Bridging in NetworkConfig - GitHub Issue #68

12 years ago · 4e1f49258b
4 changed files with 43 additions and 5 deletions
--- a/netconf-service/index.js
+++ b/netconf-service/index.js
@ -42,6 +42,8 @@ var ZT_NETWORKCONFIG_DICT_KEY_IPV4_STATIC = "v4s";
 var ZT_NETWORKCONFIG_DICT_KEY_IPV6_STATIC = "v6s";
 var ZT_NETWORKCONFIG_DICT_KEY_CERTIFICATE_OF_MEMBERSHIP = "com";
 var ZT_NETWORKCONFIG_DICT_KEY_ENABLE_BROADCAST = "eb";
+var ZT_NETWORKCONFIG_DICT_KEY_BRIDGING_MODE = "br";
+var ZT_NETWORKCONFIG_DICT_KEY_ACTIVE_BRIDGES = "ab";

 // Path to zerotier-idtool binary, invoked to enerate certificates of membership
 var ZEROTIER_IDTOOL = '/usr/local/bin/zerotier-idtool';
--- a/node/Constants.hpp
+++ b/node/Constants.hpp
@ -108,6 +108,11 @@ error_no_byte_order_defined;
 */
 #define ZT_ADDRESS_LENGTH 5

+/**
+ * Length of a hexadecimal ZeroTier address
+ */
+#define ZT_ADDRESS_LENGTH_HEX 10
+
 /**
 * Addresses beginning with this byte are reserved for the joy of in-band signaling
 */
--- a/node/NetworkConfig.cpp
+++ b/node/NetworkConfig.cpp
@ -86,6 +86,7 @@ void NetworkConfig::_fromDictionary(const Dictionary &d)
 	_issuedTo = Address(d.get(ZT_NETWORKCONFIG_DICT_KEY_ISSUED_TO));
 	_multicastPrefixBits = Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_MULTICAST_PREFIX_BITS,zero).c_str());
 	_multicastDepth = Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_MULTICAST_DEPTH,zero).c_str());
+	_bridgingMode = (BridgingMode)Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_BRIDGING_MODE,zero).c_str());
 	_private = (Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_PRIVATE,one).c_str()) != 0);
 	_enableBroadcast = (Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_ENABLE_BROADCAST,one).c_str()) != 0);
 	_name = d.get(ZT_NETWORKCONFIG_DICT_KEY_NAME);
@ -121,6 +122,15 @@ void NetworkConfig::_fromDictionary(const Dictionary &d)
 		_staticIps.insert(addr);
 	}

+	std::vector<std::string> ab(Utils::split(d.get(ZT_NETWORKCONFIG_DICT_KEY_ACTIVE_BRIDGES,"").c_str(),",","",""));
+	for(std::vector<std::string>::const_iterator a(ab.begin());a!=ab.end();++a) {
+		if (a->length() == ZT_ADDRESS_LENGTH_HEX) {
+			Address tmp(*a);
+			if (!tmp.isReserved())
+				_activeBridges.insert(tmp);
+		}
+	}
+
 	Dictionary mr(d.get(ZT_NETWORKCONFIG_DICT_KEY_MULTICAST_RATES,std::string()));
 	for(Dictionary::const_iterator i(mr.begin());i!=mr.end();++i) {
 		std::vector<std::string> params(Utils::split(i->second.c_str(),",","",""));
--- a/node/NetworkConfig.hpp
+++ b/node/NetworkConfig.hpp
@ -62,19 +62,29 @@ namespace ZeroTier {
 #define ZT_NETWORKCONFIG_DICT_KEY_IPV6_STATIC "v6s"
 #define ZT_NETWORKCONFIG_DICT_KEY_CERTIFICATE_OF_MEMBERSHIP "com"
 #define ZT_NETWORKCONFIG_DICT_KEY_ENABLE_BROADCAST "eb"
+#define ZT_NETWORKCONFIG_DICT_KEY_BRIDGING_MODE "br"
+#define ZT_NETWORKCONFIG_DICT_KEY_ACTIVE_BRIDGES "ab"

 /**
 * Network configuration received from netconf master nodes
 *
- * This is designed to work as an immutable value object held in a shared
- * pointer so that it can be both updated and used without too much mutex
- * boogie.
+ * This is an immutable value object created from a dictionary received from netconf master.
 */
 class NetworkConfig
 {
 public:
 	friend class SharedPtr<NetworkConfig>;

+	/**
+	 * Network bridging mode
+	 */
+	enum BridgingMode
+	{
+		BRIDGING_DISABLED = 0,    // no bridging
+		BRIDGING_ACTIVE_ONLY = 1, // only active bridges may bridge
+		BRIDGING_PERMISSIVE = 2   // allow passive bridging by any peer
+	};
+
 	/**
 	 * Tuple of multicast rate parameters
 	 */
@ -102,7 +112,7 @@ public:
 	 * @param etherType Ethernet frame type to check
 	 * @return True if allowed on this network
 	 */
-	inline bool permitsEtherType(unsigned int etherType)
+	inline bool permitsEtherType(unsigned int etherType) const
 		throw()
 	{
 		if ((!etherType)||(etherType > 0xffff)) // sanity checks
@ -124,6 +134,7 @@ public:
 	inline const std::string &name() const throw() { return _name; }
 	inline const std::string &description() const throw() { return _description; }
 	inline const std::set<InetAddress> &staticIps() const throw() { return _staticIps; }
+	inline const std::set<Address> &activeBridges() const throw() { return _activeBridges; }
 	inline const CertificateOfMembership &com() const throw() { return _com; }
 	inline bool enableBroadcast() const throw() { return _enableBroadcast; }

@ -134,7 +145,15 @@ public:
 	inline bool permitsBridging(const Address &fromPeer) const
 		throw()
 	{
-		return false; // TODO: bridging not implemented yet
+		switch(_bridgingMode) {
+			case BRIDGING_ACTIVE_ONLY:
+				return (_activeBridges.count(fromPeer) > 0);
+			case BRIDGING_PERMISSIVE:
+				return true;
+			//case BRIDGING_DISABLED:
+			default:
+				return false;
+		}
 	}

 	/**
@ -156,11 +175,13 @@ private:
 	Address _issuedTo;
 	unsigned int _multicastPrefixBits;
 	unsigned int _multicastDepth;
+	BridgingMode _bridgingMode;
 	bool _private;
 	bool _enableBroadcast;
 	std::string _name;
 	std::string _description;
 	std::set<InetAddress> _staticIps;
+	std::set<Address> _activeBridges;
 	std::map<MulticastGroup,MulticastRate> _multicastRates;
 	CertificateOfMembership _com;