diff options
| -rw-r--r-- | node/NetworkController.hpp | 2 | ||||
| -rw-r--r-- | one.cpp | 678 | ||||
| -rw-r--r-- | osdep/OSUtils.hpp | 5 | ||||
| -rw-r--r-- | updater/HttpClient.cpp (renamed from osdep/HttpClient.cpp) | 0 | ||||
| -rw-r--r-- | updater/HttpClient.hpp (renamed from osdep/HttpClient.hpp) | 0 | ||||
| -rw-r--r-- | updater/SoftwareUpdater.cpp (renamed from osdep/SoftwareUpdater.cpp) | 0 | ||||
| -rw-r--r-- | updater/SoftwareUpdater.hpp (renamed from osdep/SoftwareUpdater.hpp) | 0 |
7 files changed, 676 insertions, 9 deletions
diff --git a/node/NetworkController.hpp b/node/NetworkController.hpp index 32b8f053..353c091a 100644 --- a/node/NetworkController.hpp +++ b/node/NetworkController.hpp @@ -41,7 +41,7 @@ namespace ZeroTier { class RuntimeEnvironment; /** - * Interface for network configuration (netconf) master implementations + * Interface for network controller implementations */ class NetworkController { @@ -29,18 +29,688 @@ #include <stdlib.h> #include <string.h> #include <stdint.h> +#include <time.h> +#include <errno.h> + +#ifdef __WINDOWS__ +#include <WinSock2.h> +#include <Windows.h> +#include <tchar.h> +#include <wchar.h> +#include <lmcons.h> +#include <newdev.h> +#include <atlbase.h> +#include "windows/ZeroTierOne/ServiceInstaller.h" +#include "windows/ZeroTierOne/ServiceBase.h" +#include "windows/ZeroTierOne/ZeroTierOneService.h" +#else +#include <unistd.h> +#include <pwd.h> +#include <fcntl.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <signal.h> +#endif #include <string> #include <stdexcept> +#include "version.h" +#include "include/ZeroTierOne.h" +#include "node/Constants.hpp" +#include "node/Identity.hpp" +#include "node/CertificateOfMembership.hpp" +#include "node/Utils.hpp" +#include "osdep/OSUtils.hpp" #include "service/OneService.hpp" +#ifdef ZT_ENABLE_NETWORK_CONTROLLER +#include "controller/SqliteNetworkController.hpp" +#endif + +#define ZT1_AUTHTOKEN_SECRET_PATH "authtoken.secret" +#define ZT1_PID_PATH "zerotier-one.pid" using namespace ZeroTier; -int main(int argc,char **argv) +static OneService *zt1Service = (OneService *)0; + +/****************************************************************************/ +/* zerotier-cli personality */ +/****************************************************************************/ + +#ifdef __WINDOWS__ +int cli(int argc, _TCHAR* argv[]) +#else +int cli(int argc,char **argv) +#endif +{ +} + +/****************************************************************************/ +/* zerotier-idtool personality */ +/****************************************************************************/ + +static void idtoolPrintHelp(FILE *out,const char *pn) +{ + fprintf(out,"Usage: %s <command> [<args>]"ZT_EOL_S""ZT_EOL_S"Commands:"ZT_EOL_S,pn); + fprintf(out," generate [<identity.secret>] [<identity.public>]"ZT_EOL_S); + fprintf(out," validate <identity.secret/public>"ZT_EOL_S); + fprintf(out," getpublic <identity.secret>"ZT_EOL_S); + fprintf(out," sign <identity.secret> <file>"ZT_EOL_S); + fprintf(out," verify <identity.secret/public> <file> <signature>"ZT_EOL_S); + fprintf(out," mkcom <identity.secret> [<id,value,maxDelta> ...] (hexadecimal integers)"ZT_EOL_S); +} + +static Identity getIdFromArg(char *arg) { - One *one = One::newInstance("/tmp/foo",12345); - one->run(); - printf("termination reason: %d, message: %s\n",(int)one->reasonForTermination(),one->fatalErrorMessage().c_str()); + Identity id; + if ((strlen(arg) > 32)&&(arg[10] == ':')) { // identity is a literal on the command line + if (id.fromString(arg)) + return id; + } else { // identity is to be read from a file + std::string idser; + if (Utils::readFile(arg,idser)) { + if (id.fromString(idser)) + return id; + } + } + return Identity(); +} + +#ifdef __WINDOWS__ +int idtool(int argc, _TCHAR* argv[]) +#else +int idtool(int argc,char **argv) +#endif +{ + if (argc < 2) { + idtoolPrintHelp(stdout,argv[0]); + return 1; + } + + if (!strcmp(argv[1],"generate")) { + Identity id; + id.generate(); + std::string idser = id.toString(true); + if (argc >= 3) { + if (!Utils::writeFile(argv[2],idser)) { + fprintf(stderr,"Error writing to %s"ZT_EOL_S,argv[2]); + return 1; + } else printf("%s written"ZT_EOL_S,argv[2]); + if (argc >= 4) { + idser = id.toString(false); + if (!Utils::writeFile(argv[3],idser)) { + fprintf(stderr,"Error writing to %s"ZT_EOL_S,argv[3]); + return 1; + } else printf("%s written"ZT_EOL_S,argv[3]); + } + } else printf("%s",idser.c_str()); + } else if (!strcmp(argv[1],"validate")) { + if (argc < 3) { + idtoolPrintHelp(stdout,argv[0]); + return 1; + } + + Identity id = getIdFromArg(argv[2]); + if (!id) { + fprintf(stderr,"Identity argument invalid or file unreadable: %s"ZT_EOL_S,argv[2]); + return 1; + } + + if (!id.locallyValidate()) { + fprintf(stderr,"%s FAILED validation."ZT_EOL_S,argv[2]); + return 1; + } else printf("%s is a valid identity"ZT_EOL_S,argv[2]); + } else if (!strcmp(argv[1],"getpublic")) { + if (argc < 3) { + idtoolPrintHelp(stdout,argv[0]); + return 1; + } + + Identity id = getIdFromArg(argv[2]); + if (!id) { + fprintf(stderr,"Identity argument invalid or file unreadable: %s"ZT_EOL_S,argv[2]); + return 1; + } + + printf("%s",id.toString(false).c_str()); + } else if (!strcmp(argv[1],"sign")) { + if (argc < 4) { + idtoolPrintHelp(stdout,argv[0]); + return 1; + } + + Identity id = getIdFromArg(argv[2]); + if (!id) { + fprintf(stderr,"Identity argument invalid or file unreadable: %s"ZT_EOL_S,argv[2]); + return 1; + } + + if (!id.hasPrivate()) { + fprintf(stderr,"%s does not contain a private key (must use private to sign)"ZT_EOL_S,argv[2]); + return 1; + } + + std::string inf; + if (!Utils::readFile(argv[3],inf)) { + fprintf(stderr,"%s is not readable"ZT_EOL_S,argv[3]); + return 1; + } + C25519::Signature signature = id.sign(inf.data(),(unsigned int)inf.length()); + printf("%s",Utils::hex(signature.data,(unsigned int)signature.size()).c_str()); + } else if (!strcmp(argv[1],"verify")) { + if (argc < 4) { + idtoolPrintHelp(stdout,argv[0]); + return 1; + } + + Identity id = getIdFromArg(argv[2]); + if (!id) { + fprintf(stderr,"Identity argument invalid or file unreadable: %s"ZT_EOL_S,argv[2]); + return 1; + } + + std::string inf; + if (!Utils::readFile(argv[3],inf)) { + fprintf(stderr,"%s is not readable"ZT_EOL_S,argv[3]); + return 1; + } + + std::string signature(Utils::unhex(argv[4])); + if ((signature.length() > ZT_ADDRESS_LENGTH)&&(id.verify(inf.data(),(unsigned int)inf.length(),signature.data(),(unsigned int)signature.length()))) { + printf("%s signature valid"ZT_EOL_S,argv[3]); + } else { + fprintf(stderr,"%s signature check FAILED"ZT_EOL_S,argv[3]); + return 1; + } + } else