandler.Instance.JoinNetwork(network.NetworkId, + allowManaged.IsChecked ?? false, + allowGlobal.IsChecked ?? false, + allowDefault.IsChecked ?? false); + } + + private void connectedCheckBox_Checked(object sender, RoutedEventArgs e) + { + onConnectedCheckboxUpdated(true); + } + + private void connectedCheckbox_Unchecked(object sender, RoutedEventArgs e) + { + onConnectedCheckboxUpdated(false); + } + + private void onConnectedCheckboxUpdated(bool isChecked) + { + if (isChecked) + { + bool global = allowGlobal.IsChecked.Value; + bool managed = allowManaged.IsChecked.Value; + bool defRoute = allowDefault.IsChecked.Value; + + APIHandler.Instance.JoinNetwork(networkId.Text, managed, global, defRoute); + } + else + { + APIHandler.Instance.LeaveNetwork(networkId.Text); + } } } } diff --git a/windows/WinUI/MainWindow.xaml b/windows/WinUI/NetworkListView.xaml index d71a90df..1dc774b7 100644 --- a/windows/WinUI/MainWindow.xaml +++ b/windows/WinUI/NetworkListView.xaml @@ -4,8 +4,8 @@ xmlns:d="http://schemas.microsoft.com/expression/blend/2008" xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:local="clr-namespace:WinUI" - mc:Ignorable="d" x:Class="WinUI.MainWindow" - Title="ZeroTier One" Height="500" Width="425" Icon="ZeroTierIcon.ico"> + mc:Ignorable="d" x:Class="WinUI.NetworkListView" + Title="ZeroTier One" SizeToContent="Width" Height="500" Width="Auto" Icon="ZeroTierIcon.ico"> <Window.Resources> <SolidColorBrush x:Key="GreenBrush" Color="#ff91a2a3"/> @@ -75,58 +75,14 @@ </Window.Resources> <DockPanel> - <StatusBar DockPanel.Dock="Bottom" Height="26" Background="#FF234447" Margin="0"> - <StatusBar.ItemsPanel> - <ItemsPanelTemplate> - <Grid> - <Grid.RowDefinitions> - <RowDefinition Height="*"/> - </Grid.RowDefinitions> - <Grid.ColumnDefinitions> - <ColumnDefinition Width="Auto"/> - <ColumnDefinition Width="Auto"/> - <ColumnDefinition Width="Auto"/> - <ColumnDefinition Width="*"/> - <ColumnDefinition Width="Auto"/> - <ColumnDefinition Width="Auto"/> - </Grid.ColumnDefinitions> - </Grid> - </ItemsPanelTemplate> - </StatusBar.ItemsPanel> - <StatusBarItem Grid.Column="0" x:Name="networkId" Content="deadbeef00" Foreground="White" FontFamily="Lucida Console"/> - <StatusBarItem Grid.Column="1" x:Name="onlineStatus" Content="ONLINE" Foreground="White" FontFamily="Lucida Console"/> - <StatusBarItem Grid.Column="2" x:Name="versionString" Content="1.0.5" Foreground="White" FontFamily="Lucida Console"/> - <StatusBarItem Grid.Column="3" x:Name="blank" Content="" Height="43" Foreground="White"/> - <StatusBarItem Grid.Column="4"> - <TextBox x:Name="joinNetworkID" TextWrapping="Wrap" Width="140" HorizontalAlignment="Right" ToolTip="Enter Network ID" PreviewTextInput="OnNetworkEntered" MaxLength="16" FontFamily="Lucida Console" FontSize="12" BorderThickness="1"/> - </StatusBarItem> - <StatusBarItem Grid.Column="5" x:Name="statusBarButton" Foreground="White" RenderTransformOrigin="0.789,0.442"> - <Button x:Name="joinButton" Content="Join" Background="#FFFFB354" Width="76" Click="joinButton_Click"/> - </StatusBarItem> - </StatusBar> - <!--<TabControl Margin="0,0,0,0"> - <TabItem x:Name="Networks" Header="Networks" Foreground="White" IsSelected="True" IsManipulationEnabled="True">--> - <Grid Background="LightGray" HorizontalAlignment="Stretch" VerticalAlignment="Stretch"> - <Grid.ColumnDefinitions> - <ColumnDefinition Width="*"/> - </Grid.ColumnDefinitions> - <Grid.RowDefinitions> - <RowDefinition Height="*"/> - </Grid.RowDefinitions> - <local:NetworksPage x:Name="networksPage" HorizontalAlignment="Stretch" VerticalAlignment="Stretch" Grid.Column="0" Grid.Row="0" Margin="0,0,0,0"/> - </Grid> - <!--</TabItem>--> - <!--<TabItem x:Name="Peers" Header="Peers" Foreground="White"> - <Grid Background="#FFE5E5E5" HorizontalAlignment="Left" VerticalAlignment="Top"> - <Grid.ColumnDefinitions> - <ColumnDefinition Width="*"/> - </Grid.ColumnDefinitions> - <Grid.RowDefinitions> - <RowDefinition Height="*"/> - </Grid.RowDefinitions> - <local:PeersPage x:Name="peersPage" HorizontalAlignment="Left" VerticalAlignment="Top" Grid.Column="0" Grid.Row="0"/> - </Grid> - </TabItem>--> - <!--</TabControl>--> + <Grid Background="LightGray" HorizontalAlignment="Stretch" VerticalAlignment="Stretch"> + <Grid.ColumnDefinitions> + <ColumnDefinition Width="*"/> + </Grid.ColumnDefinitions> + <Grid.RowDefinitions> + <RowDefinition Height="*"/> + </Grid.RowDefinitions> + <local:NetworksPage x:Name="networksPage" HorizontalAlignment="Stretch" VerticalAlignment="Stretch" Grid.Column="0" Grid.Row="0" Margin="0,0,0,0"/> + </Grid> </DockPanel> </Window> diff --git a/windows/WinUI/NetworkListView.xaml.cs b/windows/WinUI/NetworkListView.xaml.cs new file mode 100644 index 00000000..26c40255 --- /dev/null +++ b/windows/WinUI/NetworkListView.xaml.cs @@ -0,0 +1,85 @@ +using System; +using System.Collections.Generic; +using System.Diagnostics; +using System.IO; +using System.Linq; +using System.Text; +using System.Text.RegularExpressions; +using System.Timers; +using System.Threading.Tasks; +using System.Windows; +using System.Windows.Controls; +using System.Windows.Data; +using System.Windows.Documents; +using System.Windows.Input; +using System.Windows.Media; +using System.Windows.Media.Imaging; +using System.Windows.Navigation; +using System.Windows.Shapes; +using System.Windows.Threading; +using System.ComponentModel; + +namespace WinUI +{ + /// <summary> + /// Interaction logic for MainWindow.xaml + /// </summary> + public partial class NetworkListView : Window + { + Regex charRegex = new Regex("[0-9a-fxA-FX]"); + Regex wholeStringRegex = new Regex("^[0-9a-fxA-FX]+$"); + + public NetworkListView() + { + InitializeComponent(); + + Closed += onClosed; + + NetworkMonitor.Instance.SubscribeNetworkUpdates(updateNetworks); + } + + ~NetworkListView() + { + } + + protected override void OnClosing(CancelEventArgs e) + { + e.Cancel = true; + Hide(); + } + + private void onClosed(object sender, System.EventArgs e) + { + NetworkMonitor.Instance.UnsubscribeNetworkUpdates(updateNetworks); + } + + private void updateNetworks(List<ZeroTierNetwork> networks) + { + if (networks != null) + { + networksPage.Dispatcher.BeginInvoke(DispatcherPriority.Normal, new Action(() => + { + networksPage.setNetworks(networks); + })); + } + } + + private void OnNetworkEntered(object sender, TextCompositionEventArgs e) + { + e.Handled = !charRegex.IsMatch(e.Text); + } + + private void OnPaste(object sender, DataObjectPastingEventArgs e) + { + var isText = e.SourceDataObject.GetDataPresent(DataFormats.UnicodeText, true); + if (!isText) return; + + var text = e.SourceDataObject.GetData(DataFormats.UnicodeText) as string; + + if (!wholeStringRegex.IsMatch(text)) + { + e.CancelCommand(); + } + } + } +} diff --git a/windows/WinUI/NetworkMonitor.cs b/windows/WinUI/NetworkMonitor.cs new file mode 100644 index 00000000..c276079d --- /dev/null +++ b/windows/WinUI/NetworkMonitor.cs @@ -0,0 +1,202 @@ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; +using System.Threading; +using System.Threading.Tasks; + +namespace WinUI +{ + class NetworkMonitor + { + public delegate void NetworkListCallback(List<ZeroTierNetwork> networks); + public delegate void StatusCallback(ZeroTierStatus status); + + private Thread runThread; + private NetworkListCallback _nwCb; + private StatusCallback _stCb; + + + private List<ZeroTierNetwork> _knownNetworks = new List<ZeroTierNetwork>(); + + private static NetworkMonitor instance; + private static object syncRoot = new object(); + + public static NetworkMonitor Instance + { + get + { + if (instance == null) + { + lock (syncRoot) + { + if (instance == null) + { + instance = new NetworkMonitor(); + } + } + } + + return instance; + } + } + + private NetworkMonitor() + { + runThread = new Thread(new ThreadStart(run)); + loadNetworks(); + + runThread.Start(); + } + + ~NetworkMonitor() + { + runThread.Interrupt(); + } + + private void loadNetworks() + { + String dataPath = Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData) + "\\ZeroTier\\One"; + String dataFile = Path.Combine(dataPath, "networks.dat"); + + if (File.Exists(dataFile)) + { + List<ZeroTierNetwork> netList; + + using (Stream stream = File.Open(dataFile, FileMode.Open)) + { + var bformatter = new System.Runtime.Serialization.Formatters.Binary.BinaryFormatter(); + netList = (List<ZeroTierNetwork>)bformatter.Deserialize(stream); + stream.Close(); + } + + lock (_knownNetworks) + { + _knownNetworks = netList; + } + } + } + + private void writeNetworks() + { + String dataPath = Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData) + "\\ZeroTier\\One"; + String dataFile = Path.Combine(dataPath, "networks.dat"); + + if (!Directory.Exists(dataPath)) + { + Directory.CreateDirectory(dataPath); + } + + using (Stream stream = File.Open(dataFile, FileMode.OpenOrCreate)) + { + lock (_knownNetworks) + { + var bformatter = new System.Runtime.Serialization.Formatters.Binary.BinaryFormatter(); + bformatter.Serialize(stream, _knownNetworks); + stream.Flush(); + stream.Close(); + } + } + } + + private void apiNetworkCallback(List<ZeroTierNetwork> networks) + { + if (networks == null) + { + return; + } + + lock (_knownNetworks) + { + _knownNetworks = _knownNetworks.Union(networks, new NetworkEqualityComparer()).ToList(); + + foreach (ZeroTierNetwork n in _knownNetworks) + { + if (networks.Contains(n)) + { + n.IsConnected = true; + } + else + { + n.IsConnected = false; + } + } + + _knownNetworks.Sort(); + _nwCb(_knownNetworks); + } + + writeNetworks(); + } + + private void apiStatusCallback(ZeroTierStatus status) + { + _stCb(status); + } + + private void run() + { + try + { + while (runThread.IsAlive) + { + APIHandler handler = APIHandler.Instance; + + if (handler != null) + { + handler.GetNetworks(apiNetworkCallback); + handler.GetStatus(apiStatusCallback); + } + + Thread.Sleep(2000); + } + } + catch + { + Console.WriteLine("Monitor Thread Ended"); + } + } + + public void SubscribeStatusUpdates(StatusCallback cb) + { + _stCb += cb; + } + + public void UnsubscribeStatusUpdates(StatusCallback cb) + { + _stCb -= cb; + } + + public void SubscribeNetworkUpdates(NetworkListCallback cb) + { + _nwCb += cb; + } + + public void UnsubscribeNetworkUpdates(NetworkListCallback cb) + { + _nwCb -= cb; + } + + public void RemoveNetwork(String networkID) + { + lock(_knownNetworks) + { + foreach (ZeroTierNetwork n in _knownNetworks) + { + if (n.NetworkId.Equals(networkID)) + { + _knownNetworks.Remove(n); + writeNetworks(); + break; + } + } + } + } + + public void StopMonitor() + { + runThread.Abort(); + } + } +} diff --git a/windows/WinUI/NetworkRoute.cs b/windows/WinUI/NetworkRoute.cs new file mode 100644 index 00000000..ce26ef7d --- /dev/null +++ b/windows/WinUI/NetworkRoute.cs @@ -0,0 +1,42 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Runtime.Serialization; +using System.Text; +using System.Threading.Tasks; +using Newtonsoft.Json; + +namespace WinUI +{ + [Serializable] + public class NetworkRoute : ISerializable + { + protected NetworkRoute(SerializationInfo info, StreamingContext ctx) + { + Target = info.GetString("target"); + Via = info.GetString("via"); + Flags = info.GetInt32("flags"); + Metric = info.GetInt32("metric"); + } + + public virtual void GetObjectData(SerializationInfo info, StreamingContext ctx) + { + info.AddValue("target", Target); + info.AddValue("via", Via); + info.AddValue("flags", Flags); + info.AddValue("metric", Metric); + } + + [JsonProperty("target")] + public string Target { get; set; } + + [JsonProperty("via")] + public string Via { get; set; } + + [JsonProperty("flags")] + public int Flags { get; set; } + + [JsonProperty("metric")] + public int Metric { get; set; } + } +} diff --git a/windows/WinUI/NetworksPage.xaml.cs b/windows/WinUI/NetworksPage.xaml.cs index 5a0dc19d..39a2fefc 100644 --- a/windows/WinUI/NetworksPage.xaml.cs +++ b/windows/WinUI/NetworksPage.xaml.cs @@ -20,33 +20,80 @@ namespace WinUI /// </summary> public partial class NetworksPage : UserControl { - private APIHandler handler; - public NetworksPage() { InitializeComponent(); } - public void SetAPIHandler(APIHandler handler) - { - this.handler = handler; - } - public void setNetworks(List<ZeroTierNetwork> networks) { - this.wrapPanel.Children.Clear(); if (networks == null) { + this.wrapPanel.Children.Clear(); return; } - for (int i = 0; i < networks.Count; ++i) + foreach (ZeroTierNetwork network in networks) + { + NetworkInfoView view = ChildWithNetwork(network); + if (view != null) + { + view.SetNetworkInfo(network); + } + else + { + wrapPanel.Children.Add( + new NetworkInfoView( + network)); + } + } + + // remove networks we're no longer joined to. + List<ZeroTierNetwork> tmpList = GetNetworksFromChildren(); + foreach (ZeroTierNetwork n in networks) + { + if (tmpList.Contains(n)) + { + tmpList.Remove(n); + } + } + + foreach (ZeroTierNetwork n in tmpList) { - this.wrapPanel.Children.Add( - new NetworkInfoView( - handler, - networks.ElementAt<ZeroTierNetwork>(i))); + NetworkInfoView view = ChildWithNetwork(n); + if (view != null) + { + wrapPanel.Children.Remove(view); + } } } + + private NetworkInfoView ChildWithNetwork(ZeroTierNetwork network) + { + List<NetworkInfoView> list = wrapPanel.Children.OfType<NetworkInfoView>().ToList(); + + foreach (NetworkInfoView view in list) + { + if (view.HasNetwork(network)) + { + return view; + } + } + + return null; + } + + private List<ZeroTierNetwork> GetNetworksFromChildren() + { + List<ZeroTierNetwork> networks = new List<ZeroTierNetwork>(wrapPanel.Children.Count); + + List<NetworkInfoView> list = wrapPanel.Children.OfType<NetworkInfoView>().ToList(); + foreach (NetworkInfoView n in list) + { + networks.Add(n.network); + } + + return networks; + } } } diff --git a/windows/WinUI/PreferencesView.xaml b/windows/WinUI/PreferencesView.xaml new file mode 100644 index 00000000..ac61fff1 --- /dev/null +++ b/windows/WinUI/PreferencesView.xaml @@ -0,0 +1,13 @@ +<Window x:Class="WinUI.PreferencesView" + xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation" + xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" + xmlns:d="http://schemas.microsoft.com/expression/blend/2008" + xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" + xmlns:local="clr-namespace:WinUI" + mc:Ignorable="d" + Title="PreferencesView" SizeToContent="WidthAndHeight" Height="Auto" Width="Auto" Icon="ZeroTierIcon.ico"> + <Grid> + <CheckBox x:Name="startupCheckbox" Content="Launch ZeroTier On Startup" HorizontalAlignment="Left" Margin="10,10,10,10" VerticalAlignment="Top" Checked="startupCheckbox_Checked" Unchecked="startupCheckbox_Unchecked"/> + + </Grid> +</Window> diff --git a/windows/WinUI/PreferencesView.xaml.cs b/windows/WinUI/PreferencesView.xaml.cs new file mode 100644 index 00000000..c6733be6 --- /dev/null +++ b/windows/WinUI/PreferencesView.xaml.cs @@ -0,0 +1,50 @@ +using Microsoft.Win32; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Threading.Tasks; +using System.Windows; +using System.Windows.Controls; +using System.Windows.Data; +using System.Windows.Documents; +using System.Windows.Input; +using System.Windows.Media; +using System.Windows.Media.Imaging; +using System.Windows.Shapes; + +namespace WinUI +{ + /// <summary> + /// Interaction logic for PreferencesView.xaml + /// </summary> + public partial class PreferencesView : Window + { + public static string AppName = "ZeroTier One"; + private RegistryKey rk = Registry.CurrentUser.