diff options
| -rw-r--r-- | attic/NetworkConfigMaster.cpp (renamed from node/NetworkConfigMaster.cpp) | 0 | ||||
| -rw-r--r-- | attic/NetworkConfigMaster.hpp | 135 | ||||
| -rw-r--r-- | node/IncomingPacket.cpp | 67 | ||||
| -rw-r--r-- | node/NetworkConfigMaster.hpp | 93 | ||||
| -rw-r--r-- | node/Node.cpp | 17 | ||||
| -rw-r--r-- | objects.mk | 1 |
6 files changed, 214 insertions, 99 deletions
diff --git a/node/NetworkConfigMaster.cpp b/attic/NetworkConfigMaster.cpp index 299d497c..299d497c 100644 --- a/node/NetworkConfigMaster.cpp +++ b/attic/NetworkConfigMaster.cpp diff --git a/attic/NetworkConfigMaster.hpp b/attic/NetworkConfigMaster.hpp new file mode 100644 index 00000000..f4386189 --- /dev/null +++ b/attic/NetworkConfigMaster.hpp @@ -0,0 +1,135 @@ +/* + * ZeroTier One - Network Virtualization Everywhere + * Copyright (C) 2011-2015 ZeroTier, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * -- + * + * ZeroTier may be used and distributed under the terms of the GPLv3, which + * are available at: http://www.gnu.org/licenses/gpl-3.0.html + * + * If you would like to embed ZeroTier into a commercial application or + * redistribute it in a modified binary form, please contact ZeroTier Networks + * LLC. Start here: http://www.zerotier.com/ + */ + +#ifndef ZT_NETWORKCONFIGMASTER_HPP +#define ZT_NETWORKCONFIGMASTER_HPP + +#include "Constants.hpp" + +#define ZT_LOCAL_CONFIG_NETCONF_REDIS_HOST "netconf.redisHost" +#define ZT_LOCAL_CONFIG_NETCONF_REDIS_PORT "netconf.redisPort" +#define ZT_LOCAL_CONFIG_NETCONF_REDIS_PORT_DEFAULT 6379 +#define ZT_LOCAL_CONFIG_NETCONF_REDIS_AUTH "netconf.redisAuth" +#define ZT_LOCAL_CONFIG_NETCONF_REDIS_DBNUM "netconf.redisDatabaseNumber" +#define ZT_LOCAL_CONFIG_NETCONF_REDIS_DBNUM_DEFAULT 0 + +#ifdef ZT_ENABLE_NETCONF_MASTER + +#include <stdint.h> +#include <string> +#include <map> +#include <vector> + +#include "Address.hpp" +#include "Dictionary.hpp" +#include "Mutex.hpp" +#include "InetAddress.hpp" + +#include <hiredis/hiredis.h> + +namespace ZeroTier { + +class RuntimeEnvironment; + +/** + * Network configuration master -- responds to NETCONF requests + * + * This requires the 'hiredis' C library to build. + */ +class NetworkConfigMaster +{ +public: + /** + * Create netconf master + * + * This doesn't connect to Redis until the first request is received. + * + * @param renv Runtime environment + * @param redisHost Hostname or IP of Redis server + * @param redisPort Redis IP port number + * @param redisPassword Redis AUTH password or NULL if none + * @param redisDatabaseNumber Redis database number (usually 0) + */ + NetworkConfigMaster( + const RuntimeEnvironment *renv, + const char *redisHost, + unsigned int redisPort, + const char *redisPassword, + unsigned int redisDatabaseNumber); + + ~NetworkConfigMaster(); + + /** + * Handle a network config request, sending replies if necessary + * + * This is a blocking call, so rate is limited by Redis. It will fail + * and log its failure if the Redis server is not available or times out. + * + * @param fromAddr Originating IP address + * @param packetId 64-bit packet ID + * @param member Originating peer ZeroTier address + * @param nwid 64-bit network ID + * @param metaData Meta-data bundled with request (empty if none) + * @param haveTimestamp Timestamp requesting peer has or 0 if none or not included + */ + void doNetworkConfigRequest( + const InetAddress &fromAddr, + uint64_t packetId, + const Address &member, + uint64_t nwid, + const Dictionary &metaData, + uint64_t haveTimestamp); + +private: + // These assume _lock is locked + bool _reconnect(); + bool _hgetall(const char *key,Dictionary &hdata); + bool _hmset(const char *key,const Dictionary &hdata); + bool _hget(const char *key,const char *hashKey,std::string &value); + bool _hset(const