dark/zerotiertspu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Work in progress...

Browse source
This commit is contained in:
Adam Ierymenko 2019-08-22 13:06:08 -07:00
parent 0e18b14087
commit b66431bc29
No known key found for this signature in database
GPG key ID: 1657198823E52A61
15 changed files with 356 additions and 390 deletions
Download patch file Download diff file Expand all files Collapse all files

5
node/Constants.hpp
View file

@ -270,11 +270,6 @@
*/
#define ZT_MULTICAST_TRANSMIT_TIMEOUT 5000
/**
* Delay between checks of peer pings, etc., and also related housekeeping tasks
*/
#define ZT_PING_CHECK_INVERVAL 5000
/**
* How frequently to check for changes to the system's network interfaces. When
* the service decides to use this constant it's because we want to react more

3
node/Hashtable.hpp
View file

@ -384,10 +384,13 @@ public:
private:
template<typename O>
static inline unsigned long _hc(const O &obj) { return (unsigned long)obj.hashCode(); }
static inline unsigned long _hc(const uint64_t i) { return (unsigned long)(i ^ (i >> 32)); }
static inline unsigned long _hc(const uint32_t i) { return ((unsigned long)i * (unsigned long)0x9e3779b1); }
static inline unsigned long _hc(const uint16_t i) { return ((unsigned long)i * (unsigned long)0x9e3779b1); }
static inline unsigned long _hc(const int i) { return ((unsigned long)i * (unsigned long)0x9e3379b1); }
static inline unsigned long _hc(void *p) { return ((unsigned long)((uintptr_t)p) * (unsigned long)0x9e3779b1); }
static inline unsigned long _hc(const void *p) { return ((unsigned long)((uintptr_t)p) * (unsigned long)0x9e3779b1); }
inline void _grow()
{

3
node/Membership.cpp
View file

@ -132,6 +132,9 @@ Membership::AddCredentialResult Membership::addCredential(const RuntimeEnvironme
return ADD_ACCEPTED_REDUNDANT;
switch(com.verify(RR,tPtr)) {
default:
RR->t->credentialRejected(tPtr,com,"invalid");
return Membership::ADD_REJECTED;
case Credential::VERIFY_OK:
_com = com;
return ADD_ACCEPTED_NEW;

55
node/Network.cpp
View file

@ -556,7 +556,6 @@ Network::Network(const RuntimeEnvironment *renv,void *tPtr,uint64_t nwid,void *u
RR(renv),
_uPtr(uptr),
_id(nwid),
_lastAnnouncedMulticastGroupsUpstream(0),
_mac(renv->identity.address(),nwid),
_portInitialized(false),
_lastConfigUpdate(0),
@ -1006,7 +1005,7 @@ int Network::setConfiguration(void *tPtr,const NetworkConfig &nconf,bool saveToD
ZT_VirtualNetworkConfig ctmp;
bool oldPortInitialized;
{ // do things that require lock here, but unlock before calling callbacks
Mutex::Lock _l(_config_l);
Mutex::Lock l1(_config_l);
_config = nconf;
_lastConfigUpdate = RR->node->now();
@ -1237,30 +1236,14 @@ bool Network::gate(void *tPtr,const SharedPtr<Peer> &peer)
return false;
}
bool Network::recentlyAssociatedWith(const Address &addr)
{
Mutex::Lock _l(_memberships_l);
const Membership *m = _memberships.get(addr);
return ((m)&&(m->recentlyAssociated(RR->node->now())));
}
void Network::clean()
void Network::doPeriodicTasks(void *tPtr)
{
const int64_t now = RR->node->now();
Mutex::Lock _l(_memberships_l);
Mutex::Lock l1(_memberships_l);
if (_destroyed)
return;
{
Hashtable< MulticastGroup,uint64_t >::Iterator i(_multicastGroupsBehindMe);
MulticastGroup *mg = (MulticastGroup *)0;
uint64_t *ts = (uint64_t *)0;
while (i.next(mg,ts)) {
if ((now - *ts) > (ZT_MULTICAST_LIKE_EXPIRE * 2))
_multicastGroupsBehindMe.erase(*mg);
}
}
{
Address *a = (Address *)0;
Membership *m = (Membership *)0;
@ -1269,14 +1252,20 @@ void Network::clean()
m->clean(now,_config);
}
}
}
Membership::AddCredentialResult Network::addCredential(void *tPtr,const CertificateOfMembership &com)
{
if (com.networkId() != _id)
return Membership::ADD_REJECTED;
Mutex::Lock _l(_memberships_l);
return _memberships[com.issuedTo()].addCredential(RR,tPtr,_config,com);
{
Mutex::Lock l2(_myMulticastGroups_l);
Hashtable< MulticastGroup,uint64_t >::Iterator i(_multicastGroupsBehindMe);
MulticastGroup *mg = (MulticastGroup *)0;
uint64_t *ts = (uint64_t *)0;
while (i.next(mg,ts)) {
if ((now - *ts) > (ZT_MULTICAST_LIKE_EXPIRE * 2))
_multicastGroupsBehindMe.erase(*mg);
}
_announceMulticastGroups(tPtr,false);
}
}
Membership::AddCredentialResult Network::addCredential(void *tPtr,const Address &sentFrom,const Revocation &rev)
@ -1284,7 +1273,7 @@ Membership::AddCredentialResult Network::addCredential(void *tPtr,const Address
if (rev.networkId() != _id)
return Membership::ADD_REJECTED;
Mutex::Lock _l(_memberships_l);
Mutex::Lock l1(_memberships_l);
Membership &m = _memberships[rev.target()];
const Membership::AddCredentialResult result = m.addCredential(RR,tPtr,_config,rev);
@ -1371,9 +1360,10 @@ void Network::_externalConfig(ZT_VirtualNetworkConfig *ec) const
}
}
void Network::_announceMulticastGroups(void *tPtr)
void Network::_announceMulticastGroups(void *tPtr,bool force)
{
// Assumes _myMulticastGroups_l and _memberships_l are locked
const int64_t now = RR->node->now();
const std::vector<MulticastGroup> groups(_allMulticastGroups());
_announceMulticastGroupsTo(tPtr,controller(),groups);
{
@ -1381,7 +1371,10 @@ void Network::_announceMulticastGroups(void *tPtr)
Membership *m = (Membership *)0;
Hashtable<Address,Membership>::Iterator i(_memberships);
while (i.next(a,m)) {
if (m->isAllowedOnNetwork(_config))
bool announce = m->multicastLikeGate(now); // force this to be called even if 'force' is true since it updates last push time
if ((!announce)&&(force))
announce = true;
if ((announce)&&(m->isAllowedOnNetwork(_config)))
_announceMulticastGroupsTo(tPtr,*a,groups);
}
}
@ -1415,7 +1408,7 @@ void Network::_announceMulticastGroupsTo(void *tPtr,const Address &peer,const st
std::vector<MulticastGroup> Network::_allMulticastGroups() const
{
// Assumes _lock is locked
// Assumes _myMulticastGroups_l is locked
std::vector<MulticastGroup> mgs;
mgs.reserve(_myMulticastGroups.size() + _multicastGroupsBehindMe.size() + 1);
mgs.insert(mgs.end(),_myMulticastGroups.begin(),_myMulticastGroups.end());

