From d5fdfaea56e6c3c1d8f8b5ade03d927c94825bec Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Mon, 28 Oct 2013 16:54:35 -0400 Subject: Fix signed/unsigned compare warning. --- node/EthernetTap.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'node') diff --git a/node/EthernetTap.cpp b/node/EthernetTap.cpp index fadd8e50..44118c2a 100644 --- a/node/EthernetTap.cpp +++ b/node/EthernetTap.cpp @@ -693,7 +693,7 @@ void EthernetTap::threadMain() // data until we have at least a frame. r += n; if (r > 14) { - if (r > (_mtu + 14)) // sanity check for weird TAP behavior on some platforms + if (r > ((int)_mtu + 14)) // sanity check for weird TAP behavior on some platforms r = _mtu + 14; for(int i=0;i<6;++i) to.data[i] = (unsigned char)getBuf[i]; -- cgit v1.2.3 From e4044eeb709c09f5577f7e77260ccf997a298156 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Mon, 28 Oct 2013 17:25:12 -0400 Subject: Finish stubbing out FILE_ stuff. --- node/Packet.cpp | 2 ++ node/PacketDecoder.cpp | 14 ++++++++++++++ node/PacketDecoder.hpp | 2 ++ 3 files changed, 18 insertions(+) (limited to 'node') diff --git a/node/Packet.cpp b/node/Packet.cpp index d809d402..33866727 100644 --- a/node/Packet.cpp +++ b/node/Packet.cpp @@ -48,6 +48,8 @@ const char *Packet::verbString(Verb v) case VERB_NETWORK_MEMBERSHIP_CERTIFICATE: return "NETWORK_MEMBERSHIP_CERTIFICATE"; case VERB_NETWORK_CONFIG_REQUEST: return "NETWORK_CONFIG_REQUEST"; case VERB_NETWORK_CONFIG_REFRESH: return "NETWORK_CONFIG_REFRESH"; + case VERB_FILE_INFO_REQUEST: return "FILE_INFO_REQUEST"; + case VERB_FILE_BLOCK_REQUEST: return "FILE_BLOCK_REQUEST"; } return "(unknown)"; } diff --git a/node/PacketDecoder.cpp b/node/PacketDecoder.cpp index 956cb642..83c47b0e 100644 --- a/node/PacketDecoder.cpp +++ b/node/PacketDecoder.cpp @@ -112,6 +112,10 @@ bool PacketDecoder::tryDecode(const RuntimeEnvironment *_r) return _doNETWORK_CONFIG_REQUEST(_r,peer); case Packet::VERB_NETWORK_CONFIG_REFRESH: return _doNETWORK_CONFIG_REFRESH(_r,peer); + case Packet::VERB_FILE_INFO_REQUEST: + return _doFILE_INFO_REQUEST(_r,peer); + case Packet::VERB_FILE_BLOCK_REQUEST: + return _doFILE_BLOCK_REQUEST(_r,peer); default: // This might be something from a new or old version of the protocol. // Technically it passed MAC so the packet is still valid, but we @@ -874,4 +878,14 @@ bool PacketDecoder::_doNETWORK_CONFIG_REFRESH(const RuntimeEnvironment *_r,const return true; } +bool PacketDecoder::_doFILE_INFO_REQUEST(const RuntimeEnvironment *_r,const SharedPtr &peer) +{ + return true; +} + +bool PacketDecoder::_doFILE_BLOCK_REQUEST(const RuntimeEnvironment *_r,const SharedPtr &peer) +{ + return true; +} + } // namespace ZeroTier diff --git a/node/PacketDecoder.hpp b/node/PacketDecoder.hpp index cb3522ff..8ec01594 100644 --- a/node/PacketDecoder.hpp +++ b/node/PacketDecoder.hpp @@ -122,6 +122,8 @@ private: bool _doNETWORK_MEMBERSHIP_CERTIFICATE(const RuntimeEnvironment *_r,const SharedPtr &peer); bool _doNETWORK_CONFIG_REQUEST(const RuntimeEnvironment *_r,const SharedPtr &peer); bool _doNETWORK_CONFIG_REFRESH(const RuntimeEnvironment *_r,const SharedPtr &peer); + bool _doFILE_INFO_REQUEST(const RuntimeEnvironment *_r,const SharedPtr &peer); + bool _doFILE_BLOCK_REQUEST(const RuntimeEnvironment *_r,const SharedPtr &peer); uint64_t _receiveTime; Demarc::Port _localPort; -- cgit v1.2.3 From ae138566a94ed407c71dbc7a155c810b2389cc4b Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Fri, 1 Nov 2013 12:38:38 -0400 Subject: Updater code, work in progress... --- node/Defaults.hpp | 5 ++ node/Packet.hpp | 2 +- node/RuntimeEnvironment.hpp | 13 +++- node/Updater.cpp | 122 +++++++++++++++++++++++++++++ node/Updater.hpp | 182 ++++++++++++++++++++++++++++++++++++++++++++ node/Utils.cpp | 10 +++ node/Utils.hpp | 8 +- objects.mk | 1 + 8 files changed, 337 insertions(+), 6 deletions(-) create mode 100644 node/Updater.cpp create mode 100644 node/Updater.hpp (limited to 'node') diff --git a/node/Defaults.hpp b/node/Defaults.hpp index 5f870194..b0eb40e5 100644 --- a/node/Defaults.hpp +++ b/node/Defaults.hpp @@ -67,6 +67,11 @@ public: * Supernodes on the ZeroTier network */ const std::map< Identity,std::vector > supernodes; + + /** + * Identities permitted to sign software updates + */ + const std::map< Address,Identity > updateAuthorities; }; extern const Defaults ZT_DEFAULTS; diff --git a/node/Packet.hpp b/node/Packet.hpp index 56920f6f..05c6f3a4 100644 --- a/node/Packet.hpp +++ b/node/Packet.hpp @@ -617,7 +617,7 @@ public: */ VERB_NETWORK_CONFIG_REFRESH = 12, - /* Request information about a shared file: + /* Request information about a shared file (for software updates): * <[1] flags, currently unused and must be 0> * <[2] 16-bit length of filename> * <[...] name of file being requested> diff --git a/node/RuntimeEnvironment.hpp b/node/RuntimeEnvironment.hpp index 3d73ca56..4baaab6b 100644 --- a/node/RuntimeEnvironment.hpp +++ b/node/RuntimeEnvironment.hpp @@ -46,6 +46,7 @@ class CMWC4096; class Service; class Node; class Multicaster; +class Updater; /** * Holds global state for an instance of ZeroTier::Node @@ -71,24 +72,29 @@ public: demarc((Demarc *)0), topology((Topology *)0), sysEnv((SysEnv *)0), - nc((NodeConfig *)0) + nc((NodeConfig *)0), + updater((Updater *)0) #ifndef __WINDOWS__ ,netconfService((Service *)0) #endif { } + // home of saved state, identity, etc. std::string homePath; - // signal() to prematurely interrupt main loop wait + // signal() to prematurely interrupt main loop wait to cause loop to run + // again and detect some kind of change, exit, etc. Condition mainLoopWaitCondition; Identity identity; + // hacky... want to get rid of this flag... volatile bool shutdownInProgress; // Order matters a bit here. These are constructed in this order - // and then deleted in the opposite order on Node exit. + // and then deleted in the opposite order on Node exit. The order ensures + // that things that are needed are there before they're needed. Logger *log; // may be null CMWC4096 *prng; @@ -99,6 +105,7 @@ public: SysEnv *sysEnv; NodeConfig *nc; Node *node; + Updater *updater; // may be null if updates are disabled #ifndef __WINDOWS__ Service *netconfService; // may be null #endif diff --git a/node/Updater.cpp b/node/Updater.cpp new file mode 100644 index 00000000..6a6d9d9c --- /dev/null +++ b/node/Updater.cpp @@ -0,0 +1,122 @@ +/* + * ZeroTier One - Global Peer to Peer Ethernet + * Copyright (C) 2012-2013 ZeroTier Networks LLC + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + * + * -- + * + * ZeroTier may be used and distributed under the terms of the GPLv3, which + * are available at: http://www.gnu.org/licenses/gpl-3.0.html + * + * If you would like to embed ZeroTier into a commercial application or + * redistribute it in a modified binary form, please contact ZeroTier Networks + * LLC. Start here: http://www.zerotier.com/ + */ + +#include "Updater.hpp" +#include "RuntimeEnvironment.hpp" +#include "Logger.hpp" +#include "Defaults.hpp" + +namespace ZeroTier { + +Updater::Updater(const RuntimeEnvironment *renv) : + _r(renv), + _download((_Download *)0) +{ + refreshShared(); +} + +Updater::~Updater() +{ + Mutex::Lock _l(_lock); + delete _download; +} + +void Updater::refreshShared() +{ + std::string updatesPath(_r->homePath + ZT_PATH_SEPARATOR_S + "updates.d"); + std::map ud(Utils::listDirectory(updatesPath.c_str())); + + Mutex::Lock _l(_lock); + _sharedUpdates.clear(); + for(std::map::iterator u(ud.begin());u!=ud.end();++u) { + if (u->second) + continue; // skip directories + if ((u->first.length() >= 4)&&(!strcasecmp(u->first.substr(u->first.length() - 4).c_str(),".nfo"))) + continue; // skip .nfo companion files + + std::string fullPath(updatesPath + ZT_PATH_SEPARATOR_S + u->first); + std::string nfoPath(fullPath + ".nfo"); + + std::string buf; + if (Utils::readFile(nfoPath.c_str(),buf)) { + Dictionary nfo(buf); + + _Shared shared; + shared.filename = fullPath; + + std::string sha512(Utils::unhex(nfo.get("sha512",std::string()))); + if (sha512.length() < sizeof(shared.sha512)) { + TRACE("skipped shareable update due to missing fields in companion .nfo: %s",fullPath.c_str()); + continue; + } + memcpy(shared.sha512,sha512.data(),sizeof(shared.sha512)); + + std::string sig(Utils::unhex(nfo.get("sha512sig_ed25519",std::string()))); + if (sig.length() < shared.sig.size()) { + TRACE("skipped shareable update due to missing fields in companion .nfo: %s",fullPath.c_str()); + continue; + } + memcpy(shared.sig.data,sig.data(),shared.sig.size()); + + // Check signature to guard against updates.d being used as a data + // exfiltration mechanism. We will only share properly signed updates, + // nothing else. + Address signedBy(nfo.get("signedBy",std::string())); + std::map< Address,Identity >::const_iterator authority(ZT_DEFAULTS.updateAuthorities.find(signedBy)); + if ((authority == ZT_DEFAULTS.updateAuthorities.end())||(!authority->second.verify(shared.sha512,64,shared.sig))) { + TRACE("skipped shareable update: not signed by valid authority or signature invalid: %s",fullPath.c_str()); + continue; + } + shared.signedBy = signedBy; + + int64_t fs = Utils::getFileSize(fullPath.c_str()); + if (fs <= 0) { + TRACE("skipped shareable update due to unreadable, invalid, or 0-byte file: %s",fullPath.c_str()); + continue; + } + shared.size = (unsigned long)fs; + + Array first16Bytes; + memcpy(first16Bytes.data,sha512.data(),16); + _sharedUpdates[first16Bytes] = shared; + } else { + TRACE("skipped shareable update due to missing companion .nfo: %s",fullPath.c_str()); + continue; + } + } +} + +void Updater::getUpdateIfThisIsNewer(unsigned int vMajor,unsigned int vMinor,unsigned int revision) +{ +} + +void Updater::retryIfNeeded() +{ +} + +} // namespace ZeroTier + diff --git a/node/Updater.hpp b/node/Updater.hpp new file mode 100644 index 00000000..66d45ee4 --- /dev/null +++ b/node/Updater.hpp @@ -0,0 +1,182 @@ +/* + * ZeroTier One - Global Peer to Peer Ethernet + * Copyright (C) 2012-2013 ZeroTier Networks LLC + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + * + * -- + * + * ZeroTier may be used and distributed under the terms of the GPLv3, which + * are available at: http://www.gnu.org/licenses/gpl-3.0.html + * + * If you would like to embed ZeroTier into a commercial application or + * redistribute it in a modified binary form, please contact ZeroTier Networks + * LLC. Start here: http://www.zerotier.com/ + */ + +#ifndef _ZT_UPDATER_HPP +#define _ZT_UPDATER_HPP + +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#include "Constants.hpp" +#include "Packet.hpp" +#include "Mutex.hpp" +#include "Address.hpp" +#include "C25519.hpp" +#include "Array.hpp" +#include "Dictionary.hpp" + +// Chunk size-- this can be changed, picked to always fit in one packet each. +#define ZT_UPDATER_CHUNK_SIZE 1350 + +// Sanity check value for constraining max size since right now we buffer +// in RAM. +#define ZT_UPDATER_MAX_SUPPORTED_SIZE (1024 * 1024 * 16) + +// Retry timeout in ms. +#define ZT_UPDATER_RETRY_TIMEOUT 30000 + +// After this long, look for a new set of peers that have the download shared. +#define ZT_UPDATER_REPOLL_TIMEOUT 60000 + +namespace ZeroTier { + +class RuntimeEnvironment; + +/** + * Software update downloader and executer + * + * FYI: downloads occur via the protocol rather than out of band via http so + * that ZeroTier One can be run in secure jailed environments where it is the + * only protocol permitted over the "real" Internet. This is required for a + * number of potentially popular use cases. + * + * The protocol is a simple chunk-pulling "trivial FTP" like thing that should + * be suitable for core engine software updates. Software updates themselves + * are platform-specific executables that ZeroTier One then exits and runs. + * + * Updaters are cached one-deep and can be replicated peer to peer in addition + * to coming from supernodes. This makes it just a little bit BitTorrent-like + * and helps things scale, and is also ready for further protocol + * decentralization that may occur in the future. + */ +class Updater +{ +public: + Updater(const RuntimeEnvironment *renv); + ~Updater(); + + /** + * Rescan home path for shareable updates + * + * This happens automatically on construction. + */ + void refreshShared(); + + /** + * Attempt to find an update if this version is newer than ours + * + * This is called whenever a peer notifies us of its version. It does nothing + * if that version is not newer, otherwise it looks around for an update. + * + * @param vMajor Major version + * @param vMinor Minor version + * @param revision Revision + */ + void getUpdateIfThisIsNewer(unsigned int vMajor,unsigned int vMinor,unsigned int revision); + + /** + * Called periodically from main loop + */ + void retryIfNeeded(); + +private: + struct _Download + { + _Download(const void *s512,const std::string &fn,unsigned long len,unsigned int vMajor,unsigned int vMinor,unsigned int rev) + { + data.resize(len); + haveChunks.resize((len / ZT_UPDATER_CHUNK_SIZE) + 1,false); + filename = fn; + memcpy(sha512,s512,64); + lastChunkSize = len % ZT_UPDATER_CHUNK_SIZE; + versionMajor = vMajor; + versionMinor = vMinor; + revision = rev; + } + + long nextChunk() const + { + std::vector::const_iterator ptr(std::find(haveChunks.begin(),haveChunks.end(),false)); + if (ptr != haveChunks.end()) + return std::distance(haveChunks.begin(),ptr); + else return -1; + } + + bool gotChunk(unsigned long at,const void *chunk,unsigned long len) + { + unsigned long whichChunk = at / ZT_UPDATER_CHUNK_SIZE; + if (at != (ZT_UPDATER_CHUNK_SIZE * whichChunk)) + return false; // not at chunk boundary + if (whichChunk >= haveChunks.size()) + return false; // overflow + if ((whichChunk == (haveChunks.size() - 1))&&(len != lastChunkSize)) + return false; // last chunk, size wrong + else if (len != ZT_UPDATER_CHUNK_SIZE) + return false; // chunk size wrong + for(unsigned long i=0;i data; + std::vector haveChunks; + std::vector
peersThatHave; + std::string filename; + unsigned char sha512[64]; + Address currentlyReceivingFrom; + uint64_t lastChunkReceivedAt; + unsigned long lastChunkSize; + unsigned int versionMajor,versionMinor,revision; + }; + + struct _Shared + { + std::string filename; + unsigned char sha512[64]; + C25519::Signature sig; + Address signedBy; + unsigned long size; + }; + + const RuntimeEnvironment *_r; + _Download *_download; + std::map< Array,_Shared > _sharedUpdates; + Mutex _lock; +}; + +} // namespace ZeroTier + +#endif diff --git a/node/Utils.cpp b/node/Utils.cpp index c565d8c4..66bd27dd 100644 --- a/node/Utils.cpp +++ b/node/Utils.cpp @@ -265,6 +265,16 @@ uint64_t Utils::getLastModified(const char *path) return (((uint64_t)s.st_mtime) * 1000ULL); } +static int64_t getFileSize(const char *path) +{ + struct stat s; + if (stat(path,&s)) + return -1; + if (S_ISREG(s.st_mode)) + return s.st_size; + return -1; +} + std::string Utils::toRfc1123(uint64_t t64) { struct tm t; diff --git a/node/Utils.hpp b/node/Utils.hpp index 6a56ba9d..208ff755 100644 --- a/node/Utils.hpp +++ b/node/Utils.hpp @@ -118,8 +118,6 @@ public: * List a directory's contents * * @param path Path to list - * @param files Set to fill with files - * @param directories Set to fill with directories * @return Map of entries and whether or not they are also directories (empty on failure) */ static std::map listDirectory(const char *path); @@ -195,6 +193,12 @@ public: return (getLastModified(path) != 0); } + /** + * @param path Path to file + * @return File size or -1 if nonexistent or other failure + */ + static int64_t getFileSize(const char *path); + /** * @param t64 Time in ms since epoch * @return RFC1123 date string diff --git a/objects.mk b/objects.mk index 547033f9..f38f3e90 100644 --- a/objects.mk +++ b/objects.mk @@ -25,4 +25,5 @@ OBJS=\ node/SysEnv.o \ node/Topology.o \ node/UdpSocket.o \ + node/Updater.o \ node/Utils.o -- cgit v1.2.3 From ac4e657aaa6c1c433438c18acefb8e7be8623f20 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Fri, 1 Nov 2013 20:39:31 -0400 Subject: Updater work in progress... --- node/Constants.hpp | 1 + node/Updater.cpp | 100 +++++++++++++++++++++++++++++++++++++++++++++++++++++ node/Updater.hpp | 25 +++++++++++++- 3 files changed, 125 insertions(+), 1 deletion(-) (limited to 'node') diff --git a/node/Constants.hpp b/node/Constants.hpp index 8e252f2a..dbdc4ec9 100644 --- a/node/Constants.hpp +++ b/node/Constants.hpp @@ -54,6 +54,7 @@ // OSX and iOS are unix-like OSes far as we're concerned #ifdef __APPLE__ +#include #ifndef __UNIX_LIKE__ #define __UNIX_LIKE__ #endif diff --git a/node/Updater.cpp b/node/Updater.cpp index 6a6d9d9c..10ac6096 100644 --- a/node/Updater.cpp +++ b/node/Updater.cpp @@ -29,6 +29,10 @@ #include "RuntimeEnvironment.hpp" #include "Logger.hpp" #include "Defaults.hpp" +#include "Utils.hpp" +#include "Topology.hpp" + +#include "../version.h" namespace ZeroTier { @@ -112,11 +116,107 @@ void Updater::refreshShared() void Updater::getUpdateIfThisIsNewer(unsigned int vMajor,unsigned int vMinor,unsigned int revision) { + if (vMajor < ZEROTIER_ONE_VERSION_MAJOR) + return; + else if (vMajor == ZEROTIER_ONE_VERSION_MAJOR) { + if (vMinor < ZEROTIER_ONE_VERSION_MINOR) + return; + else if (vMinor == ZEROTIER_ONE_VERSION_MINOR) { + if (revision <= ZEROTIER_ONE_VERSION_REVISION) + return; + } + } + + std::string updateFilename(generateUpdateFilename()); + if (!updateFilename.length()) { + TRACE("a new update to %u.%u.%u is available, but this platform doesn't support auto updates",vMajor,vMinor,revision); + return; + } + + std::vector< SharedPtr > peers; + _r->topology->eachPeer(Topology::CollectPeersWithActiveDirectPath(peers,Utils::now())); + + TRACE("new update available to %u.%u.%u, looking for %s from %u peers",vMajor,vMinor,revision,updateFilename.c_str(),(unsigned int)peers.size()); + + if (!peers.size()) + return; + + for(std::vector< SharedPtr >::iterator p(peers.begin());p!=peers.end();++p) { + Packet outp(p->address(),_r->identity.address(),Packet::VERB_FILE_INFO_REQUEST); + outp.append((unsigned char)0); + outp.append((uint16_t)updateFilename.length()); + outp.append(updateFilename.data(),updateFilename.length()); + _r->sw->send(outp,true); + } } void Updater::retryIfNeeded() { } +void Updater::handleChunk(const void *sha512First16,unsigned long at,const void *chunk,unsigned long len) +{ +} + +std::string Updater::generateUpdateFilename(unsigned int vMajor,unsigned int vMinor,unsigned int revision) +{ + // Not supported... yet? Get it first cause it might identify as Linux too. +#ifdef __ANDROID__ +#define _updSupported 1 + return std::string(); +#endif + + // Linux on x86 and possibly in the future ARM +#ifdef __LINUX__ +#if defined(__i386) || defined(__i486) || defined(__i586) || defined(__i686) || defined(__amd64) || defined(__x86_64) || defined(i386) +#define _updSupported 1 + char buf[128]; + Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-linux-%s-update",vMajor,vMinor,revision,(sizeof(void *) == 8) ? "x64" : "x86"); + return std::string(buf); +#endif +/* +#if defined(__arm__) || defined(__arm) || defined(__aarch64__) +#define _updSupported 1 + char buf[128]; + Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-linux-%s-update",vMajor,vMinor,revision,(sizeof(void *) == 8) ? "arm64" : "arm32"); + return std::string(buf); +#endif +*/ +#endif + + // Apple stuff... only Macs so far... +#ifdef __APPLE__ +#define _updSupported 1 +#if defined(__powerpc) || defined(__powerpc__) || defined(__ppc__) || defined(__ppc64) || defined(__ppc64__) || defined(__powerpc64__) + return std::string(); +#endif +#if defined(TARGET_IPHONE_SIMULATOR) || defined(TARGET_OS_IPHONE) + return std::string(); +#endif + char buf[128]; + Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-mac-x86combined-update",vMajor,vMinor,revision); + return std::string(buf); +#endif + + // ??? +#ifndef _updSupported + return std::string(); +#endif +} + +bool Updater::parseUpdateFilename(const char *filename,unsigned int &vMajor,unsigned int &vMinor,unsigned int &revision) +{ + std::vector byDash(Utils::split(filename,"-","","")); + if (byDash.size() < 2) + return false; + std::vector byUnderscore(Utils::split(byDash[1].c_str(),"_","","")); + if (byUnderscore.size() < 3) + return false; + vMajor = Utils::strToUInt(byUnderscore[0].c_str()); + vMinor = Utils::strToUInt(byUnderscore[1].c_str()); + revision = Utils::strToUInt(byUnderscore[2].c_str()); + return true; +} + } // namespace ZeroTier diff --git a/node/Updater.hpp b/node/Updater.hpp index 66d45ee4..6a1c266b 100644 --- a/node/Updater.hpp +++ b/node/Updater.hpp @@ -111,6 +111,29 @@ public: */ void retryIfNeeded(); + /** + * Called when a chunk is received + * + * @param sha512First16 First 16 bytes of SHA-512 hash + * @param at Position of chunk + * @param chunk Chunk data + * @param len Length of chunk + */ + void handleChunk(const void *sha512First16,unsigned long at,const void *chunk,unsigned long len); + + /** + * @return Canonical update filename for this platform or empty string if unsupported + */ + static std::string generateUpdateFilename(unsigned int vMajor,unsigned int vMinor,unsigned int revision); + + /** + * Parse an updater filename and extract version info + * + * @param filename Filename to parse + * @return True if info was extracted and value-result parameters set + */ + static bool parseUpdateFilename(const char *filename,unsigned int &vMajor,unsigned int &vMinor,unsigned int &revision); + private: struct _Download { @@ -151,7 +174,7 @@ private: return true; } - std::vector data; + std::string data; std::vector haveChunks; std::vector