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", true); + + public PreferencesView() + { + InitializeComponent(); + + + string keyValue = rk.GetValue(AppName) as string; + + if (keyValue != null && keyValue.Equals(System.Reflection.Assembly.GetExecutingAssembly().Location)) + { + startupCheckbox.IsChecked = true; + } + } + + private void startupCheckbox_Checked(object sender, RoutedEventArgs e) + { + rk.SetValue(AppName, System.Reflection.Assembly.GetExecutingAssembly().Location); + } + + private void startupCheckbox_Unchecked(object sender, RoutedEventArgs e) + { + rk.DeleteValue(AppName); + } + + } +} diff --git a/windows/WinUI/Properties/Resources.Designer.cs b/windows/WinUI/Properties/Resources.Designer.cs index 57a56f7d..3e5c78ae 100644 --- a/windows/WinUI/Properties/Resources.Designer.cs +++ b/windows/WinUI/Properties/Resources.Designer.cs @@ -8,10 +8,10 @@ // </auto-generated> //------------------------------------------------------------------------------ -namespace WinUI.Properties -{ - - +namespace WinUI.Properties { + using System; + + /// <summary> /// A strongly-typed resource class, for looking up localized strings, etc. /// </summary> @@ -22,50 +22,52 @@ namespace WinUI.Properties [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "4.0.0.0")] [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()] - internal class Resources - { - + internal class Resources { + private static global::System.Resources.ResourceManager resourceMan; - + private static global::System.Globalization.CultureInfo resourceCulture; - + [global::System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode")] - internal Resources() - { + internal Resources() { } - + /// <summary> /// Returns the cached ResourceManager instance used by this class. /// </summary> [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] - internal static global::System.Resources.ResourceManager ResourceManager - { - get - { - if ((resourceMan == null)) - { + internal static global::System.Resources.ResourceManager ResourceManager { + get { + if (object.ReferenceEquals(resourceMan, null)) { global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("WinUI.Properties.Resources", typeof(Resources).Assembly); resourceMan = temp; } return resourceMan; } } - + /// <summary> /// Overrides the current thread's CurrentUICulture property for all /// resource lookups using this strongly typed resource class. /// </summary> [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] - internal static global::System.Globalization.CultureInfo Culture - { - get - { + internal static global::System.Globalization.CultureInfo Culture { + get { return resourceCulture; } - set - { + set { resourceCulture = value; } } + + /// <summary> + /// Looks up a localized resource of type System.Drawing.Icon similar to (Icon). + /// </summary> + internal static System.Drawing.Icon ZeroTierIcon { + get { + object obj = ResourceManager.GetObject("ZeroTierIcon", resourceCulture); + return ((System.Drawing.Icon)(obj)); + } + } } } diff --git a/windows/WinUI/Properties/Resources.resx b/windows/WinUI/Properties/Resources.resx index af7dbebb..0872fceb 100644 --- a/windows/WinUI/Properties/Resources.resx +++ b/windows/WinUI/Properties/Resources.resx @@ -46,7 +46,7 @@ mimetype: application/x-microsoft.net.object.binary.base64 value : The object must be serialized with - : System.Serialization.Formatters.Binary.BinaryFormatter + : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter : and then encoded with base64 encoding. mimetype: application/x-microsoft.net.object.soap.base64 @@ -60,6 +60,7 @@ : and then encoded with base64 encoding. --> <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata"> + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" /> <xsd:element name="root" msdata:IsDataSet="true"> <xsd:complexType> <xsd:choice maxOccurs="unbounded"> @@ -68,9 +69,10 @@ <xsd:sequence> <xsd:element name="value" type="xsd:string" minOccurs="0" /> </xsd:sequence> - <xsd:attribute name="name" type="xsd:string" /> + <xsd:attribute name="name" use="required" type="xsd:string" /> <xsd:attribute name="type" type="xsd:string" /> <xsd:attribute name="mimetype" type="xsd:string" /> + <xsd:attribute ref="xml:space" /> </xsd:complexType> </xsd:element> <xsd:element name="assembly"> @@ -85,9 +87,10 @@ <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" /> <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" /> </xsd:sequence> - <xsd:attribute name="name" type="xsd:string" msdata:Ordinal="1" /> + <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" /> <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" /> <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" /> + <xsd:attribute ref="xml:space" /> </xsd:complexType> </xsd:element> <xsd:element name="resheader"> @@ -109,9 +112,13 @@ <value>2.0</value> </resheader> <resheader name="reader"> - <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> + <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> </resheader> <resheader name="writer"> - <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> + <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> </resheader> + <assembly alias="System.Windows.Forms" name="System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /> + <data name="ZeroTierIcon" type="System.Resources.ResXFileRef, System.Windows.Forms"> + <value>..\ZeroTierIcon.ico;System.Drawing.Icon, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a</value> + </data> </root>
\ No newline at end of file diff --git a/windows/WinUI/Resources/ZeroTierIcon.ico b/windows/WinUI/Resources/ZeroTierIcon.ico Binary files differnew file mode 100644 index 00000000..5d06b9f2 --- /dev/null +++ b/windows/WinUI/Resources/ZeroTierIcon.ico diff --git a/windows/WinUI/Simple Styles.xaml b/windows/WinUI/Simple Styles.xaml index f2ddedf9..a03348b3 100644 --- a/windows/WinUI/Simple Styles.xaml +++ b/windows/WinUI/Simple Styles.xaml @@ -1,4 +1,9 @@ -<ResourceDictionary xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:d="http://schemas.microsoft.com/expression/interactivedesigner/2006" xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" mc:Ignorable="d"> +<ResourceDictionary xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation" + xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" + xmlns:d="http://schemas.microsoft.com/expression/interactivedesigner/2006" + xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" + mc:Ignorable="d" + xmlns:tb="http://www.hardcodet.net/taskbar"> <!-- SimpleStyles.XAML defines a set of control styles which are simplified starting points for creating your own controls --> @@ -1118,4 +1123,6 @@ </Setter.Value> </Setter> </Style> + + <tb:TaskbarIcon x:Key="NotifyIcon" IconSource="ZeroTierIcon.ico" ToolTipText="ZeroTier One"/> </ResourceDictionary> diff --git a/windows/WinUI/ToolbarItem.xaml b/windows/WinUI/ToolbarItem.xaml new file mode 100644 index 00000000..3b064fc4 --- /dev/null +++ b/windows/WinUI/ToolbarItem.xaml @@ -0,0 +1,59 @@ +<Window x:Class="WinUI.ToolbarItem" + xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation" + xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" + xmlns:d="http://schemas.microsoft.com/expression/blend/2008" + xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" + xmlns:local="clr-namespace:WinUI" + xmlns:tb="http://www.hardcodet.net/taskbar" + xmlns:scm="clr-namespace:System.ComponentModel;assembly=WindowsBase" + mc:Ignorable="d" + Height="300" Width="300" Visibility="Hidden" Name="Toolbar"> + + <Window.Resources> + <CollectionViewSource Source="{Binding ElementName=Toolbar, Path=NetworkCollection}" x:Key="KnownNetworks"> + <CollectionViewSource.SortDescriptions> + <scm:SortDescription PropertyName="Header" Direction="Ascending"/> + </CollectionViewSource.SortDescriptions> + </CollectionViewSource> + </Window.Resources> + + <Grid> + <tb:TaskbarIcon x:Name="MyNotifyIcon" + IconSource="ZeroTierIcon.ico" + ToolTipText="ZeroTier One" + MenuActivation="LeftOrRightClick"> + <tb:TaskbarIcon.ContextMenu> + <ContextMenu> + <ContextMenu.ItemsSource> + <CompositeCollection> + <MenuItem Header="Node ID: unknown" + Click="ToolbarItem_NodeIDClicked" + x:Name="nodeIdMenuItem"/> + <Separator/> + <MenuItem Header="Join Network..." + Click="ToolbarItem_JoinNetworkClicked"/> + <MenuItem Header="Show Networks..." + Click="ToolbarItem_ShowNetworksClicked"/> + <Separator/> + + <CollectionContainer Collection="{Binding Source={StaticResource KnownNetworks}}"> + + </CollectionContainer> + + <Separator/> + <MenuItem Header="About..." + Click="ToolbarItem_AboutClicked"/> + <MenuItem Header="Preferences..." + Click="ToolbarItem_PreferencesClicked"/> + <Separator/> + <MenuItem Header="Quit" + Click="ToolbarItem_QuitClicked"/> + + </CompositeCollection> + </ContextMenu.ItemsSource> + </ContextMenu> + </tb:TaskbarIcon.ContextMenu> + + </tb:TaskbarIcon> + </Grid> +</Window> diff --git a/windows/WinUI/ToolbarItem.xaml.cs b/windows/WinUI/ToolbarItem.xaml.cs new file mode 100644 index 00000000..29791a4e --- /dev/null +++ b/windows/WinUI/ToolbarItem.xaml.cs @@ -0,0 +1,310 @@ +using System; +using System.Collections.Generic; +using System.Collections.ObjectModel; +using System.ComponentModel; +using System.Linq; +using System.Runtime.CompilerServices; +using System.Text; +using System.Threading.Tasks; +using System.Windows; +using System.Windows.Controls; +using System.Windows.Data; +using System.Windows.Documents; +using System.Windows.Input; +using System.Windows.Media; +using System.Windows.Media.Imaging; +using System.Windows.Shapes; +using System.Text.RegularExpressions; +using System.Timers; +using System.Windows.Threading; +using System.IO; +using System.Diagnostics; +using Microsoft.Win32; + +namespace WinUI +{ + /// <summary> + /// Interaction logic for ToolbarItem.xaml + /// </summary> + public partial class ToolbarItem : Window, INotifyPropertyChanged + { + private APIHandler handler = APIHandler.Instance; + + private Point netListLocation = new Point(0, 0); + private Point joinNetLocation = new Point(0, 0); + private Point aboutViewLocation = new Point(0, 0); + private Point prefsViewLocation = new Point(0, 0); + + private NetworkListView netListView = new NetworkListView(); + private JoinNetworkView joinNetView = null; + private AboutView aboutView = null; + private PreferencesView prefsView = null; + + private NetworkMonitor mon = NetworkMonitor.Instance; + + private ObservableCollection<MenuItem> _networkCollection = new ObservableCollection<MenuItem>(); + + public ObservableCollection<MenuItem> NetworkCollection + { + get { return _networkCollection; } + set { _networkCollection = value; } + } + + private string nodeId; + + public ToolbarItem() + { + InitializeComponent(); + + mon.SubscribeNetworkUpdates(updateNetworks); + mon.SubscribeStatusUpdates(updateStatus); + + SystemEvents.DisplaySettingsChanged += new EventHandler(SystemEvents_DisplaySettingsChanged); + } + + ~ToolbarItem() + { + mon.UnsubscribeNetworkUpdates(updateNetworks); + mon.UnsubscribeStatusUpdates(updateStatus); + } + + public event PropertyChangedEventHandler PropertyChanged; + + protected void NotifyPropertyChanged([CallerMemberName] string propertyName = null) + { + PropertyChanged?.Invoke(this, new PropertyChangedEventArgs(propertyName)); + } + + private void updateNetworks(List<ZeroTierNetwork> networks) + { + if (networks != null) + { + this.Dispatcher.BeginInvoke(DispatcherPriority.Normal, new Action(() => + { + NetworkCollection.Clear(); + foreach (ZeroTierNetwork n in networks) + { + MenuItem item = new MenuItem(); + item.Header = n.Title; + item.DataContext = n; + item.IsChecked = n.IsConnected; + item.Click += ToolbarItem_NetworkClicked; + + NetworkCollection.Add(item); + } + })); + } + } + + private void updateStatus(ZeroTierStatus status) + { + if (status != null) + { + Dispatcher.BeginInvoke(DispatcherPriority.Normal, new Action(() => + { + nodeIdMenuItem.Header = "Node ID: " + status.Address; + nodeIdMenuItem.IsEnabled = true; + nodeId = status.Address; + })); + } + } + + private void ToolbarItem_NodeIDClicked(object sender, System.Windows.RoutedEventArgs e) + { + Clipboard.SetText(nodeId); + } + + private void ToolbarItem_ShowNetworksClicked(object sender, System.Windows.RoutedEventArgs e) + { + if (netListView == null) + { + netListView = new WinUI.NetworkListView(); + netListView.Closed += ShowNetworksClosed; + } + + bool netListNeedsMoving = true; + if (netListLocation.X > 0 && netListLocation.Y > 0) + { + netListView.Left = netListLocation.X; + netListView.Top = netListLocation.Y; + netListNeedsMoving = false; + } + + netListView.Show(); + + if (netListNeedsMoving) + { + setWindowPosition(netListView); + netListLocation.X = netListView.Left; + netListLocation.Y = netListView.Top; + } + + netListView.Activate(); + } + + private void ShowNetworksClosed(object sender, System.EventArgs e) + { + netListView = null; + } + + private void ToolbarItem_JoinNetworkClicked(object sender, System.EventArgs e) + { + if (joinNetView == null) + { + joinNetView = new JoinNetworkView(); + joinNetView.Closed += JoinNetworkClosed; + + bool needsMove = true; + if (joinNetLocation.X > 0 && joinNetLocation.Y > 0) + { + joinNetView.Left = joinNetLocation.X; + joinNetView.Top = joinNetLocation.Y; + needsMove = false; + } + + joinNetView.Show(); + + if (needsMove) + { + setWindowPosition(joinNetView); + joinNetLocation.X = joinNetView.Left; + joinNetLocation.Y = joinNetView.Top; + } + } + else + { + joinNetView.Activate(); + } + } + + private void JoinNetworkClosed(object sender, System.EventArgs e) + { + joinNetView = null; + } + + private void ToolbarItem_AboutClicked(object sender, System.EventArgs e) + { + if (aboutView == null) + { + aboutView = new AboutView(); + aboutView.Closed += AboutClosed; + + bool needsMove = true; + if (aboutViewLocation.X > 0 && aboutViewLocation.Y > 0) + { + aboutView.Left = aboutViewLocation.X; + aboutView.Top = aboutViewLocation.Y; + needsMove = false; + } + + aboutView.Show(); + + if (needsMove) + { + setWindowPosition(aboutView); + aboutViewLocation.X = aboutView.Left; + aboutViewLocation.Y = aboutView.Top; + } + } + else + { + aboutView.Activate(); + } + } + + private void AboutClosed(object sender, System.EventArgs e) + { + aboutView = null; + } + + private void ToolbarItem_PreferencesClicked(object sender, System.EventArgs e) + { + if (prefsView == null) + { + prefsView = new PreferencesView(); + prefsView.Closed += PreferencesClosed; + + bool needsMove = true; + if (prefsViewLocation.X > 0 && prefsViewLocation.Y > 0) + { + prefsView.Left = prefsViewLocation.X; + prefsView.Top = prefsViewLocation.Y; + needsMove = false; + } + + prefsView.Show(); + + if (needsMove) + { + setWindowPosition(prefsView); + prefsViewLocation.X = prefsView.Left; + prefsViewLocation.Y = prefsView.Top; + } + } + else + { + prefsView.Activate(); + } + } + + private void PreferencesClosed(object sender, System.EventArgs e) + { + prefsView = null; + } + + private void ToolbarItem_QuitClicked(object sender, System.EventArgs e) + { + NetworkMonitor.Instance.StopMonitor(); + this.Close(); + Application.Current.Shutdown(); + } + + private void ToolbarItem_NetworkClicked(object sender, System.Windows.RoutedEventArgs e) + { + if(sender.GetType() == typeof(MenuItem)) + { + MenuItem item = e.Source as MenuItem; + if (item.DataContext != null) + { + ZeroTierNetwork network = item.DataContext as ZeroTierNetwork; + if (item.IsChecked) + { + APIHandler.Instance.LeaveNetwork(network.NetworkId); + } + else + { + APIHandler.Instance.JoinNetwork(network.NetworkId, network.AllowManaged, network.AllowGlobal, network.AllowDefault); + } + } + } + } + + private void setWindowPosition(Window w) + { + double width = w.ActualWidth; + double height = w.ActualHeight; + + double screenHeight = SystemParameters.PrimaryScreenHeight; + double screenWidth = SystemParameters.PrimaryScreenWidth; + + double top = screenHeight - height - 40; + double left = screenWidth - width - 20; + + w.Top = top; + w.Left = left; + } + + private void SystemEvents_DisplaySettingsChanged(object sender, EventArgs e) + { + // reset cached locations to (0, 0) when display size changes + netListLocation.X = 0; + netListLocation.Y = 0; + joinNetLocation.X = 0; + joinNetLocation.Y = 0; + aboutViewLocation.X = 0; + aboutViewLocation.Y = 0; + prefsViewLocation.X = 0; + prefsViewLocation.Y = 0; + } + } +} diff --git a/windows/WinUI/WinUI.csproj b/windows/WinUI/WinUI.csproj index c3eeaba4..6b8013e0 100644 --- a/windows/WinUI/WinUI.csproj +++ b/windows/WinUI/WinUI.csproj @@ -63,13 +63,15 @@ <PropertyGroup> <SignManifests>false</SignManifests> </PropertyGroup> - <PropertyGroup> - <ApplicationManifest>app.manifest</ApplicationManifest> - </PropertyGroup> + <PropertyGroup /> <ItemGroup> <Reference Include="Accessibility" /> - <Reference Include="Newtonsoft.Json, Version=7.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL"> - <HintPath>..\packages\Newtonsoft.Json.7.0.1\lib\net45\Newtonsoft.Json.dll</HintPath> + <Reference Include="Hardcodet.Wpf.TaskbarNotification, Version=1.0.5.0, Culture=neutral, processorArchitecture=MSIL"> + <HintPath>..\packages\Hardcodet.NotifyIcon.Wpf.1.0.8\lib\net45\Hardcodet.Wpf.TaskbarNotification.dll</HintPath> + <Private>True</Private> + </Reference> + <Reference Include="Newtonsoft.Json, Version=9.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL"> + <HintPath>..\packages\Newtonsoft.Json.9.0.1\lib\net45\Newtonsoft.Json.dll</HintPath> <Private>True</Private> </Reference> <Reference Include="PresentationUI, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" /> @@ -99,17 +101,39 @@ <Generator>MSBuild:Compile</Generator> <SubType>Designer</SubType> </ApplicationDefinition> + <Compile Include="AboutView.xaml.cs"> + <DependentUpon>AboutView.xaml</DependentUpon> + </Compile> + <Compile Include="JoinNetworkView.xaml.cs"> + <DependentUpon>JoinNetworkView.xaml</DependentUpon> + </Compile> + <Compile Include="NetworkMonitor.cs" /> + <Compile Include="NetworkRoute.cs" /> <Compile Include="NetworksPage.xaml.cs"> <DependentUpon>NetworksPage.xaml</DependentUpon> </Compile> <Compile Include="PeersPage.xaml.cs"> <DependentUpon>PeersPage.xaml</DependentUpon> </Compile> + <Compile Include="PreferencesView.xaml.cs"> + <DependentUpon>PreferencesView.xaml</DependentUpon> + </Compile> + <Compile Include="ToolbarItem.xaml.cs"> + <DependentUpon>ToolbarItem.xaml</DependentUpon> + </Compile> <Compile Include="ZeroTierPeerPhysicalPath.cs" /> <Compile Include="ZeroTierPeer.cs" /> <Compile Include="ZeroTierNetwork.cs" /> <Compile Include="ZeroTierStatus.cs" /> - <Page Include="MainWindow.xaml"> + <Page Include="AboutView.xaml"> + <SubType>Designer</SubType> + <Generator>MSBuild:Compile</Generator> + </Page> + <Page Include="JoinNetworkView.xaml"> + <SubType>Designer</SubType> + <Generator>MSBuild:Compile</Generator> + </Page> + <Page Include="NetworkListView.xaml"> <Generator>MSBuild:Compile</Generator> <SubType>Designer</SubType> </Page> @@ -118,8 +142,8 @@ <DependentUpon>App.xaml</DependentUpon> <SubType>Code</SubType> </Compile> - <Compile Include="MainWindow.xaml.cs"> - <DependentUpon>MainWindow.xaml</DependentUpon> + <Compile Include="NetworkListView.xaml.cs"> + <DependentUpon>NetworkListView.xaml</DependentUpon> <SubType>Code</SubType> </Compile> <Page Include="NetworkInfoView.xaml"> @@ -134,6 +158,10 @@ <SubType>Designer</SubType> <Generator>MSBuild:Compile</Generator> </Page> + <Page Include="PreferencesView.xaml"> + <SubType>Designer</SubType> + <Generator>MSBuild:Compile</Generator> + </Page> <Page Include="Simple Styles.xaml"> <Generator>MSBuild:Compile</Generator> <SubType>Designer</SubType> @@ -142,6 +170,10 @@ <Generator>MSBuild:Compile</Generator> <SubType>Designer</SubType> </Page> + <Page Include="ToolbarItem.xaml"> + <SubType>Designer</SubType> + <Generator>MSBuild:Compile</Generator> + </Page> </ItemGroup> <ItemGroup> <Compile Include="NetworkInfoView.xaml.cs"> @@ -215,8 +247,14 @@ </BlendEmbeddedFont> <Resource Include="ZeroTierIcon.ico" /> </ItemGroup> + <ItemGroup> + <None Include="Resources\ZeroTierIcon.ico" /> + </ItemGroup> <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" /> <Import Project="$(MSBuildExtensionsPath)\Microsoft\Expression\Blend\.NETFramework\v4.5\Microsoft.Expression.Blend.WPF.targets" /> + <PropertyGroup> + <PostBuildEvent>copy "$(SolutionDir)\copyutil\bin\$(ConfigurationName)\copyutil.exe" "$(ProjectDir)\$(OutDir)\copyutil.exe"</PostBuildEvent> + </PropertyGroup> <!-- To modify your build process, add your task inside one of the targets below and uncomment it. Other similar extension points exist, see Microsoft.Common.targets. <Target Name="BeforeBuild"> diff --git a/windows/WinUI/ZeroTierNetwork.cs b/windows/WinUI/ZeroTierNetwork.cs index cce65441..d6802385 100644 --- a/windows/WinUI/ZeroTierNetwork.cs +++ b/windows/WinUI/ZeroTierNetwork.cs @@ -1,54 +1,494 @@ using System; using System.Collections.Generic; +using System.ComponentModel; using System.Linq; +using System.Runtime.CompilerServices; +using System.Runtime.Serialization; using System.Text; using System.Threading.Tasks; using Newtonsoft.Json; namespace WinUI { - public class ZeroTierNetwork + [Serializable] + public class ZeroTierNetwork : ISerializable, IEquatable<ZeroTierNetwork>, IComparable<ZeroTierNetwork>, INotifyPropertyChanged { + private string networkId; + private string macAddress; + private string networkName; + private string networkStatus; + private string networkType; + private Int32 mtu; + private bool dhcp; + private bool bridge; + private bool broadcastEnabled; + private Int32 portError; + private Int32 netconfRevision; + private string[] assignedAddresses; + private NetworkRoute[] routes; + private string deviceName; + private bool allowManaged; + private bool allowGlobal; + private bool allowDefault; + private bool isConnected; + + protected ZeroTierNetwork(SerializationInfo info, StreamingContext ctx) + { + try + { + NetworkId = info.GetString("nwid"); + MacAddress = info.GetString("mac"); + NetworkName = info.GetString("name"); + NetworkStatus = info.GetString("status"); + NetworkType = info.GetString("type"); + MTU = info.GetInt32("mtu"); + DHCP = info.GetBoolean("dhcp"); + Bridge = info.GetBoolean("bridge"); + BroadcastEnabled = info.GetBoolean("broadcastEnabled"); + PortError = info.GetInt32("portError"); + NetconfRevision = info.GetInt32("netconfRevision"); + AssignedAddresses = (string[])info.GetValue("assignedAddresses", typeof(string[])); + Routes = (NetworkRoute[])info.GetValue("routes", typeof(NetworkRoute[])); + DeviceName = info.GetString("portDeviceName"); + AllowManaged = info.GetBoolean("allowManaged"); + AllowGlobal = info.GetBoolean("allowGlobal"); + AllowDefault = info.GetBoolean("allowDefault"); + } + catch { } + IsConnected = false; + } + + public event PropertyChangedEventHandler PropertyChanged; + + public virtual void GetObjectData(SerializationInfo info, StreamingContext ctx) + { + info.AddValue("nwid", NetworkId); + info.AddValue("mac", MacAddress); + info.AddValue("name", NetworkName); + info.AddValue("status", NetworkStatus); + info.AddValue("type", NetworkType); + info.AddValue("mtu", MTU); + info.AddValue("dhcp", DHCP); + info.AddValue("bridge", Bridge); + info.AddValue("broadcastEnabled", BroadcastEnabled); + info.AddValue("portError", PortError); + info.AddValue("netconfRevision", NetconfRevision); + info.AddValue("assignedAddresses", AssignedAddresses); + info.AddValue("routes", Routes); + info.AddValue("portDeviceName", DeviceName); + info.AddValue("allowManaged", AllowManaged); + info.AddValue("allowGlobal", AllowGlobal); + info.AddValue("allowDefault", AllowDefault); + } + + public void UpdateNetwork(ZeroTierNetwork network) + { + if (network == null) + return; + + if (!NetworkId.Equals(network.NetworkId)) + { + NetworkId = network.NetworkId; + } + + if (!MacAddress.Equals(network.MacAddress)) + { + MacAddress = network.MacAddress; + } + + if (!NetworkName.Equals(network.NetworkName)) + { + NetworkName = network.NetworkName; + } + + if (!NetworkStatus.Equals(network.NetworkStatus)) + { + NetworkStatus = network.NetworkStatus; + } + + if (!NetworkType.Equals(network.NetworkType)) + { + NetworkType = network.NetworkType; + } + + if (MTU != network.MTU) + { + MTU = network.MTU; + } + + if (DHCP != network.DHCP) + { + DHCP = network.DHCP; + } + + if (Bridge != network.Bridge) + { + Bridge = network.Bridge; + } + + if (BroadcastEnabled != network.BroadcastEnabled) + { + BroadcastEnabled = network.BroadcastEnabled; + } + + if (PortError != network.PortError) + { + PortError = network.PortError; + } + + if (NetconfRevision != network.NetconfRevision) + { + NetconfRevision = network.NetconfRevision; + } + + AssignedAddresses = network.AssignedAddresses; + + Routes = network.Routes; + + if (!DeviceName.Equals(network.DeviceName)) + { + DeviceName = network.DeviceName; + } + + if (AllowManaged != network.AllowManaged) + { + AllowManaged = network.AllowManaged; + } + + if (AllowGlobal != network.AllowGlobal) + { + AllowGlobal = network.AllowGlobal; + } + + if (AllowDefault != network.AllowDefault) + { + AllowDefault = network.AllowDefault; + } + + if (IsConnected != network.IsConnected) + { + IsConnected = network.IsConnected; + } + } + + protected void NotifyPropertyChanged([CallerMemberName] string propertyName = null) + { + PropertyChanged?.Invoke(this, new PropertyChangedEventArgs(propertyName)); + } + [JsonProperty("nwid")] - public string NetworkId { get; set; } + public string NetworkId { + get + { + return networkId; + } + set + { + networkId = value; + NotifyPropertyChanged(); + } + } [JsonProperty("mac")] - public