55
node/Network.hpp
View file

@ -172,9 +172,9 @@ public:
* @param includeBridgedGroups If true, also check groups we've learned via bridging
* @return True if this network endpoint / peer is a member
*/
inline bool subscribedToMulticastGroup(const MulticastGroup &mg,bool includeBridgedGroups) const
inline bool subscribedToMulticastGroup(const MulticastGroup &mg,const bool includeBridgedGroups) const
{
Mutex::Lock _l(_myMulticastGroups_l);
Mutex::Lock l(_myMulticastGroups_l);
if (std::binary_search(_myMulticastGroups.begin(),_myMulticastGroups.end(),mg))
return true;
else if (includeBridgedGroups)
@ -190,11 +190,11 @@ public:
*/
inline void multicastSubscribe(void *tPtr,const MulticastGroup &mg)
{
Mutex::Lock _l(_myMulticastGroups_l);
Mutex::Lock l(_myMulticastGroups_l);
if (!std::binary_search(_myMulticastGroups.begin(),_myMulticastGroups.end(),mg)) {
_myMulticastGroups.insert(std::upper_bound(_myMulticastGroups.begin(),_myMulticastGroups.end(),mg),mg);
Mutex::Lock l2(_memberships_l);
_announceMulticastGroups(tPtr);
_announceMulticastGroups(tPtr,true);
}
}
@ -205,7 +205,7 @@ public:
*/
inline void multicastUnsubscribe(const MulticastGroup &mg)
{
Mutex::Lock _l(_myMulticastGroups_l);
Mutex::Lock l(_myMulticastGroups_l);
std::vector<MulticastGroup>::iterator i(std::lower_bound(_myMulticastGroups.begin(),_myMulticastGroups.end(),mg));
if ( (i != _myMulticastGroups.end()) && (*i == mg) )
_myMulticastGroups.erase(i);
@ -262,35 +262,10 @@ public:
*/
bool gate(void *tPtr,const SharedPtr<Peer> &peer);
/**
* Check whether a given peer has recently had an association with this network
*
* This checks whether a peer has communicated with us recently about this
* network and has possessed a valid certificate of membership. This may return
* true even if the peer has been offline for a while or no longer has a valid
* certificate of membership but had one recently.
*
* @param addr Peer address
* @return True if peer has recently associated
*/
bool recentlyAssociatedWith(const Address &addr);
/**
* Do periodic cleanup and housekeeping tasks
*/
void clean();
/**
* Push state to members such as multicast group memberships and latest COM (if needed)
*
* @param tPtr Thread pointer to be handed through to any callbacks called as a result of this call
*/
inline void sendUpdatesToMembers(void *tPtr)
{
Mutex::Lock _l(_myMulticastGroups_l);
Mutex::Lock _l2(_memberships_l);
_announceMulticastGroups(tPtr);
}
void doPeriodicTasks(void *tPtr);
/**
* Find the node on this network that has this MAC behind it (if any)
@ -362,14 +337,20 @@ public:
*/
inline void learnBridgedMulticastGroup(void *tPtr,const MulticastGroup &mg,int64_t now)
{
Mutex::Lock _l(_multicastGroupsBehindMe_l);
Mutex::Lock l(_myMulticastGroups_l);
_multicastGroupsBehindMe.set(mg,now);
}
/**
* Validate a credential and learn it if it passes certificate and other checks
*/
Membership::AddCredentialResult addCredential(void *tPtr,const CertificateOfMembership &com);
Membership::AddCredentialResult addCredential(void *tPtr,const CertificateOfMembership &com)
{
if (com.networkId() != _id)
return Membership::ADD_REJECTED;
Mutex::Lock _l(_memberships_l);
return _memberships[com.issuedTo()].addCredential(RR,tPtr,_config,com);
}
/**
* Validate a credential and learn it if it passes certificate and other checks
@ -423,7 +404,7 @@ public:
}
/**
* Push credentials if we haven't done so in a very long time
* Push credentials if we haven't done so in a long time
*
* @param tPtr Thread pointer to be handed through to any callbacks called as a result of this call
* @param to Destination peer address
@ -473,14 +454,13 @@ private:
ZT_VirtualNetworkStatus _status() const;
void _externalConfig(ZT_VirtualNetworkConfig *ec) const; // assumes _lock is locked
bool _gate(const SharedPtr<Peer> &peer);
void _announceMulticastGroups(void *tPtr);
void _announceMulticastGroups(void *tPtr,bool force);
void _announceMulticastGroupsTo(void *tPtr,const Address &peer,const std::vector<MulticastGroup> &allMulticastGroups);
std::vector<MulticastGroup> _allMulticastGroups() const;
const RuntimeEnvironment *const RR;
void *_uPtr;
const uint64_t _id;
uint64_t _lastAnnouncedMulticastGroupsUpstream;
MAC _mac; // local MAC address
bool _portInitialized;
@ -493,7 +473,7 @@ private:
struct _IncomingConfigChunk
{
_IncomingConfigChunk() { memset(this,0,sizeof(_IncomingConfigChunk)); }
_IncomingConfigChunk() : ts(0),updateId(0),haveChunks(0),haveBytes(0),data() {}
uint64_t ts;
uint64_t updateId;
uint64_t haveChunkIds[ZT_NETWORK_MAX_UPDATE_CHUNKS];
@ -516,7 +496,6 @@ private:
Hashtable<Address,Membership> _memberships;
Mutex _myMulticastGroups_l;
Mutex _multicastGroupsBehindMe_l;
Mutex _remoteBridgeRoutes_l;
Mutex _config_l;
Mutex _memberships_l;