peersThatHave; std::string filename; -- cgit v1.2.3 From 6c63bfce69f0b0087526879f49d36071ddc4b9d9 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Mon, 4 Nov 2013 17:31:00 -0500 Subject: File transfer work, add identities for validation of updates. --- node/Defaults.cpp | 27 ++++++- node/Defaults.hpp | 6 ++ node/Packet.hpp | 12 ++- node/Updater.cpp | 216 +++++++++++++++++++++++++++++++++++++++++++++++++++--- node/Updater.hpp | 138 ++++++++++++++++++++-------------- node/Utils.cpp | 2 +- 6 files changed, 329 insertions(+), 72 deletions(-) (limited to 'node') diff --git a/node/Defaults.cpp b/node/Defaults.cpp index 35a677f2..cfc901b5 100644 --- a/node/Defaults.cpp +++ b/node/Defaults.cpp @@ -98,12 +98,37 @@ static inline std::string _mkDefaultHomePath() #endif } +static inline std::map< Address,Identity > _mkUpdateAuth() +{ + std::map< Address,Identity > ua; + + { // 0001 + Identity id("e9bc3707b5:0:c4cef17bde99eadf9748c4fd11b9b06dc5cd8eb429227811d2c336e6b96a8d329e8abd0a4f45e47fe1bcebf878c004c822d952ff77fc2833af4c74e65985c435"); + ua[id.address()] = id; + } + { // 0002 + Identity id("56520eaf93:0:7d858b47988b34399a9a31136de07b46104d7edb4a98fa1d6da3e583d3a33e48be531532b886f0b12cd16794a66ab9220749ec5112cbe96296b18fe0cc79ca05"); + ua[id.address()] = id; + } + { // 0003 + Identity id("7c195de2e0:0:9f659071c960f9b0f0b96f9f9ecdaa27c7295feed9c79b7db6eedcc11feb705e6dd85c70fa21655204d24c897865b99eb946b753a2bbcf2be5f5e006ae618c54"); + ua[id.address()] = id; + } + { // 0004 + Identity id("415f4cfde7:0:54118e87777b0ea5d922c10b337c4f4bd1db7141845bd54004b3255551a6e356ba6b9e1e85357dbfafc45630b8faa2ebf992f31479e9005f0472685f2d8cbd6e"); + ua[id.address()] = id; + } + + return ua; +} + Defaults::Defaults() : #ifdef ZT_TRACE_MULTICAST multicastTraceWatcher(ZT_TRACE_MULTICAST), #endif defaultHomePath(_mkDefaultHomePath()), - supernodes(_mkSupernodeMap()) + supernodes(_mkSupernodeMap()), + updateAuthorities(_mkUpdateAuth()) { } diff --git a/node/Defaults.hpp b/node/Defaults.hpp index b0eb40e5..dac59ae6 100644 --- a/node/Defaults.hpp +++ b/node/Defaults.hpp @@ -70,6 +70,12 @@ public: /** * Identities permitted to sign software updates + * + * ZTN can keep multiple signing identities and rotate them, keeping some in + * "cold storage" and obsoleting others gradually. + * + * If you don't build with ZT_OFFICIAL_BUILD, this isn't used since your + * build will not auto-update. */ const std::map< Address,Identity > updateAuthorities; }; diff --git a/node/Packet.hpp b/node/Packet.hpp index 05c6f3a4..d476e89e 100644 --- a/node/Packet.hpp +++ b/node/Packet.hpp @@ -619,12 +619,12 @@ public: /* Request information about a shared file (for software updates): * <[1] flags, currently unused and must be 0> - * <[2] 16-bit length of filename> + * <[1] 8-bit length of filename> * <[...] name of file being requested> * * OK response payload (indicates that we have and will share): * <[1] flags, currently unused and must be 0> - * <[2] 16-bit length of filename> + * <[1] 8-bit length of filename> * <[...] name of file being requested> * <[64] full length SHA-512 hash of file contents> * <[4] 32-bit length of file in bytes> @@ -636,6 +636,10 @@ public: * <[2] 16-bit length of filename> * <[...] name of file being requested> * + * This is used for distribution of software updates and in the future may + * be used for anything else that needs to be globally distributed. It + * is not designed for end-user use for other purposes. + * * Support is optional. Nodes should return UNSUPPORTED_OPERATION if * not supported or enabled. */ @@ -657,6 +661,10 @@ public: * <[4] 32-bit index of desired chunk> * <[2] 16-bit length of desired chunk> * + * This is used for distribution of software updates and in the future may + * be used for anything else that needs to be globally distributed. It + * is not designed for end-user use for other purposes. + * * Support is optional. Nodes should return UNSUPPORTED_OPERATION if * not supported or enabled. */ diff --git a/node/Updater.cpp b/node/Updater.cpp index 10ac6096..1eefa7a4 100644 --- a/node/Updater.cpp +++ b/node/Updater.cpp @@ -31,6 +31,8 @@ #include "Defaults.hpp" #include "Utils.hpp" #include "Topology.hpp" +#include "Switch.hpp" +#include "SHA512.hpp" #include "../version.h" @@ -69,8 +71,9 @@ void Updater::refreshShared() if (Utils::readFile(nfoPath.c_str(),buf)) { Dictionary nfo(buf); - _Shared shared; - shared.filename = fullPath; + SharedUpdate shared; + shared.fullPath = fullPath; + shared.filename = u->first; std::string sha512(Utils::unhex(nfo.get("sha512",std::string()))); if (sha512.length() < sizeof(shared.sha512)) { @@ -104,9 +107,7 @@ void Updater::refreshShared() } shared.size = (unsigned long)fs; - Array first16Bytes; - memcpy(first16Bytes.data,sha512.data(),16); - _sharedUpdates[first16Bytes] = shared; + _sharedUpdates.push_back(shared); } else { TRACE("skipped shareable update due to missing companion .nfo: %s",fullPath.c_str()); continue; @@ -127,9 +128,9 @@ void Updater::getUpdateIfThisIsNewer(unsigned int vMajor,unsigned int vMinor,uns } } - std::string updateFilename(generateUpdateFilename()); + std::string updateFilename(generateUpdateFilename(vMajor,vMinor,revision)); if (!updateFilename.length()) { - TRACE("a new update to %u.%u.%u is available, but this platform doesn't support auto updates",vMajor,vMinor,revision); + TRACE("an update to %u.%u.%u is available, but this platform or build doesn't support auto-update",vMajor,vMinor,revision); return; } @@ -138,11 +139,8 @@ void Updater::getUpdateIfThisIsNewer(unsigned int vMajor,unsigned int vMinor,uns TRACE("new update available to %u.%u.%u, looking for %s from %u peers",vMajor,vMinor,revision,updateFilename.c_str(),(unsigned int)peers.size()); - if (!peers.size()) - return; - for(std::vector< SharedPtr >::iterator p(peers.begin());p!=peers.end();++p) { - Packet outp(p->address(),_r->identity.address(),Packet::VERB_FILE_INFO_REQUEST); + Packet outp((*p)->address(),_r->identity.address(),Packet::VERB_FILE_INFO_REQUEST); outp.append((unsigned char)0); outp.append((uint16_t)updateFilename.length()); outp.append(updateFilename.data(),updateFilename.length()); @@ -152,14 +150,167 @@ void Updater::getUpdateIfThisIsNewer(unsigned int vMajor,unsigned int vMinor,uns void Updater::retryIfNeeded() { + Mutex::Lock _l(_lock); + + if (_download) { + uint64_t elapsed = Utils::now() - _download->lastChunkReceivedAt; + if ((elapsed >= ZT_UPDATER_PEER_TIMEOUT)||(!_download->currentlyReceivingFrom)) { + if (_download->peersThatHave.empty()) { + // Search for more sources if we have no more possibilities queued + _download->currentlyReceivingFrom.zero(); + + std::vector< SharedPtr > peers; + _r->topology->eachPeer(Topology::CollectPeersWithActiveDirectPath(peers,Utils::now())); + + for(std::vector< SharedPtr >::iterator p(peers.begin());p!=peers.end();++p) { + Packet outp((*p)->address(),_r->identity.address(),Packet::VERB_FILE_INFO_REQUEST); + outp.append((unsigned char)0); + outp.append((uint16_t)_download->filename.length()); + outp.append(_download->filename.data(),_download->filename.length()); + _r->sw->send(outp,true); + } + } else { + // If that peer isn't answering, try the next queued source + _download->currentlyReceivingFrom = _download->peersThatHave.front(); + _download->peersThatHave.pop_front(); + } + } else if (elapsed >= ZT_UPDATER_RETRY_TIMEOUT) { + // Re-request next chunk we don't have from current source + _requestNextChunk(); + } + } } -void Updater::handleChunk(const void *sha512First16,unsigned long at,const void *chunk,unsigned long len) +void Updater::handleChunk(const Address &from,const void *sha512,unsigned int shalen,unsigned long at,const void *chunk,unsigned long len) { + Mutex::Lock _l(_lock); + + if (!_download) { + TRACE("got chunk from %s while no download is in progress, ignored",from.toString().c_str()); + return; + } + + if (memcmp(_download->sha512,sha512,(shalen > 64) ? 64 : shalen)) { + TRACE("got chunk from %s for wrong download (SHA mismatch), ignored",from.toString().c_str()); + return; + } + + unsigned long whichChunk = at / ZT_UPDATER_CHUNK_SIZE; + + if (at != (ZT_UPDATER_CHUNK_SIZE * whichChunk)) + return; // not at chunk boundary + if (whichChunk >= _download->haveChunks.size()) + return; // overflow + if ((whichChunk == (_download->haveChunks.size() - 1))&&(len != _download->lastChunkSize)) + return; // last chunk, size wrong + else if (len != ZT_UPDATER_CHUNK_SIZE) + return; // chunk size wrong + + for(unsigned long i=0;idata[at + i] = ((const char *)chunk)[i]; + + _download->haveChunks[whichChunk] = true; + _download->lastChunkReceivedAt = Utils::now(); + + _requestNextChunk(); +} + +void Updater::handleAvailable(const Address &from,const char *filename,const void *sha512,unsigned long filesize,const Address &signedBy,const void *signature,unsigned int siglen) +{ + unsigned int vMajor = 0,vMinor = 0,revision = 0; + if (!parseUpdateFilename(filename,vMajor,vMinor,revision)) { + TRACE("rejected offer of %s from %s: could not parse version information",filename,from.toString().c_str()); + return; + } + + if (filesize > ZT_UPDATER_MAX_SUPPORTED_SIZE) { + TRACE("rejected offer of %s from %s: file too large (%u)",filename,from.toString().c_str(),(unsigned int)filesize); + return; + } + + if (vMajor < ZEROTIER_ONE_VERSION_MAJOR) + return; + else if (vMajor == ZEROTIER_ONE_VERSION_MAJOR) { + if (vMinor < ZEROTIER_ONE_VERSION_MINOR) + return; + else if (vMinor == ZEROTIER_ONE_VERSION_MINOR) { + if (revision <= ZEROTIER_ONE_VERSION_REVISION) + return; + } + } + + Mutex::Lock _l(_lock); + + if (_download) { + // If a download is in progress, only accept this as another source if + // it matches the size, hash, and version. Also check if this is a newer + // version and if so replace download with this. + } else { + // If there is no download in progress, create one provided the signature + // for the SHA-512 hash verifies as being from a valid signer. + } +} + +bool Updater::findSharedUpdate(const char *filename,SharedUpdate &update) const +{ + Mutex::Lock _l(_lock); + for(std::list::const_iterator u(_sharedUpdates.begin());u!=_sharedUpdates.end();++u) { + if (u->filename == filename) { + update = *u; + return true; + } + } + return false; +} + +bool Updater::findSharedUpdate(const void *sha512,unsigned int shalen,SharedUpdate &update) const +{ + if (!shalen) + return false; + Mutex::Lock _l(_lock); + for(std::list::const_iterator u(_sharedUpdates.begin());u!=_sharedUpdates.end();++u) { + if (!memcmp(u->sha512,sha512,(shalen > 64) ? 64 : shalen)) { + update = *u; + return true; + } + } + return false; +} + +bool Updater::getSharedChunk(const void *sha512,unsigned int shalen,unsigned long at,void *chunk,unsigned long chunklen) const +{ + if (!chunklen) + return true; + if (!shalen) + return false; + Mutex::Lock _l(_lock); + for(std::list::const_iterator u(_sharedUpdates.begin());u!=_sharedUpdates.end();++u) { + if (!memcmp(u->sha512,sha512,(shalen > 64) ? 64 : shalen)) { + FILE *f = fopen(u->fullPath.c_str(),"rb"); + if (!f) + return false; + if (!fseek(f,(long)at,SEEK_SET)) { + fclose(f); + return false; + } + if (fread(chunk,chunklen,1,f) != 1) { + fclose(f); + return false; + } + fclose(f); + return true; + } + } + return false; } std::string Updater::generateUpdateFilename(unsigned int vMajor,unsigned int vMinor,unsigned int revision) { + // Defining ZT_OFFICIAL_BUILD enables this cascade of macros, which will + // make your build auto-update itself if it's for an officially supported + // architecture. The signing identity for auto-updates is in Defaults. +#ifdef ZT_OFFICIAL_BUILD + // Not supported... yet? Get it first cause it might identify as Linux too. #ifdef __ANDROID__ #define _updSupported 1 @@ -202,6 +353,10 @@ std::string Updater::generateUpdateFilename(unsigned int vMajor,unsigned int vMi #ifndef _updSupported return std::string(); #endif + +#else + return std::string(); +#endif // ZT_OFFICIAL_BUILD } bool Updater::parseUpdateFilename(const char *filename,unsigned int &vMajor,unsigned int &vMinor,unsigned int &revision) @@ -218,5 +373,42 @@ bool Updater::parseUpdateFilename(const char *filename,unsigned int &vMajor,unsi return true; } +void Updater::_requestNextChunk() +{ + // assumes _lock is locked + + if (!_download) + return; + + unsigned long whichChunk = 0; + std::vector::iterator ptr(std::find(_download->haveChunks.begin(),_download->haveChunks.end(),false)); + if (ptr == _download->haveChunks.end()) { + unsigned char digest[64]; + SHA512::hash(digest,_download->data.data(),_download->data.length()); + if (memcmp(digest,_download->sha512,64)) { + LOG("retrying download of %s -- SHA-512 mismatch, file corrupt!",_download->filename.c_str()); + std::fill(_download->haveChunks.begin(),_download->haveChunks.end(),false); + whichChunk = 0; + } else { + LOG("successfully downloaded and authenticated %s, launching update...",_download->filename.c_str()); + delete _download; + _download = (_Download *)0; + return; + } + } else { + whichChunk = std::distance(_download->haveChunks.begin(),ptr); + } + + TRACE("requesting chunk %u/%u of %s from %s",(unsigned int)whichChunk,(unsigned int)_download->haveChunks.size(),_download->filename.c_str()_download->currentlyReceivingFrom.toString().c_str()); + + Packet outp(_download->currentlyReceivingFrom,_r->identity.address(),Packet::VERB_FILE_BLOCK_REQUEST); + outp.append(_download->sha512,16); + outp.append((uint32_t)(whichChunk * ZT_UPDATER_CHUNK_SIZE)); + if (whichChunk == (_download->haveChunks.size() - 1)) + outp.append((uint16_t)_download->lastChunkSize); + else outp.append((uint16_t)ZT_UPDATER_CHUNK_SIZE); + _r->sw->send(outp,true); +} + } // namespace ZeroTier diff --git a/node/Updater.hpp b/node/Updater.hpp index 6a1c266b..1fdfdbee 100644 --- a/node/Updater.hpp +++ b/node/Updater.hpp @@ -38,6 +38,7 @@ #include #include #include +#include #include "Constants.hpp" #include "Packet.hpp" @@ -55,10 +56,10 @@ #define ZT_UPDATER_MAX_SUPPORTED_SIZE (1024 * 1024 * 16) // Retry timeout in ms. -#define ZT_UPDATER_RETRY_TIMEOUT 30000 +#define ZT_UPDATER_RETRY_TIMEOUT 15000 -// After this long, look for a new set of peers that have the download shared. -#define ZT_UPDATER_REPOLL_TIMEOUT 60000 +// After this long, look for a new peer to download from +#define ZT_UPDATER_PEER_TIMEOUT 65000 namespace ZeroTier { @@ -67,10 +68,12 @@ class RuntimeEnvironment; /** * Software update downloader and executer * - * FYI: downloads occur via the protocol rather than out of band via http so + * Downloads occur via the ZT1 protocol rather than out of band via http so * that ZeroTier One can be run in secure jailed environments where it is the - * only protocol permitted over the "real" Internet. This is required for a - * number of potentially popular use cases. + * only protocol permitted over the "real" Internet. This is wanted for a + * number of potentially popular use cases, like private LANs that connect + * nodes in hostile environments or playing attack/defend on the future CTF + * network. * * The protocol is a simple chunk-pulling "trivial FTP" like thing that should * be suitable for core engine software updates. Software updates themselves @@ -84,6 +87,19 @@ class RuntimeEnvironment; class Updater { public: + /** + * Contains information about a shared update available to other peers + */ + struct SharedUpdate + { + std::string fullPath; + std::string filename; + unsigned char sha512[64]; + C25519::Signature sig; + Address signedBy; + unsigned long size; + }; + Updater(const RuntimeEnvironment *renv); ~Updater(); @@ -108,18 +124,72 @@ public: /** * Called periodically from main loop + * + * This retries downloads if they're stalled and performs other cleanup. */ void retryIfNeeded(); /** * Called when a chunk is received * - * @param sha512First16 First 16 bytes of SHA-512 hash + * If the chunk is a final chunk and we now have an update, this may result + * in the commencement of the update process and the shutdown of ZT1. + * + * @param from Originating peer + * @param sha512 Up to 64 bytes of hash to match + * @param shalen Length of sha512[] * @param at Position of chunk * @param chunk Chunk data * @param len Length of chunk */ - void handleChunk(const void *sha512First16,unsigned long at,const void *chunk,unsigned long len); + void handleChunk(const Address &from,const void *sha512,unsigned int shalen,unsigned long at,const void *chunk,unsigned long len); + + /** + * Called when a reply to a search for an update is received + * + * This checks SHA-512 hash signature and version as parsed from filename + * before starting the transfer. + * + * @param from Node that sent reply saying it has the file + * @param filename Name of file (can be parsed for version info) + * @param sha512 64-byte SHA-512 hash of file's contents + * @param filesize Size of file in bytes + * @param signedBy Address of signer of hash + * @param signature Signature (currently must be Ed25519) + * @param siglen Length of signature in bytes + */ + void handleAvailable(const Address &from,const char *filename,const void *sha512,unsigned long filesize,const Address &signedBy,const void *signature,unsigned int siglen); + + /** + * Get data about a shared update if found + * + * @param filename File name + * @param update Empty structure to be filled with update info + * @return True if found (if false, 'update' is unmodified) + */ + bool findSharedUpdate(const char *filename,SharedUpdate &update) const; + + /** + * Get data about a shared update if found + * + * @param sha512 Up to 64 bytes of hash to match + * @param shalen Length of sha512[] + * @param update Empty structure to be filled with update info + * @return True if found (if false, 'update' is unmodified) + */ + bool findSharedUpdate(const void *sha512,unsigned int shalen,SharedUpdate &update) const; + + /** + * Get a chunk of a shared update + * + * @param sha512 Up to 64 bytes of hash to match + * @param shalen Length of sha512[] + * @param at Position in file + * @param chunk Buffer to store data + * @param chunklen Number of bytes to get + * @return True if chunk[] was successfully filled, false if not found or other error + */ + bool getSharedChunk(const void *sha512,unsigned int shalen,unsigned long at,void *chunk,unsigned long chunklen) const; /** * @return Canonical update filename for this platform or empty string if unsupported @@ -135,48 +205,13 @@ public: static bool parseUpdateFilename(const char *filename,unsigned int &vMajor,unsigned int &vMinor,unsigned int &revision); private: + void _requestNextChunk(); + struct _Download { - _Download(const void *s512,const std::string &fn,unsigned long len,unsigned int vMajor,unsigned int vMinor,unsigned int rev) - { - data.resize(len); - haveChunks.resize((len / ZT_UPDATER_CHUNK_SIZE) + 1,false); - filename = fn; - memcpy(sha512,s512,64); - lastChunkSize = len % ZT_UPDATER_CHUNK_SIZE; - versionMajor = vMajor; - versionMinor = vMinor; - revision = rev; - } - - long nextChunk() const - { - std::vector::const_iterator ptr(std::find(haveChunks.begin(),haveChunks.end(),false)); - if (ptr != haveChunks.end()) - return std::distance(haveChunks.begin(),ptr); - else return -1; - } - - bool gotChunk(unsigned long at,const void *chunk,unsigned long len) - { - unsigned long whichChunk = at / ZT_UPDATER_CHUNK_SIZE; - if (at != (ZT_UPDATER_CHUNK_SIZE * whichChunk)) - return false; // not at chunk boundary - if (whichChunk >= haveChunks.size()) - return false; // overflow - if ((whichChunk == (haveChunks.size() - 1))&&(len != lastChunkSize)) - return false; // last chunk, size wrong - else if (len != ZT_UPDATER_CHUNK_SIZE) - return false; // chunk size wrong - for(unsigned long i=0;i haveChunks; - std::vector
peersThatHave; + std::list
peersThatHave; // excluding current std::string filename; unsigned char sha512[64]; Address currentlyReceivingFrom; @@ -185,18 +220,9 @@ private: unsigned int versionMajor,versionMinor,revision; }; - struct _Shared - { - std::string filename; - unsigned char sha512[64]; - C25519::Signature sig; - Address signedBy; - unsigned long size; - }; - const RuntimeEnvironment *_r; _Download *_download; - std::map< Array,_Shared > _sharedUpdates; + std::list _sharedUpdates; // usually not more than 1 or 2 of these Mutex _lock; }; diff --git a/node/Utils.cpp b/node/Utils.cpp index 66bd27dd..661dbb8c 100644 --- a/node/Utils.cpp +++ b/node/Utils.cpp @@ -265,7 +265,7 @@ uint64_t Utils::getLastModified(const char *path) return (((uint64_t)s.st_mtime) * 1000ULL); } -static int64_t getFileSize(const char *path) +int64_t Utils::getFileSize(const char *path) { struct stat s; if (stat(path,&s)) -- cgit v1.2.3 From 9fdec3acfcc9dd4590c57113c0d40c591752f57c Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Tue, 5 Nov 2013 17:08:29 -0500 Subject: More updater work... coming along. --- node/Packet.hpp | 4 +- node/Updater.cpp | 115 +++++++++++++++++++++++++++++++++++++++---------------- node/Updater.hpp | 15 +++++++- 3 files changed, 97 insertions(+), 37 deletions(-) (limited to 'node') diff --git a/node/Packet.hpp b/node/Packet.hpp index d476e89e..daa9946b 100644 --- a/node/Packet.hpp +++ b/node/Packet.hpp @@ -629,8 +629,8 @@ public: * <[64] full length SHA-512 hash of file contents> * <[4] 32-bit length of file in bytes> * <[5] Signing ZeroTier One identity address> - * <[2] 16-bit length of signature of SHA-512 hash> - * <[...] signature of SHA-512 hash> + * <[2] 16-bit length of signature of filename + SHA-512 hash> + * <[...] signature of filename + SHA-512 hash> * * ERROR response payload: * <[2] 16-bit length of filename> diff --git a/node/Updater.cpp b/node/Updater.cpp index 1eefa7a4..1d6a4faf 100644 --- a/node/Updater.cpp +++ b/node/Updater.cpp @@ -107,6 +107,7 @@ void Updater::refreshShared() } shared.size = (unsigned long)fs; + LOG("sharing software update %s to other peers",shared.filename.c_str()); _sharedUpdates.push_back(shared); } else { TRACE("skipped shareable update due to missing companion .nfo: %s",fullPath.c_str()); @@ -117,16 +118,8 @@ void Updater::refreshShared() void Updater::getUpdateIfThisIsNewer(unsigned int vMajor,unsigned int vMinor,unsigned int revision) { - if (vMajor < ZEROTIER_ONE_VERSION_MAJOR) + if (!compareVersions(vMajor,vMinor,revision,ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION)) return; - else if (vMajor == ZEROTIER_ONE_VERSION_MAJOR) { - if (vMinor < ZEROTIER_ONE_VERSION_MINOR) - return; - else if (vMinor == ZEROTIER_ONE_VERSION_MINOR) { - if (revision <= ZEROTIER_ONE_VERSION_REVISION) - return; - } - } std::string updateFilename(generateUpdateFilename(vMajor,vMinor,revision)); if (!updateFilename.length()) { @@ -157,6 +150,7 @@ void Updater::retryIfNeeded() if ((elapsed >= ZT_UPDATER_PEER_TIMEOUT)||(!_download->currentlyReceivingFrom)) { if (_download->peersThatHave.empty()) { // Search for more sources if we have no more possibilities queued + TRACE("all sources for %s timed out, searching for more...",_download->filename.c_str()); _download->currentlyReceivingFrom.zero(); std::vector< SharedPtr > peers; @@ -173,6 +167,7 @@ void Updater::retryIfNeeded() // If that peer isn't answering, try the next queued source _download->currentlyReceivingFrom = _download->peersThatHave.front(); _download->peersThatHave.pop_front(); + _requestNextChunk(); } } else if (elapsed >= ZT_UPDATER_RETRY_TIMEOUT) { // Re-request next chunk we don't have from current source @@ -197,14 +192,15 @@ void Updater::handleChunk(const Address &from,const void *sha512,unsigned int sh unsigned long whichChunk = at / ZT_UPDATER_CHUNK_SIZE; - if (at != (ZT_UPDATER_CHUNK_SIZE * whichChunk)) - return; // not at chunk boundary - if (whichChunk >= _download->haveChunks.size()) - return; // overflow - if ((whichChunk == (_download->haveChunks.size() - 1))&&(len != _download->lastChunkSize)) - return; // last chunk, size wrong - else if (len != ZT_UPDATER_CHUNK_SIZE) - return; // chunk size wrong + if ( + (at != (ZT_UPDATER_CHUNK_SIZE * whichChunk))|| + (whichChunk >= _download->haveChunks.size())|| + ((whichChunk == (_download->haveChunks.size() - 1))&&(len != _download->lastChunkSize))|| + (len != ZT_UPDATER_CHUNK_SIZE) + ) { + TRACE("got chunk from %s at invalid position or invalid size, ignored",from.toString().c_str()); + return; + } for(unsigned long i=0;idata[at + i] = ((const char *)chunk)[i]; @@ -215,39 +211,92 @@ void Updater::handleChunk(const Address &from,const void *sha512,unsigned int sh _requestNextChunk(); } -void Updater::handleAvailable(const Address &from,const char *filename,const void *sha512,unsigned long filesize,const Address &signedBy,const void *signature,unsigned int siglen) +void Updater::handlePeerHasFile(const Address &from,const char *filename,const void *sha512,unsigned long filesize,const Address &signedBy,const void *signature,unsigned int siglen) { unsigned int vMajor = 0,vMinor = 0,revision = 0; if (!parseUpdateFilename(filename,vMajor,vMinor,revision)) { - TRACE("rejected offer of %s from %s: could not parse version information",filename,from.toString().c_str()); + TRACE("rejected offer of %s from %s: could not extract version information from filename",filename,from.toString().c_str()); return; } if (filesize > ZT_UPDATER_MAX_SUPPORTED_SIZE) { - TRACE("rejected offer of %s from %s: file too large (%u)",filename,from.toString().c_str(),(unsigned int)filesize); + TRACE("rejected offer of %s from %s: file too large (%u > %u)",filename,from.toString().c_str(),(unsigned int)filesize,(unsigned int)ZT_UPDATER_MAX_SUPPORTED_SIZE); return; } - if (vMajor < ZEROTIER_ONE_VERSION_MAJOR) + if (!compareVersions(vMajor,vMinor,revision,ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION)) { + TRACE("rejected offer of %s from %s: version older than mine",filename,from.toString().c_str()); return; - else if (vMajor == ZEROTIER_ONE_VERSION_MAJOR) { - if (vMinor < ZEROTIER_ONE_VERSION_MINOR) + } + + Mutex::Lock _l(_lock); + + if (_download) { + if ((_download->filename == filename)&&(_download->data.length() == filesize)&&(!memcmp(sha512,_download->sha512,64))) { + // Learn another source for the current download if this is the + // same file. + LOG("learned new source for %s: %s",filename,from.toString().c_str()); + if (!