mirror
/
devilutionX-ZeroTierOne
mirror of https://github.com/diasurgical/ZeroTierOne.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3946 Commits
2 Branches
0 Tags
159 MiB
 
 
 
 
 
 
Tree: 72bfe0953a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '72bfe0953a'
${ noResults }
devilutionX-ZeroTierOne/controller/JSONDB.cpp

525 lines
16 KiB
Raw Blame History

/*
* ZeroTier One - Network Virtualization Everywhere
* Copyright (C) 2011-2015 ZeroTier, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#ifndef _WIN32
#include <unistd.h>
#include <fcntl.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/select.h>
#endif
#include "JSONDB.hpp"
#include "EmbeddedNetworkController.hpp"
namespace ZeroTier {
static const nlohmann::json _EMPTY_JSON(nlohmann::json::object());
JSONDB::JSONDB(const std::string &basePath,EmbeddedNetworkController *parent) :
_parent(parent),
_basePath(basePath),
_rawInput(-1),
_rawOutput(-1),
_summaryThreadRun(true),
_dataReady(false)
{
#ifndef __WINDOWS__
if (_basePath == "-") {
// If base path is "-" we run in Central harnessed mode. We read pseudo-http-requests from stdin and write
// them to stdout.
_rawInput = STDIN_FILENO;
_rawOutput = STDOUT_FILENO;
fcntl(_rawInput,F_SETFL,O_NONBLOCK);
} else {
#endif
// Default mode of operation is to store files in the filesystem
OSUtils::mkdir(_basePath.c_str());
OSUtils::lockDownFile(_basePath.c_str(),true); // networks might contain auth tokens, etc., so restrict directory permissions
#ifndef __WINDOWS__
}
#endif
_networks_m.lock(); // locked until data is loaded, etc.
if (_rawInput < 0) {
_load(basePath);
_dataReady = true;
_networks_m.unlock();
} else {
// In harnessed mode we leave the lock locked and wait for our initial DB from Central.
_summaryThread = Thread::start(this);
}
}
JSONDB::~JSONDB()
{
Thread t;
{
Mutex::Lock _l(_summaryThread_m);
_summaryThreadRun = false;
t = _summaryThread;
}
if (t)
Thread::join(t);
}
bool JSONDB::writeRaw(const std::string &n,const std::string &obj)
{
if (_rawOutput >= 0) {
#ifndef __WINDOWS__
if (obj.length() > 0) {
Mutex::Lock _l(_rawLock);
//fprintf(stderr,"%s\n",obj.c_str());
if ((long)write(_rawOutput,obj.data(),obj.length()) == (long)obj.length()) {
if (write(_rawOutput,"\n",1) == 1)
return true;
}
} else return true;
#endif
return false;
} else {
const std::string path(_genPath(n,true));
if (!path.length())
return false;
return OSUtils::writeFile(path.c_str(),obj);
}
}
bool JSONDB::hasNetwork(const uint64_t networkId) const
{
Mutex::Lock _l(_networks_m);
return (_networks.find(networkId) != _networks.end());
}
bool JSONDB::getNetwork(const uint64_t networkId,nlohmann::json &config) const
{
Mutex::Lock _l(_networks_m);
const std::unordered_map<uint64_t,_NW>::const_iterator i(_networks.find(networkId));
if (i == _networks.end())
return false;
config = nlohmann::json::from_msgpack(i->second.config);
return true;
}
bool JSONDB::getNetworkSummaryInfo(const uint64_t networkId,NetworkSummaryInfo &ns) const
{
Mutex::Lock _l(_networks_m);
const std::unordered_map<uint64_t,_NW>::const_iterator i(_networks.find(networkId));
if (i == _networks.end())
return false;
ns = i->second.summaryInfo;
return true;
}
int JSONDB::getNetworkAndMember(const uint64_t networkId,const uint64_t nodeId,nlohmann::json &networkConfig,nlohmann::json &memberConfig,NetworkSummaryInfo &ns) const
