diff options
| -rw-r--r-- | netconf-service/config.js | 4 | ||||
| -rw-r--r-- | netconf-service/index.js | 2 | ||||
| -rw-r--r-- | netconf-service/redis-schema.md | 4 | ||||
| -rw-r--r-- | node/Network.cpp | 8 | ||||
| -rw-r--r-- | node/Network.hpp | 2 | ||||
| -rw-r--r-- | node/NetworkConfig.cpp | 2 | ||||
| -rw-r--r-- | node/NetworkConfig.hpp | 28 | ||||
| -rw-r--r-- | node/NodeConfig.cpp | 2 |
8 files changed, 17 insertions, 35 deletions
diff --git a/netconf-service/config.js b/netconf-service/config.js index 9d817c5a..b4d9733e 100644 --- a/netconf-service/config.js +++ b/netconf-service/config.js @@ -1,3 +1,3 @@ -//exports.redisDb = 0; // live -exports.redisDb = 1; // test +exports.redisDb = 0; // live +//exports.redisDb = 1; // test //exports.redisDb = 2; // dev diff --git a/netconf-service/index.js b/netconf-service/index.js index 60155500..bef40669 100644 --- a/netconf-service/index.js +++ b/netconf-service/index.js @@ -42,7 +42,7 @@ var ZT_NETWORKCONFIG_DICT_KEY_IPV4_STATIC = "v4s"; var ZT_NETWORKCONFIG_DICT_KEY_IPV6_STATIC = "v6s"; var ZT_NETWORKCONFIG_DICT_KEY_CERTIFICATE_OF_MEMBERSHIP = "com"; var ZT_NETWORKCONFIG_DICT_KEY_ENABLE_BROADCAST = "eb"; -var ZT_NETWORKCONFIG_DICT_KEY_BRIDGING_MODE = "br"; +var ZT_NETWORKCONFIG_DICT_KEY_ALLOW_PASSIVE_BRIDGING = "pb"; var ZT_NETWORKCONFIG_DICT_KEY_ACTIVE_BRIDGES = "ab"; // Path to zerotier-idtool binary, invoked to enerate certificates of membership diff --git a/netconf-service/redis-schema.md b/netconf-service/redis-schema.md index be1cce64..4d1fc2c3 100644 --- a/netconf-service/redis-schema.md +++ b/netconf-service/redis-schema.md @@ -69,7 +69,7 @@ Each network has a network record indexed by its 64-bit network ID in lower-case - M v4AssignPool :: network/bits from which to assign IPs - M v6AssignMode :: 'none' (or null/empty/etc.), 'zt', 'v6native', 'dhcp6' - M v6AssignPool :: network/bits from which to assign IPs -- M bridgingMode :: 0 == none, 1 == active only, 2 == permissive/all +- M allowPassiveBridging :: if true, allow passive bridging - M subscriptions :: comma-delimited list of subscriptions for this network - M ui :: arbitrary field that can be used by the UI to store stuff @@ -82,7 +82,7 @@ The netconf-master will automatically add any peer that even attempts to request - !R id :: must be \<address\> - !R nwid :: must be \<nwid\> - M authorized :: true if node is authorized and will be issued valid certificates and network configurations -- M bridge :: true if node is an active bridge +- M activeBridge :: true if node is an active bridge - M name :: name of system - M notes :: annotation field - R authorizedBy :: user ID of user who authorized membership diff --git a/node/Network.cpp b/node/Network.cpp index 99423637..d465c9df 100644 --- a/node/Network.cpp +++ b/node/Network.cpp @@ -235,7 +235,7 @@ bool Network::isAllowed(const Address &peer) const if (!_config) return false; - if (_config->isOpen()) + if (_config->isPublic()) return true; std::map<Address,CertificateOfMembership>::const_iterator pc(_membershipCertificates.find(peer)); @@ -255,7 +255,7 @@ void Network::clean() Mutex::Lock _l(_lock); uint64_t now = Utils::now(); - if ((_config)&&(_config->isOpen())) { + if ((_config)&&(_config->isPublic())) { // Open (public) networks do not track certs or cert pushes at all. _membershipCertificates.clear(); _lastPushedMembershipCertificate.clear(); @@ -446,7 +446,7 @@ void Network::_restoreState() } // Read most recent multicast cert dump - if ((_config)&&(!_config->isOpen())&&(Utils::fileExists(mcdbPath.c_str()))) { + if ((_config)&&(!_config->isPublic())&&(Utils::fileExists(mcdbPath.c_str()))) { CertificateOfMembership com; Mutex::Lock _l(_lock); @@ -497,7 +497,7 @@ void Network::_dumpMulticastCerts() if (!_config) return; - if ((!_id)||(_config->isOpen())) { + if ((!_id)||(_config->isPublic())) { Utils::rm(mcdbPath); return; } diff --git a/node/Network.hpp b/node/Network.hpp index ceb2af72..0d662bf5 100644 --- a/node/Network.hpp +++ b/node/Network.hpp @@ -229,7 +229,7 @@ public: inline void pushMembershipCertificate(const Address &peer,bool force,uint64_t now) { Mutex::Lock _l(_lock); - if ((_config)&&(!