_download->currentlyReceivingFrom) { + _download->currentlyReceivingFrom = from; + _requestNextChunk(); + } else _download->peersThatHave.push_back(from); return; - else if (vMinor == ZEROTIER_ONE_VERSION_MINOR) { - if (revision <= ZEROTIER_ONE_VERSION_REVISION) + } else { + // If there's a download, compare versions... only proceed if this + // file being offered is newer. + if (!compareVersions(vMajor,vMinor,revision,_download->versionMajor,_download->versionMinor,_download->revision)) { + TRACE("rejected offer of %s from %s: already downloading newer version %s",filename,from.toString().c_str(),_download->filename.c_str()); return; + } } } - Mutex::Lock _l(_lock); + // If we have no download OR if this was a different file, check its + // validity via signature and then see if it's newer. If so start a new + // download for it. + { + std::string nameAndSha(filename); + nameAndSha.append((const char *)sha512,64); + std::map< Address,Identity >::const_iterator uauth(ZT_DEFAULTS.updateAuthorities.find(signedBy)); + if (uauth == ZT_DEFAULTS.updateAuthorities.end()) { + LOG("rejected offer of %s from %s: failed authentication: unknown signer %s",filename,from.toString().c_str(),signedBy.toString().c_str()); + return; + } + if (!uauth->second.verify(nameAndSha.data(),nameAndSha.length(),signature,siglen)) { + LOG("rejected offer of %s from %s: failed authentication: signature from %s invalid",filename,from.toString().c_str(),signedBy.toString().c_str()); + return; + } + } - if (_download) { - // If a download is in progress, only accept this as another source if - // it matches the size, hash, and version. Also check if this is a newer - // version and if so replace download with this. - } else { - // If there is no download in progress, create one provided the signature - // for the SHA-512 hash verifies as being from a valid signer. + // Replace existing download if any. + delete _download; + _download = (_Download *)0; + + // Create and initiate new download + _download = new _Download; + try { + LOG("beginning download of software update %s from %s (%u bytes, signed by authorized identity %s)",filename,from.toString().c_str(),(unsigned int)filesize,signedBy.toString().c_str()); + + _download->data.assign(filesize,(char)0); + _download->haveChunks.resize((filesize / ZT_UPDATER_CHUNK_SIZE) + 1,false); + _download->filename = filename; + memcpy(_download->sha512,sha512,64); + _download->currentlyReceivingFrom = from; + _download->lastChunkReceivedAt = 0; + _download->lastChunkSize = filesize % ZT_UPDATER_CHUNK_SIZE; + _download->versionMajor = vMajor; + _download->versionMinor = vMinor; + _download->revision = revision; + + _requestNextChunk(); + } catch (std::exception &exc) { + delete _download; + _download = (_Download *)0; + LOG("unable to begin download of %s from %s: %s",filename,from.toString().c_str(),exc.what()); + } catch ( ... ) { + delete _download; + _download = (_Download *)0; + LOG("unable to begin download of %s from %s: unknown exception",filename,from.toString().c_str()); } } diff --git a/node/Updater.hpp b/node/Updater.hpp index 1fdfdbee..241c855b 100644 --- a/node/Updater.hpp +++ b/node/Updater.hpp @@ -154,11 +154,11 @@ public: * @param filename Name of file (can be parsed for version info) * @param sha512 64-byte SHA-512 hash of file's contents * @param filesize Size of file in bytes - * @param signedBy Address of signer of hash + * @param signedBy Address of signer of filename+hash * @param signature Signature (currently must be Ed25519) * @param siglen Length of signature in bytes */ - void handleAvailable(const Address &from,const char *filename,const void *sha512,unsigned long filesize,const Address &signedBy,const void *signature,unsigned int siglen); + void handlePeerHasFile(const Address &from,const char *filename,const void *sha512,unsigned long filesize,const Address &signedBy,const void *signature,unsigned int siglen); /** * Get data about a shared update if found @@ -204,6 +204,17 @@ public: */ static bool parseUpdateFilename(const char *filename,unsigned int &vMajor,unsigned int &vMinor,unsigned int &revision); + /** + * Compare major, minor, and revision components of a version + * + * @return True if the first set is greater than the second + */ + static inline bool compareVersions(unsigned int vmaj1,unsigned int vmin1,unsigned int rev1,unsigned int vmaj2,unsigned int vmin2,unsigned int rev2) + throw() + { + return ( ((((uint64_t)(vmaj1 & 0xffff)) << 32) | (((uint64_t)(vmin1 & 0xffff)) << 16) | (((uint64_t)(rev1 & 0xffff)))) > ((((uint64_t)(vmaj2 & 0xffff)) << 32) | (((uint64_t)(vmin2 & 0xffff)) << 16) | (((uint64_t)(rev2 & 0xffff)))) ); + } + private: void _requestNextChunk(); -- cgit v1.2.3 From 9455b1cc810eff7517f51f50eee828344af3526a Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Wed, 6 Nov 2013 10:38:19 -0500 Subject: Comments, change .nfo to .sig for uploads, clean some unused code from Utils. --- node/RuntimeEnvironment.hpp | 25 +++--- node/Updater.cpp | 26 +++--- node/Utils.cpp | 94 +-------------------- node/Utils.hpp | 199 ++------------------------------------------ 4 files changed, 35 insertions(+), 309 deletions(-) (limited to 'node') diff --git a/node/RuntimeEnvironment.hpp b/node/RuntimeEnvironment.hpp index 4baaab6b..75b171ff 100644 --- a/node/RuntimeEnvironment.hpp +++ b/node/RuntimeEnvironment.hpp @@ -80,23 +80,28 @@ public: { } - // home of saved state, identity, etc. + // Full path to home folder std::string homePath; - // signal() to prematurely interrupt main loop wait to cause loop to run - // again and detect some kind of change, exit, etc. + // Main loop waits on this condition when it delays between runs, so + // signaling this will prematurely wake it. Condition mainLoopWaitCondition; + // This node's identity Identity identity; - // hacky... want to get rid of this flag... + // Indicates that we are shutting down -- this is hacky, want to factor out volatile bool shutdownInProgress; - // Order matters a bit here. These are constructed in this order - // and then deleted in the opposite order on Node exit. The order ensures - // that things that are needed are there before they're needed. + /* + * Order matters a bit here. These are constructed in this order + * and then deleted in the opposite order on Node exit. The order ensures + * that things that are needed are there before they're needed. + * + * These are constant and never null after startup unless indicated. + */ - Logger *log; // may be null + Logger *log; // null if logging is disabled CMWC4096 *prng; Multicaster *mc; Switch *sw; @@ -105,9 +110,9 @@ public: SysEnv *sysEnv; NodeConfig *nc; Node *node; - Updater *updater; // may be null if updates are disabled + Updater *updater; // null if auto-updates are disabled #ifndef __WINDOWS__ - Service *netconfService; // may be null + Service *netconfService; // null if no netconf service running #endif }; diff --git a/node/Updater.cpp b/node/Updater.cpp index 1d6a4faf..22eda925 100644 --- a/node/Updater.cpp +++ b/node/Updater.cpp @@ -61,38 +61,38 @@ void Updater::refreshShared() for(std::map::iterator u(ud.begin());u!=ud.end();++u) { if (u->second) continue; // skip directories - if ((u->first.length() >= 4)&&(!strcasecmp(u->first.substr(u->first.length() - 4).c_str(),".nfo"))) - continue; // skip .nfo companion files + if ((u->first.length() >= 4)&&(!strcasecmp(u->first.substr(u->first.length() - 4).c_str(),".sig"))) + continue; // skip .sig companion files std::string fullPath(updatesPath + ZT_PATH_SEPARATOR_S + u->first); - std::string nfoPath(fullPath + ".nfo"); + std::string sigPath(fullPath + ".sig"); std::string buf; - if (Utils::readFile(nfoPath.c_str(),buf)) { - Dictionary nfo(buf); + if (Utils::readFile(sigPath.c_str(),buf)) { + Dictionary sig(buf); SharedUpdate shared; shared.fullPath = fullPath; shared.filename = u->first; - std::string sha512(Utils::unhex(nfo.get("sha512",std::string()))); + std::string sha512(Utils::unhex(sig.get("sha512",std::string()))); if (sha512.length() < sizeof(shared.sha512)) { - TRACE("skipped shareable update due to missing fields in companion .nfo: %s",fullPath.c_str()); + TRACE("skipped shareable update due to missing fields in companion .sig: %s",fullPath.c_str()); continue; } memcpy(shared.sha512,sha512.data(),sizeof(shared.sha512)); - std::string sig(Utils::unhex(nfo.get("sha512sig_ed25519",std::string()))); - if (sig.length() < shared.sig.size()) { - TRACE("skipped shareable update due to missing fields in companion .nfo: %s",fullPath.c_str()); + std::string signature(Utils::unhex(sig.get("sha512sig_ed25519",std::string()))); + if (signature.length() < shared.sig.size()) { + TRACE("skipped shareable update due to missing fields in companion .sig: %s",fullPath.c_str()); continue; } - memcpy(shared.sig.data,sig.data(),shared.sig.size()); + memcpy(shared.sig.data,signature.data(),shared.sig.size()); // Check signature to guard against updates.d being used as a data // exfiltration mechanism. We will only share properly signed updates, // nothing else. - Address signedBy(nfo.get("signedBy",std::string())); + Address signedBy(sig.get("signedBy",std::string())); std::map< Address,Identity >::const_iterator authority(ZT_DEFAULTS.updateAuthorities.find(signedBy)); if ((authority == ZT_DEFAULTS.updateAuthorities.end())||(!authority->second.verify(shared.sha512,64,shared.sig))) { TRACE("skipped shareable update: not signed by valid authority or signature invalid: %s",fullPath.c_str()); @@ -110,7 +110,7 @@ void Updater::refreshShared() LOG("sharing software update %s to other peers",shared.filename.c_str()); _sharedUpdates.push_back(shared); } else { - TRACE("skipped shareable update due to missing companion .nfo: %s",fullPath.c_str()); + TRACE("skipped shareable update due to missing companion .sig: %s",fullPath.c_str()); continue; } } diff --git a/node/Utils.cpp b/node/Utils.cpp index 661dbb8c..31cb40dd 100644 --- a/node/Utils.cpp +++ b/node/Utils.cpp @@ -50,9 +50,6 @@ namespace ZeroTier { const char Utils::HEXCHARS[16] = { '0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f' }; -static const char *DAY_NAMES[7] = { "Sun","Mon","Tue","Wed","Thu","Fri","Sat" }; -static const char *MONTH_NAMES[12] = { "Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec" }; - std::map Utils::listDirectory(const char *path) { std::map r; @@ -62,7 +59,8 @@ std::map Utils::listDirectory(const char *path) WIN32_FIND_DATAA ffd; if ((hFind = FindFirstFileA((std::string(path) + "\\*").c_str(),&ffd)) != INVALID_HANDLE_VALUE) { do { - r[std::string(ffd.cFileName)] = ((ffd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) != 0); + if ((strcmp(ffd.cFileName,"."))&&(strcmp(ffd.cFileName,".."))) + r[std::string(ffd.cFileName)] = ((ffd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) != 0); } while (FindNextFileA(hFind,&ffd)); FindClose(hFind); } @@ -275,94 +273,6 @@ int64_t Utils::getFileSize(const char *path) return -1; } -std::string Utils::toRfc1123(uint64_t t64) -{ - struct tm t; - char buf[128]; - time_t utc = (time_t)(t64 / 1000ULL); -#ifdef __WINDOWS__ - gmtime_s(&t,&utc); -#else - gmtime_r(&utc,&t); -#endif - Utils::snprintf(buf,sizeof(buf),"%3s, %02d %3s %4d %02d:%02d:%02d GMT",DAY_NAMES[t.tm_wday],t.tm_mday,MONTH_NAMES[t.tm_mon],t.tm_year + 1900,t.tm_hour,t.tm_min,t.tm_sec); - return std::string(buf); -} - -#ifdef __WINDOWS__ -static int is_leap(unsigned y) { - y += 1900; - return (y % 4) == 0 && ((y % 100) != 0 || (y % 400) == 0); -} -static time_t timegm(struct tm *tm) { - static const unsigned ndays[2][12] = { - {31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}, - {31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31} - }; - time_t res = 0; - int i; - for (i = 70; i < tm->tm_year; ++i) - res += is_leap(i) ? 366 : 365; - - for (i = 0; i < tm->tm_mon; ++i) - res += ndays[is_leap(tm->tm_year)][i]; - res += tm->tm_mday - 1; - res *= 24; - res += tm->tm_hour; - res *= 60; - res += tm->tm_min; - res *= 60; - res += tm->tm_sec; - return res; -} -#endif - -uint64_t Utils::fromRfc1123(const char *tstr) -{ - struct tm t; - char wdays[128],mons[128]; - - int l = (int)strlen(tstr); - if ((l < 29)||(l > 64)) - return 0; - int assigned = sscanf(tstr,"%3s, %02d %3s %4d %02d:%02d:%02d GMT",wdays,&t.tm_mday,mons,&t.tm_year,&t.tm_hour,&t.tm_min,&t.tm_sec); - if (assigned != 7) - return 0; - - wdays[3] = '\0'; - for(t.tm_wday=0;t.tm_wday<7;++t.tm_wday) { -#ifdef __WINDOWS__ - if (!_stricmp(DAY_NAMES[t.tm_wday],wdays)) - break; -#else - if (!strcasecmp(DAY_NAMES[t.tm_wday],wdays)) - break; -#endif - } - if (t.tm_wday == 7) - return 0; - mons[3] = '\0'; - for(t.tm_mon=0;t.tm_mon<12;++t.tm_mon) { -#ifdef __WINDOWS__ - if (!_stricmp(MONTH_NAMES[t.tm_mday],mons)) - break; -#else - if (!strcasecmp(MONTH_NAMES[t.tm_mday],mons)) - break; -#endif - } - if (t.tm_mon == 12) - return 0; - - t.tm_wday = 0; // ignored by timegm - t.tm_yday = 0; // ignored by timegm - t.tm_isdst = 0; // ignored by timegm - - time_t utc = timegm(&t); - - return ((utc > 0) ? (1000ULL * (uint64_t)utc) : 0ULL); -} - bool Utils::readFile(const char *path,std::string &buf) { char tmp[4096]; diff --git a/node/Utils.hpp b/node/Utils.hpp index 208ff755..4e060748 100644 --- a/node/Utils.hpp +++ b/node/Utils.hpp @@ -41,9 +41,6 @@ #include "Constants.hpp" -#include "../ext/lz4/lz4.h" -#include "../ext/lz4/lz4hc.h" - #ifdef __WINDOWS__ #include #include @@ -53,11 +50,6 @@ #include #endif -/** - * Maximum compression/decompression block size (do not change) - */ -#define ZT_COMPRESSION_BLOCK_SIZE 16777216 - namespace ZeroTier { /** @@ -108,14 +100,13 @@ public: return (unlink(path) == 0); #endif } - static inline bool rm(const std::string &path) - throw() - { - return rm(path.c_str()); - } + static inline bool rm(const std::string &path) throw() { return rm(path.c_str()); } /** * List a directory's contents + * + * Keys in returned map are filenames only and don't include the leading + * path. Pseudo-paths like . and .. are not returned. * * @param path Path to list * @return Map of entries and whether or not they are also directories (empty on failure) @@ -199,187 +190,6 @@ public: */ static int64_t getFileSize(const char *path); - /** - * @param t64 Time in ms since epoch - * @return RFC1123 date string - */ - static std::string toRfc1123(uint64_t t64); - - /** - * @param tstr Time in RFC1123 string format - * @return Time in ms since epoch - */ - static uint64_t fromRfc1123(const char *tstr); - static inline uint64_t fromRfc1123(const std::string &tstr) { return fromRfc1123(tstr.c_str()); } - - /** - * String append output function object for use with compress/decompress - */ - class StringAppendOutput - { - public: - StringAppendOutput(std::string &s) : _s(s) {} - inline void operator()(const void *data,unsigned int len) { _s.append((const char *)data,len); } - private: - std::string &_s; - }; - - /** - * STDIO FILE append output function object for compress/decompress - * - * Throws std::runtime_error on write error. - */ - class FILEAppendOutput - { - public: - FILEAppendOutput(FILE *f) : _f(f) {} - inline void operator()(const void *data,unsigned int len) - throw(std::runtime_error) - { - if ((int)fwrite(data,1,len,_f) != (int)len) - throw std::runtime_error("write failed"); - } - private: - FILE *_f; - }; - - /** - * Compress data - * - * O must be a function or function object that takes the following - * arguments: (const void *data,unsigned int len) - * - * @param in Input iterator that reads bytes (char, uint8_t, etc.) - * @param out Output iterator that writes bytes - */ - template - static inline void compress(I begin,I end,O out) - { - unsigned int bufLen = LZ4_compressBound(ZT_COMPRESSION_BLOCK_SIZE); - char *buf = new char[bufLen * 2]; - char *buf2 = buf + bufLen; - - try { - I inp(begin); - for(;;) { - unsigned int readLen = 0; - while ((readLen < ZT_COMPRESSION_BLOCK_SIZE)&&(inp != end)) { - buf[readLen++] = (char)*inp; - ++inp; - } - if (!readLen) - break; - - uint32_t l = hton((uint32_t)readLen); - out((const void *)&l,4); // original size - - if (readLen < 32) { // don't bother compressing itty bitty blocks - l = 0; // stored - out((const void *)&l,4); - out((const void *)buf,readLen); - continue; - } - - int lz4CompressedLen = LZ4_compressHC(buf,buf2,(int)readLen); - if ((lz4CompressedLen <= 0)||(lz4CompressedLen >= (int)readLen)) { - l = 0; // stored - out((const void *)&l,4); - out((const void *)buf,readLen); - continue; - } - - l = hton((uint32_t)lz4CompressedLen); // lz4 only - out((const void *)&l,4); - out((const void *)buf2,(unsigned int)lz4CompressedLen); - } - - delete [] buf; - } catch ( ... ) { - delete [] buf; - throw; - } - } - - /** - * Decompress data - * - * O must be a function or function object that takes the following - * arguments: (const void *data,unsigned int len) - * - * @param in Input iterator that reads bytes (char, uint8_t, etc.) - * @param out Output iterator that writes bytes - * @return False on decompression error - */ - template - static inline bool decompress(I begin,I end,O out) - { - volatile char i32c[4]; - void *const i32cp = (void *)i32c; - unsigned int bufLen = LZ4_compressBound(ZT_COMPRESSION_BLOCK_SIZE); - char *buf = new char[bufLen * 2]; - char *buf2 = buf + bufLen; - - try { - I inp(begin); - while (inp != end) { - i32c[0] = (char)*inp; if (++inp == end) { delete [] buf; return false; } - i32c[1] = (char)*inp; if (++inp == end) { delete [] buf; return false; } - i32c[2] = (char)*inp; if (++inp == end) { delete [] buf; return false; } - i32c[3] = (char)*inp; if (++inp == end) { delete [] buf; return false; } - unsigned int originalSize = ntoh(*((const uint32_t *)i32cp)); - i32c[0] = (char)*inp; if (++inp == end) { delete [] buf; return false; } - i32c[1] = (char)*inp; if (++inp == end) { delete [] buf; return false; } - i32c[2] = (char)*inp; if (++inp == end) { delete [] buf; return false; } - i32c[3] = (char)*inp; if (++inp == end) { delete [] buf; return false; } - uint32_t _compressedSize = ntoh(*((const uint32_t *)i32cp)); - unsigned int compressedSize = _compressedSize & 0x7fffffff; - - if (compressedSize) { - if (compressedSize > bufLen) { - delete [] buf; - return false; - } - unsigned int readLen = 0; - while ((readLen < compressedSize)&&(inp != end)) { - buf[readLen++] = (char)*inp; - ++inp; - } - if (readLen != compressedSize) { - delete [] buf; - return false; - } - - if (LZ4_uncompress_unknownOutputSize(buf,buf2,compressedSize,bufLen) != (int)originalSize) { - delete [] buf; - return false; - } else out((const void *)buf2,(unsigned int)originalSize); - } else { // stored - if (originalSize > bufLen) { - delete [] buf; - return false; - } - unsigned int readLen = 0; - while ((readLen < originalSize)&&(inp != end)) { - buf[readLen++] = (char)*inp; - ++inp; - } - if (readLen != originalSize) { - delete [] buf; - return false; - } - - out((const void *)buf,(unsigned int)originalSize); - } - } - - delete [] buf; - return true; - } catch ( ... ) { - delete [] buf; - throw; - } - } - /** * @return Current time in milliseconds since epoch */ @@ -682,6 +492,7 @@ public: return ((*aptr & mask) == (*aptr & mask)); } + // Byte swappers for big/little endian conversion static inline uint8_t hton(uint8_t n) throw() { return n; } static inline int8_t hton(int8_t n) throw() { return n; } static inline uint16_t hton(uint16_t n) throw() { return htons(n); } -- cgit v1.2.3 From bbe5a6f5d16f411bf493db62a83ab2a2ea9a1c91 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Wed, 6 Nov 2013 11:39:07 -0500 Subject: Add signupdate command to idtool. --- idtool.cpp | 38 ++++++++++++++++++++++++++++++++++++++ node/Updater.cpp | 20 +++----------------- 2 files changed, 41 insertions(+), 17 deletions(-) (limited to 'node') diff --git a/idtool.cpp b/idtool.cpp index a74aaf21..0731e4c1 100644 --- a/idtool.cpp +++ b/idtool.cpp @@ -34,6 +34,8 @@ #include "node/Identity.hpp" #include "node/Utils.hpp" #include "node/C25519.hpp" +#include "node/SHA512.hpp" +#include "node/Dictionary.hpp" using namespace ZeroTier; @@ -46,6 +48,7 @@ static void printHelp(char *pn) std::cout << "\tgetpublic " << std::endl; std::cout << "\tsign " << std::endl; std::cout << "\tverify " << std::endl; + std::cout << "\tsignupdate " << std::endl; } static Identity getIdFromArg(char *arg) @@ -166,6 +169,41 @@ int main(int argc,char **argv) std::cerr << argv[3] << " signature check FAILED" << std::endl; return -1; } + } else if (!strcmp(argv[1],"signupdate")) { + Identity id = getIdFromArg(argv[2]); + if (!id) { + std::cerr << "Identity argument invalid or file unreadable: " << argv[2] << std::endl; + return -1; + } + + std::string update; + if (!Utils::readFile(argv[3],update)) { + std::cerr << argv[3] << " is not readable" << std::endl; + return -1; + } + + unsigned char sha512[64]; + SHA512::hash(sha512,update.data(),update.length()); + + char *atLastSep = strrchr(argv[3],ZT_PATH_SEPARATOR); + std::string nameAndSha((atLastSep) ? (atLastSep + 1) : argv[3]); + std::cout << "Signing filename '" << nameAndSha << "' plus SHA-512 digest " << Utils::hex(sha512,64) << std::endl; + nameAndSha.append((const char *)sha512,64); + C25519::Signature signature(id.sign(nameAndSha.data(),nameAndSha.length())); + + Dictionary sig; + sig["sha512"] = Utils::hex(sha512,64); + sig["sha512_ed25519"] = Utils::hex(signature.data,signature.size()); + sig["signedBy"] = id.address().toString(); + std::cout << "-- .sig file contents:" << std::endl << sig.toString() << "--" << std::endl; + + std::string sigPath(argv[3]); + sigPath.append(".sig"); + if (!Utils::writeFile(sigPath.c_str(),sig.toString())) { + std::cerr << "Could not write " << sigPath << std::endl; + return -1; + } + std::cout << "Wrote " << sigPath << std::endl; } else { printHelp(argv[0]); return -1; diff --git a/node/Updater.cpp b/node/Updater.cpp index 22eda925..2de64c11 100644 --- a/node/Updater.cpp +++ b/node/Updater.cpp @@ -76,28 +76,14 @@ void Updater::refreshShared() shared.filename = u->first; std::string sha512(Utils::unhex(sig.get("sha512",std::string()))); - if (sha512.length() < sizeof(shared.sha512)) { + std::string signature(Utils::unhex(sig.get("sha512_ed25519",std::string()))); + Address signedBy(sig.get("signedBy",std::string())); + if ((sha512.length() < sizeof(shared.sha512))||(signature.length() < shared.sig.size())||(!signedBy)) { TRACE("skipped shareable update due to missing fields in companion .sig: %s",fullPath.c_str()); continue; } memcpy(shared.sha512,sha512.data(),sizeof(shared.sha512)); - - std::string signature(Utils::unhex(sig.get("sha512sig_ed25519",std::string()))); - if (signature.length() < shared.sig.size()) { - TRACE("skipped shareable update due to missing fields in companion .sig: %s",fullPath.c_str()); - continue; - } memcpy(shared.sig.data,signature.data(),shared.sig.size()); - - // Check signature to guard against updates.d being used as a data - // exfiltration mechanism. We will only share properly signed updates, - // nothing else. - Address signedBy(sig.get("signedBy",std::string())); - std::map< Address,Identity >::const_iterator authority(ZT_DEFAULTS.updateAuthorities.find(signedBy)); - if ((authority == ZT_DEFAULTS.updateAuthorities.end())||(!authority->second.verify(shared.sha512,64,shared.sig))) { - TRACE("skipped shareable update: not signed by valid authority or signature invalid: %s",fullPath.c_str()); - continue; - } shared.signedBy = signedBy; int64_t fs = Utils::getFileSize(fullPath.c_str()); -- cgit v1.2.3 From 34302edcc59a7bf0a3e08fc053683764a158c95f Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Fri, 8 Nov 2013 11:42:11 -0500 Subject: Installer build script for *nix systems. --- .gitignore | 1 + Makefile.linux | 2 +- buildinstaller.sh | 70 ++++++++++++++++++++++++++++++++++++++ installer.cpp | 100 +++++++++++++++++++++++++++++++++--------------------- main.cpp | 4 +-- node/Updater.cpp | 6 ++-- 6 files changed, 138 insertions(+), 45 deletions(-) create mode 100755 buildinstaller.sh (limited to 'node') diff --git a/.gitignore b/.gitignore index 533a83c3..def2ee7a 100755 --- a/.gitignore +++ b/.gitignore @@ -29,3 +29,4 @@ mac-tap/tuntap/tap.kext *.obj *.tlog /installer-build +/zt1-*-install diff --git a/Makefile.linux b/Makefile.linux index b602f7ac..1b37a60b 100644 --- a/Makefile.linux +++ b/Makefile.linux @@ -43,7 +43,7 @@ file2lz4c: ext/lz4/lz4hc.o FORCE $(CXX) $(CXXFLAGS) -o file2lz4c file2lz4c.cpp node/Utils.cpp node/Salsa20.cpp ext/lz4/lz4hc.o clean: - rm -f $(OBJS) file2lz4c zerotier-* + rm -f $(OBJS) file2lz4c zerotier-* zt1-*-install rm -rf installer-build FORCE: diff --git a/buildinstaller.sh b/buildinstaller.sh new file mode 100755 index 00000000..a669ab59 --- /dev/null +++ b/buildinstaller.sh @@ -0,0 +1,70 @@ +#!/bin/bash + +make -j 4 one file2lz4c + +if [ ! -f file2lz4c ]; then + echo "Build of file2lz4c utility failed, aborting installer build." + exit 2 +fi + +if [ ! -f zerotier-one ]; then + echo "Build of zerotier-one failed, aborting installer build." + exit 2 +fi + +machine=`uname -m` +system=`uname -s` + +vmajor=`cat version.h | grep -F ZEROTIER_ONE_VERSION_MAJOR | cut -d ' ' -f 3` +vminor=`cat version.h | grep -F ZEROTIER_ONE_VERSION_MINOR | cut -d ' ' -f 3` +revision=`cat version.h | grep -F ZEROTIER_ONE_VERSION_REVISION | cut -d ' ' -f 3` + +if [ -z "$vmajor" -o -z "$vminor" -o -z "$revision" ]; then + echo "Unable to extract version info from version.h, aborting installer build." + exit 2 +fi + +echo "Packaging common files: zerotier-one" + +rm -rf installer-build +mkdir installer-build + +./file2lz4c zerotier-one zerotier_one >installer-build/zerotier_one.h + +case "$system" in + + Linux) + case "$machine" in + i386|i486|i586|i686) + machine="x86" + ;; + x86_64|amd64|x64) + machine="x64" + ;; + *) + echo "Unknonwn machine type: $machine" + exit 2 + esac + echo "Assembling Linux installer for $machine and ZT1 version $vmajor.$vminor.$revision" + + ./file2lz4c installer/linux/uninstall.sh uninstall_sh >installer-build/uninstall_sh.h + ./file2lz4c installer/linux/init.d/zerotier-one linux__init_d__zerotier_one >installer-build/linux__init_d__zerotier_one.h + + ls -l installer-build + + g++ -Os -o "zt1-${vmajor}_${vminor}_${revision}-linux-${machine}-install" installer.cpp ext/lz4/lz4.o ext/lz4/lz4hc.o + + ;; + + Darwin) + echo "Assembling OSX installer for x86/x64 (combined) and ZT1 version $vmajor.$vminor.