diff options
| -rw-r--r-- | controller/EmbeddedNetworkController.cpp | 4 | ||||
| -rw-r--r-- | include/ZeroTierOne.h | 21 | ||||
| -rw-r--r-- | node/IncomingPacket.cpp | 2 | ||||
| -rw-r--r-- | node/Node.cpp | 32 | ||||
| -rw-r--r-- | node/Node.hpp | 1 | ||||
| -rw-r--r-- | node/Packet.hpp | 11 |
6 files changed, 11 insertions, 60 deletions
diff --git a/controller/EmbeddedNetworkController.cpp b/controller/EmbeddedNetworkController.cpp index 5ba8cf98..cd8ce8bf 100644 --- a/controller/EmbeddedNetworkController.cpp +++ b/controller/EmbeddedNetworkController.cpp @@ -516,8 +516,8 @@ void EmbeddedNetworkController::threadMain() Mutex::Lock _l(_refreshQueue_m); while (_refreshQueue.size() > 0) { _Refresh &r = _refreshQueue.front(); - if (_node) - _node->pushNetworkRefresh(r.dest,r.nwid,r.blacklistAddresses,r.blacklistThresholds,r.numBlacklistEntries); + //if (_node) + // _node->pushNetworkRefresh(r.dest,r.nwid,r.blacklistAddresses,r.blacklistThresholds,r.numBlacklistEntries); _refreshQueue.pop_front(); if (++count >= 50) break; diff --git a/include/ZeroTierOne.h b/include/ZeroTierOne.h index 591ff1fe..c66b9079 100644 --- a/include/ZeroTierOne.h +++ b/include/ZeroTierOne.h @@ -1929,27 +1929,6 @@ enum ZT_ResultCode ZT_Node_circuitTestBegin(ZT_Node *node,ZT_CircuitTest *test,v void ZT_Node_circuitTestEnd(ZT_Node *node,ZT_CircuitTest *test); /** - * Push a network refresh - * - * This is used by network controller implementations to send a - * NETWORK_CONFIG_REFRESH message to tell a node to refresh its - * config and to optionally push one or more credential timestamp - * blacklist thresholds for members of the network. - * - * Code outside a controller implementation will have no use for - * this as these messages are ignored if they do not come from a - * controller. - * - * @param node Node instance - * @param dest ZeroTier address of destination to which to send NETWORK_CONFIG_REFRESH - * @param nwid Network ID - * @param blacklistAddresses Array of ZeroTier addresses of network members to set timestamp blacklists for - * @param blacklistBeforeTimestamps Timestamps before which to blacklist credentials for each corresponding address in blacklistAddresses[] - * @param blacklistCount Size of blacklistAddresses[] and blacklistBeforeTimestamps[] - */ -void ZT_Node_pushNetworkRefresh(ZT_Node *node,uint64_t dest,uint64_t nwid,const uint64_t *blacklistAddresses,const uint64_t *blacklistBeforeTimestamps,unsigned int blacklistCount); - -/** * Initialize cluster operation * * This initializes the internal structures and state for cluster operation. diff --git a/node/IncomingPacket.cpp b/node/IncomingPacket.cpp index c50db794..72dfbfd8 100644 --- a/node/IncomingPacket.cpp +++ b/node/IncomingPacket.cpp @@ -982,7 +982,7 @@ bool IncomingPacket::_doNETWORK_CONFIG(const RuntimeEnvironment *RR,const Shared - peer->received(_path,hops(),packetId(),Packet::VERB_NETWORK_CONFIG_REFRESH,0,Packet::VERB_NOP,trustEstablished); + peer->received(_path,hops(),packetId(),Packet::VERB_NETWORK_CONFIG,0,Packet::VERB_NOP,trustEstablished); } catch ( ... ) { TRACE("dropped NETWORK_CONFIG_REFRESH from %s(%s): unexpected exception",source().toString().c_str(),_path->address().toString().c_str()); } diff --git a/node/Node.cpp b/node/Node.cpp index 2533eeb6..db9b8ea0 100644 --- a/node/Node.cpp +++ b/node/Node.cpp @@ -552,31 +552,6 @@ void Node::circuitTestEnd(ZT_CircuitTest *test) } } -void Node::pushNetworkRefresh(uint64_t dest,uint64_t nwid,const uint64_t *blacklistAddresses,const uint64_t *blacklistBeforeTimestamps,unsigned int blacklistCount) -{ - Packet outp(Address(dest),RR->identity.address(),Packet::VERB_NETWORK_CONFIG_REFRESH); - outp.append(nwid); - outp.addSize(2); - unsigned int c = 0; - for(unsigned int i=0;i<blacklistCount;++i) { - if ((outp.size() + 13) >= ZT_PROTO_MAX_PACKET_LENGTH) { - outp.setAt<uint16_t>(ZT_PACKET_IDX_PAYLOAD + 8,(uint16_t)c); - RR->sw->send(outp,true); - outp = Packet(Address(dest),RR->identity.address(),Packet::VERB_NETWORK_CONFIG_REFRESH); - outp.append(nwid); - outp.addSize(2); - c = 0; - } - Address(blacklistAddresses[i]).appendTo(outp); - outp.append(blacklistBeforeTimestamps[i]); - ++c; - } - if (c > 0) { - outp.setAt<uint16_t>(ZT_PACKET_IDX_PAYLOAD + 8,(uint16_t)c); - RR->sw->send(outp,true); - } -} - ZT_ResultCode Node::clusterInit( unsigned int myId, const struct sockaddr_storage *zeroTierPhysicalEndpoints, @@ -973,13 +948,6 @@ void ZT_Node_circuitTestEnd(ZT_Node *node,ZT_CircuitTest *test) } catch ( ... ) {} } -void ZT_Node_pushNetworkRefresh(ZT_Node *node,uint64_t dest,uint64_t nwid,const uint64_t *blacklistAddresses,const uint64_t *blacklistBeforeTimestamps,unsigned int blacklistCount) -{ - try { - reinterpret_cast<ZeroTier::Node *>(node)->pushNetworkRefresh(dest,nwid,blacklistAddresses,blacklistBeforeTimestamps,blacklistCount); - } catch ( ... ) {} -} - enum ZT_ResultCode ZT_Node_clusterInit( ZT_Node *node, unsigned int myId, diff --git a/node/Node.hpp b/node/Node.hpp index 56869816..11462531 100644 --- a/node/Node.hpp +++ b/node/Node.hpp @@ -107,7 +107,6 @@ public: void setNetconfMaster(void *networkControllerInstance); ZT_ResultCode circuitTestBegin(ZT_CircuitTest *test,void (*reportCallback)(ZT_Node *,ZT_CircuitTest *,const ZT_CircuitTestReport *)); void circuitTestEnd(ZT_CircuitTest *test); - void pushNetworkRefresh(uint64_t dest,uint64_t nwid,const uint64_t *blacklistAddresses,const uint64_t *blacklistBeforeTimestamps,unsigned int blacklistCount); ZT_ResultCode clusterInit( unsigned int myId, const struct sockaddr_storage *zeroTierPhysicalEndpoints, diff --git a/node/Packet.hpp b/node/Packet.hpp index e76cb96c..b03ec327 100644 --- a/node/Packet.hpp +++ b/node/Packet.hpp @@ -670,9 +670,11 @@ public: * 0x6 - WATCHed inbound frame * 0x7 - (reserved for future use) * - * An extended frame carries full MAC addressing, making them a - * superset of VERB_FRAME. They're used for bridging or when we - * want to attach a certificate since FRAME does not support that. + * An extended frame carries full MAC addressing, making it a + * superset of VERB_FRAME. It is used for bridged traffic, + * redirected or observed traffic via rules, and can in theory + * be used for multicast though MULTICAST_FRAME exists for that + * purpose and has additional options and capabilities. * * OK payload (if ACK flag is set): * <[8] 64-bit network ID> @@ -725,6 +727,9 @@ public: * These will of course only be accepted if they are properly signed. * Credentials can be for any number of networks. * + * The use of a zero byte to terminate the COM section is for legacy + * backward compatiblity. Newer fields are prefixed with a length. + * * OK/ERROR are not generated. */ VERB_NETWORK_CREDENTIALS = 0x0a, |