char *key,const char *hashKey,const char *value); + bool _get(const char *key,std::string &value); + bool _smembers(const char *key,std::vector<std::string> &sdata); + + bool _initNewMember(uint64_t nwid,const Address &member,const Dictionary &metaData,Dictionary &memberRecord); + bool _generateNetconf(uint64_t nwid,const Address &member,const Dictionary &metaData,std::string &netconf,uint64_t &ts); + + Mutex _lock; + + std::string _redisHost; + std::string _redisPassword; + unsigned int _redisPort; + unsigned int _redisDatabaseNumber; + + const RuntimeEnvironment *RR; + redisContext *_rc; +}; + +} // namespace ZeroTier + +#endif // ZT_ENABLE_NETCONF_MASTER + +#endif diff --git a/node/IncomingPacket.cpp b/node/IncomingPacket.cpp index e87369c0..7bc8cc9c 100644 --- a/node/IncomingPacket.cpp +++ b/node/IncomingPacket.cpp @@ -622,29 +622,70 @@ bool IncomingPacket::_doNETWORK_CONFIG_REQUEST(const RuntimeEnvironment *RR,cons { try { uint64_t nwid = at<uint64_t>(ZT_PROTO_VERB_NETWORK_CONFIG_REQUEST_IDX_NETWORK_ID); + unsigned int metaDataLength = at<uint16_t>(ZT_PROTO_VERB_NETWORK_CONFIG_REQUEST_IDX_DICT_LEN); + Dictionary metaData((const char *)field(ZT_PROTO_VERB_NETWORK_CONFIG_REQUEST_IDX_DICT,metaDataLength),metaDataLength); + uint64_t haveTimestamp = 0; + if ((ZT_PROTO_VERB_NETWORK_CONFIG_REQUEST_IDX_DICT + metaDataLength + 8) <= size()) + haveTimestamp = at<uint64_t>(ZT_PROTO_VERB_NETWORK_CONFIG_REQUEST_IDX_DICT + metaDataLength); + + peer->received(RR,_fromSock,_remoteAddress,hops(),packetId(),Packet::VERB_NETWORK_CONFIG_REQUEST,0,Packet::VERB_NOP,Utils::now()); -#ifdef ZT_ENABLE_NETCONF_MASTER if (RR->netconfMaster) { - unsigned int metaDataLength = at<uint16_t>(ZT_PROTO_VERB_NETWORK_CONFIG_REQUEST_IDX_DICT_LEN); - Dictionary metaData((const char *)field(ZT_PROTO_VERB_NETWORK_CONFIG_REQUEST_IDX_DICT,metaDataLength),metaDataLength); - uint64_t haveTimestamp = 0; - if ((ZT_PROTO_VERB_NETWORK_CONFIG_REQUEST_IDX_DICT + metaDataLength + 8) <= size()) - haveTimestamp = at<uint64_t>(ZT_PROTO_VERB_NETWORK_CONFIG_REQUEST_IDX_DICT + metaDataLength); - RR->netconfMaster->doNetworkConfigRequest(_remoteAddress,packetId(),source(),nwid,metaData,haveTimestamp); + Dictionary netconf; + switch(RR->netconfMaster->doNetworkConfigRequest(_remoteAddress,packetId(),source(),nwid,metaData,haveTimestamp,netconf)) { + case NetworkConfigMaster::NETCONF_QUERY_OK: { + std::string netconfStr(netconf.toString()); + if (netconfStr.length() > 0xffff) { // sanity check since field ix 16-bit + LOG("NETWORK_CONFIG_REQUEST failed: internal error: netconf size %u is too large",(unsigned int)netconfStr.length()); + } else { + Packet outp(peer->address(),RR->identity.address(),Packet::VERB_OK); + outp.append((unsigned char)Packet::VERB_NETWORK_CONFIG_REQUEST); + outp.append(packetId()); + outp.append(nwid); + outp.append((uint16_t)netconfStr.length()); + outp.append(netconfStr.data(),netconfStr.length()); + outp.compress(); + if (outp.size() > ZT_PROTO_MAX_PACKET_LENGTH) { + LOG("NETWORK_CONFIG_REQUEST failed: internal error: netconf size %u is too large",(unsigned int)netconfStr.length()); + } else { + _fromSock->send(_remoteAddress,outp.data(),outp.size()); + } + } + } break; + case NetworkConfigMaster::NETCONF_QUERY_OBJECT_NOT_FOUND: { + Packet outp(peer->address(),RR->identity.address(),Packet::VERB_ERROR); + outp.append((unsigned char)Packet::VERB_NETWORK_CONFIG_REQUEST); + outp.append(packetId()); + outp.append((unsigned char)Packet::ERROR_OBJ_NOT_FOUND); + outp.append(nwid); + outp.armor(peer->key(),true); + _fromSock->send(_remoteAddress,outp.data(),outp.size()); + } break; + case NetworkConfigMaster::NETCONF_QUERY_ACCESS_DENIED: { + Packet outp(peer->address(),RR->identity.address(),Packet::VERB_ERROR); + outp.append((unsigned