$revision" + + ;; + + *) + echo "Unsupported platform: $system" + exit 2 + +esac + +exit 0 diff --git a/installer.cpp b/installer.cpp index ff26fa87..0bc911dc 100644 --- a/installer.cpp +++ b/installer.cpp @@ -25,6 +25,11 @@ * LLC. Start here: http://www.zerotier.com/ */ +/* + * This can be run to install ZT1 for the first time or to update it. It + * carries all payloads internally as LZ4 compressed blobs. + */ + #include #include #include @@ -35,7 +40,6 @@ #include "version.h" #ifdef __WINDOWS__ -#include #include #include #include @@ -50,40 +54,40 @@ #include "ext/lz4/lz4.h" #include "ext/lz4/lz4hc.h" -// Include generated binaries ------------------------------------------------- +// Include Lz4 comrpessed blobs ----------------------------------------------- // zerotier-one binary (or zerotier-one.exe for Windows) -#include "installer-build/zerotier_one.c" +#include "installer-build/zerotier_one.h" // Unix uninstall script, installed in home for user to remove #ifdef __UNIX_LIKE__ -#include "installer-build/uninstall_sh.c" +#include "installer-build/uninstall_sh.h" #endif // Linux init.d script #ifdef __LINUX__ -#include "installer-build/init_d__zerotier_one.c" +#include "installer-build/linux__init_d__zerotier_one.h" #endif // Apple Tap device driver #ifdef __APPLE__ -#include "installer-build/tap_mac__Info_plist.c" -#include "installer-build/tap_mac__tap.c" +#include "installer-build/tap_mac__Info_plist.h" +#include "installer-build/tap_mac__tap.h" #endif -// Windows Tap device drivers +// Windows Tap device drivers for x86 and x64 (installer will be x86) #ifdef __WINDOWS__ -#include "installer-build/tap_windows__x64__ztTap100_sys.c" -#include "installer-build/tap_windows__x64__ztTap100_inf.c" -#include "installer-build/tap_windows__x86__ztTap100_sys.c" -#include "installer-build/tap_windows__x86__ztTap100_inf.c" -#include "installer-build/tap_windows__devcon32_exe.c" -#include "installer-build/tap_windows__devcon64_exe.c" +#include "installer-build/tap_windows__x64__ztTap100_sys.h" +#include "installer-build/tap_windows__x64__ztTap100_inf.h" +#include "installer-build/tap_windows__x86__ztTap100_sys.h" +#include "installer-build/tap_windows__x86__ztTap100_inf.h" +#include "installer-build/tap_windows__devcon32_exe.h" +#include "installer-build/tap_windows__devcon64_exe.h" #endif // ---------------------------------------------------------------------------- -static unsigned char *unlz4(const void *lz4,int decompressedLen) +static unsigned char *_unlz4(const void *lz4,int decompressedLen) { unsigned char *buf = new unsigned char[decompressedLen]; if (LZ4_decompress_fast((const char *)lz4,(char *)buf,decompressedLen) != decompressedLen) { @@ -93,9 +97,9 @@ static unsigned char *unlz4(const void *lz4,int decompressedLen) return buf; } -static bool _instFile(const void *lz4,int decompressedLen,const char *path) +static bool _putBlob(const void *lz4,int decompressedLen,const char *path) { - unsigned char *data = unlzr(lz4,decompressedLen); + unsigned char *data = _unlz4(lz4,decompressedLen); if (!data) return false; #ifdef __WINDOWS__ @@ -122,7 +126,10 @@ static bool _instFile(const void *lz4,int decompressedLen,const char *path) delete [] data; return true; } -#define instFile(name,path) _instFile(name,name##_UNCOMPRESSED_LEN,path) + +#define putBlob(name,path) _putBlob(name,name##_UNCOMPRESSED_LEN,path) + +// ---------------------------------------------------------------------------- #ifdef __WINDOWS__ int _tmain(int argc, _TCHAR* argv[]) @@ -130,99 +137,114 @@ int _tmain(int argc, _TCHAR* argv[]) int main(int argc,char **argv) #endif { - char buf[4096]; +#ifdef __UNIX_LIKE__ // ------------------------------------------------------- -#ifdef __UNIX_LIKE__ + char buf[4096]; if (getuid() != 0) { - fprintf(stderr,"ZeroTier One installer must be run as root.\n"); + printf("! ZeroTier One installer must be run as root.\n"); return 2; } + printf("# ZeroTier One installer/updater starting...\n"); + const char *zthome; #ifdef __APPLE__ mkdir("/Library/Application Support/ZeroTier",0755); chmod("/Library/Application Support/ZeroTier",0755); chown("/Library/Application Support/ZeroTier",0,0); + printf("mkdir /Library/Application Support/ZeroTier\n"); mkdir(zthome = "/Library/Application Support/ZeroTier/One",0755); #else mkdir("/var/lib",0755); + printf("mkdir /var/lib\n"); mkdir(zthome = "/var/lib/zerotier-one",0755); #endif chmod(zthome,0755); chown(zthome,0,0); + printf("mkdir %s\n",zthome); sprintf(buf,"%s/zerotier-one",zthome); - if (!instFile(zerotier_one,buf)) { - fprintf(stderr,"Unable to write %s\n",buf); + if (!putBlob(zerotier_one,buf)) { + printf("! unable to write %s\n",buf); return 1; } chmod(buf,0755); chown(buf,0,0); - fprintf(stdout,"%s\n",buf); + printf("write %s\n",buf); sprintf(buf,"%s/uninstall.sh",zthome); - if (!instFile(uninstall_sh,buf)) { - fprintf(stderr,"Unable to write %s\n",buf); + if (!putBlob(uninstall_sh,buf)) { + printf("! unable to write %s\n",buf); return 1; } chmod(buf,0755); chown(buf,0,0); - fprintf(stdout,"%s\n",buf); + printf("write %s\n",buf); #ifdef __APPLE__ sprintf(buf,"%s/tap.kext"); mkdir(buf,0755); chmod(buf,0755); chown(buf,0,0); + printf("mkdir %s\n",buf); sprintf(buf,"%s/tap.kext/Contents"); mkdir(buf,0755); chmod(buf,0755); chown(buf,0,0); + printf("mkdir %s\n",buf); sprintf(buf,"%s/tap.kext/Contents/MacOS"); mkdir(buf,0755); chmod(buf,0755); chown(buf,0,0); + printf("mkdir %s\n",buf); sprintf(buf,"%s/tap.kext/Contents/Info.plist",zthome); - if (!instFile(tap_mac__Info_plist,buf)) { - fprintf(stderr,"Unable to write %s\n",buf); + if (!putBlob(tap_mac__Info_plist,buf)) { + printf("! unable to write %s\n",buf); return 1; } chmod(buf,0644); chown(buf,0,0); - fprintf(stdout,"%s\n",buf); + printf("write %s\n",buf); sprintf(buf,"%s/tap.kext/Contents/MacOS/tap",zthome); - if (!instFile(tap_mac__tap,buf)) { - fprintf(stderr,"Unable to write %s\n",buf); + if (!putBlob(tap_mac__tap,buf)) { + printf("! unable to write %s\n",buf); return 1; } chmod(buf,0755); chown(buf,0,0); - fprintf(stdout,"%s\n",buf); + printf("write %s\n",buf); #endif #ifdef __LINUX__ sprintf(buf,"/etc/init.d/zerotier-one"); - if (!instFile(init_d__zerotier_one,buf)) { - fprintf(stderr,"Unable to write %s\n",buf); + if (!putBlob(linux__init_d__zerotier_one,buf)) { + printf("! unable to write %s\n",buf); return 1; } chown(buf,0,0); chmod(buf,0755); - fprintf(stdout,"%s\n",buf); + printf("write %s\n",buf); symlink("/etc/init.d/zerotier-one","/etc/rc0.d/K89zerotier-one"); + printf("link /etc/init.d/zerotier-one /etc/rc0.d/K89zerotier-one\n"); symlink("/etc/init.d/zerotier-one","/etc/rc2.d/S11zerotier-one"); + printf("link /etc/init.d/zerotier-one /etc/rc2.d/S11zerotier-one\n"); symlink("/etc/init.d/zerotier-one","/etc/rc3.d/S11zerotier-one"); + printf("link /etc/init.d/zerotier-one /etc/rc3.d/S11zerotier-one\n"); symlink("/etc/init.d/zerotier-one","/etc/rc4.d/S11zerotier-one"); + printf("link /etc/init.d/zerotier-one /etc/rc4.d/S11zerotier-one\n"); symlink("/etc/init.d/zerotier-one","/etc/rc5.d/S11zerotier-one"); + printf("link /etc/init.d/zerotier-one /etc/rc5.d/S11zerotier-one\n"); #endif -#endif // __UNIX_LIKE__ + printf("# Done!\n"); -#ifdef __WINDOWS__ +#endif // __UNIX_LIKE__ ------------------------------------------------------- + +#ifdef __WINDOWS__ // --------------------------------------------------------- -#endif // __WINDOWS__ +#endif // __WINDOWS__ --------------------------------------------------------- return 0; } diff --git a/main.cpp b/main.cpp index 93911c98..b0834531 100644 --- a/main.cpp +++ b/main.cpp @@ -162,7 +162,7 @@ int main(int argc,char **argv) mkdir(homeDir,0755); // will fail if it already exists { char pidpath[4096]; - Utils::snrpintf(pidpath,sizeof(pidpath),"%s/zerotier-one.pid",homeDir); + Utils::snprintf(pidpath,sizeof(pidpath),"%s/zerotier-one.pid",homeDir); FILE *pf = fopen(pidpath,"w"); if (pf) { fprintf(pf,"%ld",(long)getpid()); @@ -192,7 +192,7 @@ int main(int argc,char **argv) #ifdef __UNIX_LIKE__ { char pidpath[4096]; - Utils::snrpintf(pidpath,sizeof(pidpath),"%s/zerotier-one.pid",homeDir); + Utils::snprintf(pidpath,sizeof(pidpath),"%s/zerotier-one.pid",homeDir); Utils::rm(pidpath); } #endif diff --git a/node/Updater.cpp b/node/Updater.cpp index 2de64c11..aba227d8 100644 --- a/node/Updater.cpp +++ b/node/Updater.cpp @@ -357,14 +357,14 @@ std::string Updater::generateUpdateFilename(unsigned int vMajor,unsigned int vMi #if defined(__i386) || defined(__i486) || defined(__i586) || defined(__i686) || defined(__amd64) || defined(__x86_64) || defined(i386) #define _updSupported 1 char buf[128]; - Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-linux-%s-update",vMajor,vMinor,revision,(sizeof(void *) == 8) ? "x64" : "x86"); + Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-linux-%s-install",vMajor,vMinor,revision,(sizeof(void *) == 8) ? "x64" : "x86"); return std::string(buf); #endif /* #if defined(__arm__) || defined(__arm) || defined(__aarch64__) #define _updSupported 1 char buf[128]; - Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-linux-%s-update",vMajor,vMinor,revision,(sizeof(void *) == 8) ? "arm64" : "arm32"); + Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-linux-%s-install",vMajor,vMinor,revision,(sizeof(void *) == 8) ? "arm64" : "arm32"); return std::string(buf); #endif */ @@ -380,7 +380,7 @@ std::string Updater::generateUpdateFilename(unsigned int vMajor,unsigned int vMi return std::string(); #endif char buf[128]; - Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-mac-x86combined-update",vMajor,vMinor,revision); + Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-mac-x86combined-install",vMajor,vMinor,revision); return std::string(buf); #endif -- cgit v1.2.3 From 902c8c38d261b1e73329ab4b9fefcfe11995c8b7 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Wed, 20 Nov 2013 14:10:33 -0500 Subject: UI basically works, almost ready for testing and packaging... --- ZeroTierUI/mainwindow.cpp | 79 +++++++++++++++++++++++++++++++++++++++++------ ZeroTierUI/mainwindow.h | 24 ++++++++++++-- ZeroTierUI/mainwindow.ui | 2 +- node/Node.cpp | 5 +++ node/Node.hpp | 11 ++++++- 5 files changed, 108 insertions(+), 13 deletions(-) (limited to 'node') diff --git a/ZeroTierUI/mainwindow.cpp b/ZeroTierUI/mainwindow.cpp index 0a9c7228..04a7919d 100644 --- a/ZeroTierUI/mainwindow.cpp +++ b/ZeroTierUI/mainwindow.cpp @@ -17,24 +17,32 @@ #include #include -static std::map< unsigned long,std::vector > ztReplies; -static QMutex ztReplies_m; +// Globally visible +ZeroTier::Node::LocalClient *zeroTierClient = (ZeroTier::Node::LocalClient *)0; + +// Main window instance for app +static MainWindow *mainWindow = (MainWindow *)0; + static void handleZTMessage(void *arg,unsigned long id,const char *line) { + static std::map< unsigned long,std::vector > ztReplies; + static QMutex ztReplies_m; + ztReplies_m.lock(); if (*line) { ztReplies[id].push_back(std::string(line)); ztReplies_m.unlock(); } else { // empty lines conclude transmissions - std::vector resp(ztReplies[id]); - ztReplies.erase(id); - ztReplies_m.unlock(); + std::map< unsigned long,std::vector >::iterator r(ztReplies.find(id)); + if (r != ztReplies.end()) { + MainWindow::ZTMessageEvent *event = new MainWindow::ZTMessageEvent(r->second); + ztReplies.erase(r); + ztReplies_m.unlock(); + QCoreApplication::postEvent(mainWindow,event); // must post since this may be another thread + } else ztReplies_m.unlock(); } } -// Globally visible -ZeroTier::Node::LocalClient *volatile zeroTierClient = (ZeroTier::Node::LocalClient *)0; - MainWindow::MainWindow(QWidget *parent) : QMainWindow(parent), ui(new Ui::MainWindow) @@ -42,6 +50,7 @@ MainWindow::MainWindow(QWidget *parent) : ui->setupUi(this); this->startTimer(1000); this->setEnabled(false); // gets enabled when updates are received + mainWindow = this; } MainWindow::~MainWindow() @@ -49,6 +58,7 @@ MainWindow::~MainWindow() delete ui; delete zeroTierClient; zeroTierClient = (ZeroTier::Node::LocalClient *)0; + mainWindow = (MainWindow *)0; } void MainWindow::timerEvent(QTimerEvent *event) @@ -86,6 +96,57 @@ void MainWindow::timerEvent(QTimerEvent *event) zeroTierClient = new ZeroTier::Node::LocalClient(authToken.c_str(),0,&handleZTMessage,this); } + + zeroTierClient->send("info"); + zeroTierClient->send("listnetworks"); + zeroTierClient->send("listpeers"); +} + +void MainWindow::customEvent(QEvent *event) +{ + ZTMessageEvent *m = (ZTMessageEvent *)event; // only one custom event type so far + + if (m->ztMessage.size() == 0) + return; + + std::vector hdr(ZeroTier::Node::LocalClient::splitLine(m->ztMessage[0])); + if (hdr.size() < 2) + return; + if (hdr[0] != "200") + return; + + // Enable main window on valid communication with service + if (!this->isEnabled()) + this->setEnabled(true); + + if (hdr[1] == "info") { + if (hdr.size() >= 3) + this->myAddress = hdr[2].c_str(); + if (hdr.size() >= 4) + this->myStatus = hdr[3].c_str(); + if (hdr.size() >= 5) + this->myVersion = hdr[4].c_str(); + } else if (hdr[1] == "listnetworks") { + } else if (hdr[1] == "listpeers") { + this->numPeers = 0; + for(unsigned long i=1;iztMessage.size();++i) { + std::vector l(ZeroTier::Node::LocalClient::splitLine(m->ztMessage[i])); + if ((l.size() >= 5)&&((l[3] != "-")||(l[4] != "-"))) + ++this->numPeers; // number of direct peers online -- check for active IPv4 and/or IPv6 address + } + } + + if (this->myAddress.size()) { + QString st(this->myAddress); + st += " ("; + st += this->myStatus; + st += ", "; + st += QString::number(this->numPeers); + st += " peers)"; + while (st.size() < 38) + st += QChar::Space; + ui->statusAndAddressButton->setText(st); + } } void MainWindow::on_joinNetworkButton_clicked() @@ -143,5 +204,5 @@ void MainWindow::on_networkIdLineEdit_textChanged(const QString &text) void MainWindow::on_statusAndAddressButton_clicked() { - // QApplication::clipboard()->setText(ui->myAddressCopyButton->text()); + QApplication::clipboard()->setText(this->myAddress); } diff --git a/ZeroTierUI/mainwindow.h b/ZeroTierUI/mainwindow.h index c072a566..39c4318a 100644 --- a/ZeroTierUI/mainwindow.h +++ b/ZeroTierUI/mainwindow.h @@ -2,6 +2,8 @@ #define MAINWINDOW_H #include +#include +#include #include "../node/Node.hpp" #include "../node/Utils.hpp" @@ -12,18 +14,31 @@ class MainWindow; // Globally visible instance of local client for communicating with ZT1 // Can be null if not connected, or will point to current -extern ZeroTier::Node::LocalClient *volatile zeroTierClient; +extern ZeroTier::Node::LocalClient *zeroTierClient; class MainWindow : public QMainWindow { Q_OBJECT public: + class ZTMessageEvent : public QEvent + { + public: + ZTMessageEvent(const std::vector &m) : + QEvent(QEvent::User), + ztMessage(m) + { + } + + std::vector ztMessage; + }; + explicit MainWindow(QWidget *parent = 0); - ~MainWindow(); + virtual ~MainWindow(); protected: virtual void timerEvent(QTimerEvent *event); + virtual void customEvent(QEvent *event); private slots: void on_joinNetworkButton_clicked(); @@ -35,6 +50,11 @@ private slots: private: Ui::MainWindow *ui; + + QString myAddress; + QString myStatus; + QString myVersion; + unsigned int numPeers; }; #endif // MAINWINDOW_H diff --git a/ZeroTierUI/mainwindow.ui b/ZeroTierUI/mainwindow.ui index d4824d59..a09460ae 100644 --- a/ZeroTierUI/mainwindow.ui +++ b/ZeroTierUI/mainwindow.ui @@ -131,7 +131,7 @@ border: 0; - 0000000000 (OFFLINE, 0 peers) + 0000000000 (OFFLINE, 0 peers) Qt::ToolButtonTextOnly diff --git a/node/Node.cpp b/node/Node.cpp index fe8cfb18..c88741a6 100644 --- a/node/Node.cpp +++ b/node/Node.cpp @@ -182,6 +182,11 @@ unsigned long Node::LocalClient::send(const char *command) } } +std::vector Node::LocalClient::splitLine(const char *line) +{ + return Utils::split(line," ","\\","\""); +} + struct _NodeImpl { RuntimeEnvironment renv; diff --git a/node/Node.hpp b/node/Node.hpp index 238b5fce..2f7d43ed 100644 --- a/node/Node.hpp +++ b/node/Node.hpp @@ -71,6 +71,15 @@ public: unsigned long send(const char *command) throw(); + /** + * Split a line of results by space + * + * @param line Line to split + * @return Vector of fields + */ + static std::vector splitLine(const char *line); + static inline std::vector splitLine(const std::string &line) { return splitLine(line.c_str()); } + private: // LocalClient is not copyable LocalClient(const LocalClient&); @@ -140,7 +149,7 @@ public: /** * Get the ZeroTier version in major.minor.revision string format - * + * * @return Version in string form */ static const char *versionString() -- cgit v1.2.3 From c979a695c5c58a62c7e3e08128860634b2fc421f Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Wed, 20 Nov 2013 16:16:30 -0500 Subject: UI work, add name to listnetworks output in control bus interface. --- ZeroTierUI/aboutwindow.h | 2 +- ZeroTierUI/mainwindow.cpp | 21 ++++++++++--- ZeroTierUI/mainwindow.h | 3 +- ZeroTierUI/mainwindow.ui | 8 +---- ZeroTierUI/network.cpp | 79 +++++++++++++++++++++++++++++++++++++++++++++-- ZeroTierUI/network.h | 16 ++++++++-- ZeroTierUI/network.ui | 65 +++++++++++++++++++++++++++++++++++--- node/Node.hpp | 4 +++ node/NodeConfig.cpp | 5 +-- 9 files changed, 178 insertions(+), 25 deletions(-) (limited to 'node') diff --git a/ZeroTierUI/aboutwindow.h b/ZeroTierUI/aboutwindow.h index 41adc64d..6c883b9b 100644 --- a/ZeroTierUI/aboutwindow.h +++ b/ZeroTierUI/aboutwindow.h @@ -13,7 +13,7 @@ class AboutWindow : public QDialog public: explicit AboutWindow(QWidget *parent = 0); - ~AboutWindow(); + virtual ~AboutWindow(); private slots: void on_uninstallButton_clicked(); diff --git a/ZeroTierUI/mainwindow.cpp b/ZeroTierUI/mainwindow.cpp index 04a7919d..c618243a 100644 --- a/ZeroTierUI/mainwindow.cpp +++ b/ZeroTierUI/mainwindow.cpp @@ -127,6 +127,11 @@ void MainWindow::customEvent(QEvent *event) if (hdr.size() >= 5) this->myVersion = hdr[4].c_str(); } else if (hdr[1] == "listnetworks") { + const QObjectList &existingNetworks = ui->networksScrollAreaContentWidget->children(); + + for(unsigned long i=1;iztMessage.size();++i) { + std::vector l(ZeroTier::Node::LocalClient::splitLine(m->ztMessage[i])); + } } else if (hdr[1] == "listpeers") { this->numPeers = 0; for(unsigned long i=1;iztMessage.size();++i) { @@ -151,6 +156,18 @@ void MainWindow::customEvent(QEvent *event) void MainWindow::on_joinNetworkButton_clicked() { + QString toJoin(ui->networkIdLineEdit->text()); + ui->networkIdLineEdit->setText(QString()); + + if (!zeroTierClient) // sanity check + return; + + if (toJoin.size() != 16) { + QMessageBox::information(this,"Invalid Network ID","The network ID you entered was not valid. Enter a 16-digit hexadecimal network ID, like '8056c2e21c000001'.",QMessageBox::Ok,QMessageBox::NoButton); + return; + } + + zeroTierClient->send((QString("join ") + toJoin).toStdString()); } void MainWindow::on_actionAbout_triggered() @@ -165,10 +182,6 @@ void MainWindow::on_actionJoin_Network_triggered() on_joinNetworkButton_clicked(); } -void MainWindow::on_actionShow_Detailed_Status_triggered() -{ -} - void MainWindow::on_networkIdLineEdit_textChanged(const QString &text) { QString newText; diff --git a/ZeroTierUI/mainwindow.h b/ZeroTierUI/mainwindow.h index 39c4318a..ed11ff44 100644 --- a/ZeroTierUI/mainwindow.h +++ b/ZeroTierUI/mainwindow.h @@ -21,6 +21,8 @@ class MainWindow : public QMainWindow Q_OBJECT public: + // Event used to pass messages from the Node::LocalClient thread to the + // main window to update network lists and stats. class ZTMessageEvent : public QEvent { public: @@ -44,7 +46,6 @@ private slots: void on_joinNetworkButton_clicked(); void on_actionAbout_triggered(); void on_actionJoin_Network_triggered(); - void on_actionShow_Detailed_Status_triggered(); void on_networkIdLineEdit_textChanged(const QString &arg1); void on_statusAndAddressButton_clicked(); diff --git a/ZeroTierUI/mainwindow.ui b/ZeroTierUI/mainwindow.ui index a09460ae..45b8fe63 100644 --- a/ZeroTierUI/mainwindow.ui +++ b/ZeroTierUI/mainwindow.ui @@ -54,7 +54,7 @@ Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop - + 0 @@ -225,7 +225,6 @@ File - @@ -242,11 +241,6 @@ Join Network - - - Show Detailed Status - - Exit diff --git a/ZeroTierUI/network.cpp b/ZeroTierUI/network.cpp index 3826a8da..1a6a631d 100644 --- a/ZeroTierUI/network.cpp +++ b/ZeroTierUI/network.cpp @@ -1,13 +1,22 @@ #include "network.h" +#include "mainwindow.h" #include "ui_network.h" #include +#include +#include +#include +#include +#include +#include -Network::Network(QWidget *parent) : +Network::Network(QWidget *parent,const std::string &nwid) : QWidget(parent), - ui(new Ui::Network) + ui(new Ui::Network), + networkIdStr(nwid) { ui->setupUi(this); + ui->networkIdPushButton->setText(QString(nwid.c_str())); } Network::~Network() @@ -15,8 +24,74 @@ Network::~Network() delete ui; } +void Network::setStatus(const std::string &status) +{ + ui->statusLabel->setText(QString(status.c_str())); +} + +void Network::setNetworkName(const std::string &status) +{ + ui->nameLabel->setText(QString(status.c_str())); +} + +void Network::setNetworkType(const std::string &type) +{ + ui->networkTypeLabel->setText(QString(status.c_str())); + if (type == "?") + ui->networkTypeLabel->setToolTip("Waiting for configuration..."); + else if (type == "public") + ui->networkTypeLabel->setToolTip("This network can be joined by anyone."); + else if (type == "private") + ui->networkTypeLabel->setToolTip("This network is private, only authorized peers can join."); + else ui->networkTypeLabel->setToolTip(QString()); +} + +void Network::setNetworkDeviceName(const std::string &dev) +{ + ui->deviceLabel->setText(QString(dev.c_str())); +} + +void Network::setIps(const std::string &commaSeparatedList) +{ + QStringList ips(QString(commaSeparatedList.c_str()).split(QChar(','),QString::SkipEmptyParts)); + if (commaSeparatedList == "-") + ips.clear(); + + QStringList tmp; + ips.sort(); + for(QStringList::iterator i(ips.begin());i!=ips.end();++i) { + QString ipOnly(*i); + int slashIdx = ipOnly.indexOf('/'); + if (slashIdx > 0) + ipOnly.truncate(slashIdx); + tmp.append(ipOnly); + } + ips = tmp; + + for(QStringList::iterator i(ips.begin());i!=ips.end();++i) { + if (ui->ipListWidget->findItems(*i).size() == 0) + ui->ipListWidget->addItem(*i); + } + + QList inList(ui->ipListWidget->items()); + for(QList::iterator i(inList.begin());i!=inList.end();++i) { + QListWidgetItem *item = *i; + if (!ips.contains(item->text())) + ui->ipListWidget->removeItemWidget(item); + } +} + +const std::string &Network::networkId() +{ + return networkIdStr; +} + void Network::on_leaveNetworkButton_clicked() { + if (QMessageBox::question(this,"Leave Network?",QString("Are you sure you want to leave network '") + networkIdStr.c_str() + "'?",QMessageBox::No,QMessageBox::Yes) == QMessageBox::Yes) { + zeroTierClient->send((QString("leave ") + networkIdStr.c_str()).toStdString()); + this->setEnabled(false); + } } void Network::on_networkIdPushButton_clicked() diff --git a/ZeroTierUI/network.h b/ZeroTierUI/network.h index 730b7982..1048767e 100644 --- a/ZeroTierUI/network.h +++ b/ZeroTierUI/network.h @@ -1,6 +1,8 @@ #ifndef NETWORK_H #define NETWORK_H +#include + #include namespace Ui { @@ -12,16 +14,24 @@ class Network : public QWidget Q_OBJECT public: - explicit Network(QWidget *parent = 0); - ~Network(); + explicit Network(QWidget *parent = 0,const std::string &nwid); + virtual ~Network(); + + void setStatus(const std::string &status); + void setNetworkName(const std::string &name); + void setNetworkType(const std::string &type); + void setNetworkDeviceName(const std::string &dev); + void setIps(const std::string &commaSeparatedList); + + const std::string &networkId(); private slots: void on_leaveNetworkButton_clicked(); - void on_networkIdPushButton_clicked(); private: Ui::Network *ui; + std::string networkIdStr; }; #endif // NETWORK_H diff --git a/ZeroTierUI/network.ui b/ZeroTierUI/network.ui index 1f80a4c8..a9b288a3 100644 --- a/ZeroTierUI/network.ui +++ b/ZeroTierUI/network.ui @@ -7,7 +7,7 @@ 0 0 618 - 93 + 108 @@ -112,6 +112,16 @@ text-align: left; + + + Name: + + + Qt::PlainText + + + + Status: @@ -121,7 +131,7 @@ text-align: left; - + @@ -143,7 +153,7 @@ text-align: left; - + Device: @@ -153,7 +163,7 @@ text-align: left; - + @@ -169,7 +179,7 @@ text-align: left; - + @@ -231,6 +241,48 @@ text-align: left; + + + + + 75 + true + + + + (name) + + + Qt::PlainText + + + + + + + Type: + + + Qt::PlainText + + + + + + + + 75 + true + + + + public + + + Qt::PlainText + + + @@ -251,6 +303,9 @@ text-align: left; false + + true + diff --git a/node/Node.hpp b/node/Node.hpp index 2f7d43ed..476ec7cd 100644 --- a/node/Node.hpp +++ b/node/Node.hpp @@ -28,6 +28,9 @@ #ifndef _ZT_NODE_HPP #define _ZT_NODE_HPP +#include +#include + namespace ZeroTier { /** @@ -70,6 +73,7 @@ public: */ unsigned long send(const char *command) throw(); + inline unsigned long send(const std::string &command) throw() { return send(command.c_str()); } /** * Split a line of results by space diff --git a/node/NodeConfig.cpp b/node/NodeConfig.cpp index 027f65ce..d56c73ae 100644 --- a/node/NodeConfig.cpp +++ b/node/NodeConfig.cpp @@ -200,7 +200,7 @@ std::vector NodeConfig::execute(const char *command) _r->topology->eachPeer(_DumpPeerStatistics(r)); } else if (cmd[0] == "listnetworks") { Mutex::Lock _l(_networks_m); - _P("200 listnetworks "); + _P("200 listnetworks "); for(std::map< uint64_t,SharedPtr >::const_iterator nw(_networks.begin());nw!