{
Mutex::Lock _l(_networks_m);
const std::unordered_map<uint64_t,_NW>::const_iterator i(_networks.find(networkId));
if (i == _networks.end())
return 0;
const std::unordered_map< uint64_t,std::vector<uint8_t> >::const_iterator j(i->second.members.find(nodeId));
if (j == i->second.members.end())
return 1;
networkConfig = nlohmann::json::from_msgpack(i->second.config);
memberConfig = nlohmann::json::from_msgpack(j->second);
ns = i->second.summaryInfo;
return 3;
}
bool JSONDB::getNetworkMember(const uint64_t networkId,const uint64_t nodeId,nlohmann::json &memberConfig) const
{
Mutex::Lock _l(_networks_m);
const std::unordered_map<uint64_t,_NW>::const_iterator i(_networks.find(networkId));
if (i == _networks.end())
return false;
const std::unordered_map< uint64_t,std::vector<uint8_t> >::const_iterator j(i->second.members.find(nodeId));
if (j == i->second.members.end())
return false;
memberConfig = nlohmann::json::from_msgpack(j->second);
return true;
}
void JSONDB::saveNetwork(const uint64_t networkId,const nlohmann::json &networkConfig)
{
char n[64];
OSUtils::ztsnprintf(n,sizeof(n),"network/%.16llx",(unsigned long long)networkId);
writeRaw(n,OSUtils::jsonDump(networkConfig,-1));
{
Mutex::Lock _l(_networks_m);
_NW &nw = _networks[networkId];
nw.config = nlohmann::json::to_msgpack(networkConfig);
}
_recomputeSummaryInfo(networkId);
}
void JSONDB::saveNetworkMember(const uint64_t networkId,const uint64_t nodeId,const nlohmann::json &memberConfig)
{
char n[256];
OSUtils::ztsnprintf(n,sizeof(n),"network/%.16llx/member/%.10llx",(unsigned long long)networkId,(unsigned long long)nodeId);
writeRaw(n,OSUtils::jsonDump(memberConfig,-1));
{
Mutex::Lock _l(_networks_m);
std::vector<uint8_t> &m = _networks[networkId].members[nodeId];
m = nlohmann::json::to_msgpack(memberConfig);
_members[nodeId].insert(networkId);
}
_recomputeSummaryInfo(networkId);
}
nlohmann::json JSONDB::eraseNetwork(const uint64_t networkId)
{
if (_rawOutput >= 0) {
// In harnessed mode, DB deletes occur in the Central database and we do
// not need to erase files.
} else {
std::vector<uint64_t> memberIds;
{
Mutex::Lock _l(_networks_m);
const std::unordered_map<uint64_t,_NW>::iterator i(_networks.find(networkId));
if (i == _networks.end())
return _EMPTY_JSON;
for(std::unordered_map< uint64_t,std::vector<uint8_t> >::iterator m(i->second.members.begin());m!=i->second.members.end();++m)
memberIds.push_back(m->first);
}
for(std::vector<uint64_t>::iterator m(memberIds.begin());m!=memberIds.end();++m)
eraseNetworkMember(networkId,*m,false);
char n[256];
OSUtils::ztsnprintf(n,sizeof(n),"network/%.16llx",(unsigned long long)networkId);
const std::string path(_genPath(n,false));
if (path.length())
OSUtils::rm(path.c_str());
}
// This also erases all members from the memory cache
{
Mutex::Lock _l(_networks_m);
std::unordered_map<uint64_t,_NW>::iterator i(_networks.find(networkId));
if (i == _networks.end())
return _EMPTY_JSON; // sanity check, shouldn't happen
nlohmann::json tmp(nlohmann::json::from_msgpack(i->second.config));
_networks.erase(i);
return tmp;
}
}
nlohmann::json JSONDB::eraseNetworkMember(const uint64_t networkId,const uint64_t nodeId,bool recomputeSummaryInfo)
{
if (_rawOutput >= 0) {
// In harnessed mode, DB deletes occur in Central and we do not remove files.