_config->isOpen())&&(_config->com())) + if ((_config)&&(!_config->isPublic())&&(_config->com())) _pushMembershipCertificate(peer,force,now); } diff --git a/node/NetworkConfig.cpp b/node/NetworkConfig.cpp index 98a44557..284cc47a 100644 --- a/node/NetworkConfig.cpp +++ b/node/NetworkConfig.cpp @@ -86,7 +86,7 @@ void NetworkConfig::_fromDictionary(const Dictionary &d) _issuedTo = Address(d.get(ZT_NETWORKCONFIG_DICT_KEY_ISSUED_TO)); _multicastPrefixBits = Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_MULTICAST_PREFIX_BITS,zero).c_str()); _multicastDepth = Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_MULTICAST_DEPTH,zero).c_str()); - _bridgingMode = (BridgingMode)Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_BRIDGING_MODE,zero).c_str()); + _allowPassiveBridging = (Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_ALLOW_PASSIVE_BRIDGING,zero).c_str()) != 0); _private = (Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_PRIVATE,one).c_str()) != 0); _enableBroadcast = (Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_ENABLE_BROADCAST,one).c_str()) != 0); _name = d.get(ZT_NETWORKCONFIG_DICT_KEY_NAME); diff --git a/node/NetworkConfig.hpp b/node/NetworkConfig.hpp index 05c395c0..28db83fe 100644 --- a/node/NetworkConfig.hpp +++ b/node/NetworkConfig.hpp @@ -62,7 +62,7 @@ namespace ZeroTier { #define ZT_NETWORKCONFIG_DICT_KEY_IPV6_STATIC "v6s" #define ZT_NETWORKCONFIG_DICT_KEY_CERTIFICATE_OF_MEMBERSHIP "com" #define ZT_NETWORKCONFIG_DICT_KEY_ENABLE_BROADCAST "eb" -#define ZT_NETWORKCONFIG_DICT_KEY_BRIDGING_MODE "br" +#define ZT_NETWORKCONFIG_DICT_KEY_ALLOW_PASSIVE_BRIDGING "pb" #define ZT_NETWORKCONFIG_DICT_KEY_ACTIVE_BRIDGES "ab" /** @@ -76,16 +76,6 @@ public: friend class SharedPtr<NetworkConfig>; /** - * Network bridging mode - */ - enum BridgingMode - { - BRIDGING_DISABLED = 0, // no bridging - BRIDGING_ACTIVE_ONLY = 1, // only active bridges may bridge - BRIDGING_PERMISSIVE = 2 // allow passive bridging by any peer - }; - - /** * Tuple of multicast rate parameters */ struct MulticastRate @@ -129,7 +119,8 @@ public: inline unsigned int multicastPrefixBits() const throw() { return _multicastPrefixBits; } inline unsigned int multicastDepth() const throw() { return _multicastDepth; } inline const std::map<MulticastGroup,MulticastRate> &multicastRates() const throw() { return _multicastRates; } - inline bool isOpen() const throw() { return (!_private); } + inline bool allowPassiveBridging() const throw() { return _allowPassiveBridging; } + inline bool isPublic() const throw() { return (!_private); } inline bool isPrivate() const throw() { return _private; } inline const std::string &name() const throw() { return _name; } inline const std::string &description() const throw() { return _description; } @@ -143,17 +134,8 @@ public: * @return True if this network allows bridging */ inline bool permitsBridging(const Address &fromPeer) const - throw() { - switch(_bridgingMode) { - case BRIDGING_ACTIVE_ONLY: - return (_activeBridges.count(fromPeer) > 0); - case BRIDGING_PERMISSIVE: - return true; - //case BRIDGING_DISABLED: - default: - return false; - } + return ((_allowPassiveBridging) ? true : (_activeBridges.count(fromPeer) > 0)); } /** @@ -175,7 +157,7 @@ private: Address _issuedTo; unsigned int _multicastPrefixBits; unsigned int _multicastDepth; - BridgingMode _bridgingMode; + bool _allowPassiveBridging; bool _private; bool _enableBroadcast; std::string _name; diff --git a/node/NodeConfig.cpp b/node/NodeConfig.cpp index e2b1d974..b9f6b138 100644 --- a/node/NodeConfig.cpp +++ b/node/NodeConfig.cpp @@ -249,7 +249,7 @@ void NodeConfig::_doCommand(IpcConnection *ipcc,const char *commandLine) ((nconf) ? nconf->name().c_str() : "?"), Network::statusString(nw->second->status()), age, - ((nconf) ? (nconf->isOpen() ? "public" : "private") : "?"), + ((nconf) ? (nconf->isPublic() ? "public" : "private") : "?"), (dn.length() > 0) ? dn.c_str() : "?", ((tmp.length() > 0) ? tmp.c_str() : "-")); } |