@ -452,39 +452,61 @@ bool PacketDecoder::_doMULTICAST_FRAME(const RuntimeEnvironment *_r,const Shared
SharedPtr < Network > network ( _r - > nc - > network ( nwid ) ) ;
// Grab, verify, and learn certificate if any -- provided we are a member of this network
// Note: we can do this before verification of the actual packet, since the certificate
// has its own separate signature.
/* Grab, verify, and learn certificate of network membership if any -- provided we are
* a member of this network . Note : we can do this before verification of the actual
* packet , since the certificate has its own separate signature . In other words a valid
* COM does not imply a valid multicast ; they are two separate things . The ability to
* include the COM with the multicast is a performance optimization to allow peers to
* distribute their COM along with their packets instead of as a separate transaction .
* This causes network memberships to start working faster . */
if ( ( ( flags & ZT_PROTO_VERB_MULTICAST_FRAME_FLAGS_HAS_MEMBERSHIP_CERTIFICATE ) ) & & ( network ) ) {
CertificateOfMembership originCom ( * this , ZT_PROTO_VERB_MULTICAST_FRAME_IDX_FRAME + frameLen + 2 + signatureLen ) ;
Address signedBy ( originCom . signedBy ( ) ) ;
if ( ( originCom . networkId ( ) = = nwid ) & & ( signedBy = = network - > controller ( ) ) ) {
SharedPtr < Peer > signingPeer ( _r - > topology - > getPeer ( signedBy ) ) ;
if ( ! signingPeer ) {
// Technically this shouldn't happen, but handle it anyway...
_r - > sw - > requestWhois ( signedBy ) ;
Address comSignedBy ( originCom . signedBy ( ) ) ;
if ( ( originCom . networkId ( ) = = nwid ) & & ( comSignedBy = = network - > controller ( ) ) ) {
SharedPtr < Peer > comSigningPeer ( _r - > topology - > getPeer ( comSignedBy ) ) ;
if ( ! comSigningPeer ) {
// Technically this should never happen because the COM should be signed by
// the master for this network (in current usage) and we ought to already have
// that cached. But handle it anyway.
_r - > sw - > requestWhois ( comSignedBy ) ;
_step = DECODE_WAITING_FOR_MULTICAST_FRAME_ORIGINAL_SENDER_LOOKUP ; // causes processing to come back here
return false ;
} else if ( originCom . verify ( signingPeer - > identity ( ) ) ) {
} else if ( originCom . verify ( comSigningPeer - > identity ( ) ) ) {
// The certificate is valid so learn it. As explained above this does not
// imply validation of the multicast. That happens later. Look for a call
// to network->isAllowed().
network - > addMembershipCertificate ( originCom ) ;
} else {
// Go ahead and drop the multicast though if the COM was invalid, since this
// obviously signifies a problem.
LOG ( " dropped MULTICAST_FRAME from %s(%s): included COM failed authentication check " , source ( ) . toString ( ) . c_str ( ) , _remoteAddress . toString ( ) . c_str ( ) ) ;
return true ;
}
} else {
// Go ahead and drop the multicast here too, since this also ought never to
// happen and certainly indicates a problem.
LOG ( " dropped MULTICAST_FRAME from %s(%s): included COM is not for this network " , source ( ) . toString ( ) . c_str ( ) , _remoteAddress . toString ( ) . c_str ( ) ) ;
return true ;
}
}
// Check multicast signature to verify original sender
// Check the multicast frame's signature to verify that its original sender is
// who it claims to be.
const unsigned int signedPartLen = ( ZT_PROTO_VERB_MULTICAST_FRAME_IDX_FRAME - ZT_PROTO_VERB_MULTICAST_FRAME_IDX__START_OF_SIGNED_PORTION ) + frameLen ;
if ( ! originPeer - > identity ( ) . verify ( field ( ZT_PROTO_VERB_MULTICAST_FRAME_IDX__START_OF_SIGNED_PORTION , signedPartLen ) , signedPartLen , signature , signatureLen ) ) {
TRACE ( " dropped MULTICAST_FRAME from %s(%s): failed signature verification, claims to be from %s " , source ( ) . toString ( ) . c_str ( ) , _remoteAddress . toString ( ) . c_str ( ) , origin . toString ( ) . c_str ( ) ) ;
LOG ( " dropped MULTICAST_FRAME from %s(%s): failed signature verification, claims to be from %s " , source ( ) . toString ( ) . c_str ( ) , _remoteAddress . toString ( ) . c_str ( ) , origin . toString ( ) . c_str ( ) ) ;
return true ;
}
// Security check to prohibit multicasts that are really Ethernet unicasts
// Security check to prohibit multicasts that are really Ethernet unicasts...