} else {
char n[256];
OSUtils::ztsnprintf(n,sizeof(n),"network/%.16llx/member/%.10llx",(unsigned long long)networkId,(unsigned long long)nodeId);
const std::string path(_genPath(n,false));
if (path.length())
OSUtils::rm(path.c_str());
}
{
Mutex::Lock _l(_networks_m);
_members[nodeId].erase(networkId);
std::unordered_map<uint64_t,_NW>::iterator i(_networks.find(networkId));
if (i == _networks.end())
return _EMPTY_JSON;
std::unordered_map< uint64_t,std::vector<uint8_t> >::iterator j(i->second.members.find(nodeId));
if (j == i->second.members.end())
return _EMPTY_JSON;
nlohmann::json tmp(j->second);
i->second.members.erase(j);
if (recomputeSummaryInfo)
_recomputeSummaryInfo(networkId);
return tmp;
}
}
void JSONDB::threadMain()
throw()
{
#ifndef __WINDOWS__
fd_set readfds,nullfds;
char *const readbuf = (_rawInput >= 0) ? (new char[1048576]) : (char *)0;
std::string rawInputBuf;
FD_ZERO(&readfds);
FD_ZERO(&nullfds);
struct timeval tv;
#endif
std::vector<uint64_t> todo;
while (_summaryThreadRun) {
#ifndef __WINDOWS__
if (_rawInput < 0) {
Thread::sleep(25);
} else {
// In IPC mode we wait but also select() on STDIN to read database updates
FD_SET(_rawInput,&readfds);
tv.tv_sec = 0;
tv.tv_usec = 25000;
select(_rawInput+1,&readfds,&nullfds,&nullfds,&tv);
if (FD_ISSET(_rawInput,&readfds)) {
const long rn = (long)read(_rawInput,readbuf,1048576);
bool gotMessage = false;
for(long i=0;i<rn;++i) {
if ((readbuf[i] != '\n')&&(readbuf[i] != '\r')&&(readbuf[i] != 0)) { // compatible with nodeJS IPC
rawInputBuf.push_back(readbuf[i]);
} else if (rawInputBuf.length() > 0) {
try {
const nlohmann::json obj(OSUtils::jsonParse(rawInputBuf));
gotMessage = true;
if (!_dataReady) {
_dataReady = true;
_networks_m.unlock();
}
if (obj.is_array()) {
for(unsigned long i=0;i<obj.size();++i)
_addOrUpdate(obj[i]);
} else if (obj.is_object()) {
_addOrUpdate(obj);
}
} catch ( ... ) {} // ignore malformed JSON
rawInputBuf.clear();
}
}
if (!gotMessage) // select() again immediately until we get at least one full message
continue;
}
}
#else
Thread::sleep(25);
#endif
{
Mutex::Lock _l(_summaryThread_m);
if (_summaryThreadToDo.empty())
continue;
else _summaryThreadToDo.swap(todo);
}
if (!_dataReady) { // sanity check
_dataReady = true;
_networks_m.unlock();
}
const uint64_t now = OSUtils::now();
try {
Mutex::Lock _l(_networks_m);
for(std::vector<uint64_t>::iterator ii(todo.begin());ii!=todo.end();++ii) {
const uint64_t networkId = *ii;
std::unordered_map<uint64_t,_NW>::iterator n(_networks.find(networkId));
if (n != _networks.end()) {
NetworkSummaryInfo &ns = n->second.summaryInfo;
ns.activeBridges.clear();
ns.allocatedIps.clear();
ns.authorizedMemberCount = 0;
ns.activeMemberCount = 0;
ns.totalMemberCount = 0;
ns.mostRecentDeauthTime = 0;
for(std::unordered_map< uint64_t,std::vector<uint8_t> >::const_iterator m(n->second.members.begin());m!=n->second.members.end();++m) {
try {
nlohmann::json member(nlohmann::json::from_msgpack(m->second));
if (OSUtils::jsonBool(member["authorized"],false)) {
++ns.authorizedMemberCount;
try {
const nlohmann::json &mlog = member["recentLog"];
if ((mlog.is_array())&&(mlog.size() > 0)) {
const nlohmann::json &mlog1 = mlog[0];
if (mlog1.is_object()) {
if ((now - OSUtils::jsonInt(mlog1["ts"],0ULL)) < (ZT_NETWORK_AUTOCONF_DELAY * 2))
++ns.activeMemberCount;
}
}
} catch ( ... ) {}
try {
if (OSUtils::jsonBool(member["activeBridge"],false))
ns.activeBridges.push_back(Address(m->first));
} catch ( ... ) {}
try {
const nlohmann::json &mips = member["ipAssignments"];
if (mips.is_array()) {
for(unsigned long i=0;i<mips.size();++i) {
InetAddress mip(OSUtils::jsonString(mips[i],"").c_str());
if ((mip.ss_family == AF_INET)||(mip.ss_family == AF_INET6))
ns.allocatedIps.push_back(mip);
}
}
} catch ( ... ) {}
} else {
try {
ns.mostRecentDeauthTime = std::max(ns.mostRecentDeauthTime,OSUtils::jsonInt(member["lastDeauthorizedTime"],0ULL));