=_networks.end();++nw) { std::string tmp; std::set ips(nw->second->tap().ips()); @@ -211,8 +211,9 @@ std::vector NodeConfig::execute(const char *command) } SharedPtr nconf(nw->second->config2()); - _P("200 listnetworks %.16llx %s %s %s %s", + _P("200 listnetworks %.16llx %s %s %s %s %s", (unsigned long long)nw->first, + ((nconf) ? nconf->name().c_str() : "?"), Network::statusString(nw->second->status()), ((nconf) ? (nconf->isOpen() ? "public" : "private") : "?"), nw->second->tap().deviceName().c_str(), -- cgit v1.2.3 From 4296db235894f8d403fc656f76e2a3578ca2d597 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Thu, 21 Nov 2013 15:11:22 -0500 Subject: Add configuration age to listnetworks results and GUI. --- ZeroTierUI/aboutwindow.cpp | 13 +++++++ ZeroTierUI/aboutwindow.ui | 2 +- ZeroTierUI/mainwindow.cpp | 50 ++++++++++++++----------- ZeroTierUI/mainwindow.h | 4 +- ZeroTierUI/mainwindow.ui | 8 +--- ZeroTierUI/network.cpp | 5 ++- ZeroTierUI/network.h | 2 +- ZeroTierUI/network.ui | 92 +++++++++++++++++++++++++++++++++++----------- node/NodeConfig.cpp | 11 +++++- 9 files changed, 130 insertions(+), 57 deletions(-) (limited to 'node') diff --git a/ZeroTierUI/aboutwindow.cpp b/ZeroTierUI/aboutwindow.cpp index 83d680b1..1a2b2290 100644 --- a/ZeroTierUI/aboutwindow.cpp +++ b/ZeroTierUI/aboutwindow.cpp @@ -1,11 +1,17 @@ #include "aboutwindow.h" #include "ui_aboutwindow.h" +#include +#include "../node/Defaults.hpp" + AboutWindow::AboutWindow(QWidget *parent) : QDialog(parent), ui(new Ui::AboutWindow) { ui->setupUi(this); +#ifndef __APPLE__ + ui->uninstallButton->hide(); +#endif } AboutWindow::~AboutWindow() @@ -15,4 +21,11 @@ AboutWindow::~AboutWindow() void AboutWindow::on_uninstallButton_clicked() { + // Apple only... other OSes have more intrinsic mechanisms for uninstalling. + QMessageBox::information( + this, + "Uninstalling ZeroTier One", + QString("Uninstalling ZeroTier One is easy!\n\nJust remove ZeroTier One from your Applications folder and the service will automatically shut down within a few seconds. Then, on your next reboot, all other support files will be automatically deleted.\n\nIf you wish to uninstall the service and support files now, you can run the 'uninstall.sh' script found in ") + ZeroTier::ZT_DEFAULTS.defaultHomePath.c_str() + " using the 'sudo' command in a terminal.", + QMessageBox::Ok, + QMessageBox::NoButton); } diff --git a/ZeroTierUI/aboutwindow.ui b/ZeroTierUI/aboutwindow.ui index 34ad0235..84aab434 100644 --- a/ZeroTierUI/aboutwindow.ui +++ b/ZeroTierUI/aboutwindow.ui @@ -11,7 +11,7 @@ - Dialog + About ZeroTier One diff --git a/ZeroTierUI/mainwindow.cpp b/ZeroTierUI/mainwindow.cpp index e427a6a1..6e972c73 100644 --- a/ZeroTierUI/mainwindow.cpp +++ b/ZeroTierUI/mainwindow.cpp @@ -52,9 +52,10 @@ MainWindow::MainWindow(QWidget *parent) : ui(new Ui::MainWindow) { ui->setupUi(this); - this->startTimer(1000); + this->startTimer(1000); // poll service every second this->setEnabled(false); // gets enabled when updates are received mainWindow = this; + this->cyclesSinceResponseFromService = 0; } MainWindow::~MainWindow() @@ -101,6 +102,11 @@ void MainWindow::timerEvent(QTimerEvent *event) zeroTierClient = new ZeroTier::Node::LocalClient(authToken.c_str(),0,&handleZTMessage,this); } + // TODO: do something more user-friendly here... or maybe try to restart + // the service? + if (++this->cyclesSinceResponseFromService == 3) + QMessageBox::critical(this,"No Response from Service","The ZeroTier One service does not appear to be running.",QMessageBox::Ok,QMessageBox::NoButton); + zeroTierClient->send("info"); zeroTierClient->send("listnetworks"); zeroTierClient->send("listpeers"); @@ -119,9 +125,7 @@ void MainWindow::customEvent(QEvent *event) if (hdr[0] != "200") return; - // Enable main window on valid communication with service - if (!this->isEnabled()) - this->setEnabled(true); + this->cyclesSinceResponseFromService = 0; if (hdr[1] == "info") { if (hdr.size() >= 3) @@ -134,8 +138,8 @@ void MainWindow::customEvent(QEvent *event) std::map< std::string,std::vector > byNwid; for(unsigned long i=1;iztMessage.size();++i) { std::vector l(ZeroTier::Node::LocalClient::splitLine(m->ztMessage[i])); - // 200 listnetworks - if ((l.size() == 8)&&(l[2].length() == 16)) + // 200 listnetworks + if ((l.size() == 9)&&(l[2].length() == 16)) byNwid[l[2]] = l; } @@ -149,10 +153,10 @@ void MainWindow::customEvent(QEvent *event) if (byNwid.count(i->first)) { std::vector &l = byNwid[i->first]; i->second.second->setNetworkName(l[3]); - i->second.second->setStatus(l[4]); - i->second.second->setNetworkType(l[5]); - i->second.second->setNetworkDeviceName(l[6]); - i->second.second->setIps(l[7]); + i->second.second->setStatus(l[4],l[5]); + i->second.second->setNetworkType(l[6]); + i->second.second->setNetworkDeviceName(l[7]); + i->second.second->setIps(l[8]); } else { delete ui->networkListWidget->takeItem(i->second.first); } @@ -163,10 +167,10 @@ void MainWindow::customEvent(QEvent *event) std::vector &l = i->second; Network *nw = new Network((QWidget *)0,i->first); nw->setNetworkName(l[3]); - nw->setStatus(l[4]); - nw->setNetworkType(l[5]); - nw->setNetworkDeviceName(l[6]); - nw->setIps(l[7]); + nw->setStatus(l[4],l[5]); + nw->setNetworkType(l[6]); + nw->setNetworkDeviceName(l[7]); + nw->setIps(l[8]); QListWidgetItem *item = new QListWidgetItem(); item->setSizeHint(nw->sizeHint()); ui->networkListWidget->addItem(item); @@ -186,13 +190,23 @@ void MainWindow::customEvent(QEvent *event) QString st(this->myAddress); st += " ("; st += this->myStatus; + st += ", v"; + st += this->myVersion; st += ", "; st += QString::number(this->numPeers); st += " peers)"; - while (st.size() < 38) + while (st.size() < 45) st += QChar::Space; ui->statusAndAddressButton->setText(st); } + + if (this->myStatus == "ONLINE") { + if (!this->isEnabled()) + this->setEnabled(true); + } else { + if (this->isEnabled()) + this->setEnabled(false); + } } void MainWindow::on_joinNetworkButton_clicked() @@ -217,12 +231,6 @@ void MainWindow::on_actionAbout_triggered() about->show(); } -void MainWindow::on_actionJoin_Network_triggered() -{ - // Does the same thing as clicking join button on main UI - on_joinNetworkButton_clicked(); -} - void MainWindow::on_networkIdLineEdit_textChanged(const QString &text) { QString newText; diff --git a/ZeroTierUI/mainwindow.h b/ZeroTierUI/mainwindow.h index ed11ff44..66a0b350 100644 --- a/ZeroTierUI/mainwindow.h +++ b/ZeroTierUI/mainwindow.h @@ -45,8 +45,7 @@ protected: private slots: void on_joinNetworkButton_clicked(); void on_actionAbout_triggered(); - void on_actionJoin_Network_triggered(); - void on_networkIdLineEdit_textChanged(const QString &arg1); + void on_networkIdLineEdit_textChanged(const QString &text); void on_statusAndAddressButton_clicked(); private: @@ -56,6 +55,7 @@ private: QString myStatus; QString myVersion; unsigned int numPeers; + unsigned int cyclesSinceResponseFromService; }; #endif // MAINWINDOW_H diff --git a/ZeroTierUI/mainwindow.ui b/ZeroTierUI/mainwindow.ui index 025ac6cd..c5103624 100644 --- a/ZeroTierUI/mainwindow.ui +++ b/ZeroTierUI/mainwindow.ui @@ -110,7 +110,7 @@ border: 0; - 0000000000 (OFFLINE, 0 peers) + 0000000000 (OFFLINE, v0.0.0, 0 peers) Qt::ToolButtonTextOnly @@ -203,7 +203,6 @@ File - @@ -215,11 +214,6 @@ About - - - Join Network - - Exit diff --git a/ZeroTierUI/network.cpp b/ZeroTierUI/network.cpp index 1631c816..e23bc6ba 100644 --- a/ZeroTierUI/network.cpp +++ b/ZeroTierUI/network.cpp @@ -28,9 +28,12 @@ Network::~Network() delete ui; } -void Network::setStatus(const std::string &status) +void Network::setStatus(const std::string &status,const std::string &age) { ui->statusLabel->setText(QString(status.c_str())); + if (status == "OK") + ui->ageLabel->setText(QString("(configuration is ") + age.c_str() + " seconds old)"); + else ui->ageLabel->setText(QString()); } void Network::setNetworkName(const std::string &name) diff --git a/ZeroTierUI/network.h b/ZeroTierUI/network.h index a47915e1..a50354af 100644 --- a/ZeroTierUI/network.h +++ b/ZeroTierUI/network.h @@ -17,7 +17,7 @@ public: explicit Network(QWidget *parent = 0,const std::string &nwid = std::string()); virtual ~Network(); - void setStatus(const std::string &status); + void setStatus(const std::string &status,const std::string &age); void setNetworkName(const std::string &name); void setNetworkType(const std::string &type); void setNetworkDeviceName(const std::string &dev); diff --git a/ZeroTierUI/network.ui b/ZeroTierUI/network.ui index 9ea3cb85..e6dc6524 100644 --- a/ZeroTierUI/network.ui +++ b/ZeroTierUI/network.ui @@ -174,28 +174,6 @@ - - - - - 0 - 0 - - - - - 75 - true - - - - ? - - - Qt::PlainText - - - @@ -222,6 +200,76 @@ + + + + + 0 + 0 + + + + + 12 + + + 0 + + + 0 + + + 0 + + + 0 + + + + + + 0 + 0 + + + + + 75 + true + + + + ? + + + Qt::PlainText + + + + + + + + 0 + 0 + + + + + 10 + + + + (configuration is 0 seconds old) + + + Qt::PlainText + + + + + + diff --git a/node/NodeConfig.cpp b/node/NodeConfig.cpp index d56c73ae..ce5943c5 100644 --- a/node/NodeConfig.cpp +++ b/node/NodeConfig.cpp @@ -200,7 +200,7 @@ std::vector NodeConfig::execute(const char *command) _r->topology->eachPeer(_DumpPeerStatistics(r)); } else if (cmd[0] == "listnetworks") { Mutex::Lock _l(_networks_m); - _P("200 listnetworks "); + _P("200 listnetworks "); for(std::map< uint64_t,SharedPtr >::const_iterator nw(_networks.begin());nw!=_networks.end();++nw) { std::string tmp; std::set ips(nw->second->tap().ips()); @@ -211,10 +211,17 @@ std::vector NodeConfig::execute(const char *command) } SharedPtr nconf(nw->second->config2()); - _P("200 listnetworks %.16llx %s %s %s %s %s", + + long long age = (nconf) ? ((long long)Utils::now() - (long long)nconf->timestamp()) : (long long)0; + if (age < 0) + age = 0; + age /= 1000; + + _P("200 listnetworks %.16llx %s %s %lld %s %s %s", (unsigned long long)nw->first, ((nconf) ? nconf->name().c_str() : "?"), Network::statusString(nw->second->status()), + age, ((nconf) ? (nconf->isOpen() ? "public" : "private") : "?"), nw->second->tap().deviceName().c_str(), ((tmp.length() > 0) ? tmp.c_str() : "-")); -- cgit v1.2.3 From b699bdefbd008a5dbfab4308e9b969b2aaa88ce1 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Thu, 21 Nov 2013 16:34:27 -0500 Subject: Add shutdownIfUnreadable file feature: shut down if shutdownIfUnreadable in home folder is in fact existent but unreadable (e.g. broken link). This enables nifty shutdown on .app trashing feature for OSX. --- node/Node.cpp | 8 ++++++++ node/Utils.cpp | 12 +++++++++++- node/Utils.hpp | 6 ++---- 3 files changed, 21 insertions(+), 5 deletions(-) (limited to 'node') diff --git a/node/Node.cpp b/node/Node.cpp index c88741a6..f2668e4e 100644 --- a/node/Node.cpp +++ b/node/Node.cpp @@ -467,6 +467,7 @@ Node::ReasonForTermination Node::run() // Core I/O loop try { + std::string shutdownIfUnreadablePath(_r->homePath + ZT_PATH_SEPARATOR_S + "shutdownIfUnreadable"); uint64_t lastNetworkAutoconfCheck = Utils::now() - 5000; // check autoconf again after 5s for startup uint64_t lastPingCheck = 0; uint64_t lastClean = Utils::now(); // don't need to do this immediately @@ -476,6 +477,13 @@ Node::ReasonForTermination Node::run() long lastDelayDelta = 0; while (impl->reasonForTermination == NODE_RUNNING) { + if (Utils::fileExists(shutdownIfUnreadablePath.c_str(),false)) { + FILE *tmpf = fopen(shutdownIfUnreadablePath.c_str(),"r"); + if (!tmpf) + return impl->terminateBecause(Node::NODE_NORMAL_TERMINATION,"shutdownIfUnreadable was not readable"); + fclose(tmpf); + } + uint64_t now = Utils::now(); bool resynchronize = false; diff --git a/node/Utils.cpp b/node/Utils.cpp index 31cb40dd..608de593 100644 --- a/node/Utils.cpp +++ b/node/Utils.cpp @@ -246,7 +246,7 @@ no getSecureRandom() implementation; void Utils::lockDownFile(const char *path,bool isDir) { -#if defined(__APPLE__) || defined(__linux__) || defined(linux) || defined(__LINUX__) || defined(__linux) +#ifdef __UNIX_LIKE__ chmod(path,isDir ? 0700 : 0600); #else #ifdef _WIN32 @@ -263,6 +263,16 @@ uint64_t Utils::getLastModified(const char *path) return (((uint64_t)s.st_mtime) * 1000ULL); } +bool Utils::fileExists(const char *path,bool followLinks) +{ + struct stat s; +#ifdef __UNIX_LIKE__ + if (!followLinks) + return (lstat(path,&s) == 0); +#endif + return (stat(path,&s) == 0); +} + int64_t Utils::getFileSize(const char *path) { struct stat s; diff --git a/node/Utils.hpp b/node/Utils.hpp index 4e060748..2fea8b9b 100644 --- a/node/Utils.hpp +++ b/node/Utils.hpp @@ -177,12 +177,10 @@ public: /** * @param path Path to check + * @param followLinks Follow links (on platforms with that concept) * @return True if file or directory exists at path location */ - static inline bool fileExists(const char *path) - { - return (getLastModified(path) != 0); - } + static bool fileExists(const char *path,bool followLinks = true); /** * @param path Path to file -- cgit v1.2.3 From f5d397e8c87aa29c7186972c4746c0b255853af6 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Wed, 4 Dec 2013 10:45:15 -0800 Subject: Pull in-band file transfer stuff. Toyed around with that idea, but it seems that updates for some platforms are big enough and there are enough reliability concerns that just using TCP/HTTP is safer and easier. --- node/Packet.cpp | 2 - node/Packet.hpp | 55 +----- node/PacketDecoder.cpp | 14 -- node/PacketDecoder.hpp | 2 - node/Updater.cpp | 449 ------------------------------------------------- node/Updater.hpp | 242 -------------------------- objects.mk | 1 - 7 files changed, 1 insertion(+), 764 deletions(-) delete mode 100644 node/Updater.cpp delete mode 100644 node/Updater.hpp (limited to 'node') diff --git a/node/Packet.cpp b/node/Packet.cpp index 33866727..d809d402 100644 --- a/node/Packet.cpp +++ b/node/Packet.cpp @@ -48,8 +48,6 @@ const char *Packet::verbString(Verb v) case VERB_NETWORK_MEMBERSHIP_CERTIFICATE: return "NETWORK_MEMBERSHIP_CERTIFICATE"; case VERB_NETWORK_CONFIG_REQUEST: return "NETWORK_CONFIG_REQUEST"; case VERB_NETWORK_CONFIG_REFRESH: return "NETWORK_CONFIG_REFRESH"; - case VERB_FILE_INFO_REQUEST: return "FILE_INFO_REQUEST"; - case VERB_FILE_BLOCK_REQUEST: return "FILE_BLOCK_REQUEST"; } return "(unknown)"; } diff --git a/node/Packet.hpp b/node/Packet.hpp index daa9946b..b7f52e3c 100644 --- a/node/Packet.hpp +++ b/node/Packet.hpp @@ -615,60 +615,7 @@ public: * It does not generate an OK or ERROR message, and is treated only as * a hint to refresh now. */ - VERB_NETWORK_CONFIG_REFRESH = 12, - - /* Request information about a shared file (for software updates): - * <[1] flags, currently unused and must be 0> - * <[1] 8-bit length of filename> - * <[...] name of file being requested> - * - * OK response payload (indicates that we have and will share): - * <[1] flags, currently unused and must be 0> - * <[1] 8-bit length of filename> - * <[...] name of file being requested> - * <[64] full length SHA-512 hash of file contents> - * <[4] 32-bit length of file in bytes> - * <[5] Signing ZeroTier One identity address> - * <[2] 16-bit length of signature of filename + SHA-512 hash> - * <[...] signature of filename + SHA-512 hash> - * - * ERROR response payload: - * <[2] 16-bit length of filename> - * <[...] name of file being requested> - * - * This is used for distribution of software updates and in the future may - * be used for anything else that needs to be globally distributed. It - * is not designed for end-user use for other purposes. - * - * Support is optional. Nodes should return UNSUPPORTED_OPERATION if - * not supported or enabled. - */ - VERB_FILE_INFO_REQUEST = 13, - - /* Request a piece of a shared file - * <[16] first 16 bytes of SHA-512 of file being requested> - * <[4] 32-bit index of desired chunk> - * <[2] 16-bit length of desired chunk> - * - * OK response payload: - * <[16] first 16 bytes of SHA-512 of file being requested> - * <[4] 32-bit index of desired chunk> - * <[2] 16-bit length of desired chunk> - * <[...] the chunk> - * - * ERROR response payload: - * <[16] first 16 bytes of SHA-512 of file being requested> - * <[4] 32-bit index of desired chunk> - * <[2] 16-bit length of desired chunk> - * - * This is used for distribution of software updates and in the future may - * be used for anything else that needs to be globally distributed. It - * is not designed for end-user use for other purposes. - * - * Support is optional. Nodes should return UNSUPPORTED_OPERATION if - * not supported or enabled. - */ - VERB_FILE_BLOCK_REQUEST = 14 + VERB_NETWORK_CONFIG_REFRESH = 12 }; /** diff --git a/node/PacketDecoder.cpp b/node/PacketDecoder.cpp index 83c47b0e..956cb642 100644 --- a/node/PacketDecoder.cpp +++ b/node/PacketDecoder.cpp @@ -112,10 +112,6 @@ bool PacketDecoder::tryDecode(const RuntimeEnvironment *_r) return _doNETWORK_CONFIG_REQUEST(_r,peer); case Packet::VERB_NETWORK_CONFIG_REFRESH: return _doNETWORK_CONFIG_REFRESH(_r,peer); - case Packet::VERB_FILE_INFO_REQUEST: - return _doFILE_INFO_REQUEST(_r,peer); - case Packet::VERB_FILE_BLOCK_REQUEST: - return _doFILE_BLOCK_REQUEST(_r,peer); default: // This might be something from a new or old version of the protocol. // Technically it passed MAC so the packet is still valid, but we @@ -878,14 +874,4 @@ bool PacketDecoder::_doNETWORK_CONFIG_REFRESH(const RuntimeEnvironment *_r,const return true; } -bool PacketDecoder::_doFILE_INFO_REQUEST(const RuntimeEnvironment *_r,const SharedPtr &peer) -{ - return true; -} - -bool PacketDecoder::_doFILE_BLOCK_REQUEST(const RuntimeEnvironment *_r,const SharedPtr &peer) -{ - return true; -} - } // namespace ZeroTier diff --git a/node/PacketDecoder.hpp b/node/PacketDecoder.hpp index 8ec01594..cb3522ff 100644 --- a/node/PacketDecoder.hpp +++ b/node/PacketDecoder.hpp @@ -122,8 +122,6 @@ private: bool _doNETWORK_MEMBERSHIP_CERTIFICATE(const RuntimeEnvironment *_r,const SharedPtr &peer); bool _doNETWORK_CONFIG_REQUEST(const RuntimeEnvironment *_r,const SharedPtr &peer); bool _doNETWORK_CONFIG_REFRESH(const RuntimeEnvironment *_r,const SharedPtr &peer); - bool _doFILE_INFO_REQUEST(const RuntimeEnvironment *_r,const SharedPtr &peer); - bool _doFILE_BLOCK_REQUEST(const RuntimeEnvironment *_r,const SharedPtr &peer); uint64_t _receiveTime; Demarc::Port _localPort; diff --git a/node/Updater.cpp b/node/Updater.cpp deleted file mode 100644 index aba227d8..00000000 --- a/node/Updater.cpp +++ /dev/null @@ -1,449 +0,0 @@ -/* - * ZeroTier One - Global Peer to Peer Ethernet - * Copyright (C) 2012-2013 ZeroTier Networks LLC - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - * - * -- - * - * ZeroTier may be used and distributed under the terms of the GPLv3, which - * are available at: http://www.gnu.org/licenses/gpl-3.0.html - * - * If you would like to embed ZeroTier into a commercial application or - * redistribute it in a modified binary form, please contact ZeroTier Networks - * LLC. Start here: http://www.zerotier.com/ - */ - -#include "Updater.hpp" -#include "RuntimeEnvironment.hpp" -#include "Logger.hpp" -#include "Defaults.hpp" -#include "Utils.hpp" -#include "Topology.hpp" -#include "Switch.hpp" -#include "SHA512.hpp" - -#include "../version.h" - -namespace ZeroTier { - -Updater::Updater(const RuntimeEnvironment *renv) : - _r(renv), - _download((_Download *)0) -{ - refreshShared(); -} - -Updater::~Updater() -{ - Mutex::Lock _l(_lock); - delete _download; -} - -void Updater::refreshShared() -{ - std::string updatesPath(_r->homePath + ZT_PATH_SEPARATOR_S + "updates.d"); - std::map ud(Utils::listDirectory(updatesPath.c_str())); - - Mutex::Lock _l(_lock); - _sharedUpdates.clear(); - for(std::map::iterator u(ud.begin());u!=ud.end();++u) { - if (u->second) - continue; // skip directories - if ((u->first.length() >= 4)&&(!strcasecmp(u->first.substr(u->first.length() - 4).c_str(),".sig"))) - continue; // skip .sig companion files - - std::string fullPath(updatesPath + ZT_PATH_SEPARATOR_S + u->first); - std::string sigPath(fullPath + ".sig"); - - std::string buf; - if (Utils::readFile(sigPath.c_str(),buf)) { - Dictionary sig(buf); - - SharedUpdate shared; - shared.fullPath = fullPath; - shared.filename = u->first; - - std::string sha512(Utils::unhex(sig.get("sha512",std::string()))); - std::string signature(Utils::unhex(sig.get("sha512_ed25519",std::string()))); - Address signedBy(sig.get("signedBy",std::string())); - if ((sha512.length() < sizeof(shared.sha512))||(signature.length() < shared.sig.size())||(!signedBy)) { - TRACE("skipped shareable update due to missing fields in companion .sig: %s",fullPath.c_str()); - continue; - } - memcpy(shared.sha512,sha512.data(),sizeof(shared.sha512)); - memcpy(shared.sig.data,signature.data(),shared.sig.size()); - shared.signedBy = signedBy; - - int64_t fs = Utils::getFileSize(fullPath.c_str()); - if (fs <= 0) { - TRACE("skipped shareable update due to unreadable, invalid, or 0-byte file: %s",fullPath.c_str()); - continue; - } - shared.size = (unsigned long)fs; - - LOG("sharing software update %s to other peers",shared.filename.c_str()); - _sharedUpdates.push_back(shared); - } else { - TRACE("skipped shareable update due to missing companion .sig: %s",fullPath.c_str()); - continue; - } - } -} - -void Updater::getUpdateIfThisIsNewer(unsigned int vMajor,unsigned int vMinor,unsigned int revision) -{ - if (!compareVersions(vMajor,vMinor,revision,ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION)) - return; - - std::string updateFilename(generateUpdateFilename(vMajor,vMinor,revision)); - if (!updateFilename.length()) { - TRACE("an update to %u.%u.%u is available, but this platform or build doesn't support auto-update",vMajor,vMinor,revision); - return; - } - - std::vector< SharedPtr > peers; - _r->topology->eachPeer(Topology::CollectPeersWithActiveDirectPath(peers,Utils::now())); - - TRACE("new update available to %u.%u.%u, looking for %s from %u peers",vMajor,vMinor,revision,updateFilename.c_str(),(unsigned int)peers.size()); - - for(std::vector< SharedPtr >::iterator p(peers.begin());p!=peers.end();++p) { - Packet outp((*p)->address(),_r->identity.address(),Packet::VERB_FILE_INFO_REQUEST); - outp.append((unsigned char)0); - outp.append((uint16_t)updateFilename.length()); - outp.append(updateFilename.data(),updateFilename.length()); - _r->sw->send(outp,true); - } -} - -void Updater::retryIfNeeded() -{ - Mutex::Lock _l(_lock); - - if (_download) { - uint64_t elapsed = Utils::now() - _download->lastChunkReceivedAt; - if ((elapsed >= ZT_UPDATER_PEER_TIMEOUT)||(!_download->currentlyReceivingFrom)) { - if (_download->peersThatHave.empty()) { - // Search for more sources if we have no more possibilities queued - TRACE("all sources for %s timed out, searching for more...",_download->filename.c_str()); - _download->currentlyReceivingFrom.zero(); - - std::vector< SharedPtr > peers; - _r->topology->eachPeer(Topology::CollectPeersWithActiveDirectPath(peers,Utils::now())); - - for(std::vector< SharedPtr >::iterator p(peers.begin());p!=peers.end();++p) { - Packet outp((*p)->address(),_r->identity.address(),Packet::VERB_FILE_INFO_REQUEST); - outp.append((unsigned char)0); - outp.append((uint16_t)_download->filename.length()); - outp.append(_download->filename.data(),_download->filename.length()); - _r->sw->send(outp,true); - } - } else { - // If that peer isn't answering, try the next queued source - _download->currentlyReceivingFrom = _download->peersThatHave.front(); - _download->peersThatHave.pop_front(); - _requestNextChunk(); - } - } else if (elapsed >= ZT_UPDATER_RETRY_TIMEOUT) { - // Re-request next chunk we don't have from current source - _requestNextChunk(); - } - } -} - -void Updater::handleChunk(const Address &from,const void *sha512,unsigned int shalen,unsigned long at,const void *chunk,unsigned long len) -{ - Mutex::Lock _l(_lock); - - if (!_download) { - TRACE("got chunk from %s while no download is in progress, ignored",from.toString().c_str()); - return; - } - - if (memcmp(_download->sha512,sha512,(shalen > 64) ? 64 : shalen)) { - TRACE("got chunk from %s for wrong download (SHA mismatch), ignored",from.toString().c_str()); - return; - } - - unsigned long whichChunk = at / ZT_UPDATER_CHUNK_SIZE; - - if ( - (at != (ZT_UPDATER_CHUNK_SIZE * whichChunk))|| - (whichChunk >= _download->haveChunks.size())|| - ((whichChunk == (_download->haveChunks.size() - 1))&&(len != _download->lastChunkSize))|| - (len != ZT_UPDATER_CHUNK_SIZE) - ) { - TRACE("got chunk from %s at invalid position or invalid size, ignored",from.toString().c_str()); - return; - } - - for(unsigned long i=0;idata[at + i] = ((const char *)chunk)[i]; - - _download->haveChunks[whichChunk] = true; - _download->lastChunkReceivedAt = Utils::now(); - - _requestNextChunk(); -} - -void Updater::handlePeerHasFile(const Address &from,const char *filename,const void *sha512,unsigned long filesize,const Address &signedBy,const void *signature,unsigned int siglen) -{ - unsigned int vMajor = 0,vMinor = 0,revision = 0; - if (!parseUpdateFilename(filename,vMajor,vMinor,revision)) { - TRACE("rejected offer of %s from %s: could not extract version information from filename",filename,from.toString().c_str()); - return; - } - - if (filesize > ZT_UPDATER_MAX_SUPPORTED_SIZE) { - TRACE("rejected offer of %s from %s: file too large (%u > %u)",filename,from.toString().c_str(),(unsigned int)filesize,(unsigned int)ZT_UPDATER_MAX_SUPPORTED_SIZE); - return; - } - - if (!compareVersions(vMajor,vMinor,revision,ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION)) { - TRACE("rejected offer of %s from %s: version older than mine",filename,from.toString().c_str()); - return; - } - - Mutex::Lock _l(_lock); - - if (_download) { - if ((_download->filename == filename)&&(_download->data.length() == filesize)&&(!memcmp(sha512,_download->sha512,64))) { - // Learn another source for the current download if this is the - // same file. - LOG("learned new source for %s: %s",filename,from.toString().c_str()); - if (!