if (!strcmp(argv[1],"mkcom")) { + if (argc < 3) { + idtoolPrintHelp(stdout,argv[0]); + return 1; + } + + Identity id = getIdFromArg(argv[2]); + if ((!id)||(!id.hasPrivate())) { + fprintf(stderr,"Identity argument invalid, does not include private key, or file unreadable: %s"ZT_EOL_S,argv[2]); + return 1; + } + + CertificateOfMembership com; + for(int a=3;a<argc;++a) { + std::vector<std::string> params(Utils::split(argv[a],",","","")); + if (params.size() == 3) { + uint64_t qId = Utils::hexStrToU64(params[0].c_str()); + uint64_t qValue = Utils::hexStrToU64(params[1].c_str()); + uint64_t qMaxDelta = Utils::hexStrToU64(params[2].c_str()); + com.setQualifier(qId,qValue,qMaxDelta); + } + } + if (!com.sign(id)) { + fprintf(stderr,"Signature of certificate of membership failed."ZT_EOL_S); + return 1; + } + + printf("%s",com.toString().c_str()); + } else { + idtoolPrintHelp(stdout,argv[0]); + return 1; + } + return 0; } + +/****************************************************************************/ +/* Unix helper functions and signal handlers */ +/****************************************************************************/ + +#ifdef __UNIX_LIKE__ +static void _sighandlerHup(int sig) +{ + Node *n = node; + if (n) + n->resync(); +} +static void _sighandlerQuit(int sig) +{ + Node *n = node; + if (n) + n->terminate(Node::NODE_NORMAL_TERMINATION,"terminated by signal"); + else exit(0); +} +#endif + +/****************************************************************************/ +/* Windows helper functions and signal handlers */ +/****************************************************************************/ + +#ifdef __WINDOWS__ +// Console signal handler routine to allow CTRL+C to work, mostly for testing +static BOOL WINAPI _winConsoleCtrlHandler(DWORD dwCtrlType) +{ + switch(dwCtrlType) { + case CTRL_C_EVENT: + case CTRL_BREAK_EVENT: + case CTRL_CLOSE_EVENT: + case CTRL_SHUTDOWN_EVENT: + Node *n = node; + if (n) + n->terminate(Node::NODE_NORMAL_TERMINATION,"terminated by signal"); + return TRUE; + } + return FALSE; +} + +// Pokes a hole in the Windows firewall (advfirewall) for the running program +static void _winPokeAHole() +{ + char myPath[MAX_PATH]; + DWORD ps = GetModuleFileNameA(NULL,myPath,sizeof(myPath)); + if ((ps > 0)&&(ps < (DWORD)sizeof(myPath))) { + STARTUPINFOA startupInfo; + PROCESS_INFORMATION processInfo; + + startupInfo.cb = sizeof(startupInfo); + memset(&startupInfo,0,sizeof(STARTUPINFOA)); + memset(&processInfo,0,sizeof(PROCESS_INFORMATION)); + if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\netsh.exe advfirewall firewall delete rule name=\"ZeroTier One\" program=\"") + myPath + "\"").c_str(),NULL,NULL,FALSE,0,NULL,NULL,&startupInfo,&processInfo)) { + WaitForSingleObject(processInfo.hProcess,INFINITE); + CloseHandle(processInfo.hProcess); + CloseHandle(processInfo.hThread); + } + + startupInfo.cb = sizeof(startupInfo); + memset(&startupInfo,0,sizeof(STARTUPINFOA)); + memset(&processInfo,0,sizeof(PROCESS_INFORMATION)); + if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\netsh.exe advfirewall firewall add rule name=\"ZeroTier One\" dir=in action=allow program=\"") + myPath + "\" enable=yes").c_str(),NULL,NULL,FALSE,0,NULL,NULL,&startupInfo,&processInfo)) { + WaitForSingleObject(processInfo.hProcess,INFINITE); + CloseHandle(processInfo.hProcess); + CloseHandle(processInfo.hThread); + } + + startupInfo.cb = sizeof(startupInfo); + memset(&startupInfo,0,sizeof(STARTUPINFOA)); + memset(&processInfo,0,sizeof(PROCESS_INFORMATION)); + if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\netsh.exe advfirewall firewall add rule name=\"ZeroTier One\" dir=out action=allow program=\"") + myPath + "\" enable=yes").c_str(),NULL,NULL,FALSE,0,NULL,NULL,&startupInfo,&processInfo)) { + WaitForSingleObject(processInfo.hProcess,INFINITE); + CloseHandle(processInfo.hProcess); + CloseHandle(processInfo.hThread); + } + } +} + +// Returns true if this is running as the local administrator +static BOOL IsCurrentUserLocalAdministrator(void) +{ + BOOL fReturn = FALSE; + DWORD dwStatus; + DWORD dwAccessMask; + DWORD dwAccessDesired; + DWORD dwACLSize; + DWORD dwStructureSize = sizeof(PRIVILEGE_SET); + PACL pACL = NULL; + PSID psidAdmin = NULL; + + HANDLE hToken = NULL; + HANDLE hImpersonationToken = NULL; + + PRIVILEGE_SET ps; + GENERIC_MAPPING GenericMapping; + + PSECURITY_DESCRIPTOR psdAdmin = NULL; + SID_IDENTIFIER_AUTHORITY SystemSidAuthority = SECURITY_NT_AUTHORITY; + + const DWORD ACCESS_READ = 1; + const DWORD ACCESS_WRITE = 2; + + __try + { + if (!OpenThreadToken(GetCurrentThread(), TOKEN_DUPLICATE|TOKEN_QUERY,TRUE,&hToken)) + { + if (GetLastError() != ERROR_NO_TOKEN) + __leave; + if (!OpenProcessToken(GetCurrentProcess(),TOKEN_DUPLICATE|TOKEN_QUERY, &hToken)) + __leave; + } + if (!DuplicateToken (hToken, SecurityImpersonation,&hImpersonationToken)) + __leave; + if (!AllocateAndInitializeSid(&SystemSidAuthority, 2, + SECURITY_BUILTIN_DOMAIN_RID, + DOMAIN_ALIAS_RID_ADMINS, + 0, 0, 0, 0, 0, 0, &psidAdmin)) + __leave; + psdAdmin = LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH); + if (psdAdmin == NULL) + __leave; + if (!InitializeSecurityDescriptor(psdAdmin,SECURITY_DESCRIPTOR_REVISION)) + __leave; + dwACLSize = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(psidAdmin) - sizeof(DWORD); + pACL = (PACL)LocalAlloc(LPTR, dwACLSize); + if (pACL == NULL) + __leave; + if (!InitializeAcl(pACL, dwACLSize, ACL_REVISION2)) + __leave; + dwAccessMask= ACCESS_READ | ACCESS_WRITE; + if (!AddAccessAllowedAce(pACL, ACL_REVISION2, dwAccessMask, psidAdmin)) + __leave; + if (!SetSecurityDescriptorDacl(psdAdmin, TRUE, pACL, FALSE)) + __leave; + + SetSecurityDescriptorGroup(psdAdmin, psidAdmin, FALSE); + SetSecurityDescriptorOwner(psdAdmin, psidAdmin, FALSE); + + if (!IsValidSecurityDescriptor(psdAdmin)) + __leave; + dwAccessDesired = ACCESS_READ; + + GenericMapping.GenericRead = ACCESS_READ; + GenericMapping.GenericWrite = ACCESS_WRITE; + GenericMapping.GenericExecute = 0; + GenericMapping.GenericAll = ACCESS_READ | ACCESS_WRITE; + + if (!AccessCheck(psdAdmin, hImpersonationToken, dwAccessDesired, + &GenericMapping, &ps, &dwStructureSize, &dwStatus, + &fReturn)) + { + fReturn = FALSE; + __leave; + } + } + __finally + { + // Clean up. + if (pACL) LocalFree(pACL); + if (psdAdmin) LocalFree(psdAdmin); + if (psidAdmin) FreeSid(psidAdmin); + if (hImpersonationToken) CloseHandle (hImpersonationToken); + if (hToken) CloseHandle (hToken); + } + + return fReturn; +} +#endif // __WINDOWS__ + +/****************************************************************************/ +/* main() and friends */ +/****************************************************************************/ + +static void printHelp(const char *cn,FILE *out) +{ + fprintf(out,"ZeroTier One version %d.