From 036bbfaff9b5ad7a04e91b03b38688f5d03a878c Mon Sep 17 00:00:00 2001 From: root Date: Mon, 7 Dec 2015 03:21:46 -0800 Subject: Modified test scripts to match new naming conventions --- make-linux.mk | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'make-linux.mk') diff --git a/make-linux.mk b/make-linux.mk index 2e823993..78c74253 100644 --- a/make-linux.mk +++ b/make-linux.mk @@ -97,6 +97,14 @@ one: $(OBJS) one.o ln -sf zerotier-one zerotier-idtool ln -sf zerotier-one zerotier-cli +netcon: $(OBJS) one.o + # Need to selectively rebuild one.cpp and OneService.cpp with ZT_SERVICE_NETCON and ZT_ONE_NO_ROOT_CHECK defined, and also NetconEthernetTap + $(CXX) $(CXXFLAGS) $(LDFLAGS) -DZT_SERVICE_NETCON -DZT_ONE_NO_ROOT_CHECK -o zerotier-netcon-service $(OBJS) one.o $(LDLIBS) -ldl + # Build netcon/liblwip.so which must be placed in ZT home for zerotier-netcon-service to work + cd netcon ; make -f make-liblwip.mk + # Use gcc not clang to build standalone intercept library since gcc is typically used for libc and we want to ensure maximal ABI compatibility + cd netcon ; gcc -g -O2 -Wall -std=c99 -fPIC -DVERBOSE -DDEBUG_RPC -DCHECKS -D_GNU_SOURCE -DNETCON_INTERCEPT -I. -nostdlib -shared -o ../libzerotierintercept.so Intercept.c + selftest: $(OBJS) selftest.o $(CXX) $(CXXFLAGS) $(LDFLAGS) -o zerotier-selftest selftest.o $(OBJS) $(LDLIBS) $(STRIP) zerotier-selftest @@ -105,7 +113,7 @@ installer: one FORCE ./ext/installfiles/linux/buildinstaller.sh clean: - rm -rf *.o node/*.o controller/*.o osdep/*.o service/*.o ext/http-parser/*.o ext/lz4/*.o ext/json-parser/*.o $(OBJS) zerotier-one zerotier-idtool zerotier-cli zerotier-selftest build-* ZeroTierOneInstaller-* *.deb *.rpm + rm -rf *.o node/*.o controller/*.o osdep/*.o service/*.o ext/http-parser/*.o ext/lz4/*.o ext/json-parser/*.o $(OBJS) zerotier-netcon-service zerotier-one zerotier-idtool zerotier-cli zerotier-selftest build-* ZeroTierOneInstaller-* *.deb *.rpm # Remove files from all the funny places we put them for tests find netcon -type f \( -name '*.o' -o -name '*.so' -o -name '*.1.0' -o -name 'zerotier-one' -o -name 'zerotier-cli' \) -delete find netcon/docker-test -name "zerotier-intercept" -type f -delete -- cgit v1.2.3 From dab13f59e5b84ec4b6eb486dfc6dd8b61656646f Mon Sep 17 00:00:00 2001 From: Joseph Henry Date: Mon, 7 Dec 2015 05:37:14 -0800 Subject: Test updates --- make-linux.mk | 4 ++-- netcon/docker-test/_build_single_image.sh | 11 ++++------- netcon/docker-test/build_zt.sh | 4 ++-- .../httpd/httpd-2.4.16-1.fc23.x86_64/netcon_dockerfile | 7 +++---- .../httpd-2.4.16-1.fc23.x86_64/netcon_entrypoint.sh | 4 ++-- .../httpd/httpd-2.4.17-3.fc23.x86_64/netcon_dockerfile | 7 +++---- .../httpd-2.4.17-3.fc23.x86_64/netcon_entrypoint.sh | 4 ++-- netcon/docker-test/httpd/httpd_demo/netcon_dockerfile | 7 +++---- .../nginx/nginx-1.8.0-13.fc23.x86_64/netcon_dockerfile | 7 +++---- .../nginx-1.8.0-13.fc23.x86_64/netcon_entrypoint.sh | 4 ++-- .../nginx/nginx-1.8.0-14.fc23.x86_64/netcon_dockerfile | 7 +++---- .../nginx-1.8.0-14.fc23.x86_64/netcon_entrypoint.sh | 4 ++-- .../nginx/nginx-1.8.0-ub14.x86_64/netcon_dockerfile | 7 +++---- .../nginx/nginx-1.8.0-ub14.x86_64/netcon_entrypoint.sh | 4 ++-- .../nodejs/nodejs-0.10.36-4.fc23/netcon_dockerfile | 7 +++---- .../nodejs/nodejs-0.10.36-4.fc23/netcon_entrypoint.sh | 4 ++-- .../redis/redis-3.0.4-1.fc23.x86_64/_two_party_test.sh | 17 ----------------- .../redis/redis-3.0.4-1.fc23.x86_64/netcon_dockerfile | 7 +++---- .../redis-3.0.4-1.fc23.x86_64/netcon_entrypoint.sh | 4 ++-- .../netcon_dockerfile | 7 +++---- netcon/docker-test/zerotier-netcon-service | Bin 747928 -> 0 bytes netcon/make-intercept.mk | 5 +---- 22 files changed, 50 insertions(+), 82 deletions(-) delete mode 100755 netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/_two_party_test.sh delete mode 100755 netcon/docker-test/zerotier-netcon-service (limited to 'make-linux.mk') diff --git a/make-linux.mk b/make-linux.mk index 78c74253..98d47f1f 100644 --- a/make-linux.mk +++ b/make-linux.mk @@ -113,9 +113,9 @@ installer: one FORCE ./ext/installfiles/linux/buildinstaller.sh clean: - rm -rf *.o node/*.o controller/*.o osdep/*.o service/*.o ext/http-parser/*.o ext/lz4/*.o ext/json-parser/*.o $(OBJS) zerotier-netcon-service zerotier-one zerotier-idtool zerotier-cli zerotier-selftest build-* ZeroTierOneInstaller-* *.deb *.rpm + rm -rf *.so *.o node/*.o controller/*.o osdep/*.o service/*.o ext/http-parser/*.o ext/lz4/*.o ext/json-parser/*.o $(OBJS) zerotier-one zerotier-idtool zerotier-cli zerotier-selftest build-* ZeroTierOneInstaller-* *.deb *.rpm # Remove files from all the funny places we put them for tests - find netcon -type f \( -name '*.o' -o -name '*.so' -o -name '*.1.0' -o -name 'zerotier-one' -o -name 'zerotier-cli' \) -delete + find netcon -type f \( -name '*.o' -o -name '*.so' -o -name '*.1.0' -o -name 'zerotier-one' -o -name 'zerotier-cli' -o -name 'zerotier-netcon-service' \) -delete find netcon/docker-test -name "zerotier-intercept" -type f -delete debug: FORCE diff --git a/netcon/docker-test/_build_single_image.sh b/netcon/docker-test/_build_single_image.sh index f18a83a4..c11f611c 100755 --- a/netcon/docker-test/_build_single_image.sh +++ b/netcon/docker-test/_build_single_image.sh @@ -10,7 +10,7 @@ cp ../../zerotier-one zerotier-one cp ../../zerotier-cli zerotier-cli cp ../../zerotier-cli zerotier-netcon-service cp ../../zerotier-intercept zerotier-intercept -cp ../../libzerotierintercept.so.1.0 libzerotierintercept.so.1.0 +cp ../../libzerotierintercept.so libzerotierintercept.so cp ../../liblwip.so liblwip.so cp ../../netcon_identity.public netcon_identity.public cp ../../netcon_identity.secret netcon_identity.secret @@ -24,11 +24,8 @@ rm -f zerotier-one rm -f zerotier-cli rm -f zerotier-netcon-service rm -f zerotier-intercept -rm -f libzerotierintercept.so.1.0 -rm -f liblwip.so -rm -f netcon_identity.public -rm -f netcon_identity.secret -rm -f monitor_identity.public -rm -f monitor_identity.secret +rm -f *.so +rm -f *.public +rm -f *.secret rm -f *.conf rm -f *.name \ No newline at end of file diff --git a/netcon/docker-test/build_zt.sh b/netcon/docker-test/build_zt.sh index 0c707670..11fd0316 100755 --- a/netcon/docker-test/build_zt.sh +++ b/netcon/docker-test/build_zt.sh @@ -13,9 +13,9 @@ cd netcon/docker-test cp ../../zerotier-one zerotier-one cp ../../zerotier-cli zerotier-cli -cp ../../zerotier-cli zerotier-netcon-service +cp ../../zerotier-netcon-service zerotier-netcon-service +cp ../../libzerotierintercept.so libzerotierintercept.so cp ../liblwip.so liblwip.so -cp ../libzerotierintercept.so.1.0 libzerotierintercept.so.1.0 cp ../zerotier-intercept zerotier-intercept diff --git a/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_dockerfile b/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_dockerfile index 1a241c56..f0c6260d 100644 --- a/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_dockerfile +++ b/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_dockerfile @@ -22,10 +22,9 @@ ADD liblwip.so /var/lib/zerotier-one/liblwip.so # Install syscall intercept library ADD zerotier-intercept / -ADD libzerotierintercept.so.1.0 / -RUN cp libzerotierintercept.so.1.0 lib/libzerotierintercept.so.1.0 -RUN cp libzerotierintercept.so.1.0 /lib/libzerotierintercept.so.1.0 -RUN ln -sf /lib/libzerotierintercept.so.1.0 /lib/libzerotierintercept +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept RUN /usr/bin/install -c zerotier-intercept /usr/bin ADD zerotier-one / diff --git a/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_entrypoint.sh b/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_entrypoint.sh index 095aecd7..0ed4d331 100644 --- a/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_entrypoint.sh +++ b/netcon/docker-test/httpd/httpd-2.4.16-1.fc23.x86_64/netcon_entrypoint.sh @@ -18,8 +18,8 @@ tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" # --- Network Config --- echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-netcon-service -chgrp -R daemon /var/lib/zerotier-netcon-service +chown -R daemon /var/lib/zerotier-one +chgrp -R daemon /var/lib/zerotier-one