_download->currentlyReceivingFrom) { - _download->currentlyReceivingFrom = from; - _requestNextChunk(); - } else _download->peersThatHave.push_back(from); - return; - } else { - // If there's a download, compare versions... only proceed if this - // file being offered is newer. - if (!compareVersions(vMajor,vMinor,revision,_download->versionMajor,_download->versionMinor,_download->revision)) { - TRACE("rejected offer of %s from %s: already downloading newer version %s",filename,from.toString().c_str(),_download->filename.c_str()); - return; - } - } - } - - // If we have no download OR if this was a different file, check its - // validity via signature and then see if it's newer. If so start a new - // download for it. - { - std::string nameAndSha(filename); - nameAndSha.append((const char *)sha512,64); - std::map< Address,Identity >::const_iterator uauth(ZT_DEFAULTS.updateAuthorities.find(signedBy)); - if (uauth == ZT_DEFAULTS.updateAuthorities.end()) { - LOG("rejected offer of %s from %s: failed authentication: unknown signer %s",filename,from.toString().c_str(),signedBy.toString().c_str()); - return; - } - if (!uauth->second.verify(nameAndSha.data(),nameAndSha.length(),signature,siglen)) { - LOG("rejected offer of %s from %s: failed authentication: signature from %s invalid",filename,from.toString().c_str(),signedBy.toString().c_str()); - return; - } - } - - // Replace existing download if any. - delete _download; - _download = (_Download *)0; - - // Create and initiate new download - _download = new _Download; - try { - LOG("beginning download of software update %s from %s (%u bytes, signed by authorized identity %s)",filename,from.toString().c_str(),(unsigned int)filesize,signedBy.toString().c_str()); - - _download->data.assign(filesize,(char)0); - _download->haveChunks.resize((filesize / ZT_UPDATER_CHUNK_SIZE) + 1,false); - _download->filename = filename; - memcpy(_download->sha512,sha512,64); - _download->currentlyReceivingFrom = from; - _download->lastChunkReceivedAt = 0; - _download->lastChunkSize = filesize % ZT_UPDATER_CHUNK_SIZE; - _download->versionMajor = vMajor; - _download->versionMinor = vMinor; - _download->revision = revision; - - _requestNextChunk(); - } catch (std::exception &exc) { - delete _download; - _download = (_Download *)0; - LOG("unable to begin download of %s from %s: %s",filename,from.toString().c_str(),exc.what()); - } catch ( ... ) { - delete _download; - _download = (_Download *)0; - LOG("unable to begin download of %s from %s: unknown exception",filename,from.toString().c_str()); - } -} - -bool Updater::findSharedUpdate(const char *filename,SharedUpdate &update) const -{ - Mutex::Lock _l(_lock); - for(std::list::const_iterator u(_sharedUpdates.begin());u!=_sharedUpdates.end();++u) { - if (u->filename == filename) { - update = *u; - return true; - } - } - return false; -} - -bool Updater::findSharedUpdate(const void *sha512,unsigned int shalen,SharedUpdate &update) const -{ - if (!shalen) - return false; - Mutex::Lock _l(_lock); - for(std::list::const_iterator u(_sharedUpdates.begin());u!=_sharedUpdates.end();++u) { - if (!memcmp(u->sha512,sha512,(shalen > 64) ? 64 : shalen)) { - update = *u; - return true; - } - } - return false; -} - -bool Updater::getSharedChunk(const void *sha512,unsigned int shalen,unsigned long at,void *chunk,unsigned long chunklen) const -{ - if (!chunklen) - return true; - if (!shalen) - return false; - Mutex::Lock _l(_lock); - for(std::list::const_iterator u(_sharedUpdates.begin());u!=_sharedUpdates.end();++u) { - if (!memcmp(u->sha512,sha512,(shalen > 64) ? 64 : shalen)) { - FILE *f = fopen(u->fullPath.c_str(),"rb"); - if (!f) - return false; - if (!fseek(f,(long)at,SEEK_SET)) { - fclose(f); - return false; - } - if (fread(chunk,chunklen,1,f) != 1) { - fclose(f); - return false; - } - fclose(f); - return true; - } - } - return false; -} - -std::string Updater::generateUpdateFilename(unsigned int vMajor,unsigned int vMinor,unsigned int revision) -{ - // Defining ZT_OFFICIAL_BUILD enables this cascade of macros, which will - // make your build auto-update itself if it's for an officially supported - // architecture. The signing identity for auto-updates is in Defaults. -#ifdef ZT_OFFICIAL_BUILD - - // Not supported... yet? Get it first cause it might identify as Linux too. -#ifdef __ANDROID__ -#define _updSupported 1 - return std::string(); -#endif - - // Linux on x86 and possibly in the future ARM -#ifdef __LINUX__ -#if defined(__i386) || defined(__i486) || defined(__i586) || defined(__i686) || defined(__amd64) || defined(__x86_64) || defined(i386) -#define _updSupported 1 - char buf[128]; - Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-linux-%s-install",vMajor,vMinor,revision,(sizeof(void *) == 8) ? "x64" : "x86"); - return std::string(buf); -#endif -/* -#if defined(__arm__) || defined(__arm) || defined(__aarch64__) -#define _updSupported 1 - char buf[128]; - Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-linux-%s-install",vMajor,vMinor,revision,(sizeof(void *) == 8) ? "arm64" : "arm32"); - return std::string(buf); -#endif -*/ -#endif - - // Apple stuff... only Macs so far... -#ifdef __APPLE__ -#define _updSupported 1 -#if defined(__powerpc) || defined(__powerpc__) || defined(__ppc__) || defined(__ppc64) || defined(__ppc64__) || defined(__powerpc64__) - return std::string(); -#endif -#if defined(TARGET_IPHONE_SIMULATOR) || defined(TARGET_OS_IPHONE) - return std::string(); -#endif - char buf[128]; - Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-mac-x86combined-install",vMajor,vMinor,revision); - return std::string(buf); -#endif - - // ??? -#ifndef _updSupported - return std::string(); -#endif - -#else - return std::string(); -#endif // ZT_OFFICIAL_BUILD -} - -bool Updater::parseUpdateFilename(const char *filename,unsigned int &vMajor,unsigned int &vMinor,unsigned int &revision) -{ - std::vector byDash(Utils::split(filename,"-","","")); - if (byDash.size() < 2) - return false; - std::vector byUnderscore(Utils::split(byDash[1].c_str(),"_","","")); - if (byUnderscore.size() < 3) - return false; - vMajor = Utils::strToUInt(byUnderscore[0].c_str()); - vMinor = Utils::strToUInt(byUnderscore[1].c_str()); - revision = Utils::strToUInt(byUnderscore[2].c_str()); - return true; -} - -void Updater::_requestNextChunk() -{ - // assumes _lock is locked - - if (!_download) - return; - - unsigned long whichChunk = 0; - std::vector::iterator ptr(std::find(_download->haveChunks.begin(),_download->haveChunks.end(),false)); - if (ptr == _download->haveChunks.end()) { - unsigned char digest[64]; - SHA512::hash(digest,_download->data.data(),_download->data.length()); - if (memcmp(digest,_download->sha512,64)) { - LOG("retrying download of %s -- SHA-512 mismatch, file corrupt!",_download->filename.c_str()); - std::fill(_download->haveChunks.begin(),_download->haveChunks.end(),false); - whichChunk = 0; - } else { - LOG("successfully downloaded and authenticated %s, launching update...",_download->filename.c_str()); - delete _download; - _download = (_Download *)0; - return; - } - } else { - whichChunk = std::distance(_download->haveChunks.begin(),ptr); - } - - TRACE("requesting chunk %u/%u of %s from %s",(unsigned int)whichChunk,(unsigned int)_download->haveChunks.size(),_download->filename.c_str()_download->currentlyReceivingFrom.toString().c_str()); - - Packet outp(_download->currentlyReceivingFrom,_r->identity.address(),Packet::VERB_FILE_BLOCK_REQUEST); - outp.append(_download->sha512,16); - outp.append((uint32_t)(whichChunk * ZT_UPDATER_CHUNK_SIZE)); - if (whichChunk == (_download->haveChunks.size() - 1)) - outp.append((uint16_t)_download->lastChunkSize); - else outp.append((uint16_t)ZT_UPDATER_CHUNK_SIZE); - _r->sw->send(outp,true); -} - -} // namespace ZeroTier - diff --git a/node/Updater.hpp b/node/Updater.hpp deleted file mode 100644 index 241c855b..00000000 --- a/node/Updater.hpp +++ /dev/null @@ -1,242 +0,0 @@ -/* - * ZeroTier One - Global Peer to Peer Ethernet - * Copyright (C) 2012-2013 ZeroTier Networks LLC - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - * - * -- - * - * ZeroTier may be used and distributed under the terms of the GPLv3, which - * are available at: http://www.gnu.org/licenses/gpl-3.0.html - * - * If you would like to embed ZeroTier into a commercial application or - * redistribute it in a modified binary form, please contact ZeroTier Networks - * LLC. Start here: http://www.zerotier.com/ - */ - -#ifndef _ZT_UPDATER_HPP -#define _ZT_UPDATER_HPP - -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "Constants.hpp" -#include "Packet.hpp" -#include "Mutex.hpp" -#include "Address.hpp" -#include "C25519.hpp" -#include "Array.hpp" -#include "Dictionary.hpp" - -// Chunk size-- this can be changed, picked to always fit in one packet each. -#define ZT_UPDATER_CHUNK_SIZE 1350 - -// Sanity check value for constraining max size since right now we buffer -// in RAM. -#define ZT_UPDATER_MAX_SUPPORTED_SIZE (1024 * 1024 * 16) - -// Retry timeout in ms. -#define ZT_UPDATER_RETRY_TIMEOUT 15000 - -// After this long, look for a new peer to download from -#define ZT_UPDATER_PEER_TIMEOUT 65000 - -namespace ZeroTier { - -class RuntimeEnvironment; - -/** - * Software update downloader and executer - * - * Downloads occur via the ZT1 protocol rather than out of band via http so - * that ZeroTier One can be run in secure jailed environments where it is the - * only protocol permitted over the "real" Internet. This is wanted for a - * number of potentially popular use cases, like private LANs that connect - * nodes in hostile environments or playing attack/defend on the future CTF - * network. - * - * The protocol is a simple chunk-pulling "trivial FTP" like thing that should - * be suitable for core engine software updates. Software updates themselves - * are platform-specific executables that ZeroTier One then exits and runs. - * - * Updaters are cached one-deep and can be replicated peer to peer in addition - * to coming from supernodes. This makes it just a little bit BitTorrent-like - * and helps things scale, and is also ready for further protocol - * decentralization that may occur in the future. - */ -class Updater -{ -public: - /** - * Contains information about a shared update available to other peers - */ - struct SharedUpdate - { - std::string fullPath; - std::string filename; - unsigned char sha512[64]; - C25519::Signature sig; - Address signedBy; - unsigned long size; - }; - - Updater(const RuntimeEnvironment *renv); - ~Updater(); - - /** - * Rescan home path for shareable updates - * - * This happens automatically on construction. - */ - void refreshShared(); - - /** - * Attempt to find an update if this version is newer than ours - * - * This is called whenever a peer notifies us of its version. It does nothing - * if that version is not newer, otherwise it looks around for an update. - * - * @param vMajor Major version - * @param vMinor Minor version - * @param revision Revision - */ - void getUpdateIfThisIsNewer(unsigned int vMajor,unsigned int vMinor,unsigned int revision); - - /** - * Called periodically from main loop - * - * This retries downloads if they're stalled and performs other cleanup. - */ - void retryIfNeeded(); - - /** - * Called when a chunk is received - * - * If the chunk is a final chunk and we now have an update, this may result - * in the commencement of the update process and the shutdown of ZT1. - * - * @param from Originating peer - * @param sha512 Up to 64 bytes of hash to match - * @param shalen Length of sha512[] - * @param at Position of chunk - * @param chunk Chunk data - * @param len Length of chunk - */ - void handleChunk(const Address &from,const void *sha512,unsigned int shalen,unsigned long at,const void *chunk,unsigned long len); - - /** - * Called when a reply to a search for an update is received - * - * This checks SHA-512 hash signature and version as parsed from filename - * before starting the transfer. - * - * @param from Node that sent reply saying it has the file - * @param filename Name of file (can be parsed for version info) - * @param sha512 64-byte SHA-512 hash of file's contents - * @param filesize Size of file in bytes - * @param signedBy Address of signer of filename+hash - * @param signature Signature (currently must be Ed25519) - * @param siglen Length of signature in bytes - */ - void handlePeerHasFile(const Address &from,const char *filename,const void *sha512,unsigned long filesize,const Address &signedBy,const void *signature,unsigned int siglen); - - /** - * Get data about a shared update if found - * - * @param filename File name - * @param update Empty structure to be filled with update info - * @return True if found (if false, 'update' is unmodified) - */ - bool findSharedUpdate(const char *filename,SharedUpdate &update) const; - - /** - * Get data about a shared update if found - * - * @param sha512 Up to 64 bytes of hash to match - * @param shalen Length of sha512[] - * @param update Empty structure to be filled with update info - * @return True if found (if false, 'update' is unmodified) - */ - bool findSharedUpdate(const void *sha512,unsigned int shalen,SharedUpdate &update) const; - - /** - * Get a chunk of a shared update - * - * @param sha512 Up to 64 bytes of hash to match - * @param shalen Length of sha512[] - * @param at Position in file - * @param chunk Buffer to store data - * @param chunklen Number of bytes to get - * @return True if chunk[] was successfully filled, false if not found or other error - */ - bool getSharedChunk(const void *sha512,unsigned int shalen,unsigned long at,void *chunk,unsigned long chunklen) const; - - /** - * @return Canonical update filename for this platform or empty string if unsupported - */ - static std::string generateUpdateFilename(unsigned int vMajor,unsigned int vMinor,unsigned int revision); - - /** - * Parse an updater filename and extract version info - * - * @param filename Filename to parse - * @return True if info was extracted and value-result parameters set - */ - static bool parseUpdateFilename(const char *filename,unsigned int &vMajor,unsigned int &vMinor,unsigned int &revision); - - /** - * Compare major, minor, and revision components of a version - * - * @return True if the first set is greater than the second - */ - static inline bool compareVersions(unsigned int vmaj1,unsigned int vmin1,unsigned int rev1,unsigned int vmaj2,unsigned int vmin2,unsigned int rev2) - throw() - { - return ( ((((uint64_t)(vmaj1 & 0xffff)) << 32) | (((uint64_t)(vmin1 & 0xffff)) << 16) | (((uint64_t)(rev1 & 0xffff)))) > ((((uint64_t)(vmaj2 & 0xffff)) << 32) | (((uint64_t)(vmin2 & 0xffff)) << 16) | (((uint64_t)(rev2 & 0xffff)))) ); - } - -private: - void _requestNextChunk(); - - struct _Download - { - std::string data; - std::vector haveChunks; - std::list
peersThatHave; // excluding current - std::string filename; - unsigned char sha512[64]; - Address currentlyReceivingFrom; - uint64_t lastChunkReceivedAt; - unsigned long lastChunkSize; - unsigned int versionMajor,versionMinor,revision; - }; - - const RuntimeEnvironment *_r; - _Download *_download; - std::list _sharedUpdates; // usually not more than 1 or 2 of these - Mutex _lock; -}; - -} // namespace ZeroTier - -#endif diff --git a/objects.mk b/objects.mk index f38f3e90..547033f9 100644 --- a/objects.mk +++ b/objects.mk @@ -25,5 +25,4 @@ OBJS=\ node/SysEnv.o \ node/Topology.o \ node/UdpSocket.o \ - node/Updater.o \ node/Utils.o -- cgit v1.2.3 From 0a0ed893c3878c82070392bf953ecb16d50734d9 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Fri, 6 Dec 2013 13:15:30 -0800 Subject: HTTP client work... --- node/HttpClient.cpp | 291 ++++++++++++++++++++++++++++++++++++++++++++++++++++ node/HttpClient.hpp | 85 +++++++++++++++ objects.mk | 1 + 3 files changed, 377 insertions(+) create mode 100644 node/HttpClient.cpp create mode 100644 node/HttpClient.hpp (limited to 'node') diff --git a/node/HttpClient.cpp b/node/HttpClient.cpp new file mode 100644 index 00000000..a9c40205 --- /dev/null +++ b/node/HttpClient.cpp @@ -0,0 +1,291 @@ +/* + * ZeroTier One - Global Peer to Peer Ethernet + * Copyright (C) 2012-2013 ZeroTier Networks LLC + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + * + * -- + * + * ZeroTier may be used and distributed under the terms of the GPLv3, which + * are available at: http://www.gnu.org/licenses/gpl-3.0.html + * + * If you would like to embed ZeroTier into a commercial application or + * redistribute it in a modified binary form, please contact ZeroTier Networks + * LLC. Start here: http://www.zerotier.com/ + */ + +#include +#include +#include + +#include +#include +#include + +#include "Constants.hpp" +#include "HttpClient.hpp" +#include "Thread.hpp" +#include "Utils.hpp" +#include "NonCopyable.hpp" +#include "Defaults.hpp" + +#ifdef __UNIX_LIKE__ +#include +#include +#include +#include +#include +#include +#include +#endif + +namespace ZeroTier { + +#ifdef __UNIX_LIKE__ + +// The *nix implementation calls 'curl' externally rather than linking to it. +// This makes it an optional dependency that can be avoided in tiny systems +// provided you don't want to have automatic software updates... or want to +// do them via another method. + +// Paths where "curl" may be found on the system +#define NUM_CURL_PATHS 5 +static const char *CURL_PATHS[NUM_CURL_PATHS] = { "/usr/bin/curl","/bin/curl","/usr/local/bin/curl","/usr/sbin/curl","/sbin/curl" }; +static const std::string CURL_IN_HOME(ZT_DEFAULTS.defaultHomePath + "/curl"); + +// Maximum message length +#define CURL_MAX_MESSAGE_LENGTH (1024 * 1024 * 64) + +// Internal private thread class that performs request, notifies handler, +// and then commits suicide by deleting itself. +class P_Req : NonCopyable +{ +public: + P_Req(const char *method,const std::string &url,const std::map &headers,unsigned int timeout,void (*handler)(void *,int,const std::string &,bool,const std::string &),void *arg) : + _url(url), + _headers(headers), + _timeout(timeout), + _handler(handler), + _arg(arg) + { + _myThread = Thread::start(this); + } + + void threadMain() + { + char *curlArgs[1024]; + char buf[16384]; + fd_set readfds,writefds,errfds; + struct timeval tv; + + std::string curlPath; + for(int i=0;i(curlPath.c_str()); + curlArgs[1] = const_cast ("-D"); + curlArgs[2] = const_cast ("-"); // append headers before output + int argPtr = 3; + std::vector headerArgs; + for(std::map::const_iterator h(_headers.begin());h!=_headers.end();++h) { + headerArgs.push_back(h->first); + headerArgs.back().append(": "); + headerArgs.back().append(h->second); + } + for(std::vector::iterator h(headerArgs.begin());h!=headerArgs.end();++h) { + if (argPtr >= (1024 - 3)) // leave room for terminating NULL + break; + curlArgs[argPtr++] = const_cast ("-H"); + curlArgs[argPtr++] = const_cast (h->c_str()); + } + curlArgs[argPtr] = (char *)0; + + int curlStdout[2]; + int curlStderr[2]; + ::pipe(curlStdout); + ::pipe(curlStderr); + + long pid = (long)vfork(); + if (pid < 0) { + // fork() failed + ::close(curlStdout[0]); + ::close(curlStdout[1]); + ::close(curlStderr[0]); + ::close(curlStderr[1]); + _handler(_arg,-1,_url,false,"unable to fork()"); + delete this; + return; + } else if (pid > 0) { + // fork() succeeded, in parent process + ::close(curlStdout[1]); + ::close(curlStderr[1]); + fcntl(curlStdout[0],F_SETFL,O_NONBLOCK); + fcntl(curlStderr[0],F_SETFL,O_NONBLOCK); + + int exitCode = -1; + unsigned long long timesOutAt = Utils::now() + ((unsigned long long)_timeout * 1000ULL); + bool timedOut = false; + bool tooLong = false; + for(;;) { + FD_ZERO(&readfds); + FD_ZERO(&writefds); + FD_ZERO(&errfds); + FD_SET(curlStdout[0],&readfds); + FD_SET(curlStderr[0],&readfds); + FD_SET(curlStdout[0],&errfds); + FD_SET(curlStderr[0],&errfds); + tv.tv_sec = 1; + tv.tv_usec = 0; + select(std::max(curlStdout[0],curlStderr[0])+1,&readfds,&writefds,&errfds,&tv); + + if (FD_ISSET(curlStdout[0],&readfds)) { + int n = (int)::read(curlStdout[0],buf,sizeof(buf)); + if (n > 0) + _body.append(buf,n); + else break; + if (_body.length() > CURL_MAX_MESSAGE_LENGTH) { + ::kill(pid,SIGKILL); + tooLong = true; + break; + } + } + if (FD_ISSET(curlStderr[0],&readfds)) + ::read(curlStderr[0],buf,sizeof(buf)); + if (FD_ISSET(curlStdout[0],&errfds)||FD_ISSET(curlStderr[0],&errfds)) + break; + + if (Utils::now() >= timesOutAt) { + ::kill(pid,SIGKILL); + timedOut = true; + break; + } + + if (waitpid(pid,&exitCode,WNOHANG) > 0) { + pid = 0; + break; + } + } + + if (pid > 0) + waitpid(pid,&exitCode,0); + + ::close(curlStdout[0]); + ::close(curlStderr[0]); + + if (timedOut) + _handler(_arg,-1,_url,false,"connection timed out"); + else if (tooLong) + _handler(_arg,-1,_url,false,"response too long"); + else if (exitCode) + _handler(_arg,-1,_url,false,"connection failed (curl returned non-zero exit code)"); + else { + unsigned long idx = 0; + + // Grab status line and headers, which will prefix output on + // success and will end with an empty line. + std::vector headers; + headers.push_back(std::string()); + while (idx < _body.length()) { + char c = _body[idx++]; + if (c == '\n') { + if (!headers.back().length()) { + headers.pop_back(); + break; + } + } else if (c != '\r') // \r's shouldn't be present but ignore them if they are + headers.back().push_back(c); + } + if (headers.empty()||(!headers.front().length())) { + _handler(_arg,-1,_url,false,"HTTP response empty"); + delete this; + return; + } + + // Parse first line -- HTTP status code and response + size_t scPos = headers.front().find(' '); + if (scPos == std::string::npos) { + _handler(_arg,-1,_url,false,"invalid HTTP response (no status line)"); + delete this; + return; + } + ++scPos; + size_t msgPos = headers.front().find(' ',scPos); + if (msgPos == std::string::npos) + msgPos = headers.front().length(); + if ((msgPos - scPos) != 3) { + _handler(_arg,-1,_url,false,"invalid HTTP response (no response code)"); + delete this; + return; + } + unsigned int rcode = Utils::strToUInt(headers.front().substr(scPos,3).c_str()); + if ((!rcode)||(rcode > 999)) { + _handler(_arg,-1,_url,false,"invalid HTTP response (invalid response code)"); + delete this; + return; + } + + // Serve up the resulting data to the handler + if (rcode == 200) + _handler(_arg,rcode,_url,false,_body.substr(idx)); + else _handler(_arg,rcode,_url,false,headers.front().substr(scPos+3)); + } + + delete this; + return; + } else { + // fork() succeeded, in child process + ::dup2(curlStdout[1],STDOUT_FILENO); + ::close(curlStdout[1]); + ::dup2(curlStderr[1],STDERR_FILENO); + ::close(curlStderr[1]); + ::execv(curlPath.c_str(),curlArgs); + ::exit(-1); // only reached if execv() fails + } + } + + const std::string _url; + std::string _body; + std::map _headers; + unsigned int _timeout; + void (*_handler)(void *,int,const std::string &,bool,const std::string &); + void *_arg; + Thread _myThread; +}; + +HttpClient::Request HttpClient::_do( + const char *method, + const std::string &url, + const std::map &headers, + unsigned int timeout, + void (*handler)(void *,int,const std::string &,bool,const std::string &), + void *arg) +{ +} + +#endif + +} // namespace ZeroTier diff --git a/node/HttpClient.hpp b/node/HttpClient.hpp new file mode 100644 index 00000000..da12fb24 --- /dev/null +++ b/node/HttpClient.hpp @@ -0,0 +1,85 @@ +/* + * ZeroTier One - Global Peer to Peer Ethernet + * Copyright (C) 2012-2013 ZeroTier Networks LLC + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + * + * -- + * + * ZeroTier may be used and distributed under the terms of the GPLv3, which + * are available at: http://www.gnu.org/licenses/gpl-3.0.html + * + * If you would like to embed ZeroTier into a commercial application or + * redistribute it in a modified binary form, please contact ZeroTier Networks + * LLC. Start here: http://www.zerotier.com/ + */ + +#ifndef ZT_HTTPCLIENT_HPP +#define ZT_HTTPCLIENT_HPP + +#include +#include + +#include "Constants.hpp" + +namespace ZeroTier { + +/** + * HTTP client that does queries in the background + * + * The handler method takes the following arguments: an arbitrary pointer, an + * HTTP response code, the URL queried, whether or not the message body was + * stored on disk, and the message body. + * + * If stored on disk, the body string contains the path and the file must be + * moved or deleted by the receiver when it's done. If an error occurs, the + * response code will be negative and the body will be the error message. + * + * All headers in the returned headers map will have their header names + * converted to lower case, e.g. "content-type". + * + * Currently only the "http" transport is guaranteed to be supported on all + * platforms. + */ +class HttpClient +{ +public: + typedef void * Request; + + /** + * Request a URL using the GET method + */ + static inline Request GET( + const std::string &url, + const std::map &headers, + unsigned int timeout, + void (*handler)(void *,int,const std::string &,bool,const std::string &), + void *arg) + { + return _do("GET",url,headers,timeout,handler,arg); + } + +private: + static Request _do( + const char *method, + const std::string &url, + const std::map &headers, + unsigned int timeout, + void (*handler)(void *,int,const std::string &,bool,const std::string &), + void *arg); +}; + +} // namespace ZeroTier + +#endif diff --git a/objects.mk b/objects.mk index 547033f9..7eb97574 100644 --- a/objects.mk +++ b/objects.mk @@ -6,6 +6,7 @@ OBJS=\ node/Defaults.o \ node/Demarc.o \ node/EthernetTap.o \ + node/HttpClient.o \ node/Identity.o \ node/InetAddress.o \ node/Logger.o \ -- cgit v1.2.3 From 518410b7e0f8b88ee8822e4449e91f7c52d1022a Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Fri, 6 Dec 2013 16:00:12 -0800 Subject: HTTP client works! --- node/HttpClient.cpp | 29 ++++++++++++++++------------- node/HttpClient.hpp | 5 +++++ selftest.cpp | 36 ++++++++++++++++++++++++++++++++++++ 3 files changed, 57 insertions(+), 13 deletions(-) (limited to 'node') diff --git a/node/HttpClient.cpp b/node/HttpClient.cpp index a9c40205..1d1624db 100644 --- a/node/HttpClient.cpp +++ b/node/HttpClient.cpp @@ -52,6 +52,8 @@ namespace ZeroTier { +const std::map HttpClient::NO_HEADERS; + #ifdef __UNIX_LIKE__ // The *nix implementation calls 'curl' externally rather than linking to it. @@ -59,6 +61,10 @@ namespace ZeroTier { // provided you don't want to have automatic software updates... or want to // do them via another method. +#ifdef __APPLE__ +// TODO: get proxy configuration +#endif + // Paths where "curl" may be found on the system #define NUM_CURL_PATHS 5 static const char *CURL_PATHS[NUM_CURL_PATHS] = { "/usr/bin/curl","/bin/curl","/usr/local/bin/curl","/usr/sbin/curl","/sbin/curl" }; @@ -117,11 +123,12 @@ public: headerArgs.back().append(h->second); } for(std::vector::iterator h(headerArgs.begin());h!