176
node/Node.cpp
View file

@ -58,7 +58,7 @@ Node::Node(void *uptr,void *tptr,const struct ZT_Node_Callbacks *callbacks,int64
_uPtr(uptr),
_networks(8),
_now(now),
_lastPingCheck(0),
_lastPing(0),
_lastHousekeepingRun(0),
_lastMemoizedTraceSettings(0)
{
@ -184,101 +184,91 @@ ZT_ResultCode Node::processVirtualNetworkFrame(
} else return ZT_RESULT_ERROR_NETWORK_NOT_FOUND;
}
/*
// Function object used to traverse the peer list, check peer status, and ping
// those that need pinging.
struct _PingPeersThatNeedPing
struct _processBackgroundTasks_ping_eachRoot
{
inline _PingPeersThatNeedPing(const RuntimeEnvironment *renv,void *tPtr,Hashtable< Address,std::vector<InetAddress> > &alwaysContact,int64_t now) :
RR(renv),
_tPtr(tPtr),
_alwaysContact(alwaysContact),
_now(now),
_bestCurrentUpstream(RR->topology->getUpstreamPeer()),
online(false)
Hashtable< void *,bool > roots;
int64_t now;
void *tPtr;
bool online;
inline void operator()(const Root &root,const SharedPtr<Peer> &peer)
{
unsigned int v4SendCount = 0,v6SendCount = 0;
peer->ping(tPtr,now,v4SendCount,v6SendCount);
const InetAddress *contactAddrs[2];
unsigned int contactAddrCount = 0;
if (v4SendCount == 0) {
if (*(contactAddrs[contactAddrCount] = &(root.pickPhysical(AF_INET))))
++contactAddrCount;
}
if (v6SendCount == 0) {
if (*(contactAddrs[contactAddrCount] = &(root.pickPhysical(AF_INET6))))
++contactAddrCount;
}
for(unsigned int i=0;i<contactAddrCount;++i)
peer->sendHELLO(tPtr,-1,*contactAddrs[i],now);
if (!online)
online = ((now - peer->lastReceive()) <= ((ZT_PEER_PING_PERIOD * 2) + 5000));
roots.set((void *)peer.ptr(),true);
}
};
inline void operator()(Topology &t,const SharedPtr<Peer> &p)
struct _processBackgroundTasks_ping_eachPeer
{
int64_t now;
void *tPtr;
Hashtable< void *,bool > *roots;
inline void operator()(const SharedPtr<Peer> &peer)
{
const std::vector<InetAddress> *const alwaysContactEndpoints = _alwaysContact.get(p->address());
if (alwaysContactEndpoints) {
online |= p->isAlive(_now);
const unsigned int sent = p->doPingAndKeepalive(_tPtr,_now);
bool contacted = (sent != 0);
if ((sent & 0x1) == 0) { // bit 0x1 == IPv4 sent
for(unsigned long k=0,ptr=(unsigned long)Utils::random();k<(unsigned long)alwaysContactEndpoints->size();++k) {
const InetAddress &addr = (*alwaysContactEndpoints)[ptr++ % alwaysContactEndpoints->size()];
if (addr.ss_family == AF_INET) {
p->sendHELLO(_tPtr,-1,addr,_now);
contacted = true;
break;
}
}
}
if ((sent & 0x2) == 0) { // bit 0x2 == IPv6 sent
for(unsigned long k=0,ptr=(unsigned long)Utils::random();k<(unsigned long)alwaysContactEndpoints->size();++k) {
const InetAddress &addr = (*alwaysContactEndpoints)[ptr++ % alwaysContactEndpoints->size()];
if (addr.ss_family == AF_INET6) {
p->sendHELLO(_tPtr,-1,addr,_now);
contacted = true;
break;
}
}
}
if ((!contacted)&&(_bestCurrentUpstream)) {
const SharedPtr<Path> up(_bestCurrentUpstream->getAppropriatePath(_now,true));
if (up)
p->sendHELLO(_tPtr,up->localSocket(),up->address(),_now);
}
_alwaysContact.erase(p->address()); // after this we'll WHOIS all upstreams that remain
} else if (p->isActive(_now)) {
p->doPingAndKeepalive(_tPtr,_now);
if (!roots->contains((void *)peer.ptr())) {
unsigned int v4SendCount = 0,v6SendCount = 0;
peer->ping(tPtr,now,v4SendCount,v6SendCount);
}
}
const RuntimeEnvironment *RR;
void *_tPtr;
Hashtable< Address,std::vector<InetAddress> > &_alwaysContact;
const int64_t _now;
const SharedPtr<Peer> _bestCurrentUpstream;
bool online;
};
*/
ZT_ResultCode Node::processBackgroundTasks(void *tptr,int64_t now,volatile int64_t *nextBackgroundTaskDeadline)
{
_now = now;
Mutex::Lock bl(_backgroundTasksLock);
unsigned long timeUntilNextPingCheck = ZT_PING_CHECK_INVERVAL;
const int64_t timeSinceLastPingCheck = now - _lastPingCheck;
unsigned long timeUntilNextPing = ZT_PEER_PING_PERIOD;
const int64_t timeSinceLastPing = now - _lastPing;
if (timeSinceLastPing >= ZT_PEER_PING_PERIOD) {
_lastPing = now;
try {
_processBackgroundTasks_ping_eachRoot rf;
rf.now = now;
rf.tPtr = tptr;
rf.online = false;
RR->topology->eachRoot(rf);
_processBackgroundTasks_ping_eachPeer pf;
pf.now = now;
pf.tPtr = tptr;
pf.roots = &rf.roots;
RR->topology->eachPeer(pf);
if (rf.online != _online) {
_online = rf.online;
postEvent(tptr,_online ? ZT_EVENT_ONLINE : ZT_EVENT_OFFLINE);
}
} catch ( ... ) {
return ZT_RESULT_FATAL_ERROR_INTERNAL;
}
}
/*
if (timeSinceLastPingCheck >= ZT_PING_CHECK_INVERVAL) {
try {
_lastPingCheck = now;
// Clean up any old local controller auth memoizations. This is an
// optimization for network controllers to know whether to accept
// or trust nodes without doing an extra cert check.
{
_localControllerAuthorizations_m.lock();
Hashtable< _LocalControllerAuth,int64_t >::Iterator i(_localControllerAuthorizations);
_LocalControllerAuth *k = (_LocalControllerAuth *)0;
int64_t *v = (int64_t *)0;
while (i.next(k,v)) {
if ((*v - now) > (ZT_NETWORK_AUTOCONF_DELAY * 3)) {
_localControllerAuthorizations.erase(*k);
}
}
_localControllerAuthorizations_m.unlock();
}
/*
// (1) Get peers we should remain connected to and (2) get networks that need config.
Hashtable< Address,std::vector<InetAddress> > alwaysContact;
RR->topology->getAlwaysContact(alwaysContact);
@ -319,13 +309,13 @@ ZT_ResultCode Node::processBackgroundTasks(void *tptr,int64_t now,volatile int64
_online = pfunc.online;
if (oldOnline != _online)
postEvent(tptr,_online ? ZT_EVENT_ONLINE : ZT_EVENT_OFFLINE);
*/
} catch ( ... ) {
return ZT_RESULT_FATAL_ERROR_INTERNAL;
}
} else {
timeUntilNextPingCheck -= (unsigned long)timeSinceLastPingCheck;
}
*/
if ((now - _lastMemoizedTraceSettings) >= (ZT_HOUSEKEEPING_PERIOD / 4)) {
_lastMemoizedTraceSettings = now;
@ -335,6 +325,22 @@ ZT_ResultCode Node::processBackgroundTasks(void *tptr,int64_t now,volatile int64
if ((now - _lastHousekeepingRun) >= ZT_HOUSEKEEPING_PERIOD) {
_lastHousekeepingRun = now;
try {
// Clean up any old local controller auth memoizations. This is an
// optimization for network controllers to know whether to accept
// or trust nodes without doing an extra cert check.
{
_localControllerAuthorizations_m.lock();
Hashtable< _LocalControllerAuth,int64_t >::Iterator i(_localControllerAuthorizations);
_LocalControllerAuth *k = (_LocalControllerAuth *)0;
int64_t *v = (int64_t *)0;
while (i.next(k,v)) {
if ((*v - now) > (ZT_NETWORK_AUTOCONF_DELAY * 3)) {
_localControllerAuthorizations.erase(*k);
}
}
_localControllerAuthorizations_m.unlock();
}
RR->topology->doPeriodicTasks(now);
RR->sa->clean(now);
RR->mc->clean(now);
@ -344,7 +350,7 @@ ZT_ResultCode Node::processBackgroundTasks(void *tptr,int64_t now,volatile int64
}
try {
*nextBackgroundTaskDeadline = now + (int64_t)std::max(std::min(timeUntilNextPingCheck,RR->sw->doTimerTasks(tptr,now)),(unsigned long)ZT_CORE_TIMER_TASK_GRANULARITY);
*nextBackgroundTaskDeadline = now + (int64_t)std::max(std::min(timeUntilNextPing,RR->sw->doTimerTasks(tptr,now)),(unsigned long)ZT_CORE_TIMER_TASK_GRANULARITY);
} catch ( ... ) {
return ZT_RESULT_FATAL_ERROR_INTERNAL;
}
@ -527,9 +533,9 @@ void Node::freeQueryResult(void *qr)
int Node::addLocalInterfaceAddress(const struct sockaddr_storage *addr)
{
if (Path::isAddressValidForPath(*(reinterpret_cast<const InetAddress *>(addr)))) {
Mutex::Lock _l(_directPaths_m);
if (std::find(_directPaths.begin(),_directPaths.end(),*(reinterpret_cast<const InetAddress *>(addr))) == _directPaths.end()) {
_directPaths.push_back(*(reinterpret_cast<const InetAddress *>(addr)));
Mutex::Lock _l(_localInterfaceAddresses_m);
if (std::find(_localInterfaceAddresses.begin(),_localInterfaceAddresses.end(),*(reinterpret_cast<const InetAddress *>(addr))) == _localInterfaceAddresses.end()) {
_localInterfaceAddresses.push_back(*(reinterpret_cast<const InetAddress *>(addr)));
return 1;
}
}
@ -538,8 +544,8 @@ int Node::addLocalInterfaceAddress(const struct sockaddr_storage *addr)
void Node::clearLocalInterfaceAddresses()
{
Mutex::Lock _l(_directPaths_m);
_directPaths.clear();
Mutex::Lock _l(_localInterfaceAddresses_m);
_localInterfaceAddresses.clear();
}
int Node::sendUserMessage(void *tptr,uint64_t dest,uint64_t typeId,const void *data,unsigned int len)