su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' virtip4="" while [ -z "$virtip4" ]; do diff --git a/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_dockerfile b/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_dockerfile index 8fdd7fe0..d946e2fd 100644 --- a/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_dockerfile +++ b/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_dockerfile @@ -22,10 +22,9 @@ ADD liblwip.so /var/lib/zerotier-one/liblwip.so # Install syscall intercept library ADD zerotier-intercept / -ADD libzerotierintercept.so.1.0 / -RUN cp libzerotierintercept.so.1.0 lib/libzerotierintercept.so.1.0 -RUN cp libzerotierintercept.so.1.0 /lib/libzerotierintercept.so.1.0 -RUN ln -sf /lib/libzerotierintercept.so.1.0 /lib/libzerotierintercept +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept RUN /usr/bin/install -c zerotier-intercept /usr/bin ADD zerotier-one / diff --git a/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_entrypoint.sh b/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_entrypoint.sh index db98e9f6..77439e0c 100644 --- a/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_entrypoint.sh +++ b/netcon/docker-test/httpd/httpd-2.4.17-3.fc23.x86_64/netcon_entrypoint.sh @@ -19,8 +19,8 @@ tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" # --- Network Config --- echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-netcon-service -chgrp -R daemon /var/lib/zerotier-netcon-service +chown -R daemon /var/lib/zerotier-one +chgrp -R daemon /var/lib/zerotier-one su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' virtip4="" while [ -z "$virtip4" ]; do diff --git a/netcon/docker-test/httpd/httpd_demo/netcon_dockerfile b/netcon/docker-test/httpd/httpd_demo/netcon_dockerfile index be9d3f3f..a193863f 100644 --- a/netcon/docker-test/httpd/httpd_demo/netcon_dockerfile +++ b/netcon/docker-test/httpd/httpd_demo/netcon_dockerfile @@ -17,10 +17,9 @@ RUN mv ZeroTierIcon.png /var/www/html/ZeroTierIcon.png # Install syscall intercept library ADD zerotier-intercept / -ADD libzerotierintercept.so.1.0 / -RUN cp libzerotierintercept.so.1.0 lib/libzerotierintercept.so.1.0 -RUN cp libzerotierintercept.so.1.0 /lib/libzerotierintercept.so.1.0 -RUN ln -sf /lib/libzerotierintercept.so.1.0 /lib/libzerotierintercept +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept RUN /usr/bin/install -c zerotier-intercept /usr/bin # Add ZT files diff --git a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_dockerfile b/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_dockerfile index a513553c..53541b3e 100644 --- a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_dockerfile +++ b/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_dockerfile @@ -22,10 +22,9 @@ ADD liblwip.so /var/lib/zerotier-one/liblwip.so # Install syscall intercept library ADD zerotier-intercept / -ADD libzerotierintercept.so.1.0 / -RUN cp libzerotierintercept.so.1.0 lib/libzerotierintercept.so.1.0 -RUN cp libzerotierintercept.so.1.0 /lib/libzerotierintercept.so.1.0 -RUN ln -sf /lib/libzerotierintercept.so.1.0 /lib/libzerotierintercept +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept RUN /usr/bin/install -c zerotier-intercept /usr/bin ADD zerotier-one / diff --git a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_entrypoint.sh b/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_entrypoint.sh index 9967fb4e..3f84f5e5 100644 --- a/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_entrypoint.sh +++ b/netcon/docker-test/nginx/nginx-1.8.0-13.fc23.x86_64/netcon_entrypoint.sh @@ -19,8 +19,8 @@ tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" # --- Network Config --- echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-netcon-service -chgrp -R daemon /var/lib/zerotier-netcon-service +chown -R daemon /var/lib/zerotier-one +chgrp -R daemon /var/lib/zerotier-one su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' virtip4="" while [ -z "$virtip4" ]; do diff --git a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_dockerfile