string MacAddress { get; set; } + public string MacAddress + { + get + { + return macAddress; + } + set + { + macAddress = value; + NotifyPropertyChanged(); + } + } [JsonProperty("name")] - public string NetworkName { get; set; } + public string NetworkName + { + get + { + return networkName; + } + set + { + networkName = value; + NotifyPropertyChanged(); + } + } [JsonProperty("status")] - public string NetworkStatus { get; set; } + public string NetworkStatus + { + get + { + return networkStatus; + } + set + { + networkStatus = value; + NotifyPropertyChanged(); + } + + } [JsonProperty("type")] - public string NetworkType { get; set; } + public string NetworkType + { + get + { + return networkType; + } + set + { + networkType = value; + NotifyPropertyChanged(); + } + } [JsonProperty("mtu")] - public int MTU { get; set; } + public int MTU + { + get + { + return mtu; + } + set + { + mtu = value; + NotifyPropertyChanged(); + } + } [JsonProperty("dhcp")] - public bool DHCP { get; set; } + public bool DHCP + { + get + { + return dhcp; + } + set + { + dhcp = value; + NotifyPropertyChanged(); + } + } [JsonProperty("bridge")] - public bool Bridge { get; set ; } + public bool Bridge + { + get + { + return bridge; + } + set + { + bridge = value; + NotifyPropertyChanged(); + } + } [JsonProperty("broadcastEnabled")] - public bool BroadcastEnabled { get ; set; } + public bool BroadcastEnabled + { + get + { + return broadcastEnabled; + } + set + { + broadcastEnabled = value; + NotifyPropertyChanged(); + } + } [JsonProperty("portError")] - public int PortError { get; set; } + public int PortError + { + get + { + return portError; + } + set + { + portError = value; + NotifyPropertyChanged(); + } + } [JsonProperty("netconfRevision")] - public int NetconfRevision { get; set; } - - [JsonProperty("multicastSubscriptions")] - public string[] MulticastSubscriptions { get; set; } + public int NetconfRevision + { + get + { + return netconfRevision; + } + set + { + netconfRevision = value; + NotifyPropertyChanged(); + } + } [JsonProperty("assignedAddresses")] - public string[] AssignedAddresses { get; set; } + public string[] AssignedAddresses + { + get + { + return assignedAddresses; + } + set + { + assignedAddresses = value; + NotifyPropertyChanged(); + } + } + + [JsonProperty("routes")] + public NetworkRoute[] Routes + { + get + { + return routes; + } + set + { + routes = value; + NotifyPropertyChanged(); + } + } [JsonProperty("portDeviceName")] - public string DeviceName { get; set; } + public string DeviceName + { + get + { + return deviceName; + } + set + { + deviceName = value; + NotifyPropertyChanged(); + } + } + + [JsonProperty("allowManaged")] + public bool AllowManaged + { + get + { + return allowManaged; + } + set + { + allowManaged = value; + NotifyPropertyChanged(); + } + } + + [JsonProperty("allowGlobal")] + public bool AllowGlobal + { + get + { + return allowGlobal; + } + set + { + allowGlobal = value; + NotifyPropertyChanged(); + } + } + + [JsonProperty("allowDefault")] + public bool AllowDefault + { + get + { + return allowDefault; + } + set + { + allowDefault = value; + NotifyPropertyChanged(); + } + } + + public bool IsConnected + { + get + { + return isConnected; + } + set + { + isConnected = value; + NotifyPropertyChanged(); + } + } + + public String Title + { + get + { + + if (NetworkName != null && NetworkName.Length > 0) + { + return NetworkId + " (" + NetworkName + ")"; + } + else + { + return NetworkId; + } + } + } + + public bool Equals(ZeroTierNetwork network) + { + if (NetworkId == null || network == null) + return false; + + return NetworkId.Equals(network.NetworkId); + } + + public int CompareTo(ZeroTierNetwork network) + { + if (NetworkId == null || network == null) + return -1; + + UInt64 thisNwid = UInt64.Parse(NetworkId, System.Globalization.NumberStyles.HexNumber); + UInt64 otherNwid = UInt64.Parse(network.NetworkId, System.Globalization.NumberStyles.HexNumber); + + if (thisNwid > otherNwid) + { + return 1; + } + else if (thisNwid < otherNwid) + { + return -1; + } + else + { + return 0; + } + } + } + + public class NetworkEqualityComparer : IEqualityComparer<ZeroTierNetwork> + { + public bool Equals(ZeroTierNetwork lhs, ZeroTierNetwork rhs) + { + if (lhs.NetworkId.Equals(rhs.NetworkId)) + { + lhs.UpdateNetwork(rhs); + return true; + } + return false; + } + + public int GetHashCode(ZeroTierNetwork obj) + { + return obj.NetworkId.GetHashCode(); + } } } diff --git a/windows/WinUI/packages.config b/windows/WinUI/packages.config index 505e5883..e6803f84 100644 --- a/windows/WinUI/packages.config +++ b/windows/WinUI/packages.config @@ -1,4 +1,5 @@ <?xml version="1.0" encoding="utf-8"?> <packages> - <package id="Newtonsoft.Json" version="7.0.1" targetFramework="net45" /> + <package id="Hardcodet.NotifyIcon.Wpf" version="1.0.8" targetFramework="net45" /> + <package id="Newtonsoft.Json" version="9.0.1" targetFramework="net45" /> </packages>
\ No newline at end of file diff --git a/windows/ZeroTierOne.sln b/windows/ZeroTierOne.sln index 68596187..9baadd81 100644 --- a/windows/ZeroTierOne.sln +++ b/windows/ZeroTierOne.sln @@ -1,11 +1,18 @@ Microsoft Visual Studio Solution File, Format Version 12.00 -# Visual Studio 2012 +# Visual Studio 14 +VisualStudioVersion = 14.0.25420.1 +MinimumVisualStudioVersion = 10.0.40219.1 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ZeroTierOne", "ZeroTierOne\ZeroTierOne.vcxproj", "{B00A4957-5977-4AC1-9EF4-571DC27EADA2}" EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "TapDriver6", "TapDriver6\TapDriver6.vcxproj", "{43BA7584-D4DB-4F7C-90FC-E2B18A68A213}" EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "WinUI", "WinUI\WinUI.csproj", "{4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}" + ProjectSection(ProjectDependencies) = postProject + {6D27214A-087B-4484-B898-AD2A13FA3B9E} = {6D27214A-087B-4484-B898-AD2A13FA3B9E} + EndProjectSection +EndProject +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "copyutil", "copyutil\copyutil.csproj", "{6D27214A-087B-4484-B898-AD2A13FA3B9E}" EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution @@ -13,57 +20,46 @@ Global CD_ROM|Mixed Platforms = CD_ROM|Mixed Platforms CD_ROM|Win32 = CD_ROM|Win32 CD_ROM|x64 = CD_ROM|x64 - CD_ROM|x86 = CD_ROM|x86 Debug|Any CPU = Debug|Any CPU Debug|Mixed Platforms = Debug|Mixed Platforms Debug|Win32 = Debug|Win32 Debug|x64 = Debug|x64 - Debug|x86 = Debug|x86 DVD-5|Any CPU = DVD-5|Any CPU DVD-5|Mixed Platforms = DVD-5|Mixed Platforms DVD-5|Win32 = DVD-5|Win32 DVD-5|x64 = DVD-5|x64 - DVD-5|x86 = DVD-5|x86 Release|Any CPU = Release|Any CPU Release|Mixed Platforms = Release|Mixed Platforms Release|Win32 = Release|Win32 Release|x64 = Release|x64 - Release|x86 = Release|x86 SingleImage|Any CPU = SingleImage|Any CPU SingleImage|Mixed Platforms = SingleImage|Mixed Platforms SingleImage|Win32 = SingleImage|Win32 SingleImage|x64 = SingleImage|x64 - SingleImage|x86 = SingleImage|x86 Vista Debug|Any CPU = Vista Debug|Any CPU Vista Debug|Mixed Platforms = Vista Debug|Mixed Platforms Vista Debug|Win32 = Vista Debug|Win32 Vista Debug|x64 = Vista Debug|x64 - Vista Debug|x86 = Vista Debug|x86 Vista Release|Any CPU = Vista Release|Any CPU Vista Release|Mixed Platforms = Vista Release|Mixed Platforms Vista Release|Win32 = Vista Release|Win32 Vista Release|x64 = Vista Release|x64 - Vista Release|x86 = Vista Release|x86 Win7 Debug|Any CPU = Win7 Debug|Any CPU Win7 Debug|Mixed Platforms = Win7 Debug|Mixed Platforms Win7 Debug|Win32 = Win7 Debug|Win32 Win7 Debug|x64 = Win7 Debug|x64 - Win7 Debug|x86 = Win7 Debug|x86 Win7 Release|Any CPU = Win7 Release|Any CPU Win7 Release|Mixed Platforms = Win7 Release|Mixed Platforms Win7 Release|Win32 = Win7 Release|Win32 Win7 Release|x64 = Win7 Release|x64 - Win7 Release|x86 = Win7 Release|x86 Win8 Debug|Any CPU = Win8 Debug|Any CPU Win8 Debug|Mixed Platforms = Win8 Debug|Mixed Platforms Win8 Debug|Win32 = Win8 Debug|Win32 Win8 Debug|x64 = Win8 Debug|x64 - Win8 Debug|x86 = Win8 Debug|x86 Win8 Release|Any CPU = Win8 Release|Any CPU Win8 Release|Mixed Platforms = Win8 Release|Mixed Platforms Win8 Release|Win32 = Win8 Release|Win32 Win8 Release|x64 = Win8 Release|x64 - Win8 Release|x86 = Win8 Release|x86 EndGlobalSection GlobalSection(ProjectConfigurationPlatforms) = postSolution {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.CD_ROM|Any CPU.ActiveCfg = Release|Win32 @@ -76,9 +72,6 @@ Global {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.CD_ROM|x64.ActiveCfg = Release|x64 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.CD_ROM|x64.Build.0 = Release|x64 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.CD_ROM|x64.Deploy.0 = Release|x64 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.CD_ROM|x86.ActiveCfg = Debug|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.CD_ROM|x86.Build.0 = Debug|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.CD_ROM|x86.Deploy.0 = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Debug|Any CPU.ActiveCfg = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Debug|Mixed Platforms.ActiveCfg = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Debug|Mixed Platforms.Build.0 = Debug|Win32 @@ -88,9 +81,6 @@ Global {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Debug|Win32.Deploy.0 = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Debug|x64.ActiveCfg = Debug|x64 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Debug|x64.Build.0 = Debug|x64 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Debug|x86.ActiveCfg = Debug|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Debug|x86.Build.0 = Debug|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Debug|x86.Deploy.0 = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.DVD-5|Any CPU.ActiveCfg = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.DVD-5|Mixed Platforms.ActiveCfg = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.DVD-5|Mixed Platforms.Build.0 = Debug|Win32 @@ -101,9 +91,6 @@ Global {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.DVD-5|x64.ActiveCfg = Debug|x64 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.DVD-5|x64.Build.0 = Debug|x64 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.DVD-5|x64.Deploy.0 = Debug|x64 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.DVD-5|x86.ActiveCfg = Debug|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.DVD-5|x86.Build.0 = Debug|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.DVD-5|x86.Deploy.0 = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Release|Any CPU.ActiveCfg = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Release|Mixed Platforms.ActiveCfg = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Release|Mixed Platforms.Build.0 = Release|Win32 @@ -112,9 +99,6 @@ Global {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Release|Win32.Build.0 = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Release|Win32.Deploy.0 = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Release|x64.ActiveCfg = Release|x64 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Release|x86.ActiveCfg = Release|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Release|x86.Build.0 = Release|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Release|x86.Deploy.0 = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.SingleImage|Any CPU.ActiveCfg = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.SingleImage|Mixed Platforms.ActiveCfg = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.SingleImage|Mixed Platforms.Build.0 = Release|Win32 @@ -125,9 +109,6 @@ Global {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.SingleImage|x64.ActiveCfg = Release|x64 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.SingleImage|x64.Build.0 = Release|x64 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.SingleImage|x64.Deploy.0 = Release|x64 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.SingleImage|x86.ActiveCfg = Debug|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.SingleImage|x86.Build.0 = Debug|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.SingleImage|x86.Deploy.0 = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Vista Debug|Any CPU.ActiveCfg = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Vista Debug|Mixed Platforms.ActiveCfg = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Vista Debug|Mixed Platforms.Build.0 = Debug|Win32 @@ -136,9 +117,6 @@ Global {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Vista Debug|Win32.Build.0 = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Vista Debug|Win32.Deploy.0 = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Vista Debug|x64.ActiveCfg = Debug|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Vista Debug|x86.ActiveCfg = Debug|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Vista Debug|x86.Build.0 = Debug|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Vista Debug|x86.Deploy.0 = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Vista Release|Any CPU.ActiveCfg = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Vista Release|Mixed Platforms.ActiveCfg = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Vista Release|Mixed Platforms.Build.0 = Release|Win32 @@ -147,9 +125,6 @@ Global {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Vista Release|Win32.Build.0 = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Vista Release|Win32.Deploy.0 = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Vista Release|x64.ActiveCfg = Release|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Vista Release|x86.ActiveCfg = Release|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Vista Release|x86.Build.0 = Release|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Vista