26
node/Node.hpp
View file

@ -170,8 +170,8 @@ public:
inline std::vector<InetAddress> directPaths() const
{
Mutex::Lock _l(_directPaths_m);
return _directPaths;
Mutex::Lock _l(_localInterfaceAddresses_m);
return _localInterfaceAddresses;
}
inline void postEvent(void *tPtr,ZT_Event ev,const void *md = (const void *)0) { _cb.eventCallback(reinterpret_cast<ZT_Node *>(this),_uPtr,tPtr,ev,md); }
@ -249,9 +249,6 @@ public:
virtual void ncSendRevocation(const Address &destination,const Revocation &rev);
virtual void ncSendError(uint64_t nwid,uint64_t requestPacketId,const Address &destination,NetworkController::ErrorCode errorCode);
inline const Address &remoteTraceTarget() const { return _remoteTraceTarget; }
inline Trace::Level remoteTraceLevel() const { return _remoteTraceLevel; }
inline void setMultipathMode(uint8_t mode) { _multipathMode = mode; }
inline uint8_t getMultipathMode() { return _multipathMode; }
@ -278,8 +275,11 @@ private:
// Time of last identity verification indexed by InetAddress.rateGateHash() -- used in IncomingPacket::_doHELLO() via rateGateIdentityVerification()
int64_t _lastIdentityVerification[16384];
// Map that remembers if we have recently sent a network config to someone
// querying us as a controller.
/* Map that remembers if we have recently sent a network config to someone
* querying us as a controller. This is an optimization to allow network
* controllers to know whether to treat things like multicast queries the
* way authorized members would be treated without requiring an extra cert
* validation. */
struct _LocalControllerAuth
{
uint64_t nwid,address;
@ -291,21 +291,21 @@ private:
Hashtable< _LocalControllerAuth,int64_t > _localControllerAuthorizations;
Mutex _localControllerAuthorizations_m;
// Curreently joined networks
Hashtable< uint64_t,SharedPtr<Network> > _networks;
Mutex _networks_m;
std::vector<InetAddress> _directPaths;
Mutex _directPaths_m;
// Local interface addresses as reported by the code harnessing this Node
std::vector<InetAddress> _localInterfaceAddresses;
Mutex _localInterfaceAddresses_m;
// Lock to ensure processBackgroundTasks never gets run concurrently
Mutex _backgroundTasksLock;
Address _remoteTraceTarget;
enum Trace::Level _remoteTraceLevel;
uint8_t _multipathMode;
volatile int64_t _now;
int64_t _lastPingCheck;
int64_t _lastPing;
int64_t _lastHousekeepingRun;
int64_t _lastMemoizedTraceSettings;
bool _online;

12
node/Peer.hpp
View file

@ -256,16 +256,6 @@ public:
*/
void ping(void *tPtr,int64_t now,unsigned int &v4SendCount,unsigned int &v6SendCount);
/**
* Clear paths whose localSocket(s) are in a CLOSED state or have an otherwise INVALID state.
* This should be called frequently so that we can detect and remove unproductive or invalid paths.
*
* Under the hood this is done periodically based on ZT_CLOSED_PATH_PRUNING_INTERVAL.
*
* @return Number of paths that were pruned this round
*/
unsigned int prunePaths();
/**
* Reset paths within a given IP scope and address family
*
@ -304,7 +294,7 @@ public:
/**
* @return True if we've heard from this peer in less than ZT_PEER_ACTIVITY_TIMEOUT
*/
inline bool isAlive(const int64_t now) const { return ((now - _lastReceive) < ZT_PEER_ACTIVITY_TIMEOUT); }
inline bool alive(const int64_t now) const { return ((now - _lastReceive) < ZT_PEER_ACTIVITY_TIMEOUT); }
/**
* @return Latency in milliseconds of best/aggregate path or 0xffff if unknown / no paths