b/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_dockerfile index 70986d7b..b6678998 100644 --- a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_dockerfile +++ b/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_dockerfile @@ -22,10 +22,9 @@ ADD liblwip.so /var/lib/zerotier-one/liblwip.so # Install syscall intercept library ADD zerotier-intercept / -ADD libzerotierintercept.so.1.0 / -RUN cp libzerotierintercept.so.1.0 lib/libzerotierintercept.so.1.0 -RUN cp libzerotierintercept.so.1.0 /lib/libzerotierintercept.so.1.0 -RUN ln -sf /lib/libzerotierintercept.so.1.0 /lib/libzerotierintercept +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept RUN /usr/bin/install -c zerotier-intercept /usr/bin ADD zerotier-one / diff --git a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_entrypoint.sh b/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_entrypoint.sh index 9967fb4e..3f84f5e5 100644 --- a/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_entrypoint.sh +++ b/netcon/docker-test/nginx/nginx-1.8.0-14.fc23.x86_64/netcon_entrypoint.sh @@ -19,8 +19,8 @@ tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" # --- Network Config --- echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-netcon-service -chgrp -R daemon /var/lib/zerotier-netcon-service +chown -R daemon /var/lib/zerotier-one +chgrp -R daemon /var/lib/zerotier-one su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' virtip4="" while [ -z "$virtip4" ]; do diff --git a/netcon/docker-test/nginx/nginx-1.8.0-ub14.x86_64/netcon_dockerfile b/netcon/docker-test/nginx/nginx-1.8.0-ub14.x86_64/netcon_dockerfile index 5653fa7c..25e2d90e 100644 --- a/netcon/docker-test/nginx/nginx-1.8.0-ub14.x86_64/netcon_dockerfile +++ b/netcon/docker-test/nginx/nginx-1.8.0-ub14.x86_64/netcon_dockerfile @@ -25,10 +25,9 @@ ADD liblwip.so /var/lib/zerotier-one/liblwip.so # Install syscall intercept library ADD zerotier-intercept / -ADD libzerotierintercept.so.1.0 / -RUN cp libzerotierintercept.so.1.0 lib/libzerotierintercept.so.1.0 -RUN cp libzerotierintercept.so.1.0 /lib/libzerotierintercept.so.1.0 -RUN ln -sf /lib/libzerotierintercept.so.1.0 /lib/libzerotierintercept +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept RUN /usr/bin/install -c zerotier-intercept /usr/bin ADD zerotier-one / diff --git a/netcon/docker-test/nginx/nginx-1.8.0-ub14.x86_64/netcon_entrypoint.sh b/netcon/docker-test/nginx/nginx-1.8.0-ub14.x86_64/netcon_entrypoint.sh index 9967fb4e..3f84f5e5 100644 --- a/netcon/docker-test/nginx/nginx-1.8.0-ub14.x86_64/netcon_entrypoint.sh +++ b/netcon/docker-test/nginx/nginx-1.8.0-ub14.x86_64/netcon_entrypoint.sh @@ -19,8 +19,8 @@ tx_md5sumfile="$file_path"tx_"$bigfile_name"_md5sum"$tmp_ext" # --- Network Config --- echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-netcon-service -chgrp -R daemon /var/lib/zerotier-netcon-service +chown -R daemon /var/lib/zerotier-one +chgrp -R daemon /var/lib/zerotier-one su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' virtip4="" while [ -z "$virtip4" ]; do diff --git a/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_dockerfile b/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_dockerfile index fc57dfae..b8f9fa78 100644 --- a/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_dockerfile +++ b/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_dockerfile @@ -25,10 +25,9 @@ ADD httpserver.js / # Install syscall intercept library ADD zerotier-intercept / -ADD libzerotierintercept.so.1.0 / -RUN cp libzerotierintercept.so.1.0 lib/libzerotierintercept.so.1.0 -RUN cp libzerotierintercept.so.1.0 /lib/libzerotierintercept.so.1.0 -RUN ln -sf /lib/libzerotierintercept.so.1.0 /lib/libzerotierintercept +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept RUN /usr/bin/install -c zerotier-intercept /usr/bin ADD zerotier-one / diff --git a/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_entrypoint.sh b/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_entrypoint.sh index 9d485c2a..324ebc8a 100644 --- a/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_entrypoint.sh +++ b/netcon/docker-test/nodejs/nodejs-0.10.36-4.fc23/netcon_entrypoint.sh @@ -16,8 +16,8 @@ address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host an # --- Network Config --- echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-netcon-service -chgrp -R daemon /var/lib/zerotier-netcon-service +chown -R daemon /var/lib/zerotier-one +chgrp -R daemon /var/lib/zerotier-one su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' virtip4="" while [ -z "$virtip4" ]; do diff --git a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/_two_party_test.sh b/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/_two_party_test.sh deleted file mode 100755 index 164b0b2e..00000000 --- a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/_two_party_test.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash - -# Runs test image and monitor image as daemons - -test_name=${PWD##*/} -echo 'Building dockerfiles for test: ' "$test_name" -touch "$test_name".name - -# Start netcon container to be tested -test_container=$(docker run -d -it -v $PWD/../../_results:/opt/results --device=/dev/net/tun "$test_name":latest) -monitor_container=$(docker run -d -it -v $PWD/../../_results:/opt/results --device=/dev/net/tun "$test_name"_monitor:latest) - -echo "waiting $netcon_test_wait_time for test to complete." -sleep $netcon_test_wait_time -docker stop $(docker ps -a -q) -docker rm $test_container -docker rm $monitor_container \ No newline at end of file diff --git a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_dockerfile b/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_dockerfile index f7df2ecf..25b860b2 100644 --- a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_dockerfile +++ b/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_dockerfile @@ -22,10 +22,9 @@ ADD liblwip.so /var/lib/zerotier-one/liblwip.so # Install syscall intercept library ADD zerotier-intercept / -ADD libzerotierintercept.so.1.0 / -RUN cp libzerotierintercept.so.1.0 lib/libzerotierintercept.so.1.0 -RUN cp libzerotierintercept.so.1.0 /lib/libzerotierintercept.so.1.0 -RUN ln -sf /lib/libzerotierintercept.so.1.0 /lib/libzerotierintercept +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept RUN /usr/bin/install -c zerotier-intercept /usr/bin ADD zerotier-one / diff --git a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_entrypoint.sh b/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_entrypoint.sh index ee37bd80..0b8fc7a7 100644 --- a/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_entrypoint.sh +++ b/netcon/docker-test/redis/redis-3.0.4-1.fc23.x86_64/netcon_entrypoint.sh @@ -16,8 +16,8 @@ address_file="$file_path$test_name"_addr"$tmp_ext" # file shared between host an # --- Network Config --- echo '*** ZeroTier Network Containers Test: ' "$test_name" -chown -R daemon /var/lib/zerotier-netcon-service -chgrp -R daemon /var/lib/zerotier-netcon-service +chown -R daemon /var/lib/zerotier-one +chgrp -R daemon /var/lib/zerotier-one su daemon -s /bin/bash -c '/zerotier-netcon-service -d -U -p9993 >>/tmp/zerotier-netcon-service.out 2>&1' virtip4="" while [ -z "$virtip4" ]; do diff --git a/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/netcon_dockerfile b/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/netcon_dockerfile index e64c72bb..052d6303 100644 --- a/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/netcon_dockerfile +++ b/netcon/docker-test/sshd/openssh-server-7.1p1-3.fc23.x86_64/netcon_dockerfile @@ -22,10 +22,9 @@ ADD liblwip.so /var/lib/zerotier-one/liblwip.so # Install syscall intercept library ADD zerotier-intercept / -ADD libzerotierintercept.so.1.0 / -RUN cp libzerotierintercept.so.1.0 lib/libzerotierintercept.so.1.0 -RUN cp libzerotierintercept.so.1.0 /lib/libzerotierintercept.so.1.0 -RUN ln -sf /lib/libzerotierintercept.so.1.0 /lib/libzerotierintercept +ADD libzerotierintercept.so / +RUN cp libzerotierintercept.so lib/libzerotierintercept.so +RUN ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept RUN /usr/bin/install -c