@ -14,15 +14,6 @@
*
* You should have received a copy of the GNU General Public License
* along with this program . If not , see < http : //www.gnu.org/licenses/>.
*
* - -
*
* ZeroTier may be used and distributed under the terms of the GPLv3 , which
* are available at : http : //www.gnu.org/licenses/gpl-3.0.html
*
* If you would like to embed ZeroTier into a commercial application or
* redistribute it in a modified binary form , please contact ZeroTier Networks
* LLC . Start here : http : //www.zerotier.com/
*/
# include <stdint.h>
@ -639,7 +630,6 @@ NetworkController::ResultCode SqliteNetworkController::doNetworkConfigRequest(co
member [ " id " ] = identity . address ( ) . toString ( ) ;
member [ " address " ] = member [ " id " ] ;
member [ " nwid " ] = network [ " id " ] ;
member [ " lastModified " ] = now ;
member [ " memberRevision " ] = member . value ( " memberRevision " , 0ULL ) + 1 ;
// Update member log
@ -666,14 +656,12 @@ NetworkController::ResultCode SqliteNetworkController::doNetworkConfigRequest(co
member [ " recentLog " ] = recentLog ;
}
if ( ! member . value ( " authorized " , false ) ) {
if ( network . value ( " private " , true ) ) {
_writeJson ( memberJP , member ) ;
return NetworkController : : NETCONF_QUERY_ACCESS_DENIED ;
} else {
member [ " authorized " ] = true ; // auto-authorize on public networks
}
// Stop if network is private and member is not authorized
if ( ( network . value ( " private " , true ) ) & & ( ! member . value ( " authorized " , false ) ) ) {
_writeJson ( memberJP , member ) ;
return NetworkController : : NETCONF_QUERY_ACCESS_DENIED ;
}
// Else compose and send network config
nc . networkId = nwid ;
nc . type = network . value ( " private " , true ) ? ZT_NETWORK_TYPE_PRIVATE : ZT_NETWORK_TYPE_PUBLIC ;
@ -1094,6 +1082,7 @@ unsigned int SqliteNetworkController::handleControlPlaneHttpPOST(
try {
if ( b . count ( " authorized " ) ) member [ " authorized " ] = b . value ( " authorized " , false ) ;
if ( ( b . count ( " identity " ) ) & & ( ! member . count ( " identity " ) ) ) member [ " identity " ] = b . value ( " identity " , " " ) ; // allow identity to be populated only if not already known
if ( b . count ( " ipAssignments " ) ) {
auto ipa = b [ " ipAssignments " ] ;
if ( ipa . is_array ( ) ) {
@ -1119,8 +1108,8 @@ unsigned int SqliteNetworkController::handleControlPlaneHttpPOST(
member [ " id " ] = addrs ;
member [ " address " ] = addrs ; // legacy
member [ " nwid " ] = nwids ;
member [ " lastModified " ] = OSUtils : : now ( ) ;
member [ " memberRevision " ] = member . value ( " memberRevision " , 0ULL ) + 1 ;
member [ " objtype " ] = " member " ;
_writeJson ( _memberJP ( nwid , Address ( address ) , true ) . c_str ( ) , member ) ;
@ -1144,12 +1133,12 @@ unsigned int SqliteNetworkController::handleControlPlaneHttpPOST(
auto hops2 = hops [ i ] ;
if ( hops2 . is_array ( ) ) {
for ( unsigned long j = 0 ; j < hops2 . size ( ) ; + + j ) {
std : : string hop = hops2 [ j ] ;
test - > hops [ test - > hopCount ] . addresses [ test - > hops [ test - > hopCount ] . breadth + + ] = Utils : : hexStrToU64 ( hop . c_str ( ) ) & 0xffffffffffULL ;
std : : string s = hops2 [ j ] ;
test - > hops [ test - > hopCount ] . addresses [ test - > hops [ test - > hopCount ] . breadth + + ] = Utils : : hexStrToU64 ( s . c_str ( ) ) & 0xffffffffffULL ;
}
} else if ( hops2 . is_string ( ) ) {
std : : string hop = hops2 ;
test - > hops [ test - > hopCount ] . addresses [ test - > hops [ test - > hopCount ] . breadth + + ] = Utils : : hexStrToU64 ( hop . c_str ( ) ) & 0xffffffffffULL ;
std : : string s = hops2 ;
test - > hops [ test - > hopCount ] . addresses [ test - > hops [ test - > hopCount ] . breadth + + ] = Utils : : hexStrToU64 ( s . c_str ( ) ) & 0xffffffffffULL ;
}
}
}
@ -1303,11 +1292,20 @@ unsigned int SqliteNetworkController::handleControlPlaneHttpPOST(
if ( b . count ( " rules " ) ) {
auto rules = b [ " rules " ] ;
if ( rules . is_array ( ) ) {
json nrules = json : : array ( ) ;
for ( unsigned long i = 0 ; i < rules . size ( ) ; + + i ) {
auto rule = rules [ i ] ;
json rule = rules [ i ] ;
if ( rule . is_object ( ) ) {
ZT_VirtualNetworkRule ztr ;
if ( _parseRule ( rule , ztr ) ) {
rule = _renderRule ( ztr ) ;
if ( ( rule . is_object ( ) ) & & ( rule . count ( " type " ) ) ) {
nrules . push_back ( rule ) ;
}
}
}
}
network [ " rules " ] = nrules ;
}
}
} catch ( . . . ) {
@ -1323,12 +1321,17 @@ unsigned int SqliteNetworkController::handleControlPlaneHttpPOST(
if ( ! network . count ( " activeBridges " ) ) network [ " activeBridges " ] = json : : array ( ) ;
if ( ! network . count ( " rules " ) ) {
// If unspecified, rules are set to allow anything and behave like a flat L2 segment
network [ " rules " ] = {
{ " not " , false } ,
{ " type " , " ACTION_ACCEPT " }
} ;
}
network [ " id " ] = nwids ;
network [ " nwid " ] = nwids ; // legacy
network [ " lastModified " ] = OSUtils : : now ( ) ;
network [ " revision " ] = network . value ( " revision " , 0ULL ) + 1ULL ;
network [ " objtype " ] = " network " ;
_writeJson ( _networkJP ( nwid , true ) , network ) ;
Adam Ierymenko
10 years ago