6
node/SHA512.cpp
View file

@ -49,7 +49,7 @@ typedef struct sha512_ctx_tag {
uint64_t len[2];
uint64_t val[8];
uint8_t *payload_addr;
uint64_t payload_len;
unsigned long payload_len;
} sha512_ctx_t;
#define LSR(x,n) (x >> n)
@ -103,7 +103,7 @@ static inline void sha512_memclr(uint8_t *dst, uint32_t size)
for (;i < size;i++) { *dst++ = 0; }
}
static inline void sha512_init_512(sha512_ctx_t *sha512_ctx, uint8_t *payload_addr, uint64_t payload_len)
static inline void sha512_init_512(sha512_ctx_t *sha512_ctx, uint8_t *payload_addr, unsigned long payload_len)
{
sha512_memclr((uint8_t *)sha512_ctx,sizeof(sha512_ctx_t));
sha512_ctx->val[0] = 0x6A09E667F3BCC908ULL;
@ -121,7 +121,7 @@ static inline void sha512_init_512(sha512_ctx_t *sha512_ctx, uint8_t *payload_ad
sha512_ctx->len[1] = payload_len >> 61;
}
static inline void sha512_init_384(sha512_ctx_t *sha512_ctx, uint8_t *payload_addr, uint64_t payload_len)
static inline void sha512_init_384(sha512_ctx_t *sha512_ctx, uint8_t *payload_addr, unsigned long payload_len)
{
sha512_memclr((uint8_t *)sha512_ctx,sizeof(sha512_ctx_t));
sha512_ctx->val[0] = 0xCBBB9D5DC1059ED8ULL;

4
node/SHA512.hpp
View file

@ -42,6 +42,8 @@
namespace ZeroTier {
#if 0
#ifdef __APPLE__
#define ZT_HAVE_NATIVE_SHA512 1
static inline void SHA512(void *digest,const void *data,unsigned int len)
@ -78,6 +80,8 @@ static inline void SHA384(void *digest,const void *data,unsigned int len)
}
#endif
#endif
#ifndef ZT_HAVE_NATIVE_SHA512
void SHA512(void *digest,const void *data,unsigned int len);
void SHA384(void *digest,const void *data,unsigned int len);

2
node/SelfAwareness.cpp
View file

@ -55,7 +55,7 @@ public:
_family(inetAddressFamily),
_scope(scope) {}
inline void operator()(Topology &t,const SharedPtr<Peer> &p) { p->resetWithinScope(_tPtr,_scope,_family,_now); }
inline void operator()(const SharedPtr<Peer> &p) { p->resetWithinScope(_tPtr,_scope,_family,_now); }
private:
uint64_t _now;

9
node/Topology.hpp
View file

@ -177,7 +177,7 @@ public:
Address *a = (Address *)0;
SharedPtr<Peer> *p = (SharedPtr<Peer> *)0;
while (i.next(a,p)) {
if (!(*p)->isAlive(now)) {
if (!(*p)->alive(now)) {
_peers.erase(*a);
}
}
@ -230,16 +230,13 @@ public:
Address *a = (Address *)0;
SharedPtr<Peer> *p = (SharedPtr<Peer> *)0;
while (i.next(a,p)) {
f(*this,*((const SharedPtr<Peer> *)p));
f(*((const SharedPtr<Peer> *)p));
}
}
/**
* Apply a function or function object to all roots
*
* Arguments to the function are this topology object, the root in
* question, and a pointer to the peer corresponding to it.
*
* This locks the root list during execution but other operations
* are fine.
*
@ -262,7 +259,7 @@ public:
_peers.set(rp->address(),rp);
}
}
f(*this,*i,rp);
f(*i,rp);
}
}

