4 files changed, 80 insertions, 46 deletions
diff --git a/node/IncomingPacket.cpp b/node/IncomingPacket.cpp
index 2abd8840..84df7de3 100644
--- a/node/IncomingPacket.cpp
+++ b/node/IncomingPacket.cpp
@@ -681,12 +681,18 @@ bool IncomingPacket::_doNETWORK_CONFIG_REQUEST(const RuntimeEnvironment *RR,cons
 		const unsigned int metaDataLength = at<uint16_t>(ZT_PROTO_VERB_NETWORK_CONFIG_REQUEST_IDX_DICT_LEN);
 		const uint8_t *metaDataBytes = (const uint8_t *)field(ZT_PROTO_VERB_NETWORK_CONFIG_REQUEST_IDX_DICT,metaDataLength);
 
-		NetworkConfigRequestMetaData metaData(false);
-		try {
-			Buffer<8194> md(metaDataBytes,metaDataLength);
-			metaData.deserialize(md,0);
-		} catch ( ... ) { // will throw if new-style meta-data is missing or invalid
-			metaData.clear();
+		NetworkConfigRequestMetaData metaData;
+		bool haveNewStyleMetaData = false;
+		for(unsigned int i=0;i<metaDataLength;++i) {
+			if ((metaDataBytes[i] == 0)&&(i < (metaDataLength - 2))) {
+				haveNewStyleMetaData = true;
+				break;
+			}
+		}
+		if (haveNewStyleMetaData) {
+			Buffer<4096> md(metaDataBytes,metaDataLength);
+			metaData.deserialize(md,0); // the meta-data deserializer automatically skips old-style meta-data
+		} else {
 #ifdef ZT_SUPPORT_OLD_STYLE_NETCONF
 			const Dictionary oldStyleMetaData((const char *)metaDataBytes,metaDataLength);
 			metaData.majorVersion = (unsigned int)oldStyleMetaData.getHexUInt(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_NODE_MAJOR_VERSION,0);
diff --git a/node/Network.cpp b/node/Network.cpp
index a4384dfd..8e9aecbd 100644
--- a/node/Network.cpp
+++ b/node/Network.cpp
@@ -256,20 +256,16 @@ void Network::requestConfiguration()
 
 	TRACE("requesting netconf for network %.16llx from controller %s",(unsigned long long)_id,controller().toString().c_str());
 
-	// TODO: in the future we will include things like join tokens here, etc.
-	Dictionary metaData;
-	metaData.setHex(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_NODE_MAJOR_VERSION,ZEROTIER_ONE_VERSION_MAJOR);
-	metaData.setHex(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_NODE_MINOR_VERSION,ZEROTIER_ONE_VERSION_MINOR);
-	metaData.setHex(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_NODE_REVISION,ZEROTIER_ONE_VERSION_REVISION);
-	std::string mds(metaData.toString());
+	NetworkConfigRequestMetaData metaData;
+	metaData.initWithDefaults();
+	Buffer<4096> mds;
+	metaData.serialize(mds); // this always includes legacy fields to support old controllers
 
 	Packet outp(controller(),RR->identity.address(),Packet::VERB_NETWORK_CONFIG_REQUEST);
 	outp.append((uint64_t)_id);
-	outp.append((uint16_t)mds.length());
-	outp.append((const void *)mds.data(),(unsigned int)mds.length());
-	if (_config)
-		outp.append((uint64_t)_config.revision);
-	else outp.append((uint64_t)0);
+	outp.append((uint16_t)mds.size());
+	outp.append(mds.data(),mds.size());
+	outp.append((_config) ? (uint64_t)_config.revision : (uint64_t)0);
 	RR->sw->send(outp,true,0);
 }
 
diff --git a/node/NetworkConfig.hpp b/node/NetworkConfig.hpp
index 5af2c9e7..1bbf6506 100644
--- a/node/NetworkConfig.hpp
+++ b/node/NetworkConfig.hpp
@@ -460,6 +460,11 @@ public:
 					b.append((uint16_t)rules[i].v.frameSize[0]);
 					b.append((uint16_t)rules[i].v.frameSize[1]);
 					break;
+				case ZT_NETWORK_RULE_MATCH_TCP_RELATIVE_SEQUENCE_NUMBER_RANGE:
+					b.append((uint8_t)8);
+					b.append((uint32_t)rules[i].v.tcpseq[0]);
+					b.append((uint32_t)rules[i].v.tcpseq[1]);
+					break;
 			}
 		}
 
