mirror
/
devilutionX-ZeroTierOne
mirror of https://github.com/diasurgical/ZeroTierOne.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Netconf updates -- actually issue COM, and log attempts to access networks in NetworkActivity using the new authenticated flag in the new DB schema.

pull/1/head
Adam Ierymenko 13 years ago
parent
3de76fcab1
commit
bbcd76ecd0
3 changed files with 45 additions and 25 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      netconf-service/Makefile
  2. 62
      netconf-service/netconf.cpp
  3. 4
      node/Node.cpp

4
netconf-service/Makefile
Unescape View File

@ -1,7 +1,7 @@
all:
gcc -O6 -c ../ext/lz4/lz4hc.c ../ext/lz4/lz4.c
g++ -DZT_OSNAME="linux" -DZT_ARCH="x86_64" -I/usr/include/mysql -I../ext/bin/libcrypto/include -O -pthread -o netconf.service netconf.cpp ../node/Utils.cpp ../node/Identity.cpp ../node/Salsa20.cpp ../node/C25519.cpp ../node/SHA512.cpp lz4.o lz4hc.o -lmysqlpp
g++ -DZT_OSNAME="linux" -DZT_ARCH="x86_64" -I/usr/include/mysql -I../ext/bin/libcrypto/include -O -pthread -o netconf-test netconf-test.cpp ../node/Utils.cpp ../node/Identity.cpp ../node/Salsa20.cpp ../node/Logger.cpp ../node/Service.cpp ../node/C25519.cpp ../node/SHA512.cpp lz4.o lz4hc.o
g++ -DZT_OSNAME="linux" -DZT_ARCH="x86_64" -I/usr/include/mysql -I../ext/bin/libcrypto/include -O -pthread -o netconf.service netconf.cpp ../node/Utils.cpp ../node/Identity.cpp ../node/Salsa20.cpp ../node/C25519.cpp ../node/SHA512.cpp ../node/CertificateOfMembership.cpp lz4.o lz4hc.o -lmysqlpp
# g++ -DZT_OSNAME="linux" -DZT_ARCH="x86_64" -I/usr/include/mysql -I../ext/bin/libcrypto/include -O -pthread -o netconf-test netconf-test.cpp ../node/Utils.cpp ../node/Identity.cpp ../node/Salsa20.cpp ../node/Logger.cpp ../node/Service.cpp ../node/C25519.cpp ../node/SHA512.cpp lz4.o lz4hc.o
clean:
rm -f *.o netconf.service netconf-test