zerotier-intercept /usr/bin ADD zerotier-one / diff --git a/netcon/docker-test/zerotier-netcon-service b/netcon/docker-test/zerotier-netcon-service deleted file mode 100755 index 24427ac6..00000000 Binary files a/netcon/docker-test/zerotier-netcon-service and /dev/null differ diff --git a/netcon/make-intercept.mk b/netcon/make-intercept.mk index e81914a6..14fe3534 100644 --- a/netcon/make-intercept.mk +++ b/netcon/make-intercept.mk @@ -30,17 +30,14 @@ SHCC=gcc intercept_CFLAGS = -c -fPIC -g -O2 -Wall -std=c99 -DVERBOSE -DDEBUG_RPC -DCHECKS -D_GNU_SOURCE -DNETCON_INTERCEPT #LIB_NAME = intercept SHLIB_EXT=dylib -SHLIB_MAJOR = 1 -SHLIB_MINOR = 8 COMMON = Common OBJS= Intercept.o -#SHLIB = ${LIB_NAME}.${SHLIB_EXT}.${SHLIB_MAJOR}.${SHLIB_MINOR} SHLDFLAGS = -g -O2 -Wall -I. -nostdlib -shared LIBS = -ldl -lc -lrt -lpthread lib: ${SHCC} $(intercept_CFLAGS) -I. Intercept.c -o Intercept.o - ${SHCC} $(SHLDFLAGS) Intercept.o -o libzerotierintercept.so.1.0 $(LIBS) + ${SHCC} $(SHLDFLAGS) Intercept.o -o libzerotierintercept.so $(LIBS) install: cp ../libzerotierintercept.so /lib/libzerotierintercept.so -- cgit v1.2.3 From 48d9708abe108fe40abe534963eab6ac8b553114 Mon Sep 17 00:00:00 2001 From: Joseph Henry Date: Mon, 7 Dec 2015 06:54:13 -0800 Subject: Combined make-linux.mk and make-intercept.mk's installer section --- make-linux.mk | 12 +++- netcon/README.md | 6 +- netcon/README.orig.md | 139 ----------------------------------------------- netcon/make-intercept.mk | 50 ----------------- 4 files changed, 15 insertions(+), 192 deletions(-) delete mode 100644 netcon/README.orig.md delete mode 100644 netcon/make-intercept.mk (limited to 'make-linux.mk') diff --git a/make-linux.mk b/make-linux.mk index 98d47f1f..0ae6c367 100644 --- a/make-linux.mk +++ b/make-linux.mk @@ -99,12 +99,22 @@ one: $(OBJS) one.o netcon: $(OBJS) one.o # Need to selectively rebuild one.cpp and OneService.cpp with ZT_SERVICE_NETCON and ZT_ONE_NO_ROOT_CHECK defined, and also NetconEthernetTap - $(CXX) $(CXXFLAGS) $(LDFLAGS) -DZT_SERVICE_NETCON -DZT_ONE_NO_ROOT_CHECK -o zerotier-netcon-service $(OBJS) one.o $(LDLIBS) -ldl + $(CXX) $(CXXFLAGS) $(LDFLAGS) -DZT_SERVICE_NETCON -DZT_ONE_NO_ROOT_CHECK -o zerotier-netcon-service $(OBJS) one.o $(LDLIBS) -ldl # Build netcon/liblwip.so which must be placed in ZT home for zerotier-netcon-service to work cd netcon ; make -f make-liblwip.mk # Use gcc not clang to build standalone intercept library since gcc is typically used for libc and we want to ensure maximal ABI compatibility cd netcon ; gcc -g -O2 -Wall -std=c99 -fPIC -DVERBOSE -DDEBUG_RPC -DCHECKS -D_GNU_SOURCE -DNETCON_INTERCEPT -I. -nostdlib -shared -o ../libzerotierintercept.so Intercept.c +install-intercept: + cp libzerotierintercept.so /lib/libzerotierintercept.so + ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept + /usr/bin/install -c netcon/zerotier-intercept /usr/bin + +uninstall-intercept: + rm -r /lib/libzerotierintercept.so + rm -r /lib/libzerotierintercept + rm -r /usr/bin/zerotier-intercept + selftest: $(OBJS) selftest.o $(CXX) $(CXXFLAGS) $(LDFLAGS) -o zerotier-selftest selftest.o $(OBJS) $(LDLIBS) $(STRIP) zerotier-selftest diff --git a/netcon/README.md b/netcon/README.md index 59976817..56bc5302 100644 --- a/netcon/README.md +++ b/netcon/README.md @@ -42,6 +42,7 @@ It is *likely* to work with other things but there are no guarantees. UDP, ICMP/ Network Containers are currently only for Linux. To build the network container host and intercept library, from the base of the ZeroTier One tree type: make netcon + make install-intercept This will build a binary called *zerotier-netcon-service* and a library called *libzerotierintercept.so*. The former is the same as a regular ZeroTier One build except instead of creating virtual network ports using Linux's */dev/net/tun* interface, it instead creates instances of a user-space TCP/IP stack for each virtual network and provides RPC access to this stack via a Unix domain socket called */tmp/.ztnc_##NETWORK_ID##*. The latter is a library that can be loaded with the Linux *LD\_PRELOAD* environment variable or by placement into */etc/ld.so.preload* on a Linux system or container. @@ -98,10 +99,11 @@ Or for CentOS/EPEL or Fedora: Now try: export LD_PRELOAD=/path/to/ZeroTierOne/libzerotierintercept.so - export ZT_NC_NWID=8056c2e21c000001 + export ZT_NC_NWID=8056c2e21c000001 + zerotier-intercept httpd -Going to port 8080 on your machine won't work. Httpd is listening, but only inside the network container. To reach it, go to the other system where you joined the same network with a conventional ZeroTier instance and try: +Going to port 80 on your machine won't work. Httpd is listening, but only inside the network container. To reach it, go to the other system where you joined the same network with a conventional ZeroTier instance and try: curl http://NETCON.INSTANCE.IP:8080/README.md diff --git a/netcon/README.orig.md b/netcon/README.orig.md deleted file mode 100644 index bf6ae939..00000000 --- a/netcon/README.orig.md +++ /dev/null @@ -1,139 +0,0 @@ -ZeroTier Network Containers -====== - -### Functional Overview: - -This system exists as a dynamically-linked library, and a service/IP-stack built into ZeroTier - -If you care about the technicals, - -The intercept is compiled as a shared library and installed in some user-accessible directory. When you want to intercept -a user application you dynamically link the shared library to the application during runtime. When the application starts, the -intercept's global constructor is called which sets up a hidden pipe which is used to communicate remote procedure calls (RPC) to the host Netcon service running in the background. - -When an RPC for a socket() is received by the Netcon service from the intercepted application, the Netcon service will ask the lwIP stack for a new PCB structure (used to represent a connection), if the system permits its allocation, it will be passed to Netcon where a PCB/socket table entry will be created. The table is used for mapping [callbacks from lwIP] and [RPCs from the intercept] to the correct connections. - -Upon the first call to a intercept-overriden system call, a Unix-domain socket is opened between the Netcon service and the application's intercept. This socket provides us the ability to pass file descriptors of newly-created socketpairs to the intercept (used as the read/write buffer). More specifically, after the socketpair creation, one end is kept in a table entry in Netcon and one end is sent to the intercept. - -### Building from Source (and Installing) - -Build zerotier-intercept library: - - make -f make-intercept.mk - -Install: - - make -f make-intercept.mk install - -Build LWIP library: - - make -f make-liblwip.mk - -Run automated tests (from netcon/docker-test/ directory): - - ./build.sh - ./test.sh - - - - -### Running - -To intercept a specific application (requires an already running instance of Zerotier-One with Network Containers enabled): - - zerotier-intercept my_app - - -### Unit Tests - -To run unit tests: - -1) Set up your own network, use its network id as follows: - -2) Place a blank network config file in this directory (e.g. "e5cd7a9e1c5311ab.conf") - - This will be used to inform test-specific scripts what network to use for testing - -3) run build.sh - - Builds ZeroTier-One with Network Containers enabled - - Builds LWIP library - - Builds intercept library - - Copies all aformentioned files into unit test directory to be used for building docker files - -4) run test.sh - - Will execute each unit test's (test.sh) one at a time and populate _results/ - - -### Anatomy of a unit test - -A) Each unit test's test.sh will: - - temporarily copy all built files into local directory - - build test container - - build monitor container - - remove temporary files - - run each container and perform test and monitoring specified in netcon_entrypoint.sh and monitor_entrypoint.sh - -B) Results will be written to the 'netcon/docker-test/_results/' directory - - Results will be a combination of raw and formatted dumps to files whose names reflect the test