%d.%d"ZT_EOL_S"(c)2011-2015 ZeroTier, Inc."ZT_EOL_S,ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION); + fprintf(out,"Licensed under the GNU General Public License v3"ZT_EOL_S""ZT_EOL_S); + +#ifdef ZT_AUTO_UPDATE + fprintf(out,"Auto-update enabled build, will update from URL:"ZT_EOL_S); + fprintf(out," %s"ZT_EOL_S,ZT_DEFAULTS.updateLatestNfoURL.c_str()); + fprintf(out,"Update authentication signing authorities: "ZT_EOL_S); + int no = 0; + for(std::map< Address,Identity >::const_iterator sa(ZT_DEFAULTS.updateAuthorities.begin());sa!=ZT_DEFAULTS.updateAuthorities.end();++sa) { + if (no == 0) + fprintf(out," %s",sa->first.toString().c_str()); + else fprintf(out,", %s",sa->first.toString().c_str()); + if (++no == 6) { + fprintf(out,ZT_EOL_S); + no = 0; + } + } + fprintf(out,ZT_EOL_S""ZT_EOL_S); +#endif // ZT_AUTO_UPDATE + + fprintf(out,"Usage: %s [-switches] [home directory] [-q <query>]"ZT_EOL_S""ZT_EOL_S,cn); + fprintf(out,"Available switches:"ZT_EOL_S); + fprintf(out," -h - Display this help"ZT_EOL_S); + fprintf(out," -v - Show version"ZT_EOL_S); + fprintf(out," -p<port> - Port for UDP (default: 9993)"ZT_EOL_S); + //fprintf(out," -T<path> - Override root topology, do not authenticate or update"ZT_EOL_S); +#ifdef __UNIX_LIKE__ + fprintf(out," -d - Fork and run as daemon (Unix-ish OSes)"ZT_EOL_S); +#endif // __UNIX_LIKE__ + fprintf(out," -q - Send a query to a running service (zerotier-cli)"ZT_EOL_S); + fprintf(out," -i - Generate and manage identities (zerotier-idtool)"ZT_EOL_S); +#ifdef __WINDOWS__ + fprintf(out," -C - Run from command line instead of as service (Windows)"ZT_EOL_S); + fprintf(out," -I - Install Windows service (Windows)"ZT_EOL_S); + fprintf(out," -R - Uninstall Windows service (Windows)"ZT_EOL_S); + fprintf(out," -D - Load tap driver into system driver store (Windows)"ZT_EOL_S); +#endif // __WINDOWS__ +} + +#ifdef __WINDOWS__ +int _tmain(int argc, _TCHAR* argv[]) +#else +int main(int argc,char **argv) +#endif +{ +#ifdef __UNIX_LIKE__ + signal(SIGHUP,&_sighandlerHup); + signal(SIGPIPE,SIG_IGN); + signal(SIGUSR1,SIG_IGN); + signal(SIGUSR2,SIG_IGN); + signal(SIGALRM,SIG_IGN); + signal(SIGINT,&_sighandlerQuit); + signal(SIGTERM,&_sighandlerQuit); + signal(SIGQUIT,&_sighandlerQuit); + + /* Ensure that there are no inherited file descriptors open from a previous + * incarnation. This is a hack to ensure that GitHub issue #61 or variants + * of it do not return, and should not do anything otherwise bad. */ + { + int mfd = STDIN_FILENO; + if (STDOUT_FILENO > mfd) mfd = STDOUT_FILENO; + if (STDERR_FILENO > mfd) mfd = STDERR_FILENO; + for(int f=mfd+1;f<1024;++f) + ::close(f); + } + + bool runAsDaemon = false; +#endif // __UNIX_LIKE__ + +#ifdef __WINDOWS__ + WSADATA wsaData; + WSAStartup(MAKEWORD(2,2),&wsaData); + +#ifdef ZT_WIN_RUN_IN_CONSOLE + bool winRunFromCommandLine = true; +#else + bool winRunFromCommandLine = false; +#endif +#endif // __WINDOWS__ + + if ((strstr(argv[0],"zerotier-cli"))||(strstr(argv[0],"ZEROTIER-CLI"))) + return cli(argc,argv); + if ((strstr(argv[0],"zerotier-idtool"))||(strstr(argv[0],"ZEROTIER-IDTOOL"))) + return idtool(argc,argv); + + std::string overrideRootTopology; + std::string