62
netconf-service/netconf.cpp
Unescape View File

@ -69,11 +69,13 @@
#include <mysql++/mysql++.h>
#include "../node/Constants.hpp"
#include "../node/Dictionary.hpp"
#include "../node/Identity.hpp"
#include "../node/Utils.hpp"
#include "../node/Mutex.hpp"
#include "../node/NetworkConfig.hpp"
#include "../node/CertificateOfMembership.hpp"
using namespace ZeroTier;
using namespace mysqlpp;
@ -116,6 +118,7 @@ int main(int argc,char **argv)
}
char buf[131072],buf2[131072];
Identity signingIdentity;
std::string dictBuf;
try {
@ -195,7 +198,15 @@ int main(int argc,char **argv)
try {
const std::string &reqType = request.get("type");
if (reqType == "netconf-request") { // NETWORK_CONFIG_REQUEST packet
if (reqType == "netconf-init") { // initialization to set things like netconf's identity
Identity netconfId(request.get("netconfId"));
if ((netconfId)&&(netconfId.hasPrivate()))
signingIdentity = netconfId;
else {
fprintf(stderr,"netconfId invalid or lacks private key\n");
return -1;
}
} else if (reqType == "netconf-request") { // NETWORK_CONFIG_REQUEST packet
// Deserialize querying peer identity and network ID
Identity peerIdentity(request.get("peerId"));
uint64_t nwid = strtoull(request.get("nwid").c_str(),(char **)0,16);
@ -224,7 +235,7 @@ int main(int argc,char **argv)
}
} else {
q = dbCon->query();
q << "INSERT INTO Node (id,creationTime,lastSeen,identity) VALUES (" << peerIdentity.address().toInt() << "," << Utils::now() << ",0," << quote << peerIdentity.toString(false) << ")";
q << "INSERT INTO Node (id,creationTime,identity) VALUES (" << peerIdentity.address().toInt() << "," << Utils::now() << "," << quote << peerIdentity.toString(false) << ")";
if (!q.exec()) {
fprintf(stderr,"error inserting Node row for peer %s, aborting netconf request\n",peerIdentity.address().toString().c_str());
continue;
@ -233,13 +244,6 @@ int main(int argc,char **argv)
}
}
// Update lastSeen for Node, which is always updated on a netconf request
{
Query q = dbCon->query();
q << "UPDATE Node SET lastSeen = " << Utils::now() << " WHERE id = " << peerIdentity.address().toInt();
q.exec();
}
// Look up core network information
bool isOpen = false;
unsigned int multicastPrefixBits = 0;
@ -278,11 +282,13 @@ int main(int argc,char **argv)
write(STDOUT_FILENO,&respml,4);
write(STDOUT_FILENO,respm.data(),respm.length());
stdoutWriteLock.unlock();
continue; // ABORT, wait for next request
}
}
// Check membership if this is a closed network
bool authenticated = true;
if (!isOpen) {
Query q = dbCon->query();
q << "SELECT Node_id FROM NetworkNodes WHERE Network_id = " << nwid << " AND Node_id = " << peerIdentity.address().toInt();
@ -301,10 +307,28 @@ int main(int argc,char **argv)
write(STDOUT_FILENO,&respml,4);
write(STDOUT_FILENO,respm.data(),respm.length());
stdoutWriteLock.unlock();
continue; // ABORT, wait for next request
authenticated = false;
}
}
// Update most recent activity entry for this peer, also indicating
// whether authentication was successful.
{
if (fromAddr.length()) {
Query q = dbCon->query();
q << "INSERT INTO NetworkActivity (Network_id,Node_id,lastActivityTime,authenticated,lastActivityFrom) VALUES (" << nwid << "," << peerIdentity.address().toInt() << "," << Utils::now() << "," << (authenticated ? 1 : 0) << "," << quote << fromAddr << ") ON DUPLICATE KEY UPDATE lastActivityTime = VALUES(lastActivityTime),authenticated = VALUES(authenticated),lastActivityFrom = VALUES(lastActivityFrom)";
q.exec();
} else {
Query q = dbCon->query();
q << "INSERT INTO NetworkActivity (Network_id,Node_id,lastActivityTime,authenticated) VALUES (" << nwid << "," << peerIdentity.address().toInt() << "," << Utils::now() << "," << (authenticated ? 1 : 0) << ") ON DUPLICATE KEY UPDATE lastActivityTime = VALUES(lastActivityTime),authenticated = VALUES(authenticated)";
q.exec();
}
}
if (!authenticated)
continue; // ABORT, wait for next request
// Get list of etherTypes in comma-delimited hex format
std::string etherTypeWhitelist;
{
@ -401,19 +425,6 @@ int main(int argc,char **argv)
}
}
// Update activity table for this network to indicate peer's participation
{
if (fromAddr.length()) {
Query q = dbCon->query();
q << "INSERT INTO NetworkActivity (Network_id,Node_id,lastActivityTime,lastActivityFrom) VALUES (" << nwid << "," << peerIdentity.address().toInt() << "," << Utils::now() << "," << quote << fromAddr << ") ON DUPLICATE KEY UPDATE lastActivityTime = VALUES(lastActivityTime),lastActivityFrom = VALUES(lastActivityFrom)";
q.exec();
} else {
Query q = dbCon->query();
q << "INSERT INTO NetworkActivity (Network_id,Node_id,lastActivityTime) VALUES (" << nwid << "," << peerIdentity.address().toInt() << "," << Utils::now() << ") ON DUPLICATE KEY UPDATE lastActivityTime = VALUES(lastActivityTime)";
q.exec();
}
}
// Assemble response dictionary to send to peer
Dictionary netconf;
sprintf(buf,"%.16llx",(unsigned long long)nwid);
@ -448,6 +459,11 @@ int main(int argc,char **argv)
netconf[ZT_NETWORKCONFIG_DICT_KEY_IPV4_STATIC] = ipv4Static;
if (ipv6Static.length())
netconf[ZT_NETWORKCONFIG_DICT_KEY_IPV6_STATIC] = ipv6Static;
if ((!isOpen)&&(authenticated)&&(signingIdentity)&&(signingIdentity.hasPrivate())) {
CertificateOfMembership com(Utils::now(),ZT_NETWORK_AUTOCONF_DELAY * 3,nwid,peerIdentity.address());
com.sign(signingIdentity);
netconf[ZT_NETWORKCONFIG_DICT_KEY_CERTIFICATE_OF_MEMBERSHIP] = com.toString();
}
// Send netconf as service bus response
{

4
node/Node.cpp
Unescape View File

@ -444,6 +444,10 @@ Node::ReasonForTermination Node::run()
if (Utils::fileExists(netconfServicePath.c_str())) {
LOG("netconf.d/netconfi.service appears to exist, starting...");
_r->netconfService = new Service(_r,"netconf",netconfServicePath.c_str(),&_netconfServiceMessageHandler,_r);
Dictionary initMessage;
initMessage["type"] = "netconf-init";
initMessage["netconfId"] = _r->identity.toString(true);
_r->netconfService->send(initMessage);
}
} catch ( ... ) {
LOG("unexpected exception attempting to start services");

Write Preview
Loading…
Cancel
Save