char)Packet::VERB_NETWORK_CONFIG_REQUEST); + outp.append(packetId()); + outp.append((unsigned char)Packet::ERROR_NETWORK_ACCESS_DENIED_); + outp.append(nwid); + outp.armor(peer->key(),true); + _fromSock->send(_remoteAddress,outp.data(),outp.size()); + } break; + case NetworkConfigMaster::NETCONF_QUERY_INTERNAL_SERVER_ERROR: + LOG("NETWORK_CONFIG_REQUEST failed: internal error: %s",netconf.get("error","(unknown)").c_str()); + break; + default: + TRACE("NETWORK_CONFIG_REQUEST failed: invalid return value from NetworkConfigMaster::doNetworkConfigRequest()"); + break; + } } else { -#endif - Packet outp(source(),RR->identity.address(),Packet::VERB_ERROR); + Packet outp(peer->address(),RR->identity.address(),Packet::VERB_ERROR); outp.append((unsigned char)Packet::VERB_NETWORK_CONFIG_REQUEST); outp.append(packetId()); outp.append((unsigned char)Packet::ERROR_UNSUPPORTED_OPERATION); outp.append(nwid); outp.armor(peer->key(),true); _fromSock->send(_remoteAddress,outp.data(),outp.size()); -#ifdef ZT_ENABLE_NETCONF_MASTER } -#endif - - peer->received(RR,_fromSock,_remoteAddress,hops(),packetId(),Packet::VERB_NETWORK_CONFIG_REQUEST,0,Packet::VERB_NOP,Utils::now()); } catch (std::exception &exc) { TRACE("dropped NETWORK_CONFIG_REQUEST from %s(%s): unexpected exception: %s",source().toString().c_str(),_remoteAddress.toString().c_str(),exc.what()); } catch ( ... ) { diff --git a/node/NetworkConfigMaster.hpp b/node/NetworkConfigMaster.hpp index f4386189..5e2ab6fc 100644 --- a/node/NetworkConfigMaster.hpp +++ b/node/NetworkConfigMaster.hpp @@ -28,108 +28,65 @@ #ifndef ZT_NETWORKCONFIGMASTER_HPP #define ZT_NETWORKCONFIGMASTER_HPP -#include "Constants.hpp" - -#define ZT_LOCAL_CONFIG_NETCONF_REDIS_HOST "netconf.redisHost" -#define ZT_LOCAL_CONFIG_NETCONF_REDIS_PORT "netconf.redisPort" -#define ZT_LOCAL_CONFIG_NETCONF_REDIS_PORT_DEFAULT 6379 -#define ZT_LOCAL_CONFIG_NETCONF_REDIS_AUTH "netconf.redisAuth" -#define ZT_LOCAL_CONFIG_NETCONF_REDIS_DBNUM "netconf.redisDatabaseNumber" -#define ZT_LOCAL_CONFIG_NETCONF_REDIS_DBNUM_DEFAULT 0 - -#ifdef ZT_ENABLE_NETCONF_MASTER - #include <stdint.h> -#include <string> -#include <map> -#include <vector> -#include "Address.hpp" -#include "Dictionary.hpp" -#include "Mutex.hpp" +#include "Constants.hpp" #include "InetAddress.hpp" - -#include <hiredis/hiredis.h> +#include "Dictionary.hpp" +#include "Address.hpp" namespace ZeroTier { class RuntimeEnvironment; /** - * Network configuration master -- responds to NETCONF requests - * - * This requires the 'hiredis' C library to build. + * Interface for network configuration (netconf) master implementations */ class NetworkConfigMaster { public: /** - * Create netconf master - * - * This doesn't connect to Redis until the first request is received. - * - * @param renv Runtime environment - * @param redisHost Hostname or IP of Redis server - * @param redisPort Redis IP port number - * @param redisPassword Redis AUTH password or NULL if none - * @param redisDatabaseNumber Redis database number (usually 0) + * Return value of doNetworkConfigRequest */ - NetworkConfigMaster( - const RuntimeEnvironment *renv, - const char *redisHost, - unsigned int redisPort, - const char *redisPassword, - unsigned int redisDatabaseNumber); + enum ResultCode + { + NETCONF_QUERY_OK = 0, + NETCONF_QUERY_OBJECT_NOT_FOUND = 1, + NETCONF_QUERY_ACCESS_DENIED = 2, + NETCONF_QUERY_INTERNAL_SERVER_ERROR = 3 + }; - ~NetworkConfigMaster(); + NetworkConfigMaster() {} + virtual ~NetworkConfigMaster() {} /** * Handle a network config request, sending replies if necessary * - * This is a blocking call, so rate is limited by Redis. It will fail - * and log its failure if the Redis server is not available or times out. + * This call is permitted to block, and may be called concurrently from more + * than one