214
node/Trace.cpp
View file

@ -47,7 +47,7 @@ namespace ZeroTier {
#ifdef ZT_TRACE
static void ZT_LOCAL_TRACE(void *const tPtr,const RuntimeEnvironment *const RR,const char *const fmt,...)
{
char traceMsgBuf[1024];
char traceMsgBuf[2048];
va_list ap;
va_start(ap,fmt);
vsnprintf(traceMsgBuf,sizeof(traceMsgBuf),fmt,ap);
@ -61,20 +61,10 @@ static void ZT_LOCAL_TRACE(void *const tPtr,const RuntimeEnvironment *const RR,c
void Trace::resettingPathsInScope(void *const tPtr,const Address &reporter,const InetAddress &reporterPhysicalAddress,const InetAddress &myPhysicalAddress,const InetAddress::IpScope scope)
{
#ifdef ZT_TRACE
char tmp[128];
ZT_LOCAL_TRACE(tPtr,RR,"RESET and revalidate paths in scope %d; new phy address %s reported by trusted peer %.10llx",(int)scope,myPhysicalAddress.toIpString(tmp),reporter.toInt());
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__RESETTING_PATHS_IN_SCOPE_S);
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_ZTADDR,reporter);
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_PHYADDR,reporterPhysicalAddress.toString(tmp));
d.add(ZT_REMOTE_TRACE_FIELD__LOCAL_PHYADDR,myPhysicalAddress.toString(tmp));
d.add(ZT_REMOTE_TRACE_FIELD__IP_SCOPE,(uint64_t)scope);
if (_globalTarget)
_send(tPtr,d,_globalTarget);
_spamToAllNetworks(tPtr,d,Trace::LEVEL_NORMAL);
#endif
}
void Trace::peerConfirmingUnknownPath(void *const tPtr,const uint64_t networkId,Peer &peer,const SharedPtr<Path> &path,const uint64_t packetId,const Packet::Verb verb)
@ -87,7 +77,7 @@ void Trace::peerConfirmingUnknownPath(void *const tPtr,const uint64_t networkId,
std::pair<Address,Trace::Level> byn;
if (networkId) { Mutex::Lock l(_byNet_m); _byNet.get(networkId,byn); }
if ((_globalTarget)||(byn.first)) {
if ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_NORMAL)) {
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__PEER_CONFIRMING_UNKNOWN_PATH_S);
d.add(ZT_REMOTE_TRACE_FIELD__PACKET_ID,packetId);
@ -99,11 +89,7 @@ void Trace::peerConfirmingUnknownPath(void *const tPtr,const uint64_t networkId,
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_PHYADDR,path->address().toString(tmp));
d.add(ZT_REMOTE_TRACE_FIELD__LOCAL_SOCKET,path->localSocket());
}
if (_globalTarget)
_send(tPtr,d,_globalTarget);
if (byn.first)
_send(tPtr,d,byn.first);
_send(tPtr,d,byn.first);
}
}
@ -137,7 +123,7 @@ void Trace::peerLearnedNewPath(void *const tPtr,const uint64_t networkId,Peer &p
std::pair<Address,Trace::Level> byn;
if (networkId) { Mutex::Lock l(_byNet_m); _byNet.get(networkId,byn); }
if ((_globalTarget)||(byn.first)) {
if ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_NORMAL)) {
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__PEER_LEARNED_NEW_PATH_S);
d.add(ZT_REMOTE_TRACE_FIELD__PACKET_ID,packetId);
@ -146,37 +132,7 @@ void Trace::peerLearnedNewPath(void *const tPtr,const uint64_t networkId,Peer &p
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_ZTADDR,peer.address());
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_PHYADDR,newPath->address().toString(tmp));
d.add(ZT_REMOTE_TRACE_FIELD__LOCAL_SOCKET,newPath->localSocket());
if (_globalTarget)
_send(tPtr,d,_globalTarget);
if (byn.first)
_send(tPtr,d,byn.first);
}
}
void Trace::peerRedirected(void *const tPtr,const uint64_t networkId,Peer &peer,const SharedPtr<Path> &newPath)
{
char tmp[128];
if (!newPath) return; // sanity check
ZT_LOCAL_TRACE(tPtr,RR,"explicit redirect from %.10llx to path %s",peer.address().toInt(),newPath->address().toString(tmp));
std::pair<Address,Trace::Level> byn;
if (networkId) { Mutex::Lock l(_byNet_m); _byNet.get(networkId,byn); }
if ((_globalTarget)||(byn.first)) {
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__PEER_REDIRECTED_S);
if (networkId)
d.add(ZT_REMOTE_TRACE_FIELD__NETWORK_ID,networkId);
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_ZTADDR,peer.address());
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_PHYADDR,newPath->address().toString(tmp));
d.add(ZT_REMOTE_TRACE_FIELD__LOCAL_SOCKET,newPath->localSocket());
if (_globalTarget)
_send(tPtr,d,_globalTarget);
if (byn.first)
_send(tPtr,d,byn.first);
_send(tPtr,d,byn.first);
}
}
@ -192,7 +148,7 @@ void Trace::outgoingNetworkFrameDropped(void *const tPtr,const SharedPtr<Network
std::pair<Address,Trace::Level> byn;
{ Mutex::Lock l(_byNet_m); _byNet.get(network->id(),byn); }
if ( ((_globalTarget)&&((int)_globalLevel >= (int)Trace::LEVEL_VERBOSE)) || ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_VERBOSE)) ) {
if ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_VERBOSE)) {
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__OUTGOING_NETWORK_FRAME_DROPPED_S);
d.add(ZT_REMOTE_TRACE_FIELD__NETWORK_ID,network->id());
@ -203,11 +159,7 @@ void Trace::outgoingNetworkFrameDropped(void *const tPtr,const SharedPtr<Network
d.add(ZT_REMOTE_TRACE_FIELD__FRAME_LENGTH,(uint64_t)frameLen);
if (reason)
d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
if ((_globalTarget)&&((int)_globalLevel >= (int)Trace::LEVEL_VERBOSE))
_send(tPtr,d,_globalTarget);
if ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_VERBOSE))
_send(tPtr,d,byn.first);
_send(tPtr,d,byn.first);
}
}
@ -221,7 +173,7 @@ void Trace::incomingNetworkAccessDenied(void *const tPtr,const SharedPtr<Network
std::pair<Address,Trace::Level> byn;
{ Mutex::Lock l(_byNet_m); _byNet.get(network->id(),byn); }
if ( ((_globalTarget)&&((int)_globalLevel >= (int)Trace::LEVEL_VERBOSE)) || ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_VERBOSE)) ) {
if ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_NORMAL)) {
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__INCOMING_NETWORK_ACCESS_DENIED_S);
d.add(ZT_REMOTE_TRACE_FIELD__PACKET_ID,packetId);
@ -232,11 +184,7 @@ void Trace::incomingNetworkAccessDenied(void *const tPtr,const SharedPtr<Network
d.add(ZT_REMOTE_TRACE_FIELD__LOCAL_SOCKET,path->localSocket());
}
d.add(ZT_REMOTE_TRACE_FIELD__NETWORK_ID,network->id());
if ((_globalTarget)&&((int)_globalLevel >= (int)Trace::LEVEL_VERBOSE))
_send(tPtr,d,_globalTarget);
if ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_VERBOSE))
_send(tPtr,d,byn.first);
_send(tPtr,d,byn.first);
}
}
@ -250,7 +198,7 @@ void Trace::incomingNetworkFrameDropped(void *const tPtr,const SharedPtr<Network
std::pair<Address,Trace::Level> byn;
{ Mutex::Lock l(_byNet_m); _byNet.get(network->id(),byn); }
if ( ((_globalTarget)&&((int)_globalLevel >= (int)Trace::LEVEL_VERBOSE)) || ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_VERBOSE)) ) {
if ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_VERBOSE)) {
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__INCOMING_NETWORK_FRAME_DROPPED_S);
d.add(ZT_REMOTE_TRACE_FIELD__PACKET_ID,packetId);
@ -265,11 +213,7 @@ void Trace::incomingNetworkFrameDropped(void *const tPtr,const SharedPtr<Network
d.add(ZT_REMOTE_TRACE_FIELD__DEST_MAC,destMac.toInt());
if (reason)
d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
if ((_globalTarget)&&((int)_globalLevel >= (int)Trace::LEVEL_VERBOSE))
_send(tPtr,d,_globalTarget);
if ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_VERBOSE))
_send(tPtr,d,byn.first);
_send(tPtr,d,byn.first);
}
}
@ -279,21 +223,18 @@ void Trace::incomingPacketMessageAuthenticationFailure(void *const tPtr,const Sh
ZT_LOCAL_TRACE(tPtr,RR,"MAC failed for packet %.16llx from %.10llx(%s)",packetId,source.toInt(),(path) ? path->address().toString(tmp) : "???");
if ((_globalTarget)&&((int)_globalLevel >= Trace::LEVEL_DEBUG)) {
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__PACKET_MAC_FAILURE_S);
d.add(ZT_REMOTE_TRACE_FIELD__PACKET_ID,packetId);
d.add(ZT_REMOTE_TRACE_FIELD__PACKET_HOPS,(uint64_t)hops);
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_ZTADDR,source);
if (path) {
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_PHYADDR,path->address().toString(tmp));
d.add(ZT_REMOTE_TRACE_FIELD__LOCAL_SOCKET,path->localSocket());
}
if (reason)
d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
_send(tPtr,d,_globalTarget);
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__PACKET_MAC_FAILURE_S);
d.add(ZT_REMOTE_TRACE_FIELD__PACKET_ID,packetId);
d.add(ZT_REMOTE_TRACE_FIELD__PACKET_HOPS,(uint64_t)hops);
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_ZTADDR,source);
if (path) {
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_PHYADDR,path->address().toString(tmp));
d.add(ZT_REMOTE_TRACE_FIELD__LOCAL_SOCKET,path->localSocket());
}
if (reason)
d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
_spamToAllNetworks(tPtr,d,Trace::LEVEL_DEBUG);
}
void Trace::incomingPacketInvalid(void *const tPtr,const SharedPtr<Path> &path,const uint64_t packetId,const Address &source,const unsigned int hops,const Packet::Verb verb,const char *reason)