Release|x86.Deploy.0 = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Debug|Any CPU.ActiveCfg = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Debug|Mixed Platforms.ActiveCfg = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Debug|Mixed Platforms.Build.0 = Debug|Win32 @@ -157,10 +132,8 @@ Global {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Debug|Win32.ActiveCfg = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Debug|Win32.Build.0 = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Debug|Win32.Deploy.0 = Debug|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Debug|x64.ActiveCfg = Debug|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Debug|x86.ActiveCfg = Debug|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Debug|x86.Build.0 = Debug|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Debug|x86.Deploy.0 = Debug|Win32 + {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Debug|x64.ActiveCfg = Debug|x64 + {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Debug|x64.Build.0 = Debug|x64 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Release|Any CPU.ActiveCfg = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Release|Mixed Platforms.ActiveCfg = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Release|Mixed Platforms.Build.0 = Release|Win32 @@ -169,9 +142,7 @@ Global {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Release|Win32.Build.0 = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Release|Win32.Deploy.0 = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Release|x64.ActiveCfg = Release|x64 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Release|x86.ActiveCfg = Release|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Release|x86.Build.0 = Release|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Release|x86.Deploy.0 = Release|Win32 + {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win7 Release|x64.Build.0 = Release|x64 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win8 Debug|Any CPU.ActiveCfg = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win8 Debug|Mixed Platforms.ActiveCfg = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win8 Debug|Mixed Platforms.Build.0 = Debug|Win32 @@ -180,9 +151,6 @@ Global {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win8 Debug|Win32.Build.0 = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win8 Debug|Win32.Deploy.0 = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win8 Debug|x64.ActiveCfg = Debug|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win8 Debug|x86.ActiveCfg = Debug|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win8 Debug|x86.Build.0 = Debug|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win8 Debug|x86.Deploy.0 = Debug|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win8 Release|Any CPU.ActiveCfg = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win8 Release|Mixed Platforms.ActiveCfg = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win8 Release|Mixed Platforms.Build.0 = Release|Win32 @@ -191,9 +159,6 @@ Global {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win8 Release|Win32.Build.0 = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win8 Release|Win32.Deploy.0 = Release|Win32 {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win8 Release|x64.ActiveCfg = Release|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win8 Release|x86.ActiveCfg = Release|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win8 Release|x86.Build.0 = Release|Win32 - {B00A4957-5977-4AC1-9EF4-571DC27EADA2}.Win8 Release|x86.Deploy.0 = Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.CD_ROM|Any CPU.ActiveCfg = Win8 Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.CD_ROM|Mixed Platforms.ActiveCfg = Win8 Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.CD_ROM|Mixed Platforms.Build.0 = Win8 Release|Win32 @@ -204,9 +169,6 @@ Global {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.CD_ROM|x64.ActiveCfg = Win8 Release|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.CD_ROM|x64.Build.0 = Win8 Release|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.CD_ROM|x64.Deploy.0 = Win8 Release|x64 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.CD_ROM|x86.ActiveCfg = Win8 Release|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.CD_ROM|x86.Build.0 = Win8 Release|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.CD_ROM|x86.Deploy.0 = Win8 Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Debug|Any CPU.ActiveCfg = Win7 Debug|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Debug|Mixed Platforms.ActiveCfg = Win7 Debug|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Debug|Mixed Platforms.Build.0 = Win7 Debug|Win32 @@ -217,9 +179,6 @@ Global {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Debug|x64.ActiveCfg = Win7 Debug|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Debug|x64.Build.0 = Win7 Debug|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Debug|x64.Deploy.0 = Win7 Debug|x64 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Debug|x86.ActiveCfg = Win7 Debug|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Debug|x86.Build.0 = Win7 Debug|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Debug|x86.Deploy.0 = Win7 Debug|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.DVD-5|Any CPU.ActiveCfg = Win8 Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.DVD-5|Mixed Platforms.ActiveCfg = Win8 Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.DVD-5|Mixed Platforms.Build.0 = Win8 Release|Win32 @@ -230,9 +189,6 @@ Global {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.DVD-5|x64.ActiveCfg = Win8 Release|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.DVD-5|x64.Build.0 = Win8 Release|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.DVD-5|x64.Deploy.0 = Win8 Release|x64 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.DVD-5|x86.ActiveCfg = Win8 Release|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.DVD-5|x86.Build.0 = Win8 Release|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.DVD-5|x86.Deploy.0 = Win8 Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Release|Any CPU.ActiveCfg = Win8 Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Release|Mixed Platforms.ActiveCfg = Win8 Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Release|Mixed Platforms.Build.0 = Win8 Release|Win32 @@ -243,9 +199,6 @@ Global {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Release|x64.ActiveCfg = Win8 Release|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Release|x64.Build.0 = Win8 Release|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Release|x64.Deploy.0 = Win8 Release|x64 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Release|x86.ActiveCfg = Win8 Release|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Release|x86.Build.0 = Win8 Release|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Release|x86.Deploy.0 = Win8 Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.SingleImage|Any CPU.ActiveCfg = Win8 Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.SingleImage|Mixed Platforms.ActiveCfg = Win8 Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.SingleImage|Mixed Platforms.Build.0 = Win8 Release|Win32 @@ -256,9 +209,6 @@ Global {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.SingleImage|x64.ActiveCfg = Win8 Release|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.SingleImage|x64.Build.0 = Win8 Release|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.SingleImage|x64.Deploy.0 = Win8 Release|x64 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.SingleImage|x86.ActiveCfg = Win8 Release|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.SingleImage|x86.Build.0 = Win8 Release|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.SingleImage|x86.Deploy.0 = Win8 Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Vista Debug|Any CPU.ActiveCfg = Vista Debug|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Vista Debug|Mixed Platforms.ActiveCfg = Vista Debug|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Vista Debug|Mixed Platforms.Build.0 = Vista Debug|Win32 @@ -269,9 +219,6 @@ Global {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Vista Debug|x64.ActiveCfg = Vista Debug|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Vista Debug|x64.Build.0 = Vista Debug|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Vista Debug|x64.Deploy.0 = Vista Debug|x64 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Vista Debug|x86.ActiveCfg = Vista Debug|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Vista Debug|x86.Build.0 = Vista Debug|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Vista Debug|x86.Deploy.0 = Vista Debug|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Vista Release|Any CPU.ActiveCfg = Vista Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Vista Release|Mixed Platforms.ActiveCfg = Vista Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Vista Release|Mixed Platforms.Build.0 = Vista Release|Win32 @@ -282,9 +229,6 @@ Global {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Vista Release|x64.ActiveCfg = Vista Release|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Vista Release|x64.Build.0 = Vista Release|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Vista Release|x64.Deploy.0 = Vista Release|x64 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Vista Release|x86.ActiveCfg = Vista Release|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Vista Release|x86.Build.0 = Vista Release|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Vista Release|x86.Deploy.0 = Vista Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win7 Debug|Any CPU.ActiveCfg = Win7 Debug|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win7 Debug|Mixed Platforms.ActiveCfg = Win7 Debug|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win7 Debug|Mixed Platforms.Build.0 = Win7 Debug|Win32 @@ -295,9 +239,6 @@ Global {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win7 Debug|x64.ActiveCfg = Win7 Debug|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win7 Debug|x64.Build.0 = Win7 Debug|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win7 Debug|x64.Deploy.0 = Win7 Debug|x64 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win7 Debug|x86.ActiveCfg = Win7 Debug|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win7 Debug|x86.Build.0 = Win7 Debug|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win7 Debug|x86.Deploy.0 = Win7 Debug|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win7 Release|Any CPU.ActiveCfg = Win7 Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win7 Release|Mixed Platforms.ActiveCfg = Win7 Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win7 Release|Mixed Platforms.Build.0 = Win7 Release|Win32 @@ -308,9 +249,6 @@ Global {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win7 Release|x64.ActiveCfg = Win7 Release|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win7 Release|x64.Build.0 = Win7 Release|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win7 Release|x64.Deploy.0 = Win7 Release|x64 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win7 Release|x86.ActiveCfg = Win7 Release|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win7 Release|x86.Build.0 = Win7 Release|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win7 Release|x86.Deploy.0 = Win7 Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win8 Debug|Any CPU.ActiveCfg = Win8 Debug|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win8 Debug|Mixed Platforms.ActiveCfg = Win8 Debug|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win8 Debug|Mixed Platforms.Build.0 = Win8 Debug|Win32 @@ -321,9 +259,6 @@ Global {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win8 Debug|x64.ActiveCfg = Win8 Debug|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win8 Debug|x64.Build.0 = Win8 Debug|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win8 Debug|x64.Deploy.0 = Win8 Debug|x64 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win8 Debug|x86.ActiveCfg = Win8 Debug|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win8 Debug|x86.Build.0 = Win8 Debug|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win8 Debug|x86.Deploy.0 = Win8 Debug|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win8 Release|Any CPU.ActiveCfg = Win8 Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win8 Release|Mixed Platforms.ActiveCfg = Win8 Release|Win32 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win8 Release|Mixed Platforms.Build.0 = Win8 Release|Win32 @@ -334,86 +269,162 @@ Global {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win8 Release|x64.ActiveCfg = Win8 Release|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win8 Release|x64.Build.0 = Win8 Release|x64 {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win8 Release|x64.Deploy.0 = Win8 Release|x64 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win8 Release|x86.ActiveCfg = Win8 Release|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win8 Release|x86.Build.0 = Win8 Release|Win32 - {43BA7584-D4DB-4F7C-90FC-E2B18A68A213}.Win8 Release|x86.Deploy.0 = Win8 Release|Win32 {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.CD_ROM|Any CPU.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.CD_ROM|Any CPU.Build.0 = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.CD_ROM|Mixed Platforms.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.CD_ROM|Mixed Platforms.Build.0 = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.CD_ROM|Win32.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.CD_ROM|x64.ActiveCfg = Release|Any CPU - {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.CD_ROM|x86.