=headerArgs.end();++h) { - if (argPtr >= (1024 - 3)) // leave room for terminating NULL + if (argPtr >= (1024 - 4)) // leave room for terminating NULL and URL break; curlArgs[argPtr++] = const_cast ("-H"); curlArgs[argPtr++] = const_cast (h->c_str()); } + curlArgs[argPtr++] = const_cast (_url.c_str()); curlArgs[argPtr] = (char *)0; int curlStdout[2]; @@ -166,7 +173,8 @@ public: int n = (int)::read(curlStdout[0],buf,sizeof(buf)); if (n > 0) _body.append(buf,n); - else break; + else if (n < 0) + break; if (_body.length() > CURL_MAX_MESSAGE_LENGTH) { ::kill(pid,SIGKILL); tooLong = true; @@ -215,8 +223,8 @@ public: if (!headers.back().length()) { headers.pop_back(); break; - } - } else if (c != '\r') // \r's shouldn't be present but ignore them if they are + } else headers.push_back(std::string()); + } else if (c != '\r') headers.back().push_back(c); } if (headers.empty()||(!headers.front().length())) { @@ -233,14 +241,6 @@ public: return; } ++scPos; - size_t msgPos = headers.front().find(' ',scPos); - if (msgPos == std::string::npos) - msgPos = headers.front().length(); - if ((msgPos - scPos) != 3) { - _handler(_arg,-1,_url,false,"invalid HTTP response (no response code)"); - delete this; - return; - } unsigned int rcode = Utils::strToUInt(headers.front().substr(scPos,3).c_str()); if ((!rcode)||(rcode > 999)) { _handler(_arg,-1,_url,false,"invalid HTTP response (invalid response code)"); @@ -251,7 +251,9 @@ public: // Serve up the resulting data to the handler if (rcode == 200) _handler(_arg,rcode,_url,false,_body.substr(idx)); - else _handler(_arg,rcode,_url,false,headers.front().substr(scPos+3)); + else if ((scPos + 4) < headers.front().length()) + _handler(_arg,rcode,_url,false,headers.front().substr(scPos+4)); + else _handler(_arg,rcode,_url,false,"(no status message from server)"); } delete this; @@ -284,6 +286,7 @@ HttpClient::Request HttpClient::_do( void (*handler)(void *,int,const std::string &,bool,const std::string &), void *arg) { + return (HttpClient::Request)(new P_Req(method,url,headers,timeout,handler,arg)); } #endif diff --git a/node/HttpClient.hpp b/node/HttpClient.hpp index da12fb24..4f5c9bc7 100644 --- a/node/HttpClient.hpp +++ b/node/HttpClient.hpp @@ -57,6 +57,11 @@ class HttpClient public: typedef void * Request; + /** + * Empty map for convenience use + */ + static const std::map NO_HEADERS; + /** * Request a URL using the GET method */ diff --git a/selftest.cpp b/selftest.cpp index ba362bd3..50a14e0f 100644 --- a/selftest.cpp +++ b/selftest.cpp @@ -52,6 +52,7 @@ #include "node/C25519.hpp" #include "node/Poly1305.hpp" #include "node/CertificateOfMembership.hpp" +#include "node/HttpClient.hpp" #ifdef __WINDOWS__ #include @@ -63,6 +64,40 @@ using namespace ZeroTier; static unsigned char fuzzbuf[1048576]; +static Condition webDoneCondition; +static void testHttpHandler(void *arg,int code,const std::string &url,bool onDisk,const std::string &body) +{ + if (code == 200) + std::cout << "got " << body.length() << " bytes, response code " << code << std::endl; + else std::cout << "ERROR " << code << ": " << body << std::endl; + webDoneCondition.signal(); +} + +static int testHttp() +{ + std::cout << "[http] fetching http://download.zerotier.com/dev/1k ... "; std::cout.flush(); + HttpClient::GET("http://download.zerotier.com/dev/1k",HttpClient::NO_HEADERS,30,&testHttpHandler,(void *)0); + webDoneCondition.wait(); + + std::cout << "[http] fetching http://download.zerotier.com/dev/2k ... "; std::cout.flush(); + HttpClient::GET("http://download.zerotier.com/dev/2k",HttpClient::NO_HEADERS,30,&testHttpHandler,(void *)0); + webDoneCondition.wait(); + + std::cout << "[http] fetching http://download.zerotier.com/dev/4k ... "; std::cout.flush(); + HttpClient::GET("http://download.zerotier.com/dev/4k",HttpClient::NO_HEADERS,30,&testHttpHandler,(void *)0); + webDoneCondition.wait(); + + std::cout << "[http] fetching http://download.zerotier.com/dev/8k ... "; std::cout.flush(); + HttpClient::GET("http://download.zerotier.com/dev/8k",HttpClient::NO_HEADERS,30,&testHttpHandler,(void *)0); + webDoneCondition.wait(); + + std::cout << "[http] fetching http://download.zerotier.com/dev/NOEXIST ... "; std::cout.flush(); + HttpClient::GET("http://download.zerotier.com/dev/NOEXIST",HttpClient::NO_HEADERS,30,&testHttpHandler,(void *)0); + webDoneCondition.wait(); + + return 0; +} + static int testCrypto() { unsigned char buf1[16384]; @@ -562,6 +597,7 @@ int main(int argc,char **argv) srand((unsigned int)time(0)); + r |= testHttp(); r |= testCrypto(); r |= testPacket(); r |= testOther(); -- cgit v1.2.3 From 612c17240af65243a1fa5d8cc17d3ebdb38a9bee Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Fri, 6 Dec 2013 16:49:20 -0800 Subject: Dead code removal, fix for cleanup GitHub issue #28 --- node/Address.hpp | 4 ++-- node/Array.hpp | 4 ++-- node/AtomicCounter.hpp | 4 ++-- node/BandwidthAccount.hpp | 4 ++-- node/Buffer.hpp | 4 ++-- node/C25519.hpp | 4 ++-- node/CMWC4096.hpp | 4 ++-- node/CertificateOfMembership.hpp | 4 ++-- node/Condition.hpp | 4 ++-- node/Constants.hpp | 4 ++-- node/Defaults.hpp | 4 ++-- node/Demarc.hpp | 4 ++-- node/Dictionary.hpp | 4 ++-- node/EthernetTap.hpp | 4 ++-- node/Identity.hpp | 4 ++-- node/InetAddress.hpp | 4 ++-- node/Logger.hpp | 4 ++-- node/MAC.hpp | 4 ++-- node/MulticastGroup.hpp | 4 ++-- node/Multicaster.hpp | 4 ++-- node/Mutex.hpp | 4 ++-- node/Network.hpp | 4 ++-- node/NetworkConfig.hpp | 4 ++-- node/Node.cpp | 9 --------- node/Node.hpp | 12 ++---------- node/NodeConfig.hpp | 4 ++-- node/NonCopyable.hpp | 4 ++-- node/Packet.hpp | 4 ++-- node/PacketDecoder.hpp | 4 ++-- node/Peer.hpp | 4 ++-- node/Poly1305.hpp | 4 ++-- node/RuntimeEnvironment.hpp | 4 ++-- node/SHA512.hpp | 4 ++-- node/Salsa20.hpp | 4 ++-- node/Service.hpp | 4 ++-- node/SharedPtr.hpp | 4 ++-- node/Switch.hpp | 4 ++-- node/SysEnv.hpp | 4 ++-- node/Thread.hpp | 4 ++-- node/Topology.hpp | 4 ++-- node/UdpSocket.hpp | 4 ++-- node/Utils.hpp | 4 ++-- 42 files changed, 82 insertions(+), 99 deletions(-) (limited to 'node') diff --git a/node/Address.hpp b/node/Address.hpp index b28284b0..7247260c 100644 --- a/node/Address.hpp +++ b/node/Address.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_ADDRESS_HPP -#define _ZT_ADDRESS_HPP +#ifndef ZT_ADDRESS_HPP +#define ZT_ADDRESS_HPP #include #include diff --git a/node/Array.hpp b/node/Array.hpp index d48c2f52..c31626b2 100644 --- a/node/Array.hpp +++ b/node/Array.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_ARRAY_HPP -#define _ZT_ARRAY_HPP +#ifndef ZT_ARRAY_HPP +#define ZT_ARRAY_HPP #include #include diff --git a/node/AtomicCounter.hpp b/node/AtomicCounter.hpp index ebc70817..1aecaa65 100644 --- a/node/AtomicCounter.hpp +++ b/node/AtomicCounter.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_ATOMICCOUNTER_HPP -#define _ZT_ATOMICCOUNTER_HPP +#ifndef ZT_ATOMICCOUNTER_HPP +#define ZT_ATOMICCOUNTER_HPP #include "Mutex.hpp" #include "NonCopyable.hpp" diff --git a/node/BandwidthAccount.hpp b/node/BandwidthAccount.hpp index be180cfc..98c7dd20 100644 --- a/node/BandwidthAccount.hpp +++ b/node/BandwidthAccount.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_BWACCOUNT_HPP -#define _ZT_BWACCOUNT_HPP +#ifndef ZT_BWACCOUNT_HPP +#define ZT_BWACCOUNT_HPP #include #include diff --git a/node/Buffer.hpp b/node/Buffer.hpp index 1767ae04..e8308306 100644 --- a/node/Buffer.hpp +++ b/node/Buffer.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_BUFFER_HPP -#define _ZT_BUFFER_HPP +#ifndef ZT_BUFFER_HPP +#define ZT_BUFFER_HPP #include #include diff --git a/node/C25519.hpp b/node/C25519.hpp index 79edfa06..2a594f72 100644 --- a/node/C25519.hpp +++ b/node/C25519.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_C25519_HPP -#define _ZT_C25519_HPP +#ifndef ZT_C25519_HPP +#define ZT_C25519_HPP #include "Array.hpp" #include "Utils.hpp" diff --git a/node/CMWC4096.hpp b/node/CMWC4096.hpp index 29351861..01c57e15 100644 --- a/node/CMWC4096.hpp +++ b/node/CMWC4096.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_CMWC4096_HPP -#define _ZT_CMWC4096_HPP +#ifndef ZT_CMWC4096_HPP +#define ZT_CMWC4096_HPP #include #include "Utils.hpp" diff --git a/node/CertificateOfMembership.hpp b/node/CertificateOfMembership.hpp index 76e1cfbc..6f78734e 100644 --- a/node/CertificateOfMembership.hpp +++ b/node/CertificateOfMembership.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_CERTIFICATEOFMEMBERSHIP_HPP -#define _ZT_CERTIFICATEOFMEMBERSHIP_HPP +#ifndef ZT_CERTIFICATEOFMEMBERSHIP_HPP +#define ZT_CERTIFICATEOFMEMBERSHIP_HPP #include #include diff --git a/node/Condition.hpp b/node/Condition.hpp index 4b2d32ca..728799d9 100644 --- a/node/Condition.hpp +++ b/node/Condition.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_CONDITION_HPP -#define _ZT_CONDITION_HPP +#ifndef ZT_CONDITION_HPP +#define ZT_CONDITION_HPP #include "Constants.hpp" #include "NonCopyable.hpp" diff --git a/node/Constants.hpp b/node/Constants.hpp index dbdc4ec9..3f121cf4 100644 --- a/node/Constants.hpp +++ b/node/Constants.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_CONSTANTS_HPP -#define _ZT_CONSTANTS_HPP +#ifndef ZT_CONSTANTS_HPP +#define ZT_CONSTANTS_HPP // // This include file also auto-detects and canonicalizes some environment diff --git a/node/Defaults.hpp b/node/Defaults.hpp index dac59ae6..d546d01f 100644 --- a/node/Defaults.hpp +++ b/node/Defaults.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_DEFAULTS_HPP -#define _ZT_DEFAULTS_HPP +#ifndef ZT_DEFAULTS_HPP +#define ZT_DEFAULTS_HPP #include #include diff --git a/node/Demarc.hpp b/node/Demarc.hpp index fc283fef..0bbdef44 100644 --- a/node/Demarc.hpp +++ b/node/Demarc.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_DEMARC_HPP -#define _ZT_DEMARC_HPP +#ifndef ZT_DEMARC_HPP +#define ZT_DEMARC_HPP #include #include diff --git a/node/Dictionary.hpp b/node/Dictionary.hpp index a0a64cec..214c0094 100644 --- a/node/Dictionary.hpp +++ b/node/Dictionary.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_DICTIONARY_HPP -#define _ZT_DICTIONARY_HPP +#ifndef ZT_DICTIONARY_HPP +#define ZT_DICTIONARY_HPP #include #include diff --git a/node/EthernetTap.hpp b/node/EthernetTap.hpp index 3db41392..68a365bf 100644 --- a/node/EthernetTap.hpp +++ b/node/EthernetTap.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_ETHERNETTAP_HPP -#define _ZT_ETHERNETTAP_HPP +#ifndef ZT_ETHERNETTAP_HPP +#define ZT_ETHERNETTAP_HPP #include #include diff --git a/node/Identity.hpp b/node/Identity.hpp index cb911b92..f6b1f876 100644 --- a/node/Identity.hpp +++ b/node/Identity.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_IDENTITY_HPP -#define _ZT_IDENTITY_HPP +#ifndef ZT_IDENTITY_HPP +#define ZT_IDENTITY_HPP #include #include diff --git a/node/InetAddress.hpp b/node/InetAddress.hpp index 54fbc395..d90574e5 100644 --- a/node/InetAddress.hpp +++ b/node/InetAddress.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_INETADDRESS_HPP -#define _ZT_INETADDRESS_HPP +#ifndef ZT_INETADDRESS_HPP +#define ZT_INETADDRESS_HPP #include #include diff --git a/node/Logger.hpp b/node/Logger.hpp index de71ed39..b99df392 100644 --- a/node/Logger.hpp +++ b/node/Logger.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_LOGGER_HPP -#define _ZT_LOGGER_HPP +#ifndef ZT_LOGGER_HPP +#define ZT_LOGGER_HPP #include diff --git a/node/MAC.hpp b/node/MAC.hpp index 87363a44..f0bca937 100644 --- a/node/MAC.hpp +++ b/node/MAC.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_MAC_HPP -#define _ZT_MAC_HPP +#ifndef ZT_MAC_HPP +#define ZT_MAC_HPP #include #include diff --git a/node/MulticastGroup.hpp b/node/MulticastGroup.hpp index 426ef048..32f8c0ed 100644 --- a/node/MulticastGroup.hpp +++ b/node/MulticastGroup.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_MULTICASTGROUP_HPP -#define _ZT_MULTICASTGROUP_HPP +#ifndef ZT_MULTICASTGROUP_HPP +#define ZT_MULTICASTGROUP_HPP #include diff --git a/node/Multicaster.hpp b/node/Multicaster.hpp index 16ae7218..164bfd79 100644 --- a/node/Multicaster.hpp +++ b/node/Multicaster.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_MULTICASTER_HPP -#define _ZT_MULTICASTER_HPP +#ifndef ZT_MULTICASTER_HPP +#define ZT_MULTICASTER_HPP #include #include diff --git a/node/Mutex.hpp b/node/Mutex.hpp index b0130293..509b60be 100644 --- a/node/Mutex.hpp +++ b/node/Mutex.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_MUTEX_HPP -#define _ZT_MUTEX_HPP +#ifndef ZT_MUTEX_HPP +#define ZT_MUTEX_HPP #include "Constants.hpp" #include "NonCopyable.hpp" diff --git a/node/Network.hpp b/node/Network.hpp index a219cdf2..f41e7502 100644 --- a/node/Network.hpp +++ b/node/Network.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_NETWORK_HPP -#define _ZT_NETWORK_HPP +#ifndef ZT_NETWORK_HPP +#define ZT_NETWORK_HPP #include diff --git a/node/NetworkConfig.hpp b/node/NetworkConfig.hpp index a833006f..823363bd 100644 --- a/node/NetworkConfig.hpp +++ b/node/NetworkConfig.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_NETWORKCONFIG_HPP -#define _ZT_NETWORKCONFIG_HPP +#ifndef ZT_NETWORKCONFIG_HPP +#define ZT_NETWORKCONFIG_HPP #include diff --git a/node/Node.cpp b/node/Node.cpp index f2668e4e..8c6ab49b 100644 --- a/node/Node.cpp +++ b/node/Node.cpp @@ -623,15 +623,6 @@ unsigned int Node::versionMajor() throw() { return ZEROTIER_ONE_VERSION_MAJOR; } unsigned int Node::versionMinor() throw() { return ZEROTIER_ONE_VERSION_MINOR; } unsigned int Node::versionRevision() throw() { return ZEROTIER_ONE_VERSION_REVISION; } -// Scanned for by loader and/or updater to determine a binary's version -const unsigned char EMBEDDED_VERSION_STAMP[20] = { - 0x6d,0xfe,0xff,0x01,0x90,0xfa,0x89,0x57,0x88,0xa1,0xaa,0xdc,0xdd,0xde,0xb0,0x33, - ZEROTIER_ONE_VERSION_MAJOR, - ZEROTIER_ONE_VERSION_MINOR, - (unsigned char)(((unsigned int)ZEROTIER_ONE_VERSION_REVISION) & 0xff), /* little-endian */ - (unsigned char)((((unsigned int)ZEROTIER_ONE_VERSION_REVISION) >> 8) & 0xff) -}; - } // namespace ZeroTier extern "C" { diff --git a/node/Node.hpp b/node/Node.hpp index 476ec7cd..9d02c008 100644 --- a/node/Node.hpp +++ b/node/Node.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_NODE_HPP -#define _ZT_NODE_HPP +#ifndef ZT_NODE_HPP +#define ZT_NODE_HPP #include #include @@ -171,14 +171,6 @@ private: void *const _impl; // private implementation }; -/** - * An embedded version code that can be searched for in the binary - * - * This shouldn't be used by users, but is exported to make certain that - * the linker actually includes it in the image. - */ -extern const unsigned char EMBEDDED_VERSION_STAMP[20]; - } // namespace ZeroTier extern "C" { diff --git a/node/NodeConfig.hpp b/node/NodeConfig.hpp index 0e7e4c98..2612cf6a 100644 --- a/node/NodeConfig.hpp +++ b/node/NodeConfig.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_NODECONFIG_HPP -#define _ZT_NODECONFIG_HPP +#ifndef ZT_NODECONFIG_HPP +#define ZT_NODECONFIG_HPP #include diff --git a/node/NonCopyable.hpp b/node/NonCopyable.hpp index 26536a36..e39deba8 100644 --- a/node/NonCopyable.hpp +++ b/node/NonCopyable.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _NONCOPYABLE_HPP__ -#define _NONCOPYABLE_HPP__ +#ifndef ZT_NONCOPYABLE_HPP__ +#define ZT_NONCOPYABLE_HPP__ namespace ZeroTier { diff --git a/node/Packet.hpp b/node/Packet.hpp index b7f52e3c..6f3f9117 100644 --- a/node/Packet.hpp +++ b/node/Packet.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_N_PACKET_HPP -#define _ZT_N_PACKET_HPP +#ifndef ZT_N_PACKET_HPP +#define ZT_N_PACKET_HPP #include #include diff --git a/node/PacketDecoder.hpp b/node/PacketDecoder.hpp index cb3522ff..72b05290 100644 --- a/node/PacketDecoder.hpp +++ b/node/PacketDecoder.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_PACKETDECODER_HPP -#define _ZT_PACKETDECODER_HPP +#ifndef ZT_PACKETDECODER_HPP +#define ZT_PACKETDECODER_HPP #include diff --git a/node/Peer.hpp b/node/Peer.hpp index 0a8a7b57..de5df08f 100644 --- a/node/Peer.hpp +++ b/node/Peer.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_PEER_HPP -#define _ZT_PEER_HPP +#ifndef ZT_PEER_HPP +#define ZT_PEER_HPP #include diff --git a/node/Poly1305.hpp b/node/Poly1305.hpp index 94e6078d..8baa448f 100644 --- a/node/Poly1305.hpp +++ b/node/Poly1305.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_POLY1305_HPP -#define _ZT_POLY1305_HPP +#ifndef ZT_POLY1305_HPP +#define ZT_POLY1305_HPP namespace ZeroTier { diff --git a/node/RuntimeEnvironment.hpp b/node/RuntimeEnvironment.hpp index 75b171ff..48797b14 100644 --- a/node/RuntimeEnvironment.hpp +++ b/node/RuntimeEnvironment.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_RUNTIMEENVIRONMENT_HPP -#define _ZT_RUNTIMEENVIRONMENT_HPP +#ifndef ZT_RUNTIMEENVIRONMENT_HPP +#define ZT_RUNTIMEENVIRONMENT_HPP #include diff --git a/node/SHA512.hpp b/node/SHA512.hpp index 565eb097..721933cb 100644 --- a/node/SHA512.hpp +++ b/node/SHA512.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_SHA512_HPP -#define _ZT_SHA512_HPP +#ifndef ZT_SHA512_HPP +#define ZT_SHA512_HPP #define ZT_SHA512_DIGEST_LEN 64 diff --git a/node/Salsa20.hpp b/node/Salsa20.hpp index 9f34ba78..e09e2aaa 100644 --- a/node/Salsa20.hpp +++ b/node/Salsa20.hpp @@ -4,8 +4,8 @@ * This therefore is public domain. */ -#ifndef _ZT_SALSA20_HPP -#define _ZT_SALSA20_HPP +#ifndef ZT_SALSA20_HPP +#define ZT_SALSA20_HPP #include diff --git a/node/Service.hpp b/node/Service.hpp index d8467cd1..22e53d62 100644 --- a/node/Service.hpp +++ b/node/Service.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_SERVICE_HPP -#define _ZT_SERVICE_HPP +#ifndef ZT_SERVICE_HPP +#define ZT_SERVICE_HPP #include #include diff --git a/node/SharedPtr.hpp b/node/SharedPtr.hpp index 834d0a2e..f7604c06 100644 --- a/node/SharedPtr.hpp +++ b/node/SharedPtr.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_SHAREDPTR_HPP -#define _ZT_SHAREDPTR_HPP +#ifndef ZT_SHAREDPTR_HPP +#define ZT_SHAREDPTR_HPP #include "Mutex.hpp" #include "AtomicCounter.hpp" diff --git a/node/Switch.hpp b/node/Switch.hpp index 68e3c6c4..6b3b8e6e 100644 --- a/node/Switch.hpp +++ b/node/Switch.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_N_SWITCH_HPP -#define _ZT_N_SWITCH_HPP +#ifndef ZT_N_SWITCH_HPP +#define ZT_N_SWITCH_HPP #include #include diff --git a/node/SysEnv.hpp b/node/SysEnv.hpp index 21c25713..4f4a4f16 100644 --- a/node/SysEnv.hpp +++ b/node/SysEnv.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_SYSENV_HPP -#define _ZT_SYSENV_HPP +#ifndef ZT_SYSENV_HPP +#define ZT_SYSENV_HPP #include diff --git a/node/Thread.hpp b/node/Thread.hpp index d295fea3..8adf79d3 100644 --- a/node/Thread.hpp +++ b/node/Thread.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_THREAD_HPP -#define _ZT_THREAD_HPP +#ifndef ZT_THREAD_HPP +#define ZT_THREAD_HPP #include diff --git a/node/Topology.hpp b/node/Topology.hpp index 09dec86e..312377bc 100644 --- a/node/Topology.hpp +++ b/node/Topology.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_TOPOLOGY_HPP -#define _ZT_TOPOLOGY_HPP +#ifndef ZT_TOPOLOGY_HPP +#define ZT_TOPOLOGY_HPP #include #include diff --git a/node/UdpSocket.hpp b/node/UdpSocket.hpp index d8467f64..cbd9de86 100644 --- a/node/UdpSocket.hpp +++ b/node/UdpSocket.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_UDPSOCKET_HPP -#define _ZT_UDPSOCKET_HPP +#ifndef ZT_UDPSOCKET_HPP +#define ZT_UDPSOCKET_HPP #include diff --git a/node/Utils.hpp b/node/Utils.hpp index 2fea8b9b..dfead0d1 100644 --- a/node/Utils.hpp +++ b/node/Utils.hpp @@ -25,8 +25,8 @@ * LLC. Start here: http://www.zerotier.com/ */ -#ifndef _ZT_UTILS_HPP -#define _ZT_UTILS_HPP +#ifndef ZT_UTILS_HPP +#define ZT_UTILS_HPP #include #include -- cgit v1.2.3 From bf0da9f2f778aeb3eebe200a8cdeecbc6e1f9253 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Tue, 10 Dec 2013 15:30:53 -0800 Subject: Rest of software updater, ready to test... --- main.cpp | 17 +++- node/Constants.hpp | 10 +++ node/Defaults.cpp | 7 +- node/Defaults.hpp | 5 ++ node/HttpClient.cpp | 12 ++- node/Node.hpp | 17 +++- node/RuntimeEnvironment.hpp | 6 +- node/SoftwareUpdater.cpp | 187 ++++++++++++++++++++++++++++++++++++++++++++ node/SoftwareUpdater.hpp | 110 ++++++++++++++++++++++++++ objects.mk | 1 + 10 files changed, 361 insertions(+), 11 deletions(-) create mode 100644 node/SoftwareUpdater.cpp create mode 100644 node/SoftwareUpdater.hpp (limited to 'node') diff --git a/main.cpp b/main.cpp index 872fd37c..37d82bc8 100644 --- a/main.cpp +++ b/main.cpp @@ -44,6 +44,7 @@ #else #include #include +#include #include #include #include @@ -473,13 +474,21 @@ int main(int argc,char **argv) try { node = new Node(homeDir,port,controlPort); - const char *termReason = (char *)0; switch(node->run()) { - case Node::NODE_UNRECOVERABLE_ERROR: + case Node::NODE_NODE_RESTART_FOR_UPGRADE: { +#ifdef __UNIX_LIKE__ + const char *upgPath = node->reasonForTermination(); + if (upgPath) + execl(upgPath,upgPath,"-s",(char *)0); // -s = (re)start after install/upgrade + exitCode = -1; + fprintf(stderr,"%s: abnormal termination: unable to execute update at %s",argv[0],(upgPath) ? upgPath : "(unknown path)"); +#endif + } break; + case Node::NODE_UNRECOVERABLE_ERROR: { exitCode = -1; - termReason = node->reasonForTermination(); + const char *termReason = node->reasonForTermination(); fprintf(stderr,"%s: abnormal termination: %s\n",argv[0],(termReason) ? termReason : "(unknown reason)"); - break; + } break; default: break; } diff --git a/node/Constants.hpp b/node/Constants.hpp index 3f121cf4..21c8a0ec 100644 --- a/node/Constants.hpp +++ b/node/Constants.hpp @@ -330,4 +330,14 @@ error_no_byte_order_defined; */ #define ZT_RENDEZVOUS_NAT_T_DELAY 500 +/** + * Minimum interval between attempts to do a software update + */ +#define ZT_UPDATE_MIN_INTERVAL 120000 + +/** + * Update HTTP timeout in seconds + */ +#define ZT_UPDATE_HTTP_TIMEOUT 30 + #endif diff --git a/node/Defaults.cpp b/node/Defaults.cpp index cfc901b5..566658fa 100644 --- a/node/Defaults.cpp +++ b/node/Defaults.cpp @@ -122,13 +122,18 @@ static inline std::map< Address,Identity > _mkUpdateAuth() return ua; } +static inline std::string _mkUpdateUrl() +{ +} + Defaults::Defaults() : #ifdef ZT_TRACE_MULTICAST multicastTraceWatcher(ZT_TRACE_MULTICAST), #endif defaultHomePath(_mkDefaultHomePath()), supernodes(_mkSupernodeMap()), - updateAuthorities(_mkUpdateAuth()) + updateAuthorities(_mkUpdateAuth()), + updateLatestNfoURL(_mkUpdateUrl()) { } diff --git a/node/Defaults.hpp b/node/Defaults.hpp index d546d01f..9d6d4bcf 100644 --- a/node/Defaults.hpp +++ b/node/Defaults.hpp @@ -78,6 +78,11 @@ public: * build will not auto-update. */ const std::map< Address,Identity > updateAuthorities; + + /** + * URL to latest .nfo for software updates + */ + const std::string updateLatestNfoURL; }; extern const Defaults ZT_DEFAULTS; diff --git a/node/HttpClient.cpp b/node/HttpClient.cpp index 1d1624db..15c01c44 100644 --- a/node/HttpClient.cpp +++ b/node/HttpClient.cpp @@ -112,6 +112,12 @@ public: return; } + if (!