performed - - In the event of failure, 'FAIL.' will be appended to the result file's name - - (e.g. FAIL.my_application_1.0.2.x86_64) - - In the event of success, 'OK.' will be appended - - -### Compatibility - -Network Containers have been tested with the following: - - sshd [ WORKS as of 20151112] - ssh [ WORKS as of 20151112] - sftp [ WORKS as of 20151022] - curl [ WORKS as of 20151021] - apache (debug mode) [ WORKS as of 20150810] - apache (prefork MPM) [ WORKS as of 20151123] (2.4.6-31.x86-64 on Centos 7), (2.4.16-1.x84-64 on F22), (2.4.17-3.x86-64 on F22) - nginx [ WORKS as of 20151123] Broken on Centos 7, unreliable on Fedora 23 - nodejs [ WORKS as of 20151123] - java [ WORKS as of 20151010] - MongoDB [ WORKS as of 20151028] - Redis-server [ WORKS as of 20151123] - -Future: - - GET many different files via HTTP (web stress) - LARGE continuous transfer (e.g. /dev/urandom all night) - Open and close many TCP connections constantly - Simulate packet loss (can be done with iptables) - Many parallel TCP transfers - Multithreaded software (e.g. apache in thread mode) - UDP support - - - -### Extended Version Notes - -20151028 Added MongoDB support: - - - Added logic (RPC_MAP_REQ) to check whether a given AF_LOCAL socket is mapped to anything - inside the service instance. - -20151027 Added Redis-server support: - - - Added extra logic to detect socket re-issuing and consequent service-side double mapping. - Redis appears to try to set its initial listen socket to IPV6 only, this currently fails. As - a result, Redis will close the socket and re-open it. The server will now test for closures - during mapping and will eliminate any mappings to broken pipes. - -20151021 Added Node.js support: - - - syscall(long number, ...) is now intercepted and re-directs the __NR_accept4 call to our intercepted accept4() function - - - accept() now returns -EAGAIN in the case that we cannot read a signal byte from the descriptor linked to the service. This - is because the uv__server_io() function in libuv used by Node.js looks for this return value upon failure, without it we - were observing an innfinite loop in the I/O polling code in libuv. - - - accept4() now correctly sets given flags for descriptor returned by accept() - - - setsockopt() was modified to return success on any call with the following conditions: - level == IPPROTO_TCP || (level == SOL_SOCKET && option_name == SO_KEEPALIVE) - This might be unnecessary or might need a better workaround - - - Careful attention should be given to how arguments are passed in the intercepted syscall() function, this differs for - 32/64-bit systems diff --git a/netcon/make-intercept.mk b/netcon/make-intercept.mk deleted file mode 100644 index 14fe3534..00000000 --- a/netcon/make-intercept.mk +++ /dev/null @@ -1,50 +0,0 @@ -# -# ZeroTier One - Network Virtualization Everywhere -# Copyright (C) 2011-2015 ZeroTier, Inc. -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see . -# -# -- -# -# ZeroTier may be used and distributed under the terms of the GPLv3, which -# are available at: http://www.gnu.org/licenses/gpl-3.0.html -# -# If you would like to embed ZeroTier into a commercial application or -# redistribute it in a modified binary form, please contact ZeroTier Networks -# LLC. Start here: http://www.zerotier.com/ -# - -SHCC=gcc - -intercept_CFLAGS = -c -fPIC -g -O2 -Wall -std=c99 -DVERBOSE -DDEBUG_RPC -DCHECKS -D_GNU_SOURCE -DNETCON_INTERCEPT -#LIB_NAME = intercept -SHLIB_EXT=dylib -COMMON = Common -OBJS= Intercept.o -SHLDFLAGS = -g -O2 -Wall -I. -nostdlib -shared -LIBS = -ldl -lc -lrt -lpthread - -lib: - ${SHCC} $(intercept_CFLAGS) -I. Intercept.c -o Intercept.o - ${SHCC} $(SHLDFLAGS) Intercept.o -o libzerotierintercept.so $(LIBS) - -install: - cp ../libzerotierintercept.so /lib/libzerotierintercept.so - ln -sf /lib/libzerotierintercept.so /lib/libzerotierintercept - /usr/bin/install -c zerotier-intercept /usr/bin - -uninstall: - rm -r /lib/libzerotierintercept.so - rm -r /lib/libzerotierintercept - rm -r /usr/bin/zerotier-intercept -- cgit v1.2.3