@ -302,22 +243,19 @@ void Trace::incomingPacketInvalid(void *const tPtr,const SharedPtr<Path> &path,c
ZT_LOCAL_TRACE(tPtr,RR,"INVALID packet %.16llx from %.10llx(%s) (%s)",packetId,source.toInt(),(path) ? path->address().toString(tmp) : "???",(reason) ? reason : "unknown reason");
if ((_globalTarget)&&((int)_globalLevel >= Trace::LEVEL_DEBUG)) {
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__PACKET_INVALID_S);
d.add(ZT_REMOTE_TRACE_FIELD__PACKET_ID,packetId);
d.add(ZT_REMOTE_TRACE_FIELD__PACKET_VERB,(uint64_t)verb);
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_ZTADDR,source);
if (path) {
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_PHYADDR,path->address().toString(tmp));
d.add(ZT_REMOTE_TRACE_FIELD__LOCAL_SOCKET,path->localSocket());
}
d.add(ZT_REMOTE_TRACE_FIELD__PACKET_HOPS,(uint64_t)hops);
if (reason)
d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
_send(tPtr,d,_globalTarget);
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__PACKET_INVALID_S);
d.add(ZT_REMOTE_TRACE_FIELD__PACKET_ID,packetId);
d.add(ZT_REMOTE_TRACE_FIELD__PACKET_VERB,(uint64_t)verb);
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_ZTADDR,source);
if (path) {
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_PHYADDR,path->address().toString(tmp));
d.add(ZT_REMOTE_TRACE_FIELD__LOCAL_SOCKET,path->localSocket());
}
d.add(ZT_REMOTE_TRACE_FIELD__PACKET_HOPS,(uint64_t)hops);
if (reason)
d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
_spamToAllNetworks(tPtr,d,Trace::LEVEL_DEBUG);
}
void Trace::incomingPacketDroppedHELLO(void *const tPtr,const SharedPtr<Path> &path,const uint64_t packetId,const Address &source,const char *reason)
@ -326,32 +264,22 @@ void Trace::incomingPacketDroppedHELLO(void *const tPtr,const SharedPtr<Path> &p
ZT_LOCAL_TRACE(tPtr,RR,"DROPPED HELLO from %.10llx(%s) (%s)",source.toInt(),(path) ? path->address().toString(tmp) : "???",(reason) ? reason : "???");
if ((_globalTarget)&&((int)_globalLevel >= Trace::LEVEL_DEBUG)) {
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__PACKET_INVALID_S);
d.add(ZT_REMOTE_TRACE_FIELD__PACKET_ID,packetId);
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_ZTADDR,source);
if (path) {
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_PHYADDR,path->address().toString(tmp));
d.add(ZT_REMOTE_TRACE_FIELD__LOCAL_SOCKET,path->localSocket());
}
if (reason)
d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
_send(tPtr,d,_globalTarget);
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__PACKET_INVALID_S);
d.add(ZT_REMOTE_TRACE_FIELD__PACKET_ID,packetId);
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_ZTADDR,source);
if (path) {
d.add(ZT_REMOTE_TRACE_FIELD__REMOTE_PHYADDR,path->address().toString(tmp));
d.add(ZT_REMOTE_TRACE_FIELD__LOCAL_SOCKET,path->localSocket());
}
if (reason)
d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
_spamToAllNetworks(tPtr,d,Trace::LEVEL_DEBUG);
}
void Trace::networkConfigRequestSent(void *const tPtr,const Network &network,const Address &controller)
{
ZT_LOCAL_TRACE(tPtr,RR,"requesting configuration for network %.16llx",network.id());
if ((_globalTarget)&&((int)_globalLevel >= Trace::LEVEL_DEBUG)) {
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__NETWORK_CONFIG_REQUEST_SENT_S);
d.add(ZT_REMOTE_TRACE_FIELD__NETWORK_ID,network.id());
d.add(ZT_REMOTE_TRACE_FIELD__NETWORK_CONTROLLER_ID,controller);
_send(tPtr,d,_globalTarget);
}
}
void Trace::networkFilter(
@ -375,7 +303,7 @@ void Trace::networkFilter(
std::pair<Address,Trace::Level> byn;
{ Mutex::Lock l(_byNet_m); _byNet.get(network.id(),byn); }
if ( ((_globalTarget)&&((int)_globalLevel >= (int)Trace::LEVEL_RULES)) || ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_RULES)) ) {
if ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_RULES)) {
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__NETWORK_FILTER_TRACE_S);
d.add(ZT_REMOTE_TRACE_FIELD__NETWORK_ID,network.id());
@ -396,11 +324,7 @@ void Trace::networkFilter(
d.add(ZT_REMOTE_TRACE_FIELD__FRAME_LENGTH,(uint64_t)frameLen);
if (frameLen > 0)
d.add(ZT_REMOTE_TRACE_FIELD__FRAME_DATA,(const char *)frameData,(frameLen > 256) ? (int)256 : (int)frameLen);
if ((_globalTarget)&&((int)_globalLevel >= (int)Trace::LEVEL_RULES))
_send(tPtr,d,_globalTarget);
if ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_RULES))
_send(tPtr,d,byn.first);
_send(tPtr,d,byn.first);
}
}
@ -409,7 +333,7 @@ void Trace::credentialRejected(void *const tPtr,const CertificateOfMembership &c
std::pair<Address,Trace::Level> byn;
if (c.networkId()) { Mutex::Lock l(_byNet_m); _byNet.get(c.networkId(),byn); }
if ((_globalTarget)||(byn.first)) {
if ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_VERBOSE)) {
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__CREDENTIAL_REJECTED_S);
d.add(ZT_REMOTE_TRACE_FIELD__NETWORK_ID,c.networkId());
@ -419,11 +343,7 @@ void Trace::credentialRejected(void *const tPtr,const CertificateOfMembership &c
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ISSUED_TO,c.issuedTo());
if (reason)
d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
if (_globalTarget)
_send(tPtr,d,_globalTarget);
if (byn.first)
_send(tPtr,d,byn.first);
_send(tPtr,d,byn.first);
}
}
@ -432,7 +352,7 @@ void Trace::credentialRejected(void *const tPtr,const CertificateOfOwnership &c,
std::pair<Address,Trace::Level> byn;
if (c.networkId()) { Mutex::Lock l(_byNet_m); _byNet.get(c.networkId(),byn); }
if ((_globalTarget)||(byn.first)) {
if ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_VERBOSE)) {
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__CREDENTIAL_REJECTED_S);
d.add(ZT_REMOTE_TRACE_FIELD__NETWORK_ID,c.networkId());
@ -442,11 +362,7 @@ void Trace::credentialRejected(void *const tPtr,const CertificateOfOwnership &c,
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ISSUED_TO,c.issuedTo());
if (reason)
d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
if (_globalTarget)
_send(tPtr,d,_globalTarget);
if (byn.first)
_send(tPtr,d,byn.first);
_send(tPtr,d,byn.first);
}
}
@ -455,7 +371,7 @@ void Trace::credentialRejected(void *const tPtr,const Capability &c,const char *
std::pair<Address,Trace::Level> byn;
if (c.networkId()) { Mutex::Lock l(_byNet_m); _byNet.get(c.networkId(),byn); }
if ((_globalTarget)||(byn.first)) {
if ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_VERBOSE)) {
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__CREDENTIAL_REJECTED_S);
d.add(ZT_REMOTE_TRACE_FIELD__NETWORK_ID,c.networkId());
@ -465,11 +381,7 @@ void Trace::credentialRejected(void *const tPtr,const Capability &c,const char *
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_ISSUED_TO,c.issuedTo());
if (reason)
d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
if (_globalTarget)
_send(tPtr,d,_globalTarget);
if (byn.first)
_send(tPtr,d,byn.first);
_send(tPtr,d,byn.first);
}
}
@ -478,7 +390,7 @@ void Trace::credentialRejected(void *const tPtr,const Tag &c,const char *reason)
std::pair<Address,Trace::Level> byn;
if (c.networkId()) { Mutex::Lock l(_byNet_m); _byNet.get(c.networkId(),byn); }
if ((_globalTarget)||(byn.first)) {
if ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_VERBOSE)) {
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__CREDENTIAL_REJECTED_S);
d.add(ZT_REMOTE_TRACE_FIELD__NETWORK_ID,c.networkId());
@ -489,11 +401,7 @@ void Trace::credentialRejected(void *const tPtr,const Tag &c,const char *reason)
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_INFO,(uint64_t)c.value());
if (reason)
d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
if (_globalTarget)
_send(tPtr,d,_globalTarget);
if (byn.first)
_send(tPtr,d,byn.first);
_send(tPtr,d,byn.first);
}
}
@ -502,7 +410,7 @@ void Trace::credentialRejected(void *const tPtr,const Revocation &c,const char *
std::pair<Address,Trace::Level> byn;
if (c.networkId()) { Mutex::Lock l(_byNet_m); _byNet.get(c.networkId(),byn); }
if ((_globalTarget)||(byn.first)) {
if ((byn.first)&&((int)byn.second >= (int)Trace::LEVEL_VERBOSE)) {
Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> d;
d.add(ZT_REMOTE_TRACE_FIELD__EVENT,ZT_REMOTE_TRACE_EVENT__CREDENTIAL_REJECTED_S);
d.add(ZT_REMOTE_TRACE_FIELD__NETWORK_ID,c.networkId());
@ -511,18 +419,12 @@ void Trace::credentialRejected(void *const tPtr,const Revocation &c,const char *
d.add(ZT_REMOTE_TRACE_FIELD__CREDENTIAL_REVOCATION_TARGET,c.target());
if (reason)
d.add(ZT_REMOTE_TRACE_FIELD__REASON,reason);
if (_globalTarget)
_send(tPtr,d,_globalTarget);
if (byn.first)
_send(tPtr,d,byn.first);
_send(tPtr,d,byn.first);
}
}
void Trace::updateMemoizedSettings()
{
_globalTarget = RR->node->remoteTraceTarget();
_globalLevel = RR->node->remoteTraceLevel();
const std::vector< SharedPtr<Network> > nws(RR->node->allNetworks());
{
Mutex::Lock l(_byNet_m);