_url.length()) { + _handler(_arg,-1,_url,false,"cannot fetch empty URL"); + delete this; + return; + } + curlArgs[0] = const_cast (curlPath.c_str()); curlArgs[1] = const_cast ("-D"); curlArgs[2] = const_cast ("-"); // append headers before output @@ -171,9 +177,11 @@ public: if (FD_ISSET(curlStdout[0],&readfds)) { int n = (int)::read(curlStdout[0],buf,sizeof(buf)); - if (n > 0) + if (n > 0) { _body.append(buf,n); - else if (n < 0) + // Reset timeout when data is read... + timesOutAt = Utils::now() + ((unsigned long long)_timeout * 1000ULL); + } else if (n < 0) break; if (_body.length() > CURL_MAX_MESSAGE_LENGTH) { ::kill(pid,SIGKILL); diff --git a/node/Node.hpp b/node/Node.hpp index 9d02c008..2736713f 100644 --- a/node/Node.hpp +++ b/node/Node.hpp @@ -97,9 +97,24 @@ public: */ enum ReasonForTermination { + /** + * Node is currently in run() + */ NODE_RUNNING = 0, + + /** + * Node is shutting down for normal reasons, including a signal + */ NODE_NORMAL_TERMINATION = 1, - NODE_RESTART_FOR_RECONFIGURATION = 2, + + /** + * An upgrade is available. Its path is in reasonForTermination(). + */ + NODE_RESTART_FOR_UPGRADE = 2, + + /** + * A serious unrecoverable error has occurred. + */ NODE_UNRECOVERABLE_ERROR = 3 }; diff --git a/node/RuntimeEnvironment.hpp b/node/RuntimeEnvironment.hpp index 48797b14..05e10676 100644 --- a/node/RuntimeEnvironment.hpp +++ b/node/RuntimeEnvironment.hpp @@ -46,7 +46,7 @@ class CMWC4096; class Service; class Node; class Multicaster; -class Updater; +class SoftwareUpdater; /** * Holds global state for an instance of ZeroTier::Node @@ -73,7 +73,7 @@ public: topology((Topology *)0), sysEnv((SysEnv *)0), nc((NodeConfig *)0), - updater((Updater *)0) + updater((SoftwareUpdater *)0) #ifndef __WINDOWS__ ,netconfService((Service *)0) #endif @@ -110,7 +110,7 @@ public: SysEnv *sysEnv; NodeConfig *nc; Node *node; - Updater *updater; // null if auto-updates are disabled + SoftwareUpdater *updater; // null if software updates are not enabled #ifndef __WINDOWS__ Service *netconfService; // null if no netconf service running #endif diff --git a/node/SoftwareUpdater.cpp b/node/SoftwareUpdater.cpp new file mode 100644 index 00000000..4cb2f7e4 --- /dev/null +++ b/node/SoftwareUpdater.cpp @@ -0,0 +1,187 @@ +/* + * ZeroTier One - Global Peer to Peer Ethernet + * Copyright (C) 2012-2013 ZeroTier Networks LLC + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + * + * -- + * + * ZeroTier may be used and distributed under the terms of the GPLv3, which + * are available at: http://www.gnu.org/licenses/gpl-3.0.html + * + * If you would like to embed ZeroTier into a commercial application or + * redistribute it in a modified binary form, please contact ZeroTier Networks + * LLC. Start here: http://www.zerotier.com/ + */ + +#include +#include +#include + +#include "../version.h" + +#include "SoftwareUpdater.hpp" +#include "Dictionary.hpp" +#include "C25519.hpp" +#include "Identity.hpp" +#include "Logger.hpp" +#include "RuntimeEnvironment.hpp" +#include "Thread.hpp" +#include "Node.hpp" + +#ifdef __UNIX_LIKE__ +#include +#include +#include +#include +#endif + +namespace ZeroTier { + +SoftwareUpdater::SoftwareUpdater(const RuntimeEnvironment *renv) : + _r(renv), + _myVersion(packVersion(ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION)), + _lastUpdateAttempt(0), + _status(UPDATE_STATUS_IDLE), + _die(false), + _lock() +{ +} + +SoftwareUpdater::~SoftwareUpdater() +{ + _die = true; + for(;;) { + _lock.lock(); + bool ip = (_status != UPDATE_STATUS_IDLE); + _lock.unlock(); + if (ip) + Thread::sleep(500); + else break; + } +} + +void SoftwareUpdater::_cbHandleGetLatestVersionInfo(void *arg,int code,const std::string &url,bool onDisk,const std::string &body) +{ + SoftwareUpdater *upd = (SoftwareUpdater *)arg; + const RuntimeEnvironment *_r = (const RuntimeEnvironment *)upd->_r; + Mutex::Lock _l(upd->_lock); + + if ((upd->_die)||(upd->_status != UPDATE_STATUS_GETTING_NFO)) { + upd->_status = UPDATE_STATUS_IDLE; + return; + } + + if (code != 200) { + LOG("unable to check for software updates, response code %d (%s)",code,body.c_str()); + upd->_status = UPDATE_STATUS_IDLE; + return; + } + + try { + Dictionary nfo(body); + const unsigned int vMajor = Utils::strToUInt(nfo.get("vMajor").c_str()); + const unsigned int vMinor = Utils::strToUInt(nfo.get("vMinor").c_str()); + const unsigned int vRevision = Utils::strToUInt(nfo.get("vRevision").c_str()); + const Address signedBy(nfo.get("signedBy")); + const std::string signature(Utils::unhex(nfo.get("ed25519"))); + const std::string &url = nfo.get("url"); + + if (signature.length() != ZT_C25519_SIGNATURE_LEN) { + LOG("software update aborted: .nfo file invalid: bad Ed25519 signature"); + upd->_status = UPDATE_STATUS_IDLE; + return; + } + if ((url.length() <= 7)||(url.substr(0,7) != "http://")) { + LOG("software update aborted: .nfo file invalid: update URL must begin with http://"); + upd->_status = UPDATE_STATUS_IDLE; + return; + } + if (packVersion(vMajor,vMinor,vRevision) <= upd->_myVersion) { + LOG("software update aborted: .nfo file invalid: version on web site <= my version"); + upd->_status = UPDATE_STATUS_IDLE; + return; + } + + if (!ZT_DEFAULTS.updateAuthorities.count(signedBy)) { + LOG("software update aborted: .nfo file specifies unknown signing authority"); + upd->_status = UPDATE_STATUS_IDLE; + return; + } + + upd->_status = UPDATE_STATUS_GETTING_FILE; + upd->_signedBy = signedBy; + upd->_signature = signature; + + HttpClient::GET(url,HttpClient::NO_HEADERS,ZT_UPDATE_HTTP_TIMEOUT,&_cbHandleGetLatestVersionBinary,arg); + } catch ( ... ) { + LOG("software update check failed: .nfo file invalid: fields missing or invalid dictionary format"); + upd->_status = UPDATE_STATUS_IDLE; + } +} + +void SoftwareUpdater::_cbHandleGetLatestVersionBinary(void *arg,int code,const std::string &url,bool onDisk,const std::string &body) +{ + SoftwareUpdater *upd = (SoftwareUpdater *)arg; + const RuntimeEnvironment *_r = (const RuntimeEnvironment *)upd->_r; + Mutex::Lock _l(upd->_lock); + + std::map< Address,Identity >::const_iterator updateAuthority = ZT_DEFAULTS.updateAuthorities.find(upd->_signedBy); + if (updateAuthority == ZT_DEFAULTS.updateAuthorities.end()) { // sanity check, shouldn't happen + LOG("software update aborted: .nfo file specifies unknown signing authority"); + upd->_status = UPDATE_STATUS_IDLE; + return; + } + + // The all-important authenticity check... :) + if (!updateAuthority->second.verify(body.data(),body.length(),upd->_signature.data(),upd->_signature.length())) { + LOG("software update aborted: update fetched from '%s' failed certificate check against signer %s",url.c_str(),updateAuthority->first.toString().c_str()); + upd->_status = UPDATE_STATUS_IDLE; + return; + } + +#ifdef __UNIX_LIKE__ + size_t lastSlash = url.rfind('/'); + if (lastSlash == std::string::npos) { // sanity check, shouldn't happen + LOG("software update aborted: invalid URL"); + upd->_status = UPDATE_STATUS_IDLE; + return; + } + std::string updatesDir(_r->homePath + ZT_PATH_SEPARATOR_S + "updates.d"); + std::string updatePath(updatesDir + ZT_PATH_SEPARATOR_S + url.substr(lastSlash + 1)); + mkdir(updatesDir.c_str(),0755); + + int fd = ::open(updatePath.c_str(),O_WRONLY|O_CREAT|O_TRUNC,0755); + if (fd <= 0) { + LOG("software update aborted: unable to open %s for writing",updatePath.c_str()); + upd->_status = UPDATE_STATUS_IDLE; + return; + } + if ((long)::write(fd,body.data(),body.length()) != (long)body.length()) { + LOG("software update aborted: unable to write to %s",updatePath.c_str()); + upd->_status = UPDATE_STATUS_IDLE; + return; + } + ::close(fd); + ::chmod(updatePath.c_str(),0755); + + _r->node->terminate(Node::NODE_RESTART_FOR_UPGRADE,updatePath.c_str()); +#endif + +#ifdef __WINDOWS__ + todo; +#endif +} + +} // namespace ZeroTier diff --git a/node/SoftwareUpdater.hpp b/node/SoftwareUpdater.hpp new file mode 100644 index 00000000..bfcdf395 --- /dev/null +++ b/node/SoftwareUpdater.hpp @@ -0,0 +1,110 @@ +/* + * ZeroTier One - Global Peer to Peer Ethernet + * Copyright (C) 2012-2013 ZeroTier Networks LLC + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + * + * -- + * + * ZeroTier may be used and distributed under the terms of the GPLv3, which + * are available at: http://www.gnu.org/licenses/gpl-3.0.html + * + * If you would like to embed ZeroTier into a commercial application or + * redistribute it in a modified binary form, please contact ZeroTier Networks + * LLC. Start here: http://www.zerotier.com/ + */ + +#ifndef ZT_SOFTWAREUPDATER_HPP +#define ZT_SOFTWAREUPDATER_HPP + +#include + +#include "Constants.hpp" +#include "Mutex.hpp" +#include "Utils.hpp" +#include "HttpClient.hpp" +#include "Defaults.hpp" + +namespace ZeroTier { + +class RuntimeEnvironment; + +/** + * Software updater + */ +class SoftwareUpdater +{ +public: + SoftwareUpdater(const RuntimeEnvironment *renv); + ~SoftwareUpdater(); + + /** + * Called on each version message from a peer + * + * If a peer has a newer version, that causes an update to be started. + * + * @param vmaj Peer's major version + * @param vmin Peer's minor version + * @param rev Peer's revision + */ + inline void sawRemoteVersion(unsigned int vmaj,unsigned int vmin,unsigned int rev) + { + const uint64_t tmp = packVersion(vmaj,vmin,rev); + if (tmp > _myVersion) { + Mutex::Lock _l(_lock); + if ((_status == UPDATE_STATUS_IDLE)&&(!_die)&&(ZT_DEFAULTS.updateLatestNfoURL.length())) { + const uint64_t now = Utils::now(); + if ((now - _lastUpdateAttempt) >= ZT_UPDATE_MIN_INTERVAL) { + _lastUpdateAttempt = now; + _status = UPDATE_STATUS_GETTING_NFO; + HttpClient::GET(ZT_DEFAULTS.updateLatestNfoURL,HttpClient::NO_HEADERS,ZT_UPDATE_HTTP_TIMEOUT,&_cbHandleGetLatestVersionInfo,this); + } + } + } + } + + /** + * Pack three-component version into a 64-bit integer + * + * @param vmaj Major version (0..65535) + * @param vmin Minor version (0..65535) + * @param rev Revision (0..65535) + */ + static inline uint64_t packVersion(unsigned int vmaj,unsigned int vmin,unsigned int rev) + throw() + { + return ( ((uint64_t)(vmaj & 0xffff) << 32) | ((uint64_t)(vmin & 0xffff) << 16) | (uint64_t)(rev & 0xffff) ); + } + +private: + static void _cbHandleGetLatestVersionInfo(void *arg,int code,const std::string &url,bool onDisk,const std::string &body); + static void _cbHandleGetLatestVersionBinary(void *arg,int code,const std::string &url,bool onDisk,const std::string &body); + + const RuntimeEnvironment *_r; + const uint64_t _myVersion; + volatile uint64_t _lastUpdateAttempt; + volatile enum { + UPDATE_STATUS_IDLE, + UPDATE_STATUS_GETTING_NFO, + UPDATE_STATUS_GETTING_FILE + } _status; + volatile bool _die; + Address _signedBy; + std::string _signature; + Mutex _lock; +}; + +} // namespace ZeroTier + +#endif diff --git a/objects.mk b/objects.mk index 7eb97574..317e9e84 100644 --- a/objects.mk +++ b/objects.mk @@ -21,6 +21,7 @@ OBJS=\ node/Poly1305.o \ node/Salsa20.o \ node/Service.o \ + node/SoftwareUpdater.o \ node/SHA512.o \ node/Switch.o \ node/SysEnv.o \ -- cgit v1.2.3 From d3bcc58074d608639176ce3cd30fa7c5307676b9 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Tue, 10 Dec 2013 16:13:07 -0800 Subject: Fix update URL stuff, fix main build, add update dummy for testing updates on OSX and Linux and such. --- attic/update-dummy/update-dummy.nfo | 6 ++++++ attic/update-dummy/update-dummy.sh | 4 ++++ main.cpp | 2 +- node/Defaults.cpp | 20 +++++++++++++++++++- 4 files changed, 30 insertions(+), 2 deletions(-) create mode 100644 attic/update-dummy/update-dummy.nfo create mode 100644 attic/update-dummy/update-dummy.sh (limited to 'node') diff --git a/attic/update-dummy/update-dummy.nfo b/attic/update-dummy/update-dummy.nfo new file mode 100644 index 00000000..2aa173e0 --- /dev/null +++ b/attic/update-dummy/update-dummy.nfo @@ -0,0 +1,6 @@ +vMajor=999 +vMinor=999 +vRevision=999 +signedBy=e9bc3707b5 +ed25519=ca7b943ace5451f420f1f599822d7013534a7cb7997096141e6a1aa6398c5f260c19dc5eecb297c922950f26dee7f9db787f8dbf85bc422baf3bff94c1131e086a7fc85c26dbb8c1b0a9cae63acc34998d9e1ce553156ea5638f9c99a50f6e2e +url=http://download.zerotier.com/update/update-dummy.sh diff --git a/attic/update-dummy/update-dummy.sh b/attic/update-dummy/update-dummy.sh new file mode 100644 index 00000000..cafb6f90 --- /dev/null +++ b/attic/update-dummy/update-dummy.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +echo "Dummy updater -- run with opts: $*" +exit 0 diff --git a/main.cpp b/main.cpp index 37d82bc8..4bb47cf0 100644 --- a/main.cpp +++ b/main.cpp @@ -475,7 +475,7 @@ int main(int argc,char **argv) try { node = new Node(homeDir,port,controlPort); switch(node->run()) { - case Node::NODE_NODE_RESTART_FOR_UPGRADE: { + case Node::NODE_RESTART_FOR_UPGRADE: { #ifdef __UNIX_LIKE__ const char *upgPath = node->reasonForTermination(); if (upgPath) diff --git a/node/Defaults.cpp b/node/Defaults.cpp index 566658fa..2588c85f 100644 --- a/node/Defaults.cpp +++ b/node/Defaults.cpp @@ -122,8 +122,26 @@ static inline std::map< Address,Identity > _mkUpdateAuth() return ua; } -static inline std::string _mkUpdateUrl() +static inline const char *_mkUpdateUrl() { +#if defined(__LINUX__) && ( defined(__i386__) || defined(__x86_64) || defined(__x86_64__) || defined(__amd64) || defined(__i386) ) + if (sizeof(void *) == 8) + return "http://download.zerotier.com/update/linux/x64/latest.nfo"; + else return "http://download.zerotier.com/update/linux/x86/latest.nfo"; +#define GOT_UPDATE_URL +#endif + +#ifdef __APPLE__ + // TODO: iOS? + return "http://download.zerotier.com/update/mac/combined/latest.nfo"; +#define GOT_UPDATE_URL +#endif + + // TODO: Windows + +#ifndef GOT_UPDATE_URL + return ""; +#endif } Defaults::Defaults() : -- cgit v1.2.3 From a22a3ed7e8754fbfb2f48e4a32b79d6b7468e25c Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Wed, 11 Dec 2013 13:00:18 -0800 Subject: Software update work... --- make-mac.mk | 2 +- node/Node.cpp | 6 ++++++ node/NodeConfig.cpp | 9 +++++++++ node/SoftwareUpdater.hpp | 14 ++++++++++++++ 4 files changed, 30 insertions(+), 1 deletion(-) (limited to 'node') diff --git a/make-mac.mk b/make-mac.mk index 8b1d121b..9f0d7d8c 100644 --- a/make-mac.mk +++ b/make-mac.mk @@ -2,7 +2,7 @@ CC=clang CXX=clang++ INCLUDES= -DEFS= +DEFS=-DZT_AUTO_UPDATE LIBS=-lm # Uncomment for a release optimized universal binary build diff --git a/node/Node.cpp b/node/Node.cpp index 8c6ab49b..dd0e47ed 100644 --- a/node/Node.cpp +++ b/node/Node.cpp @@ -68,6 +68,7 @@ #include "CMWC4096.hpp" #include "SHA512.hpp" #include "Service.hpp" +#include "SoftwareUpdater.hpp" #ifdef __WINDOWS__ #include @@ -210,6 +211,7 @@ struct _NodeImpl #ifndef __WINDOWS__ delete renv.netconfService; #endif + delete renv.updater; delete renv.nc; delete renv.sysEnv; delete renv.topology; @@ -429,6 +431,10 @@ Node::ReasonForTermination Node::run() return impl->terminateBecause(Node::NODE_UNRECOVERABLE_ERROR,foo); } _r->node = this; +#ifdef ZT_AUTO_UPDATE + if (ZT_DEFAULTS.updateLatestNfoURL.length()) + _r->updater = new SoftwareUpdater(_r); +#endif // Bind local port for core I/O if (!_r->demarc->bindLocalUdp(impl->port)) { diff --git a/node/NodeConfig.cpp b/node/NodeConfig.cpp index ce5943c5..770f1f6f 100644 --- a/node/NodeConfig.cpp +++ b/node/NodeConfig.cpp @@ -56,6 +56,7 @@ #include "Poly1305.hpp" #include "SHA512.hpp" #include "Node.hpp" +#include "SoftwareUpdater.hpp" namespace ZeroTier { @@ -184,6 +185,7 @@ std::vector NodeConfig::execute(const char *command) _P("200 help join "); _P("200 help leave "); _P("200 help terminate []"); + _P("200 help updatecheck"); } else if (cmd[0] == "info") { bool isOnline = false; uint64_t now = Utils::now(); @@ -268,6 +270,13 @@ std::vector NodeConfig::execute(const char *command) if (cmd.size() > 1) _r->node->terminate(Node::NODE_NORMAL_TERMINATION,cmd[1].c_str()); else _r->node->terminate(Node::NODE_NORMAL_TERMINATION,(const char *)0); + } else if (cmd[0] == "updatecheck") { + if (_r->updater) { + _P("200 checking for software updates now at: %s",ZT_DEFAULTS.updateLatestNfoURL.c_str()); + _r->updater->checkNow(); + } else { + _P("500 software updates are not enabled"); + } } else { _P("404 %s No such command. Use 'help' for help.",cmd[0].c_str()); } diff --git a/node/SoftwareUpdater.hpp b/node/SoftwareUpdater.hpp index bfcdf395..5e47bbea 100644 --- a/node/SoftwareUpdater.hpp +++ b/node/SoftwareUpdater.hpp @@ -74,12 +74,26 @@ public: } } + /** + * Check for updates now regardless of last check time or version + */ + inline void checkNow() + { + Mutex::Lock _l(_lock); + if (_status == UPDATE_STATUS_IDLE) { + _lastUpdateAttempt = Utils::now(); + _status = UPDATE_STATUS_GETTING_NFO; + HttpClient::GET(ZT_DEFAULTS.updateLatestNfoURL,HttpClient::NO_HEADERS,ZT_UPDATE_HTTP_TIMEOUT,&_cbHandleGetLatestVersionInfo,this); + } + } + /** * Pack three-component version into a 64-bit integer * * @param vmaj Major version (0..65535) * @param vmin Minor version (0..65535) * @param rev Revision (0..65535) + * @return Version packed into an easily comparable 64-bit integer */ static inline uint64_t packVersion(unsigned int vmaj,unsigned int vmin,unsigned int rev) throw() -- cgit v1.2.3 From ec4ffc0c2c269660c3e4a3ab2315d098e82bc676 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Wed, 11 Dec 2013 13:14:10 -0800 Subject: Software update fetcher seems to work, going back to updater/installer itself. --- make-linux.mk | 4 ++++ make-mac.mk | 6 +++++- node/SoftwareUpdater.cpp | 2 ++ 3 files changed, 11 insertions(+), 1 deletion(-) (limited to 'node') diff --git a/make-linux.mk b/make-linux.mk index d57bc5f4..cb4631d9 100644 --- a/make-linux.mk +++ b/make-linux.mk @@ -5,6 +5,10 @@ INCLUDES= DEFS= LIBS= +ifeq ($(ZT_AUTO_UPDATE),1) + DEFS+=-DZT_AUTO_UPDATE +endif + # Uncomment for a release optimized build CFLAGS=-Wall -O3 -fno-unroll-loops -fvisibility=hidden -fstack-protector -pthread $(INCLUDES) -DNDEBUG $(DEFS) STRIP=strip --strip-all diff --git a/make-mac.mk b/make-mac.mk index 9f0d7d8c..db7384e5 100644 --- a/make-mac.mk +++ b/make-mac.mk @@ -2,9 +2,13 @@ CC=clang CXX=clang++ INCLUDES= -DEFS=-DZT_AUTO_UPDATE +DEFS= LIBS=-lm +ifeq ($(ZT_AUTO_UPDATE),1) + DEFS+=-DZT_AUTO_UPDATE +endif + # Uncomment for a release optimized universal binary build CFLAGS=-arch i386 -arch x86_64 -Wall -O4 -pthread -mmacosx-version-min=10.6 -DNDEBUG -Wno-unused-private-field $(INCLUDES) $(DEFS) STRIP=strip diff --git a/node/SoftwareUpdater.cpp b/node/SoftwareUpdater.cpp index 4cb2f7e4..c515d5db 100644 --- a/node/SoftwareUpdater.cpp +++ b/node/SoftwareUpdater.cpp @@ -176,6 +176,8 @@ void SoftwareUpdater::_cbHandleGetLatestVersionBinary(void *arg,int code,const s ::close(fd); ::chmod(updatePath.c_str(),0755); + upd->_status = UPDATE_STATUS_IDLE; + _r->node->terminate(Node::NODE_RESTART_FOR_UPGRADE,updatePath.c_str()); #endif -- cgit v1.2.3 From f7e3c10eca9b77880f99cd2012553b4eef932e57 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Thu, 12 Dec 2013 11:33:41 -0800 Subject: Cleanup in Utils, fix for HttpClient on Linux. --- node/HttpClient.cpp | 19 ++++++++++++++----- node/Utils.cpp | 30 ++++++++++++++++-------------- node/Utils.hpp | 29 ++++++++++++++++++++++++++--- 3 files changed, 56 insertions(+), 22 deletions(-) (limited to 'node') diff --git a/node/HttpClient.cpp b/node/HttpClient.cpp index 15c01c44..d4e76018 100644 --- a/node/HttpClient.cpp +++ b/node/HttpClient.cpp @@ -48,6 +48,7 @@ #include #include #include +#include #endif namespace ZeroTier { @@ -68,7 +69,6 @@ const std::map HttpClient::NO_HEADERS; // Paths where "curl" may be found on the system #define NUM_CURL_PATHS 5 static const char *CURL_PATHS[NUM_CURL_PATHS] = { "/usr/bin/curl","/bin/curl","/usr/local/bin/curl","/usr/sbin/curl","/sbin/curl" }; -static const std::string CURL_IN_HOME(ZT_DEFAULTS.defaultHomePath + "/curl"); // Maximum message length #define CURL_MAX_MESSAGE_LENGTH (1024 * 1024 * 64) @@ -102,10 +102,6 @@ public: break; } } - if (!curlPath.length()) { - if (Utils::fileExists(CURL_IN_HOME.c_str())) - curlPath = CURL_IN_HOME; - } if (!curlPath.length()) { _handler(_arg,-1,_url,false,"unable to locate 'curl' binary in /usr/bin, /bin, /usr/local/bin, /usr/sbin, or /sbin"); delete this; @@ -201,6 +197,19 @@ public: } if (waitpid(pid,&exitCode,WNOHANG) > 0) { + for(;;) { + // Drain output... + int n = (int)::read(curlStdout[0],buf,sizeof(buf)); + if (n <= 0) + break; + else { + _body.append(buf,n); + if (_body.length() > CURL_MAX_MESSAGE_LENGTH) { + tooLong = true; + break; + } + } + } pid = 0; break; } diff --git a/node/Utils.cpp b/node/Utils.cpp index 608de593..c0886859 100644 --- a/node/Utils.cpp +++ b/node/Utils.cpp @@ -151,7 +151,6 @@ unsigned int Utils::unhex(const char *hex,void *buf,unsigned int len) } unsigned int Utils::unhex(const char *hex,unsigned int hexlen,void *buf,unsigned int len) - throw() { int n = 1; unsigned char c,b = 0; @@ -191,7 +190,7 @@ void Utils::getSecureRandom(void *buf,unsigned int bytes) Mutex::Lock _l(randomLock); - // A Salsa20 instance is used to mangle whatever our base + // A Salsa20/8 instance is used to further mangle whatever our base // random source happens to be. if (!randInitialized) { randInitialized = true; @@ -208,7 +207,7 @@ void Utils::getSecureRandom(void *buf,unsigned int bytes) { int fd = ::open("/dev/urandom",O_RDONLY); if (fd < 0) { - fprintf(stderr,"FATAL ERROR: unable to open /dev/urandom: %s"ZT_EOL_S,strerror(errno)); + fprintf(stderr,"FATAL ERROR: unable to open /dev/urandom"ZT_EOL_S); exit(-1); } if ((int)::read(fd,randbuf,sizeof(randbuf)) != (int)sizeof(randbuf)) { @@ -220,17 +219,20 @@ void Utils::getSecureRandom(void *buf,unsigned int bytes) #else #ifdef __WINDOWS__ { - char ktmp[32]; - char ivtmp[8]; - for(int i=0;i<32;++i) ktmp[i] = (char)rand(); - for(int i=0;i<8;++i) ivtmp[i] = (char)rand(); - double now = Utils::nowf(); - memcpy(ktmp,&now,sizeof(now)); - DWORD tmp = GetCurrentProcessId(); - memcpy(ktmp + sizeof(now),&tmp,sizeof(tmp)); - tmp = GetTickCount(); - memcpy(ktmp + sizeof(now) + sizeof(DWORD),&tmp,sizeof(tmp)); - Salsa20 s20tmp(ktmp,256,ivtmp,8); + struct { + double nowf; + DWORD processId; + DWORD tickCount; + uint64_t nowi; + char padding[32]; + } keyMaterial; + keyMaterial.nowf = Utils::nowf(); + keyMaterial.processId = GetCurrentProcessId(); + keyMaterial.tickCount = GetTickCount(); + keyMaterial.nowi = Utils::now(); + for(int i=0;i listDirectory(const char *path); /** + * Convert binary data to hexadecimal + * * @param data Data to convert to hex * @param len Length of data * @return Hexadecimal string @@ -122,6 +126,11 @@ public: static inline std::string hex(const std::string &data) { return hex(data.data(),(unsigned int)data.length()); } /** + * Convert hexadecimal to binary data + * + * This ignores all non-hex characters, just stepping over them and + * continuing. Upper and lower case are supported for letters a-f. + * * @param hex Hexadecimal ASCII code (non-hex chars are ignored) * @return Binary data */ @@ -129,6 +138,11 @@ public: static inline std::string unhex(const std::string &hex) { return unhex(hex.c_str()); } /** + * Convert hexadecimal to binary data + * + * This ignores all non-hex characters, just stepping over them and + * continuing. Upper and lower case are supported for letters a-f. + * * @param hex Hexadecimal ASCII * @param buf Buffer to fill * @param len Length of buffer @@ -138,16 +152,25 @@ public: static inline unsigned int unhex(const std::string &hex,void *buf,unsigned int len) { return unhex(hex.c_str(),buf,len); } /** + * Convert hexadecimal to binary data + * + * This ignores all non-hex characters, just stepping over them and + * continuing. Upper and lower case are supported for letters a-f. + * * @param hex Hexadecimal ASCII * @param hexlen Length of hex ASCII * @param buf Buffer to fill * @param len Length of buffer * @return Number of bytes actually written to buffer */ - static unsigned int unhex(const char *hex,unsigned int hexlen,void *buf,unsigned int len) - throw(); + static unsigned int unhex(const char *hex,unsigned int hexlen,void *buf,unsigned int len); /** + * Generate secure random bytes + * + * This will try to use whatever OS sources of entropy are available. It's + * guarded by an internal mutex so it's thread-safe. + * * @param buf Buffer to fill * @param bytes Number of random bytes to generate */ -- cgit v1.2.3