@@ -585,6 +590,10 @@ public:
 					rules[i].v.frameSize[0] = b.template at<uint16_t>(p);
 					rules[i].v.frameSize[1] = b.template at<uint16_t>(p+2);
 					break;
+				case ZT_NETWORK_RULE_MATCH_TCP_RELATIVE_SEQUENCE_NUMBER_RANGE:
+					rules[i].v.tcpseq[0] = b.template at<uint32_t>(p);
+					rules[i].v.tcpseq[1] = b.template at<uint32_t>(p + 4);
+					break;
 			}
 			p += rlen;
 		}
diff --git a/node/NetworkConfigRequestMetaData.hpp b/node/NetworkConfigRequestMetaData.hpp
index 6c6f2543..831ca63a 100644
--- a/node/NetworkConfigRequestMetaData.hpp
+++ b/node/NetworkConfigRequestMetaData.hpp
@@ -26,9 +26,17 @@
 #include "Constants.hpp"
 #include "NetworkConfig.hpp"
 #include "Buffer.hpp"
+#include "Packet.hpp"
 
 #include "../version.h"
 
+/**
+ * Maximum length of the auth field (including terminating NULL, since it's a C-style string)
+ *
+ * Actual max length not including NULL is this minus one.
+ */
+#define ZT_NETWORK_CONFIG_REQUEST_METADATA_MAX_AUTH_LENGTH 2048
+
 namespace ZeroTier {
 
 /**
@@ -37,20 +45,33 @@ namespace ZeroTier {
 class NetworkConfigRequestMetaData
 {
 public:
-	NetworkConfigRequestMetaData() :
-		buildId(0),
-		flags(0),
-		vendor(ZT_VENDOR_ZEROTIER),
-		platform(ZT_PLATFORM_UNSPECIFIED),
-		architecture(ZT_ARCHITECTURE_UNSPECIFIED),
-		majorVersion(ZEROTIER_ONE_VERSION_MAJOR),
-		minorVersion(ZEROTIER_ONE_VERSION_MINOR),
-		revision(ZEROTIER_ONE_VERSION_REVISION)
+	/**
+	 * Construct an empty meta-data object with zero/null values
+	 */
+	NetworkConfigRequestMetaData()
+	{
+		memset(this,0,sizeof(NetworkConfigRequestMetaData));
+	}
+
+	/**
+	 * Initialize with defaults from this node's config and version
+	 */
+	inline void initWithDefaults()
 	{
-		memset(auth,0,sizeof(auth));
+		memset(this,0,sizeof(NetworkConfigRequestMetaData));
+		vendor = ZT_VENDOR_ZEROTIER;
+		platform = ZT_PLATFORM_UNSPECIFIED;
+		architecture = ZT_ARCHITECTURE_UNSPECIFIED;
+		majorVersion = ZEROTIER_ONE_VERSION_MAJOR;
+		minorVersion = ZEROTIER_ONE_VERSION_MINOR;
+		revision = ZEROTIER_ONE_VERSION_REVISION;
+		protocolVersion = ZT_PROTO_VERSION;
 	}
 