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Debug|Any CPU.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Debug|Any CPU.Build.0 = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Debug|Mixed Platforms.Build.0 = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Debug|Win32.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Debug|x64.ActiveCfg = Debug|Any CPU - {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Debug|x86.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.DVD-5|Any CPU.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.DVD-5|Any CPU.Build.0 = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.DVD-5|Mixed Platforms.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.DVD-5|Mixed Platforms.Build.0 = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.DVD-5|Win32.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.DVD-5|x64.ActiveCfg = Debug|Any CPU - {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.DVD-5|x86.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Release|Any CPU.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Release|Any CPU.Build.0 = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Release|Mixed Platforms.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Release|Mixed Platforms.Build.0 = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Release|Win32.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Release|x64.ActiveCfg = Release|Any CPU - {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Release|x86.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.SingleImage|Any CPU.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.SingleImage|Any CPU.Build.0 = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.SingleImage|Mixed Platforms.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.SingleImage|Mixed Platforms.Build.0 = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.SingleImage|Win32.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.SingleImage|x64.ActiveCfg = Release|Any CPU - {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.SingleImage|x86.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Vista Debug|Any CPU.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Vista Debug|Any CPU.Build.0 = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Vista Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Vista Debug|Mixed Platforms.Build.0 = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Vista Debug|Win32.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Vista Debug|x64.ActiveCfg = Debug|Any CPU - {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Vista Debug|x86.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Vista Release|Any CPU.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Vista Release|Any CPU.Build.0 = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Vista Release|Mixed Platforms.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Vista Release|Mixed Platforms.Build.0 = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Vista Release|Win32.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Vista Release|x64.ActiveCfg = Release|Any CPU - {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Vista Release|x86.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win7 Debug|Any CPU.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win7 Debug|Any CPU.Build.0 = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win7 Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win7 Debug|Mixed Platforms.Build.0 = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win7 Debug|Win32.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win7 Debug|x64.ActiveCfg = Debug|Any CPU - {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win7 Debug|x86.ActiveCfg = Debug|Any CPU + {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win7 Debug|x64.Build.0 = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win7 Release|Any CPU.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win7 Release|Any CPU.Build.0 = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win7 Release|Mixed Platforms.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win7 Release|Mixed Platforms.Build.0 = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win7 Release|Win32.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win7 Release|x64.ActiveCfg = Release|Any CPU - {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win7 Release|x86.ActiveCfg = Release|Any CPU + {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win7 Release|x64.Build.0 = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win8 Debug|Any CPU.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win8 Debug|Any CPU.Build.0 = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win8 Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win8 Debug|Mixed Platforms.Build.0 = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win8 Debug|Win32.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win8 Debug|x64.ActiveCfg = Debug|Any CPU - {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win8 Debug|x86.ActiveCfg = Debug|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win8 Release|Any CPU.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win8 Release|Any CPU.Build.0 = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win8 Release|Mixed Platforms.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win8 Release|Mixed Platforms.Build.0 = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win8 Release|Win32.ActiveCfg = Release|Any CPU {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win8 Release|x64.ActiveCfg = Release|Any CPU - {4CCA6B98-5E64-45BF-AC34-19B3E2570DB1}.Win8 Release|x86.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.CD_ROM|Any CPU.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.CD_ROM|Any CPU.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.CD_ROM|Mixed Platforms.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.CD_ROM|Mixed Platforms.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.CD_ROM|Win32.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.CD_ROM|Win32.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.CD_ROM|x64.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.CD_ROM|x64.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Debug|Any CPU.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Debug|Mixed Platforms.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Debug|Win32.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Debug|Win32.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Debug|x64.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Debug|x64.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.DVD-5|Any CPU.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.DVD-5|Any CPU.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.DVD-5|Mixed Platforms.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.DVD-5|Mixed Platforms.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.DVD-5|Win32.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.DVD-5|Win32.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.DVD-5|x64.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.DVD-5|x64.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Release|Any CPU.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Release|Any CPU.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Release|Mixed Platforms.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Release|Mixed Platforms.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Release|Win32.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Release|Win32.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Release|x64.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Release|x64.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.SingleImage|Any CPU.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.SingleImage|Any CPU.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.SingleImage|Mixed Platforms.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.SingleImage|Mixed Platforms.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.SingleImage|Win32.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.SingleImage|Win32.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.SingleImage|x64.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.SingleImage|x64.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Vista Debug|Any CPU.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Vista Debug|Any CPU.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Vista Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Vista Debug|Mixed Platforms.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Vista Debug|Win32.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Vista Debug|Win32.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Vista Debug|x64.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Vista Debug|x64.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Vista Release|Any CPU.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Vista Release|Any CPU.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Vista Release|Mixed Platforms.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Vista Release|Mixed Platforms.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Vista Release|Win32.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Vista Release|Win32.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Vista Release|x64.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Vista Release|x64.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win7 Debug|Any CPU.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win7 Debug|Any CPU.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win7 Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win7 Debug|Mixed Platforms.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win7 Debug|Win32.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win7 Debug|Win32.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win7 Debug|x64.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win7 Debug|x64.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win7 Release|Any CPU.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win7 Release|Any CPU.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win7 Release|Mixed Platforms.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win7 Release|Mixed Platforms.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win7 Release|Win32.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win7 Release|Win32.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win7 Release|x64.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win7 Release|x64.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win8 Debug|Any CPU.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win8 Debug|Any CPU.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win8 Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win8 Debug|Mixed Platforms.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win8 Debug|Win32.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win8 Debug|Win32.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win8 Debug|x64.ActiveCfg = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win8 Debug|x64.Build.0 = Debug|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win8 Release|Any CPU.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win8 Release|Any CPU.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win8 Release|Mixed Platforms.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win8 Release|Mixed Platforms.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win8 Release|Win32.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win8 Release|Win32.Build.0 = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win8 Release|x64.ActiveCfg = Release|Any CPU + {6D27214A-087B-4484-B898-AD2A13FA3B9E}.Win8 Release|x64.Build.0 = Release|Any CPU EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE diff --git a/windows/ZeroTierOne/ZeroTierOne.vcxproj b/windows/ZeroTierOne/ZeroTierOne.vcxproj index ed022134..5092a655 100644 --- a/windows/ZeroTierOne/ZeroTierOne.vcxproj +++ b/windows/ZeroTierOne/ZeroTierOne.vcxproj @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="utf-8"?> -<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> +<Project DefaultTargets="Build" ToolsVersion="14.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <ItemGroup Label="ProjectConfigurations"> <ProjectConfiguration Include="Debug|Win32"> <Configuration>Debug</Configuration> @@ -19,12 +19,12 @@ </ProjectConfiguration> </ItemGroup> <ItemGroup> + <ClCompile Include="..\..\controller\EmbeddedNetworkController.cpp" /> + <ClCompile Include="..\..\controller\JSONDB.cpp" /> <ClCompile Include="..\..\ext\http-parser\http_parser.c" /> - <ClCompile Include="..\..\ext\json-parser\json.c" /> <ClCompile Include="..\..\ext\libnatpmp\getgateway.c" /> <ClCompile Include="..\..\ext\libnatpmp\natpmp.c" /> <ClCompile Include="..\..\ext\libnatpmp\wingettimeofday.c" /> - <ClCompile Include="..\..\ext\lz4\lz4.c" /> <ClCompile Include="..\..\ext\miniupnpc\connecthostport.c" /> <ClCompile Include="..\..\ext\miniupnpc\igd_desc_parse.c" /> <ClCompile Include="..\..\ext\miniupnpc\minisoap.c" /> @@ -39,12 +39,14 @@ <ClCompile Include="..\..\ext\miniupnpc\upnperrors.c" /> <ClCompile Include="..\..\ext\miniupnpc\upnpreplyparse.c" /> <ClCompile Include="..\..\node\C25519.cpp" /> + <ClCompile Include="..\..\node\Capability.cpp" /> <ClCompile Include="..\..\node\CertificateOfMembership.cpp" /> + <ClCompile Include="..\..\node\CertificateOfOwnership.cpp" /> <ClCompile Include="..\..\node\Cluster.cpp" /> - <ClCompile Include="..