14
node/Trace.hpp
View file

@ -73,8 +73,7 @@ public:
LEVEL_NORMAL = 0,
LEVEL_VERBOSE = 10,
LEVEL_RULES = 15,
LEVEL_DEBUG = 20,
LEVEL_INSANE = 30
LEVEL_DEBUG = 20
};
/**
@ -119,25 +118,17 @@ public:
}
void resettingPathsInScope(void *const tPtr,const Address &reporter,const InetAddress &reporterPhysicalAddress,const InetAddress &myPhysicalAddress,const InetAddress::IpScope scope);
void peerConfirmingUnknownPath(void *const tPtr,const uint64_t networkId,Peer &peer,const SharedPtr<Path> &path,const uint64_t packetId,const Packet::Verb verb);
void peerLinkNowRedundant(void *const tPtr,Peer &peer);
void peerLinkNoLongerRedundant(void *const tPtr,Peer &peer);
void peerLinkAggregateStatistics(void *const tPtr,Peer &peer);
void peerLearnedNewPath(void *const tPtr,const uint64_t networkId,Peer &peer,const SharedPtr<Path> &newPath,const uint64_t packetId);
void peerRedirected(void *const tPtr,const uint64_t networkId,Peer &peer,const SharedPtr<Path> &newPath);
void incomingPacketMessageAuthenticationFailure(void *const tPtr,const SharedPtr<Path> &path,const uint64_t packetId,const Address &source,const unsigned int hops,const char *reason);
void incomingPacketInvalid(void *const tPtr,const SharedPtr<Path> &path,const uint64_t packetId,const Address &source,const unsigned int hops,const Packet::Verb verb,const char *reason);
void incomingPacketDroppedHELLO(void *const tPtr,const SharedPtr<Path> &path,const uint64_t packetId,const Address &source,const char *reason);
void outgoingNetworkFrameDropped(void *const tPtr,const SharedPtr<Network> &network,const MAC &sourceMac,const MAC &destMac,const unsigned int etherType,const unsigned int vlanId,const unsigned int frameLen,const char *reason);
void incomingNetworkAccessDenied(void *const tPtr,const SharedPtr<Network> &network,const SharedPtr<Path> &path,const uint64_t packetId,const unsigned int packetLength,const Address &source,const Packet::Verb verb,bool credentialsRequested);
void incomingNetworkFrameDropped(void *const tPtr,const SharedPtr<Network> &network,const SharedPtr<Path> &path,const uint64_t packetId,const unsigned int packetLength,const Address &source,const Packet::Verb verb,const MAC &sourceMac,const MAC &destMac,const char *reason);
void networkConfigRequestSent(void *const tPtr,const Network &network,const Address &controller);
void networkFilter(
void *const tPtr,
@ -156,7 +147,6 @@ public:
const bool noTee,
const bool inbound,
const int accept);
void credentialRejected(void *const tPtr,const CertificateOfMembership &c,const char *reason);
void credentialRejected(void *const tPtr,const CertificateOfOwnership &c,const char *reason);
void credentialRejected(void *const tPtr,const Capability &c,const char *reason);
@ -171,8 +161,6 @@ private:
void _send(void *const tPtr,const Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> &d,const Address &dest);
void _spamToAllNetworks(void *const tPtr,const Dictionary<ZT_MAX_REMOTE_TRACE_SIZE> &d,const Level level);
Address _globalTarget;
Trace::Level _globalLevel;
Hashtable< uint64_t,std::pair< Address,Trace::Level > > _byNet;
Mutex _byNet_m;
};