void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-06-07 04:53:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

More cleanup and a tiny federation prep item.

Browse source
This commit is contained in:
Adam Ierymenko 2016-08-04 12:14:13 -07:00
parent 98152d974a
commit 331382cf2f
2 changed files with 11 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
node/IncomingPacket.cpp
View file

@ -465,12 +465,13 @@ bool IncomingPacket::_doWHOIS(const RuntimeEnvironment *RR,const SharedPtr<Peer>
{ {
try { try {
if (payloadLength() == ZT_ADDRESS_LENGTH) { if (payloadLength() == ZT_ADDRESS_LENGTH) {
Identity queried(RR->topology->getIdentity(Address(payload(),ZT_ADDRESS_LENGTH))); const Address addr(payload(),ZT_ADDRESS_LENGTH);
if (queried) { const Identity id(RR->topology->getIdentity(addr));
if (id) {
Packet outp(peer->address(),RR->identity.address(),Packet::VERB_OK); Packet outp(peer->address(),RR->identity.address(),Packet::VERB_OK);
outp.append((unsigned char)Packet::VERB_WHOIS); outp.append((unsigned char)Packet::VERB_WHOIS);
outp.append(packetId()); outp.append(packetId());
queried.serialize(outp,false); id.serialize(outp,false);
outp.armor(peer->key(),true); outp.armor(peer->key(),true);
RR->node->putPacket(_localAddress,_remoteAddress,outp.data(),outp.size()); RR->node->putPacket(_localAddress,_remoteAddress,outp.data(),outp.size());
} else { } else {
@ -478,6 +479,10 @@ bool IncomingPacket::_doWHOIS(const RuntimeEnvironment *RR,const SharedPtr<Peer>
if (RR->cluster) if (RR->cluster)
RR->cluster->sendDistributedQuery(*this); RR->cluster->sendDistributedQuery(*this);
#endif #endif
if (!RR->topology->amRoot()) {
RR->sw->requestWhois(addr);
return false; // packet parse will be attempted again if we get a reply from upstream
}
} }
} else { } else {
TRACE("dropped WHOIS from %s(%s): missing or invalid address",source().toString().c_str(),_remoteAddress.toString().c_str()); TRACE("dropped WHOIS from %s(%s): missing or invalid address",source().toString().c_str(),_remoteAddress.toString().c_str());
@ -492,7 +497,7 @@ bool IncomingPacket::_doWHOIS(const RuntimeEnvironment *RR,const SharedPtr<Peer>
bool IncomingPacket::_doRENDEZVOUS(const RuntimeEnvironment *RR,const SharedPtr<Peer> &peer) bool IncomingPacket::_doRENDEZVOUS(const RuntimeEnvironment *RR,const SharedPtr<Peer> &peer)
{ {
try { try {
if (RR->topology->isUpstream(peer->identity())) { if (RR->topology->isUpstream(peer->identity())) { // only upstream peers can tell us to rendezvous, otherwise this opens a potential amplification attack vector
const Address with(field(ZT_PROTO_VERB_RENDEZVOUS_IDX_ZTADDRESS,ZT_ADDRESS_LENGTH),ZT_ADDRESS_LENGTH); const Address with(field(ZT_PROTO_VERB_RENDEZVOUS_IDX_ZTADDRESS,ZT_ADDRESS_LENGTH),ZT_ADDRESS_LENGTH);
const SharedPtr<Peer> withPeer(RR->topology->getPeer(with)); const SharedPtr<Peer> withPeer(RR->topology->getPeer(with));
if (withPeer) { if (withPeer) {
@ -501,7 +506,7 @@ bool IncomingPacket::_doRENDEZVOUS(const RuntimeEnvironment *RR,const SharedPtr<
if ((port > 0)&&((addrlen == 4)||(addrlen == 16))) { if ((port > 0)&&((addrlen == 4)||(addrlen == 16))) {
peer->received(_localAddress,_remoteAddress,hops(),packetId(),Packet::VERB_RENDEZVOUS,0,Packet::VERB_NOP); peer->received(_localAddress,_remoteAddress,hops(),packetId(),Packet::VERB_RENDEZVOUS,0,Packet::VERB_NOP);
InetAddress atAddr(field(ZT_PROTO_VERB_RENDEZVOUS_IDX_ADDRESS,addrlen),addrlen,port); const InetAddress atAddr(field(ZT_PROTO_VERB_RENDEZVOUS_IDX_ADDRESS,addrlen),addrlen,port);
TRACE("RENDEZVOUS from %s says %s might be at %s, starting NAT-t",peer->address().toString().c_str(),with.toString().c_str(),atAddr.toString().c_str()); TRACE("RENDEZVOUS from %s says %s might be at %s, starting NAT-t",peer->address().toString().c_str(),with.toString().c_str(),atAddr.toString().c_str());
if (RR->node->shouldUsePathForZeroTierTraffic(_localAddress,atAddr)) if (RR->node->shouldUsePathForZeroTierTraffic(_localAddress,atAddr))
RR->sw->rendezvous(withPeer,_localAddress,atAddr); RR->sw->rendezvous(withPeer,_localAddress,atAddr);

6
node/Network.cpp
View file

@ -50,10 +50,6 @@ Network::Network(const RuntimeEnvironment *renv,uint64_t nwid,void *uptr) :
{ {
char confn[128],mcdbn[128]; char confn[128],mcdbn[128];
Utils::snprintf(confn,sizeof(confn),"networks.d/%.16llx.conf",_id); Utils::snprintf(confn,sizeof(confn),"networks.d/%.16llx.conf",_id);
Utils::snprintf(mcdbn,sizeof(mcdbn),"networks.d/%.16llx.mcerts",_id);
// These files are no longer used, so clean them.
RR->node->dataStoreDelete(mcdbn);
if (_id == ZT_TEST_NETWORK_ID) { if (_id == ZT_TEST_NETWORK_ID) {
applyConfiguration(NetworkConfig::createTestNetworkConfig(RR->identity.address())); applyConfiguration(NetworkConfig::createTestNetworkConfig(RR->identity.address()));
@ -144,7 +140,7 @@ bool Network::tryAnnounceMulticastGroupsTo(const SharedPtr<Peer> &peer)
if ( if (
(_isAllowed(peer)) || (_isAllowed(peer)) ||
(peer->address() == this->controller()) || (peer->address() == this->controller()) ||
(RR->topology->isRoot(peer->identity())) (RR->topology->isUpstream(peer->identity()))
) { ) {
_announceMulticastGroupsTo(peer,_allMulticastGroups()); _announceMulticastGroupsTo(peer,_allMulticastGroups());
return true; return true;