homeDir; + unsigned int port = ZT1_DEFAULT_PORT; + + for(int i=1;i<argc;++i) { + if (argv[i][0] == '-') { + switch(argv[i][1]) { + + case 'p': // port -- for both UDP and TCP, packets and control plane + port = Utils::strToUInt(argv[i] + 2); + if ((port > 0xffff)||(port == 0)) { + printHelp(argv[0],stdout); + return 1; + } + break; + + case 't': // TCP port -- ignore, since we now bind to both UDP and TCP on the same port + break; + +#ifdef __UNIX_LIKE__ + case 'd': // Run in background as daemon + runAsDaemon = true; + break; +#endif // __UNIX_LIKE__ + + case 'T': // Override root topology + if (argv[i][2]) { + if (!OSUtils::readFile(argv[i] + 2,overrideRootTopology)) { + fprintf(stderr,"%s: cannot read root topology from %s"ZT_EOL_S,argv[0],argv[i] + 2); + return 1; + } + } else { + printHelp(argv[0],stdout); + return 1; + } + break; + + case 'v': // Display version + printf("%d.%d.%d"ZT_EOL_S,ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION); + return 0; + + case 'q': // Invoke cli personality + if (argv[i][2]) { + printHelp(argv[0],stdout); + return 0; + } else return cli(argc,argv); + + case 'i': // Invoke idtool personality + if (argv[i][2]) { + printHelp(argv[0],stdout); + return 0; + } else return idtool(argc,argv); + +#ifdef __WINDOWS__ + case 'C': // Run from command line instead of as Windows service + winRunFromCommandLine = true; + break; + + case 'I': { // Install this binary as a Windows service + if (IsCurrentUserLocalAdministrator() != TRUE) { + fprintf(stderr,"%s: must be run as a local administrator."ZT_EOL_S,argv[0]); + return 1; + } + std::string ret(InstallService(ZT_SERVICE_NAME,ZT_SERVICE_DISPLAY_NAME,ZT_SERVICE_START_TYPE,ZT_SERVICE_DEPENDENCIES,ZT_SERVICE_ACCOUNT,ZT_SERVICE_PASSWORD)); + if (ret.length()) { + fprintf(stderr,"%s: unable to install service: %s"ZT_EOL_S,argv[0],ret.c_str()); + return 3; + } + return 0; + } break; + + case 'R': { // Uninstall this binary as Windows service + if (IsCurrentUserLocalAdministrator() != TRUE) { + fprintf(stderr,"%s: must be run as a local administrator."ZT_EOL_S,argv[0]); + return 1; + } + std::string ret(UninstallService(ZT_SERVICE_NAME)); + if (ret.length()) { + fprintf(stderr,"%s: unable to uninstall service: %s"ZT_EOL_S,argv[0],ret.c_str()); + return 3; + } + return 0; + } break; + +#if 0 + case 'D': { // Install Windows driver (since PNPUTIL.EXE seems to be weirdly unreliable) + std::string pathToInf; +#ifdef _WIN64 + pathToInf = ZT_DEFAULTS.defaultHomePath + "\\tap-windows\\x64\\zttap200.inf"; +#else + pathToInf = ZT_DEFAULTS.defaultHomePath + "\\tap-windows\\x86\\zttap200.inf"; +#endif + printf("Installing ZeroTier One virtual Ethernet port driver."ZT_EOL_S""ZT_EOL_S"NOTE: If you don't see a confirmation window to allow driver installation,"ZT_EOL_S"check to make sure it didn't appear under the installer."ZT_EOL_S); + BOOL needReboot = FALSE; + if (DiInstallDriverA(NULL,pathToInf.c_str(),DIIRFLAG_FORCE_INF,&needReboot)) { + printf("%s: driver successfully installed from %s"ZT_EOL_S,argv[0],pathToInf.c_str()); + return 0; + } else { + printf("%s: failed installing %s: %d"ZT_EOL_S,argv[0],pathToInf.c_str(),(int)GetLastError()); + return 3; + } + } break; +#endif // __WINDOWS__ +#endif + + case 'h': + case '?': + default: + printHelp(argv[0],stdout); + return 0; + } + } else { + if (homeDir.length()) { + printHelp(argv[0],stdout); + return 0; + } else { + homeDir = argv[i]; + } + } + } + + if (!homeDir.length()) + homeDir = OneService::platformDefaultHomePath(); + + OSUtils::mkdir(homeDir.c_str()); + + std::string authToken; + { + std::string authTokenPath(homeDir + ZT_PATH_SEPARATOR_S + ZT1_AUTHTOKEN_SECRET_PATH); + if (!OSUtils::readFile(authTokenPath.c_str(),authToken)) { + unsigned char foo[24]; + Utils::getSecureRandom(foo,sizeof(foo)); + authToken = ""; + for(unsigned int i=0;i<sizeof(foo);++i) + authToken.push_back("abcdefghijklmnopqrstuvwxyz0123456789"[(unsigned long)foo[i] % 36]); + if (!OSUtils::writeFile(authTokenPath.c_str(),authToken)) { + fprintf(stderr,"%s: cannot create authtoken.secret"ZT_EOL_S,argv[0]); + return 1; + } else OSUtils::lockDownFile(authTokenPath.c_str(),false); + } + } + authToken = Utils::trim(authToken); + +#ifdef __UNIX_LIKE__ + if (getuid() != 0) { + fprintf(stderr,"%s: must be run as root (uid 0)"ZT_EOL_S,argv[0]); + return 1; + } + + if (runAsDaemon) { + long p = (long)fork(); + if (p < 0) { + fprintf(stderr,"%s: could not fork"ZT_EOL_S,argv[0]); + return 1; + } else if (p > 0) + return 0; // forked + // else p == 0, so we are daemonized + } + + { + // Write .pid file to home folder + std::string pidPath(homeDir + ZT_PATH_SEPARATOR_S + ZT1_PID_PATH); + FILE *pf = fopen(pidPath.c_str(),"w"); + if (pf) { + fprintf(pf,"%ld",(long)getpid()); + fclose(pf); + } + } +#endif // __UNIX_LIKE__ + +#ifdef __WINDOWS__ + if (winRunFromCommandLine) { + // Running in "interactive" mode (mostly for debugging) + if (IsCurrentUserLocalAdministrator() != TRUE) { + fprintf(stderr,"%s: must be run as a local administrator."ZT_EOL_S,argv[0]); + return 1; + } + _winPokeAHole(); + SetConsoleCtrlHandler(&_winConsoleCtrlHandler,TRUE); + // continues on to ordinary command line execution code below... + } else { + // Running from service manager + _winPokeAHole(); + ZeroTierOneService zt1Service; + if (CServiceBase::Run(zt1Service) == TRUE) { + return 0; + } else { + fprintf(stderr,"%s: unable to start service (try -h for help)"ZT_EOL_S,argv[0]); + return 1; + } + } +#endif // __WINDOWS__ + +} diff --git a/osdep/OSUtils.hpp b/osdep/OSUtils.hpp index 142f0aed..fe054ba2 100644 --- a/osdep/OSUtils.hpp +++ b/osdep/OSUtils.hpp @@ -219,10 +219,7 @@ public: * @param s Data to write * @return True if entire file was successfully written */ - static inline bool writeFile(const char *path,const std::string &s) - { - return writeFile(path,s.data(),(unsigned int)s.length()); - } + static inline bool writeFile(const char *path,const std::string &s) { return writeFile(path,s.data(),(unsigned int)s.length()); } }; } // namespace ZeroTier diff --git a/osdep/HttpClient.cpp b/updater/HttpClient.cpp index 1cf78204..1cf78204 100644 --- a/osdep/HttpClient.cpp +++ b/updater/HttpClient.cpp diff --git a/osdep/HttpClient.hpp b/updater/HttpClient.hpp index 00400a8c..00400a8c 100644 --- a/osdep/HttpClient.hpp +++ b/updater/HttpClient.hpp diff --git a/osdep/SoftwareUpdater.cpp b/updater/SoftwareUpdater.cpp index e3789bcb..e3789bcb 100644 --- a/osdep/SoftwareUpdater.cpp +++ b/updater/SoftwareUpdater.cpp diff --git a/osdep/SoftwareUpdater.hpp b/updater/SoftwareUpdater.hpp index 9beaa8ad..9beaa8ad 100644 --- a/osdep/SoftwareUpdater.hpp +++ b/updater/SoftwareUpdater.hpp |