\..\node\DeferredPackets.cpp" /> <ClCompile Include="..\..\node\Identity.cpp" /> <ClCompile Include="..\..\node\IncomingPacket.cpp" /> <ClCompile Include="..\..\node\InetAddress.cpp" /> + <ClCompile Include="..\..\node\Membership.cpp" /> <ClCompile Include="..\..\node\Multicaster.cpp" /> <ClCompile Include="..\..\node\Network.cpp" /> <ClCompile Include="..\..\node\NetworkConfig.cpp" /> @@ -54,50 +56,34 @@ <ClCompile Include="..\..\node\Path.cpp" /> <ClCompile Include="..\..\node\Peer.cpp" /> <ClCompile Include="..\..\node\Poly1305.cpp" /> + <ClCompile Include="..\..\node\Revocation.cpp" /> <ClCompile Include="..\..\node\Salsa20.cpp" /> <ClCompile Include="..\..\node\SelfAwareness.cpp" /> <ClCompile Include="..\..\node\SHA512.cpp" /> <ClCompile Include="..\..\node\Switch.cpp" /> + <ClCompile Include="..\..\node\Tag.cpp" /> <ClCompile Include="..\..\node\Topology.cpp" /> <ClCompile Include="..\..\node\Utils.cpp" /> <ClCompile Include="..\..\one.cpp"> <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">false</ExcludedFromBuild> </ClCompile> - <ClCompile Include="..\..\osdep\BackgroundResolver.cpp" /> <ClCompile Include="..\..\osdep\Http.cpp" /> <ClCompile Include="..\..\osdep\ManagedRoute.cpp" /> <ClCompile Include="..\..\osdep\OSUtils.cpp" /> <ClCompile Include="..\..\osdep\PortMapper.cpp" /> <ClCompile Include="..\..\osdep\WindowsEthernetTap.cpp" /> - <ClCompile Include="..\..\service\ControlPlane.cpp" /> <ClCompile Include="..\..\service\OneService.cpp" /> + <ClCompile Include="..\..\service\SoftwareUpdater.cpp" /> <ClCompile Include="ServiceBase.cpp" /> <ClCompile Include="ServiceInstaller.cpp" /> <ClCompile Include="ZeroTierOneService.cpp" /> </ItemGroup> <ItemGroup> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\codelength.h" /> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\connecthostport.h" /> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\igd_desc_parse.h" /> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\minisoap.h" /> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\minissdpc.h" /> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\miniupnpc.h" /> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\miniupnpcstrings.h" /> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\miniupnpctypes.h" /> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\miniupnpc_declspec.h" /> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\miniwget.h" /> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\minixml.h" /> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\portlistingparse.h" /> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\receivedata.h" /> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\upnpcommands.h" /> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\upnperrors.h" /> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\upnpreplyparse.h" /> <ClInclude Include="..\..\ext\http-parser\http_parser.h" /> - <ClInclude Include="..\..\ext\json-parser\json.h" /> + <ClInclude Include="..\..\ext\json\json.hpp" /> <ClInclude Include="..\..\ext\libnatpmp\getgateway.h" /> <ClInclude Include="..\..\ext\libnatpmp\natpmp.h" /> <ClInclude Include="..\..\ext\libnatpmp\wingettimeofday.h" /> - <ClInclude Include="..\..\ext\lz4\lz4.h" /> <ClInclude Include="..\..\ext\miniupnpc\codelength.h" /> <ClInclude Include="..\..\ext\miniupnpc\connecthostport.h" /> <ClInclude Include="..\..\ext\miniupnpc\igd_desc_parse.h" /> @@ -123,6 +109,7 @@ <ClInclude Include="..\..\node\Buffer.hpp" /> <ClInclude Include="..\..\node\C25519.hpp" /> <ClInclude Include="..\..\node\CertificateOfMembership.hpp" /> + <ClInclude Include="..\..\node\CertificateOfOwnership.hpp" /> <ClInclude Include="..\..\node\Cluster.hpp" /> <ClInclude Include="..\..\node\CMWC4096.hpp" /> <ClInclude Include="..\..\node\Constants.hpp" /> @@ -155,7 +142,6 @@ <ClInclude Include="..\..\node\Topology.hpp" /> <ClInclude Include="..\..\node\Utils.hpp" /> <ClInclude Include="..\..\node\World.hpp" /> - <ClInclude Include="..\..\osdep\BackgroundResolver.hpp" /> <ClInclude Include="..\..\osdep\Binder.hpp" /> <ClInclude Include="..\..\osdep\Http.hpp" /> <ClInclude Include="..\..\osdep\ManagedRoute.hpp" /> @@ -164,9 +150,8 @@ <ClInclude Include="..\..\osdep\PortMapper.hpp" /> <ClInclude Include="..\..\osdep\Thread.hpp" /> <ClInclude Include="..\..\osdep\WindowsEthernetTap.hpp" /> - <ClInclude Include="..\..\service\ControlPlane.hpp" /> - <ClInclude Include="..\..\service\ControlPlaneSubsystem.hpp" /> <ClInclude Include="..\..\service\OneService.hpp" /> + <ClInclude Include="..\..\service\SoftwareUpdater.hpp" /> <ClInclude Include="..\..\version.h" /> <ClInclude Include="resource.h" /> <ClInclude Include="ServiceBase.h" /> @@ -184,26 +169,26 @@ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration"> <ConfigurationType>Application</ConfigurationType> <UseDebugLibraries>true</UseDebugLibraries> - <PlatformToolset>v110</PlatformToolset> + <PlatformToolset>v140</PlatformToolset> <CharacterSet>MultiByte</CharacterSet> </PropertyGroup> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration"> <ConfigurationType>Application</ConfigurationType> <UseDebugLibraries>true</UseDebugLibraries> - <PlatformToolset>v110</PlatformToolset> + <PlatformToolset>v140</PlatformToolset> <CharacterSet>MultiByte</CharacterSet> </PropertyGroup> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration"> <ConfigurationType>Application</ConfigurationType> <UseDebugLibraries>false</UseDebugLibraries> - <PlatformToolset>v110</PlatformToolset> + <PlatformToolset>v140</PlatformToolset> <WholeProgramOptimization>true</WholeProgramOptimization> <CharacterSet>MultiByte</CharacterSet> </PropertyGroup> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration"> <ConfigurationType>Application</ConfigurationType> <UseDebugLibraries>false</UseDebugLibraries> - <PlatformToolset>v110</PlatformToolset> + <PlatformToolset>v140</PlatformToolset> <WholeProgramOptimization>true</WholeProgramOptimization> <CharacterSet>MultiByte</CharacterSet> </PropertyGroup> @@ -250,7 +235,8 @@ <SDLCheck>true</SDLCheck> <AdditionalIncludeDirectories> </AdditionalIncludeDirectories> - <PreprocessorDefinitions>NOMINMAX;STATICLIB;WIN32;ZT_TRACE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;%(PreprocessorDefinitions)</PreprocessorDefinitions> + <PreprocessorDefinitions>NOMINMAX;STATICLIB;WIN32;ZT_TRACE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="disable";%(PreprocessorDefinitions)</PreprocessorDefinitions> + <DisableSpecificWarnings>4996</DisableSpecificWarnings> </ClCompile> <Link> <GenerateDebugInformation>true</GenerateDebugInformation> @@ -265,13 +251,15 @@ <SDLCheck>true</SDLCheck> <AdditionalIncludeDirectories> </AdditionalIncludeDirectories> - <PreprocessorDefinitions>NOMINMAX;STATICLIB;WIN32;ZT_TRACE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;%(PreprocessorDefinitions)</PreprocessorDefinitions> + <PreprocessorDefinitions>NOMINMAX;STATICLIB;WIN32;ZT_TRACE;ZT_RULES_ENGINE_DEBUGGING;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="disable";%(PreprocessorDefinitions)</PreprocessorDefinitions> <MultiProcessorCompilation>false</MultiProcessorCompilation> + <DisableSpecificWarnings>4996</DisableSpecificWarnings> </ClCompile> <Link> <GenerateDebugInformation>true</GenerateDebugInformation> <AdditionalDependencies>wsock32.lib;ws2_32.lib;Iphlpapi.lib;Rpcrt4.lib;%(AdditionalDependencies)</AdditionalDependencies> <ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers> + <AdditionalOptions>"notelemetry.obj" %(AdditionalOptions)</AdditionalOptions> </Link> </ItemDefinitionGroup> <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> @@ -283,13 +271,14 @@ <SDLCheck>true</SDLCheck> <AdditionalIncludeDirectories> </AdditionalIncludeDirectories> - <PreprocessorDefinitions>STATICLIB;ZT_OFFICIAL_RELEASE;ZT_AUTO_UPDATE;ZT_SALSA20_SSE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;WIN32;NOMINMAX;%(PreprocessorDefinitions)</PreprocessorDefinitions> + <PreprocessorDefinitions>STATICLIB;ZT_SALSA20_SSE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;WIN32;NOMINMAX;ZT_SOFTWARE_UPDATE_DEFAULT="apply";%(PreprocessorDefinitions)</PreprocessorDefinitions> <RuntimeLibrary>MultiThreaded</RuntimeLibrary> <EnableEnhancedInstructionSet>NoExtensions</EnableEnhancedInstructionSet> <StringPooling>true</StringPooling> <InlineFunctionExpansion>AnySuitable</InlineFunctionExpansion> <FavorSizeOrSpeed>Speed</FavorSizeOrSpeed> <OmitFramePointers>true</OmitFramePointers> + <DisableSpecificWarnings>4996</DisableSpecificWarnings> </ClCompile> <Link> <GenerateDebugInformation>true</GenerateDebugInformation> @@ -308,13 +297,14 @@ <SDLCheck>true</SDLCheck> <AdditionalIncludeDirectories> </AdditionalIncludeDirectories> - <PreprocessorDefinitions>STATICLIB;ZT_OFFICIAL_RELEASE;ZT_AUTO_UPDATE;ZT_SALSA20_SSE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;WIN32;NOMINMAX;%(PreprocessorDefinitions)</PreprocessorDefinitions> + <PreprocessorDefinitions>STATICLIB;ZT_SOFTWARE_UPDATE_DEFAULT="apply";ZT_SALSA20_SSE;ZT_USE_MINIUPNPC;MINIUPNP_STATICLIB;WIN32;NOMINMAX;%(PreprocessorDefinitions)</PreprocessorDefinitions> <RuntimeLibrary>MultiThreaded</RuntimeLibrary> <EnableEnhancedInstructionSet>NotSet</EnableEnhancedInstructionSet> <StringPooling>true</StringPooling> <InlineFunctionExpansion>AnySuitable</InlineFunctionExpansion> <FavorSizeOrSpeed>Speed</FavorSizeOrSpeed> <OmitFramePointers>true</OmitFramePointers> + <DisableSpecificWarnings>4996</DisableSpecificWarnings> </ClCompile> <Link> <GenerateDebugInformation>true</GenerateDebugInformation> diff --git a/windows/ZeroTierOne/ZeroTierOne.vcxproj.filters b/windows/ZeroTierOne/ZeroTierOne.vcxproj.filters index eeeb8d2f..ca1640e9 100644 --- a/windows/ZeroTierOne/ZeroTierOne.vcxproj.filters +++ b/windows/ZeroTierOne/ZeroTierOne.vcxproj.filters @@ -40,24 +40,12 @@ <Filter Include="Header Files\ext\http-parser"> <UniqueIdentifier>{17ae9a01-d39f-4c6d-a800-8f2cd0804c96}</UniqueIdentifier> </Filter> - <Filter Include="Header Files\ext\json-parser"> - <UniqueIdentifier>{736aad7f-8d95-4602-88df-3bb970869c6f}</UniqueIdentifier> - </Filter> - <Filter Include="Header Files\ext\lz4"> - <UniqueIdentifier>{3636527c-bc03-4852-bd3c-20ee25e56d82}</UniqueIdentifier> - </Filter> <Filter Include="Source Files\ext"> <UniqueIdentifier>{7784af31-5b60-4300-b07e-44cf864c54db}</UniqueIdentifier> </Filter> - <Filter Include="Source Files\ext\lz4"> - <UniqueIdentifier>{29164186-10fc-45f5-b253-6d03f0ddd4db}</UniqueIdentifier> - </Filter> <Filter Include="Source Files\ext\http-parser"> <UniqueIdentifier>{f8a1c208-15b8-4d85-a4cb-11d2b82f2d1e}</UniqueIdentifier> </Filter> - <Filter Include="Source Files\ext\json-parser"> - <UniqueIdentifier>{da28e961-1761-41d8-9a59-65b00dfb1302}</UniqueIdentifier> - </Filter> <Filter Include="Source Files\windows"> <UniqueIdentifier>{43f75f84-c70d-4d44-a0ef-28a7a399abd4}</UniqueIdentifier> </Filter> @@ -70,15 +58,6 @@ <Filter Include="Header Files\windows\ZeroTierOne"> <UniqueIdentifier>{bf604491-14c4-4a74-81a6-6105d07c5c7c}</UniqueIdentifier> </Filter> - <Filter Include="Header Files\ext\bin"> - <UniqueIdentifier>{5939db69-ab17-47c6-97fb-185e2c678737}</UniqueIdentifier> - </Filter> - <Filter Include="Header Files\ext\bin\miniupnpc"> - <UniqueIdentifier>{3666f510-b6da-47cb-8039-56441f2dac3e}</UniqueIdentifier> - </Filter> - <Filter Include="Header Files\ext\bin\miniupnpc\include"> - <UniqueIdentifier>{1a47071e-e51b-4535-89ae-858946f03118}</UniqueIdentifier> - </Filter> <Filter Include="Header Files\ext\miniupnpc"> <UniqueIdentifier>{5423fb64-896b-432e-a19d-88d4467f89f9}</UniqueIdentifier> </Filter> @@ -91,11 +70,14 @@ <Filter Include="Source Files\ext\libnatpmp"> <UniqueIdentifier>{409ec37e-ff36-4c13-b18d-52d6052e0ca2}</UniqueIdentifier> </Filter> + <Filter Include="Source Files\controller"> + <UniqueIdentifier>{3cad34c8-c436-43ae-8323-57803637c832}</UniqueIdentifier> + </Filter> + <Filter Include="Header Files\ext\json"> + <UniqueIdentifier>{ff20532b-d9a2-440d-a7b4-b49e26a9b2f8}</UniqueIdentifier> + </Filter> </ItemGroup> <ItemGroup> - <ClCompile Include="..\..\service\ControlPlane.cpp"> - <Filter>Source Files\service</Filter> - </ClCompile> <ClCompile Include="..\..\service\OneService.cpp"> <Filter>Source Files\service</Filter> </ClCompile> @@ -165,15 +147,9 @@ <ClCompile Include="..\..\node\Utils.cpp"> <Filter>Source Files\node</Filter> </ClCompile> - <ClCompile Include="..\..\ext\lz4\lz4.c"> - <Filter>Source Files\ext\lz4</Filter> - </ClCompile> <ClCompile Include="..\..\ext\http-parser\http_parser.c"> <Filter>Source Files\ext\http-parser</Filter> </ClCompile> - <ClCompile Include="..\..\ext\json-parser\json.c"> - <Filter>Source Files\ext\json-parser</Filter> - </ClCompile> <ClCompile Include="..\..\one.cpp"> <Filter>Source Files</Filter> </ClCompile> @@ -186,15 +162,9 @@ <ClCompile Include="ZeroTierOneService.cpp"> <Filter>Source Files\windows\ZeroTierOne</Filter> </ClCompile> - <ClCompile Include="..\..\osdep\BackgroundResolver.cpp"> - <Filter>Source Files\osdep</Filter> - </ClCompile> <ClCompile Include="..\..\node\Path.cpp"> <Filter>Source Files\node</Filter> </ClCompile> - <ClCompile Include="..\..\node\DeferredPackets.cpp"> - <Filter>Source Files\node</Filter> - </ClCompile> <ClCompile Include="..\..\node\Cluster.cpp"> <Filter>Source Files\node</Filter> </ClCompile> @@ -252,6 +222,30 @@ <ClCompile Include="..\..\osdep\ManagedRoute.cpp"> <Filter>Source Files\osdep</Filter> </ClCompile> + <ClCompile Include="..\..\node\Membership.cpp"> + <Filter>Source Files\node</Filter> + </ClCompile> + <ClCompile Include="..\..\node\Capability.cpp"> + <Filter>Source Files\node</Filter> + </ClCompile> + <ClCompile Include="..\..