// otherwise people could do weird things like multicast out a TCP SYN.
if ( ! dest . mac ( ) . isMulticast ( ) ) {
TRACE ( " dropped MULTICAST_FRAME from %s(%s): %s is not a multicast/broadcast address " , source ( ) . toString ( ) . c_str ( ) , _remoteAddress . toString ( ) . c_str ( ) , dest . mac ( ) . toString ( ) . c_str ( ) ) ;
LOG ( " dropped MULTICAST_FRAME from %s(%s): %s is not a multicast/broadcast address " , source ( ) . toString ( ) . c_str ( ) , _remoteAddress . toString ( ) . c_str ( ) , dest . mac ( ) . toString ( ) . c_str ( ) ) ;
return true ;
}
# ifdef ZT_TRACE_MULTICAST
// This code, if enabled, sends a UDP pingback to a logger for each multicast.
char mct [ 1024 ] , mctdepth [ 1024 ] ;
unsigned int startingFifoItems = 0 ;
for ( unsigned int i = 0 ; i < ZT_PROTO_VERB_MULTICAST_FRAME_LEN_PROPAGATION_FIFO ; i + = ZT_ADDRESS_LENGTH ) {
@ -510,12 +532,13 @@ bool PacketDecoder::_doMULTICAST_FRAME(const RuntimeEnvironment *_r,const Shared
_r - > demarc - > send ( Demarc : : ANY_PORT , ZT_DEFAULTS . multicastTraceWatcher , mct , strlen ( mct ) , - 1 ) ;
# endif
// This gets updated later in most cases but start with the global limit.
unsigned int maxDepth = ZT_MULTICAST_GLOBAL_MAX_DEPTH ;
if ( ( origin = = _r - > identity . address ( ) ) | | ( _r - > mc - > deduplicate ( nwid , guid ) ) ) {
// Ordinary nodes will drop duplicates. Supernodes keep propagating
// them since they're used as hubs to link disparate clusters of
// members of the same multicast group .
// This is a boomerang or a duplicate of a multicast we've already seen. Ordinary
// nodes drop these, while supernodes will keep propagating them since they can
// act as bridges between sparse multicast networks more than once .
if ( ! _r - > topology - > amSupernode ( ) ) {
# ifdef ZT_TRACE_MULTICAST
Utils : : snprintf ( mct , sizeof ( mct ) ,
@ -646,6 +669,8 @@ bool PacketDecoder::_doMULTICAST_FRAME(const RuntimeEnvironment *_r,const Shared
TRACE ( " not forwarding MULTICAST_FRAME from %s(%s): max propagation depth reached " , source ( ) . toString ( ) . c_str ( ) , _remoteAddress . toString ( ) . c_str ( ) ) ;
return true ;
}
// Update depth in packet with new incremented value
setAt ( ZT_PROTO_VERB_MULTICAST_FRAME_IDX_PROPAGATION_DEPTH , ( uint16_t ) depth ) ;
// New FIFO with room for one extra, since head will be next hop
@ -676,7 +701,8 @@ bool PacketDecoder::_doMULTICAST_FRAME(const RuntimeEnvironment *_r,const Shared
unsigned int numAdded = ( unsigned int ) ( newFifoPtr - beforeAdd ) / ZT_ADDRESS_LENGTH ;
# endif
// Zero-terminate new FIFO if not completely full
// Zero-terminate new FIFO if not completely full. We pad the remainder with
// zeroes because this improves data compression ratios.
while ( newFifoPtr ! = newFifoEnd )
* ( newFifoPtr + + ) = ( unsigned char ) 0 ;
Adam Ierymenko
12 years ago