thread. Implementations must use locks if needed. + * + * On internal server errors, the 'error' field in result can be filled in + * to indicate the error. * * @param fromAddr Originating IP address * @param packetId 64-bit packet ID * @param member Originating peer ZeroTier address * @param nwid 64-bit network ID * @param metaData Meta-data bundled with request (empty if none) - * @param haveTimestamp Timestamp requesting peer has or 0 if none or not included + * @param haveTimestamp Timestamp sent by requesting peer or 0 if none + * @param result Dictionary to receive resulting signed netconf on success + * @return Returns NETCONF_QUERY_OK if result dictionary is valid, or an error code on error */ - void doNetworkConfigRequest( + virtual NetworkConfigMaster::ResultCode doNetworkConfigRequest( const InetAddress &fromAddr, uint64_t packetId, const Address &member, uint64_t nwid, const Dictionary &metaData, - uint64_t haveTimestamp); - -private: - // These assume _lock is locked - bool _reconnect(); - bool _hgetall(const char *key,Dictionary &hdata); - bool _hmset(const char *key,const Dictionary &hdata); - bool _hget(const char *key,const char *hashKey,std::string &value); - bool _hset(const char *key,const char *hashKey,const char *value); - bool _get(const char *key,std::string &value); - bool _smembers(const char *key,std::vector<std::string> &sdata); - - bool _initNewMember(uint64_t nwid,const Address &member,const Dictionary &metaData,Dictionary &memberRecord); - bool _generateNetconf(uint64_t nwid,const Address &member,const Dictionary &metaData,std::string &netconf,uint64_t &ts); - - Mutex _lock; - - std::string _redisHost; - std::string _redisPassword; - unsigned int _redisPort; - unsigned int _redisDatabaseNumber; - - const RuntimeEnvironment *RR; - redisContext *_rc; + uint64_t haveTimestamp, + Dictionary &result) = 0; }; } // namespace ZeroTier -#endif // ZT_ENABLE_NETCONF_MASTER - #endif diff --git a/node/Node.cpp b/node/Node.cpp index 20d09108..28c9ddaa 100644 --- a/node/Node.cpp +++ b/node/Node.cpp @@ -108,9 +108,7 @@ struct _NodeImpl delete renv.mc; renv.mc = (Multicaster *)0; delete renv.antiRec; renv.antiRec = (AntiRecursion *)0; delete renv.sw; renv.sw = (Switch *)0; // order matters less from here down -#ifdef ZT_ENABLE_NETCONF_MASTER delete renv.netconfMaster; renv.netconfMaster = (NetworkConfigMaster *)0; -#endif delete renv.http; renv.http = (HttpClient *)0; delete renv.prng; renv.prng = (CMWC4096 *)0; delete renv.log; renv.log = (Logger *)0; // but stop logging last of all @@ -310,21 +308,6 @@ Node::ReasonForTermination Node::run() } RR->node = this; -#ifdef ZT_ENABLE_NETCONF_MASTER - { - std::string redisHost(RR->nc->getLocalConfig(ZT_LOCAL_CONFIG_NETCONF_REDIS_HOST)); - if (redisHost.length() > 0) { - unsigned int redisPort = Utils::strToUInt(RR->nc->getLocalConfig(ZT_LOCAL_CONFIG_NETCONF_REDIS_PORT).c_str()); - if ((redisPort == 0)||(redisPort > 0xffff)) - redisPort = ZT_LOCAL_CONFIG_NETCONF_REDIS_PORT_DEFAULT; - std::string redisAuth(RR->nc->getLocalConfig(ZT_LOCAL_CONFIG_NETCONF_REDIS_AUTH)); - std::string redisDatabaseNumberStr(RR->nc->getLocalConfig(ZT_LOCAL_CONFIG_NETCONF_REDIS_DBNUM)); - unsigned int redisDatabaseNumber = (redisDatabaseNumberStr.length() > 0) ? Utils::strToUInt(redisDatabaseNumberStr.c_str()) : (unsigned int)ZT_LOCAL_CONFIG_NETCONF_REDIS_DBNUM_DEFAULT; - RR->netconfMaster = new NetworkConfigMaster(RR,redisHost.c_str(),redisPort,redisAuth.c_str(),redisDatabaseNumber); - } - } -#endif - #ifdef ZT_AUTO_UPDATE if (ZT_DEFAULTS.updateLatestNfoURL.length()) { RR->updater = new SoftwareUpdater(RR); @@ -17,7 +17,6 @@ OBJS=\ node/Multicaster.o \ node/Network.o \ node/NetworkConfig.o \ - node/NetworkConfigMaster.o \ node/Node.o \ node/NodeConfig.o \ node/OutboundMulticast.o \ |