-	NetworkConfigRequestMetaData(bool foo)
+	/**
+	 * Zero/null everything
+	 */
+	inline void clear()
 	{
 		memset(this,0,sizeof(NetworkConfigRequestMetaData));
 	}
@@ -58,13 +79,15 @@ public:
 	template<unsigned int C>
 	inline void serialize(Buffer<C> &b) const
 	{
-		// Unlike network config we always send the old fields. Newer network
-		// controllers will detect the presence of the new serialized data by
-		// detecting extra data after the terminating NULL. But always sending
-		// these maintains backward compatibility with old controllers.
-		b.appendCString("majv="ZEROTIER_ONE_VERSION_MAJOR_S"\nminv="ZEROTIER_ONE_VERSION_MINOR_S"\nrevv="ZEROTIER_ONE_VERSION_REVISION_S"\n");
+		/* Unlike network config we always send the old fields. Newer network
+		 * controllers will detect the presence of the new serialized data by
+		 * detecting extra data after the terminating NULL. But always sending
+		 * these maintains backward compatibility with old controllers. This
+		 * appends a terminating NULL which seperates the old legacy meta-data
+		 * from the new packed binary format that we send after. */
+		b.appendCString("majv="ZEROTIER_ONE_VERSION_MAJOR_S_HEX"\nminv="ZEROTIER_ONE_VERSION_MINOR_S_HEX"\nrevv="ZEROTIER_ONE_VERSION_REVISION_S_HEX"\n");
 
-		b.append((uint16_t)1); // version
+		b.append((uint16_t)1); // serialization version
 
 		b.append((uint64_t)buildId);
 		b.append((uint64_t)flags);
@@ -74,10 +97,10 @@ public:
 		b.append((uint16_t)majorVersion);
 		b.append((uint16_t)minorVersion);
 		b.append((uint16_t)revision);
+		b.append((uint16_t)protocolVersion);
 
-		unsigned int tl = (unsigned int)strlen(auth);
-		if (tl > 255) tl = 255; // sanity check
-		b.append((uint8_t)tl);
+		const unsigned int tl = strlen(auth);
+		b.append((uint16_t)tl);
 		b.append((const void *)auth,tl);
 
 		b.append((uint16_t)0); // extended bytes, currently 0 since unused
@@ -105,10 +128,10 @@ public:
 		majorVersion = b.template at<uint16_t>(p); p += 2;
 		minorVersion = b.template at<uint16_t>(p); p += 2;
 		revision = b.template at<uint16_t>(p); p += 2;
+		protocolVersion = b.template at<uint16_t>(p); p += 2;
 
-		unsigned int tl = (unsigned int)b[p++];
-		memcpy(auth,b.field(p,tl),std::max(tl,(unsigned int)ZT_MAX_NETWORK_SHORT_NAME_LENGTH));
-		// auth[] is ZT_MAX_NETWORK_SHORT_NAME_LENGTH + 1 and so will always end up null-terminated since we zeroed the structure
+		const unsigned int tl = b.template at<uint16_t>(p); p += 2;
+		memcpy(auth,b.field(p,tl),std::max(tl,(unsigned int)(ZT_NETWORK_CONFIG_REQUEST_METADATA_MAX_AUTH_LENGTH - 1)));
 		p += tl;
 
 		p += b.template at<uint16_t>(p) + 2;
@@ -116,10 +139,10 @@ public:
 		return (p - startAt);
 	}
 
-	inline void clear()
-	{
-		memset(this,0,sizeof(NetworkConfigRequestMetaData));
-	}
+	/**
+	 * Authentication data (e.g. bearer=<token>) as a C-style string (always null terminated)
+	 */
+	char auth[ZT_NETWORK_CONFIG_REQUEST_METADATA_MAX_AUTH_LENGTH];
 
 	/**
 	 * Build ID (currently unused, must be 0)
@@ -162,9 +185,9 @@ public:
 	unsigned int revision;
 
 	/**
-	 * Authentication data (e.g. bearer=<token>)
+	 * ZeroTier protocol version
 	 */
-	char auth[ZT_MAX_NETWORK_SHORT_NAME_LENGTH + 1];
+	unsigned int protocolVersion;
 };
 
 } // namespace ZeroTier