} catch ( ... ) {}
}
++ns.totalMemberCount;
} catch ( ... ) {}
}
std::sort(ns.activeBridges.begin(),ns.activeBridges.end());
std::sort(ns.allocatedIps.begin(),ns.allocatedIps.end());
n->second.summaryInfoLastComputed = now;
}
}
} catch ( ... ) {}
todo.clear();
}
if (!_dataReady) // sanity check
_networks_m.unlock();
#ifndef __WINDOWS__
delete [] readbuf;
#endif
}
bool JSONDB::_addOrUpdate(const nlohmann::json &j)
{
try {
if (j.is_object()) {
std::string id(OSUtils::jsonString(j["id"],"0"));
const std::string objtype(OSUtils::jsonString(j["objtype"],""));
if ((id.length() == 16)&&(objtype == "network")) {
const uint64_t nwid = Utils::hexStrToU64(id.c_str());
if (nwid) {
bool update;
{
Mutex::Lock _l(_networks_m);
_NW &nw = _networks[nwid];
update = !nw.config.empty();
nw.config = nlohmann::json::to_msgpack(j);
}
if (update)
_parent->onNetworkUpdate(nwid);
_recomputeSummaryInfo(nwid);
return true;
}
} else if ((id.length() == 10)&&(objtype == "member")) {
const uint64_t mid = Utils::hexStrToU64(id.c_str());
const uint64_t nwid = Utils::hexStrToU64(OSUtils::jsonString(j["nwid"],"0").c_str());
if ((mid)&&(nwid)) {
bool update = false;
bool deauth = false;
{
Mutex::Lock _l(_networks_m);
std::vector<uint8_t> &m = _networks[nwid].members[mid];
if (!m.empty()) {
update = true;
nlohmann::json oldm(nlohmann::json::from_msgpack(m));
deauth = ((OSUtils::jsonBool(oldm["authorized"],false))&&(!OSUtils::jsonBool(j["authorized"],false)));
}
m = nlohmann::json::to_msgpack(j);
_members[mid].insert(nwid);
}
if (update) {
_parent->onNetworkMemberUpdate(nwid,mid);
if (deauth)
_parent->onNetworkMemberDeauthorize(nwid,mid);
}
_recomputeSummaryInfo(nwid);
return true;
}
} else if (objtype == "_delete") { // pseudo-object-type, only used in Central harnessed mode
const std::string deleteType(OSUtils::jsonString(j["deleteType"],""));
id = OSUtils::jsonString(j["deleteId"],"");
if ((deleteType == "network")&&(id.length() == 16)) {
eraseNetwork(Utils::hexStrToU64(id.c_str()));
} else if ((deleteType == "member")&&(id.length() == 10)) {
const std::string networkId(OSUtils::jsonString(j["deleteNetworkId"],""));
const uint64_t nwid = Utils::hexStrToU64(networkId.c_str());
const uint64_t mid = Utils::hexStrToU64(id.c_str());
if (networkId.length() == 16)
eraseNetworkMember(nwid,mid,true);
_parent->onNetworkMemberDeauthorize(nwid,mid);
}
}
}
} catch ( ... ) {}
return false;
}
bool JSONDB::_load(const std::string &p)
{
// This is not used in stdin/stdout mode. Instead data is populated by
// sending it all to stdin.
std::vector<std::string> dl(OSUtils::listDirectory(p.c_str(),true));
for(std::vector<std::string>::const_iterator di(dl.begin());di!=dl.end();++di) {
if ((di->length() > 5)&&(di->substr(di->length() - 5) == ".json")) {
std::string buf;
if (OSUtils::readFile((p + ZT_PATH_SEPARATOR_S + *di).c_str(),buf)) {
try {
_addOrUpdate(OSUtils::jsonParse(buf));
} catch ( ... ) {}
}
} else {
this->_load((p + ZT_PATH_SEPARATOR_S + *di));
}
}
return true;
}
void JSONDB::_recomputeSummaryInfo(const uint64_t networkId)
{
Mutex::Lock _l(_summaryThread_m);
if (std::find(_summaryThreadToDo.begin(),_summaryThreadToDo.end(),networkId) == _summaryThreadToDo.end())
_summaryThreadToDo.push_back(networkId);
if (!_summaryThread)
_summaryThread = Thread::start(this);
}
std::string JSONDB::_genPath(const std::string &n,bool create)
{
std::vector<std::string> pt(OSUtils::split(n.c_str(),"/","",""));
if (pt.size() == 0)
return std::string();
std::string p(_basePath);
if (create) OSUtils::mkdir(p.c_str());
for(unsigned long i=0,j=(unsigned long)(pt.size()-1);i<j;++i) {
p.push_back(ZT_PATH_SEPARATOR);
p.append(pt[i]);
if (create) OSUtils::mkdir(p.c_str());
}
p.push_back(ZT_PATH_SEPARATOR);
p.append(pt[pt.size()-1]);
p.append(".json");
return p;
}
} // namespace ZeroTier