\node\Revocation.cpp"> + <Filter>Source Files\node</Filter> + </ClCompile> + <ClCompile Include="..\..\node\Tag.cpp"> + <Filter>Source Files\node</Filter> + </ClCompile> + <ClCompile Include="..\..\controller\EmbeddedNetworkController.cpp"> + <Filter>Source Files\controller</Filter> + </ClCompile> + <ClCompile Include="..\..\controller\JSONDB.cpp"> + <Filter>Source Files\controller</Filter> + </ClCompile> + <ClCompile Include="..\..\service\SoftwareUpdater.cpp"> + <Filter>Source Files\service</Filter> + </ClCompile> + <ClCompile Include="..\..\node\CertificateOfOwnership.cpp"> + <Filter>Source Files\node</Filter> + </ClCompile> </ItemGroup> <ItemGroup> <ClInclude Include="resource.h"> @@ -278,12 +272,6 @@ <ClInclude Include="..\..\osdep\WindowsEthernetTap.hpp"> <Filter>Header Files\osdep</Filter> </ClInclude> - <ClInclude Include="..\..\service\ControlPlane.hpp"> - <Filter>Header Files\service</Filter> - </ClInclude> - <ClInclude Include="..\..\service\ControlPlaneSubsystem.hpp"> - <Filter>Header Files\service</Filter> - </ClInclude> <ClInclude Include="..\..\service\OneService.hpp"> <Filter>Header Files\service</Filter> </ClInclude> @@ -392,12 +380,6 @@ <ClInclude Include="..\..\node\Utils.hpp"> <Filter>Header Files\node</Filter> </ClInclude> - <ClInclude Include="..\..\ext\lz4\lz4.h"> - <Filter>Header Files\ext\lz4</Filter> - </ClInclude> - <ClInclude Include="..\..\ext\json-parser\json.h"> - <Filter>Header Files\ext\json-parser</Filter> - </ClInclude> <ClInclude Include="..\..\ext\http-parser\http_parser.h"> <Filter>Header Files\ext\http-parser</Filter> </ClInclude> @@ -410,57 +392,6 @@ <ClInclude Include="ZeroTierOneService.h"> <Filter>Header Files\windows\ZeroTierOne</Filter> </ClInclude> - <ClInclude Include="..\..\osdep\BackgroundResolver.hpp"> - <Filter>Header Files\osdep</Filter> - </ClInclude> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\codelength.h"> - <Filter>Header Files\ext\bin\miniupnpc\include</Filter> - </ClInclude> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\connecthostport.h"> - <Filter>Header Files\ext\bin\miniupnpc\include</Filter> - </ClInclude> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\igd_desc_parse.h"> - <Filter>Header Files\ext\bin\miniupnpc\include</Filter> - </ClInclude> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\minisoap.h"> - <Filter>Header Files\ext\bin\miniupnpc\include</Filter> - </ClInclude> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\minissdpc.h"> - <Filter>Header Files\ext\bin\miniupnpc\include</Filter> - </ClInclude> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\miniupnpc.h"> - <Filter>Header Files\ext\bin\miniupnpc\include</Filter> - </ClInclude> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\miniupnpc_declspec.h"> - <Filter>Header Files\ext\bin\miniupnpc\include</Filter> - </ClInclude> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\miniupnpcstrings.h"> - <Filter>Header Files\ext\bin\miniupnpc\include</Filter> - </ClInclude> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\miniupnpctypes.h"> - <Filter>Header Files\ext\bin\miniupnpc\include</Filter> - </ClInclude> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\miniwget.h"> - <Filter>Header Files\ext\bin\miniupnpc\include</Filter> - </ClInclude> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\minixml.h"> - <Filter>Header Files\ext\bin\miniupnpc\include</Filter> - </ClInclude> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\portlistingparse.h"> - <Filter>Header Files\ext\bin\miniupnpc\include</Filter> - </ClInclude> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\receivedata.h"> - <Filter>Header Files\ext\bin\miniupnpc\include</Filter> - </ClInclude> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\upnpcommands.h"> - <Filter>Header Files\ext\bin\miniupnpc\include</Filter> - </ClInclude> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\upnperrors.h"> - <Filter>Header Files\ext\bin\miniupnpc\include</Filter> - </ClInclude> - <ClInclude Include="..\..\ext\bin\miniupnpc\include\miniupnpc\upnpreplyparse.h"> - <Filter>Header Files\ext\bin\miniupnpc\include</Filter> - </ClInclude> <ClInclude Include="..\..\node\BinarySemaphore.hpp"> <Filter>Header Files\node</Filter> </ClInclude> @@ -542,6 +473,15 @@ <ClInclude Include="..\..\osdep\ManagedRoute.hpp"> <Filter>Header Files\osdep</Filter> </ClInclude> + <ClInclude Include="..\..\service\SoftwareUpdater.hpp"> + <Filter>Header Files\service</Filter> + </ClInclude> + <ClInclude Include="..\..\ext\json\json.hpp"> + <Filter>Header Files\ext\json</Filter> + </ClInclude> + <ClInclude Include="..\..\node\CertificateOfOwnership.hpp"> + <Filter>Header Files\node</Filter> + </ClInclude> </ItemGroup> <ItemGroup> <ResourceCompile Include="ZeroTierOne.rc"> diff --git a/windows/copyutil/App.config b/windows/copyutil/App.config new file mode 100644 index 00000000..88fa4027 --- /dev/null +++ b/windows/copyutil/App.config @@ -0,0 +1,6 @@ +<?xml version="1.0" encoding="utf-8" ?> +<configuration> + <startup> + <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2" /> + </startup> +</configuration>
\ No newline at end of file diff --git a/windows/copyutil/Program.cs b/windows/copyutil/Program.cs new file mode 100644 index 00000000..f65a5771 --- /dev/null +++ b/windows/copyutil/Program.cs @@ -0,0 +1,40 @@ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; +using System.Threading.Tasks; + +namespace copyutil +{ + class Program + { + static void Main(string[] args) + { + if (args.Length != 2) + { + Console.WriteLine("Not enough arguments"); + return; + } + + if (!Directory.Exists(args[0])) + { + Console.WriteLine("Source directory doesn't exist!"); + return; + } + + Console.WriteLine("Creating: " + args[1]); + DirectoryInfo di = Directory.CreateDirectory(args[1]); + + String authTokenSrc = args[0] + "\\authtoken.secret"; + String authTokenDest = args[1] + "\\authtoken.secret"; + + String portSrc = args[0] + "\\zerotier-one.port"; + String portDest = args[1] + "\\zerotier-one.port"; + + File.Copy(authTokenSrc, authTokenDest, true); + File.Copy(portSrc, portDest, true); + } + } +} +
\ No newline at end of file diff --git a/windows/copyutil/Properties/AssemblyInfo.cs b/windows/copyutil/Properties/AssemblyInfo.cs new file mode 100644 index 00000000..5c4c6466 --- /dev/null +++ b/windows/copyutil/Properties/AssemblyInfo.cs @@ -0,0 +1,36 @@ +using System.Reflection; +using System.Runtime.CompilerServices; +using System.Runtime.InteropServices; + +// General Information about an assembly is controlled through the following +// set of attributes. Change these attribute values to modify the information +// associated with an assembly. +[assembly: AssemblyTitle("copyutil")] +[assembly: AssemblyDescription("")] +[assembly: AssemblyConfiguration("")] +[assembly: AssemblyCompany("")] +[assembly: AssemblyProduct("copyutil")] +[assembly: AssemblyCopyright("Copyright © 2016")] +[assembly: AssemblyTrademark("")] +[assembly: AssemblyCulture("")] + +// Setting ComVisible to false makes the types in this assembly not visible +// to COM components. If you need to access a type in this assembly from +// COM, set the ComVisible attribute to true on that type. +[assembly: ComVisible(false)] + +// The following GUID is for the ID of the typelib if this project is exposed to COM +[assembly: Guid("6d27214a-087b-4484-b898-ad2a13fa3b9e")] + +// Version information for an assembly consists of the following four values: +// +// Major Version +// Minor Version +// Build Number +// Revision +// +// You can specify all the values or you can default the Build and Revision Numbers +// by using the '*' as shown below: +// [assembly: AssemblyVersion("1.0.*")] +[assembly: AssemblyVersion("1.0.0.0")] +[assembly: AssemblyFileVersion("1.0.0.0")] diff --git a/windows/copyutil/copyutil.csproj b/windows/copyutil/copyutil.csproj new file mode 100644 index 00000000..099208fd --- /dev/null +++ b/windows/copyutil/copyutil.csproj @@ -0,0 +1,60 @@ +<?xml version="1.0" encoding="utf-8"?> +<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> + <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> + <ProjectGuid>{6D27214A-087B-4484-B898-AD2A13FA3B9E}</ProjectGuid> + <OutputType>Exe</OutputType> + <AppDesignerFolder>Properties</AppDesignerFolder> + <RootNamespace>copyutil</RootNamespace> + <AssemblyName>copyutil</AssemblyName> + <TargetFrameworkVersion>v4.5.2</TargetFrameworkVersion> + <FileAlignment>512</FileAlignment> + <AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects> + </PropertyGroup> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> + <PlatformTarget>AnyCPU</PlatformTarget> + <DebugSymbols>true</DebugSymbols> + <DebugType>full</DebugType> + <Optimize>false</Optimize> + <OutputPath>bin\Debug\</OutputPath> + <DefineConstants>DEBUG;TRACE</DefineConstants> + <ErrorReport>prompt</ErrorReport> + <WarningLevel>4</WarningLevel> + </PropertyGroup> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> + <PlatformTarget>AnyCPU</PlatformTarget> + <DebugType>pdbonly</DebugType> + <Optimize>true</Optimize> + <OutputPath>bin\Release\</OutputPath> + <DefineConstants>TRACE</DefineConstants> + <ErrorReport>prompt</ErrorReport> + <WarningLevel>4</WarningLevel> + </PropertyGroup> + <ItemGroup> + <Reference Include="System" /> + <Reference Include="System.Core" /> + <Reference Include="System.Xml.Linq" /> + <Reference Include="System.Data.DataSetExtensions" /> + <Reference Include="Microsoft.CSharp" /> + <Reference Include="System.Data" /> + <Reference Include="System.Net.Http" /> + <Reference Include="System.Xml" /> + </ItemGroup> + <ItemGroup> + <Compile Include="Program.cs" /> + <Compile Include="Properties\AssemblyInfo.cs" /> + </ItemGroup> + <ItemGroup> + <None Include="App.config" /> + </ItemGroup> + <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" /> + <!-- To modify your build process, add your task inside one of the targets below and uncomment it. + Other similar extension points exist, see Microsoft.Common.targets. + <Target Name="BeforeBuild"> + </Target> + <Target Name="AfterBuild"> + </Target> + --> +</Project>
\ No newline at end of file diff --git a/zerotier-one.spec b/zerotier-one.spec index 3c7433a9..0a3b0458 100644 --- a/zerotier-one.spec +++ b/zerotier-one.spec @@ -1,19 +1,16 @@ Name: zerotier-one -Version: 1.1.14 -Release: 0.1%{?dist} +Version: 1.2.0 +Release: 1%{?dist} Summary: ZeroTier One network virtualization service License: GPLv3 URL: https://www.zerotier.com -Source0: %{name}-%{version}.tar.gz %if 0%{?rhel} >= 7 BuildRequires: systemd %endif %if 0%{?fedora} >= 21 -BuildRequires: lz4-devel -BuildRequires: libnatpmp-devel BuildRequires: systemd %endif @@ -21,6 +18,7 @@ Requires: iproute %if 0%{?rhel} >= 7 Requires: systemd +Requires(pre): /usr/sbin/useradd, /usr/bin/getent %endif %if 0%{?rhel} <= 6 @@ -28,17 +26,8 @@ Requires: chkconfig %endif %if 0%{?fedora} >= 21 -Requires: lz4 -Requires: libnatpmp Requires: systemd -%endif - -Provides: bundled(http-parser) = 2.7.0 -Provides: bundled(miniupnpc) = 2.0 - -%if 0%{?rhel} >= 6 -Provides: bundled(lz4) = 1.7.1 -Provides: bundled(libnatpmp) = 20131126 +Requires(pre): /usr/sbin/useradd, /usr/bin/getent %endif %description @@ -54,33 +43,43 @@ like conventional VPNs or VLANs. It can run on native systems, VMs, or containers (Docker, OpenVZ, etc.). %prep -rm -rf * -ln -s %{getenv:PWD} %{name}-%{version} -tar --exclude=%{name}-%{version}/.git --exclude=%{name}-%{version}/%{name}-%{version} -czf %{_sourcedir}/%{name}-%{version}.tar.gz %{name}-%{version}/* -rm -f %{name}-%{version} -cp -a %{getenv:PWD}/* . +#rm -rf * +#ln -s %{getenv:PWD} %{name}-%{version} +#tar --exclude=%{name}-%{version}/.git --exclude=%{name}-%{version}/%{name}-%{version} -czf %{_sourcedir}/%{name}-%{version}.tar.gz %{name}-%{version}/* +#rm -f %{name}-%{version} +#cp -a %{getenv:PWD}/* . %build -%if 0%{?rhel} <= 7 -make CFLAGS="`echo %{optflags} | sed s/stack-protector-strong/stack-protector/`" CXXFLAGS="`echo %{optflags} | sed s/stack-protector-strong/stack-protector/`" ZT_USE_MINIUPNPC=1 %{?_smp_mflags} one manpages selftest -%else -make CFLAGS="%{optflags}" CXXFLAGS="%{optflags}" ZT_USE_MINIUPNPC=1 %{?_smp_mflags} one manpages selftest +#%if 0%{?rhel} <= 7 +#make CFLAGS="`echo %{optflags} | sed s/stack-protector-strong/stack-protector/`" CXXFLAGS="`echo %{optflags} | sed s/stack-protector-strong/stack-protector/`" ZT_USE_MINIUPNPC=1 %{?_smp_mflags} one manpages selftest +#%else +#make CFLAGS="%{optflags}" CXXFLAGS="%{optflags}" ZT_USE_MINIUPNPC=1 %{?_smp_mflags} one manpages selftest +#%endif + +%pre +%if 0%{?rhel} >= 7 +/usr/bin/getent passwd zerotier-one || /usr/sbin/useradd -r -d /var/lib/zerotier-one -s /sbin/nologin zerotier-one +%endif +%if 0%{?fedora} >= 21 +/usr/bin/getent passwd zerotier-one || /usr/sbin/useradd -r -d /var/lib/zerotier-one -s /sbin/nologin zerotier-one %endif %install rm -rf $RPM_BUILD_ROOT +pushd %{getenv:PWD} make install DESTDIR=$RPM_BUILD_ROOT +popd %if 0%{?rhel} >= 7 mkdir -p $RPM_BUILD_ROOT%{_unitdir} -cp debian/zerotier-one.service $RPM_BUILD_ROOT%{_unitdir}/%{name}.service +cp %{getenv:PWD}/debian/zerotier-one.service $RPM_BUILD_ROOT%{_unitdir}/%{name}.service %endif %if 0%{?fedora} >= 21 mkdir -p $RPM_BUILD_ROOT%{_unitdir} -cp debian/zerotier-one.service $RPM_BUILD_ROOT%{_unitdir}/%{name}.service +cp ${getenv:PWD}/debian/zerotier-one.service $RPM_BUILD_ROOT%{_unitdir}/%{name}.service %endif %if 0%{?rhel} <= 6 mkdir -p $RPM_BUILD_ROOT/etc/init.d -cp ext/installfiles/linux/zerotier-one.init.rhel6 $RPM_BUILD_ROOT/etc/init.d/zerotier-one +cp %{getenv:PWD}/ext/installfiles/linux/zerotier-one.init.rhel6 $RPM_BUILD_ROOT/etc/init.d/zerotier-one chmod 0755 $RPM_BUILD_ROOT/etc/init.d/zerotier-one %endif |
