dark/zerotiertspu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

.

Browse source
This commit is contained in:
Adam Ierymenko 2019-08-07 11:20:12 -05:00
parent 455cd5551b
commit 54a1bbd016
No known key found for this signature in database
GPG key ID: 1657198823E52A61
14 changed files with 94 additions and 268 deletions
Download patch file Download diff file Expand all files Collapse all files

79
node/Locator.hpp
View file

@ -30,97 +30,44 @@
#include "Constants.hpp"
#include "Identity.hpp"
#include "InetAddress.hpp"
#include "Utils.hpp"
#include <algorithm>
#include <vector>
#define ZT_LOCATOR_MAX_PHYSICAL_ENDPOINTS 32
#define ZT_LOCATOR_MAX_VIRTUAL_ENDPOINTS 32
namespace ZeroTier {
/**
* Signed information about a node's location on the network
*
* A locator can be stored in DNS as a series of TXT records with a DNS name
* that includes a public key that can be used to validate the locator's
* signature. That way DNS records can't be spoofed even if no DNSSEC or
* anything else is present to secure DNS.
*/
class Locator
{
public:
Locator() :
_signatureLength(0),
_orgSignatureLength(0) {}
_signatureLength(0) {}
inline void addLocation(const InetAddress &phy) { if (_physical.size() < ZT_LOCATOR_MAX_PHYSICAL_ENDPOINTS) _physical.push_back(phy); }
inline void addLocation(const Identity &v) { if (_virtual.size() < ZT_LOCATOR_MAX_VIRTUAL_ENDPOINTS) _virtual.push_back(v); }
inline const std::vector<InetAddress> &physical() const { return _physical; }
inline const std::vector<InetAddress> &phy() const { return _physical; }
inline const std::vector<Identity> &virt() const { return _virtual; }
void sign(const Identity &id,const Identity &organization,const int64_t timestamp);
bool verify() const;
void generateDNSRecords(char *buf,unsigned int buflen);
template<unsigned int C>
inline void serialize(Buffer<C> &b,const bool forSign = false) const
inline bool sign(const Identity &signingId)
{
if (forSign) b.append((uint64_t)0x7f7f7f7f7f7f7f7fULL);
b.append((uint64_t)_ts);
_id.serialize(b,false);
_organization.serialize(b,false);
b.append((uint16_t)_physical.size());
for(std::vector<InetAddress>::const_iterator i(_physical.begin());i!=_physical.end();++i)
i->serialize(b);
b.append((uint16_t)_virtual.size());
for(std::vector<InetAddress>::const_iterator i(_virtual.begin());i!=_virtual.end();++i)
i->serialize(b,false);
if (!forSign) {
b.append((uint16_t)_signatureLength);
b.append(_signature,_signatureLength);
b.append((uint16_t)_orgSignatureLength);
b.append(_orgSignature,_orgSignatureLength);
}
b.append((uint16_t)0); // length of additional fields, currently 0
if (forSign) b.append((uint64_t)0x7f7f7f7f7f7f7f7fULL);
}
template<unsigned int C>
inline unsigned int deserialize(const Buffer<C> &b,unsigned int startAt = 0)
{
unsigned int p = startAt;
_ts = (uint64_t)b.template at<uint64_t>(p); p += 8;
p += _id.deserialize(b,p);
p += _organization.deserialize(b,p);
unsigned int cnt = b.template at<uint16_t>(p); p += 2;
if (cnt > ZT_LOCATOR_MAX_PHYSICAL_ENDPOINTS)
throw ZT_EXCEPTION_INVALID_SERIALIZED_DATA_OVERFLOW;
_physical.resize(cnt);
for(std::vector<InetAddress>::iterator i(_physical.begin());i!=_physical.end();++i)
p += i->deserialize(b,p);
cnt = b.template at<uint16_t>(p); p += 2;
if (cnt > ZT_LOCATOR_MAX_VIRTUAL_ENDPOINTS)
throw ZT_EXCEPTION_INVALID_SERIALIZED_DATA_OVERFLOW;
_virtual.resize(cnt);
for(std::vector<Identity>::iterator i(_virtual.begin());i!=_virtual.end();++i)
p += i->deserialize(b,p);
p += 2 + b.template at<uint16_t>(p);
if (p > b.size())
throw ZT_EXCEPTION_INVALID_SERIALIZED_DATA_OVERFLOW;
return (p - startAt);
std::sort(_physical.begin(),_physical.end());
std::sort(_virtual.begin(),_virtual.end());
_id = signingId;
}
private:
int64_t _ts;
Identity _id;
Identity _organization;
std::vector<InetAddress> _physical;
std::vector<Identity> _virtual;
unsigned int _signatureLength;
unsigned int _orgSignatureLength;
uint8_t _signature[ZT_SIGNATURE_BUFFER_SIZE];
uint8_t _orgSignature[ZT_SIGNATURE_BUFFER_SIZE];
};
} // namespace ZeroTier